Re: [edk2] [PATCH] SecurityPkg: Add TCG Spec info to TCG related modules

[Yao, Jiewen]

Reviewed-by: jiewen@intel.com

> -Original Message-
> From: Zhang, Chao B
> Sent: Thursday, May 11, 2017 1:15 PM
> To: edk2-devel@lists.01.org
> Cc: Long, Qin ; Yao, Jiewen ; Zhang,
> Chao B 
> Subject: [PATCH] SecurityPkg: Add TCG Spec info to TCG related modules
> 
> Add TCG Spec compliance info to TCG related module INFs.
> 
> Cc: Qin Long 
> Cc: Yao Jiewen 
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Chao Zhang 
> ---
>  .../Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf  | 5
> -
>  SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf  | 8
> ++--
>  SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf  | 7
> +++
>  SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf  | 7
> ++-
>  SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf  | 9
> -
>  5 files changed, 31 insertions(+), 5 deletions(-)
> 
> diff --git
> a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf
> b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf
> index a11988e..939f6fb 100644
> ---
> a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf
> +++
> b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf
> @@ -1,6 +1,9 @@
>  ## @file
>  #  Provides security service for TPM 2.0 measured boot
>  #
> +#  Spec Compliance Info:
> +#"TCG PC Client Platform Firmware Profile Specification for TPM Family 
> 2.0
> Level 00 Revision 00.21"
> +#
>  #  This library instance hooks LoadImage() API to measure every image that
>  #  is not measured in PEI phase. And, it will also measure GPT partition.
>  #
> @@ -9,7 +12,7 @@
>  #  This external input must be validated carefully to avoid security issues 
> such
>  #  as buffer overflow or integer overflow.
>  #
> -# Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved.
> +# Copyright (c) 2013 - 2017, Intel Corporation. All rights reserved.
>  # This program and the accompanying materials
>  # are licensed and made available under the terms and conditions of the BSD
> License
>  # which accompanies this distribution. The full text of the license may be 
> found
> at
> diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
> b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
> index 976972d..3e619b9 100644
> --- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
> +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
> @@ -1,12 +1,16 @@
>  ## @file
>  #  Provides TPM 2.0 TIS/PTP functions for DTPM
> -#
> +#
> +#  Spec Compliance Info:
> +#"TCG PC Client Platform TPM Profile(PTP) Specification Family 2.0 Level 
> 00
> Revision 00.43"
> +#"TCG PC Client Specific TPM Interface Specification(TIS) Version 1.3"
> +#
>  #  This library implements TIS (TPM Interface Specification) and
>  #  PTP (Platform TPM Profile) functions which is
>  #  used for every TPM 2.0 command. Choosing this library means platform uses
> and
>  #  only uses TPM 2.0 DTPM device.
>  #
> -# Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved.
> +# Copyright (c) 2013 - 2017, Intel Corporation. All rights reserved.
>  # This program and the accompanying materials
>  # are licensed and made available under the terms and conditions of the BSD
> License
>  # which accompanies this distribution. The full text of the license may be 
> found
> at
> diff --git a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
> b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
> index 8efc4e3..85415e8 100644
> --- a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
> +++ b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
> @@ -1,5 +1,12 @@
>  ## @file
>  #  Produces Tcg2 protocol and measure boot environment
> +#
> +#  Spec Compliance Info:
> +#"TCG PC Client Platform Firmware Profile Specification for TPM Family 
> 2.0
> Level 00 Revision 00.21"
> +#  along with
> +#"Errata for PC Client Specific Platform Firmware Profile Specification
> Version 1.0 Revision 0.21"
> +#"TCG EFI Protocol Specification" "Family 2.0" "Level 00 Revision 00.13"
> +#
>  #  This module will produce Tcg2 protocol and measure boot environment.
>  #
>  #  Caution: This module requires additional review when modified.
> diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
> b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
> index 3477d82..1b79ee4 100644
> --- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
> +++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
> @@ -1,9 +1,14 @@
>  ## @file
>  #  Initializes TPM 2.0 device and measure FVs in PEI phase
>  #
> +#  Spec Compliance Info:
> +#"TCG PC Client Platform Firmware Profile Specification for TPM Family 
> 2.0
> Level 00 Revision 00.21"
> +#  along with
> +#"Errata for PC Client Specific Platform Firmware Profile Specification
> Version 1.0 Revision 0.21"
> +#
>  #  This module will 

[edk2] [PATCH] SecurityPkg: Add TCG Spec info to TCG related modules

[Zhang, Chao B]

Add TCG Spec compliance info to TCG related module INFs.

Cc: Qin Long 
Cc: Yao Jiewen 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang 
---
 .../Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf  | 5 -
 SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf  | 8 ++--
 SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf  | 7 +++
 SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf  | 7 ++-
 SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf  | 9 -
 5 files changed, 31 insertions(+), 5 deletions(-)

diff --git 
a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf 
b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf
index a11988e..939f6fb 100644
--- a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf
+++ b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf
@@ -1,6 +1,9 @@
 ## @file
 #  Provides security service for TPM 2.0 measured boot
 #
+#  Spec Compliance Info:
+#"TCG PC Client Platform Firmware Profile Specification for TPM Family 2.0 
Level 00 Revision 00.21"
+#
 #  This library instance hooks LoadImage() API to measure every image that 
 #  is not measured in PEI phase. And, it will also measure GPT partition.
 #
@@ -9,7 +12,7 @@
 #  This external input must be validated carefully to avoid security issues 
such 
 #  as buffer overflow or integer overflow.
 #
-# Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved.
+# Copyright (c) 2013 - 2017, Intel Corporation. All rights reserved.
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD 
License
 # which accompanies this distribution. The full text of the license may be 
found at
diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf 
b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
index 976972d..3e619b9 100644
--- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
+++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
@@ -1,12 +1,16 @@
 ## @file
 #  Provides TPM 2.0 TIS/PTP functions for DTPM
-#  
+#
+#  Spec Compliance Info:
+#"TCG PC Client Platform TPM Profile(PTP) Specification Family 2.0 Level 
00 Revision 00.43"
+#"TCG PC Client Specific TPM Interface Specification(TIS) Version 1.3"
+#
 #  This library implements TIS (TPM Interface Specification) and
 #  PTP (Platform TPM Profile) functions which is
 #  used for every TPM 2.0 command. Choosing this library means platform uses 
and
 #  only uses TPM 2.0 DTPM device.
 #
-# Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved.
+# Copyright (c) 2013 - 2017, Intel Corporation. All rights reserved.
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD 
License
 # which accompanies this distribution. The full text of the license may be 
found at
diff --git a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf 
b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
index 8efc4e3..85415e8 100644
--- a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
+++ b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
@@ -1,5 +1,12 @@
 ## @file
 #  Produces Tcg2 protocol and measure boot environment
+#
+#  Spec Compliance Info:
+#"TCG PC Client Platform Firmware Profile Specification for TPM Family 2.0 
Level 00 Revision 00.21"
+#  along with
+#"Errata for PC Client Specific Platform Firmware Profile Specification 
Version 1.0 Revision 0.21"
+#"TCG EFI Protocol Specification" "Family 2.0" "Level 00 Revision 00.13"
+#
 #  This module will produce Tcg2 protocol and measure boot environment.
 #
 #  Caution: This module requires additional review when modified.
diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf 
b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
index 3477d82..1b79ee4 100644
--- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
+++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
@@ -1,9 +1,14 @@
 ## @file
 #  Initializes TPM 2.0 device and measure FVs in PEI phase
 #
+#  Spec Compliance Info:
+#"TCG PC Client Platform Firmware Profile Specification for TPM Family 2.0 
Level 00 Revision 00.21"
+#  along with
+#"Errata for PC Client Specific Platform Firmware Profile Specification 
Version 1.0 Revision 0.21"
+#
 #  This module will initialize TPM device, measure reported FVs and BIOS 
version.
 #
-# Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.
+# Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD 
License
 # which accompanies this distribution. The full text of the license may be 
found at
diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf 
b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
index c4efa2a..c709743 100644
--- 

[edk2] [Patch][edk2-platforms/devel-MinnowBoard3] Fixed some GCC build errors.

[zwei4]

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: zwei4 
---
 .../Board/LeafHill/BoardInitPostMem/BoardGpios.c   | 35 +++---
 .../Board/LeafHill/BoardInitPostMem/BoardInit.c|  6 ++--
 .../Board/LeafHill/BoardInitPostMem/BoardInit.h|  4 +--
 .../Board/LeafHill/BoardInitPreMem/BoardInit.h |  4 +--
 .../LeafHill/BoardInitPreMem/BoardInitPreMem.inf   |  2 +-
 .../MinnowBoard3/BoardInitPostMem/BoardGpios.c | 33 ++--
 .../MinnowBoard3/BoardInitPostMem/BoardInit.c  |  6 ++--
 .../MinnowBoard3/BoardInitPostMem/BoardInit.h  |  4 +--
 .../Board/MinnowBoard3/BoardInitPreMem/BoardInit.h |  4 +--
 .../MinnowBoard3/BoardInitPreMem/BoardInitMiscs.c  |  3 +-
 .../BoardInitPreMem/BoardInitPreMem.inf|  2 +-
 11 files changed, 50 insertions(+), 53 deletions(-)

diff --git 
a/Platform/BroxtonPlatformPkg/Board/LeafHill/BoardInitPostMem/BoardGpios.c 
b/Platform/BroxtonPlatformPkg/Board/LeafHill/BoardInitPostMem/BoardGpios.c
index 96d325c45..971c192cd 100644
--- a/Platform/BroxtonPlatformPkg/Board/LeafHill/BoardInitPostMem/BoardGpios.c
+++ b/Platform/BroxtonPlatformPkg/Board/LeafHill/BoardInitPostMem/BoardGpios.c
@@ -1,7 +1,7 @@
 /** @file
   Gpio setting for multiplatform.
 
-  Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.
+  Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.
 
   This program and the accompanying materials
   are licensed and made available under the terms and conditions of the BSD 
License
@@ -151,29 +151,28 @@ MultiPlatformGpioProgram (
   )
 {
UINTN VariableSize;
-   EFI_STATUSStatus;
EFI_PEI_READ_ONLY_VARIABLE2_PPI   *VariableServices;
SYSTEM_CONFIGURATION  SystemConfiguration;
 
   VariableSize = sizeof (SYSTEM_CONFIGURATION);
   ZeroMem (, sizeof (SYSTEM_CONFIGURATION));
 
-  Status = (*PeiServices)->LocatePpi (
- PeiServices,
- ,
- 0,
- NULL,
- (VOID **) 
- );
-
-  Status = VariableServices->GetVariable (
-   VariableServices,
-   PLATFORM_SETUP_VARIABLE_NAME,
-   ,
-   NULL,
-   ,
-   
-   );
+  (*PeiServices)->LocatePpi (
+PeiServices,
+,
+0,
+NULL,
+(VOID **) 
+);
+
+  VariableServices->GetVariable (
+  VariableServices,
+  PLATFORM_SETUP_VARIABLE_NAME,
+  ,
+  NULL,
+  ,
+  
+  );
 
   DEBUG ((DEBUG_INFO, "MultiPlatformGpioProgram()...\n"));
 
diff --git 
a/Platform/BroxtonPlatformPkg/Board/LeafHill/BoardInitPostMem/BoardInit.c 
b/Platform/BroxtonPlatformPkg/Board/LeafHill/BoardInitPostMem/BoardInit.c
index 9cd5e259b..9ae19e387 100644
--- a/Platform/BroxtonPlatformPkg/Board/LeafHill/BoardInitPostMem/BoardInit.c
+++ b/Platform/BroxtonPlatformPkg/Board/LeafHill/BoardInitPostMem/BoardInit.c
@@ -1,7 +1,7 @@
 /** @file
   Board Init driver.
 
-  Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.
+  Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.
 
   This program and the accompanying materials
   are licensed and made available under the terms and conditions of the BSD 
License
@@ -26,7 +26,7 @@
 EFI_STATUS
 EFIAPI
 LeafHillPostMemInitCallback (
-  IN CONST EFI_PEI_SERVICES **PeiServices,
+  IN EFI_PEI_SERVICES   **PeiServices,
   IN EFI_PEI_NOTIFY_DESCRIPTOR  *NotifyDescriptor,
   IN VOID   *Ppi
   );
@@ -47,7 +47,7 @@ static EFI_PEI_PPI_DESCRIPTOR mLeafHillPostMemDonePpi = {
 EFI_STATUS
 EFIAPI
 LeafHillPostMemInitCallback (
-  IN CONST EFI_PEI_SERVICES **PeiServices,
+  IN EFI_PEI_SERVICES   **PeiServices,
   IN EFI_PEI_NOTIFY_DESCRIPTOR  *NotifyDescriptor,
   IN VOID   *Ppi
   )
diff --git 
a/Platform/BroxtonPlatformPkg/Board/LeafHill/BoardInitPostMem/BoardInit.h 
b/Platform/BroxtonPlatformPkg/Board/LeafHill/BoardInitPostMem/BoardInit.h
index 373b20312..fa3919e3c 100644
--- a/Platform/BroxtonPlatformPkg/Board/LeafHill/BoardInitPostMem/BoardInit.h
+++ b/Platform/BroxtonPlatformPkg/Board/LeafHill/BoardInitPostMem/BoardInit.h
@@ -2,7 +2,7 @@
   GPIO setting for CherryView.
   This file includes package header files, library classes.
 
-  Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved.
+  Copyright (c) 2013 - 2017, Intel Corporation. All rights reserved.
 
   This program and the accompanying materials
   are licensed and made available under the terms and 

[edk2] [Patch][edk2-platforms] Vlv2TbltDevicePkg: Correct help information.

[lushifex]

Correct help information for BIOS setup item.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: lushifex 
---
 Vlv2TbltDevicePkg/PlatformSetupDxe/VfrStrings.uni | Bin 216048 -> 216036 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/Vlv2TbltDevicePkg/PlatformSetupDxe/VfrStrings.uni 
b/Vlv2TbltDevicePkg/PlatformSetupDxe/VfrStrings.uni
index 
3abdb51f0b3fb3b5b5bd8b0d791d297ae072e140..d2fdf940bef5959dc3dc523260a2e2aa483454f0
 100644
GIT binary patch
delta 31
ncmew`o%hLf-i9rVCQGKPR5J=qSJ}cS)Sj}0aeK-Vrk>>hY+YOg6ZZ}-Qw0SuIzC{al

-- 
2.7.0.windows.1


___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [Patch][edk2-platforms/devel-MinnowBoard3] Fixed some GCC build errors.

[zwei4]

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: zwei4 
---
 .../Cpu/Include/Private/Library/CpuS3Lib.h |   4 +-
 .../Cpu/Library/PeiCpuPolicyLib/PeiCpuPolicyLib.c  |   6 +-
 .../PeiCpuPolicyLibPreMem/PeiCpuPolicyLib.c|   4 +-
 .../Cpu/Library/Private/PeiCpuS3Lib/CpuS3Lib.c |   4 +-
 .../Library/Private/PeiMpServiceLib/Microcode.c|   5 +-
 .../Library/Private/PeiMpServiceLib/MpService.c|  16 +--
 .../BroxtonSiPkg/Include/Library/PmcIpcLib.h   |  10 +-
 .../Private/Library/CseVariableStorageLib.h|  34 +++---
 .../Library/CseVariableStorageSelectorLib.h|   8 +-
 .../BroxtonSiPkg/Library/PmcIpcLib/BaseIpcLib.c|   5 +-
 .../BaseCseVariableStorageLib.c|  34 +++---
 .../CseVariableStorageSelectorLib.c|   6 +-
 .../PeiCseVariableStorageSelectorLib.c |   6 +-
 .../Library/DxeSmbiosMemoryLib/SmbiosMemory.h  |   6 +-
 .../Library/DxeSmbiosMemoryLib/SmbiosType16.c  |   5 +-
 .../NorthCluster/PciHostBridge/Dxe/PciHostBridge.c |  41 ---
 .../NorthCluster/SaInit/Dxe/IgdOpRegion.c  |   4 +-
 .../MdeModulePkg/Include/Ppi/SmmControl.h  |   4 +-
 .../PeiDxeSmmPchSerialIoLib.c  |   8 +-
 .../PeiDxeSmmPchSerialIoLib.inf|   4 -
 .../SouthCluster/ScSmiDispatcher/Smm/ScSmmCore.c   | 120 -
 .../SouthCluster/ScSmiDispatcher/Smm/ScSmmGpi.c|   6 +-
 .../SouthCluster/ScSmiDispatcher/Smm/ScSmmIchn.c   |  26 ++---
 .../ScSmiDispatcher/Smm/ScSmmPeriodicTimer.c   |  10 +-
 .../ScSmiDispatcher/Smm/ScSmmPowerButton.c |   6 +-
 .../SouthCluster/ScSmiDispatcher/Smm/ScSmmSw.c |   6 +-
 .../SouthCluster/ScSmiDispatcher/Smm/ScSmmSx.c |   6 +-
 .../SouthCluster/ScSmiDispatcher/Smm/ScSmmUsb.c|  10 +-
 .../Sdio/Dxe/MMC/MmcMediaDeviceDxe/MMCSDTransfer.c |   1 +
 .../Sdio/Dxe/SD/SdControllerDxe/SdController.c |   3 +-
 .../BroxtonSoC/BroxtonSiPkg/Txe/Heci/Dxe/Hecidrv.c |   4 +-
 .../BroxtonSoC/BroxtonSiPkg/Txe/Heci/Smm/HeciSmm.c |  24 ++---
 .../BroxtonSiPkg/Txe/Heci/Smm/HeciSmmRuntimeDxe.c  |  22 ++--
 .../Txe/Library/HeciMsgLib/DxeSmmHeciMsgLib.c  |   4 +-
 .../Library/Private/PeiDxeHeciInitLib/HeciCore.c   |  12 +--
 .../Txe/Library/Private/PeiSeCUma/SeCUma.c |  12 +--
 .../SmmHeci2PowerManagementLib.c   |   4 +-
 37 files changed, 256 insertions(+), 234 deletions(-)

diff --git 
a/Silicon/BroxtonSoC/BroxtonSiPkg/Cpu/Include/Private/Library/CpuS3Lib.h 
b/Silicon/BroxtonSoC/BroxtonSiPkg/Cpu/Include/Private/Library/CpuS3Lib.h
index 48b4ac574..54e0e5bb2 100644
--- a/Silicon/BroxtonSoC/BroxtonSiPkg/Cpu/Include/Private/Library/CpuS3Lib.h
+++ b/Silicon/BroxtonSoC/BroxtonSiPkg/Cpu/Include/Private/Library/CpuS3Lib.h
@@ -1,7 +1,7 @@
 /** @file
   Header file for Cpu Init Lib Pei Phase.
 
