BTT definitions are defined in UEFI spec 2.7, to defines
a layout and set of rules for doing block I/O that provide
powerfail write atomicity of a single block in NVDIMM.
Star Zeng [Fri, 27 Oct 2017 03:14:11 +0000 (11:14 +0800)]
MdeModulePkg SerialDxe: Handle Timeout change more robustly
https://lists.01.org/pipermail/edk2-devel/2017-October/016479.html
reported "Xen Console input very slow in recent UEFI" that appears
after 4cf3f37c87ba1f9d58072444bd735e40e4779e70 "MdeModulePkg
SerialDxe: Process timeout consistently in SerialRead".
Julien did more debugging and find out the following is happening in
TerminalConInTimerHandler (MdeModulePkg/Universal/Console/TerminalDxe)
when a character is received:
1) GetControl will return EFI_SERIAL_INPUT_BUFFER_EMPTY unset
=> Entering in the loop to fetch character from the serial
2) GetOneKeyFromSerial()
=> Return directly with the character read
3) Looping as the fifo is not full and no error
4) GetOneKeyFromSerial() -> SerialRead()
=> No more character so SerialPortPoll() will return FALSE and loop
until timeout
=> Return EFI_TIMEOUT
5) Exiting the loop from TerminalConInTimerHandler
6) Characters are printed
After some investigation, I found it is related to the Timeout value.
The Timeout is 1000000 (1s) by default to follow UEFI spec.
And the Terminal driver will recalculate and set the Timeout value
based on the properties of UART in TerminalDriverBindingStart()/
TerminalConInTimerHandler().
SerialInTimeOut = 0;
if (Mode->BaudRate != 0) {
//
// According to BAUD rate to calculate the timeout value.
//
SerialInTimeOut = (1 + Mode->DataBits + Mode->StopBits) *
2 * 1000000 / (UINTN) Mode->BaudRate;
}
For example, based on the PCD values of PcdUartDefaultBaudRate,
PcdUartDefaultDataBits and PcdUartDefaultStopBits, SerialInTimeOut =
(1 + 8 + 1) * 2 * 1000000 / (UINTN) 115200 = 173 (us).
When SerialDxe is used,
TerminalDriverBindingStart()/TerminalConInTimerHandler() ->
SerialIo->SetAttributes() ->
SerialSetAttributes() ->
SerialPortSetAttributes()
Some implementations of SerialPortSetAttributes() could handle the
input parameters and return RETURN_SUCCESS, for example
BaseSerialPortLib16550, then Timeout value will be changed to 173 (us),
no "slow down" will be observed.
But some implementations of SerialPortSetAttributes() just return
RETURN_UNSUPPORTED, for example XenConsoleSerialPortLib, then Timeout
value will be not changed and kept 1000000 (1s), "slow down" will be
observed.
SerialPortLib instance can be enhanced to
1. Handle the input parameters and return status accordingly instead of
just returning RETURN_UNSUPPORTED in SerialPortSetAttributes().
2. Just return RETURN_SUCCESS instead of RETURN_UNSUPPORTED in
SerialPortSetAttributes() if the instance does not care the input
parameters at all.
And SerialDxe can also be enhanced like this patch to be more robust
to handle Timeout change.
Cc: Julien Grall <julien.grall@linaro.org> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Compare against the original parameters Suggested-by: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Tested-by: Julien Grall <julien.grall@linaro.org>
Chasel, Chiu [Wed, 8 Nov 2017 12:35:26 +0000 (20:35 +0800)]
IntelFsp2Pkg-Tools: GenCfgOpt.py shouldn't include specific UPD name
PcdSerialIoUartDebugEnable UPD is platform specific and should not
be included in generic GenCfgOpt.py script. Remove this and platform
DSC should control the default value instead.
Cc: Jiewen Yao <Jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Chasel Chiu <chasel.chiu@intel.com> Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Jian J Wang [Wed, 8 Nov 2017 02:09:54 +0000 (10:09 +0800)]
IntelFrameworkModulePkg: Fix misuses of AllocateCopyPool
AllocateCopyPool(AllocationSize, *Buffer) will copy "AllocationSize" bytes of
memory from old "Buffer" to new allocated one. If "AllocationSize" is bigger
than size of "Buffer", heap memory overflow occurs during copy.
One solution is to allocate pool first then copy the necessary bytes to new
memory. Another is using ReallocatePool instead if old buffer will be freed
on spot.
Cc: Liming Gao <liming.gao@intel.com> Cc: Bi Dandan <dandan.bi@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Jian J Wang <jian.j.wang@intel.com> Reviewed-by: Bi Dandan <dandan.bi@intel.com>
Jian J Wang [Wed, 8 Nov 2017 02:09:19 +0000 (10:09 +0800)]
ShellPkg: Fix misuses of AllocateCopyPool
AllocateCopyPool(AllocationSize, *Buffer) will copy "AllocationSize" bytes of
memory from old "Buffer" to new allocated one. If "AllocationSize" is bigger
than size of "Buffer", heap memory overflow occurs during copy.
One solution is to allocate pool first then copy the necessary bytes to new
memory. Another is using ReallocatePool instead if old buffer will be freed
on spot.
Cc: Jaben Carsey <jaben.carsey@intel.com> Cc: Ruiyu Ni <ruiyu.ni@intel.com> Cc: Bi Dandan <dandan.bi@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Jian J Wang <jian.j.wang@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Jian J Wang [Wed, 1 Nov 2017 15:18:34 +0000 (23:18 +0800)]
MdeModulePkg: Fix misuses of AllocateCopyPool
AllocateCopyPool(AllocationSize, *Buffer) will copy "AllocationSize" bytes of
memory from old "Buffer" to new allocated one. If "AllocationSize" is bigger
than size of "Buffer", heap memory overflow occurs during copy.
One solution is to allocate pool first then copy the necessary bytes to new
memory. Another is using ReallocatePool instead if old buffer will be freed
on spot.
