Re: [edk2-devel] [PATCH v1 1/1] CryptoPkg： Redefinition bug in CrtLibSupport.h.

[Yao, Jiewen]

Reviewed-by: Jiewen Yao 

> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of Li, Zhihao
> Sent: Friday, March 25, 2022 3:41 PM
> To: devel@edk2.groups.io
> Subject: [edk2-devel] [PATCH v1 1/1] CryptoPkg： Redefinition bug in
> CrtLibSupport.h.
> 
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3885
> 
> Parallel hash patch redefines uint_64 type in CrtLibSupport.h
> which has been defined in openssl/include/openssl/e_os2.h.
> CryptMd5.c including e_os2.h cause redefinition bug.
> 
> Cc: Jiewen Yao jiewen@intel.com
> Cc: Jian J Wang jian.j.w...@intel.com
> Cc: Xiaoyu Lu xiaoyu1...@intel.com
> Cc: Guomin Jiang guomin.ji...@intel.com
> Cc: Siyuan Fu siyuan...@intel.com
> 
> Signed-off-by: Zhihao Li 
> ---
>  CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h | 2 ++
>  CryptoPkg/Library/Include/CrtLibSupport.h   | 1 -
>  2 files changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h
> b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h
> index fe08d4928e8d..dcfe200e5829 100644
> --- a/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h
> +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h
> @@ -25,6 +25,8 @@ http://creativecommons.org/publicdomain/zero/1.0/
> 
> 
>  #define KECCAK1600_WIDTH  1600
> 
> 
> 
> +typedef UINT64 uint64_t;
> 
> +
> 
>  //
> 
>  // This struct referring to m_sha3.c from opessl and modified its type name.
> 
>  //
> 
> diff --git a/CryptoPkg/Library/Include/CrtLibSupport.h
> b/CryptoPkg/Library/Include/CrtLibSupport.h
> index b76b140a7acf..75172b920b67 100644
> --- a/CryptoPkg/Library/Include/CrtLibSupport.h
> +++ b/CryptoPkg/Library/Include/CrtLibSupport.h
> @@ -111,7 +111,6 @@ typedef UINT8   u_char;
>  typedef UINT32  uid_t;
> 
>  typedef UINT32  gid_t;
> 
>  typedef CHAR16  wchar_t;
> 
> -typedef UINT64  uint64_t;
> 
> 
> 
>  //
> 
>  // File operations are not required for EFI building,
> 
> --
> 2.26.2.windows.1
> 
> 
> 
> 
> 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88061): https://edk2.groups.io/g/devel/message/88061
Mute This Topic: https://groups.io/mt/90017880/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 1/1] CryptoPkg: update openssl submodule to 1.1.1n

[Yao, Jiewen]

Reviewed-by: Jiewen Yao 

> -Original Message-
> From: Gerd Hoffmann 
> Sent: Friday, March 25, 2022 4:06 PM
> To: devel@edk2.groups.io
> Cc: Oliver Steffen ; Jiang, Guomin
> ; Lu, Xiaoyu1 ; Yao, Jiewen
> ; Wang, Jian J ; Pawel
> Polawski ; Gerd Hoffmann 
> Subject: [PATCH 1/1] CryptoPkg: update openssl submodule to 1.1.1n
> 
> Pick up bugfixes from latest openssl release.  Includes CVE-2022-0778
> fix (I don't think edk2 is affected though due to EC being disabled).
> 
> Signed-off-by: Gerd Hoffmann 
> ---
>  CryptoPkg/Library/OpensslLib/openssl | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/CryptoPkg/Library/OpensslLib/openssl
> b/CryptoPkg/Library/OpensslLib/openssl
> index 52c587d60be6..d82e959e621a 16
> --- a/CryptoPkg/Library/OpensslLib/openssl
> +++ b/CryptoPkg/Library/OpensslLib/openssl
> @@ -1 +1 @@
> -Subproject commit 52c587d60be67c337364b830dd3fdc15404a2f04
> +Subproject commit d82e959e621a3d597f1e0d50ff8c2d8b96915fd7
> --
> 2.35.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88060): https://edk2.groups.io/g/devel/message/88060
Mute This Topic: https://groups.io/mt/90018125/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 28/28] CryptoPkg: Enable cypto HMAC KDF library

[Judah Vang]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594

RPMC features requires HMAC-SHA256 support during
SMM phase.

Cc: Jiewen Yao 
Cc: Jian J Wang 
Cc: Xiaoyu Lu 
Cc: Guomin Jiang 
Cc: Nishant C Mistry 
Signed-off-by: Judah Vang 
---
 CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf 
b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
index 8f39517f78b7..c862448bf12b 100644
--- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
@@ -43,7 +43,7 @@ [Sources]
   Hash/CryptCShake256.c
   Hash/CryptParallelHash.c
   Hmac/CryptHmacSha256.c
-  Kdf/CryptHkdfNull.c
+  Kdf/CryptHkdf.c
   Cipher/CryptAes.c
   Pk/CryptRsaBasic.c
   Pk/CryptRsaExtNull.c
-- 
2.26.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88059): https://edk2.groups.io/g/devel/message/88059
Mute This Topic: https://groups.io/mt/90035403/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 27/28] OvmfPkg: Add ProtectedVariable reference

[Judah Vang]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594

Add reference for ProtectedVariableLib.

Cc: Jian J Wang 
Cc: Sebastien Boeuf 
Cc: Nishant C Mistry 
Signed-off-by: Judah Vang 
---
 OvmfPkg/CloudHv/CloudHvX64.dsc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc b/OvmfPkg/CloudHv/CloudHvX64.dsc
index b4d855d80f56..bd9822b8a447 100644
--- a/OvmfPkg/CloudHv/CloudHvX64.dsc
+++ b/OvmfPkg/CloudHv/CloudHvX64.dsc
@@ -179,6 +179,7 @@ [LibraryClasses]
   VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf
   LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf
   MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf
+  
ProtectedVariableLib|MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull.inf
 !if $(SMM_REQUIRE) == FALSE
   LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
 !endif
-- 
2.26.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88058): https://edk2.groups.io/g/devel/message/88058
Mute This Topic: https://groups.io/mt/90035402/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 25/28] OvmfPkg: Add ProtectedVariableLib reference

[Judah Vang]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594

Add reference for ProtectedVariableLib.

Cc: Jian J Wang 
Cc: Rebecca Cran 
Cc: Peter Grehan 
Cc: Nishant C Mistry 
Signed-off-by: Judah Vang 
---
 OvmfPkg/Bhyve/BhyveX64.dsc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/OvmfPkg/Bhyve/BhyveX64.dsc b/OvmfPkg/Bhyve/BhyveX64.dsc
index 5fa08bebd73c..1344eb864a38 100644
--- a/OvmfPkg/Bhyve/BhyveX64.dsc
+++ b/OvmfPkg/Bhyve/BhyveX64.dsc
@@ -1,6 +1,6 @@
 #
 #  Copyright (c) 2020, Rebecca Cran 
-#  Copyright (c) 2006 - 2021, Intel Corporation. All rights reserved.
+#  Copyright (c) 2006 - 2022, Intel Corporation. All rights reserved.
 #  (C) Copyright 2016 Hewlett Packard Enterprise Development LP
 #  Copyright (c) 2014, Pluribus Networks, Inc.
 #
@@ -169,6 +169,7 @@ [LibraryClasses]
   VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf
   MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf
   LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
+  
ProtectedVariableLib|MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull.inf
 
   
CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/CustomizedDisplayLib.inf
   
FrameBufferBltLib|MdeModulePkg/Library/FrameBufferBltLib/FrameBufferBltLib.inf
-- 
2.26.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88056): https://edk2.groups.io/g/devel/message/88056
Mute This Topic: https://groups.io/mt/90035399/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 26/28] OvmfPkg: Add ProtectedVariableLib reference

[Judah Vang]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594

Add reference for ProtectedVariableLib.

Cc: Jian J Wang 
Cc: Gerd Hoffmann 
Cc: Nishant C Mistry 
Signed-off-by: Judah Vang 
---
 OvmfPkg/Microvm/MicrovmX64.dsc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/OvmfPkg/Microvm/MicrovmX64.dsc b/OvmfPkg/Microvm/MicrovmX64.dsc
index 1ea43443ae97..7b3724cabb7f 100644
--- a/OvmfPkg/Microvm/MicrovmX64.dsc
+++ b/OvmfPkg/Microvm/MicrovmX64.dsc
@@ -1,7 +1,7 @@
 ## @file
 #  EFI/Framework Open Virtual Machine Firmware (OVMF) platform
 #
-#  Copyright (c) 2006 - 2021, Intel Corporation. All rights reserved.
+#  Copyright (c) 2006 - 2022, Intel Corporation. All rights reserved.
 #  (C) Copyright 2016 Hewlett Packard Enterprise Development LP
 #  Copyright (c) Microsoft Corporation.
 #
@@ -181,6 +181,7 @@ [LibraryClasses]
   LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
   
CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/CustomizedDisplayLib.inf
   
FrameBufferBltLib|MdeModulePkg/Library/FrameBufferBltLib/FrameBufferBltLib.inf
+  
ProtectedVariableLib|MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull.inf
 
 !if $(SOURCE_DEBUG_ENABLE) == TRUE
   
PeCoffExtraActionLib|SourceLevelDebugPkg/Library/PeCoffExtraActionLibDebug/PeCoffExtraActionLibDebug.inf
-- 
2.26.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88057): https://edk2.groups.io/g/devel/message/88057
Mute This Topic: https://groups.io/mt/90035400/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 24/28] OvmfPkg: Add ProtectedVariableLib reference

[Judah Vang]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594

Add reference for ProtectedVariableLib.

Cc: Jian J Wang 
Cc: Jiewen Yao 
Cc: Min Xu 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Tom Lendacky 
Cc: Nishant C Mistry 
Signed-off-by: Judah Vang 
---
 OvmfPkg/AmdSev/AmdSevX64.dsc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
index fd56176796d5..8e157b685d08 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
@@ -3,7 +3,7 @@
 #  virtual machine remote attestation and secret injection
 #
 #  Copyright (c) 2020 James Bottomley, IBM Corporation.
-#  Copyright (c) 2006 - 2021, Intel Corporation. All rights reserved.
+#  Copyright (c) 2006 - 2022, Intel Corporation. All rights reserved.
 #  (C) Copyright 2016 Hewlett Packard Enterprise Development LP
 #
 #  SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -174,6 +174,7 @@ [LibraryClasses]
   
CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/CustomizedDisplayLib.inf
   
FrameBufferBltLib|MdeModulePkg/Library/FrameBufferBltLib/FrameBufferBltLib.inf
   
BlobVerifierLib|OvmfPkg/AmdSev/BlobVerifierLibSevHashes/BlobVerifierLibSevHashes.inf
+  
ProtectedVariableLib|MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull.inf
 
 !if $(SOURCE_DEBUG_ENABLE) == TRUE
   
PeCoffExtraActionLib|SourceLevelDebugPkg/Library/PeCoffExtraActionLibDebug/PeCoffExtraActionLibDebug.inf
-- 
2.26.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88055): https://edk2.groups.io/g/devel/message/88055
Mute This Topic: https://groups.io/mt/90035398/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 22/28] EmulatorPkg: Add ProtectedVariable reference

[Judah Vang]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594

Add reference for ProtectedVariableLib.

Cc: Jian J Wang 
Cc: Andrew Fish 
Cc: Ray Ni 
Cc: Nishant C Mistry 
Signed-off-by: Judah Vang 
---
 EmulatorPkg/EmulatorPkg.dsc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/EmulatorPkg/EmulatorPkg.dsc b/EmulatorPkg/EmulatorPkg.dsc
index 554c13ddb500..4a6d50390db7 100644
--- a/EmulatorPkg/EmulatorPkg.dsc
+++ b/EmulatorPkg/EmulatorPkg.dsc
@@ -4,7 +4,7 @@
 # The Emulation Platform can be used to debug individual modules, prior to 
creating
 # a real platform. This also provides an example for how an DSC is created.
 #
-# Copyright (c) 2006 - 2021, Intel Corporation. All rights reserved.
+# Copyright (c) 2006 - 2022, Intel Corporation. All rights reserved.
 # Portions copyright (c) 2010 - 2011, Apple Inc. All rights reserved.
 # Copyright (c) Microsoft Corporation.
 #
@@ -119,6 +119,7 @@ [LibraryClasses]
   LockBoxLib|MdeModulePkg/Library/LockBoxNullLib/LockBoxNullLib.inf
   
CpuExceptionHandlerLib|MdeModulePkg/Library/CpuExceptionHandlerLibNull/CpuExceptionHandlerLibNull.inf
   
TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
+  
ProtectedVariableLib|MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull.inf
   VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
   
VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeDxe.inf
   
VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
-- 
2.26.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88053): https://edk2.groups.io/g/devel/message/88053
Mute This Topic: https://groups.io/mt/90035396/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 20/28] ArmVirtPkg: Add reference to ProtectedVariableNull

[Judah Vang]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594

Need reference to ProtectVariableNullLib.

Cc: Jian J Wang 
Cc: Ard Biesheuvel 
Cc: Leif Lindholm 
Cc: Nishant C Mistry 
Signed-off-by: Judah Vang 
---
 ArmVirtPkg/ArmVirtQemu.dsc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
index b2b0d304d335..1e4973f5676f 100644
--- a/ArmVirtPkg/ArmVirtQemu.dsc
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
@@ -1,7 +1,7 @@
 #
 #  Copyright (c) 2011-2015, ARM Limited. All rights reserved.
 #  Copyright (c) 2014, Linaro Limited. All rights reserved.
-#  Copyright (c) 2015 - 2020, Intel Corporation. All rights reserved.
+#  Copyright (c) 2015 - 2022, Intel Corporation. All rights reserved.
 #
 #  SPDX-License-Identifier: BSD-2-Clause-Patent
 #
@@ -81,6 +81,7 @@ [LibraryClasses.common]
   PciSegmentLib|MdePkg/Library/BasePciSegmentLibPci/BasePciSegmentLibPci.inf
   PciHostBridgeLib|OvmfPkg/Fdt/FdtPciHostBridgeLib/FdtPciHostBridgeLib.inf
   
PciHostBridgeUtilityLib|OvmfPkg/Library/PciHostBridgeUtilityLib/PciHostBridgeUtilityLib.inf
+  
ProtectedVariableLib|MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull.inf
 
 !if $(TPM2_ENABLE) == TRUE
   Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf
-- 
2.26.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88052): https://edk2.groups.io/g/devel/message/88052
Mute This Topic: https://groups.io/mt/90035395/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 18/28] MdeModulePkg: Reference Null ProtectedVariableLib

[Judah Vang]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594

Make reference to new Null ProtectVariableLib by default.

Cc: Jian J Wang 
Cc: Liming Gao 
Cc: Nishant C Mistry 
Signed-off-by: Judah Vang 
---
 MdeModulePkg/MdeModulePkg.dsc | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/MdeModulePkg/MdeModulePkg.dsc b/MdeModulePkg/MdeModulePkg.dsc
index b1d83461865e..6d9847c0cd34 100644
--- a/MdeModulePkg/MdeModulePkg.dsc
+++ b/MdeModulePkg/MdeModulePkg.dsc
@@ -2,7 +2,7 @@
 # EFI/PI Reference Module Package for All Architectures
 #
 # (C) Copyright 2014 Hewlett-Packard Development Company, L.P.
-# Copyright (c) 2007 - 2021, Intel Corporation. All rights reserved.
+# Copyright (c) 2007 - 2022, Intel Corporation. All rights reserved.
 # Copyright (c) Microsoft Corporation.
 #
 #SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -103,6 +103,7 @@ [LibraryClasses]
   
DisplayUpdateProgressLib|MdeModulePkg/Library/DisplayUpdateProgressLibGraphics/DisplayUpdateProgressLibGraphics.inf
   
VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
   
MmUnblockMemoryLib|MdePkg/Library/MmUnblockMemoryLib/MmUnblockMemoryLibNull.inf
+  
ProtectedVariableLib|MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull.inf
 
 [LibraryClasses.EBC.PEIM]
   IoLib|MdePkg/Library/PeiIoLibCpuIo/PeiIoLibCpuIo.inf
@@ -316,6 +317,7 @@ [Components]
   
MdeModulePkg/Library/PlatformBootManagerLibNull/PlatformBootManagerLibNull.inf
   MdeModulePkg/Library/BootLogoLib/BootLogoLib.inf
   MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
+  MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull.inf
   MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf
   MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf
   MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeDxe.inf
-- 
2.26.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88049): https://edk2.groups.io/g/devel/message/88049
Mute This Topic: https://groups.io/mt/90035392/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 23/28] OvmfPkg: Add ProtectedVariable reference

[Judah Vang]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594

Add reference for ProtectedVariableLib.

Cc: Jian J Wang 
Cc: Ard Biesheuvel 
Cc: Jiewen Yao 
Cc: Jordan Justen 
Cc: Gerd Hoffmann 
Cc: Nishant C Mistry 
Signed-off-by: Judah Vang 
---
 OvmfPkg/OvmfPkgIa32.dsc| 3 ++-
 OvmfPkg/OvmfPkgIa32X64.dsc | 3 ++-
 OvmfPkg/OvmfPkgX64.dsc | 3 ++-
 OvmfPkg/OvmfXen.dsc| 3 ++-
 4 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index 85abed24c1a7..4f99b5d7024a 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -1,7 +1,7 @@
 ## @file
 #  EFI/Framework Open Virtual Machine Firmware (OVMF) platform
 #
-#  Copyright (c) 2006 - 2021, Intel Corporation. All rights reserved.
+#  Copyright (c) 2006 - 2022, Intel Corporation. All rights reserved.
 #  (C) Copyright 2016 Hewlett Packard Enterprise Development LP
 #  Copyright (c) Microsoft Corporation.
 #
@@ -176,6 +176,7 @@ [LibraryClasses]
   VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf
   LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf
   MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf
+  
ProtectedVariableLib|MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull.inf
 !if $(SMM_REQUIRE) == FALSE
   LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
 !endif
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index a9c1daecc1a8..fa2f27e4ccbc 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -1,7 +1,7 @@
 ## @file
 #  EFI/Framework Open Virtual Machine Firmware (OVMF) platform
 #
-#  Copyright (c) 2006 - 2021, Intel Corporation. All rights reserved.
+#  Copyright (c) 2006 - 2022, Intel Corporation. All rights reserved.
 #  (C) Copyright 2016 Hewlett Packard Enterprise Development LP
 #  Copyright (c) Microsoft Corporation.
 #
@@ -180,6 +180,7 @@ [LibraryClasses]
   VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf
   LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf
   MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf
+  
ProtectedVariableLib|MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull.inf
 !if $(SMM_REQUIRE) == FALSE
   LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
 !endif
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 718399299f57..520f551dbcb9 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -1,7 +1,7 @@
 ## @file
 #  EFI/Framework Open Virtual Machine Firmware (OVMF) platform
 #
-#  Copyright (c) 2006 - 2021, Intel Corporation. All rights reserved.
+#  Copyright (c) 2006 - 2022, Intel Corporation. All rights reserved.
 #  (C) Copyright 2016 Hewlett Packard Enterprise Development LP
 #  Copyright (c) Microsoft Corporation.
 #
@@ -180,6 +180,7 @@ [LibraryClasses]
   VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf
   LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf
   MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf
+  
ProtectedVariableLib|MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull.inf
 !if $(SMM_REQUIRE) == FALSE
   LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
 !endif
diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc
index efa97f09f32b..2a64c81157a1 100644
--- a/OvmfPkg/OvmfXen.dsc
+++ b/OvmfPkg/OvmfXen.dsc
@@ -1,7 +1,7 @@
 ## @file
 #  EFI/Framework Open Virtual Machine Firmware (OVMF) platform
 #
-#  Copyright (c) 2006 - 2021, Intel Corporation. All rights reserved.
+#  Copyright (c) 2006 - 2022, Intel Corporation. All rights reserved.
 #  (C) Copyright 2016 Hewlett Packard Enterprise Development LP
 #  Copyright (c) 2019, Citrix Systems, Inc.
 #  Copyright (c) Microsoft Corporation.
@@ -216,6 +216,7 @@ [LibraryClasses]
 
   
Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLib.inf
   
TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
+  
ProtectedVariableLib|MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull.inf
   RealTimeClockLib|OvmfPkg/Library/XenRealTimeClockLib/XenRealTimeClockLib.inf
   TimeBaseLib|EmbeddedPkg/Library/TimeBaseLib/TimeBaseLib.inf
 !ifdef $(DEBUG_ON_HYPERVISOR_CONSOLE)
-- 
2.26.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88054): https://edk2.groups.io/g/devel/message/88054
Mute This Topic: https://groups.io/mt/90035397/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 21/28] UefiPayloadPkg: Add ProtectedVariable reference

[Judah Vang]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594

Add reference for ProtectedVariableLib.

