The VMWare SVGA model now -- since commit 104bd1dc70 in QEMU --
falls back to stdvga (that is, Bochs) if we don't setup VMWare SVGA
FIFO.
To simplify QemuVideoDxe, we don't intend to implement the VMWare SVGA
FIFO setup feature. It means our current VMW SVGA driver code is
basically dead. To simplify the problem, we will replace the old
VMWare SVGA driver to Bochs interface. It should work on all QEMU
version.
The first step for using Bochs interface is to revert old driver.
The VMWare SVGA display device implemented by Qemu (-vga vmware) uses
an I/O-type BAR which is laid out such that some register offsets are
not aligned to the read/write width with which they are expected to be
accessed. However, we will revert the initialization of VMWare SVGA
device later, we don't need such unaligned I/O.
Marcin Wojtas [Fri, 9 Nov 2018 23:01:27 +0000 (07:01 +0800)]
MdeModulePkg/SdMmcPciHcDxe: Allow overriding base clock frequency
Some SdMmc host controllers are run by clocks with different
frequency than it is reflected in Capabilities Register 1.
It is allowed by SDHCI specification ver. 4.2 - if BaseClkFreq
field value of the Capability Register 1 is zero, the clock
frequency must be obtained via another method.
Because the bitfield is only 8 bits wide, a maximum value
that could be obtained from hardware is 255MHz.
In case the actual frequency exceeds 255MHz, the 8-bit BaseClkFreq
member of SD_MMC_HC_SLOT_CAP structure occurs to be not sufficient
to be used for setting the clock speed in SdMmcHcClockSupply
function.
This patch adds new UINT32 array ('BaseClkFreq[]') to
SD_MMC_HC_PRIVATE_DATA structure for specifying
the input clock speed for each slot of the host controller.
All routines that are used for clock configuration are
updated accordingly.
This patch also adds new IN OUT BaseClockFreq field
in the Capability callback of the SdMmcOverride,
protocol which allows to update BaseClkFreq value.
The patch reuses original commit from edk2-platforms: 20f6f144d3a8 ("Marvell/Drivers: XenonDxe: Allow overriding base clock
frequency")
Tomasz Michalec [Fri, 9 Nov 2018 23:01:25 +0000 (07:01 +0800)]
MdeModulePkg/SdMmcPciHcDxe: Add UhsSignaling to SdMmcOverride protocol
Some SD Host Controllers use different values in Host Control 2 Register
to select UHS Mode. This patch adds a new UhsSignaling type routine to
the NotifyPhase of the SdMmcOverride protocol.
UHS signaling configuration is moved to a common, default routine
(SdMmcHcUhsSignaling). After it is executed, the protocol producer
can override the values if needed.
Marcin Wojtas [Fri, 9 Nov 2018 23:01:24 +0000 (07:01 +0800)]
MdeModulePkg/SdMmcPciHcDxe: Add an optional parameter in NotifyPhase
In order to ensure bigger flexibility in the NotifyPhase
routine of the SdMmcOverride protocol, enable using an
optional phase-specific data. This will allow to exchange
more information between the protocol producer driver
and SdMmcPciHcDxe in the newly added callbacks.
Provides PCD selection for FSP Wrapper to support Dispatch
mode. Also PcdFspmBaseAddress should support Dynamic for
recovery scenario (multiple FSP-M binary in flash)
Test: Verified on internal platform and both API and
DISPATCH modes booted successfully.
Cc: Jiewen Yao <Jiewen.yao@intel.com> Cc: Desimone Nathaniel L <nathaniel.l.desimone@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Chasel Chiu <chasel.chiu@intel.com> Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Provides PCD selection for FSP Wrapper to support Dispatch
mode. Also PcdFspmBaseAddress should support Dynamic for
recovery scenario (multiple FSP-M binary in flash)
Test: Verified on internal platform and both API and
DISPATCH modes booted successfully.