Cc: Star Zeng <star.zeng@intel.com> Cc: Eric Dong <eric.dong@intel.com> Cc: Bi Dandan <dandan.bi@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Jian J Wang <jian.j.wang@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Bi Dandan <dandan.bi@intel.com>
For PciIoPciRead interface, memory prior to Buffer would be written
with zeros if Offset was larger than sizeof (Dev->ConfigSpace), which
would cause serious system exception.
So we add a pre-check branch to avoid memory override.
Cc: Star Zeng <star.zeng@intel.com> Cc: Eric Dong <eric.dong@intel.com> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Heyi Guo <heyi.guo@linaro.org> Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Ruiyu Ni [Thu, 26 Oct 2017 08:06:56 +0000 (16:06 +0800)]
MdePkg/PciExpress21.h: Fix typo in PCI_REG_PCIE_SLOT_CONTROL
PCI_REG_PCIE_SLOT_CONTROL contains a typo. It is defined as:
typedef union {
struct {
UINT32 AttentionButtonPressed : 1;
UINT32 ...
...
} Bits;
UINT16 Uint16;
} PCI_REG_PCIE_SLOT_CONTROL;
The bit field data type should be UINT16 instead of UINT32,
results sizeof (PCI_REG_PCIE_SLOT_CONTROL) equals to 4 instead of 2.
Because this structure is used in PCI_CAPABILITY_PCIEXP as below:
typedef struct {
...
PCI_REG_PCIE_SLOT_CONTROL SlotControl;
PCI_REG_PCIE_SLOT_STATUS SlotStatus;
} PCI_CAPABILITY_PCIEXP;
It cause the OFFSET_OF (PCI_CAPABILITY_PCIEXP, SlotStatus) equal
to a wrong value.
Marcin Wojtas [Fri, 3 Nov 2017 17:55:17 +0000 (18:55 +0100)]
EmbeddedPkg: Implement NorFlashInfoLib
The SPI NOR flash drivers which base on ArmPlatformPkg's
NorFlashDxe usually make use of static declarations of the
flash instances with their type and parameters. As a result
it implies hardcoding the exact way of flash handling, not to
mention the code does not look very nice. Much better solution
would be obtaining the flash ID and hence its description
in runtime.
JEDEC compliant SPI NOR devices allow to obtain their IDs with
READ_ID command (0x9f), which should return the vendor ID byte,
followed by 2 to 4 following device ID bytes. Use this capability
for implementing a NorFlashInfoLib that gives an access to the
NOR flash description data, such as name, page size, sector
(block) size and others, of more than 50 different models.
The new library user should pass an output array from issuing
READ_ID command to the NorFlashGetInfo () routine - if the
match is found, an allocated (optionally for RT) pool with
the flash description copy will be returned.
chenc2 [Tue, 7 Nov 2017 01:01:26 +0000 (09:01 +0800)]
SecurityPkg/AuthVariableLib: Use EFI_CERT_DATA to parse certificate
The function Pkcs7GetSigners return certificate stack as binary buffer.
Use EFI_CERT_DATA to parsing certificate stack more clearly, and access
certificate by the field of EFI_CERT_DATA structure.
chenc2 [Tue, 7 Nov 2017 00:56:56 +0000 (08:56 +0800)]
CryptoPkg/BaseCryptLib: Add C-structure to matching certificate stack
The parameter CertStack of Pkcs7GetSigners will return all embedded X.509
certificate in one given PKCS7 signature. The format is:
//
// UINT8 CertNumber;
// UINT32 Cert1Length;
// UINT8 Cert1[];
// UINT32 Cert2Length;
// UINT8 Cert2[];
// ...
// UINT32 CertnLength;
// UINT8 Certn[];
//
Add EFI_CERT_STACK and EFI_CERT_DATA structure, these two C-structure are
used for parsing CertStack more clearly.
Peicong Li [Tue, 7 Nov 2017 12:56:51 +0000 (20:56 +0800)]
ArmPkg/ArmMmuLib: Add new attribute WRITE_BACK_NONSHAREABLE
Flash region needs to be set as cacheable (write back) to increase
performance, if PEI is still XIP on flash or DXE FV is decompressed
from flash FV. However some ARM platforms do not support to set flash
as inner shareable since flash is not normal DDR memory and it will
not respond to cache snoop request, which will causes system hang
after MMU is enabled.
So we need a new ARM memory region attribute WRITE_BACK_NONSHAREABLE
for flash region on these platforms specifically. This attribute will
set the region as write back but not inner shared.
Ruiyu Ni [Tue, 31 Oct 2017 07:53:18 +0000 (15:53 +0800)]
MdeModulePkg/PciBus: Disable BME of all devices when entering RT
The patch ensures all DMA transactions are blocked after
ExitBootService.
If a platform enables IOMMU before and needs disable IOMMU after
ExitBootService, the IOMMU should be disabled after PCI bus driver
disables BME.
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Michael Turner <michael.turner@microsoft.com> Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Cc: Jeff Fan <vanjeff_919@hotmail.com>
Dandan Bi [Fri, 3 Nov 2017 08:34:25 +0000 (16:34 +0800)]
MdeModulePkg/VarCheckHii: Enhance VarCheckHiiLib to support bit check
V3:
(1) Reset QuestionStoredInBitField to FALSE at end opcode(EFI_IFR_END_OP)
(2) Fix typo and format issues(line alignment for debug print message
and value assignment...)
V2:
(1)Remove the VarOffsetBitLevel/StorageWidthBitLevel to reduce the final
VarCheckBinSize and update the implementation accordingly.
(2)Update the VAR_CHECK_HII_REVISION
(3)Refine the Debug message and function comments,like update oneof",
"checkbox", "numeric" to "OneOf", "CheckBox", "Numeric".
VarCheckHiiLib check the value set to storage based on the possible value
listed in the vfr file. Since we have enhanced vfr to support Question
value stored in bit field, so now enhance VarCheckHiiLib to support bit
field check.