-  Copyright (c) 2014 - 2016, Intel Corporation. All rights reserved.
+  Copyright (c) 2014 - 2017, Intel Corporation. All rights reserved.
 
   This program and the accompanying materials
   are licensed and made available under the terms and conditions of the BSD 
License
@@ -27,7 +27,7 @@
 **/
 EFI_STATUS
 S3InitializeCpu (
-  IN CONST EFI_PEI_SERVICES**PeiServices
+  IN  EFI_PEI_SERVICES**PeiServices
   );
 #endif
 
diff --git 
a/Silicon/BroxtonSoC/BroxtonSiPkg/Cpu/Library/PeiCpuPolicyLib/PeiCpuPolicyLib.c 
b/Silicon/BroxtonSoC/BroxtonSiPkg/Cpu/Library/PeiCpuPolicyLib/PeiCpuPolicyLib.c
index 1b67c9813..a645e17a9 100644
--- 
a/Silicon/BroxtonSoC/BroxtonSiPkg/Cpu/Library/PeiCpuPolicyLib/PeiCpuPolicyLib.c
+++ 
b/Silicon/BroxtonSoC/BroxtonSiPkg/Cpu/Library/PeiCpuPolicyLib/PeiCpuPolicyLib.c
@@ -1,7 +1,7 @@
 /** @file
   This file is PeiCpuPolicy library.
 
-  Copyright (c) 2014 - 2016, Intel Corporation. All rights reserved.
+  Copyright (c) 2014 - 2017, Intel Corporation. All rights reserved.
 
   This program and the accompanying materials
   are licensed and made available under the terms and conditions of the BSD 
License
@@ -27,9 +27,7 @@ LoadCpuPreMemDefault (
   IN   VOID *ConfigBlockPointer
   )
 {
-  CPU_CONFIG_PREMEM*CpuConfigPreMem;
 
-  CpuConfigPreMem = ConfigBlockPointer;
 
   return EFI_SUCCESS;
 }
@@ -41,9 +39,7 @@ LoadBiosGuardDefault (
   IN   VOID *ConfigBlockPointer
   )
 {
-  BIOS_GUARD_CONFIG  *BiosGuardConfig;
 
-  BiosGuardConfig = ConfigBlockPointer;
 
   return EFI_SUCCESS;
 }
diff --git 
a/Silicon/BroxtonSoC/BroxtonSiPkg/Cpu/Library/PeiCpuPolicyLibPreMem/PeiCpuPolicyLib.c
 
b/Silicon/BroxtonSoC/BroxtonSiPkg/Cpu/Library/PeiCpuPolicyLibPreMem/PeiCpuPolicyLib.c
index 92e8a5520..edfdd10fb 100644
--- 
a/Silicon/BroxtonSoC/BroxtonSiPkg/Cpu/Library/PeiCpuPolicyLibPreMem/PeiCpuPolicyLib.c
+++ 
b/Silicon/BroxtonSoC/BroxtonSiPkg/Cpu/Library/PeiCpuPolicyLibPreMem/PeiCpuPolicyLib.c
@@ -1,7 +1,7 @@
 /** @file
   This file is PeiCpuPolicy library.
 
-  Copyright (c) 2014 - 2016, Intel Corporation. All rights reserved.
+  Copyright (c) 2014 - 

Re: [edk2] [Patch] NetworkPkg/IScsiDxe: Switch IP4 configuration policy to Static before DHCP

[Ye, Ting]

Reviewed-by: Ye Ting  

-Original Message-
From: Wu, Jiaxin 
Sent: Wednesday, May 10, 2017 11:33 PM
To: edk2-devel@lists.01.org
Cc: Ye, Ting ; Fu, Siyuan ; Wu, Jiaxin 

Subject: [Patch] NetworkPkg/IScsiDxe: Switch IP4 configuration policy to Static 
before DHCP

DHCP4 service allows only one of its children to be configured in the active 
state. If the DHCP4 D.O.R.A started by IP4 auto configuration and has not been 
completed, the Dhcp4 state machine will not be in the right state for the iSCSI 
to start a new round D.O.R.A. So, we need to switch it's policy to static.

Cc: Ye Ting 
Cc: Fu Siyuan 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin 
---
 NetworkPkg/IScsiDxe/IScsiDhcp.c | 61 +
 1 file changed, 61 insertions(+)

diff --git a/NetworkPkg/IScsiDxe/IScsiDhcp.c b/NetworkPkg/IScsiDxe/IScsiDhcp.c 
index 43ae50b..6587a05 100644
--- a/NetworkPkg/IScsiDxe/IScsiDhcp.c
+++ b/NetworkPkg/IScsiDxe/IScsiDhcp.c
@@ -369,10 +369,54 @@ IScsiParseDhcpAck (
   FreePool (OptionList);
 
   return Status;
 }
 
+/**
+  This function will switch the IP4 configuration policy to Static.
+
+  @param[in]  Ip4Config2  Pointer to the IP4 configuration protocol.
+
+  @retval EFI_SUCCESS The policy is already configured to static.
+  @retval Others  Other error as indicated.
+
+**/
+EFI_STATUS
+IScsiSetIp4Policy (
+  IN EFI_IP4_CONFIG2_PROTOCOL*Ip4Config2
+  )
+{
+  EFI_IP4_CONFIG2_POLICY  Policy;
+  EFI_STATUS  Status;
+  UINTN   DataSize;
+
+  DataSize = sizeof (EFI_IP4_CONFIG2_POLICY);  Status = 
+ Ip4Config2->GetData (
+ Ip4Config2,
+ Ip4Config2DataTypePolicy,
+ ,
+ 
+ );
+  if (EFI_ERROR (Status)) {
+return Status;
+  }
+
+  if (Policy != Ip4Config2PolicyStatic) {
+Policy = Ip4Config2PolicyStatic;
+Status= Ip4Config2->SetData (
+  Ip4Config2,
+  Ip4Config2DataTypePolicy,
+  sizeof (EFI_IP4_CONFIG2_POLICY),
+  
+  );
+if (EFI_ERROR (Status)) {
+  return Status;
+}
+  }
+
+  return EFI_SUCCESS;
+}
 
 /**
   Parse the DHCP ACK to get the address configuration and DNS information.
 
   @param[in]   ImageThe handle of the driver image.
@@ -391,18 +435,20 @@ IScsiDoDhcp (
   IN EFI_HANDLE  Controller,
   IN OUT ISCSI_ATTEMPT_CONFIG_NVDATA *ConfigData
   )
 {
   EFI_HANDLEDhcp4Handle;
+  EFI_IP4_CONFIG2_PROTOCOL  *Ip4Config2;
   EFI_DHCP4_PROTOCOL*Dhcp4;
   EFI_STATUSStatus;
   EFI_DHCP4_PACKET_OPTION   *ParaList;
   EFI_DHCP4_CONFIG_DATA Dhcp4ConfigData;
   ISCSI_SESSION_CONFIG_NVDATA   *NvData;
   BOOLEAN   MediaPresent;
 
   Dhcp4Handle = NULL;
+  Ip4Config2  = NULL;
   Dhcp4   = NULL;
   ParaList= NULL;
 
   //
   // Check media status before doing DHCP.
@@ -412,10 +458,25 @@ IScsiDoDhcp (
   if (!MediaPresent) {
 return EFI_NO_MEDIA;
   }
 
   //
+  // DHCP4 service allows only one of its children to be configured in  
+ // the active state, If the DHCP4 D.O.R.A started by IP4 auto  // 
+ configuration and has not been completed, the Dhcp4 state machine  // 
+ will not be in the right state for the iSCSI to start a new round D.O.R.A.
+  // So, we need to switch it's policy to static.
+  //
+  Status = gBS->HandleProtocol (Controller, 
+ , (VOID **) );  if (!EFI_ERROR 
(Status)) {
+Status = IScsiSetIp4Policy (Ip4Config2);
+if (EFI_ERROR (Status)) {
+  return Status;
+}
+  }
+
+  //
   // Create a DHCP4 child instance and get the protocol.
   //
   Status = NetLibCreateServiceChild (
  Controller,
  Image,
--
1.9.5.msysgit.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [patch] BaseTools/Ecc

[Zhu, Yonghong]

Reviewed-by: Yonghong Zhu  

Best Regards,
Zhu Yonghong


-Original Message-
From: Chen, Hesheng 
Sent: Wednesday, May 10, 2017 9:30 AM
To: edk2-devel@lists.01.org
Cc: Zhu, Yonghong 
Subject: [patch] BaseTools/Ecc

Add line break support for exception list.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: hesschen 
---
 BaseTools/Source/Python/Ecc/Exception.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/BaseTools/Source/Python/Ecc/Exception.py 
b/BaseTools/Source/Python/Ecc/Exception.py
index fffbf30..b0882af 100644
--- a/BaseTools/Source/Python/Ecc/Exception.py
+++ b/BaseTools/Source/Python/Ecc/Exception.py
@@ -1,7 +1,7 @@
 ## @file
 # This file is used to parse exception items found by ECC tool  # -# Copyright 
(c) 2009 - 2014, Intel Corporation. All rights reserved.
+# Copyright (c) 2009 - 2017, Intel Corporation. All rights 
+reserved.
 # This program and the accompanying materials  # are licensed and made 
available under the terms and conditions of the BSD License  # which 
accompanies this distribution.  The full text of the license may be found at @@ 
-72,7 +72,7 @@ class ExceptionCheck(object):
 self.ExceptionList = self.ExceptionListXml.ToList()
 
 def IsException(self, ErrorID, KeyWord, FileID=-1):
-if (str(ErrorID), KeyWord) in self.ExceptionList:
+if (str(ErrorID), KeyWord.replace('\r\n', '\n')) in self.ExceptionList:
 return True
 else:
 return False
--
2.7.2.windows.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [RFC v4 06/13] OvmfPkg:AmdSevDxe: add AmdSevDxe driver

[Yao, Jiewen]

Thanks!
Reviewed-by: jiewen@intel.com


Thank you
Yao Jiewen

> -Original Message-
> From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Brijesh
> Singh
> Sent: Thursday, May 11, 2017 6:09 AM
> To: edk2-devel@lists.01.org
> Cc: thomas.lenda...@amd.com; Justen, Jordan L ;
> Yao, Jiewen ; leo.du...@amd.com; Laszlo Ersek
> 
> Subject: [edk2] [RFC v4 06/13] OvmfPkg:AmdSevDxe: add AmdSevDxe driver
> 
> When SEV is enabled, the MMIO memory range must be mapped as
> unencrypted
> (i.e C-bit cleared) and DMA must be performed on unencrypted memory.
> 
> The patch adds a DXE driver that runs early in boot and clears the memory
> encryption attribute from MMIO/NonExistent memory ranges and installs a
> IOMMU protocol to provide the DMA support for PCIHostBridge and other
> drivers.
> 
> The driver produces IOMMU protocol introduce by Jiewen
> https://lists.01.org/pipermail/edk2-devel/2017-May/010462.html
> 
> 
> Cc: Jordan Justen 
> Cc: Laszlo Ersek 
> Cc: Leo Duran 
> Cc: Jiewen Yao 
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Brijesh Singh 
> ---
>  OvmfPkg/OvmfPkgIa32X64.dsc  |   1 +
>  OvmfPkg/OvmfPkgX64.dsc  |   1 +
>  OvmfPkg/OvmfPkgIa32X64.fdf  |   2 +
>  OvmfPkg/OvmfPkgX64.fdf  |   2 +
>  OvmfPkg/AmdSevDxe/AmdSevDxe.inf |  49 +++
>  OvmfPkg/AmdSevDxe/AmdSevIommu.h |  43 ++
>  OvmfPkg/AmdSevDxe/AmdSevMmio.h  |  41 ++
>  OvmfPkg/AmdSevDxe/AmdSevDxe.c   |  52 +++
>  OvmfPkg/AmdSevDxe/AmdSevIommu.c | 459 
>  OvmfPkg/AmdSevDxe/AmdSevMmio.c  |  50 +++
>  10 files changed, 700 insertions(+)
> 
> diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
> index 9403f76ce862..ee6f98d68b73 100644
> --- a/OvmfPkg/OvmfPkgIa32X64.dsc
> +++ b/OvmfPkg/OvmfPkgIa32X64.dsc
> @@ -827,6 +827,7 @@ [Components.X64]
>  !endif
> 
>OvmfPkg/PlatformDxe/Platform.inf
> +  OvmfPkg/AmdSevDxe/AmdSevDxe.inf
> 
>  !if $(SMM_REQUIRE) == TRUE
>OvmfPkg/SmmAccess/SmmAccess2Dxe.inf
> diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
> index e137143f7afa..b5f26e06e60b 100644
> --- a/OvmfPkg/OvmfPkgX64.dsc
> +++ b/OvmfPkg/OvmfPkgX64.dsc
> @@ -825,6 +825,7 @@ [Components]
>  !endif
> 
>OvmfPkg/PlatformDxe/Platform.inf
> +  OvmfPkg/AmdSevDxe/AmdSevDxe.inf
> 
>  !if $(SMM_REQUIRE) == TRUE
>OvmfPkg/SmmAccess/SmmAccess2Dxe.inf
> diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
> index 5233314139bc..12871860d001 100644
> --- a/OvmfPkg/OvmfPkgIa32X64.fdf
> +++ b/OvmfPkg/OvmfPkgIa32X64.fdf
> @@ -190,6 +190,7 @@ [FV.DXEFV]
>  APRIORI DXE {
>INF  MdeModulePkg/Universal/DevicePathDxe/DevicePathDxe.inf
>INF  MdeModulePkg/Universal/PCD/Dxe/Pcd.inf
> +  INF  OvmfPkg/AmdSevDxe/AmdSevDxe.inf
>  !if $(SMM_REQUIRE) == FALSE
>INF
> OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf
>  !endif
> @@ -351,6 +352,7 @@ [FV.DXEFV]
>  INF  OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
>  INF  OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
>  INF  OvmfPkg/PlatformDxe/Platform.inf
> +INF  OvmfPkg/AmdSevDxe/AmdSevDxe.inf
> 
>  !if $(SMM_REQUIRE) == TRUE
>  INF  OvmfPkg/SmmAccess/SmmAccess2Dxe.inf
> diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
> index 36150101e784..ae6e66a1c08d 100644
> --- a/OvmfPkg/OvmfPkgX64.fdf
> +++ b/OvmfPkg/OvmfPkgX64.fdf
> @@ -190,6 +190,7 @@ [FV.DXEFV]
>  APRIORI DXE {
>INF  MdeModulePkg/Universal/DevicePathDxe/DevicePathDxe.inf
>INF  MdeModulePkg/Universal/PCD/Dxe/Pcd.inf
> +  INF  OvmfPkg/AmdSevDxe/AmdSevDxe.inf
>  !if $(SMM_REQUIRE) == FALSE
>INF
> OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf
>  !endif
> @@ -351,6 +352,7 @@ [FV.DXEFV]
>  INF  OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
>  INF  OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
>  INF  OvmfPkg/PlatformDxe/Platform.inf
> +INF  OvmfPkg/AmdSevDxe/AmdSevDxe.inf
> 
>  !if $(SMM_REQUIRE) == TRUE
>  INF  OvmfPkg/SmmAccess/SmmAccess2Dxe.inf
> diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
> b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
> new file mode 100644
> index ..775dda9be386
> --- /dev/null
> +++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
> @@ -0,0 +1,49 @@
> +#/** @file
> +#
> +#  Driver clears the encryption attribute from MMIO regions and installs
> IOMMU
> +#  protcol to provides DMA support for PciHostBridge and others
> +#
> +#  Copyright (c) 2017, AMD Inc. All rights reserved.
> +#
> +#  This program and the accompanying materials
> +#  are licensed and made available under the terms and conditions of the BSD
> +#  License which accompanies this distribution.  The full text of the license
> may
> +#  be found at http://opensource.org/licenses/bsd-license.php
> +#
> +#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
> BASIS,
> +#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
> EXPRESS OR 

Re: [edk2] [Patch] NetworkPkg/IScsiDxe: Switch IP4 configuration policy to Static before DHCP

[Fu, Siyuan]

Reviewed-by: Fu Siyuan 


-Original Message-
From: Wu, Jiaxin 
Sent: 2017年5月10日 23:33
To: edk2-devel@lists.01.org
Cc: Ye, Ting ; Fu, Siyuan ; Wu, Jiaxin 

Subject: [Patch] NetworkPkg/IScsiDxe: Switch IP4 configuration policy to Static 
before DHCP

DHCP4 service allows only one of its children to be configured in the active 
state. If the DHCP4 D.O.R.A started by IP4 auto configuration and has not been 
completed, the Dhcp4 state machine will not be in the right state for the iSCSI 
to start a new round D.O.R.A. So, we need to switch it's policy to static.

