| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Print HOB information at top of StandaloneMmMain().
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Signed-off-by: Wei6 Xu <wei6.xu@intel.com>
|
|
Leverage generic HOB print code in MdeModulePkg/Library/HobPrintLib.
Print UefiPayload specified GUID HOB info as custom HOB print handler
when calling the PrintHobList() interface.
Cc: Guo Dong <guo.dong@intel.com>
Cc: Sean Rhodes <sean@starlabs.systems>
Cc: James Lu <james.lu@intel.com>
Cc: Gua Guo <gua.guo@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Signed-off-by: Wei6 Xu <wei6.xu@intel.com>
|
|
The HobPrintLib prints all HOB info from the HOB list. The code is
abstracted from UefiPayloadPkg/UefiPayloadEntry/PrintHob.c.
Cc: Guo Dong <guo.dong@intel.com>
Cc: Sean Rhodes <sean@starlabs.systems>
Cc: James Lu <james.lu@intel.com>
Cc: Gua Guo <gua.guo@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Signed-off-by: Wei6 Xu <wei6.xu@intel.com>
|
|
Interface PrintHobList() is added to dump all HOBs info in the HobList.
Caller could specify a custom HOB print handler to replace the default
print handler when calling the interface.
Cc: Ray Ni <ray.ni@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: Wei6 Xu <wei6.xu@intel.com>
|
|
For SMM, the SMM Handlers is to validate the buffer outside MMRAM
including the Primary & NonPrimary buffer.
For MM, the MM Handlers do not need to validate the Primary buffer
if it is passed from MmCore through the MmiHandler() parameter.
Return TRUE directly in this case. But need to validate NonPrimary
buffer that outside MMRAM.
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Hongbin1 Zhang <hongbin1.zhang@intel.com>
Cc: Wei6 Xu <wei6.xu@intel.com>
Cc: Dun Tan <dun.tan@intel.com>
Cc: Yuanhao Xie <yuanhao.xie@intel.com>
|
|
VariableSmmIsBufferOutsideSmmValid function is to check the buffer
is outside SMM or not. This patch fix the issue that always return
true for MM.
Meanwhile, this patch renames VariableSmmIsBufferOutsideSmmValid
to VariableSmmIsNonPrimaryBufferValid.
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Hongbin1 Zhang <hongbin1.zhang@intel.com>
Cc: Wei6 Xu <wei6.xu@intel.com>
Cc: Dun Tan <dun.tan@intel.com>
Cc: Yuanhao Xie <yuanhao.xie@intel.com>
|
|
Add a new function (VariableSmmIsPrimaryBufferValid) to check
Primary Buffer valid or not.
original function (VariableSmmIsBufferOutsideSmmValid) is used to
check the buffer outside MMRAM.
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Hongbin1 Zhang <hongbin1.zhang@intel.com>
Cc: Wei6 Xu <wei6.xu@intel.com>
Cc: Dun Tan <dun.tan@intel.com>
Cc: Yuanhao Xie <yuanhao.xie@intel.com>
|
|
For MM, the MM Handlers do not need to validate the buffer if it is
the CommBuffer passed from MmCore through the MmiHandler() parameter.
Return TRUE directly in this case. Fix buffer valid check for MM in
this patch.
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Hongbin1 Zhang <hongbin1.zhang@intel.com>
Cc: Wei6 Xu <wei6.xu@intel.com>
Cc: Dun Tan <dun.tan@intel.com>
Cc: Yuanhao Xie <yuanhao.xie@intel.com>
|
|
In the MdeModulePkg/VarCheckPolicyLib, the Primary Buffer
(CommBuffer) check function has been updated to match the buffer
validation behavior.
For SMM, the SMM Handlers is to validate the buffer outside MMRAM.
For MM, the MM Handlers do not need to validate the buffer if it is
the CommBuffer passed from MmCore through the MmiHandler() parameter.
Return TRUE directly in this case. Existing code is incorrect for
the MM check. This will be fixed in the following patch.
There is no function impact.
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Hongbin1 Zhang <hongbin1.zhang@intel.com>
Cc: Wei6 Xu <wei6.xu@intel.com>
Cc: Dun Tan <dun.tan@intel.com>
Cc: Yuanhao Xie <yuanhao.xie@intel.com>
|
|
In the MdeModulePkg/FaultTolerantWriteSmm, the Primary Buffer
(CommBuffer) check function has been updated to match the buffer
validation behavior:
For SMM, the SMM Handlers is to validate the buffer outside MMRAM.
For MM, the MM Handlers do not need to validate the buffer if it is
the CommBuffer passed from MmCore through the MmiHandler() parameter.
Return TRUE directly in this case.