Cc: Star Zeng <star.zeng@intel.com> Cc: Eric Dong <eric.dong@intel.com> Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Dandan Bi <dandan.bi@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com>
Ard Biesheuvel [Sat, 4 Nov 2017 21:32:37 +0000 (21:32 +0000)]
MdeModulePkg/SdMmcPciHcDxe: call SdMmcFreeTrb() to complete sync operation
Currently, we complete a synchronous operation without unmapping the
DMA mappings, and free the pages using FreePages () rather than calling
EFI_PCI_IO_PROTOCOL::FreeBuffer. This is simply incorrect, but it also
breaks non-coherent DMA as well as DMA protection and/or memory encryption
so let's do it correctly and call SdMmcFreeTrb() instead.
The malloc/free (instead of AllocatePool/FreePool) were used directly
in some wrapper implementations, which was designed to leverage the
light-weight memory management routines at Runtime phase.
The malloc/free and AllocatePool/FreePool usages are required to be
matched, after extra memory size info header was introduced in malloc
wrapper.
This patch corrects two memory allocation cases, which requires the
caller to free the buffer with FreePool() outside the function call.
And some comments were also added to clarify the correct memory
release functions if it's the caller's responsibility to free the
memory buffer.
Cc: Laszlo Ersek <lersek@redhat.com> Cc: Ting Ye <ting.ye@intel.com> Cc: Jian J Wang <jian.j.wang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Qin Long <qin.long@intel.com> Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
Long Qin [Wed, 1 Nov 2017 08:10:04 +0000 (16:10 +0800)]
CryptoPkg/BaseCryptLib: Fix buffer overflow issue in realloc wrapper
There is one long-standing problem in CRT realloc wrapper, which will
cause the obvious buffer overflow issue when re-allocating one bigger
memory block:
void *realloc (void *ptr, size_t size)
{
//
// BUG: hardcode OldSize == size! We have no any knowledge about
// memory size of original pointer ptr.
//
return ReallocatePool ((UINTN) size, (UINTN) size, ptr);
}
This patch introduces one extra header to record the memory buffer size
information when allocating memory block from malloc routine, and re-wrap
the realloc() and free() routines to remove this BUG.
Cc: Laszlo Ersek <lersek@redhat.com> Cc: Ting Ye <ting.ye@intel.com> Cc: Jian J Wang <jian.j.wang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Qin Long <qin.long@intel.com> Reviewed-by: Jian J Wang <jian.j.wang@intel.com> Validated-by: Jian J Wang <jian.j.wang@intel.com>
Star Zeng [Wed, 25 Oct 2017 09:23:03 +0000 (17:23 +0800)]
IntelSiliconPkg IntelVTdDxe: Use ACPI table event to get DMAR table
Use ACPI table event to get DMAR table instead of using ACPI SDT
notification as ACPI SDT is optional and the default value of
PcdInstallAcpiSdtProtocol is FALSE in MdeModulePkg.dec.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Ard Biesheuvel [Wed, 1 Nov 2017 12:57:26 +0000 (12:57 +0000)]
ArmPlatformPkg/PlatformPeim: allow PlatformPeiLib to set the boot mode
The current interdepencies between the PrePeiCore SEC module, the
platform PEIM and ArmPlatformLib is a bit awkward: due to the fact
that ArmPlatformLib is also used by SEC modules, we cannot use PEI
specific facilities in the implementation of ArmPlatformGetBootMode.
However, given that we call that library function /after/ invoking
PlatformPeiLib, there is no way for that library to set the boot mode
other than resorting to tricks like notification callbacks on arbitrary
unrelated events.
ArmPlatformLib should probably be phased out anyway, given its quirky
nature, but for now, let's fix this particular issue by deferring the
call to PlatformPeim() to after the point where we set the boot mode
by calling ArmPlatformGetBootMode ().
While we're at it, clean up the code slightly by using PeiServicesLib
instead of doing double pointer dereferencing.
Ard Biesheuvel [Wed, 1 Nov 2017 12:54:39 +0000 (12:54 +0000)]
EmbeddedPkg: introduce GPIO PPI
Introduce a PPI counterpart of the existing 'embedded GPIO' protocol,
so we can manipulate GPIOs from PEI modules. This allows things like
setting the boot mode based on a DIP switch setting.
Note that the naming is slightly awkward, as there is nothing 'embedded'
about a GPIO, but given that the DXE protocol already resides here and
has the 'embedded' prefix, it makes sense to retain uniformity.
Dandan Bi [Wed, 1 Nov 2017 08:11:47 +0000 (16:11 +0800)]
BaseTools/VfrCompile: Add check to avoid using NULL pointer
Question value are stored in one specified storage, but the Data type
of the storage is not specified or there is no sub fields in the Data
type sometimes, so we need to add check before using related pointers.
Here list some NULL cases:
(1)For an efivastore which doesn't specify a data structure or a
data type(UINT8,UINT16...)as the storage, just has VarName and
VarSize instead, we can not get its data type before parsing
its VarSize.
(2)For efivastore which just specifies the data type(UINT8,UINT16...)
not a structure as the storage,this data type doesn't have sub-fields.
Benjamin You [Tue, 31 Oct 2017 05:41:50 +0000 (13:41 +0800)]
Add one maintainer to CorebootModulePkg and CorebootPayloadPkg
Add one maintainer (Benjamin You) to CorebootModulePkg and CorebootPayloadPkg
Cc: Maurice Ma <maurice.ma@intel.com> Cc: Prince Agyeman <prince.agyeman@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Benjamin You <benjamin.you@intel.com> Reviewed-by: Maurice Ma <maurice.ma@intel.com>
Ruiyu Ni [Wed, 1 Nov 2017 10:12:53 +0000 (18:12 +0800)]
ShellPkg/hexeditor: Use CpuIo for memory access
The original code uses PciRootBridgeIo for memory access.
