Re: [edk2-devel] [PATCH v2 2/2] UefiCpuPkg/BaseUefiCpuLib: Use toolchain-specific rodata section name

[Andrew Fish via groups.io]

> On Aug 9, 2021, at 7:43 PM, Ni, Ray  wrote:
> 
> Acked-by: Ray Ni mailto:ray...@intel.com>>
> 
> I will depend on tool owner to review the tool configuration change making 
> sure that the correct section name is chosen for different C compilers.
> 

Ray,

I made a detailed response about Mach-O with Xcode/clang and I don’t think 
patch works. Not sure if it breaks anything, but it puts things in the .data 
PE/COFF section. 

I’m also worried it is broken for any toolchain that generates ELF and use 
GenFw. I don’t think the GenFw tool creates a PE/COFF .rodata section [1] so if 
things work they will end up in the .data section, or things might break? Some 
one who knows that tool better than me should take a detailed look. 

I’m guessing it likely does the correct thing for toolchains that generate 
PE/COFF directly? 

My vote is to not add this feature until we can prove it works properly on all 
the toolchains. For Xcode it may be easier to just dump this stuff in the .text 
section (see my other mail for more background). It looks like we might have to 
modify GenFw if we want to create a .rodata section? 

It might be possible to cheat and use this concept to force code into the text 
section for ELF and Mach-O, but I’m not sure if that hits the correct security 
bar. But the last thing we want is to claim something is in a read only section 
when it is in a read write section. 

[1]  git grep CreateSectionHeader
BaseTools/Source/C/GenFw/Elf32Convert.c:602:CreateSectionHeader (".text", 
mTextOffset, mDataOffset - mTextOffset,
BaseTools/Source/C/GenFw/Elf32Convert.c:612:CreateSectionHeader (".data", 
mDataOffset, mHiiRsrcOffset - mDataOffset,
BaseTools/Source/C/GenFw/Elf32Convert.c:622:CreateSectionHeader (".rsrc", 
mHiiRsrcOffset, mRelocOffset - mHiiRsrcOffset,
BaseTools/Source/C/GenFw/Elf32Convert.c:1107:CreateSectionHeader (".reloc", 
mRelocOffset, mCoffOffset - mRelocOffset,
BaseTools/Source/C/GenFw/Elf64Convert.c:929:CreateSectionHeader (".text", 
mTextOffset, mDataOffset - mTextOffset,
BaseTools/Source/C/GenFw/Elf64Convert.c:939:CreateSectionHeader (".data", 
mDataOffset, mHiiRsrcOffset - mDataOffset,
BaseTools/Source/C/GenFw/Elf64Convert.c:949:CreateSectionHeader (".rsrc", 
mHiiRsrcOffset, mRelocOffset - mHiiRsrcOffset,
BaseTools/Source/C/GenFw/Elf64Convert.c:1641:CreateSectionHeader (".reloc", 
mRelocOffset, mCoffOffset - mRelocOffset,
BaseTools/Source/C/GenFw/ElfConvert.c:125:CreateSectionHeader (
BaseTools/Source/C/GenFw/ElfConvert.h:74:CreateSectionHeader (

Thanks,

Andrew Fish

> Thanks,
> Ray
> 
>> -Original Message-
>> From: Marvin Häuser mailto:mhaeu...@posteo.de>>
>> Sent: Monday, August 9, 2021 5:51 PM
>> To: devel@edk2.groups.io 
>> Cc: Dong, Eric mailto:eric.d...@intel.com>>; Ni, Ray 
>> mailto:ray...@intel.com>>; Kumar, Rahul1 
>> mailto:rahul1.ku...@intel.com>>; Vitaly Cheptsov
>> mailto:vit9...@protonmail.com>>
>> Subject: [PATCH v2 2/2] UefiCpuPkg/BaseUefiCpuLib: Use toolchain-specific 
>> rodata section name
>> 
>> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3318
>> 
>> Correctly define the read-only data sections with the
>> toolchain-specific section name. This hardens image permission
>> security and may save image space.
>> 
>> Cc: Eric Dong 
>> Cc: Ray Ni 
>> Cc: Rahul Kumar 
>> Cc: Vitaly Cheptsov 
>> Signed-off-by: Marvin Häuser 
>> ---
>> UefiCpuPkg/Library/BaseUefiCpuLib/Ia32/InitializeFpu.nasm | 2 +-
>> UefiCpuPkg/Library/BaseUefiCpuLib/X64/InitializeFpu.nasm  | 2 +-
>> 2 files changed, 2 insertions(+), 2 deletions(-)
>> 
>> diff --git a/UefiCpuPkg/Library/BaseUefiCpuLib/Ia32/InitializeFpu.nasm
>> b/UefiCpuPkg/Library/BaseUefiCpuLib/Ia32/InitializeFpu.nasm
>> index 5e27cc325012..cfb8bf4a5ae0 100644
>> --- a/UefiCpuPkg/Library/BaseUefiCpuLib/Ia32/InitializeFpu.nasm
>> +++ b/UefiCpuPkg/Library/BaseUefiCpuLib/Ia32/InitializeFpu.nasm
>> @@ -6,7 +6,7 @@
>> ;*
>> 
>> ;--
>> 
>> 
>> 
>> -SECTION .rodata
>> 
>> +SECTION RODATA_SECTION_NAME
>> 
>> 
>> 
>> ;
>> 
>> ; Float control word initial value:
>> 
>> diff --git a/UefiCpuPkg/Library/BaseUefiCpuLib/X64/InitializeFpu.nasm
>> b/UefiCpuPkg/Library/BaseUefiCpuLib/X64/InitializeFpu.nasm
>> index 8485b4713548..3c976a21e391 100644
>> --- a/UefiCpuPkg/Library/BaseUefiCpuLib/X64/InitializeFpu.nasm
>> +++ b/UefiCpuPkg/Library/BaseUefiCpuLib/X64/InitializeFpu.nasm
>> @@ -6,7 +6,7 @@
>> ;*
>> 
>> ;--
>> 
>> 
>> 
>> -SECTION .rodata
>> 
>> +SECTION RODATA_SECTION_NAME
>> 
>> ;
>> 
>> ; Float control word initial value:
>> 
>> ; all exceptions masked, double-extended-precision, round-to-nearest
>> 
>> --
>> 2.31.1
> 
> 
> 
> 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#79016): https://edk2.groups.io/g/devel/message/79016
Mute 

[edk2-devel] [edk2-platforms] [PATCH V1] MinPlatformPkg: Cleanup PeiFspWrapperHobProcessLib dependencies

[Nate DeSimone]

PeiFspWrapperHobProcessLib is currently set to depens on
FspWrapperPlatformLib, but it does not use any of the
functions implemented by that LibraryClass. This change
removes that unneeded dependency.

Cc: Chasel Chiu 
Cc: Michael Kubacki 
Cc: Benjamin Doron 
Signed-off-by: Nate DeSimone 
---
 .../PeiFspWrapperHobProcessLib/PeiFspWrapperHobProcessLib.inf  | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git 
a/Platform/Intel/MinPlatformPkg/FspWrapper/Library/PeiFspWrapperHobProcessLib/PeiFspWrapperHobProcessLib.inf
 
b/Platform/Intel/MinPlatformPkg/FspWrapper/Library/PeiFspWrapperHobProcessLib/PeiFspWrapperHobProcessLib.inf
index 64f3302959..b846e7af1d 100644
--- 
a/Platform/Intel/MinPlatformPkg/FspWrapper/Library/PeiFspWrapperHobProcessLib/PeiFspWrapperHobProcessLib.inf
+++ 
b/Platform/Intel/MinPlatformPkg/FspWrapper/Library/PeiFspWrapperHobProcessLib/PeiFspWrapperHobProcessLib.inf
@@ -1,7 +1,7 @@
 ## @file
 #  Provide FSP wrapper hob process related function.
 #
-# Copyright (c) 2017 - 2019, Intel Corporation. All rights reserved.
+# Copyright (c) 2017 - 2021, Intel Corporation. All rights reserved.
 #
 # SPDX-License-Identifier: BSD-2-Clause-Patent
 #
@@ -55,7 +55,6 @@
   BaseMemoryLib
   HobLib
   DebugLib
-  FspWrapperPlatformLib
   PeiServicesLib
   PeiServicesTablePointerLib
 
-- 
2.27.0.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#79015): https://edk2.groups.io/g/devel/message/79015
Mute This Topic: https://groups.io/mt/84786793/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [edk2-platforms] [PATCH V1] KabylakeSiliconPkg: Update SA_MISC_PEI_PREMEM_CONFIG

[Nate DeSimone]

Updates SA_MISC_PEI_PREMEM_CONFIG from revision 1
to revision 3. Add initialization of the policy values.

Cc: Chasel Chiu 
Cc: Michael Kubacki 
Cc: Benjamin Doron 
Signed-off-by: Nate DeSimone 
---
 .../KabylakeRvp3/OpenBoardPkg.dsc | 24 +++---
 .../PeiSiliconPolicyUpdateLib.c   | 39 +-
 .../PeiSiliconPolicyUpdateLib.inf |  9 ++-
 .../ConfigBlock/SaMiscPeiPreMemConfig.h   | 77 ++-
 .../Library/PeiSaPolicyLib/PeiSaPolicyLib.c   | 37 -
 5 files changed, 169 insertions(+), 17 deletions(-)

diff --git a/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/OpenBoardPkg.dsc 
b/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/OpenBoardPkg.dsc
index 8523ab3f4f..f64555e391 100644
--- a/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/OpenBoardPkg.dsc
+++ b/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/OpenBoardPkg.dsc
@@ -182,17 +182,6 @@
   # Board-specific
   ###
   
PlatformHookLib|$(PROJECT)/Library/BasePlatformHookLib/BasePlatformHookLib.inf
-!if gIntelFsp2WrapperTokenSpaceGuid.PcdFspModeSelection == 1
-  #
-  # FSP API mode
-  #
-  
SiliconPolicyUpdateLib|$(PROJECT)/FspWrapper/Library/PeiSiliconPolicyUpdateLibFsp/PeiSiliconPolicyUpdateLibFsp.inf
-!else
-  #
-  # FSP Dispatch mode and non-FSP build (EDK2 build)
-  #
-  
SiliconPolicyUpdateLib|$(PROJECT)/Policy/Library/PeiSiliconPolicyUpdateLib/PeiSiliconPolicyUpdateLib.inf
-!endif
 
 [LibraryClasses.IA32.SEC]
   ###
@@ -200,6 +189,7 @@
   ###
   
TestPointCheckLib|$(PLATFORM_PACKAGE)/Test/Library/TestPointCheckLib/SecTestPointCheckLib.inf
   
SecBoardInitLib|$(PLATFORM_PACKAGE)/PlatformInit/Library/SecBoardInitLibNull/SecBoardInitLibNull.inf
+  
SiliconPolicyUpdateLib|MinPlatformPkg/PlatformInit/Library/SiliconPolicyUpdateLibNull/SiliconPolicyUpdateLibNull.inf
 
 [LibraryClasses.common.PEIM]
   ###
@@ -222,6 +212,18 @@
   ###
   # Board Package
   ###
+!if gIntelFsp2WrapperTokenSpaceGuid.PcdFspModeSelection == 1
+  #
+  # FSP API mode
+  #
+  
SiliconPolicyUpdateLib|$(PROJECT)/FspWrapper/Library/PeiSiliconPolicyUpdateLibFsp/PeiSiliconPolicyUpdateLibFsp.inf
+!else
+  #
+  # FSP Dispatch mode and non-FSP build (EDK2 build)
+  #
+  
SiliconPolicyUpdateLib|$(PROJECT)/Policy/Library/PeiSiliconPolicyUpdateLib/PeiSiliconPolicyUpdateLib.inf
+!endif
+
   # Thunderbolt
 !if gKabylakeOpenBoardPkgTokenSpaceGuid.PcdTbtEnable == TRUE
   
PeiDTbtInitLib|$(PLATFORM_BOARD_PACKAGE)/Features/Tbt/Library/Private/PeiDTbtInitLib/PeiDTbtInitLib.inf
diff --git 
a/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/Policy/Library/PeiSiliconPolicyUpdateLib/PeiSiliconPolicyUpdateLib.c
 
b/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/Policy/Library/PeiSiliconPolicyUpdateLib/PeiSiliconPolicyUpdateLib.c
index 5cc7c03c61..2dce9be63c 100644
--- 
a/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/Policy/Library/PeiSiliconPolicyUpdateLib/PeiSiliconPolicyUpdateLib.c
+++ 
b/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/Policy/Library/PeiSiliconPolicyUpdateLib/PeiSiliconPolicyUpdateLib.c
@@ -1,7 +1,7 @@
 /** @file
   Provides silicon policy update library functions.
 
-Copyright (c) 2019, Intel Corporation. All rights reserved.
+Copyright (c) 2019 - 2021, Intel Corporation. All rights reserved.
 SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
@@ -398,6 +398,8 @@ SiliconPolicyUpdatePreMem (
   SA_MISC_PEI_PREMEM_CONFIG *MiscPeiPreMemConfig;
   MEMORY_CONFIG_NO_CRC  *MemConfigNoCrc;
   VOID  *Buffer;
+  UINTN VariableSize;
+  VOID  *MemorySavedData;
   UINT8 SpdAddressTable[4];
 
   DEBUG((DEBUG_INFO, "\nUpdating Policy in Pre-Mem\n"));
@@ -417,6 +419,41 @@ SiliconPolicyUpdatePreMem (
   // Pass board specific SpdAddressTable to policy
   //
   CopyMem ((VOID *) MiscPeiPreMemConfig->SpdAddressTable, (VOID *) 
SpdAddressTable, (sizeof (UINT8) * 4));
+
+  //
+  // Set size of SMRAM
+  //
+  MiscPeiPreMemConfig->TsegSize = PcdGet32 (PcdTsegSize);
+
+  //
+  // Initialize S3 Data variable (S3DataPtr). It may be used for warm and 
fast boot paths.
+  // Note: AmberLake FSP does not implement the FSPM_ARCH_CONFIG_PPI added 
in FSP 2.1, hence
+  // the platform specific S3DataPtr must be used instead.
+  //
+  VariableSize = 0;
+  MemorySavedData = NULL;
+  Status = PeiGetVariable (
+L"MemoryConfig",
+,
+,
+
+);
+  DEBUG ((DEBUG_INFO, "Get L\"MemoryConfig\" gFspNonVolatileStorageHobGuid 
- %r\n", Status));
+  DEBUG ((DEBUG_INFO, "MemoryConfig Size - 0x%x\n", VariableSize));
+  if (!EFI_ERROR (Status)) {
+MiscPeiPreMemConfig->S3DataPtr = 

Re: [edk2-devel] [PATCH v2 1/2] BaseTools: Define the read-only data section name per toolchain

[Andrew Fish via groups.io]

> On Aug 9, 2021, at 2:51 AM, Marvin Häuser  wrote:
> 
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3318
> 
> Different toolchains of the EDK II build system may generate ELF or
> Mach-O files, which use the ".rodata" naming convention, or PE/COFF
> files, which use the ".rdata" naming convention. Section permissions
> are chosen based on this name per file format by NASM. To harden
> image permission security, and to save space by avoiding both
> ".rdata" and ".rodata" sections being emitted, expose the appropriate
> name as a preprocessor constant.
> 
> Cc: Bob Feng 
> Cc: Liming Gao 
> Cc: Yuwei Chen 
> Cc: Vitaly Cheptsov 
> Signed-off-by: Marvin Häuser 
> ---
> BaseTools/Conf/tools_def.template | 172 ++--
> 1 file changed, 86 insertions(+), 86 deletions(-)
> 
> diff --git a/BaseTools/Conf/tools_def.template 
> b/BaseTools/Conf/tools_def.template
> index 2e6b382ab623..84d464916c4d 100755
> --- a/BaseTools/Conf/tools_def.template
> +++ b/BaseTools/Conf/tools_def.template
> @@ -463,9 +463,9 @@ NOOPT_VS2008_IA32_CC_FLAGS= /nologo /c /WX /GS- 
> /W4 /Gs32768 /D UNICODE
> RELEASE_VS2008_IA32_ASM_FLAGS = /nologo /c /WX /W3 /Cx /coff /Zd
> 
> NOOPT_VS2008_IA32_ASM_FLAGS   = /nologo /c /WX /W3 /Cx /coff /Zd /Zi
> 
> 
> 
> -  DEBUG_VS2008_IA32_NASM_FLAGS= -Ox -f win32 -g
> 
> -RELEASE_VS2008_IA32_NASM_FLAGS= -Ox -f win32
> 
> -NOOPT_VS2008_IA32_NASM_FLAGS  = -O0 -f win32 -g
> 
> +  DEBUG_VS2008_IA32_NASM_FLAGS= -Ox -f win32 -g 
> -DRODATA_SECTION_NAME=.rdata
> 
> +RELEASE_VS2008_IA32_NASM_FLAGS= -Ox -f win32 -DRODATA_SECTION_NAME=.rdata
> 
> +NOOPT_VS2008_IA32_NASM_FLAGS  = -O0 -f win32 -g 
> -DRODATA_SECTION_NAME=.rdata
> 
> 
> 
>   DEBUG_VS2008_IA32_DLINK_FLAGS   = /NOLOGO /NODEFAULTLIB /IGNORE:4001 
> /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D 
> /MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) 
> /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /DEBUG
> 
> RELEASE_VS2008_IA32_DLINK_FLAGS   = /NOLOGO /NODEFAULTLIB /IGNORE:4001 
> /IGNORE:4254 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D 
> /SECTION:.pdata,D /MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) 
> /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER 
> /MERGE:.rdata=.data
> 
> @@ -495,9 +495,9 @@ NOOPT_VS2008_X64_CC_FLAGS   = /nologo /c /WX /GS- /W4 
> /Gs32768 /D UNICODE /G
> RELEASE_VS2008_X64_ASM_FLAGS= /nologo /c /WX /W3 /Cx /Zd
> 
> NOOPT_VS2008_X64_ASM_FLAGS= /nologo /c /WX /W3 /Cx /Zd /Zi
> 
> 
> 
> -  DEBUG_VS2008_X64_NASM_FLAGS   = -Ox -f win64 -g
> 
> -RELEASE_VS2008_X64_NASM_FLAGS   = -Ox -f win64
> 
> -NOOPT_VS2008_X64_NASM_FLAGS = -O0 -f win64 -g
> 
> +  DEBUG_VS2008_X64_NASM_FLAGS   = -Ox -f win64 -g 
> -DRODATA_SECTION_NAME=.rdata
> 
> +RELEASE_VS2008_X64_NASM_FLAGS   = -Ox -f win64 -DRODATA_SECTION_NAME=.rdata
> 
> +NOOPT_VS2008_X64_NASM_FLAGS = -O0 -f win64 -g 
> -DRODATA_SECTION_NAME=.rdata
> 
> 
> 
>   DEBUG_VS2008_X64_DLINK_FLAGS  = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /OPT:REF 
> /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /Machine:X64 
> /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER 
> /SAFESEH:NO /BASE:0 /DRIVER /DEBUG
> 
> RELEASE_VS2008_X64_DLINK_FLAGS  = /NOLOGO /NODEFAULTLIB /IGNORE:4001 
> /IGNORE:4254 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D 
> /SECTION:.pdata,D /Machine:X64 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) 
> /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER 
> /MERGE:.rdata=.data
> 
> @@ -574,9 +574,9 @@ NOOPT_VS2008x86_IA32_CC_FLAGS  = /nologo /c /WX /GS- 
> /W4 /Gs32768 /D UNICODE
> RELEASE_VS2008x86_IA32_ASM_FLAGS   = /nologo /c /WX /W3 /Cx /coff /Zd
> 
> NOOPT_VS2008x86_IA32_ASM_FLAGS = /nologo /c /WX /W3 /Cx /coff /Zd /Zi
> 
> 
> 
> -  DEBUG_VS2008x86_IA32_NASM_FLAGS  = -Ox -f win32 -g
> 
> -RELEASE_VS2008x86_IA32_NASM_FLAGS  = -Ox -f win32
> 
> -NOOPT_VS2008x86_IA32_NASM_FLAGS= -O0 -f win32 -g
> 
> +  DEBUG_VS2008x86_IA32_NASM_FLAGS  = -Ox -f win32 -g 
> -DRODATA_SECTION_NAME=.rdata
> 
> +RELEASE_VS2008x86_IA32_NASM_FLAGS  = -Ox -f win32 
> -DRODATA_SECTION_NAME=.rdata
> 
> +NOOPT_VS2008x86_IA32_NASM_FLAGS= -O0 -f win32 -g 
> -DRODATA_SECTION_NAME=.rdata
> 
> 
> 
>   DEBUG_VS2008x86_IA32_DLINK_FLAGS = /NOLOGO /NODEFAULTLIB /IGNORE:4001 
> /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D 
> /MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) 
> /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /DEBUG
> 
> RELEASE_VS2008x86_IA32_DLINK_FLAGS = /NOLOGO /NODEFAULTLIB /IGNORE:4001 
> /IGNORE:4254 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D 
> /SECTION:.pdata,D /MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) 
> /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER 
> /MERGE:.rdata=.data
> 
> @@ -605,9 +605,9 @@ NOOPT_VS2008x86_X64_CC_FLAGS   = /nologo /c /WX /GS- 
> /W4 /Gs32768 /D UNICODE
> 

Re: [edk2-devel] [PATCH EDK2 v2 1/1] MdeModulePkg/UefiSortLib:Add UefiSortLib unit test

[Wu, Hao A]

Sorry Mike,

Do you have advice on how to deal with ECC reporting function naming issue on 
the 'main' function for unit test cases?
So far, I think Wenyi has tried following the same pattern in file 
MdeModulePkg\Universal\Variable\RuntimeDxe\RuntimeDxeUnitTest\VariableLockRequestToLockUnitTest.c:

///
/// Avoid ECC error for function name that starts with lower case letter
///
#define Main main

/**
  Standard POSIX C entry point for host based unit test execution.

  @param[in] Argc  Number of arguments
  @param[in] Argv  Array of pointers to arguments

  @retval 0  Success
  @retval other  Error
**/
INT32
Main (
  IN INT32  Argc,
  IN CHAR8  *Argv[]
  )

But it looks like the ECC checker in the merge test is still complaining.

Best Regards,
Hao Wu

> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of Wu, Hao
> A
> Sent: Wednesday, August 4, 2021 4:24 PM
> To: xiewenyi (A) ; Kinney, Michael D
> ; devel@edk2.groups.io
> Cc: songdongku...@huawei.com; Wang, Jian J 
> Subject: Re: [edk2-devel] [PATCH EDK2 v2 1/1]
> MdeModulePkg/UefiSortLib:Add UefiSortLib unit test
> 
> > -Original Message-
> > From: xiewenyi (A) 
> > Sent: Wednesday, August 4, 2021 4:05 PM
> > To: Wu, Hao A ; devel@edk2.groups.io
> > Cc: songdongku...@huawei.com; Wang, Jian J 
> > Subject: Re: [edk2-devel] [PATCH EDK2 v2 1/1]
> > MdeModulePkg/UefiSortLib:Add UefiSortLib unit test
> >
> >
> >
> > On 2021/8/2 9:56, Wu, Hao A wrote:
> > >> -Original Message-
> > >> From: devel@edk2.groups.io  On Behalf Of Wu,
> > >> Hao A
> > >> Sent: Thursday, July 29, 2021 4:26 PM
> > >> To: Wenyi Xie ; devel@edk2.groups.io; Wang,
> > >> Jian J 
> > >> Cc: songdongku...@huawei.com
> > >> Subject: Re: [edk2-devel] [PATCH EDK2 v2 1/1]
> > >> MdeModulePkg/UefiSortLib:Add UefiSortLib unit test
> > >>
> > >>> -Original Message-
> > >>> From: Wenyi Xie 
> > >>> Sent: Thursday, July 29, 2021 4:01 PM
> > >>> To: devel@edk2.groups.io; Wang, Jian J ;
> > >>> Wu, Hao A 
> > >>> Cc: songdongku...@huawei.com; xiewen...@huawei.com
> > >>> Subject: [PATCH EDK2 v2 1/1] MdeModulePkg/UefiSortLib:Add
> > >>> UefiSortLib unit test
> > >>>
> > >>> Adding two unit test case for UefiSortLib. One is a test on
> > >>> sorting an array of
> > >>> UINT32 by using PerformQuickSort, another is a test on comparing
> > >>> the same buffer by using StringCompare.
> > >>
> > >>
> > >> Thanks.
> > >> Reviewed-by: Hao A Wu 
> > >
> > >
> > > Sorry, I found that there are a couple of coding format style check
> > > failures
> > when merging the patch.
> > > Could you help to resolve them and then create a test pull request
> > > on the
> > GitHub for verification? Thanks in advance.
> > > (I think you can take the case under
> > > MdeModulePkg/Universal/Variable/RuntimeDxe/RuntimeDxeUnitTest/
> for
> > > reference.)
> > >
> >
> > Hi, Wu Hao
> >
> > I try to deal with the coding format style check failures, and meet a
> > failure which I am not sure how to solve.
> > I take the case you told for reference, but still there's a failure
> > said the define should be capital letters.
> > but if change it to capital letters, there will be another error
> > Function name does not follow the rules: 1. First character should be
> > upper case 2. Must contain lower case characters 3. No white space
> > characters
> >
> > #define Main main
> >
> > INT32
> > Main (
> >   IN INT32  Argc,
> >   IN CHAR8  *Argv[]
> >   )
> > {
> >   UnitTestingEntry ();
> >   return 0;
> > }
> 
> 
> Hello Mike,
> 
> I saw the below commit:
>   SHA-1: dcaa93936591883aa7826eb45ef00416ad82ef08
>   * MdeModulePkg/Variable/RuntimeDxe: Add Variable Lock Protocol Unit
> Tests has a similar case that should involve the naming of the 'main' function
> within the unit test codes.
> 
> I am wondering how the open raised by Wenyi was handled back then.
> Do you have suggestions for this case? Thanks in advance.
> 
> Best Regards,
> Hao Wu
> 
> 
> >
> > Thanks
> > Wenyi
> >
> > > Error details:
> > > 2021-08-02T01:09:28.5955820Z ##[section]Starting: Build and Test
> > > MdeModulePkg IA32,X64,ARM,AARCH64,RISCV64 2021-08-
> > 02T01:09:28.5960733Z
> >
> ==
> ===
> > =
> > > 2021-08-02T01:09:28.5961018Z Task : Command Line
> > > 2021-08-02T01:09:28.5961258Z Description  : Run a command line with
> > arguments
> > > 2021-08-02T01:09:28.5961502Z Version  : 1.1.3
> > > 2021-08-02T01:09:28.5961897Z Author   : Microsoft Corporation
> > > 2021-08-02T01:09:28.5962259Z Help : [More
> > Information](https://go.microsoft.com/fwlink/?LinkID=613735)
> > > 2021-08-02T01:09:28.5962678Z
> > >
> >
> ==
> ===
> > =
> > >  2021-08-02T01:09:29.3504946Z (node:3659) Warning: Use
> > > Cipheriv for counter mode of aes-256-ctr
> > > 2021-08-02T01:09:29.3510020Z
> > > (node:3659) Warning: Use Cipheriv for counter mode of aes-256-ctr
> > > 

[edk2-devel] [PATCH v2 5/6] Silicon/Broadcom/Bcm27xx: Move linkup check into the cfg accessor

[Jeremy Linton]

The existing code fails to create/finish configuring the
pcie subsystem if it fails to get a linkup. This is reasonable
on the RPi4 because it generally won't happen, and the OS
could not see the root port. Now that the OS can see the
root port, its a bit odd if it only shows up when
something is plugged into the first slot. Lets move the
link up check into the config accessor where it will be used
to restrict sending CFG TLP's out the port when nothing is
plugged in. Thus avoiding a SERROR during probe.

Signed-off-by: Jeremy Linton 
---
 .../Bcm2711PciHostBridgeLib/Bcm2711PciHostBridgeLibConstructor.c   | 5 -
 .../Broadcom/Bcm27xx/Library/Bcm2711PciSegmentLib/PciSegmentLib.c  | 7 +++
 2 files changed, 7 insertions(+), 5 deletions(-)

diff --git 
a/Silicon/Broadcom/Bcm27xx/Library/Bcm2711PciHostBridgeLib/Bcm2711PciHostBridgeLibConstructor.c
 
b/Silicon/Broadcom/Bcm27xx/Library/Bcm2711PciHostBridgeLib/Bcm2711PciHostBridgeLibConstructor.c
index 8587d2d36d..4d4c584726 100644
--- 
a/Silicon/Broadcom/Bcm27xx/Library/Bcm2711PciHostBridgeLib/Bcm2711PciHostBridgeLibConstructor.c
+++ 
b/Silicon/Broadcom/Bcm27xx/Library/Bcm2711PciHostBridgeLib/Bcm2711PciHostBridgeLibConstructor.c
@@ -204,11 +204,6 @@ Bcm2711PciHostBridgeLibConstructor (
   } while (((Data & 0x30) != 0x030) && (Timeout));
   DEBUG ((DEBUG_VERBOSE, "PCIe link ready (status=%x) Timeout=%d\n", Data, 
Timeout));
 
-  if ((Data & 0x30) != 0x30) {
-DEBUG ((DEBUG_ERROR, "PCIe link not ready (status=%x)\n", Data));
-return EFI_DEVICE_ERROR;
-  }
-
   if ((Data & 0x80) != 0x80) {
 DEBUG ((DEBUG_ERROR, "PCIe link not in RC mode (status=%x)\n", Data));
 return EFI_UNSUPPORTED;
diff --git 
a/Silicon/Broadcom/Bcm27xx/Library/Bcm2711PciSegmentLib/PciSegmentLib.c 
b/Silicon/Broadcom/Bcm27xx/Library/Bcm2711PciSegmentLib/PciSegmentLib.c
index 6d15e82fa2..b627e5730b 100644
--- a/Silicon/Broadcom/Bcm27xx/Library/Bcm2711PciSegmentLib/PciSegmentLib.c
+++ b/Silicon/Broadcom/Bcm27xx/Library/Bcm2711PciSegmentLib/PciSegmentLib.c
@@ -105,6 +105,13 @@ PciSegmentLibGetConfigBase (
   return 0x;
   }
 
+  /* Don't probe slots if the link is down */
+  Data = MmioRead32 (PCIE_REG_BASE + PCIE_MISC_PCIE_STATUS);
+  if ((Data & 0x30) != 0x30) {
+  DEBUG ((DEBUG_ERROR, "PCIe link not ready (status=%x)\n", Data));
+  return 0x;
+  }
+
   MmioWrite32 (PCIE_REG_BASE + PCIE_EXT_CFG_INDEX, Address);
   mPciSegmentLastAccess = Address;
 }
-- 
2.13.7



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#79010): https://edk2.groups.io/g/devel/message/79010
Mute This Topic: https://groups.io/mt/84786153/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v2 6/6] Platform/RaspberryPi: Enable NVMe boot on CM4

[Jeremy Linton]

The CM4 has a number of carrier boards with PCIe
slots. With the PCIe changes in place its quite
possible to utilize a NVMe root device. Lets allow
people to boot from it.

Reviewed-by: Andrei Warkentin 
Signed-off-by: Jeremy Linton 
---
 Platform/RaspberryPi/RPi4/RPi4.dsc | 5 +
 Platform/RaspberryPi/RPi4/RPi4.fdf | 5 +
 2 files changed, 10 insertions(+)

diff --git a/Platform/RaspberryPi/RPi4/RPi4.dsc 
b/Platform/RaspberryPi/RPi4/RPi4.dsc
index babcbb2f41..25c29a0fbf 100644
--- a/Platform/RaspberryPi/RPi4/RPi4.dsc
+++ b/Platform/RaspberryPi/RPi4/RPi4.dsc
@@ -754,6 +754,11 @@
   }
 
   #
+  # NVMe boot devices
+  #
+  MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf
+
+  #
   # UEFI application (Shell Embedded Boot Loader)
   #
   ShellPkg/Application/Shell/Shell.inf {
diff --git a/Platform/RaspberryPi/RPi4/RPi4.fdf 
b/Platform/RaspberryPi/RPi4/RPi4.fdf
index 3534cd3dc3..0c782d2f35 100644
--- a/Platform/RaspberryPi/RPi4/RPi4.fdf
+++ b/Platform/RaspberryPi/RPi4/RPi4.fdf
@@ -283,6 +283,11 @@ READ_LOCK_STATUS   = TRUE
   INF EmbeddedPkg/Drivers/NonCoherentIoMmuDxe/NonCoherentIoMmuDxe.inf
 
   #
+  # NVMe boot devices
+  #
+  INF MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf
+
+  #
   # SCSI Bus and Disk Driver
   #
   INF MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf
-- 
2.13.7



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#79011): https://edk2.groups.io/g/devel/message/79011
Mute This Topic: https://groups.io/mt/84786154/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v2 3/6] Platform/RaspberryPi: Add PCIe SSDT

[Jeremy Linton]

Since we plan on toggling between XHCI and PCI the PCI
root needs to be in its own SSDT. This is all thats needed
of UEFI. The SMC conduit is provided directly to the running
OS. When the OS detects this PCIe port on a machine without
a MCFG it attempts to connect to the SMC conduit. The RPi
definition doesn't have any power mgmt, and only provides
a description of the root port.

Signed-off-by: Jeremy Linton 
---
 Platform/RaspberryPi/AcpiTables/AcpiTables.inf |   3 +
 Platform/RaspberryPi/AcpiTables/Pci.asl| 209 +
 Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxe.c |   6 +
 3 files changed, 218 insertions(+)
 create mode 100644 Platform/RaspberryPi/AcpiTables/Pci.asl

diff --git a/Platform/RaspberryPi/AcpiTables/AcpiTables.inf 
b/Platform/RaspberryPi/AcpiTables/AcpiTables.inf
index f3e8d950c1..da2a6db85f 100644
--- a/Platform/RaspberryPi/AcpiTables/AcpiTables.inf
+++ b/Platform/RaspberryPi/AcpiTables/AcpiTables.inf
@@ -39,6 +39,7 @@
   Pptt.aslc
   SsdtThermal.asl
   Xhci.asl
+  Pci.asl
 
 [Packages]
   ArmPkg/ArmPkg.dec
@@ -59,6 +60,8 @@
   gArmTokenSpaceGuid.PcdGicInterruptInterfaceBase
   gArmTokenSpaceGuid.PcdGicDistributorBase
   gBcm27xxTokenSpaceGuid.PcdBcm27xxPciCpuMmioAdr
+  gBcm27xxTokenSpaceGuid.PcdBcm27xxPciBusMmioAdr
+  gBcm27xxTokenSpaceGuid.PcdBcm27xxPciBusMmioLen
   gBcm27xxTokenSpaceGuid.PcdBcm27xxPciRegBase
   gBcm27xxTokenSpaceGuid.PcdBcmGenetRegistersAddress
   gBcm283xTokenSpaceGuid.PcdBcm283xRegistersAddress
diff --git a/Platform/RaspberryPi/AcpiTables/Pci.asl 
b/Platform/RaspberryPi/AcpiTables/Pci.asl
new file mode 100644
index 00..31527d87b5
--- /dev/null
+++ b/Platform/RaspberryPi/AcpiTables/Pci.asl
@@ -0,0 +1,209 @@
+/** @file
+ *
+ *  Copyright (c) 2019 Linaro, Limited. All rights reserved.
+ *  Copyright (c) 2021 Arm
+ *
+ *  SPDX-License-Identifier: BSD-2-Clause-Patent
+ *
+ **/
+
+#include 
+
+#include "AcpiTables.h"
+
+/*
+ * The following can be used to remove parenthesis from
+ * defined macros that the compiler complains about.
+ */
+#define ISOLATE_ARGS(...)   __VA_ARGS__
+#define REMOVE_PARENTHESES(x)   ISOLATE_ARGS x
+
+#define SANITIZED_PCIE_CPU_MMIO_WINDOW  
REMOVE_PARENTHESES(PCIE_CPU_MMIO_WINDOW)
+#define SANITIZED_PCIE_MMIO_LEN 
REMOVE_PARENTHESES(PCIE_BRIDGE_MMIO_LEN)
+#define SANITIZED_PCIE_PCI_MMIO_BEGIN   REMOVE_PARENTHESES(PCIE_TOP_OF_MEM_WIN)
+
+/*
+ * According to UEFI boot log for the VLI device on Pi 4.
+ */
+#define RT_REG_LENGTH 0x1000
+
+DefinitionBlock (__FILE__, "SSDT", 5, "RPIFDN", "RPI4PCIE", 2)
+{
+  Scope (\_SB_)
+  {
+
+Device (SCB0) {
+  Name (_HID, "ACPI0004")
+  Name (_UID, 0x1)
+  Name (_CCA, 0x0)
+
+  Method (_CRS, 0, Serialized) {
+// Container devices with _DMA must have _CRS, 
+// meaning SCB0 to provide all resources that
+// PCI0 consumes (except interrupts).
+Name (RBUF, ResourceTemplate () {
+QWordMemory (ResourceProducer,
+,
+MinFixed,
+MaxFixed,
+NonCacheable,
+ReadWrite,
+0x0,
+SANITIZED_PCIE_CPU_MMIO_WINDOW, // MIN
+SANITIZED_PCIE_CPU_MMIO_WINDOW, // MAX
+0x0,
+0x1,// LEN
+,
+,
+MMIO
+)
+})
+CreateQwordField (RBUF, MMIO._MAX, MMBE)
+CreateQwordField (RBUF, MMIO._LEN, MMLE)
+Add (MMBE, RT_REG_LENGTH - 1, MMBE)
+Add (MMLE, RT_REG_LENGTH - 1, MMLE)
+Return (RBUF)
+  }
+
+  Name (_DMA, ResourceTemplate() {
+// PCIe can only DMA to first 3GB with early SOC's
+// But we keep the restriction on the later ones
+// To avoid DMA translation problems.
+QWordMemory (ResourceProducer,
+,
+MinFixed,
+MaxFixed,
+NonCacheable,
+ReadWrite,
+0x0,
+0x0,// MIN
+0xbfff, // MAX
+0x0,// TRA
+0xc000, // LEN
+,
+,
+)
+  })
+
+
+  Device(PCI0)
+  {
+Name(_HID, EISAID("PNP0A08")) // PCI Express Root Bridge
+Name(_CID, EISAID("PNP0A03")) // Compatible PCI Root Bridge
+Name(_SEG, Zero) // PCI Segment Group number
+Name(_BBN, Zero) // PCI Base Bus Number
+Name(_CCA, 0)// Mark the PCI noncoherent
+
+// Root Complex 0
+Device (RP0) {
+ Name(_ADR, 0xF000)// Dev 0, Func 0
+}
+
+Name (_DMA, ResourceTemplate() {
+  QWordMemory (ResourceConsumer,
+,
+MinFixed,
+MaxFixed,
+NonCacheable,
+ReadWrite,
+0x0,
+0x0,// MIN
+0xbfff, // MAX
+0x0,// TRA
+0xc000, // 

[edk2-devel] [PATCH v2 4/6] Silicon/Broadcom/Bcm27xx: Relax PCIe device restriction

[Jeremy Linton]

The CM4 has an actual PCIe slot, so the device filtering
need to be a little less restrictive WRT busses with more
than 1 device given that switches can now appear in the
topology. Since it is possible to start numbering the
busses with a non-zero value, the bus restriction should
be based on the secondary side of the root port. This
isn't likely but its better than hard-coding the limit.

Suggested-by: René Treffer 
Signed-off-by: Jeremy Linton 
---
 .../Library/Bcm2711PciSegmentLib/PciSegmentLib.c| 21 ++---
 1 file changed, 14 insertions(+), 7 deletions(-)

diff --git 
a/Silicon/Broadcom/Bcm27xx/Library/Bcm2711PciSegmentLib/PciSegmentLib.c 
b/Silicon/Broadcom/Bcm27xx/Library/Bcm2711PciSegmentLib/PciSegmentLib.c
index 44ce3b4b99..6d15e82fa2 100644
--- a/Silicon/Broadcom/Bcm27xx/Library/Bcm2711PciSegmentLib/PciSegmentLib.c
+++ b/Silicon/Broadcom/Bcm27xx/Library/Bcm2711PciSegmentLib/PciSegmentLib.c
@@ -19,6 +19,7 @@
 #include 
 #include 
 #include 
+#include 
 
 typedef enum {
   PciCfgWidthUint8 = 0,
@@ -78,6 +79,9 @@ PciSegmentLibGetConfigBase (
   UINT64Base;
   UINT64Offset;
   UINT32Dev;
+  UINT32Bus;
+  UINT32Data;
+  UINT32HostPortSec;
 
   Base = PCIE_REG_BASE;
   Offset = Address & 0xFFF; /* Pick off the 4k register offset */
@@ -89,17 +93,20 @@ PciSegmentLibGetConfigBase (
 Base += PCIE_EXT_CFG_DATA;
 if (mPciSegmentLastAccess != Address) {
   Dev = EFI_PCI_ADDR_DEV (Address);
+  Bus = EFI_PCI_ADDR_BUS (Address);
+  HostPortSec = MmioRead8 (PCIE_REG_BASE +
+   PCI_BRIDGE_SECONDARY_BUS_REGISTER_OFFSET);
+
   /*
-   * Scan things out directly rather than translating the "bus" to a 
device, etc..
-   * only we need to limit each bus to a single device.
+   * There can only be a single device on bus 1 (downstream of root).
+   * Subsequent busses (behind a PCIe switch) can have more.
*/
-  if (Dev < 1) {
-  MmioWrite32 (PCIE_REG_BASE + PCIE_EXT_CFG_INDEX, Address);
-  mPciSegmentLastAccess = Address;
-  } else {
-  mPciSegmentLastAccess = 0;
+  if (Dev > 0 && (Bus <= HostPortSec)) {
   return 0x;
   }
+
+  MmioWrite32 (PCIE_REG_BASE + PCIE_EXT_CFG_INDEX, Address);
+  mPciSegmentLastAccess = Address;
 }
   }
   return Base + Offset;
-- 
2.13.7



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#79009): https://edk2.groups.io/g/devel/message/79009
Mute This Topic: https://groups.io/mt/84786152/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v2 2/6] Platform/RaspberryPi: Break XHCI into its own SSDT

[Jeremy Linton]

Lets prepare to switch between XHCI and PCI by moving
the XHCI definition into its own SSDT. That way we can
select it based on the menu settings. The resource
producer/consumer flag is also corrected.

Reviewed-by: Andrei Warkentin 
Signed-off-by: Jeremy Linton 
---
 Platform/RaspberryPi/AcpiTables/AcpiTables.inf |  1 +
 Platform/RaspberryPi/AcpiTables/Dsdt.asl   |  3 --
 Platform/RaspberryPi/AcpiTables/Xhci.asl   | 35 ++
 Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxe.c |  8 +
 4 files changed, 31 insertions(+), 16 deletions(-)

diff --git a/Platform/RaspberryPi/AcpiTables/AcpiTables.inf 
b/Platform/RaspberryPi/AcpiTables/AcpiTables.inf
index 1ddc9ca5fe..f3e8d950c1 100644
--- a/Platform/RaspberryPi/AcpiTables/AcpiTables.inf
+++ b/Platform/RaspberryPi/AcpiTables/AcpiTables.inf
@@ -38,6 +38,7 @@
   SpcrPl011.aslc
   Pptt.aslc
   SsdtThermal.asl
+  Xhci.asl
 
 [Packages]
   ArmPkg/ArmPkg.dec
diff --git a/Platform/RaspberryPi/AcpiTables/Dsdt.asl 
b/Platform/RaspberryPi/AcpiTables/Dsdt.asl
index 1ee6379f46..b594d50bdf 100644
--- a/Platform/RaspberryPi/AcpiTables/Dsdt.asl
+++ b/Platform/RaspberryPi/AcpiTables/Dsdt.asl
@@ -64,9 +64,6 @@ DefinitionBlock ("Dsdt.aml", "DSDT", 2, "RPIFDN", "RPI", 2)
   Scope (\_SB_)
   {
 include ("Pep.asl")
-#if (RPI_MODEL == 4)
-include ("Xhci.asl")
-#endif
 
 Device (CPU0)
 {
diff --git a/Platform/RaspberryPi/AcpiTables/Xhci.asl 
b/Platform/RaspberryPi/AcpiTables/Xhci.asl
index bc3fea60f9..9b37277956 100644
--- a/Platform/RaspberryPi/AcpiTables/Xhci.asl
+++ b/Platform/RaspberryPi/AcpiTables/Xhci.asl
@@ -9,6 +9,8 @@
 
 #include 
 
+#include "AcpiTables.h"
+
 /*
  * The following can be used to remove parenthesis from
  * defined macros that the compiler complains about.
@@ -24,12 +26,17 @@
  */
 #define XHCI_REG_LENGTH 0x1000
 
-Device (SCB0) {
-Name (_HID, "ACPI0004")
-Name (_UID, 0x0)
-Name (_CCA, 0x0)
+DefinitionBlock (__FILE__, "SSDT", 5, "RPIFDN", "RPI4XHCI", 2)
+{
+  Scope (\_SB_)
+  {
+
+Device (SCB0) {
+  Name (_HID, "ACPI0004")
+  Name (_UID, 0x0)
+  Name (_CCA, 0x0)
 
-Method (_CRS, 0, Serialized) { // _CRS: Current Resource Settings
+  Method (_CRS, 0, Serialized) { // _CRS: Current Resource Settings
 /*
  * Container devices with _DMA must have _CRS, meaning SCB0
  * to provide all resources that XHC0 consumes (except
@@ -57,15 +64,15 @@ Device (SCB0) {
 Add (MMBE, XHCI_REG_LENGTH - 1, MMBE)
 Add (MMLE, XHCI_REG_LENGTH - 1, MMLE)
 Return (RBUF)
-}
+  }
 
-Name (_DMA, ResourceTemplate() {
+  Name (_DMA, ResourceTemplate() {
 /*
  * XHC0 is limited to DMA to first 3GB. Note this
  * only applies to PCIe, not GENET or other devices
  * next to the A72.
  */
-QWordMemory (ResourceConsumer,
+QWordMemory (ResourceProducer,
 ,
 MinFixed,
 MaxFixed,
@@ -79,10 +86,10 @@ Device (SCB0) {
 ,
 ,
 )
-})
+  })
 
-Device (XHC0)
-{
+  Device (XHC0)
+  {
 Name (_HID, "PNP0D10")  // _HID: Hardware ID
 Name (_UID, 0x0)// _UID: Unique ID
 Name (_CCA, 0x0)// _CCA: Cache Coherency Attribute
@@ -131,5 +138,7 @@ Device (SCB0) {
 Debug = "xHCI enable"
 Store (0x6, CMND)
 }
-}
-}
+  } // end XHC0
+} //end SCB0
+  } //end scope sb
+} //end definition block
diff --git a/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxe.c 
b/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxe.c
index 87f6b4e7bb..7c5786303d 100644
--- a/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxe.c
+++ b/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxe.c
@@ -814,6 +814,14 @@ STATIC CONST NAMESPACE_TABLES SdtTables[] = {
 PcdToken(PcdSdIsArasan),
 SsdtEmmcNameOpReplace
   },
+#if (RPI_MODEL == 4)
+  {
+SIGNATURE_64 ('R', 'P', 'I', '4', 'X', 'H', 'C', 'I'),
+0,
+PcdToken(PcdXhciPci),
+NULL
+  },
+#endif
   { // DSDT
 SIGNATURE_64 ('R', 'P', 'I', 0, 0, 0, 0, 0),
 0,
-- 
2.13.7



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#79007): https://edk2.groups.io/g/devel/message/79007
Mute This Topic: https://groups.io/mt/84786150/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v2 1/6] Platform/RaspberryPi: Add XHCI/PCI selection menu

[Jeremy Linton]

Arm has standardized a PCI SMC conduit that can be used
to access the PCI config space in a standardized way. This
functionality doesn't yet exist in many OS/Distro's. Lets
add another advanced config item that allows the user
to toggle between presenting the XHCI on the base RPi4
as a platform device, or presenting this newer PCIe
conduit. The CM4 doesn't have an attached XHCI controller
soldered to the PCIe, so PCIe mode is the default.