Cc: Ye Ting 
Cc: Fu Siyuan 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin 
---
 NetworkPkg/IScsiDxe/IScsiDhcp.c | 61 +
 1 file changed, 61 insertions(+)

diff --git a/NetworkPkg/IScsiDxe/IScsiDhcp.c b/NetworkPkg/IScsiDxe/IScsiDhcp.c 
index 43ae50b..6587a05 100644
--- a/NetworkPkg/IScsiDxe/IScsiDhcp.c
+++ b/NetworkPkg/IScsiDxe/IScsiDhcp.c
@@ -369,10 +369,54 @@ IScsiParseDhcpAck (
   FreePool (OptionList);
 
   return Status;
 }
 
+/**
+  This function will switch the IP4 configuration policy to Static.
+
+  @param[in]  Ip4Config2  Pointer to the IP4 configuration protocol.
+
+  @retval EFI_SUCCESS The policy is already configured to static.
+  @retval Others  Other error as indicated.
+
+**/
+EFI_STATUS
+IScsiSetIp4Policy (
+  IN EFI_IP4_CONFIG2_PROTOCOL*Ip4Config2
+  )
+{
+  EFI_IP4_CONFIG2_POLICY  Policy;
+  EFI_STATUS  Status;
+  UINTN   DataSize;
+
+  DataSize = sizeof (EFI_IP4_CONFIG2_POLICY);  Status = 
+ Ip4Config2->GetData (
+ Ip4Config2,
+ Ip4Config2DataTypePolicy,
+ ,
+ 
+ );
+  if (EFI_ERROR (Status)) {
+return Status;
+  }
+
+  if (Policy != Ip4Config2PolicyStatic) {
+Policy = Ip4Config2PolicyStatic;
+Status= Ip4Config2->SetData (
+  Ip4Config2,
+  Ip4Config2DataTypePolicy,
+  sizeof (EFI_IP4_CONFIG2_POLICY),
+  
+  );
+if (EFI_ERROR (Status)) {
+  return Status;
+}
+  }
+
+  return EFI_SUCCESS;
+}
 
 /**
   Parse the DHCP ACK to get the address configuration and DNS information.
 
   @param[in]   ImageThe handle of the driver image.
@@ -391,18 +435,20 @@ IScsiDoDhcp (
   IN EFI_HANDLE  Controller,
   IN OUT ISCSI_ATTEMPT_CONFIG_NVDATA *ConfigData
   )
 {
   EFI_HANDLEDhcp4Handle;
+  EFI_IP4_CONFIG2_PROTOCOL  *Ip4Config2;
   EFI_DHCP4_PROTOCOL*Dhcp4;
   EFI_STATUSStatus;
   EFI_DHCP4_PACKET_OPTION   *ParaList;
   EFI_DHCP4_CONFIG_DATA Dhcp4ConfigData;
   ISCSI_SESSION_CONFIG_NVDATA   *NvData;
   BOOLEAN   MediaPresent;
 
   Dhcp4Handle = NULL;
+  Ip4Config2  = NULL;
   Dhcp4   = NULL;
   ParaList= NULL;
 
   //
   // Check media status before doing DHCP.
@@ -412,10 +458,25 @@ IScsiDoDhcp (
   if (!MediaPresent) {
 return EFI_NO_MEDIA;
   }
 
   //
+  // DHCP4 service allows only one of its children to be configured in  
+ // the active state, If the DHCP4 D.O.R.A started by IP4 auto  // 
+ configuration and has not been completed, the Dhcp4 state machine  // 
+ will not be in the right state for the iSCSI to start a new round D.O.R.A.
+  // So, we need to switch it's policy to static.
+  //
+  Status = gBS->HandleProtocol (Controller, 
+ , (VOID **) );  if (!EFI_ERROR 
(Status)) {
+Status = IScsiSetIp4Policy (Ip4Config2);
+if (EFI_ERROR (Status)) {
+  return Status;
+}
+  }
+
+  //
   // Create a DHCP4 child instance and get the protocol.
   //
   Status = NetLibCreateServiceChild (
  Controller,
  Image,
--
1.9.5.msysgit.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [RFC v4 01/13] UefiCpuPkg: Define AMD Memory Encryption specific CPUID and MSR

[Fan, Jeff]

Reviewed-by: Jeff Fan 

-Original Message-
From: Brijesh Singh [mailto:brijesh.si...@amd.com] 
Sent: Thursday, May 11, 2017 6:09 AM
To: edk2-devel@lists.01.org
Cc: thomas.lenda...@amd.com; leo.du...@amd.com; Brijesh Singh; Justen, Jordan 
L; Laszlo Ersek; Fan, Jeff; Gao, Liming
Subject: [RFC v4 01/13] UefiCpuPkg: Define AMD Memory Encryption specific CPUID 
and MSR

The patch defines AMD's Memory Encryption Information CPUID leaf and SEV status 
MSR. The complete description for CPUID leaf is available in APM volume 2, 
Section 15.34.


Cc: Jordan Justen 
Cc: Laszlo Ersek 
Cc: Jeff Fan 
Cc: Liming Gao 
Cc: Leo Duran 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Brijesh Singh 
---
 UefiCpuPkg/Include/Register/Amd/Cpuid.h| 162 
 UefiCpuPkg/Include/Register/Amd/Fam17Msr.h |  62 
 UefiCpuPkg/Include/Register/Amd/Msr.h  |  29 
 3 files changed, 253 insertions(+)

diff --git a/UefiCpuPkg/Include/Register/Amd/Cpuid.h 
b/UefiCpuPkg/Include/Register/Amd/Cpuid.h
new file mode 100644
index ..5cd42667dc46
--- /dev/null
+++ b/UefiCpuPkg/Include/Register/Amd/Cpuid.h
@@ -0,0 +1,162 @@
+/** @file
+  CPUID leaf definitions.
+
+  Provides defines for CPUID leaf indexes.  Data structures are 
+ provided for  registers returned by a CPUID leaf that contain one or more bit 
fields.
+  If a register returned is a single 32-bit value, then a data 
+ structure is  not provided for that register.
+
+  Copyright (c) 2017, Advanced Micro Devices. All rights reserved.  
+ This program and the accompanying materials are licensed and made 
+ available  under the terms and conditions of the BSD License which 
+ accompanies this  distribution. The full text of the license may be 
+ found at  http://opensource.org/licenses/bsd-license.php
+
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,  
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+  @par Specification Reference:
+  AMD64 Architecture Programming Manaul volume 2, March 2017, Sections 
+ 15.34
+
+**/
+
+#ifndef __AMD_CPUID_H__
+#define __AMD_CPUID_H__
+
+/**
+
+  Memory Encryption Information
+
+  @param   EAX  CPUID_MEMORY_ENCRYPTION_INFO (0x801F)
+
+  @retval  EAX  Returns the memory encryption feature support status.
+  @retval  EBX  If memory encryption feature is present then return
+the page table bit number used to enable memory encryption 
support
+and reducing of physical address space in bits.
+  @retval  ECX  Returns number of encrypted guest supported simultaneosuly.
+  @retval  EDX  Returns minimum SEV enabled and SEV disbled ASID..
+
+  Example usage
+  @code
+  UINT32 Eax;
+  UINT32 Ebx;
+  UINT32 Ecx;
+  UINT32 Edx;
+
+  AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, , , , );
+  @endcode
+**/
+
+#define CPUID_MEMORY_ENCRYPTION_INFO 0x801F
+
+/**
+  CPUID Memory Encryption support information EAX for CPUID leaf
+  #CPUID_MEMORY_ENCRYPTION_INFO.
+**/
+typedef union {
+  ///
+  /// Individual bit fields
+  ///
+  struct {
+///
+/// [Bit 0] Secure Memory Encryption (Sme) Support
+///
+UINT32  SmeBit:1;
+
+///
+/// [Bit 1] Secure Encrypted Virtualization (Sev) Support
+///
+UINT32  SevBit:1;
+
+///
+/// [Bit 2] Page flush MSR support
+///
+UINT32  PageFlushMsrBit:1;
+
+///
+/// [Bit 3] Encrypted state support
+///
+UINT32  SevEsBit:1;
+
+///
+/// [Bit 4:31] Reserved
+///
+UINT32  ReservedBits:28;
+  } Bits;
+  ///
+  /// All bit fields as a 32-bit value
+  ///
+  UINT32  Uint32;
+} CPUID_MEMORY_ENCRYPTION_INFO_EAX;
+
+/**
+  CPUID Memory Encryption support information EBX for CPUID leaf
+  #CPUID_MEMORY_ENCRYPTION_INFO.
+**/
+typedef union {
+  ///
+  /// Individual bit fields
+  ///
+  struct {
+///
+/// [Bit 0:5] Page table bit number used to enable memory encryption
+///
+UINT32  PtePosBits:6;
+
+///
+/// [Bit 6:11] Reduction of system physical address space bits when memory 
encryption is enabled
+///
+UINT32  ReducedPhysBits:5;
+
+///
+/// [Bit 12:31] Reserved
+///
+UINT32  ReservedBits:21;
+  } Bits;
+  ///
+  /// All bit fields as a 32-bit value
+  ///
+  UINT32  Uint32;
+} CPUID_MEMORY_ENCRYPTION_INFO_EBX;
+
+/**
+  CPUID Memory Encryption support information ECX for CPUID leaf
+  #CPUID_MEMORY_ENCRYPTION_INFO.
+**/
+typedef union {
+  ///
+  /// Individual bit fields
+  ///
+  struct {
+///
+/// [Bit 0:31] Number of encrypted guest supported simultaneously
+///
+UINT32  NumGuests;
+  } Bits;
+  ///
+  /// All bit fields as a 32-bit value
+  ///
+  UINT32  Uint32;
+} CPUID_MEMORY_ENCRYPTION_INFO_ECX;
+
+/**
+  CPUID Memory Encryption support information EDX for CPUID leaf
+  

[edk2] [RFC v4 10/13] OvmfPkg/QemuFwCfgLib: Implement SEV internal functions for PEI phase

[Brijesh Singh]

Cc: Jordan Justen 
Cc: Laszlo Ersek 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Brijesh Singh 
---
 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf |  1 +
 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPei.c  | 72 +++-
 2 files changed, 71 insertions(+), 2 deletions(-)

diff --git a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf 
b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf
index 4f966a85088a..b97b475c7cad 100644
--- a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf
+++ b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf
@@ -47,4 +47,5 @@ [LibraryClasses]
   DebugLib
   IoLib
   MemoryAllocationLib
+  MemEncryptSevLib
 
diff --git a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPei.c 
b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPei.c
index ac05f4c347f3..1696512bccaf 100644
--- a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPei.c
+++ b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPei.c
@@ -4,6 +4,7 @@
 
   Copyright (C) 2013, Red Hat, Inc.
   Copyright (c) 2011 - 2013, Intel Corporation. All rights reserved.
+  Copyright (c) 2017, Advanced Micro Devices. All rights reserved.
 
   This program and the accompanying materials are licensed and made available
   under the terms and conditions of the BSD License which accompanies this
@@ -14,8 +15,10 @@
   WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 **/
 
+#include 
 #include 
 #include 
+#include 
 
 #include "QemuFwCfgLibInternal.h"
 
@@ -76,8 +79,18 @@ QemuFwCfgInitialize (
   if ((Revision & FW_CFG_F_DMA) == 0) {
 DEBUG ((DEBUG_INFO, "QemuFwCfg interface (IO Port) is supported.\n"));
   } else {
-mQemuFwCfgDmaSupported = TRUE;
-DEBUG ((DEBUG_INFO, "QemuFwCfg interface (DMA) is supported.\n"));
+//
+// If SEV is enabled then we do not support DMA operations in PEI phase.
+// This is mainly because DMA in SEV guest requires using bounce buffer
+// (which need to allocate dynamic memory and allocating a PAGE size'd
+// buffer can be challenge in PEI phase)
+//
+if (InternalQemuFwCfgSevIsEnabled ()) {
+  DEBUG ((DEBUG_INFO, "SEV: QemuFwCfg fallback to IO Port interface.\n"));
+} else {
+  mQemuFwCfgDmaSupported = TRUE;
+  DEBUG ((DEBUG_INFO, "QemuFwCfg interface (DMA) is supported.\n"));
+}
   }
   return RETURN_SUCCESS;
 }
@@ -114,3 +127,58 @@ InternalQemuFwCfgDmaIsAvailable (
 {
   return mQemuFwCfgDmaSupported;
 }
+
+/**
+
+ Returns a boolean indicating whether SEV is enabled
+
+ @retvalTRUESEV is enabled
+ @retvalFALSE   SEV is disabled
+**/
+BOOLEAN
+InternalQemuFwCfgSevIsEnabled (
+  VOID
+  )
+{
+  return MemEncryptSevIsEnabled ();
+}
+
+/**
+ Allocate a bounce buffer for SEV DMA.
+
+  @param[in] NumPage  Number of pages.
+  @param[out]Buffer   Allocated DMA Buffer pointer
+
+**/
+VOID
+InternalQemuFwCfgSevDmaAllocateBuffer (
+  IN UINT32   NumPages,
+  OUTVOID **Buffer
+  )
+{
+  //
+  // We should never reach here
+  //
+  ASSERT (FALSE);
+  CpuDeadLoop ();
+}
+
+/**
+ Free the DMA buffer allocated using InternalQemuFwCfgSevDmaAllocateBuffer
+
+  @param[in] NumPage  Number of pages.
+  @param[in] Buffer   DMA Buffer pointer
+
+**/
+VOID
+InternalQemuFwCfgSevDmaFreeBuffer (
+  IN VOID *Buffer,
+  IN UINT32   NumPages
+  )
+{
+  //
+  // We should never reach here
+  //
+  ASSERT (FALSE);
+  CpuDeadLoop ();
+}
-- 
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [RFC v4 04/13] OvmfPkg/BaseMemcryptSevLib: Add SEV helper library

[Brijesh Singh]

Add Secure Encrypted Virtualization (SEV) helper library.
The library provides the routines to:
-  set or clear memory encryption bit for a given memory region.
-  query whether SEV is enabled.


Cc: Jordan Justen 
Cc: Laszlo Ersek 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Brijesh Singh 
---
 OvmfPkg/OvmfPkgIa32.dsc |   1 +
 OvmfPkg/OvmfPkgIa32X64.dsc  |   1 +
 OvmfPkg/OvmfPkgX64.dsc  |   1 +
 OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf   |  50 +++
 OvmfPkg/Include/Library/MemEncryptSevLib.h  |  81 
 OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.h |  34 ++
 OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.h| 184 +
 OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c| 126 ++
 OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.c |  43 ++
 OvmfPkg/Library/BaseMemEncryptSevLib/X64/MemEncryptSevLib.c | 127 ++
 OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.c| 422 

 11 files changed, 1070 insertions(+)

diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index 6494ac5480b3..265f2d2b6d2f 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -143,6 +143,7 @@ [LibraryClasses]
   QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.inf
   VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf
   LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf
+  
MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf
 !if $(SMM_REQUIRE) == FALSE
   LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
 !endif
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index 20eb409a8d01..3b50a2dd2d2f 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -148,6 +148,7 @@ [LibraryClasses]
   QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.inf
   VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf
   LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf
+  
MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf
 !if $(SMM_REQUIRE) == FALSE
   LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
 !endif
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 2e5eaf631e9f..82c73331aa9f 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -148,6 +148,7 @@ [LibraryClasses]
   QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.inf
   VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf
   LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf
+  
MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf
 !if $(SMM_REQUIRE) == FALSE
   LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
 !endif
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf 
b/OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf
new file mode 100644
index ..949c430af61b
--- /dev/null
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf
@@ -0,0 +1,50 @@
+## @file
+#  Library provides the helper functions for SEV guest
+#
+# Copyright (c) 2017 Advanced Micro Devices. All rights reserved.
+#
+#  This program and the accompanying materials
+#  are licensed and made available under the terms and conditions of the BSD
+#  License which accompanies this distribution. The full text of the license
+#  may be found at http://opensource.org/licenses/bsd-license.php
+#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR 
IMPLIED.
+#
+#
+##
+
+[Defines]
+  INF_VERSION= 1.25
+  BASE_NAME  = MemEncryptSevLib
+  FILE_GUID  = c1594631-3888-4be4-949f-9c630dbc842b
+  MODULE_TYPE= BASE
+  VERSION_STRING = 1.0
+  LIBRARY_CLASS  = MemEncryptSevLib|PEIM DXE_DRIVER 
DXE_RUNTIME_DRIVER DXE_SMM_DRIVER UEFI_DRIVER
+
+#
+# The following information is for reference only and not required by the 
build tools.
+#
+# VALID_ARCHITECTURES   = IA32 X64
+#
+
+[Packages]
+  MdePkg/MdePkg.dec
+  MdeModulePkg/MdeModulePkg.dec
+  OvmfPkg/OvmfPkg.dec
+  UefiCpuPkg/UefiCpuPkg.dec
+
+[Sources.X64]
+  X64/MemEncryptSevLib.c
+  X64/VirtualMemory.c
+  MemEncryptSevLibInternal.c
+
+[Sources.IA32]
+  Ia32/MemEncryptSevLib.c
+  MemEncryptSevLibInternal.c
+
+[LibraryClasses]
+  BaseLib
+  CpuLib
+  CacheMaintenanceLib
+  DebugLib
+  MemoryAllocationLib
diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h 
b/OvmfPkg/Include/Library/MemEncryptSevLib.h
new file mode 100644
index ..b6753762423e
--- /dev/null
+++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h
@@ -0,0 +1,81 @@
+/** @file
+
+  Define 

[edk2] [RFC v4 00/13] x86: Secure Encrypted Virtualization (AMD)

[Brijesh Singh]

This RFC series provides support for AMD's new Secure Encrypted 
Virtualization (SEV) feature.