Cc: Jian J Wang 
Cc: Guo Dong 
Cc: Ray Ni 
Cc: Maurice Ma 
Cc: Benjamin You 
Cc: Sean Rhodes 
Cc: Nishant C Mistry 
Signed-off-by: Judah Vang 
---
 UefiPayloadPkg/UefiPayloadPkg.dsc | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/UefiPayloadPkg/UefiPayloadPkg.dsc 
b/UefiPayloadPkg/UefiPayloadPkg.dsc
index 14a8d157a292..4edfa2826857 100644
--- a/UefiPayloadPkg/UefiPayloadPkg.dsc
+++ b/UefiPayloadPkg/UefiPayloadPkg.dsc
@@ -3,7 +3,7 @@
 #
 # Provides drivers and definitions to create uefi payload for bootloaders.
 #
-# Copyright (c) 2014 - 2021, Intel Corporation. All rights reserved.
+# Copyright (c) 2014 - 2022, Intel Corporation. All rights reserved.
 # Copyright (c) Microsoft Corporation.
 # SPDX-License-Identifier: BSD-2-Clause-Patent
 #
@@ -263,9 +263,11 @@ [LibraryClasses]
   
AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf
 !if $(VARIABLE_SUPPORT) == "EMU"
   
TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
+  
ProtectedVariableLib|MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull.inf
 !elseif $(VARIABLE_SUPPORT) == "SPI"
   
PlatformSecureLib|SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.inf
   
TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
+  
ProtectedVariableLib|SecurityPkg/Library/ProtectedVariableLib/DxeProtectedVariableLib.inf
   
S3BootScriptLib|MdePkg/Library/BaseS3BootScriptLibNull/BaseS3BootScriptLibNull.inf
   
MmUnblockMemoryLib|MdePkg/Library/MmUnblockMemoryLib/MmUnblockMemoryLibNull.inf
 !endif
-- 
2.26.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88051): https://edk2.groups.io/g/devel/message/88051
Mute This Topic: https://groups.io/mt/90035394/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 15/28] SecurityPkg: Add VariableKey library function

[Judah Vang]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594

Provide VariableKey function that retrieves the key
for integrity and/or confidentiality of variables

Cc: Jian J Wang 
Cc: Jiewen Yao 
Cc: Nishant C Mistry 
Signed-off-by: Judah Vang 
---
 SecurityPkg/Library/VariableKeyLib/VariableKeyLib.inf | 36 
 SecurityPkg/Library/VariableKeyLib/VariableKeyLib.c   | 59 
 2 files changed, 95 insertions(+)

diff --git a/SecurityPkg/Library/VariableKeyLib/VariableKeyLib.inf 
b/SecurityPkg/Library/VariableKeyLib/VariableKeyLib.inf
new file mode 100644
index ..f62c80ce9943
--- /dev/null
+++ b/SecurityPkg/Library/VariableKeyLib/VariableKeyLib.inf
@@ -0,0 +1,36 @@
+## @file
+#  Provides default implementation of VariableKeyLib.
+#
+#  Copyright (c) 2022, Intel Corporation. All rights reserved.
+#  SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+  INF_VERSION= 0x00010029
+  BASE_NAME  = VariableKeyLib
+  FILE_GUID  = 7DF5A0BA-1DBB-4E67-A9F7-9FCCB1F9D250
+  MODULE_TYPE= BASE
+  VERSION_STRING = 1.0
+  LIBRARY_CLASS  = VariableKeyLib
+
+#
+# The following information is for reference only and not required by the 
build tools.
+#
+#  VALID_ARCHITECTURES   = IA32 X64 Arm AArch64
+#
+
+[Sources]
+  VariableKeyLib.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+  SecurityPkg/SecurityPkg.dec
+
+[LibraryClasses]
+  BaseLib
+  DebugLib
+
+[PpiS]
+  gKeyServicePpiGuid ## CONSUMES
+
diff --git a/SecurityPkg/Library/VariableKeyLib/VariableKeyLib.c 
b/SecurityPkg/Library/VariableKeyLib/VariableKeyLib.c
new file mode 100644
index ..31b22782cb0c
--- /dev/null
+++ b/SecurityPkg/Library/VariableKeyLib/VariableKeyLib.c
@@ -0,0 +1,59 @@
+/** @file
+  VariableKeyLib implementation.
+
+Copyright (c) 2022, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include 
+
+#include 
+#include 
+#include 
+
+#include 
+
+#define VAR_KEY_SALT   L"Key for RPMC Variable"
+#define VAR_KEY_SALT_SIZE  sizeof (VAR_KEY_SALT)
+
+/**
+  Retrieves the key for integrity and/or confidentiality of variables.
+
+  @param[out] VariableKey A pointer to pointer for the variable 
key buffer.
+  @param[in]  VariableKeySize The size in bytes of the variable key.
+
+  @retval   EFI_SUCCESS The variable key was returned.
+  @retval   EFI_DEVICE_ERRORAn error occurred while attempting to 
get the variable key.
+  @retval   EFI_ACCESS_DENIED   The function was invoked after locking 
the key interface.
+  @retval   EFI_UNSUPPORTED The variable key is not supported in 
the current boot configuration.
+**/
+EFI_STATUS
+EFIAPI
+GetVariableKey (
+  OUT VOID   *VariableKey,
+  IN  UINTN  VariableKeySize
+  )
+{
+  EFI_STATUS   Status;
+  KEY_SERVICE_PPI  *KeyService;
+
+  Status = PeiServicesLocatePpi (
+ &gKeyServicePpiGuid,
+ 0,
+ NULL,
+ (void **)&KeyService
+ );
+  if (EFI_ERROR (Status)) {
+ASSERT_EFI_ERROR (Status);
+return Status;
+  }
+
+  Status = KeyService->GenerateKey (
+ (UINT8 *)VAR_KEY_SALT,
+ VAR_KEY_SALT_SIZE,
+ VariableKey,
+ VariableKeySize
+ );
+  return Status;
+}
-- 
2.26.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88046): https://edk2.groups.io/g/devel/message/88046
Mute This Topic: https://groups.io/mt/90035389/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 19/28] SecurityPkg: Add references to new *.inf files

[Judah Vang]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594

Add references to the different *ProtectedVariableLib.inf.
Also add references to VariableKeyLibNull.inf,
EncryptionVariableLibNull.inf, ProtectedVariableNull.inf.

Cc: Jian J Wang 
Cc: Jiewen Yao 
Cc: Nishant C Mistry 
Signed-off-by: Judah Vang 
---
 SecurityPkg/SecurityPkg.dsc | 13 -
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc
index 73a93c2285b1..6d8318c6e4bf 100644
--- a/SecurityPkg/SecurityPkg.dsc
+++ b/SecurityPkg/SecurityPkg.dsc
@@ -1,7 +1,7 @@
 ## @file
 #  Security Module Package for All Architectures.
 #
-# Copyright (c) 2009 - 2021, Intel Corporation. All rights reserved.
+# Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.
 # (C) Copyright 2015-2020 Hewlett Packard Enterprise Development LP
 # SPDX-License-Identifier: BSD-2-Clause-Patent
 #
@@ -66,8 +66,11 @@ [LibraryClasses]
   TcgStorageCoreLib|SecurityPkg/Library/TcgStorageCoreLib/TcgStorageCoreLib.inf
   TcgStorageOpalLib|SecurityPkg/Library/TcgStorageOpalLib/TcgStorageOpalLib.inf
   
ResetSystemLib|MdeModulePkg/Library/BaseResetSystemLibNull/BaseResetSystemLibNull.inf
+
+  # These should be Null by default
   VariableKeyLib|SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
   RpmcLib|SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
+  
EncryptionVariableLib|SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariableLibNull.inf
   
TcgEventLogRecordLib|SecurityPkg/Library/TcgEventLogRecordLib/TcgEventLogRecordLib.inf
   
MmUnblockMemoryLib|MdePkg/Library/MmUnblockMemoryLib/MmUnblockMemoryLibNull.inf
   
SecureBootVariableLib|SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.inf
@@ -251,8 +254,16 @@ [Components]
   #
   # Variable Confidentiality & Integrity
   #
+  SecurityPkg/Library/ProtectedVariableLib/PeiProtectedVariableLib.inf
+  SecurityPkg/Library/ProtectedVariableLib/DxeProtectedVariableLib.inf
+  SecurityPkg/Library/ProtectedVariableLib/SmmProtectedVariableLib.inf
+  SecurityPkg/Library/ProtectedVariableLib/SmmRuntimeProtectedVariableLib.inf
+  SecurityPkg/Library/EncryptionVariableLib/EncryptionVariableLib.inf
+  SecurityPkg/Library/VariableKeyLib/VariableKeyLib.inf
+
   SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
   SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
+  SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariableLibNull.inf
 
   #
   # Other
-- 
2.26.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88050): https://edk2.groups.io/g/devel/message/88050
Mute This Topic: https://groups.io/mt/90035393/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 16/28] SecurityPkg: Add EncryptionVariable lib with AES

[Judah Vang]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594

Add encryption/decryption of protected variable functionality.
Add functions to get/set cipher data of a protected variable.

Cc: Jian J Wang 
Cc: Jiewen Yao 
Cc: Nishant C Mistry 
Signed-off-by: Judah Vang 
---
 SecurityPkg/Library/EncryptionVariableLib/EncryptionVariableLib.inf |  43 ++
 SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.h  |  49 ++
 SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.c  | 728 

 3 files changed, 820 insertions(+)

diff --git 
a/SecurityPkg/Library/EncryptionVariableLib/EncryptionVariableLib.inf 
b/SecurityPkg/Library/EncryptionVariableLib/EncryptionVariableLib.inf
new file mode 100644
index ..7ece52f2fb58
--- /dev/null
+++ b/SecurityPkg/Library/EncryptionVariableLib/EncryptionVariableLib.inf
@@ -0,0 +1,43 @@
+## @file
+#  Provides variable encryption/decryption services.
+#
+#  Copyright (c) 2022, Intel Corporation. All rights reserved.
+#
+#  SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+  INF_VERSION= 0x00010029
+  BASE_NAME  = EncryptionVariableLib
+  FILE_GUID  = 459E2CB0-AF4B-4415-B6A1-335E71FD8B85
+  MODULE_TYPE= BASE
+  VERSION_STRING = 1.0
+  LIBRARY_CLASS  = EncryptionVariableLib
+
+#
+# The following information is for reference only and not required by the 
build tools.
+#
+#  VALID_ARCHITECTURES   = IA32 X64
+#
+
+[Sources]
+  EncryptionVariable.c
+  EncryptionVariable.h
+
+[Packages]
+  MdePkg/MdePkg.dec
+  MdeModulePkg/MdeModulePkg.dec
+  SecurityPkg/SecurityPkg.dec
+  CryptoPkg/CryptoPkg.dec
+
+[LibraryClasses]
+  BaseLib
+  BaseMemoryLib
+  DebugLib
+  MemoryAllocationLib
+  BaseCryptLib
+
+[Guids]
+  gEfiVariableGuid
+  gEfiAuthenticatedVariableGuid
diff --git a/SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.h 
b/SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.h
new file mode 100644
index ..f35f9f9e3ad7
--- /dev/null
+++ b/SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.h
@@ -0,0 +1,49 @@
+/** @file
+  Definitions used by this library implementation.
+
+Copyright (c) 2022, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef ENCRYPTION_VARIABLE_H_
+#define ENCRYPTION_VARIABLE_H_
+
+#define ENC_KEY_SEPL":"
+#define ENC_KEY_SEP_SIZE   2
+#define ENC_KEY_NAME   L"VAR_ENC_KEY"
+#define ENC_KEY_NAME_SIZE  22
+
+#define ENC_KEY_SIZE(256/8)
+#define ENC_BLOCK_SIZE  AES_BLOCK_SIZE
+#define ENC_IVEC_SIZE   ENC_BLOCK_SIZE
+
+#define ENC_PADDING_BYTE  0x0F
+
+//
+// PKCS#5 padding
+//
+// #define AES_CIPHER_DATA_SIZE(PlainDataSize)
+//  (AES_BLOCK_SIZE + (PlainDataSize)) & (~(AES_BLOCK_SIZE - 1))
+//
+#define AES_CIPHER_DATA_SIZE(PlainDataSize)  ALIGN_VALUE (PlainDataSize, 
AES_BLOCK_SIZE)
+
+#define FREE_POOL(Address)  \
+if ((Address) != NULL) {\
+  FreePool (Address);   \
+  (Address) = NULL; \
+}
+
+#pragma pack(1)
+
+typedef struct {
+  UINT32DataType; // SYM_TYPE_AES
+  UINT32HeaderSize;   // sizeof(VARIABLE_ENCRYPTION_HEADER)
+  UINT32PlainDataSize;// Plain data size
+  UINT32CipherDataSize;   // Cipher data size
+  UINT8 KeyIvec[ENC_IVEC_SIZE];
+} VARIABLE_ENCRYPTION_HEADER;
+
+#pragma pack()
+
+#endif // _ENCRYPTION_VARIABLE_H_
diff --git a/SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.c 
b/SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.c
new file mode 100644
index ..58ffb09e0373
--- /dev/null
+++ b/SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.c
@@ -0,0 +1,728 @@
+/** @file
+  Implementation of EncryptionVariableLib with AES algorithm support.
+
+Copyright (c) 2022, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include 
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include "EncryptionVariable.h"
+
+/**
+  Derive encryption key for given variable from variable root key.
+
+  The derivation algorithm is depicted below
+
+HKDF_Expand(SHA256, RootKey, Name||':'||Guid||':'||Attr||"VAR_ENC_KEY")
+
+  @param[in]VarEncInfoPointer to structure containing detailed
+  information about a variable.
+  @param[in]EncKeySizeSize of key requested.
+  @param[out]   EncKeyBuffer of key.
+
+  @retval TRUEThe key was derived successfully.
+  @retval FALSE   Failed to generate encryption key.
+
+**/
+STATIC
+BOOLEAN
+EncVarLibGenEncKey (
+  IN VARIABLE_ENCRYPTION_INFO  *VarEncInfo,
+  IN UINTN EncKeySize,
+  OUT UINT8*EncKey
+  )
+{
+  BOOLEAN  Status;
+
+  struct {
+VOID *Data;
+UINTNSize;
+  } InfoGroup[6];
+  UINT8  *Info;
+  UINTN  InfoSize;
+  UINTN  Index;
+  UINT8  Sal

[edk2-devel] [PATCH v1 13/28] SecurityPkg: Fix GetVariableKey API

[Judah Vang]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594

Fix GetVariableKey API to match changes in header files.

Cc: Jian J Wang 
Cc: Jiewen Yao 
Cc: Nishant C Mistry 
Signed-off-by: Judah Vang 
---
 SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c 
b/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c
index a08def767b5f..cfbad54ba106 100644
--- a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c
+++ b/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c
@@ -1,7 +1,7 @@
 /** @file
   Null version of VariableKeyLib for build purpose. Don't use it in real 
product.
 
-Copyright (c) 2020, Intel Corporation. All rights reserved.
+Copyright (c) 2020 - 2022, Intel Corporation. All rights reserved.
 SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
@@ -22,8 +22,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 EFI_STATUS
 EFIAPI
 GetVariableKey (
-  OUT VOID   **VariableKey,
-  IN  OUT UINTN  *VariableKeySize
+  OUT VOID   *VariableKey,
+  IN  UINTN  VariableKeySize
   )
 {
   ASSERT (FALSE);
-- 
2.26.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88044): https://edk2.groups.io/g/devel/message/88044
Mute This Topic: https://groups.io/mt/90035387/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 12/28] SecurityPkg: Add new variable types and functions

[Judah Vang]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594

Add new variable encryption/decryption function prototypes.
Add new variable digest structure. Add new Protected
variable function prototypes. Update RPMC APIs to Add
an index because there are more than one counter.

Cc: Jian J Wang 
Cc: Jiewen Yao 
Cc: Nishant C Mistry 
Signed-off-by: Judah Vang 
---
 SecurityPkg/Include/Library/RpmcLib.h| 15 +---
 SecurityPkg/Include/Library/VariableKeyLib.h | 37 +++-
 2 files changed, 16 insertions(+), 36 deletions(-)

diff --git a/SecurityPkg/Include/Library/RpmcLib.h 
b/SecurityPkg/Include/Library/RpmcLib.h
index df4ba34ba8cf..cb71dfcd7e4d 100644
--- a/SecurityPkg/Include/Library/RpmcLib.h
+++ b/SecurityPkg/Include/Library/RpmcLib.h
@@ -1,19 +1,23 @@
 /** @file
   Public definitions for the Replay Protected Monotonic Counter (RPMC) Library.
 
-Copyright (c) 2020, Intel Corporation. All rights reserved.
+Copyright (c) 2020 - 2022, Intel Corporation. All rights reserved.
 SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
 
-#ifndef _RPMC_LIB_H_
-#define _RPMC_LIB_H_
+#ifndef RPMC_LIB_H_
+#define RPMC_LIB_H_
 
 #include 
 
+#define RPMC_COUNTER_1  0
+#define RPMC_COUNTER_2  1
+
 /**
   Requests the monotonic counter from the designated RPMC counter.
 
+  @param[in]CounterIndexThe RPMC index
   @param[out]   CounterValueA pointer to a buffer to store the 
RPMC value.
 
   @retval   EFI_SUCCESS The operation completed successfully.
@@ -23,12 +27,15 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 EFI_STATUS
 EFIAPI
 RequestMonotonicCounter (
+  IN  UINT8   CounterIndex,
   OUT UINT32  *CounterValue
   );
 
 /**
   Increments the monotonic counter in the SPI flash device by 1.
 
