Re: [edk2] ISCSI says "Session Doesn't Exist"

Hi Naveen, According to the table you shared (defined in RFC 3720), it seems when TSIH is ZERO, the target should not fail the login with "session does not exist". +--+ |new | zero| any| instantiate a

Re: [edk2] [PATCH v2 10/11] SignedCapsulePkg/IniParsingLib: Use AsciiStrToGuid in BaseLib

Reviewed-by: jiewen@intel.com > -Original Message- > From: Ni, Ruiyu > Sent: Monday, February 27, 2017 3:23 PM > To: edk2-devel@lists.01.org > Cc: Yao, Jiewen > Subject: [PATCH v2 10/11] SignedCapsulePkg/IniParsingLib: Use AsciiStrToGuid > in > BaseLib > >

Re: [edk2] [PATCH v2 03/11] SignedCapsulePkg/IniParsing: Rename StrToGuid to avoid link failure

Reviewed-by: jiewen@intel.com > -Original Message- > From: Ni, Ruiyu > Sent: Monday, February 27, 2017 3:23 PM > To: edk2-devel@lists.01.org > Cc: Yao, Jiewen > Subject: [PATCH v2 03/11] SignedCapsulePkg/IniParsing: Rename StrToGuid to > avoid link failure > >

Re: [edk2] [PATCH v2 07/11] MdeModulePkg/CapsuleApp: Use StrToGuid in BaseLib

Reviewed-by: jiewen@intel.com > -Original Message- > From: Ni, Ruiyu > Sent: Monday, February 27, 2017 3:23 PM > To: edk2-devel@lists.01.org > Cc: Yao, Jiewen > Subject: [PATCH v2 07/11] MdeModulePkg/CapsuleApp: Use StrToGuid in BaseLib > > Contributed-under:

Re: [edk2] [PATCH v4 6/6] UefiCpuPkg/PiSmmCpuDxeSmm: Add support for PCD PcdPteMemoryEncryptionAddressOrMask

Leo, I just saw your patch removed SetCacheability() also. I will drop my patch in https://www.mail-archive.com/edk2-devel@lists.01.org/msg22944.html :-) Thanks! Jeff -Original Message- From: Leo Duran [mailto:leo.du...@amd.com] Sent: Monday, February 27, 2017 1:43 AM To:

[edk2] [PATCH] ShellPkg/bcfg: Add Shell Spec 2.2 modification functionality

From: chen881220 Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chen A Chen Cc: Jaben Carsey --- .../UefiShellBcfgCommandLib.c | 352 -

Re: [edk2] [PATCH 1/7] IntelFrameworkModulePkg: Replace [Ascii|Unicode]ValueToString

Reviewed-by: Jeff Fan -Original Message- From: Wu, Hao A Sent: Tuesday, February 21, 2017 7:35 PM To: edk2-devel@lists.01.org Cc: Wu, Hao A; Yao, Jiewen; Fan, Jeff Subject: [PATCH 1/7] IntelFrameworkModulePkg: Replace [Ascii|Unicode]ValueToString It is the follow

Re: [edk2] [PATCH v3 12/12] UefiCpuPkg: Refine casting expression result to bigger size

Reviewed-by: Jeff Fan -Original Message- From: Wu, Hao A Sent: Saturday, February 25, 2017 1:13 PM To: edk2-devel@lists.01.org Cc: Wu, Hao A; Fan, Jeff Subject: [PATCH v3 12/12] UefiCpuPkg: Refine casting expression result to bigger size There are cases that the

Re: [edk2] [PATCH v3 11/12] SourceLevelDebugPkg: Refine casting expression result to bigger size

Reviewed-by: Jeff Fan -Original Message- From: Wu, Hao A Sent: Saturday, February 25, 2017 1:13 PM To: edk2-devel@lists.01.org Cc: Wu, Hao A; Fan, Jeff Subject: [PATCH v3 11/12] SourceLevelDebugPkg: Refine casting expression result to bigger size There are cases

Re: [edk2] [PATCH v3 08/12] PcAtChipsetPkg: Refine casting expression result to bigger size

Reviewed-by: Ruiyu Ni Thanks/Ray > -Original Message- > From: Wu, Hao A > Sent: Saturday, February 25, 2017 1:13 PM > To: edk2-devel@lists.01.org > Cc: Wu, Hao A ; Ni, Ruiyu > Subject: [PATCH v3 08/12] PcAtChipsetPkg: Refine