SEV is an extension to the AMD-V architecture which supports running
multiple VMs under the control of a hypervisor. The SEV feature allows
the memory contents of a virtual machine (VM) to be transparently encrypted
with a key unique to the guest VM. The memory controller contains a
high performance encryption engine which can be programmed with multiple
keys for use by a different VMs in the system. The programming and
management of these keys is handled by the AMD Secure Processor firmware
which exposes a commands for these tasks.

SEV guest VMs have the concept of private and shared memory.  Private memory is
encrypted with the guest-specific key, while shared memory may be encrypted
with hypervisor key.  Certain types of memory (namely instruction pages and
guest page tables) are always treated as private memory by the hardware.
For data memory, SEV guest VMs can choose which pages they would like to be
private. The choice is done using the standard CPU page tables using the C-bit,
and is fully controlled by the guest. Due to security reasons all the DMA
operations inside the  guest must be performed on shared pages (C-bit clear).
Note that since C-bit is only controllable by the guest OS when it is operating
in 64-bit or 32-bit PAE mode, in all other modes the SEV hardware forces the
C-bit to a 1.

The following links provide additional details:

AMD Memory Encryption whitepaper:
http://amd-dev.wpengine.netdna-cdn.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf

AMD64 Architecture Programmer's Manual:
http://support.amd.com/TechDocs/24593.pdf
SME is section 7.10
SEV is section 15.34

Secure Encrypted Virutualization Key Management:
http://support.amd.com/TechDocs/55766_SEV-KM API_Specification.pdf

KVM Forum Presentation:
http://www.linux-kvm.org/images/7/74/02x08A-Thomas_Lendacky-AMDs_Virtualizatoin_Memory_Encryption_Technology.pdf

[1] http://marc.info/?l=linux-mm=148846752931115=2

---

Patch series is based on commit b61fda11295b (NetworkPkg: Fix issue in dns 
driver when building DHCP packet.)

https://github.com/codomania/edk2/tree/sev-rfc-4

The patch series is tested with OvmfIa32.dsc, OvmfIa32X64.dsc and OvmfX64.dsc.
Since memory encryption bit is not accessiable when processor is in 32-bit mode
hence any DMA access in this mode would cause assert. I have also tested the
suspend and resume path, it seems to be working fine. I still need to work to
finish adding the SEV Dma support in QemuFwCfgS3Lib package (see TODO).

Changes since v3:
 - update AmdSevDxe driver to produce IOMMU protocol
 - remove BmDmaLib dependency
 - update QemuFwCfgLib to use IOMMU protocol to allocate SEV DMA buffer

Changes since v2:
 - move memory encryption CPUID and MSR definition into UefiCpuPkg
 - fix the argument order for SUB instruction in ResetVector and add more
   comments
 - update PlatformPei to use BaseMemEncryptSevLib
 - break the overlong comment lines to 79 chars
 - variable aligment and other formating fixes
 - split the SEV DMA support patch for QemuFwCfgLib into multiple patches as
   recommended by Laszlo
 - add AmdSevDxe driver which runs very early in DXE phase and clear the C-bit
   from MMIO memory region
 - drop 'QemuVideoDxe: Clear C-bit from framebuffer' patch since AmdSevDxe
   driver takes care of clearing the C-bit from MMIO region
 - Verified that Qemu PFLASH works fine with SEV guest, Found a KVM driver issue
   which was causing #PF when PFLASH was enabled. I have submitted patch to
   fix it in upstream http://marc.info/?l=kvm=149304930814202=2

Changes since v1:
 - bug fixes in OvmfPkg/ResetVector (pointed by Tom Lendacky)
 - add SEV CPUID and MSR register definition in standard include file
 - remove the MemEncryptLib dependency from PlatformPei. Move AmdSevInitialize()
   implementation in local file inside the PlatformPei package
 - rename MemCryptSevLib to MemEncryptSevLib and add functions to set or
   clear memory encryption attribute on memory region
 - integerate SEV support in BmDmaLib
 - split QemuFwCfgDxePei.c into QemuFwCfgDxe.c and QemuFwCfgPei.c to
   allow building seperate QemuFwCfgLib for Dxe and Pei phase
   (recommended by Laszlo Ersek)
 - add SEV support in QemuFwCfgLib
 - clear the memory encryption attribute from framebuffer memory region


TODO:
 - add support for DMA operation in QemuFwCfgS3Lib when SEV is enabled
 - investigate SMM/SMI support
 - add virtio support

Cc: Jeff Fan 
Cc: Liming Gao 
Cc: Leo Duran 
Cc: Jordan Justen 
Cc: Laszlo Ersek 
Cc: Leo Duran 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Brijesh Singh 

Brijesh Singh (13):
  UefiCpuPkg: Define AMD Memory 

[edk2] [RFC v4 02/13] OvmfPkg/ResetVector: Set C-bit when building initial page table

[Brijesh Singh]

SEV guest VMs have the concept of private and shared memory. Private
memory is encrypted with the guest-specific key, while shared memory
may be encrypted with hypervisor key. Certain types of memory (namely
instruction pages and guest page tables) are always treated as private
memory by the hardware. The C-bit in PTE indicate whether the page is
private or shared. The C-bit position for the PTE can be obtained from
CPUID Fn8000_001F[EBX].

When SEV is active, the BIOS is encrypted by the Qemu launch sequence,
we must set the C-bit when building the page table.


Cc: Jordan Justen 
Cc: Laszlo Ersek 
Cc: Tom Lendacky 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Brijesh Singh 
---
 OvmfPkg/ResetVector/Ia32/PageTables64.asm | 70 +++-
 1 file changed, 69 insertions(+), 1 deletion(-)

diff --git a/OvmfPkg/ResetVector/Ia32/PageTables64.asm 
b/OvmfPkg/ResetVector/Ia32/PageTables64.asm
index 6201cad1f5dc..3d4b04844cdf 100644
--- a/OvmfPkg/ResetVector/Ia32/PageTables64.asm
+++ b/OvmfPkg/ResetVector/Ia32/PageTables64.asm
@@ -37,9 +37,60 @@ BITS32
PAGE_READ_WRITE + \
PAGE_PRESENT)
 
+; Check if Secure Encrypted Virtualization (SEV) feature is enabled
+;
+; If SEV is enabled then EAX will be at least 32
+; If SEV is disabled then EAX will be zero.
+;
+CheckSevFeature:
+; CPUID will clobber EBX, ECX, EDX, save these registers
+push  ebx
+push  ecx
+push  edx
+
+; Check if we have a valid (0x8000_001F) CPUID leaf
+mov   eax, 0x8000
+cpuid
+
+; This check should fail on Intel or Non SEV AMD CPUs and in future if
+; Intel CPUs supports this CPUID leaf then we are guranteed to have exact
+; same bit definition.
+cmp   eax, 0x801f
+jlNoSev
+
+; Check for memory encryption feature:
+;  CPUID  Fn8000_001F[EAX] - Bit 1
+;
+mov   eax,  0x801f
+cpuid
+bteax, 1
+jnc   NoSev
+
+; Check if memory encryption is enabled
+;  MSR_0xC0010131 - Bit 0 (SEV enabled)
+mov   ecx, 0xc0010131
+rdmsr
+bteax, 0
+jnc   NoSev
+
+; Get pte bit position to enable memory encryption
+; CPUID Fn8000_001F[EBX] - Bits 5:0
+;
+mov   eax, ebx
+and   eax, 0x3f
+jmp   SevExit
+
+NoSev:
+xor   eax, eax
+
+SevExit:
+pop   edx
+pop   ecx
+pop   ebx
+OneTimeCallRet CheckSevFeature
 
 ;
-; Modified:  EAX, ECX
+; Modified:  EAX, ECX, EDX
 ;
 SetCr3ForPageTables64:
 
@@ -60,18 +111,34 @@ clearPageTablesMemoryLoop:
 mov dword[ecx * 4 + PT_ADDR (0) - 4], eax
 loopclearPageTablesMemoryLoop
 
+OneTimeCall   CheckSevFeature
+xor edx, edx
+testeax, eax
+jz  SevNotActive
+
+; If SEV is enabled, Memory encryption bit is always above 31
+sub eax, 32
+bts edx, eax
+
+SevNotActive:
+
 ;
 ; Top level Page Directory Pointers (1 * 512GB entry)
 ;
 mov dword[PT_ADDR (0)], PT_ADDR (0x1000) + PAGE_PDP_ATTR
+mov dword[PT_ADDR (4)], edx
 
 ;
 ; Next level Page Directory Pointers (4 * 1GB entries => 4GB)
 ;
 mov dword[PT_ADDR (0x1000)], PT_ADDR (0x2000) + PAGE_PDP_ATTR
+mov dword[PT_ADDR (0x1004)], edx
 mov dword[PT_ADDR (0x1008)], PT_ADDR (0x3000) + PAGE_PDP_ATTR
+mov dword[PT_ADDR (0x100C)], edx
 mov dword[PT_ADDR (0x1010)], PT_ADDR (0x4000) + PAGE_PDP_ATTR
+mov dword[PT_ADDR (0x1014)], edx
 mov dword[PT_ADDR (0x1018)], PT_ADDR (0x5000) + PAGE_PDP_ATTR
+mov dword[PT_ADDR (0x101C)], edx
 
 ;
 ; Page Table Entries (2048 * 2MB entries => 4GB)
@@ -83,6 +150,7 @@ pageTableEntriesLoop:
 shl eax, 21
 add eax, PAGE_2M_PDE_ATTR
 mov [ecx * 8 + PT_ADDR (0x2000 - 8)], eax
+mov [(ecx * 8 + PT_ADDR (0x2000 - 8)) + 4], edx
 looppageTableEntriesLoop
 
 ;
-- 
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [RFC v4 01/13] UefiCpuPkg: Define AMD Memory Encryption specific CPUID and MSR

[Brijesh Singh]

The patch defines AMD's Memory Encryption Information CPUID leaf and SEV
status MSR. The complete description for CPUID leaf is available in APM
volume 2, Section 15.34.


Cc: Jordan Justen 
Cc: Laszlo Ersek 
Cc: Jeff Fan 
Cc: Liming Gao 
Cc: Leo Duran 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Brijesh Singh 
---
 UefiCpuPkg/Include/Register/Amd/Cpuid.h| 162 
 UefiCpuPkg/Include/Register/Amd/Fam17Msr.h |  62 
 UefiCpuPkg/Include/Register/Amd/Msr.h  |  29 
 3 files changed, 253 insertions(+)

diff --git a/UefiCpuPkg/Include/Register/Amd/Cpuid.h 
b/UefiCpuPkg/Include/Register/Amd/Cpuid.h
new file mode 100644
index ..5cd42667dc46
--- /dev/null
+++ b/UefiCpuPkg/Include/Register/Amd/Cpuid.h
@@ -0,0 +1,162 @@
+/** @file
+  CPUID leaf definitions.
+
+  Provides defines for CPUID leaf indexes.  Data structures are provided for
+  registers returned by a CPUID leaf that contain one or more bit fields.
+  If a register returned is a single 32-bit value, then a data structure is
+  not provided for that register.
+
+  Copyright (c) 2017, Advanced Micro Devices. All rights reserved.
+  This program and the accompanying materials are licensed and made available
+  under the terms and conditions of the BSD License which accompanies this
+  distribution. The full text of the license may be found at
+  http://opensource.org/licenses/bsd-license.php
+
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+  @par Specification Reference:
+  AMD64 Architecture Programming Manaul volume 2, March 2017, Sections 15.34
+
+**/
+
+#ifndef __AMD_CPUID_H__
+#define __AMD_CPUID_H__
+
+/**
+
+  Memory Encryption Information
+
+  @param   EAX  CPUID_MEMORY_ENCRYPTION_INFO (0x801F)
+
+  @retval  EAX  Returns the memory encryption feature support status.
+  @retval  EBX  If memory encryption feature is present then return
+the page table bit number used to enable memory encryption 
support
+and reducing of physical address space in bits.
+  @retval  ECX  Returns number of encrypted guest supported simultaneosuly.
+  @retval  EDX  Returns minimum SEV enabled and SEV disbled ASID..
+
+  Example usage
+  @code
+  UINT32 Eax;
+  UINT32 Ebx;
+  UINT32 Ecx;
+  UINT32 Edx;
+
+  AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, , , , );
+  @endcode
+**/
+
+#define CPUID_MEMORY_ENCRYPTION_INFO 0x801F
+
+/**
+  CPUID Memory Encryption support information EAX for CPUID leaf
+  #CPUID_MEMORY_ENCRYPTION_INFO.
+**/
+typedef union {
+  ///
+  /// Individual bit fields
+  ///
+  struct {
+///
+/// [Bit 0] Secure Memory Encryption (Sme) Support
+///
+UINT32  SmeBit:1;
+
+///
+/// [Bit 1] Secure Encrypted Virtualization (Sev) Support
+///
+UINT32  SevBit:1;
+
+///
+/// [Bit 2] Page flush MSR support
+///
+UINT32  PageFlushMsrBit:1;
+
+///
+/// [Bit 3] Encrypted state support
+///
+UINT32  SevEsBit:1;
+
+///
+/// [Bit 4:31] Reserved
+///
+UINT32  ReservedBits:28;
+  } Bits;
+  ///
+  /// All bit fields as a 32-bit value
+  ///
+  UINT32  Uint32;
+} CPUID_MEMORY_ENCRYPTION_INFO_EAX;
+
+/**
+  CPUID Memory Encryption support information EBX for CPUID leaf
+  #CPUID_MEMORY_ENCRYPTION_INFO.
+**/
+typedef union {
+  ///
+  /// Individual bit fields
+  ///
+  struct {
+///
+/// [Bit 0:5] Page table bit number used to enable memory encryption
+///
+UINT32  PtePosBits:6;
+
+///
+/// [Bit 6:11] Reduction of system physical address space bits when memory 
encryption is enabled
+///
+UINT32  ReducedPhysBits:5;
+
+///
+/// [Bit 12:31] Reserved
+///
+UINT32  ReservedBits:21;
+  } Bits;
+  ///
+  /// All bit fields as a 32-bit value
+  ///
+  UINT32  Uint32;
+} CPUID_MEMORY_ENCRYPTION_INFO_EBX;
+
+/**
+  CPUID Memory Encryption support information ECX for CPUID leaf
+  #CPUID_MEMORY_ENCRYPTION_INFO.
+**/
+typedef union {
+  ///
+  /// Individual bit fields
+  ///
+  struct {
+///
+/// [Bit 0:31] Number of encrypted guest supported simultaneously
+///
+UINT32  NumGuests;
+  } Bits;
+  ///
+  /// All bit fields as a 32-bit value
+  ///
+  UINT32  Uint32;
+} CPUID_MEMORY_ENCRYPTION_INFO_ECX;
+
+/**
+  CPUID Memory Encryption support information EDX for CPUID leaf
+  #CPUID_MEMORY_ENCRYPTION_INFO.
+**/
+typedef union {
+  ///
+  /// Individual bit fields
+  ///
+  struct {
+///
+/// [Bit 0:31] Minimum SEV enabled, SEV-ES disabled ASID
+///
+UINT32  MinAsid;
+  } Bits;
+  ///
+  /// All bit fields as a 32-bit value
+  ///
+  UINT32  Uint32;
+} CPUID_MEMORY_ENCRYPTION_INFO_EDX;
+
+#endif
diff --git a/UefiCpuPkg/Include/Register/Amd/Fam17Msr.h 

[edk2] [RFC v4 13/13] OvmfPkg/QemuFwCfgLib: Add SEV support

[Brijesh Singh]

When SEV is enabled, use a bounce buffer to perform the DMA operation.