+  @param[in]CounterIndexThe RPMC index
+
   @retval   EFI_SUCCESS The operation completed successfully.
   @retval   EFI_DEVICE_ERRORA device error occurred while 
attempting to update the counter.
   @retval   EFI_UNSUPPORTED The operation is un-supported.
@@ -36,7 +43,7 @@ RequestMonotonicCounter (
 EFI_STATUS
 EFIAPI
 IncrementMonotonicCounter (
-  VOID
+  IN  UINT8  CounterIndex
   );
 
 #endif
diff --git a/SecurityPkg/Include/Library/VariableKeyLib.h 
b/SecurityPkg/Include/Library/VariableKeyLib.h
index 561ebad09da2..6076c4d4731b 100644
--- a/SecurityPkg/Include/Library/VariableKeyLib.h
+++ b/SecurityPkg/Include/Library/VariableKeyLib.h
@@ -1,13 +1,13 @@
 /** @file
   Public definitions for Variable Key Library.
 
-Copyright (c) 2020, Intel Corporation. All rights reserved.
+Copyright (c) 2020 - 2022, Intel Corporation. All rights reserved.
 SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
 
-#ifndef _VARIABLE_KEY_LIB_H_
-#define _VARIABLE_KEY_LIB_H_
+#ifndef VARIABLE_KEY_LIB_H_
+#define VARIABLE_KEY_LIB_H_
 
 #include 
 
@@ -25,35 +25,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 EFI_STATUS
 EFIAPI
 GetVariableKey (
-  OUT VOID   **VariableKey,
-  IN  OUT UINTN  *VariableKeySize
-  );
-
-/**
-  Regenerates the variable key.
-
-  @retval   EFI_SUCCESS The variable key was regenerated 
successfully.
-  @retval   EFI_DEVICE_ERRORAn error occurred while attempting to 
regenerate the key.
-  @retval   EFI_ACCESS_DENIED   The function was invoked after locking 
the key interface.
-  @retval   EFI_UNSUPPORTED Key regeneration is not supported in 
the current boot configuration.
-**/
-EFI_STATUS
-EFIAPI
-RegenerateVariableKey (
-  VOID
-  );
-
-/**
-  Locks the regenerate key interface.
-
-  @retval   EFI_SUCCESS The key interface was locked 
successfully.
-  @retval   EFI_UNSUPPORTED Locking the key interface is not 
supported in the current boot configuration.
-  @retval   Others  An error occurred while attempting to 
lock the key interface.
-**/
-EFI_STATUS
-EFIAPI
-LockVariableKeyInterface (
-  VOID
+  OUT VOID   *VariableKey,
+  IN  UINTN  VariableKeySize
   );
 
 #endif
-- 
2.26.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88043): https://edk2.groups.io/g/devel/message/88043
Mute This Topic: https://groups.io/mt/90035386/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 14/28] SecurityPkg: Add null encryption variable libs

[Judah Vang]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594

Provide null ecryption variable libraries.
These will be used by default.

Cc: Jian J Wang 
Cc: Jiewen Yao 
Cc: Nishant C Mistry 
Signed-off-by: Judah Vang 
---
 SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariableLibNull.inf |  
38 +++
 SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariable.c  | 
107 
 SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariableLibNull.uni |  
16 +++
 3 files changed, 161 insertions(+)

diff --git 
a/SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariableLibNull.inf 
b/SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariableLibNull.inf
new file mode 100644
index ..ff5631b336eb
--- /dev/null
+++ 
b/SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariableLibNull.inf
@@ -0,0 +1,38 @@
+## @file
+#  Provides NULL version of encryption variable services.
+#
+#  Copyright (c) 2015 - 2022, Intel Corporation. All rights reserved.
+#
+#  SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+  INF_VERSION= 0x00010005
+  BASE_NAME  = EncryptionVariableLibNull
+  MODULE_UNI_FILE= EncryptionVariableLib.uni
+  FILE_GUID  = 3972E6FE-74D5-45C3-A9FB-DB9E5E5C9C17
+  MODULE_TYPE= BASE
+  VERSION_STRING = 1.0
+  LIBRARY_CLASS  = EncryptionVariableLib
+
+#
+# The following information is for reference only and not required by the 
build tools.
+#
+#  VALID_ARCHITECTURES   = IA32 X64
+#
+
+[Sources]
+  EncryptionVariable.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+  MdeModulePkg/MdeModulePkg.dec
+  SecurityPkg/SecurityPkg.dec
+
+[LibraryClasses]
+  BaseLib
+  DebugLib
+
+[Guids]
+
diff --git a/SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariable.c 
b/SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariable.c
new file mode 100644
index ..58a4ae9f4282
--- /dev/null
+++ b/SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariable.c
@@ -0,0 +1,107 @@
+/** @file
+  The common variable operation routines shared by DXE_RUNTIME variable
+  module and DXE_SMM variable module.
+
+  Caution: This module requires additional review when modified.
+  This driver will have external input - variable data. They may be input in 
SMM mode.
+  This external input must be validated carefully to avoid security issue like
+  buffer overflow, integer overflow.
+
+  VariableServiceGetNextVariableName () and VariableServiceQueryVariableInfo() 
are external API.
+  They need check input parameter.
+
+  VariableServiceGetVariable() and VariableServiceSetVariable() are external 
API
+  to receive datasize and data buffer. The size should be checked carefully.
+
+  VariableServiceSetVariable() should also check authenticate data to avoid 
buffer overflow,
+  integer overflow. It should also check attribute to avoid authentication 
bypass.
+
+Copyright (c) 2019 - 2022, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include 
+
+#include 
+#include 
+
+/**
+  Encrypt variable data.
+
+  Null version.
+
+  @param[in, out]   VarEncInfo   Pointer to structure containing detailed
+ information about a variable.
+
+  @retval EFI_UNSUPPORTED Unsupported to encrypt variable.
+
+**/
+EFI_STATUS
+EFIAPI
+EncryptVariable (
+  IN OUT VARIABLE_ENCRYPTION_INFO  *VarEncInfo
+  )
+{
+  return EFI_UNSUPPORTED;
+}
+
+/**
+  Decrypt variable data.
+
+  Null version.
+
+  @param[in, out]   VarEncInfo   Pointer to structure containing detailed
+ information about a variable.
+
+  @retval EFI_UNSUPPORTED Unsupported to encrypt variable.
+
+**/
+EFI_STATUS
+EFIAPI
+DecryptVariable (
+  IN OUT VARIABLE_ENCRYPTION_INFO  *VarEncInfo
+  )
+{
+  return EFI_UNSUPPORTED;
+}
+
+/**
+  Get cipher information.
+
+  Null version.
+
+  @param[in]   VarEncInfo   Pointer to structure containing detailed
+information about a variable.
+
+  @retval EFI_UNSUPPORTED Unsupported interface.
+
+**/
+EFI_STATUS
+EFIAPI
+GetCipherDataInfo (
+  IN VARIABLE_ENCRYPTION_INFO  *VarEncInfo
+  )
+{
+  return EFI_UNSUPPORTED;
+}
+
+/**
+  Set cipher information for a variable.
+
+  Null version.
+
+  @param[in]   VarEncInfo   Pointer to structure containing detailed
+information about a variable.
+
+  @retval EFI_UNSUPPORTED If this method is not supported.
+
+**/
+EFI_STATUS
+EFIAPI
+SetCipherDataInfo (
+  IN VARIABLE_ENCRYPTION_INFO  *VarEncInfo
+  )
+{
+  return EFI_UNSUPPORTED;
+}
diff --git 
a/SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariableLibNull.uni 
b/SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariableLibNull.uni
new file mode 100644
index ..856fa201b8df
--- /dev/null
+++ 
b/SecurityPkg/Library/Encryption

[edk2-devel] [PATCH v1 11/28] SecurityPkg: Update RPMC APIs with index

[Judah Vang]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594

Update RPMC APIs with index parameter.

Cc: Jian J Wang 
Cc: Jiewen Yao 
Cc: Nishant C Mistry 
Signed-off-by: Judah Vang 
---
 SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c | 8 ++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c 
b/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c
index 792e48250e5d..557aeb6abf09 100644
--- a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c
+++ b/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c
@@ -1,7 +1,7 @@
 /** @file
   NULL RpmcLib instance for build purpose.
 
-Copyright (c) 2020, Intel Corporation. All rights reserved.
+Copyright (c) 2020 - 2022, Intel Corporation. All rights reserved.
 SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
@@ -12,6 +12,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 /**
   Requests the monotonic counter from the designated RPMC counter.
 
+  @param[in]CounterIndexThe RPMC index
   @param[out]   CounterValueA pointer to a buffer to store the 
RPMC value.
 
   @retval   EFI_SUCCESS The operation completed successfully.
@@ -21,6 +22,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 EFI_STATUS
 EFIAPI
 RequestMonotonicCounter (
+  IN  UINT8   CounterIndex,
   OUT UINT32  *CounterValue
   )
 {
@@ -31,6 +33,8 @@ RequestMonotonicCounter (
 /**
   Increments the monotonic counter in the SPI flash device by 1.
 
+  @param[in]CounterIndexThe RPMC index
+
   @retval   EFI_SUCCESS The operation completed successfully.
   @retval   EFI_DEVICE_ERRORA device error occurred while 
attempting to update the counter.
   @retval   EFI_UNSUPPORTED The operation is un-supported.
@@ -38,7 +42,7 @@ RequestMonotonicCounter (
 EFI_STATUS
 EFIAPI
 IncrementMonotonicCounter (
-  VOID
+  IN  UINT8  CounterIndex
   )
 {
   ASSERT (FALSE);
-- 
2.26.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88042): https://edk2.groups.io/g/devel/message/88042
Mute This Topic: https://groups.io/mt/90035385/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 10/28] SecurityPkg: Add new KeyService types and defines

[Judah Vang]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594

Add new KeyService types and defines.

Cc: Jian J Wang 
Cc: Jiewen Yao 
Cc: Nishant C Mistry 
Signed-off-by: Judah Vang 
---
 SecurityPkg/Include/Ppi/KeyServicePpi.h | 57 
 1 file changed, 57 insertions(+)

diff --git a/SecurityPkg/Include/Ppi/KeyServicePpi.h 
b/SecurityPkg/Include/Ppi/KeyServicePpi.h
new file mode 100644
index ..f126913d2d81
--- /dev/null
+++ b/SecurityPkg/Include/Ppi/KeyServicePpi.h
@@ -0,0 +1,57 @@
+/** @file
+  Provides Key Services.
+
+Copyright (c) 2008 - 2018, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+@par Specification Reference:
+**/
+
+#ifndef PEI_KEY_SERVICE_PPI_H_
+#define PEI_KEY_SERVICE_PPI_H_
+///
+/// KEY SERVICE PPI GUID
+///
+extern EFI_GUID  gKeyServicePpiGuid;
+
+/**
+  Generate a new key from root key.
+
+  @param[in]   Salt Pointer to the salt(non-secret) value.
+  @param[in]   SaltSize Salt size in bytes.
+  @param[out]  NewKey   Pointer to buffer to receive new key.
+  @param[in]   NewKeySize   Size of new key bytes to generate.
+
+  @retval EFI_SUCCESS   The function completed successfully
+  @retval OTHER The function completed with failure.
+**/
+typedef
+EFI_STATUS
+(EFIAPI *KEY_SERVICE_GEN_KEY)(
+  IN   UINT8*Salt,
+  IN   UINTNSaltSize,
+  OUT  UINT8*NewKey,
+  IN   UINTNNewKeySize
+  );
+
+#define KEY_SERVICE_PPI_REVISION  1
+#define ROOT_KEY_LEN  64
+#define SALT_SIZE_MIN_LEN 64
+#define KEY_SERVICE_KEY_NAME  L"KEY_SERVICE_KEY"
+
+typedef struct {
+  UINT8RootKey[ROOT_KEY_LEN];
+  UINT8PreviousRootKey[ROOT_KEY_LEN];
+} KEY_SERVICE_DATA;
+
+typedef struct _KEY_SERVICE_PPI KEY_SERVICE_PPI;
+
+///
+/// KEY SERVICE PPI
+/// The interface functions are for Key Service in PEI Phase
+///
+struct _KEY_SERVICE_PPI {
+  KEY_SERVICE_GEN_KEYGenerateKey; /// Generate Key
+};
+
+#endif
-- 
2.26.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88041): https://edk2.groups.io/g/devel/message/88041
Mute This Topic: https://groups.io/mt/90035384/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 07/28] MdeModulePkg: Add Null ProtectedVariable Library

[Judah Vang]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594

Add Null ProtectedVariable Library.

Cc: Jian J Wang 
Cc: Liming Gao 
Cc: Nishant C Mistry 
Signed-off-by: Judah Vang 
---
 MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull.inf |  
34 ++
 MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariable.c  | 
449 
 2 files changed, 483 insertions(+)

diff --git 
a/MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull.inf 
b/MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull.inf
new file mode 100644
index ..6a17191c4e1e
--- /dev/null
+++ b/MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull.inf
@@ -0,0 +1,34 @@
+## @file
+#  Provides null version of protected variable services.
+#
+#  Copyright (c) 2022, Intel Corporation. All rights reserved.
+#  SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+  INF_VERSION= 0x00010029
+  BASE_NAME  = ProtectedVariableLibNull
+  FILE_GUID  = 352C6A1B-403A-4E37-8517-FAA50BC45251
+  MODULE_TYPE= BASE
+  VERSION_STRING = 0.1
+  LIBRARY_CLASS  = ProtectedVariableLib
+
+#
+# The following information is for reference only and not required by the 
build tools.
+#
+#  VALID_ARCHITECTURES   = IA32 X64
+#
+
+[Sources]
+  ProtectedVariable.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+  MdeModulePkg/MdeModulePkg.dec
+
+[LibraryClasses]
+  BaseLib
+  BaseMemoryLib
+  DebugLib
+
diff --git a/MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariable.c 
b/MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariable.c
new file mode 100644
index ..cc1e16c1a671
--- /dev/null
+++ b/MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariable.c
@@ -0,0 +1,449 @@
+/** @file
+  NULL version of ProtectedVariableLib used to disable protected variable 
services.
+
+Copyright (c) 2022, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include 
+#include 
+
+#include 
+#include 
+#include 
+
+/**
+
+  Initialization for protected varibale services.
+
+  @param[in]  ContextIn   Pointer to variable service context needed by
+  protected variable.
+
+  @retval EFI_UNSUPPORTED   Unsupported to process protected variable.
+
+**/
+EFI_STATUS
+EFIAPI
+ProtectedVariableLibInitialize (
+  IN  PROTECTED_VARIABLE_CONTEXT_IN  *ContextIn
+  )
+{
+  return EFI_UNSUPPORTED;
+}
+
+/**
+
+  Get a verified copy of NV variable storage.
+
+  @param[out] VariableFvHeader  Pointer to the header of whole NV 
firmware volume.
+  @param[out] VariableStoreHeader   Pointer to the header of variable 
storage.
+
+  @retval EFI_UNSUPPORTED   Unsupported to process protected variable.
+
+**/
+EFI_STATUS
+EFIAPI
+ProtectedVariableLibGetStore (
+  OUT EFI_FIRMWARE_VOLUME_HEADER  **VariableFvHeader,
+  OUT VARIABLE_STORE_HEADER   **VariableStoreHeader
+  )
+{
+  return EFI_UNSUPPORTED;
+}
+
+/**
+
+  Prepare for variable update.
+
+  @retval EFI_UNSUPPORTED   Unsupported to process protected variable.
+
+**/
+EFI_STATUS
+EFIAPI
+ProtectedVariableLibWriteInit (
+  VOID
+  )
+{
+  return EFI_UNSUPPORTED;
+}
+
+/**
+
+  Update a variable with protection provided by this library.
+
+  @param[in,out]  CurrVariableVariable to be updated. It's NULL if
+  adding a new variable.
+  @param[in]  CurrVariableInDel   In-delete-transiion copy of updating 
variable.
+  @param[in,out]  NewVariable Buffer of new variable data.
+  Buffer of "MetaDataHmacVar" and new
+  variable (encrypted).
+  @param[in,out]  NewVariableSize Size of NewVariable.
+  Size of (encrypted) NewVariable and
+  "MetaDataHmacVar".
+
+  @retval EFI_UNSUPPORTED   Unsupported to process protected variable.
+
+**/
+EFI_STATUS
+EFIAPI
+ProtectedVariableLibUpdate (
+  IN  OUT VARIABLE_HEADER  *CurrVariable,
+  IN  VARIABLE_HEADER  *CurrVariableInDel,
+  IN  OUT VARIABLE_HEADER  *NewVariable,
+  IN  OUT UINTN*NewVariableSize
+  )
+{
+  return EFI_UNSUPPORTED;
+}
+
+/**
+
+  Finalize a variable updating after it's written to NV variable storage
+  successfully.
+
+  @param[in]  NewVariable   Buffer of new variables and 
MetaDataHmacVar.
+  @param[in]  VariableSize  Size of buffer pointed by NewVariable.
+  @param[in]  StoreIndexNew index of the variable in store.
+
+  @retval EFI_UNSUPPORTED   Unsupported to process protected variable.
+
+**/
+EFI_STATUS
+EFIAPI
+ProtectedVariableLibWriteFinal (
+  IN  VARIABLE_HEADER  *NewVariable,
+  IN  UINTNVariableSize,
+  IN  UINT64   StoreIndex
+  )
+{
+  return EFI_UNSUPPORTED;
+}
+

[edk2-devel] [PATCH v1 06/28] MdeModulePkg: Add new include files

[Judah Vang]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594

Add EncryptionVariableLib.h for confidentiality
and ProtectedVariableLib.h for integrity