Cc: Jiewen Yao <Jiewen.yao@intel.com> Cc: Desimone Nathaniel L <nathaniel.l.desimone@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Chasel Chiu <chasel.chiu@intel.com>
Zhang, Chao B [Sat, 17 Nov 2018 15:40:55 +0000 (23:40 +0800)]
SecurityPkg: TCG Add more Event type
Add more event log type defined in TCG PTP spec 00.51
https://trustedcomputinggroup.org/wp-content/uploads/PC-ClientSpecific_Platform_Profile_for_TPM_2p0_Systems_v51.pdf
Cc: Yao Jiewen <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Zhang, Chao B <chao.b.zhang@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
Ard Biesheuvel [Fri, 16 Nov 2018 22:52:59 +0000 (14:52 -0800)]
ArmVirtPkg/PrePi: clear frame pointer in startup code
When setting up the stack in the startup code and jumping into C code
for the first time, ensure that the frame pointer register is cleared
so that backtraces terminate correctly. Otherwise, output like the
below is shown when encountering an exception on a DEBUG build:
Synchronous Exception at 0x0000000078A14780
PC 0x000078A14780 (0x000078A00000+0x00014780) [ 0] ArmVeNorFlashDxe.dll
PC 0x000078A10634 (0x000078A00000+0x00010634) [ 0] ArmVeNorFlashDxe.dll
PC 0x000078A11CF0 (0x000078A00000+0x00011CF0) [ 0] ArmVeNorFlashDxe.dll
PC 0x000078A11DD0 (0x000078A00000+0x00011DD0) [ 0] ArmVeNorFlashDxe.dll
PC 0x00007BC9D87C (0x00007BC98000+0x0000587C) [ 1] PartitionDxe.dll
PC 0x00007BC99B3C (0x00007BC98000+0x00001B3C) [ 1] PartitionDxe.dll
PC 0x00007F362F50 (0x00007F359000+0x00009F50) [ 2] DxeCore.dll
PC 0x00007BD63BB0 (0x00007BD5B000+0x00008BB0) [ 3] BdsDxe.dll
PC 0x00007BD6EE00 (0x00007BD5B000+0x00013E00) [ 3] BdsDxe.dll
PC 0x00007BD67C70 (0x00007BD5B000+0x0000CC70) [ 3] BdsDxe.dll
PC 0x00007F3724F0 (0x00007F359000+0x000194F0) [ 4] DxeCore.dll
PC 0x00004008FC30
PC 0x000040090130
PC 0x5800F6025800F5E1
Recursive exception occurred while dumping the CPU state
which is rather unhelpful, given that this prevent the remaining debug
output from being printed (register dump, stack dump, fault related
system registers etc)
Ard Biesheuvel [Fri, 16 Nov 2018 22:49:14 +0000 (14:49 -0800)]
ArmPlatformPkg: clear frame pointer in startup code
When setting up the stack in the startup code and jumping into C code
for the first time, ensure that the frame pointer register is cleared
so that backtraces terminate correctly. Otherwise, output like the
below is shown when encountering an exception on a DEBUG build:
Synchronous Exception at 0x0000000078A14780
PC 0x000078A14780 (0x000078A00000+0x00014780) [ 0] ArmVeNorFlashDxe.dll
PC 0x000078A10634 (0x000078A00000+0x00010634) [ 0] ArmVeNorFlashDxe.dll
PC 0x000078A11CF0 (0x000078A00000+0x00011CF0) [ 0] ArmVeNorFlashDxe.dll
PC 0x000078A11DD0 (0x000078A00000+0x00011DD0) [ 0] ArmVeNorFlashDxe.dll
PC 0x00007BC9D87C (0x00007BC98000+0x0000587C) [ 1] PartitionDxe.dll
PC 0x00007BC99B3C (0x00007BC98000+0x00001B3C) [ 1] PartitionDxe.dll
PC 0x00007F362F50 (0x00007F359000+0x00009F50) [ 2] DxeCore.dll
PC 0x00007BD63BB0 (0x00007BD5B000+0x00008BB0) [ 3] BdsDxe.dll
PC 0x00007BD6EE00 (0x00007BD5B000+0x00013E00) [ 3] BdsDxe.dll
PC 0x00007BD67C70 (0x00007BD5B000+0x0000CC70) [ 3] BdsDxe.dll
PC 0x00007F3724F0 (0x00007F359000+0x000194F0) [ 4] DxeCore.dll
PC 0x00004008FC30
PC 0x000040090130
PC 0x5800F6025800F5E1
Recursive exception occurred while dumping the CPU state
which is rather unhelpful, given that this prevent the remaining debug
output from being printed (register dump, stack dump, fault related
system registers etc)
PcdIdentifyMappingPageTablePtr was used to share page
table buffer between modules.
Buf after some changes on 2015/07/17, it was useless
and could be removed.
https://bugzilla.tianocore.org/show_bug.cgi?id=1304
v2:
1.Remove PcdIdentifyMappingPageTablePtr in MdeModulePkg.uni.
2.Update the commit message.
Cc: Star Zeng <star.zeng@intel.com> Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: shenglei <shenglei.zhang@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com>
Shenglei Zhang [Fri, 2 Nov 2018 02:34:58 +0000 (10:34 +0800)]
UnixPkg: Remove UnixPkg and update Maintainers.txt
UnixPkg is deprecated.
The same functionality is supported using the EmulatorPkg.
Please see EmulatorPkg/README for more information about
EmulatorPkg.
https://bugzilla.tianocore.org/show_bug.cgi?id=1291
Cc: Andrew Fish <afish@apple.com> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Leif Lindholm <leif.lindholm@linaro.org> Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com> Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org> Reviewed-by: Liming Gao <liming.gao@intel.com>
shenglei [Wed, 31 Oct 2018 01:43:53 +0000 (09:43 +0800)]
Maintainers.txt: Remove EdkShellPkg and EkdShellBinPkg
Given that EdkShellPkg and EkdShellBinPkg will be removed,
information about them in Maintainers.txt should also be
deleted.