Signed-off-by: Jeremy Linton 
---
 Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxe.c | 42 ++
 .../RaspberryPi/Drivers/ConfigDxe/ConfigDxe.inf|  1 +
 .../RaspberryPi/Drivers/ConfigDxe/ConfigDxeHii.uni |  5 +++
 .../RaspberryPi/Drivers/ConfigDxe/ConfigDxeHii.vfr | 17 +
 Platform/RaspberryPi/Include/ConfigVars.h  |  4 +++
 Platform/RaspberryPi/RPi3/RPi3.dsc |  6 
 Platform/RaspberryPi/RPi4/RPi4.dsc |  8 +
 Platform/RaspberryPi/RaspberryPi.dec   |  1 +
 8 files changed, 84 insertions(+)

diff --git a/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxe.c 
b/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxe.c
index 9e78cb47ad..87f6b4e7bb 100644
--- a/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxe.c
+++ b/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxe.c
@@ -43,6 +43,7 @@ extern UINT8 ConfigDxeStrings[];
 STATIC RASPBERRY_PI_FIRMWARE_PROTOCOL *mFwProtocol;
 STATIC UINT32 mModelFamily = 0;
 STATIC UINT32 mModelInstalledMB = 0;
+STATIC UINT32 mModelRevision = 0;
 
 STATIC EFI_MAC_ADDRESS  mMacAddress;
 
@@ -271,6 +272,40 @@ SetupVariables (
 ASSERT_EFI_ERROR (Status);
   }
 
+  if (mModelFamily >= 4) {
+if (((mModelRevision >> 4) & 0xFF) == 0x14) {
+  /*
+   * Enable PCIe by default on CM4
+   */
+  Status = PcdSet32S (PcdXhciPci, 2);
+  ASSERT_EFI_ERROR (Status);
+} else {
+  Size = sizeof (UINT32);
+  Status = gRT->GetVariable (L"XhciPci",
+ ,
+ NULL, , );
+  if (EFI_ERROR (Status) || (Var32 == 0)) {
+/*
+ * Enable XHCI by default
+ */
+Status = PcdSet32S (PcdXhciPci, 0);
+ASSERT_EFI_ERROR (Status);
+  } else {
+/* 
+ * Enable PCIe
+ */
+Status = PcdSet32S (PcdXhciPci, 1);
+ASSERT_EFI_ERROR (Status);
+  }
+}
+  } else {
+/* 
+ * Disable PCIe and XHCI
+ */
+Status = PcdSet32S (PcdXhciPci, 0);
+ASSERT_EFI_ERROR (Status);
+  }
+
   Size = sizeof (AssetTagVar);
   Status = gRT->GetVariable (L"AssetTag",
   ,
@@ -888,6 +923,13 @@ ConfigInitialize (
 DEBUG ((DEBUG_INFO, "Current Raspberry Pi installed RAM size is %d MB\n", 
mModelInstalledMB));
   }
 
+  Status = mFwProtocol->GetModelRevision ();
+  if (Status != EFI_SUCCESS) {
+DEBUG ((DEBUG_ERROR, "Couldn't get the Raspberry Pi revision: %r\n", 
Status));
+  } else {
+DEBUG ((DEBUG_INFO, "Current Raspberry Pi revision %x\n", mModelRevision));
+  }
+
   Status = SetupVariables ();
   if (Status != EFI_SUCCESS) {
 DEBUG ((DEBUG_ERROR, "Couldn't not setup NV vars: %r\n", Status));
diff --git a/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxe.inf 
b/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxe.inf
index 4bb2d08550..e6e22ad82e 100644
--- a/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxe.inf
+++ b/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxe.inf
@@ -94,6 +94,7 @@
   gRaspberryPiTokenSpaceGuid.PcdFanOnGpio
   gRaspberryPiTokenSpaceGuid.PcdFanTemp
   gRaspberryPiTokenSpaceGuid.PcdUartInUse
+  gRaspberryPiTokenSpaceGuid.PcdXhciPci
 
 [Depex]
   gPcdProtocolGuid AND gRaspberryPiFirmwareProtocolGuid
diff --git a/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxeHii.uni 
b/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxeHii.uni
index 466fa852cb..5ec17072c3 100644
--- a/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxeHii.uni
+++ b/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxeHii.uni
@@ -57,6 +57,11 @@
 #string STR_ADVANCED_FANTEMP_PROMPT   #language en-US "ACPI fan temperature"
 #string STR_ADVANCED_FANTEMP_HELP #language en-US "Cycle a fan at C"
 
+#string STR_ADVANCED_XHCIPCI_PROMPT   #language en-US "ACPI XHCI/PCIe"
+#string STR_ADVANCED_XHCIPCI_HELP #language en-US "OS sees XHCI USB 
platform device or PCIe bridge"
+#string STR_ADVANCED_XHCIPCI_XHCI #language en-US "XHCI"
+#string STR_ADVANCED_XHCIPCI_PCIE #language en-US "PCIe"
+
 #string STR_ADVANCED_ASSET_TAG_PROMPT #language en-US "Asset Tag"
 #string STR_ADVANCED_ASSET_TAG_HELP   #language en-US "Set the system Asset 
Tag"
 
diff --git a/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxeHii.vfr 
b/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxeHii.vfr
index fa34eab809..18b3ec726e 100644
--- a/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxeHii.vfr
+++ b/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxeHii.vfr
@@ -56,6 +56,11 @@ formset
   name  = FanTemp,
   guid  = CONFIGDXE_FORM_SET_GUID;
 
+efivarstore 

[edk2-devel] [PATCH v2 0/6] RPi4: Enable ACPI PCIe conduit

[Jeremy Linton]

A new Arm standard DEN0115A specifies how
platforms that don't have standard ECAM can
use the firmware to handle config read/write
operations. This is mostly implemented in TFA
but UEFI needs to assure that there is a
description of the root complex in the ACPI
namespace.

This set adds that description based on
a new menu item which toggles between XHCI
platform description and PCIe via a BDS
menu selection on the RPi4. The CM4 is really
the platform that needs this as it has a PCIe
slot. On that platform PCIe is enabled by default.

v1->v2:
Use global shared interrupts in PCI PRT
which is a pretty significant
simplification.
Modify bus max to use the secondary side
of the root port for enforcing device
limits
Various other AML cleanups per Ard (drop
redundant _DMA, bump UID to make it
unique, etc)
Break link status move into its own patch
MADT->MCFG typos in various comments
Commit message tweaking

Jeremy Linton (6):
  Platform/RaspberryPi: Add XHCI/PCI selection menu
  Platform/RaspberryPi: Break XHCI into its own SSDT
  Platform/RaspberryPi: Add PCIe SSDT
  Silicon/Broadcom/Bcm27xx: Relax PCIe device restriction
  Silicon/Broadcom/Bcm27xx: Move linkup check into the cfg accessor
  Platform/RaspberryPi: Enable NVMe boot on CM4

 Platform/RaspberryPi/AcpiTables/AcpiTables.inf |   4 +
 Platform/RaspberryPi/AcpiTables/Dsdt.asl   |   3 -
 Platform/RaspberryPi/AcpiTables/Pci.asl| 209 +
 Platform/RaspberryPi/AcpiTables/Xhci.asl   |  35 ++--
 Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxe.c |  56 ++
 .../RaspberryPi/Drivers/ConfigDxe/ConfigDxe.inf|   1 +
 .../RaspberryPi/Drivers/ConfigDxe/ConfigDxeHii.uni |   5 +
 .../RaspberryPi/Drivers/ConfigDxe/ConfigDxeHii.vfr |  17 ++
 Platform/RaspberryPi/Include/ConfigVars.h  |   4 +
 Platform/RaspberryPi/RPi3/RPi3.dsc |   6 +
 Platform/RaspberryPi/RPi4/RPi4.dsc |  13 ++
 Platform/RaspberryPi/RPi4/RPi4.fdf |   5 +
 Platform/RaspberryPi/RaspberryPi.dec   |   1 +
 .../Bcm2711PciHostBridgeLibConstructor.c   |   5 -
 .../Library/Bcm2711PciSegmentLib/PciSegmentLib.c   |  28 ++-
 15 files changed, 364 insertions(+), 28 deletions(-)
 create mode 100644 Platform/RaspberryPi/AcpiTables/Pci.asl

-- 
2.13.7



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#79005): https://edk2.groups.io/g/devel/message/79005
Mute This Topic: https://groups.io/mt/84786148/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] Cancelled Event: TianoCore Bug Triage - APAC / NAMO - Tuesday, August 10, 2021 #cal-cancelled

[devel@edk2.groups.io Calendar]

BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Groups.io Inc//Groups.io Calendar//EN
METHOD:CANCELLED
CALSCALE:GREGORIAN
BEGIN:VTIMEZONE
TZID:America/Los_Angeles
LAST-MODIFIED:20201011T015911Z
TZURL:http://tzurl.org/zoneinfo-outlook/America/Los_Angeles
X-LIC-LOCATION:America/Los_Angeles
BEGIN:DAYLIGHT
TZNAME:PDT
TZOFFSETFROM:-0800
TZOFFSETTO:-0700
DTSTART:19700308T02
RRULE:FREQ=YEARLY;BYMONTH=3;BYDAY=2SU
END:DAYLIGHT
BEGIN:STANDARD
TZNAME:PST
TZOFFSETFROM:-0700
TZOFFSETTO:-0800
DTSTART:19701101T02
RRULE:FREQ=YEARLY;BYMONTH=11;BYDAY=1SU
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
X-GIOIDS:Event:1083751 
UID:mlda.1580078539586725120.r...@groups.io
DTSTAMP:20210810T025149Z
ORGANIZER;CN=Liming Gao:mailto:gaolim...@byosoft.com.cn
DTSTART:20210811T013000Z
DTEND:20210811T023000Z
SUMMARY:TianoCore Bug Triage - APAC / NAMO
DESCRIPTION:TianoCore Bug Triage - APAC / NAMO\n\nHosted by Liming Gao\n\
 n
 \n\nMicrosoft Teams meeting\n\n*Join on your computer or mobile a
 pp*\n\nClick here to join the meeting ( https://teams.microsoft.com/l/mee
 tup-join/19%3ameeting_OTUyZTg2NjgtNDhlNS00ODVlLTllYTUtYzg1OTNjNjdiZjFh%40
 thread.v2/0?context=%7b%22Tid%22%3a%2246c98d88-e344-4ed4-8496-4ed7712e255
 d%22%2c%22Oid%22%3a%22b286b53a-1218-4db3-bfc9-3d4c5aa7669e%22%7d )\n\n*Jo
 in with a video conferencing device*\n\nte...@conf.intel.com\n\nVideo Con
 ference ID: 116 062 094 0\n\nAlternate VTC dialing instructions ( https:/
 /conf.intel.com/teams/?conf=1160620940=teams=conf.intel.com=te
 st_call )\n\n*Or call in (audio only)*\n\n+1 916-245-6934\,\,77463821# ( 
 tel:+19162456934\,\,77463821# ) United States\, Sacramento\n\nPhone Confe
 rence ID: 774 638 21#\n\nFind a local number ( https://dialin.teams.micro
 soft.com/d195d438-2daa-420e-b9ea-da26f9d1d6d5?id=77463821 ) | Reset PIN (
  https://mysettings.lync.com/pstnconferencing )\n\nLearn More ( https://a
 ka.ms/JoinTeamsMeeting ) | Meeting options ( https://teams.microsoft.com/
 meetingOptions/?organizerId=b286b53a-1218-4db3-bfc9-3d4c5aa7669e
 =46c98d88-e344-4ed4-8496-4ed7712e255d=19_meeting_OTUyZTg2NjgtNDh
 lNS00ODVlLTllYTUtYzg1OTNjNjdiZjFh@thread.v2=0=en-US )
LOCATION:https://teams.microsoft.com/l/meetup-join/19%3ameeting_OTUyZTg2N
 jgtNDhlNS00ODVlLTllYTUtYzg1OTNjNjdiZjFh%40thread.v2/0?context=%7b%22Tid%2
 2%3a%2246c98d88-e344-4ed4-8496-4ed7712e255d%22%2c%22Oid%22%3a%22b286b53a-
 1218-4db3-bfc9-3d4c5aa7669e%22%7d
SEQUENCE:999
STATUS:CANCELLED
END:VEVENT
END:VCALENDAR


invite.ics
Description: application/ics

回复: [edk2-devel] Event: TianoCore Bug Triage - APAC / NAMO - 08/10/2021 #cal-reminder

[gaoliming]

Hi, all

 Few issues are submitted this week. Let’s cancel this week meeting. 

 


  3542

EDK2

Code

unassig...@tianocore.org

UNCO

[MdePkg/BaseLib] Unaligned APIs cannot be called safely 
 

16:55:31

mhaeu...@posteo.de


  3528

EDK2

Code

unassig...@tianocore.org

UNCO

Add SMM NV variable support in universal UEFI payload 
 

Thu 00:14

guo.d...@intel.com


  3525

EDK2

Code

unassig...@tianocore.org

UNCO

FSP NotifyPhase APIs caused 100ms delay in chrome platform. 
 

2021-08-04

gregx@intel.com


  3524

Tianocor

Code

unassig...@tianocore.org

UNCO

Update Openssl to the latest version 1.1.1k 
 

2021-08-03

gaolim...@byosoft.com.cn

 

Thanks

Liming

发件人: devel@edk2.groups.io  代表 devel@edk2.groups.io 
Calendar
发送时间: 2021年8月10日 9:30
收件人: devel@edk2.groups.io
主题: [edk2-devel] Event: TianoCore Bug Triage - APAC / NAMO - 08/10/2021 
#cal-reminder

 

Reminder: TianoCore Bug Triage - APAC / NAMO 

When:
08/10/2021
6:30pm to 7:30pm
(UTC-07:00) America/Los Angeles 

Where:
https://teams.microsoft.com/l/meetup-join/19%3ameeting_OTUyZTg2NjgtNDhlNS00ODVlLTllYTUtYzg1OTNjNjdiZjFh%40thread.v2/0?context=%7b%22Tid%22%3a%2246c98d88-e344-4ed4-8496-4ed7712e255d%22%2c%22Oid%22%3a%22b286b53a-1218-4db3-bfc9-3d4c5aa7669e%22%7d
 

Organizer: Liming Gao gaolim...@byosoft.com.cn 

  

View Event  

Description:

TianoCore Bug Triage - APAC / NAMO

Hosted by Liming Gao

 


 

Microsoft Teams meeting 

Join on your computer or mobile app 

 

 Click here to join the meeting 

Join with a video conferencing device 

te...@conf.intel.com   

Video Conference ID: 116 062 094 0 

 

 Alternate VTC dialing instructions 

Or call in (audio only) 

  +1 916-245-6934,,77463821#   United States, 
Sacramento 

Phone Conference ID: 774 638 21# 

 

 Find a local number |   Reset 
PIN 

  Learn More |  

 Meeting options 





-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#79003): https://edk2.groups.io/g/devel/message/79003
Mute This Topic: https://groups.io/mt/84785534/21656
Mute #cal-reminder:https://edk2.groups.io/g/devel/mutehashtag/cal-reminder
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v2 1/1] MdeModulePkg/PiSmmCore: Drop deprecated image profiling commands

[Ni, Ray]

Thank you very much!!

Reviewed-by: Ray Ni 

I will merge your patches after stable tag release.

> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of Marvin Häuser
> Sent: Monday, August 9, 2021 2:09 PM
> To: devel@edk2.groups.io
> Cc: Wang, Jian J ; Wu, Hao A ; 
> Dong, Eric ; Ni, Ray
> ; Vitaly Cheptsov 
> Subject: [edk2-devel] [PATCH v2 1/1] MdeModulePkg/PiSmmCore: Drop deprecated 
> image profiling commands
> 
> The legacy codebase allowed SMM images to be registered for profiling
> from DXE. Support for this has been dropped entirely, so remove the
> remaining handlers.
> 
> Cc: Jian J Wang 
> Cc: Hao A Wu 
> Cc: Eric Dong 
> Cc: Ray Ni 
> Cc: Vitaly Cheptsov 
> Signed-off-by: Marvin Häuser 
> ---
>  MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c | 89 ++--
>  MdeModulePkg/Include/Guid/MemoryProfile.h|  6 +-
>  2 files changed, 12 insertions(+), 83 deletions(-)
> 
> diff --git a/MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c
> b/MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c
> index 1b302c810cc9..9d6e3bf27aca 100644
> --- a/MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c
> +++ b/MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c
> @@ -2232,64 +2232,6 @@ Done:
>mSmramProfileGettingStatus = SmramProfileGettingStatus;
> 
>  }
> 
> 
> 
> -/**
> 
> -  SMRAM profile handler to register SMM image.
> 
> -
> 
> -  @param SmramProfileParameterRegisterImage The parameter of SMM profile 
> register image.
> 
> -
> 
> -**/
> 
> -VOID
> 
> -SmramProfileHandlerRegisterImage (
> 
> -  IN SMRAM_PROFILE_PARAMETER_REGISTER_IMAGE 
> *SmramProfileParameterRegisterImage
> 
> -  )
> 
> -{
> 
> -  EFI_STATUSStatus;
> 
> -  EFI_SMM_DRIVER_ENTRY  DriverEntry;
> 
> -  VOID  *EntryPointInImage;
> 
> -
> 
> -  ZeroMem (, sizeof (DriverEntry));
> 
> -  CopyMem (, 
> >FileName, sizeof(EFI_GUID));
> 
> -  DriverEntry.ImageBuffer = SmramProfileParameterRegisterImage->ImageBuffer;
> 
> -  DriverEntry.NumberOfPage = (UINTN) 
> SmramProfileParameterRegisterImage->NumberOfPage;
> 
> -  Status = InternalPeCoffGetEntryPoint ((VOID *) (UINTN) 
> DriverEntry.ImageBuffer, );
> 
> -  ASSERT_EFI_ERROR (Status);
> 
> -  DriverEntry.ImageEntryPoint = (PHYSICAL_ADDRESS) (UINTN) EntryPointInImage;
> 
> -
> 
> -  Status = RegisterSmramProfileImage (, FALSE);
> 
> -  if (!EFI_ERROR (Status)) {
> 
> -SmramProfileParameterRegisterImage->Header.ReturnStatus = 0;
> 
> -  }
> 
> -}
> 
> -
> 
> -/**
> 
> -  SMRAM profile handler to unregister SMM image.
> 
> -
> 
> -  @param SmramProfileParameterUnregisterImage The parameter of SMM profile 
> unregister image.
> 
> -
> 
> -**/
> 
> -VOID
> 
> -SmramProfileHandlerUnregisterImage (
> 
> -  IN SMRAM_PROFILE_PARAMETER_UNREGISTER_IMAGE 
> *SmramProfileParameterUnregisterImage
> 
> -  )
> 
> -{
> 
> -  EFI_STATUSStatus;
> 
> -  EFI_SMM_DRIVER_ENTRY  DriverEntry;
> 
> -  VOID  *EntryPointInImage;
> 
> -
> 
> -  ZeroMem (, sizeof (DriverEntry));
> 
> -  CopyMem (, 
> >FileName, sizeof (EFI_GUID));
> 
> -  DriverEntry.ImageBuffer = 
> SmramProfileParameterUnregisterImage->ImageBuffer;
> 
> -  DriverEntry.NumberOfPage = (UINTN) 
> SmramProfileParameterUnregisterImage->NumberOfPage;
> 
> -  Status = InternalPeCoffGetEntryPoint ((VOID *) (UINTN) 
> DriverEntry.ImageBuffer, );
> 
> -  ASSERT_EFI_ERROR (Status);
> 
> -  DriverEntry.ImageEntryPoint = (PHYSICAL_ADDRESS) (UINTN) EntryPointInImage;
> 
> -
> 
> -  Status = UnregisterSmramProfileImage (, FALSE);
> 
> -  if (!EFI_ERROR (Status)) {
> 
> -SmramProfileParameterUnregisterImage->Header.ReturnStatus = 0;
> 
> -  }
> 
> -}
> 
> -
> 
>  /**
> 
>Dispatch function for a Software SMI handler.
> 
> 
> 
> @@ -2374,28 +2316,6 @@ SmramProfileHandler (
>  }
> 
>  SmramProfileHandlerGetDataByOffset 
> ((SMRAM_PROFILE_PARAMETER_GET_PROFILE_DATA_BY_OFFSET *) (UINTN)
> CommBuffer);
> 
>  break;
> 
> -  case SMRAM_PROFILE_COMMAND_REGISTER_IMAGE:
> 
> -DEBUG ((EFI_D_ERROR, "SmramProfileHandlerRegisterImage\n"));
> 
> -if (TempCommBufferSize != sizeof 
> (SMRAM_PROFILE_PARAMETER_REGISTER_IMAGE)) {
> 
> -  DEBUG ((EFI_D_ERROR, "SmramProfileHandler: SMM communication buffer 
> size invalid!\n"));
> 
> -  return EFI_SUCCESS;
> 
> -}
> 
> -if (mSmramReadyToLock) {
> 
> -  return EFI_SUCCESS;
> 
> -}
> 
> -SmramProfileHandlerRegisterImage 
> ((SMRAM_PROFILE_PARAMETER_REGISTER_IMAGE *) (UINTN) CommBuffer);
> 
> -break;
> 
> -  case SMRAM_PROFILE_COMMAND_UNREGISTER_IMAGE:
> 
> -DEBUG ((EFI_D_ERROR, "SmramProfileHandlerUnregisterImage\n"));
> 
> -if (TempCommBufferSize != sizeof 
> (SMRAM_PROFILE_PARAMETER_UNREGISTER_IMAGE)) {
> 
> -  DEBUG ((EFI_D_ERROR, "SmramProfileHandler: SMM communication buffer 
> size invalid!\n"));
> 
> -  return EFI_SUCCESS;
> 
> -}
> 
> -if (mSmramReadyToLock) {
> 
> -  return EFI_SUCCESS;
> 
> 

Re: [edk2-devel] [PATCH v2 2/2] UefiCpuPkg/BaseUefiCpuLib: Use toolchain-specific rodata section name

[Ni, Ray]

Acked-by: Ray Ni 

I will depend on tool owner to review the tool configuration change making sure 
that the correct section name is chosen for different C compilers.

Thanks,
Ray

> -Original Message-
> From: Marvin Häuser 
> Sent: Monday, August 9, 2021 5:51 PM
> To: devel@edk2.groups.io
> Cc: Dong, Eric ; Ni, Ray ; Kumar, 
> Rahul1 ; Vitaly Cheptsov
> 
> Subject: [PATCH v2 2/2] UefiCpuPkg/BaseUefiCpuLib: Use toolchain-specific 
> rodata section name
> 
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3318
> 
> Correctly define the read-only data sections with the
> toolchain-specific section name. This hardens image permission
> security and may save image space.
> 
> Cc: Eric Dong 
> Cc: Ray Ni 
> Cc: Rahul Kumar 
> Cc: Vitaly Cheptsov 
> Signed-off-by: Marvin Häuser 
> ---
>  UefiCpuPkg/Library/BaseUefiCpuLib/Ia32/InitializeFpu.nasm | 2 +-
>  UefiCpuPkg/Library/BaseUefiCpuLib/X64/InitializeFpu.nasm  | 2 +-
>  2 files changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/UefiCpuPkg/Library/BaseUefiCpuLib/Ia32/InitializeFpu.nasm
> b/UefiCpuPkg/Library/BaseUefiCpuLib/Ia32/InitializeFpu.nasm
> index 5e27cc325012..cfb8bf4a5ae0 100644
> --- a/UefiCpuPkg/Library/BaseUefiCpuLib/Ia32/InitializeFpu.nasm
> +++ b/UefiCpuPkg/Library/BaseUefiCpuLib/Ia32/InitializeFpu.nasm
> @@ -6,7 +6,7 @@
>  ;*
> 
>  
> ;--
> 
> 
> 
> -SECTION .rodata
> 
> +SECTION RODATA_SECTION_NAME
> 
> 
> 
>  ;
> 
>  ; Float control word initial value:
> 
> diff --git a/UefiCpuPkg/Library/BaseUefiCpuLib/X64/InitializeFpu.nasm
> b/UefiCpuPkg/Library/BaseUefiCpuLib/X64/InitializeFpu.nasm
> index 8485b4713548..3c976a21e391 100644
> --- a/UefiCpuPkg/Library/BaseUefiCpuLib/X64/InitializeFpu.nasm
> +++ b/UefiCpuPkg/Library/BaseUefiCpuLib/X64/InitializeFpu.nasm
> @@ -6,7 +6,7 @@
>  ;*
> 
>  
> ;--
> 
> 
> 
> -SECTION .rodata
> 
> +SECTION RODATA_SECTION_NAME
> 
>  ;
> 
>  ; Float control word initial value:
> 
>  ; all exceptions masked, double-extended-precision, round-to-nearest
> 
> --
> 2.31.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#79001): https://edk2.groups.io/g/devel/message/79001
Mute This Topic: https://groups.io/mt/84764907/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [edk2-platforms][PATCH v1 1/1] IntelSiliconPkg: Add BaseSmmAccessLibNull

[Ni, Ray]

Michael,
If your platform doesn't need SmmAccessPPI, you don't put the SmmAccess PEIM in 
the FDF.
Why do you need:
1. Put SmmAccess PEIM in FDF
2. Let SmmAccess PEIM link to a NULL dummy-do-nothing library

I feel the additional abstraction is not necessary.

Thanks,
Ray

> -Original Message-
> From: mikub...@linux.microsoft.com 
> Sent: Monday, August 9, 2021 10:16 PM
> To: devel@edk2.groups.io
> Cc: Ni, Ray ; Chaganty, Rangasai V 
> 
> Subject: [edk2-platforms][PATCH v1 1/1] IntelSiliconPkg: Add 
> BaseSmmAccessLibNull
> 
> From: Michael Kubacki 
> 
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3540
> 
> Adds a NULL instance of SmmAccessLib.
> 
> Cc: Ray Ni 
> Cc: Rangasai V Chaganty 
> Signed-off-by: Michael Kubacki 
> ---
>  
> Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/BaseSmmAccessLibNull/BaseSmmAccessLibNull.c
>| 33
> 
>  
> Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/BaseSmmAccessLibNull/BaseSmmAccessLibNull.inf
>  | 26
> +++
>  Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dsc
>  |  1 +
>  3 files changed, 60 insertions(+)
> 
> diff --git 
> a/Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/BaseSmmAccessLibNull/BaseSmmAccessLibNull.c
> b/Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/BaseSmmAccessLibNull/BaseSmmAccessLibNull.c
> new file mode 100644
> index ..f5ad306b380b
> --- /dev/null
> +++ 
> b/Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/BaseSmmAccessLibNull/BaseSmmAccessLibNull.c
> @@ -0,0 +1,33 @@
> +/** @file
> +  A NULL library instance of SmmAccessLib.
> +
> +  Copyright (c) 2019 - 2020, Intel Corporation. All rights reserved.
> +  Copyright (c) Microsoft Corporation.
> +
> +  SPDX-License-Identifier: BSD-2-Clause-Patent
> +
> +**/
> +
> +#include 
> +#include 
> +#include 
> +
> +/**
> +  This function is to install an SMM Access PPI
> +
> +  @retval EFI_SUCCESS   - Ppi successfully started and installed.
> +  @retval EFI_NOT_FOUND - Ppi can't be found.
> +  @retval EFI_OUT_OF_RESOURCES  - Ppi does not have enough resources to 
> initialize the driver.
> +  @retval EFI_UNSUPPORTED   - The PPI was not installed and installation 
> is unsupported in
> +  this instance of function implementation.
> +
> +**/
> +EFI_STATUS
> +EFIAPI
> +PeiInstallSmmAccessPpi (
> +  VOID
> +  )
> +{
> +  ASSERT (FALSE);
> +  return EFI_UNSUPPORTED;
> +}
> diff --git 
> a/Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/BaseSmmAccessLibNull/BaseSmmAccessLibNull.inf
> b/Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/BaseSmmAccessLibNull/BaseSmmAccessLibNull.inf
> new file mode 100644
> index ..7fd3b0b89655
> --- /dev/null
> +++ 
> b/Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/BaseSmmAccessLibNull/BaseSmmAccessLibNull.inf
> @@ -0,0 +1,26 @@
> +## @file
> +# A NULL library instance of SmmAccessLib.
> +#
> +# Copyright (c) 2019, Intel Corporation. All rights reserved.
> +# Copyright (c) Microsoft Corporation.
> +# SPDX-License-Identifier: BSD-2-Clause-Patent
> +#
> +##
> +
> +[Defines]
> +INF_VERSION = 0x00010017
> +BASE_NAME   = BaseSmmAccessLibNull
> +FILE_GUID   = C1A14AB6-B757-4046-9B92-9DCE1A2154C6
> +VERSION_STRING  = 1.0
> +MODULE_TYPE = BASE
> +LIBRARY_CLASS   = SmmAccessLib
> +
> +[Packages]
> +  MdePkg/MdePkg.dec
> +  IntelSiliconPkg/IntelSiliconPkg.dec
> +
> +[LibraryClasses]
> +  DebugLib
> +
> +[Sources]
> +  BaseSmmAccessLibNull.c
> diff --git a/Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dsc 
> b/Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dsc
> index 1092371d848e..dd0928ec58f3 100644
> --- a/Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dsc
> +++ b/Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dsc
> @@ -90,6 +90,7 @@ [Components]
>IntelSiliconPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdateDxe.inf
>
> IntelSiliconPkg/Feature/Capsule/Library/MicrocodeFlashAccessLibNull/MicrocodeFlashAccessLibNull.inf
>IntelSiliconPkg/Feature/ShadowMicrocode/ShadowMicrocodePei.inf
> +  
> IntelSiliconPkg/Feature/SmmAccess/Library/BaseSmmAccessLibNull/BaseSmmAccessLibNull.inf
>IntelSiliconPkg/Library/PeiDxeSmmBootMediaLib/PeiFirmwareBootMediaLib.inf
>
> IntelSiliconPkg/Library/PeiDxeSmmBootMediaLib/DxeSmmFirmwareBootMediaLib.inf
>IntelSiliconPkg/Library/DxeAslUpdateLib/DxeAslUpdateLib.inf
> --
> 2.28.0.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#79000): https://edk2.groups.io/g/devel/message/79000
Mute This Topic: https://groups.io/mt/84769134/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [edk2-platforms][PATCH v1 1/1] IntelSiliconPkg/PeiSmmAccessLib: Remove S3 requirement

[Ni, Ray]

Michael,
Allowing the gPeiSmmAccessPpiGuid PPI installation in normal boot will further 
allow gEfiPeiSmmCommunicationPpiGuid
installation in normal path, while without your change neither of the PPIs is 
installed in normal boot.

+ Jiewen for potential security concern.

Thanks,
Ray

> -Original Message-
> From: Chaganty, Rangasai V 
> Sent: Tuesday, August 10, 2021 6:46 AM
> To: mikub...@linux.microsoft.com; devel@edk2.groups.io
> Cc: Ni, Ray 
> Subject: RE: [edk2-platforms][PATCH v1 1/1] IntelSiliconPkg/PeiSmmAccessLib: 
> Remove S3 requirement
> 
> Reviewed-by: Sai Chaganty 
> 
> -Original Message-
> From: mikub...@linux.microsoft.com 
> Sent: Monday, August 09, 2021 6:40 AM
> To: devel@edk2.groups.io
> Cc: Ni, Ray ; Chaganty, Rangasai V 
> 
> Subject: [edk2-platforms][PATCH v1 1/1] IntelSiliconPkg/PeiSmmAccessLib: 
> Remove S3 requirement
> 
> From: Michael Kubacki 
> 
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3539
> 
> PeiInstallSmmAccessPpi() currently requires the boot mode be set to S3 to 
> actually install gEfiPeiMmAccessPpiGuid.
> 
> This change removes this requirement in the function implementation for two 
> reasons:
> 
> 1. Practical use cases exist to require this PPI in cases other than
>the boot mode being set to BOOT_ON_S3_RESUME.
> 
> 2. It is poor API design to implicitly bury this requirement within
>a function whose responsibility is to install the PPI. The caller
>can easily place arbitrary constraints around whether to call
>based on conditions such as the boot mode being
>BOOT_ON_S3_RESUME.
> 
> Cc: Ray Ni 
> Cc: Rangasai V Chaganty 
> Signed-off-by: Michael Kubacki 
> ---
>  
> Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/PeiSmmAccessLib/PeiSmmAccessLib.c
>  | 12 
>  1 file changed, 12 deletions(-)
> 
> diff --git 
> a/Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/PeiSmmAccessLib/PeiSmmAccessLib.c
> b/Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/PeiSmmAccessLib/PeiSmmAccessLib.c
> index d9bf4fba983e..4df0d695fdaf 100644
> --- 
> a/Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/PeiSmmAccessLib/PeiSmmAccessLib.c
> +++ b/Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/PeiSmmAcce
> +++ ssLib/PeiSmmAccessLib.c
> @@ -252,19 +252,7 @@ PeiInstallSmmAccessPpi (
>EFI_SMRAM_HOB_DESCRIPTOR_BLOCK  *DescriptorBlock;
>SMM_ACCESS_PRIVATE_DATA *SmmAccessPrivate;
>VOID*HobList;
> -  EFI_BOOT_MODE   BootMode;
> 
> -  Status = PeiServicesGetBootMode ();
> -  if (EFI_ERROR (Status)) {
> -//
> -// If not in S3 boot path. do nothing
> -//
> -return EFI_SUCCESS;
> -  }
> -
> -  if (BootMode != BOOT_ON_S3_RESUME) {
> -return EFI_SUCCESS;
> -  }
>//
>// Initialize private data
>//
> --
> 2.28.0.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78999): https://edk2.groups.io/g/devel/message/78999
Mute This Topic: https://groups.io/mt/84768258/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] Event: TianoCore Bug Triage - APAC / NAMO - 08/10/2021 #cal-reminder

[devel@edk2.groups.io Calendar]

BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Groups.io Inc//Groups.io Calendar//EN
METHOD:PUBLISH
CALSCALE:GREGORIAN
BEGIN:VTIMEZONE
TZID:America/Los_Angeles
LAST-MODIFIED:20201011T015911Z
TZURL:http://tzurl.org/zoneinfo-outlook/America/Los_Angeles
X-LIC-LOCATION:America/Los_Angeles
BEGIN:DAYLIGHT
TZNAME:PDT
TZOFFSETFROM:-0800
TZOFFSETTO:-0700
DTSTART:19700308T02
RRULE:FREQ=YEARLY;BYMONTH=3;BYDAY=2SU
END:DAYLIGHT
BEGIN:STANDARD
TZNAME:PST
TZOFFSETFROM:-0700
TZOFFSETTO:-0800
DTSTART:19701101T02
RRULE:FREQ=YEARLY;BYMONTH=11;BYDAY=1SU
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
X-GIOIDS:Event:1083751 
UID:mlda.1580078539586725120.r...@groups.io
DTSTAMP:20210810T013002Z
ORGANIZER;CN=Liming Gao:mailto:gaolim...@byosoft.com.cn
DTSTART:20210811T013000Z
DTEND:20210811T023000Z
SUMMARY:TianoCore Bug Triage - APAC / NAMO
DESCRIPTION:TianoCore Bug Triage - APAC / NAMO\n\nHosted by Liming Gao\n\
 n
 \n\nMicrosoft Teams meeting\n\n*Join on your computer or mobile a
 pp*\n\nClick here to join the meeting ( https://teams.microsoft.com/l/mee
 tup-join/19%3ameeting_OTUyZTg2NjgtNDhlNS00ODVlLTllYTUtYzg1OTNjNjdiZjFh%40
 thread.v2/0?context=%7b%22Tid%22%3a%2246c98d88-e344-4ed4-8496-4ed7712e255
 d%22%2c%22Oid%22%3a%22b286b53a-1218-4db3-bfc9-3d4c5aa7669e%22%7d )\n\n*Jo
 in with a video conferencing device*\n\nte...@conf.intel.com\n\nVideo Con
 ference ID: 116 062 094 0\n\nAlternate VTC dialing instructions ( https:/
 /conf.intel.com/teams/?conf=1160620940=teams=conf.intel.com=te
 st_call )\n\n*Or call in (audio only)*\n\n+1 916-245-6934\,\,77463821# ( 
 tel:+19162456934\,\,77463821# ) United States\, Sacramento\n\nPhone Confe
 rence ID: 774 638 21#\n\nFind a local number ( https://dialin.teams.micro
 soft.com/d195d438-2daa-420e-b9ea-da26f9d1d6d5?id=77463821 ) | Reset PIN (
  https://mysettings.lync.com/pstnconferencing )\n\nLearn More ( https://a
 ka.ms/JoinTeamsMeeting ) | Meeting options ( https://teams.microsoft.com/
 meetingOptions/?organizerId=b286b53a-1218-4db3-bfc9-3d4c5aa7669e
 =46c98d88-e344-4ed4-8496-4ed7712e255d=19_meeting_OTUyZTg2NjgtNDh
 lNS00ODVlLTllYTUtYzg1OTNjNjdiZjFh@thread.v2=0=en-US )
LOCATION:https://teams.microsoft.com/l/meetup-join/19%3ameeting_OTUyZTg2N
 jgtNDhlNS00ODVlLTllYTUtYzg1OTNjNjdiZjFh%40thread.v2/0?context=%7b%22Tid%2
 2%3a%2246c98d88-e344-4ed4-8496-4ed7712e255d%22%2c%22Oid%22%3a%22b286b53a-
 1218-4db3-bfc9-3d4c5aa7669e%22%7d
SEQUENCE:0
END:VEVENT
END:VCALENDAR


invite.ics
Description: application/ics

Re: [edk2-devel] [Patch V2] MinPlatformPkg: Fix the incompatible change about SecureBootVariableLib

[Chiu, Chasel]

Reviewed-by: Chasel Chiu 

> -Original Message-
> From: Tan, Dun 
> Sent: Monday, August 9, 2021 11:00 PM
> To: devel@edk2.groups.io
> Cc: Chiu, Chasel ; Desimone, Nathaniel L
> ; Liming Gao ;
> Dong, Eric ; Tan, Dun 
> Subject: [Patch V2] MinPlatformPkg: Fix the incompatible change about
> SecureBootVariableLib
> 
> V1: The newly created lib will be consumed by SecureBootConfigDxe.inf in
> CoreDxeInclude.dsc
> V2: Add SecureBootVariableProvisionLib in CoreDxeInclude.dsc
> 
> Cc: Chasel Chiu 
> Cc: Nate DeSimone 
> Cc: Liming Gao 
> Cc: Eric Dong 
> Signed-off-by: DunTan 
> ---
>  Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc
> b/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc
> index b154f9615d..c3d05fc913 100644
> --- a/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc
> +++ b/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc
> @@ -139,6 +139,8 @@
> 
>  !if gMinPlatformPkgTokenSpaceGuid.PcdUefiSecureBootEnable == TRUE
>AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
> +
> + SecureBootVariableLib|SecurityPkg/Library/SecureBootVariableLib/Secure
> + BootVariableLib.inf
> + SecureBootVariableProvisionLib|SecurityPkg/Library/SecureBootVariableP
> + rovisionLib/SecureBootVariableProvisionLib.inf
>  !endif
> 
>SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf
> --
> 2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78997): https://edk2.groups.io/g/devel/message/78997
Mute This Topic: https://groups.io/mt/84770226/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 1/1] OvmfPkg PlatformBootManagerLib: Move TryRunningQemuKernel()

[Christoph Willing]

On 10/8/21 12:52 am, James Bottomley wrote:
> On Mon, 2021-08-09 at 22:53 +1000, Christoph Willing wrote:
>> With soft feature freeze started, I wonder if this patch could be
>> reviewed and pushed for edk2-stable202108 tag? I think it has
>> languished because I didn't initially Cc appropriately - pls add
>> others as necessary.
>>
>> This patch is a trivial (I think) change which fixes a long standing
>> and annoying bug for those booting Qemu with UEFI using external
>> kernel & initrd.
> 
> I'm with Ard on this one: -kernel is working just fine for me and the
> team at IBM working on Kata containers.  It sounds like this might be a
> problem local to your environment, so we need to debug it to understand
> the issue rather than blindly reverse existing commits.
> 
Thanks for responding James & Ard.

Below is the script I'm using to create, then run, the VM. To verify
that it works normally with UEFI boot, it initially uses the internal
kernel & initrd.

The OVMF_CODE & my_VARS lines contain git hash to identify the build
from which OVMF_CODE.fd & OVMF_VARS.fd were taken; 97fdcg is from a
build of yesterday's git master.

After the OS has been installed, I can run the VM multiple times to
verify that it boots under UEFI OK (I see the TianoCore splash screen)
with internal kernel.


#!/bin/bash

/usr/bin/qemu-kvm \
-name "UEFI Testing" \
-enable-kvm \
-cpu kvm64 \
-smp cores=4 \
-boot once=c \
-m 8192 \
-device intel-hda \
-device hda-duplex \
-vga virtio \
-drive if=pflash,format=raw,file=OVMF_CODE_97fdcb.fd,readonly=on \
-drive if=pflash,format=raw,file=my_VARS_97fdcb.fd \
-drive file=disk.img,format=raw,cache=none,index=0,media=disk \
-cdrom
/storage/iso/slackware/slackware64-15.0/slackware64-15.0-20210807.iso \
-daemonize \
"$@"


To now use external kernel, I add the lines:

-kernel /var/cache/vmbuilder/boot/15.0/x86_64/vmlinuz \
-initrd /var/cache/vmbuilder/boot/15.0/x86_64/initrd \
-append "root=/dev/sda2 rootfstype=ext4 ro vga=0x386" \

to the script just after "-boot once=c" (but I doubt the exact
positioning makes any difference).

In this case, I see the kernel running and initrd unpacked and its
modules loaded but the root partition is unable to be mounted - the disk
is not visible (running 'ls -l /dev/sd*' in recovery shell gives 'ls:
/dev/sd*: No such file or directory').

The last lines of the Qemu screen are:

/boot/initrd-5.13.8.gz: Loading kernel modules from initrd image:
insmod /lib/modules/5.13.8/kernel/fs/jbd2/jbd2.ko
insmod /lib/modules/5.13.8/kernel/fs/mbcache.ko
insmod /lib/modules/5.13.8/kernel/fs/ext4/ext4.ko
mount: mounting /dev/sda2 on /mnt failed: No such file or directory
ERROR: No /sbin/init found on rootdev (or not mounted). Trouble ahead.
   You can try to fix it. Type 'exit' when things are done.

At that point I'm dropped into a recovery shell to try fixing something
but there's nothing that can be done since the disk containing the OS is
not visible.


However if I now change the script's OVMF files to those built from a
patched git master, the VM boots all the way to login prompt.

I'm using qemu-6.0.0 on SLackware64 but I've found exactly the same
behaviour using other OS's (Ubuntu 20.04 with 4.2-3ubuntu6.17 and Clear
Linux with 5.2.0)

I've also tried using OVMF files from Ubuntu hirsute's ovmf package
(2020.11-4) with same bad result. Of course, in this case, I was unable
to use a patched version.

