[AMD Official Use Only - General]
Hi Aladyshev,
> -Original Message-
> From: Konstantin Aladyshev
> Sent: Wednesday, August 30, 2023 11:09 PM
> To: Chang, Abner
> Cc: disc...@edk2.groups.io; devel@edk2.groups.io
> Subject: Re: [edk2-discuss] PLDM messages via MCTP over KCS
>
> Caution:
[AMD Official Use Only - General]
Yes Nickle,
I agree to have a common API for initializing the structure members.
Thanks
Abner
From: Nickle Wang
Sent: Wednesday, August 30, 2023 9:48 AM
To: Mike Maslenkin ; devel@edk2.groups.io; Chang,
Abner
Cc: ig...@ami.com
Subject: RE: [PATCH v2 1/6]
Hi Sean/Andrew/Leif/Mike
Now, I think we actually have multiple options to handle this:
1) CryptoPkg in edk2 repo (add MbedTls to existing CryptoPkg)
2) CryptoPkg in edk2 repo + a new MbedTlsCryptoPkg in edk2 repo
3) CryptoPkg in edk2 repo + MbedTlsCryptoPkg in a new repo
4) Move CryptoPkg
Hi Sean
Thanks for the feedback. Personally, I don't have strong opinion on this.
Since this is a big change, I would like to have Steward member's opinion.
Hi Andrew/Leif/Mike
What do you think?
Thank you
Yao, Jiewen
> -Original Message-
> From: devel@edk2.groups.io On Behalf Of
Now that the transition to use SetMemoryProtectionsLib and
GetMemoryProtectionsLib is complete, delete the memory protection PCDs
to avoid confusing the interface. All memory protection settings
will now be set and consumed via the libraries.
Signed-off-by: Taylor Beebe
Cc: Jian J Wang
Cc:
Now that the transition to use SetMemoryProtectionsLib and
GetMemoryProtectionsLib is complete, delete the memory protection PCDs
to avoid confusing the interface. All memory protection settings
will now be set and consumed via the libraries.
Signed-off-by: Taylor Beebe
Cc: Ard Biesheuvel
Cc:
Now that the transition to use SetMemoryProtectionsLib and
GetMemoryProtectionsLib is complete, delete the PCD profile
to avoid confusing the interface. All memory protection settings
will now be set and consumed via the libraries.
Signed-off-by: Taylor Beebe
Cc: Jian J Wang
Cc: Liming Gao
---
Now that the transition to use SetMemoryProtectionsLib and
GetMemoryProtectionsLib is complete, delete the memory protection PCDs
to avoid confusing the interface. All memory protection settings
will now be set and consumed via the libraries.
Signed-off-by: Taylor Beebe
Cc: Ard Biesheuvel
Cc:
Now that the EDK2 tree uses GetMemoryProtectionsLib to query
the platform memory protection settings, OvmfPkg can be updated
to use QemuCfg to set the entire memory protection profile instead
of just SetNxForStack.
For example, the following will set the DXE memory protection to
the RELEASE
Set the memory protections on Arm virtual platforms. Because
the QemuFg parser is not currently available in ArmVirtPkg, use
the RELEASE profile by default.
Signed-off-by: Taylor Beebe
Cc: Ard Biesheuvel
Cc: Leif Lindholm
Cc: Sami Mujawar
Cc: Gerd Hoffmann
---
Now that the EDK2 tree uses GetMemoryProtectionsLib to query
the platform memory protection settings, we can add additional
profiles to SetMemoryProtectionsLib to give plaforms more options
for setting memory protections.
Signed-off-by: Taylor Beebe
Cc: Jian J Wang
Cc: Liming Gao
---
Replace references to the memory protection PCDs to instead
check the platform protections via GetMemoryProtectionsLib.
Because the protection profile is equivalent to the PCD settings,
this updated does not cause a torn state.
Signed-off-by: Taylor Beebe
Cc: Jian J Wang
Cc: Liming Gao
Cc:
Replace references to the memory protection PCDs to instead
check the platform protections via GetMemoryProtectionsLib.
Because the protection profile is equivalent to the PCD settings,
this updated does not cause a torn state.
Signed-off-by: Taylor Beebe
Cc: Eric Dong
Cc: Ray Ni
Cc: Rahul
Replace references to the memory protection PCDs to instead
check the platform protections via GetMemoryProtectionsLib.
Because the protection profile is equivalent to the PCD settings,
this updated does not cause a torn state.
Signed-off-by: Taylor Beebe
Cc: Ard Biesheuvel
Cc: Jiewen Yao
Cc:
Replace references to the memory protection PCDs to instead
check the platform protections via GetMemoryProtectionsLib.