Cc: Jian J Wang 
Cc: Liming Gao 
Cc: Nishant C Mistry 
Signed-off-by: Judah Vang 
---
 MdeModulePkg/Include/Library/EncryptionVariableLib.h | 165 +
 MdeModulePkg/Include/Library/ProtectedVariableLib.h  | 700 
 2 files changed, 865 insertions(+)

diff --git a/MdeModulePkg/Include/Library/EncryptionVariableLib.h 
b/MdeModulePkg/Include/Library/EncryptionVariableLib.h
new file mode 100644
index ..c7740e659dcf
--- /dev/null
+++ b/MdeModulePkg/Include/Library/EncryptionVariableLib.h
@@ -0,0 +1,165 @@
+/** @file
+  Provides services to encrypt/decrypt variables.
+
+Copyright (c) 2022, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef ENCRYPTION_VARIABLE_LIB_H_
+#define ENCRYPTION_VARIABLE_LIB_H_
+
+#include 
+
+#include 
+
+#include 
+
+#define ENC_TYPE_NULL  0
+#define ENC_TYPE_AES   TPM_ALG_AES
+
+typedef struct  _VARIABLE_ENCRYPTION_FLAGS {
+  BOOLEANAuth;// Variable is authenticated or not
+  BOOLEANDecryptInPlace;  // Do decryption in place
+  BOOLEANProtected;   // Variable is protected or not
+} VARIABLE_ENCRYPTION_FLAGS;
+
+typedef struct _VARIABLE_ENCRYPTION_INFO {
+  AUTH_VARIABLE_INFO   Header;// Authenticated varabile 
header
+  VARIABLE_HEADER  *Buffer;   // Pointer to variable buffer
+  UINT64   StoreIndex;// Variable store index
+  VOID *PlainData;// Pointer to plain data
+  UINT32   PlainDataSize; // Size of plain data
+  VOID *CipherData;   // Pointer to cipher data
+  UINT32   CipherDataSize;// Size of cipher data
+  UINT32   CipherHeaderSize;  // Size of cipher header
+  UINT32   CipherDataType;// Type of cipher data
+  VOID *Key;  // Pointer to 
encrypt/decrypt key
+  UINT32   KeySize;   // Size of key
+  VARIABLE_ENCRYPTION_FLAGSFlags; // Encryption flags
+} VARIABLE_ENCRYPTION_INFO;
+
+/**
+  Encrypt variable data.
+
+  @param[in, out]   VarInfo   Pointer to structure containing detailed 
information about a variable.
+
+  @retval EFI_SUCCESS   Function successfully executed.
+  @retval EFI_INVALID_PARAMETER If ProtectedVarLibContextIn == NULL or 
ProtectedVarLibContextOut == NULL.
+  @retval EFI_OUT_OF_RESOURCES  Fail to allocate enough resource.
+  @retval EFI_UNSUPPORTED   Unsupported to process authenticated 
variable.
+
+**/
+EFI_STATUS
+EFIAPI
+EncryptVariable (
+  IN OUT VARIABLE_ENCRYPTION_INFO  *VarInfo
+  );
+
+/**
+  Decrypt variable data.
+
+  If VarEncInfo->CipherData is not NULL, it must holds the cipher data to be
+  decrypted. Otherwise, assume the cipher data from variable data buffer, i.e.
+  VarEncInfo->Header.Data.
+
+  If VarEncInfo->Flags.DecryptInPlace is TRUE, the decrypted data will be put
+  back in the same buffer as cipher buffer got above, after encryption header,
+  which helps to identify later if the data in buffer is decrypted or not. This
+  can avoid repeat decryption when accessing the same variable more than once.
+
+  If VarEncInfo->Flags.DecryptInPlace is FALSE, VarEncInfo->PlainData must be
+  passed in with a valid buffer with VarEncInfo->PlainDataSize set correctly
+  with its size.
+
+  Note the VarEncInfo->PlainData is always pointing to the buffer address with
+  decrypted data without encryption header, and VarEncInfo->PlainDataSize is
+  always the size of original variable data, if this function returned
+  successfully.
+
+  @param[in, out]   VarInfo   Pointer to structure containing detailed
+  information about a variable.
+
+  @retval EFI_SUCCESS Variable was decrypted successfully.
+  @retval EFI_INVALID_PARAMETER   Variable information in VarEncInfo is 
invalid.
+  @retval EFI_BUFFER_TOO_SMALLVarEncInfo->PlainData is not NULL but
+  VarEncInfo->PlainDataSize is too small.
+  @retval EFI_ABORTED Uknown error occurred during decrypting.
+  @retval EFI_OUT_OF_RESOURCESFail to allocate enough resource.
+  @retval EFI_COMPROMISED_DATAThe cipher header is not valid.
+  @retval EFI_UNSUPPORTED Unsupported to encrypt variable.
+
+**/
+EFI_STATUS
+EFIAPI
+DecryptVariable (
+  IN OUT VARIABLE_ENCRYPTION_INFO  *VarInfo
+  );
+
+/**
+  Get cipher information about a variable, including plaindata size,
+  cipher algorithm type, etc.
+
+  For data passed in with VarEncInfo,
+
+VarEncInfo->Header.Data
+  - The variable data in normal variable structure.
+VarEncInfo->Header.DataSize
+  - The size of variable data.
+
+  For data passed out with VarEncInf

[edk2-devel] [PATCH v1 08/28] MdeModulePkg: Add new Variable functionality

[Judah Vang]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594

Provide new APIs for retrieving variable information.
Add new function stubs for retrieving Protected
variable information.

Cc: Jian J Wang 
Cc: Liming Gao 
Cc: Nishant C Mistry 
Signed-off-by: Judah Vang 
---
 MdeModulePkg/Universal/Variable/Pei/VariablePei.inf   |  10 +-
 MdeModulePkg/Universal/Variable/Pei/Variable.h|  80 +-
 MdeModulePkg/Universal/Variable/Pei/VariableParsing.h | 309 +++
 MdeModulePkg/Universal/Variable/Pei/VariableStore.h   | 116 +++
 MdeModulePkg/Universal/Variable/Pei/Variable.c| 886 +++---
 MdeModulePkg/Universal/Variable/Pei/VariableParsing.c | 941 

 MdeModulePkg/Universal/Variable/Pei/VariableStore.c   | 305 +++
 7 files changed, 1891 insertions(+), 756 deletions(-)

diff --git a/MdeModulePkg/Universal/Variable/Pei/VariablePei.inf 
b/MdeModulePkg/Universal/Variable/Pei/VariablePei.inf
index 7cbdd2385e8f..af172126a011 100644
--- a/MdeModulePkg/Universal/Variable/Pei/VariablePei.inf
+++ b/MdeModulePkg/Universal/Variable/Pei/VariablePei.inf
@@ -3,7 +3,7 @@
 #
 #  This module implements ReadOnly Variable Services required by PEIM and 
installs PEI ReadOnly Varaiable2 PPI.
 #
-#  Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.
+#  Copyright (c) 2006 - 2022, Intel Corporation. All rights reserved.
 #  SPDX-License-Identifier: BSD-2-Clause-Patent
 #
 ##
@@ -26,6 +26,10 @@ [Defines]
 [Sources]
   Variable.c
   Variable.h
+  VariableStore.c
+  VariableStore.h
+  VariableParsing.c
+  VariableParsing.h
 
 [Packages]
   MdePkg/MdePkg.dec
@@ -39,6 +43,7 @@ [LibraryClasses]
   DebugLib
   PeiServicesTablePointerLib
   PeiServicesLib
+  ProtectedVariableLib
 
 [Guids]
   ## CONSUMES ## GUID # Variable store header
@@ -56,7 +61,8 @@ [Guids]
   gEdkiiFaultTolerantWriteGuid
 
 [Ppis]
-  gEfiPeiReadOnlyVariable2PpiGuid   ## PRODUCES
+  gEfiPeiReadOnlyVariable2PpiGuid## PRODUCES
+  gEfiPeiVariableStoreDiscoveredPpiGuid  ## CONSUMES
 
 [Pcd]
   gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase  ## 
SOMETIMES_CONSUMES
diff --git a/MdeModulePkg/Universal/Variable/Pei/Variable.h 
b/MdeModulePkg/Universal/Variable/Pei/Variable.h
index 7f9ad5bfc357..115426edd626 100644
--- a/MdeModulePkg/Universal/Variable/Pei/Variable.h
+++ b/MdeModulePkg/Universal/Variable/Pei/Variable.h
@@ -2,7 +2,7 @@
   The internal header file includes the common header files, defines
   internal structure and functions used by PeiVariable module.
 
-Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.
+Copyright (c) 2006 - 2022, Intel Corporation. All rights reserved.
 SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
@@ -20,11 +20,13 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #include 
 #include 
 #include 
+#include 
 
 #include 
 #include 
 #include 
 #include 
+#include 
 
 typedef enum {
   VariableStoreTypeHob,
@@ -142,4 +144,80 @@ PeiGetNextVariableName (
   IN OUT EFI_GUID*VariableGuid
   );
 
+/**
+  This service retrieves a variable's value using its name and GUID.
+
+  Read the specified variable from the UEFI variable store. If the Data
+  buffer is too small to hold the contents of the variable, the error
+  EFI_BUFFER_TOO_SMALL is returned and DataSize is set to the required buffer
+  size to obtain the data.
+
+  @param  This  A pointer to this instance of the 
EFI_PEI_READ_ONLY_VARIABLE2_PPI.
+  @param  VariableName  A pointer to a null-terminated string that is 
the variable's name.
+  @param  VariableGuid  A pointer to an EFI_GUID that is the 
variable's GUID. The combination of
+VariableGuid and VariableName must be unique.
+  @param  AttributesIf non-NULL, on return, points to the 
variable's attributes.
+  @param  DataSize  On entry, points to the size in bytes of the 
Data buffer.
+On return, points to the size of the data 
returned in Data.
+  @param  Data  Points to the buffer which will hold the 
returned variable value.
+May be NULL with a zero DataSize in order to 
determine the size of the buffer needed.
+
+  @retval EFI_SUCCESS   The variable was read successfully.
+  @retval EFI_NOT_FOUND The variable was not found.
+  @retval EFI_BUFFER_TOO_SMALL  The DataSize is too small for the resulting 
data.
+DataSize is updated with the size required for
+the specified variable.
+  @retval EFI_INVALID_PARAMETER VariableName, VariableGuid, DataSize or Data 
is NULL.
+  @retval EFI_DEVICE_ERROR  The variable could not be retrieved because of 
a device error.
+
+**/
+EFI_STATUS
+EFIAPI
+PeiGetVariableEx (
+  IN CONST  EFI_PEI_READ_ONLY_VARIABLE2_PPI  *This,
+  IN CONST  CHAR16   *VariableName,
+  IN CONST  EFI_GUID 

[edk2-devel] [PATCH v1 05/28] MdeModulePkg: Add new ProtectedVariable GUIDs

[Judah Vang]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594

Add new ProtectVariable GUIDs.

Cc: Jian J Wang 
Cc: Liming Gao 
Cc: Nishant C Mistry 
Signed-off-by: Judah Vang 
---
 MdeModulePkg/Include/Guid/ProtectedVariable.h | 22 
 1 file changed, 22 insertions(+)

diff --git a/MdeModulePkg/Include/Guid/ProtectedVariable.h 
b/MdeModulePkg/Include/Guid/ProtectedVariable.h
new file mode 100644
index ..0c6e19e0456b
--- /dev/null
+++ b/MdeModulePkg/Include/Guid/ProtectedVariable.h
@@ -0,0 +1,22 @@
+/** @file
+  The GUID definitions specific for protected variable services.
+
+Copyright (c) 2022, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef PROTECTED_VARIABLE_H_
+#define PROTECTED_VARIABLE_H_
+
+#define EDKII_PROTECTED_VARIABLE_GLOBAL_GUID \
+  { 0x8ebf379a, 0xf18e, 0x4728, { 0xa4, 0x10, 0x0, 0xcf, 0x9a, 0x65, 0xbe, 
0x91 } }
+
+#define EDKII_METADATA_HMAC_VARIABLE_GUID \
+  { 0xb54cda50, 0xec54, 0x4b20, { 0x85, 0xb4, 0x57, 0xbf, 0x52, 0x98, 0x68, 
0x3d } }
+
+extern EFI_GUID  gEdkiiProtectedVariableGlobalGuid;
+extern EFI_GUID  gEdkiiMetaDataHmacVariableGuid;
+extern EFI_GUID  gEdkiiProtectedVariableContextGuid;
+
+#endif // __PROTECTED_VARIABLE_H__
-- 
2.26.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88036): https://edk2.groups.io/g/devel/message/88036
Mute This Topic: https://groups.io/mt/90035379/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 04/28] MdeModulePkg: Add reference to new Ppi Guid

[Judah Vang]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594

Add reference to gEfiPeiVariableStoreDiscoveredPpiGuid

Cc: Jian J Wang 
Cc: Liming Gao 
Cc: Nishant C Mistry 
Signed-off-by: Judah Vang 
---
 MdePkg/Include/Ppi/ReadOnlyVariable2.h | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/MdePkg/Include/Ppi/ReadOnlyVariable2.h 
b/MdePkg/Include/Ppi/ReadOnlyVariable2.h
index 926c0bc82a43..c5a8470565bb 100644
--- a/MdePkg/Include/Ppi/ReadOnlyVariable2.h
+++ b/MdePkg/Include/Ppi/ReadOnlyVariable2.h
@@ -2,7 +2,7 @@
   This file declares Read-only Variable Service2 PPI.
   This ppi permits read-only access to the UEFI variable store during the PEI 
phase.
 
-Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2006 - 2022, Intel Corporation. All rights reserved.
 SPDX-License-Identifier: BSD-2-Clause-Patent
 
   @par Revision Reference:
@@ -106,4 +106,6 @@ struct _EFI_PEI_READ_ONLY_VARIABLE2_PPI {
 
 extern EFI_GUID  gEfiPeiReadOnlyVariable2PpiGuid;
 
+extern EFI_GUID  gEfiPeiVariableStoreDiscoveredPpiGuid;
+
 #endif
-- 
2.26.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88035): https://edk2.groups.io/g/devel/message/88035
Mute This Topic: https://groups.io/mt/90035343/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 02/28] SecurityPkg: Add new GUIDs

[Judah Vang]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594

Add new GUIDs

Cc: Jian J Wang 
Cc: Jiewen Yao 
Cc: Nishant C Mistry 
Signed-off-by: Judah Vang 
---
 SecurityPkg/SecurityPkg.dec | 43 +++-
 1 file changed, 42 insertions(+), 1 deletion(-)

diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec
index 9f7a032d60d5..ea88908ea7d2 100644
--- a/SecurityPkg/SecurityPkg.dec
+++ b/SecurityPkg/SecurityPkg.dec
@@ -5,7 +5,7 @@
 #  It also provides the definitions(including PPIs/PROTOCOLs/GUIDs and library 
classes)
 #  and libraries instances, which are used for those features.
 #
-# Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.
+# Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.
 # (C) Copyright 2015 Hewlett Packard Enterprise Development LP 
 # Copyright (c) Microsoft Corporation.
 # SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -217,6 +217,18 @@ [Guids]
   ## GUID used to specify section with default dbt content
   gDefaultdbtFileGuid= { 0x36c513ee, 0xa338, 0x4976, { 0xa0, 
0xfb, 0x6d, 0xdb, 0xa3, 0xda, 0xfe, 0x87 } }
 
+  ## Include/Guid/ProtectedVariable.h
+  # {8EBF379A-F18E-4728-A410-00CF9A65BE91}
+  gEdkiiProtectedVariableGlobalGuid = { 0x8ebf379a, 0xf18e, 0x4728, { 0xa4, 
0x10, 0x0, 0xcf, 0x9a, 0x65, 0xbe, 0x91 } }
+
+  ## Include/Guid/ProtectedVariable.h
+  # {e3e890ad-5b67-466e-904f-94ca7e9376bb}
+  gEdkiiMetaDataHmacVariableGuid = {0xe3e890ad, 0x5b67, 0x466e, {0x90, 0x4f, 
0x94, 0xca, 0x7e, 0x93, 0x76, 0xbb}}
+
+  ## Include/Guid/ProtectedVariable.h
+  # {a11a3652-875b-495a-b097-200917580b98}
+  gEdkiiProtectedVariableContextGuid = {0xa11a3652, 0x875b, 0x495a, {0xb0, 
0x97, 0x20, 0x09, 0x17, 0x58, 0x0b, 0x98} }
+
 [Ppis]
   ## The PPI GUID for that TPM physical presence should be locked.
   # Include/Ppi/LockPhysicalPresence.h
@@ -242,6 +254,10 @@ [Ppis]
   ## Include/Ppi/Tcg.h
   gEdkiiTcgPpiGuid = {0x57a13b87, 0x133d, 0x4bf3, { 0xbf, 0xf1, 0x1b, 0xca, 
0xc7, 0x17, 0x6c, 0xf1 } }
 
+  ## Key Service Ppi
+  # Include/Ppi/KeyServicePpi.h
+  gKeyServicePpiGuid = {0x583592f6, 0xEC34, 0x4CED, {0x8E, 0x81, 0xC8, 0xD1, 
0x36, 0x93, 0x04, 0x27}}
+
 #
 # [Error.gEfiSecurityPkgTokenSpaceGuid]
 #   0x8001 | Invalid value provided.
@@ -325,6 +341,31 @@ [PcdsFixedAtBuild, PcdsPatchableInModule]
 
   
gEfiSecurityPkgTokenSpaceGuid.PcdCpuRngSupportedAlgorithm|{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}|VOID*|0x00010032
 
+  ## Progress Code for variable integrity check result.
+  #  DEFAULT: (EFI_PERIPHERAL_FIXED_MEDIA | [EFI_STATUS&0xFF])
+  # @Prompt Status Code for variable integiry check result
+  
gEfiSecurityPkgTokenSpaceGuid.PcdStatusCodeVariableIntegrity|0x0107|UINT32|0x00010033
+
+  ## Null-terminated Unicode string of the Platform Variable Name
+  # @Prompt known unprotected variable name
+  gEfiSecurityPkgTokenSpaceGuid.PcdPlatformVariableName|L""|VOID*|0x00010034
+
+  ## Guid name to identify Platform Variable Guid
+  # @Prompt known unprotected variable guid
+  gEfiSecurityPkgTokenSpaceGuid.PcdPlatformVariableGuid|{ 0x00, 0x00, 0x00, 
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 
}|VOID*|0x00010035
+
+  ## Defines Protected Variable Integrity support.
+  #   TRUE  - Enable Protected Variable Integrity.
+  #   FALSE - Disable Protected Variable Integrity.
+  # @Prompt Protected Variable Integrity support.
+  
gEfiSecurityPkgTokenSpaceGuid.PcdProtectedVariableIntegrity|FALSE|BOOLEAN|0x00010036
+
+  ## Defines Protected Variable Confidentiality support.
+  #   TRUE  - Enable Protected Variable Confidentiality.
+  #   FALSE - Disable Protected Variable Confidentiality.
+  # @Prompt Protected Variable Integrity support.
+  
gEfiSecurityPkgTokenSpaceGuid.PcdProtectedVariableConfidentiality|FALSE|BOOLEAN|0x00010037
+
 [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]
   ## Image verification policy for OptionRom. Only following values are 
valid:
   #  NOTE: Do NOT use 0x5 and 0x2 since it violates the UEFI specification and 
has been removed.
-- 
2.26.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88034): https://edk2.groups.io/g/devel/message/88034
Mute This Topic: https://groups.io/mt/90035280/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 01/28] MdeModulePkg: Add a new GUID

[Judah Vang]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594

Add a new Variable Store Guid.

Cc: Jian J Wang 
Cc: Liming Gao 
Cc: Nishant C Mistry 
Signed-off-by: Judah Vang 
---
 MdeModulePkg/MdeModulePkg.dec | 13 -
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec
index 40601c95832b..681607db0da6 100644
--- a/MdeModulePkg/MdeModulePkg.dec
+++ b/MdeModulePkg/MdeModulePkg.dec
@@ -4,7 +4,7 @@
 # and libraries instances, which are used for those modules.
 #
 # Copyright (c) 2019, NVIDIA CORPORATION. All rights reserved.
-# Copyright (c) 2007 - 2021, Intel Corporation. All rights reserved.
+# Copyright (c) 2007 - 2022, Intel Corporation. All rights reserved.
 # Copyright (c) 2016, Linaro Ltd. All rights reserved.
 # (C) Copyright 2016 - 2019 Hewlett Packard Enterprise Development LP
 # Copyright (c) 2017, AMD Incorporated. All rights reserved.
@@ -93,6 +93,14 @@ [LibraryClasses]
   #
   TpmMeasurementLib|Include/Library/TpmMeasurementLib.h
 
+  ## @libraryclass  Provides interfaces to encrypt/decrypt variable.
+  #
+  EncryptionVariableLib|Include/Library/EncryptionVariableLib.h
+
+  ## @libraryclass  Provides interfaces to encrypt/decrypt variable.
+  #
+  ProtectedVariableLib|Include/Library/ProtectedVariableLib.h
+
   ## @libraryclass  Provides authenticated variable services.
   #
   AuthVariableLib|Include/Library/AuthVariableLib.h
@@ -505,6 +513,9 @@ [Ppis]
   gEdkiiPeiCapsuleOnDiskPpiGuid = { 0x71a9ea61, 0x5a35, 0x4a5d, { 
0xac, 0xef, 0x9c, 0xf8, 0x6d, 0x6d, 0x67, 0xe0 } }
   gEdkiiPeiBootInCapsuleOnDiskModePpiGuid   = { 0xb08a11e4, 0xe2b7, 0x4b75, { 
0xb5, 0x15, 0xaf, 0x61, 0x6, 0x68, 0xbf, 0xd1  } }
 
+  ## Include/Ppi/ReadOnlyVariable2.h
+  gEfiPeiVariableStoreDiscoveredPpiGuid = { 0xa2fc038d, 0xfdf5, 0x4501, { 
0xaf, 0x8e, 0x69, 0xb0, 0x20, 0xec, 0xe6, 0x63 } }
+
 [Protocols]
   ## Load File protocol provides capability to load and unload EFI image into 
memory and execute it.
   #  Include/Protocol/LoadPe32Image.h
-- 
2.26.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88033): https://edk2.groups.io/g/devel/message/88033
Mute This Topic: https://groups.io/mt/90033942/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] Question about UEFI, AddressSanitizer and MMU mappings

[Pedro Falcato]

Andrew, Marvin,

Thanks for the quick responses.