It worked before MdeModulePkg/PciHostBridgeDxe driver was checked in.
But MdeModulePkg/PciHostBridgeDxe adds checks to ensure the MMIO
access request is in the scope of the current RootBridgeIo instance.
It causes "hexeditor -m 0 2" reports error because memory address 0
surely is not in the scope of any RootBridgeIo instance.
In fact only accessing the MMIO space occupied by the RootBridgeIo
can work.
The patch changes hexeditor to use CpuIo for memory access.
Ard Biesheuvel [Wed, 1 Nov 2017 14:58:42 +0000 (14:58 +0000)]
BaseTools/tools_def AARCH64 ARM: disable PIE linking for .aslc sources
Commit 1894a7c64c0a ("BaseTools/tools_def AARCH64 ARM: disable PIE
linking") works around an issue that was caught due to the fact that
PIE linking produces broken .acpi files. However, v2 of that fix
inadvertently only applied the workaround to the normal linker command
line, and not to the ASLD one, so the issue still persists.
So add the missing -no-pie options for ASLD on ARM and AARCH64.
Mark EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS as deprecated.
1. Make SetVariable/QueryVariableInfo return EFI_UNSUPPORTED with this
attribute
2. No change to GetVariable/GetNextVariableName
Also update several function descriptors accordingly
Cc: Long Qin <qin.long@intel.com> Cc: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Long Qin <qin.long@intel.com>
When PciBus driver fails to load the Option ROM, it doesn't produce
BusOverride protocol. It was a correct behavior before the above
commit. But due to the above commit, BusOverride protocol never is
produced by PciBus driver.
The patch fixes this issue using the following solution:
1. PciBus records the image device path when LoadImage fails.
2. Override.GetDriver() tries to look for the image handle using
the stored image device path.
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com>
The patch doesn't impact real functionality.
It only renames EFI_PCI_ROM_IMAGE_MAPPING to PCI_ROM_IMAGE,
and changes prototype of PciRomAddImageMapping so that
no explicit type cast is needed when calling this function.
It also removes unused field RomBase from PCI_IO_DEVICE structure.
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com>
Jiewen Yao [Thu, 21 Sep 2017 07:07:50 +0000 (15:07 +0800)]
IntelSiliconPkg/VtdPeiSample: Add premem support.
Before memory is ready, this sample produces one VTd engine.
After memory and silicon is initialized, this sample produces
both IGD VTd engine and all-rest VTd engine by reinstall the
FV_INFO_PPI.
This update is to demonstrate how to support pre-mem VTd usage.
Cc: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com>
Jiewen Yao [Sat, 23 Sep 2017 08:27:50 +0000 (16:27 +0800)]
IntelSiliconPkg/VtdPmrPei: Add premem support.
Remove memory discovered dependency to support both premem
VTD_INFO_PPI and postmem VTD_INFO_PPI.
If VTD_INFO_PPI is installed before memory is ready, this
driver protects all memory region.
If VTD_INFO_PPI is installed or reinstalled after memory
is ready, this driver allocates DMA buffer and protect rest.
Cc: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Laszlo Ersek [Thu, 26 Oct 2017 13:48:31 +0000 (15:48 +0200)]
MdeModulePkg/AtaAtapiPassThru: disable only BM-DMA at ExitBootServices()
Clearing I/O port decoding in the PCI command register at
ExitBootServices() breaks IDE boot in Windows, on QEMU's "pc" (i440fx)
machine type. (AHCI boot on "q35" is unaffected.) Windows seems repeatedly
stuck, apparently waiting for a timeout of sorts.
This is arguably a Windows bug; a native OS driver should not expect the
firmware to leave the PCI command register in any particular state.
Strictly speaking, we only need to disable BM-DMA at ExitBootServices(),
in order to abort pending transfers to/from RAM, which is soon to be owned
by the OS. BM-DMA is also the only bit that's explicitly named by the UEFI
Driver Writers' Guide, for clearing at ExitBootServices().
I've verified that clearing only BM-DMA fixes the issue (boot time) on
i440fx, and does not regress q35/AHCI.
Cc: Aleksei Kovura <alex3kov@zoho.com> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Dann Frazier <dannf@ubuntu.com> Cc: Eric Dong <eric.dong@intel.com> Cc: Star Zeng <star.zeng@intel.com> Reported-by: Aleksei Kovura <alex3kov@zoho.com> Reported-by: Dann Frazier <dannf@ubuntu.com> Reported-by: https://launchpad.net/~cjkrupp Bisected-by: Dann Frazier <dannf@ubuntu.com> Bisected-by: https://launchpad.net/~cjkrupp Suggested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Suggested-by: Star Zeng <star.zeng@intel.com>
Ref: https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/1725560 Fixes: 6fb8ddd36bde45614b0a069528cdc97077835a74
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Tested-by: dann frazier <dann.frazier@canonical.com> Reviewed-by: Star Zeng <star.zeng@intel.com> Tested-by: Aleksei Kovura <alex3kov@zoho.com>
Daniil Egranov [Fri, 27 Oct 2017 05:33:23 +0000 (00:33 -0500)]
Drivers/SataSiI3132Dxe: Fixed PCI IO read and write operations
The ATA pass through read should use PCI IO bus master write operation
and ATA pass through write should use PCI IO bus master read operation
as the read and write operations are executed from the bus master's
point of view.
This causes a property like 'linux,code' to be converted into '1,code'
which is obviously wrong. So let's get rid of all the predefined macros
by passing -undef to the preprocessor command line.
Ard Biesheuvel [Wed, 25 Oct 2017 09:52:17 +0000 (10:52 +0100)]
BaseTools/tools_def AARCH64 ARM: disable PIE linking
Some prebuilt GCC toolchains targeting aarch64 (e.g., the Debian Stretch
one) will default to building PIE executables. This has been observed to
corrupt ACPI tables built from .aslc sources, so disable PIE linking
altogether when using the GCC toolchain to build for AARCH64 or ARM.