[edk2] [PATCH v2 10/11] SignedCapsulePkg/IniParsingLib: Use AsciiStrToGuid in BaseLib

Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ruiyu Ni Cc: Jiewen Yao --- .../Library/IniParsingLib/IniParsingLib.c | 146 + 1 file changed, 3 insertions(+), 143 deletions(-) diff --git

[edk2] [PATCH v2 09/11] ShellPkg/Debug1CommandLib: Use StrToGuid/StrHexToBytes in BaseLib

Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ruiyu Ni Cc: Jaben Carsey --- .../Library/UefiShellDebug1CommandsLib/DmpStore.c | 7 +- .../Library/UefiShellDebug1CommandsLib/SetVar.c| 12 +--

[edk2] [PATCH v2 11/11] MdeModulePkg/NetLib: Use StrToIpv4/6Address in BaseLib

Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ruiyu Ni Cc: Siyuan Fu --- MdeModulePkg/Include/Library/NetLib.h | 5 +- MdeModulePkg/Library/DxeNetLib/DxeNetLib.c | 382 +++-- 2 files changed, 32

[edk2] [PATCH v2 07/11] MdeModulePkg/CapsuleApp: Use StrToGuid in BaseLib

Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ruiyu Ni Cc: Jiewen Yao --- MdeModulePkg/Application/CapsuleApp/AppSupport.c | 140 +-- MdeModulePkg/Application/CapsuleApp/CapsuleApp.c | 27 + 2 files

[edk2] [PATCH v2 01/11] MdePkg: Define IPv4_ADDRESS and IPv6_ADDRESS in Base.h

Since the following patch needs to add API converting string to IP address in BaseLib, define the IP address as base types in Base.h. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ruiyu Ni Cc: Liming Gao ---

[edk2] [PATCH v2 08/11] SecurityPkg/SecureBootConfigDxe: Use StrToGuid in BaseLib

Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ruiyu Ni Cc: Jiewen Yao --- .../SecureBootConfigDxe/SecureBootConfigImpl.c | 12 +- .../SecureBootConfigDxe/SecureBootConfigImpl.h | 22 +---

[edk2] [PATCH v2 06/11] MdePkg/UefiDevicePathLib: Use BaseLib string conversion services

Update UefiDevicePathLib to use StrToGuid/StrHexToBytes /StrToIpv4Address/StrToIpv6Address provided by BaseLib. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ruiyu Ni Cc: Liming Gao ---

[edk2] [PATCH v2 02/11] MdePkg/UefiDevicePathLib: Rename StrToGuid to avoid link failure

Since the next patch will add StrToGuid in BaseLib, renaming the internal function StrToGuid to DevicePathLibStrToGuid to avoid link failure. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ruiyu Ni Cc: Liming Gao ---

[edk2] [PATCH v2 00/11] Add StrToGuid/HexToBytes/Ipv4/Ipv6 in BaseLib

The patch set adds StrToGuid/StrHexToBytes/StrToIPv4Address /StrToIPv6Address and the accordingly ASCII versioins to BaseLib. It also changes all existing consumers to use the new APIs. v2: Return UNSUPPORTED for cases when the string is malformatted. Update consumer code to use RETURN_STATUS

[edk2] [PATCH v2 03/11] SignedCapsulePkg/IniParsing: Rename StrToGuid to avoid link failure

Since the next patch will add AsciiStrToGuid in BaseLib, renaming the internal function AsciiStrToGuid to IniAsciiStrToGuid to avoid link failure. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ruiyu Ni Cc: Jiewen Yao ---

[edk2] [PATCH v2 05/11] MdePkg/BaseLib: Add AsciiStrToGuid/HexToBytes/ToIpv[4/6]Address

The patch adds 4 APIs to convert ASCII string to GUID, bytes buffer, IP v4 address and IP v6 address. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ruiyu Ni Cc: Liming Gao Cc: Jiewen Yao Cc: Siyuan Fu

[edk2] [PATCH v2 04/11] MdePkg/BaseLib: Add StrToGuid/StrHexToBytes/StrToIpv[4/6]Address