I'll give you a rundown of asan/kasan: You create a big (16TB in PML5-less
x86) virtual mapping for ASAN, each byte in the shadow map represents 8
bytes of address space, and you poison/unpoison memory as you go and
allocate chunks of the address space (usually through malloc, but in our
case, AllocatePool()/AllocatePages(), I imagine). Since the only thing you
have is a large contiguous virtual mapping, you need to either take a page
fault and create mappings on the address space as you go along (very
possible in user-space, usually not possible in kernel space and I assume
UEFI), or you need to do fun stuff w/ page tables; usually, this means that
you set up some page tables pointing to a zero page and remap those same
page tables all over the virtual mapping; after taking a look at all our
available memory, we allocate shadow pages for those (so you can RW to
them).

Note that going a different route (with some data structure instead of the
big mapping) is possible but, if you do, you can't use the faster inline
ASAN that clang/gcc can generate for you (which do these same memory
accesses, but inlined instead of doing e.g call __asan_load_8).

So yeah, if SetMemoryAttributes is the only thing we have, we're going to
need some support MMU code for each architecture.

Since adding AddressSanitizer support is pretty involved (build system +
actual ASAN code + MMU support code for each arch), I feel like it would be
a good large project for this year. I also feel tempted to throw UBSan into
the mix and just call it "Add LLVM Sanitizer support to EDK2", but I don't
know if that's too much for a GSoC student. Would love some feedback on
this.

Note: I would like to work on this, but since I'll be a mentor this year I
prefer to first see if a student is interested in this project.

Best regards,
Pedro

On Fri, Mar 25, 2022 at 6:42 PM Andrew Fish via groups.io  wrote:

> From an UEFI point of view if you own the memory you can do what you want
> with it. The UEFI Spec does not deal with paging but the PI Spec does have
> abstractions for how the CPU operates via the CPU ARCH Protocol [1].
>
> So for example if you want to write protect the page tables, add guard
> page, or add a stack guard all that is OK and exists today [2].
> PcdNullPointerDetectionPropertyMask
> PcdInitValueInTempStack
> PcdHeapGuardPageType
> PcdHeapGuardPoolType
> PcdHeapGuardPropertyMask
> PcdHeapGuardPageType
> PcdHeapGuardPropertyMask
> PcdCpuStackGuard
>
> Does Asan just need to force page faults? Or does it want to make virtual
> address mappings?
>
> If someone wants to work on ASan (or any of the other sanitizers) I’m
> happy to volunteer to consult.
>
> [1]
> https://github.com/tianocore/edk2/blob/master/MdePkg/Include/Protocol/Cpu.h#L221
> [2]
> https://github.com/tianocore/edk2/blob/master/MdeModulePkg/MdeModulePkg.dec#L979
>
> Thanks,
>
> Andrew Fish
>
> On Mar 25, 2022, at 2:07 AM, Marvin Häuser  wrote:
>
> Hey Pedro,
>
> ASan is somewhat listed for „LLVM Optimizations“.
> A quick and dirty reference for UEFI UBSan can be found here:
> https://github.com/acidanthera/OpenCorePkg/tree/master/Library/OcGuardLib
>
> I don’t think you need to strictly adhere to the UEFI spec for debug
> tooling. I cannot check the code now, but I can imagine things like
> ConvertPointer() will not be happy about non-identity-mapping OOTB. But the
> issues I can think of should be fairly easy to resolve.
>
> Best regards,
> Marvin
>
> On 24. Mar 2022, at 23:32, Pedro Falcato  wrote:
>
> 
> Hi!
>
> I've been thinking about adding sanitizer support (UBSan and KASAN), like
> coreboot already has, to the wiki's Tasks for the upcoming GSoC, but I'm a
> bit confused by something.
> Is there anything in the UEFI spec that stops us from doing non-identity
> memory mappings? I know it specifies the need for the identity mappings (in
> the architectures where it requires the MMU being enabled), but nowhere do
> I see anything about the other parts of the address space.
> Of course, UEFI supporting AddressSanitizer would be kind of dependent on
> fancier memory mappings.
>
> Thanks,
> Pedro
>
>
> 
>
>

-- 
Pedro Falcato


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88032): https://edk2.groups.io/g/devel/message/88032
Mute This Topic: https://groups.io/mt/90010978/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] Question on Iscsi Boot

[brodiepetersen1]

Hello
I am currently using the tianocore uefi running on xcpng and am trying to 
connect an iscsi drive from truenas scale but cant seem to get it to mount. I 
know truenas is exporting the block device as windows can see it but i can not 
get it to mount in the uefi. if any one has an idea id appreciate the help.

Thank you
Regards
Brodie


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88031): https://edk2.groups.io/g/devel/message/88031
Mute This Topic: https://groups.io/mt/90031214/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] Question about UEFI, AddressSanitizer and MMU mappings

[Andrew Fish via groups.io]

>From an UEFI point of view if you own the memory you can do what you want with 
>it. The UEFI Spec does not deal with paging but the PI Spec does have 
>abstractions for how the CPU operates via the CPU ARCH Protocol [1].

So for example if you want to write protect the page tables, add guard page, or 
add a stack guard all that is OK and exists today [2].
PcdNullPointerDetectionPropertyMask
PcdInitValueInTempStack
PcdHeapGuardPageType
PcdHeapGuardPoolType
PcdHeapGuardPropertyMask
PcdHeapGuardPageType
PcdHeapGuardPropertyMask
PcdCpuStackGuard

Does Asan just need to force page faults? Or does it want to make virtual 
address mappings? 

If someone wants to work on ASan (or any of the other sanitizers) I’m happy to 
volunteer to consult. 

[1] 
https://github.com/tianocore/edk2/blob/master/MdePkg/Include/Protocol/Cpu.h#L221
[2] 
https://github.com/tianocore/edk2/blob/master/MdeModulePkg/MdeModulePkg.dec#L979

Thanks,

Andrew Fish

> On Mar 25, 2022, at 2:07 AM, Marvin Häuser  wrote:
> 
> Hey Pedro,
> 
> ASan is somewhat listed for „LLVM Optimizations“.
> A quick and dirty reference for UEFI UBSan can be found here: 
> https://github.com/acidanthera/OpenCorePkg/tree/master/Library/OcGuardLib 
> 
> 
> I don’t think you need to strictly adhere to the UEFI spec for debug tooling. 
> I cannot check the code now, but I can imagine things like ConvertPointer() 
> will not be happy about non-identity-mapping OOTB. But the issues I can think 
> of should be fairly easy to resolve.
> 
> Best regards,
> Marvin
> 
>> On 24. Mar 2022, at 23:32, Pedro Falcato  wrote:
>> 
>> 
>> Hi!
>> 
>> I've been thinking about adding sanitizer support (UBSan and KASAN), like 
>> coreboot already has, to the wiki's Tasks for the upcoming GSoC, but I'm a 
>> bit confused by something.
>> Is there anything in the UEFI spec that stops us from doing non-identity 
>> memory mappings? I know it specifies the need for the identity mappings (in 
>> the architectures where it requires the MMU being enabled), but nowhere do I 
>> see anything about the other parts of the address space.
>> Of course, UEFI supporting AddressSanitizer would be kind of dependent on 
>> fancier memory mappings.
>> 
>> Thanks,
>> Pedro
> 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88030): https://edk2.groups.io/g/devel/message/88030
Mute This Topic: https://groups.io/mt/90010978/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v2 14/17] Silicon/Ampere: Update ArmPlatformLib to work with changed ARM_CORE_INFO

[Leif Lindholm]

Hi Nhi,

On Sun, Dec 19, 2021 at 10:35:41 +0700, Nhi Pham via groups.io wrote:
> Hi Rebecca,
> 
> Leif is merging the rest of Altra port to the edk2-platforms which has SRAT
> ACPI table consuming the CPU Core Info table. Therefore, we will need to fix
> the SRAT too. I would defer the fix until the Altra port is fully merged.
> 
> On 17/12/2021 05:07, Rebecca Cran wrote:
> > The ARM_CORE_INFO struct has been updated so the MPIDR is now a single
> > field instead of separate cluster/core fields. Update ArmPlatformLib.
> > 
> > Signed-off-by: Rebecca Cran 
> > ---
> >   Silicon/Ampere/AmpereAltraPkg/Library/ArmPlatformLib/ArmPlatformLib.c | 5 
> > ++---
> >   1 file changed, 2 insertions(+), 3 deletions(-)
> > 
> > diff --git 
> > a/Silicon/Ampere/AmpereAltraPkg/Library/ArmPlatformLib/ArmPlatformLib.c 
> > b/Silicon/Ampere/AmpereAltraPkg/Library/ArmPlatformLib/ArmPlatformLib.c
> > index 5b4be0e55516..f2ec923d6f8d 100644
> > --- a/Silicon/Ampere/AmpereAltraPkg/Library/ArmPlatformLib/ArmPlatformLib.c
> > +++ b/Silicon/Ampere/AmpereAltraPkg/Library/ArmPlatformLib/ArmPlatformLib.c
> > @@ -108,9 +108,8 @@ PrePeiCoreGetMpCoreInfo (
> >   }
> >   SocketId = SOCKET_ID (Index);
> >   ClusterId = CLUSTER_ID (Index);
> > -mArmPlatformMpCoreInfoTable[mArmPlatformCoreCount].ClusterId = 
> > SocketId;
> > -mArmPlatformMpCoreInfoTable[mArmPlatformCoreCount].CoreId =
> > -  (ClusterId << 8) | (Index % PLATFORM_CPU_NUM_CORES_PER_CPM);
> > +mArmPlatformMpCoreInfoTable[mArmPlatformCoreCount].Mpidr = GET_MPID (
> > +  SocketId, (ClusterId << 8) | (Index % 
> > PLATFORM_CPU_NUM_CORES_PER_CPM));
> 
> For Ampere Altra, the correct MPIDR encoding is SocketId << 32 | ClusterId
> << 16 | (Index % PLATFORM_CPU_NUM_CORES_PER_CPM) << 8
> 
> It would be the same what
> Platform/Ampere/JadePkg/Drivers/AcpiPlatformDxe/AcpiMadt.c (not available
> yet - being merged in) is describing.

This patch already got merged, so if you feel it is wrong, could you
submit a fix please?

The next patch for me to push from your set otherwise also requires
some changes. My naïve attempt would look something like:

diff --git a/Platform/Ampere/JadePkg/Drivers/AcpiPlatformDxe/AcpiSrat.c 
b/Platform/Ampere/JadePkg/Drivers/AcpiPlatformDxe/AcpiSrat.c
index 906b771a250c..d5bc732b08bb 100644
--- a/Platform/Ampere/JadePkg/Drivers/AcpiPlatformDxe/AcpiSrat.c
+++ b/Platform/Ampere/JadePkg/Drivers/AcpiPlatformDxe/AcpiSrat.c
@@ -7,6 +7,7 @@
 **/
 
 #include 
+#include 
 #include "AcpiPlatform.h"
 
 EFI_ACPI_6_3_SYSTEM_RESOURCE_AFFINITY_TABLE_HEADER SRATTableHeaderTemplate = {
@@ -119,6 +120,7 @@ SratAddGiccAffinity (
   UINTN   Count, NumNode, Idx;
   UINT32  AcpiProcessorUid;
   UINT8   Socket;
+  UINT8   Core;
   UINT8   Cpm;
 
   for (Idx = 0; Idx < gST->NumberOfTableEntries; Idx++) {
@@ -137,14 +139,14 @@ SratAddGiccAffinity (
   NumNode = 0;
   while (Count != ArmProcessorTable->NumberOfEntries) {
 for (Idx = 0; Idx < ArmProcessorTable->NumberOfEntries; Idx++ ) {
-  Socket = ArmCoreInfoTable[Idx].ClusterId;
-  Cpm = (ArmCoreInfoTable[Idx].CoreId >> PLATFORM_CPM_UID_BIT_OFFSET);
+  Socket = GET_MPIDR_AFF1 (ArmCoreInfoTable[Idx].Mpidr);
+  Core   = GET_MPIDR_AFF0 (ArmCoreInfoTable[Idx].Mpidr);
+  Cpm = Core >> PLATFORM_CPM_UID_BIT_OFFSET;
   if (CpuGetSubNumNode (Socket, Cpm) != NumNode) {
 /* We add nodes based on ProximityDomain order */
 continue;
   }
-  AcpiProcessorUid = (ArmCoreInfoTable[Idx].ClusterId << 
PLATFORM_SOCKET_UID_BIT_OFFSET) +
- ArmCoreInfoTable[Idx].CoreId;
+  AcpiProcessorUid = (Socket << PLATFORM_SOCKET_UID_BIT_OFFSET) + Core;
   ZeroMem ((VOID *)&SratGiccAffinity[Count], sizeof 
(SratGiccAffinity[Count]));
   SratGiccAffinity[Count].AcpiProcessorUid = AcpiProcessorUid;
   SratGiccAffinity[Count].Flags = 1;

Would you be happy for me to fold that into
"AmpereAltraPkg, JadePkg: Add ACPI support", or would you be able to
submit a v6 of that patch only?

Best Regards,

Leif


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88029): https://edk2.groups.io/g/devel/message/88029
Mute This Topic: https://groups.io/mt/8839/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH] bRefClkFreq UFS card attribute need to be programmed after fDeviceInit

[Bandaru, Purna Chandra Rao]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3886

bRefClkFreq UFS card attribute need to be read and written after successful
fDeviceInit and NOP response so that link will be stable.

Cc: Wu Hao A 
Cc: Albecki Mateusz 
Cc: Liming Gao 
Cc: Zhiguang Liu 

Signed-off-by: Purna Chandra Rao Bandaru 
---
 .../Bus/Ufs/UfsPassThruDxe/UfsPassThru.c  | 34 +--
 1 file changed, 17 insertions(+), 17 deletions(-)

diff --git a/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.c 
b/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.c
index dc78e09678..ae593ff03a 100644
--- a/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.c
+++ b/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.c
@@ -919,6 +919,23 @@ UfsPassThruDriverBindingStart (
 goto Error;
   }
 
+  //
+  // UFS 2.0 spec Section 13.1.3.3:
+  // At the end of the UFS Interconnect Layer initialization on both host and 
device side,
+  // the host shall send a NOP OUT UPIU to verify that the device UTP Layer is 
ready.
+  //
+  Status = UfsExecNopCmds (Private);
+  if (EFI_ERROR (Status)) {
+DEBUG ((DEBUG_ERROR, "Ufs Sending NOP IN command Error, Status = %r\n", 
Status));
+goto Error;
+  }
+
+  Status = UfsFinishDeviceInitialization (Private);
+  if (EFI_ERROR (Status)) {
+DEBUG ((DEBUG_ERROR, "Device failed to finish initialization, Status = 
%r\n", Status));
+goto Error;
+  }
+
   if ((mUfsHcPlatform != NULL) &&
   ((mUfsHcPlatform->RefClkFreq == EdkiiUfsCardRefClkFreq19p2Mhz) ||
(mUfsHcPlatform->RefClkFreq == EdkiiUfsCardRefClkFreq26Mhz) ||
@@ -967,23 +984,6 @@ UfsPassThruDriverBindingStart (
 }
   }
 
-  //
-  // UFS 2.0 spec Section 13.1.3.3:
-  // At the end of the UFS Interconnect Layer initialization on both host and 
device side,
-  // the host shall send a NOP OUT UPIU to verify that the device UTP Layer is 
ready.
-  //
-  Status = UfsExecNopCmds (Private);
-  if (EFI_ERROR (Status)) {
-DEBUG ((DEBUG_ERROR, "Ufs Sending NOP IN command Error, Status = %r\n", 
Status));
-goto Error;
-  }
-
-  Status = UfsFinishDeviceInitialization (Private);
-  if (EFI_ERROR (Status)) {
-DEBUG ((DEBUG_ERROR, "Device failed to finish initialization, Status = 
%r\n", Status));
-goto Error;
-  }
-
   //
   // Check if 8 common luns are active and set corresponding bit mask.
   //
-- 
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88028): https://edk2.groups.io/g/devel/message/88028
Mute This Topic: https://groups.io/mt/90020932/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] Question about UEFI, AddressSanitizer and MMU mappings

[Marvin Häuser]

Hey Pedro,

ASan is somewhat listed for „LLVM Optimizations“.
A quick and dirty reference for UEFI UBSan can be found here: 
https://github.com/acidanthera/OpenCorePkg/tree/master/Library/OcGuardLib

I don’t think you need to strictly adhere to the UEFI spec for debug tooling. I 
cannot check the code now, but I can imagine things like ConvertPointer() will 
not be happy about non-identity-mapping OOTB. But the issues I can think of 
should be fairly easy to resolve.

Best regards,
Marvin

> On 24. Mar 2022, at 23:32, Pedro Falcato  wrote:
> 
> 
> Hi!
> 
> I've been thinking about adding sanitizer support (UBSan and KASAN), like 
> coreboot already has, to the wiki's Tasks for the upcoming GSoC, but I'm a 
> bit confused by something.
> Is there anything in the UEFI spec that stops us from doing non-identity 
> memory mappings? I know it specifies the need for the identity mappings (in 
> the architectures where it requires the MMU being enabled), but nowhere do I 
> see anything about the other parts of the address space.
> Of course, UEFI supporting AddressSanitizer would be kind of dependent on 
> fancier memory mappings.
> 
> Thanks,
> Pedro
> 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88027): https://edk2.groups.io/g/devel/message/88027
Mute This Topic: https://groups.io/mt/90010978/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v2 0/2] MdeModulePkg: fix checks for NVM command set

[Wu, Hao A]

Oh Sorry, will double check to avoid such mistake.