https://bugzilla.tianocore.org/show_bug.cgi?id=1107
https://bugzilla.tianocore.org/show_bug.cgi?id=1108
Cc: Andrew Fish <afish@apple.com> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Leif Lindholm <leif.lindholm@linaro.org> Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com> Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
shenglei [Wed, 31 Oct 2018 03:10:02 +0000 (11:10 +0800)]
Vlv2TbltDevicePkg: Remove EdkShellBinPkg with ShellPkg
Replace EdkShellBinPkg with ShellPkg in PlatformPkg.fdf,
PlatformPkgGcc.fdf, PlatformPkgGccX64.dsc,
PlatformPkgIA32.dsc and PlatformPkgX64.dsc.
https://bugzilla.tianocore.org/show_bug.cgi?id=1108
Cc: David Wei <david.wei@intel.com> Cc: zailiang sun <zailiang.sun@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com> Reviewed-by: David Wei <david.wei@intel.com>
shenglei [Wed, 31 Oct 2018 03:02:41 +0000 (11:02 +0800)]
EmulatorPkg: Remove EdkShellBinPkg in FDF and DEC
Remove EdkShellBinPkg in EmulatorPkg.dec and
EmulatorPkg.fdf.
https://bugzilla.tianocore.org/show_bug.cgi?id=1108
v2: Remove USE_OLD_SHELL because it will not be used.
v4: Remove PcdShellFile in EmulatorPkg.dsc.
https://bugzilla.tianocore.org/show_bug.cgi?id=1298
Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Ruiyu Ni <ruiyu.ni@intel.com> Cc: Andrew Fish <afish@apple.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Ard Biesheuvel [Wed, 14 Nov 2018 19:27:24 +0000 (11:27 -0800)]
ArmPkg/ArmGicDxe ARM: fix encoding for GICv3 interrupt acknowledge
Fix a typo in the 32-bit ARM version of the GICv3 driver, which uses
the wrong system register encoding to access ICC_IAR1, and attempted
to access ICC_IAR0 instead. This results in boot time hangs both
under QEMU emulation and on real hardware.
Ard Biesheuvel [Wed, 7 Nov 2018 13:13:01 +0000 (14:13 +0100)]
MdePkg/BaseIoLibIntrinsicArmVirt ARM: avoid double word loads and stores
BaseIoLibIntrinsicArmVirt was created to prevent LTO from merging
accesses to MMIO regions, resulting in instructions with multiple
output registers that KVM on ARM cannot emulate (since the exception
syndrome information that KVM relies on can only describe a single
output register)
However, using double word loads on ARM amounts to the same thing,
and so code that relies on doing 64-bit MMIO to regions that are
emulated under KVM (such as the GICv3 TYPER register) will still
suffer from the original issue.
So replace ldrd and strd with equivalent two instruction sequences.
FEATURE_CONTROL.Lock bit is controlled by feature
CPU_FEATURE_LOCK_FEATURE_CONTROL_REGISTER. The commit 1ed649 fixes
a bug that when the feature is disabled, the Lock bit is cleared.
But it's a security hole if the bit is cleared when booting OS.
We can argue that platform needs to make sure the value
of PcdCpuFeaturesUserConfiguration should be set properly to make
sure feature CPU_FEATURE_LOCK_FEATURE_CONTROL_REGISTER is enabled.
But it's better to guarantee this in the generic core code.
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> Acked-by: Laszlo Ersek <lersek@redhat.com> Cc: Andrew Fish <afish@apple.com> Cc: Leif Lindholm <leif.lindholm@linaro.org> Cc: Michael D Kinney <michael.d.kinney@intel.com>
The fix is similar to commit ebb6c7633bca47fcd5b460a67e18e4a717ea91cc.
We found that a similar fix should be applied to the NVMe PEI driver as
well. Hence, this one is for the PEI counterpart driver.
According to the the NVM Express spec Revision 1.1, for some commands
(like Get/Set Feature Command, Figure 89 & 90 of the spec), the Memory
Buffer maybe optional although the command opcode indicates there is a
data transfer between host & controller (Get/Set Feature Command, Figure
38 of the spec).
Hence, this commit refine the checks for the 'TransferLength' and
'TransferBuffer' field of the
EDKII_PEI_NVM_EXPRESS_PASS_THRU_COMMAND_PACKET structure to address this
issue.
Cc: Andrew Fish <afish@apple.com> Cc: Leif Lindholm <leif.lindholm@linaro.org> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Liming Gao <liming.gao@intel.com> Cc: Ruiyu Ni <ruiyu.ni@intel.com> Cc: Jiewen Yao <Jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Acked-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Note that the commit now being reverted is technically correct; the only
reason we're reverting it is because it should not have been pushed past
the Soft Feature Freeze for the edk2-stable201811 tag.
Cc: Anthony Perard <anthony.perard@citrix.com> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Julien Grall <julien.grall@linaro.org> Cc: Philippe Mathieu-Daudé <philmd@redhat.com> Cc: yuchenlin <yuchenlin@synology.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1319 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: yuchenlin <yuchenlin@synology.com>
Note that the commit now being reverted is technically correct; the only
reason we're reverting it is because it should not have been pushed past
the Soft Feature Freeze for the edk2-stable201811 tag.
