Re: [edk2-devel] [RFC v1 5/4] CryptoPkg/TlsLib: accept peer certs via both DNS names and IP addresses

2019-10-17 Thread Laszlo Ersek
Jiaxin, On 10/16/19 17:25, David Woodhouse wrote: > On Wed, 2019-10-16 at 16:43 +0200, Laszlo Ersek wrote: >> Regarding the current edk2 patch set, I think we should do the following: >> >> - use X509_VERIFY_PARAM_set1_ip() rather than >> X509_VERIFY_PARAM_set1_i

Re: [edk2-devel] [PATCH v2 0/2] PlatformBootManagerLib: Don't update progress if Pcd is 0

2019-10-16 Thread Laszlo Ersek
On 10/14/19 20:36, Laszlo Ersek wrote: > On 10/14/19 17:03, Pete Batard wrote: >> Changes from previous version: >> - Additional empty comment lines above and below, to keep with existing >> comment >> style >> - Similar logic is applied to ArmVirtPkg/PlatformB

Re: [edk2-devel] [PATCH 0/3] BaseTools: Add a script to use with 'git-send-email --cc-cmd'

2019-10-16 Thread Laszlo Ersek
Hi Phil, On 10/16/19 16:09, Philippe Mathieu-Daude wrote: > Hi, > > This series contains trivial fixes to the GetMaintainer.py script, > then adds a new script which allow git-send-email to automatically > fills the email addresses relevant to each patch, using the new > Maintainer.txt format

Re: [edk2-devel] [RFC v1 5/4] CryptoPkg/TlsLib: accept peer certs via both DNS names and IP addresses

2019-10-16 Thread Laszlo Ersek
On 10/16/19 15:35, David Woodhouse wrote: > On Wed, 2019-10-16 at 13:41 +0200, Laszlo Ersek wrote: >> Anyway: we still have the issue that X509_VERIFY_PARAM_set_ip_asc() >> appears to reject IPv4 address literals. Could you check that please? >> >> (Using a hosted (Li

Re: [edk2-devel] [PATCH v2 0/4] trivial: Fix typos in "processing/processed"

2019-10-16 Thread Laszlo Ersek
On 10/16/19 15:25, Philippe Mathieu-Daude wrote: > Some "processing/processed" words are written with an extra 's'. > Properly write them. > > v2: Rebased > > Philippe Mathieu-Daudé (4): > MdeModulePkg DxeCore: Fix typo in function name > MdeModulePkg/PiSmmCore: Fix typo in function name >

Re: [edk2-devel] [RFC v1 5/4] CryptoPkg/TlsLib: accept peer certs via both DNS names and IP addresses

2019-10-16 Thread Laszlo Ersek
On 10/16/19 11:19, David Woodhouse wrote: > On Wed, 2019-10-16 at 09:36 +0200, Laszlo Ersek wrote: >> On 10/16/19 07:18, Wu, Jiaxin wrote: >>>In some cases, the URI is specified as an IP address rather than >>>a Hostname . In this case, the iPAddress subjectAlt

Re: [edk2-devel] [PATCH v1 0/4] Support HTTPS HostName validation feature(CVE-2019-14553)

2019-10-16 Thread Laszlo Ersek
On 10/16/19 11:40, David Woodhouse wrote: > On Tue, 2019-10-15 at 19:34 +0200, Laszlo Ersek wrote: >> Ehh, I failed to ask the actual question. >> >> Is it OK to call X509_VERIFY_PARAM_set1*() multiple times -- basically, >> every time just before we call X509_veri

Re: [edk2-devel] [RFC v1 5/4] CryptoPkg/TlsLib: accept peer certs via both DNS names and IP addresses

2019-10-16 Thread Laszlo Ersek
On 10/16/19 09:36, Laszlo Ersek wrote: > On 10/16/19 07:18, Wu, Jiaxin wrote: >> Comment2: do we really need the app_verify_callback function setting? >> Why not call X509_VERIFY_PARAM_set1_ip_asc (TlsConn->Ssl->param, >> HostName) in TlsSetVerifyHost

Re: [edk2-devel] [PATCH] MdeModulePkg/BdsDxe: Make PlatformRecovery work regardless of OsIndications

2019-10-16 Thread Laszlo Ersek
On 10/16/19 09:40, Wang, Sunny (HPS SW) wrote: > According to the UEFI specification section 3.4.1 and 3.4.2, the OsRecovery > and PlatformRecovery options should still be processed regardless of the > value of OsIndications variable if processing of BootOrder does not result in > success.

Re: [edk2-devel] [RFC v1 5/4] CryptoPkg/TlsLib: accept peer certs via both DNS names and IP addresses

2019-10-16 Thread Laszlo Ersek
Here's an extra point: On 10/16/19 09:36, Laszlo Ersek wrote: > On 10/16/19 07:18, Wu, Jiaxin wrote: >> Fortunately, I get my wanted answer in RFC6125, SECTION 3.1 : >> >>If a subjectAltName extension of type dNSName is present, that MUST >>be used as the iden

Re: [edk2-devel] [RFC v1 5/4] CryptoPkg/TlsLib: accept peer certs via both DNS names and IP addresses

2019-10-16 Thread Laszlo Ersek
Hi Jiaxin, On 10/16/19 07:18, Wu, Jiaxin wrote: > These days I'm too busy with other things. Just take the time to > review the email discussion & researched the correct behavior of HTTPS > cert verification. > > I did never though my patch caused the function regression, and I'm > also not loop

[edk2-devel] [RFC v1 5/4] CryptoPkg/TlsLib: accept peer certs via both DNS names and IP addresses

2019-10-15 Thread Laszlo Ersek
axin Wu Cc: Richard Levitte Cc: Sivaraman Nainar Ref: http://mid.mail-archive.com/B4DE137BDB63634BAC03BD9DE765F197028B24CA23@VENUS1.in.megatrends.com Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=960 Ref: https://edk2.groups.io/g/devel/message/42022 Suggested-by: David Woodhouse Signed-

Re: [edk2-devel] [PATCH v1 0/4] Support HTTPS HostName validation feature(CVE-2019-14553)

