Jordan Justen [Fri, 14 Jun 2013 21:37:44 +0000 (21:37 +0000)]
OvmfPkg: Reduce PcdMaxVariableSize with secure boot to avoid assert
r14252 causes OVMF to crash if SECURE_BOOT_ENABLE is set,
because PcdMaxVariableSize is set to a larger value than
required. In other platforms, 0x2000 seems to be sufficient.
Reported-by: Gary Ching-Pang Lin <glin@suse.com> Signed-off-by: Jordan Justen <jordan.l.justen@intel.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Tested-by: Laszlo Ersek <lersek@redhat.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14423 6f19259b-4bc3-4df7-8a09-765794883524
Laszlo Ersek [Fri, 14 Jun 2013 07:40:59 +0000 (07:40 +0000)]
OvmfPkg: VirtioNetDxe: fix some build errors emitted by Visual Studio
These were found with the gcc-4.4 option "-Wconversion" after Jordan
reported the build failure under Visual Studio. The patch was originally
posted to edk2-devel as "silence.patch":
tye1 [Wed, 29 May 2013 05:30:13 +0000 (05:30 +0000)]
Though the comment of RandomSeed() states it should return FALSE if there is not enough entropy for random generation, the function always returns TRUE. This commit checks the status of pseudorandom number generator to match the comment.
Signed-off-by: Gary Ching-Pang Lin <glin@suse.com> Reviewed-by: Long Qin <qin.long@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14392 6f19259b-4bc3-4df7-8a09-765794883524
OvmfPkg's file-based NvVar storage is read back as follows at boot (all
paths under OvmfPkg/Library/):
PlatformBdsPolicyBehavior() [PlatformBdsLib/BdsPlatform.c]
PlatformBdsRestoreNvVarsFromHardDisk()
VisitAllInstancesOfProtocol
for each simple file system:
VisitingFileSystemInstance()
ConnectNvVarsToFileSystem() [NvVarsFileLib/NvVarsFileLib.c]
LoadNvVarsFromFs() [NvVarsFileLib/FsAccess.c]
ReadNvVarsFile()
+-------------> SerializeVariablesSetSerializedVariables() [SerializeVariablesLib/SerializeVariablesLib.c]
| SerializeVariablesIterateInstanceVariables()
| +-------------> IterateVariablesInBuffer()
| | for each loaded / deserialized variable:
| +-|-----------------> IterateVariablesCallbackSetSystemVariable()
| | | gRT->SetVariable()
| | |
| | IterateVariablesInBuffer() stops processing variables as soon as the
| | first error is encountered from the callback function.
| |
| | In this case the callback function is
| IterateVariablesCallbackSetSystemVariable(), selected by
SerializeVariablesSetSerializedVariables().
The result is that no NvVar is restored from the file after the first
gRT->SetVariable() failure.
On my system such a failure
- never happens in an OVMF build with secure boot disabled,
- happens *immediately* with SECURE_BOOT_ENABLE, because the first
variable to restore is "AuthVarKeyDatabase".
"AuthVarKeyDatabase" has the EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS
attribute set. Since the loop tries to restore it before any keys (PK, KEK
etc) are enrolled, gRT->SetVariable() rejects it with
EFI_SECURITY_VIOLATION. Consequently the NvVar restore loop terminates
immediately, and we never reach non-authenticated variables such as
Boot#### and BootOrder.
Until work on KVM-compatible flash emulation converges between qemu and
OvmfPkg, improve the SECURE_BOOT_ENABLE boot experience by masking
EFI_SECURITY_VIOLATION in the callback:
- authenticated variables continue to be rejected same as before, but
- at least we allow the loop to progress and restore non-authenticated
variables, for example boot options.
lzeng14 [Thu, 23 May 2013 02:56:41 +0000 (02:56 +0000)]
Move the memory allocation and variable set to BdsEntry, use VariableLock protocol to lock the L”PerfDataMemAddr” variable and prevent malware to update it.
Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14386 6f19259b-4bc3-4df7-8a09-765794883524
niruiyu [Mon, 20 May 2013 07:04:56 +0000 (07:04 +0000)]
Remove the complex buffer since the _LOCK_VARIABLE won't be allowed after leaving DXE phase.
Add the variable name size check in the RequestToLock wrapper.