Cc: Anthony Perard <anthony.perard@citrix.com> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Julien Grall <julien.grall@linaro.org> Cc: Philippe Mathieu-Daudé <philmd@redhat.com> Cc: yuchenlin <yuchenlin@synology.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1319 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: yuchenlin <yuchenlin@synology.com>
Note that the commit now being reverted is technically correct; the only
reason we're reverting it is because it should not have been pushed past
the Soft Feature Freeze for the edk2-stable201811 tag.
Cc: Anthony Perard <anthony.perard@citrix.com> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Julien Grall <julien.grall@linaro.org> Cc: Philippe Mathieu-Daudé <philmd@redhat.com> Cc: yuchenlin <yuchenlin@synology.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1319 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: yuchenlin <yuchenlin@synology.com>
Note that the commit now being reverted is technically correct; the only
reason we're reverting it is because it should not have been pushed past
the Soft Feature Freeze for the edk2-stable201811 tag.
Cc: Anthony Perard <anthony.perard@citrix.com> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Julien Grall <julien.grall@linaro.org> Cc: Philippe Mathieu-Daudé <philmd@redhat.com> Cc: yuchenlin <yuchenlin@synology.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1319 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: yuchenlin <yuchenlin@synology.com>
This is a regression issue caused by 684db6da64bc7b5faee4e1174e801c245f563b5c.
In Decode() function, once mOutBuf is fully filled, Decode() should return.
Current logic misses the checker of mOutBuf after while() loop.
This is a regression issue caused by 2ec7953d49677142c5f7552e9e3d96fb406ba0c4.
In Decode() function, once mOutBuf is fully filled, Decode() should return.
Current logic misses the checker of mOutBuf after while() loop.
This is a regression issue caused by 041d89bc0f0119df37a5fce1d0f16495ff905089.
In Decode() function, once mOutBuf is fully filled, Decode() should return.
Current logic misses the checker of mOutBuf after while() loop.
Text format for AcpiEx device path in UEFI Spec:
AcpiEx(HID,CID,UID,HIDSTR,CIDSTR,UIDSTR)
AcpiEx(HID|HIDSTR,(CID|CIDSTR,UID|UIDSTR))(Display Only)
When convert device path to text for AcpiEx device path,
current code check AllowShortcuts parameter to convert
the device path to DisplayOnly text format(shorter text
representation) by mistake.
It should check DisplayOnly parameter.
This commit is to fix this issue.
Cc: Ruiyu Ni <ruiyu.ni@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Dandan Bi <dandan.bi@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com>
Eric Dong [Sat, 10 Nov 2018 02:53:41 +0000 (10:53 +0800)]
UefiCpuPkg/PiSmmCpuDxeSmm: Separate semaphore container.
In current implementation, core and package level sync uses same semaphores.
Sharing the semaphore may cause wrong execution order.
For example:
1. Feature A has CPU_FEATURE_CORE_BEFORE dependency with Feature B.
2. Feature C has CPU_FEATURE_PACKAGE_AFTER dependency with Feature B.
The expected feature initialization order is A B C:
A ---- (Core Depends) ----> B ---- (Package Depends) ----> C
For a CPU has 1 package, 2 cores and 4 threads. The feature initialization
order may like below:
In above case, for thread#4, when it syncs in core level, Wait(S4) * 2 isn't
blocked and [B.Init] runs. But [A.Init] hasn't run in thread#3. It's wrong!
Thread#4 should execute [B.Init] after thread#3 executes [A.Init] because B
core level depends on A.
The reason of the wrong execution order is that S4 is released in thread#1
by calling Release (S1, S2, S3, S4) and in thread #4 by calling
Release (S3, S4).
To fix this issue, core level sync and package level sync should use separate
semaphores.
In above example, the S4 released in Release (S1, S2, S3, S4) should not be the
same semaphore as that in Release (S3, S4).
Related BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=1311
Cc: Laszlo Ersek <lersek@redhat.com> Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com> Acked-by: Laszlo Ersek <lersek@redhat.com>
Eric Dong [Thu, 8 Nov 2018 01:06:33 +0000 (09:06 +0800)]
UefiCpuPkg/RegisterCpuFeaturesLib: Separate semaphore container.
In current implementation, core and package level sync uses same semaphores.
Sharing the semaphore may cause wrong execution order.
For example:
1. Feature A has CPU_FEATURE_CORE_BEFORE dependency with Feature B.
2. Feature C has CPU_FEATURE_PACKAGE_AFTER dependency with Feature B.
The expected feature initialization order is A B C:
A ---- (Core Depends) ----> B ---- (Package Depends) ----> C
For a CPU has 1 package, 2 cores and 4 threads. The feature initialization
order may like below:
In above case, for thread#4, when it syncs in core level, Wait(S4) * 2 isn't
blocked and [B.Init] runs. But [A.Init] hasn't run in thread#3. It's wrong!
Thread#4 should execute [B.Init] after thread#3 executes [A.Init] because B
core level depends on A.
The reason of the wrong execution order is that S4 is released in thread#1
by calling Release (S1, S2, S3, S4) and in thread #4 by calling
Release (S3, S4).
To fix this issue, core level sync and package level sync should use separate
semaphores.
In above example, the S4 released in Release (S1, S2, S3, S4) should not be the
same semaphore as that in Release (S3, S4).