2019-10-15 Thread Laszlo Ersek
On 10/15/19 18:56, Laszlo Ersek wrote: > On 10/15/19 15:54, Laszlo Ersek wrote: >> On 10/15/19 13:03, David Woodhouse wrote: > >>> The "app callback" in my OpenConnect example is set on the SSL_CTX not >>> the SSL object, and is called from the top-le

Re: [edk2-devel] [PATCH v1 0/4] Support HTTPS HostName validation feature(CVE-2019-14553)

2019-10-15 Thread Laszlo Ersek
On 10/15/19 17:57, David Woodhouse wrote: > On Thu, 2019-10-10 at 20:03 +0200, Laszlo Ersek wrote: >> (I can't test it easily myself, as I don't even know how to create a >> server certificate with a SAN -- any kind of SAN, let alone GEN_IP.) > > I had to look it up

Re: [edk2-devel] [PATCH v1 0/4] Support HTTPS HostName validation feature(CVE-2019-14553)

2019-10-15 Thread Laszlo Ersek
On 10/15/19 15:54, Laszlo Ersek wrote: > On 10/15/19 13:03, David Woodhouse wrote: >> The "app callback" in my OpenConnect example is set on the SSL_CTX not >> the SSL object, and is called from the top-level >> ssl_verify_cert_chain() functio

Re: [edk2-devel] [PATCH v1 0/4] Support HTTPS HostName validation feature(CVE-2019-14553)

2019-10-15 Thread Laszlo Ersek
On 10/15/19 13:03, David Woodhouse wrote: > On Mon, 2019-10-14 at 18:15 +0200, Laszlo Ersek wrote: >> My understanding is that a fix purely in edk2 -- that is, without >> advancing our openssl submodule reference at once -- is possible, based >> on your

Re: [edk2-devel] [PATCH 1/1] DynamicTablesPkg: include ARM intrinsics library to fix 32-bit build

2019-10-15 Thread Laszlo Ersek
for both ARM and AARCH64 (which may > start relying on intrinsics due to future changes) > > Link: https://bugzilla.tianocore.org/show_bug.cgi?id=2269 > Reported-by: Laszlo Ersek > Signed-off-by: Ard Biesheuvel > --- > DynamicTablesPkg/DynamicTablesPkg.dsc | 1 + > 1 fi

Re: [edk2-devel] [Patch v2 00/11] New Cross OS tool chain CLANG9

2019-10-15 Thread Laszlo Ersek
On 10/15/19 02:26, Liming Gao wrote: > In v2, drop patch 12, and update commit message for 5 & 11. Thank you, Liming. In patch 11, there is a small typo in the commit message, "crush" vs. "crash". If you get the chance, please correct that just before pushing. Thanks! Laszlo

Re: [edk2-devel] [PATCH V4 10/10] MdeModulePkg: Enable variable runtime cache by default

2019-10-15 Thread Laszlo Ersek
On 10/15/19 01:30, Michael Kubacki wrote: > This change enables the variable runtime cache by default by setting > gEfiMdeModulePkgTokenSpaceGuid.PcdEnableVariableRuntimeCache in > MdeModulePkg.dec to TRUE. > > Cc: Dandan Bi > Cc: Ard Biesheuvel > Cc: Eric Dong > Cc: La

Re: [edk2-devel] [PATCH V4 09/10] OvmfPkg: Disable variable runtime cache

2019-10-15 Thread Laszlo Ersek
ming and stability differences on the BSP (e.g. CPU#0) vs an > AP (e.g. CPU#1). > # taskset -c 0 efibootmgr > # taskset -c 1 efibootmgr > > Cc: Ard Biesheuvel > Cc: Laszlo Ersek > Cc: Liming Gao > Cc: Jordan Justen > Cc: Hao A Wu > Signed-off-by: Michael K

Re: [edk2-devel] [PATCH V3 9/9] OvmfPkg: Disable variable runtime cache

2019-10-14 Thread Laszlo Ersek
SMM > timing and stability differences on the BSP (e.g. CPU#0) vs an > AP (e.g. CPU#1). > # taskset -c 0 efibootmgr > # taskset -c 1 efibootmgr > > Cc: Ard Biesheuvel > Cc: Laszlo Ersek > Cc: Liming Gao > Cc: Jordan Justen > Cc: Hao A Wu > Signed-off-by: Michael K

Re: [edk2-devel] [PATCH v2 0/2] PlatformBootManagerLib: Don't update progress if Pcd is 0

2019-10-14 Thread Laszlo Ersek
On 10/14/19 17:03, Pete Batard wrote: > Changes from previous version: > - Additional empty comment lines above and below, to keep with existing > comment > style > - Similar logic is applied to ArmVirtPkg/PlatformBootManagerLib, since the > same > issue may manifest itself here. > > Pete

Re: [edk2-devel] [PATCH v1 0/4] Support HTTPS HostName validation feature(CVE-2019-14553)

2019-10-14 Thread Laszlo Ersek
On 10/14/19 18:15, Laszlo Ersek wrote: > David: another way to prevent the regression is to commit the current > patches, but disable them with a BOOLEAN PCD, by default. (This need not > be a feature PCD; it could even be dynamic.) Then platforms accepting > the SAN/GEN_IP regression

Re: [edk2-devel] [PATCH v1 0/4] Support HTTPS HostName validation feature(CVE-2019-14553)

2019-10-14 Thread Laszlo Ersek
On 10/11/19 18:01, David Woodhouse wrote: > On Fri, 2019-10-11 at 17:36 +0200, Laszlo Ersek wrote: >> On 10/11/19 13:16, David Woodhouse wrote: >>> I first started looking at this when it was >>> reported as such, on the list. >> >> I believe you. Can you s

Re: [edk2-devel] [PATCH 1/1] MdeModulePkg/BdsDxe: Fix calling PlatformBootManagerWaitCallback on 0

2019-10-14 Thread Laszlo Ersek
o, Liming >> Subject: [PATCH 1/1] MdeModulePkg/BdsDxe: Fix calling >> PlatformBootManagerWaitCallback on 0 >> >> From: Laszlo Ersek >> >> Commit 2de1f611be06ded3a59726a4052a9039be7d459b introduced a >> regression >> whereas platfor

Re: [edk2-devel] [PATCH 1/1] OvmfPkg/PlatformBootManagerLib: Don't update progress if Pcd is 0