Best Regards,
Hao Wu

From: littlefox via groups.io 
Sent: Friday, March 25, 2022 4:45 PM
To: Wu; Wu, Hao A ; devel@edk2.groups.io
Subject: Re: [edk2-devel] [PATCH v2 0/2] MdeModulePkg: fix checks for NVM 
command set


Hi,

thanks for merging, though I already had a pull request for it and you now used 
the bounce email address for the commit author ^^'
It's ok, just wanted to make sure you know that groups.io pitfall for the next 
:)

Best regards and many thanks for your time
Mara Sophie Grosch


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88026): https://edk2.groups.io/g/devel/message/88026
Mute This Topic: https://groups.io/mt/89972393/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v2 0/2] MdeModulePkg: fix checks for NVM command set

[Mara Sophie Grosch via groups.io]

Hi,

thanks for merging, though I already had a pull request for it and you now used 
the bounce email address for the commit author ^^'
It's ok, just wanted to make sure you know that groups.io pitfall for the next 
:)

Best regards and many thanks for your time
Mara Sophie Grosch


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88025): https://edk2.groups.io/g/devel/message/88025
Mute This Topic: https://groups.io/mt/89972393/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH 1/1] CryptoPkg: update openssl submodule to 1.1.1n

[Gerd Hoffmann]

Pick up bugfixes from latest openssl release.  Includes CVE-2022-0778
fix (I don't think edk2 is affected though due to EC being disabled).

Signed-off-by: Gerd Hoffmann 
---
 CryptoPkg/Library/OpensslLib/openssl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CryptoPkg/Library/OpensslLib/openssl 
b/CryptoPkg/Library/OpensslLib/openssl
index 52c587d60be6..d82e959e621a 16
--- a/CryptoPkg/Library/OpensslLib/openssl
+++ b/CryptoPkg/Library/OpensslLib/openssl
@@ -1 +1 @@
-Subproject commit 52c587d60be67c337364b830dd3fdc15404a2f04
+Subproject commit d82e959e621a3d597f1e0d50ff8c2d8b96915fd7
-- 
2.35.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88024): https://edk2.groups.io/g/devel/message/88024
Mute This Topic: https://groups.io/mt/90018125/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 1/1] CryptoPkg： Redefinition bug in CrtLibSupport.h.

[Li, Zhihao]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3885

Parallel hash patch redefines uint_64 type in CrtLibSupport.h
which has been defined in openssl/include/openssl/e_os2.h.
CryptMd5.c including e_os2.h cause redefinition bug.

Cc: Jiewen Yao jiewen@intel.com
Cc: Jian J Wang jian.j.w...@intel.com
Cc: Xiaoyu Lu xiaoyu1...@intel.com
Cc: Guomin Jiang guomin.ji...@intel.com
Cc: Siyuan Fu siyuan...@intel.com

Signed-off-by: Zhihao Li 
---
 CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h | 2 ++
 CryptoPkg/Library/Include/CrtLibSupport.h   | 1 -
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h 
b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h
index fe08d4928e8d..dcfe200e5829 100644
--- a/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h
+++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h
@@ -25,6 +25,8 @@ http://creativecommons.org/publicdomain/zero/1.0/
 

 #define KECCAK1600_WIDTH  1600

 

+typedef UINT64 uint64_t;

+

 //

 // This struct referring to m_sha3.c from opessl and modified its type name.

 //

diff --git a/CryptoPkg/Library/Include/CrtLibSupport.h 
b/CryptoPkg/Library/Include/CrtLibSupport.h
index b76b140a7acf..75172b920b67 100644
--- a/CryptoPkg/Library/Include/CrtLibSupport.h
+++ b/CryptoPkg/Library/Include/CrtLibSupport.h
@@ -111,7 +111,6 @@ typedef UINT8   u_char;
 typedef UINT32  uid_t;

 typedef UINT32  gid_t;

 typedef CHAR16  wchar_t;

-typedef UINT64  uint64_t;

 

 //

 // File operations are not required for EFI building,

-- 
2.26.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88023): https://edk2.groups.io/g/devel/message/88023
Mute This Topic: https://groups.io/mt/90017880/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 0/6] [RFC] Rework UefiCpuPkg

[Abner Chang]

Hi Mike,
In the v2, I moved two of OpenSBI header files to under 
MdePkg/Include/IndustryStadard (patch 5/8). However, it looks to me not quite 
proper to have those files there. Seems to keeping those files under UefiCpuPkg 
makes more sense.
What do you think?

Abner

From: Chang, Abner (HPS SW/FW Technologist)
Sent: Saturday, March 19, 2022 10:05 AM
To: Kinney, Michael D ; devel@edk2.groups.io 
; Ni, Ray 
Cc: Schaefer, Daniel (ROM Janitor) ; 
eric.d...@intel.com ; rahul1.ku...@intel.com 
; Sunil V L ; Andrew Fish 
; quic_llind...@quicinc.com ; Chao 
Li 
Subject: RE: [edk2-devel] [PATCH 0/6] [RFC] Rework UefiCpuPkg


Just aware that I didn’t Cc stakeholders to the cover letter, add those people 
in CC.

-Original Message-
> From: Kinney, Michael D 
> Sent: Saturday, March 19, 2022 12:47 AM
> To: devel@edk2.groups.io; Chang, Abner (HPS SW/FW Technologist)
> ; Kinney, Michael D ;
> Ni, Ray 
> Subject: RE: [edk2-devel] [PATCH 0/6] [RFC] Rework UefiCpuPkg
>
> Hi Abner,
>
> Will OpenSBI content be needed by libs/modules outside of UefiCpuPkg?
Edk2OpenSBILib is the wrapper library of OpenSBI, so there is module neither 
inside nor outside UefiCpuPkg uses OpenSBI directly. Edk2OpenSbiLib is 
currently used by SecCore only as it describes here:
https://github.com/tianocore/edk2-platforms/tree/master/Platform/RISC-V/PlatformPkg.
We had designed to expose OepnSBI API in both edk2 version OpenSBI PPI and 
Protocol, so the answer to your question is: No, OpenSBI/Edk2OpenSbiLib is not 
needed by modules outside UefiCpuPkg as the design we have so far.

>
> Should OpenSBI includes be promoted to MdePkg?
That is possible and seems reasonable to move the entire 
OpenSBI(Edk2OpenSbiLib) source/include to under MdePkg because there is no 
dependency with edk2 RISC-V header files under UefiCpuPkg.
But one question: Shall we have OpenSBI lib under MdePkg if it is only used by 
UefiCpuPkg?
>
> I do not think the dir name "RISC-V" follows the file/dir name requirements.
> The '-' should not be used.
We had the same discussion before and '-' is valid in the file name as it 
defined in the coding standard. I remember we also agreed or accepted having 
"RISC-V' as the directory name for the modules on edk2-platforms repo. Same 
scenario can applied on edk2 repo.

>
> I think there is a discussion about moving UefiCpuLib to MdePkg.
Is that a serious discussion or just a verbal discussion? 😊 Any conclusion we 
had from the discussion?
Move UefiCpuLib to MdePkg leads the dependency with UefiCpuPkg for those 
architecture header files. I consider this doesn't make sense to MdePkg, right?
I would suggest still having UefiCPuPkg under UefiCpuPkg for now. Move it 
around one day when there is a clear decision for UefiCpuPkg comes out.

Thanks for feedbacks
Abner

>
> Thanks,
>
> Mike
>
> > -Original Message-
> > From: devel@edk2.groups.io  On Behalf Of Abner
> Chang
> > Sent: Thursday, March 17, 2022 10:43 PM
> > To: devel@edk2.groups.io
> > Cc: Chang, Abner 
> > Subject: [edk2-devel] [PATCH 0/6] [RFC] Rework UefiCpuPkg
> >
> >
> INVALID URI REMOVED
> d=3860__;!!NpxR!ymTSNAU_VEYCUYtX3YUSGsB0Ma3GzipVS95V5WEZxBeO
> QvdiEx6MgV61kZMs6TM$
> >
> > This is the project having rework on UefiCpuPkg in order to support a
> variety
> > of processor architectures. Some modules under UefiCpuPkg are required
> to be
> > abstract for the different archs.
> >
> > The first step is to classify UefiCpuPkg modules to IA32 and X64 sections in
> > DSC file (Patch 1/6). Move the module to Common section later if more
> than one
> > archs can leverage the same module (such as Patch 3/6 for BaseUefiCpuLib).
> >
> > Abner Chang (6):
> >   [RFC] UefiCpuPkg: Classify IA32/X64 modules in DSC file
> >   [RFC] UefiCpuPkg/Include: Add header files of RISC-V processor
> > architecture
> >   [RFC] UefiCpuPkg/BaseUefiCpuLib: Add RISC-V RISCV64 instace
> >   [RFC] UefiCpuPkg/RiscVOpensbLib: Add opensbi submodule
> >   [RFC] UefiCpuPkg/Library: Add RiscVOpensbiLib
> >   [RFC] UefiCpuPkg: Update YAML file for RISC-V arch
> >
> >  UefiCpuPkg/UefiCpuPkg.dec |  12 +-
> >  UefiCpuPkg/UefiCpuPkg.dsc |  45 +++--
> >  .../Library/BaseUefiCpuLib/BaseUefiCpuLib.inf |   8 +-
> >  .../RiscVOpensbiLib/RiscVOpensbiLib.inf   |  89 ++
> >  .../Include/IndustryStandard/RISC-V/RiscV.h   | 162
> ++
> >  .../IndustryStandard/RISC-V/RiscVOpensbi.h|  62 +++
> >  .../Include/Library/RISC-V/RiscVCpuLib.h  | 118 +
> >  UefiCpuPkg/Include/RISC-V/OpensbiTypes.h  |  82 +
> >  UefiCpuPkg/Include/RISC-V/RiscVImpl.h |  87 ++
> >  .gitmodules   |  45 ++---
> >  BaseTools/Conf/tools_def.template |   2 +-
> >  .../Library/BaseUefiCpuLib/BaseUefiCpuLib.uni |   5 +-
> >  .../Library/BaseUefiCpuLib/RISCV64/Cpu.S  | 143 
> >  .../Library/RISC-V/RiscVOpensbiLib/opensbi|   1 

[edk2-devel] [PATCH V2 6/8] [RFC] BaseTools/Conf: Relocate RiscVOpensbiTypes.h

[Abner Chang]

Relocation of RiscVOpensbiTypes.h, which is under:
MdePkg/Include/IndustryStandard/

Signed-off-by: Abner Chang 
Co-authored-by: Daniel Schaefer 
Cc: Sunil V L 
Cc: Leif Lindholm 
Cc: Michael D Kinney 
Cc: Bob Feng 
Cc: Liming Gao 
Cc: Yuwei Chen 
---
 BaseTools/Conf/tools_def.template | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/BaseTools/Conf/tools_def.template 
b/BaseTools/Conf/tools_def.template
index 9c310cf23d..c1eea33e71 100755
--- a/BaseTools/Conf/tools_def.template
+++ b/BaseTools/Conf/tools_def.template
@@ -1978,7 +1978,7 @@ DEFINE GCC5_RISCV_ALL_DLINK2_FLAGS= 
-Wl,--defsym=PECOFF_HEADER_S
 DEFINE GCC5_RISCV_ALL_ASM_FLAGS   = -c -x assembler -imacros 
$(DEST_DIR_DEBUG)/AutoGen.h
 DEFINE GCC5_RISCV_ALL_CC_FLAGS_WARNING_DISABLE= -Wno-tautological-compare 
-Wno-pointer-compare
 
-DEFINE GCC5_RISCV_OPENSBI_TYPES   = 
-DOPENSBI_EXTERNAL_SBI_TYPES=OpensbiTypes.h
+DEFINE GCC5_RISCV_OPENSBI_TYPES   = 
-DOPENSBI_EXTERNAL_SBI_TYPES=IndustryStandard/RiscVOpensbiTypes.h
 
 DEFINE GCC5_RISCV64_ARCH   = rv64imafdc
 DEFINE GCC5_RISCV32_RISCV64_ASLDLINK_FLAGS = DEF(GCC5_RISCV_ALL_DLINK_COMMON) 
-Wl,--entry,ReferenceAcpiTable -u ReferenceAcpiTable
-- 
2.31.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88020): https://edk2.groups.io/g/devel/message/88020
Mute This Topic: https://groups.io/mt/90017691/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH V2 8/8] [RFC] UefiCpuPkg: Update YAML file for RISC-V arch

[Abner Chang]

https://bugzilla.tianocore.org/show_bug.cgi?id=3860

Signed-off-by: Abner Chang 
Co-authored-by: Daniel Schaefer 
Cc: Eric Dong 
Cc: Ray Ni 
Cc: Rahul Kumar 
Cc: Sunil V L 
Cc: Andrew Fish 
Cc: Leif Lindholm 
Cc: Michael D Kinney 
Cc: Chao Li 
---
 UefiCpuPkg/UefiCpuPkg.ci.yaml | 60 +--
 1 file changed, 58 insertions(+), 2 deletions(-)

diff --git a/UefiCpuPkg/UefiCpuPkg.ci.yaml b/UefiCpuPkg/UefiCpuPkg.ci.yaml
index 6e0ab95fd8..3ac249bb46 100644
--- a/UefiCpuPkg/UefiCpuPkg.ci.yaml
+++ b/UefiCpuPkg/UefiCpuPkg.ci.yaml
@@ -3,6 +3,7 @@
 #
 # Copyright (c) Microsoft Corporation
 # Copyright (c) 2020, Intel Corporation. All rights reserved.
+# Copyright (c) 2022 Hewlett Packard Enterprise Development LP. All rights 
reserved.
 # SPDX-License-Identifier: BSD-2-Clause-Patent
 ##
 {
@@ -18,6 +19,10 @@
 ],
 ## Both file path and directory path are accepted.
 "IgnoreFiles": [
+## Below source files incorporate with open source
+## RISC-V OpenSBI project, in which some coding style is
+## not able to pass the ECC.
+"Library/RISC-V/RiscVOpensbiLib/opensbi"
 ]
 },
 "CompilerPlugin": {
@@ -69,8 +74,59 @@
 ## options defined ci/Plugin/SpellCheck
 "SpellCheck": {
 "AuditOnly": True,   # Fails test but run in AuditOnly mode to 
collect log
-"IgnoreFiles": [],   # use gitignore syntax to ignore errors 
in matching files
-"ExtendWords": [],   # words to extend to the dictionary for 
this package
+"IgnoreFiles": [ # use gitignore syntax to ignore errors 
in matching files
+"Library/RISC-V/RiscVOpensbiLib/opensbi/**"
+],
+"ExtendWords": [# words to extend to the dictionary for 
this package
+"aclint",
+"dmdepkg",
+"ecall",
+"ecalls",
+"efifstub",
+"excep",
+"execption",
+"gaisler",
+"hardfp",
+"hfence",
+"htimehw",
+"htimew",
+"impid",
+"irqchip",
+"keepexceptiontable",
+"libfdt",
+"mbase",
+"mbound",
+"mcause",
+"mdbase",
+"mdbound",
+"memeory",
+"mfromhost",
+"mhartid",
+"mibase",
+"mibound",
+"mideleg",
+"mscratch",
+"mstatus",
+"mtimeh",
+"mtimer",
+"mtohost",
+"mtvec",
+"mvendorid",
+"opensbi",
+"prilx",
+"rfence",
+"scasue",
+"scause",
+"sfence",
+"sifive",
+"smode",
+"sramt",
+"sscratch",
+"sstatus",
+"stval",
+"stvec",
+"transational"
+],
 "IgnoreStandardPaths": [],   # Standard Plugin defined paths that 
should be ignore
 "AdditionalIncludePaths": [] # Additional paths to spell check 
(wildcards supported)
 }
-- 
2.31.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88021): https://edk2.groups.io/g/devel/message/88021
Mute This Topic: https://groups.io/mt/90017692/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH V2 7/8] [RFC] UefiCpuPkg/Library: Add RiscVOpensbiLib

[Abner Chang]

https://bugzilla.tianocore.org/show_bug.cgi?id=3860
(This is migrated from edk2-platforms:Silicon/RISC-V)

EDK2 RISC-V OpenSBI library which pull in external source files under
UefiCpuPkg/Library/RISC-V/RiscVOpensbiLib/opensbi to the build process.

Signed-off-by: Abner Chang 
Co-authored-by: Daniel Schaefer 
Cc: Eric Dong 
Cc: Ray Ni 
Cc: Rahul Kumar 
Cc: Sunil V L 
Cc: Leif Lindholm 
Cc: Michael D Kinney 
Cc: Chao Li 
---
 UefiCpuPkg/UefiCpuPkg.dec |  9 +-
 UefiCpuPkg/UefiCpuPkg.dsc |  6 ++
 .../RiscVOpensbiLib/RiscVOpensbiLib.inf   | 89 +++
 3 files changed, 103 insertions(+), 1 deletion(-)
 create mode 100644 
UefiCpuPkg/Library/RISC-V/RiscVOpensbiLib/RiscVOpensbiLib.inf

diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec
index 613881368b..f7e7142882 100644
--- a/UefiCpuPkg/UefiCpuPkg.dec
+++ b/UefiCpuPkg/UefiCpuPkg.dec
@@ -15,9 +15,16 @@
   PACKAGE_GUID   = 2171df9b-0d39-45aa-ac37-2de190010d23
   PACKAGE_VERSION= 0.90
 
-[Includes]
+[Includes.common]
   Include
 
+[Includes.RISCV64]
+  Include/Library
+  Library/RISC-V/RiscVOpensbiLib/opensbi # OpenSBI header file 
reference ("include/sbi/...")
+  Library/RISC-V/RiscVOpensbiLib/opensbi/include # Header file reference from 
opensbi files, ("sbi/...")
+  Library/RISC-V/RiscVOpensbiLib/opensbi/platform/generic/include # Header 
file reference from opensbi files, ("sbi/...")
+
+
 [LibraryClasses]
   ##  @libraryclass  Defines some routines that are used to 
register/manage/program
   ## CPU features.
diff --git a/UefiCpuPkg/UefiCpuPkg.dsc b/UefiCpuPkg/UefiCpuPkg.dsc
index 50c9fc294c..374e951f29 100644
--- a/UefiCpuPkg/UefiCpuPkg.dsc
+++ b/UefiCpuPkg/UefiCpuPkg.dsc
@@ -66,6 +66,9 @@
   MicrocodeLib|UefiCpuPkg/Library/MicrocodeLib/MicrocodeLib.inf
   
SmmCpuRendezvousLib|UefiCpuPkg/Library/SmmCpuRendezvousLib/SmmCpuRendezvousLib.inf
 
+[LibraryClasses.RISCV64]
+  RiscVOpensbiLib|UefiCpuPkg/Library/RISC-V/RiscVOpensbiLib/RiscVOpensbiLib.inf
+
 [LibraryClasses.common.SEC]
   HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf
   
MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAllocationLib.inf
@@ -185,5 +188,8 @@
   UefiCpuPkg/ResetVector/Vtf0/Bin/ResetVector.inf
   UefiCpuPkg/Library/SmmCpuRendezvousLib/SmmCpuRendezvousLib.inf
 
