Dandan Bi [Tue, 3 Sep 2019 07:58:40 +0000 (15:58 +0800)]
EmbeddedPkg: Unload image on EFI_SECURITY_VIOLATION
For the LoadImage() boot service, with EFI_SECURITY_VIOLATION retval,
the Image was loaded and an ImageHandle was created with a valid
EFI_LOADED_IMAGE_PROTOCOL, but the image can not be started right now.
This follows UEFI Spec.
But if the caller of LoadImage() doesn't have the option to defer
the execution of an image, we can not treat EFI_SECURITY_VIOLATION
like any other LoadImage() error, we should unload image for the
EFI_SECURITY_VIOLATION to avoid resource leak.
This patch is to do error handling for EFI_SECURITY_VIOLATION explicitly
for the callers in EmbeddedPkg which don't have the policy to defer the
execution of the image.
Add the new introduced terminal types to related setup menu to change
the terminal type from setup. Most platforms would have its own
configure setup menu and they need to change it to support these.
The new introduced terminal types are Linux, XtermR6, VT400 and SCO.
Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Hao A Wu <hao.a.wu@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Dandan Bi <dandan.bi@intel.com> Cc: Liming Gao <liming.gao@intel.com> Signed-off-by: Zhichao Gao <zhichao.gao@intel.com> Reviewed-by: Dandan Bi <dandan.bi@intel.com>
Extend the support types of terminal console driver. New added types
are Linux, XtermR6, VT400 and SCO.
Refer to
https://www.ssh.com/ssh/putty/putty-manuals/0.68/Chapter4.html#config-funkeys
Add the missing VT100+ function keys map.
Add F1-F12 function keys map for Linux, XtermR6, VT400 and SCO.
Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Hao A Wu <hao.a.wu@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Liming Gao <liming.gao@intel.com> Signed-off-by: Zhichao Gao <zhichao.gao@intel.com> Reviewed-by: Ray Ni <ray.ni@intel.com>
A common terminal console software Putty support various types of
keyboard type, such as normal mode, Linux mode, Xterm R6, Vt400,
VT100+ and SCO. Refer to the link:
https://www.ssh.com/ssh/putty/putty-manuals/0.68/Chapter4.html#config-funkeys
Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Hao A Wu <hao.a.wu@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Liming Gao <liming.gao@intel.com> Signed-off-by: Zhichao Gao <zhichao.gao@intel.com> Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
Inorder to support VS2019, we add VS2019 config process
in Setup Batch Files,
Because VS2019 and VS2017 could using same vswhere.exe
to detect the InstallationPath,
So we add the -version as the parameter of vswhere
to get the correct VS2017/VS2019's InstallationPath
v3: In BaseTools\set_vsprefix_envs.bat,
move WINSDK10_PREFIX setting into VCToolsInstallDir check condition.
As is requested in the BZ 2077, add two switches to support setting
compression mode and dictionary size.
(https://bugzilla.tianocore.org/show_bug.cgi?id=2077)
This reverts commit bc9e4194cf3edaf9524c83098ba3f72008c70190.
This change causes the dependent header files are missing in Makefile.
It makes the incremental build not work. So, revert this change.
Cc: Bob Feng<bob.c.feng@Intel.com> Signed-off-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Bob Feng<bob.c.feng@Intel.com>
v4:
The v3 posting didn't do what it promised to do, so do it now for real.
V3 changes:
change to mov instruction (non locking instuction) instead
of xchg to simplify design.
V2 changes:
Add xchg 16 bit instructions to handle sgdt and sidt base
63:48 bits and 47:32 bits.
Add comment to explain why xchg 64bit isnt being used
Split lock happens when a locking instruction is used on mis-aligned data
that crosses two cachelines. If close source platform enables Alignment
Check Exception(#AC), They can hit a double fault due to split lock being
in CpuExceptionHandlerLib.
sigt and sgdt saves 10 bytes to memory, 8 bytes is base and 2 bytes is limit.
The data is mis-aligned, can cross two cacheline, and a xchg
instruction(locking instuction) is being utilize.
Signed-off-by: John E Lofgren <john.e.lofgren@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
UefiCpuPkg: Fix potential spinLock issue in SmmStartupThisAp
Due to needs a tackling the deficiency of the AP API, it's necessary to
ensure that in non-blocking mode previous AP executed command is
finished before starting new one.