>From the above, I think I've done everything possible to verify the
problem and a possible fix. Is there something fundamentally wrong in
the way I'm going about this?

chris


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78996): https://edk2.groups.io/g/devel/message/78996
Mute This Topic: https://groups.io/mt/84767423/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [edk2-platforms][PATCH v1 1/1] IntelSiliconPkg/PeiSmmAccessLib: Remove S3 requirement

[Chaganty, Rangasai V]

Reviewed-by: Sai Chaganty   

-Original Message-
From: mikub...@linux.microsoft.com  
Sent: Monday, August 09, 2021 6:40 AM
To: devel@edk2.groups.io
Cc: Ni, Ray ; Chaganty, Rangasai V 

Subject: [edk2-platforms][PATCH v1 1/1] IntelSiliconPkg/PeiSmmAccessLib: Remove 
S3 requirement

From: Michael Kubacki 

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3539

PeiInstallSmmAccessPpi() currently requires the boot mode be set to S3 to 
actually install gEfiPeiMmAccessPpiGuid.

This change removes this requirement in the function implementation for two 
reasons:

1. Practical use cases exist to require this PPI in cases other than
   the boot mode being set to BOOT_ON_S3_RESUME.

2. It is poor API design to implicitly bury this requirement within
   a function whose responsibility is to install the PPI. The caller
   can easily place arbitrary constraints around whether to call
   based on conditions such as the boot mode being
   BOOT_ON_S3_RESUME.

Cc: Ray Ni 
Cc: Rangasai V Chaganty 
Signed-off-by: Michael Kubacki 
---
 
Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/PeiSmmAccessLib/PeiSmmAccessLib.c
 | 12 
 1 file changed, 12 deletions(-)

diff --git 
a/Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/PeiSmmAccessLib/PeiSmmAccessLib.c
 
b/Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/PeiSmmAccessLib/PeiSmmAccessLib.c
index d9bf4fba983e..4df0d695fdaf 100644
--- 
a/Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/PeiSmmAccessLib/PeiSmmAccessLib.c
+++ b/Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/PeiSmmAcce
+++ ssLib/PeiSmmAccessLib.c
@@ -252,19 +252,7 @@ PeiInstallSmmAccessPpi (
   EFI_SMRAM_HOB_DESCRIPTOR_BLOCK  *DescriptorBlock;
   SMM_ACCESS_PRIVATE_DATA *SmmAccessPrivate;
   VOID*HobList;
-  EFI_BOOT_MODE   BootMode;
 
-  Status = PeiServicesGetBootMode ();
-  if (EFI_ERROR (Status)) {
-//
-// If not in S3 boot path. do nothing
-//
-return EFI_SUCCESS;
-  }
-
-  if (BootMode != BOOT_ON_S3_RESUME) {
-return EFI_SUCCESS;
-  }
   //
   // Initialize private data
   //
--
2.28.0.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78995): https://edk2.groups.io/g/devel/message/78995
Mute This Topic: https://groups.io/mt/84768258/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [edk2-platforms][PATCH v1 1/1] IntelSiliconPkg: Add BaseSmmAccessLibNull

[Chaganty, Rangasai V]

Reviewed-by: Sai Chaganty   

-Original Message-
From: mikub...@linux.microsoft.com  
Sent: Monday, August 09, 2021 7:16 AM
To: devel@edk2.groups.io
Cc: Ni, Ray ; Chaganty, Rangasai V 

Subject: [edk2-platforms][PATCH v1 1/1] IntelSiliconPkg: Add 
BaseSmmAccessLibNull

From: Michael Kubacki 

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3540

Adds a NULL instance of SmmAccessLib.

Cc: Ray Ni 
Cc: Rangasai V Chaganty 
Signed-off-by: Michael Kubacki 
---
 
Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/BaseSmmAccessLibNull/BaseSmmAccessLibNull.c
   | 33 
 
Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/BaseSmmAccessLibNull/BaseSmmAccessLibNull.inf
 | 26 +++
 Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dsc  
   |  1 +
 3 files changed, 60 insertions(+)

diff --git 
a/Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/BaseSmmAccessLibNull/BaseSmmAccessLibNull.c
 
b/Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/BaseSmmAccessLibNull/BaseSmmAccessLibNull.c
new file mode 100644
index ..f5ad306b380b
--- /dev/null
+++ b/Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/BaseSmmAcc
+++ essLibNull/BaseSmmAccessLibNull.c
@@ -0,0 +1,33 @@
+/** @file
+  A NULL library instance of SmmAccessLib.
+
+  Copyright (c) 2019 - 2020, Intel Corporation. All rights 
+ reserved.  Copyright (c) Microsoft Corporation.
+
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include 
+#include 
+#include 
+
+/**
+  This function is to install an SMM Access PPI
+
+  @retval EFI_SUCCESS   - Ppi successfully started and installed.
+  @retval EFI_NOT_FOUND - Ppi can't be found.
+  @retval EFI_OUT_OF_RESOURCES  - Ppi does not have enough resources to 
initialize the driver.
+  @retval EFI_UNSUPPORTED   - The PPI was not installed and installation 
is unsupported in
+  this instance of function implementation.
+
+**/
+EFI_STATUS
+EFIAPI
+PeiInstallSmmAccessPpi (
+  VOID
+  )
+{
+  ASSERT (FALSE);
+  return EFI_UNSUPPORTED;
+}
diff --git 
a/Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/BaseSmmAccessLibNull/BaseSmmAccessLibNull.inf
 
b/Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/BaseSmmAccessLibNull/BaseSmmAccessLibNull.inf
new file mode 100644
index ..7fd3b0b89655
--- /dev/null
+++ b/Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/BaseSmmAcc
+++ essLibNull/BaseSmmAccessLibNull.inf
@@ -0,0 +1,26 @@
+## @file
+# A NULL library instance of SmmAccessLib.
+#
+# Copyright (c) 2019, Intel Corporation. All rights reserved. # 
+Copyright (c) Microsoft Corporation. # SPDX-License-Identifier: 
+BSD-2-Clause-Patent # ##
+
+[Defines]
+INF_VERSION = 0x00010017
+BASE_NAME   = BaseSmmAccessLibNull
+FILE_GUID   = C1A14AB6-B757-4046-9B92-9DCE1A2154C6
+VERSION_STRING  = 1.0
+MODULE_TYPE = BASE
+LIBRARY_CLASS   = SmmAccessLib
+
+[Packages]
+  MdePkg/MdePkg.dec
+  IntelSiliconPkg/IntelSiliconPkg.dec
+
+[LibraryClasses]
+  DebugLib
+
+[Sources]
+  BaseSmmAccessLibNull.c
diff --git a/Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dsc 
b/Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dsc
index 1092371d848e..dd0928ec58f3 100644
--- a/Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dsc
+++ b/Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dsc
@@ -90,6 +90,7 @@ [Components]
   IntelSiliconPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdateDxe.inf
   
IntelSiliconPkg/Feature/Capsule/Library/MicrocodeFlashAccessLibNull/MicrocodeFlashAccessLibNull.inf
   IntelSiliconPkg/Feature/ShadowMicrocode/ShadowMicrocodePei.inf
+  
+ IntelSiliconPkg/Feature/SmmAccess/Library/BaseSmmAccessLibNull/BaseSmm
+ AccessLibNull.inf
   IntelSiliconPkg/Library/PeiDxeSmmBootMediaLib/PeiFirmwareBootMediaLib.inf
   IntelSiliconPkg/Library/PeiDxeSmmBootMediaLib/DxeSmmFirmwareBootMediaLib.inf
   IntelSiliconPkg/Library/DxeAslUpdateLib/DxeAslUpdateLib.inf
--
2.28.0.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78994): https://edk2.groups.io/g/devel/message/78994
Mute This Topic: https://groups.io/mt/84769134/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v2 1/2] MdePkg/BaseLib: Fix unaligned API prototypes

[Andrew Fish via groups.io]

> On Aug 9, 2021, at 9:15 AM, Michael D Kinney  
> wrote:
> 
> Hi Marvin,
> 
> Can you provide an example of which C compiler is flagging this as
> an error and what error message is generated.
> 
> Please enter a BZ with this background information and add link to the
> BZ in the commit message.
> 
> This is a change to the BaseLib class, so we need to make sure there
> are no impacts to any existing code.  I looks like a safe change
> because changing from a pointer to a fixed size type to VOID * 
> should be compatible.  Please add that analysis to the background
> in the BZ as well.
> 

MIke,

I want to say we had a discussion about this years ago? I don’t remember the 
outcome. 

Dereferencing a misaligned pointer is UB (Undefined Behavior) in C [1], but 
historically x86 compilers have let it slide.

I think the situation we are in is the BaseLib functions don’t contain UB, but 
it is UB for the caller to use the returned pointer directly. 

Here is a simple example with clang UndefinedBehaviorSanitizer (UBSan) . 

~/work/Compiler>cat ub.c
#include 

#define EFIAPI
#define IN
#define OUT

typedef unsigned char   UINT8;
typedef unsigned short  UINT16;

UINT16
EFIAPI
WriteUnaligned16 (
  OUT UINT16*Buffer,
  IN  UINT16Value
  )
{
  // ASSERT (Buffer != NULL);

  ((volatile UINT8*)Buffer)[0] = (UINT8)Value;
  ((volatile UINT8*)Buffer)[1] = (UINT8)(Value >> 8);

  return Value;
}


int main()
{
UINT8 *buffer = malloc(64);
UINT16 *pointer = (UINT16 *)(buffer + 1);

WriteUnaligned16 (pointer, 42);

// *pointer = 42; // Error: misaligned integer pointer assignment
return *pointer;
}
~/work/Compiler>clang -fsanitize=undefined  ub.c
~/work/Compiler>./a.out
ub.c:34:9: runtime error: load of misaligned address 0x7feac6405aa1 for type 
'UINT16' (aka 'unsigned short'), which requires 2 byte alignment
0x7feac6405aa1: note: pointer points here
 00 00 00  64 2a 00 79 6d 28 52 54  4c 44 5f 44 45 46 41 55  4c 54 2c 20 73 77 
69 66  74 5f 64 65 6d
  ^ 
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ub.c:34:9 in 

FYI line 39 is `return *pointer`and 42 is 0x2A. So reading an writing to 
*pointer is UB. 


As you can see in [1] the general advice is to take code that looks like:
int8_t *buffer = malloc(64);
int32_t *pointer = (int32_t *)(buffer + 1);
*pointer = 42; // Error: misaligned integer pointer assignment
And replace it with;
int8_t *buffer = malloc(64);
int32_t value = 42;
memcpy(buffer + 1, , sizeof(int32_t)); // Correct

But in these cases the result is in a byte aligned buffer….

[1] https://developer.apple.com/documentation/xcode/misaligned-pointer

Thanks,

Andrew Fish

> Thanks,
> 
> Mike
> 
> 
>> -Original Message-
>> From: Marvin Häuser mailto:mhaeu...@posteo.de>>
>> Sent: Monday, August 9, 2021 2:51 AM
>> To: devel@edk2.groups.io 
>> Cc: Kinney, Michael D > >; Liming Gao > >; Liu, Zhiguang
>> mailto:zhiguang@intel.com>>; Vitaly Cheptsov 
>> mailto:vit9...@protonmail.com>>
>> Subject: [PATCH v2 1/2] MdePkg/BaseLib: Fix unaligned API prototypes
>> 
>> C prohibits not only dereferencing but also casting to unaligned
>> pointers. Thus, the current set of unaligned APIs cannot be called
>> safely. Update their prototypes to take VOID * pointers, which must
>> be able to represent any valid pointer.
>> 
>> Cc: Michael D Kinney 
>> Cc: Liming Gao 
>> Cc: Zhiguang Liu 
>> Cc: Vitaly Cheptsov 
>> Signed-off-by: Marvin Häuser 
>> ---
>> MdePkg/Library/BaseLib/Arm/Unaligned.c | 14 -
>> MdePkg/Library/BaseLib/Unaligned.c | 32 ++--
>> MdePkg/Include/Library/BaseLib.h   | 16 +-
>> 3 files changed, 31 insertions(+), 31 deletions(-)
>> 
>> diff --git a/MdePkg/Library/BaseLib/Arm/Unaligned.c 
>> b/MdePkg/Library/BaseLib/Arm/Unaligned.c
>> index e9934e7003cb..57f19fc44e0b 100644
>> --- a/MdePkg/Library/BaseLib/Arm/Unaligned.c
>> +++ b/MdePkg/Library/BaseLib/Arm/Unaligned.c
>> @@ -59,7 +59,7 @@ ReadUnaligned16 (
>> UINT16
>> 
>> EFIAPI
>> 
>> WriteUnaligned16 (
>> 
>> -  OUT UINT16*Buffer,
>> 
>> +  OUT VOID  *Buffer,
>> 
>>   IN  UINT16Value
>> 
>>   )
>> 
>> {
>> 
>> @@ -87,7 +87,7 @@ WriteUnaligned16 (
>> UINT32
>> 
>> EFIAPI
>> 
>> ReadUnaligned24 (
>> 
>> -  IN CONST UINT32  *Buffer
>> 
>> +  IN CONST VOID*Buffer
>> 
>>   )
>> 
>> {
>> 
>>   ASSERT (Buffer != NULL);
>> 
>> @@ -116,7 +116,7 @@ ReadUnaligned24 (
>> UINT32
>> 
>> EFIAPI
>> 
>> WriteUnaligned24 (
>> 
>> -  OUT UINT32*Buffer,
>> 
>> +  OUT VOID  *Buffer,
>> 
>>   IN  UINT32Value
>> 
>>   )
>> 
>> {
>> 
>> @@ -143,7 +143,7 @@ WriteUnaligned24 (
>> UINT32
>> 
>> EFIAPI
>> 
>> ReadUnaligned32 (
>> 
>> -  IN CONST UINT32  *Buffer
>> 
>> +  

Re: [edk2-devel] [PATCH v2 4/7] ArmPkg/DefaultExceptionHandlerLib: Check DebugImageInfoTable type safely

[Marvin Häuser]

On 09/08/2021 14:40, Marvin Häuser wrote:

On 09/08/2021 13:55, Ard Biesheuvel wrote:

On Mon, 9 Aug 2021 at 11:51, Marvin Häuser  wrote:

C does not allow casting to or dereferencing incompatible pointer
types. Use the ImageInfoType member of the union first to determine
the data type before dereferencing NormalImage.

Cc: Leif Lindholm 
Cc: Ard Biesheuvel 
Cc: Vitaly Cheptsov 
Signed-off-by: Marvin Häuser 

Hi Marvin,

Could you please organize your patches into a consistent series,
include a cover letter and cc me on everything?


Hey Ard,

It's a series and there is a cover letter at: 
https://edk2.groups.io/g/devel/topic/patch_v2_0_7_fix_various/84764899?p=,,,20,0,0,0::recentpostdate%2Fsticky,,,20,2,0,84764899
The mails from yesterday can certainly be discarded, for some reason 
format-patch did not number the patches without the argument.
The mails from today are numbered and there is a cover letter, but for 
some reason the threading is all wrong in Thunderbird for me. All 
subsequent patches have the "In-Reply-To" header in the patch files, I 
think it is supposed to work off of that? Is threading broken for you 
as well? Any idea what could have gone wrong?


Today I learned two things.

1) Both format-patch and send-email support threading individually, and 
they don't cooperate [1].


2) Groups.io does not like patch sets [2].

*Sigh*. Sorry.

Best regards,
Marvin


[1] "It is up to the user to ensure that no In-Reply-To header already 
exists when git send-email is asked to add it (especially note that git 
format-patch can be configured to do the threading itself). Failure to 
do so may not produce the expected result in the recipient’s MUA.", 
https://git-scm.com/docs/git-send-email


[2] "Note: This checkbox is selected by default in new Groups.io 
accounts. If you do not want to see copies of your own messages, clear 
this checkbox. [...] (For those interested in the technical details: 
When this checkbox is selected, Groups.io replaces the Message-Id header 
with a new, system-generated one and renames the original Message-Id 
header to X-Orig-Message-Id.)", 
https://groups.io/helpcenter/membersmanual?single=true




I will create a V3 with you CC'd on all patches once I understand 
everything that went wrong. Is it normal to CC all people from each 
patch on all patches of a series?


Thanks and so sorry for the hassle!

Best regards,
Marvin


I am going to disregard anything you sent yesterday and today, as it
is a bit of a jumble.

Thanks,
Ard.



---
ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c 
| 4 ++--

  1 file changed, 2 insertions(+), 2 deletions(-)

diff --git 
a/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c 
b/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c 


index e9fea4038252..9befb6d4db9b 100644
--- 
a/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c
+++ 
b/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c

@@ -51,8 +51,8 @@ GetImageName (

    Address = (CHAR8 *)(UINTN)FaultAddress;
    for (Entry = 0; Entry < DebugTableHeader->TableSize; Entry++, 
DebugTable++) {

-    if (DebugTable->NormalImage != NULL) {
-  if ((DebugTable->NormalImage->ImageInfoType == 
EFI_DEBUG_IMAGE_INFO_TYPE_NORMAL) &&

+    if (DebugTable->ImageInfoType != NULL) {
+  if ((*DebugTable->ImageInfoType == 
EFI_DEBUG_IMAGE_INFO_TYPE_NORMAL) &&

(DebugTable->NormalImage->LoadedImageProtocolInstance != NULL)) {
  if ((Address >= (CHAR8 
*)DebugTable->NormalImage->LoadedImageProtocolInstance->ImageBase) &&
  (Address <= ((CHAR8 
*)DebugTable->NormalImage->LoadedImageProtocolInstance->ImageBase + 
DebugTable->NormalImage->LoadedImageProtocolInstance->ImageSize))) {

--
2.31.1












-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78992): https://edk2.groups.io/g/devel/message/78992
Mute This Topic: https://groups.io/mt/84764906/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v3 1/2] MdePkg/BaseLib: Fix unaligned API prototypes

[Marvin Häuser]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3542

C prohibits not only dereferencing but also casting to unaligned
pointers. Thus, the current set of unaligned APIs cannot be called
safely. Update their prototypes to take VOID * pointers, which must
be able to represent any valid pointer.

Cc: Michael D Kinney 
Cc: Liming Gao 
Cc: Zhiguang Liu 
Cc: Vitaly Cheptsov 
Signed-off-by: Marvin Häuser 
---
 MdePkg/Library/BaseLib/Arm/Unaligned.c | 14 -
 MdePkg/Library/BaseLib/Unaligned.c | 32 ++--
 MdePkg/Include/Library/BaseLib.h   | 16 +-
 3 files changed, 31 insertions(+), 31 deletions(-)

diff --git a/MdePkg/Library/BaseLib/Arm/Unaligned.c 
b/MdePkg/Library/BaseLib/Arm/Unaligned.c
index e9934e7003cb..57f19fc44e0b 100644
--- a/MdePkg/Library/BaseLib/Arm/Unaligned.c
+++ b/MdePkg/Library/BaseLib/Arm/Unaligned.c
@@ -59,7 +59,7 @@ ReadUnaligned16 (
 UINT16

 EFIAPI

 WriteUnaligned16 (

-  OUT UINT16*Buffer,

+  OUT VOID  *Buffer,

   IN  UINT16Value

   )

 {

@@ -87,7 +87,7 @@ WriteUnaligned16 (
 UINT32

 EFIAPI

 ReadUnaligned24 (

-  IN CONST UINT32  *Buffer

+  IN CONST VOID*Buffer

   )

 {

   ASSERT (Buffer != NULL);

@@ -116,7 +116,7 @@ ReadUnaligned24 (
 UINT32

 EFIAPI

 WriteUnaligned24 (

-  OUT UINT32*Buffer,

+  OUT VOID  *Buffer,

   IN  UINT32Value

   )

 {

@@ -143,7 +143,7 @@ WriteUnaligned24 (
 UINT32

 EFIAPI

 ReadUnaligned32 (

-  IN CONST UINT32  *Buffer

+  IN CONST VOID*Buffer

   )

 {

   UINT16  LowerBytes;

@@ -175,7 +175,7 @@ ReadUnaligned32 (
 UINT32

 EFIAPI

 WriteUnaligned32 (

-  OUT UINT32*Buffer,

+  OUT VOID  *Buffer,

   IN  UINT32Value

   )

 {

@@ -202,7 +202,7 @@ WriteUnaligned32 (
 UINT64

 EFIAPI

 ReadUnaligned64 (

-  IN CONST UINT64  *Buffer

+  IN CONST VOID*Buffer

   )

 {

   UINT32  LowerBytes;

@@ -234,7 +234,7 @@ ReadUnaligned64 (
 UINT64

 EFIAPI

 WriteUnaligned64 (

-  OUT UINT64*Buffer,

+  OUT VOID  *Buffer,

   IN  UINT64Value

   )

 {

diff --git a/MdePkg/Library/BaseLib/Unaligned.c 
b/MdePkg/Library/BaseLib/Unaligned.c
index a419cb85e53c..3041adcde606 100644
--- a/MdePkg/Library/BaseLib/Unaligned.c
+++ b/MdePkg/Library/BaseLib/Unaligned.c
@@ -26,12 +26,12 @@
 UINT16

 EFIAPI

 ReadUnaligned16 (

-  IN CONST UINT16  *Buffer

+  IN CONST VOID*Buffer

   )

 {

   ASSERT (Buffer != NULL);

 

-  return *Buffer;

+  return *(CONST UINT16 *) Buffer;

 }

 

 /**

@@ -52,13 +52,13 @@ ReadUnaligned16 (
 UINT16

 EFIAPI

 WriteUnaligned16 (

-  OUT UINT16*Buffer,

+  OUT VOID  *Buffer,

   IN  UINT16Value

   )

 {

   ASSERT (Buffer != NULL);

 

-  return *Buffer = Value;

+  return *(UINT16 *) Buffer = Value;

 }

 

 /**

@@ -77,12 +77,12 @@ WriteUnaligned16 (
 UINT32

 EFIAPI

 ReadUnaligned24 (

-  IN CONST UINT32  *Buffer

+  IN CONST VOID*Buffer

   )

 {

   ASSERT (Buffer != NULL);

 

-  return *Buffer & 0xff;

+  return *(CONST UINT32 *) Buffer & 0xff;

 }

 

 /**

@@ -103,13 +103,13 @@ ReadUnaligned24 (
 UINT32

 EFIAPI

 WriteUnaligned24 (

-  OUT UINT32*Buffer,

+  OUT VOID  *Buffer,

   IN  UINT32Value

   )

 {

   ASSERT (Buffer != NULL);

 

-  *Buffer = BitFieldWrite32 (*Buffer, 0, 23, Value);

+  *(UINT32 *) Buffer = BitFieldWrite32 (*(CONST UINT32 *) Buffer, 0, 23, 
Value);

   return Value;

 }

 

@@ -129,12 +129,12 @@ WriteUnaligned24 (
 UINT32

 EFIAPI

 ReadUnaligned32 (

-  IN CONST UINT32  *Buffer

+  IN CONST VOID*Buffer

   )

 {

   ASSERT (Buffer != NULL);

 

-  return *Buffer;

+  return *(CONST UINT32 *) Buffer;

 }

 

 /**

@@ -155,13 +155,13 @@ ReadUnaligned32 (
 UINT32

 EFIAPI

 WriteUnaligned32 (

-  OUT UINT32*Buffer,

+  OUT VOID  *Buffer,

   IN  UINT32Value

   )

 {

   ASSERT (Buffer != NULL);

 

-  return *Buffer = Value;

+  return *(UINT32 *) Buffer = Value;

 }

 

 /**

@@ -180,12 +180,12 @@ WriteUnaligned32 (
 UINT64

 EFIAPI

 ReadUnaligned64 (

-  IN CONST UINT64  *Buffer

+  IN CONST VOID*Buffer

   )

 {

   ASSERT (Buffer != NULL);

 

-  return *Buffer;

+  return *(CONST UINT64 *) Buffer;

 }

 

 /**

@@ -206,11 +206,11 @@ ReadUnaligned64 (
 UINT64

 EFIAPI

 WriteUnaligned64 (

-  OUT UINT64*Buffer,

+  OUT VOID  *Buffer,

   IN  UINT64Value

   )

 {

   ASSERT (Buffer != NULL);

 

-  return *Buffer = Value;

+  return *(UINT64 *) Buffer = Value;

 }

diff --git 

[edk2-devel] [PATCH v3 2/2] BaseTools/CommonLib: Fix unaligned API prototypes

[Marvin Häuser]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3542

C prohibits not only dereferencing but also casting to unaligned
pointers. Thus, the current set of unaligned APIs cannot be called
safely. Update their prototypes to take VOID * pointers, which must
be able to represent any valid pointer.

Cc: Bob Feng 
Cc: Liming Gao 
Cc: Yuwei Chen 
Cc: Vitaly Cheptsov 
Signed-off-by: Marvin Häuser 
---
 BaseTools/Source/C/Common/CommonLib.c | 16 
 BaseTools/Source/C/Common/CommonLib.h |  8 
 2 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/BaseTools/Source/C/Common/CommonLib.c 
b/BaseTools/Source/C/Common/CommonLib.c
index 7fb4ab764fcd..f1223fb2ae0a 100644
--- a/BaseTools/Source/C/Common/CommonLib.c
+++ b/BaseTools/Source/C/Common/CommonLib.c
@@ -1154,23 +1154,23 @@ StrSize (
 

 UINT64

 ReadUnaligned64 (

-   CONST UINT64  *Buffer

+   CONST VOID*Buffer

   )

 {

   ASSERT (Buffer != NULL);

 

-  return *Buffer;

+  return *(CONST UINT64 *) Buffer;

 }

 

 UINT64

 WriteUnaligned64 (

-   UINT64*Buffer,

+   VOID  *Buffer,

UINT64Value

   )

 {

   ASSERT (Buffer != NULL);

 

-  return *Buffer = Value;

+  return *(UINT64 *) Buffer = Value;

 }

 

 

@@ -2018,23 +2018,23 @@ AllocatePool (
 

 UINT16

 WriteUnaligned16 (

-  UINT16*Buffer,

+  VOID  *Buffer,

   UINT16Value

   )

 {

   ASSERT (Buffer != NULL);

 

-  return *Buffer = Value;

+  return *(UINT16 *) Buffer = Value;

 }

 

 UINT16

 ReadUnaligned16 (

-  CONST UINT16  *Buffer

+  CONST VOID*Buffer

   )

 {

   ASSERT (Buffer != NULL);

 

-  return *Buffer;

+  return *(CONST UINT16 *) Buffer;

 }

 /**

   Return whether the integer string is a hex string.

diff --git a/BaseTools/Source/C/Common/CommonLib.h 
b/BaseTools/Source/C/Common/CommonLib.h
index 0f05d88db206..67c42a91765d 100644
--- a/BaseTools/Source/C/Common/CommonLib.h
+++ b/BaseTools/Source/C/Common/CommonLib.h
@@ -238,13 +238,13 @@ CopyGuid (
 

 UINT64

 WriteUnaligned64 (

-   UINT64*Buffer,

+   VOID  *Buffer,

UINT64Value

   );

 

 UINT64

 ReadUnaligned64 (

-   CONST UINT64  *Buffer

+   CONST VOID*Buffer

   );

 

 UINTN

@@ -363,13 +363,13 @@ AllocatePool (
 

 UINT16

 WriteUnaligned16 (

-  UINT16*Buffer,

+  VOID  *Buffer,

   UINT16Value

   );

 

 UINT16

 ReadUnaligned16 (

-  CONST UINT16  *Buffer

+  CONST VOID*Buffer

   );

 

 VOID *

-- 
2.31.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78991): https://edk2.groups.io/g/devel/message/78991
Mute This Topic: https://groups.io/mt/84779302/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [Patch V2] MinPlatformPkg: Fix the incompatible change about SecureBootVariableLib

[Nate DeSimone]

Reviewed-by: Nate DeSimone 

> -Original Message-
> From: Tan, Dun 
> Sent: Monday, August 9, 2021 8:00 AM
> To: devel@edk2.groups.io
> Cc: Chiu, Chasel ; Desimone, Nathaniel L
> ; Liming Gao
> ; Dong, Eric ; Tan, Dun
> 
> Subject: [Patch V2] MinPlatformPkg: Fix the incompatible change about
> SecureBootVariableLib
> 
> V1: The newly created lib will be consumed by SecureBootConfigDxe.inf in
> CoreDxeInclude.dsc
> V2: Add SecureBootVariableProvisionLib in CoreDxeInclude.dsc
> 
> Cc: Chasel Chiu 
> Cc: Nate DeSimone 
> Cc: Liming Gao 
> Cc: Eric Dong 
> Signed-off-by: DunTan 
> ---
>  Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc
> b/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc
> index b154f9615d..c3d05fc913 100644
> --- a/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc
> +++ b/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc
> @@ -139,6 +139,8 @@
> 
>  !if gMinPlatformPkgTokenSpaceGuid.PcdUefiSecureBootEnable == TRUE
>AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
> +
> + SecureBootVariableLib|SecurityPkg/Library/SecureBootVariableLib/Secure
> + BootVariableLib.inf
> + SecureBootVariableProvisionLib|SecurityPkg/Library/SecureBootVariableP
> + rovisionLib/SecureBootVariableProvisionLib.inf
>  !endif
> 
>SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf
> --
> 2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78989): https://edk2.groups.io/g/devel/message/78989
Mute This Topic: https://groups.io/mt/84770226/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [edk2-platforms][PATCH v1 1/1] MinPlatformPkg/AcpiTables: Update structures for ACPI 6.3

[Nate DeSimone]

Reviewed-by: Nate DeSimone 

> -Original Message-
> From: mikub...@linux.microsoft.com 
> Sent: Friday, August 6, 2021 12:54 PM
> To: devel@edk2.groups.io
> Cc: Chiu, Chasel ; Desimone, Nathaniel L
> ; Liming Gao
> ; Dong, Eric ; Maddy,
> Daniel ; Michael Kubacki
> 
> Subject: [edk2-platforms][PATCH v1 1/1] MinPlatformPkg/AcpiTables:
> Update structures for ACPI 6.3
> 
> From: Daniel Maddy 
> 
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3535
> 
> Updates ACPI table structures in MinPlatformPkg for ACPI 6.3.
> 
> Cc: Chasel Chiu 
> Cc: Nate DeSimone 
> Cc: Liming Gao 
> Cc: Eric Dong 
> Cc: Daniel Maddy 
> Co-authored-by: Michael Kubacki 
> Signed-off-by: Michael Kubacki 
> ---
>  Platform/Intel/MinPlatformPkg/Acpi/AcpiTables/AcpiPlatform.c | 203
> ++--
>  Platform/Intel/MinPlatformPkg/Acpi/AcpiTables/Facs/Facs.c|  11 +-
>  Platform/Intel/MinPlatformPkg/Acpi/AcpiTables/Fadt/Fadt.c|  74 ---
>  3 files changed, 150 insertions(+), 138 deletions(-)
> 
> diff --git a/Platform/Intel/MinPlatformPkg/Acpi/AcpiTables/AcpiPlatform.c
> b/Platform/Intel/MinPlatformPkg/Acpi/AcpiTables/AcpiPlatform.c
> index 2b51c34ef2fd..5e3c4c0672f9 100644
> --- a/Platform/Intel/MinPlatformPkg/Acpi/AcpiTables/AcpiPlatform.c
> +++ b/Platform/Intel/MinPlatformPkg/Acpi/AcpiTables/AcpiPlatform.c
> @@ -2,6 +2,7 @@
>ACPI Platform Driver
> 
>  Copyright (c) 2017 - 2019, Intel Corporation. All rights reserved.
> +Copyright (c) Microsoft Corporation.
>  SPDX-License-Identifier: BSD-2-Clause-Patent
> 
>  **/
> @@ -13,7 +14,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent  #pragma
> pack(1)
> 
>  typedef struct {
> -  UINT32   AcpiProcessorId;
> +  UINT32   AcpiProcessorUid;
>UINT32   ApicId;
>UINT32   Flags;
>UINT32   SwProcApicId;
> @@ -27,9 +28,9 @@ typedef struct {
>  // Define Union of IO APIC & Local APIC structure;  //  typedef union {
> -  EFI_ACPI_4_0_PROCESSOR_LOCAL_APIC_STRUCTURE AcpiLocalApic;
> -  EFI_ACPI_4_0_IO_APIC_STRUCTURE  AcpiIoApic;
> -  EFI_ACPI_4_0_PROCESSOR_LOCAL_X2APIC_STRUCTURE AcpiLocalx2Apic;
> +  EFI_ACPI_6_3_PROCESSOR_LOCAL_APIC_STRUCTURE   AcpiLocalApic;
> +  EFI_ACPI_6_3_IO_APIC_STRUCTUREAcpiIoApic;
> +  EFI_ACPI_6_3_PROCESSOR_LOCAL_X2APIC_STRUCTURE AcpiLocalx2Apic;
>struct {
>  UINT8 Type;
>  UINT8 Length;
> @@ -38,9 +39,9 @@ typedef union {
> 
>  #pragma pack()
> 
> -extern EFI_ACPI_5_0_FIRMWARE_ACPI_CONTROL_STRUCTURE  Facs; -
> extern EFI_ACPI_5_0_FIXED_ACPI_DESCRIPTION_TABLE Fadt; -extern
> EFI_ACPI_HIGH_PRECISION_EVENT_TIMER_TABLE_HEADER  Hpet;
> +extern EFI_ACPI_6_3_FIRMWARE_ACPI_CONTROL_STRUCTURE Facs;
> +extern EFI_ACPI_6_3_FIXED_ACPI_DESCRIPTION_TABLEFadt;
> +extern EFI_ACPI_HIGH_PRECISION_EVENT_TIMER_TABLE_HEADER Hpet;
>  extern EFI_ACPI_WSMT_TABLE Wsmt;
> 
>  VOID  *mLocalTable[] = {
> @@ -217,7 +218,7 @@ DebugDisplayReOrderTable(
>DEBUG ((EFI_D_ERROR, "Index  AcpiProcId  ApicId  Flags  SwApicId  Skt\n"));
>for (Index=0; Index  DEBUG ((EFI_D_ERROR, " %02d   0x%02X  0x%02X  %d  0x%02X
> %d\n",
> -   Index, 
> mCpuApicIdOrderTable[Index].AcpiProcessorId,
> +   Index,
> + mCpuApicIdOrderTable[Index].AcpiProcessorUid,
> mCpuApicIdOrderTable[Index].ApicId,
> mCpuApicIdOrderTable[Index].Flags,
> mCpuApicIdOrderTable[Index].SwProcApicId,
> @@ -232,31 +233,31 @@ AppendCpuMapTableEntry (
>)
>  {
>EFI_STATUSStatus;
> -  EFI_ACPI_4_0_PROCESSOR_LOCAL_APIC_STRUCTURE *LocalApicPtr;
> -  EFI_ACPI_4_0_PROCESSOR_LOCAL_X2APIC_STRUCTURE *LocalX2ApicPtr;
> +  EFI_ACPI_6_3_PROCESSOR_LOCAL_APIC_STRUCTURE *LocalApicPtr;
> + EFI_ACPI_6_3_PROCESSOR_LOCAL_X2APIC_STRUCTURE *LocalX2ApicPtr;
>UINT8 Type;
> 
>Status = EFI_SUCCESS;
>Type = ((ACPI_APIC_STRUCTURE_PTR *)ApicPtr)->AcpiApicCommon.Type;
> -  LocalApicPtr = (EFI_ACPI_4_0_PROCESSOR_LOCAL_APIC_STRUCTURE
> *)(&((ACPI_APIC_STRUCTURE_PTR *)ApicPtr)->AcpiLocalApic);
> -  LocalX2ApicPtr = (EFI_ACPI_4_0_PROCESSOR_LOCAL_X2APIC_STRUCTURE
> *)(&((ACPI_APIC_STRUCTURE_PTR *)ApicPtr)->AcpiLocalx2Apic);
> +  LocalApicPtr = (EFI_ACPI_6_3_PROCESSOR_LOCAL_APIC_STRUCTURE
> + *)(&((ACPI_APIC_STRUCTURE_PTR *)ApicPtr)->AcpiLocalApic);
> + LocalX2ApicPtr = (EFI_ACPI_6_3_PROCESSOR_LOCAL_X2APIC_STRUCTURE
> + *)(&((ACPI_APIC_STRUCTURE_PTR *)ApicPtr)->AcpiLocalx2Apic);
> 
> -  if(Type == EFI_ACPI_4_0_PROCESSOR_LOCAL_APIC) {
> +  if(Type == EFI_ACPI_6_3_PROCESSOR_LOCAL_APIC) {
>  if(!mX2ApicEnabled) {
> -  LocalApicPtr->Flags   =
> (UINT8)mCpuApicIdOrderTable[LocalApicCounter].Flags;
> -  LocalApicPtr->ApicId  =
> (UINT8)mCpuApicIdOrderTable[LocalApicCounter].ApicId;
> -  LocalApicPtr->AcpiProcessorId =
> (UINT8)mCpuApicIdOrderTable[LocalApicCounter].AcpiProcessorId;
> +  LocalApicPtr->Flags=
> (UINT8)mCpuApicIdOrderTable[LocalApicCounter].Flags;
> +  

Re: [edk2-devel] [edk2-platforms][PATCH v2 0/5] MinPlatformPkg: TestPointCheckLib bug fixes and improvements

[Nate DeSimone]

The series has been pushed as 5b257da~..89fb75a

Thanks,
Nate

> -Original Message-
> From: mikub...@linux.microsoft.com 
> Sent: Thursday, August 5, 2021 6:33 PM
> To: devel@edk2.groups.io
> Cc: Chiu, Chasel ; Desimone, Nathaniel L
> ; Liming Gao
> ; Dong, Eric 
> Subject: [edk2-platforms][PATCH v2 0/5] MinPlatformPkg: TestPointCheckLib
> bug fixes and improvements
> 
> From: Michael Kubacki 
> 
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3531
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3518
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3520
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3521
> 
> This patch series groups together several bug fixes and improvements to
> TestPointCheckLib. The first patch is required for the others since it fixes a
> MinPlatformPkg build issue that occurs with the current edk2/master branch.
> 
> V2 changes:
> 1. Added Reviewed-by replies received for v1 series 2. [v1 2/5]: Added a
> ZeroMem() for the ProtocolCapability buffer 3. [v1 3/5]: Added a #define for
> the byte index 6 parameter
> 
> Cc: Chasel Chiu 
> Cc: Nate DeSimone 
> Cc: Liming Gao 
> Cc: Eric Dong 
> Signed-off-by: Michael Kubacki 
> 
> Michael Kubacki (5):
>   MinPlatformPkg/TestPointCheckLib: Fix MessageLength cast issue
>   MinPlatformPkg/TestPointCheckLib: Set required size field in protocol
>   MinPlatformPkg/TestPointCheckLib: Fix incorrect array index
>   MinPlatformPkg/TestPointCheckLib: Improve adjacent region checking
>   MinPlatformPkg/TestPointCheckLib: Make OutTable parameter optional
> 
> 
> Platform/Intel/MinPlatformPkg/Test/Library/TestPointCheckLib/DxeCheckA
> cpi.c | 32 +--
> 
> Platform/Intel/MinPlatformPkg/Test/Library/TestPointCheckLib/DxeCheckS
> miHandlerInstrument.c |  4 +-
> 
> Platform/Intel/MinPlatformPkg/Test/Library/TestPointCheckLib/DxeCheckS
> mmInfo.c  | 56 ++--
> 
> Platform/Intel/MinPlatformPkg/Test/Library/TestPointCheckLib/DxeCheckTc
> gTrustedBoot.c   |  3 ++
> 
> Platform/Intel/MinPlatformPkg/Test/Library/TestPointCheckLib/DxeTestPoi
> ntCheckLib.c | 15 +-
> 
> Platform/Intel/MinPlatformPkg/Test/Library/TestPointCheckLib/SmmTestPo
> intCheckLib.c | 26 +
>  Platform/Intel/MinPlatformPkg/Test/TestPointStubDxe/TestPointStubDxe.c
> | 10 ++--
>  Platform/Intel/MinPlatformPkg/Include/Library/TestPointCheckLib.h
> |  1 +
> 
> Platform/Intel/MinPlatformPkg/Test/Library/TestPointCheckLib/DxeTestPoi
> ntCheckLib.inf   |  2 +
>  9 files changed, 87 insertions(+), 62 deletions(-)
> 
> --
> 2.28.0.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78987): https://edk2.groups.io/g/devel/message/78987
Mute This Topic: https://groups.io/mt/84699696/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [edk2-platforms][PATCH v2 0/5] MinPlatformPkg: TestPointCheckLib bug fixes and improvements

[Nate DeSimone]

For the series...

Reviewed-by: Nate DeSimone 

> -Original Message-
> From: mikub...@linux.microsoft.com 
> Sent: Thursday, August 5, 2021 6:33 PM
> To: devel@edk2.groups.io
> Cc: Chiu, Chasel ; Desimone, Nathaniel L
> ; Liming Gao
> ; Dong, Eric 
> Subject: [edk2-platforms][PATCH v2 0/5] MinPlatformPkg: TestPointCheckLib
> bug fixes and improvements
> 
> From: Michael Kubacki 
> 
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3531
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3518
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3520
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3521
> 
> This patch series groups together several bug fixes and improvements to
> TestPointCheckLib. The first patch is required for the others since it fixes a
> MinPlatformPkg build issue that occurs with the current edk2/master branch.
> 
> V2 changes:
> 1. Added Reviewed-by replies received for v1 series 2. [v1 2/5]: Added a
> ZeroMem() for the ProtocolCapability buffer 3. [v1 3/5]: Added a #define for
> the byte index 6 parameter
> 
> Cc: Chasel Chiu 
> Cc: Nate DeSimone 
> Cc: Liming Gao 
> Cc: Eric Dong 
> Signed-off-by: Michael Kubacki 
> 
> Michael Kubacki (5):
>   MinPlatformPkg/TestPointCheckLib: Fix MessageLength cast issue
>   MinPlatformPkg/TestPointCheckLib: Set required size field in protocol
>   MinPlatformPkg/TestPointCheckLib: Fix incorrect array index
>   MinPlatformPkg/TestPointCheckLib: Improve adjacent region checking
>   MinPlatformPkg/TestPointCheckLib: Make OutTable parameter optional
> 
> 
> Platform/Intel/MinPlatformPkg/Test/Library/TestPointCheckLib/DxeCheckA
> cpi.c | 32 +--
> 
> Platform/Intel/MinPlatformPkg/Test/Library/TestPointCheckLib/DxeCheckS
> miHandlerInstrument.c |  4 +-
> 
> Platform/Intel/MinPlatformPkg/Test/Library/TestPointCheckLib/DxeCheckS
> mmInfo.c  | 56 ++--
> 
> Platform/Intel/MinPlatformPkg/Test/Library/TestPointCheckLib/DxeCheckTc
> gTrustedBoot.c   |  3 ++
> 
> Platform/Intel/MinPlatformPkg/Test/Library/TestPointCheckLib/DxeTestPoi
> ntCheckLib.c | 15 +-
> 
> Platform/Intel/MinPlatformPkg/Test/Library/TestPointCheckLib/SmmTestPo
> intCheckLib.c | 26 +
>  Platform/Intel/MinPlatformPkg/Test/TestPointStubDxe/TestPointStubDxe.c
> | 10 ++--
>  Platform/Intel/MinPlatformPkg/Include/Library/TestPointCheckLib.h
> |  1 +
> 
> Platform/Intel/MinPlatformPkg/Test/Library/TestPointCheckLib/DxeTestPoi
> ntCheckLib.inf   |  2 +
>  9 files changed, 87 insertions(+), 62 deletions(-)
> 
> --
> 2.28.0.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78986): https://edk2.groups.io/g/devel/message/78986
Mute This Topic: https://groups.io/mt/84699696/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [edk2-platforms][PATCH v1 1/1] MinPlatformPkg/TestPointCheckLib: Add support for BME device exemption

[Michael Kubacki]

From: Chris Ruffin 

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3541

Some platforms have devices which do not expose any additional
risk of DMA attacks but the BME bit cannot be disabled.

To allow MinPlatformPkg consumers to selectively exempt certain
devices from the PCI bus master test point, this change adds a
PCD to MinPlatformPkg.dec that allows those packages to specify
a list of PCI devices by S/B/D/F that should be excluded from
testing.