2019-10-14 Thread Laszlo Ersek
meoutInitial - TimeoutRemain) * 100 / TimeoutInitial, > 0 > ); > } > (2) Can you please post the same patch for "ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBm.c" as well? That would be mean two patches, in a v2 series. With both (1) and (2) covered, you ca

Re: [edk2-devel] [RFC PATCH v2 38/44] UefiCpuPkg: Allow AP booting under SEV-ES

2019-10-14 Thread Laszlo Ersek
On 10/12/19 08:42, Andrew Fish wrote: > Laszlo, > > For 2) this is very unfortunate. I think the root cause is for those > of us who work on x86 hardware day to day we get programed that > SEC/PEI is IA32 and DXE is X64, and this can lead to some unfortunate > coding outcomes. First I was

Re: [edk2-devel] question about qemu+kvm+ovmf+winxp

2019-10-14 Thread Laszlo Ersek
On 10/11/19 16:35, David Woodhouse wrote: > On Fri, 2019-10-11 at 16:27 +0200, Laszlo Ersek wrote: >> On 10/11/19 09:44, Gao, Junhao wrote: >>> Hi David >>> >>>I have found this compiled OVMF-with-csm.fd can support winxp >>> booting up.

Re: [edk2-devel] [PATCH v2 2/2] UefiCpuPkg/MpInitLib: honor the platform's boot CPU count in AP detection

2019-10-11 Thread Laszlo Ersek
On 10/11/19 10:22, Ni, Ray wrote: > Laszlo, the comments couldn't be better! Thanks!! > > Reviewed-by: Ray Ni Thanks, Ray :) Series pushed as commit range a7e2d20193e8..778832bcad33. Cheers! Laszlo > >> -Original Message----- >> From: Laszlo Ersek >> Sent

Re: [edk2-devel] OVMF is crashing for me in master

2019-10-11 Thread Laszlo Ersek
Hi Andrew, On 10/11/19 15:13, Andrew Fish wrote: > I'm with Pete on this as my expectation would be the progress bar > completes when you are done. I'd also point out that a common progress > bar UI implementation is to show the area that is going to be updated. > I don't think our UI does that,

Re: [edk2-devel] [PATCH v1 0/4] Support HTTPS HostName validation feature(CVE-2019-14553)

2019-10-11 Thread Laszlo Ersek
On 10/11/19 13:16, David Woodhouse wrote: > On Fri, 2019-10-11 at 12:55 +0200, Laszlo Ersek wrote: >> On 10/11/19 04:24, Wu, Jiaxin wrote: >>> Hi Laszlo & David, >>> >>> I think I have *repeated* several times that we are targeting to fix the >>&g

Re: [edk2-devel] question about qemu+kvm+ovmf+winxp

2019-10-11 Thread Laszlo Ersek
out the <https://www.kraxel.org/repos/> > continuous > integration repository, which provides CSM-enabled OVMF builds. > > Could you help me to choose which branch supporting CSM, and more > details, thanks very much. > > Thanks, > Junhao >

Re: [edk2-devel] OVMF is crashing for me in master

2019-10-11 Thread Laszlo Ersek
On 10/11/19 06:59, Andrew Fish via Groups.Io wrote: > Liming, > > Thanks for looking into this! > > Can someone also answer my question about the expected behavior of taking an > exception in OVMF? Is the CpuDeadloop() expected? Yes, it is. The exception handler dumps the register file and

Re: [edk2-devel] OVMF is crashing for me in master

2019-10-11 Thread Laszlo Ersek
Hi, On 10/11/19 03:19, Liming Gao wrote: > Andrew: > I verify the change (2de1f611be06ded3a59726a4052a9039be7d459b > MdeModulePkg/BdsDxe: Also call PlatformBootManagerWaitCallback on 0) > in Emulator. > It works, because PCD value is set to 10 in Emulator. > > Before this change, if

Re: [edk2-devel] [PATCH v1 0/4] Support HTTPS HostName validation feature(CVE-2019-14553)

2019-10-11 Thread Laszlo Ersek
such feature that verify the IP in X509_check_ip & > X509_check_ip_asc , please report new Bugzilla (need TLS Spec update the > expose the setting interface), don't mix up the HTTPS hostname verification > here. (To clarify my stance.) Given the above statement of scope, and gi

Re: [edk2-devel] [Patch 11/12] OvmfPkg: Enable CLANG9 tool chain -

2019-10-11 Thread Laszlo Ersek
On 10/11/19 03:47, Liming Gao wrote: > Laszlo: > >> -Original Message----- >> From: Laszlo Ersek [mailto:ler...@redhat.com] >> Sent: Friday, October 11, 2019 12:43 AM >> To: devel@edk2.groups.io; Gao, Liming ; Andrew Fish >> >> Cc: Justen, Jordan L

Re: [edk2-devel] [Patch 12/12] OvmfPkg SecMain: Add build option "-fno-omit-frame-pointer" for CLANG9 X64

2019-10-11 Thread Laszlo Ersek
On 10/11/19 03:30, Liming Gao wrote: > Laszlo: > >> -Original Message----- >> From: Laszlo Ersek [mailto:ler...@redhat.com] >> Sent: Friday, October 11, 2019 1:35 AM >> To: devel@edk2.groups.io; Gao, Liming ; Justen, >> Jordan L >> Subject: Re: [edk2

Re: [edk2-devel] [PATCH v1 1/1] NetworkPkg/SnpDxe: Remove ExitBootServices event

2019-10-11 Thread Laszlo Ersek
On 10/11/19 02:14, Fu, Siyuan wrote: >> -Original Message- >> From: Laszlo Ersek >> Sent: 2019年10月11日 0:06 >> To: Fu, Siyuan ; devel@edk2.groups.io; Rabeda, >> Maciej >> Cc: Wu, Jiaxin >> Subject: Re: [edk2-devel] [PATCH v1 1/1] NetworkPk

Re: [edk2-devel] [Patch 11/12] OvmfPkg: Enable CLANG9 tool chain

2019-10-11 Thread Laszlo Ersek
Hi Liming, On 10/09/19 16:44, Gao, Liming wrote: > The difference between XCODE/CLANG and GCCXX is the linker. Current > patches are introduced for the different linker. Clang supports most > usage of GCC compiler. So, CLANG and XCODE uses GCC family. When I > enable XCODE or CLANG tool chain in

