Add directory for the Mergify YML configuration files that
provides rules and actions used to process a pull request.
* Auto commit a PR from EDK II Maintainer with 'push' label
set and all CI checks pass
* Auto close a PR from any developers without 'push' label
set and all CI checks pass.
* Auto close a PR from a non EDK II Maintainer that has
the 'push' label set.
* Post a comment to a PR that has a merge conflict.
Submitter can resolved conflicts and reopen the PR.
* Post a comment to a PR that fails PatchCheck.py
Submitter can resolve PatchCheck.py issues and
reopen the PR.
Cc: Liming Gao <liming.gao@intel.com> Cc: Sean Brogan <sean.brogan@microsoft.com> Cc: Bret Barkelew <Bret.Barkelew@microsoft.com> Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com>
Add main python script for EDK II Continuous Integration (CI)
builds along with a Readme.md that provides a summary of the
packages, platforms, and checks performs during a CI build.
Cc: Sean Brogan <sean.brogan@microsoft.com> Cc: Bret Barkelew <Bret.Barkelew@microsoft.com> Cc: Liming Gao <liming.gao@intel.com> Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com>
Use BaseCryptLibNull for package CI builds to reduce package
build times. Enabled with PYTOOL_CONTINUOUS_INTEGRATION in YAML
files. By default PYTOOL_CONTINUOUS_INTEGRATION is not defined,
and the original lib mappings are preserved.
Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com>
Add YAML file to the package directory with the
configuration of the checks to perform during a
CI build.
Cc: Eric Dong <eric.dong@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com> Acked-by: Laszlo Ersek <lersek@redhat.com> Acked-by: Ray Ni <ray.ni@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com>
Add YAML file to the package directory with the
configuration of the checks to perform during a
CI build.
Cc: Ray Ni <ray.ni@intel.com> Cc: Zhichao Gao <zhichao.gao@intel.com> Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com> Acked-by: Zhichao Gao <zhichao.gao@intel.com> Acked-by: Ray Ni <ray.ni@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com>
Add YAML file to the package directory with the
configuration of the checks to perform during a
CI build.
Use BaseCryptLibNull for package CI builds to reduce package
build times. Enabled with CONTINUOUS_INTEGRATION in YAML
files. By default CONTINUOUS_INTEGRATION is not defined,
and the original lib mappings are preserved.
Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
Add YAML file to the package directory with the
configuration of the checks to perform during a
CI build.
Cc: Ray Ni <ray.ni@intel.com> Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com> Acked-by: Ray Ni <ray.ni@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com>
Add YAML file to the package directory with the
configuration of the checks to perform during a
CI build.
Use BaseCryptLibNull and TlsLibNull for package CI
builds to reduce package build times. Enabled with
CONTINUOUS_INTEGRATION in YAML files. By default
CONTINUOUS_INTEGRATION is not defined, and the
original lib mappings are preserved.
Cc: Jiaxin Wu <jiaxin.wu@intel.com> Cc: Siyuan Fu <siyuan.fu@intel.com> Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com>
Add YAML file to the package directory with the
configuration of the checks to perform during a
CI build.
Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Hao A Wu <hao.a.wu@intel.com> Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Hao A Wu <hao.a.wu@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com>
Add YAML file to the package directory with the
configuration of the checks to perform during a
CI build.
Use BaseCryptLibNull for package CI builds to reduce package
build times. Enabled with CONTINUOUS_INTEGRATION in YAML
files. By default CONTINUOUS_INTEGRATION is not defined,
and the original lib mappings are preserved.
Cc: Liming Gao <liming.gao@intel.com> Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com>
Add YAML file to the package directory with the
configuration of the checks to perform during a
CI build.
Cc: Ray Ni <ray.ni@intel.com> Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com> Acked-by: Ray Ni <ray.ni@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com>
Add .pytool directory to the edk2 repository with the
following plugins. These plugins are in a top level
directory because that can be used with all packages
and platforms.
Add the following plugins that are required to support
EDK II Continuous Integration (CI) builds. These plugins
are added to BaseTools because that support EDK II BaseTools
features.
Add use of RC_PATH define that provides the path to the resource
compiler that is typically provided in a Windows SDK. The path
changes with different Windows SDK releases. This define is set
to the WINSDK_PATH_FOR_RC_EXE environment variable. This
environment variable must be set to the path to the currently
installed resource compiler (rc.exe).