Cc: Chasel Chiu 
Cc: Nate DeSimone 
Cc: Liming Gao 
Cc: Eric Dong 
Cc: Chris Ruffin 
Co-authored-by: Michael Kubacki 
Signed-off-by: Michael Kubacki 
---
 Platform/Intel/MinPlatformPkg/Test/Library/TestPointCheckLib/DxeCheckPci.c 
   | 37 ++--
 Platform/Intel/MinPlatformPkg/Test/Library/TestPointCheckLib/PeiCheckPci.c 
   | 35 ++
 Platform/Intel/MinPlatformPkg/MinPlatformPkg.dec   
   |  4 +++
 
Platform/Intel/MinPlatformPkg/Test/Library/TestPointCheckLib/DxeTestPointCheckLib.inf
 |  1 +
 
Platform/Intel/MinPlatformPkg/Test/Library/TestPointCheckLib/PeiTestPointCheckLib.inf
 |  1 +
 5 files changed, 75 insertions(+), 3 deletions(-)

diff --git 
a/Platform/Intel/MinPlatformPkg/Test/Library/TestPointCheckLib/DxeCheckPci.c 
b/Platform/Intel/MinPlatformPkg/Test/Library/TestPointCheckLib/DxeCheckPci.c
index 514003944758..95f4fb8b7c7e 100644
--- a/Platform/Intel/MinPlatformPkg/Test/Library/TestPointCheckLib/DxeCheckPci.c
+++ b/Platform/Intel/MinPlatformPkg/Test/Library/TestPointCheckLib/DxeCheckPci.c
@@ -44,6 +44,13 @@ typedef struct {
   UINT32Data[48];
 } PCI_CONFIG_SPACE;
 
+typedef struct {
+  UINT8 Segment;
+  UINT8 Bus;
+  UINT8 Device;
+  UINT8 Function;
+} EXEMPT_DEVICE;
+
 #pragma pack()
 
 VOID
@@ -256,7 +263,7 @@ TestPointCheckPciResource (
   UINT16MinBus;
   UINT16MaxBus;
   BOOLEAN   IsEnd;
-  
+
   DEBUG ((DEBUG_INFO, " TestPointCheckPciResource - Enter\n"));
   HandleBuf = NULL;
   Status = gBS->LocateHandleBuffer (
@@ -338,7 +345,7 @@ TestPointCheckPciResource (
 // Device
 DumpPciDevice ((UINT8)Bus, (UINT8)Device, (UINT8)Func, 
);
   }
-  
+
   //
   // If this is not a multi-function device, we can leave the loop
   // to deal with the next device.
@@ -360,7 +367,7 @@ TestPointCheckPciResource (
   }
 }
   }
-  
+
 Done:
   if (HandleBuf != NULL) {
 FreePool (HandleBuf);
@@ -396,6 +403,9 @@ TestPointCheckPciBusMaster (
   UINT8 HeaderType;
   EFI_STATUSStatus;
   PCI_SEGMENT_INFO  *PciSegmentInfo;
+  EXEMPT_DEVICE *ExemptDevicePcdPtr;
+  BOOLEAN   ExemptDeviceFound;
+  UINTN Index;
 
   PciSegmentInfo = GetPciSegmentInfo ();
   if (PciSegmentInfo == NULL) {
@@ -407,6 +417,27 @@ TestPointCheckPciBusMaster (
 for (Bus = PciSegmentInfo[Segment].StartBusNumber; Bus <= 
PciSegmentInfo[Segment].EndBusNumber; Bus++) {
   for (Device = 0; Device <= 0x1F; Device++) {
 for (Function = 0; Function <= 0x7; Function++) {
+  //
+  // Some platforms have devices which do not expose any additional
+  // risk of DMA attacks but are not able to be turned off.  Allow
+  // the platform to define these devices and do not record errors
+  // for these devices.
+  //
+  ExemptDevicePcdPtr = (EXEMPT_DEVICE *) PcdGetPtr 
(PcdTestPointIbvPlatformExemptPciBme);
+  ExemptDeviceFound = FALSE;
+  for (Index = 0; Index < (PcdGetSize 
(PcdTestPointIbvPlatformExemptPciBme) / sizeof (EXEMPT_DEVICE)); Index++) {
+if (Segment == ExemptDevicePcdPtr[Index].Segment
+&& Bus == ExemptDevicePcdPtr[Index].Bus
+&& Device == ExemptDevicePcdPtr[Index].Device
+&& Function == ExemptDevicePcdPtr[Index].Function) {
+  ExemptDeviceFound = TRUE;
+}
+  }
+
+  if (ExemptDeviceFound) {
+continue;
+  }
+
   VendorId = PciSegmentRead16 
(PCI_SEGMENT_LIB_ADDRESS(PciSegmentInfo[Segment].SegmentNumber, Bus, Device, 
Function, PCI_VENDOR_ID_OFFSET));
   //
   // If VendorId = 0x, there does not exist a device at this
diff --git 
a/Platform/Intel/MinPlatformPkg/Test/Library/TestPointCheckLib/PeiCheckPci.c 
b/Platform/Intel/MinPlatformPkg/Test/Library/TestPointCheckLib/PeiCheckPci.c
index 1061f8ac1c62..25c3caba6eed 100644
--- a/Platform/Intel/MinPlatformPkg/Test/Library/TestPointCheckLib/PeiCheckPci.c
+++ b/Platform/Intel/MinPlatformPkg/Test/Library/TestPointCheckLib/PeiCheckPci.c
@@ -14,6 +14,17 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #include 
 #include 
 
+#pragma pack(1)
+
+ typedef struct EXEMPT_DEVICE_STRUCT {
+  UINT8 Segment;
+  UINT8 Bus;
+  UINT8 Device;
+  UINT8 Function;
+} EXEMPT_DEVICE;
+
+#pragma pack()
+
 EFI_STATUS

Re: [edk2-devel] [PATCH v2 0/4] Ovmf: Disable the TPM2 platform hierarchy

[Stefan Berger]

On 8/9/21 1:54 PM, James Bottomley wrote:

On Mon, 2021-08-09 at 12:37 -0400, Stefan Berger wrote:

This series imports code from the edk2-platforms project related to
changing the password of the TPM2 platform hierarchy and uses it to
disable the TPM2 platform hierarchy in Ovmf. It addresses the Ovmf
aspects of the following bugs:

https://bugzilla.tianocore.org/show_bug.cgi?id=3510
https://bugzilla.tianocore.org/show_bug.cgi?id=3499

This raises a couple of issues:

1. Since OVMF is for all x86 virtual platforms not just the PC ones,
   should it be following the PC client spec for everything?  I notice
   you left out Xen and Bhyve ... should they never follow this?


I am not sure how to build Bhyve but one part of the patch is already 
there for it in this series:



If this is how you build Bhyve I am getting a build failure already 
before these patches here are applied.


build -p OvmfPkg/Bhyve/BhyveX64.dsc -b DEBUG -a X64 -t GCC5 -D 
TPM_ENABLE -D TPM_CONFIG_ENABLE -D SECURE_BOOT_ENABLE -D 
NETWORK_TLS_ENABLE 2>&1 | tee build.log

Build environment: Linux-5.12.14-300.fc34.x86_64-x86_64-with-glibc2.33
Build start time: 14:21:41, Aug.09 2021

WORKSPACE    = /home/stefanb/dev/edk2
EDK_TOOLS_PATH   = /home/stefanb/dev/edk2/BaseTools
CONF_PATH    = /home/stefanb/dev/edk2/Conf
PYTHON_COMMAND   = /usr/bin/python3.9


Processing meta-data .
Architecture(s)  = X64
Build target = DEBUG
Toolchain    = GCC5

Active Platform  = /home/stefanb/dev/edk2/OvmfPkg/Bhyve/BhyveX64.dsc


build.py...
/home/stefanb/dev/edk2/OvmfPkg/Bhyve/BhyveX64.dsc(198): error 000E: 
File/directory not found in workspace

/home/stefanb/dev/edk2/OvmfPkg/Bhyve/Library/PlatformSecureLib/PlatformSecureLib.inf



2. Since OVMF is effectively both the platform and the firmware, what
   attitude should we take to code in edk2-platforms?  There are
   arguments for pulling all the necessary components into OVMF, but it
   could also be argued that the VMM should take care of all the edk2-
   platforms pieces and OVMF should be strictly firmware.


That's what I had been wondering about in V1 as well. This import here 
now followed the option 2 in that discussion and I cut out basically 
only the function that disables the platform hierarchy rather than 
setting a random password, which I kept since it didn't seem to require 
further dependencies. to be imported from edk2-platforms.





Getting 2. sorted out is probably the more pressing policy issue for
us.

James





-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78984): https://edk2.groups.io/g/devel/message/78984
Mute This Topic: https://groups.io/mt/84773154/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v2 0/4] Ovmf: Disable the TPM2 platform hierarchy

[James Bottomley]

On Mon, 2021-08-09 at 12:37 -0400, Stefan Berger wrote:
> This series imports code from the edk2-platforms project related to
> changing the password of the TPM2 platform hierarchy and uses it to
> disable the TPM2 platform hierarchy in Ovmf. It addresses the Ovmf
> aspects of the following bugs:
> 
> https://bugzilla.tianocore.org/show_bug.cgi?id=3510
> https://bugzilla.tianocore.org/show_bug.cgi?id=3499

This raises a couple of issues:

   1. Since OVMF is for all x86 virtual platforms not just the PC ones,
  should it be following the PC client spec for everything?  I notice
  you left out Xen and Bhyve ... should they never follow this?
   2. Since OVMF is effectively both the platform and the firmware, what
  attitude should we take to code in edk2-platforms?  There are
  arguments for pulling all the necessary components into OVMF, but it
  could also be argued that the VMM should take care of all the edk2-
  platforms pieces and OVMF should be strictly firmware.

Getting 2. sorted out is probably the more pressing policy issue for
us.

James




-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78983): https://edk2.groups.io/g/devel/message/78983
Mute This Topic: https://groups.io/mt/84773154/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 2/3] OvmfPkg/ResetVector: update SEV support to use new work area format

[Brijesh Singh via groups.io]

On 8/9/21 11:54 AM, Tom Lendacky wrote:

On 8/4/21 3:20 PM, Brijesh Singh wrote:

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

Update the SEV support to switch to using the newer work area format.

Cc: James Bottomley 
Cc: Min Xu 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Jordan Justen 
Cc: Ard Biesheuvel 
Cc: Erdem Aktas 
Signed-off-by: Brijesh Singh 
---
  OvmfPkg/ResetVector/ResetVector.inf   |  1 +
  OvmfPkg/Sec/SecMain.inf   |  1 +
  OvmfPkg/Sec/SecMain.c | 25 ++-
  OvmfPkg/ResetVector/Ia32/AmdSev.asm   |  8 
  OvmfPkg/ResetVector/Ia32/PageTables64.asm |  4 
  OvmfPkg/ResetVector/ResetVector.nasmb |  1 +
  6 files changed, 39 insertions(+), 1 deletion(-)

diff --git a/OvmfPkg/ResetVector/ResetVector.inf 
b/OvmfPkg/ResetVector/ResetVector.inf
index d028c92d8cfa..6ec9cca40c3a 100644
--- a/OvmfPkg/ResetVector/ResetVector.inf
+++ b/OvmfPkg/ResetVector/ResetVector.inf
@@ -34,6 +34,7 @@ [BuildOptions]
 *_*_X64_NASMB_FLAGS = -I$(WORKSPACE)/UefiCpuPkg/ResetVector/Vtf0/
  
  [Pcd]

+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaBase


Laszlo was trying to keep things sorted, so you should move this down to
the end of the list.


Yes, I will try to keep it sorted.





gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBase
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbSize
diff --git a/OvmfPkg/Sec/SecMain.inf b/OvmfPkg/Sec/SecMain.inf
index 7f78dcee2772..82910dcbd5c2 100644
--- a/OvmfPkg/Sec/SecMain.inf
+++ b/OvmfPkg/Sec/SecMain.inf
@@ -56,6 +56,7 @@ [Ppis]
gEfiTemporaryRamSupportPpiGuid# PPI ALWAYS_PRODUCED
  
  [Pcd]

+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaBase


Ditto here, even though the list isn't truly sorted to begin with.


Noted.




gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfPeiMemFvBase
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfPeiMemFvSize
diff --git a/OvmfPkg/Sec/SecMain.c b/OvmfPkg/Sec/SecMain.c
index 9db67e17b2aa..dda572c7ad7d 100644
--- a/OvmfPkg/Sec/SecMain.c
+++ b/OvmfPkg/Sec/SecMain.c
@@ -807,6 +807,29 @@ SevEsProtocolCheck (
Ghcb->GhcbUsage = GHCB_STANDARD_USAGE;
  }
  
+/**

+ Determine if the SEV is active.
+
+ During the early booting, GuestType is set in the work area. Verify that it
+ is an SEV guest.
+
+ @retval TRUE   SEV is enabled
+ @retval FALSE  SEV is not enabled
+
+**/
+STATIC
+BOOLEAN
+IsSevGuest (
+  VOID
+  )
+{
+  OVMF_WORK_AREA *WorkArea;
+
+  WorkArea = (OVMF_WORK_AREA *) FixedPcdGet32 (PcdOvmfWorkAreaBase);
+
+  return ((WorkArea != NULL) && (WorkArea->GuestType == GUEST_TYPE_AMD_SEV));
+}
+
  /**
Determine if SEV-ES is active.
  
@@ -828,7 +851,7 @@ SevEsIsEnabled (
  
SevEsWorkArea = (SEC_SEV_ES_WORK_AREA *) FixedPcdGet32 (PcdSevEsWorkAreaBase);
  
-  return ((SevEsWorkArea != NULL) && (SevEsWorkArea->SevEsEnabled != 0));

+  return (((IsSevGuest()) && SevEsWorkArea != NULL) && 
(SevEsWorkArea->SevEsEnabled != 0));


The IsSevGuest() function checks for a NULL work area, so there's no need
to check for SevEsWorkArea being non-NULL now. I think it would read
better, though, to do:

 if (!IsSevGuest ()) {
   return FALSE;
 }

 SevEsWorkArea = ...

 return (SevEsWorkArea->SevEsEnabled != 0);


  }
  


Sure, it makes it a bit more readiable and avoids unessary checks.


  VOID
diff --git a/OvmfPkg/ResetVector/Ia32/AmdSev.asm 
b/OvmfPkg/ResetVector/Ia32/AmdSev.asm
index aa95d06eaddb..87d81b01e263 100644
--- a/OvmfPkg/ResetVector/Ia32/AmdSev.asm
+++ b/OvmfPkg/ResetVector/Ia32/AmdSev.asm
@@ -171,6 +171,9 @@ CheckSevFeatures:
  bteax, 0
  jnc   NoSev
  
+; Set the work area header to indicate that the SEV is enabled


s/the SEV/SEV/


Noted.



+mov byte[WORK_AREA_GUEST_TYPE], 1


The "1" should probably be defined in ResetVector.nasmb as a %define.


Sure, I will define the constant




+
  ; Check for SEV-ES memory encryption feature:
  ; CPUID  Fn8000_001F[EAX] - Bit 3
  ;   CPUID raises a #VC exception if running as an SEV-ES guest
@@ -257,6 +260,11 @@ SevExit:
  IsSevEsEnabled:
  xor   eax, eax
  
+; During CheckSevFeatures, the WORK_AREA_GUEST_TYPE is set

+; to 1 if SEV is enabled.
+cmp   byte[WORK_AREA_GUEST_TYPE], 1
+jne   SevEsDisabled
+
  ; During CheckSevFeatures, the SEV_ES_WORK_AREA was set to 1 if
  ; SEV-ES is enabled.
  cmp   byte[SEV_ES_WORK_AREA], 1
diff --git a/OvmfPkg/ResetVector/Ia32/PageTables64.asm 
b/OvmfPkg/ResetVector/Ia32/PageTables64.asm
index eacdb69ddb9f..f688909f1c7d 100644
--- a/OvmfPkg/ResetVector/Ia32/PageTables64.asm
+++ b/OvmfPkg/ResetVector/Ia32/PageTables64.asm
@@ -42,6 +42,10 @@ BITS32
  ;
  SetCr3ForPageTables64:
  
+; Clear the WorkArea header. The SEV probe routines will populate the


How about:
 ; Initialize the WorkArea header to indicate a legacy guest. The ...


+; work area 

Re: [edk2-devel] [PATCH 1/3] OvmfPkg: introduce a common work area

[Brijesh Singh via groups.io]

On 8/9/21 11:40 AM, Tom Lendacky wrote:

On 8/4/21 3:20 PM, Brijesh Singh wrote:

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

Both the TDX and SEV support needs to reserve a page in MEMFD as a work
area. The page will contain meta data specific to the guest type.
Currently, the SEV-ES support reserves a page in MEMFD
(PcdSevEsWorkArea) for the work area. This page can be reused as a TDX
work area when Intel TDX is enabled.

Based on the discussion [1], it was agreed to rename the SevEsWorkArea
to the OvmfWorkArea, and add a header that can be used to indicate the
work area type.

[1] https://edk2.groups.io/g/devel/message/78262?p=,,,20,0,0,0::\
 created,0,SNP,20,2,0,84476064

Cc: James Bottomley 
Cc: Min Xu 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Jordan Justen 
Cc: Ard Biesheuvel 
Cc: Erdem Aktas 
Signed-off-by: Brijesh Singh 
---
  OvmfPkg/OvmfPkg.dec|  6 +++
  OvmfPkg/OvmfPkgX64.fdf |  9 +++-
  OvmfPkg/PlatformPei/PlatformPei.inf|  4 +-
  OvmfPkg/Include/Library/MemEncryptSevLib.h | 21 +
  OvmfPkg/Include/WorkArea.h | 53 ++
  OvmfPkg/PlatformPei/MemDetect.c| 32 ++---
  6 files changed, 85 insertions(+), 40 deletions(-)
  create mode 100644 OvmfPkg/Include/WorkArea.h

diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
index 2ab27f0c73c2..9d31ec45c78a 100644
--- a/OvmfPkg/OvmfPkg.dec
+++ b/OvmfPkg/OvmfPkg.dec
@@ -330,6 +330,12 @@ [PcdsFixedAtBuild]
gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableBase|0x0|UINT32|0x47
gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableSize|0x0|UINT32|0x48
  
+  ## The base address and size of the work area used during the SEC

+  # phase by the SEV and TDX supports.
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaBase|0|UINT32|0x49
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaSize|0|UINT32|0x50
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaHeaderSize|4|UINT32|0x51
+
  [PcdsDynamic, PcdsDynamicEx]
gUefiOvmfPkgTokenSpaceGuid.PcdEmuVariableEvent|0|UINT64|2
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashVariablesEnable|FALSE|BOOLEAN|0x10
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
index 5fa8c0895808..418e0ea5add4 100644
--- a/OvmfPkg/OvmfPkgX64.fdf
+++ b/OvmfPkg/OvmfPkgX64.fdf
@@ -83,7 +83,7 @@ [FD.MEMFD]
  
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbSize
  
  0x00B000|0x001000

-gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase|gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaSize
+gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaSize
  
  0x00C000|0x001000

  
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupSize
@@ -99,6 +99,13 @@ [FD.MEMFD]
  
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfDxeMemFvBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfDxeMemFvSize
  FV = DXEFV
  
+##

+# SEV specific PCD settings
+SET gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaHeaderSize = 0x4
+SET gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase = $(MEMFD_BASE_ADDRESS) +  
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaBase + 
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaHeaderSize
+SET gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaSize = 
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaSize - 
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaHeaderSize
+##
+
  

  
  [FV.SECFV]

diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf 
b/OvmfPkg/PlatformPei/PlatformPei.inf
index 89d1f7636870..67eb7aa7166b 100644
--- a/OvmfPkg/PlatformPei/PlatformPei.inf
+++ b/OvmfPkg/PlatformPei/PlatformPei.inf
@@ -116,8 +116,8 @@ [FixedPcd]
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesData
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupBase
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupSize
-  gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase
-  gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaSize
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaBase
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaSize
  
  [FeaturePcd]

gUefiOvmfPkgTokenSpaceGuid.PcdCsmEnable
diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h 
b/OvmfPkg/Include/Library/MemEncryptSevLib.h
index 76d06c206c8b..adc490e466ec 100644
--- a/OvmfPkg/Include/Library/MemEncryptSevLib.h
+++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h
@@ -12,6 +12,7 @@
  #define _MEM_ENCRYPT_SEV_LIB_H_
  
  #include 

+#include 
  
  //

  // Define the maximum number of #VCs allowed (e.g. the level of nesting
@@ -36,26 +37,6 @@ typedef struct {
VOID*GhcbBackupPages;
  } SEV_ES_PER_CPU_DATA;
  
-//

-// Internal structure for holding SEV-ES information needed during SEC phase
-// and valid only during SEC phase and early PEI during platform
-// initialization.
-//
-// This structure is 

Re: [edk2-devel] [PATCH 3/3] OvmfPkg/ResetVector: move the GHCB page setup in AmdSev.asm

[Lendacky, Thomas via groups.io]

On 8/4/21 3:20 PM, Brijesh Singh wrote:
> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3429
> 
> While build the initial page table, the SetCr3ForPageTables64 checks
> whether SEV-ES is enabled. If so, clear the page encryption mask from the
> GHCB page. Move the logic to clear the page encryption mask in the
> AmdSev.asm.
> 
> Cc: James Bottomley 
> Cc: Min Xu 
> Cc: Jiewen Yao 
> Cc: Tom Lendacky 
> Cc: Jordan Justen 
> Cc: Ard Biesheuvel 
> Cc: Erdem Aktas 
> Signed-off-by: Brijesh Singh 
> ---
>  OvmfPkg/ResetVector/Ia32/AmdSev.asm   | 113 +-
>  OvmfPkg/ResetVector/Ia32/PageTables64.asm |  53 ++
>  2 files changed, 94 insertions(+), 72 deletions(-)
> 
> diff --git a/OvmfPkg/ResetVector/Ia32/AmdSev.asm 
> b/OvmfPkg/ResetVector/Ia32/AmdSev.asm
> index 87d81b01e263..fd2e6abcd4a0 100644
> --- a/OvmfPkg/ResetVector/Ia32/AmdSev.asm
> +++ b/OvmfPkg/ResetVector/Ia32/AmdSev.asm
> @@ -44,6 +44,27 @@ BITS32
>  ; The unexpected response code
>  %define TERM_UNEXPECTED_RESP_CODE   2
>  
> +%define PAGE_PRESENT0x01
> +%define PAGE_READ_WRITE 0x02
> +%define PAGE_USER_SUPERVISOR0x04
> +%define PAGE_WRITE_THROUGH  0x08
> +%define PAGE_CACHE_DISABLE 0x010
> +%define PAGE_ACCESSED  0x020
> +%define PAGE_DIRTY 0x040
> +%define PAGE_PAT   0x080
> +%define PAGE_GLOBAL   0x0100
> +%define PAGE_2M_MBO0x080
> +%define PAGE_2M_PAT  0x01000
> +
> +%define PAGE_4K_PDE_ATTR (PAGE_ACCESSED + \
> +  PAGE_DIRTY + \
> +  PAGE_READ_WRITE + \
> +  PAGE_PRESENT)
> +
> +%define PAGE_PDP_ATTR (PAGE_ACCESSED + \
> +   PAGE_READ_WRITE + \
> +   PAGE_PRESENT)
> +
>  
>  ; Macro is used to issue the MSR protocol based VMGEXIT. The caller is
>  ; responsible to populate values in the EDX:EAX registers. After the vmmcall
> @@ -117,6 +138,72 @@ BITS32
>  SevEsUnexpectedRespTerminate:
>  TerminateVmgExitTERM_UNEXPECTED_RESP_CODE
>  
> +; If SEV-ES is enabled then initialize the make the GHCB page shared

s/the make/and make/ ?

> +SevClearPageEncMaskFromGHCBPage:

Just a nit, maybe SevClearPageEncMaskForGhcbPage?

> +; Check if SEV is enabled
> +cmp   byte[WORK_AREA_GUEST_TYPE], 1
> +jnz   SevClearPageEncMaskFromGHCBPageExit
> +
> +; Check if SEV-ES is enabled
> +cmp   byte[SEV_ES_WORK_AREA], 1
> +jnz   SevClearPageEncMaskFromGHCBPageExit
> +
> +;
> +; The initial GHCB will live at GHCB_BASE and needs to be un-encrypted.
> +; This requires the 2MB page for this range be broken down into 512 4KB
> +; pages.  All will be marked encrypted, except for the GHCB.
> +;
> +mov ecx, (GHCB_BASE >> 21)
> +mov eax, GHCB_PT_ADDR + PAGE_PDP_ATTR
> +mov [ecx * 8 + PT_ADDR (0x2000)], eax
> +
> +;
> +; Page Table Entries (512 * 4KB entries => 2MB)
> +;
> +mov ecx, 512
> +pageTableEntries4kLoop:
> +mov eax, ecx
> +dec eax
> +shl eax, 12
> +add eax, GHCB_BASE & 0xFFE0_
> +add eax, PAGE_4K_PDE_ATTR
> +mov [ecx * 8 + GHCB_PT_ADDR - 8], eax
> +mov [(ecx * 8 + GHCB_PT_ADDR - 8) + 4], edx
> +looppageTableEntries4kLoop
> +
> +;
> +; Clear the encryption bit from the GHCB entry
> +;
> +mov ecx, (GHCB_BASE & 0x1F_) >> 12
> +mov [ecx * 8 + GHCB_PT_ADDR + 4], strict dword 0
> +
> +mov ecx, GHCB_SIZE / 4
> +xor eax, eax
> +clearGhcbMemoryLoop:
> +mov dword[ecx * 4 + GHCB_BASE - 4], eax
> +loopclearGhcbMemoryLoop
> +
> +SevClearPageEncMaskFromGHCBPageExit:
> +OneTimeCallRet SevClearPageEncMaskFromGHCBPage
> +
> +; Check if SEV is enabled, and get the C-bit mask above 31.
> +; Modified: EDX
> +;
> +; The value is returned in the EDX
> +GetSevCBitMaskAbove31:
> +; Check if SEV is enabled
> +cmp   byte[WORK_AREA_GUEST_TYPE], 1
> +jnz   NoCbitValue
> +
> +mov   edx, dword[SEV_ES_WORK_AREA_ENC_MASK + 4]
> +jmp   GetSevCBitMaskAbove31Exit
> +
> +NoCbitValue:
> +xor   edx, edx

How about moving the xor as the first line of this routine and jumping to
GetSevCBitMaskAbove31Exit if the first cmp is non-zero. Then you can just
do the move from SEV_ES_WORK_AREA_ENC_MASK + 4 and eliminate the extra jmp
statement and NoCbitValue label.

Thanks,
Tom

> +
> +GetSevCBitMaskAbove31Exit:
> +OneTimeCallRet GetSevCBitMaskAbove31
> +
>  ; Check if Secure Encrypted Virtualization (SEV) features are enabled.
>  ;
>  ; Register usage is tight in this routine, so multiple calls for the
> @@ -249,32 +336,6 @@ SevExit:
>  
>  OneTimeCallRet CheckSevFeatures
>  
> -; Check if Secure Encrypted Virtualization - Encrypted State (SEV-ES) feature
> -; is enabled.
> -;
> -; Modified:  EAX
> -;
> -; If SEV-ES is enabled then EAX will be non-zero.
> -; If SEV-ES is 

Re: [edk2-devel] [PATCH 2/3] OvmfPkg/ResetVector: update SEV support to use new work area format

[Lendacky, Thomas via groups.io]

On 8/4/21 3:20 PM, Brijesh Singh wrote:
> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3429
> 
> Update the SEV support to switch to using the newer work area format.
> 
> Cc: James Bottomley 
> Cc: Min Xu 
> Cc: Jiewen Yao 
> Cc: Tom Lendacky 
> Cc: Jordan Justen 
> Cc: Ard Biesheuvel 
> Cc: Erdem Aktas 
> Signed-off-by: Brijesh Singh 
> ---
>  OvmfPkg/ResetVector/ResetVector.inf   |  1 +
>  OvmfPkg/Sec/SecMain.inf   |  1 +
>  OvmfPkg/Sec/SecMain.c | 25 ++-
>  OvmfPkg/ResetVector/Ia32/AmdSev.asm   |  8 
>  OvmfPkg/ResetVector/Ia32/PageTables64.asm |  4 
>  OvmfPkg/ResetVector/ResetVector.nasmb |  1 +
>  6 files changed, 39 insertions(+), 1 deletion(-)
> 
> diff --git a/OvmfPkg/ResetVector/ResetVector.inf 
> b/OvmfPkg/ResetVector/ResetVector.inf
> index d028c92d8cfa..6ec9cca40c3a 100644
> --- a/OvmfPkg/ResetVector/ResetVector.inf
> +++ b/OvmfPkg/ResetVector/ResetVector.inf
> @@ -34,6 +34,7 @@ [BuildOptions]
> *_*_X64_NASMB_FLAGS = -I$(WORKSPACE)/UefiCpuPkg/ResetVector/Vtf0/
>  
>  [Pcd]
> +  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaBase

Laszlo was trying to keep things sorted, so you should move this down to
the end of the list.

>gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase
>gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBase
>gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbSize
> diff --git a/OvmfPkg/Sec/SecMain.inf b/OvmfPkg/Sec/SecMain.inf
> index 7f78dcee2772..82910dcbd5c2 100644
> --- a/OvmfPkg/Sec/SecMain.inf
> +++ b/OvmfPkg/Sec/SecMain.inf
> @@ -56,6 +56,7 @@ [Ppis]
>gEfiTemporaryRamSupportPpiGuid# PPI ALWAYS_PRODUCED
>  
>  [Pcd]
> +  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaBase

Ditto here, even though the list isn't truly sorted to begin with.

>gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase
>gUefiOvmfPkgTokenSpaceGuid.PcdOvmfPeiMemFvBase
>gUefiOvmfPkgTokenSpaceGuid.PcdOvmfPeiMemFvSize
> diff --git a/OvmfPkg/Sec/SecMain.c b/OvmfPkg/Sec/SecMain.c
> index 9db67e17b2aa..dda572c7ad7d 100644
> --- a/OvmfPkg/Sec/SecMain.c
> +++ b/OvmfPkg/Sec/SecMain.c
> @@ -807,6 +807,29 @@ SevEsProtocolCheck (
>Ghcb->GhcbUsage = GHCB_STANDARD_USAGE;
>  }
>  
> +/**
> + Determine if the SEV is active.
> +
> + During the early booting, GuestType is set in the work area. Verify that it
> + is an SEV guest.
> +
> + @retval TRUE   SEV is enabled
> + @retval FALSE  SEV is not enabled
> +
> +**/
> +STATIC
> +BOOLEAN
> +IsSevGuest (
> +  VOID
> +  )
> +{
> +  OVMF_WORK_AREA *WorkArea;
> +
> +  WorkArea = (OVMF_WORK_AREA *) FixedPcdGet32 (PcdOvmfWorkAreaBase);
> +
> +  return ((WorkArea != NULL) && (WorkArea->GuestType == GUEST_TYPE_AMD_SEV));
> +}
> +
>  /**
>Determine if SEV-ES is active.
>  
> @@ -828,7 +851,7 @@ SevEsIsEnabled (
>  
>SevEsWorkArea = (SEC_SEV_ES_WORK_AREA *) FixedPcdGet32 
> (PcdSevEsWorkAreaBase);
>  
> -  return ((SevEsWorkArea != NULL) && (SevEsWorkArea->SevEsEnabled != 0));
> +  return (((IsSevGuest()) && SevEsWorkArea != NULL) && 
> (SevEsWorkArea->SevEsEnabled != 0));

The IsSevGuest() function checks for a NULL work area, so there's no need
to check for SevEsWorkArea being non-NULL now. I think it would read
better, though, to do:

if (!IsSevGuest ()) {
  return FALSE;
}

SevEsWorkArea = ...

return (SevEsWorkArea->SevEsEnabled != 0);

>  }
>  
>  VOID
> diff --git a/OvmfPkg/ResetVector/Ia32/AmdSev.asm 
> b/OvmfPkg/ResetVector/Ia32/AmdSev.asm
> index aa95d06eaddb..87d81b01e263 100644
> --- a/OvmfPkg/ResetVector/Ia32/AmdSev.asm
> +++ b/OvmfPkg/ResetVector/Ia32/AmdSev.asm
> @@ -171,6 +171,9 @@ CheckSevFeatures:
>  bteax, 0
>  jnc   NoSev
>  
> +; Set the work area header to indicate that the SEV is enabled

s/the SEV/SEV/

> +mov byte[WORK_AREA_GUEST_TYPE], 1

The "1" should probably be defined in ResetVector.nasmb as a %define.

> +
>  ; Check for SEV-ES memory encryption feature:
>  ; CPUID  Fn8000_001F[EAX] - Bit 3
>  ;   CPUID raises a #VC exception if running as an SEV-ES guest
> @@ -257,6 +260,11 @@ SevExit:
>  IsSevEsEnabled:
>  xor   eax, eax
>  
> +; During CheckSevFeatures, the WORK_AREA_GUEST_TYPE is set
> +; to 1 if SEV is enabled.
> +cmp   byte[WORK_AREA_GUEST_TYPE], 1
> +jne   SevEsDisabled
> +
>  ; During CheckSevFeatures, the SEV_ES_WORK_AREA was set to 1 if
>  ; SEV-ES is enabled.
>  cmp   byte[SEV_ES_WORK_AREA], 1
> diff --git a/OvmfPkg/ResetVector/Ia32/PageTables64.asm 
> b/OvmfPkg/ResetVector/Ia32/PageTables64.asm
> index eacdb69ddb9f..f688909f1c7d 100644
> --- a/OvmfPkg/ResetVector/Ia32/PageTables64.asm
> +++ b/OvmfPkg/ResetVector/Ia32/PageTables64.asm
> @@ -42,6 +42,10 @@ BITS32
>  ;
>  SetCr3ForPageTables64:
>  
> +; Clear the WorkArea header. The SEV probe routines will populate the

How about:
; Initialize the WorkArea header to indicate a legacy guest. The ...

> +; work area when detected.
> +mov 

[edk2-devel] [PATCH v2 0/4] Ovmf: Disable the TPM2 platform hierarchy

[Stefan Berger]

This series imports code from the edk2-platforms project related to
changing the password of the TPM2 platform hierarchy and uses it to
disable the TPM2 platform hierarchy in Ovmf. It addresses the Ovmf
aspects of the following bugs:

https://bugzilla.tianocore.org/show_bug.cgi?id=3510
https://bugzilla.tianocore.org/show_bug.cgi?id=3499

Regards,
  Stefan

Stefan Berger (4):
  OvmfPkg/TPM: Import PeiDxeTpmPlatformHierarchyLib.c from
edk2-platforms
  OvmfPkg/TPM: Add a NULL implementation of TpmPlatformHierarchyLib
  OvmfPkg: Reference new TPM classes in the build system for compilation
  OvmfPkg: Disable the TPM2 platform hierarchy

 OvmfPkg/AmdSev/AmdSevX64.dsc  |   3 +
 .../Include/Library/TpmPlatformHierarchyLib.h |  27 +++
 .../PeiDxeTpmPlatformHierarchyLib.c   | 210 ++
 .../PeiDxeTpmPlatformHierarchyLib.inf |  40 
 .../PeiDxeTpmPlatformHierarchyLib.c   |  19 ++
 .../PeiDxeTpmPlatformHierarchyLib.inf |  31 +++
 .../PlatformBootManagerLib/BdsPlatform.c  |   6 +
 .../PlatformBootManagerLib.inf|   1 +
 .../PlatformBootManagerLibBhyve/BdsPlatform.c |   6 +
 .../PlatformBootManagerLibGrub/BdsPlatform.c  |   6 +
 OvmfPkg/OvmfPkgIa32.dsc   |   3 +
 OvmfPkg/OvmfPkgIa32X64.dsc|   3 +
 OvmfPkg/OvmfPkgX64.dsc|   3 +
 13 files changed, 358 insertions(+)
 create mode 100644 OvmfPkg/Include/Library/TpmPlatformHierarchyLib.h
 create mode 100644 
OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.c
 create mode 100644 
OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf
 create mode 100644 
OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.c
 create mode 100644 
OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.inf

-- 
2.31.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78978): https://edk2.groups.io/g/devel/message/78978
Mute This Topic: https://groups.io/mt/84773154/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 1/3] OvmfPkg: introduce a common work area

[Lendacky, Thomas via groups.io]

On 8/4/21 3:20 PM, Brijesh Singh wrote:
> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3429
> 
> Both the TDX and SEV support needs to reserve a page in MEMFD as a work
> area. The page will contain meta data specific to the guest type.
> Currently, the SEV-ES support reserves a page in MEMFD
> (PcdSevEsWorkArea) for the work area. This page can be reused as a TDX
> work area when Intel TDX is enabled.
> 
> Based on the discussion [1], it was agreed to rename the SevEsWorkArea
> to the OvmfWorkArea, and add a header that can be used to indicate the
> work area type.
> 
> [1] https://edk2.groups.io/g/devel/message/78262?p=,,,20,0,0,0::\
> created,0,SNP,20,2,0,84476064
> 
> Cc: James Bottomley 
> Cc: Min Xu 
> Cc: Jiewen Yao 
> Cc: Tom Lendacky 
> Cc: Jordan Justen 
> Cc: Ard Biesheuvel 
> Cc: Erdem Aktas 
> Signed-off-by: Brijesh Singh 
> ---
>  OvmfPkg/OvmfPkg.dec|  6 +++
>  OvmfPkg/OvmfPkgX64.fdf |  9 +++-
>  OvmfPkg/PlatformPei/PlatformPei.inf|  4 +-
>  OvmfPkg/Include/Library/MemEncryptSevLib.h | 21 +
>  OvmfPkg/Include/WorkArea.h | 53 ++
>  OvmfPkg/PlatformPei/MemDetect.c| 32 ++---
>  6 files changed, 85 insertions(+), 40 deletions(-)
>  create mode 100644 OvmfPkg/Include/WorkArea.h
> 
> diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
> index 2ab27f0c73c2..9d31ec45c78a 100644
> --- a/OvmfPkg/OvmfPkg.dec
> +++ b/OvmfPkg/OvmfPkg.dec
> @@ -330,6 +330,12 @@ [PcdsFixedAtBuild]
>gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableBase|0x0|UINT32|0x47
>gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableSize|0x0|UINT32|0x48
>  
> +  ## The base address and size of the work area used during the SEC
> +  # phase by the SEV and TDX supports.
> +  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaBase|0|UINT32|0x49
> +  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaSize|0|UINT32|0x50
> +  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaHeaderSize|4|UINT32|0x51
> +
>  [PcdsDynamic, PcdsDynamicEx]
>gUefiOvmfPkgTokenSpaceGuid.PcdEmuVariableEvent|0|UINT64|2
>gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashVariablesEnable|FALSE|BOOLEAN|0x10
> diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
> index 5fa8c0895808..418e0ea5add4 100644
> --- a/OvmfPkg/OvmfPkgX64.fdf
> +++ b/OvmfPkg/OvmfPkgX64.fdf
> @@ -83,7 +83,7 @@ [FD.MEMFD]
>  
> gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbSize
>  
>  0x00B000|0x001000
> -gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase|gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaSize
> +gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaSize
>  
>  0x00C000|0x001000
>  
> gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupSize
> @@ -99,6 +99,13 @@ [FD.MEMFD]
>  
> gUefiOvmfPkgTokenSpaceGuid.PcdOvmfDxeMemFvBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfDxeMemFvSize
>  FV = DXEFV
>  
> +##
> +# SEV specific PCD settings
> +SET gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaHeaderSize = 0x4
> +SET gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase = $(MEMFD_BASE_ADDRESS) + 
>  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaBase + 
> gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaHeaderSize
> +SET gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaSize = 
> gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaSize - 
> gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaHeaderSize
> +##
> +
>  
> 
>  
>  [FV.SECFV]
> diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf 
> b/OvmfPkg/PlatformPei/PlatformPei.inf
> index 89d1f7636870..67eb7aa7166b 100644
> --- a/OvmfPkg/PlatformPei/PlatformPei.inf
> +++ b/OvmfPkg/PlatformPei/PlatformPei.inf
> @@ -116,8 +116,8 @@ [FixedPcd]
>gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesData
>gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupBase
>gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupSize
> -  gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase
> -  gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaSize
> +  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaBase
> +  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaSize
>  
>  [FeaturePcd]
>gUefiOvmfPkgTokenSpaceGuid.PcdCsmEnable
> diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h 
> b/OvmfPkg/Include/Library/MemEncryptSevLib.h
> index 76d06c206c8b..adc490e466ec 100644
> --- a/OvmfPkg/Include/Library/MemEncryptSevLib.h
> +++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h
> @@ -12,6 +12,7 @@
>  #define _MEM_ENCRYPT_SEV_LIB_H_
>  
>  #include 
> +#include 
>  
>  //
>  // Define the maximum number of #VCs allowed (e.g. the level of nesting
> @@ -36,26 +37,6 @@ typedef struct {
>VOID*GhcbBackupPages;
>  } SEV_ES_PER_CPU_DATA;
>  
> -//
> -// Internal structure for holding SEV-ES 

[edk2-devel] [PATCH v2 3/4] OvmfPkg: Reference new TPM classes in the build system for compilation

[Stefan Berger]

Compile the added TPM related code now.

Signed-off-by: Stefan Berger 
---
 OvmfPkg/AmdSev/AmdSevX64.dsc   | 3 +++
 .../Library/PlatformBootManagerLib/PlatformBootManagerLib.inf  | 1 +
 OvmfPkg/OvmfPkgIa32.dsc| 3 +++
 OvmfPkg/OvmfPkgIa32X64.dsc | 3 +++
 OvmfPkg/OvmfPkgX64.dsc | 3 +++
 5 files changed, 13 insertions(+)

diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
index e6cd10b759..db1deffcc8 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
@@ -209,9 +209,11 @@
   
Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLib.inf
   
Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf
   
TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
+  
TpmPlatformHierarchyLib|OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf
 !else
   
Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLib.inf
   
TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
+  
TpmPlatformHierarchyLib|OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.inf
 !endif
 
 [LibraryClasses.common]
@@ -836,6 +838,7 @@
   SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf {
 
   
Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf
+  
TpmPlatformHierarchyLib|OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf
   NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf
   
HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf
   NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
diff --git a/OvmfPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf 
b/OvmfPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
index e470b9a6a3..e7d1917022 100644
--- a/OvmfPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
+++ b/OvmfPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
@@ -56,6 +56,7 @@
   PlatformBmPrintScLib
   Tcg2PhysicalPresenceLib
   XenPlatformLib
+  TpmPlatformHierarchyLib
 
 [Pcd]
   gUefiOvmfPkgTokenSpaceGuid.PcdEmuVariableEvent
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index d1d92c97ba..7c2948c5e9 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -235,9 +235,11 @@
   
Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLib.inf
   
Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf
   
TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
+  
TpmPlatformHierarchyLib|OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf
 !else
   
Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLib.inf
   
TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
+  
TpmPlatformHierarchyLib|OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.inf
 !endif
 
 [LibraryClasses.common]
@@ -711,6 +713,7 @@
   SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf {
 
   
HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf
+  
TpmPlatformHierarchyLib|OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf
   NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
   NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
   NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index a467ab7090..88a014510f 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -239,9 +239,11 @@
   
Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLib.inf
   
Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf
   
TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
+  
TpmPlatformHierarchyLib|OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf
 !else
   
Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLib.inf
   
TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
+  
TpmPlatformHierarchyLib|OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.inf
 !endif
 
 [LibraryClasses.common]
@@ -1034,6 +1036,7 @@
   SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf {
 
   
Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf
+  

[edk2-devel] [PATCH v2 2/4] OvmfPkg/TPM: Add a NULL implementation of TpmPlatformHierarchyLib

[Stefan Berger]

Add a NULL implementation of the library class TpmPlatformHierarchyLib

Signed-off-by: Stefan Berger 
---
 .../PeiDxeTpmPlatformHierarchyLib.c   | 19 
 .../PeiDxeTpmPlatformHierarchyLib.inf | 31 +++
 2 files changed, 50 insertions(+)
 create mode 100644 
OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.c
 create mode 100644 
OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.inf

diff --git 
a/OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.c
 
b/OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.c
new file mode 100644
index 00..a4d38a1465
--- /dev/null
+++ 
b/OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.c
@@ -0,0 +1,19 @@
+/** @file
+Null TPM Platform Hierarchy configuration library.
+
+This library provides stub functions for customizing the TPM's Platform 
Hierarchy.
+
+Copyright (c) 2021, IBM Corporation.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include 
+
+VOID
+EFIAPI
+ConfigureTpmPlatformHierarchy (
+  )
+{
+  /* no nothing */
+}
diff --git 
a/OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.inf
 
b/OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.inf
new file mode 100644
index 00..f0c474d57c
--- /dev/null
+++ 
b/OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.inf
@@ -0,0 +1,31 @@
+### @file
+#
+#   TPM Platform Hierarchy configuration library.
+#
+#   This library provides functions for customizing the TPM's Platform 
Hierarchy
+#   Authorization Value (platformAuth) and Platform Hierarchy Authorization
+#   Policy (platformPolicy) can be defined through this function.
+#
+# Copyright (c) 2019, Intel Corporation. All rights reserved.
+# Copyright (c) Microsoft Corporation.
+#
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+###
+
+[Defines]
+  INF_VERSION= 0x00010005
+  BASE_NAME  = PeiDxeTpmPlatformHierarchyLibNull
+  FILE_GUID  = 7794F92C-4E8E-4E57-9E4A-49A0764C7D73
+  MODULE_TYPE= PEIM
+  VERSION_STRING = 1.0
+  LIBRARY_CLASS  = TpmPlatformHierarchyLib|PEIM DXE_DRIVER
+
+[LibraryClasses]
+  BaseLib
+
+[Packages]
+  MdePkg/MdePkg.dec
+
+[Sources]
+  PeiDxeTpmPlatformHierarchyLib.c
-- 
2.31.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78974): https://edk2.groups.io/g/devel/message/78974
Mute This Topic: https://groups.io/mt/84772835/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v2 1/4] OvmfPkg/TPM: Import PeiDxeTpmPlatformHierarchyLib.c from edk2-platforms

[Stefan Berger]

Import PeiDxeTpmPlatformHierarchyLib.c from edk2-platforms. Modify it so
that ConfigureTpmPlatformHierarchy() is the only public function provided
by this file.