Related BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=1311
Cc: Laszlo Ersek <lersek@redhat.com> Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com> Acked-by: Laszlo Ersek <lersek@redhat.com>
Eric Dong [Fri, 9 Nov 2018 05:20:41 +0000 (13:20 +0800)]
UefiCpuPkg/RegisterCpuFeaturesLib: Adjust Order.
V2 changes:
V1 change has regression which caused by change feature order.
V2 changes logic to detect dependence not only for the
neighborhood features. It need to check all features in the list.
V1 Changes:
In current code logic, only adjust feature position if current
CPU feature position not follow the request order. Just like
Feature A need to be executed before feature B, but current
feature A registers after feature B. So code will adjust the
position for feature A, move it to just before feature B. If
the position already met the requirement, code will not adjust
the position.
This logic has issue when met all below cases:
1. feature A has core or package level dependence with feature B.
2. feature A is register before feature B.
3. Also exist other features exist between feature A and B.
Root cause is driver ignores the dependence for this case, so
threads may execute not follow the dependence order.
Fix this issue by change code logic to adjust feature position
for CPU features which has dependence relationship.
Related BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=1311
Cc: Laszlo Ersek <lersek@redhat.com> Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Ruiyu Ni <Ruiyu.ni@intel.com>
Dandan Bi [Wed, 7 Nov 2018 08:14:22 +0000 (16:14 +0800)]
MdeModulePkg/DisplayEngine: Remove useless NULL ptr check for NewPos
In function UiDisplayMenu, the NewPos ptr which used to point to the
highlight menu entry. It will always point to the menu entry which
need to be highlighted or the gMenuOption menu if the highlight menu
is not found.
So we can remove the NULL ptr check for NewPos in this function.
And add the ASSERT code to avoid if any false positive reports
of NULL pointer dereference issue raised from static analysis.
Cc: Liming Gao <liming.gao@intel.com> Cc: Eric Dong <eric.dong@intel.com> Cc: Star Zeng <star.zeng@intel.com> Cc: Hao Wu <hao.a.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Dandan Bi <dandan.bi@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com>
Line #3 and Line #6 both use EAX as destination register.
Line #c uses EAX and (EAX).
The output operand "=a" tells GCC that EAX is used for output.
But GCC only assumes that EAX will be used in the very last
instruction.
Per GCC document,
"Use the '&' constraint modifier on all output operands that must
not overlap an input. Otherwise, GCC may allocate the output
operand in the same register as an unrelated input operand, on
the assumption that the assembler code consumes its inputs before
producing outputs. This assumption may be false if the assembler
code actually consists of more than one instruction."
"=&a" should be used to tell GCC not use EAX before the assembly.
Jiewen Yao [Sat, 3 Nov 2018 11:59:01 +0000 (19:59 +0800)]
UefiCpuPkg/SmmCpu: Block access-out only when static paging is used
When static paging is disabled, page table for below 4GB is created
and page table for above 4GB is created dynamically in page fault
handler.
Today's implementation only allow SMM access-out to below types of
memory address no matter static paging is enabled or not:
1. Reserved, run time and ACPI NVS type
2. MMIO
But certain platform feature like RAS may need to access other types
of memory from SMM. Today's code blocks these platforms.
This patch simplifies the policy to only block when static paging
is used so that the static paging can be disabled in these platforms
to meet their SMM access-out need.
Setting PcdCpuSmmStaticPageTable to FALSE can disable the static
paging.
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Cc: Eric Dong <eric.dong@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Acked-by: Laszlo Ersek <lersek@redhat.com>
Setting GICD_IROUTERn.IRM and GICD_IROUTERn.{Aff3,Aff2,Aff1,Aff0}
at the same time is nonsensical (see 8.9.13 in the GICv3 spec, which
says of GICD_IROUTERn.IRM that "When this bit is set to 1,
GICD_IROUTER<n>.{Aff3,Aff2,Aff1,Aff0} are UNKNOWN"). There is also no
guarantee that IRM is implemented (see GICD_TYPER.No1N which indicates
whether the implementation supports this or not).
Let's thus not set this bit, as we want all SPIs to be delivered to the
same CPU, and not be broadcast to all of them.
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Ming Huang <ming.huang@linaro.org> Acked-by: Marc Zyngier <marc.zyngier@arm.com>
This issue originates from following patch which allows to enable
paging if PcdImageProtectionPolicy and PcdDxeNxMemoryProtectionPolicy
(in addition to PcdSetNxForStack) are set to enable related features.
Due to above change, PcdImageProtectionPolicy will be set to 0 by
default in many platforms, which, in turn, cause following code in
MdeModulePkg\Core\Dxe\Misc\MemoryProtection.c fail the creation of
notify event of CpuArchProtocol.
The solution is removing the if(...) statement so that the notify
event will always be created and registered. This won't cause
unnecessary code execution because, in the notify event handler,
the related PCDs like
PcdImageProtectionPolicy and
PcdDxeNxMemoryProtectionPolicy
will be checked again before doing related jobs.