Update set_vsprefix_envs.bat to set WINSDK_PATH_FOR_RC_EXE
if a Windows SDK is detected.
Cc: Bob Feng <bob.c.feng@intel.com> Cc: Liming Gao <liming.gao@intel.com> Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com>
Update .gitignore to ignore .pyc files and __pycache__
directories. Python based plugins can be added to any
package or platform, so these files and directories may
be present outside of BaseTools.
Ignore _extdep directories that are generated by the
pytool external dependency feature.
Ignore .vscode directories generated by the VS Code
editor.
Leif Lindholm [Tue, 29 Oct 2019 01:54:36 +0000 (09:54 +0800)]
Readme.md: remove positional references from submodule description
Remove references to the number of submodules in the tree, as well as
reword the referring to specific submodules as "former" and "previous".
This means we won't need to keep updating the surrounding text if we
add/remove submodules.
Cc: Andrew Fish <afish@apple.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Whenever a PCI device is discovered, PCI bus calls the
EDKII_DEVICE_SECURITY_PROTOCOL to authenticate it.
If the function returns success, the PCI bus allocates
the resource and installs the PCI_IO for the device.
If the function returns fail, the PCI bus skips the device.
It is similar to EFI_SECURITY_ARCH_PROTOCOL, which
is used to verify an EFI image.
Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Hao A Wu <hao.a.wu@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Yun Lou <yun.lou@intel.com> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Ray Ni <ray.ni@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Hao A Wu <hao.a.wu@intel.com> Cc: Yun Lou <yun.lou@intel.com> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed by: Ray Ni <ray.ni@intel.com>
EDKII_DEVICE_SECURITY_PROTOCOL is used for device
measurement and/or authentication.
It is similar to EFI_SECURITY_ARCH_PROTOCOL.
Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Hao A Wu <hao.a.wu@intel.com> Cc: Yun Lou <yun.lou@intel.com> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed by: Ray Ni <ray.ni@intel.com>
Jian J Wang [Wed, 6 Nov 2019 21:13:33 +0000 (21:13 +0000)]
MdeModulePkg/Core/Dxe: free page 0 after disabling NULL pointer detection
To solve access issue reported by BZ1885, page 0 will be allocated to
avoid misuses if NULL pointer detection is enabled. It should be better
to be freed after EndOfDxe if BIT7 of PcdNullPointerDetectionPropertyMask
is set, because NULL pointer detection is no longer available after
EndOfDxe and there will be no access conflict.
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1885 Cc: Dandan Bi <dandan.bi@intel.com> Cc: Liming Gao <liming.gao@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Hao A Wu <hao.a.wu@intel.com> Cc: Sean Brogan <sean.brogan@microsoft.com> Signed-off-by: Jian J Wang <jian.j.wang@intel.com> Reviewed-by: Ray Ni <ray.ni@intel.com>
Jian J Wang [Wed, 6 Nov 2019 21:13:32 +0000 (21:13 +0000)]
MdeModulePkg/DxeIplPeim: reserve page 0 for NULL pointer detection
When a boot loader examines the memory map, it can see that location 0
is available memory. If it chooses to use that memory, and
PcdNullPointerDetectionPropertyMask is enabled, use of memory in page 0
will cause an exception. This does occur when running the memtest86
program.
Leaving page 0 available is for legacy support purpose. Since we have
deprecated the support of legacy, the solution is just reserving it so
that it cannot be allocated for other uses.
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1885 Cc: Dandan Bi <dandan.bi@intel.com> Cc: Liming Gao <liming.gao@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Hao A Wu <hao.a.wu@intel.com> Cc: Sean Brogan <sean.brogan@microsoft.com> Signed-off-by: Jian J Wang <jian.j.wang@intel.com> Reviewed-by: Ray Ni <ray.ni@intel.com>
Ard Biesheuvel [Fri, 8 Nov 2019 07:58:15 +0000 (08:58 +0100)]
BaseTools/GenFw AARCH64: disregard ADRP instructions that are patched already
In order to permit the use of compilers that only implement the small
code model [which involves the use of ADRP instructions that require
4 KB segment alignment] for generating PE/COFF binaries with a small
footprint, we patch ADRP instructions into ADR instructions while doing
the ELF to PE/COFF conversion.