There is no function impact.
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Hongbin1 Zhang <hongbin1.zhang@intel.com>
Cc: Wei6 Xu <wei6.xu@intel.com>
Cc: Dun Tan <dun.tan@intel.com>
Cc: Yuanhao Xie <yuanhao.xie@intel.com>
|
|
struct.unpack() returns a tuple even for a single-element pack,
resulting in signature verification being evaluated to false even when
the signature is there.
This fixes --decode and --dump-info actions incorrectly reporting issues
with parsing capsule dependencies when there are none.
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
|
|
Just add a space between colon and a more detailed error message in two
places.
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
|
|
--decode unconditionally uses args.OutputFile.name as a prefix for
output files that it creates and fails in a non-pretty way without
--output option.
This doesn't address creation/truncation of the file specified via
--output, but at least you're able to decode a capsule.
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
|
|
Print error text from the exception.
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
|
|
This field seems to be one-based according UEFI specification, default
value is 1 and --decode of GenerateCapsule.py errors upon seeing
UpdateImageIndex less than 1. So align --encode behaviour to enforce a
value within the 1..255 range.
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
|
|
Commit b68d566439683d0ebe60d52c85ff0e90331db740 added support for
input subject name with signtool and broke --decode operation by using
incorrect identifier in one place (could be an incomplete rename during
review).
It's `args.SignToolSubjectName`, not `args.SignSubjectName`.
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
|
|
This gives a caller a chance to report a meaningful error to the user.
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
|
|
This patch is to consume the PcdCpuSmmApSyncTimeout2 to
enhance the flexibility of timeout configuration.
In some cases, certain processors may not be able to enter
SMI, and prolonged waiting could lead to kernel soft/hard
lockup. We have now defined two timeouts. The first timeout
can be set to a smaller value to reduce the waiting period.
Processors that are unable to enter SMI will be woken up
through SMIIPL to enter SMI, followed by a second waiting
period. The second timeout can be set to a larger value to
prevent delays in processors entering SMI case due to the
long instruction execution.
This patch adjust the location of PcdCpuSmmApSyncTimeout2
to avoid conflict.
Signed-off-by: Yanbo Huang <yanbo.huang@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
|
|
This reverts commit cb3134612d11102fe066c94c8fa7edb20d62c1a8.
Intel server platform sync this commit will hit conflict since our code base is old.
We don't want to cherry-pick the dependent patches to avoid potential issue.
We need to revert this commit first and then fix the conflict and reapply the change.
Sorry for the incovenience.
Signed-off-by: Yanbo Huang <yanbo.huang@intel.com>
|
|
Because the complex dependency between SerialPortLib and
PciExpressLib leads to multiple references to the lib
library in the loongarch dsc file, optimizing SerialPortLib
now simplifies multiple references to lib in the dsc file.
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Bibo Mao <maobibo@loongson.cn>
Cc: Chao Li <lichao@loongson.cn>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Xianglai Li <lixianglai@loongson.cn>
Signed-off-by: Xianglai Li <lixianglai@loongson.cn>
|
|
Support the module type for MM_CORE_STANDALONE
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
|
|
Support the module type for MM_CORE_STANDALONE
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
|
|
This change fixes an issue where the returned section data length
is always 4 bytes larger than the actual section length. This could
cause an issue where the caller accesses the final 4 bytes which
would be invalid.
Co-authored-by: Kun Qin <kuqin@microsoft.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
|
|
MMIO ranges within the mProtectionMemRange array may exceed 4G
and should be configured as 'Present & NX'. However, the initial
attribute for these MMIO addresses in the page table is
'non-present'. Other attributes should not be set or updated for
a non-present range if the present bit mask is zero, as this could
result in an error during the InitPaging for the page table update
process.
This patch is to resolve the error to make sure MMIO page table
can be configured correctly.
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
|
|
For TDCALL leaf TDG.VP.INFO, the bit 31:0 in R8 returns NUM_VCPUS and
bit 63:32 in R8 returns MAX_VCPUS. Current struct
TDCALL_INFO_RETURN_DATA defines them in wrong order.
Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Laszlo Ersek <lersek@redhat.com>
|
|
Cast pointer type to VOID* to avoid potential build error.
If the two PCD are FixAtBuild, PcdGetPtr will return a const
type pointer. Since the second parameter of BuildGuidDataHob
is VOID*, build error may happen with following log:
C4090: 'function': different 'const' qualifiers
Signed-off-by: Dun Tan <dun.tan@intel.com>
|
|
Write the feature bit into PcdConfidentialComputingGuestAttr
and enable DebugVirtualization in PEI, SEC, DXE.