Because the protection profile is equivalent to the PCD settings,
this updated does not cause a torn state.
Signed-off-by: Taylor Beebe
Cc: Andrew Fish
Cc: Ray Ni
---
Update the DXE handoff logic in UefiPayloadPkg to use
SetMemoryProtectionsLib to fetch the platform memory protection
settings and reference them when creating the page tables.
Because the protection profile is equivalent to the PCD settings
even when the platform does not explicitly set a
Update the DXE handoff logic in MdeModulePkg to use
SetMemoryProtectionsLib to fetch the platform memory protection
settings and reference them when creating the page tables.
Because the protection profile is equivalent to the PCD settings
even when the platform does not explicitly set a profile,
Replace references to the memory protection PCDs to instead
check the platform protections via GetMemoryProtectionsLib.
Signed-off-by: Taylor Beebe
Cc: Leif Lindholm
Cc: Ard Biesheuvel
Cc: Sami Mujawar
---
ArmPkg/Drivers/CpuDxe/CpuDxe.c | 5 ++---
ArmPkg/ArmPkg.dsc| 1 +
Use SetMemoryProtectionsLib to set the memory protections for
the platform in both normal and PEI-less boot. The protections
set are equivalent to the PCD settings and the ability to set
NxForStack via QemuCfg is preserved. Once the transition to use
SetMemoryProtectionsLib and
This patch updates the DXE Handoff in PEI-less Startup to use
SetMemoryProtectionsLib to get the platform memory protection settings
and build the page tables based on the applied protections.
Signed-off-by: Taylor Beebe
Cc: Ard Biesheuvel
Cc: Jiewen Yao
Cc: Jordan Justen
Cc: Gerd Hoffmann
Add library classes for SetMemoryProtectionsLib and
GetMemoryProtectionsLib to OvmfPkg platfomrs.
Signed-off-by: Taylor Beebe
Cc: Ard Biesheuvel
Cc: Jiewen Yao
Cc: Jordan Justen
Cc: Gerd Hoffmann
Cc: Rebecca Cran
Cc: Peter Grehan
Cc: Corvin Köhne
Cc: Jianyong Wu
Cc: Anatol Belski
Cc:
Memory protection is not set in PEI and ingested during and
after DXE handoff. This paradigm means that the platform cannot
reliably query the stack guard setting during MpInit. Because the
execution path of PEI consistent and no third party
code is executed, setting the stack guard in MpInit on
Add library classes for SetMemoryProtectionsLib and
GetMemoryProtectionsLib to ArmVirtPkg.
Signed-off-by: Taylor Beebe
Cc: Ard Biesheuvel
Cc: Leif Lindholm
Cc: Sami Mujawar
Cc: Gerd Hoffmann
Cc: Julien Grall
---
ArmVirtPkg/ArmVirt.dsc.inc | 6 ++
1 file changed, 6 insertions(+)
diff
SetMemoryProtectionsLib is a PEIM which allows platforms to
apply memory protection settings to the current boot.
GetMemoryProtectionsLib has DXE and MM implementations to allow
platforms to query the current memory protection settings via a
global variable populated by the library
When page/pool protections are active, the GCD sync process takes
quite a bit longer than normal. This behavior is primarily due to
a function which dumps the GCD memory map to the console. This
dump function runs only on DEBUG builds but will iterate through
the GCD memory map dozens of times
HOB memory should not be written to in DXE phase. This patch
copies the PCD database from PEI into a new buffer so updates
to dynamic PCDs don't write to HOB memory.
Signed-off-by: Taylor Beebe
Cc: Jian J Wang
Cc: Liming Gao
Cc: Dandan Bi
---
MdeModulePkg/Universal/PCD/Dxe/Service.c | 6
The SetMemoryProtectionsLib implementation has functionality for
setting protections based on a preset profile or a custom DXE/MM
profile passed in by the caller. The implementation also supports
locking the protections (tracked via an extra boolean stored
in the HOB entry) which prevents the
Because the platform memory protection settings will be stored
in the HOB, the HOB list should be marked read-only and non-executable
as soon as possible in boot.
This patch page-aligns the allocated HOB list in DXE and marks
it RO/NX during memory protection initialization.
Signed-off-by:
The NULL instances for GetMemoryProtectionsLib and
SetMemoryProtectionsLib just zero out the memory protections
structure effectively disabling memory protections.
Signed-off-by: Taylor Beebe
Cc: Jian J Wang
Cc: Liming Gao
---
v3:
- Fix incorrect ordering of the SetMemoryProtectionsLib profile definitions
midway through the patch series by using C99 instantialization.