To remedy above:
1) execute AcquireSpinLock instead AcquireSpinLockOrFail - this will
ensure time "window" to eliminate potential race condition between
BSP and AP spinLock release in non-blocking mode.
This also will eliminate possibility to start executing new AP
function before last is finished.
2) remove returns EFI_STATUS - EFI_NOT_READY - in new scenario returned
status is not necessary to caller.
Signed-off-by: Damian Nikodem <damian.nikodem@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Ray Ni <ray.ni@intel.com> Cc: Benjamin You <benjamin.you@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Krzysztof Rusocki <krzysztof.rusocki@intel.com>
Carsey, Jaben [Wed, 21 Aug 2019 20:40:13 +0000 (04:40 +0800)]
Maintainers.txt update for ShellPkg
removing myself from maintainer
promoting Zhichao
Cc: Ray Ni <ray.ni@intel.com> Cc: Zhichao Gao <Zhichao.gao@intel.com> Cc: Mike Kinney <michael.d.kinney@intel.com> Signed-off-by: Jaben Carsey <jaben.carsey@intel.com> Reviewed-by: Ray Ni <ray.ni@intel.com> Reviewed-by: Zhichao Gao <zhichao.gao@intel.com>
Michael Johnson [Wed, 12 Jun 2019 22:59:08 +0000 (15:59 -0700)]
EmulatorPkg/TimerLib: Add missing GetTimeInNanoSecond function
Add GetTimeInNanoSecond, already declared in the TimerLib API,
to EmulatorPkg implementations of TimerLib.
Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Andrew Fish <afish@apple.com> Cc: Ray Ni <ray.ni@intel.com> Signed-off-by: Michael Johnson <michael.johnson@intel.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com> Reviewed-by: Ray Ni <ray.ni@intel.com>
Ray Ni [Sun, 25 Aug 2019 22:42:05 +0000 (06:42 +0800)]
UefiCpuPkg: Remove PcdCpuSmmStaticPageTable
PcdCpuSmmRestrictedMemoryAccess is introduced to replace
PcdCpuSmmStaticPageTable.
Signed-off-by: Ray Ni <ray.ni@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
The current CopyFileOnChange() method in Misc.py does not
accept the input SrcFile parameter as a dir, but the method
does not check the SrcFile is dir or not. This patch is to
add more input parameter type checking and error message output
for method CopyFileOnChange.
Cc: Liming Gao <liming.gao@intel.com> Cc: Bob Feng <bob.c.feng@intel.com> Signed-off-by: Steven Shi <steven.shi@intel.com> Reviewed-by: Bob Feng <bob.c.feng@intel.com>
StandaloneMmPkg: make package .DSC file build again
The StandaloneMmPkg .DSC file went out of sync with the changes
applied to the package when I enabled this code on the Synquacer
platform in edk2-platforms. So apply the necessary changes to make
this package build in isolation.
Cc: Hao A Wu <hao.a.wu@intel.com> Cc: Ray Ni <ray.ni@intel.com> Signed-off-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
for Dict={},There are pitfalls in the way this default parameter is set
and Dict is not used in functions, other functions have these two cases,
I will change some incorrect parameter defaults
This patch is going to fix this issue
Cc: Liming Gao <liming.gao@intel.com> Cc: Bob Feng <bob.c.feng@intel.com> Signed-off-by: Zhiju.Fan <zhijux.fan@intel.com> Reviewed-by: Bob Feng <bob.c.feng@intel.com>
build -p MdeModulePkg\MdeModulePkg.dsc -a IA32 -m
MdeModulePkg\Universal\PCD\Pei\Pcd.inf
Error:
AttributeError: 'PlatformInfo' object has no attribute
'DynamicPcdList'
The DSC data object used to build a separate module today
is PlatformInfo rather than PlatformAutoGen
'PlatformAutoGen' object has attribute 'DynamicPcdList'
This patch is going to fixed this issue
Cc: Liming Gao <liming.gao@intel.com> Cc: Bob Feng <bob.c.feng@intel.com> Signed-off-by: Zhiju.Fan <zhijux.fan@intel.com> Reviewed-by: Bob Feng <bob.c.feng@intel.com>
SecurityPkg Tcg2Config: Move common definitions to new Tcg2Internal.h
Common definitions are not consumed by VFR. They are not required to be
defined in Tcg2ConfigNvData.h with WA way. New shared internal header
file is added to include those common definitions.