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: Min Xu <min.m.xu@intel.com>
Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Alexey Kardashevskiy <aik@amd.com>
---
Changes:
v5:
* "rb" from Tom
v4:
* s/DebugSwap/DebugVirtualization/g
|
|
CONFIDENTIAL_COMPUTING_GUEST_ATTR is not a simple SEV level anymore
and includes a feature mask since the previous commit.
Fix AmdMemEncryptionAttrCheck to check the level and feature
correctly and add DebugVirtualization support.
Since the actual feature flag is not set yet, this should cause
no behavioural change.
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Alexey Kardashevskiy <aik@amd.com>
---
Changes:
v5:
* "rb" from Tom
|
|
The SEV-ES DebugVirtualization feature enables type B swapping of
debug registers on #VMEXIT and makes #DB and DR7 intercepts
unnecessary and unwanted.
When DebugVirtualization is enabled, this stops booting if
interaction from the HV.
Add new API to PEI, SEC, DXE.
This does not change the existing behaviour yet.
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: Min Xu <min.m.xu@intel.com>
Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Alexey Kardashevskiy <aik@amd.com>
---
Changes:
v5:
* "rb" from Tom
v4:
* s/DebugSwap/DebugVirtualization/
|
|
PcdConfidentialComputingGuestAttr so far only contained an SEV mode bit
but there are more other features which do not translate to levels
such as DebugVirtualization or SecureTsc.
Add the feature mask and the DebugVirtualization feature bit to the PCD.
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Alexey Kardashevskiy <aik@amd.com>
---
Changes:
v4:
* s/CCAttrFeatureAmdSevDebugSwap/CCAttrFeatureAmdSevEsDebugVirtualization/
v2:
* expanded features mask
* added type mask
|
|
For now we need DebugSwap but others are likely to be needed too.
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Alexey Kardashevskiy <aik@amd.com>
Changes:
v5:
* "rb" from Tom
v4:
* added more from April/2024 APM
|
|
RISC-V ovmf used VirtualRealTimeClockLib but the default epoch is a
compilation time. It causes that the RISC-V ovmf binary image is NOT
reproducible.
This patch added the support of SOURCE_DATE_EPOCH by printenv command.
If SOURCE_DATE_EPOCH be found then we use it as BUILD_EPOCH. Otherwise
we run date command for setting BUILD_EPOCH.
For distributions want a reproducible RISC-V ovmf image, they should
export SOURCE_DATE_EPOCH environment variable before building ovmf.
References: https://reproducible-builds.org/docs/source-date-epoch/
Cc: Pete Batard <pete@akeo.ie>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: "Lee, Chun-Yi" <jlee@suse.com>
|
|
Most of the definitions in this file are currently well documented.
This adds documentation for a few missing fields in the NVMe
Controller Capabilities structure.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
|
|
If kernel hashes are enabled but no initrd is provided,
QEMU will still create an entry in the hash table, but it
will be the hash of an empty buffer.
Remove the explicit check for the length of the blob.
This logic will be handled by the later hash comparison,
which will still fail when the blob is not present
but is expected, but will pass when the blob is not present
and the hash table contains a hash of an empty buffer.
Signed-off-by: Tobin Feldman-Fitzthum <tobin@linux.ibm.com>
|
|
Signed-off-by: Mike Maslenkin <mike.maslenkin@gmail.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
|
|
Eui64 is a 64 bit value, so the "L" or "l" is required for
format specifier, otherwise only lower 32 bit will be converted.
Signed-off-by: Mike Maslenkin <mike.maslenkin@gmail.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
|
|
Update retrieval of private guids, protocols, or ppis from a package's
declaration file to use the original path of the module's INF file
rather than the current path. When building the same module multiple
times in the same INF (by override the define's FILE_GUID), a temporary
instance of the module is generated outside the package, causing the
retrieval of private values to fail as the check to access private
values is done by verifying the module to build, is inside the package.
Signed-off-by: Joey Vagedes <Joey.Vagedes@gmail.com>
Cc: Rebecca Cran <rebecca@bsdio.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Bob Feng <bob.c.feng@intel.com>
Cc: Yuwei Chen <yuwei.chen@intel.com>
|
|
Allows ignore lines in the CI YAML file to use git ignore syntax.
This is especially useful for ignore files recursively in directories
like those that may exist in an external dependency folder.
Co-authored-by: Michael Kubacki <michael.kubacki@microsoft.com>
Signed-off-by: Joey Vagedes <joey.vagedes@gmail.com>
|
|
BZ #4456
Fixed a bug which led to an ASSERT due to the USB device
context being maintained after a port reset, but the
underlying XHCI context was uninitialized. Specifically,
Xhc->UsbDevContext is freed after a reset and only
re-allocates the default [0] enpoint transfer ring.