The patch adds 4 APIs to convert Unicode string to GUID, bytes buffer, IP v4 address and IP v6 address. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ruiyu Ni Cc: Liming Gao Cc: Jiewen Yao Cc: Siyuan Fu

[edk2] [PATCH v2] CryptoPkg/OpensslLib: Upgrade OpenSSL version to 1.0.2k

v2: Re-generate the patch after the new OpensslLibCrypto instance. OpenSSL 1.0.2k was released with several severity fixes at 26-Jan-2017 (https://www.openssl.org/news/secadv/20170126.txt). This patch is to upgrade the supported OpenSSL version in CryptoPkg/OpensslLib to catch the latest release

Re: [edk2] [patch] MdeModulePkg/BMMUiLib: Replace same logic with API in UefiBootManagerLib

Reviewed-by: Ruiyu Ni Thanks/Ray > -Original Message- > From: Bi, Dandan > Sent: Monday, February 27, 2017 3:15 PM > To: edk2-devel@lists.01.org > Cc: Dong, Eric ; Ni, Ruiyu ; Zeng, > Star > Subject:

Re: [edk2] [PATCH v3 6/6] ShellPkg: Refine type cast for pointer subtraction

Reviewed-by: Ruiyu Ni Thanks/Ray > -Original Message- > From: Wu, Hao A > Sent: Saturday, February 25, 2017 12:05 PM > To: edk2-devel@lists.01.org > Cc: Wu, Hao A ; Carsey, Jaben > ; Ni, Ruiyu >

[edk2] [patch] MdeModulePkg/BMMUiLib: Replace same logic with API in UefiBootManagerLib

Use the API　EfiBootManagerDeleteLoadOptionVariable in UefiBootManagerLib　to replace the same logic in function Var_DelBootOption/Var_DelDriverOption. This can make code clean and prevent potential bugs. https://bugzilla.tianocore.org/show_bug.cgi?id=391 Cc: Eric Dong Cc:

Re: [edk2] [PATCH v3 6/6] ShellPkg: Refine type cast for pointer subtraction

Thanks/Ray > -Original Message- > From: Wu, Hao A > Sent: Monday, February 27, 2017 1:59 PM > To: Ni, Ruiyu ; edk2-devel@lists.01.org > Cc: Carsey, Jaben > Subject: RE: [PATCH v3 6/6] ShellPkg: Refine type cast for pointer subtraction > > >

Re: [edk2] [PATCH v3 04/12] IntelFrameworkModulePkg: Refine casting expression result to bigger size

Reviewed-by: Jeff Fan -Original Message- From: Wu, Hao A Sent: Saturday, February 25, 2017 1:12 PM To: edk2-devel@lists.01.org Cc: Wu, Hao A; Fan, Jeff Subject: [PATCH v3 04/12] IntelFrameworkModulePkg: Refine casting expression result to bigger size There are

Re: [edk2] [PATCH v3 3/6] IntelFrameworkModulePkg: Refine type cast for pointer subtraction

Reviewed-by: Jeff Fan -Original Message- From: Wu, Hao A Sent: Saturday, February 25, 2017 12:05 PM To: edk2-devel@lists.01.org Cc: Wu, Hao A; Fan, Jeff Subject: [PATCH v3 3/6] IntelFrameworkModulePkg: Refine type cast for pointer subtraction For pointer

Re: [edk2] [PATCH v3 4/6] MdeModulePkg/DxeCore: use separate lock for pool allocations

CoreAllocatePoolPages() could not be updated simply by adding CoreAcquireMemoryLock() and CoreReleaseMemoryLock(), it is also used by AllocateMemoryMapEntry() with the lock locked. Thanks, Star -Original Message- From: Gao, Liming Sent: Monday, February 27, 2017 2:43 PM To: Ard

Re: [edk2] [PATCH v3 6/6] MdeModulePkg/DxeCore: implement memory protection policy

Ard: I have minor comment. GetPermissionAttributeForMemoryType() function header comment doesn't match its definition, and IsInSmm() has no function header. Thanks Liming >-Original Message- >From: Ard Biesheuvel [mailto:ard.biesheu...@linaro.org] >Sent: Monday, February 27, 2017 2:30

Re: [edk2] [PATCH] UefiCpuPkg/PiSmmCpuDxeSmm: Remove used SetCacheability()