Eric Dong [Thu, 26 Oct 2017 05:55:21 +0000 (13:55 +0800)]
UefiCpuPkg/MpInitLib: Keep compatible with former AP counting solution.
For some special platforms (such as Ovmf), it is possible
that, some APs start up *and finish* before the remaining
APs start up *at all*. In this case, the enhance
solution by changes 0594ec41 not works as expected.
This change remove check CpuMpData->CpuCount logic to let old
solution still workable if platform owner still set a long
time for PcdCpuApInitTimeOutInMicroSeconds. It's platform
owner's response to decide which solution to use.
Cc: Ruiyu Ni <ruiyu.ni@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Jeff Fan <vanjeff_919@hotmail.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Jeff Fan <vanjeff_919@hotmail.com>
Eric Dong [Thu, 26 Oct 2017 02:28:23 +0000 (10:28 +0800)]
UefiCpuPkg/CpuFeatures: Export HOB if CPU initialized in PEI
In current implementation, CPU initialized can be done in PEI
or DXE phase. PEI uses CpuFeaturesPei and Dxe uses CpuFeaturesDxe.
If CPU initialized in PEI phase, CpuFeaturesDxe driver will
not be used. This driver will install gEdkiiCpuFeaturesInitDoneGuid
protocol after it initializes the CPU.
Some drivers depend on this protocol to dispatch themselves. If
CpuFeaturesDxe not been used, these drivers will not be dispatched.
This patch fix the above issue. If Cpu initialized in PEI
phase, it also report a guid HOB for CpuFeaturesDxe.
CpuFeaturesDxe will check this HOB first. If it found this
HOB, it just install gEdkiiCpuFeaturesInitDoneGuid protocol,
else it will also do the CPU initialization.
Cc: Ruiyu Ni <ruiyu.ni@intel.com> Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Laszlo Ersek [Tue, 24 Oct 2017 10:20:57 +0000 (12:20 +0200)]
Maintainers.txt: add Laszlo Ersek as UefiCpuPkg reviewer
UefiCpuPkg hosts a number of modules (SMM infrastructure,
MP-initialization) that may behave differently enough between
virtualization guests and physical boards that they merit regression
testing and review specifically from a virtualization perspective.
Add Laszlo as a UefiCpuPkg reviewer (not maintainer) so that he be CC'd on
all UefiCpuPkg patches.
> R: Package Reviewer: Cc address for patches and questions. Reviewers
> help maintainers review code, but don't have push access.
Cc: Andrew Fish <afish@apple.com> Cc: Eric Dong <eric.dong@intel.com> Cc: Jeff Fan <vanjeff_919@hotmail.com> Cc: Leif Lindholm <leif.lindholm@linaro.org> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
Star Zeng [Wed, 25 Oct 2017 08:55:46 +0000 (16:55 +0800)]
IntelSiliconPkg IntelVTdDxe: use gEfiAcpi10TableGuid for ACPI 1.0
According to definition (Acpi.h and MdePkg.dec),
gEfiAcpiTableGuid = gEfiAcpi20TableGuid, and the code is trying
to parse ACPI 2.0 first and then ACPI 1.0, but it uses
gEfiAcpiTableGuid wrongly for ACPI 1.0, this patch is to fix it.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Jiaxin Wu [Fri, 20 Oct 2017 06:46:31 +0000 (14:46 +0800)]
MdeModulePkg/Ip4Dxe: Trigger Ip4Config2 to retrieve the default address.
According the UEFI spec 2.7 A:
In section 28.3.2 for the IpConfigData.UseDefaultAddress, "While set to
TRUE, Configure() will trigger the EFI_IP4_CONFIG2_PROTOCOL to retrieve
the default IPv4 address if it is not available yet."
In section 28.5 for the Ip4Config2PolicyDhcp, "...All of these configurations
are retrieved from DHCP server or other auto-configuration mechanism."
This patch is to align with the above description. When the default IPv4
address is not available and IpConfigData.UseDefaultAddress is set to TRUE,
Ip4Config2 protocol will be called to retrieve the default address by setting
the policy to Ip4Config2PolicyDhcp.
Cc: Ye Ting <ting.ye@intel.com> Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Jiaxin Wu [Mon, 16 Oct 2017 06:53:09 +0000 (14:53 +0800)]
NetworkPkg/IScsiDxe: Fix the incorrect/needless DHCP process.
The existing attempt should not trigger the DHCP process if it
doesn't associates with the current NIC. That's incorrect when
displaying the initiator info in attempt page.
Cc: Karunakar P <karunakarp@amiindia.co.in> Cc: Ye Ting <ting.ye@intel.com> Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com> Reviewed-by: Karunakar p <karunakarp@amiindia.co.in>
Laszlo Ersek [Tue, 10 Oct 2017 11:44:16 +0000 (13:44 +0200)]
MdeModulePkg/Variable/RuntimeDxe: delete & lock MOR in the absence of SMM
VariableRuntimeDxe deletes and locks the MorLock variable in
MorLockInit(), with the argument that any protection provided by MorLock
can be circumvented if MorLock can be overwritten by unprivileged code
(i.e., outside of SMM).
Extend the argument and the logic to the MOR variable, which is supposed
to be protected by MorLock. Pass Attributes=0 when deleting MorLock and
MOR both.
This change was suggested by Star; it is inspired by earlier VariableSmm
commit fda8f631edbb ("MdeModulePkg/Variable/RuntimeDxe: delete and lock
OS-created MOR variable", 2017-10-03).
Cc: Eric Dong <eric.dong@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Star Zeng <star.zeng@intel.com> Suggested-by: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Star Zeng <star.zeng@intel.com>
Eric Dong [Mon, 23 Oct 2017 07:02:36 +0000 (15:02 +0800)]
UefiCpuPkg/MpInitLib: Enhance waiting for AP initialization logic.