Re: [edk2-devel] [RFC PATCH v2 38/44] UefiCpuPkg: Allow AP booting under SEV-ES

2019-10-11 Thread Laszlo Ersek
On 10/11/19 01:17, Lendacky, Thomas wrote: > On 10/3/19 10:12 AM, Tom Lendacky wrote: >> >> >> On 10/3/19 5:32 AM, Laszlo Ersek wrote: >>> On 10/03/19 12:12, Laszlo Ersek wrote: >>> >>>> UINT32 ApEntryPoint; >>>> EFI_GUID SevE

Re: [edk2-devel] question about qemu+kvm+ovmf+winxp

2019-10-10 Thread Laszlo Ersek
On 10/10/19 16:37, Junhao Gao wrote: > Hi edk2 members > >I have a question for your help. >I want to enable qemu+kvm+ovmf to boot up windows xp, >then ovmf support winxp starting-up? To my understanding, the first Windows "family" with any kind of

Re: [edk2-devel] [PATCH v1 0/4] Support HTTPS HostName validation feature(CVE-2019-14553)

2019-10-10 Thread Laszlo Ersek
On 10/10/19 17:45, David Woodhouse wrote: > On Thu, 2019-10-10 at 10:00 +0200, Laszlo Ersek wrote: >>> Subject: C=HU, ST=Pest, L=Budapest, O=Laszlo Ersek Home Office, >>> OU=IPv6 cert, CN=fd33:eb1b:9b36::2 > > Yeah, you're not actually testing the case

Re: [edk2-devel] [Patch 12/12] OvmfPkg SecMain: Add build option "-fno-omit-frame-pointer" for CLANG9 X64

2019-10-10 Thread Laszlo Ersek
Hi Liming, On 10/10/19 16:08, Liming Gao wrote: > Laszlo: > Option (a) works. Jordan patch can fix this issue. > Option (b) doesn't work. Even if disable optimization, CLANG doesn't > generate the code with push rbp & pop rbp. > > So, Jordan patch becomes only option. We can discuss

Re: [edk2-devel] [Patch 11/12] OvmfPkg: Enable CLANG9 tool chain -

2019-10-10 Thread Laszlo Ersek
Hi Liming, On 10/10/19 14:18, Liming Gao wrote: >> -Original Message- >> From: devel@edk2.groups.io On Behalf Of Laszlo Ersek >> Sent: Thursday, October 10, 2019 3:35 PM >> To: Andrew Fish ; Gao, Liming >> Cc: devel@edk2.groups.io >> Subject: Re

Re: [edk2-devel] [Patch 05/12] MdePkg BaseIoLibIntrinsic: Remove __inline__ attribute for IO functions

2019-10-10 Thread Laszlo Ersek
Hi Liming, Andrew, On 10/10/19 14:32, Liming Gao wrote: > Laszlo: > >> -Original Message----- >> From: Laszlo Ersek >> Sent: Wednesday, October 9, 2019 4:22 AM >> To: Gao, Liming ; devel@edk2.groups.io; af...@apple.com >> Subject: Re: [edk2-devel] [Pa

Re: [edk2-devel] [PATCH v1 1/1] NetworkPkg/SnpDxe: Remove ExitBootServices event

2019-10-10 Thread Laszlo Ersek
On 10/10/19 11:29, Fu, Siyuan wrote: >> -Original Message- >> From: Laszlo Ersek >> Sent: 2019年10月10日 16:06 >> To: Fu, Siyuan ; devel@edk2.groups.io; Rabeda, >> Maciej >> Cc: Wu, Jiaxin >> Subject: Re: [edk2-devel] [PATCH v1 1/1] NetworkPk

[edk2-devel] [PATCH v2 0/2] UefiCpuPkg/MpInitLib: introduce PcdCpuBootLogicalProcessorNumber

2019-10-10 Thread Laszlo Ersek
ensively than the existent comment). Then the new mode is introduced (with additional documentation). Cc: Eric Dong Cc: Ray Ni Thanks, Laszlo Laszlo Ersek (2): UefiCpuPkg/MpInitLib: expand comment on initial AP enumeration UefiCpuPkg/MpInitLib: honor the platform's boot CPU count in AP d

[edk2-devel] [PATCH v2 2/2] UefiCpuPkg/MpInitLib: honor the platform's boot CPU count in AP detection

2019-10-10 Thread Laszlo Ersek
avior when the exact boot CPU count is known in advance. (A hung boot is better than an AP checking-in after timeout, and executing code from released storage.) Cc: Eric Dong Cc: Ray Ni Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1515 Signed-off-by: Laszlo Ersek --- Notes: v2: - u

[edk2-devel] [PATCH v2 1/2] UefiCpuPkg/MpInitLib: expand comment on initial AP enumeration

2019-10-10 Thread Laszlo Ersek
Before adding another AP enumeration mode, clarify the documentation on the current logic. No functional changes. Cc: Eric Dong Cc: Ray Ni Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1515 Signed-off-by: Laszlo Ersek --- Notes: v2: - new patch UefiCpuPkg/Library/MpInitLib

Re: [edk2-devel] [PATCH 1/4] UefiCpuPkg/MpInitLib: honor the platform's boot CPU count in AP detection

2019-10-10 Thread Laszlo Ersek
On 10/10/19 09:38, Laszlo Ersek wrote: > On 10/10/19 04:52, Ni, Ray wrote: >> Laszlo, >> Can you add comments in the code you changed to describe the two different >> behaviors? > > It's described in the DEC file, near the PCD: > > + # nonzero-

Re: [edk2-devel] [PATCH v1 1/1] NetworkPkg/SnpDxe: Remove ExitBootServices event

2019-10-10 Thread Laszlo Ersek
correct the Bugzilla number in patch description as Laszlo pointed > out. > > Thanks. > > Best Regards > Siyuan > >> -Original Message- >> From: devel@edk2.groups.io On Behalf Of Laszlo >> Ersek >> Sent: 2019年10月10日 6:10 >> To: devel@edk2.gro

Re: [edk2-devel] [PATCH v1 0/4] Support HTTPS HostName validation feature(CVE-2019-14553)