Cc: Star Zeng <star.zeng@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Ruiyu Ni <ruiyu.ni@intel.com> Cc: Leif Lindholm <leif.lindholm@linaro.org>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Jian J Wang <jian.j.wang@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com>
Jian J Wang [Sat, 3 Nov 2018 05:58:28 +0000 (13:58 +0800)]
MdeModulePkg/Core: fill logic hole in MemoryProtectionCpuArchProtocolNotify
At the end of of MemoryProtectionCpuArchProtocolNotify there's cleanup
code to free resource. But at line 978, 994, 1005 the function returns
directly. This patch use "goto" to replace "return" to make sure the
resource is freed before exit.
1029: CoreCloseEvent (Event);
1030: return;
There's another memory leak after calling gBS->LocateHandleBuffer() in
the same function:
Status = gBS->LocateHandleBuffer (
ByProtocol,
&gEfiLoadedImageProtocolGuid,
NULL,
&NoHandles,
&HandleBuffer
);
HandleBuffer is allocated in above call but never freed. This patch
will also add code to free it.
Cc: Star Zeng <star.zeng@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Ruiyu Ni <ruiyu.ni@intel.com> Cc: Leif Lindholm <leif.lindholm@linaro.org>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Jian J Wang <jian.j.wang@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com>
Star Zeng [Tue, 6 Nov 2018 13:47:39 +0000 (21:47 +0800)]
Revert "XhciDxe: Use common buffer for AsyncInterruptTransfer"
There is concern at the thread
https://lists.01.org/pipermail/edk2-devel/2018-November/031951.html.
And the time point is a little sensitive as it is near edk2-stable201811.
Star Zeng [Tue, 6 Nov 2018 13:45:25 +0000 (21:45 +0800)]
Revert "EhciDxe: Use common buffer for AsyncInterruptTransfer"
There is concern at the thread
https://lists.01.org/pipermail/edk2-devel/2018-November/031951.html.
And the time point is a little sensitive as it is near edk2-stable201811.
The VMWare SVGA display device implemented by Qemu (-vga vmware) uses
an I/O-type BAR which is laid out such that some register offsets are
not aligned to the read/write width with which they are expected to be
accessed. However, we reverted the initialization of VMWare SVGA device,
we don't need such unaligned I/O.
The VMWare SVGA model now -- since commit 104bd1dc70 in QEMU --
falls back to stdvga (that is, Bochs) if we don't setup VMWare SVGA
FIFO.
To simplify QemuVideoDxe, we don't intend to implement the VMWare SVGA
FIFO setup feature. It means our current VMW SVGA driver code is
basically dead. To simplify the problem, we will replace the old
VMWare SVGA driver to Bochs interface. It should work on all QEMU
version.
The first step for using Bochs interface is to revert old driver.
The VMWare SVGA display device implemented by Qemu (-vga vmware) uses
an I/O-type BAR which is laid out such that some register offsets are
not aligned to the read/write width with which they are expected to be
accessed. However, we will revert the initialization of VMWare SVGA
device later, we don't need such unaligned I/O.
Jiaxin Wu [Mon, 5 Nov 2018 06:52:30 +0000 (14:52 +0800)]
ShellPkg/TftpDynamicCommand: Clarify the retry count option in command.
[-c <retry count>] is to define the number of times to transmit request
packets and wait for a response. The default value is 6. But it doesn't
specify the behavior of zero value. Here, The patch is to clear that:
Set to zero also means to use the default value.
Cc: Carsey Jaben <jaben.carsey@intel.com> Cc: Ye Ting <ting.ye@intel.com> Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>
Fu Siyuan [Tue, 30 Oct 2018 06:49:42 +0000 (14:49 +0800)]
OvmfPkg: Replace obsoleted network drivers from platform DSC/FDF.
V2:
Add missed library instance for NetworkPkg iSCSI driver.
This patch replaces the MdeModulePkg TCP, PXE and iSCSI driver with those
ones in NetworkPkg. These 3 drivers in MdeModulePkg are not being actively
maintained and will be removed from edk2 master soon.
Fu Siyuan [Tue, 30 Oct 2018 06:51:16 +0000 (14:51 +0800)]
Vlv2TbltDevicePkg: Replace obsoleted drivers from platform DSC/FDF.
V2:
Add missed library instance for NetworkPkg iSCSI driver.
This patch replaces the MdeModulePkg TCP, PXE and iSCSI driver with those
ones in NetworkPkg. These 3 drivers in MdeModulePkg are not being actively
maintained and will be removed from edk2 master soon.
Cc: David Wei <david.wei@intel.com> Cc: Mang Guo <mang.guo@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: David Wei <david.wei@intel.com>
Fu Siyuan [Tue, 30 Oct 2018 06:47:33 +0000 (14:47 +0800)]
EmulatorPkg: Replace obsoleted network drivers from platform DSC/FDF.
This patch replaces the MdeModulePkg TCP, PXE and iSCSI driver with those
ones in NetworkPkg. These 3 drivers in MdeModulePkg are not being actively
maintained and will be removed from edk2 master soon.
Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Andrew Fish <afish@apple.com> Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Fu Siyuan [Tue, 30 Oct 2018 06:43:37 +0000 (14:43 +0800)]
Nt32Pkg: Replace obsoleted network drivers from NT32 platform DSC/FDF.