Signed-off-by: Stefan Berger 
---
 .../Include/Library/TpmPlatformHierarchyLib.h |  27 +++
 .../PeiDxeTpmPlatformHierarchyLib.c   | 210 ++
 .../PeiDxeTpmPlatformHierarchyLib.inf |  40 
 3 files changed, 277 insertions(+)
 create mode 100644 OvmfPkg/Include/Library/TpmPlatformHierarchyLib.h
 create mode 100644 
OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.c
 create mode 100644 
OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf

diff --git a/OvmfPkg/Include/Library/TpmPlatformHierarchyLib.h 
b/OvmfPkg/Include/Library/TpmPlatformHierarchyLib.h
new file mode 100644
index 00..a872fa09dc
--- /dev/null
+++ b/OvmfPkg/Include/Library/TpmPlatformHierarchyLib.h
@@ -0,0 +1,27 @@
+/** @file
+TPM Platform Hierarchy configuration library.
+
+This library provides functions for customizing the TPM's Platform 
Hierarchy
+Authorization Value (platformAuth) and Platform Hierarchy Authorization
+Policy (platformPolicy) can be defined through this function.
+
+Copyright (c) 2019, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef _TPM_PLATFORM_HIERARCHY_LIB_H_
+#define _TPM_PLATFORM_HIERARCHY_LIB_H_
+
+/**
+   This service will perform the TPM Platform Hierarchy configuration at the 
SmmReadyToLock event.
+
+**/
+VOID
+EFIAPI
+ConfigureTpmPlatformHierarchy (
+  VOID
+  );
+
+#endif
diff --git 
a/OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.c 
b/OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.c
new file mode 100644
index 00..ba2d99bb53
--- /dev/null
+++ 
b/OvmfPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.c
@@ -0,0 +1,210 @@
+/** @file
+TPM Platform Hierarchy configuration library.
+
+This library provides functions for customizing the TPM's Platform 
Hierarchy
+Authorization Value (platformAuth) and Platform Hierarchy Authorization
+Policy (platformPolicy) can be defined through this function.
+
+Copyright (c) 2019, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+@par Specification Reference:
+
https://trustedcomputinggroup.org/resource/tcg-tpm-v2-0-provisioning-guidance/
+**/
+
+#include 
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+//
+// The authorization value may be no larger than the digest produced by the 
hash
+//   algorithm used for context integrity.
+//
+#define  MAX_NEW_AUTHORIZATION_SIZE SHA512_DIGEST_SIZE
+
+UINT16   mAuthSize;
+
+/**
+  Generate high-quality entropy source through RDRAND.
+
+  @param[in]   LengthSize of the buffer, in bytes, to fill with.
+  @param[out]  Entropy   Pointer to the buffer to store the entropy data.
+
+  @retval EFI_SUCCESSEntropy generation succeeded.
+  @retval EFI_NOT_READY  Failed to request random data.
+
+**/
+EFI_STATUS
+EFIAPI
+RdRandGenerateEntropy (
+  IN UINTN Length,
+  OUT UINT8*Entropy
+  )
+{
+  EFI_STATUS  Status;
+  UINTN   BlockCount;
+  UINT64  Seed[2];
+  UINT8   *Ptr;
+
+  Status = EFI_NOT_READY;
+  BlockCount = Length / 64;
+  Ptr = (UINT8 *)Entropy;
+
+  //
+  // Generate high-quality seed for DRBG Entropy
+  //
+  while (BlockCount > 0) {
+Status = GetRandomNumber128 (Seed);
+if (EFI_ERROR (Status)) {
+  return Status;
+}
+CopyMem (Ptr, Seed, 64);
+
+BlockCount--;
+Ptr = Ptr + 64;
+  }
+
+  //
+  // Populate the remained data as request.
+  //
+  Status = GetRandomNumber128 (Seed);
+  if (EFI_ERROR (Status)) {
+return Status;
+  }
+  CopyMem (Ptr, Seed, (Length % 64));
+
+  return Status;
+}
+
+/**
+  This function returns the maximum size of TPM2B_AUTH; this structure is used 
for an authorization value
+  and limits an authValue to being no larger than the largest digest produced 
by a TPM.
+
+  @param[out] AuthSize Tpm2 Auth size
+
+  @retval EFI_SUCCESS  Auth size returned.
+  @retval EFI_DEVICE_ERROR Can not return platform auth due to 
device error.
+
+**/
+EFI_STATUS
+EFIAPI
+GetAuthSize (
+  OUT UINT16*AuthSize
+  )
+{
+  EFI_STATUSStatus;
+  TPML_PCR_SELECTIONPcrs;
+  UINTN Index;
+  UINT16DigestSize;
+
+  Status = EFI_SUCCESS;
+
+  while (mAuthSize == 0) {
+
+mAuthSize = SHA1_DIGEST_SIZE;
+ZeroMem (, sizeof (TPML_PCR_SELECTION));
+Status = Tpm2GetCapabilityPcrs ();
+
+if (EFI_ERROR (Status)) {
+  DEBUG ((DEBUG_ERROR, "Tpm2GetCapabilityPcrs fail!\n"));
+  break;
+}
+
+DEBUG ((DEBUG_ERROR, "Tpm2GetCapabilityPcrs - %08x\n", 

[edk2-devel] [PATCH v2 4/4] OvmfPkg: Disable the TPM2 platform hierarchy

[Stefan Berger]

Use the newly added function to disable the TPM2 platform hierarchy.

Signed-off-by: Stefan Berger 
---
 OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c  | 6 ++
 OvmfPkg/Library/PlatformBootManagerLibBhyve/BdsPlatform.c | 6 ++
 OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c  | 6 ++
 3 files changed, 18 insertions(+)

diff --git a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c 
b/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c
index b0e9742937..5bf145ba25 100644
--- a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c
+++ b/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c
@@ -11,6 +11,7 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 
 
@@ -1516,6 +1517,11 @@ PlatformBootManagerAfterConsole (
   //
   Tcg2PhysicalPresenceLibProcessRequest (NULL);
 
+  //
+  // Disable the TPM 2 platform hierarchy
+  //
+  ConfigureTpmPlatformHierarchy ();
+
   //
   // Process QEMU's -kernel command line option
   //
diff --git a/OvmfPkg/Library/PlatformBootManagerLibBhyve/BdsPlatform.c 
b/OvmfPkg/Library/PlatformBootManagerLibBhyve/BdsPlatform.c
index eaade4adea..09418dc4ff 100644
--- a/OvmfPkg/Library/PlatformBootManagerLibBhyve/BdsPlatform.c
+++ b/OvmfPkg/Library/PlatformBootManagerLibBhyve/BdsPlatform.c
@@ -12,6 +12,7 @@
 #include 
 #include 
 #include 
+#include 
 
 #include 
 
@@ -1450,6 +1451,11 @@ PlatformBootManagerAfterConsole (
   //
   Tcg2PhysicalPresenceLibProcessRequest (NULL);
 
+  //
+  // Disable the TPM 2 platform hierarchy
+  //
+  ConfigureTpmPlatformHierarchy ();
+
   //
   // Perform some platform specific connect sequence
   //
diff --git a/OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c 
b/OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c
index 7cceeea487..508e2b6403 100644
--- a/OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c
+++ b/OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c
@@ -12,6 +12,7 @@
 #include 
 #include 
 #include 
+#include 
 
 
 //
@@ -1315,6 +1316,11 @@ PlatformBootManagerAfterConsole (
   //
   Tcg2PhysicalPresenceLibProcessRequest (NULL);
 
+  //
+  // Disable the TPM 2 platform hierachy
+  //
+  ConfigureTpmPlatformHierarchy ();
+
   //
   // Process QEMU's -kernel command line option
   //
-- 
2.31.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78975): https://edk2.groups.io/g/devel/message/78975
Mute This Topic: https://groups.io/mt/84772836/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v2 1/2] MdePkg/BaseLib: Fix unaligned API prototypes

[Michael D Kinney]

Hi Marvin,

Can you provide an example of which C compiler is flagging this as
an error and what error message is generated.

Please enter a BZ with this background information and add link to the
BZ in the commit message.

This is a change to the BaseLib class, so we need to make sure there
are no impacts to any existing code.  I looks like a safe change
because changing from a pointer to a fixed size type to VOID * 
should be compatible.  Please add that analysis to the background
in the BZ as well.

Thanks,

Mike


> -Original Message-
> From: Marvin Häuser 
> Sent: Monday, August 9, 2021 2:51 AM
> To: devel@edk2.groups.io
> Cc: Kinney, Michael D ; Liming Gao 
> ; Liu, Zhiguang
> ; Vitaly Cheptsov 
> Subject: [PATCH v2 1/2] MdePkg/BaseLib: Fix unaligned API prototypes
> 
> C prohibits not only dereferencing but also casting to unaligned
> pointers. Thus, the current set of unaligned APIs cannot be called
> safely. Update their prototypes to take VOID * pointers, which must
> be able to represent any valid pointer.
> 
> Cc: Michael D Kinney 
> Cc: Liming Gao 
> Cc: Zhiguang Liu 
> Cc: Vitaly Cheptsov 
> Signed-off-by: Marvin Häuser 
> ---
>  MdePkg/Library/BaseLib/Arm/Unaligned.c | 14 -
>  MdePkg/Library/BaseLib/Unaligned.c | 32 ++--
>  MdePkg/Include/Library/BaseLib.h   | 16 +-
>  3 files changed, 31 insertions(+), 31 deletions(-)
> 
> diff --git a/MdePkg/Library/BaseLib/Arm/Unaligned.c 
> b/MdePkg/Library/BaseLib/Arm/Unaligned.c
> index e9934e7003cb..57f19fc44e0b 100644
> --- a/MdePkg/Library/BaseLib/Arm/Unaligned.c
> +++ b/MdePkg/Library/BaseLib/Arm/Unaligned.c
> @@ -59,7 +59,7 @@ ReadUnaligned16 (
>  UINT16
> 
>  EFIAPI
> 
>  WriteUnaligned16 (
> 
> -  OUT UINT16*Buffer,
> 
> +  OUT VOID  *Buffer,
> 
>IN  UINT16Value
> 
>)
> 
>  {
> 
> @@ -87,7 +87,7 @@ WriteUnaligned16 (
>  UINT32
> 
>  EFIAPI
> 
>  ReadUnaligned24 (
> 
> -  IN CONST UINT32  *Buffer
> 
> +  IN CONST VOID*Buffer
> 
>)
> 
>  {
> 
>ASSERT (Buffer != NULL);
> 
> @@ -116,7 +116,7 @@ ReadUnaligned24 (
>  UINT32
> 
>  EFIAPI
> 
>  WriteUnaligned24 (
> 
> -  OUT UINT32*Buffer,
> 
> +  OUT VOID  *Buffer,
> 
>IN  UINT32Value
> 
>)
> 
>  {
> 
> @@ -143,7 +143,7 @@ WriteUnaligned24 (
>  UINT32
> 
>  EFIAPI
> 
>  ReadUnaligned32 (
> 
> -  IN CONST UINT32  *Buffer
> 
> +  IN CONST VOID*Buffer
> 
>)
> 
>  {
> 
>UINT16  LowerBytes;
> 
> @@ -175,7 +175,7 @@ ReadUnaligned32 (
>  UINT32
> 
>  EFIAPI
> 
>  WriteUnaligned32 (
> 
> -  OUT UINT32*Buffer,
> 
> +  OUT VOID  *Buffer,
> 
>IN  UINT32Value
> 
>)
> 
>  {
> 
> @@ -202,7 +202,7 @@ WriteUnaligned32 (
>  UINT64
> 
>  EFIAPI
> 
>  ReadUnaligned64 (
> 
> -  IN CONST UINT64  *Buffer
> 
> +  IN CONST VOID*Buffer
> 
>)
> 
>  {
> 
>UINT32  LowerBytes;
> 
> @@ -234,7 +234,7 @@ ReadUnaligned64 (
>  UINT64
> 
>  EFIAPI
> 
>  WriteUnaligned64 (
> 
> -  OUT UINT64*Buffer,
> 
> +  OUT VOID  *Buffer,
> 
>IN  UINT64Value
> 
>)
> 
>  {
> 
> diff --git a/MdePkg/Library/BaseLib/Unaligned.c 
> b/MdePkg/Library/BaseLib/Unaligned.c
> index a419cb85e53c..3041adcde606 100644
> --- a/MdePkg/Library/BaseLib/Unaligned.c
> +++ b/MdePkg/Library/BaseLib/Unaligned.c
> @@ -26,12 +26,12 @@
>  UINT16
> 
>  EFIAPI
> 
>  ReadUnaligned16 (
> 
> -  IN CONST UINT16  *Buffer
> 
> +  IN CONST VOID*Buffer
> 
>)
> 
>  {
> 
>ASSERT (Buffer != NULL);
> 
> 
> 
> -  return *Buffer;
> 
> +  return *(CONST UINT16 *) Buffer;
> 
>  }
> 
> 
> 
>  /**
> 
> @@ -52,13 +52,13 @@ ReadUnaligned16 (
>  UINT16
> 
>  EFIAPI
> 
>  WriteUnaligned16 (
> 
> -  OUT UINT16*Buffer,
> 
> +  OUT VOID  *Buffer,
> 
>IN  UINT16Value
> 
>)
> 
>  {
> 
>ASSERT (Buffer != NULL);
> 
> 
> 
> -  return *Buffer = Value;
> 
> +  return *(UINT16 *) Buffer = Value;
> 
>  }
> 
> 
> 
>  /**
> 
> @@ -77,12 +77,12 @@ WriteUnaligned16 (
>  UINT32
> 
>  EFIAPI
> 
>  ReadUnaligned24 (
> 
> -  IN CONST UINT32  *Buffer
> 
> +  IN CONST VOID*Buffer
> 
>)
> 
>  {
> 
>ASSERT (Buffer != NULL);
> 
> 
> 
> -  return *Buffer & 0xff;
> 
> +  return *(CONST UINT32 *) Buffer & 0xff;
> 
>  }
> 
> 
> 
>  /**
> 
> @@ -103,13 +103,13 @@ ReadUnaligned24 (
>  UINT32
> 
>  EFIAPI
> 
>  WriteUnaligned24 (
> 
> -  OUT UINT32*Buffer,
> 
> +  OUT VOID  *Buffer,
> 
>IN  UINT32Value
> 
>)
> 
>  {
> 
>ASSERT (Buffer != NULL);
> 
> 
> 
> -  *Buffer = BitFieldWrite32 (*Buffer, 0, 23, Value);
> 
> +  *(UINT32 *) Buffer = BitFieldWrite32 (*(CONST UINT32 *) Buffer, 0, 23, 
> 

[edk2-devel] [PATCH v5 5/5] StandaloneMmPkg: build for 32bit arm machines

[Etienne Carriere]

This change allows to build StandaloneMmPkg components for 32bit Arm
StandaloneMm firmware.

This change mainly moves AArch64/ source files to Arm/ side directory
for several components:  StandaloneMmCpu, StandaloneMmCoreEntryPoint
and StandaloneMmMemLib. The source file is built for both 32b and 64b
Arm targets.

Signed-off-by: Etienne Carriere 
---
Changes since v4:
- Update StandaloneMmCoreEntryPoint.h path in StandaloneMmPkg.dec for
  both AArch64 and ARM targets.

Changes since v3:
- Fix BuildOptions.ARM in StandaloneMmPkg.
- Remove Cc tags.

No change since v2

Changes since v1:
- ARM_SMC_ID_MM_COMMUNICATE 32b/64b agnostic helper ID is defined
  in ArmStdSmc.h (see 1st commit in this series) instead of being
  local to EventHandle.c.
- Fix void occurrence to VOID.
- Fix path in StandaloneMmPkg/StandaloneMmPkg.dsc
---
 StandaloneMmPkg/Core/StandaloneMmCore.inf  
  |  2 +-
 StandaloneMmPkg/Drivers/StandaloneMmCpu/{AArch64 => }/EventHandle.c
  |  5 +++--
 StandaloneMmPkg/Drivers/StandaloneMmCpu/{AArch64 => }/StandaloneMmCpu.c
  |  2 +-
 StandaloneMmPkg/Drivers/StandaloneMmCpu/{AArch64 => }/StandaloneMmCpu.h
  |  0
 StandaloneMmPkg/Drivers/StandaloneMmCpu/{AArch64 => }/StandaloneMmCpu.inf  
  |  0
 StandaloneMmPkg/Include/Library/{AArch64 => Arm}/StandaloneMmCoreEntryPoint.h  
  |  0
 StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/{AArch64 => 
Arm}/CreateHobList.c  |  2 +-
 StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/{AArch64 => 
Arm}/SetPermissions.c |  2 +-
 StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/{AArch64 => 
Arm}/StandaloneMmCoreEntryPoint.c | 16 
 
StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreEntryPoint.inf
| 14 +++---
 StandaloneMmPkg/Library/StandaloneMmCoreHobLib/{AArch64 => 
Arm}/StandaloneMmCoreHobLib.c |  0
 StandaloneMmPkg/Library/StandaloneMmCoreHobLib/{AArch64 => 
Arm}/StandaloneMmCoreHobLibInternal.c |  0
 StandaloneMmPkg/Library/StandaloneMmCoreHobLib/StandaloneMmCoreHobLib.inf  
  |  8 
 
StandaloneMmPkg/Library/StandaloneMmMemLib/{AArch64/StandaloneMmMemLibInternal.c
 => ArmStandaloneMmMemLibInternal.c} |  9 -
 StandaloneMmPkg/Library/StandaloneMmMemLib/StandaloneMmMemLib.inf  
  |  6 +++---
 StandaloneMmPkg/Library/VariableMmDependency/VariableMmDependency.inf  
  |  2 +-
 StandaloneMmPkg/StandaloneMmPkg.dec
  |  6 +++---
 StandaloneMmPkg/StandaloneMmPkg.dsc
  | 12 
 18 files changed, 49 insertions(+), 37 deletions(-)

diff --git a/StandaloneMmPkg/Core/StandaloneMmCore.inf 
b/StandaloneMmPkg/Core/StandaloneMmCore.inf
index 87bf6e9440..56042b7b39 100644
--- a/StandaloneMmPkg/Core/StandaloneMmCore.inf
+++ b/StandaloneMmPkg/Core/StandaloneMmCore.inf
@@ -17,7 +17,7 @@
   PI_SPECIFICATION_VERSION   = 0x00010032
   ENTRY_POINT= StandaloneMmMain
 
-#  VALID_ARCHITECTURES   = IA32 X64 AARCH64
+#  VALID_ARCHITECTURES   = IA32 X64 AARCH64 ARM
 
 [Sources]
   StandaloneMmCore.c
diff --git a/StandaloneMmPkg/Drivers/StandaloneMmCpu/AArch64/EventHandle.c 
b/StandaloneMmPkg/Drivers/StandaloneMmCpu/EventHandle.c
similarity index 95%
rename from StandaloneMmPkg/Drivers/StandaloneMmCpu/AArch64/EventHandle.c
rename to StandaloneMmPkg/Drivers/StandaloneMmCpu/EventHandle.c
index 63fbe26642..165d696f99 100644
--- a/StandaloneMmPkg/Drivers/StandaloneMmCpu/AArch64/EventHandle.c
+++ b/StandaloneMmPkg/Drivers/StandaloneMmCpu/EventHandle.c
@@ -2,6 +2,7 @@
 
   Copyright (c) 2016 HP Development Company, L.P.
   Copyright (c) 2016 - 2021, Arm Limited. All rights reserved.
+  Copyright (c) 2021, Linaro Limited
 
   SPDX-License-Identifier: BSD-2-Clause-Patent
 
@@ -92,8 +93,8 @@ PiMmStandaloneArmTfCpuDriverEntry (
   // receipt of a synchronous MM request. Use the Event ID to distinguish
   // between synchronous and asynchronous events.
   //
-  if ((ARM_SMC_ID_MM_COMMUNICATE_AARCH64 != EventId) &&
-  (ARM_SVC_ID_FFA_MSG_SEND_DIRECT_REQ_AARCH64 != EventId)) {
+  if ((ARM_SMC_ID_MM_COMMUNICATE != EventId) &&
+  (ARM_SVC_ID_FFA_MSG_SEND_DIRECT_REQ != EventId)) {
 DEBUG ((DEBUG_INFO, "UnRecognized Event - 0x%x\n", EventId));
 return EFI_INVALID_PARAMETER;
   }
diff --git a/StandaloneMmPkg/Drivers/StandaloneMmCpu/AArch64/StandaloneMmCpu.c 

[edk2-devel] [PATCH v5 4/5] StandaloneMmPkg: fix pointer/int casts against 32bit architectures

[Etienne Carriere]

Use intermediate (UINTN) cast when casting int from/to pointer. This
is needed as UINT64 values cast from/to 32bit pointer for 32bit
architectures.

Signed-off-by: Etienne Carriere 
Acked-by: Jiewen Yao 
Reviewed-by: Sami Mujawar 
---
No change since v4

Changes since v3:
- Remove Cc tags and apply review tags.

No change since v2
No change since v1
---
 StandaloneMmPkg/Drivers/StandaloneMmCpu/AArch64/StandaloneMmCpu.c  
 |  8 
 StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/CreateHobList.c 
 | 14 +++---
 
StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/StandaloneMmCoreEntryPoint.c
 |  2 +-
 3 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/StandaloneMmPkg/Drivers/StandaloneMmCpu/AArch64/StandaloneMmCpu.c 
b/StandaloneMmPkg/Drivers/StandaloneMmCpu/AArch64/StandaloneMmCpu.c
index 6884095c49..d4590bcd19 100644
--- a/StandaloneMmPkg/Drivers/StandaloneMmCpu/AArch64/StandaloneMmCpu.c
+++ b/StandaloneMmPkg/Drivers/StandaloneMmCpu/AArch64/StandaloneMmCpu.c
@@ -164,8 +164,8 @@ StandaloneMmCpuInitialize (
 
   // Share the entry point of the CPU driver
   DEBUG ((DEBUG_INFO, "Sharing Cpu Driver EP *0x%lx = 0x%lx\n",
-  (UINT64) CpuDriverEntryPointDesc->ArmTfCpuDriverEpPtr,
-  (UINT64) PiMmStandaloneArmTfCpuDriverEntry));
+  (UINTN) CpuDriverEntryPointDesc->ArmTfCpuDriverEpPtr,
+  (UINTN) PiMmStandaloneArmTfCpuDriverEntry));
   *(CpuDriverEntryPointDesc->ArmTfCpuDriverEpPtr) = 
PiMmStandaloneArmTfCpuDriverEntry;
 
   // Find the descriptor that contains the whereabouts of the buffer for
@@ -180,8 +180,8 @@ StandaloneMmCpuInitialize (
 return Status;
   }
 
-  DEBUG ((DEBUG_INFO, "mNsCommBuffer.PhysicalStart - 0x%lx\n", (UINT64) 
NsCommBufMmramRange->PhysicalStart));
-  DEBUG ((DEBUG_INFO, "mNsCommBuffer.PhysicalSize - 0x%lx\n", (UINT64) 
NsCommBufMmramRange->PhysicalSize));
+  DEBUG ((DEBUG_INFO, "mNsCommBuffer.PhysicalStart - 0x%lx\n", (UINTN) 
NsCommBufMmramRange->PhysicalStart));
+  DEBUG ((DEBUG_INFO, "mNsCommBuffer.PhysicalSize - 0x%lx\n", (UINTN) 
NsCommBufMmramRange->PhysicalSize));
 
   CopyMem (, NsCommBufMmramRange, sizeof(EFI_MMRAM_DESCRIPTOR));
   DEBUG ((DEBUG_INFO, "mNsCommBuffer: 0x%016lx - 0x%lx\n", 
mNsCommBuffer.CpuStart, mNsCommBuffer.PhysicalSize));
diff --git 
a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/CreateHobList.c 
b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/CreateHobList.c
index e8fb96bd6e..4d4cf3d5ff 100644
--- a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/CreateHobList.c
+++ b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/CreateHobList.c
@@ -72,14 +72,14 @@ CreateHobListFromBootInfo (
 
   // Create a hoblist with a PHIT and EOH
   HobStart = HobConstructor (
-   (VOID *) PayloadBootInfo->SpMemBase,
+   (VOID *) (UINTN) PayloadBootInfo->SpMemBase,
(UINTN)  PayloadBootInfo->SpMemLimit - 
PayloadBootInfo->SpMemBase,
-   (VOID *) PayloadBootInfo->SpHeapBase,
-   (VOID *) (PayloadBootInfo->SpHeapBase + 
PayloadBootInfo->SpHeapSize)
+   (VOID *) (UINTN) PayloadBootInfo->SpHeapBase,
+   (VOID *) (UINTN) (PayloadBootInfo->SpHeapBase + 
PayloadBootInfo->SpHeapSize)
);
 
   // Check that the Hoblist starts at the bottom of the Heap
-  ASSERT (HobStart == (VOID *) PayloadBootInfo->SpHeapBase);
+  ASSERT (HobStart == (VOID *) (UINTN) PayloadBootInfo->SpHeapBase);
 
   // Build a Boot Firmware Volume HOB
   BuildFvHob (PayloadBootInfo->SpImageBase, PayloadBootInfo->SpImageSize);
@@ -190,9 +190,9 @@ CreateHobListFromBootInfo (
   MmramRanges[3].RegionState   = EFI_CACHEABLE | EFI_ALLOCATED;
 
   // Base and size of heap memory shared by all cpus
-  MmramRanges[4].PhysicalStart = (EFI_PHYSICAL_ADDRESS) HobStart;
-  MmramRanges[4].CpuStart  = (EFI_PHYSICAL_ADDRESS) HobStart;
-  MmramRanges[4].PhysicalSize  = HobStart->EfiFreeMemoryBottom - 
(EFI_PHYSICAL_ADDRESS) HobStart;
+  MmramRanges[4].PhysicalStart = (EFI_PHYSICAL_ADDRESS) (UINTN) HobStart;
+  MmramRanges[4].CpuStart  = (EFI_PHYSICAL_ADDRESS) (UINTN) HobStart;
+  MmramRanges[4].PhysicalSize  = HobStart->EfiFreeMemoryBottom - 
(EFI_PHYSICAL_ADDRESS) (UINTN) HobStart;
   MmramRanges[4].RegionState   = EFI_CACHEABLE | EFI_ALLOCATED;
 
   // Base and size of heap memory shared by all cpus
diff --git 
a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/StandaloneMmCoreEntryPoint.c
 
b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/StandaloneMmCoreEntryPoint.c
index 6c50f470aa..b445d6942e 100644
--- 
a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/StandaloneMmCoreEntryPoint.c
+++ 
b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/StandaloneMmCoreEntryPoint.c
@@ -328,7 +328,7 @@ _ModuleEntryPoint (
 
   // Locate PE/COFF File information for the Standalone MM core module
   Status = LocateStandaloneMmCorePeCoffData (

[edk2-devel] [PATCH v5 3/5] GenFv: Arm: support images entered in Thumb mode

[Etienne Carriere]

Change GenFv for Arm architecture to generate a specific jump
instruction as image entry instruction, when the target entry label
is assembled with Thumb instruction set. This is possible since
SecCoreEntryAddress value fetched from the PE32 has its LSBit set when
the entry instruction executes in Thumb mode.

Signed-off-by: Etienne Carriere 
Acked-by: Liming Gao 
Reviewed-by: Sami Mujawar 
---
No change since v4

Changes since v3:
- Removed Cc tags and apply review tags.

Changes since v2:
- Fix missing parentheses in expression.

Changes since v1:
- Fix typos in commit log and inline comments
- Change if() test operand to be an explicit boolean
---
 BaseTools/Source/C/GenFv/GenFvInternalLib.c | 38 +++-
 1 file changed, 29 insertions(+), 9 deletions(-)

diff --git a/BaseTools/Source/C/GenFv/GenFvInternalLib.c 
b/BaseTools/Source/C/GenFv/GenFvInternalLib.c
index 6e296b8ad6..6cf9c84e73 100644
--- a/BaseTools/Source/C/GenFv/GenFvInternalLib.c
+++ b/BaseTools/Source/C/GenFv/GenFvInternalLib.c
@@ -34,9 +34,27 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #include "FvLib.h"
 #include "PeCoffLib.h"
 
-#define ARMT_UNCONDITIONAL_JUMP_INSTRUCTION   0xEB00
 #define ARM64_UNCONDITIONAL_JUMP_INSTRUCTION  0x1400
 
+/*
+ * Arm instruction to jump to Fv entry instruction in Arm or Thumb mode.
+ * From ARM Arch Ref Manual versions b/c/d, section A8.8.25 BL, BLX (immediate)
+ * BLX (encoding A2) branches to offset in Thumb instruction set mode.
+ * BL (encoding A1) branches to offset in Arm instruction set mode.
+ */
+#define ARM_JUMP_OFFSET_MAX0xff
+#define ARM_JUMP_TO_ARM(Offset)(0xeb00 | ((Offset - 8) >> 2))
+
+#define _ARM_JUMP_TO_THUMB(Imm32)  (0xfa00 | \
+(((Imm32) & (1 << 1)) << (24 - 1)) | \
+(((Imm32) >> 2) & 0x7f))
+#define ARM_JUMP_TO_THUMB(Offset)  _ARM_JUMP_TO_THUMB((Offset) - 8)
+
+/*
+ * Arm instruction to retrun from exception (MOVS PC, LR)
+ */
+#define ARM_RETURN_FROM_EXCEPTION  0xE1B0F07E
+
 BOOLEAN mArm = FALSE;
 BOOLEAN mRiscV = FALSE;
 STATIC UINT32   MaxFfsAlignment = 0;
@@ -2203,23 +2221,25 @@ Returns:
 // if we found an SEC core entry point then generate a branch instruction
 // to it and populate a debugger SWI entry as well
 if (UpdateVectorSec) {
+  UINT32EntryOffset;
 
   VerboseMsg("UpdateArmResetVectorIfNeeded updating ARM SEC vector");
 
-  // B SecEntryPoint - signed_immed_24 part +/-32MB offset
-  // on ARM, the PC is always 8 ahead, so we're not really jumping from 
the base address, but from base address + 8
-  ResetVector[0] = (INT32)(SecCoreEntryAddress - FvInfo->BaseAddress - 8) 
>> 2;
+  EntryOffset = (INT32)(SecCoreEntryAddress - FvInfo->BaseAddress);
 
-  if (ResetVector[0] > 0x00FF) {
-Error(NULL, 0, 3000, "Invalid", "SEC Entry point must be within 32MB 
of the start of the FV");
+  if (EntryOffset > ARM_JUMP_OFFSET_MAX) {
+  Error(NULL, 0, 3000, "Invalid", "SEC Entry point offset above 1MB of 
the start of the FV");
 return EFI_ABORTED;
   }
 
-  // Add opcode for an unconditional branch with no link. i.e.: " B 
SecEntryPoint"
-  ResetVector[0] |= ARMT_UNCONDITIONAL_JUMP_INSTRUCTION;
+  if ((SecCoreEntryAddress & 1) != 0) {
+ResetVector[0] = ARM_JUMP_TO_THUMB(EntryOffset);
+  } else {
+ResetVector[0] = ARM_JUMP_TO_ARM(EntryOffset);
+  }
 
   // SWI handler movs   pc,lr. Just in case a debugger uses SWI
-  ResetVector[2] = 0xE1B0F07E;
+  ResetVector[2] = ARM_RETURN_FROM_EXCEPTION;
 
   // Place holder to support a common interrupt handler from ROM.
   // Currently not supported. For this to be used the reset vector would 
not be in this FV
-- 
2.17.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78969): https://edk2.groups.io/g/devel/message/78969
Mute This Topic: https://groups.io/mt/84770796/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v5 2/5] ArmPkg: prepare 32bit ARM build of StandaloneMmPkg

[Etienne Carriere]

Changes in ArmPkg to prepare building StandaloneMm firmware for
32bit Arm architectures.

Adds ArmmmuStandaloneMmLib library to the list of the standard
components build for ArmPkg on when ARM architectures.

Changes path of source file AArch64/ArmMmuStandaloneMmLib.c
and compile it for both 32bit and 64bit architectures.

Signed-off-by: Etienne Carriere 
---
Changes since v4:
- Remove changes related to MmCommunicationDxe and ArmMmuPeiLib since
  they currently don't need to be built for ARM targets.
- Remove review tags applied to patch v3.

Changes since v3:
- Remove Cc tags and apply review tag.

No change since v2
No change since v1
---
 ArmPkg/ArmPkg.dec   |  2 +-
 ArmPkg/ArmPkg.dsc   |  2 ++
 ArmPkg/Library/StandaloneMmMmuLib/{AArch64 => }/ArmMmuStandaloneMmLib.c | 15 
---
 ArmPkg/Library/StandaloneMmMmuLib/ArmMmuStandaloneMmLib.inf |  6 
+++---
 4 files changed, 14 insertions(+), 11 deletions(-)

diff --git a/ArmPkg/ArmPkg.dec b/ArmPkg/ArmPkg.dec
index 214b2f5892..6ed51edd03 100644
--- a/ArmPkg/ArmPkg.dec
+++ b/ArmPkg/ArmPkg.dec
@@ -137,7 +137,7 @@
   # hardware coherency (i.e., no virtualization or cache coherent DMA)
   
gArmTokenSpaceGuid.PcdNormalMemoryNonshareableOverride|FALSE|BOOLEAN|0x0043
 
-[PcdsFeatureFlag.AARCH64]
+[PcdsFeatureFlag.AARCH64, PcdsFeatureFlag.ARM]
   ## Used to select method for requesting services from S-EL1.
   #   TRUE  - Selects FF-A calls for communication between S-EL0 and SPMC.
   #   FALSE - Selects SVC calls for communication between S-EL0 and SPMC.
diff --git a/ArmPkg/ArmPkg.dsc b/ArmPkg/ArmPkg.dsc
index 926986cf7f..8abe3713c8 100644
--- a/ArmPkg/ArmPkg.dsc
+++ b/ArmPkg/ArmPkg.dsc
@@ -161,4 +161,6 @@
 [Components.AARCH64]
   ArmPkg/Drivers/MmCommunicationDxe/MmCommunication.inf
   ArmPkg/Library/ArmMmuLib/ArmMmuPeiLib.inf
+
+[Components.AARCH64, Components.ARM]
   ArmPkg/Library/StandaloneMmMmuLib/ArmMmuStandaloneMmLib.inf
diff --git a/ArmPkg/Library/StandaloneMmMmuLib/AArch64/ArmMmuStandaloneMmLib.c 
b/ArmPkg/Library/StandaloneMmMmuLib/ArmMmuStandaloneMmLib.c
similarity index 92%
rename from ArmPkg/Library/StandaloneMmMmuLib/AArch64/ArmMmuStandaloneMmLib.c
rename to ArmPkg/Library/StandaloneMmMmuLib/ArmMmuStandaloneMmLib.c
index dd014beec8..20f873e680 100644
--- a/ArmPkg/Library/StandaloneMmMmuLib/AArch64/ArmMmuStandaloneMmLib.c
+++ b/ArmPkg/Library/StandaloneMmMmuLib/ArmMmuStandaloneMmLib.c
@@ -2,6 +2,7 @@
   File managing the MMU for ARMv8 architecture in S-EL0
 
   Copyright (c) 2017 - 2021, Arm Limited. All rights reserved.
+  Copyright (c) 2021, Linaro Limited
   SPDX-License-Identifier: BSD-2-Clause-Patent
 
   @par Reference(s):
@@ -62,7 +63,7 @@ SendMemoryPermissionRequest (
 // for other Direct Request calls which are not atomic
 // We therefore check only for Direct Response by the
 // callee.
-if (SvcArgs->Arg0 == ARM_SVC_ID_FFA_MSG_SEND_DIRECT_RESP_AARCH64) {
+if (SvcArgs->Arg0 == ARM_SVC_ID_FFA_MSG_SEND_DIRECT_RESP) {
   // A Direct Response means FF-A success
   // Now check the payload for errors
   // The callee sends back the return value
@@ -164,13 +165,13 @@ GetMemoryPermissions (
   ZeroMem (, sizeof (ARM_SVC_ARGS));
   if (FeaturePcdGet (PcdFfaEnable)) {
 // See [2], Section 10.2 FFA_MSG_SEND_DIRECT_REQ.
-SvcArgs.Arg0 = ARM_SVC_ID_FFA_MSG_SEND_DIRECT_REQ_AARCH64;
+SvcArgs.Arg0 = ARM_SVC_ID_FFA_MSG_SEND_DIRECT_REQ;
 SvcArgs.Arg1 = ARM_FFA_DESTINATION_ENDPOINT_ID;
 SvcArgs.Arg2 = 0;
-SvcArgs.Arg3 = ARM_SVC_ID_SP_GET_MEM_ATTRIBUTES_AARCH64;
+SvcArgs.Arg3 = ARM_SVC_ID_SP_GET_MEM_ATTRIBUTES;
 SvcArgs.Arg4 = BaseAddress;
   } else {
-SvcArgs.Arg0 = ARM_SVC_ID_SP_GET_MEM_ATTRIBUTES_AARCH64;
+SvcArgs.Arg0 = ARM_SVC_ID_SP_GET_MEM_ATTRIBUTES;
 SvcArgs.Arg1 = BaseAddress;
 SvcArgs.Arg2 = 0;
 SvcArgs.Arg3 = 0;
@@ -219,15 +220,15 @@ RequestMemoryPermissionChange (
   ZeroMem (, sizeof (ARM_SVC_ARGS));
   if (FeaturePcdGet (PcdFfaEnable)) {
 // See [2], Section 10.2 FFA_MSG_SEND_DIRECT_REQ.
-SvcArgs.Arg0 = ARM_SVC_ID_FFA_MSG_SEND_DIRECT_REQ_AARCH64;
+SvcArgs.Arg0 = ARM_SVC_ID_FFA_MSG_SEND_DIRECT_REQ;
 SvcArgs.Arg1 = ARM_FFA_DESTINATION_ENDPOINT_ID;
 SvcArgs.Arg2 = 0;
-SvcArgs.Arg3 = ARM_SVC_ID_SP_SET_MEM_ATTRIBUTES_AARCH64;
+SvcArgs.Arg3 = ARM_SVC_ID_SP_SET_MEM_ATTRIBUTES;
 SvcArgs.Arg4 = BaseAddress;
 SvcArgs.Arg5 = EFI_SIZE_TO_PAGES (Length);
 SvcArgs.Arg6 = Permissions;
   } else {
-SvcArgs.Arg0 = ARM_SVC_ID_SP_SET_MEM_ATTRIBUTES_AARCH64;
+SvcArgs.Arg0 = ARM_SVC_ID_SP_SET_MEM_ATTRIBUTES;
 SvcArgs.Arg1 = BaseAddress;
 SvcArgs.Arg2 = EFI_SIZE_TO_PAGES (Length);
 SvcArgs.Arg3 = Permissions;
diff --git a/ArmPkg/Library/StandaloneMmMmuLib/ArmMmuStandaloneMmLib.inf 
b/ArmPkg/Library/StandaloneMmMmuLib/ArmMmuStandaloneMmLib.inf
index 6c71fe0023..ff20e58980 100644
--- 

[edk2-devel] [PATCH v5 1/5] ArmPkg/IndustryStandard: 32b/64b agnostic FF-A, Mm SVC and Std SMC IDs

[Etienne Carriere]

Defines ARM_SVC_ID_FFA_* and ARM_SVC_ID_SP_* identifiers for 32bit
function IDs as per SMCCC specification. Defines also generic ARM
SVC identifier macros to wrap 32bit or 64bit identifiers upon target
built architecture.

Signed-off-by: Etienne Carriere 
Reviewed-by: Sami Mujawar 

---
Changes since v3:
- Remove Cc tags and apply review tag.

No changes since v2

Changes since v1:
- Define ARM_SMC_ID_MM_COMMUNICATE 32b/64b agnostic helper ID in
  ArmStdSmc.h, as expected by few following commits in this series.
---
 ArmPkg/Include/IndustryStandard/ArmFfaSvc.h | 12 
 ArmPkg/Include/IndustryStandard/ArmMmSvc.h  | 15 +++
 ArmPkg/Include/IndustryStandard/ArmStdSmc.h |  8 
 3 files changed, 35 insertions(+)

diff --git a/ArmPkg/Include/IndustryStandard/ArmFfaSvc.h 
b/ArmPkg/Include/IndustryStandard/ArmFfaSvc.h
index 65b8343ade..ebcb54b28b 100644
--- a/ArmPkg/Include/IndustryStandard/ArmFfaSvc.h
+++ b/ArmPkg/Include/IndustryStandard/ArmFfaSvc.h
@@ -17,9 +17,21 @@
 #define ARM_FFA_SVC_H_
 
 #define ARM_SVC_ID_FFA_VERSION_AARCH32  0x8463
+#define ARM_SVC_ID_FFA_MSG_SEND_DIRECT_REQ_AARCH32  0x846F
+#define ARM_SVC_ID_FFA_MSG_SEND_DIRECT_RESP_AARCH32 0x8470
 #define ARM_SVC_ID_FFA_MSG_SEND_DIRECT_REQ_AARCH64  0xC46F
 #define ARM_SVC_ID_FFA_MSG_SEND_DIRECT_RESP_AARCH64 0xC470
 
+/* Generic IDs when using AArch32 or AArch64 execution state */
+#ifdef MDE_CPU_AARCH64
+#define ARM_SVC_ID_FFA_MSG_SEND_DIRECT_REQ 
ARM_SVC_ID_FFA_MSG_SEND_DIRECT_REQ_AARCH64
+#define ARM_SVC_ID_FFA_MSG_SEND_DIRECT_RESP
ARM_SVC_ID_FFA_MSG_SEND_DIRECT_RESP_AARCH64
+#endif
+#ifdef MDE_CPU_ARM
+#define ARM_SVC_ID_FFA_MSG_SEND_DIRECT_REQ 
ARM_SVC_ID_FFA_MSG_SEND_DIRECT_REQ_AARCH32
+#define ARM_SVC_ID_FFA_MSG_SEND_DIRECT_RESP
ARM_SVC_ID_FFA_MSG_SEND_DIRECT_RESP_AARCH32
+#endif
+
 #define SPM_MAJOR_VERSION_FFA   1
 #define SPM_MINOR_VERSION_FFA   0
 
diff --git a/ArmPkg/Include/IndustryStandard/ArmMmSvc.h 
b/ArmPkg/Include/IndustryStandard/ArmMmSvc.h
index 33d60ccf17..deb3bc99d2 100644
--- a/ArmPkg/Include/IndustryStandard/ArmMmSvc.h
+++ b/ArmPkg/Include/IndustryStandard/ArmMmSvc.h
@@ -15,10 +15,25 @@
  * privileged operations on its behalf.
  */
 #define ARM_SVC_ID_SPM_VERSION_AARCH32 0x8460
+#define ARM_SVC_ID_SP_EVENT_COMPLETE_AARCH32   0x8461
+#define ARM_SVC_ID_SP_GET_MEM_ATTRIBUTES_AARCH32   0x8464
+#define ARM_SVC_ID_SP_SET_MEM_ATTRIBUTES_AARCH32   0x8465
 #define ARM_SVC_ID_SP_EVENT_COMPLETE_AARCH64   0xC461
 #define ARM_SVC_ID_SP_GET_MEM_ATTRIBUTES_AARCH64   0xC464
 #define ARM_SVC_ID_SP_SET_MEM_ATTRIBUTES_AARCH64   0xC465
 
+/* Generic IDs when using AArch32 or AArch64 execution state */
+#ifdef MDE_CPU_AARCH64
+#define ARM_SVC_ID_SP_EVENT_COMPLETE   
ARM_SVC_ID_SP_EVENT_COMPLETE_AARCH64
+#define ARM_SVC_ID_SP_GET_MEM_ATTRIBUTES   
ARM_SVC_ID_SP_GET_MEM_ATTRIBUTES_AARCH64
+#define ARM_SVC_ID_SP_SET_MEM_ATTRIBUTES   
ARM_SVC_ID_SP_SET_MEM_ATTRIBUTES_AARCH64
+#endif
+#ifdef MDE_CPU_ARM
+#define ARM_SVC_ID_SP_EVENT_COMPLETE   
ARM_SVC_ID_SP_EVENT_COMPLETE_AARCH32
+#define ARM_SVC_ID_SP_GET_MEM_ATTRIBUTES   
ARM_SVC_ID_SP_GET_MEM_ATTRIBUTES_AARCH32
+#define ARM_SVC_ID_SP_SET_MEM_ATTRIBUTES   
ARM_SVC_ID_SP_SET_MEM_ATTRIBUTES_AARCH32
+#endif
+
 #define SET_MEM_ATTR_DATA_PERM_MASK   0x3
 #define SET_MEM_ATTR_DATA_PERM_SHIFT0
 #define SET_MEM_ATTR_DATA_PERM_NO_ACCESS0
diff --git a/ArmPkg/Include/IndustryStandard/ArmStdSmc.h 
b/ArmPkg/Include/IndustryStandard/ArmStdSmc.h
index 67afb0ea2d..9116a291da 100644
--- a/ArmPkg/Include/IndustryStandard/ArmStdSmc.h
+++ b/ArmPkg/Include/IndustryStandard/ArmStdSmc.h
@@ -49,6 +49,14 @@
 #define ARM_SMC_ID_MM_COMMUNICATE_AARCH32  0x8441
 #define ARM_SMC_ID_MM_COMMUNICATE_AARCH64  0xC441
 
+/* Generic ID when using AArch32 or AArch64 execution state */
+#ifdef MDE_CPU_AARCH64
+#define ARM_SMC_ID_MM_COMMUNICATE   ARM_SMC_ID_MM_COMMUNICATE_AARCH64
+#endif
+#ifdef MDE_CPU_ARM
+#define ARM_SMC_ID_MM_COMMUNICATE   ARM_SMC_ID_MM_COMMUNICATE_AARCH32
+#endif
+
 /* MM return error codes */
 #define ARM_SMC_MM_RET_SUCCESS  0
 #define ARM_SMC_MM_RET_NOT_SUPPORTED   -1
-- 
2.17.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78967): https://edk2.groups.io/g/devel/message/78967
Mute This Topic: https://groups.io/mt/84770793/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [Patch V2] MinPlatformPkg: Fix the incompatible change about SecureBootVariableLib

[duntan]

V1: The newly created lib will be consumed by SecureBootConfigDxe.inf in 
CoreDxeInclude.dsc
V2: Add SecureBootVariableProvisionLib in CoreDxeInclude.dsc

Cc: Chasel Chiu 
Cc: Nate DeSimone 
Cc: Liming Gao 
Cc: Eric Dong 
Signed-off-by: DunTan 
---
 Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc 
b/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc
index b154f9615d..c3d05fc913 100644
--- a/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc
+++ b/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc
@@ -139,6 +139,8 @@
 
 !if gMinPlatformPkgTokenSpaceGuid.PcdUefiSecureBootEnable == TRUE
   AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
+  
SecureBootVariableLib|SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.inf
+  
SecureBootVariableProvisionLib|SecurityPkg/Library/SecureBootVariableProvisionLib/SecureBootVariableProvisionLib.inf
 !endif
 
   SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf
-- 
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78966): https://edk2.groups.io/g/devel/message/78966
Mute This Topic: https://groups.io/mt/84770226/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 1/1] OvmfPkg PlatformBootManagerLib: Move TryRunningQemuKernel()

[James Bottomley]

On Mon, 2021-08-09 at 22:53 +1000, Christoph Willing wrote:
> With soft feature freeze started, I wonder if this patch could be
> reviewed and pushed for edk2-stable202108 tag? I think it has
> languished because I didn't initially Cc appropriately - pls add
> others as necessary.
> 
> This patch is a trivial (I think) change which fixes a long standing
> and annoying bug for those booting Qemu with UEFI using external
> kernel & initrd.