MdeModulePkg/SerialDxe: Update the file Guid in SerialDxe.inf
FILE GUID in MdeModulePkg\Universal\SerialDxe\SerialDxe.inf is
same to the one gEdkiiSerialPortLibVendorGuid.
Its FILE GUID should be updated to another value.
https://bugzilla.tianocore.org/show_bug.cgi?id=2144
Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Hao A Wu <hao.a.wu@intel.com> Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com> Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
EmulatorPkg/PeiEmuSerialPortLib: Update the INF file Guid
FILE GUID in PeiEmuSerialPortLib.inf is same to
MdePkg\Library\BaseSerialPortLibNull\BaseSerialPortLibNull.inf.
PeiEmuSerialPortLib.inf FILE_GUID should be updated.
https://bugzilla.tianocore.org/show_bug.cgi?id=2144
Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Andrew Fish <afish@apple.com> Cc: Ray Ni <ray.ni@intel.com> Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com> Reviewed-by: Ray Ni <ray.ni@Intel.com>
SecurityPkg/SecurityPkg.dec: Update TcgPpVendorLib.h to Tcg2PpVendorLib.h
Tcg2PpVendorLib library class header should be
Include/Library/Tcg2PpVendorLib.h instead of
Include/Library/TcgPpVendorLib.h.
https://bugzilla.tianocore.org/show_bug.cgi?id=2146
Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Jian Wang <jian.j.wang@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com> Reviewed-by: Jian J Wang <jian.j.wang@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
MdePkg/MdePkg.dec: Update PciSegmentLib.h to S3PciSegmentLib.h
S3PciSegmentLib library class header file should be
Include/Library/S3PciSegmentLib.h instead of
Include/Library/PciSegmentLib.h.
https://bugzilla.tianocore.org/show_bug.cgi?id=2146
Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Liming Gao <liming.gao@intel.com> Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com>
Ye Ting [Mon, 16 Sep 2019 09:06:33 +0000 (17:06 +0800)]
Change package reviewer of CryptoPkg.
Remove Ting Ye from reviewer role and add Xiaoyu Lu as new reviewer of CryptoPkg.
Cc: Jian J Wang <jian.j.wang@intel.com> Signed-off-by: Ting Ye <ting.ye@intel.com> Reviewed-by: Jian J Wang <jian.j.wang@intel.com> Reviewed-by: Xiaoyu Lu <xiaoyux.lu@intel.com>
After upgrading the CI system we use for building the ArmVirtPkg
targets, we started seeing failures due to the NOOPT build running
out of space when using the CLANG38 toolchain definition combined
with clang 7.
We really don't want to increase the FD/FV sizes in general to
accommodate this, so parameterize the relevant quantities and
increase them by 50% for NOOPT builds.
Ray Ni [Thu, 5 Sep 2019 22:18:47 +0000 (06:18 +0800)]
UefiCpuPkg/PiSmmCpu: Enable 5L paging only when phy addr line > 48
Today's behavior is to enable 5l paging when CPU supports it
(CPUID[7,0].ECX.BIT[16] is set).
The patch changes the behavior to enable 5l paging when two
conditions are both met:
1. CPU supports it;
2. The max physical address bits is bigger than 48.
Because 4-level paging can support to address physical address up to
2^48 - 1, there is no need to enable 5-level paging with max
physical address bits <= 48.
Signed-off-by: Ray Ni <ray.ni@intel.com> Cc: Liming Gao <liming.gao@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> Cc: Laszlo Ersek <lersek@redhat.com>
Feng, Bob C [Wed, 11 Sep 2019 10:01:56 +0000 (18:01 +0800)]
BaseTools: Fixed a bug of IgnoreAutoGen
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2080
After checking that if the build can't
ignore Autogen due to there is no compelet autogen files,
the build tool need to do a completely Autogen.
This patch is to fix a bug that if AutoGen
can't be skiped, the SkipAutoGen flag
need to set to False
Provide a macro for compile time assertions.
Equivalent to C11 static_assert macro from assert.h.
Signed-off-by: Vitaly Cheptsov <vit9696@protonmail.com> Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com> Reviewed-by: Michael Kinney <michael.d.kinney@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Acked-by: Jiewen Yao <jiewen.yao@intel.com>
BaseTools: Robustness for multiple build environments
When building BaseTools, GNUmakefile builds create directory
BaseTools/Source/C/libs/. On the other hand, Makefile builds use libs
as an nmake pseudo target, so it either must NOT exist as a file or
directory, OR it must phony dependency like .PHONY. The latter
solution conflicts with NmakeSubdirs.py. Therefore, I make it go away
in the cleanall target. I could also add it to the clean target, but
it strikes me that cleanall should be more forceful.