As it turns out, the linker may be doing the same, but for different
reasons: there is a silicon erratum #843419 for ARM Cortex-A53 which
affects ADRP instructions appearing at a certain offset in memory, and
one of the mitigations for this erratum is to patch them into ADR
instructions at link time if the symbol reference is within -/+ 1 MB.
However, the LD linker fails to update the static relocation tables, and
so we end up with an ADR instruction in the fully linked binary, but
with a relocation entry in the RELA section identifying it as an ADRP
instruction.
Since the linker has already updated the symbol reference, there is no
handling needed in GenFw for such instructions, and we can simply treat
it as an ordinary ADR. However, since it is guaranteed to be accompanied
by an add or load instruction with a LO12 relocation referencing the same
symbol, the section offset check we apply to ADR instructions is going to
take place anyway, so we can just disregard the ADR instruction entirely.
On some firmwares PlatformLang is set to the local language (e.g. ru-RU),
however there is no Unicode Collation protocol instance that supports it.
As for missing PlatformLang, fall back to the first found instance.
Cc: Ray Ni <ray.ni@intel.com> Cc: Zhichao Gao <zhichao.gao@intel.com> Reviewed-by: Zhichao Gao <zhichao.gao@intel.com> Signed-off-by: Marvin Haeuser <mhaeuser@outlook.de>
RAID drivers abstract their physical drives that make up
the array into a single unit, and do not supply individual
EFI_BLOCK_IO_PROTOCOL instances for each physical drive in the array.
This breaks support for the Security Storage Command Protocol,
which currently requires an EFI_BLOCK_IO_PROTOCOL to be associated
with the same device the protocol is installed on and provide
all the same parameters.
This patch remove dependency on EFI_BLOCK_IO_PROTOCOL and
allows access to Opal drive members of a RAID array.
Signed-off-by: Maggie Chu <maggie.chu@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com>
Michael Kubacki [Mon, 14 Oct 2019 23:15:08 +0000 (16:15 -0700)]
MdeModulePkg: Enable variable runtime cache by default
This change enables the variable runtime cache by default by setting
gEfiMdeModulePkgTokenSpaceGuid.PcdEnableVariableRuntimeCache in
MdeModulePkg.dec to TRUE.
Cc: Dandan Bi <dandan.bi@intel.com> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Eric Dong <eric.dong@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Liming Gao <liming.gao@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Hao A Wu <hao.a.wu@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Jian J Wang <jian.j.wang@intel.com> Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
Michael Kubacki [Mon, 14 Oct 2019 17:14:24 +0000 (10:14 -0700)]
OvmfPkg: Disable variable runtime cache
Sets gEfiMdeModulePkgTokenSpaceGuid.PcdEnableVariableRuntimeCache
to FALSE in OvmfPkgIa32.dsc, OvmfPkgIa32X64.dsc, and OvmfPkgX64.dsc
so that when SMM_REQUIRE is TRUE, the SMM variable driver will not
use the runtime variable cache.
This is done for OvmfPkg because it currently depends upon a SMM
variable GetVariable ()implementation as a simple method to exercise
the SMM driver stack. This allows the following commands to be used
for variables such as Boot####, BootOrder, and BootNext to test SMM
timing and stability differences on the BSP (e.g. CPU#0) vs an
AP (e.g. CPU#1).
# taskset -c 0 efibootmgr
# taskset -c 1 efibootmgr
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Liming Gao <liming.gao@intel.com> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Hao A Wu <hao.a.wu@intel.com> Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
This change implements the Runtime Service GetNextVariableName()
using the runtime cache in VariableSmmRuntimeDxe. Runtime Service
calls to GetNextVariableName() will no longer trigger a SW SMI
when gEfiMdeModulePkgTokenSpaceGuid.PcdEnableVariableRuntimeCache
is set to TRUE (default value).
Overall system performance and stability will be improved by
eliminating an SMI for these calls as they typically result in a
relatively large number of invocations to retrieve all variable
names in all variable stores present.
Cc: Dandan Bi <dandan.bi@intel.com> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Eric Dong <eric.dong@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Liming Gao <liming.gao@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Hao A Wu <hao.a.wu@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com> Reviewed-by: Jian J Wang <jian.j.wang@intel.com> Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
This change reduces SMIs for GetVariable () by maintaining a
UEFI variable cache in Runtime DXE in addition to the pre-
existing cache in SMRAM. When the Runtime Service GetVariable()
is invoked, a Runtime DXE cache is used instead of triggering an
SMI to VariableSmm. This can improve overall system performance
by servicing variable read requests without rendezvousing all
cores into SMM.