I'm with Ard on this one: -kernel is working just fine for me and the
team at IBM working on Kata containers.  It sounds like this might be a
problem local to your environment, so we need to debug it to understand
the issue rather than blindly reverse existing commits.

Regards,

James




-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78965): https://edk2.groups.io/g/devel/message/78965
Mute This Topic: https://groups.io/mt/84767423/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v6 1/6] OvmfPkg/BaseMemEncryptLib: Detect SEV live migration feature.

[Ashish Kalra via groups.io]

Hello Tom,

On Mon, Aug 09, 2021 at 08:41:27AM -0500, Tom Lendacky wrote:
> On 8/2/21 7:31 AM, Ashish Kalra wrote:
> > +
> > +  Signature[12] = '\0';
> > +  for (mKvmLeaf = 0x4000; mKvmLeaf < 0x4001; mKvmLeaf += 0x100) {
> 
> I still really don't understand the need for the CPUID loop. KVM only ever
> programs CPUID function 0x4000, right?
> 

Yes KVM only programs CPUID function 0x4000, as do other hypervisors
like Hyper-V. Also mentioned that leaf 0x4000 is the Hypervisor
CPUID leaf range and vendor ID signature in MSFT Hypervisor Interface
document.

But looking at linux kernel code for the same functionality : 

static inline uint32_t hypervisor_cpuid_base(const char *sig, uint32_t leaves)
{
uint32_t base, eax, signature[3];

for (base = 0x4000; base < 0x4001; base += 0x100) {
cpuid(base, , [0], [1], [2]);

if (!memcmp(sig, signature, 12) 
...
...


And the Xen detection code in OVMF: 

  for (mXenLeaf = 0x4000; mXenLeaf < 0x4001; mXenLeaf += 0x100) {
AsmCpuid (mXenLeaf,
  NULL,
  (UINT32 *) [0],
  (UINT32 *) [4],
  (UINT32 *) [8]);

if (!AsciiStrCmp ((CHAR8 *) Signature, "XenVMMXenVMM")) {
  return TRUE;

The above functions are doing a loop-test.

The kernel patch also mentions about the loop-test :
https://lore.kernel.org/kvm/51ff1e26.6010...@redhat.com/t/

This patch introduce hypervisor_cpuid_base() which loop test the hypervisor
existence function until the signature match and check the number of leaves if
required. This could be used by Xen/KVM guest to detect the existence of
hypervisor.

The above patches/functions don't have any additonal documentation for
why are they doing the loop-test ? 

I don't want to miss any functionality, hence i am reusing the same
loop-test code.

Thanks,
Ashish

> > +AsmCpuid (
> > +  mKvmLeaf,
> > +  NULL,
> > +  (UINT32 *) [0],
> > +  (UINT32 *) [4],
> > +  (UINT32 *) [8]);
> > +
> > +if (AsciiStrCmp (Signature, "KVMKVMKVM") == 0) {
> > +  DEBUG ((
> > +DEBUG_INFO,
> > +"%a: KVM Detected, signature = %a\n",
> > +__FUNCTION__,
> > +Signature
> > +));
> > +
> > +  RegEax = mKvmLeaf + 1;
> > +  RegEcx = 0;
> > +  AsmCpuid (mKvmLeaf + 1, , , , );
> > +  if ((RegEax & KVM_FEATURE_MIGRATION_CONTROL) != 0) {
> > +DEBUG ((
> > +  DEBUG_INFO,
> > +  "%a: SEV Live Migration feature supported\n",
> > +  __FUNCTION__
> > +  ));
> > +
> > +return TRUE;
> > +  }
> > +}
> > +  }
> > +
> > +  return FALSE;
> > +}


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78964): https://edk2.groups.io/g/devel/message/78964
Mute This Topic: https://groups.io/mt/84609830/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v6 6/6] OvmfPkg/AmdSevDxe: Add support for SEV live migration.

[Lendacky, Thomas via groups.io]

On 8/2/21 7:33 AM, Ashish Kalra wrote:
> From: Ashish Kalra 
> 
> Check for SEV live migration feature support, if detected
> setup a new UEFI enviroment variable to indicate OVMF
> support for SEV live migration.
> 
> The new runtime UEFI environment variable is set via the
> notification function registered for the
> EFI_END_OF_DXE_EVENT_GROUP_GUID event in AmdSevDxe driver.
> 
> AmdSevDxe module is an apriori driver so it gets loaded between PEI
> and DXE phases and the SetVariable call will fail at the driver's
> entry point as the Variable DXE module is still not loaded yet.
> So we need to wait for an event notification which is signaled
> after the Variable DXE module is loaded, hence, using the
> EndOfDxe event notification to make this call.
> 
> Signed-off-by: Ashish Kalra 
> ---
>  OvmfPkg/AmdSevDxe/AmdSevDxe.c  | 64 
>  OvmfPkg/AmdSevDxe/AmdSevDxe.inf|  4 ++
>  OvmfPkg/Include/Guid/AmdSevMemEncryptLib.h | 20 ++
>  OvmfPkg/OvmfPkg.dec|  1 +
>  4 files changed, 89 insertions(+)
> 
> diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.c b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
> index c66c4e9b92..bfad71b9c6 100644
> --- a/OvmfPkg/AmdSevDxe/AmdSevDxe.c
> +++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
> @@ -15,10 +15,47 @@
>  #include 
>  #include 
>  #include 
> +#include 
> +#include 
>  #include 
>  #include 
> +#include 
> +#include 
>  #include 
>  
> +STATIC
> +VOID
> +EFIAPI
> +AmdSevDxeOnEndOfDxe (
> +  IN EFI_EVENT Event,
> +  IN VOID  *EventToSignal
> +  )
> +{
> +  EFI_STATUS Status;
> +  BOOLEAN SevLiveMigrationEnabled;
> +
> +  SevLiveMigrationEnabled = MemEncryptSevLiveMigrationIsEnabled();
> +
> +  if (SevLiveMigrationEnabled) {
> +Status = gRT->SetVariable (
> +   L"SevLiveMigrationEnabled",
> +   ,
> +   EFI_VARIABLE_NON_VOLATILE |
> +   EFI_VARIABLE_BOOTSERVICE_ACCESS |
> +   EFI_VARIABLE_RUNTIME_ACCESS,
> +   sizeof SevLiveMigrationEnabled,
> +   
> +   );
> +
> +DEBUG ((
> +  DEBUG_INFO,
> +  "%a: Setting SevLiveMigrationEnabled variable, status = %lx\n",
> +  __FUNCTION__,
> +  Status
> +  ));
> +  }
> +}
> +
>  EFI_STATUS
>  EFIAPI
>  AmdSevDxeEntryPoint (
> @@ -30,6 +67,7 @@ AmdSevDxeEntryPoint (
>EFI_GCD_MEMORY_SPACE_DESCRIPTOR  *AllDescMap;
>UINTNNumEntries;
>UINTNIndex;
> +  EFI_EVENTEvent;
>  
>//
>// Do nothing when SEV is not enabled
> @@ -130,5 +168,31 @@ AmdSevDxeEntryPoint (
>  }
>}
>  
> +  //
> +  // AmdSevDxe module is an apriori driver so it gets loaded between PEI
> +  // and DXE phases and the SetVariable call will fail at the driver's
> +  // entry point as the Variable DXE module is still not loaded yet.
> +  // So we need to wait for an event notification which is signaled
> +  // after the Variable DXE module is loaded, hence, using the
> +  // EndOfDxe event notification to make this call.
> +  //
> +  // Register EFI_END_OF_DXE_EVENT_GROUP_GUID event.
> +  // The notification function sets the runtime variable indicating OVMF
> +  // support for SEV live migration.
> +  //
> +  Status = gBS->CreateEventEx (
> +  EVT_NOTIFY_SIGNAL,
> +  TPL_CALLBACK,
> +  AmdSevDxeOnEndOfDxe,
> +  NULL,
> +  ,
> +  
> +  );
> +
> +  if (EFI_ERROR (Status)) {
> +  DEBUG ((DEBUG_INFO, "%a: CreateEventEx(): %r\n",

DEBUG_ERROR?

> +__FUNCTION__, Status));

Should there be an "ASSERT_EFI_ERROR (Status)" after the DEBUG call?

Thanks,
Tom

> +  }
> +
>return EFI_SUCCESS;
>  }
> diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
> index 0676fcc5b6..2ad1fb8632 100644
> --- a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
> +++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
> @@ -45,3 +45,7 @@
>  
>  [Pcd]
>gUefiOvmfPkgTokenSpaceGuid.PcdOvmfHostBridgePciDevId
> +
> +[Guids]
> +  gAmdSevMemEncryptGuid
> +  gEfiEndOfDxeEventGroupGuid ## CONSUMES   ## Event
> diff --git a/OvmfPkg/Include/Guid/AmdSevMemEncryptLib.h 
> b/OvmfPkg/Include/Guid/AmdSevMemEncryptLib.h
> new file mode 100644
> index 00..8ab283860b
> --- /dev/null
> +++ b/OvmfPkg/Include/Guid/AmdSevMemEncryptLib.h
> @@ -0,0 +1,20 @@
> +/** @file
> +
> +  AMD Memory Encryption GUID, define a new GUID for defining
> +  new UEFI environment variables assocaiated with SEV Memory Encryption.
> +
> +  Copyright (c) 2021, AMD Inc. All rights reserved.
> +
> +  SPDX-License-Identifier: BSD-2-Clause-Patent
> +
> +**/
> +
> +#ifndef __AMD_SEV_MEMENCRYPT_LIB_H__
> +#define __AMD_SEV_MEMENCRYPT_LIB_H__
> +
> +#define AMD_SEV_MEMENCRYPT_GUID \
> +{0x0cf29b71, 0x9e51, 0x433a, {0xa3, 0xb7, 0x81, 0xf3, 0xab, 0x16, 0xb8, 
> 0x75}}
> +
> +extern EFI_GUID gAmdSevMemEncryptGuid;
> +
> +#endif
> diff --git a/OvmfPkg/OvmfPkg.dec 

Re: [edk2-devel] [PATCH v6 2/6] OvmfPkg/BaseMemEncryptLib: Hypercall API for page encryption state change

[Lendacky, Thomas via groups.io]

On 8/2/21 7:31 AM, Ashish Kalra wrote:
> From: Ashish Kalra 
> 
> Add API to issue hypercall on page encryption state change.
> 
> By default all the SEV guest memory regions are considered encrypted,
> if a guest changes the encryption attribute of the page (e.g mark a
> page as decrypted) then notify hypervisor. Hypervisor will need to
> track the unencrypted pages. The information will be used during
> guest live migration, guest page migration and guest debugging.
> 
> This hypercall is used to notify hypervisor when the page's
> encryption state changes.
> 
> Cc: Jordan Justen 
> Cc: Ard Biesheuvel 
> Signed-off-by: Brijesh Singh 
> Signed-off-by: Ashish Kalra 
> ---
>  OvmfPkg/Include/Library/MemEncryptSevLib.h | 43 
> +
>  OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf   |  1 +
>  OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c   | 27 
> +
>  OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf   |  1 +
>  OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c | 20 
> ++
>  OvmfPkg/Library/BaseMemEncryptSevLib/X64/AsmHelperStub.nasm| 33 
> ++
>  OvmfPkg/Library/BaseMemEncryptSevLib/X64/MemEncryptSevLib.c| 64 
> 
>  7 files changed, 189 insertions(+)
> 
> diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h 
> b/OvmfPkg/Include/Library/MemEncryptSevLib.h
> index 59f694fb8a..56cc7bb958 100644
> --- a/OvmfPkg/Include/Library/MemEncryptSevLib.h
> +++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h
> @@ -249,4 +249,47 @@ KvmDetectSevLiveMigrationFeature(
>VOID
>);
>  
> +/**
> + This hypercall is used to notify hypervisor when the page's encryption
> + state changes.
> +
> + @param[in]   PhysicalAddress   The physical address that is the start 
> address
> +of a memory region.
> + @param[in]   Pages Number of pages in memory region.
> + @param[in]   IsEncrypted   Encrypted or Decrypted.
> +
> + @retval RETURN_SUCCESS Hypercall returned success.
> + @retval RETURN_UNSUPPORTED Hypercall not supported.
> + @retval RETURN_NO_MAPPING  Hypercall returned error.
> +**/
> +RETURN_STATUS
> +EFIAPI
> +SetMemoryEncDecHypercall3 (
> +  IN  UINTN PhysicalAddress,
> +  IN  UINTN Pages,
> +  IN  BOOLEAN   IsEncrypted
> +  );
> +
> +#define KVM_HC_MAP_GPA_RANGE   12
> +#define KVM_MAP_GPA_RANGE_PAGE_SZ_4K0
> +#define KVM_MAP_GPA_RANGE_PAGE_SZ_2MBIT0
> +#define KVM_MAP_GPA_RANGE_PAGE_SZ_1GBIT1
> +#define KVM_MAP_GPA_RANGE_ENC_STAT(n)   ((n) << 4)

s/STAT/STATE/ ?

> +#define KVM_MAP_GPA_RANGE_ENCRYPTED KVM_MAP_GPA_RANGE_ENC_STAT(1)
> +#define KVM_MAP_GPA_RANGE_DECRYPTED KVM_MAP_GPA_RANGE_ENC_STAT(0)
> +
> +/**
> +  Interface exposed by the ASM implementation of the core hypercall

Need to put the function parameters in the comment here.

> +
> +  @retval Hypercall returned status.
> +**/
> +UINTN
> +EFIAPI
> +SetMemoryEncDecHypercall3AsmStub (
> +  IN  UINTN  HypercallNum,
> +  IN  UINTN  PhysicalAddress,
> +  IN  UINTN  Pages,
> +  IN  UINTN  Attributes
> +  );
> +
>  #endif // _MEM_ENCRYPT_SEV_LIB_H_
> diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf 
> b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf
> index f2e162d680..0c28afadee 100644
> --- a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf
> +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf
> @@ -38,6 +38,7 @@
>X64/PeiDxeVirtualMemory.c
>X64/VirtualMemory.c
>X64/VirtualMemory.h
> +  X64/AsmHelperStub.nasm
>  
>  [Sources.IA32]
>Ia32/MemEncryptSevLib.c
> diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c 
> b/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c
> index be260e0d10..516d639489 100644
> --- a/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c
> +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c
> @@ -136,3 +136,30 @@ MemEncryptSevClearMmioPageEncMask (
>//
>return RETURN_UNSUPPORTED;
>  }
> +
> +/**
> + This hyercall is used to notify hypervisor when the page's encryption
> + state changes.
> +
> + @param[in]   PhysicalAddress   The physical address that is the start 
> address
> +of a memory region.
> + @param[in]   Pages Number of Pages in the memory region.
> + @param[in]   IsEncrypted   Encrypted or Decrypted.
> +
> + @retval RETURN_SUCCESS Hypercall returned success.
> + @retval RETURN_UNSUPPORTED Hypercall not supported.
> + @retval RETURN_NO_MAPPING  Hypercall returned error.
> +**/
> +RETURN_STATUS
> +EFIAPI
> +SetMemoryEncDecHypercall3 (
> +  IN  UINTN PhysicalAddress,
> +  IN  UINTN Pages,
> +  IN  BOOLEAN   IsEncrypted
> +  )
> +{
> +  //
> +  // Memory encryption bit is not accessible in 32-bit mode
> +  //
> +  return 

[edk2-devel] [edk2-platforms][PATCH v1 1/1] IntelSiliconPkg: Add BaseSmmAccessLibNull

[Michael Kubacki]

From: Michael Kubacki 

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3540

Adds a NULL instance of SmmAccessLib.

Cc: Ray Ni 
Cc: Rangasai V Chaganty 
Signed-off-by: Michael Kubacki 
---
 
Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/BaseSmmAccessLibNull/BaseSmmAccessLibNull.c
   | 33 
 
Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/BaseSmmAccessLibNull/BaseSmmAccessLibNull.inf
 | 26 +++
 Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dsc  
   |  1 +
 3 files changed, 60 insertions(+)

diff --git 
a/Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/BaseSmmAccessLibNull/BaseSmmAccessLibNull.c
 
b/Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/BaseSmmAccessLibNull/BaseSmmAccessLibNull.c
new file mode 100644
index ..f5ad306b380b
--- /dev/null
+++ 
b/Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/BaseSmmAccessLibNull/BaseSmmAccessLibNull.c
@@ -0,0 +1,33 @@
+/** @file
+  A NULL library instance of SmmAccessLib.
+
+  Copyright (c) 2019 - 2020, Intel Corporation. All rights reserved.
+  Copyright (c) Microsoft Corporation.
+
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include 
+#include 
+#include 
+
+/**
+  This function is to install an SMM Access PPI
+
+  @retval EFI_SUCCESS   - Ppi successfully started and installed.
+  @retval EFI_NOT_FOUND - Ppi can't be found.
+  @retval EFI_OUT_OF_RESOURCES  - Ppi does not have enough resources to 
initialize the driver.
+  @retval EFI_UNSUPPORTED   - The PPI was not installed and installation 
is unsupported in
+  this instance of function implementation.
+
+**/
+EFI_STATUS
+EFIAPI
+PeiInstallSmmAccessPpi (
+  VOID
+  )
+{
+  ASSERT (FALSE);
+  return EFI_UNSUPPORTED;
+}
diff --git 
a/Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/BaseSmmAccessLibNull/BaseSmmAccessLibNull.inf
 
b/Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/BaseSmmAccessLibNull/BaseSmmAccessLibNull.inf
new file mode 100644
index ..7fd3b0b89655
--- /dev/null
+++ 
b/Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/BaseSmmAccessLibNull/BaseSmmAccessLibNull.inf
@@ -0,0 +1,26 @@
+## @file
+# A NULL library instance of SmmAccessLib.
+#
+# Copyright (c) 2019, Intel Corporation. All rights reserved.
+# Copyright (c) Microsoft Corporation.
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+INF_VERSION = 0x00010017
+BASE_NAME   = BaseSmmAccessLibNull
+FILE_GUID   = C1A14AB6-B757-4046-9B92-9DCE1A2154C6
+VERSION_STRING  = 1.0
+MODULE_TYPE = BASE
+LIBRARY_CLASS   = SmmAccessLib
+
+[Packages]
+  MdePkg/MdePkg.dec
+  IntelSiliconPkg/IntelSiliconPkg.dec
+
+[LibraryClasses]
+  DebugLib
+
+[Sources]
+  BaseSmmAccessLibNull.c
diff --git a/Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dsc 
b/Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dsc
index 1092371d848e..dd0928ec58f3 100644
--- a/Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dsc
+++ b/Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dsc
@@ -90,6 +90,7 @@ [Components]
   IntelSiliconPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdateDxe.inf
   
IntelSiliconPkg/Feature/Capsule/Library/MicrocodeFlashAccessLibNull/MicrocodeFlashAccessLibNull.inf
   IntelSiliconPkg/Feature/ShadowMicrocode/ShadowMicrocodePei.inf
+  
IntelSiliconPkg/Feature/SmmAccess/Library/BaseSmmAccessLibNull/BaseSmmAccessLibNull.inf
   IntelSiliconPkg/Library/PeiDxeSmmBootMediaLib/PeiFirmwareBootMediaLib.inf
   IntelSiliconPkg/Library/PeiDxeSmmBootMediaLib/DxeSmmFirmwareBootMediaLib.inf
   IntelSiliconPkg/Library/DxeAslUpdateLib/DxeAslUpdateLib.inf
-- 
2.28.0.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78961): https://edk2.groups.io/g/devel/message/78961
Mute This Topic: https://groups.io/mt/84769134/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v6 1/6] OvmfPkg/BaseMemEncryptLib: Detect SEV live migration feature.

[Lendacky, Thomas via groups.io]

On 8/2/21 7:31 AM, Ashish Kalra wrote:
> From: Ashish Kalra 
> 
> Add support to check if we are running inside KVM HVM and
> KVM HVM supports SEV Live Migration feature.
> 
> Cc: Jordan Justen 
> Cc: Ard Biesheuvel 
> Signed-off-by: Ashish Kalra 
> ---
>  OvmfPkg/Include/Library/MemEncryptSevLib.h| 27 
> ++
>  OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c| 39 
> +++
>  OvmfPkg/Library/BaseMemEncryptSevLib/PeiDxeMemEncryptSevLibInternal.c | 52 
> 
>  OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c| 39 
> +++
>  OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c| 18 
> +++
>  5 files changed, 175 insertions(+)
> 
> diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h 
> b/OvmfPkg/Include/Library/MemEncryptSevLib.h
> index 76d06c206c..59f694fb8a 100644
> --- a/OvmfPkg/Include/Library/MemEncryptSevLib.h
> +++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h
> @@ -90,6 +90,18 @@ MemEncryptSevIsEnabled (
>VOID
>);
>  
> +/**
> +  Returns a boolean to indicate whether SEV live migration is enabled.
> +
> +  @retval TRUE   SEV live migration is enabled
> +  @retval FALSE  SEV live migration is not enabled
> +**/
> +BOOLEAN
> +EFIAPI
> +MemEncryptSevLiveMigrationIsEnabled (
> +  VOID
> +  );
> +
>  /**
>This function clears memory encryption bit for the memory region specified 
> by
>BaseAddress and NumPages from the current page table context.
> @@ -222,4 +234,19 @@ MemEncryptSevClearMmioPageEncMask (
>IN UINTNNumPages
>);
>  
> +#define KVM_FEATURE_MIGRATION_CONTROL   BIT17
> +
> +/**
> +  Figures out if we are running inside KVM HVM and
> +  KVM HVM supports SEV Live Migration feature.
> +
> +  @retval TRUE   SEV live migration is supported.
> +  @retval FALSE  SEV live migration is not supported.
> +**/
> +BOOLEAN
> +EFIAPI
> +KvmDetectSevLiveMigrationFeature(
> +  VOID
> +  );
> +

I don't think KvmDetectSevLiveMigrationFeature() should be in
OvmfPkg/Include/Library/MemEncryptSevLib.h since it isn't called except as
a helper by InternalDetectSevLiveMigrationFeature(). You should probably
create a new PeiDxeMemEncryptSevLibInternal.h header file for that
function that lives in OvmfPkg/Library/BaseMemEncryptSevLib.

>  #endif // _MEM_ENCRYPT_SEV_LIB_H_
> diff --git 
> a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c 
> b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c
> index 2816f859a0..ead754cd7b 100644
> --- a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c
> +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c
> @@ -20,6 +20,8 @@
>  STATIC BOOLEAN mSevStatus = FALSE;
>  STATIC BOOLEAN mSevEsStatus = FALSE;
>  STATIC BOOLEAN mSevStatusChecked = FALSE;
> +STATIC BOOLEAN mSevLiveMigrationStatus = FALSE;
> +STATIC BOOLEAN mSevLiveMigrationStatusChecked = FALSE;
>  
>  STATIC UINT64  mSevEncryptionMask = 0;
>  STATIC BOOLEAN mSevEncryptionMaskSaved = FALSE;
> @@ -87,6 +89,24 @@ InternalMemEncryptSevStatus (
>mSevStatusChecked = TRUE;
>  }
>  
> +/**
> +  Figures out if we are running inside KVM HVM and
> +  KVM HVM supports SEV Live Migration feature.
> +**/
> +STATIC
> +VOID
> +EFIAPI
> +InternalDetectSevLiveMigrationFeature(
> +  VOID
> +  )
> +{
> +  if (KvmDetectSevLiveMigrationFeature()) {

Add a space before the "()"

> +mSevLiveMigrationStatus = TRUE;
> +  }
> +
> +  mSevLiveMigrationStatusChecked = TRUE;
> +}
> +
>  /**
>Returns a boolean to indicate whether SEV-ES is enabled.
>  
> @@ -125,6 +145,25 @@ MemEncryptSevIsEnabled (
>return mSevStatus;
>  }
>  
> +/**
> +  Returns a boolean to indicate whether SEV live migration is enabled.
> +
> +  @retval TRUE   SEV live migration is enabled
> +  @retval FALSE  SEV live migration is not enabled
> +**/
> +BOOLEAN
> +EFIAPI
> +MemEncryptSevLiveMigrationIsEnabled (
> +  VOID
> +  )
> +{
> +  if (!mSevLiveMigrationStatusChecked) {
> +InternalDetectSevLiveMigrationFeature ();
> +  }
> +
> +  return mSevLiveMigrationStatus;
> +}
> +
>  /**
>Returns the SEV encryption mask.
>  
> diff --git 
> a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiDxeMemEncryptSevLibInternal.c 
> b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiDxeMemEncryptSevLibInternal.c
> index b4a9f464e2..d7fc973134 100644
> --- a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiDxeMemEncryptSevLibInternal.c
> +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiDxeMemEncryptSevLibInternal.c
> @@ -61,3 +61,55 @@ MemEncryptSevLocateInitialSmramSaveStateMapPages (
>  
>return RETURN_SUCCESS;
>  }
> +
> +/**
> +  Figures out if we are running inside KVM HVM and
> +  KVM HVM supports SEV Live Migration feature.
> +
> +  @retval TRUE   SEV live migration is supported.
> +  @retval FALSE  SEV live migration is not supported.
> +**/
> +BOOLEAN
> +EFIAPI
> 

[edk2-devel] [edk2-platforms][PATCH v1 1/1] IntelSiliconPkg/PeiSmmAccessLib: Remove S3 requirement

[Michael Kubacki]

From: Michael Kubacki 

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3539

PeiInstallSmmAccessPpi() currently requires the boot mode be set
to S3 to actually install gEfiPeiMmAccessPpiGuid.

This change removes this requirement in the function implementation
for two reasons:

1. Practical use cases exist to require this PPI in cases other than
   the boot mode being set to BOOT_ON_S3_RESUME.

2. It is poor API design to implicitly bury this requirement within
   a function whose responsibility is to install the PPI. The caller
   can easily place arbitrary constraints around whether to call
   based on conditions such as the boot mode being
   BOOT_ON_S3_RESUME.

Cc: Ray Ni 
Cc: Rangasai V Chaganty 
Signed-off-by: Michael Kubacki 
---
 
Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/PeiSmmAccessLib/PeiSmmAccessLib.c
 | 12 
 1 file changed, 12 deletions(-)

diff --git 
a/Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/PeiSmmAccessLib/PeiSmmAccessLib.c
 
b/Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/PeiSmmAccessLib/PeiSmmAccessLib.c
index d9bf4fba983e..4df0d695fdaf 100644
--- 
a/Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/PeiSmmAccessLib/PeiSmmAccessLib.c
+++ 
b/Silicon/Intel/IntelSiliconPkg/Feature/SmmAccess/Library/PeiSmmAccessLib/PeiSmmAccessLib.c
@@ -252,19 +252,7 @@ PeiInstallSmmAccessPpi (
   EFI_SMRAM_HOB_DESCRIPTOR_BLOCK  *DescriptorBlock;
   SMM_ACCESS_PRIVATE_DATA *SmmAccessPrivate;
   VOID*HobList;
-  EFI_BOOT_MODE   BootMode;
 
-  Status = PeiServicesGetBootMode ();
-  if (EFI_ERROR (Status)) {
-//
-// If not in S3 boot path. do nothing
-//
-return EFI_SUCCESS;
-  }
-
-  if (BootMode != BOOT_ON_S3_RESUME) {
-return EFI_SUCCESS;
-  }
   //
   // Initialize private data
   //
-- 
2.28.0.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78959): https://edk2.groups.io/g/devel/message/78959
Mute This Topic: https://groups.io/mt/84768258/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 1/1] OvmfPkg PlatformBootManagerLib: Move TryRunningQemuKernel()

[Ard Biesheuvel]

On Wed, 28 Jul 2021 at 04:18, Christoph Willing  wrote:
>
> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3504
>
> This change ensures that PlatformBdsConnectSequence()  is run
> before TryRunningQemuKernel().
>
> It reverses commit a34a886962561f6d8550b2a1bb193798ca456431 which aimed
> to improve UEFI boot time. Unfortunately that commit now results in boot
> failure when using qemu's -kernel option, therefore rendering the -initrd
> & -append options useless.
>
> Such failures are seen in all releases from edk2-stable201808 to
> edk2-stable202105 as well as the master branch.
>

Can we pinpoint the failure condition a bit more? I heavily rely on
-kernel for my local OVMF testing and other uses, and I am pretty sure
it hasn't been broken for 3 years.

So what else are you doing that triggers this failure? Is it related
to boot order, the type of devices, etc?


> The last releases which actually work correctly are vUDK2017 and vUDK2018
> as they don't contain the a34a88 commit.
>
> This change has been tested with edk2-stable201808, edk2-stable201811,
> edk2-stable202105 as well as master (at 21/7/2021). It results in correct
> booting using the -kernel option in all the test cases. No measurable
> change in boot times was discernible compared with the unaffected vUDK2017
> & vUDK2018 releases.
>
> Signed-off-by: Christoph Willing 
> ---
>  OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c | 8 
>  1 file changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c 
> b/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c
> index b0e9742937..f08ace87b3 100644
> --- a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c
> +++ b/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c
> @@ -1517,14 +1517,14 @@ PlatformBootManagerAfterConsole (
>Tcg2PhysicalPresenceLibProcessRequest (NULL);
>
>//
> -  // Process QEMU's -kernel command line option
> +  // Perform some platform specific connect sequence
>//
> -  TryRunningQemuKernel ();
> +  PlatformBdsConnectSequence ();
>
>//
> -  // Perform some platform specific connect sequence
> +  // Process QEMU's -kernel command line option
>//
> -  PlatformBdsConnectSequence ();
> +  TryRunningQemuKernel ();
>
>EfiBootManagerRefreshAllBootOption ();
>
> --
> 2.32.0
>
>
>
> 
> Groups.io Links: You receive all messages sent to this group.
> View/Reply Online (#78261): https://edk2.groups.io/g/devel/message/78261
> Mute This Topic: https://groups.io/mt/84497355/5717338
> Group Owner: devel+ow...@edk2.groups.io
> Unsubscribe: https://edk2.groups.io/g/devel/unsub [ardb+tianoc...@kernel.org]
> 
>
>


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78958): https://edk2.groups.io/g/devel/message/78958
Mute This Topic: https://groups.io/mt/84497355/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 1/1] OvmfPkg PlatformBootManagerLib: Move TryRunningQemuKernel()

[Christoph Willing]

With soft feature freeze started, I wonder if this patch could be
reviewed and pushed for edk2-stable202108 tag? I think it has languished
because I didn't initially Cc appropriately - pls add others as necessary.

This patch is a trivial (I think) change which fixes a long standing and
annoying bug for those booting Qemu with UEFI using external kernel &
initrd.

Thanks,
chris

On 28/7/21 12:02 pm, Christoph Willing wrote:
> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3504
> 
> This change ensures that PlatformBdsConnectSequence()  is run
> before TryRunningQemuKernel().
> 
> It reverses commit a34a886962561f6d8550b2a1bb193798ca456431 which aimed
> to improve UEFI boot time. Unfortunately that commit now results in boot
> failure when using qemu's -kernel option, therefore rendering the -initrd
> & -append options useless.
> 
> Such failures are seen in all releases from edk2-stable201808 to
> edk2-stable202105 as well as the master branch.
> 
> The last releases which actually work correctly are vUDK2017 and vUDK2018
> as they don't contain the a34a88 commit.
> 
> This change has been tested with edk2-stable201808, edk2-stable201811,
> edk2-stable202105 as well as master (at 21/7/2021). It results in correct
> booting using the -kernel option in all the test cases. No measurable
> change in boot times was discernible compared with the unaffected vUDK2017
> & vUDK2018 releases.
> 
> Signed-off-by: Christoph Willing 
> ---
>  OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c | 8 
>  1 file changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c 
> b/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c
> index b0e9742937..f08ace87b3 100644
> --- a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c
> +++ b/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c
> @@ -1517,14 +1517,14 @@ PlatformBootManagerAfterConsole (
>Tcg2PhysicalPresenceLibProcessRequest (NULL);
>  
>//
> -  // Process QEMU's -kernel command line option
> +  // Perform some platform specific connect sequence
>//
> -  TryRunningQemuKernel ();
> +  PlatformBdsConnectSequence ();
>  
>//
> -  // Perform some platform specific connect sequence
> +  // Process QEMU's -kernel command line option
>//
> -  PlatformBdsConnectSequence ();
> +  TryRunningQemuKernel ();
>  
>EfiBootManagerRefreshAllBootOption ();
>  
> 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78957): https://edk2.groups.io/g/devel/message/78957
Mute This Topic: https://groups.io/mt/84767423/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH] MinPlatformPkg: Fix the incompatible change about SecureBootVariableLib

[Zhiguang Liu]

Hi Dun,
SecureBootConfigDxe.inf will also consume SecureBootVariableProvisionLib 
library.
Can you also add the library in this patch?

Thanks
Zhiguang


> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of duntan
> Sent: Monday, August 9, 2021 5:11 PM
> To: devel@edk2.groups.io
> Cc: Chiu, Chasel ; Desimone, Nathaniel L
> ; Liming Gao ;
> Dong, Eric ; Tan, Dun 
> Subject: [edk2-devel] [PATCH] MinPlatformPkg: Fix the incompatible change
> about SecureBootVariableLib
> 
> The newly created lib will be consumed by SecureBootConfigDxe.inf in
> CoreDxeInclude.dsc
> 
> Cc: Chasel Chiu 
> Cc: Nate DeSimone 
> Cc: Liming Gao 
> Cc: Eric Dong 
> Signed-off-by: DunTan 
> ---
>  Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc
> b/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc
> index b154f9615d..5157c87a9a 100644
> --- a/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc
> +++ b/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc
> @@ -139,6 +139,7 @@
> 
>  !if gMinPlatformPkgTokenSpaceGuid.PcdUefiSecureBootEnable == TRUE
>AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
> +
> SecureBootVariableLib|SecurityPkg/Library/SecureBootVariableLib/SecureBoot
> VariableLib.inf
>  !endif
> 
>SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf
> --
> 2.31.1.windows.1
> 
> 
> 
> 
> 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78956): https://edk2.groups.io/g/devel/message/78956
Mute This Topic: https://groups.io/mt/84764492/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v2 4/7] ArmPkg/DefaultExceptionHandlerLib: Check DebugImageInfoTable type safely

[Marvin Häuser]

On 09/08/2021 13:55, Ard Biesheuvel wrote:

On Mon, 9 Aug 2021 at 11:51, Marvin Häuser  wrote:

C does not allow casting to or dereferencing incompatible pointer
types. Use the ImageInfoType member of the union first to determine
the data type before dereferencing NormalImage.

Cc: Leif Lindholm 
Cc: Ard Biesheuvel 
Cc: Vitaly Cheptsov 
Signed-off-by: Marvin Häuser 

Hi Marvin,

Could you please organize your patches into a consistent series,
include a cover letter and cc me on everything?


Hey Ard,

It's a series and there is a cover letter at: 
https://edk2.groups.io/g/devel/topic/patch_v2_0_7_fix_various/84764899?p=,,,20,0,0,0::recentpostdate%2Fsticky,,,20,2,0,84764899
The mails from yesterday can certainly be discarded, for some reason 
format-patch did not number the patches without the argument.
The mails from today are numbered and there is a cover letter, but for 
some reason the threading is all wrong in Thunderbird for me. All 
subsequent patches have the "In-Reply-To" header in the patch files, I 
think it is supposed to work off of that? Is threading broken for you as 
well? Any idea what could have gone wrong?


I will create a V3 with you CC'd on all patches once I understand 
everything that went wrong. Is it normal to CC all people from each 
patch on all patches of a series?


Thanks and so sorry for the hassle!

Best regards,
Marvin


I am going to disregard anything you sent yesterday and today, as it
is a bit of a jumble.

Thanks,
Ard.



---
  ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c | 4 
++--
  1 file changed, 2 insertions(+), 2 deletions(-)

diff --git 
a/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c 
b/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c
index e9fea4038252..9befb6d4db9b 100644
--- a/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c
+++ b/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c
@@ -51,8 +51,8 @@ GetImageName (

Address = (CHAR8 *)(UINTN)FaultAddress;
for (Entry = 0; Entry < DebugTableHeader->TableSize; Entry++, DebugTable++) 
{
-if (DebugTable->NormalImage != NULL) {
-  if ((DebugTable->NormalImage->ImageInfoType == EFI_DEBUG_IMAGE_INFO_TYPE_NORMAL) 
&&
+if (DebugTable->ImageInfoType != NULL) {
+  if ((*DebugTable->ImageInfoType == EFI_DEBUG_IMAGE_INFO_TYPE_NORMAL) &&
(DebugTable->NormalImage->LoadedImageProtocolInstance != NULL)) {
  if ((Address >= (CHAR8 
*)DebugTable->NormalImage->LoadedImageProtocolInstance->ImageBase) &&
  (Address <= ((CHAR8 
*)DebugTable->NormalImage->LoadedImageProtocolInstance->ImageBase + 
DebugTable->NormalImage->LoadedImageProtocolInstance->ImageSize))) {
--
2.31.1










-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78955): https://edk2.groups.io/g/devel/message/78955
Mute This Topic: https://groups.io/mt/84764906/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v2 4/7] ArmPkg/DefaultExceptionHandlerLib: Check DebugImageInfoTable type safely

[Ard Biesheuvel]

On Mon, 9 Aug 2021 at 11:51, Marvin Häuser  wrote:
>
> C does not allow casting to or dereferencing incompatible pointer
> types. Use the ImageInfoType member of the union first to determine
> the data type before dereferencing NormalImage.
>
> Cc: Leif Lindholm 
> Cc: Ard Biesheuvel 
> Cc: Vitaly Cheptsov 
> Signed-off-by: Marvin Häuser 

Hi Marvin,

Could you please organize your patches into a consistent series,
include a cover letter and cc me on everything?

I am going to disregard anything you sent yesterday and today, as it
is a bit of a jumble.

Thanks,
Ard.


> ---
>  ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c | 4 
> ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git 
> a/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c 
> b/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c
> index e9fea4038252..9befb6d4db9b 100644
> --- a/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c
> +++ b/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c
> @@ -51,8 +51,8 @@ GetImageName (
>
>Address = (CHAR8 *)(UINTN)FaultAddress;
>for (Entry = 0; Entry < DebugTableHeader->TableSize; Entry++, 
> DebugTable++) {
> -if (DebugTable->NormalImage != NULL) {
> -  if ((DebugTable->NormalImage->ImageInfoType == 
> EFI_DEBUG_IMAGE_INFO_TYPE_NORMAL) &&
> +if (DebugTable->ImageInfoType != NULL) {
> +  if ((*DebugTable->ImageInfoType == EFI_DEBUG_IMAGE_INFO_TYPE_NORMAL) &&
>(DebugTable->NormalImage->LoadedImageProtocolInstance != NULL)) {
>  if ((Address >= (CHAR8 
> *)DebugTable->NormalImage->LoadedImageProtocolInstance->ImageBase) &&
>  (Address <= ((CHAR8 
> *)DebugTable->NormalImage->LoadedImageProtocolInstance->ImageBase + 
> DebugTable->NormalImage->LoadedImageProtocolInstance->ImageSize))) {
> --
> 2.31.1
>


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78954): https://edk2.groups.io/g/devel/message/78954
Mute This Topic: https://groups.io/mt/84764906/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] Soft Feature Freeze starts NOW for edk2-stable202108

[gaoliming]

Hi, all

We enter into Soft Feature Freeze phase for edk2-stable202108. The tag
edk2-stable202108-rc0 (d02dbb53cd78de799e6afaa237e98771fb5148db) has been
created. 

 

In this phase, the feature under review will not be allowed to be pushed.
The feature passed review can still be merged. The patch review can continue
without break in edk2 community. If the patch is sent before Soft Feature
Freeze, and plans to catch this stable tag, the patch contributor need reply
to his patch and notify edk2 community. If the patch is sent after Soft
Feature Freeze, and plans to catch this stable tag, please add
edk2-stable202108 key words in the patch title and BZ, so the community know
this patch target and give the feedback.

 

Below is Proposed Schedule for edk2-stable202108 tag
https://github.com/tianocore/tianocore.github.io/wiki/EDK-II-Release-Plannin
g

Date (00:00:00 UTC-8) Description

2021-05-28  Beginning of development

2021-08-09  Soft Feature Freeze

2021-08-13  Hard Feature Freeze

2021-08-27  Release

 

Thanks

Liming



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78953): https://edk2.groups.io/g/devel/message/78953
Mute This Topic: https://groups.io/mt/84766078/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH edk2-test 1/1] uefi-sct/SctPkg: uefi-sct: QueryVariableInfo(EFI_VARIABLE_NON_VOLATILE)

[G Edhaya Chandran]

The solution is upstreamed by commit-id: 
https://github.com/tianocore/edk2-test/commit/814b2af535d977b3967d65de77e42ab18a4f4db4


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78952): https://edk2.groups.io/g/devel/message/78952
Mute This Topic: https://groups.io/mt/83894157/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH edk2-test 1/1] uefi-sct/SctPkg: uefi-sct: QueryVariableInfo(EFI_VARIABLE_NON_VOLATILE)

[G Edhaya Chandran]

Reviewed-by: G Edhaya Chandran

The bugzilla ticket is : 3469 – uefi-sct: QueryVariableInfo(attributes = 
EFI_VARIABLE_NON_VOLATILE) (tianocore.org) ( 
https://bugzilla.tianocore.org/show_bug.cgi?id=3469 )


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78951): https://edk2.groups.io/g/devel/message/78951
Mute This Topic: https://groups.io/mt/83894157/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [edk2-test][PATCH v1 1/1] uefi-sct/SctPkg: Update page alignment calculations

[G Edhaya Chandran]

Thank you all.

The solution is upstream by the commit : 
https://github.com/tianocore/edk2-test/commit/e4be30440f081454d5d6f047510f484ee5bb8a88


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78950): https://edk2.groups.io/g/devel/message/78950
Mute This Topic: https://groups.io/mt/84303611/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v2 1/7] MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates

[Marvin Häuser]

In theory, modifications to the DebugImageInfoTable may cause
exceptions. If the exception handler parses the table, this can lead
to subsequent exceptions if the table state is inconsistent.

Ensure the DebugImageInfoTable remains consistent during
modifications. This includes:
1) Free the old table only only after the new table has been
published. Mitigates use-after-free of the old table.
2) Do not insert an image entry till it is fully initialised. Entries
may be inserted in the live range if an entry was deleted previously.
Mitigaes the usage of inconsistent entries.
3) Free the old image entry only after the table has been updated
with the NULL value. Mitigates use-after-free of the old entry.
4) Set the MODIFIED state before performing any modifications.

Cc: Jian J Wang 
Cc: Hao A Wu 
Cc: Dandan Bi 
Cc: Liming Gao 
Cc: Vitaly Cheptsov 
Signed-off-by: Marvin Häuser 
---
 MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c | 60 +++-
 1 file changed, 34 insertions(+), 26 deletions(-)

diff --git a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c 
b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
index a75d4158280b..7bd970115111 100644
--- a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
+++ b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
@@ -165,10 +165,11 @@ CoreNewDebugImageInfoEntry (
   IN  EFI_HANDLE  ImageHandle

   )

 {

-  EFI_DEBUG_IMAGE_INFO  *Table;

-  EFI_DEBUG_IMAGE_INFO  *NewTable;

-  UINTN Index;

-  UINTN TableSize;

+  EFI_DEBUG_IMAGE_INFO*Table;

+  EFI_DEBUG_IMAGE_INFO*NewTable;

+  UINTN   Index;

+  UINTN   TableSize;

+  EFI_DEBUG_IMAGE_INFO_NORMAL *NormalImage;

 

   //

   // Set the flag indicating that we're in the process of updating the table.

@@ -203,14 +204,6 @@ CoreNewDebugImageInfoEntry (
 // Copy the old table into the new one

 //

 CopyMem (NewTable, Table, TableSize);

-//

-// Free the old table

-//

-CoreFreePool (Table);

-//

-// Update the table header

-//

-Table = NewTable;

 mDebugInfoTableHeader.EfiDebugImageInfoTable = NewTable;

 //

 // Enlarge the max table entries and set the first empty entry index to

@@ -218,24 +211,34 @@ CoreNewDebugImageInfoEntry (
 //

 Index = mMaxTableEntries;

 mMaxTableEntries += EFI_PAGE_SIZE / EFI_DEBUG_TABLE_ENTRY_SIZE;

+//

+// Free the old table

+//

+CoreFreePool (Table);

+//

+// Update the table header

+//

+Table = NewTable;

   }

 

   //

   // Allocate data for new entry

   //

-  Table[Index].NormalImage = AllocateZeroPool (sizeof 
(EFI_DEBUG_IMAGE_INFO_NORMAL));

-  if (Table[Index].NormalImage != NULL) {

+  NormalImage = AllocateZeroPool (sizeof (EFI_DEBUG_IMAGE_INFO_NORMAL));

+  if (NormalImage != NULL) {

 //

 // Update the entry

 //

-Table[Index].NormalImage->ImageInfoType   = (UINT32) 
ImageInfoType;

-Table[Index].NormalImage->LoadedImageProtocolInstance = LoadedImage;

-Table[Index].NormalImage->ImageHandle = ImageHandle;

+NormalImage->ImageInfoType   = (UINT32) ImageInfoType;

+NormalImage->LoadedImageProtocolInstance = LoadedImage;

+NormalImage->ImageHandle = ImageHandle;

 //

-// Increase the number of EFI_DEBUG_IMAGE_INFO elements and set the 
mDebugInfoTable in modified status.