Reviewed-by: Feng Tian Thanks Feng -Original Message- From: Fan, Jeff Sent: Monday, February 27, 2017 1:31 PM To: edk2-devel@lists.01.org Cc: Leo Duran ; Tian, Feng ; Kinney, Michael D Subject:

Re: [edk2] [PATCH v3 4/6] MdeModulePkg/DxeCore: use separate lock for pool allocations

Ard: I agree to separate lock for pool allocations. I suggest you update CoreAllocatePoolPages() and CoreFreePoolPages() implementation by adding CoreAcquireMemoryLock() and CoreReleaseMemoryLock(). If so, you don't need to introduce new CoreAllocatePoolPagesI () and CoreFreePoolPagesI ().

Re: [edk2] [PATCH v3 2/6] MdeModulePkg/PeiCore: allocate BootServicesCode memory for PE/COFF images

Ard: In line 128, there is another AllocatePages() to allocate memory to store the code. To be consistent, could you help also update it? Thanks Liming >-Original Message- >From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Ard >Biesheuvel >Sent: Monday,

Re: [edk2] [Patch 0/2] Ignore duplicated DNS address check

Series Reviewed-by: Hegde, Nagaraj P Series Tested-by: Hegde, Nagaraj P -Original Message- From: Jiaxin Wu [mailto:jiaxin...@intel.com] Sent: Thursday, February 23, 2017 11:01 AM To: edk2-devel@lists.01.org Cc: Hegde, Nagaraj P

Re: [edk2] [platforms/devel-MinnowBoard3] Reformat ReadMe.MD with markdown (github) and simplify instructions

Thanks Rebecca. I tried to apply your patch but failed with the below errors, could you update and send the patch again? .git/rebase-apply/patch:16: trailing whitespace. # INDEX .git/rebase-apply/patch:17: trailing whitespace. .git/rebase-apply/patch:26: trailing whitespace.

Re: [edk2] [PATCH v3 6/6] ShellPkg: Refine type cast for pointer subtraction

> -Original Message- > From: Ni, Ruiyu > Sent: Monday, February 27, 2017 1:10 PM > To: Wu, Hao A; edk2-devel@lists.01.org > Cc: Carsey, Jaben > Subject: RE: [PATCH v3 6/6] ShellPkg: Refine type cast for pointer subtraction > > > > Thanks/Ray > > > -Original Message- > > From:

Re: [edk2] [PATCH v2] SecurityPkg: Fix potential bug in Security Boot dxe.

Reviewed-by: Zhang Chao -Original Message- From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Zhang Lubo Sent: Wednesday, February 22, 2017 5:01 PM To: edk2-devel@lists.01.org Cc: Yao, Jiewen ; Zhang, Chao B

[edk2] [PATCH] UefiCpuPkg/PiSmmCpuDxeSmm: Remove used SetCacheability()

No one uses the internal function SetCacheability(). https://bugzilla.tianocore.org/show_bug.cgi?id=400 This updating is suggested by Leo' comments at https://www.mail-archive.com/edk2-devel@lists.01.org/msg22634.html Cc: Leo Duran Cc: Feng Tian Cc:

Re: [edk2] [PATCH v3 0/6] RFC: increased memory protection

Thanks Ard. I found V3 5/6 has typo below: + gEfiMdeModulePkgTokenSpaceGuid.PcdDxeMemoryProtectionPolicy|0x000|UINT64|0x1048 It should be PcdDxeNxMemoryProtectionPolicy. Or I got build failure. With above typo update, all series reviewed-by:

Re: [edk2] [PATCH v3 6/6] ShellPkg: Refine type cast for pointer subtraction

Thanks/Ray > -Original Message- > From: Wu, Hao A > Sent: Saturday, February 25, 2017 12:05 PM > To: edk2-devel@lists.01.org > Cc: Wu, Hao A ; Carsey, Jaben > ; Ni, Ruiyu > Subject: [PATCH v3 6/6] ShellPkg: Refine type

Re: [edk2] [PATCH v3 03/12] FatPkg: Refine casting expression result to bigger size

Reviewed-by: Ruiyu Ni Thanks/Ray > -Original Message- > From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of > Hao Wu > Sent: Saturday, February 25, 2017 1:12 PM > To: edk2-devel@lists.01.org > Cc: Wu, Hao A ; Ni, Ruiyu