This patch replaces the MdeModulePkg TCP, PXE and iSCSI driver with those
ones in NetworkPkg. These 3 drivers in MdeModulePkg are not being actively
maintained and will be removed from edk2 master soon.
Cc: Ruiyu Ni <ruiyu.ni@intel.com> Cc: Hao Wu <hao.a.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
shenglei [Mon, 5 Nov 2018 03:08:07 +0000 (11:08 +0800)]
CorebootPayloadPkg: Remove EdkShellBinPkg in FDF
Remove EdkShellBinPkg in CorebootPayloadPkg.fdf.
https://bugzilla.tianocore.org/show_bug.cgi?id=1108
v3:Remove FULL_BIN and change SHELL_TYPE from FULL_BIN
to UEFI_BIN.
Cc: Maurice Ma <maurice.ma@intel.com> Cc: Prince Agyeman <prince.agyeman@intel.com> Cc: Benjamin You <benjamin.you@intel.com>
Change-Id: I4db7068a3a1f68a1f6303079b73dc548c9feb2e3
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com> Reviewed-by: Benjamin You <benjamin.you@intel.com>
BobCF [Fri, 2 Nov 2018 05:56:38 +0000 (13:56 +0800)]
BaseTools: Use common cc flag for building PcdValueInit.
V3:
Update the patch to avoid "reduce" function fail.
V2:
Support to extract the common cc flag from a
combined cc flag string. For example
MSFT:*_*_IA32_CC_FLAGS = /D DISABLE_NEW_DEPRECATED_INTERFACES /DDEF_IA32
MSFT:*_*_X64_CC_FLAGS = /DDEF_X64 /D DISABLE_NEW_DEPRECATED_INTERFACES
V1:
Use common cc flags for building PcdValueInit. The common
cc flags include the cc flag which is under common arch and
under all build arches.
Liming Gao [Fri, 2 Nov 2018 15:17:07 +0000 (23:17 +0800)]
BaseTools build_rule.template: Update aslc rule for XCODE tool chain
Update aslc rule to rename the temp output file from .efi to .pecoff.
This change can avoid the conflict .efi file name in output directory.
One is the driver image, another is aslc temp output file.
ShellPkg-ShellApp: Provide fully-qualified path to shell scripts
Provide fully-qualified path to shell scripts
Section 3.6.2 of version 2.2 of the shell specification requires that
the first positional argument (i.e. arg 0) of a shell script resolves
to "the full path name of the script itself."
Ensure that the startup script and any scripts launched by the shell
meet this requirement.
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Jim Dailey <jim_dailey@dell.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
ShellPkg-UefiShellLib: Add a function to fully-qualify paths
Add a function to return a clean, fully-qualified version of some path.
This function handles a (possibly "dirty") input path that may or may
not include a file system reference.
If it does not include a file system reference, then if the input path
does not begin with a forward or backward slash, then the input path is
relative to the current working directory of the current file system.
Otherwise, it is an absolute path within the current file system.
If it does include a file system reference, it may be a reference to the
current or some other file system. If the file system reference is not
immediately followed by a forward or backward slash, then the input path
is relative to the current working directory of the given file system.
Otherwise, it is an absolute path within the given file system.
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Jim Dailey <jim_dailey@dell.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Dong, Eric [Fri, 2 Nov 2018 08:27:48 +0000 (16:27 +0800)]
UefiCpuPkg/MpInitLib: Rollback old change 2a5997f8.
In some special cases, after BSP sends Init-sipi-sipi signal
AP needs more time to start the Ap procedure. In this case
BSP may think AP has finished its task but in fact AP hasn't began
yet.
Rollback former change to keep the status which only be used
when AP really finished task.
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Zhao, ZhiqiangX [Wed, 31 Oct 2018 10:35:47 +0000 (18:35 +0800)]
BaseTools: Check the max size for string PCD.
According to PCD_DATABASE_INIT in
edk2\MdeModulePkg\Include\Guid\PcdDataBaseSignatureGuid.h,
the max size for string PCD should not exceed USHRT_MAX 65535(0xffff).
MdePkg/Base.h: Implement BASE_CR() via OFFSET_OF().
Replace the current NULL pointer dereference to retrieve Field's
offset with a call to OFFSET_OF(). This is implemented via
__builtin_offsetof for GCC and Clang, which eliminates UB caught by
Clang UndefinedBehaviorSanitizer.
Liming Gao [Thu, 1 Nov 2018 14:35:29 +0000 (22:35 +0800)]
BaseTools tools_def.template: Add GCC link script option in ASLDLINK_FLAGS
GCC link script is used to discard the unused section data from ELF image.
ASLDLINK_FLAGS requires it to remove the unnecessary section data, then
GenFw can be used to retrieve the correct data section from ELF image.
Ruiyu Ni [Mon, 22 Oct 2018 09:03:07 +0000 (17:03 +0800)]
MdeModulePkg/PiSmmIpl: Do not reset SMRAM to UC when CPU driver runs
Today's PiSmmIpl implementation initially sets SMRAM to WB to speed
up the SMM core/modules loading before SMM CPU driver runs.