Cc: Jordan Justen 
Cc: Laszlo Ersek 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Brijesh Singh 
---
 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.c | 54 +++-
 1 file changed, 52 insertions(+), 2 deletions(-)

diff --git a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.c 
b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.c
index 73a19772bee1..86d8bf880e71 100644
--- a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.c
+++ b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.c
@@ -72,6 +72,8 @@ InternalQemuFwCfgDmaBytes (
   volatile FW_CFG_DMA_ACCESS *Access;
   UINT32 AccessHigh, AccessLow;
   UINT32 Status;
+  UINT32 NumPages;
+  VOID   *DmaBuffer, *BounceBuffer;
 
   ASSERT (Control == FW_CFG_DMA_CTL_WRITE || Control == FW_CFG_DMA_CTL_READ ||
 Control == FW_CFG_DMA_CTL_SKIP);
@@ -80,11 +82,44 @@ InternalQemuFwCfgDmaBytes (
 return;
   }
 
-  Access = 
+  //
+  // When SEV is enabled then allocate DMA bounce buffer
+  //
+  if (InternalQemuFwCfgSevIsEnabled ()) {
+UINT32  TotalSize;
+
+TotalSize = sizeof (*Access);
+//
+// Control operation does not need buffer
+//
+if (Control != FW_CFG_DMA_CTL_SKIP) {
+  TotalSize += Size;
+}
+
+//
+// Allocate SEV DMA bounce buffer
+//
+NumPages = EFI_SIZE_TO_PAGES (TotalSize);
+InternalQemuFwCfgSevDmaAllocateBuffer (NumPages, );
+
+Access = BounceBuffer;
+DmaBuffer = BounceBuffer + sizeof (*Access);
+
+//
+//  Copy data from Host buffer into DMA buffer
+//
+if (Buffer && Control == FW_CFG_DMA_CTL_WRITE) {
+  CopyMem (DmaBuffer, Buffer, Size);
+}
+  } else {
+Access = 
+DmaBuffer = Buffer;
+BounceBuffer = NULL;
+  }
 
   Access->Control = SwapBytes32 (Control);
   Access->Length  = SwapBytes32 (Size);
-  Access->Address = SwapBytes64 ((UINTN)Buffer);
+  Access->Address = SwapBytes64 ((UINTN)DmaBuffer);
 
   //
   // Delimit the transfer from (a) modifications to Access, (b) in case of a
@@ -117,6 +152,21 @@ InternalQemuFwCfgDmaBytes (
   // After a read, the caller will want to use Buffer.
   //
   MemoryFence ();
+
+  //
+  // If Bounce buffer was allocated then copy the data into host buffer and
+  // free the bounce buffer
+  //
+  if (BounceBuffer) {
+//
+//  Copy data from DMA buffer into host buffer
+//
+if (Buffer && Control == FW_CFG_DMA_CTL_READ) {
+  CopyMem (Buffer, DmaBuffer, Size);
+}
+
+InternalQemuFwCfgSevDmaFreeBuffer (BounceBuffer, NumPages);
+  }
 }
 
 
-- 
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [RFC v4 06/13] OvmfPkg:AmdSevDxe: add AmdSevDxe driver

[Brijesh Singh]

When SEV is enabled, the MMIO memory range must be mapped as unencrypted
(i.e C-bit cleared) and DMA must be performed on unencrypted memory.

The patch adds a DXE driver that runs early in boot and clears the memory
encryption attribute from MMIO/NonExistent memory ranges and installs a
IOMMU protocol to provide the DMA support for PCIHostBridge and other drivers.

The driver produces IOMMU protocol introduce by Jiewen
https://lists.01.org/pipermail/edk2-devel/2017-May/010462.html


Cc: Jordan Justen 
Cc: Laszlo Ersek 
Cc: Leo Duran 
Cc: Jiewen Yao 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Brijesh Singh 
---
 OvmfPkg/OvmfPkgIa32X64.dsc  |   1 +
 OvmfPkg/OvmfPkgX64.dsc  |   1 +
 OvmfPkg/OvmfPkgIa32X64.fdf  |   2 +
 OvmfPkg/OvmfPkgX64.fdf  |   2 +
 OvmfPkg/AmdSevDxe/AmdSevDxe.inf |  49 +++
 OvmfPkg/AmdSevDxe/AmdSevIommu.h |  43 ++
 OvmfPkg/AmdSevDxe/AmdSevMmio.h  |  41 ++
 OvmfPkg/AmdSevDxe/AmdSevDxe.c   |  52 +++
 OvmfPkg/AmdSevDxe/AmdSevIommu.c | 459 
 OvmfPkg/AmdSevDxe/AmdSevMmio.c  |  50 +++
 10 files changed, 700 insertions(+)

diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index 9403f76ce862..ee6f98d68b73 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -827,6 +827,7 @@ [Components.X64]
 !endif
 
   OvmfPkg/PlatformDxe/Platform.inf
+  OvmfPkg/AmdSevDxe/AmdSevDxe.inf
 
 !if $(SMM_REQUIRE) == TRUE
   OvmfPkg/SmmAccess/SmmAccess2Dxe.inf
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index e137143f7afa..b5f26e06e60b 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -825,6 +825,7 @@ [Components]
 !endif
 
   OvmfPkg/PlatformDxe/Platform.inf
+  OvmfPkg/AmdSevDxe/AmdSevDxe.inf
 
 !if $(SMM_REQUIRE) == TRUE
   OvmfPkg/SmmAccess/SmmAccess2Dxe.inf
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
index 5233314139bc..12871860d001 100644
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
@@ -190,6 +190,7 @@ [FV.DXEFV]
 APRIORI DXE {
   INF  MdeModulePkg/Universal/DevicePathDxe/DevicePathDxe.inf
   INF  MdeModulePkg/Universal/PCD/Dxe/Pcd.inf
+  INF  OvmfPkg/AmdSevDxe/AmdSevDxe.inf
 !if $(SMM_REQUIRE) == FALSE
   INF  OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf
 !endif
@@ -351,6 +352,7 @@ [FV.DXEFV]
 INF  OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
 INF  OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
 INF  OvmfPkg/PlatformDxe/Platform.inf
+INF  OvmfPkg/AmdSevDxe/AmdSevDxe.inf
 
 !if $(SMM_REQUIRE) == TRUE
 INF  OvmfPkg/SmmAccess/SmmAccess2Dxe.inf
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
index 36150101e784..ae6e66a1c08d 100644
--- a/OvmfPkg/OvmfPkgX64.fdf
+++ b/OvmfPkg/OvmfPkgX64.fdf
@@ -190,6 +190,7 @@ [FV.DXEFV]
 APRIORI DXE {
   INF  MdeModulePkg/Universal/DevicePathDxe/DevicePathDxe.inf
   INF  MdeModulePkg/Universal/PCD/Dxe/Pcd.inf
+  INF  OvmfPkg/AmdSevDxe/AmdSevDxe.inf
 !if $(SMM_REQUIRE) == FALSE
   INF  OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf
 !endif
@@ -351,6 +352,7 @@ [FV.DXEFV]
 INF  OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
 INF  OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
 INF  OvmfPkg/PlatformDxe/Platform.inf
+INF  OvmfPkg/AmdSevDxe/AmdSevDxe.inf
 
 !if $(SMM_REQUIRE) == TRUE
 INF  OvmfPkg/SmmAccess/SmmAccess2Dxe.inf
diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
new file mode 100644
index ..775dda9be386
--- /dev/null
+++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
@@ -0,0 +1,49 @@
+#/** @file
+#
+#  Driver clears the encryption attribute from MMIO regions and installs IOMMU
+#  protcol to provides DMA support for PciHostBridge and others
+#
+#  Copyright (c) 2017, AMD Inc. All rights reserved.
+#
+#  This program and the accompanying materials
+#  are licensed and made available under the terms and conditions of the BSD
+#  License which accompanies this distribution.  The full text of the license 
may
+#  be found at http://opensource.org/licenses/bsd-license.php
+#
+#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR 
IMPLIED.
+#
+#**/
+
+[Defines]
+  INF_VERSION= 1.25
+  BASE_NAME  = AmdSevDxe
+  FILE_GUID  = 2ec9da37-ee35-4de9-86c5-6d9a81dc38a7
+  MODULE_TYPE= DXE_DRIVER
+  VERSION_STRING = 1.0
+  ENTRY_POINT= AmdSevDxeEntryPoint
+
+[Sources]
+  AmdSevDxe.c
+  AmdSevIommu.c
+  AmdSevMmio.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+  MdeModulePkg/MdeModulePkg.dec
+  OvmfPkg/OvmfPkg.dec
+
+[LibraryClasses]
+  BaseLib
+  UefiLib
+  UefiDriverEntryPoint
+  UefiBootServicesTableLib
+  DxeServicesTableLib
+  DebugLib
+  MemEncryptSevLib
+
+[Protocols]
+  gEdkiiIoMmuProtocolGuid ## PRODUCES
+
+[Depex]
+  TRUE
diff --git 

[edk2] [RFC v4 08/13] OvmfPkg/QemuFwCfgLib: Prepare for SEV support

[Brijesh Singh]

Add SEV specific internal functions which will be used while intergrating
the SEV support into QemuFwCfgLib.


Cc: Jordan Justen 
Cc: Laszlo Ersek 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Brijesh Singh 
---
 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLibInternal.h | 36 
 1 file changed, 36 insertions(+)

diff --git a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLibInternal.h 
b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLibInternal.h
index 6e87c625102e..87573ff2fbe3 100644
--- a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLibInternal.h
+++ b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLibInternal.h
@@ -43,4 +43,40 @@ InternalQemuFwCfgDmaIsAvailable (
   VOID
   );
 
+/**
+ Returns a boolean indicating whether SEV support is enabled
+
+ @retvalTRUESEV is enabled
+ @retvalFALSE   SEV is disabled
+**/
+BOOLEAN
+InternalQemuFwCfgSevIsEnabled (
+  VOID
+  );
+
+/**
+ Allocate a bounce buffer for SEV DMA.
+
+  @param[in] NumPage  Number of pages.
+  @param[out]Buffer   Allocated DMA Buffer pointer
+
+**/
+VOID
+InternalQemuFwCfgSevDmaAllocateBuffer (
+  IN UINT32   NumPages,
+  OUTVOID **Buffer
+  );
+
+/**
+ Free the DMA buffer allocated using InternalQemuFwCfgSevDmaAllocateBuffer
+
+  @param[in] NumPage  Number of pages.
+  @param[in] Buffer   DMA Buffer pointer
+
+**/
+VOID
+InternalQemuFwCfgSevDmaFreeBuffer (
+  IN VOID *Buffer,
+  IN UINT32   NumPages
+  );
 #endif
-- 
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [RFC v4 09/13] OvmfPkg/QemuFwCfgLib: Implement SEV internal function for SEC phase

[Brijesh Singh]

Cc: Jordan Justen 
Cc: Laszlo Ersek 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Brijesh Singh 
---
 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSecLib.inf |  1 +
 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSec.c  | 57 
 2 files changed, 58 insertions(+)

diff --git a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSecLib.inf 
b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSecLib.inf
index 7a96575d1851..b782ac6c0aa2 100644
--- a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSecLib.inf
+++ b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSecLib.inf
@@ -45,4 +45,5 @@ [LibraryClasses]
   DebugLib
   IoLib
   MemoryAllocationLib
+  MemEncryptSevLib
 
diff --git a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSec.c 
b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSec.c
index 465ccbe90dad..cd04cc814063 100644
--- a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSec.c
+++ b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSec.c
@@ -6,6 +6,7 @@
 
   Copyright (C) 2013, Red Hat, Inc.
   Copyright (c) 2011 - 2013, Intel Corporation. All rights reserved.
+  Copyright (c) 2017, Advanced Micro Devices. All rights reserved.
 
   This program and the accompanying materials are licensed and made available
   under the terms and conditions of the BSD License which accompanies this
@@ -18,6 +19,7 @@
 
 #include 
 #include 
+#include 
 
 #include "QemuFwCfgLibInternal.h"
 
@@ -94,3 +96,58 @@ InternalQemuFwCfgDmaIsAvailable (
 {
   return FALSE;
 }
+
+/**
+
+ Returns a boolean indicating whether SEV is enabled
+
+ @retvalTRUESEV is enabled
+ @retvalFALSE   SEV is disabled
+**/
+BOOLEAN
+InternalQemuFwCfgSevIsEnabled (
+  VOID
+  )
+{
+  return MemEncryptSevIsEnabled ();
+}
+
+/**
+ Allocate a bounce buffer for SEV DMA.
+
+  @param[in] NumPage  Number of pages.
+  @param[out]Buffer   Allocated DMA Buffer pointer
+
+**/
+VOID
+InternalQemuFwCfgSevDmaAllocateBuffer (
+  IN UINT32   NumPages,
+  OUTVOID **Buffer
+  )
+{
+  //
+  // We should never reach here
+  //
+  ASSERT (FALSE);
+  CpuDeadLoop ();
+}
+
+/**
+ Free the DMA buffer allocated using InternalQemuFwCfgSevDmaAllocateBuffer
+
+  @param[in] NumPage  Number of pages.
+  @param[in] Buffer   DMA Buffer pointer
+
+**/
+VOID
+InternalQemuFwCfgSevDmaFreeBuffer (
+  IN VOID *Buffer,
+  IN UINT32   NumPages
+  )
+{
+  //
+  // We should never reach here
+  //
+  ASSERT (FALSE);
+  CpuDeadLoop ();
+}
-- 
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [RFC v4 11/13] OvmfPkg/QemuFwCfgLib: Implement SEV internal function for Dxe phase

[Brijesh Singh]

When SEV is enabled, the DMA must be performed on unencrypted pages.
So when get asked to perfom FWCFG DMA read or write, we allocate a
intermediate (bounce buffer) unencrypted buffer and use this buffer
for DMA read or write.


Cc: Jordan Justen 
Cc: Laszlo Ersek 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Brijesh Singh 
---
 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxeLib.inf |   4 +
 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxe.c  | 107 
 2 files changed, 111 insertions(+)

diff --git a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxeLib.inf 
b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxeLib.inf
index 346bb881ffc1..f8df77f788b7 100644
--- a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxeLib.inf
+++ b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxeLib.inf
@@ -39,6 +39,7 @@ [Sources]
 
 [Packages]
   MdePkg/MdePkg.dec
+  MdeModulePkg/MdeModulePkg.dec
   OvmfPkg/OvmfPkg.dec
 
 [LibraryClasses]
@@ -47,4 +48,7 @@ [LibraryClasses]
   DebugLib
   IoLib
   MemoryAllocationLib
+  MemEncryptSevLib
 
+[Protocols]
+  gEdkiiIoMmuProtocolGuid ## SOMETIMES_CONSUMES
diff --git a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxe.c 
b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxe.c
index ac05f4c347f3..059666ffa99b 100644
--- a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxe.c
+++ b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxe.c
@@ -4,6 +4,7 @@
 
   Copyright (C) 2013, Red Hat, Inc.
   Copyright (c) 2011 - 2013, Intel Corporation. All rights reserved.
+  Copyright (c) 2017, Advanced Micro Devices. All rights reserved.
 
   This program and the accompanying materials are licensed and made available
   under the terms and conditions of the BSD License which accompanies this
@@ -14,14 +15,36 @@
   WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 **/
 
+#include "Uefi.h"
+
+#include 
+
+#include 
 #include 
 #include 
+#include 
+#include 
 
 #include "QemuFwCfgLibInternal.h"
 
 STATIC BOOLEAN mQemuFwCfgSupported = FALSE;
 STATIC BOOLEAN mQemuFwCfgDmaSupported;
 
+STATIC EDKII_IOMMU_PROTOCOL*mIoMmuProtocol;
+/**
+
+ Returns a boolean indicating whether SEV is enabled
+
+ @retvalTRUESEV is enabled
+ @retvalFALSE   SEV is disabled
+**/
+BOOLEAN
+InternalQemuFwCfgSevIsEnabled (
+  VOID
+  )
+{
+  return MemEncryptSevIsEnabled ();
+}
 
 /**
   Returns a boolean indicating if the firmware configuration interface
@@ -79,6 +102,21 @@ QemuFwCfgInitialize (
 mQemuFwCfgDmaSupported = TRUE;
 DEBUG ((DEBUG_INFO, "QemuFwCfg interface (DMA) is supported.\n"));
   }
+
+  //
+  // When SEV is enabled, the AmdSevDxe driver should have installed the IoMMU
+  // protocol which must be used for mapping host buffer to DMA buffer
+  //
+  if (mQemuFwCfgDmaSupported && MemEncryptSevIsEnabled ()) {
+EFI_STATUS   Status;
+
+Status = gBS->LocateProtocol (, NULL, (VOID 
**));
+if (EFI_ERROR(Status)) {
+  DEBUG ((DEBUG_WARN, "QemuwCfgSevDma: failed to locate IoMmu protocol, 
disabling DMA support\n"));
+  mQemuFwCfgDmaSupported = FALSE;
+}
+  }
+
   return RETURN_SUCCESS;
 }
 
@@ -114,3 +152,72 @@ InternalQemuFwCfgDmaIsAvailable (
 {
   return mQemuFwCfgDmaSupported;
 }
+
+/**
+ Allocate a bounce buffer for SEV DMA.
+
+  @param[in] NumPage  Number of pages.
+  @param[out]Buffer   Allocated DMA Buffer pointer
+
+**/
+VOID
+InternalQemuFwCfgSevDmaAllocateBuffer (
+  IN UINT32   NumPages,
+  OUTVOID **Buffer
+  )
+{
+  EFI_STATUSStatus;
+
+  if (!mIoMmuProtocol) {
+//
+// We should never reach here
+//
+ASSERT (FALSE);
+CpuDeadLoop ();
+  }
+
+  Status = mIoMmuProtocol->AllocateBuffer (
+mIoMmuProtocol,
+0,
+EfiBootServicesData,
+NumPages,
+Buffer,
+EDKII_IOMMU_ATTRIBUTE_MEMORY_CACHED
+  );
+  ASSERT_EFI_ERROR (Status);
+
+  DEBUG ((DEBUG_VERBOSE, "QemuFwCfgSevDma allocate buffer 0x%Lx Pages %d\n", 
(UINTN)Buffer, NumPages));
+
+}
+
+/**
+ Free the DMA buffer allocated using InternalQemuFwCfgSevDmaAllocateBuffer
+
+  @param[in] NumPage  Number of pages.
+  @param[in] Buffer   DMA Buffer pointer
+
+**/
+VOID
+InternalQemuFwCfgSevDmaFreeBuffer (
+  IN VOID *Buffer,
+  IN UINT32   NumPages
+  )
+{
+  EFI_STATUSStatus;
+
+  if (!mIoMmuProtocol) {
+//
+// We should never reach here
+//
+ASSERT (FALSE);
+CpuDeadLoop ();
+  }
+
+  Status = mIoMmuProtocol->FreeBuffer (
+mIoMmuProtocol,
+NumPages,
+Buffer
+  );
+  ASSERT_EFI_ERROR (Status);
+  DEBUG ((DEBUG_VERBOSE, "QemuFwCfgSevDma free buffer 0x%Lx Pages %d\n", 
(UINTN)Buffer, NumPages));
+}
-- 
2.7.4

___
edk2-devel 

[edk2] [RFC v4 03/13] OvmfPkg: Update dsc to use IoLib from BaseIoLibIntrinsicSev.inf

[Brijesh Singh]

When SEV is enabled then we must unroll the rep String I/O instructions.