[edk2] Duet fails to load custom shell

Hi, 64 I created a Duet usb stick using a precompiled package that prepared the usb drive as a 'UDK_X64' path. I then copied a precompiled bootx64.efi file into the boot folder and even though that works wanted to compile my own version of shellx64.efi using VS2013x86 building it as release X64

[edk2] [platforms/devel-MinnowBoard3] Reformat ReadMe.MD with markdown (github) and simplify instructions

The formatting of ReadMe.MD on GitHub wasn't very nice, with steps running into one another. This change reformats the text to use GitHub Flavored Markdown. It also simplifies a few of the steps, for example combining the git clone and rename into a single command. Cc: David Wei

Re: [edk2] [PATCH v2 4/5] Nt32Pkg: exclude libssl functionality from OpensslLib if TLS_ENABLE=FALSE

Reviewed-by: Ruiyu Ni Thanks/Ray > -Original Message- > From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of > Laszlo Ersek > Sent: Friday, February 24, 2017 7:02 PM > To: edk2-devel-01 > Cc: Ni, Ruiyu ;

Re: [edk2] [PATCH v3 2/6] CryptoPkg: Refine type cast for pointer subtraction

Reviewed-by: Qin Long > -Original Message- > From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of > Hao Wu > Sent: Saturday, February 25, 2017 12:05 PM > To: edk2-devel@lists.01.org > Cc: Wu, Hao A; Ye, Ting; Long, Qin > Subject: [edk2] [PATCH v3

Re: [edk2] [PATCH v3 10/12] ShellPkg: Refine casting expression result to bigger size

Reviewed-by: Ruiyu Ni Thanks/Ray > -Original Message- > From: Wu, Hao A > Sent: Saturday, February 25, 2017 1:13 PM > To: edk2-devel@lists.01.org > Cc: Wu, Hao A ; Carsey, Jaben > ; Ni, Ruiyu > Subject:

Re: [edk2] [PATCH] UefiCpuPkg/CpuDxe: Do not ASSERT on AllocateMemorySpace() error

Yes. Some platform sets memory allocation HOB. It makes sense. So, I remove ASSERT() from the code. -Original Message- From: Laszlo Ersek [mailto:ler...@redhat.com] Sent: Friday, February 24, 2017 5:44 PM To: Fan, Jeff; edk2-de...@ml01.01.org Cc: Zeng, Star; Tian, Feng; Kinney, Michael

Re: [edk2] [PATCH v3 07/12] NetworkPkg: Refine casting expression result to bigger size

Reviewed-by: Wu Jiaxin Thanks, Jiaxin > -Original Message- > From: Wu, Hao A > Sent: Saturday, February 25, 2017 1:13 PM > To: edk2-devel@lists.01.org > Cc: Wu, Hao A ; Fu, Siyuan ; > Wu, Jiaxin >

Re: [edk2] [PATCH v4 1/6] MdeModulePkg: Add PCD PcdPteMemoryEncryptionAddressOrMask

We saw you defined 4K/2M/1G in previous patch series, #define PAGING_4K_ADDRESS_MASK_64 0x000FF000ull #define PAGING_2M_ADDRESS_MASK_64 0x000FFFE0ull #define PAGING_1G_ADDRESS_MASK_64 0x000FC000ull But only 1G mask is defined and used in this patch series, is that on

Re: [edk2] [PATCH v3 4/6] MdeModulePkg/DxeCore: use separate lock for pool allocations

Minor comment: CoreFreePoolPagesI() has no need to have PoolType parameter, how about to remove it? Thanks, Star -Original Message- From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Ard Biesheuvel Sent: Monday, February 27, 2017 2:30 AM To: edk2-devel@lists.01.org;

Re: [edk2] [PATCH 0/2] Dp: Add check to avoid NULL pointer dereference

Reviewed-by: Star Zeng -Original Message- From: Wu, Hao A Sent: Monday, February 27, 2017 9:39 AM To: edk2-devel@lists.01.org Cc: Wu, Hao A ; Zeng, Star Subject: [PATCH 0/2] Dp: Add check to avoid NULL pointer dereference