+[Components.RISCV64]
+  UefiCpuPkg/Library/RISC-V/RiscVOpensbiLib/RiscVOpensbiLib.inf
+
 [BuildOptions]
   *_*_*_CC_FLAGS = -D DISABLE_NEW_DEPRECATED_INTERFACES
diff --git a/UefiCpuPkg/Library/RISC-V/RiscVOpensbiLib/RiscVOpensbiLib.inf 
b/UefiCpuPkg/Library/RISC-V/RiscVOpensbiLib/RiscVOpensbiLib.inf
new file mode 100644
index 00..54eed050d4
--- /dev/null
+++ b/UefiCpuPkg/Library/RISC-V/RiscVOpensbiLib/RiscVOpensbiLib.inf
@@ -0,0 +1,89 @@
+## @file
+# RISC-V Opensbi Library Instance.
+#
+#  Copyright (c) 2022, Hewlett Packard Enterprise Development LP. All rights 
reserved.
+#
+#  SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+  INF_VERSION= 0x0001001b
+  BASE_NAME  = RiscVOpensbiLib
+  FILE_GUID  = 6EF0C812-66F6-11E9-93CE-3F5D5F0DF0A7
+  MODULE_TYPE= BASE
+  VERSION_STRING = 1.0
+  LIBRARY_CLASS  = RiscVOpensbiLib
+
+[Sources]
+  opensbi/lib/sbi/riscv_asm.c
+  opensbi/lib/sbi/riscv_atomic.c
+  opensbi/lib/sbi/riscv_hardfp.S
+  opensbi/lib/sbi/riscv_locks.c
+  opensbi/lib/sbi/sbi_bitmap.c
+  opensbi/lib/sbi/sbi_bitops.c
+  opensbi/lib/sbi/sbi_console.c
+  opensbi/lib/sbi/sbi_domain.c
+  opensbi/lib/sbi/sbi_ecall.c
+  opensbi/lib/sbi/sbi_ecall_base.c
+  opensbi/lib/sbi/sbi_ecall_hsm.c
+  opensbi/lib/sbi/sbi_ecall_legacy.c
+  opensbi/lib/sbi/sbi_ecall_replace.c
+  opensbi/lib/sbi/sbi_ecall_vendor.c
+  opensbi/lib/sbi/sbi_emulate_csr.c
+  opensbi/lib/sbi/sbi_fifo.c
+  opensbi/lib/sbi/sbi_hart.c
+  opensbi/lib/sbi/sbi_math.c
+  opensbi/lib/sbi/sbi_hfence.S
+  opensbi/lib/sbi/sbi_hsm.c
+  opensbi/lib/sbi/sbi_illegal_insn.c
+  opensbi/lib/sbi/sbi_init.c
+  opensbi/lib/sbi/sbi_ipi.c
+  opensbi/lib/sbi/sbi_misaligned_ldst.c
+  opensbi/lib/sbi/sbi_platform.c
+  opensbi/lib/sbi/sbi_scratch.c
+  opensbi/lib/sbi/sbi_string.c
+  opensbi/lib/sbi/sbi_system.c
+  opensbi/lib/sbi/sbi_timer.c
+  opensbi/lib/sbi/sbi_tlb.c
+  opensbi/lib/sbi/sbi_trap.c
+  opensbi/lib/sbi/sbi_unpriv.c
+  opensbi/lib/sbi/sbi_expected_trap.S
+
+  opensbi/lib/utils/fdt/fdt_helper.c
+  opensbi/lib/utils/fdt/fdt_fixup.c
+  opensbi/lib/utils/fdt/fdt_domain.c
+  opensbi/lib/utils/ipi/fdt_ipi.c
+  opensbi/lib/utils/ipi/aclint_mswi.c
+  opensbi/lib/utils/ipi/fdt_ipi_mswi.c
+  opensbi/lib/utils/irqchip/fdt_irqchip.c
+  opensbi/lib/utils/irqchip/fdt_irqchip_plic.c
+  opensbi/lib/utils/irqchip/plic.c
+  opensbi/lib/utils/reset/fdt_reset.c
+  opensbi/lib/utils/reset/fdt_reset_htif.c
+  opensbi/lib/utils/reset/fdt_reset_sifive.c
+  opensbi/lib/utils/reset/fdt_reset_thead.c
+  opensbi/lib/utils/reset/fdt_reset_thead_asm.S
+  opensbi/lib/utils/serial/fdt_serial.c
+  opensbi/lib/utils/serial/fdt_serial

[edk2-devel] [PATCH V2 5/8] [RFC] MdePkg/Include: Add RISC-V OpenSBI header files

[Abner Chang]

https://bugzilla.tianocore.org/show_bug.cgi?id=3860

RiscVOpensbiTypes.h:
  The header file for building RISC-V OpenSBI library.
RiscVOpenSBI.h:
  The header file of using OpenSBI library.

Signed-off-by: Abner Chang 
Co-authored-by: Daniel Schaefer 
M: Liming Gao  [lgao4]
R: Zhiguang Liu  [LiuZhiguang001]
Cc: Sunil V L 
Cc: Leif Lindholm 
Cc: Michael D Kinney 
Cc: Chao Li 
---
 .../Include/IndustryStandard/RiscVOpensbi.h   | 62 ++
 .../IndustryStandard/RiscVOpensbiTypes.h  | 82 +++
 MdePkg/MdePkg.ci.yaml |  2 +
 3 files changed, 146 insertions(+)
 create mode 100644 MdePkg/Include/IndustryStandard/RiscVOpensbi.h
 create mode 100644 MdePkg/Include/IndustryStandard/RiscVOpensbiTypes.h

diff --git a/MdePkg/Include/IndustryStandard/RiscVOpensbi.h 
b/MdePkg/Include/IndustryStandard/RiscVOpensbi.h
new file mode 100644
index 00..4c9186f212
--- /dev/null
+++ b/MdePkg/Include/IndustryStandard/RiscVOpensbi.h
@@ -0,0 +1,62 @@
+/** @file
+  SBI inline function calls.
+
+  Copyright (c) 2022, Hewlett Packard Enterprise Development LP. All rights 
reserved.
+
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef EDK2_RISC_V_SBI_H_
+#define EDK2_RISC_V_SBI_H_
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#define RISC_V_MAX_HART_SUPPORTED  SBI_HARTMASK_MAX_BITS
+
+typedef
+VOID
+(EFIAPI *RISCV_HART_SWITCH_MODE)(
+  IN  UINTN   FuncArg0,
+  IN  UINTN   FuncArg1,
+  IN  UINTN   NextAddr,
+  IN  UINTN   NextMode,
+  IN  BOOLEAN NextVirt
+  );
+
+//
+// Keep the structure member in 64-bit alignment.
+//
+typedef struct {
+  UINT64IsaExtensionSupported; // The ISA extension this 
core supported.
+  RISCV_UINT128 MachineVendorId;   // Machine vendor ID
+  RISCV_UINT128 MachineArchId; // Machine Architecture ID
+  RISCV_UINT128 MachineImplId; // Machine Implementation ID
+  RISCV_HART_SWITCH_MODEHartSwitchMode;// OpenSBI's function to 
switch the mode of a hart
+} EFI_RISCV_FIRMWARE_CONTEXT_HART_SPECIFIC;
+#define FIRMWARE_CONTEXT_HART_SPECIFIC_SIZE  (64 * 8) // This is the size of 
EFI_RISCV_FIRMWARE_CONTEXT_HART_SPECIFIC
+  // structure. Referred 
by both C code and assembly code.
+
+typedef struct {
+  UINT64  BootHartId;
+  VOID*PeiServiceTable;// PEI 
Service table
+  UINT64  FlattenedDeviceTree; // Pointer 
to Flattened Device tree
+  UINT64  SecPeiHandOffData;   // This is 
EFI_SEC_PEI_HAND_OFF passed to PEI Core.
+  EFI_RISCV_FIRMWARE_CONTEXT_HART_SPECIFIC
*HartSpecific[RISC_V_MAX_HART_SUPPORTED];
+} EFI_RISCV_OPENSBI_FIRMWARE_CONTEXT;
+
+//
+// Typedefs of OpenSBI type to make them conform to EDK2 coding guidelines
+//
+typedef struct sbi_scratch   SBI_SCRATCH;
+typedef struct sbi_platform  SBI_PLATFORM;
+
+#endif
diff --git a/MdePkg/Include/IndustryStandard/RiscVOpensbiTypes.h 
b/MdePkg/Include/IndustryStandard/RiscVOpensbiTypes.h
new file mode 100644
index 00..6a6a1f532d
--- /dev/null
+++ b/MdePkg/Include/IndustryStandard/RiscVOpensbiTypes.h
@@ -0,0 +1,82 @@
+/** @file
+  RISC-V OpenSBI header file reference.
+
+  Copyright (c) 2022, Hewlett Packard Enterprise Development LP. All rights 
reserved.
+
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef EDK2_RISC_V_SBI_TYPES_H_
+#define EDK2_RISC_V_SBI_TYPES_H_
+
+#include 
+
+typedef INT8   s8;
+typedef UINT8  u8;
+typedef UINT8  uint8_t;
+
+typedef INT16   s16;
+typedef UINT16  u16;
+typedef INT16   int16_t;
+typedef UINT16  uint16_t;
+
+typedef INT32   s32;
+typedef UINT32  u32;
+typedef INT32   int32_t;
+typedef UINT32  uint32_t;
+
+typedef INT64   s64;
+typedef UINT64  u64;
+typedef INT64   int64_t;
+typedef UINT64  uint64_t;
+
+// PRILX is not used in EDK2 but we need to define it here because when
+// defining our own types, this constant is not defined but used by OpenSBI.
+#define PRILX  "016lx"
+
+typedef BOOLEANbool;
+typedef unsigned long  ulong;
+typedef UINT64 uintptr_t;
+typedef UINT64 size_t;
+typedef INT64  ssize_t;
+typedef UINT64 virtual_addr_t;
+typedef UINT64 virtual_size_t;
+typedef UINT64 physical_addr_t;
+typedef UINT64 physical_size_t;
+
+#define true   TRUE
+#define false  FALSE
+
+#define __packed__attribute__((packed))
+#define __noreturn  __attribute__((noreturn))
+#define __aligned(x)  __attribute__((aligned(x)))
+
+#if defined (__GNUC__) || defined (__clang__)
+#define likely(x)__builtin_expect((x), 1)
+#define unlikely(x)  __builtin_expect((x), 0)
+#else
+#define likely(x)(x)
+#define unlikely(x)  (x)
+#endif
+
+#undef offsetof
+#ifdef __compiler_offsetof
+#define offsetof(TYPE, MEMBER)  __compiler_offsetof(TYPE,MEMBER)

[edk2-devel] [PATCH V2 4/8] [RFC] UefiCpuPkg/RiscVOpensbLib: Add opensbi submodule

[Abner Chang]

https://bugzilla.tianocore.org/show_bug.cgi?id=3860

(This is migrated from edk2-platforms:Silicon/RISC-V)
Add RISC-V opensbi as the submoudle under UefiCpuPkg/Library/RISC-V

Signed-off-by: Abner Chang 
Cc: Eric Dong 
Cc: Ray Ni 
Cc: Rahul Kumar 
Cc: Daniel Schaefer 
Cc: Sunil V L 
Cc: Andrew Fish 
Cc: Leif Lindholm 
Cc: Michael D Kinney 
Cc: Chao Li 
---
 .gitmodules   | 45 ++-
 .../Library/RISC-V/RiscVOpensbiLib/opensbi|  1 +
 2 files changed, 25 insertions(+), 21 deletions(-)
 create mode 16 UefiCpuPkg/Library/RISC-V/RiscVOpensbiLib/opensbi

diff --git a/.gitmodules b/.gitmodules
index b845c9ee3f..dd68dbfc82 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -1,22 +1,25 @@
-[submodule "CryptoPkg/Library/OpensslLib/openssl"]
-   path = CryptoPkg/Library/OpensslLib/openssl
-   url = https://github.com/openssl/openssl
-[submodule "SoftFloat"]
-   path = ArmPkg/Library/ArmSoftFloatLib/berkeley-softfloat-3
-   url = https://github.com/ucb-bar/berkeley-softfloat-3.git
-[submodule "UnitTestFrameworkPkg/Library/CmockaLib/cmocka"]
-   path = UnitTestFrameworkPkg/Library/CmockaLib/cmocka
-   url = https://github.com/tianocore/edk2-cmocka.git
-[submodule "MdeModulePkg/Universal/RegularExpressionDxe/oniguruma"]
-   path = MdeModulePkg/Universal/RegularExpressionDxe/oniguruma
-   url = https://github.com/kkos/oniguruma
-[submodule "MdeModulePkg/Library/BrotliCustomDecompressLib/brotli"]
-   path = MdeModulePkg/Library/BrotliCustomDecompressLib/brotli
-   url = https://github.com/google/brotli
-[submodule "BaseTools/Source/C/BrotliCompress/brotli"]
-   path = BaseTools/Source/C/BrotliCompress/brotli
-   url = https://github.com/google/brotli
+[submodule "CryptoPkg/Library/OpensslLib/openssl"]
+   path = CryptoPkg/Library/OpensslLib/openssl
+   url = https://github.com/openssl/openssl
+[submodule "SoftFloat"]
+   path = ArmPkg/Library/ArmSoftFloatLib/berkeley-softfloat-3
+   url = https://github.com/ucb-bar/berkeley-softfloat-3.git
+[submodule "UnitTestFrameworkPkg/Library/CmockaLib/cmocka"]
+   path = UnitTestFrameworkPkg/Library/CmockaLib/cmocka
+   url = https://github.com/tianocore/edk2-cmocka.git
+[submodule "MdeModulePkg/Universal/RegularExpressionDxe/oniguruma"]
+   path = MdeModulePkg/Universal/RegularExpressionDxe/oniguruma
+   url = https://github.com/kkos/oniguruma
+[submodule "MdeModulePkg/Library/BrotliCustomDecompressLib/brotli"]
+   path = MdeModulePkg/Library/BrotliCustomDecompressLib/brotli
+   url = https://github.com/google/brotli
+[submodule "BaseTools/Source/C/BrotliCompress/brotli"]
+   path = BaseTools/Source/C/BrotliCompress/brotli
+   url = https://github.com/google/brotli
ignore = untracked
-[submodule "RedfishPkg/Library/JsonLib/jansson"]
-   path = RedfishPkg/Library/JsonLib/jansson
-   url = https://github.com/akheron/jansson
+[submodule "RedfishPkg/Library/JsonLib/jansson"]
+   path = RedfishPkg/Library/JsonLib/jansson
+   url = https://github.com/akheron/jansson
+[submodule "UefiCpuPkg/Library/RISC-V/RiscVOpensbiLib/opensbi"]
+   path = UefiCpuPkg/Library/RISC-V/RiscVOpensbiLib/opensbi
+   url = https://github.com/riscv-software-src/opensbi
diff --git a/UefiCpuPkg/Library/RISC-V/RiscVOpensbiLib/opensbi 
b/UefiCpuPkg/Library/RISC-V/RiscVOpensbiLib/opensbi
new file mode 16
index 00..a731c7e369
--- /dev/null
+++ b/UefiCpuPkg/Library/RISC-V/RiscVOpensbiLib/opensbi
@@ -0,0 +1 @@
+Subproject commit a731c7e36988c3308e1978ecde491f2f6182d490
-- 
2.31.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88018): https://edk2.groups.io/g/devel/message/88018
Mute This Topic: https://groups.io/mt/90017688/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH V2 3/8] [RFC] UefiCpuPkg/BaseUefiCpuLib: Add RISC-V RISCV64 instace

[Abner Chang]

https://bugzilla.tianocore.org/show_bug.cgi?id=3860
Add BaseUefiCpuLib instance for RISC-V RISCV64 arch.

Signed-off-by: Abner Chang 
Co-authored-by: Daniel Schaefer 
Cc: Eric Dong 
Cc: Ray Ni 
Cc: Rahul Kumar 
Cc: Sunil V L 
Cc: Andrew Fish 
Cc: Leif Lindholm 
Cc: Michael D Kinney 
Cc: Chao Li 
---
 UefiCpuPkg/UefiCpuPkg.dec |  17 ++-
 UefiCpuPkg/UefiCpuPkg.dsc |   7 +-
 .../Library/BaseUefiCpuLib/BaseUefiCpuLib.inf |   8 +-
 .../Include/Library/RISC-V/RiscVCpuLib.h  | 118 +++
 .../Library/BaseUefiCpuLib/BaseUefiCpuLib.uni |   5 +-
 .../Library/BaseUefiCpuLib/RISCV64/Cpu.S  | 143 ++
 6 files changed, 286 insertions(+), 12 deletions(-)
 create mode 100644 UefiCpuPkg/Include/Library/RISC-V/RiscVCpuLib.h
 create mode 100644 UefiCpuPkg/Library/BaseUefiCpuLib/RISCV64/Cpu.S

diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec
index 525cde4634..613881368b 100644
--- a/UefiCpuPkg/UefiCpuPkg.dec
+++ b/UefiCpuPkg/UefiCpuPkg.dec
@@ -2,6 +2,7 @@
 # This Package provides UEFI compatible CPU modules and libraries.
 #
 # Copyright (c) 2007 - 2022, Intel Corporation. All rights reserved.
+# Copyright (c) 2022 Hewlett Packard Enterprise Development LP. All rights 
reserved.
 #
 # SPDX-License-Identifier: BSD-2-Clause-Patent
 #
@@ -18,17 +19,17 @@
   Include
 
 [LibraryClasses]
-  ##  @libraryclass  Defines some routines that are generic for IA32 family CPU
-  ## to be UEFI specification compliant.
-  ##
-  UefiCpuLib|Include/Library/UefiCpuLib.h
-
   ##  @libraryclass  Defines some routines that are used to 
register/manage/program
   ## CPU features.
   ##
   RegisterCpuFeaturesLib|Include/Library/RegisterCpuFeaturesLib.h
 
 [LibraryClasses.IA32, LibraryClasses.X64]
+  ##  @libraryclass  Defines some routines that are generic for IA32 family CPU
+  ## to be UEFI specification compliant.
+  ##
+  UefiCpuLib|Include/Library/UefiCpuLib.h
+
   ##  @libraryclass  Provides functions to manage MTRR settings on IA32 and 
X64 CPUs.
   ##
   MtrrLib|Include/Library/MtrrLib.h
@@ -65,6 +66,12 @@
   ## @libraryclass  Provides function for SMM CPU Rendezvous Library.
   SmmCpuRendezvousLib|Include/Library/SmmCpuRendezvousLib.h
 
+[LibraryClasses.RISCV64]
+  ##  @libraryclass  Defines some routines that are generic for RISC-V CPU
+  ## to be UEFI specification compliant.
+  ##
+  UefiCpuLib|Include/Library/RISC-V/RiscVCpuLib.h
+
 [Guids]
   gUefiCpuPkgTokenSpaceGuid  = { 0xac05bf33, 0x995a, 0x4ed4, { 0xaa, 0xb8, 
0xef, 0x7a, 0xe8, 0xf, 0x5c, 0xb0 }}
   gMsegSmramGuid = { 0x5802bce4, 0x, 0x4e33, { 0xa1, 0x30, 
0xeb, 0xad, 0x27, 0xf0, 0xe4, 0x39 }}
diff --git a/UefiCpuPkg/UefiCpuPkg.dsc b/UefiCpuPkg/UefiCpuPkg.dsc
index 6b43ff6822..50c9fc294c 100644
--- a/UefiCpuPkg/UefiCpuPkg.dsc
+++ b/UefiCpuPkg/UefiCpuPkg.dsc
@@ -14,7 +14,7 @@
   PLATFORM_VERSION   = 0.90
   DSC_SPECIFICATION  = 0x00010005
   OUTPUT_DIRECTORY   = Build/UefiCpu
-  SUPPORTED_ARCHITECTURES= IA32|X64
+  SUPPORTED_ARCHITECTURES= IA32|X64|RISCV64
   BUILD_TARGETS  = DEBUG|RELEASE|NOOPT
   SKUID_IDENTIFIER   = DEFAULT
 
@@ -55,9 +55,9 @@
   
PeCoffGetEntryPointLib|MdePkg/Library/BasePeCoffGetEntryPointLib/BasePeCoffGetEntryPointLib.inf
   
PeCoffExtraActionLib|MdePkg/Library/BasePeCoffExtraActionLibNull/BasePeCoffExtraActionLibNull.inf
   
TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
+  UefiCpuLib|UefiCpuPkg/Library/BaseUefiCpuLib/BaseUefiCpuLib.inf
 
 [LibraryClasses.IA32, LibraryClasses.X64]
-  UefiCpuLib|UefiCpuPkg/Library/BaseUefiCpuLib/BaseUefiCpuLib.inf
   MtrrLib|UefiCpuPkg/Library/MtrrLib/MtrrLib.inf
   LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf
   
SmmCpuPlatformHookLib|UefiCpuPkg/Library/SmmCpuPlatformHookLibNull/SmmCpuPlatformHookLibNull.inf
@@ -120,6 +120,8 @@
 #
 # Drivers/Libraries within this package
 #
+[Components.common]
+  UefiCpuPkg/Library/BaseUefiCpuLib/BaseUefiCpuLib.inf
 
 [Components.IA32, Components.X64]
   UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
@@ -144,7 +146,6 @@
   UefiCpuPkg/CpuIo2Smm/CpuIo2StandaloneMm.inf
   UefiCpuPkg/CpuMpPei/CpuMpPei.inf
   UefiCpuPkg/CpuS3DataDxe/CpuS3DataDxe.inf
-  UefiCpuPkg/Library/BaseUefiCpuLib/BaseUefiCpuLib.inf
   UefiCpuPkg/Library/BaseXApicLib/BaseXApicLib.inf
   UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf
   UefiCpuPkg/Library/CpuCommonFeaturesLib/CpuCommonFeaturesLib.inf
diff --git a/UefiCpuPkg/Library/BaseUefiCpuLib/BaseUefiCpuLib.inf 
b/UefiCpuPkg/Library/BaseUefiCpuLib/BaseUefiCpuLib.inf
index 34d3a7bb43..f43498e9b4 100644
--- a/UefiCpuPkg/Library/BaseUefiCpuLib/BaseUefiCpuLib.inf
+++ b/UefiCpuPkg/Library/BaseUefiCpuLib/BaseUefiCpuLib.inf
@@ -5,6 +5,7 @@
 #
 #  Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.
 #  Copyright (c) 2020, AMD Inc. All rights 

[edk2-devel] [PATCH V2 1/8] [RFC] UefiCpuPkg: Classify IA32/X64 modules in DSC file

[Abner Chang]

https://bugzilla.tianocore.org/show_bug.cgi?id=3860

This is the first step of reworking on UefiCpuPkg in order to
accommodating all processor architectures in UEfiCpuPkg.
Classify UefiCpuPkg modules to IA32 and X64 sections in DSC file.
Move the module to Common section if more than one archs can
leverage the same module. Such as the patch 3/6 for BaseUefiCpuLib.

