Olivier Martin [Wed, 17 Jul 2013 06:23:07 +0000 (06:23 +0000)]
ArmPlatformPkg: Removed the check on the CpuId to release the secondary cores from their mailbox spinning
The idea is to remove the PCD PcdGicPrimaryCoreId to make the port easier (and also to allow changing
the primary boot CPU without adding more platform specific code to UEFI).
There is a risk the mailboxes contain garbage at boot time. But it should be easy enough to clear the
mailboxes when starting UEFI to workaround this limitation.
ArmPkg: Fix UncachedFreeAlignedPages in UncachedMemoryAllocationLib
Route both the setting and restoring of cacheability through DXE Services/GCD
and stop using the CPU AP directly.
The patch also removes all references to the CPU AP which eliminates the need
for a library constructor.
1. Add defines for MAX values for UEFI data types.
2. Remove the #defines and add the extern declarations for gEfiDebugPortVariableGuid and gEfiDebugPortDevicePathGuid.
Star Zeng [Thu, 11 Jul 2013 08:15:47 +0000 (08:15 +0000)]
MdeModulePkg: Add the alignment check for FTW spare area address and length, and add the check for PcdFlashNvStorageVariableSize <= PcdFlashNvStorageFtwSpareSize.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14463 6f19259b-4bc3-4df7-8a09-765794883524
Fu Siyuan [Wed, 10 Jul 2013 05:52:58 +0000 (05:52 +0000)]
Roll back the changes in revision 14294 since it will cause iSCSI security authentication issue. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ouyang Qian <qian.ouyang@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14461 6f19259b-4bc3-4df7-8a09-765794883524
Star Zeng [Wed, 3 Jul 2013 09:24:07 +0000 (09:24 +0000)]
EmulatorPkg: Use FaultTolerantWritePei driver.
1. The signature of working block header needs to be updated to gEdkiiWorkingBlockSignatureGuid because FTW write header and record has be updated and exposed to support crossing archs.
2. PEI variable has been updated to depend on FaultTolerantWritePei to robustly handle crashes during Reclaim(), so add FaultTolerantWritePei.inf in *.dsc and *.fdf.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14457 6f19259b-4bc3-4df7-8a09-765794883524
Star Zeng [Wed, 3 Jul 2013 09:19:47 +0000 (09:19 +0000)]
Nt32Pkg: Use FaultTolerantWritePei driver.
1. The signature of working block header needs to be updated to gEdkiiWorkingBlockSignatureGuid because FTW write header and record has be updated and exposed to support crossing archs.
2. PEI variable has been updated to depend on FaultTolerantWritePei to robustly handle crashes during Reclaim(), so add FaultTolerantWritePei.inf in *.dsc and *.fdf.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14456 6f19259b-4bc3-4df7-8a09-765794883524
Star Zeng [Wed, 3 Jul 2013 09:09:42 +0000 (09:09 +0000)]
SecurityPkg: Variable drivers robustly handle crashes during Reclaim().
PEI variable implementation checks only the variable header signature for validity. This does not seem robust if system crash occurred during previous Reclaim() operation. If the crash occurred while FTW was rewriting the variable FV, the signature could be valid even though the rest of the FV isn't valid.
Solution: PEI variable and early phase(before FTW protocol ready) of DXE variable can check the FTW last write status provided by FaultTolerantWritePei and determine if all or partial variable data has been backed up in spare block, and then use the backed up data.
Star Zeng [Wed, 3 Jul 2013 09:08:40 +0000 (09:08 +0000)]
MdeModulePkg: Variable drivers robustly handle crashes during Reclaim().
PEI variable implementation checks only the variable header signature for validity. This does not seem robust if system crash occurred during previous Reclaim() operation. If the crash occurred while FTW was rewriting the variable FV, the signature could be valid even though the rest of the FV isn't valid.
Solution: Add a FaultTolerantWritePei driver to check and provide the FTW last write status, then PEI variable and early phase(before FTW protocol ready) of DXE variable can check the status and determine if all or partial variable data has been backed up in spare block, and then use the backed up data.
Ari Zigler [Tue, 2 Jul 2013 06:44:27 +0000 (06:44 +0000)]
Fix a bug in Mtftp6 retransmission mechanism of the ACK. Signed-off-by: Ari Zigler <ariz@mellanox.com> Reviewed-by: Ouyang Qian <qian.ouyang@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14450 6f19259b-4bc3-4df7-8a09-765794883524
Olivier Martin [Mon, 1 Jul 2013 14:14:37 +0000 (14:14 +0000)]
ArmPlatformPkg/ArmVExpressLibCTA15-A7: Mapped the extra 1GB of DRAM in the MMU
ARM Versatile Express TC2 Core Tile has two profiles: the 1GB DRAM core tile or
the 2GB DRAM core tile profiles.
By default UEFI assumes, it is the 1GB core tile. In case of 2GB DRAM it declares
this additional 1GB resource system memory to UEFI. But the previous code did
not map this memory in the MMU Page Table.
So, the memory was allocatable by UEFI modules, but was not accessible by the CPU
(because not mapped).
Olivier Martin [Thu, 27 Jun 2013 18:18:24 +0000 (18:18 +0000)]
ArmPkg/BdsLib: Fixed manipulation of the Memory Map returned by GetMemoryMap()
The UEFI specification mandates that software uses the DescriptorSize returned
by the GetMemoryMap() function to find the start of each EFI_MEMORY_DESCRIPTOR
in the MemoryMap array. This allows for future expansion of the EFI_MEMORY_DESCRIPTOR.
jaben carsey [Thu, 27 Jun 2013 16:11:39 +0000 (16:11 +0000)]
ShellPkg: make automatically created shells quit automatically
This creates a new parameter to this shell implementation “_exit” that causes the shell to automatically exit after running the initial specified command line. This also automatically uses that command in the Execute() API.