This patch enable --genfds-multi-thread to default build.
This patch keep --genfds-multi-thread build option for
compatibility and also add a new build option to disable
genfds-multi-thread as --no-genfds-multi-thread.
Hii Pcd links to a efi variable. The Variable
default value is evaluated by related Hii Pcds
setting. If multiple Hii Pcds links to one variable,
and the offset overlap, the later Hii Pcds setting
should be effective. There is a tool bug that is if
the Pcds are in different dsc file which are included
into the platform dsc file, build tool does not get
the Pcds relative position correctly. That means
build tool does not know which Pcd is the later one. As
the result, the variable default value will be incorrect.
Ray Ni [Mon, 26 Aug 2019 18:14:45 +0000 (02:14 +0800)]
MdePkg/BluetoothLeConfig.h: Add type EfiBluetoothSmpPeerAddressList
To support auto-connection, EFI_BLUETOOTH_LE_SMP_DATA_TYPE needs to
add a new data type EfiBluetoothSmpPeerAddressList which associates
with a list of Bluetooth per address connected before.
This new data type was added in UEFI spec 2.7b.
Signed-off-by: Ray Ni <ray.ni@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com>
We are going to add keyword (lower case) 'static' for functions and global
variables which are not referenced outside their current C file.
However, the ECC tool only recognizes upper case 'STATIC' at this moment.
This will lead to issue reports for new codes that follow the above coding
style.
This patch is going to handle lower case 'static'
Cc: Liming Gao <liming.gao@intel.com> Cc: Bob Feng <bob.c.feng@intel.com> Signed-off-by: Zhiju.Fan <zhijux.fan@intel.com> Reviewed-by: Bob Feng <bob.c.feng@intel.com>
OvmfPkg/EnrollDefaultKeys: clean up Base64Decode() retval handling
Since commit 35e242b698cd ("MdePkg/BaseLib: rewrite Base64Decode()",
2019-07-16), Base64Decode() guarantees that DestinationSize is larger on
output than it was on input if RETURN_BUFFER_TOO_SMALL is returned. Clean
up the retval handling for the first Base64Decode() call in
EnrollDefaultKeys, which used to work around the ambiguity in the previous
Base64Decode() interface contract.
ArmVirtPkg/PlatformBootManagerLib: unload image on EFI_SECURITY_VIOLATION
The LoadImage() boot service is a bit unusual in that it allocates
resources in a particular failure case; namely, it produces a valid
"ImageHandle" when it returns EFI_SECURITY_VIOLATION. This is supposed to
happen e.g. when Secure Boot verification fails for the image, but the
platform policy for the particular image origin (such as "fixed media" or
"removable media") is DEFER_EXECUTE_ON_SECURITY_VIOLATION. The return code
allows platform logic to selectively override the verification failure,
and launch the image nonetheless.
ArmVirtPkg/PlatformBootManagerLib does not override EFI_SECURITY_VIOLATION
for the kernel image loaded from fw_cfg -- any LoadImage() error is
considered fatal. When we simply treat EFI_SECURITY_VIOLATION like any
other LoadImage() error, we leak the resources associated with
"KernelImageHandle". From a resource usage perspective,
EFI_SECURITY_VIOLATION must be considered "success", and rolled back.
Implement this rollback, without breaking the proper "nesting" of error
handling jumps and labels.
Incorporate the stack protector library into the AARCH64 build of
the Shell binaries as a NULL library resolution, to avoid build
errors when the compiler injects stack integrity checks.
ArmVirtPkg/ArmVirtPrePiUniCoreRelocatable: revert to PIE linking
In some cases, the CLANG38 toolchain profile in LTO mode emits GOT
based relocations in spite of our attempts to avoid this, by using
hidden visibility, -Bsymbolic etc.
On AARCH64, we managed to work around this by processing the GOT
based relocations in GenFw. As it turns out, the same issue exists
on 32-bit ARM, but unfortunately, we cannot use a similar trick to
get rid of the GOT entry, and the relocation metadata is insufficient
to locate the GOT entry in the binary.
Note that in this particular case, we are interested in PIE linking
only (i.e., producing a .rela section containing dynamic relocations
that the startup code can process directly), and not in position
independent code generation, and by passing the -pie option to the
linker directly using -Wl,-pie (and dropping -shared), we can coerce
the GOLD linker into doing only the former rather than both when it
performs its LTO code generation.