Signed-off-by: Abner Chang 
Co-authored-by: Daniel Schaefer 
Cc: Eric Dong 
Cc: Ray Ni 
Cc: Rahul Kumar 
Cc: Sunil V L 
Cc: Andrew Fish 
Cc: Leif Lindholm 
Cc: Michael D Kinney 
Cc: Chao Li 
---
 UefiCpuPkg/UefiCpuPkg.dsc | 34 +-
 1 file changed, 21 insertions(+), 13 deletions(-)

diff --git a/UefiCpuPkg/UefiCpuPkg.dsc b/UefiCpuPkg/UefiCpuPkg.dsc
index a0bbde9985..6b43ff6822 100644
--- a/UefiCpuPkg/UefiCpuPkg.dsc
+++ b/UefiCpuPkg/UefiCpuPkg.dsc
@@ -2,6 +2,7 @@
 #  UefiCpuPkg Package
 #
 #  Copyright (c) 2007 - 2021, Intel Corporation. All rights reserved.
+#  Copyright (c) 2022 Hewlett Packard Enterprise Development LP. All rights 
reserved.
 #
 #  SPDX-License-Identifier: BSD-2-Clause-Patent
 #
@@ -23,7 +24,7 @@
 
 !include MdePkg/MdeLibs.dsc.inc
 
-[LibraryClasses]
+[LibraryClasses.common]
   BaseLib|MdePkg/Library/BaseLib/BaseLib.inf
   BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf
   CpuLib|MdePkg/Library/BaseCpuLib/BaseCpuLib.inf
@@ -31,9 +32,7 @@
   SerialPortLib|MdePkg/Library/BaseSerialPortLibNull/BaseSerialPortLibNull.inf
   
DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf
   DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf
-  UefiCpuLib|UefiCpuPkg/Library/BaseUefiCpuLib/BaseUefiCpuLib.inf
   IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf
-  MtrrLib|UefiCpuPkg/Library/MtrrLib/MtrrLib.inf
   PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
   PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf
   UefiLib|MdePkg/Library/UefiLib/UefiLib.inf
@@ -47,48 +46,56 @@
   
PerformanceLib|MdePkg/Library/BasePerformanceLibNull/BasePerformanceLibNull.inf
   TimerLib|MdePkg/Library/BaseTimerLibNullTemplate/BaseTimerLibNullTemplate.inf
   DebugAgentLib|MdeModulePkg/Library/DebugAgentLibNull/DebugAgentLibNull.inf
-  LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf
   
ReportStatusCodeLib|MdePkg/Library/BaseReportStatusCodeLibNull/BaseReportStatusCodeLibNull.inf
   
SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchronizationLib.inf
   SmmMemLib|MdePkg/Library/SmmMemLib/SmmMemLib.inf
   
CacheMaintenanceLib|MdePkg/Library/BaseCacheMaintenanceLib/BaseCacheMaintenanceLib.inf
   PciLib|MdePkg/Library/BasePciLibPciExpress/BasePciLibPciExpress.inf
   PciExpressLib|MdePkg/Library/BasePciExpressLib/BasePciExpressLib.inf
-  
SmmCpuPlatformHookLib|UefiCpuPkg/Library/SmmCpuPlatformHookLibNull/SmmCpuPlatformHookLibNull.inf
-  SmmCpuFeaturesLib|UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf
   
PeCoffGetEntryPointLib|MdePkg/Library/BasePeCoffGetEntryPointLib/BasePeCoffGetEntryPointLib.inf
   
PeCoffExtraActionLib|MdePkg/Library/BasePeCoffExtraActionLibNull/BasePeCoffExtraActionLibNull.inf
   
TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
+
+[LibraryClasses.IA32, LibraryClasses.X64]
+  UefiCpuLib|UefiCpuPkg/Library/BaseUefiCpuLib/BaseUefiCpuLib.inf
+  MtrrLib|UefiCpuPkg/Library/MtrrLib/MtrrLib.inf
+  LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf
+  
SmmCpuPlatformHookLib|UefiCpuPkg/Library/SmmCpuPlatformHookLibNull/SmmCpuPlatformHookLibNull.inf
+  SmmCpuFeaturesLib|UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf
   VmgExitLib|UefiCpuPkg/Library/VmgExitLibNull/VmgExitLibNull.inf
   MicrocodeLib|UefiCpuPkg/Library/MicrocodeLib/MicrocodeLib.inf
   
SmmCpuRendezvousLib|UefiCpuPkg/Library/SmmCpuRendezvousLib/SmmCpuRendezvousLib.inf
 
 [LibraryClasses.common.SEC]
+  HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf
+  
MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAllocationLib.inf
+
+[LibraryClasses.IA32.SEC, LibraryClasses.X64.SEC]
   PlatformSecLib|UefiCpuPkg/Library/PlatformSecLibNull/PlatformSecLibNull.inf
 !if $(TOOL_CHAIN_TAG) == "XCODE5"
   
CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/Xcode5SecPeiCpuExceptionHandlerLib.inf
 !else
   
CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHandlerLib.inf
 !endif
-  HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf
   
PeiServicesTablePointerLib|MdePkg/Library/PeiServicesTablePointerLibIdt/PeiServicesTablePointerLibIdt.inf
-  
MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAllocationLib.inf
 
 [LibraryClasses.common.PEIM]
   
MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAllocationLib.inf
   HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf
   LockBoxLib|MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxPeiLib.inf
-  MpInitLib|UefiCpuPkg/Library/MpInitLib/

[edk2-devel] [PATCH V2 2/8] [RFC] UefiCpuPkg/Include: Add header files of RISC-V processor architecture

[Abner Chang]

(This is migrated from edk2-platforms:Silicon/RISC-V)

https://bugzilla.tianocore.org/show_bug.cgi?id=3860
RISC-V processor architecture definitions.

Signed-off-by: Abner Chang 
Cc: Eric Dong 
Cc: Ray Ni 
Cc: Rahul Kumar 
Cc: Daniel Schaefer 
Cc: Sunil V L 
Cc: Andrew Fish 
Cc: Leif Lindholm 
Cc: Michael D Kinney 
Cc: Chao Li 
---
 .../Include/IndustryStandard/RISC-V/RiscV.h   | 162 ++
 UefiCpuPkg/Include/RISC-V/RiscVImpl.h |  87 ++
 2 files changed, 249 insertions(+)
 create mode 100644 UefiCpuPkg/Include/IndustryStandard/RISC-V/RiscV.h
 create mode 100644 UefiCpuPkg/Include/RISC-V/RiscVImpl.h

diff --git a/UefiCpuPkg/Include/IndustryStandard/RISC-V/RiscV.h 
b/UefiCpuPkg/Include/IndustryStandard/RISC-V/RiscV.h
new file mode 100644
index 00..3edd1e6263
--- /dev/null
+++ b/UefiCpuPkg/Include/IndustryStandard/RISC-V/RiscV.h
@@ -0,0 +1,162 @@
+/** @file
+  RISC-V processor architecture definitions.
+
+  Copyright (c) 2022 Hewlett Packard Enterprise Development LP. All rights 
reserved.
+
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef RISCV_INDUSTRY_STANDARD_H_
+#define RISCV_INDUSTRY_STANDARD_H_
+
+#if defined (MDE_CPU_RISCV64)
+#define RISC_V_XLEN_BITS  64
+#else
+#endif
+
+#define RISC_V_ISA_ATOMIC_EXTENSION   (0x0001 << 0)
+#define RISC_V_ISA_BIT_OPERATION_EXTENSION(0x0001 << 1)
+#define RISC_V_ISA_COMPRESSED_EXTENSION   (0x0001 << 2)
+#define RISC_V_ISA_DOUBLE_PRECISION_FP_EXTENSION  (0x0001 << 3)
+#define RISC_V_ISA_RV32E_ISA  (0x0001 << 4)
+#define RISC_V_ISA_SINGLE_PRECISION_FP_EXTENSION  (0x0001 << 5)
+#define RISC_V_ISA_ADDITIONAL_STANDARD_EXTENSION  (0x0001 << 6)
+#define RISC_V_ISA_RESERVED_1 (0x0001 << 7)
+#define RISC_V_ISA_INTEGER_ISA_EXTENSION  (0x0001 << 8)
+#define RISC_V_ISA_DYNAMICALLY_TRANSLATED_LANGUAGE_EXTENSION  (0x0001 << 9)
+#define RISC_V_ISA_RESERVED_2 (0x0001 << 
10)
+#define RISC_V_ISA_DECIMAL_FP_EXTENSION   (0x0001 << 
11)
+#define RISC_V_ISA_INTEGER_MUL_DIV_EXTENSION  (0x0001 << 
12)
+#define RISC_V_ISA_USER_LEVEL_INTERRUPT_SUPPORTED (0x0001 << 
13)
+#define RISC_V_ISA_RESERVED_3 (0x0001 << 
14)
+#define RISC_V_ISA_PACKED_SIMD_EXTENSION  (0x0001 << 
15)
+#define RISC_V_ISA_QUAD_PRECISION_FP_EXTENSION(0x0001 << 
16)
+#define RISC_V_ISA_RESERVED_4 (0x0001 << 
17)
+#define RISC_V_ISA_SUPERVISOR_MODE_IMPLEMENTED(0x0001 << 
18)
+#define RISC_V_ISA_TRANSATIONAL_MEMORY_EXTENSION  (0x0001 << 
19)
+#define RISC_V_ISA_USER_MODE_IMPLEMENTED  (0x0001 << 
20)
+#define RISC_V_ISA_VECTOR_EXTENSION   (0x0001 << 
21)
+#define RISC_V_ISA_RESERVED_5 (0x0001 << 
22)
+#define RISC_V_ISA_NON_STANDARD_EXTENSION (0x0001 << 
23)
+#define RISC_V_ISA_RESERVED_6 (0x0001 << 
24)
+#define RISC_V_ISA_RESERVED_7 (0x0001 << 
25)
+
+//
+// RISC-V CSR definitions.
+//
+//
+// Machine information
+//
+#define RISCV_CSR_MACHINE_MVENDORID  0xF11
+#define RISCV_CSR_MACHINE_MARCHID0xF12
+#define RISCV_CSR_MACHINE_MIMPID 0xF13
+#define RISCV_CSR_MACHINE_HARRID 0xF14
+//
+// Machine Trap Setup.
+//
+#define RISCV_CSR_MACHINE_MSTATUS  0x300
+#define RISCV_CSR_MACHINE_MISA 0x301
+#define RISCV_CSR_MACHINE_MEDELEG  0x302
+#define RISCV_CSR_MACHINE_MIDELEG  0x303
+#define RISCV_CSR_MACHINE_MIE  0x304
+#define RISCV_CSR_MACHINE_MTVEC0x305
+
+#define RISCV_TIMER_COMPARE_BITS  32
+//
+// Machine Timer and Counter.
+//
+// #define RISCV_CSR_MACHINE_MTIME 0x701
+// #define RISCV_CSR_MACHINE_MTIMEH0x741
+//
+// Machine Trap Handling.
+//
+#define RISCV_CSR_MACHINE_MSCRATCH  0x340
+#define RISCV_CSR_MACHINE_MEPC  0x341
+#define RISCV_CSR_MACHINE_MCAUSE0x342
+#define MACHINE_MCAUSE_EXCEPTION_   MASK 0x0f
+#define MACHINE_MCAUSE_INTERRUPT(RISC_V_XLEN_BITS - 1)
+#define RISCV_CSR_MACHINE_MBADADDR  0x343
+#define RISCV_CSR_MACHINE_MIP   0x344
+
+//
+// Machine Protection and Translation.
+//
+#define RISCV_CSR_MACHINE_MBASE0x380
+#define RISCV_CSR_MACHINE_MBOUND   0x381
+#define RISCV_CSR_MACHINE_MIBASE   0x382
+#define RISCV_CSR_MACHINE_MIBOUND  0x383
+#define RISCV_CSR_MACHINE_MDBASE   0x384
+#define RISCV_CSR_MACHINE_MDBOUND  0x385
+
+//
+// Supervisor mode CSR.
+//
+#define RISCV_CSR_SUPERVISOR_SSTATUS0x100
+#define SSTATUS_SIE_BIT_POSITION1
+#define SSTATUS_SPP_BIT_POSITION8
+#define RISCV_CSR_SUPERVISOR_SIE0x104
+#define RISCV_CSR_SUPERVISO

[edk2-devel] [PATCH V2 0/8] Rework UefiCpuPkg

[Abner Chang]

https://bugzilla.tianocore.org/show_bug.cgi?id=3860

This is the project having rework on UefiCpuPkg in order to support a variety
of processor architectures. Some modules under UefiCpuPkg are required to be
abstract for the different archs.

In V2:
- I moved two RISC-V OpenSBI header files to under
  MdePkg/Include/IndustryStandard (5/8). However I am not sure if that is proper
  having those files there.
- Fixed some CI errors.

In V1:
The first step is to classify UefiCpuPkg modules to IA32 and X64 sections in
DSC file (Patch 1/6). Move the module to Common section later if more than one
archs can leverage the same module (such as Patch 3/6 for BaseUefiCpuLib).

Signed-off-by: Abner Chang 
Co-authored-by: Daniel Schaefer 
Cc: Eric Dong 
Cc: Ray Ni 
Cc: Rahul Kumar 
Cc: Sunil V L 
Cc: Andrew Fish 
Cc: Leif Lindholm 
Cc: Michael D Kinney 
Cc: Chao Li 
Cc: Liming Gao 
Cc: Zhiguang Liu 
Cc: Bob Feng 
Cc: Liming Gao 
Cc: Yuwei Chen 

Abner Chang (8):
  [RFC] UefiCpuPkg: Classify IA32/X64 modules in DSC file
  [RFC] UefiCpuPkg/Include: Add header files of RISC-V processor
architecture
  [RFC] UefiCpuPkg/BaseUefiCpuLib: Add RISC-V RISCV64 instace
  [RFC] UefiCpuPkg/RiscVOpensbLib: Add opensbi submodule
  [RFC] MdePkg/Include: Add RISC-V OpenSBI header files
  [RFC] BaseTools/Conf: Relocate RiscVOpensbiTypes.h
  [RFC] UefiCpuPkg/Library: Add RiscVOpensbiLib
  [RFC] UefiCpuPkg: Update YAML file for RISC-V arch

 UefiCpuPkg/UefiCpuPkg.dec |  26 ++-
 UefiCpuPkg/UefiCpuPkg.dsc |  45 +++--
 .../Library/BaseUefiCpuLib/BaseUefiCpuLib.inf |   8 +-
 .../RiscVOpensbiLib/RiscVOpensbiLib.inf   |  89 ++
 .../Include/IndustryStandard/RiscVOpensbi.h   |  62 +++
 .../IndustryStandard/RiscVOpensbiTypes.h  |  82 +
 .../Include/IndustryStandard/RISC-V/RiscV.h   | 162 ++
 .../Include/Library/RISC-V/RiscVCpuLib.h  | 118 +
 UefiCpuPkg/Include/RISC-V/RiscVImpl.h |  87 ++
 .gitmodules   |  45 ++---
 BaseTools/Conf/tools_def.template |   2 +-
 MdePkg/MdePkg.ci.yaml |   2 +
 .../Library/BaseUefiCpuLib/BaseUefiCpuLib.uni |   5 +-
 .../Library/BaseUefiCpuLib/RISCV64/Cpu.S  | 143 
 .../Library/RISC-V/RiscVOpensbiLib/opensbi|   1 +
 UefiCpuPkg/UefiCpuPkg.ci.yaml |  60 ++-
 16 files changed, 888 insertions(+), 49 deletions(-)
 create mode 100644 
UefiCpuPkg/Library/RISC-V/RiscVOpensbiLib/RiscVOpensbiLib.inf
 create mode 100644 MdePkg/Include/IndustryStandard/RiscVOpensbi.h
 create mode 100644 MdePkg/Include/IndustryStandard/RiscVOpensbiTypes.h
 create mode 100644 UefiCpuPkg/Include/IndustryStandard/RISC-V/RiscV.h
 create mode 100644 UefiCpuPkg/Include/Library/RISC-V/RiscVCpuLib.h
 create mode 100644 UefiCpuPkg/Include/RISC-V/RiscVImpl.h
 create mode 100644 UefiCpuPkg/Library/BaseUefiCpuLib/RISCV64/Cpu.S
 create mode 16 UefiCpuPkg/Library/RISC-V/RiscVOpensbiLib/opensbi

-- 
2.31.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88015): https://edk2.groups.io/g/devel/message/88015
Mute This Topic: https://groups.io/mt/90017681/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-