- Update OvmfPkg to use the Release profile by default.
- Update the method by which platform initialization in OvmfPkg associates
the input FwCfg data
These headers provide settings definitions for memory protections,
settings profiles for easily enabling memory protections,
and the GUIDs used for producing the memory protection HOB entry.
The settings options are functionally 1:1 with the existing
PCD bitfield definitions. Instead of setting a
On Wed, Aug 30, 2023 at 14:50:33 +0200, Ard Biesheuvel wrote:
> On Wed, 30 Aug 2023 at 13:39, Leif Lindholm wrote:
> >
> > The top two bits of the Extended BIOS ROM Size field indicates the unit
> > used for the remaining 14 bits. If the size is greater than 16GB, the
> > unit is gigabytes.
> >
I appreciate and really like this work to enable mbedtls but I don't
like the idea of adding another submodule to edk2.
For a long time there has been discussion about formalizing the
abstraction of the edk2 crypto api so that it would be practical to
implement edk2's crypto using various
It would be great if you could update the CryptoPkg Readme.md file for
this series.
Thanks,
Michael
On 8/30/2023 3:52 AM, Wenxing Hou wrote:
*** Add BaseCryptLibMbedTls for CryptoPkg, which can be an alternative to
OpenSSL in some scenarios. There are four features in the patch:
From: HoraceX Lien
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4544
These value of Major/Minor version are updated from SMBIOS memory data,
but BCD Revision is updated from PCD PcdSmbiosVersion.
We should also update PCD PcdSmbiosVersion from SMBIOS memory data,
to ensure that get
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4543
REF:
https://uefi.org/specs/UEFI/2.10/07_Services_Boot_Services.html#efi-boot-services-locatehandlebuffer
CoreLocateHandleBuffer() can in certain cases, can return
an error and not free an allocated buffer. This scenario
occurs if the
Reviewed-by: Igor Kulchytskyy
Reviewed the whole patch V2
Regards,
Igor Kulchytskyy
-Original Message-
From: Mike Maslenkin
Sent: Tuesday, August 29, 2023 4:01 AM
To: devel@edk2.groups.io
Cc: abner.ch...@amd.com; nick...@nvidia.com; Igor Kulchytskyy ;
Mike Maslenkin
Subject: [EXTERNAL]
Hi!
I've started to implement MCTP over KCS binding for the libmctp
(https://github.com/openbmc/libmctp) and test it with the current code
in the ManageabilityPkg.
I was able successfully send the MCTP packet to the BMC, but right now
I'm having some troubles with receiving the answer back.
I
On 8/30/23 15:00, Ard Biesheuvel wrote:
> On Tue, 29 Aug 2023 at 16:37, Laszlo Ersek wrote:
>>
>> On 8/29/23 15:29, Ard Biesheuvel wrote:
>>> Laszlo reports that the efi_gdb.py script fails to produce a full
>>> backtrace when attaching it to an ARM firmware build that has halted on
>>> an
On Wed, 16 Aug 2023 at 10:56, Nhi Pham wrote:
>
> Hi Ard and Ming,
>
> I have been seeing an issue with StandaloneMM HobLib that can be fixed
> by this patch as well.
>
> The function CreateHob() in the HobLib instance
> StandaloneMmPkg/Library/StandaloneMmCoreHobLib/StandaloneMmCoreHobLib.inf
>
On Tue, 29 Aug 2023 at 16:37, Laszlo Ersek wrote:
>
> On 8/29/23 15:29, Ard Biesheuvel wrote:
> > Laszlo reports that the efi_gdb.py script fails to produce a full
> > backtrace when attaching it to an ARM firmware build that has halted on
> > an unhandled exception.
> >
> > The reason is that
On Wed, 30 Aug 2023 at 13:39, Leif Lindholm wrote:
>
> The top two bits of the Extended BIOS ROM Size field indicates the unit
> used for the remaining 14 bits. If the size is greater than 16GB, the
> unit is gigabytes.
> The test for this uses the local BiosPhysicalSize variable, which is a
>
The top two bits of the Extended BIOS ROM Size field indicates the unit
used for the remaining 14 bits. If the size is greater than 16GB, the
unit is gigabytes.