Current logic always waiting for a specific value to collect all APs
count. This logic may caused some platforms cost too much time to
wait for time out.
This patch add new logic to collect APs count. It adds new variable
NumApsExecuting to detect whether all APs have finished initialization.
Each AP let NumApsExecuting++ when begin to initialize itself and let
NumApsExecuting-- when it finish the initialization. BSP base on whether
NumApsExecuting == 0 to finished the collect AP process.
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Jeff Fan <vanjeff_919@hotmail.com>
Eric Dong [Mon, 23 Oct 2017 06:45:44 +0000 (14:45 +0800)]
UefiCpuPkg/MpInitLib: Change AP Index variable name.
Original AP index variable name not well express the meaning
of the variable. Also this name is better used in later patch.
So change the variable name for better understanding.
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Jeff Fan <vanjeff_919@hotmail.com>
Peter Jones [Fri, 20 Oct 2017 15:10:18 +0000 (23:10 +0800)]
CryptoPkg/BaseCryptLib: remove some duplicate initializations.
clang-analyzer noticed this:
Pk/CryptPkcs7Verify.c:600:5: warning: Value stored to 'OldSize' is never read
OldSize = BufferSize;
^ ~~~~~~~~~~
Pk/CryptPkcs7Verify.c:644:5: warning: Value stored to 'OldSize' is never read
OldSize = BufferSize;
^ ~~~~~~~~~~
2 warnings generated.
These are each immediately followed by a loop that initializes them (to
the same values) a second time, and are otherwise only referenced inside
that loop, so there's just no point to these assignments at all.
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Peter Jones <pjones@redhat.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Long Qin <qin.long@intel.com>
Ard Biesheuvel [Fri, 20 Oct 2017 13:30:11 +0000 (14:30 +0100)]
EmbeddedPkg: add driver to set graphical/serial console preference
Linux on ARM/arm64 will infer from the presence of a /chosen/stdout-path
DT property or of a SPCR ACPI table that the primary console is the serial
port, even if a graphical console is available as well.
So let's introduce a driver that allows the user to set a preference
between graphical and serial if both are available. If the preference
is set to 'Graphical', and any GOP protocol instances have been installed
by the time the ReadyToBoot event is signalled, remove the DT property
and/or the SPCR table entirely.
The patch firstly updated the Bridge->Alignment to the maximum
alignment of all devices under the bridge, then aligned the
Bridge->Length to Bridge->Alignment.
It caused too much resources were claimed.
The new patch firstly aligns Bridge->Length to Bridge->Alignment,
then updates the Bridge->Alignment to the maximum alignment of all
devices under the bridge.
Because the step to update the Bridge->Alignment is to make sure
the resource allocated to the bus under the Bridge meets all
devices alignment. But the Bridge->Length doesn't have to align
to the maximum alignment.
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com>
Ruiyu Ni [Mon, 23 Oct 2017 05:11:40 +0000 (13:11 +0800)]
UefiCpuPkg/MtrrLib: Use SetMem instead of SetMem64 to fix hang
ClearMasks and OrMasks are not 8-byte aligned.
But SetMem64 requires the input address is 8-byte aligned.
If the input is not 8-byte aligned, assertion is hit.
Use SetMem instead.
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com>
Ruiyu Ni [Thu, 19 Oct 2017 06:14:33 +0000 (14:14 +0800)]
ShellPkg/editor: Fix system hang when console max column > 200
EditorClearLine() assumes the console max column is less than 200.
When the max column is bigger than 200, the code incorrectly
modifies the content out side of Line buffer.
It may cause system hang or reset.
The patch changes the function to print several times when
the max column is bigger than 200.
Fu Siyuan [Tue, 17 Oct 2017 13:05:59 +0000 (21:05 +0800)]
NetworkPkg: Remove ping6 and ifconfig shell application.
Edk2 has duplicated ping6/ifconfig6 implementation in NetworkPkg and ShellPkg.
The usage and parameter format of these 2 versions are exactly same. These two
commands have been added to Shell specification so the copy under
ShellPkg\Library\UefiShellNetwork2CommandsLib\
will be actively maintained in future.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com>
Ruiyu Ni [Thu, 19 Oct 2017 02:43:08 +0000 (10:43 +0800)]
UefiCpuPkg/MtrrLib: Fix bug that may incorrectly set <1MB attribute
MtrrLibSetBelow1MBMemoryAttribute() may be called multiple times.
It's possible that in a 2nd call, Modified[0] is set to TRUE in
1st call but ClearMasks[0] and OrMasks[0] is uninitialized in
2nd call. It causes FixedSettings->Mtrr[0] be set to random
data.
The patch fixes this issue by introducing a local Modified[]
array and only updates FixedSettings->Mtrr[] when LocalModified[i]
is TRUE.
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
Eric Dong [Thu, 19 Oct 2017 02:40:16 +0000 (10:40 +0800)]
UefiCpuPkg/MpInitLib: Avoid call PcdGet* in Ap & Bsp.
MicrocodeDetect function will run by every threads, and it will
use PcdGet to get PcdCpuMicrocodePatchAddress and
PcdCpuMicrocodePatchRegionSize, if change both PCD default to dynamic,
system will in non-deterministic behavior.
By design, UEFI/PI services are single threaded and not re-entrant
so Multi processor code should not use UEFI/PI services. Here, Pcd
protocol/PPI is used to access dynamic PCDs so it would result in
non-deterministic behavior.
This code get PCD value in BSP and save them in CPU_MP_DATA for Ap.
chenc2 [Wed, 18 Oct 2017 06:23:45 +0000 (14:23 +0800)]
SecurityPkg/SecureBootConfigDxe: Handle lack of STR_SIGNATURE_* tokens
Add check to avoid NULL ptr dereference. The function HiiGetString
will return NULL pointer when the platform does not install the
appropriate string or call HiiGetString fail.(For example, HII not
support specified language.)