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14377 6f19259b-4bc3-4df7-8a09-765794883524
sfu5 [Fri, 17 May 2013 08:05:01 +0000 (08:05 +0000)]
Fix a bug that “SecureBoot” varaible will be updated to NV+AT attribute incorrectly. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ni Ruiyu <ruiyu.ni@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14375 6f19259b-4bc3-4df7-8a09-765794883524
sfu5 [Fri, 17 May 2013 07:03:49 +0000 (07:03 +0000)]
Pop up error message when user tries to enroll an invalid certificate file into KEK/DB/DBX. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14373 6f19259b-4bc3-4df7-8a09-765794883524
niruiyu [Fri, 17 May 2013 03:49:35 +0000 (03:49 +0000)]
Add EDKII_VARIABLE_LOCK_PROTOCOL and the implementation in MdeModulePkg variable drivers.
Add code in BdsDxe driver to call the protocol to mark the read-only variables defined in the UEFI Spec.
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Guo Dong <guo.dong@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14372 6f19259b-4bc3-4df7-8a09-765794883524
lzeng14 [Thu, 16 May 2013 07:35:30 +0000 (07:35 +0000)]
Separate memory allocation for FPDT S3 performance table and boot performance table, save S3 performance table pointer to LockBox in FirmwarePerformanceDxe. Then FirmwarePerformancePei can use the pointer in LockBox.
Tested with the e1000, ne2k_pci, pcnet, rtl8139, and virtio iPXE UEFI
oprom drivers distributed with qemu-1.5.0-rc1. Also tested with Intel's
e1000 driver.
jljusten [Wed, 15 May 2013 18:20:39 +0000 (18:20 +0000)]
OvmfPkg: enable the generic network stack by default
DHCP, PXE, and StdLib socket apps are enabled in OVMF by the sum of:
(a) a UEFI NIC driver,
(b) the generic network stack.
The only choice for (a) used to be the proprietary Intel E1000 driver,
which is cumbersome to obtain and enable.
The iPXE UEFI NIC drivers packaged with qemu-1.5 cover (a) for each NIC
type supported by qemu, and are easy to obtain & configure, even for
earlier qemu versions. Therefore enable (b) per default as well.
This doesn't take up much space; the binaries (b) adds to the firmware
don't seem to need -D FD_SIZE_2MB.
Intel's e1000 driver remains an option, requested by the -D E1000_ENABLE
build flag.
oliviermartin [Wed, 15 May 2013 08:44:59 +0000 (08:44 +0000)]
EmbeddedPkg/SerialPortExtLib.h: Changed SerialPortSetAttributes() prototype to return the set value(s)
To be compliant with the UEFI specification it is required to update SERIAL_IO_MODE with the values set.
This prototype change allows to get the value used inside SerialPortSetAttributes().
darylm503 [Wed, 15 May 2013 01:59:11 +0000 (01:59 +0000)]
StdLib/LibC/Locale/multibyte_Utf8.c: Fix obscure corner cases in wide to multibyte and multibyte to wide character conversions. The majority of problems center around the interpretation of the Length or Limit parameter when the Destination parameter is NULL.
DecodeOneStateful: Properly handle combinations of Src, Dest, or Len being NULL or 0.
EncodeUtf8: Do not zero-terminate the result string in this worker function.
mbsrtowcs: Remove test for **src == '\0', as per ISO/IEC 9899:199409. Allows "".
wcsrtombs: The C Language standard, ISO/IEC 9899:199409, states that the wcsrtombs() function will stop before encountering the terminating NUL character only if Dest is NOT NULL. This implies that if Dest is NULL, the Limit parameter will be ignored. In order to avoid system hangs, if Dest is NULL a Limit value of ASCII_STRING_MAX is automatically used. Also fixed a typo in the function header comment.
With these changes, StdLib now passes all of the C Language Standards Compliance Tests for ISO/IEC 9899:199409 (C95).
oliviermartin [Tue, 14 May 2013 23:50:33 +0000 (23:50 +0000)]
EmulatorPkg/(Pei|Dxe)EmuSerialPortLib: Remove the SerialPortExtLib functions from SerialPortLib
SerialPortSetControl, SerialPortGetControl and SerialPortSetAttributes are functions
of the SerialPortExtLib library interface. They should not be implemented by the
SerialPortLib library.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Olivier Martin <Olivier.martin@arm.com> Reviewed-by: Andrew Fish <afish@apple.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14357 6f19259b-4bc3-4df7-8a09-765794883524
jljusten [Tue, 14 May 2013 15:57:55 +0000 (15:57 +0000)]
OvmfPkg: VirtioLib: populate the Available Ring correctly
The descriptor table (also known as "queue") consists of descriptors. (The
corresponding type in the code is VRING_DESC.)