The test for this uses the local BiosPhysicalSize variable, which is a
UINTN, meaning that when building for a 32/bit architecture (ARM)
Reviewed-by: Ray Ni
Thanks,
Ray
From: Tan, Dun
Sent: Wednesday, August 30, 2023 3:35 PM
To: devel@edk2.groups.io
Cc: Wang, Jian J ; Gao, Liming
; Ni, Ray
Subject: [Patch V2] MdeModulePkg/DxeCorePerformanceLib:fix smm perf issue
Fix smm perf issue in
Christine:
I have no comments for this patch set. Reviewed-by: Liming Gao
Thanks
Liming
> -邮件原件-
> 发件人: devel@edk2.groups.io 代表 Bob Feng
> 发送时间: 2023年6月29日 14:54
> 收件人: Chen, Christine ; devel@edk2.groups.io
> 抄送: Rebecca Cran ; Gao, Liming
>
> 主题: Re: [edk2-devel] [Patch V2 1/4]
Add Null functions to build. These feature are not supported now.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Cc: Jiewen Yao
cc: Yi Li
Cc: Xiaoyu Lu
Cc: Guomin Jiang
Signed-off-by: Wenxing Hou
---
.../BaseCryptLibMbedTls/Bn/CryptBnNull.c | 520
Add MD5/SHA1/SHA256/SHA384/SHA512 APIs.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Cc: Jiewen Yao
cc: Yi Li
Cc: Xiaoyu Lu
Cc: Guomin Jiang
Signed-off-by: Wenxing Hou
---
.../BaseCryptLibMbedTls/Hash/CryptMd5.c | 234 +
.../BaseCryptLibMbedTls/Hash/CryptSha1.c
Change CI for new Mbedtls submodule.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Cc: Jiewen Yao
cc: Yi Li
Cc: Xiaoyu Lu
Cc: Guomin Jiang
Signed-off-by: Wenxing Hou
---
.pytool/CISettings.py | 2 ++
CryptoPkg/CryptoPkg.ci.yaml | 66 +++--
Add .inf files and other support files.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Cc: Jiewen Yao
cc: Yi Li
Cc: Xiaoyu Lu
Cc: Guomin Jiang
Signed-off-by: Wenxing Hou
---
CryptoPkg/CryptoPkg.dec | 4 +
CryptoPkg/CryptoPkgMbedTls.dsc| 280
Add RSA APIs.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Cc: Jiewen Yao
cc: Yi Li
Cc: Xiaoyu Lu
Cc: Guomin Jiang
Signed-off-by: Wenxing Hou
---
.../BaseCryptLibMbedTls/InternalCryptLib.h| 44 +++
.../BaseCryptLibMbedTls/Pk/CryptRsaBasic.c| 268 ++
Add HKDF APIs.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Cc: Jiewen Yao
cc: Yi Li
Cc: Xiaoyu Lu
Cc: Guomin Jiang
Signed-off-by: Wenxing Hou
---
.../BaseCryptLibMbedTls/Kdf/CryptHkdf.c | 372 ++
.../BaseCryptLibMbedTls/Kdf/CryptHkdfNull.c | 192
Add HMAC APIS.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Cc: Jiewen Yao
cc: Yi Li
Cc: Xiaoyu Lu
Cc: Guomin Jiang
Signed-off-by: Wenxing Hou
---
.../BaseCryptLibMbedTls/Hmac/CryptHmac.c | 620 ++
.../BaseCryptLibMbedTls/Hmac/CryptHmacNull.c | 359
Add mbedtls 3.3.0 as submodule in CryptoPkg.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Cc: Jiewen Yao
cc: Yi Li
Cc: Xiaoyu Lu
Cc: Guomin Jiang
Signed-off-by: Wenxing Hou
---
.gitmodules | 3 +++
CryptoPkg/Library/MbedTlsLib/mbedtls | 1 +
2 files
Purpose: Add BaseCryptLibMbedTls for CryptoPkg, which can be an alternative to
OpenSSL in some scenarios.
There are four features based on mbedtls in the patch: HMAC/HKDF/RSA/HASH.
These functions can be uesed to reduce the size.
The others features such as ECC/PKCS1 is WIP because of some known
Hi Jiewen,
Do you have any comments on the patch V7?
The 2 patches are for CryptoPkg and SecurityPky.
Could you help to review/merge the patches?
Thank you.