The patch updates dsc file to use SEV version of IoLib inf. The main
difference between BaseIoLibIntrinsic.inf and BaseIoLibIntrinsicSev.inf
is, SEV version checks if its running under SEV enabled guest, If so
then it unroll the String I/O (REP INS/OUTS) otherwise fallbacks to
rep ins/outs.


Cc: Jordan Justen 
Cc: Laszlo Ersek 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Brijesh Singh 
---
 OvmfPkg/OvmfPkgIa32.dsc| 2 +-
 OvmfPkg/OvmfPkgIa32X64.dsc | 2 +-
 OvmfPkg/OvmfPkgX64.dsc | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index e0779ddaa426..6494ac5480b3 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -120,7 +120,7 @@ [LibraryClasses]
   PciExpressLib|MdePkg/Library/BasePciExpressLib/BasePciExpressLib.inf
   PciLib|MdePkg/Library/BasePciLibCf8/BasePciLibCf8.inf
   PciSegmentLib|MdePkg/Library/BasePciSegmentLibPci/BasePciSegmentLibPci.inf
-  IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf
+  IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
   
OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf
   SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf
   MtrrLib|UefiCpuPkg/Library/MtrrLib/MtrrLib.inf
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index bbe26e2cf452..20eb409a8d01 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -125,7 +125,7 @@ [LibraryClasses]
   PciExpressLib|MdePkg/Library/BasePciExpressLib/BasePciExpressLib.inf
   PciLib|MdePkg/Library/BasePciLibCf8/BasePciLibCf8.inf
   PciSegmentLib|MdePkg/Library/BasePciSegmentLibPci/BasePciSegmentLibPci.inf
-  IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf
+  IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
   
OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf
   SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf
   MtrrLib|UefiCpuPkg/Library/MtrrLib/MtrrLib.inf
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index ff795815f65f..2e5eaf631e9f 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -125,7 +125,7 @@ [LibraryClasses]
   PciExpressLib|MdePkg/Library/BasePciExpressLib/BasePciExpressLib.inf
   PciLib|MdePkg/Library/BasePciLibCf8/BasePciLibCf8.inf
   PciSegmentLib|MdePkg/Library/BasePciSegmentLibPci/BasePciSegmentLibPci.inf
-  IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf
+  IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
   
OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf
   SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf
   MtrrLib|UefiCpuPkg/Library/MtrrLib/MtrrLib.inf
-- 
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [RFC v4 07/13] OvmfPkg/QemuFwCfgLib: Provide Pei and Dxe specific library

[Brijesh Singh]

Current QemuFwCfgLib.inf is used in both Pei and Dxe phases. Add Pei
and Dxe inf file to provide a seperate QemuFwCfgLib instances for Pei
and Dxe phases.


Cc: Jordan Justen 
Cc: Laszlo Ersek 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Brijesh Singh 
---
 OvmfPkg/OvmfPkgIa32.dsc| 3 ++-
 OvmfPkg/OvmfPkgIa32X64.dsc | 3 ++-
 OvmfPkg/OvmfPkgX64.dsc | 3 ++-
 OvmfPkg/Library/QemuFwCfgLib/{QemuFwCfgLib.inf => QemuFwCfgDxeLib.inf} | 6 
+++---
 OvmfPkg/Library/QemuFwCfgLib/{QemuFwCfgLib.inf => QemuFwCfgPeiLib.inf} | 6 
+++---
 OvmfPkg/Library/QemuFwCfgLib/{QemuFwCfgPeiDxe.c => QemuFwCfgDxe.c} | 0
 OvmfPkg/Library/QemuFwCfgLib/{QemuFwCfgPeiDxe.c => QemuFwCfgPei.c} | 0
 7 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index 139d54aa010e..cde3d43e39a9 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -140,7 +140,7 @@ [LibraryClasses]
   DpcLib|MdeModulePkg/Library/DxeDpcLib/DxeDpcLib.inf
   UefiUsbLib|MdePkg/Library/UefiUsbLib/UefiUsbLib.inf
   
SerializeVariablesLib|OvmfPkg/Library/SerializeVariablesLib/SerializeVariablesLib.inf
-  QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.inf
+  QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxeLib.inf
   VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf
   LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf
   
MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf
@@ -257,6 +257,7 @@ [LibraryClasses.common.PEIM]
   
CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuExceptionHandlerLib.inf
   MpInitLib|UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
   QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/PeiQemuFwCfgS3LibFwCfg.inf
+  QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf
 
 [LibraryClasses.common.DXE_CORE]
   HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index ee6f98d68b73..8aa72718d065 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -145,7 +145,7 @@ [LibraryClasses]
   DpcLib|MdeModulePkg/Library/DxeDpcLib/DxeDpcLib.inf
   UefiUsbLib|MdePkg/Library/UefiUsbLib/UefiUsbLib.inf
   
SerializeVariablesLib|OvmfPkg/Library/SerializeVariablesLib/SerializeVariablesLib.inf
-  QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.inf
+  QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxeLib.inf
   VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf
   LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf
   
MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf
@@ -262,6 +262,7 @@ [LibraryClasses.common.PEIM]
   
CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuExceptionHandlerLib.inf
   MpInitLib|UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
   QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/PeiQemuFwCfgS3LibFwCfg.inf
+  QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf
 
 [LibraryClasses.common.DXE_CORE]
   HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index b5f26e06e60b..963d394662ab 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -145,7 +145,7 @@ [LibraryClasses]
   DpcLib|MdeModulePkg/Library/DxeDpcLib/DxeDpcLib.inf
   UefiUsbLib|MdePkg/Library/UefiUsbLib/UefiUsbLib.inf
   
SerializeVariablesLib|OvmfPkg/Library/SerializeVariablesLib/SerializeVariablesLib.inf
-  QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.inf
+  QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxeLib.inf
   VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf
   LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf
   
MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf
@@ -262,6 +262,7 @@ [LibraryClasses.common.PEIM]
   
CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuExceptionHandlerLib.inf
   MpInitLib|UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
   QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/PeiQemuFwCfgS3LibFwCfg.inf
+  QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf
 
 [LibraryClasses.common.DXE_CORE]
   HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf
diff --git a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.inf 
b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxeLib.inf
similarity index 83%
copy from OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.inf
copy to OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxeLib.inf
index 689476032d39..346bb881ffc1 100644
--- a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.inf
+++ b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxeLib.inf
@@ -19,10 +19,10 @@
 [Defines]
   INF_VERSION= 0x00010005
   BASE_NAME  = QemuFwCfgLib
-  

[edk2] [RFC v4 12/13] OvmfPkg/QemuFwCfgLib: Add option to dynamic alloc FW_CFG_DMA Access

[Brijesh Singh]

Update InternalQemuFwCfgDmaBytes() to work with DMA Access pointer.
The change provides the flexibility to dynamically allocate the "Access"
when SEV is enabled.


Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Brijesh Singh 
---
 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.c | 17 ++---
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.c 
b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.c
index 1bf725d8b7ae..73a19772bee1 100644
--- a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.c
+++ b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.c
@@ -68,7 +68,8 @@ InternalQemuFwCfgDmaBytes (
   IN UINT32   Control
   )
 {
-  volatile FW_CFG_DMA_ACCESS Access;
+  volatile FW_CFG_DMA_ACCESS LocalAccess;
+  volatile FW_CFG_DMA_ACCESS *Access;
   UINT32 AccessHigh, AccessLow;
   UINT32 Status;
 
@@ -79,9 +80,11 @@ InternalQemuFwCfgDmaBytes (
 return;
   }
 
-  Access.Control = SwapBytes32 (Control);
-  Access.Length  = SwapBytes32 (Size);
-  Access.Address = SwapBytes64 ((UINTN)Buffer);
+  Access = 
+
+  Access->Control = SwapBytes32 (Control);
+  Access->Length  = SwapBytes32 (Size);
+  Access->Address = SwapBytes64 ((UINTN)Buffer);
 
   //
   // Delimit the transfer from (a) modifications to Access, (b) in case of a
@@ -92,8 +95,8 @@ InternalQemuFwCfgDmaBytes (
   //
   // Start the transfer.
   //
-  AccessHigh = (UINT32)RShiftU64 ((UINTN), 32);
-  AccessLow  = (UINT32)(UINTN)
+  AccessHigh = (UINT32)RShiftU64 ((UINTN)Access, 32);
+  AccessLow  = (UINT32)(UINTN)Access;
   IoWrite32 (FW_CFG_IO_DMA_ADDRESS, SwapBytes32 (AccessHigh));
   IoWrite32 (FW_CFG_IO_DMA_ADDRESS + 4, SwapBytes32 (AccessLow));
 
@@ -106,7 +109,7 @@ InternalQemuFwCfgDmaBytes (
   // Wait for the transfer to complete.
   //
   do {
-Status = SwapBytes32 (Access.Control);
+Status = SwapBytes32 (Access->Control);
 ASSERT ((Status & FW_CFG_DMA_CTL_ERROR) == 0);
   } while (Status != 0);
 
-- 
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [RFC v4 05/13] OvmfPkg/PlatformPei: Set memory encryption PCD when SEV is enabled

[Brijesh Singh]

Secure Encrypted Virtualization (SEV) guest VMs have the concept of
private and shared memory. Private memory is encrypted with the
guest-specific key, while shared memory may be encrypted with hypervisor
key.  Certain types of memory (namely instruction pages and guest page
tables) are always treated as private memory by the hardware.
For data memory, SEV guest VMs can choose which pages they would like
to be private. The choice is done using the standard CPU page tables
using the C-bit. When building the initial page table we mark all the
memory as private.

The patch sets the memory encryption PCD, the PCD is used by DxeCore
when building the initial page table.


Cc: Jordan Justen 
Cc: Laszlo Ersek 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Brijesh Singh 
---
 OvmfPkg/OvmfPkgIa32.dsc |  3 +
 OvmfPkg/OvmfPkgIa32X64.dsc  |  3 +
 OvmfPkg/OvmfPkgX64.dsc  |  3 +
 OvmfPkg/PlatformPei/PlatformPei.inf |  3 +
 OvmfPkg/PlatformPei/Platform.h  |  5 ++
 OvmfPkg/PlatformPei/AmdSev.c| 62 
 OvmfPkg/PlatformPei/Platform.c  |  1 +
 7 files changed, 80 insertions(+)

diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index 265f2d2b6d2f..139d54aa010e 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -530,6 +530,9 @@ [PcdsDynamicDefault]
   gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber|64
   gUefiCpuPkgTokenSpaceGuid.PcdCpuApInitTimeOutInMicroSeconds|5
 
+  # Set memory encryption mask
+  gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0
+
 !if $(SMM_REQUIRE) == TRUE
   gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmSyncMode|0x01
   gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmApSyncTimeout|10
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index 3b50a2dd2d2f..9403f76ce862 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -538,6 +538,9 @@ [PcdsDynamicDefault]
   gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber|64
   gUefiCpuPkgTokenSpaceGuid.PcdCpuApInitTimeOutInMicroSeconds|5
 
+  # Set memory encryption mask
+  gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0
+
 !if $(SMM_REQUIRE) == TRUE
   gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmSyncMode|0x01
   gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmApSyncTimeout|10
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 82c73331aa9f..e137143f7afa 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -537,6 +537,9 @@ [PcdsDynamicDefault]
   gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber|64
   gUefiCpuPkgTokenSpaceGuid.PcdCpuApInitTimeOutInMicroSeconds|5
 
+  # Set memory encryption mask
+  gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0
+
 !if $(SMM_REQUIRE) == TRUE
   gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmSyncMode|0x01
   gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmApSyncTimeout|10
diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf 
b/OvmfPkg/PlatformPei/PlatformPei.inf
index 53c6dd445a0e..a9a7a76c7325 100644
--- a/OvmfPkg/PlatformPei/PlatformPei.inf
+++ b/OvmfPkg/PlatformPei/PlatformPei.inf
@@ -29,6 +29,7 @@ [Defines]
 #
 
 [Sources]
+  AmdSev.c
   Cmos.c
   FeatureControl.c
   Fv.c
@@ -60,6 +61,7 @@ [LibraryClasses]
   QemuFwCfgLib
   QemuFwCfgS3Lib
   MtrrLib
+  MemEncryptSevLib
   PcdLib
 
 [Pcd]
@@ -94,6 +96,7 @@ [Pcd]
   gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack
   gEfiMdeModulePkgTokenSpaceGuid.PcdPropertiesTableEnable
   gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiS3Enable
+  gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask
   gUefiCpuPkgTokenSpaceGuid.PcdCpuLocalApicBaseAddress
   gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber
   gUefiCpuPkgTokenSpaceGuid.PcdCpuApInitTimeOutInMicroSeconds
diff --git a/OvmfPkg/PlatformPei/Platform.h b/OvmfPkg/PlatformPei/Platform.h
index 18f42c3f0ea8..a7729b9df44b 100644
--- a/OvmfPkg/PlatformPei/Platform.h
+++ b/OvmfPkg/PlatformPei/Platform.h
@@ -88,6 +88,11 @@ XenDetect (
   VOID
   );
 
+VOID
+AmdSevInitialize (
+  VOID
+  );
+
 extern BOOLEAN mXen;
 
 VOID
diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c
new file mode 100644
index ..26f7c3fdbb13
--- /dev/null
+++ b/OvmfPkg/PlatformPei/AmdSev.c
@@ -0,0 +1,62 @@
+/**@file
+  Initialize Secure Encrypted Virtualization (SEV) support
+
+  Copyright (c) 2017, Advanced Micro Devices. All rights reserved.
+
+  This program and the accompanying materials
+  are licensed and made available under the terms and conditions of the BSD
+  License which accompanies this distribution.  The full text of the license
+  may be found at http://opensource.org/licenses/bsd-license.php
+
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+//
+// The package level header files this module uses
+//

[edk2] Convention for creating dynamic HII forms

[dgurjar]

Hi,

I was wondering if anyone here could provide some clarification on how 
to create dynamic HII forms.


Currently I have a Form A with multiple goto statements to Form B.
When the user clicks a goto, my ConfigCallback function will use the 
QuestionId to get the data to populate Form B with from a UEFI variable. 
Form B's values appear to be updated when I use HiiSetBrowserData.


However, when I do this I notice that after the user modifies Form B, 
the "Configuration Changed" string does not always appear. As a result 
when I try to save the form, there are no calls made to my RouteConfig 
function.
When I enter Form B the internal question values for that form are not 
updated with the values. Because of this the form doesn't recognize when 
its questions are modified.


I was wondering if anyone has had experience creating form where the 
internal question values need to be modified on entry, and what the 
common convention was for doing this.


Thanks,
Dev
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] Creating of a memory hole in System memory

[Vladimir Olovyannikov]

Hello,

I need to reserve an area in the System memory, which should be
write-protected, so that neither UEFI nor Linux could write anything into
it.
If it matters, the platform is ARMv8 64-bit.
I have DDR RAM starting from 0x8000 with size 0x8000, and need to
carve out an area of 0x10 at address 0x8f00 which UEFI should not
touch.
What is the proper way of doing that? I tried creating of a reserved memory
HOB using this:
BuildResourceDescriptorHob (
  MemType,
  ResourceAttributes,
  Address,
  MemSize);
Where ResourceAttributes are
EFI_RESOURCE_ATTRIBUTE_PRESENT| \
EFI_RESOURCE_ATTRIBUTE_INITIALIZED| \
EFI_RESOURCE_ATTRIBUTE_UNCACHEABLE| \
EFI_RESOURCE_ATTRIBUTE_WRITE_PROTECTABLE  | \
EFI_RESOURCE_ATTRIBUTE_WRITE_PROTECTED| \
EFI_RESOURCE_ATTRIBUTE_TESTED

Before that, I declared System memory 0x8000 with size 0x8000 with
DDR_ATTRIBUTES_CACHED for ARM Virtual memory map.
MemoryInitPei (ArmPlatformPkg)  builds a Memory HOB for region 0x8000,
with size 0x8000.
Eventually in the DxeCore in CoreInitializeGcdService() I run into an
ASSERT:

ASSERT [DxeCore] /uefi/MdeModulePkg/Core/Dxe/Gcd/Gcd.c(2467):
(Descriptor.GcdMemoryType == EfiGcdMemoryTypeSystemMemory) ||
(Descriptor.GcdMemoryType == EfiGcdMemoryTypeMoreReliable)

ASSERT ((Descriptor.GcdMemoryType == EfiGcdMemoryTypeSystemMemory) ||
(Descriptor.GcdMemoryType == EfiGcdMemoryTypeMoreReliable));

with GcdMemoryType EfiGcdMemoryTypeNonExistent for Descriptor (BaseAddress:
0x8f10, length 0x7f0f0).

Please help me to figure out what I am doing wrong.

Thank you,
Vladimir
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH 3/3] ArmPlatformPkg, ArmVirtPkg: delete redundant PL031 functions

[Leif Lindholm]

On Thu, May 04, 2017 at 07:10:40PM +0100, Ard Biesheuvel wrote:
> On 3 May 2017 at 22:38, Leif Lindholm  wrote:
> > Remove the functions now provided by EfiTimeBaseLib from
> > PL031RealTimeClockLib. Add EfiTimeBaseLib resolution to ArmVirtPkg
> > in same commit to prevent breakage.
> >
> > Cc: Laszlo Ersek 
> >
> > Contributed-under: TianoCore Contribution Agreement 1.0
> > Signed-off-by: Leif Lindholm 
> 
> I'd rather you'd call it something that doesn't start with 'Efi' given
> that we usually reserve that for protocols and other prototypes that
> are defined by the UEFI spec.