[edk2] [PATCH 2/2] ShellPkg/UefiDpLib: Add check to avoid NULL pointer dereference

Cc: Star Zeng Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Hao Wu --- ShellPkg/Library/UefiDpLib/Dp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ShellPkg/Library/UefiDpLib/Dp.c

[edk2] [PATCH 0/2] Dp: Add check to avoid NULL pointer dereference

Cc: Star Zeng Hao Wu (2): PerformancePkg/Dp_App: Add check to avoid NULL pointer dereference ShellPkg/UefiDpLib: Add check to avoid NULL pointer dereference PerformancePkg/Dp_App/Dp.c | 2 +- ShellPkg/Library/UefiDpLib/Dp.c | 2 +- 2 files changed, 2

[edk2] [PATCH 1/2] PerformancePkg/Dp_App: Add check to avoid NULL pointer dereference

Cc: Star Zeng Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Hao Wu --- PerformancePkg/Dp_App/Dp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/PerformancePkg/Dp_App/Dp.c b/PerformancePkg/Dp_App/Dp.c index

Re: [edk2] [PATCH 4/7] SignedCapsulePkg: Replace [Ascii|Unicode]ValueToString

Reviewed-by: jiewen@intel.com > -Original Message- > From: Wu, Hao A > Sent: Tuesday, February 21, 2017 7:36 PM > To: edk2-devel@lists.01.org > Cc: Wu, Hao A ; Yao, Jiewen > Subject: [PATCH 4/7] SignedCapsulePkg: Replace

Re: [edk2] [PATCH v2 1/5] CryptoPkg/OpensslLib: refresh OpensslLib.inf, opensslconf.h after 32387e00

Reviewed-by: Wu Jiaxin > -Original Message- > From: Laszlo Ersek [mailto:ler...@redhat.com] > Sent: Friday, February 24, 2017 7:01 PM > To: edk2-devel-01 > Cc: Ard Biesheuvel ; Gary Lin ; > Wu,

Re: [edk2] [PATCH v2 4/5] Nt32Pkg: exclude libssl functionality from OpensslLib if TLS_ENABLE=FALSE

Reviewed-by: Wu Jiaxin Thanks, Jiaxin > -Original Message- > From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of > Laszlo Ersek > Sent: Friday, February 24, 2017 7:02 PM > To: edk2-devel-01 > Cc: Ni, Ruiyu

Re: [edk2] [PATCH v3 4/6] MdeModulePkg/DxeCore: use separate lock for pool allocations

On 26 February 2017 at 18:30, Ard Biesheuvel wrote: > In preparation of adding memory permission attribute management to > the pool allocator, split off the locking of the pool metadata into > a separate lock. This is an improvement in itself, given that pool >

[edk2] [PATCH v3 5/6] MdeModulePkg: define PCD for DXE memory protection policy

Define a new fixed/patchable PCD that sets the DXE memory protection policy: its primary use is to define which memory types should have their executable permissions removed. Combined with the image protection policy, this can be used to implement a strict W^X policy, i.e.. a policy where no

[edk2] [PATCH v3 2/6] MdeModulePkg/PeiCore: allocate BootServicesCode memory for PE/COFF images

Ensure that any memory allocated for PE/COFF images is identifiable as a boot services code region, so that we know it requires its executable permissions to be preserved when we tighten mapping permissions later on. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard

[edk2] [PATCH v3 6/6] MdeModulePkg/DxeCore: implement memory protection policy

This implements a DXE memory protection policy that ensure that regions that don't require executable permissions are mapped with the non-exec attribute set. First of all, it iterates over all entries in the UEFI memory map, and removes executable permissions according to the configured DXE

[edk2] [PATCH v3 3/6] MdeModulePkg/EbcDxe: use EfiBootServicesCode memory for thunks

The EBC driver emits thunks for native to EBC calls, which are short instructions sequences that bridge the gap between the native execution environment and the EBC virtual machine. Since these thunks are allocated using MemoryAllocationLib::AllocatePool(), they are emitted into

[edk2] [PATCH v3 1/6] ArmPkg/CpuDxe: ignore attribute changes during SyncCacheConfig()

To prevent the initial MMU->GCD memory space map synchronization from stripping permissions attributes [which we cannot use in the GCD memory space map, unfortunately], implement the same approach as x86, and ignore SetMemoryAttributes() calls during the time SyncCacheConfig() is in progress. This