BR
Sheng Wei
> -Original Message-
> From: Sheng, W
> Sent: Tuesday, August 22, 2023 1:59 PM
> To: devel@edk2.groups.io; Yao, Jiewen
Change CI for new Mbedtls submodule.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Cc: Jiewen Yao
cc: Yi Li
Cc: Xiaoyu Lu
Cc: Guomin Jiang
Signed-off-by: Wenxing Hou
---
.pytool/CISettings.py | 2 ++
CryptoPkg/CryptoPkg.ci.yaml | 66 +++--
Add MD5/SHA1/SHA256/SHA384/SHA512 APIs.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Cc: Jiewen Yao
cc: Yi Li
Cc: Xiaoyu Lu
Cc: Guomin Jiang
Signed-off-by: Wenxing Hou
---
.../BaseCryptLibMbedTls/Hash/CryptMd5.c | 234 +
.../BaseCryptLibMbedTls/Hash/CryptSha1.c
Add Null functions to build. These feature are not supported now.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Cc: Jiewen Yao
cc: Yi Li
Cc: Xiaoyu Lu
Cc: Guomin Jiang
Signed-off-by: Wenxing Hou
---
.../BaseCryptLibMbedTls/Bn/CryptBnNull.c | 520
Add .inf files and other support files.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Cc: Jiewen Yao
cc: Yi Li
Cc: Xiaoyu Lu
Cc: Guomin Jiang
Signed-off-by: Wenxing Hou
---
CryptoPkg/CryptoPkg.dec | 4 +
CryptoPkg/CryptoPkgMbedTls.dsc| 280
Add RSA APIs.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Cc: Jiewen Yao
cc: Yi Li
Cc: Xiaoyu Lu
Cc: Guomin Jiang
Signed-off-by: Wenxing Hou
---
.../BaseCryptLibMbedTls/InternalCryptLib.h| 44 +++
.../BaseCryptLibMbedTls/Pk/CryptRsaBasic.c| 268 ++
Add HKDF APIs.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Cc: Jiewen Yao
cc: Yi Li
Cc: Xiaoyu Lu
Cc: Guomin Jiang
Signed-off-by: Wenxing Hou
---
.../BaseCryptLibMbedTls/Kdf/CryptHkdf.c | 372 ++
.../BaseCryptLibMbedTls/Kdf/CryptHkdfNull.c | 192
Add HMAC APIS.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Cc: Jiewen Yao
cc: Yi Li
Cc: Xiaoyu Lu
Cc: Guomin Jiang
Signed-off-by: Wenxing Hou
---
.../BaseCryptLibMbedTls/Hmac/CryptHmac.c | 620 ++
.../BaseCryptLibMbedTls/Hmac/CryptHmacNull.c | 359
*** Add BaseCryptLibMbedTls for CryptoPkg, which can be an alternative to
OpenSSL in some scenarios. There are four features in the patch:
HMAC/HKDF/RSA/HASH.***
Wenxing Hou (9):
CryptoPkg: Add mbedtls submodule for EDKII
CryptoPkg: Add mbedtls_config and MbedTlsLib.inf
CryptoPkg: Add
Add mbedtls 3.3.0 as submodule in CryptoPkg.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Cc: Jiewen Yao
cc: Yi Li
Cc: Xiaoyu Lu
Cc: Guomin Jiang
Signed-off-by: Wenxing Hou
---
.gitmodules | 3 +++
CryptoPkg/Library/MbedTlsLib/mbedtls | 1 +
2 files
Fix smm perf issue in DxeCorePerformanceLib. In
current code logic, total SMM perf record is copied
multiple times to FPDT table if multiple ReadyToBoot
events are signaled. This patch changes the function
InternalGetSmmPerfData() to only get newly generated
Smm perf data. Then previous generated
Use MpService2Ppi to wakeup AP in s3 boot flow during initializing
CPU. If mSmmS3ResumeState->MpService2Ppi is not 0, then BSP will
use MpService2Ppi->StartupAllCPUs to do CPU initialization for both
BSP and AP instead of only sending InitSipiSipi for AP.
Signed-off-by: Dun Tan
Cc: Eric Dong
This commit is code logic refinement for s3 boot flow
in CpuS3.c. It doesn't change any code functionality.
This commit implementes InitializeAp and InitializeBsp
as a single function since they are doing almost the
same thing. Then both BSP and AP will execute the same
function
In V3 patch set:
1.Adjusted the order of some code in InitializeCpuBeforeRebase/After to make
the code easier to understand
2.Remove the function cast of InitializeCpuProcedure.
Only the 'code refinement for CpuS3.c' and 'use MpService2Ppi to wakeup AP in
s3' patches are modified in V3 patch
Already add me push tag. Once it pass the CI, it would be merged.
Thanks,
Zhichao
> -Original Message-
> From: Nhi Pham
> Sent: Tuesday, August 29, 2023 10:36 AM
> To: Gao, Zhichao ; Nhi Pham
> ; devel@edk2.groups.io
> Subject: Re: [PATCH 1/1] ShellPkg/SmbiosView: Update display of PCIe
69 matches
Mail list logo