Yes, good call.

> Other than that, this series looks fine to me
> 
> Reviewed-by: Ard Biesheuvel 

Thanks!
Pushed as d547b32..af5fed9

Required resulting updates for edk2-platforms/devel-OpenPlatformPkg
pushed as 43540a5.

/
Leif

> > ---
> >  .../Include/Drivers/PL031RealTimeClock.h   |  11 --
> >  .../PL031RealTimeClockLib/PL031RealTimeClockLib.c  | 127 
> > +
> >  .../PL031RealTimeClockLib.inf  |   1 +
> >  ArmVirtPkg/ArmVirt.dsc.inc |   1 +
> >  4 files changed, 5 insertions(+), 135 deletions(-)
> >
> > diff --git a/ArmPlatformPkg/Include/Drivers/PL031RealTimeClock.h 
> > b/ArmPlatformPkg/Include/Drivers/PL031RealTimeClock.h
> > index 76fbd0eb82..812cd9b397 100644
> > --- a/ArmPlatformPkg/Include/Drivers/PL031RealTimeClock.h
> > +++ b/ArmPlatformPkg/Include/Drivers/PL031RealTimeClock.h
> > @@ -42,15 +42,4 @@
> >
> >  #define PL031_COUNTS_PER_SECOND 1
> >
> > -// Define EPOCH (1970-JANUARY-01) in the Julian Date representation
> > -#define EPOCH_JULIAN_DATE   2440588
> > -
> > -// Seconds per unit
> > -#define SEC_PER_MIN ((UINTN)60)
> > -#define SEC_PER_HOUR((UINTN)  3600)
> > -#define SEC_PER_DAY ((UINTN) 86400)
> > -
> > -#define SEC_PER_MONTH   ((UINTN)  
> > 2,592,000)
> > -#define SEC_PER_YEAR((UINTN) 
> > 31,536,000)
> > -
> >  #endif
> > diff --git 
> > a/ArmPlatformPkg/Library/PL031RealTimeClockLib/PL031RealTimeClockLib.c 
> > b/ArmPlatformPkg/Library/PL031RealTimeClockLib/PL031RealTimeClockLib.c
> > index 4aa448b528..9f115d383c 100644
> > --- a/ArmPlatformPkg/Library/PL031RealTimeClockLib/PL031RealTimeClockLib.c
> > +++ b/ArmPlatformPkg/Library/PL031RealTimeClockLib/PL031RealTimeClockLib.c
> > @@ -36,6 +36,8 @@
> >
> >  #include 
> >
> > +#include 
> > +
> >  #include 
> >
> >  STATIC CONST CHAR16   mTimeZoneVariableName[] = 
> > L"PL031RtcTimeZone";
> > @@ -110,129 +112,6 @@ InitializePL031 (
> >  }
> >
> >  /**
> > -  Converts Epoch seconds (elapsed since 1970 JANUARY 01, 00:00:00 UTC) to 
> > EFI_TIME
> > - **/
> > -VOID
> > -EpochToEfiTime (
> > -  IN  UINTN EpochSeconds,
> > -  OUT EFI_TIME  *Time
> > -  )
> > -{
> > -  UINTN a;
> > -  UINTN b;
> > -  UINTN c;
> > -  UINTN d;
> > -  UINTN g;
> > -  UINTN j;
> > -  UINTN m;
> > -  UINTN y;
> > -  UINTN da;
> > -  UINTN db;
> > -  UINTN dc;
> > -  UINTN dg;
> > -  UINTN hh;
> > -  UINTN mm;
> > -  UINTN ss;
> > -  UINTN J;
> > -
> > -  J  = (EpochSeconds / 86400) + 2440588;
> > -  j  = J + 32044;
> > -  g  = j / 146097;
> > -  dg = j % 146097;
> > -  c  = (((dg / 36524) + 1) * 3) / 4;
> > -  dc = dg - (c * 36524);
> > -  b  = dc / 1461;
> > -  db = dc % 1461;
> > -  a  = (((db / 365) + 1) * 3) / 4;
> > -  da = db - (a * 365);
> > -  y  = (g * 400) + (c * 100) + (b * 4) + a;
> > -  m  = (((da * 5) + 308) / 153) - 2;
> > -  d  = da - (((m + 4) * 153) / 5) + 122;
> > -
> > -  Time->Year  = y - 4800 + ((m + 2) / 12);
> > -  Time->Month = ((m + 2) % 12) + 1;
> > -  Time->Day   = d + 1;
> > -
> > -  ss = EpochSeconds % 60;
> > -  a  = (EpochSeconds - ss) / 60;
> > -  mm = a % 60;
> > -  b = (a - mm) / 60;
> > -  hh = b % 24;
> > -
> > -  Time->Hour= hh;
> > -  Time->Minute  = mm;
> > -  Time->Second  = ss;
> > -  Time->Nanosecond  = 0;
> > -
> > -}
> > -
> > -/**
> > -  Converts EFI_TIME to Epoch seconds (elapsed since 1970 JANUARY 01, 
> > 00:00:00 UTC)
> > - **/
> > -UINTN
> > -EfiTimeToEpoch (
> > -  IN  EFI_TIME  *Time
> > -  )
> > -{
> > -  UINTN a;
> > -  UINTN y;
> > -  UINTN m;
> > -  UINTN JulianDate;  // Absolute Julian Date representation of the 
> > supplied Time
> > -  UINTN EpochDays;   // Number of days elapsed since EPOCH_JULIAN_DAY
> > -  UINTN EpochSeconds;
> > -
> > -  a = (14 - Time->Month) / 12 ;
> > -  y = Time->Year + 4800 - a;
> > -  m = Time->Month + (12*a) - 3;
> > -
> > -  JulianDate = Time->Day + ((153*m + 2)/5) + (365*y) + (y/4) - (y/100) + 
> > (y/400) - 32045;
> > -
> > -  ASSERT 

[edk2] [Patch] NetworkPkg/IScsiDxe: Switch IP4 configuration policy to Static before DHCP

[Jiaxin Wu]

DHCP4 service allows only one of its children to be configured in the active
state. If the DHCP4 D.O.R.A started by IP4 auto configuration and has not
been completed, the Dhcp4 state machine will not be in the right state for
the iSCSI to start a new round D.O.R.A. So, we need to switch it's policy to
static.

Cc: Ye Ting 
Cc: Fu Siyuan 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin 
---
 NetworkPkg/IScsiDxe/IScsiDhcp.c | 61 +
 1 file changed, 61 insertions(+)

diff --git a/NetworkPkg/IScsiDxe/IScsiDhcp.c b/NetworkPkg/IScsiDxe/IScsiDhcp.c
index 43ae50b..6587a05 100644
--- a/NetworkPkg/IScsiDxe/IScsiDhcp.c
+++ b/NetworkPkg/IScsiDxe/IScsiDhcp.c
@@ -369,10 +369,54 @@ IScsiParseDhcpAck (
   FreePool (OptionList);
 
   return Status;
 }
 
+/**
+  This function will switch the IP4 configuration policy to Static.
+
+  @param[in]  Ip4Config2  Pointer to the IP4 configuration protocol.
+
+  @retval EFI_SUCCESS The policy is already configured to static.
+  @retval Others  Other error as indicated.
+
+**/
+EFI_STATUS
+IScsiSetIp4Policy (
+  IN EFI_IP4_CONFIG2_PROTOCOL*Ip4Config2
+  )
+{
+  EFI_IP4_CONFIG2_POLICY  Policy;
+  EFI_STATUS  Status;
+  UINTN   DataSize;
+
+  DataSize = sizeof (EFI_IP4_CONFIG2_POLICY);
+  Status = Ip4Config2->GetData (
+ Ip4Config2,
+ Ip4Config2DataTypePolicy,
+ ,
+ 
+ );
+  if (EFI_ERROR (Status)) {
+return Status;
+  }
+
+  if (Policy != Ip4Config2PolicyStatic) {
+Policy = Ip4Config2PolicyStatic;
+Status= Ip4Config2->SetData (
+  Ip4Config2,
+  Ip4Config2DataTypePolicy,
+  sizeof (EFI_IP4_CONFIG2_POLICY),
+  
+  );
+if (EFI_ERROR (Status)) {
+  return Status;
+} 
+  }
+
+  return EFI_SUCCESS;
+}
 
 /**
   Parse the DHCP ACK to get the address configuration and DNS information.
 
   @param[in]   ImageThe handle of the driver image.
@@ -391,18 +435,20 @@ IScsiDoDhcp (
   IN EFI_HANDLE  Controller,
   IN OUT ISCSI_ATTEMPT_CONFIG_NVDATA *ConfigData
   )
 {
   EFI_HANDLEDhcp4Handle;
+  EFI_IP4_CONFIG2_PROTOCOL  *Ip4Config2;
   EFI_DHCP4_PROTOCOL*Dhcp4;
   EFI_STATUSStatus;
   EFI_DHCP4_PACKET_OPTION   *ParaList;
   EFI_DHCP4_CONFIG_DATA Dhcp4ConfigData;
   ISCSI_SESSION_CONFIG_NVDATA   *NvData;
   BOOLEAN   MediaPresent;
 
   Dhcp4Handle = NULL;
+  Ip4Config2  = NULL;
   Dhcp4   = NULL;
   ParaList= NULL;
 
   //
   // Check media status before doing DHCP.
@@ -412,10 +458,25 @@ IScsiDoDhcp (
   if (!MediaPresent) {
 return EFI_NO_MEDIA;
   }
 
   //
+  // DHCP4 service allows only one of its children to be configured in  
+  // the active state, If the DHCP4 D.O.R.A started by IP4 auto  
+  // configuration and has not been completed, the Dhcp4 state machine 
+  // will not be in the right state for the iSCSI to start a new round 
D.O.R.A. 
+  // So, we need to switch it's policy to static.
+  //
+  Status = gBS->HandleProtocol (Controller, , (VOID 
**) );
+  if (!EFI_ERROR (Status)) {
+Status = IScsiSetIp4Policy (Ip4Config2);
+if (EFI_ERROR (Status)) {
+  return Status;
+}
+  }
+
+  //
   // Create a DHCP4 child instance and get the protocol.
   //
   Status = NetLibCreateServiceChild (
  Controller,
  Image,
-- 
1.9.5.msysgit.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [Patch] BaseTools: Correct VOID* PatchPcd Size in Library Autogen

[Yonghong Zhu]

This patch correct the VOID* PatchPcd Size info generated in the
Library's autogen file. Update it to use the MaxDatumSize.

Cc: Liming Gao 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Yonghong Zhu 
---
 BaseTools/Source/Python/AutoGen/GenC.py | 7 ---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/BaseTools/Source/Python/AutoGen/GenC.py 
b/BaseTools/Source/Python/AutoGen/GenC.py
index 0fb6b9f..542edb3 100644
--- a/BaseTools/Source/Python/AutoGen/GenC.py
+++ b/BaseTools/Source/Python/AutoGen/GenC.py
@@ -1201,19 +1201,20 @@ def CreateLibraryPcdCode(Info, AutoGenC, AutoGenH, Pcd):
 DatumType = ['UINT8', 'UINT16'][Pcd.DefaultValue[0] == 'L']
 AutoGenH.Append('extern %s _gPcd_BinaryPatch_%s%s;\n' %(DatumType, 
TokenCName, Array))
 else:
 AutoGenH.Append('extern volatile  %s  %s%s;\n' % (DatumType, 
PcdVariableName, Array))
 AutoGenH.Append('#define %s  %s_gPcd_BinaryPatch_%s\n' %(GetModeName, 
Type, TokenCName))
+PcdDataSize = GetPcdSize(Pcd)
 if Pcd.DatumType == 'VOID*':
 AutoGenH.Append('#define %s(SizeOfBuffer, Buffer)  
LibPatchPcdSetPtrAndSize((VOID *)_gPcd_BinaryPatch_%s, 
&_gPcd_BinaryPatch_Size_%s, (UINTN)_PCD_PATCHABLE_%s_SIZE, (SizeOfBuffer), 
(Buffer))\n' % (SetModeName, TokenCName, TokenCName, TokenCName))
 AutoGenH.Append('#define %s(SizeOfBuffer, Buffer)  
LibPatchPcdSetPtrAndSizeS((VOID *)_gPcd_BinaryPatch_%s, 
&_gPcd_BinaryPatch_Size_%s, (UINTN)_PCD_PATCHABLE_%s_SIZE, (SizeOfBuffer), 
(Buffer))\n' % (SetModeStatusName, TokenCName, TokenCName, TokenCName))
+AutoGenH.Append('#define %s %s\n' % (PatchPcdSizeTokenName, 
Pcd.MaxDatumSize))
 else:
 AutoGenH.Append('#define %s(Value)  (%s = (Value))\n' % 
(SetModeName, PcdVariableName))
 AutoGenH.Append('#define %s(Value)  ((%s = (Value)), 
RETURN_SUCCESS)\n' % (SetModeStatusName, PcdVariableName))
-
-PcdDataSize = GetPcdSize(Pcd)
-AutoGenH.Append('#define %s %s\n' % (PatchPcdSizeTokenName, 
PcdDataSize))
+AutoGenH.Append('#define %s %s\n' % (PatchPcdSizeTokenName, 
PcdDataSize))
+
 AutoGenH.Append('#define %s %s\n' % 
(GetModeSizeName,PatchPcdSizeVariableName))
 AutoGenH.Append('extern UINTN %s; \n' % PatchPcdSizeVariableName)
 
 if PcdItemType == TAB_PCDS_FIXED_AT_BUILD or PcdItemType == 
TAB_PCDS_FEATURE_FLAG:
 key = ".".join((Pcd.TokenSpaceGuidCName,Pcd.TokenCName))
-- 
2.6.1.windows.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH] UefiCpuPkg/PiSmmCpuDxeSmm: Check ProcessorId == INVALID_APIC_ID

[Jeff Fan]

If PcdCpuHotPlugSupport is TRUE, gSmst->NumberOfCpus will be the
PcdCpuMaxLogicalProcessorNumber. If gSmst->SmmStartupThisAp() is invoked for
those un-existed processors, ASSERT() happened in ConfigSmmCodeAccessCheck().

This fix is to check if ProcessorId is valid before invoke
gSmst->SmmStartupThisAp() in ConfigSmmCodeAccessCheck() and to check if
ProcessorId is valid in InternalSmmStartupThisAp() to avoid unexpected DEBUG
error message displayed.

Cc: Jiewen Yao 
Cc: Eric Dong 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jeff Fan 
---
 UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c  | 3 +++
 UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c | 7 ++-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c 
b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
index e03f1e0..4ac5e8e 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
@@ -860,6 +860,9 @@ InternalSmmStartupThisAp (
 DEBUG((DEBUG_ERROR, "CpuIndex(%d) == 
gSmmCpuPrivate->SmmCoreEntryContext.CurrentlyExecutingCpu\n", CpuIndex));
 return EFI_INVALID_PARAMETER;
   }
+  if (gSmmCpuPrivate->ProcessorInfo[CpuIndex].ProcessorId == INVALID_APIC_ID) {
+return EFI_INVALID_PARAMETER;
+  }
   if (!(*(mSmmMpSyncData->CpuData[CpuIndex].Present))) {
 if (mSmmMpSyncData->EffectiveSyncMode == SmmCpuSyncModeTradition) {
   DEBUG((DEBUG_ERROR, "!mSmmMpSyncData->CpuData[%d].Present\n", CpuIndex));
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c 
b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c
index 2d6b572..8e79642 100755
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c
@@ -1117,7 +1117,12 @@ ConfigSmmCodeAccessCheck (
   //
   for (Index = 0; Index < gSmst->NumberOfCpus; Index++) {
 if (Index != gSmmCpuPrivate->SmmCoreEntryContext.CurrentlyExecutingCpu) {
-
+  if (gSmmCpuPrivate->ProcessorInfo[Index].ProcessorId == INVALID_APIC_ID) 
{
+//
+// If this processor does not exist
+//
+continue;
+  }
   //
   // Acquire Config SMM Code Access Check spin lock.  The AP will release 
the
   // spin lock when it is done executing 
ConfigSmmCodeAccessCheckOnCurrentProcessor().
-- 
2.9.3.windows.2

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [Patch][edk2-platforms] Vlv2TbltDevicePkg: Correct help information.

[Wei, David]

Reviewed-by: zwei4   

Thanks,
David  Wei 


-Original Message-
From: Lu, ShifeiX A 
Sent: Wednesday, May 10, 2017 3:55 PM
To: edk2-devel@lists.01.org
Cc: Wei, David 
Subject: [Patch][edk2-platforms] Vlv2TbltDevicePkg: Correct help information.

Correct help information for BIOS setup item.
---
 Vlv2TbltDevicePkg/PlatformSetupDxe/VfrStrings.uni | Bin 216022 -> 216048 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/Vlv2TbltDevicePkg/PlatformSetupDxe/VfrStrings.uni 
b/Vlv2TbltDevicePkg/PlatformSetupDxe/VfrStrings.uni
index 
0534ca0c09651d44eb2e128c95d416b31937d593..3abdb51f0b3fb3b5b5bd8b0d791d297ae072e140
 100644
GIT binary patch
delta 190
zcmcaMo%h3Z-U$wj<{KSdD>rvkzMHkZLWHp+W4gjOCW+}9HHCPuG%T;+lRXol%5QVe-P2>f4Ltm_n8c
z7XY;@Fq8ug$^k+Jh7^X(>9-Fvr8A~ZcRa!*%9_cL`Uq30!gRZ5Ok>DKG
US2L<^7kJ7vLw5TzCT1^B06dE|KL7v#

-- 
2.7.0.windows.1


___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [Patch][edk2-platforms/devel-MinnowBoard3] Fixed reconnect -r issue.