An individual descriptor describes a contiguous buffer, to be transferred
uni-directionally between host and guest.
Several descriptors in the descriptor table can be linked into a
descriptor chain, specifying a bi-directional scatter-gather transfer
between host and guest. Such a descriptor chain is also known as "virtio
request".
(The descriptor table can host sereval descriptor chains (in-flight virtio
requests) in parallel, but the OVMF driver supports at most one chain, at
any point in time.)
The first descriptor in any descriptor chain is called "head descriptor".
In order to submit a number of parallel requests (= a set of independent
descriptor chains) from the guest to the host, the guest must put *only*
the head descriptor of each separate chain onto the Available Ring.
VirtioLib currently places the head of its one descriptor chain onto the
Available Ring repeatedly, once for each single (head *or* dependent)
descriptor in said descriptor chain. If the descriptor chain comprises N
descriptors, this error amounts to submitting the same entire chain N
times in parallel.
Available Ring Descriptor table
Ptr to head ----> Desc#0 (head of chain)
Ptr to head --/ Desc#1 (next in same chain)
... / ...
Ptr to head / Desc#(N-1) (last in same chain)
Anatomy of a single virtio-blk READ request (a descriptor chain with three
descriptors):
payload to be filled in by host:
VirtioAppendDesc PhysAddr=3B934C00 Size=32768 Flags=3 Head=1232 Next=1233
host status, to be filled in by host:
VirtioAppendDesc PhysAddr=3FBC604F Size=1 Flags=2 Head=1232 Next=1234
Processing on the host side -- the descriptor chain is processed three
times in parallel (its head is available to virtqueue_pop() thrice); the
same chain is submitted/collected separately to/from AIO three times:
virtio_blk_rw_complete req REQ#0 ret 0
virtio_blk_req_complete req REQ#0 status 0
virtio_blk_rw_complete req REQ#1 ret 0
virtio_blk_req_complete req REQ#1 status 0
virtio_blk_rw_complete req REQ#2 ret 0
virtio_blk_req_complete req REQ#2 status 0
On my Thinkpad T510 laptop with RHEL-6 as host, this probably leads to
simultaneous DMA transfers targeting the same RAM area. Even though the
source of each transfer is identical, the data is corrupted in the
destination buffer -- the CRC32 calculated over the buffer varies, even
though the origin of the transfers is the same, never rewritten LBA.
The problem is invisible on my HP Z400 workstation.
Fix the request submission by:
- building the only one descriptor chain supported by VirtioLib always at
the beginning of the descriptor table,
- ensuring the head descriptor of this chain is put on the Available Ring
only once,
- requesting the virtio spec's language to be cleaned up
<http://lists.linuxfoundation.org/pipermail/virtualization/2013-April/024032.html>.
Available Ring Descriptor table
Ptr to head ----> Desc#0 (head of chain)
Desc#1 (next in same chain)
...
Desc#(N-1) (last in same chain)
sfu5 [Tue, 14 May 2013 06:25:39 +0000 (06:25 +0000)]
Add Copyright notices and comments for Red Hat contributor. Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14355 6f19259b-4bc3-4df7-8a09-765794883524
sfu5 [Tue, 14 May 2013 03:01:51 +0000 (03:01 +0000)]
Fix bug in PXE driver: memory may be freed before use. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Ouyang Qian <qian.ouyang@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14354 6f19259b-4bc3-4df7-8a09-765794883524
oliviermartin [Sun, 12 May 2013 23:56:35 +0000 (23:56 +0000)]
ArmPkg/BdsLinuxFdt.c: Fix creation of 'cpu' and 'psci' device tree nodes.
* Fix name of 'device_type' and 'migrate' properties.
* Fix 'reg' property. It is supposed to contain the CPU MPIDR of the
CPU being described.
* Fix byte ordering of data in 'psci' node.
* Fix some problems regarding the size of data. In a number of places
it was assumed data would be 32-bits wide.
This function allows platform to do any specific actions prior to
the start the PEI phase.
For instance, this function could be used by some platforms to initialize clocks that
are required at the early stage of the PEI phase.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Olivier Martin <olivier.martin@arm.com> Acked-by: Ryan Harkin <ryan.harkin@linaro.org> Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14347 6f19259b-4bc3-4df7-8a09-765794883524
ArmPlatformGetPrimaryCoreMpId returns the MPID of the primary core.
The primary core might not be known at build time (eg: the platform allows
the boot CPU to be changed through board config).
This function is used during the secondary core stack initialization to know
the position of the secondary core in the SoC.
A secondary core that is at the position N, with N greater than the primary
core position, will be at the position N-1 in the list of secondary stacks
(the primary core has its own separate bigger stack).
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Olivier Martin <olivier.martin@arm.com> Acked-by: Ryan Harkin <ryan.harkin@linaro.org> Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14345 6f19259b-4bc3-4df7-8a09-765794883524
oliviermartin [Fri, 10 May 2013 12:41:27 +0000 (12:41 +0000)]
ArmPlatformPkg/ArmPlatformLib: Added support for ArmPlatformIsPrimaryCore()
Checking if a core if the primary/boot core used to be done with the macro
IS_PRIMARY_CORE().
Some platforms exposes configuration registers to change the primary core.
Replacing the macro IS_PRIMARY_CORE() by ArmPlatformIsPrimaryCore() allows
some flexibility in the way to check the primary core.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Olivier Martin <olivier.martin@arm.com> Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org> Acked-by: Ryan Harkin <ryan.harkin@linaro.org>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14344 6f19259b-4bc3-4df7-8a09-765794883524
jcarsey [Thu, 9 May 2013 16:18:58 +0000 (16:18 +0000)]
ShellPkg: Update behavior for GetTime() errors.
Please find the attached patch that fixes the ShellPkg when gRT->GetTime() returns an error (eg: early UEFI platform bringup with a RTC controller that is not supported).
On some platforms, gRT->GetTime() might not return EFI_SUCCESS. The Shell must check the return status before to assume the returned time is valid.
sfu5 [Thu, 9 May 2013 05:28:27 +0000 (05:28 +0000)]
Skip PXE prompt/menu/discover if PXE_DISCOVERY_CONTROL tag bit 3 set. Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14332 6f19259b-4bc3-4df7-8a09-765794883524
vanjeff [Wed, 8 May 2013 08:29:11 +0000 (08:29 +0000)]
Updated connecting HOST version information from 1.3 to 1.3.1.
Signed-off-by: Jeff Fan <jeff.fan@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14328 6f19259b-4bc3-4df7-8a09-765794883524
lzeng14 [Tue, 7 May 2013 05:38:32 +0000 (05:38 +0000)]
1. Fix TOCTOU issue in VariableSmm, FtwSmm, FpdtSmm, SmmCorePerformance SMM handler. For VariableSmm, pre-allocate a mVariableBufferPayload buffer with mVariableBufferPayloadSize(match with mVariableBufferPayloadSize in VariableSmmRuntimeDxe) to hold communicate buffer payload to avoid TOCTOU issue.
2. Add check to ensure CommBufferPayloadSize not exceed mVariableBufferPayloadSize or is enough to hold function structure in VariableSmm and FtwSmm.
3. Align FtwGetLastWrite() in FaultTolerantWriteSmmDxe.c to FtwGetLastWrite() in FaultTolerantWrite.c.
Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14325 6f19259b-4bc3-4df7-8a09-765794883524
vanjeff [Mon, 6 May 2013 07:36:32 +0000 (07:36 +0000)]
Read/Write memory space including MMIO range with the width requested from HOST.
Signed-off-by: Jeff Fan <jeff.fan@intel.com> Reviewed-by: Kinney, Michael D <michael.d.kinney@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14324 6f19259b-4bc3-4df7-8a09-765794883524
1. Use the check IsAddressValid() to prevent SMM communication buffer overflow in SmmVariable, FtwSmm, FpdtSmm, SmmCorePerformance and SmmBaseHelper, and add check to prevent InfoSize overflows in SmmVariableHandler.
2. Refine the debug message.
3. Add check to make sure the input VariableName is A Null-terminated string.
4. Use local variable to hold StrSize (VariableName) to avoid duplicated StrSize calculation.
Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14317 6f19259b-4bc3-4df7-8a09-765794883524
Check for NULL pointer before free it. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14316 6f19259b-4bc3-4df7-8a09-765794883524