2019-10-10 Thread Laszlo Ersek
3 (0x2) > Serial Number: > a7:b5:04:75:6a:2f:ee:7e > Signature Algorithm: sha256WithRSAEncryption > Issuer: C=HU, ST=Pest, L=Budapest, O=Laszlo Ersek Home Office, > OU=Certificate Authority, CN=Laszlo Ersek CA/emailAddress=ler...@redhat.com >

Re: [edk2-devel] [PATCH 1/4] UefiCpuPkg/MpInitLib: honor the platform's boot CPU count in AP detection

2019-10-10 Thread Laszlo Ersek
On 10/10/19 04:52, Ni, Ray wrote: > Laszlo, > Can you add comments in the code you changed to describe the two different > behaviors? It's described in the DEC file, near the PCD: + # nonzero- PcdCpuApInitTimeOutInMicroSeconds is ignored. The initial + # AP

Re: [edk2-devel] [Patch 11/12] OvmfPkg: Enable CLANG9 tool chain -

2019-10-10 Thread Laszlo Ersek
Hi Andrew, On 10/09/19 18:22, Andrew Fish wrote: > I thought the thing we were discussing was compiler flags. > Specifically -mno-mmx -mno-sse. It seems to me if OVMF requires > -mno-mmx -mno-sse then it is a bug in the tools_def.txt definition > for those compilers? As far as I can tell

Re: [edk2-devel] [PATCH v1 1/1] NetworkPkg/SnpDxe: Remove ExitBootServices event

2019-10-09 Thread Laszlo Ersek
On 10/08/19 18:16, Rabeda, Maciej wrote: > Patch addresses Bugzilla #1972. I think the BZ reference should be . (The cover letter has it right.) Thanks Laszlo > During ExitBootServices stage, drivers should not call any > functions known to

Re: [edk2-devel] [PATCH v1 0/4] Support HTTPS HostName validation feature(CVE-2019-14553)

2019-10-09 Thread Laszlo Ersek
Hi All, (multi-hour composition ahead...) On 10/09/19 09:53, David Woodhouse wrote: > On Tue, 2019-10-08 at 06:19 +, Wu, Jiaxin wrote: >> Hi David, >> >> I just realized you have the comments on Bugzilla 960: >> >>> "...given that testing is failing and code inspection shows it >>> would

Re: [edk2-devel] [PATCH v1 0/4] Support HTTPS HostName validation feature(CVE-2019-14553)

2019-10-09 Thread Laszlo Ersek
On 10/01/19 01:21, Laszlo Ersek wrote: > On 09/29/19 08:09, Wang, Jian J wrote: >> For this patch series, >> 1. " Contributed-under: TianoCore Contribution Agreement 1.1" is not needed >> any more. >> Remove it at push time and no need to send a v2. >

Re: [edk2-devel] [PATCH 1/4] UefiCpuPkg/MpInitLib: honor the platform's boot CPU count in AP detection

2019-10-09 Thread Laszlo Ersek
On 10/09/19 02:57, Dong, Eric wrote: > Hi Laszlo, > >> -Original Message- >> From: devel@edk2.groups.io [mailto:devel@edk2.groups.io] On Behalf Of >> Laszlo Ersek >> Sent: Tuesday, October 8, 2019 7:27 PM >> To: edk2-devel-groups-io >> C

Re: [edk2-devel] [PATCH 4/4] OvmfPkg/PlatformPei: rewrite MaxCpuCountInitialization() for CPU hotplug

2019-10-09 Thread Laszlo Ersek
On 10/09/19 12:23, Igor Mammedov wrote: > On Tue, 8 Oct 2019 23:12:10 +0200 > Laszlo Ersek wrote: > >> On 10/08/19 17:06, Igor Mammedov wrote: >>> On Tue, 8 Oct 2019 13:27:14 +0200 >>> Laszlo Ersek wrote: >>> >>>> MaxCpuCountIn

Re: [edk2-devel] [Patch 11/12] OvmfPkg: Enable CLANG9 tool chain

2019-10-09 Thread Laszlo Ersek
On 10/09/19 01:08, Andrew Fish wrote: > So I guess the way to describe it is XCODE inherits GCC and only needs to > override when it is different. Thank you for the explanation! I've been trying to figure out why this inheritance bothers me so much. I guess the reason is the following: I'm a

Re: [edk2-devel] [PATCH 00/35] edk2: clean up the usage of standardized (VOID*) typedefs

2019-10-09 Thread Laszlo Ersek
On 10/09/19 01:49, Laszlo Ersek wrote: > On 09/17/19 21:49, Laszlo Ersek wrote: >> Repository: https://github.com/lersek/edk2.git >> Branch: voidptr >> >> The UEFI / PI / Shell specifications define a number of standard types >> as pointers to VOID. This is

Re: [edk2-devel] [PATCH 00/35] edk2: clean up the usage of standardized (VOID*) typedefs

2019-10-08 Thread Laszlo Ersek
On 09/17/19 21:49, Laszlo Ersek wrote: > Repository: https://github.com/lersek/edk2.git > Branch: voidptr > > The UEFI / PI / Shell specifications define a number of standard types > as pointers to VOID. This is arguably a design mistake; those types > should have been po

Re: [edk2-devel] [PATCH 18/35] NetworkPkg/DxeNetLib: fix type typo in NetLibGetMacAddress()

2019-10-08 Thread Laszlo Ersek
019年9月24日 19:00 >> To: devel@edk2.groups.io; ler...@redhat.com >> Cc: Wu, Jiaxin ; Fu, Siyuan >> Subject: Re: [edk2-devel] [PATCH 18/35] NetworkPkg/DxeNetLib: fix type >> typo in NetLibGetMacAddress() >> >> On 9/17/19 9:49 PM, Laszlo Ersek wrot

Re: [edk2-devel] [Patch 11/12] OvmfPkg: Enable CLANG9 tool chain

2019-10-08 Thread Laszlo Ersek
On 10/08/19 17:02, Gao, Liming wrote: > Laszlo: > >> -Original Message----- >> From: Laszlo Ersek >> Sent: Tuesday, October 1, 2019 4:42 AM >> To: devel@edk2.groups.io; Gao, Liming >> Subject: Re: [edk2-devel] [Patch 11/12] OvmfPkg: Enable CLANG9 tool c