Current logic will skip searching EFI_PEI_CORE_FV_LOCATION_PPI when the
PPI in PpiList having EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST flag,
but platform may pass single PPI in PpiList that should be supported.
Changed the logic to verify PpiList first before checking
EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST flag.
Test: Verified both single EFI_PEI_CORE_FV_LOCATION_PPI and multiple
PPIs in PpiList cases and both can boot with the PeiCore
specified by EFI_PEI_CORE_FV_LOCATION_PPI.
Cc: Eric Dong <eric.dong@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Chasel Chiu <chasel.chiu@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Ray Ni <ray.ni@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com>
BaseTools/GenFw AARCH64: fix up GOT based relative relocations
We take great care to avoid GOT based relocations in EDK2 executables,
primarily because they are pointless - we don't care about things like
the CoW footprint or relocations that target read-only sections, and so
GOT entries only bloat the binary.
However, in some cases (e.g., when building the relocatable PrePi SEC
module in ArmVirtPkg with the CLANG38 toolchain), we may end up with
some GOT based relocations nonetheless, which break the build since
GenFw does not know how to deal with them.
The relocations emitted in this case are ADRP/LDR instruction pairs
that are annotated as GOT based, which means that it is the linker's
job to emit the GOT entry and tag it with an appropriate dynamic
relocation that ensures that the correct absolute value is stored into
the GOT entry when the executable is loaded. This dynamic relocation is
not visible to GenFw, and so populating the PE/COFF relocation section
for these entries is non-trivial.
Since each ADRP/LDR pair refers to a single symbol that is local to the
binary (given that shared libraries are not supported), we can actually
convert the ADRP/LDR pair into an ADRP/ADD pair that produces the symbol
address directly rather than loading it from memory. This leaves the
GOT entry in the binary, but since it is now unused, it is no longer
necessary to emit a PE/COFF relocation entry for it.
Refer to PCI express base specification Reversion 5.0, Version
1.0, Table 7-33, Supported Link Speeds Vector bit 3 indicate
the speed 16 GT/s and bit 4 indicate the speed 32 GT/s.
Add the support to shell command 'pci ...'.
Change the MaxLinkSpeed other values' result from 'Unknown'
to 'Reserved' to make the result align.
Cc: Ray Ni <ray.ni@intel.com> Cc: Oleksiy <oleksiyy@ami.com> Cc: Liming Gao <liming.gao@intel.com> Signed-off-by: Zhichao Gao <zhichao.gao@intel.com> Reviewed-by: Ray Ni <ray.ni@intel.com>
BaseTools: Update GenFw tool to support -e -z option together
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=1727
-e -z option is to generate EFI image with zero debug entry.
It can be used to check the EFI image in DEBUG build.
This fix also supports the case -t -z option together for TE image.
Signed-off-by: Liming Gao <liming.gao@intel.com> Cc: Bob Feng <bob.c.feng@intel.com> Reviewed-by: Feng Bob C <bob.c.feng@intel.com>
The PCD is moved to PcAtChipsetPkg so remove it from
MdeModulePkg.
Signed-off-by: Ray Ni <ray.ni@intel.com> Reviewed-by: Hao A Wu <hao.a.wu@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com> Cc: Jian J Wang <jian.j.wang@intel.com>
Ray Ni [Tue, 27 Aug 2019 23:24:05 +0000 (07:24 +0800)]
PcAtChipsetPkg: add PcdRealTimeClockUpdateTimeout
PcdRealTimeClockUpdateTimeout is now defined in MdeModulePkg.dec.
This is the only reason that causes PcAtChipsetPkg depends on
MdeModulePkg.
Move the PCD from MdeModulePkg.dec to PcAtChipsetPkg.dec removes
such dependency.
Signed-off-by: Ray Ni <ray.ni@intel.com> Reviewed-by: Hao A Wu <hao.a.wu@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com>
Ray Ni [Sun, 25 Aug 2019 22:27:13 +0000 (06:27 +0800)]
UefiCpuPkg: Explain relationship between several SMM PCDs
There are three PCDs that may impact the behavior of each other in
SMM environment:
PcdCpuSmmProfileEnable
PcdHeapGuardPropertyMask in MdeModulePkg
PcdCpuSmmRestrictedMemoryAccess
The patch updates the comments in DEC file to document it.