Laszlo Ersek [Tue, 17 Oct 2017 21:29:33 +0000 (23:29 +0200)]
OvmfPkg: fix dynamic default for oprom verification policy PCD without SB
I missed the following, both while reviewing and while testing commit 6041ac65ae87 ("OvmfPkg/PlatformPei: DENY_EXECUTE_ON_SECURITY_VIOLATION
when SEV is active", 2017-10-05):
If "-D SECURE_BOOT_ENABLE" is not passed on the "build" command line, then
OVMF has no dynamic default at all for
"PcdOptionRomImageVerificationPolicy". This means that the PcdSet32S()
call added in the subject commit doesn't even compile:
> OvmfPkg/PlatformPei/AmdSev.c: In function 'AmdSevInitialize':
> OvmfPkg/PlatformPei/AmdSev.c:67:3: error: implicit declaration of
> function '_PCD_SET_MODE_32_S_PcdOptionRomImageVerificationPolicy'
> [-Werror=implicit-function-declaration]
> PcdStatus = PcdSet32S (PcdOptionRomImageVerificationPolicy, 0x4);
> ^
> cc1: all warnings being treated as errors
Make the current, SB-only, 0x00 dynamic default unconditional.
This is the simplest approach, and it reflects the intent of original
commit 1fea9ddb4e3f ("OvmfPkg: execute option ROM images regardless of
Secure Boot", 2016-01-07). Without SECURE_BOOT_ENABLE,
"SecurityPkg/Library/DxeImageVerificationLib" is not used anyway, so the
PCD is never read.
This issue was first caught and reported by Gerd Hoffmann
<kraxel@redhat.com>'s Jenkins CI. Later it was also reported in
<https://bugzilla.tianocore.org/show_bug.cgi?id=737>.
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Jordan Justen <jordan.l.justen@intel.com> Fixes: 6041ac65ae879389f3ab5c0699f916d3e71c97fe
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Laszlo Ersek <lersek@redhat.com>
[lersek@redhat.com: trim commit message as suggested by Jordan] Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
[lersek@redhat.com: add reference to TianoCore BZ#737]
Long Qin [Thu, 12 Oct 2017 01:12:42 +0000 (09:12 +0800)]
SecurityPkg/Pkcs7Verify: Add the comments to address security problem
Add the comments to address security problems in the Pkcs7Verify Protocol
per UEFI 2.7 updates.
The Pkcs7Verifier function VerifySignature() has problematic use cases
where it might be used to unwittingly bypass security checks. The specific
problem is that if the supplied hash is a different algorithm from the
blacklist hash, the hash will be approved even if it should have been
denied. The added comments place a strong warning about the problem.
It is possible to use the protocol reliably, either by agreeing a hash to
use for all time (like sha256) or by looping over all supported hashes when
using the protocol.
BaseTools/BuildEnv: override "set -C" (noclobber) in sourcing shell env
The BuildEnv utility is sourced (executed by the user's interactive shell)
when the user sets up the build session. Some users like to set -C
(noclobber) for some additional safety in their shells, which trips up
BuildEnv. Update the redirection operator so that it overrides noclobber.
Laszlo Ersek [Tue, 17 Oct 2017 18:54:00 +0000 (20:54 +0200)]
SecurityPkg/AuthVariableLib: fix GCC build error
Commit 53c6ff180327 ("SecurityPkg:AuthVariableLib:Implement ECR1707 for
Private Auth Variable", 2017-09-12) introduced the following build
failure under several GCC toolchain versions:
> SecurityPkg/Library/AuthVariableLib/AuthService.c: In function
> 'CalculatePrivAuthVarSignChainSHA256Digest':
> SecurityPkg/Library/AuthVariableLib/AuthService.c:1567:58: error:
> pointer targets in passing argument 3 of 'X509GetCommonName' differ in
> signedness [-Werror=pointer-sign]
> Status = X509GetCommonName(SignerCert, SignerCertSize, CertCommonName, &CertCommonNameSize);
> ^~~~~~~~~~~~~~
> In file included from
> SecurityPkg/Library/AuthVariableLib/AuthServiceInternal.h:34:0,
> from
> SecurityPkg/Library/AuthVariableLib/AuthService.c:32:
> CryptoPkg/Include/Library/BaseCryptLib.h:2202:1: note: expected 'CHAR8 *
> {aka char *}' but argument is of type 'UINT8 * {aka unsigned char *}'
> X509GetCommonName (
> ^~~~~~~~~~~~~~~~~
> cc1: all warnings being treated as errors
Fix it by changing the type of "CertCommonName" to array-of-CHAR8.
Locations where "CertCommonName" is used in the
CalculatePrivAuthVarSignChainSHA256Digest() function:
- it is taken the size of -- not impacted by this patch;
- passed to X509GetCommonName() as an argument -- the patch fixes the
build error;
- passed to Sha256Update() as argument for "IN CONST VOID *Data" -- not
impacted by the patch;
- passed to AsciiStrLen() as argument -- drop the now-superfluous explicit
cast.
Since we are touching the Sha256Update() function call, fix the coding
style too:
- the line is overlong, so break each argument to its own line;
- insert a space between "AsciiStrLen" and the opening paren "(".
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Gary Lin <glin@suse.com> Cc: Leif Lindholm <leif.lindholm@linaro.org> Cc: Long Qin <qin.long@intel.com> Reported-by: Gary Lin <glin@suse.com> Suggested-by: Gary Lin <glin@suse.com> Suggested-by: Long Qin <qin.long@intel.com> Fixes: 53c6ff18032737fabb644a9e0c781d91a6830248
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
Brijesh Singh [Thu, 5 Oct 2017 20:16:42 +0000 (15:16 -0500)]
OvmfPkg/PlatformPei: DENY_EXECUTE_ON_SECURITY_VIOLATION when SEV is active
The following commit:
1fea9ddb4e3f OvmfPkg: execute option ROM images regardless of Secure Boot
sets the OptionRomImageVerificationPolicy to ALWAYS_EXECUTE the expansion
ROMs attached to the emulated PCI devices. A expansion ROM constitute
another channel through which a cloud provider (i.e hypervisor) can
inject a code in guest boot flow to compromise it.