Re: [edk2-devel] [PATCH 4/4] OvmfPkg/PlatformPei: rewrite MaxCpuCountInitialization() for CPU hotplug

2019-10-08 Thread Laszlo Ersek
On 10/08/19 17:06, Igor Mammedov wrote: > On Tue, 8 Oct 2019 13:27:14 +0200 > Laszlo Ersek wrote: > >> MaxCpuCountInitialization() currently handles the following options: >> >> (1) QEMU does not report the boot CPU count. >> >> In this case, Platf

Re: [edk2-devel] [PATCH 2/4] OvmfPkg/OvmfXen.dsc: remove PcdCpu* dynamic defaults

2019-10-08 Thread Laszlo Ersek
On 10/08/19 15:11, Philippe Mathieu-Daudé wrote: > On 10/8/19 1:27 PM, Laszlo Ersek wrote: >> PcdCpuMaxLogicalProcessorNumber and PcdCpuApInitTimeOutInMicroSeconds are >> only referenced in "OvmfPkg/PlatformPei/PlatformPei.inf", and OvmfXen >> does >

Re: [edk2-devel] [PATCH 0/4] UefiCpuPkg, OvmfPkg: separate PCDs for boot CPU count vs. max CPU count

2019-10-08 Thread Laszlo Ersek
On 10/08/19 13:35, Ard Biesheuvel wrote: > On Tue, 8 Oct 2019 at 13:27, Laszlo Ersek wrote: >> >> Repo: https://github.com/lersek/edk2.git >> Branch: max_cpus_bz_1515 >> Ref:https://bugzilla.tianocore.org/show_bug.cgi?id=1515 >> >> UefiC

Re: [edk2-devel] [Patch 05/12] MdePkg BaseIoLibIntrinsic: Remove __inline__ attribute for IO functions

2019-10-08 Thread Laszlo Ersek
On 10/08/19 16:47, Gao, Liming wrote: > [Liming] I verify GCC5 tool chain. I will verify GCC48/GCC49 and > XCODE5. > > I don’t know the specific reason about __inline__. If there is no > impact on > > other GCC tool chain, I prefer to remove them. > [Liming] This seems the

[edk2-devel] [PATCH 4/4] OvmfPkg/PlatformPei: rewrite MaxCpuCountInitialization() for CPU hotplug

2019-10-08 Thread Laszlo Ersek
nocore.org/show_bug.cgi?id=1515 Signed-off-by: Laszlo Ersek --- OvmfPkg/OvmfPkgIa32.dsc | 2 +- OvmfPkg/OvmfPkgIa32X64.dsc | 2 +- OvmfPkg/OvmfPkgX64.dsc | 2 +- OvmfPkg/PlatformPei/PlatformPei.inf | 2 +- OvmfPkg/PlatformPei/Platform.c | 83 +--

[edk2-devel] [PATCH 2/4] OvmfPkg/OvmfXen.dsc: remove PcdCpu* dynamic defaults

2019-10-08 Thread Laszlo Ersek
l Cc: Igor Mammedov Cc: Jordan Justen Cc: Julien Grall Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1515 Signed-off-by: Laszlo Ersek --- OvmfPkg/OvmfXen.dsc | 4 1 file changed, 4 deletions(-) diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc index 5a31f75f05d0..6deafea034c0

[edk2-devel] [PATCH 3/4] OvmfPkg/IndustryStandard: define FW_CFG_X86_TOPOLOGY structure type

2019-10-08 Thread Laszlo Ersek
pc-q35-4.2+ and pc-i440fx-4.2+ machine types report CPU topology info in the "etc/x86-smp-topology" fw_cfg file. Add a structure type for parsing this blob. Cc: Ard Biesheuvel Cc: Igor Mammedov Cc: Jordan Justen Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1515 Signed-off-

[edk2-devel] [PATCH 1/4] UefiCpuPkg/MpInitLib: honor the platform's boot CPU count in AP detection

2019-10-08 Thread Laszlo Ersek
c Dong Cc: Igor Mammedov Cc: Ray Ni Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1515 Signed-off-by: Laszlo Ersek --- UefiCpuPkg/UefiCpuPkg.dec | 11 + UefiCpuPkg/UefiCpuPkg.uni | 4 ++ UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf | 1 + UefiCpuP

[edk2-devel] [PATCH 0/4] UefiCpuPkg, OvmfPkg: separate PCDs for boot CPU count vs. max CPU count

2019-10-08 Thread Laszlo Ersek
patch set for QEMU) completes the VCPU hotplug feature: it allows S3 resume to work with VCPUs hot-plugged previously (at OS runtime, of course). Cc: Anthony Perard Cc: Ard Biesheuvel Cc: Eric Dong Cc: Igor Mammedov Cc: Jordan Justen Cc: Julien Grall Cc: Ray Ni Thanks Laszlo Laszlo Ersek (4):

Re: [edk2-devel] [PATCH 26/35] SecurityPkg: fix UninstallMultipleProtocolInterfaces() calls

2019-10-07 Thread Laszlo Ersek
: [edk2-devel] [PATCH 26/35] SecurityPkg: fix > UninstallMultipleProtocolInterfaces() calls > > Hi Laszlo: >Sorry for late response. The fix is good to me. I am also interested in > how you find this issue, can you share it? > > -Original Message- > From: Laszlo Ersek

Re: [edk2-devel] [Qemu-devel] [PATCH 1/2] q35: implement 128K SMRAM at default SMBASE address

2019-10-07 Thread Laszlo Ersek
On 10/04/19 13:31, Igor Mammedov wrote: > On Tue, 1 Oct 2019 20:03:20 +0200 > "Laszlo Ersek" wrote: >> (1) What values to use. > SeaBIOS writes 0x00 into command port, but it seems that's taken by > EFI_SMM_COMMUNICATION_PROTOCOL. So we can use the next unuse

Re: [edk2-devel] [PATCH wave 1 00/10] support QEMU's "SMRAM at default SMBASE" feature