Signed-off-by: Ray Ni <ray.ni@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Ray Ni [Sun, 25 Aug 2019 22:13:17 +0000 (06:13 +0800)]
UefiCpuPkg/PiSmmCpu: Restrict access per PcdCpuSmmRestrictedMemoryAccess
Today's behavior is to always restrict access to non-SMRAM regardless
the value of PcdCpuSmmRestrictedMemoryAccess.
Because RAS components require to access all non-SMRAM memory, the
patch changes the code logic to honor PcdCpuSmmRestrictedMemoryAccess
so that only when the PCD is true, the restriction takes affect and
page table memory is also protected.
Because IA32 build doesn't reference this PCD, such restriction
always takes affect in IA32 build.
Signed-off-by: Ray Ni <ray.ni@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Ray Ni [Sat, 24 Aug 2019 00:45:09 +0000 (08:45 +0800)]
UefiCpuPkg/PiSmmCpu: Use new PCD PcdCpuSmmRestrictedMemoryAccess
The patch changes PiSmmCpu driver to consume PCD
PcdCpuSmmRestrictedMemoryAccess.
Because the behavior controlled by PcdCpuSmmStaticPageTable in
original code is not changed after switching to
PcdCpuSmmRestrictedMemoryAccess.
The functionality is not impacted by this patch.
Signed-off-by: Ray Ni <ray.ni@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Ray Ni [Fri, 23 Aug 2019 22:45:31 +0000 (06:45 +0800)]
UefiCpuPkg: Add PcdCpuSmmRestrictedMemoryAccess
The patch adds a new X64 only PCD PcdCpuSmmRestrictedMemoryAccess.
The PCD indicates access to non-SMRAM memory is restricted to
reserved, runtime and ACPI NVS type after SmmReadyToLock.
MMIO access is always allowed regardless of the value of this PCD.
Loose of such restriction is only required by RAS components in X64
platforms.
The PCD value is considered as constantly TRUE in IA32 platforms.
When the PCD value is TRUE, page table is initialized to cover all
memory spaces and the memory occupied by page table is protected by
page table itself as read-only.
Signed-off-by: Ray Ni <ray.ni@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
ShellPkg/CommandLib: avoid NULL derefence and memory leak
Since TianoCore EDK2 commit d65f2cea36d1 ("ShellPkg/CommandLib: Locate
proper UnicodeCollation instance") in edk2 the UEFI Shell crashes if EFI
variable PlatformLang is not defined due to dereferencing gUnicodeCollation
gUnicodeCollation (= NULL) in ShellCommandRegisterCommandName().
Furthermore CommandInit() is leaking PlatformLang if
gUnicodeCollation != NULL.
Close the memory leak and use the first UnicodeCollation instance if
PlatfomLang is not defined.
Added checks for return parameters of GetSupportedTypes
function calls in InternalHstiFindAip to improve error handling.
An issue was observed on Dell Poweredge R740, where the Dell
PERC H740P controller UEFI driver returned InfoTypesBuffer = NULL,
InfoTypesBufferCount = 0 and caused an FreePool assert.
Signed-off-by: Jayanth Raghuram <Jayanth.Raghuram@Dell.com> Cc: Wei G Liu <Wei_G_Liu@Dell.com> Reviewed-by: Liming Gao <liming.gao@intel.com>
Current build cache does not store and restore all
types file of Hii/vfr, version and dpx. This patch
adds more file types to support them in build cache.
Cc: Liming Gao <liming.gao@intel.com> Cc: Bob Feng <bob.c.feng@intel.com> Signed-off-by: Steven Shi <steven.shi@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com>
SecPlatformMain is a platform hook function which let platform does
some update. Some platform may adjust SecCoreData->PeiTemporaryRamBase
which caused former saved AllSecPpiList variable invalid.
This patch update the logic to get AllSecPpiList after SecPlatformMain.
If SecPlatformMain() returns no platform-specific PPI list, then there
is nothing to merge, so we don't need "AllSecPpiList" at all.
Cc: Ray Ni <ray.ni@intel.com> Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
This patch is going to fix a regression issue of incremental
build which was introduced by the commit 94459080c.
The changing on INF file will not trigger module rebuild.
Signed-off-by: Bob Feng <bob.c.feng@intel.com> Cc: Liming Gao <liming.gao@intel.com> Cc: Steven Shi <steven.shi@intel.com> Tested-by: Michael D Kinney <michael.d.kinney@intel.com> Acked-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com>
Michael D Kinney [Thu, 22 Aug 2019 02:36:10 +0000 (10:36 +0800)]
EmulatorPkg/Win/Host: Fix SecPrint() log line endings
Update use of SecPrint() to consistently use \n\r for
line endings to fix formatting issues in the debug log.