When SEV is enabled, the bios code has been verified by the guest owner
via the SEV guest launch sequence before its executed. When secure boot,
is enabled, lets make sure that we do not allow guest bios to execute a
code which is not signed by the guest owner.
Brijesh Singh [Thu, 5 Oct 2017 20:16:41 +0000 (15:16 -0500)]
SecurityPkg: make PcdOptionRomImageVerificationPolicy dynamic
By default the image verification policy for option ROM images is 0x4
(DENY_EXECUTE_ON_SECURITY_VIOLATION) but the following OvmfPkg commit:
1fea9ddb4e3f OvmfPkg: execute option ROM images regardless of Secure Boot
set it to 0x0 (ALWAYS_EXECUTE). This is fine because typically option
ROMs comes from host-side and most of the time cloud provider (i.e
hypervisor) have full access over a guest anyway. But when secure boot
is enabled, we would like to deny the execution of option ROM when
SEV is active. Having dynamic Pcd will give us flexibility to set the
security policy at the runtime.
Fixes: https://bugzilla.tianocore.org/show_bug.cgi?id=728 Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Tom Lendacky <thomas.lendacky@amd.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Long Qin <qin.long@intel.com>
chenc2 [Tue, 17 Oct 2017 08:45:06 +0000 (16:45 +0800)]
SecurityPkg/SecureBootConfigDxe: Change the declaring of buffer.
The change doesn't impact the functionality.
To avoid magic code is helpful for maintaining the codes.
Use stack variable for known max length variable is more
clear and safe than heap buffer.
Dandan Bi [Mon, 16 Oct 2017 03:37:08 +0000 (11:37 +0800)]
Security/OpalHii.c: Handle NULL Request or Request with no elements
According to UEFI spec, for the ExtractConfig function in
EFI_HII_CONFIG_ACCESS_PROTOCOL,If a NULL is passed in for the Request
field or if a ConfigHdr is passed in with no request elements, all of
the settings being abstracted by this function will be returned in the
Results field.
The implementation of ExtractConfig function in OpalHii.c misses to
handle above cases.This patch is to do the enhancements.
Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Eric Dong <eric.dong@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Dandan Bi <dandan.bi@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com>
Ruiyu Ni [Tue, 17 Oct 2017 01:46:27 +0000 (09:46 +0800)]
UefiCpuPkg/MtrrLib: Fix MtrrDebugPrintAllMtrrsWorker to avoid hang
ARRAY_SIZE(Mtrrs->Variables.Mtrr) was used in
MtrrDebugPrintAllMtrrsWorker() to parse the MTRR registers.
Instead, the actual variable MTRR count should be used.
Otherwise, the uninitialized random data in MtrrSetting may cause
MtrrLibSetMemoryType() hang.
Steven Shi found this bug in QEMU when using Q35 chip.
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Steven Shi <steven.shi@intel.com> Cc: Laszlo Ersek <lersek@redhat.com>
Ruiyu Ni [Mon, 16 Oct 2017 07:30:23 +0000 (15:30 +0800)]
ShellPkg/UefiShellLib: Use a more bright blue/green color
Some developers/QAs complain the color of directory or executable
files is hard to see and suggest to use a more bright color.
I agree with this suggestion so make this patch.
The look and feel is much better now.
Yonghong Zhu [Fri, 13 Oct 2017 02:47:24 +0000 (10:47 +0800)]
BaseTools: Fix a bug Build directory should relative to WORKSPACE
The bug is for build output files it still use mws.join function, it
cause maybe we will get the build output files in the PACKAGES_PATH
because mws.join will try WORKSPACE first, if the file doesn't exist
then try PACKAGES_PATH. But for build output, we expected it should
relative to WORKSPACE.
Ruiyu Ni [Wed, 27 Sep 2017 09:56:41 +0000 (17:56 +0800)]
UefiCpuPkg/MtrrLib: Update algorithm to calculate optimal settings
The new algorithm converts the problem calculating optimal
MTRR settings (using least MTRR registers) to the problem finding
the shortest path in a graph.
The memory required in extreme but rare case can be up to 256KB,
so using local stack buffer is impossible considering current
DxeIpl only allocates 128KB stack.
The patch changes existing MtrrSetMemoryAttributeInMtrrSettings() and
MtrrSetMemoryAttribute() to use the 4-page stack buffer for
calculation. The two APIs return BUFFER_TOO_SMALL when the buffer
is too small for calculation.
The patch adds a new API MtrrSetMemoryAttribute*s*InMtrrSettings() to
set multiple-range attributes in one function call.
Since every call to MtrrSetMemoryAttributeInMtrrSettings (without-s)
or MtrrSetMemoryAttribute() requires to calculate the MTRRs for the
whole physical memory, combining multiple calls in one API can
significantly reduce the calculation time.
In theory, if N times of call to without-s API costs N seconds,
the new API only costs 1 second.
The new API uses the buffer supplied from caller to calculate
MTRRs and returns BUFFER_TOO_SMALL when the buffer is too small for
calculation.
Test performed:
1. Random test
a. Generate random memory settings, use the new algorithm to
calculate the MTRRs.
b. Read back the MTRRs and check the memory settings match
the desired memory settings.
c. Repeat the above #1 and #2 100000 times.
2. OVMF 32PEI + 64DXE boot to shell.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Eric Dong <eric.dong@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
The patch changes MtrrLibLeastAlignment() to
MtrrLibBiggestAlignment() and optimizes the implementation
to be more efficient.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Eric Dong <eric.dong@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
projects / mirror_edk2.git / log