In order to avoid a memory leak, device enumeration is
performed after freeing the necessary buffers. This
allocates the Xhc->UsbDevContext for all endpoints of
the USB device.
Signed-off-by: Britton Chesley <Brit.Chesley@amd.com>
|
|
Pass build variables (those passed to build.py through -D) to the DSC
parser to provide a more accurate parsing of the DSC file.
Signed-off-by: Joey Vagedes <joey.vagedes@gmail.com>
|
|
Signed firmware measurements are allowed to be passed along to in the
TCG and CC event logs according to the TCG PC Client Platform Firware
Profile. The event logs include events that Tcg2Dxe reads from
appropriately GUIDed HOBs, so allow opt/org.tianocode/sp800155evt/%d to
pass along events that the VMM sees fit to provide. One event per
number, starting from 0, increasing by 1 until there are no more
contiguous files.
The VMM may provide reference measurements through UEFI variables that
it references from the SP800-155 event3 structure given the appropriate
RIM locator type, or via URL, etc.
Each event read from fw_cfg, is written one-by-one to
a EFI_HOB_GUID_TYPE HOB created for the event. The name they target
gTcg800155PlatformIdEventHobGuid for the later Dxe driver to use to
extend the event log.
Signed-off-by: Dionna Glaze <dionnaglaze@google.com>
|
|
The TCG_Sp800_155_PlatformId_Event2 and 3 structures both list the
platform model string twice, which is incorrect according to the
TCG PC Client Platform Firmware Profile.
Also add constant definitions for the locator types added in the
December 2023 revision.
Signed-off-by: Dionna Glaze <dionnaglaze@google.com>
|
|
A new contributor has a name not describable by the character set
developed for 1960s US teleprinters, causing the CI to object and
blocking their code from being merged due to the copyright statement.
While we do want to keep the code clean from characters other
contributors cannot trivially reproduce, this should not extend to
requiring intentionally misstating legal claims.
Until we figure out the long-term fix, add an exception for the surname
triggering the failure.
Signed-off-by: Leif Lindholm <quic_llindhol@quicinc.com>
|
|
Consume gEdkiiTcg2AcpiCommunicateBufferHobGuid in Tcg2Acpi
driver. Tcg2Acpi will use the buffer stored in the HOB to
exchange information with Tcg2StandaloneMm by the
MM_COMMUNICATION_PROTOCOL.
Signed-off-by: Dun Tan <dun.tan@intel.com>
|
|
Install a callback of gEfiPeiMemoryDiscoveredPpiGuid to
build the gEdkiiTcg2AcpiCommunicateBufferHobGuid in the
Tcg2ConfigPei PEIM.
The HOB contains a buffer reserved by MmUnblockMemoryLib.
The buffer will be used in Tcg2Acpi driver to retrive
information from standalone mm environment.
Signed-off-by: Dun Tan <dun.tan@intel.com>
|
|
Add a new GUID HOB gEdkiiTcg2AcpiCommunicateBufferHobGuid.
This Tcg2 Acpi Communicate Buffer HOB is used to store the
address of a buffer reserved for Tcg2Acpi driver. The buffer
will be used to retrive information from Standalone mm
environment.
Signed-off-by: Dun Tan <dun.tan@intel.com>
|
|
Consume gEdkiiTcgPhysicalPresenceInterfaceVerHobGuid in
StandaloneMmTcg2PhysicalPresenceLib. This is to avoid
using the dynamic PcdTcgPhysicalPresenceInterfaceVer in
StandaloneMm module.
Signed-off-by: Dun Tan <dun.tan@intel.com>
|
|
Consume gEdkiiTpmInstanceHobGuid in Tcg2StandaloneMm
driver. It's to avoid using dynamic PcdTpmInstanceGuid
in StandaloneMm driver.
Signed-off-by: Dun Tan <dun.tan@intel.com>
|
|
Build following two new HOBs:
gEdkiiTcgPhysicalPresenceInterfaceVerHobGuid
gEdkiiTpmInstanceHobGuid
The two HOBs will be used by Tcg2StandaloneMm driver
to avoid using the related dynamic PCDs.
Signed-off-by: Dun Tan <dun.tan@intel.com>
|
|
Add a new gEdkiiTcgPhysicalPresenceInterfaceVerHobGuid.
This new Guid HOB contains a a string of the Version of
Physical Presence interface which is the same as
PcdTcgPhysicalPresenceInterfaceVer. The HOB is used for
StandaloneMm driver which needs to consume the dynamic
PcdTcgPhysicalPresenceInterfaceVer.
Signed-off-by: Dun Tan <dun.tan@intel.com>
|