+// Set the mDebugInfoTable in modified status, insert the entry, and

+// increase the number of EFI_DEBUG_IMAGE_INFO elements.

 //

-mDebugInfoTableHeader.TableSize++;

 mDebugInfoTableHeader.UpdateStatus |= EFI_DEBUG_IMAGE_INFO_TABLE_MODIFIED;

+Table[Index].NormalImage = NormalImage;

+mDebugInfoTableHeader.TableSize++;

   }

   mDebugInfoTableHeader.UpdateStatus &= 
~EFI_DEBUG_IMAGE_INFO_UPDATE_IN_PROGRESS;

 }

@@ -253,8 +256,9 @@ CoreRemoveDebugImageInfoEntry (
   EFI_HANDLE ImageHandle

   )

 {

-  EFI_DEBUG_IMAGE_INFO  *Table;

-  UINTN Index;

+  EFI_DEBUG_IMAGE_INFO*Table;

+  UINTN   Index;

+  EFI_DEBUG_IMAGE_INFO_NORMAL *NormalImage;

 

   mDebugInfoTableHeader.UpdateStatus |= 
EFI_DEBUG_IMAGE_INFO_UPDATE_IN_PROGRESS;

 

@@ -263,16 +267,20 @@ CoreRemoveDebugImageInfoEntry (
   for (Index = 0; Index < mMaxTableEntries; Index++) {

 if (Table[Index].NormalImage != NULL && 
Table[Index].NormalImage->ImageHandle == ImageHandle) {

   //

-  // Found a match. Free up the record, then NULL the pointer to indicate 
the slot

-  // is free.

+  // Found a match. Set the mDebugInfoTable in modified status and NULL the

+  // pointer to indicate the slot is free and.

   //

-  CoreFreePool (Table[Index].NormalImage);

+  NormalImage = Table[Index].NormalImage;

+  mDebugInfoTableHeader.UpdateStatus |= 
EFI_DEBUG_IMAGE_INFO_TABLE_MODIFIED;

   

[edk2-devel] [PATCH v2 7/7] ArmPkg/DefaultExceptionHandlerLib: Mandatory LoadedImage for DebugImageInfoTable

[Marvin Häuser]

To make parsing DebugImageInfoTable easier and safer, require the
LoadedImage protocol instance to be valid for every NormalImage
entry.

Cc: Leif Lindholm 
Cc: Ard Biesheuvel 
Cc: Vitaly Cheptsov 
Signed-off-by: Marvin Häuser 
---
 ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c | 5 
+++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git 
a/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c 
b/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c
index 9befb6d4db9b..d442b5d358b2 100644
--- a/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c
+++ b/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c
@@ -52,8 +52,9 @@ GetImageName (
   Address = (CHAR8 *)(UINTN)FaultAddress;

   for (Entry = 0; Entry < DebugTableHeader->TableSize; Entry++, DebugTable++) {

 if (DebugTable->ImageInfoType != NULL) {

-  if ((*DebugTable->ImageInfoType == EFI_DEBUG_IMAGE_INFO_TYPE_NORMAL) &&

-  (DebugTable->NormalImage->LoadedImageProtocolInstance != NULL)) {

+  if (*DebugTable->ImageInfoType == EFI_DEBUG_IMAGE_INFO_TYPE_NORMAL) {

+ASSERT (gDebugTable->NormalImage->LoadedImageProtocolInstance != NULL);

+

 if ((Address >= (CHAR8 
*)DebugTable->NormalImage->LoadedImageProtocolInstance->ImageBase) &&

 (Address <= ((CHAR8 
*)DebugTable->NormalImage->LoadedImageProtocolInstance->ImageBase + 
DebugTable->NormalImage->LoadedImageProtocolInstance->ImageSize))) {

   *ImageBase = 
(UINTN)DebugTable->NormalImage->LoadedImageProtocolInstance->ImageBase;

-- 
2.31.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78948): https://edk2.groups.io/g/devel/message/78948
Mute This Topic: https://groups.io/mt/84764911/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v2 5/7] MdeModulePkg/CoreDxe: Mandatory LoadedImage for DebugImageInfoTable

[Marvin Häuser]

To make parsing DebugImageInfoTable easier and safer, require the
LoadedImage protocol instance to be valid for every NormalImage
entry.

Cc: Jian J Wang 
Cc: Hao A Wu 
Cc: Dandan Bi 
Cc: Liming Gao 
Cc: Vitaly Cheptsov 
Signed-off-by: Marvin Häuser 
---
 MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c 
b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
index cc22e23eb0b3..afc54965bc33 100644
--- a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
+++ b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
@@ -173,6 +173,8 @@ CoreNewDebugImageInfoEntry (
   UINTN   TableSize;

   EFI_DEBUG_IMAGE_INFO_NORMAL *NormalImage;

 

+  ASSERT (LoadedImage != NULL);

+

   //

   // Set the flag indicating that we're in the process of updating the table.

   //

-- 
2.31.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78947): https://edk2.groups.io/g/devel/message/78947
Mute This Topic: https://groups.io/mt/84764910/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v2 6/7] EmbeddedPkg/GdbStub: Mandatory LoadedImage for DebugImageInfoTable

[Marvin Häuser]

To make parsing DebugImageInfoTable easier and safer, require the
LoadedImage protocol instance to be valid for every NormalImage
entry.

Cc: Leif Lindholm 
Cc: Ard Biesheuvel 
Cc: Abner Chang 
Cc: Daniel Schaefer 
Cc: Vitaly Cheptsov 
Signed-off-by: Marvin Häuser 
---
 EmbeddedPkg/GdbStub/GdbStub.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/EmbeddedPkg/GdbStub/GdbStub.c b/EmbeddedPkg/GdbStub/GdbStub.c
index 09167fdafb4d..29aa63237304 100644
--- a/EmbeddedPkg/GdbStub/GdbStub.c
+++ b/EmbeddedPkg/GdbStub/GdbStub.c
@@ -1044,8 +1044,9 @@ QxferLibrary (
   if (gDebugTable != NULL) {

 for (; gEfiDebugImageTableEntry < gDebugImageTableHeader->TableSize; 
gEfiDebugImageTableEntry++, gDebugTable++) {

   if (gDebugTable->ImageInfoType != NULL) {

-if ((*gDebugTable->ImageInfoType == EFI_DEBUG_IMAGE_INFO_TYPE_NORMAL) 
&&

-(gDebugTable->NormalImage->LoadedImageProtocolInstance != NULL)) {

+if (*gDebugTable->ImageInfoType == EFI_DEBUG_IMAGE_INFO_TYPE_NORMAL) {

+  ASSERT (gDebugTable->NormalImage->LoadedImageProtocolInstance != 
NULL);

+

   Pdb = PeCoffLoaderGetDebuggerInfo (

  
gDebugTable->NormalImage->LoadedImageProtocolInstance->ImageBase,

  

-- 
2.31.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78946): https://edk2.groups.io/g/devel/message/78946
Mute This Topic: https://groups.io/mt/84764909/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v2 3/7] EmbeddedPkg/GdbStub: Check DebugImageInfoTable type safely

[Marvin Häuser]

C does not allow casting to or dereferencing incompatible pointer
types. Use the ImageInfoType member of the union first to determine
the data type before dereferencing NormalImage.

Cc: Leif Lindholm 
Cc: Ard Biesheuvel 
Cc: Abner Chang 
Cc: Daniel Schaefer 
Cc: Vitaly Cheptsov 
Signed-off-by: Marvin Häuser 
---
 EmbeddedPkg/GdbStub/GdbStub.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/EmbeddedPkg/GdbStub/GdbStub.c b/EmbeddedPkg/GdbStub/GdbStub.c
index 7f2a5ed20011..09167fdafb4d 100644
--- a/EmbeddedPkg/GdbStub/GdbStub.c
+++ b/EmbeddedPkg/GdbStub/GdbStub.c
@@ -1043,8 +1043,8 @@ QxferLibrary (
 

   if (gDebugTable != NULL) {

 for (; gEfiDebugImageTableEntry < gDebugImageTableHeader->TableSize; 
gEfiDebugImageTableEntry++, gDebugTable++) {

-  if (gDebugTable->NormalImage != NULL) {

-if ((gDebugTable->NormalImage->ImageInfoType == 
EFI_DEBUG_IMAGE_INFO_TYPE_NORMAL) &&

+  if (gDebugTable->ImageInfoType != NULL) {

+if ((*gDebugTable->ImageInfoType == EFI_DEBUG_IMAGE_INFO_TYPE_NORMAL) 
&&

 (gDebugTable->NormalImage->LoadedImageProtocolInstance != NULL)) {

   Pdb = PeCoffLoaderGetDebuggerInfo (

  
gDebugTable->NormalImage->LoadedImageProtocolInstance->ImageBase,

-- 
2.31.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78945): https://edk2.groups.io/g/devel/message/78945
Mute This Topic: https://groups.io/mt/84764908/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v2 2/2] UefiCpuPkg/BaseUefiCpuLib: Use toolchain-specific rodata section name

[Marvin Häuser]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3318

Correctly define the read-only data sections with the
toolchain-specific section name. This hardens image permission
security and may save image space.

Cc: Eric Dong 
Cc: Ray Ni 
Cc: Rahul Kumar 
Cc: Vitaly Cheptsov 
Signed-off-by: Marvin Häuser 
---
 UefiCpuPkg/Library/BaseUefiCpuLib/Ia32/InitializeFpu.nasm | 2 +-
 UefiCpuPkg/Library/BaseUefiCpuLib/X64/InitializeFpu.nasm  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/UefiCpuPkg/Library/BaseUefiCpuLib/Ia32/InitializeFpu.nasm 
b/UefiCpuPkg/Library/BaseUefiCpuLib/Ia32/InitializeFpu.nasm
index 5e27cc325012..cfb8bf4a5ae0 100644
--- a/UefiCpuPkg/Library/BaseUefiCpuLib/Ia32/InitializeFpu.nasm
+++ b/UefiCpuPkg/Library/BaseUefiCpuLib/Ia32/InitializeFpu.nasm
@@ -6,7 +6,7 @@
 ;*

 ;--

 

-SECTION .rodata

+SECTION RODATA_SECTION_NAME

 

 ;

 ; Float control word initial value:

diff --git a/UefiCpuPkg/Library/BaseUefiCpuLib/X64/InitializeFpu.nasm 
b/UefiCpuPkg/Library/BaseUefiCpuLib/X64/InitializeFpu.nasm
index 8485b4713548..3c976a21e391 100644
--- a/UefiCpuPkg/Library/BaseUefiCpuLib/X64/InitializeFpu.nasm
+++ b/UefiCpuPkg/Library/BaseUefiCpuLib/X64/InitializeFpu.nasm
@@ -6,7 +6,7 @@
 ;*

 ;--

 

-SECTION .rodata

+SECTION RODATA_SECTION_NAME

 ;

 ; Float control word initial value:

 ; all exceptions masked, double-extended-precision, round-to-nearest

-- 
2.31.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78944): https://edk2.groups.io/g/devel/message/78944
Mute This Topic: https://groups.io/mt/84764907/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v2 4/7] ArmPkg/DefaultExceptionHandlerLib: Check DebugImageInfoTable type safely

[Marvin Häuser]

C does not allow casting to or dereferencing incompatible pointer
types. Use the ImageInfoType member of the union first to determine
the data type before dereferencing NormalImage.

Cc: Leif Lindholm 
Cc: Ard Biesheuvel 
Cc: Vitaly Cheptsov 
Signed-off-by: Marvin Häuser 
---
 ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c | 4 
++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git 
a/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c 
b/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c
index e9fea4038252..9befb6d4db9b 100644
--- a/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c
+++ b/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c
@@ -51,8 +51,8 @@ GetImageName (
 

   Address = (CHAR8 *)(UINTN)FaultAddress;

   for (Entry = 0; Entry < DebugTableHeader->TableSize; Entry++, DebugTable++) {

-if (DebugTable->NormalImage != NULL) {

-  if ((DebugTable->NormalImage->ImageInfoType == 
EFI_DEBUG_IMAGE_INFO_TYPE_NORMAL) &&

+if (DebugTable->ImageInfoType != NULL) {

+  if ((*DebugTable->ImageInfoType == EFI_DEBUG_IMAGE_INFO_TYPE_NORMAL) &&

   (DebugTable->NormalImage->LoadedImageProtocolInstance != NULL)) {

 if ((Address >= (CHAR8 
*)DebugTable->NormalImage->LoadedImageProtocolInstance->ImageBase) &&

 (Address <= ((CHAR8 
*)DebugTable->NormalImage->LoadedImageProtocolInstance->ImageBase + 
DebugTable->NormalImage->LoadedImageProtocolInstance->ImageSize))) {

-- 
2.31.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78943): https://edk2.groups.io/g/devel/message/78943
Mute This Topic: https://groups.io/mt/84764906/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v2 2/2] BaseTools/CommonLib: Fix unaligned API prototypes

[Marvin Häuser]

C prohibits not only dereferencing but also casting to unaligned
pointers. Thus, the current set of unaligned APIs cannot be called
safely. Update their prototypes to take VOID * pointers, which must
be able to represent any valid pointer.

Cc: Bob Feng 
Cc: Liming Gao 
Cc: Yuwei Chen 
Cc: Vitaly Cheptsov 
Signed-off-by: Marvin Häuser 
---
 BaseTools/Source/C/Common/CommonLib.c | 16 
 BaseTools/Source/C/Common/CommonLib.h |  8 
 2 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/BaseTools/Source/C/Common/CommonLib.c 
b/BaseTools/Source/C/Common/CommonLib.c
index 7fb4ab764fcd..f1223fb2ae0a 100644
--- a/BaseTools/Source/C/Common/CommonLib.c
+++ b/BaseTools/Source/C/Common/CommonLib.c
@@ -1154,23 +1154,23 @@ StrSize (
 

 UINT64

 ReadUnaligned64 (

-   CONST UINT64  *Buffer

+   CONST VOID*Buffer

   )

 {

   ASSERT (Buffer != NULL);

 

-  return *Buffer;

+  return *(CONST UINT64 *) Buffer;

 }

 

 UINT64

 WriteUnaligned64 (

-   UINT64*Buffer,

+   VOID  *Buffer,

UINT64Value

   )

 {

   ASSERT (Buffer != NULL);

 

-  return *Buffer = Value;

+  return *(UINT64 *) Buffer = Value;

 }

 

 

@@ -2018,23 +2018,23 @@ AllocatePool (
 

 UINT16

 WriteUnaligned16 (

-  UINT16*Buffer,

+  VOID  *Buffer,

   UINT16Value

   )

 {

   ASSERT (Buffer != NULL);

 

-  return *Buffer = Value;

+  return *(UINT16 *) Buffer = Value;

 }

 

 UINT16

 ReadUnaligned16 (

-  CONST UINT16  *Buffer

+  CONST VOID*Buffer

   )

 {

   ASSERT (Buffer != NULL);

 

-  return *Buffer;

+  return *(CONST UINT16 *) Buffer;

 }

 /**

   Return whether the integer string is a hex string.

diff --git a/BaseTools/Source/C/Common/CommonLib.h 
b/BaseTools/Source/C/Common/CommonLib.h
index 0f05d88db206..67c42a91765d 100644
--- a/BaseTools/Source/C/Common/CommonLib.h
+++ b/BaseTools/Source/C/Common/CommonLib.h
@@ -238,13 +238,13 @@ CopyGuid (
 

 UINT64

 WriteUnaligned64 (

-   UINT64*Buffer,

+   VOID  *Buffer,

UINT64Value

   );

 

 UINT64

 ReadUnaligned64 (

-   CONST UINT64  *Buffer

+   CONST VOID*Buffer

   );

 

 UINTN

@@ -363,13 +363,13 @@ AllocatePool (
 

 UINT16

 WriteUnaligned16 (

-  UINT16*Buffer,

+  VOID  *Buffer,

   UINT16Value

   );

 

 UINT16

 ReadUnaligned16 (

-  CONST UINT16  *Buffer

+  CONST VOID*Buffer

   );

 

 VOID *

-- 
2.31.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78941): https://edk2.groups.io/g/devel/message/78941
Mute This Topic: https://groups.io/mt/84764904/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v2 2/2] SecurityPkg/SecureBootConfigDxe: Fix certificate lookup algorithm

[Marvin Häuser]

The current certificate lookup code does not check the bounds of the
authentication data before accessing it. Abort if the header cannot
fit, and proceed to the next hashing algortihm if the OID of the
current one exceeds the authentication data bounds.

Additionally move the two-byte encoding check out of the loop as the
data is invariant.

Cc: Jiewen Yao 
Cc: Jian J Wang 
Cc: Min Xu 
Cc: Vitaly Cheptsov 
Signed-off-by: Marvin Häuser 
---
 SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c | 
45 
 1 file changed, 28 insertions(+), 17 deletions(-)

diff --git 
a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c 
b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
index 65a8188d6d03..fd7629f61862 100644
--- 
a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
+++ 
b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
@@ -1969,30 +1969,41 @@ HashPeImageByType (
 {

   UINT8 Index;

   WIN_CERTIFICATE_EFI_PKCS  *PkcsCertData;

+  UINT32AuthDataSize;

 

   PkcsCertData = (WIN_CERTIFICATE_EFI_PKCS *) (mImageBase + 
mSecDataDir->Offset);

+  if (PkcsCertData->Hdr.dwLength <= sizeof (PkcsCertData->Hdr)) {

+return EFI_UNSUPPORTED;

+  }

+

+  AuthDataSize = PkcsCertData->Hdr.dwLength - sizeof (PkcsCertData->Hdr);

+  if (AuthDataSize < 32) {

+return EFI_UNSUPPORTED;

+  }

+  //

+  // Check the Hash algorithm in PE/COFF Authenticode.

+  //According to PKCS#7 Definition:

+  //SignedData ::= SEQUENCE {

+  //version Version,

+  //digestAlgorithms DigestAlgorithmIdentifiers,

+  //contentInfo ContentInfo,

+  // }

+  //The DigestAlgorithmIdentifiers can be used to determine the hash 
algorithm in PE/COFF hashing

+  //This field has the fixed offset (+32) in final Authenticode ASN.1 data.

+  //Fixed offset (+32) is calculated based on two bytes of length encoding.

+  //

+  if ((*(PkcsCertData->CertData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE) {

+//

+// Only support two bytes of Long Form of Length Encoding.

+//

+return EFI_UNSUPPORTED;

+  }

 

   for (Index = 0; Index < HASHALG_MAX; Index++) {

-//

-// Check the Hash algorithm in PE/COFF Authenticode.

-//According to PKCS#7 Definition:

-//SignedData ::= SEQUENCE {

-//version Version,

-//digestAlgorithms DigestAlgorithmIdentifiers,

-//contentInfo ContentInfo,

-// }

-//The DigestAlgorithmIdentifiers can be used to determine the hash 
algorithm in PE/COFF hashing

-//This field has the fixed offset (+32) in final Authenticode ASN.1 
data.

-//Fixed offset (+32) is calculated based on two bytes of length 
encoding.

- //

-if ((*(PkcsCertData->CertData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE) {

-  //

-  // Only support two bytes of Long Form of Length Encoding.

-  //

+if (AuthDataSize - 32 < mHash[Index].OidLength) {

   continue;

 }

 

-//

 if (CompareMem (PkcsCertData->CertData + 32, mHash[Index].OidValue, 
mHash[Index].OidLength) == 0) {

   break;

 }

-- 
2.31.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78942): https://edk2.groups.io/g/devel/message/78942
Mute This Topic: https://groups.io/mt/84764905/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v2 2/7] MdeModulePkg/DxeCore: Fix DebugImageInfoTable size report

[Marvin Häuser]

Separate tracking the used entries from the table's self-reported
size. Removing an entry from the table does not necessarily reduce
the size of the table as defragmentation is not performed.

Cc: Jian J Wang 
Cc: Hao A Wu 
Cc: Dandan Bi 
Cc: Liming Gao 
Cc: Vitaly Cheptsov 
Signed-off-by: Marvin Häuser 
---
 MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c | 20 
 1 file changed, 16 insertions(+), 4 deletions(-)

diff --git a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c 
b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
index 7bd970115111..cc22e23eb0b3 100644
--- a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
+++ b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
@@ -18,6 +18,8 @@ EFI_DEBUG_IMAGE_INFO_TABLE_HEADER  mDebugInfoTableHeader = {
 

 UINTN mMaxTableEntries = 0;

 

+UINTN mUsedTableEntries = 0;

+

 EFI_SYSTEM_TABLE_POINTER  *mDebugTable = NULL;

 

 #define EFI_DEBUG_TABLE_ENTRY_SIZE   (sizeof (VOID *))

@@ -178,7 +180,7 @@ CoreNewDebugImageInfoEntry (
 

   Table = mDebugInfoTableHeader.EfiDebugImageInfoTable;

 

-  if (mDebugInfoTableHeader.TableSize < mMaxTableEntries) {

+  if (mUsedTableEntries < mMaxTableEntries) {

 //

 // We still have empty entires in the Table, find the first empty entry.

 //

@@ -237,8 +239,17 @@ CoreNewDebugImageInfoEntry (
 // increase the number of EFI_DEBUG_IMAGE_INFO elements.

 //

 mDebugInfoTableHeader.UpdateStatus |= EFI_DEBUG_IMAGE_INFO_TABLE_MODIFIED;

+mUsedTableEntries++;

 Table[Index].NormalImage = NormalImage;

-mDebugInfoTableHeader.TableSize++;

+//

+// Only increase the amount of elements in the table if the new entry did

+// not take the place of a previously removed entry.

+//

+if (Index == mDebugInfoTableHeader.TableSize) {

+  mDebugInfoTableHeader.TableSize++;

+}

+

+ASSERT (Index < mDebugInfoTableHeader.TableSize);

   }

   mDebugInfoTableHeader.UpdateStatus &= 
~EFI_DEBUG_IMAGE_INFO_UPDATE_IN_PROGRESS;

 }

@@ -274,9 +285,10 @@ CoreRemoveDebugImageInfoEntry (
   mDebugInfoTableHeader.UpdateStatus |= 
EFI_DEBUG_IMAGE_INFO_TABLE_MODIFIED;

   Table[Index].NormalImage = NULL;

   //

-  // Decrease the number of EFI_DEBUG_IMAGE_INFO elements.

+  // Do not reduce the amount of elements reported to be in the table as

+  // this would only work for the last element without defragmentation.

   //

-  mDebugInfoTableHeader.TableSize--;

+  mUsedTableEntries--;

   //

   // Free up the record.

   //

-- 
2.31.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78938): https://edk2.groups.io/g/devel/message/78938
Mute This Topic: https://groups.io/mt/84764901/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v2 1/2] SecurityPkg/DxeImageVerificationLib: Fix certificate lookup algorithm

[Marvin Häuser]

The current certificate lookup code does not check the bounds of the
authentication data before accessing it. Abort if the header cannot
fit. Also, the lookup code aborts once the authetication data is
smaller than an algorithm's OID size. As OIDs are variably-sized,
this may cause unexpected authentication failure due to the early
error-exit.

Additionally move the two-byte encoding check out of the loop as the
data is invariant.

Cc: Jiewen Yao 
Cc: Jian J Wang 
Cc: Min Xu 
Cc: Vitaly Cheptsov 
Signed-off-by: Marvin Häuser 
---
 SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c | 43 
+++-
 1 file changed, 23 insertions(+), 20 deletions(-)

diff --git 
a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c 
b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
index c48861cd6496..6615099baafb 100644
--- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
+++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
@@ -624,30 +624,33 @@ HashPeImageByType (
 {

   UINT8 Index;

 

+  if (AuthDataSize < 32) {

+return EFI_UNSUPPORTED;

+  }

+  //

+  // Check the Hash algorithm in PE/COFF Authenticode.

+  //According to PKCS#7 Definition:

+  //SignedData ::= SEQUENCE {

+  //version Version,

+  //digestAlgorithms DigestAlgorithmIdentifiers,

+  //contentInfo ContentInfo,

+  // }

+  //The DigestAlgorithmIdentifiers can be used to determine the hash 
algorithm in PE/COFF hashing

+  //This field has the fixed offset (+32) in final Authenticode ASN.1 data.

+  //Fixed offset (+32) is calculated based on two bytes of length encoding.

+  //

+  if ((*(AuthData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE) {

+//

+// Only support two bytes of Long Form of Length Encoding.

+//

+return EFI_UNSUPPORTED;

+  }

+

   for (Index = 0; Index < HASHALG_MAX; Index++) {

-//

-// Check the Hash algorithm in PE/COFF Authenticode.

-//According to PKCS#7 Definition:

-//SignedData ::= SEQUENCE {

-//version Version,

-//digestAlgorithms DigestAlgorithmIdentifiers,

-//contentInfo ContentInfo,

-// }

-//The DigestAlgorithmIdentifiers can be used to determine the hash 
algorithm in PE/COFF hashing

-//This field has the fixed offset (+32) in final Authenticode ASN.1 
data.

-//Fixed offset (+32) is calculated based on two bytes of length 
encoding.

-//

-if ((*(AuthData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE) {

-  //

-  // Only support two bytes of Long Form of Length Encoding.

-  //

+if (AuthDataSize - 32 < mHash[Index].OidLength) {

   continue;

 }

 

-if (AuthDataSize < 32 + mHash[Index].OidLength) {

-  return EFI_UNSUPPORTED;

-}

-

 if (CompareMem (AuthData + 32, mHash[Index].OidValue, 
mHash[Index].OidLength) == 0) {

   break;

 }

-- 
2.31.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78940): https://edk2.groups.io/g/devel/message/78940
Mute This Topic: https://groups.io/mt/84764903/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v2 1/2] BaseTools: Define the read-only data section name per toolchain

[Marvin Häuser]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3318

Different toolchains of the EDK II build system may generate ELF or
Mach-O files, which use the ".rodata" naming convention, or PE/COFF
files, which use the ".rdata" naming convention. Section permissions
are chosen based on this name per file format by NASM. To harden
image permission security, and to save space by avoiding both
".rdata" and ".rodata" sections being emitted, expose the appropriate
name as a preprocessor constant.

Cc: Bob Feng 
Cc: Liming Gao 
Cc: Yuwei Chen 
Cc: Vitaly Cheptsov 
Signed-off-by: Marvin Häuser 
---
 BaseTools/Conf/tools_def.template | 172 ++--
 1 file changed, 86 insertions(+), 86 deletions(-)

diff --git a/BaseTools/Conf/tools_def.template 
b/BaseTools/Conf/tools_def.template
index 2e6b382ab623..84d464916c4d 100755
--- a/BaseTools/Conf/tools_def.template
+++ b/BaseTools/Conf/tools_def.template
@@ -463,9 +463,9 @@ NOOPT_VS2008_IA32_CC_FLAGS= /nologo /c /WX /GS- /W4 
/Gs32768 /D UNICODE
 RELEASE_VS2008_IA32_ASM_FLAGS = /nologo /c /WX /W3 /Cx /coff /Zd

 NOOPT_VS2008_IA32_ASM_FLAGS   = /nologo /c /WX /W3 /Cx /coff /Zd /Zi

 

-  DEBUG_VS2008_IA32_NASM_FLAGS= -Ox -f win32 -g

-RELEASE_VS2008_IA32_NASM_FLAGS= -Ox -f win32

-NOOPT_VS2008_IA32_NASM_FLAGS  = -O0 -f win32 -g

+  DEBUG_VS2008_IA32_NASM_FLAGS= -Ox -f win32 -g 
-DRODATA_SECTION_NAME=.rdata

+RELEASE_VS2008_IA32_NASM_FLAGS= -Ox -f win32 -DRODATA_SECTION_NAME=.rdata

+NOOPT_VS2008_IA32_NASM_FLAGS  = -O0 -f win32 -g 
-DRODATA_SECTION_NAME=.rdata

 

   DEBUG_VS2008_IA32_DLINK_FLAGS   = /NOLOGO /NODEFAULTLIB /IGNORE:4001 
/OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D 
/MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) 
/SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /DEBUG

 RELEASE_VS2008_IA32_DLINK_FLAGS   = /NOLOGO /NODEFAULTLIB /IGNORE:4001 
/IGNORE:4254 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D 
/SECTION:.pdata,D /MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) 
/SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER 
/MERGE:.rdata=.data

@@ -495,9 +495,9 @@ NOOPT_VS2008_X64_CC_FLAGS   = /nologo /c /WX /GS- /W4 
/Gs32768 /D UNICODE /G
 RELEASE_VS2008_X64_ASM_FLAGS= /nologo /c /WX /W3 /Cx /Zd

 NOOPT_VS2008_X64_ASM_FLAGS= /nologo /c /WX /W3 /Cx /Zd /Zi

 

-  DEBUG_VS2008_X64_NASM_FLAGS   = -Ox -f win64 -g

-RELEASE_VS2008_X64_NASM_FLAGS   = -Ox -f win64

-NOOPT_VS2008_X64_NASM_FLAGS = -O0 -f win64 -g

+  DEBUG_VS2008_X64_NASM_FLAGS   = -Ox -f win64 -g -DRODATA_SECTION_NAME=.rdata

+RELEASE_VS2008_X64_NASM_FLAGS   = -Ox -f win64 -DRODATA_SECTION_NAME=.rdata

+NOOPT_VS2008_X64_NASM_FLAGS = -O0 -f win64 -g -DRODATA_SECTION_NAME=.rdata

 

   DEBUG_VS2008_X64_DLINK_FLAGS  = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /OPT:REF 
/OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /Machine:X64 
/LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER 
/SAFESEH:NO /BASE:0 /DRIVER /DEBUG

 RELEASE_VS2008_X64_DLINK_FLAGS  = /NOLOGO /NODEFAULTLIB /IGNORE:4001 
/IGNORE:4254 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D 
/SECTION:.pdata,D /Machine:X64 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) 
/SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER 
/MERGE:.rdata=.data

@@ -574,9 +574,9 @@ NOOPT_VS2008x86_IA32_CC_FLAGS  = /nologo /c /WX /GS- 
/W4 /Gs32768 /D UNICODE
 RELEASE_VS2008x86_IA32_ASM_FLAGS   = /nologo /c /WX /W3 /Cx /coff /Zd

 NOOPT_VS2008x86_IA32_ASM_FLAGS = /nologo /c /WX /W3 /Cx /coff /Zd /Zi

 

-  DEBUG_VS2008x86_IA32_NASM_FLAGS  = -Ox -f win32 -g

-RELEASE_VS2008x86_IA32_NASM_FLAGS  = -Ox -f win32

-NOOPT_VS2008x86_IA32_NASM_FLAGS= -O0 -f win32 -g

+  DEBUG_VS2008x86_IA32_NASM_FLAGS  = -Ox -f win32 -g 
-DRODATA_SECTION_NAME=.rdata

+RELEASE_VS2008x86_IA32_NASM_FLAGS  = -Ox -f win32 -DRODATA_SECTION_NAME=.rdata

+NOOPT_VS2008x86_IA32_NASM_FLAGS= -O0 -f win32 -g 
-DRODATA_SECTION_NAME=.rdata

 

   DEBUG_VS2008x86_IA32_DLINK_FLAGS = /NOLOGO /NODEFAULTLIB /IGNORE:4001 
/OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D 
/MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) 
/SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /DEBUG

 RELEASE_VS2008x86_IA32_DLINK_FLAGS = /NOLOGO /NODEFAULTLIB /IGNORE:4001 
/IGNORE:4254 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D 
/SECTION:.pdata,D /MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) 
/SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER 
/MERGE:.rdata=.data

@@ -605,9 +605,9 @@ NOOPT_VS2008x86_X64_CC_FLAGS   = /nologo /c /WX /GS- 
/W4 /Gs32768 /D UNICODE
 RELEASE_VS2008x86_X64_ASM_FLAGS= /nologo /c /WX /W3 /Cx /Zd

 NOOPT_VS2008x86_X64_ASM_FLAGS  = /nologo /c /WX /W3 /Cx /Zd /Zi

 

-  DEBUG_VS2008x86_X64_NASM_FLAGS   = -Ox -f win64 -g

-RELEASE_VS2008x86_X64_NASM_FLAGS   = -Ox -f win64

-NOOPT_VS2008x86_X64_NASM_FLAGS = -O0 -f win64 -g

+  

[edk2-devel] [PATCH v2 1/2] MdePkg/BaseLib: Fix unaligned API prototypes

[Marvin Häuser]

C prohibits not only dereferencing but also casting to unaligned
pointers. Thus, the current set of unaligned APIs cannot be called
safely. Update their prototypes to take VOID * pointers, which must
be able to represent any valid pointer.

Cc: Michael D Kinney 
Cc: Liming Gao 
Cc: Zhiguang Liu 
Cc: Vitaly Cheptsov 
Signed-off-by: Marvin Häuser 
---
 MdePkg/Library/BaseLib/Arm/Unaligned.c | 14 -
 MdePkg/Library/BaseLib/Unaligned.c | 32 ++--
 MdePkg/Include/Library/BaseLib.h   | 16 +-
 3 files changed, 31 insertions(+), 31 deletions(-)

diff --git a/MdePkg/Library/BaseLib/Arm/Unaligned.c 
b/MdePkg/Library/BaseLib/Arm/Unaligned.c
index e9934e7003cb..57f19fc44e0b 100644
--- a/MdePkg/Library/BaseLib/Arm/Unaligned.c
+++ b/MdePkg/Library/BaseLib/Arm/Unaligned.c
@@ -59,7 +59,7 @@ ReadUnaligned16 (
 UINT16

 EFIAPI

 WriteUnaligned16 (

-  OUT UINT16*Buffer,

+  OUT VOID  *Buffer,

   IN  UINT16Value

   )

 {

@@ -87,7 +87,7 @@ WriteUnaligned16 (
 UINT32

 EFIAPI

 ReadUnaligned24 (

-  IN CONST UINT32  *Buffer

+  IN CONST VOID*Buffer

   )

 {

   ASSERT (Buffer != NULL);

@@ -116,7 +116,7 @@ ReadUnaligned24 (
 UINT32

 EFIAPI

 WriteUnaligned24 (

-  OUT UINT32*Buffer,

+  OUT VOID  *Buffer,

   IN  UINT32Value

   )

 {

@@ -143,7 +143,7 @@ WriteUnaligned24 (
 UINT32

 EFIAPI

 ReadUnaligned32 (

-  IN CONST UINT32  *Buffer

+  IN CONST VOID*Buffer

   )

 {

   UINT16  LowerBytes;

@@ -175,7 +175,7 @@ ReadUnaligned32 (
 UINT32

 EFIAPI

 WriteUnaligned32 (

-  OUT UINT32*Buffer,

+  OUT VOID  *Buffer,

   IN  UINT32Value

   )

 {

@@ -202,7 +202,7 @@ WriteUnaligned32 (
 UINT64

 EFIAPI

 ReadUnaligned64 (

-  IN CONST UINT64  *Buffer

+  IN CONST VOID*Buffer

   )

 {

   UINT32  LowerBytes;

@@ -234,7 +234,7 @@ ReadUnaligned64 (
 UINT64

 EFIAPI

 WriteUnaligned64 (

-  OUT UINT64*Buffer,

+  OUT VOID  *Buffer,

   IN  UINT64Value

   )

 {

diff --git a/MdePkg/Library/BaseLib/Unaligned.c 
b/MdePkg/Library/BaseLib/Unaligned.c
index a419cb85e53c..3041adcde606 100644
--- a/MdePkg/Library/BaseLib/Unaligned.c
+++ b/MdePkg/Library/BaseLib/Unaligned.c
@@ -26,12 +26,12 @@
 UINT16

 EFIAPI

 ReadUnaligned16 (

-  IN CONST UINT16  *Buffer

+  IN CONST VOID*Buffer

   )

 {

   ASSERT (Buffer != NULL);

 

-  return *Buffer;

+  return *(CONST UINT16 *) Buffer;

 }

 

 /**

@@ -52,13 +52,13 @@ ReadUnaligned16 (
 UINT16

 EFIAPI

 WriteUnaligned16 (

-  OUT UINT16*Buffer,

+  OUT VOID  *Buffer,

   IN  UINT16Value

   )

 {

   ASSERT (Buffer != NULL);

 

-  return *Buffer = Value;

+  return *(UINT16 *) Buffer = Value;

 }

 

 /**

@@ -77,12 +77,12 @@ WriteUnaligned16 (
 UINT32

 EFIAPI

 ReadUnaligned24 (

-  IN CONST UINT32  *Buffer

+  IN CONST VOID*Buffer

   )

 {

   ASSERT (Buffer != NULL);

 

-  return *Buffer & 0xff;

+  return *(CONST UINT32 *) Buffer & 0xff;

 }

 

 /**

@@ -103,13 +103,13 @@ ReadUnaligned24 (
 UINT32

 EFIAPI

 WriteUnaligned24 (

-  OUT UINT32*Buffer,

+  OUT VOID  *Buffer,

   IN  UINT32Value

   )

 {

   ASSERT (Buffer != NULL);

 

-  *Buffer = BitFieldWrite32 (*Buffer, 0, 23, Value);

+  *(UINT32 *) Buffer = BitFieldWrite32 (*(CONST UINT32 *) Buffer, 0, 23, 
Value);

   return Value;

 }

 

@@ -129,12 +129,12 @@ WriteUnaligned24 (
 UINT32

 EFIAPI

 ReadUnaligned32 (

-  IN CONST UINT32  *Buffer

+  IN CONST VOID*Buffer

   )

 {

   ASSERT (Buffer != NULL);

 

-  return *Buffer;

+  return *(CONST UINT32 *) Buffer;

 }

 

 /**

@@ -155,13 +155,13 @@ ReadUnaligned32 (
 UINT32

 EFIAPI

 WriteUnaligned32 (

-  OUT UINT32*Buffer,

+  OUT VOID  *Buffer,

   IN  UINT32Value

   )

 {

   ASSERT (Buffer != NULL);

 

-  return *Buffer = Value;

+  return *(UINT32 *) Buffer = Value;

 }

 

 /**

@@ -180,12 +180,12 @@ WriteUnaligned32 (
 UINT64

 EFIAPI

 ReadUnaligned64 (

-  IN CONST UINT64  *Buffer

+  IN CONST VOID*Buffer

   )

 {

   ASSERT (Buffer != NULL);

 

-  return *Buffer;

+  return *(CONST UINT64 *) Buffer;

 }

 

 /**

@@ -206,11 +206,11 @@ ReadUnaligned64 (
 UINT64

 EFIAPI

 WriteUnaligned64 (

-  OUT UINT64*Buffer,

+  OUT VOID  *Buffer,

   IN  UINT64Value

   )

 {

   ASSERT (Buffer != NULL);

 

-  return *Buffer = Value;

+  return *(UINT64 *) Buffer = Value;

 }

diff --git a/MdePkg/Include/Library/BaseLib.h b/MdePkg/Include/Library/BaseLib.h

[edk2-devel] [PATCH v2 0/7] Fix various issues regarding DebugImageInfoTable

[Marvin Häuser]

There are various issues regarding DebugImageInfoTable:
1) Interrupting the table updates (e.g. an exception occured) may
leave the table in an inconsistent state.
2) Deleting an entry from the table may hide a different entry.
3) The type of image entries is not checked before accessing them as
NormalImage. This is practically safe now, because there is only one
type, but it adding more types would cause the accesses to
potentially invoke Undefined Behaviour.
4) The guarantees the table gives are not clear. For example, the
LoadedImage protocol instance can never be NULL (and wouldn't make
sense to be either), yet it is checked in some places, but not in
others.

This patch series addresses all of these issues.

Marvin Häuser (7):
  MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates
  MdeModulePkg/DxeCore: Fix DebugImageInfoTable size report
  EmbeddedPkg/GdbStub: Check DebugImageInfoTable type safely
  ArmPkg/DefaultExceptionHandlerLib: Check DebugImageInfoTable type
safely
  MdeModulePkg/CoreDxe: Mandatory LoadedImage for DebugImageInfoTable
  EmbeddedPkg/GdbStub: Mandatory LoadedImage for DebugImageInfoTable
  ArmPkg/DefaultExceptionHandlerLib: Mandatory LoadedImage for
DebugImageInfoTable

 ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c |  7 +-
 EmbeddedPkg/GdbStub/GdbStub.c   |  7 +-
 MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c | 82 
+---
 3 files changed, 60 insertions(+), 36 deletions(-)

-- 
2.31.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78936): https://edk2.groups.io/g/devel/message/78936
Mute This Topic: https://groups.io/mt/84764899/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH] MinPlatformPkg: Fix the incompatible change about SecureBootVariableLib

[duntan]

The newly created lib will be consumed by SecureBootConfigDxe.inf in 
CoreDxeInclude.dsc

Cc: Chasel Chiu 
Cc: Nate DeSimone 
Cc: Liming Gao 
Cc: Eric Dong 
Signed-off-by: DunTan 
---
 Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc 
b/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc
index b154f9615d..5157c87a9a 100644
--- a/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc
+++ b/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc
@@ -139,6 +139,7 @@
 
 !if gMinPlatformPkgTokenSpaceGuid.PcdUefiSecureBootEnable == TRUE
   AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
+  
SecureBootVariableLib|SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.inf
 !endif
 
   SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf
-- 
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78935): https://edk2.groups.io/g/devel/message/78935
Mute This Topic: https://groups.io/mt/84764492/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH edk2-Platform v1 1/1] Hisilicon:Fix header file issues

[wenyi,xie via groups.io]

Hi Leif，

According to your advice, I have changed the name of header to OemHisiMiscLib 
and snet the v2 patch to you. Please help reviewing it when you are free.