2019-10-07 Thread Laszlo Ersek
On 10/04/19 16:09, Igor Mammedov wrote: > On Tue, 1 Oct 2019 17:31:17 +0200 > "Laszlo Ersek" wrote: >> (It does not matter if another hotplug CPU starts the relocation in SMM >> while the earlier one is left with *only* the RSM instruction in SMM, >> immediate

Re: [edk2-devel] [PATCH 25/35] OvmfPkg/VideoDxe: document EFI_EDID_OVERRIDE_PROTOCOL.GetEdid() call

2019-10-04 Thread Laszlo Ersek
On 09/26/19 14:43, Laszlo Ersek wrote: > On 09/23/19 17:59, Philippe Mathieu-Daudé wrote: >> Hi Laszlo, >> >> On 9/17/19 9:49 PM, Laszlo Ersek wrote: >>> According to the UEFI spec -- and to the edk2 header >>> "

Re: [edk2-devel] [edk2-platforms: PATCH 1/1] DisplayLinkPkg: DisplayLinkGop: Added GOP driver for USB docking stations based on DisplayLink chips

2019-10-04 Thread Laszlo Ersek
Hello Andy, I've got a question about your edk2-platforms commit 9df63499ea01 (i.e., this patch): On 08/30/19 17:27, Leif Lindholm wrote: > On Mon, Aug 19, 2019 at 02:32:00PM +0100, Andy Hayes wrote: [...] >> diff --git a/Drivers/DisplayLink/DisplayLinkPkg/DisplayLinkGop/Edid.c >>

Re: [edk2-devel] [PATCH 18/35] NetworkPkg/DxeNetLib: fix type typo in NetLibGetMacAddress()

2019-10-04 Thread Laszlo Ersek
Ping On 10/03/19 13:05, Laszlo Ersek wrote: > Pinging NetworkPkg maintainers again. Please? > > Thanks > Laszlo > > On 09/26/19 14:14, Laszlo Ersek wrote: >> Jiaxin, Siyuan, >> >> can you please review this patch? >> >> Thanks >&

Re: [edk2-devel] [PATCH 26/35] SecurityPkg: fix UninstallMultipleProtocolInterfaces() calls

2019-10-04 Thread Laszlo Ersek
lersek@redhat.com https://edk2.groups.io/g/devel/message/47388 Thanks, Laszlo > > -Original Message- > From: Laszlo Ersek [mailto:ler...@redhat.com] > Sent: 2019年10月3日 19:07 > To: Zhang, Chao B ; Wang, Jian J > ; Yao, Jiewen > Cc: edk2-devel-groups-io > Subject

Re: [edk2-devel] [PATCH V2 7/9] MdeModulePkg/Variable: Add RT GetVariable() cache support

2019-10-04 Thread Laszlo Ersek
Sent: Thursday, October 3, 2019 3:01 PM >> To: Kubacki, Michael A ; Wu, Hao A >> ; devel@edk2.groups.io; Kinney, Michael D >> >> Cc: Bi, Dandan ; Ard Biesheuvel >> ; Dong, Eric ; Laszlo Ersek >> ; Gao, Liming ; Ni, Ray >> ; Wang, Jian J ; Yao, Jiewen >&

Re: [edk2-devel] [PATCH V2 7/9] MdeModulePkg/Variable: Add RT GetVariable() cache support

2019-10-04 Thread Laszlo Ersek
On 10/03/19 23:53, Kubacki, Michael A wrote: > #1 - The plan is to remove the polling entirely in V3. > > #2 - I'd prefer to take a definitive direction and reduce validation and > maintenance > effort but you and Laszlo both requested this so I'll add a > FeaturePCD to control >

Re: [edk2-devel] [PATCH 33/35] StandaloneMmPkg/Core: stop abusing EFI_HANDLE for FwVolHeader tracking

2019-10-03 Thread Laszlo Ersek
Pinging StandaloneMmPkg maintainers again, for reviewing this patch. Thanks Laszlo On 09/26/19 14:48, Laszlo Ersek wrote: > Achin, Jiewen, Supreeth, > > can one of you guys please review this patch? > > Thanks > Laszlo > > On 09/17/19 21:49, Laszlo Ersek wrote: &

Re: [edk2-devel] [PATCH 27/35] SecurityPkg: stop abusing EFI_EVENT for protocol notify registration

2019-10-03 Thread Laszlo Ersek
Pinging SecurityPkg maintainers again, for reviewing this patch. Thanks Laszlo On 09/26/19 14:46, Laszlo Ersek wrote: > Chao, Jian, Jiewen, > > can you please review this patch? > > Thanks, > Laszlo > > > On 09/17/19 21:49, Laszlo Ersek wrote: >> EfiCreatePr

Re: [edk2-devel] [PATCH 26/35] SecurityPkg: fix UninstallMultipleProtocolInterfaces() calls

2019-10-03 Thread Laszlo Ersek
Pinging SecurityPkg maintainers again, for reviewing this patch. Thanks Laszlo On 09/26/19 14:45, Laszlo Ersek wrote: > Chao, Jian, Jiewen, > > can you please review this patch? > > Thanks, > Laszlo > > On 09/17/19 21:49, Laszlo Ersek wrote: >> Unlike the Ins

Re: [edk2-devel] [PATCH 18/35] NetworkPkg/DxeNetLib: fix type typo in NetLibGetMacAddress()

2019-10-03 Thread Laszlo Ersek
Pinging NetworkPkg maintainers again. Please? Thanks Laszlo On 09/26/19 14:14, Laszlo Ersek wrote: > Jiaxin, Siyuan, > > can you please review this patch? > > Thanks > Laszlo > > On 09/17/19 21:49, Laszlo Ersek wrote: >> NetLibGetSnpHandle() returns an

Re: [edk2-devel] [PATCH V2 7/9] MdeModulePkg/Variable: Add RT GetVariable() cache support

2019-10-03 Thread Laszlo Ersek
On 10/03/19 10:04, Wu, Hao A wrote: > Before any comment on the patch, since I am not experienced in the Variable > driver, I would like to ask for help from other reviewers to look into this > patch and provide feedbacks as well. Thanks in advance. > > With the above fact, some comments provided