- Registering a interrupt handler implicitly enables said interrupt. This
is in the UEFI Spec. No need to enable the interrupts a second time.
- Make sure the Timer is completely disabled before configuring it. Only
enable after configuration is complete.
Jordan Justen [Fri, 14 Jun 2013 21:37:44 +0000 (21:37 +0000)]
OvmfPkg: Reduce PcdMaxVariableSize with secure boot to avoid assert
r14252 causes OVMF to crash if SECURE_BOOT_ENABLE is set,
because PcdMaxVariableSize is set to a larger value than
required. In other platforms, 0x2000 seems to be sufficient.
Reported-by: Gary Ching-Pang Lin <glin@suse.com> Signed-off-by: Jordan Justen <jordan.l.justen@intel.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Tested-by: Laszlo Ersek <lersek@redhat.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14423 6f19259b-4bc3-4df7-8a09-765794883524
Laszlo Ersek [Fri, 14 Jun 2013 07:40:59 +0000 (07:40 +0000)]
OvmfPkg: VirtioNetDxe: fix some build errors emitted by Visual Studio
These were found with the gcc-4.4 option "-Wconversion" after Jordan
reported the build failure under Visual Studio. The patch was originally
posted to edk2-devel as "silence.patch":
tye1 [Wed, 29 May 2013 05:30:13 +0000 (05:30 +0000)]
Though the comment of RandomSeed() states it should return FALSE if there is not enough entropy for random generation, the function always returns TRUE. This commit checks the status of pseudorandom number generator to match the comment.
Signed-off-by: Gary Ching-Pang Lin <glin@suse.com> Reviewed-by: Long Qin <qin.long@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14392 6f19259b-4bc3-4df7-8a09-765794883524
OvmfPkg's file-based NvVar storage is read back as follows at boot (all
paths under OvmfPkg/Library/):
PlatformBdsPolicyBehavior() [PlatformBdsLib/BdsPlatform.c]
PlatformBdsRestoreNvVarsFromHardDisk()
VisitAllInstancesOfProtocol
for each simple file system:
VisitingFileSystemInstance()
ConnectNvVarsToFileSystem() [NvVarsFileLib/NvVarsFileLib.c]
LoadNvVarsFromFs() [NvVarsFileLib/FsAccess.c]
ReadNvVarsFile()
+-------------> SerializeVariablesSetSerializedVariables() [SerializeVariablesLib/SerializeVariablesLib.c]
| SerializeVariablesIterateInstanceVariables()
| +-------------> IterateVariablesInBuffer()
| | for each loaded / deserialized variable:
| +-|-----------------> IterateVariablesCallbackSetSystemVariable()
| | | gRT->SetVariable()
| | |
| | IterateVariablesInBuffer() stops processing variables as soon as the
| | first error is encountered from the callback function.
| |
| | In this case the callback function is
| IterateVariablesCallbackSetSystemVariable(), selected by
SerializeVariablesSetSerializedVariables().
The result is that no NvVar is restored from the file after the first
gRT->SetVariable() failure.
On my system such a failure
- never happens in an OVMF build with secure boot disabled,
- happens *immediately* with SECURE_BOOT_ENABLE, because the first
variable to restore is "AuthVarKeyDatabase".
"AuthVarKeyDatabase" has the EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS
attribute set. Since the loop tries to restore it before any keys (PK, KEK
etc) are enrolled, gRT->SetVariable() rejects it with
EFI_SECURITY_VIOLATION. Consequently the NvVar restore loop terminates
immediately, and we never reach non-authenticated variables such as
Boot#### and BootOrder.
Until work on KVM-compatible flash emulation converges between qemu and
OvmfPkg, improve the SECURE_BOOT_ENABLE boot experience by masking
EFI_SECURITY_VIOLATION in the callback:
- authenticated variables continue to be rejected same as before, but
- at least we allow the loop to progress and restore non-authenticated
variables, for example boot options.
lzeng14 [Thu, 23 May 2013 02:56:41 +0000 (02:56 +0000)]
Move the memory allocation and variable set to BdsEntry, use VariableLock protocol to lock the L”PerfDataMemAddr” variable and prevent malware to update it.
Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14386 6f19259b-4bc3-4df7-8a09-765794883524
niruiyu [Mon, 20 May 2013 07:04:56 +0000 (07:04 +0000)]
Remove the complex buffer since the _LOCK_VARIABLE won't be allowed after leaving DXE phase.
Add the variable name size check in the RequestToLock wrapper.
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14377 6f19259b-4bc3-4df7-8a09-765794883524
sfu5 [Fri, 17 May 2013 08:05:01 +0000 (08:05 +0000)]
Fix a bug that “SecureBoot” varaible will be updated to NV+AT attribute incorrectly. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ni Ruiyu <ruiyu.ni@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14375 6f19259b-4bc3-4df7-8a09-765794883524
sfu5 [Fri, 17 May 2013 07:03:49 +0000 (07:03 +0000)]
Pop up error message when user tries to enroll an invalid certificate file into KEK/DB/DBX. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14373 6f19259b-4bc3-4df7-8a09-765794883524