[edk2] [PATCH v3 0/6] RFC: increased memory protection

Hello all, This is a proof of concept implementation that removes all executable permissions from writable memory regions, which greatly enhances security. It is based on Jiewen's recent work, which is a step in the right direction, but still leaves most of memory exploitable due to the default

[edk2] [PATCH v3 4/6] MdeModulePkg/DxeCore: use separate lock for pool allocations

In preparation of adding memory permission attribute management to the pool allocator, split off the locking of the pool metadata into a separate lock. This is an improvement in itself, given that pool allocation can only interfere with the page allocation bookkeeping if pool pages are allocated

[edk2] [PATCH v4 3/6] MdeModulePkg/Universal/CapsulePei: Add support for PCD PcdPteMemoryEncryptionAddressOrMask

This PCD holds the address mask for page table entries when memory encryption is enabled on AMD processors supporting the Secure Encrypted Virtualization (SEV) feature. The mask is applied when 4GB tables are created (UefiCapsule.c), and when the tables are expanded on-demand by page-faults above

[edk2] [PATCH v4 1/6] MdeModulePkg: Add PCD PcdPteMemoryEncryptionAddressOrMask

This PCD holds the address mask for page table entries when memory encryption is enabled on AMD processors supporting the Secure Encrypted Virtualization (SEV) feature. Cc: Feng Tian Cc: Star Zeng Cc: Laszlo Ersek Contributed-under:

[edk2] [PATCH v4 4/6] UefiCpuPkg/Universal/Acpi/S3Resume2Pei: Add support for PCD PcdPteMemoryEncryptionAddressOrMask

This PCD holds the address mask for page table entries when memory encryption is enabled on AMD processors supporting the Secure Encrypted Virtualization (SEV) feature. The mask is applied when page tables are created (S3Resume.c). CC: Jeff Fan Cc: Feng Tian

[edk2] [PATCH v4 2/6] MdeModulePkg/Core/DxeIplPeim: Add support for PCD PcdPteMemoryEncryptionAddressOrMask

This PCD holds the address mask for page table entries when memory encryption is enabled on AMD processors supporting the Secure Encrypted Virtualization (SEV) feature. The mask is applied when creating page tables. Cc: Feng Tian Cc: Star Zeng Cc:

[edk2] [PATCH v4 0/6] Add PCD PcdPteMemoryEncryptionAddressOrMask

This new PCD holds the address mask for page table entries when memory encryption is enabled on AMD processors supporting the Secure Encrypted Virtualization (SEV) feature. This mask is be applied when creating or modifying page-table entries. For example, the OvmfPkg would set the PCD when

[edk2] [PATCH v4 6/6] UefiCpuPkg/PiSmmCpuDxeSmm: Add support for PCD PcdPteMemoryEncryptionAddressOrMask

This PCD holds the address mask for page table entries when memory encryption is enabled on AMD processors supporting the Secure Encrypted Virtualization (SEV) feature. The mask is applied when page tables entriees are created or modified. CC: Jeff Fan Cc: Feng Tian

[edk2] [PATCH v4 5/6] MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe: Add support for PCD PcdPteMemoryEncryptionAddressOrMask

This PCD holds the address mask for page table entries when memory encryption is enabled on AMD processors supporting the Secure Encrypted Virtualization (SEV) feature. This module updates the under-4GB page tables configured by the S3-Resume code in UefiCpuPkg/Universal/Acpi/S3Resume2Pei. The

Re: [edk2] [PATCH v2 0/5] RFC: increased memory protection

On 25 February 2017 at 04:04, Yao, Jiewen wrote: > Thank you Ard. I like this patch - simple and obvious. > Thank you > I put all my comment together for your consideration. > > 1) Patch V2 1/5 -- reviewed-by: jiewen@intel.com > 2) Patch V2 2/5 - reviewed-by:

Re: [edk2] [PATCH] MdeModulePkg/DxeCore: base code protection on permission attributes

On 25 February 2017 at 04:04, Yao, Jiewen wrote: > Hi Ard > I agree with you on this enhancement. > > I prefer to adding the description as comment in the code, so that people > can get clear picture when he/she reads the code. > > // > // Instead of assuming that a PE/COFF