Re: [edk2-devel] [RFC PATCH v2 38/44] UefiCpuPkg: Allow AP booting under SEV-ES

2019-10-03 Thread Laszlo Ersek
On 10/03/19 12:12, Laszlo Ersek wrote: > UINT32 ApEntryPoint; > EFI_GUID SevEsFooterGuid; > UINT16 Size; It's probably better to reverse the order of "Size" and "SevEsFooterGuid", like this: UINT32 ApEntryPoint; UINT16 Size; EFI_GUID SevEsF

Re: [edk2-devel] [RFC PATCH v2 38/44] UefiCpuPkg: Allow AP booting under SEV-ES

2019-10-03 Thread Laszlo Ersek
On 10/02/19 20:07, Lendacky, Thomas wrote: > On 10/2/19 10:26 AM, Laszlo Ersek wrote: >> On 10/02/19 17:15, Laszlo Ersek wrote: >>> Adding Phil. >>> >>> I'm looking at this patch only because one thing caught my attention in >>> the previous one, &qu

Re: [edk2-devel] [RFC PATCH v2 38/44] UefiCpuPkg: Allow AP booting under SEV-ES

2019-10-03 Thread Laszlo Ersek
On 10/02/19 19:58, Lendacky, Thomas wrote: > On 10/2/19 10:15 AM, Laszlo Ersek via Groups.Io wrote: >> Adding Phil. >> >> I'm looking at this patch only because one thing caught my attention in >> the previous one, "OvmfPkg: Add support for SEV-ES AP reset vector

Re: [edk2-devel] [RFC PATCH v2 37/44] OvmfPkg: Add support for SEV-ES AP reset vector re-directing

2019-10-03 Thread Laszlo Ersek
On 10/02/19 19:33, Lendacky, Thomas wrote: > On 10/2/19 9:54 AM, Laszlo Ersek wrote: >> On 09/19/19 21:53, Lendacky, Thomas wrote: >>> From: Tom Lendacky >>> >>> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=2198 >>> >>> A hypervisor is

Re: [edk2-devel] [RFC PATCH v2 10/44] OvmfPkg: A per-CPU variable area for #VC usage

2019-10-03 Thread Laszlo Ersek
On 10/02/19 18:06, Lendacky, Thomas wrote: > On 10/2/19 6:51 AM, Laszlo Ersek wrote: >> ... Side question: actually, do we support S3 with SEV enabled, at the >> moment? Last week or so I tried to test it, and it didn't work. I don't >> remember if we *intended* to support S3

Re: [edk2-devel] [RFC PATCH v2 08/44] OvmfPkg: Create GHCB pages for use during Pei and Dxe phase

2019-10-02 Thread Laszlo Ersek
On 10/02/19 16:43, Lendacky, Thomas wrote: > On 10/2/19 5:23 AM, Laszlo Ersek wrote: >> On 09/19/19 21:52, Lendacky, Thomas wrote: >>> @@ -38,6 +44,34 @@ AmdSevEsInitialize ( >>> >>>PcdStatus = PcdSetBoolS (PcdSevEsActive, 1); &

Re: [edk2-devel] [RFC PATCH v2 38/44] UefiCpuPkg: Allow AP booting under SEV-ES

2019-10-02 Thread Laszlo Ersek
On 10/02/19 17:15, Laszlo Ersek wrote: > Adding Phil. > > I'm looking at this patch only because one thing caught my attention in > the previous one, "OvmfPkg: Add support for SEV-ES AP reset vector > re-directing": > > On 09/19/19 21:53, Lendacky, Thomas wrote:

Re: [edk2-devel] [RFC PATCH v2 38/44] UefiCpuPkg: Allow AP booting under SEV-ES

2019-10-02 Thread Laszlo Ersek
Adding Phil. I'm looking at this patch only because one thing caught my attention in the previous one, "OvmfPkg: Add support for SEV-ES AP reset vector re-directing": On 09/19/19 21:53, Lendacky, Thomas wrote: > From: Tom Lendacky > > BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=2198 >

Re: [edk2-devel] [RFC PATCH v2 37/44] OvmfPkg: Add support for SEV-ES AP reset vector re-directing

2019-10-02 Thread Laszlo Ersek
P location after having been started. This is required for only the > very first AP reset. (1) In the commit message, can you mention the build mechanism by which this file overrides the original in UefiCpuPkg? Is it due to include path order? > > Cc: Jordan Justen > Cc: Laszlo Ersek >

Re: [edk2-devel] [RFC PATCH v2 39/44] OvmfPkg: Move the GHCB allocations into reserved memory

2019-10-02 Thread Laszlo Ersek
or write. > > Change the GHCB allocation from the default boot services memory to > reserved memory. > > Cc: Jordan Justen > Cc: Laszlo Ersek > Cc: Ard Biesheuvel > Signed-off-by: Tom Lendacky > --- > OvmfPkg/PlatformPei/AmdSev.c | 4 +++- > 1 file changed, 3 ins

Re: [edk2-devel] [RFC PATCH v2 18/44] OvmfPkg/Sec: Enable cache early to speed up booting

2019-10-02 Thread Laszlo Ersek
ver, > with SEV-ES, the hypervisor is not allowed to change the CR0 register > to enable caching. > > Update the OVMF Sec support to enable caching in order to improve the > boot speed when running as an SEV-ES guest. > > Cc: Jordan Justen > Cc: Laszlo Ersek > Cc:

Re: [edk2-devel] [RFC PATCH v2 16/44] OvmfPkg/MemEncryptSevLib: Make MemEncryptSevLib available during SEC

2019-10-02 Thread Laszlo Ersek
On 10/02/19 14:24, Laszlo Ersek wrote: > On 09/19/19 21:52, Lendacky, Thomas wrote: >> From: Tom Lendacky >> >> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=2198 >> >> The SEC phase of OVMF will need access to the MemEncryptSevLib library, >> s

Re: [edk2-devel] [RFC PATCH v2 16/44] OvmfPkg/MemEncryptSevLib: Make MemEncryptSevLib available during SEC

2019-10-02 Thread Laszlo Ersek
On 09/19/19 21:52, Lendacky, Thomas wrote: > From: Tom Lendacky > > BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=2198 > > The SEC phase of OVMF will need access to the MemEncryptSevLib library, > so make the library available during SEC. > > Cc: Jordan Justen

  1   2   3   4   5   6   7   8   9   10   >