When SMM CPU driver runs, PiSmmIpl resets the SMRAM to UC. It's done
in SmmIplDxeDispatchEventNotify(). COMM_BUFFER_SMM_DISPATCH_RESTART
is returned from SMM core that SMM CPU driver is just dispatched.
Since now the SMRR is widely used to control the SMRAM cache setting.
It's not needed to reset the SMRAM to UC anymore.
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Cc: Michael Kinney <michael.d.kinney@intel.com>
Current implementation failed to parse the multiple TLS record
messages due to the incorrect pointer of TLS record header. This
patch is to resolve that problem.
Cc: Ye Ting <ting.ye@intel.com> Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
The LookupFreeMemRegion() in RuntimeMemAllocate.c is used to look-up
free memory region for runtime resource allocation, which was designed
to support runtime authenticated variable service.
The ReqPages in this function is the required pages to be allocated,
which depends on the malloc() call in internal OpenSSL routines. The
direct offset subtractions on ReqPages may bring possible integer
overflow issue.
This patch is to add the extra parameter checks to remove this possible
overflow risk.
Cc: Ye Ting <ting.ye@intel.com> Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Long Qin <qin.long@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com>
If the contents in 'PreviousFile' and 'File' are the same, call to
"CleanupFileInformation (&PreviousFile);" will free the buffers in 'File'
as well. This will lead to potential memory double free/use after free
issues.
This commit will add additional check to address the above issue.
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Paulo Alcantara <palcantara@suse.de> Reviewed-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
The content within 'File' is the output data for ResolveSymlink(). This
commit will add checks to ensure the content in 'File' is valid.
Otherwise, possible null pointer dereference issue will occur during the
subsequent usage of the data returned by ResolveSymlink().
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Paulo Alcantara <palcantara@suse.de> Reviewed-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
According to the ECMA-167 standard (3rd Edition - June 1997), Section
14.16.1.1, valid values are 1 to 5. All other values will be treated as a
corrupted volume.
This commit will add such check within function ResolveSymlink().
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Paulo Alcantara <palcantara@suse.de> Reviewed-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
Marvin H?user [Sun, 28 Oct 2018 08:51:23 +0000 (16:51 +0800)]
UefiCpuPkg/PiSmmCpuDxeSmm: Fix ASSERT for success.
Index is initialized to MAX_UINT16 as default failure value, which
is what the ASSERT is supposed to test for. The ASSERT condition
however can never return FALSE for INT16 != int, as due to
Integer Promotion[1], Index is converted to int, which can never
result in -1.
Furthermore, Index is used as a for loop index variable inbetween its
initialization and the ASSERT, so the value is unconditionally
overwritten too.
Fix the ASSERT check to compare Index to its upper boundary, which it
will be equal to if the loop was not broken out of on success.
Marvin H?user [Sun, 28 Oct 2018 08:51:22 +0000 (16:51 +0800)]
UefiCpuPkg/MpInitLib: Fix ASSERT for success.
Index is initialized to MAX_UINT16 as default failure value, which
is what the ASSERT is supposed to test for. The ASSERT condition
however can never return FALSE for INT16 != int, as due to
Integer Promotion[1], Index is converted to int, which can never
result in -1.
Furthermore, Index is used as a for loop index variable inbetween its
initialization and the ASSERT, so the value is unconditionally
overwritten too.
Fix the ASSERT check to compare Index to its upper boundary, which it
will be equal to if the loop was not broken out of on success.
The *MemorySpaceMap assigned with NULL (line 1710) value might be
accessed (line 1726/1730) without any sanity check. Although it won't
happen in practice because of line 1722, we still need to add check
against NULL to make static code analyzer happy.
Ruiyu Ni [Thu, 25 Oct 2018 10:09:46 +0000 (18:09 +0800)]
MdeModulePkg/UsbBusPei: Reject descriptor whose length is bad
Today's implementation doesn't check whether the length of
descriptor is valid before using it.
The patch fixes this issue by syncing the similar fix to UsbBusDxe. 70c3c2370a2aefe71cf0f6c1a1e063f7d74e1d79
*MdeModulePkg/UsbBus: Reject descriptor whose length is bad
Additionally the patch also rejects the data when length is
larger than sizeof (PeiUsbDevice->ConfigurationData).
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com>
Ruiyu Ni [Thu, 25 Oct 2018 09:07:12 +0000 (17:07 +0800)]
MdeModulePkg/UsbBusPei: Fix out-of-bound read access to descriptors
Today's implementation reads the Type/Length field in the USB
descriptors data without checking whether the offset to read is
beyond the data boundary.
The patch fixes this issue by syncing the fix in commit 4c034bf62cbc1f3c5f4b5df25de97f0f528132b2
*MdeModulePkg/UsbBus: Fix out-of-bound read access to descriptors
ParsedBytes in UsbBusPei.GetExpectedDescriptor() is different from
Consumed in UsbBusDxe.UsbCreateDesc().
ParsedBytes is the offset of found descriptor while Consumed is
offset of next descriptor of found one.
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com>