Thanks
Wenyi


On 2021/8/4 20:24, Leif Lindholm wrote:
> +Rebecca
> 
> Apologies for slow response, this arrived while I was on holiday.
> 
> On Tue, Jun 22, 2021 at 20:33:25 +0800, wenyi,xie via groups.io wrote:
>> EDK2 has removed header file ArmLibPrivate.h, so need to
>> use ArmLib.h instead. A new file OemMiscLib.h is added
>> to EDK2, its name is same with the header file in
>> Hisilicon\Include and it will being included first. So
>> some undefined issue occured and need to change the order
>> of header files.
> 
> Ugh, oops. Yes. So, we used the Hisilicon Smbios implementation to
> create what is intended to become a fully generic module,
> ArmPkg/Universal/Smbios/, and ended up keeping that header name.
> Sorry about that.
> 
> However, moving around packages to make one identically named file be
> picked over another is not the right solution. Could you possibly
> rename your existing header? OemMiscHisi.h?
> 
> Best Regards,
> 
> Leif
> 
>> Cc: Leif Lindholm 
>> Cc: Ard Biesheuvel 
>> Signed-off-by: Wenyi Xie 
>> ---
>>  Platform/Hisilicon/D03/EarlyConfigPeim/EarlyConfigPeimD03.inf   
>>|  2 +-
>>  Platform/Hisilicon/D03/Library/OemMiscLib2P/OemMiscLib2PHi1610.inf  
>>|  2 +-
>>  Platform/Hisilicon/D05/Library/OemMiscLibD05/OemMiscLibD05.inf  
>>|  2 +-
>>  Platform/Hisilicon/D06/Library/OemMiscLibD06/OemMiscLibD06.inf  
>>|  2 +-
>>  
>> Silicon/Hisilicon/Drivers/Smbios/ProcessorSubClassDxe/ProcessorSubClassDxe.inf
>>  |  2 +-
>>  Silicon/Hisilicon/Drivers/Smbios/SmbiosMiscDxe/SmbiosMiscDxe.inf
>>|  2 +-
>>  Silicon/Hisilicon/Hi1610/Drivers/PcieInit1610/PcieInitDxe.inf   
>>|  2 +-
>>  Silicon/Hisilicon/Drivers/Smbios/ProcessorSubClassDxe/ProcessorSubClass.h   
>>| 13 -
>>  Silicon/Hisilicon/Hi1616/Pptt/Pptt.h
>>|  2 +-
>>  Silicon/Hisilicon/Hi1620/Pptt/Pptt.h
>>|  2 +-
>>  10 files changed, 9 insertions(+), 22 deletions(-)
>>
>> diff --git a/Platform/Hisilicon/D03/EarlyConfigPeim/EarlyConfigPeimD03.inf 
>> b/Platform/Hisilicon/D03/EarlyConfigPeim/EarlyConfigPeimD03.inf
>> index 1f992024acc2..f1b21ae80f3c 100644
>> --- a/Platform/Hisilicon/D03/EarlyConfigPeim/EarlyConfigPeimD03.inf
>> +++ b/Platform/Hisilicon/D03/EarlyConfigPeim/EarlyConfigPeimD03.inf
>> @@ -20,12 +20,12 @@
>>EarlyConfigPeimD03.c
>>  
>>  [Packages]
>> +  Silicon/Hisilicon/HisiPkg.dec
>>MdePkg/MdePkg.dec
>>MdeModulePkg/MdeModulePkg.dec
>>  
>>ArmPkg/ArmPkg.dec
>>Silicon/Hisilicon/HisiliconNonOsi.dec
>> -  Silicon/Hisilicon/HisiPkg.dec
>>  
>>  [LibraryClasses]
>>PeimEntryPoint
>> diff --git 
>> a/Platform/Hisilicon/D03/Library/OemMiscLib2P/OemMiscLib2PHi1610.inf 
>> b/Platform/Hisilicon/D03/Library/OemMiscLib2P/OemMiscLib2PHi1610.inf
>> index ab14597d8b75..728b33e85030 100644
>> --- a/Platform/Hisilicon/D03/Library/OemMiscLib2P/OemMiscLib2PHi1610.inf
>> +++ b/Platform/Hisilicon/D03/Library/OemMiscLib2P/OemMiscLib2PHi1610.inf
>> @@ -21,11 +21,11 @@
>>BoardFeature2PHi1610Strings.uni
>>  
>>  [Packages]
>> +  Silicon/Hisilicon/HisiPkg.dec
>>MdePkg/MdePkg.dec
>>MdeModulePkg/MdeModulePkg.dec
>>ArmPkg/ArmPkg.dec
>>Silicon/Hisilicon/HisiliconNonOsi.dec
>> -  Silicon/Hisilicon/HisiPkg.dec
>>  
>>  [LibraryClasses]
>>BaseMemoryLib
>> diff --git a/Platform/Hisilicon/D05/Library/OemMiscLibD05/OemMiscLibD05.inf 
>> b/Platform/Hisilicon/D05/Library/OemMiscLibD05/OemMiscLibD05.inf
>> index d471102199ee..8a605b417be8 100644
>> --- a/Platform/Hisilicon/D05/Library/OemMiscLibD05/OemMiscLibD05.inf
>> +++ b/Platform/Hisilicon/D05/Library/OemMiscLibD05/OemMiscLibD05.inf
>> @@ -21,11 +21,11 @@
>>OemMiscLibD05.c
>>  
>>  [Packages]
>> +  Silicon/Hisilicon/HisiPkg.dec
>>ArmPkg/ArmPkg.dec
>>MdeModulePkg/MdeModulePkg.dec
>>MdePkg/MdePkg.dec
>>Silicon/Hisilicon/HisiliconNonOsi.dec
>> -  Silicon/Hisilicon/HisiPkg.dec
>>  
>>  [LibraryClasses]
>>BaseMemoryLib
>> diff --git a/Platform/Hisilicon/D06/Library/OemMiscLibD06/OemMiscLibD06.inf 
>> b/Platform/Hisilicon/D06/Library/OemMiscLibD06/OemMiscLibD06.inf
>> index 59373a968523..1121550b40c4 100644
>> --- a/Platform/Hisilicon/D06/Library/OemMiscLibD06/OemMiscLibD06.inf
>> +++ b/Platform/Hisilicon/D06/Library/OemMiscLibD06/OemMiscLibD06.inf
>> @@ -21,12 +21,12 @@
>>OemMiscLibD06.c
>>  
>>  [Packages]
>> +  Silicon/Hisilicon/HisiPkg.dec
>>ArmPkg/ArmPkg.dec
>>MdeModulePkg/MdeModulePkg.dec
>>MdePkg/MdePkg.dec
>>Platform/Hisilicon/D06/D06.dec
>>Silicon/Hisilicon/HisiliconNonOsi.dec
>> -  Silicon/Hisilicon/HisiPkg.dec
>>  
>>  [LibraryClasses]
>>BaseMemoryLib
>> diff --git 
>> a/Silicon/Hisilicon/Drivers/Smbios/ProcessorSubClassDxe/ProcessorSubClassDxe.inf
>>  

Re: [edk2-devel] [Patch] BaseTools: use shutil.copyfile instead shutil.copy2

[Philippe Mathieu-Daudé]

On 7/28/21 1:45 PM, Bob Feng wrote:
> In Split tool, the copy file actions only need to
> copy file content but not need to copy file metadata.
> 
> copy2() copies the file metadata that causes split
> unit test failed under edk2-basetools CI environment.
> 
> So this patch changes the call of copy2() to copyfile().
> 
> Signed-off-by: Bob Feng 
> Cc: Liming Gao 
> Cc: Yuwei Chen 
> ---
>  BaseTools/Source/Python/Split/Split.py | 8 
>  1 file changed, 4 insertions(+), 4 deletions(-)

Reviewed-by: Philippe Mathieu-Daude 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78933): https://edk2.groups.io/g/devel/message/78933
Mute This Topic: https://groups.io/mt/84503147/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH] UefiPayloadPkg: Fix the non-ascii character in UniversalPayloadEntry.c

[Philippe Mathieu-Daudé]

On 8/9/21 8:08 AM, duntan wrote:
> Fix the non-ascii character in UniversalPayloadEntry.c
> 
> Cc: Guo Dong 
> Cc: Ray Ni 
> Cc: Maurice Ma 
> Cc: Benjamin You 
> 
> Signed-off-by: DunTan 
> ---
>  UefiPayloadPkg/UefiPayloadEntry/UniversalPayloadEntry.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)

Reviewed-by: Philippe Mathieu-Daude 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78932): https://edk2.groups.io/g/devel/message/78932
Mute This Topic: https://groups.io/mt/84762943/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH] MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates

[Wu, Hao A]

> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of Marvin
> H?user
> Sent: Monday, August 9, 2021 3:21 PM
> To: Wu, Hao A ; devel@edk2.groups.io
> Cc: Wang, Jian J ; Vitaly Cheptsov
> 
> Subject: Re: [edk2-devel] [PATCH] MdeModulePkg/DxeCore: Consistent
> DebugImageInfoTable updates
> 
> On 09/08/2021 08:52, Wu, Hao A wrote:
> >> -Original Message-
> >> From: devel@edk2.groups.io  On Behalf Of Marvin
> >> H?user
> >> Sent: Monday, August 9, 2021 2:16 PM
> >> To: Wu, Hao A ; devel@edk2.groups.io
> >> Cc: Wang, Jian J ; Vitaly Cheptsov
> >> 
> >> Subject: Re: [edk2-devel] [PATCH] MdeModulePkg/DxeCore: Consistent
> >> DebugImageInfoTable updates
> >>
> >> Good day Hao,
> >>
> >> Sorry for the confusion, and you are (rightfully!) not alone. :( I'll
> >> quote myself from a different patch:
> >>
> >> [...] for some reason, none of the other patch series had indices appended.
> >> I'm sure I can get that fixed shortly, but what to do then, re-send
> >> the entire bulk? I don't want to spam the list, maybe it is smarter
> >> to group them by some overview mail this one time?
> >
> > I would suggest to send a V2 series for all the patches (not only limited to
> MdeModulePkg) you sent.
> 
> Right, I can do that, just many of the patches were actually meant to be 
> single
> and independent. I believe there were two series that somehow did not get
> indexed by the command. I just forced numbering now and it seems to work.
> 
> May it be easier if I re-send only the two series? A few of the individual 
> patches
> actually started review.


I am fine with this.
My intention for asking V2 for all the patches was that doing so I can simply 
ignore all the V1 patch mails.

Best Regards,
Hao Wu


> 
> Thanks for your suggestions, and sorry again for the disruption!
> 
> Best regards,
> Marvin
> 
> >
> > Please ensure that patches belong to one series are generated by a single 
> > 'git
> format-patch' command.
> > I think doing so will add information like '1/n', '2/n', ..., 'n/n' for the 
> > patches in
> one series.
> > And you may need to create a cover-letter for one patch series to give a 
> > brief
> summary on the purpose of the series as a whole.
> >
> > Also, if you are implementing a new feature or a fix that touches many
> modules, I suggest to file a Bugzilla tracker for it:
> > Feature request:
> > https://bugzilla.tianocore.org/enter_bug.cgi?product=Tianocore%20Featu
> > re%20Requests
> > Bugfix: https://bugzilla.tianocore.org/enter_bug.cgi?product=EDK2
> >
> > Lastly, you may keep the 'Reviewed-by' tags already received by other
> reviewers.
> >
> > Best Regards,
> > Hao Wu
> >
> >
> >> Sorry for the disruption!
> >>
> >> Best regards,
> >> Marvin
> >>
> >> On 09/08/2021 08:10, Wu, Hao A wrote:
> >>> Sorry Marvin Häuser,
> >>>
> >>> Could you help to confirm that below 9 MdeModulePkg related patches
> >>> are
> >> either:
> >>>* All independent patches
> >>>* Belong to a patch series that includes all these 9 MdeModulePkg
> >>> related
> >> commits
> >>>* Belong to several independent patch series
> >>>
> >>> MdePkg/Base.h: Introduce various alignment-related macros
> >>> MdeModulePkg/CoreDxe: Mandatory LoadedImage for
> >> DebugImageInfoTable
> >>> MdeModulePkg/DxeCore: Fix DebugImageInfoTable size report
> >>> MdeModulePkg/DxeCore: Use the correct source for fixed load address
> >>> MdeModulePkg/PiSmmCore: Drop deprecated image profiling commands
> >>> MdeModulePkg/CoreDxe: Drop caller-allocated image buffers
> >>> MdeModulePkg/DxeCore: Drop unnecessary pointer indirection
> >>> MdeModulePkg/PiSmmIpl: Correct fixed load address bounds check
> >>> MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates
> >>>
> >>> Best Regards,
> >>> Hao Wu
> >>>
>  -Original Message-
>  From: Marvin Häuser 
>  Sent: Monday, August 9, 2021 3:40 AM
>  To: devel@edk2.groups.io
>  Cc: Wang, Jian J ; Wu, Hao A
>  ; Bi, Dandan ; Liming Gao
>  ; Vitaly Cheptsov
>  
>  Subject: [PATCH] MdeModulePkg/DxeCore: Consistent
> >> DebugImageInfoTable
>  updates
> 
>  In theory, modifications to the DebugImageInfoTable may cause
> >> exceptions.
>  If the exception handler parses the table, this can lead to
>  subsequent exceptions if the table state is inconsistent.
> 
>  Ensure the DebugImageInfoTable remains consistent during modifications.
>  This includes:
>  1) Free the old table only only after the new table has been published.
>  Mitigates use-after-free of the old table.
>  2) Do not insert an image entry till it is fully initialised.
>  Entries may be inserted in the live range if an entry was deleted 
>  previously.
>  Mitigaes the usage of inconsistent entries.
>  3) Free the old image entry only after the table has been updated
>  with the NULL value. Mitigates use-after-free of the old entry.
>  4) Set the MODIFIED state before performing any modifications.
> 
> 

Re: [edk2-devel] [PATCH] MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates

[Marvin Häuser]

On 09/08/2021 08:52, Wu, Hao A wrote:

-Original Message-
From: devel@edk2.groups.io  On Behalf Of Marvin
H?user
Sent: Monday, August 9, 2021 2:16 PM
To: Wu, Hao A ; devel@edk2.groups.io
Cc: Wang, Jian J ; Vitaly Cheptsov

Subject: Re: [edk2-devel] [PATCH] MdeModulePkg/DxeCore: Consistent
DebugImageInfoTable updates

Good day Hao,

Sorry for the confusion, and you are (rightfully!) not alone. :( I'll quote 
myself
from a different patch:

[...] for some reason, none of the other patch series had indices appended.
I'm sure I can get that fixed shortly, but what to do then, re-send the entire
bulk? I don't want to spam the list, maybe it is smarter to group them by
some overview mail this one time?


I would suggest to send a V2 series for all the patches (not only limited to 
MdeModulePkg) you sent.


Right, I can do that, just many of the patches were actually meant to be 
single and independent. I believe there were two series that somehow did 
not get indexed by the command. I just forced numbering now and it seems 
to work.


May it be easier if I re-send only the two series? A few of the 
individual patches actually started review.


Thanks for your suggestions, and sorry again for the disruption!

Best regards,
Marvin



Please ensure that patches belong to one series are generated by a single 'git 
format-patch' command.
I think doing so will add information like '1/n', '2/n', ..., 'n/n' for the 
patches in one series.
And you may need to create a cover-letter for one patch series to give a brief 
summary on the purpose of the series as a whole.

Also, if you are implementing a new feature or a fix that touches many modules, 
I suggest to file a Bugzilla tracker for it:
Feature request: 
https://bugzilla.tianocore.org/enter_bug.cgi?product=Tianocore%20Feature%20Requests
Bugfix: https://bugzilla.tianocore.org/enter_bug.cgi?product=EDK2

Lastly, you may keep the 'Reviewed-by' tags already received by other reviewers.

Best Regards,
Hao Wu



Sorry for the disruption!

Best regards,
Marvin

On 09/08/2021 08:10, Wu, Hao A wrote:

Sorry Marvin Häuser,

Could you help to confirm that below 9 MdeModulePkg related patches are

either:

   * All independent patches
   * Belong to a patch series that includes all these 9 MdeModulePkg related

commits

   * Belong to several independent patch series

MdePkg/Base.h: Introduce various alignment-related macros
MdeModulePkg/CoreDxe: Mandatory LoadedImage for

DebugImageInfoTable

MdeModulePkg/DxeCore: Fix DebugImageInfoTable size report
MdeModulePkg/DxeCore: Use the correct source for fixed load address
MdeModulePkg/PiSmmCore: Drop deprecated image profiling commands
MdeModulePkg/CoreDxe: Drop caller-allocated image buffers
MdeModulePkg/DxeCore: Drop unnecessary pointer indirection
MdeModulePkg/PiSmmIpl: Correct fixed load address bounds check
MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates

Best Regards,
Hao Wu


-Original Message-
From: Marvin Häuser 
Sent: Monday, August 9, 2021 3:40 AM
To: devel@edk2.groups.io
Cc: Wang, Jian J ; Wu, Hao A
; Bi, Dandan ; Liming Gao
; Vitaly Cheptsov 
Subject: [PATCH] MdeModulePkg/DxeCore: Consistent

DebugImageInfoTable

updates

In theory, modifications to the DebugImageInfoTable may cause

exceptions.

If the exception handler parses the table, this can lead to
subsequent exceptions if the table state is inconsistent.

Ensure the DebugImageInfoTable remains consistent during modifications.
This includes:
1) Free the old table only only after the new table has been published.
Mitigates use-after-free of the old table.
2) Do not insert an image entry till it is fully initialised. Entries
may be inserted in the live range if an entry was deleted previously.
Mitigaes the usage of inconsistent entries.
3) Free the old image entry only after the table has been updated
with the NULL value. Mitigates use-after-free of the old entry.
4) Set the MODIFIED state before performing any modifications.

Cc: Jian J Wang 
Cc: Hao A Wu 
Cc: Dandan Bi 
Cc: Liming Gao 
Cc: Vitaly Cheptsov 
Signed-off-by: Marvin Häuser 
---
   MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c | 60 +++--



---
   1 file changed, 34 insertions(+), 26 deletions(-)

diff --git a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
index a75d4158280b..7bd970115111 100644
--- a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
+++ b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
@@ -165,10 +165,11 @@ CoreNewDebugImageInfoEntry (
 IN  EFI_HANDLE  ImageHandle   ) {-  EFI_DEBUG_IMAGE_INFO
*Table;-  EFI_DEBUG_IMAGE_INFO  *NewTable;-  UINTN

Index;-

UINTN TableSize;+  EFI_DEBUG_IMAGE_INFO*Table;+
EFI_DEBUG_IMAGE_INFO*NewTable;+  UINTN   Index;+
UINTN   TableSize;+  EFI_DEBUG_IMAGE_INFO_NORMAL
*NormalImage;//   // Set the flag indicating that we're in the process of
updating the table.@@ -203,14 +204,6 @@

Re: [edk2-devel] [PATCH] UefiPayloadPkg: Fix the non-ascii character in UniversalPayloadEntry.c

[Ni, Ray]

Reviewed-by: Ray Ni 

-Original Message-
From: Tan, Dun  
Sent: Monday, August 9, 2021 2:08 PM
To: devel@edk2.groups.io
Cc: Dong, Guo ; Ni, Ray ; Ma, Maurice 
; You, Benjamin ; Tan, Dun 

Subject: [PATCH] UefiPayloadPkg: Fix the non-ascii character in 
UniversalPayloadEntry.c

Fix the non-ascii character in UniversalPayloadEntry.c

Cc: Guo Dong 
Cc: Ray Ni 
Cc: Maurice Ma 
Cc: Benjamin You 

Signed-off-by: DunTan 
---
 UefiPayloadPkg/UefiPayloadEntry/UniversalPayloadEntry.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/UefiPayloadPkg/UefiPayloadEntry/UniversalPayloadEntry.c 
b/UefiPayloadPkg/UefiPayloadEntry/UniversalPayloadEntry.c
index 09dd1e8378..03ad9c457b 100644
--- a/UefiPayloadPkg/UefiPayloadEntry/UniversalPayloadEntry.c
+++ b/UefiPayloadPkg/UefiPayloadEntry/UniversalPayloadEntry.c
@@ -38,7 +38,7 @@ PrintHob (
 /**
   Some bootloader may pass a pcd database, and UPL also contain a PCD database.
   Dxe PCD driver has the assumption that the two PCD database can be catenated 
and
-  the local token number should be successive。
+  the local token number should be successive.
   This function will fix up the UPL PCD database to meet that assumption.
 
   @param[in]   DxeFv The FV where to find the Universal PCD database.
-- 
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78929): https://edk2.groups.io/g/devel/message/78929
Mute This Topic: https://groups.io/mt/84762943/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH] MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates

[Wu, Hao A]

> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of Wu, Hao
> A
> Sent: Monday, August 9, 2021 2:52 PM
> To: devel@edk2.groups.io; mhaeu...@posteo.de
> Cc: Wang, Jian J ; Vitaly Cheptsov
> 
> Subject: Re: [edk2-devel] [PATCH] MdeModulePkg/DxeCore: Consistent
> DebugImageInfoTable updates
> 
> > -Original Message-
> > From: devel@edk2.groups.io  On Behalf Of
> Marvin
> > H?user
> > Sent: Monday, August 9, 2021 2:16 PM
> > To: Wu, Hao A ; devel@edk2.groups.io
> > Cc: Wang, Jian J ; Vitaly Cheptsov
> > 
> > Subject: Re: [edk2-devel] [PATCH] MdeModulePkg/DxeCore: Consistent
> > DebugImageInfoTable updates
> >
> > Good day Hao,
> >
> > Sorry for the confusion, and you are (rightfully!) not alone. :( I'll
> > quote myself from a different patch:
> >
> > [...] for some reason, none of the other patch series had indices appended.
> > I'm sure I can get that fixed shortly, but what to do then, re-send
> > the entire bulk? I don't want to spam the list, maybe it is smarter to
> > group them by some overview mail this one time?
> 
> 
> I would suggest to send a V2 series for all the patches (not only limited to
> MdeModulePkg) you sent.


Maybe more than 1 patch series.
I cannot tell at this moment since there are many patches sent from you.

Best Regards,
Hao Wu


> 
> Please ensure that patches belong to one series are generated by a single 'git
> format-patch' command.
> I think doing so will add information like '1/n', '2/n', ..., 'n/n' for the 
> patches in
> one series.
> And you may need to create a cover-letter for one patch series to give a brief
> summary on the purpose of the series as a whole.
> 
> Also, if you are implementing a new feature or a fix that touches many
> modules, I suggest to file a Bugzilla tracker for it:
> Feature request:
> https://bugzilla.tianocore.org/enter_bug.cgi?product=Tianocore%20Feature
> %20Requests
> Bugfix: https://bugzilla.tianocore.org/enter_bug.cgi?product=EDK2
> 
> Lastly, you may keep the 'Reviewed-by' tags already received by other
> reviewers.
> 
> Best Regards,
> Hao Wu
> 
> 
> >
> > Sorry for the disruption!
> >
> > Best regards,
> > Marvin
> >
> > On 09/08/2021 08:10, Wu, Hao A wrote:
> > > Sorry Marvin Häuser,
> > >
> > > Could you help to confirm that below 9 MdeModulePkg related patches
> > > are
> > either:
> > >   * All independent patches
> > >   * Belong to a patch series that includes all these 9 MdeModulePkg
> > > related
> > commits
> > >   * Belong to several independent patch series
> > >
> > > MdePkg/Base.h: Introduce various alignment-related macros
> > > MdeModulePkg/CoreDxe: Mandatory LoadedImage for
> > DebugImageInfoTable
> > > MdeModulePkg/DxeCore: Fix DebugImageInfoTable size report
> > > MdeModulePkg/DxeCore: Use the correct source for fixed load address
> > > MdeModulePkg/PiSmmCore: Drop deprecated image profiling
> commands
> > > MdeModulePkg/CoreDxe: Drop caller-allocated image buffers
> > > MdeModulePkg/DxeCore: Drop unnecessary pointer indirection
> > > MdeModulePkg/PiSmmIpl: Correct fixed load address bounds check
> > > MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates
> > >
> > > Best Regards,
> > > Hao Wu
> > >
> > >> -Original Message-
> > >> From: Marvin Häuser 
> > >> Sent: Monday, August 9, 2021 3:40 AM
> > >> To: devel@edk2.groups.io
> > >> Cc: Wang, Jian J ; Wu, Hao A
> > >> ; Bi, Dandan ; Liming Gao
> > >> ; Vitaly Cheptsov
> > >> 
> > >> Subject: [PATCH] MdeModulePkg/DxeCore: Consistent
> > DebugImageInfoTable
> > >> updates
> > >>
> > >> In theory, modifications to the DebugImageInfoTable may cause
> > exceptions.
> > >> If the exception handler parses the table, this can lead to
> > >> subsequent exceptions if the table state is inconsistent.
> > >>
> > >> Ensure the DebugImageInfoTable remains consistent during
> modifications.
> > >> This includes:
> > >> 1) Free the old table only only after the new table has been published.
> > >> Mitigates use-after-free of the old table.
> > >> 2) Do not insert an image entry till it is fully initialised.
> > >> Entries may be inserted in the live range if an entry was deleted
> previously.
> > >> Mitigaes the usage of inconsistent entries.
> > >> 3) Free the old image entry only after the table has been updated
> > >> with the NULL value. Mitigates use-after-free of the old entry.
> > >> 4) Set the MODIFIED state before performing any modifications.
> > >>
> > >> Cc: Jian J Wang 
> > >> Cc: Hao A Wu 
> > >> Cc: Dandan Bi 
> > >> Cc: Liming Gao 
> > >> Cc: Vitaly Cheptsov 
> > >> Signed-off-by: Marvin Häuser 
> > >> ---
> > >>   MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c | 60
> +++--
> > 
> > >> ---
> > >>   1 file changed, 34 insertions(+), 26 deletions(-)
> > >>
> > >> diff --git a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
> > >> b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
> > >> index a75d4158280b..7bd970115111 100644
> > >> --- a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
> > >> +++ 

Re: [edk2-devel] [PATCH] MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates

[Wu, Hao A]

> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of Marvin
> H?user
> Sent: Monday, August 9, 2021 2:16 PM
> To: Wu, Hao A ; devel@edk2.groups.io
> Cc: Wang, Jian J ; Vitaly Cheptsov
> 
> Subject: Re: [edk2-devel] [PATCH] MdeModulePkg/DxeCore: Consistent
> DebugImageInfoTable updates
> 
> Good day Hao,
> 
> Sorry for the confusion, and you are (rightfully!) not alone. :( I'll quote 
> myself
> from a different patch:
> 
> [...] for some reason, none of the other patch series had indices appended.
> I'm sure I can get that fixed shortly, but what to do then, re-send the entire
> bulk? I don't want to spam the list, maybe it is smarter to group them by
> some overview mail this one time?


I would suggest to send a V2 series for all the patches (not only limited to 
MdeModulePkg) you sent.

Please ensure that patches belong to one series are generated by a single 'git 
format-patch' command.
I think doing so will add information like '1/n', '2/n', ..., 'n/n' for the 
patches in one series.
And you may need to create a cover-letter for one patch series to give a brief 
summary on the purpose of the series as a whole.

Also, if you are implementing a new feature or a fix that touches many modules, 
I suggest to file a Bugzilla tracker for it:
Feature request: 
https://bugzilla.tianocore.org/enter_bug.cgi?product=Tianocore%20Feature%20Requests
Bugfix: https://bugzilla.tianocore.org/enter_bug.cgi?product=EDK2

Lastly, you may keep the 'Reviewed-by' tags already received by other reviewers.

Best Regards,
Hao Wu


> 
> Sorry for the disruption!
> 
> Best regards,
> Marvin
> 
> On 09/08/2021 08:10, Wu, Hao A wrote:
> > Sorry Marvin Häuser,
> >
> > Could you help to confirm that below 9 MdeModulePkg related patches are
> either:
> >   * All independent patches
> >   * Belong to a patch series that includes all these 9 MdeModulePkg related
> commits
> >   * Belong to several independent patch series
> >
> > MdePkg/Base.h: Introduce various alignment-related macros
> > MdeModulePkg/CoreDxe: Mandatory LoadedImage for
> DebugImageInfoTable
> > MdeModulePkg/DxeCore: Fix DebugImageInfoTable size report
> > MdeModulePkg/DxeCore: Use the correct source for fixed load address
> > MdeModulePkg/PiSmmCore: Drop deprecated image profiling commands
> > MdeModulePkg/CoreDxe: Drop caller-allocated image buffers
> > MdeModulePkg/DxeCore: Drop unnecessary pointer indirection
> > MdeModulePkg/PiSmmIpl: Correct fixed load address bounds check
> > MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates
> >
> > Best Regards,
> > Hao Wu
> >
> >> -Original Message-
> >> From: Marvin Häuser 
> >> Sent: Monday, August 9, 2021 3:40 AM
> >> To: devel@edk2.groups.io
> >> Cc: Wang, Jian J ; Wu, Hao A
> >> ; Bi, Dandan ; Liming Gao
> >> ; Vitaly Cheptsov 
> >> Subject: [PATCH] MdeModulePkg/DxeCore: Consistent
> DebugImageInfoTable
> >> updates
> >>
> >> In theory, modifications to the DebugImageInfoTable may cause
> exceptions.
> >> If the exception handler parses the table, this can lead to
> >> subsequent exceptions if the table state is inconsistent.
> >>
> >> Ensure the DebugImageInfoTable remains consistent during modifications.
> >> This includes:
> >> 1) Free the old table only only after the new table has been published.
> >> Mitigates use-after-free of the old table.
> >> 2) Do not insert an image entry till it is fully initialised. Entries
> >> may be inserted in the live range if an entry was deleted previously.
> >> Mitigaes the usage of inconsistent entries.
> >> 3) Free the old image entry only after the table has been updated
> >> with the NULL value. Mitigates use-after-free of the old entry.
> >> 4) Set the MODIFIED state before performing any modifications.
> >>
> >> Cc: Jian J Wang 
> >> Cc: Hao A Wu 
> >> Cc: Dandan Bi 
> >> Cc: Liming Gao 
> >> Cc: Vitaly Cheptsov 
> >> Signed-off-by: Marvin Häuser 
> >> ---
> >>   MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c | 60 +++--
> 
> >> ---
> >>   1 file changed, 34 insertions(+), 26 deletions(-)
> >>
> >> diff --git a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
> >> b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
> >> index a75d4158280b..7bd970115111 100644
> >> --- a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
> >> +++ b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
> >> @@ -165,10 +165,11 @@ CoreNewDebugImageInfoEntry (
> >> IN  EFI_HANDLE  ImageHandle   ) {-  
> >> EFI_DEBUG_IMAGE_INFO
> >> *Table;-  EFI_DEBUG_IMAGE_INFO  *NewTable;-  UINTN
> Index;-
> >> UINTN TableSize;+  EFI_DEBUG_IMAGE_INFO*Table;+
> >> EFI_DEBUG_IMAGE_INFO*NewTable;+  UINTN   
> >> Index;+
> >> UINTN   TableSize;+  EFI_DEBUG_IMAGE_INFO_NORMAL
> >> *NormalImage;//   // Set the flag indicating that we're in the process 
> >> of
> >> updating the table.@@ -203,14 +204,6 @@
> CoreNewDebugImageInfoEntry (
> >>   // Copy the old table into the new one // 

Re: [edk2-devel] [PATCH] MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates

[Marvin Häuser]

Good day Hao,

Sorry for the confusion, and you are (rightfully!) not alone. :( I'll 
quote myself from a different patch:


[...] for some reason, none of the other patch series had indices appended.
I'm sure I can get that fixed shortly, but what to do then, re-send the 
entire bulk? I don't want to spam the list, maybe it is smarter to group 
them by some overview mail this one time?


Sorry for the disruption!

Best regards,
Marvin

On 09/08/2021 08:10, Wu, Hao A wrote:

Sorry Marvin Häuser,

Could you help to confirm that below 9 MdeModulePkg related patches are either:
  * All independent patches
  * Belong to a patch series that includes all these 9 MdeModulePkg related 
commits
  * Belong to several independent patch series

MdePkg/Base.h: Introduce various alignment-related macros
MdeModulePkg/CoreDxe: Mandatory LoadedImage for DebugImageInfoTable
MdeModulePkg/DxeCore: Fix DebugImageInfoTable size report
MdeModulePkg/DxeCore: Use the correct source for fixed load address
MdeModulePkg/PiSmmCore: Drop deprecated image profiling commands
MdeModulePkg/CoreDxe: Drop caller-allocated image buffers
MdeModulePkg/DxeCore: Drop unnecessary pointer indirection
MdeModulePkg/PiSmmIpl: Correct fixed load address bounds check
MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates

Best Regards,
Hao Wu


-Original Message-
From: Marvin Häuser 
Sent: Monday, August 9, 2021 3:40 AM
To: devel@edk2.groups.io
Cc: Wang, Jian J ; Wu, Hao A ;
Bi, Dandan ; Liming Gao
; Vitaly Cheptsov 
Subject: [PATCH] MdeModulePkg/DxeCore: Consistent
DebugImageInfoTable updates

In theory, modifications to the DebugImageInfoTable may cause exceptions.
If the exception handler parses the table, this can lead to subsequent
exceptions if the table state is inconsistent.

Ensure the DebugImageInfoTable remains consistent during modifications.
This includes:
1) Free the old table only only after the new table has been published.
Mitigates use-after-free of the old table.
2) Do not insert an image entry till it is fully initialised. Entries may be 
inserted
in the live range if an entry was deleted previously.
Mitigaes the usage of inconsistent entries.
3) Free the old image entry only after the table has been updated with the
NULL value. Mitigates use-after-free of the old entry.
4) Set the MODIFIED state before performing any modifications.

Cc: Jian J Wang 
Cc: Hao A Wu 
Cc: Dandan Bi 
Cc: Liming Gao 
Cc: Vitaly Cheptsov 
Signed-off-by: Marvin Häuser 
---
  MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c | 60 +++--
---
  1 file changed, 34 insertions(+), 26 deletions(-)

diff --git a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
index a75d4158280b..7bd970115111 100644
--- a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
+++ b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
@@ -165,10 +165,11 @@ CoreNewDebugImageInfoEntry (
IN  EFI_HANDLE  ImageHandle   ) {-  EFI_DEBUG_IMAGE_INFO
*Table;-  EFI_DEBUG_IMAGE_INFO  *NewTable;-  UINTN 
Index;-
UINTN TableSize;+  EFI_DEBUG_IMAGE_INFO*Table;+
EFI_DEBUG_IMAGE_INFO*NewTable;+  UINTN   Index;+
UINTN   TableSize;+  EFI_DEBUG_IMAGE_INFO_NORMAL
*NormalImage;//   // Set the flag indicating that we're in the process of
updating the table.@@ -203,14 +204,6 @@ CoreNewDebugImageInfoEntry (
  // Copy the old table into the new one // CopyMem (NewTable, 
Table,
TableSize);-//-// Free the old table-//-CoreFreePool (Table);-  
  //-
// Update the table header-//-Table = NewTable;
mDebugInfoTableHeader.EfiDebugImageInfoTable = NewTable; // //
Enlarge the max table entries and set the first empty entry index to@@ -
218,24 +211,34 @@ CoreNewDebugImageInfoEntry (
  // Index = mMaxTableEntries; mMaxTableEntries +=
EFI_PAGE_SIZE / EFI_DEBUG_TABLE_ENTRY_SIZE;+//+// Free the old
table+//+CoreFreePool (Table);+//+// Update the table header+
//+Table = NewTable;   }//   // Allocate data for new entry   //-
Table[Index].NormalImage = AllocateZeroPool (sizeof
(EFI_DEBUG_IMAGE_INFO_NORMAL));-  if (Table[Index].NormalImage !=
NULL) {+  NormalImage = AllocateZeroPool (sizeof
(EFI_DEBUG_IMAGE_INFO_NORMAL));+  if (NormalImage != NULL) { //
// Update the entry //-Table[Index].NormalImage->ImageInfoType
= (UINT32) ImageInfoType;-Table[Index].NormalImage-

LoadedImageProtocolInstance = LoadedImage;-

Table[Index].NormalImage->ImageHandle = ImageHandle;+
NormalImage->ImageInfoType   = (UINT32) ImageInfoType;+
NormalImage->LoadedImageProtocolInstance = LoadedImage;+
NormalImage->ImageHandle = ImageHandle; //-// Increase 
the
number of EFI_DEBUG_IMAGE_INFO elements and set the
mDebugInfoTable in modified status.+// Set the mDebugInfoTable in
modified status, insert the entry, and+

Re: [edk2-devel] [PATCH] MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates

[Wu, Hao A]

Sorry Marvin Häuser,

Could you help to confirm that below 9 MdeModulePkg related patches are either:
 * All independent patches
 * Belong to a patch series that includes all these 9 MdeModulePkg related 
commits
 * Belong to several independent patch series

MdePkg/Base.h: Introduce various alignment-related macros
MdeModulePkg/CoreDxe: Mandatory LoadedImage for DebugImageInfoTable
MdeModulePkg/DxeCore: Fix DebugImageInfoTable size report
MdeModulePkg/DxeCore: Use the correct source for fixed load address
MdeModulePkg/PiSmmCore: Drop deprecated image profiling commands
MdeModulePkg/CoreDxe: Drop caller-allocated image buffers
MdeModulePkg/DxeCore: Drop unnecessary pointer indirection
MdeModulePkg/PiSmmIpl: Correct fixed load address bounds check
MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates

Best Regards,
Hao Wu

> -Original Message-
> From: Marvin Häuser 
> Sent: Monday, August 9, 2021 3:40 AM
> To: devel@edk2.groups.io
> Cc: Wang, Jian J ; Wu, Hao A ;
> Bi, Dandan ; Liming Gao
> ; Vitaly Cheptsov 
> Subject: [PATCH] MdeModulePkg/DxeCore: Consistent
> DebugImageInfoTable updates
> 
> In theory, modifications to the DebugImageInfoTable may cause exceptions.
> If the exception handler parses the table, this can lead to subsequent
> exceptions if the table state is inconsistent.
> 
> Ensure the DebugImageInfoTable remains consistent during modifications.
> This includes:
> 1) Free the old table only only after the new table has been published.
> Mitigates use-after-free of the old table.
> 2) Do not insert an image entry till it is fully initialised. Entries may be 
> inserted
> in the live range if an entry was deleted previously.
> Mitigaes the usage of inconsistent entries.
> 3) Free the old image entry only after the table has been updated with the
> NULL value. Mitigates use-after-free of the old entry.
> 4) Set the MODIFIED state before performing any modifications.
> 
> Cc: Jian J Wang 
> Cc: Hao A Wu 
> Cc: Dandan Bi 
> Cc: Liming Gao 
> Cc: Vitaly Cheptsov 
> Signed-off-by: Marvin Häuser 
> ---
>  MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c | 60 +++--
> ---
>  1 file changed, 34 insertions(+), 26 deletions(-)
> 
> diff --git a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
> b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
> index a75d4158280b..7bd970115111 100644
> --- a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
> +++ b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
> @@ -165,10 +165,11 @@ CoreNewDebugImageInfoEntry (
>IN  EFI_HANDLE  ImageHandle   ) {-  EFI_DEBUG_IMAGE_INFO
> *Table;-  EFI_DEBUG_IMAGE_INFO  *NewTable;-  UINTN 
> Index;-
> UINTN TableSize;+  EFI_DEBUG_IMAGE_INFO*Table;+
> EFI_DEBUG_IMAGE_INFO*NewTable;+  UINTN   Index;+
> UINTN   TableSize;+  EFI_DEBUG_IMAGE_INFO_NORMAL
> *NormalImage;//   // Set the flag indicating that we're in the process of
> updating the table.@@ -203,14 +204,6 @@ CoreNewDebugImageInfoEntry (
>  // Copy the old table into the new one // CopyMem (NewTable, 
> Table,
> TableSize);-//-// Free the old table-//-CoreFreePool 
> (Table);-//-
> // Update the table header-//-Table = NewTable;
> mDebugInfoTableHeader.EfiDebugImageInfoTable = NewTable; // //
> Enlarge the max table entries and set the first empty entry index to@@ -
> 218,24 +211,34 @@ CoreNewDebugImageInfoEntry (
>  // Index = mMaxTableEntries; mMaxTableEntries +=
> EFI_PAGE_SIZE / EFI_DEBUG_TABLE_ENTRY_SIZE;+//+// Free the old
> table+//+CoreFreePool (Table);+//+// Update the table header+
> //+Table = NewTable;   }//   // Allocate data for new entry   //-
> Table[Index].NormalImage = AllocateZeroPool (sizeof
> (EFI_DEBUG_IMAGE_INFO_NORMAL));-  if (Table[Index].NormalImage !=
> NULL) {+  NormalImage = AllocateZeroPool (sizeof
> (EFI_DEBUG_IMAGE_INFO_NORMAL));+  if (NormalImage != NULL) { //
> // Update the entry //-Table[Index].NormalImage->ImageInfoType
> = (UINT32) ImageInfoType;-Table[Index].NormalImage-
> >LoadedImageProtocolInstance = LoadedImage;-
> Table[Index].NormalImage->ImageHandle = ImageHandle;+
> NormalImage->ImageInfoType   = (UINT32) ImageInfoType;+
> NormalImage->LoadedImageProtocolInstance = LoadedImage;+
> NormalImage->ImageHandle = ImageHandle; //-// 
> Increase the
> number of EFI_DEBUG_IMAGE_INFO elements and set the
> mDebugInfoTable in modified status.+// Set the mDebugInfoTable in
> modified status, insert the entry, and+// increase the number of
> EFI_DEBUG_IMAGE_INFO elements. //-
> mDebugInfoTableHeader.TableSize++;
> mDebugInfoTableHeader.UpdateStatus |=
> EFI_DEBUG_IMAGE_INFO_TABLE_MODIFIED;+Table[Index].NormalImage
> = NormalImage;+mDebugInfoTableHeader.TableSize++;   }
> mDebugInfoTableHeader.UpdateStatus &=
> 

[edk2-devel] [PATCH v2 1/1] MdeModulePkg/PiSmmCore: Drop deprecated image profiling commands

[Marvin Häuser]

The legacy codebase allowed SMM images to be registered for profiling
from DXE. Support for this has been dropped entirely, so remove the
remaining handlers.

Cc: Jian J Wang 
Cc: Hao A Wu 
Cc: Eric Dong 
Cc: Ray Ni 
Cc: Vitaly Cheptsov 
Signed-off-by: Marvin Häuser 
---
 MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c | 89 ++--
 MdeModulePkg/Include/Guid/MemoryProfile.h|  6 +-
 2 files changed, 12 insertions(+), 83 deletions(-)

diff --git a/MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c 
b/MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c
index 1b302c810cc9..9d6e3bf27aca 100644
--- a/MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c
+++ b/MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c
@@ -2232,64 +2232,6 @@ Done:
   mSmramProfileGettingStatus = SmramProfileGettingStatus;

 }

 

-/**

-  SMRAM profile handler to register SMM image.

-

-  @param SmramProfileParameterRegisterImage The parameter of SMM profile 
register image.

-

-**/

-VOID

-SmramProfileHandlerRegisterImage (

-  IN SMRAM_PROFILE_PARAMETER_REGISTER_IMAGE *SmramProfileParameterRegisterImage

-  )

-{

-  EFI_STATUSStatus;

-  EFI_SMM_DRIVER_ENTRY  DriverEntry;

-  VOID  *EntryPointInImage;

-

-  ZeroMem (, sizeof (DriverEntry));

-  CopyMem (, 
>FileName, sizeof(EFI_GUID));

-  DriverEntry.ImageBuffer = SmramProfileParameterRegisterImage->ImageBuffer;

-  DriverEntry.NumberOfPage = (UINTN) 
SmramProfileParameterRegisterImage->NumberOfPage;

-  Status = InternalPeCoffGetEntryPoint ((VOID *) (UINTN) 
DriverEntry.ImageBuffer, );

-  ASSERT_EFI_ERROR (Status);

-  DriverEntry.ImageEntryPoint = (PHYSICAL_ADDRESS) (UINTN) EntryPointInImage;

-

-  Status = RegisterSmramProfileImage (, FALSE);

-  if (!EFI_ERROR (Status)) {

-SmramProfileParameterRegisterImage->Header.ReturnStatus = 0;

-  }

-}

-

-/**

-  SMRAM profile handler to unregister SMM image.

-

-  @param SmramProfileParameterUnregisterImage The parameter of SMM profile 
unregister image.

-

-**/

-VOID

-SmramProfileHandlerUnregisterImage (

-  IN SMRAM_PROFILE_PARAMETER_UNREGISTER_IMAGE 
*SmramProfileParameterUnregisterImage

-  )

-{

-  EFI_STATUSStatus;

-  EFI_SMM_DRIVER_ENTRY  DriverEntry;

-  VOID  *EntryPointInImage;

-

-  ZeroMem (, sizeof (DriverEntry));

-  CopyMem (, 
>FileName, sizeof (EFI_GUID));

-  DriverEntry.ImageBuffer = SmramProfileParameterUnregisterImage->ImageBuffer;

-  DriverEntry.NumberOfPage = (UINTN) 
SmramProfileParameterUnregisterImage->NumberOfPage;

-  Status = InternalPeCoffGetEntryPoint ((VOID *) (UINTN) 
DriverEntry.ImageBuffer, );

-  ASSERT_EFI_ERROR (Status);

-  DriverEntry.ImageEntryPoint = (PHYSICAL_ADDRESS) (UINTN) EntryPointInImage;

-

-  Status = UnregisterSmramProfileImage (, FALSE);

-  if (!EFI_ERROR (Status)) {

-SmramProfileParameterUnregisterImage->Header.ReturnStatus = 0;

-  }

-}

-

 /**

   Dispatch function for a Software SMI handler.

 

@@ -2374,28 +2316,6 @@ SmramProfileHandler (
 }

 SmramProfileHandlerGetDataByOffset 
((SMRAM_PROFILE_PARAMETER_GET_PROFILE_DATA_BY_OFFSET *) (UINTN) CommBuffer);

 break;

-  case SMRAM_PROFILE_COMMAND_REGISTER_IMAGE:

-DEBUG ((EFI_D_ERROR, "SmramProfileHandlerRegisterImage\n"));

-if (TempCommBufferSize != sizeof (SMRAM_PROFILE_PARAMETER_REGISTER_IMAGE)) 
{

-  DEBUG ((EFI_D_ERROR, "SmramProfileHandler: SMM communication buffer size 
invalid!\n"));

-  return EFI_SUCCESS;

-}

-if (mSmramReadyToLock) {

-  return EFI_SUCCESS;

-}

-SmramProfileHandlerRegisterImage ((SMRAM_PROFILE_PARAMETER_REGISTER_IMAGE 
*) (UINTN) CommBuffer);

-break;

-  case SMRAM_PROFILE_COMMAND_UNREGISTER_IMAGE:

-DEBUG ((EFI_D_ERROR, "SmramProfileHandlerUnregisterImage\n"));

-if (TempCommBufferSize != sizeof 
(SMRAM_PROFILE_PARAMETER_UNREGISTER_IMAGE)) {

-  DEBUG ((EFI_D_ERROR, "SmramProfileHandler: SMM communication buffer size 
invalid!\n"));

-  return EFI_SUCCESS;

-}

-if (mSmramReadyToLock) {

-  return EFI_SUCCESS;

-}

-SmramProfileHandlerUnregisterImage 
((SMRAM_PROFILE_PARAMETER_UNREGISTER_IMAGE *) (UINTN) CommBuffer);

-break;

   case SMRAM_PROFILE_COMMAND_GET_RECORDING_STATE:

 DEBUG ((EFI_D_ERROR, "SmramProfileHandlerGetRecordingState\n"));

 if (TempCommBufferSize != sizeof 
(SMRAM_PROFILE_PARAMETER_RECORDING_STATE)) {

@@ -2417,6 +2337,15 @@ SmramProfileHandler (
 ParameterRecordingState->Header.ReturnStatus = 0;

 break;

 

+  //

+  // Below 2 commands have been deprecated. They may not be (re-)used.

+  //

+  case SMRAM_PROFILE_COMMAND_DEPRECATED1:

+  case SMRAM_PROFILE_COMMAND_DEPRECATED2:

+ASSERT (FALSE);

+//

+// Fall-through to the default (unrecognized command) case.

+//

   default:

 break;

   }

diff --git a/MdeModulePkg/Include/Guid/MemoryProfile.h 

[edk2-devel] [PATCH] UefiPayloadPkg: Fix the non-ascii character in UniversalPayloadEntry.c

[duntan]

Fix the non-ascii character in UniversalPayloadEntry.c

Cc: Guo Dong 
Cc: Ray Ni 
Cc: Maurice Ma 
Cc: Benjamin You 

Signed-off-by: DunTan 
---
 UefiPayloadPkg/UefiPayloadEntry/UniversalPayloadEntry.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/UefiPayloadPkg/UefiPayloadEntry/UniversalPayloadEntry.c 
b/UefiPayloadPkg/UefiPayloadEntry/UniversalPayloadEntry.c
index 09dd1e8378..03ad9c457b 100644
--- a/UefiPayloadPkg/UefiPayloadEntry/UniversalPayloadEntry.c
+++ b/UefiPayloadPkg/UefiPayloadEntry/UniversalPayloadEntry.c
@@ -38,7 +38,7 @@ PrintHob (
 /**
   Some bootloader may pass a pcd database, and UPL also contain a PCD database.
   Dxe PCD driver has the assumption that the two PCD database can be catenated 
and
-  the local token number should be successive。
+  the local token number should be successive.
   This function will fix up the UPL PCD database to meet that assumption.
 
   @param[in]   DxeFv The FV where to find the Universal PCD database.
-- 
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78923): https://edk2.groups.io/g/devel/message/78923
Mute This Topic: https://groups.io/mt/84762943/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-