Cc: Jordan Justen <jordan.l.justen@intel.com> Reviewed-by: Ray Ni <ray.ni@intel.com> Cc: Andrew Fish <afish@apple.com> Tested-by: Tim Lewis <tim.lewis@insyde.com> Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
When UEFI Applications or UEFI Drivers are unloaded,
the PeCoffLoaderUnloadImageExtraAction() needs to unload
the image using FreeLibrary() if the image was successfully
loaded using LoadLibrrayEx().
This is a regression from the Nt32Pkg that supported
unloading applications and drivers as well as loading
the same application or driver multiple times.
Cc: Jordan Justen <jordan.l.justen@intel.com> Reviewed-by: Ray Ni <ray.ni@intel.com> Cc: Andrew Fish <afish@apple.com> Tested-by: Tim Lewis <tim.lewis@insyde.com> Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Current CopyFileOnChange() and SaveFileOnChange() in
BaseTools\Source\Python\Common\Misc.py don't use the dedicated
long file path API to handle the file path strings and cannot
support the long file path copy and save in windows. This patch
enhances them to support the long file path copy and save
correctly.
Cc: Liming Gao <liming.gao@intel.com> Cc: Bob Feng <bob.c.feng@intel.com> Signed-off-by: Steven Shi <steven.shi@intel.com> Reviewed-by: Bob Feng <bob.c.feng@intel.com>
Anthony PERARD [Tue, 13 Aug 2019 11:31:19 +0000 (12:31 +0100)]
OvmfPkg/OvmfXen: use RealTimeClockRuntimeDxe from EmbeddedPkg
A Xen PVH guest doesn't have a RTC that OVMF would expect, so
PcatRealTimeClockRuntimeDxe fails to initialize and prevent the
firmware from finish to boot. To prevent that, we will use
XenRealTimeClockLib which simply always return the same time.
This will work on both Xen PVH and HVM guests.
Anthony PERARD [Tue, 13 Aug 2019 11:31:18 +0000 (12:31 +0100)]
OvmfPkg: Move XenRealTimeClockLib from ArmVirtPkg
Move XenRealTimeClockLib from ArmVirtPkg to OvmfPkg so it can be used
from the OvmfPkg by the following patch, "OvmfPkg/OvmfXen: use
RealTimeClockRuntimeDxe from EmbeddedPkg"
Anthony PERARD [Tue, 13 Aug 2019 11:31:17 +0000 (12:31 +0100)]
OvmfPkg: Introduce XenIoPvhDxe to initialize Grant Tables
XenIoPvhDxe use XenIoMmioLib to reserve some space to be use by the
Grant Tables.
The call is only done if it is necessary, we simply detect if the
guest is PVH, as in this case there is currently no PCI bus, and no
PCI Xen platform device which would start the XenIoPciDxe and allocate
the space for the Grant Tables.
Anthony PERARD [Tue, 13 Aug 2019 11:31:15 +0000 (12:31 +0100)]
OvmfPkg/PlatformBootManagerLib: Use a Xen console for ConOut/ConIn
On a Xen PVH guest, none of the existing serial or console interface
works, so we add a new one, based on XenConsoleSerialPortLib, and
implemented via SerialDxe.
That is a simple console implementation that can work on both PVH
guest and HVM guests, even if it is rarely going to be used on HVM.
Have PlatformBootManagerLib look for the new console, when running as a
Xen guest.
Since we use VENDOR_UART_DEVICE_PATH, fix its description and coding
style.
Anthony PERARD [Tue, 13 Aug 2019 11:31:14 +0000 (12:31 +0100)]
OvmfPkg/OvmfXen: Introduce XenTimerDxe
"OvmfPkg/8254TimerDxe" is replaced with a Xen-specific
EFI_TIMER_ARCH_PROTOCOL implementation. Also remove
8259InterruptControllerDxe as it is not used anymore.
This Timer uses the local APIC timer as time source as it can work on
both a Xen PVH guest and an HVM one.
Based on the "OvmfPkg/8254TimerDxe" implementation.