[Wei, David]

Reviewed-by: zwei4   

Thanks,
David  Wei 

-Original Message-
From: Lu, ShifeiX A 
Sent: Wednesday, May 10, 2017 2:58 PM
To: edk2-devel@lists.01.org
Cc: Wei, David 
Subject: [Patch][edk2-platforms/devel-MinnowBoard3] Fixed reconnect -r issue.

System will hang up when run reconnect -r with SD Card insert.
---
 .../PlatformSettings/PlatformDxe/PciDevice.c   | 33 +-
 1 file changed, 32 insertions(+), 1 deletion(-)

diff --git 
a/Platform/BroxtonPlatformPkg/Common/PlatformSettings/PlatformDxe/PciDevice.c 
b/Platform/BroxtonPlatformPkg/Common/PlatformSettings/PlatformDxe/PciDevice.c
index b8645a2..421ac10 100644
--- 
a/Platform/BroxtonPlatformPkg/Common/PlatformSettings/PlatformDxe/PciDevice.c
+++ 
b/Platform/BroxtonPlatformPkg/Common/PlatformSettings/PlatformDxe/PciDevice.c
@@ -1,7 +1,7 @@
 /** @file
   Platform PCI Bus Initialization Driver.
 
-  Copyright (c) 1999 - 2016, Intel Corporation. All rights reserved.
+  Copyright (c) 1999 - 2017, Intel Corporation. All rights reserved.
 
   This program and the accompanying materials
   are licensed and made available under the terms and conditions of the BSD 
License
@@ -405,6 +405,8 @@ PciBusEvent (
   UINTN Index;
   UINT8 mCacheLineSize = 0x10;
   UINTN Seg, Bus, Dev, Fun;
+  UINT32AcpiIoPortBaseAddr;
+  UINT32CmdValue;
 
   while (TRUE) {
 BufferSize = sizeof (EFI_HANDLE);
@@ -448,6 +450,35 @@ PciBusEvent (
   //
   Status = PciIo->GetLocation (PciIo, , , , );
   if ((Seg ==0) && (Bus == 0) && (Dev == 13) && (Fun == 1)) {
+//
+// Set PMC acpi io port address
+//
+AcpiIoPortBaseAddr = (UINT32) PcdGet16 (PcdScAcpiIoPortBaseAddress);
+PciIo->Pci.Write (
+ PciIo,
+ EfiPciIoWidthUint32,
+ 0x20,
+ 1,
+ 
+ );
+
+PciIo->Pci.Read (
+ PciIo,
+ EfiPciIoWidthUint8,
+ PCI_COMMAND_OFFSET,
+ 1,
+ 
+ );
+
+CmdValue |= BIT0;
+PciIo->Pci.Write (
+ PciIo,
+ EfiPciIoWidthUint8,
+ PCI_COMMAND_OFFSET,
+ 1,
+ 
+ );
+   
 Supports |= BIT0;
   }
   //
-- 
2.7.0.windows.1


___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [Patch][edk2-platforms/devel-MinnowBoard3] Fixed reconnect -r issue.

[lushifex]

System will hang up when run reconnect -r with SD Card insert.
---
 .../PlatformSettings/PlatformDxe/PciDevice.c   | 33 +-
 1 file changed, 32 insertions(+), 1 deletion(-)

diff --git 
a/Platform/BroxtonPlatformPkg/Common/PlatformSettings/PlatformDxe/PciDevice.c 
b/Platform/BroxtonPlatformPkg/Common/PlatformSettings/PlatformDxe/PciDevice.c
index b8645a2..421ac10 100644
--- 
a/Platform/BroxtonPlatformPkg/Common/PlatformSettings/PlatformDxe/PciDevice.c
+++ 
b/Platform/BroxtonPlatformPkg/Common/PlatformSettings/PlatformDxe/PciDevice.c
@@ -1,7 +1,7 @@
 /** @file
   Platform PCI Bus Initialization Driver.
 
-  Copyright (c) 1999 - 2016, Intel Corporation. All rights reserved.
+  Copyright (c) 1999 - 2017, Intel Corporation. All rights reserved.
 
   This program and the accompanying materials
   are licensed and made available under the terms and conditions of the BSD 
License
@@ -405,6 +405,8 @@ PciBusEvent (
   UINTN Index;
   UINT8 mCacheLineSize = 0x10;
   UINTN Seg, Bus, Dev, Fun;
+  UINT32AcpiIoPortBaseAddr;
+  UINT32CmdValue;
 
   while (TRUE) {
 BufferSize = sizeof (EFI_HANDLE);
@@ -448,6 +450,35 @@ PciBusEvent (
   //
   Status = PciIo->GetLocation (PciIo, , , , );
   if ((Seg ==0) && (Bus == 0) && (Dev == 13) && (Fun == 1)) {
+//
+// Set PMC acpi io port address
+//
+AcpiIoPortBaseAddr = (UINT32) PcdGet16 (PcdScAcpiIoPortBaseAddress);
+PciIo->Pci.Write (
+ PciIo,
+ EfiPciIoWidthUint32,
+ 0x20,
+ 1,
+ 
+ );
+
+PciIo->Pci.Read (
+ PciIo,
+ EfiPciIoWidthUint8,
+ PCI_COMMAND_OFFSET,
+ 1,
+ 
+ );
+
+CmdValue |= BIT0;
+PciIo->Pci.Write (
+ PciIo,
+ EfiPciIoWidthUint8,
+ PCI_COMMAND_OFFSET,
+ 1,
+ 
+ );
+   
 Supports |= BIT0;
   }
   //
-- 
2.7.0.windows.1


___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 0/2] Fix SmmCpuFeaturesLib issues

[Jeff Fan]

Jeff Fan (2):
  UefiCpuPkg/SmmCpuFeaturesLib: Fix Ia32/SmiEntry.asm build issue
  UefiCpuPkg/SmmCpuFeaturesLib: Correct print level

 UefiCpuPkg/Library/SmmCpuFeaturesLib/Ia32/SmiEntry.asm|  6 +++---
 .../Library/SmmCpuFeaturesLib/Ia32/SmiException.asm   | 15 ++-
 UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmStm.c |  8 
 3 files changed, 17 insertions(+), 12 deletions(-)

-- 
2.9.3.windows.2

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 1/2] UefiCpuPkg/SmmCpuFeaturesLib: Fix Ia32/SmiEntry.asm build issue

[Jeff Fan]

Cc: Jiewen Yao 
Cc: Eric Dong 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jeff Fan 
---
 UefiCpuPkg/Library/SmmCpuFeaturesLib/Ia32/SmiEntry.asm|  6 +++---
 .../Library/SmmCpuFeaturesLib/Ia32/SmiException.asm   | 15 ++-
 2 files changed, 13 insertions(+), 8 deletions(-)

diff --git a/UefiCpuPkg/Library/SmmCpuFeaturesLib/Ia32/SmiEntry.asm 
b/UefiCpuPkg/Library/SmmCpuFeaturesLib/Ia32/SmiEntry.asm
index 94888d5..91dc1eb 100644
--- a/UefiCpuPkg/Library/SmmCpuFeaturesLib/Ia32/SmiEntry.asm
+++ b/UefiCpuPkg/Library/SmmCpuFeaturesLib/Ia32/SmiEntry.asm
@@ -1,5 +1,5 @@
 
;-- 
;
-; Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.
+; Copyright (c) 2009 - 2017, Intel Corporation. All rights reserved.
 ; This program and the accompanying materials
 ; are licensed and made available under the terms and conditions of the BSD 
License
 ; which accompanies this distribution.  The full text of the license may be 
found at
@@ -201,7 +201,7 @@ CommonHandler:
 calleax
 add esp, 4
 
-mov eax, gStmXdSupported
+mov eax, offset gStmXdSupported
 mov al, [eax]
 cmp al, 0
 jz  @f
@@ -221,7 +221,7 @@ _StmSmiHandler:
 ; Check XD disable bit
 ;
 xor esi, esi
-mov eax, gStmXdSupported
+mov eax, offset gStmXdSupported
 mov al, [eax]
 cmp al, 0
 jz  @StmXdDone
diff --git a/UefiCpuPkg/Library/SmmCpuFeaturesLib/Ia32/SmiException.asm 
b/UefiCpuPkg/Library/SmmCpuFeaturesLib/Ia32/SmiException.asm
index 7c04ad9..d0ae147 100644
--- a/UefiCpuPkg/Library/SmmCpuFeaturesLib/Ia32/SmiException.asm
+++ b/UefiCpuPkg/Library/SmmCpuFeaturesLib/Ia32/SmiException.asm
@@ -1,5 +1,5 @@
 
;-- 
;
-; Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.
+; Copyright (c) 2009 - 2017, Intel Corporation. All rights reserved.
 ; This program and the accompanying materials
 ; are licensed and made available under the terms and conditions of the BSD 
License
 ; which accompanies this distribution.  The full text of the license may be 
found at
@@ -26,11 +26,16 @@ EXTERNDEF   gcStmPsd:BYTE
 EXTERNDEF   SmmStmExceptionHandler:PROC
 EXTERNDEF   SmmStmSetup:PROC
 EXTERNDEF   SmmStmTeardown:PROC
+EXTERNDEF   gStmXdSupported:BYTE
 
 CODE_SEL= 08h
 DATA_SEL= 20h
 TSS_SEL = 40h
 
+MSR_IA32_MISC_ENABLE  EQU 1A0h
+MSR_EFER  EQU 0c080h
+MSR_EFER_XD   EQU 0800h
+
 .data
 
 gcStmPsd LABEL   BYTE
@@ -88,7 +93,7 @@ _OnStmSetup PROC
 ; Check XD disable bit
 ;
 xor esi, esi
-mov eax, gStmXdSupported
+mov eax, offset gStmXdSupported
 mov al, [eax]
 cmp al, 0
 jz  @StmXdDone1
@@ -109,7 +114,7 @@ _OnStmSetup PROC
 
   call SmmStmSetup
 
-mov eax, gStmXdSupported
+mov eax, offset gStmXdSupported
 mov al, [eax]
 cmp al, 0
 jz  @f
@@ -130,7 +135,7 @@ _OnStmTeardown PROC
 ; Check XD disable bit
 ;
 xor esi, esi
-mov eax, gStmXdSupported
+mov eax, offset gStmXdSupported
 mov al, [eax]
 cmp al, 0
 jz  @StmXdDone2
@@ -151,7 +156,7 @@ _OnStmTeardown PROC
 
   call SmmStmTeardown
 
-mov eax, gStmXdSupported
+mov eax, offset gStmXdSupported
 mov al, [eax]
 cmp al, 0
 jz  @f
-- 
2.9.3.windows.2

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 2/2] UefiCpuPkg/SmmCpuFeaturesLib: Correct print level

[Jeff Fan]

Cc: Jiewen Yao 
Cc: Eric Dong 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jeff Fan 
---
 UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmStm.c | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmStm.c 
b/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmStm.c
index 03937dc..45015b8 100644
--- a/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmStm.c
+++ b/UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmStm.c
@@ -326,8 +326,8 @@ SmmCpuFeaturesInstallSmiHandler (
   Psd->SmmSmiHandlerRsp = (UINTN)SmiStack + StackSize - sizeof(UINTN);
   Psd->SmmCr3   = Cr3;
 
-  DEBUG((DEBUG_ERROR, "CpuSmmStmExceptionStackSize - %x\n", 
PcdGet32(PcdCpuSmmStmExceptionStackSize)));
-  DEBUG((DEBUG_ERROR, "Pages - %x\n", 
EFI_SIZE_TO_PAGES(PcdGet32(PcdCpuSmmStmExceptionStackSize;
+  DEBUG((DEBUG_INFO, "CpuSmmStmExceptionStackSize - %x\n", 
PcdGet32(PcdCpuSmmStmExceptionStackSize)));
+  DEBUG((DEBUG_INFO, "Pages - %x\n", 
EFI_SIZE_TO_PAGES(PcdGet32(PcdCpuSmmStmExceptionStackSize;
   Psd->StmProtectionExceptionHandler.SpeRsp = (UINT64)(UINTN)AllocatePages 
(EFI_SIZE_TO_PAGES (PcdGet32 (PcdCpuSmmStmExceptionStackSize)));
   Psd->StmProtectionExceptionHandler.SpeRsp += EFI_PAGES_TO_SIZE 
(EFI_SIZE_TO_PAGES (PcdGet32 (PcdCpuSmmStmExceptionStackSize)));
 
@@ -735,7 +735,7 @@ ValidateResource (
   Resource = ResourceList;
 
   for (Index = 0; Index < Count; Index++) {
-DEBUG ((DEBUG_ERROR, "ValidateResource (%d) - RscType(%x)\n", Index, 
Resource->Header.RscType));
+DEBUG ((DEBUG_INFO, "ValidateResource (%d) - RscType(%x)\n", Index, 
Resource->Header.RscType));
 //
 // Validate resource.
 //
@@ -782,7 +782,7 @@ ValidateResource (
 break;
 
   case PCI_CFG_RANGE:
-DEBUG ((DEBUG_ERROR, "ValidateResource - PCI (0x%02x, 0x%08x, 0x%02x, 
0x%02x)\n", Resource->PciCfg.OriginatingBusNumber, 
Resource->PciCfg.LastNodeIndex, Resource->PciCfg.PciDevicePath[0].PciDevice, 
Resource->PciCfg.PciDevicePath[0].PciFunction));
+DEBUG ((DEBUG_INFO, "ValidateResource - PCI (0x%02x, 0x%08x, 0x%02x, 
0x%02x)\n", Resource->PciCfg.OriginatingBusNumber, 
Resource->PciCfg.LastNodeIndex, Resource->PciCfg.PciDevicePath[0].PciDevice, 
Resource->PciCfg.PciDevicePath[0].PciFunction));
 if (Resource->Header.Length != sizeof (STM_RSC_PCI_CFG_DESC) + 
(sizeof(STM_PCI_DEVICE_PATH_NODE) * Resource->PciCfg.LastNodeIndex)) {
   return FALSE;
 }
-- 
2.9.3.windows.2

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [patch] MdeModulePkg/FormDisplay: Make the LineWidth of option consistent

[Dong, Eric]

Reviewed-by: Eric Dong 

-Original Message-
From: Bi, Dandan 
Sent: Wednesday, May 10, 2017 2:21 PM
To: edk2-devel@lists.01.org
Cc: Dong, Eric ; Gao, Liming 
Subject: [patch] MdeModulePkg/FormDisplay: Make the LineWidth of option 
consistent

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=529

LineWidth of option in funcrion UpdateSkipInfoForMenu and DisplayOneMenu are 
inconsistent. Now fix this issue to avoid incorrect UI display.

Cc: Eric Dong 
Cc: Liming Gao 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi 
---
 MdeModulePkg/Universal/DisplayEngineDxe/FormDisplay.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/MdeModulePkg/Universal/DisplayEngineDxe/FormDisplay.c 
b/MdeModulePkg/Universal/DisplayEngineDxe/FormDisplay.c
index e1ac5a3..dc4ae4b 100644
--- a/MdeModulePkg/Universal/DisplayEngineDxe/FormDisplay.c
+++ b/MdeModulePkg/Universal/DisplayEngineDxe/FormDisplay.c
@@ -875,11 +875,11 @@ UpdateSkipInfoForMenu (
   UINT16  Width;
   UINTN   Row;
   CHAR16  *OutputString;
   UINT16  GlyphWidth;
 
-  Width = (UINT16) gOptionBlockWidth;
+  Width = (UINT16) gOptionBlockWidth - 1;
   GlyphWidth= 1;
   Row   = 1;
 
   for (Index = 0; GetLineByWidth (OptionString, Width, , , 
) != 0x;) {
 if (StrLen ([Index]) != 0) {
--
1.9.5.msysgit.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [patch] MdeModulePkg/FormDisplay: Make the LineWidth of option consistent

[Dandan Bi]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=529

LineWidth of option in funcrion UpdateSkipInfoForMenu and DisplayOneMenu
are inconsistent. Now fix this issue to avoid incorrect UI display.

Cc: Eric Dong 
Cc: Liming Gao 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi 
---
 MdeModulePkg/Universal/DisplayEngineDxe/FormDisplay.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/MdeModulePkg/Universal/DisplayEngineDxe/FormDisplay.c 
b/MdeModulePkg/Universal/DisplayEngineDxe/FormDisplay.c
index e1ac5a3..dc4ae4b 100644
--- a/MdeModulePkg/Universal/DisplayEngineDxe/FormDisplay.c
+++ b/MdeModulePkg/Universal/DisplayEngineDxe/FormDisplay.c
@@ -875,11 +875,11 @@ UpdateSkipInfoForMenu (
   UINT16  Width;
   UINTN   Row;
   CHAR16  *OutputString;
   UINT16  GlyphWidth;
 
-  Width = (UINT16) gOptionBlockWidth;
+  Width = (UINT16) gOptionBlockWidth - 1;
   GlyphWidth= 1;
   Row   = 1;
 
   for (Index = 0; GetLineByWidth (OptionString, Width, , , 
) != 0x;) {
 if (StrLen ([Index]) != 0) {
-- 
1.9.5.msysgit.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel