Yingke Liu [Mon, 29 Jun 2015 03:10:25 +0000 (03:10 +0000)]
BaseTools: Update IASL download link and remove specific version info.
The version of IASL compiler in the tools_def.template file no longer exists on the acpica.org site.
Update download link and remove the specific version info from the tools_def.template file.
Laszlo Ersek [Fri, 26 Jun 2015 16:09:52 +0000 (16:09 +0000)]
OvmfPkg: PlatformPei: invert MTRR setup in QemuInitializeRam()
At the moment we work with a UC default MTRR type, and set three memory
ranges to WB:
- [0, 640 KB),
- [1 MB, LowerMemorySize),
- [4 GB, 4 GB + UpperMemorySize).
Unfortunately, coverage for the third range can fail with a high
likelihood. If the alignment of the base (ie. 4 GB) and the alignment of
the size (UpperMemorySize) differ, then MtrrLib creates a series of
variable MTRR entries, with power-of-two sized MTRR masks. And, it's
really easy to run out of variable MTRR entries, dependent on the
alignment difference.
This is a problem because a Linux guest will loudly reject any high memory
that is not covered my MTRR.
So, let's follow the inverse pattern (loosely inspired by SeaBIOS):
- flip the MTRR default type to WB,
- set [0, 640 KB) to WB -- fixed MTRRs have precedence over the default
type and variable MTRRs, so we can't avoid this,
- set [640 KB, 1 MB) to UC -- implemented with fixed MTRRs,
- set [LowerMemorySize, 4 GB) to UC -- should succeed with variable MTRRs
more likely than the other scheme (due to less chaotic alignment
differences).
Effects of this patch can be observed by setting DEBUG_CACHE (0x00200000)
in PcdDebugPrintErrorLevel.
Laszlo Ersek [Fri, 26 Jun 2015 16:09:43 +0000 (16:09 +0000)]
OvmfPkg: PlatformPei: create the CPU HOB with dynamic memory space width
Maoming reported that guest memory sizes equal to or larger than 64GB
were not correctly handled by OVMF.
Enabling the DEBUG_GCD (0x00100000) bit in PcdDebugPrintErrorLevel, and
starting QEMU with 64GB guest RAM size, I found the following error in the
OVMF debug log:
This message is emitted when the DXE core is initializing the memory space
map, processing the "above 4GB" memory resource descriptor HOB that was
created by OVMF's QemuInitializeRam() function (see "UpperMemorySize").
The DXE core's call chain fails in:
CoreInternalAddMemorySpace() [MdeModulePkg/Core/Dxe/Gcd/Gcd.c]
CoreConvertSpace()
//
// Search for the list of descriptors that cover the range BaseAddress
// to BaseAddress+Length
//
CoreSearchGcdMapEntry()
CoreSearchGcdMapEntry() fails because the one entry (with type
"nonexistent") in the initial GCD memory space map is too small, and
cannot be split to cover the memory space range being added:
We'll soon increase the maximum guest-physical RAM size supported by OVMF.
For more RAM, the DXE IPL is going to build more page tables, and for that
it's going to need a bigger chunk from the permanent PEI RAM.
Otherwise CreateIdentityMappingPageTables() would fail with:
> DXE IPL Entry
> Loading PEIM at 0x000BFF61000 EntryPoint=0x000BFF61260 DxeCore.efi
> Loading DXE CORE at 0x000BFF61000 EntryPoint=0x000BFF61260
> AllocatePages failed: No 0x40201 Pages is available.
> There is only left 0x3F1F pages memory resource to be allocated.
> ASSERT .../MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c(123):
> BigPageAddress != 0
(The above example belongs to the artificially high, maximal address width
of 52, clamped by the DXE core to 48. The address width of 48 bits
corresponds to 256 TB or RAM, and requires a bit more than 1GB for paging
structures.)
Cc: Maoming <maoming.maoming@huawei.com> Cc: Huangpeng (Peter) <peter.huangpeng@huawei.com> Cc: Wei Liu <wei.liu2@citrix.com> Cc: Brian J. Johnson <bjohnson@sgi.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Brian J. Johnson <bjohnson@sgi.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17719 6f19259b-4bc3-4df7-8a09-765794883524
Tian Feng [Fri, 26 Jun 2015 08:42:46 +0000 (08:42 +0000)]
SecurityPkg/TcgMor: move TPer Reset operation to this module
The TPer Reset operation is a common logic. So it's added into
SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf module and
would be triggered at EndOfDxe.
By this way, all encrypted drives which produce EFI_STORAGE_SECURITY_
RPOTOCOL interface would be force reset when MOR is set.
Jeff Fan [Fri, 26 Jun 2015 03:06:50 +0000 (03:06 +0000)]
SourceLevelDebugPkg/DebugAgent: Add typecast to fix sign extension
OffsetHigh is 16bit value and its type is UINT32 and defined in structure.
It will be 32bit int type after do 16-bit left-shift operation. Then it will
sign extension if cast it to UINT64 if its high bit is 1.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan <jeff.fan@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Scott Duplichan <scott@notabs.org>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17716 6f19259b-4bc3-4df7-8a09-765794883524
Ard Biesheuvel [Thu, 25 Jun 2015 14:49:06 +0000 (14:49 +0000)]
ArmVirtPkg: signal EndOxDxe event in PlatformBsdInit
Currently, the ArmVirtPkg platforms built with the Intel BDS fail
to signal the end-of-DXE event 'gEfiEndOfDxeEventGroupGuid' when
entering the BDS phase, which results in some loss of functionality,
i.e., variable reclaim in the VariableDxe drivers, and the splitting
of the memory regions that is part of the recently added UEFI 2.5
properties table feature.
it is up to the platform BDS to signal that event, since there may be
platform specific ordering constraints with respect to the signalling
of the event that are difficult to honor at the generic level.
So add the SignalEvent () call to PlatformBdsInit () of ArmVirtPkg's
PlatformBdsLib implementation for the Intel BDS.
Liming Gao [Thu, 25 Jun 2015 03:29:38 +0000 (03:29 +0000)]
MdeModulePkg: Update PeiCore to handle specific child FV
Child FV may be placed in parent FV image without process required. Then,
Child FV and parent FV will be in the same continuous space. For FileHandle,
FileHandleToVolume() function needs to find the best matched FV handle.
Liming Gao [Thu, 25 Jun 2015 03:29:11 +0000 (03:29 +0000)]
MdeModulePkg: Add Memory Capabilities for MMIO and Reserved Range
UEFI2.5 spec, GetMemoryMap(), says:
Attribute: Attributes of the memory region that describe the bit mask
of capabilities for that memory region, and not necessarily the current
settings for that memory region.
But, GetMemoryMap() implementation doesn't append memory capabilities
for MMIO and Reserved memory range. This will break UEFI2.5 Properties
Table feature, because Properties Table need return EFI_MEMORY_RO or
EFI_MEMORY_XP capabilities for OS.
This patch appends memory capabilities for those memory range.
Qiu Shumin [Wed, 24 Jun 2015 08:09:05 +0000 (08:09 +0000)]
MdePkg\Library\UefiFileHandleLib: Make FileHandleWriteLine support both ASCII and UNICODE file.
When the file is a UNICODE file (with UNICODE file tag) write UNICODE text.
When the file is an ASCII file write ASCII text.
If the file size is zero (without the file tag at the beginning) write ASCII text as default.
Jordan Justen [Tue, 23 Jun 2015 23:34:33 +0000 (23:34 +0000)]
BaseTools/Tests: Verify 32-bit UTF-8 chars are rejected
Since UTF-8 .uni unicode files might contain strings with unicode code
points larger than 16-bits, and UEFI only supports UCS-2 characters,
we need to make sure that BaseTools rejects these characters in UTF-8
.uni source files.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jordan Justen <jordan.l.justen@intel.com> Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Yingke Liu <yingke.d.liu@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17697 6f19259b-4bc3-4df7-8a09-765794883524
Jordan Justen [Tue, 23 Jun 2015 23:34:28 +0000 (23:34 +0000)]
BaseTools/UniClassObject: Support UTF-8 string data in .uni files
This allows .uni input files to be encoded with UTF-8. Today, we only
support UTF-16 encoding.
The strings are still converted to UCS-2 data for use in EDK II
modules. (This is the only unicode character format supported by UEFI
and EDK II.)
Although UTF-8 would allow any UCS-4 character to be present in the
source file, we restrict the entire file to the UCS-2 range.
(Including comments.) This allows the files to be converted to UTF-16
if needed.
v2:
* Drop .utf8 extension. Use .uni file for UTF-8 data (mdkinney)
* Merge in 'BaseTools/UniClassObject: Verify string data is 16-bit'
commit
v3:
* Restrict the entire file's characters (including comments) to the
UCS-2 range in addition to string data. (mdkinney)
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jordan Justen <jordan.l.justen@intel.com> Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Yingke Liu <yingke.d.liu@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17696 6f19259b-4bc3-4df7-8a09-765794883524
Jordan Justen [Tue, 23 Jun 2015 23:34:19 +0000 (23:34 +0000)]
BaseTools/UniClassObject: Verify valid UCS-2 chars in UTF-16 .uni files
Supplementary Plane characters can exist in UTF-16 files,
but they are not valid UCS-2 characters.
For example, refer to this python interpreter code:
>>> import codecs
>>> codecs.encode(u'\U00010300', 'utf-16')
'\xff\xfe\x00\xd8\x00\xdf'
Therefore the UCS-4 0x00010300 character is encoded as two
16-bit numbers (0xd800 0xdf00) in a little endian UTF-16
file.
For more information, see:
http://en.wikipedia.org/wiki/UTF-16#U.2B10000_to_U.2B10FFFF
This means that our current BaseTools code could be allowing
unsupported UTF-16 characters be used. To fix this, we decode the file
using python's utf-16 decode support. Then we verify that each
character's code point is 0xffff or less.
v3:
* Based on Mike Kinney's feedback, we now read the whole file and
verify up-front that it contains valid UCS-2 characters. Thanks
also to Laszlo Ersek for pointing out the Supplementary Plane
characters.
v4:
* Reject code points in 0xd800-0xdfff range since they are reserved
for UTF-16 surrogate pairs. (lersek)
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jordan Justen <jordan.l.justen@intel.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Yingke Liu <yingke.d.liu@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17694 6f19259b-4bc3-4df7-8a09-765794883524
Jordan Justen [Tue, 23 Jun 2015 23:34:04 +0000 (23:34 +0000)]
BaseTools/Tests: Always add BaseTools source to import path
This allows unit tests to easily include BaseTools python
modules. This is very useful for writing unit tests.
Actually, previously, we would do this when RunTests.py was executed,
so unit tests could easily import BaseTools modules, so long as they
were executed via RunTests.
This change allows running the unit test files individually which can
be faster for developing the new unit test cases.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jordan Justen <jordan.l.justen@intel.com> Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Yingke Liu <yingke.d.liu@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17691 6f19259b-4bc3-4df7-8a09-765794883524
Under such circumstances, the va_start() macro invocation in
ERR_add_error_data() -- which is translated to VA_START() by
"CryptoPkg/Include/OpenSslSupport.h" -- results in EFIAPI-dependent code,
but callers of the function pass the arguments incorrectly, because the
declaration doesn't state EFIAPI.
This leads to crashes when ERR_add_error_vdata(), called by
ERR_add_error_data(), tries to access the arguments forwarded to it.
Restore the missing hunk from before SVN r17633.
Cc: Qin Long <qin.long@intel.com> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Gary Ching-Pang Lin <glin@suse.com> Cc: Peter Jones <pjones@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Acked-by: Peter Jones <pjones@redhat.com> Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Qin Long <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17689 6f19259b-4bc3-4df7-8a09-765794883524
Liming Gao [Tue, 23 Jun 2015 10:48:30 +0000 (10:48 +0000)]
SecurityPkg: Fix wrong calculation of ImageExeInfoEntrySize
Per UEFI spec, EFI_IMAGE_EXECUTION_INFO structure is updated to comment
Signature field. So, its structure doesn't include Signature field. But,
ImageExeInfoEntrySize uses its structure size minor Signature size. It
will be corrected in this change.
Laszlo Ersek [Mon, 22 Jun 2015 17:11:05 +0000 (17:11 +0000)]
OvmfPkg: PlatformPei: set SMBIOS entry point version dynamically
Git commit 54753b60 (SVN r16870), "MdeModulePkg: Update SMBIOS revision to
3.0." changed PcdSmbiosVersion from 0x0208 to 0x0300. This controls the
version number of the SMBIOS entry point table (and other things) that
"MdeModulePkg/Universal/SmbiosDxe" installs.
Alas, this change breaks older Linux guests, like RHEL-6 (up to RHEL-6.7);
those are limited to 2.x (both in the guest kernel firmware driver, and in
the dmidecode utility). The SMBIOS 3.0 entry point has a different GUID --
defined in UEFI 2.5 -- pointing to it in the UEFI Configuration Table, and
guest kernels that lack upstream kernel commit e1ccbbc9d5 don't recognize
it.
The v2.1.0+ machine types of QEMU generate SMBIOS payload for the firmware
to install. The payload includes the entry point table ("anchor" table).
OvmfPkg/SmbiosPlatformDxe cannot install the anchor table (because that is
the jurisdiction of the generic "MdeModulePkg/Universal/SmbiosDxe"
driver); however, we can parse the entry point version from QEMU's anchor
table, and instruct "MdeModulePkg/Universal/SmbiosDxe" to adhere to that
version.
On machine types older than v2.1.0, the feature is not available, but
then, should anything in OVMF install SMBIOS tables, version 2.8 is simply
safer / more widely supported than 3.0 -- hence the default 2.8 value for
the dynamic PCD.
We set the PCD in PlatformPei (when not on the S3 resume path), because
that's an easy and certain way to set the PCD before a DXE driver reads
it. This follows the example of PcdEmuVariableNvStoreReserved (which is
read by EmuVariableFvbRuntimeDxe).
RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1232876 Cc: Gabriel Somlo <somlo@cmu.edu> Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com> Acked-by: Gabriel Somlo <somlo@cmu.edu>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17676 6f19259b-4bc3-4df7-8a09-765794883524
Qin Long [Fri, 19 Jun 2015 02:46:51 +0000 (02:46 +0000)]
CryptoPkg: Add some comments for API usage clarification.
This patch adds some comments for API usage clarification, and
adds one object initialization in X509ConstructCertificateStack
implementation to fix possible memory release issue.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Qin Long <qin.long@intel.com> Reviewed-by: Ting Ye <ting.ye@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17671 6f19259b-4bc3-4df7-8a09-765794883524
Qin Long [Fri, 19 Jun 2015 02:45:06 +0000 (02:45 +0000)]
SecurityPkg: Add UEFI-2.5 PKCS7 Verification Protocol Support
This patch adds the support for PKCS7 Verification Protocol which
was defined in UEFI 2.5.
(NOTE: The VerifySignature interface was not supported in this
version, due to openssl interface limitation)
Qiu Shumin [Fri, 19 Jun 2015 01:58:09 +0000 (01:58 +0000)]
MdeModulePkg: Enhance the comments for PiSmmCoreMemoryAllocationLib instance.
Per PI spec all allocation of SMRAM should use EfiRuntimeServicesCode or EfiRuntimeServicesData.
So SMM instance use EfiRuntimeServicesCode as the default memory allocation type instead of EfiBootServicesData.
This patch clarify this usage in comments.
Qiu Shumin [Fri, 19 Jun 2015 01:56:15 +0000 (01:56 +0000)]
MdePkg: Enhance the comments for SmmMemoryAllocationLib instance.
Per PI spec all allocation of SMRAM should use EfiRuntimeServicesCode or EfiRuntimeServicesData.
So SMM instance use EfiRuntimeServicesCode as the default memory allocation type instead of EfiBootServicesData.
This patch clarify this usage in comments.
Yingke Liu [Fri, 19 Jun 2015 01:43:45 +0000 (01:43 +0000)]
BaseTools: Fixed Build Option override bugs.
if '==' is specified, it overrides all options that specified by '='; if no '==' is specified, all options that match current build criteria are combined.
Star Zeng [Thu, 18 Jun 2015 09:26:41 +0000 (09:26 +0000)]
MdeModulePkg PiSmmCore: Introduce SMM Exit Boot Services and Legacy Boot.
And also SMM Ready To Boot.
The SMM Exit Boot Service protocol is to be published by the SMM
Foundation code to associate with EFI_EVENT_GROUP_EXIT_BOOT_SERVICES
to notify SMM driver that system enter exit boot services.
The SMM Legacy Boot protocol is to be published by the SMM
Foundation code to associate with EFI_EVENT_LEGACY_BOOT_GUID
to notify SMM driver that system enter legacy boot.
The SMM Ready To Boot protocol is to be published by the SMM
Foundation code to associate with EFI_EVENT_GROUP_READY_TO_BOOT
to notify SMM driver that system enter ready to boot.
After them, any SMM drivers can get protocol notify on what happened
in DXE phase, then there is no need to let each individual SMM driver
to register SMM Communication Handler for that.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17657 6f19259b-4bc3-4df7-8a09-765794883524
Dandan Bi [Wed, 17 Jun 2015 09:36:35 +0000 (09:36 +0000)]
MdeModulePkg:System hangs in setup menu
System hangs when RTC time rollover 1999 to 2000
Error processing of GetTime function:
If get time fail,the date/time will display ??,
and update help info to let user know get time fail.
Ard Biesheuvel [Tue, 16 Jun 2015 15:09:19 +0000 (15:09 +0000)]
CryptoPkg: add .gitignore for OpenSSL source files
Add a .gitignore that masks the OpenSSL header files under
Include/openssl and the OpenSSL source files under
Library/OpensslLib/openssl-*. This prevents Git from considering
any of these files for addition, and prevents other clutter in
the git status output.
Ard Biesheuvel [Tue, 16 Jun 2015 14:27:18 +0000 (14:27 +0000)]
ArmVirtPkg: increase memory preallocations for secure build
This is a followup to r17554 ("ArmVirtPkg: increase memory
preallocations to reduce region count") that increases the sizes
of the preallocated regions to account for the footprint of the
crypto and authentication libraries. This is only done if secure
boot is enabled at build time, to prevent imposing a larger minimum
RAM size on non-secure builds.
Jeff Fan [Tue, 16 Jun 2015 02:55:54 +0000 (02:55 +0000)]
UefiCpuPkg/CpuDxe: Get CPU BIST information from Guided HOB
Get CPU BIST information from gEfiSecPlatformInformation2PpiGuid or
gEfiSecPlatformInformationPpiGuid Guided HOB and update the CPU healthy status
for CPU MP Service.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan <jeff.fan@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17641 6f19259b-4bc3-4df7-8a09-765794883524
Qiu Shumin [Fri, 12 Jun 2015 11:20:53 +0000 (11:20 +0000)]
ShellBinPkg: Ia32/X64 Shell binary update.
The binaries of ShellBinPkg are generated with ShellPkg project 17584. The binaries are built with no debug information by building with "RELEASE" target.
The previous submitted Shell binaries (r17619) linked the wrong lib instance. This check in fix the issue.