Anthony PERARD [Tue, 13 Aug 2019 11:31:13 +0000 (12:31 +0100)]
OvmfPkg/OvmfXen: Override PcdFSBClock to Xen vLAPIC timer frequency
PcdFSBClock is used by SecPeiDxeTimerLibCpu, the TimerLib
implementation. It will also be used by XenTimerDxe. Override
PcdFSBClock to match Xen vLAPIC timer frequency.
Anthony PERARD [Tue, 13 Aug 2019 11:31:12 +0000 (12:31 +0100)]
OvmfPkg/PlatformBootManagerLib: Handle the absence of PCI bus on Xen PVH
When running in a Xen PVH guest, there's nothing to do in
PciAcpiInitialization() because there isn't any PCI bus. When the Host
Bridge DID isn't recognised, simply continue. (The value of
PcdOvmfHostBridgePciDevId would be 0 because it isn't set.)
Anthony PERARD [Tue, 13 Aug 2019 11:31:10 +0000 (12:31 +0100)]
OvmfPkg/XenPlatformLib: Cache result for XenDetected
We are going to replace XenDetected() implementation in
PlatformBootManagerLib by the one in XenPlatformLib.
PlatformBootManagerLib's implementation does cache the result of
GetFirstGuidHob(), so we do something similar in XenPlatformLib.
Anthony PERARD [Tue, 13 Aug 2019 11:31:08 +0000 (12:31 +0100)]
OvmfPkg/XenPlatformPei: Reserve VGA memory region, to boot Linux
Linux panic if the VGA region isn't reserved.
When Linux is booted on EFI system, it expects the memory at 0xa0000 to
_not_ be conventional memory. Otherwise a variable isn't initialised
properly and Linux panic when a virtual console/terminal is asked to be
created.
See for more detail:
https://lists.xenproject.org/archives/html/xen-devel/2019-03/msg02139.html
Anthony PERARD [Tue, 13 Aug 2019 11:31:07 +0000 (12:31 +0100)]
OvmfPkg/XenPlatformPei: Rework memory detection
When running as a Xen PVH guest, there is no CMOS to read the memory
size from. Rework GetSystemMemorySize(Below|Above)4gb() so they can
work without CMOS by reading the e820 table.
Rework XenPublishRamRegions to also care for the reserved and ACPI
entry in the e820 table. The region that was added by InitializeXen()
isn't needed as that same entry is in the e820 table provided by
hvmloader.
MTRR settings aren't modified anymore, on HVM it's already done by
hvmloader, on PVH it is supposed to have sane default. MTRR will need
to be done properly but keeping what's already been done by programs
that have run before OVMF will do for now.
Anthony PERARD [Tue, 13 Aug 2019 11:31:06 +0000 (12:31 +0100)]
OvmfPkg/XenPlatformPei: no hvmloader: get the E820 table via hypercall
When the Xen PVH entry point has been used, hvmloader hasn't run and
hasn't prepared an E820 table. The only way left to get an E820 table
is to ask Xen via an hypercall. We keep the result cached to avoid
making a second hypercall which would give the same result.
Anthony PERARD [Tue, 13 Aug 2019 11:31:05 +0000 (12:31 +0100)]
OvmfPkg: Import XENMEM_memory_map hypercall to Xen/memory.h
The informations to make a XENMEM_memory_map hypercall is copied over
from the public header of the Xen Project, with the type name modified
to build on OVMF.
Anthony PERARD [Tue, 13 Aug 2019 11:31:01 +0000 (12:31 +0100)]
OvmfPkg/XenPlatformPei: Reinit XenHypercallLib
The XenPlatformPei needs to make hypercalls, but the XenHypercallLib was
initialised before the HyperPage was ready. Now that XenPlatformPei has
initialised the HyperPage, reinitialise the XenHypercallLib.
Anthony PERARD [Tue, 13 Aug 2019 11:31:00 +0000 (12:31 +0100)]
OvmfPkg/XenHypercallLib: Enable it in PEIM
Allow to use Xen hypercalls earlier, during the PEIM stage, but
XenHypercallLibInit() must be called once the XenInfo HOB is created
with the HyperPage setup.
Change the return value of XenHypercallLibInit so failure can be
detected when the call shouldn't fail, but still have the constructor
always succeed.
Anthony PERARD [Tue, 13 Aug 2019 11:30:57 +0000 (12:30 +0100)]
OvmfPkg/Library/XenPlatformLib: New library
The purpose of XenPlatformLib is to regroup the few functions that are
used in several places to detect if Xen is detected, and to get the
XenInfo HOB.