The runtime cache can be disabled with by setting the FeaturePCD
gEfiMdeModulePkgTokenSpaceGuid.PcdEnableVariableRuntimeCache
to FALSE. If the PCD is set to FALSE, the runtime cache will not be
used and an SMI will be triggered for Runtime Service
GetVariable () and GetNextVariableName () invocations.
The following are important points regarding the behavior of the
variable drivers when the variable runtime cache is enabled.
1. All of the non-volatile storage contents are loaded into the
cache upon driver load. This one time load operation from storage
is preferred as opposed to building the cache on demand. An on-
demand cache would require a fallback SMI to load data into the
cache as variables are requested.
2. SetVariable () requests will continue to always trigger an SMI.
This occurs regardless of whether the variable is volatile or
non-volatile.
3. Both volatile and non-volatile variables are cached in a runtime
buffer. As is the case in the current EDK II variable driver, they
continue to be cached in separate buffers.
4. The cache in Runtime DXE and SMM are intended to be exact copies
of one another. All SMM variable accesses only return data from the
SMM cache. The runtime caches are only updated after the variable I/O
operation is successful in SMM. The runtime caches are only updated
from SMM.
5. Synchronization mechanisms are in place to ensure the runtime cache
content integrity with the SMM cache. These may result in updates to
runtime cache that are the same in content but different in offset and
size from updates to the SMM cache.
When using SMM variables with runtime cache enabled, two caches will now
be present.
1. "Runtime Cache" - Maintained in VariableSmmRuntimeDxe. Used to service
Runtime Services GetVariable () and GetNextVariableName () callers.
2. "SMM Cache" - Maintained in VariableSmm to service SMM GetVariable ()
and GetNextVariableName () callers.
a. This cache is retained so SMM modules do not operate on data outside
SMRAM.
Because a race condition can occur if an SMI occurs during the execution
of runtime code reading from the runtime cache, a runtime cache read lock
is introduced that explicitly moves pending updates from SMM to the runtime
cache if an SMM update occurs while the runtime cache is locked. Note that
it is not expected a Runtime services call will interrupt SMM processing
since all CPU cores rendezvous in SMM.
It is possible to view UEFI variable read and write statistics by setting
the gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics FeaturePcd
to TRUE and using the VariableInfo UEFI application in MdeModulePkg to dump
variable statistics to the console. By doing so, a user can view the number
of GetVariable () hits from the Runtime DXE variable driver (Runtime Cache
hits) and the SMM variable driver (SMM Cache hits). SMM Cache hits for
GetVariable () will occur when SMM modules invoke GetVariable ().
Cc: Dandan Bi <dandan.bi@intel.com> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Eric Dong <eric.dong@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Liming Gao <liming.gao@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Hao A Wu <hao.a.wu@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com> Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
The current VariableInfo application only checks for variable
statistics from SMM if the variable information entries are
not present in the UEFI System Configuration table as published
by the DXE UEFI variable driver (VariableRuntimeDxe).
This change first checks for variable information entries in the
UEFI System Configuration but always checks for entries in SMM
as well. If the SMM variable driver is not present, an instance of
EFI_SMM_VARIABLE_PROTOCOL will not be found and the search for
SMM variable statistics will be aborted (an SW SMI to get variable
statistics will not be triggered).
In the case variable statistics are provided by both a Runtime DXE
driver (e.g. VariableSmmRuntimeDxe) and a SMM driver (VariableSmm),
this change will clearly identify statistics from each respective
driver.
Cc: Dandan Bi <dandan.bi@intel.com> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Eric Dong <eric.dong@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Liming Gao <liming.gao@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Hao A Wu <hao.a.wu@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com> Reviewed-by: Jian J Wang <jian.j.wang@intel.com> Acked-by: Hao A Wu <hao.a.wu@intel.com>
Michael Kubacki [Fri, 27 Sep 2019 22:34:14 +0000 (15:34 -0700)]
MdeModulePkg/Variable: Add a file for NV variable functions
This change adds a dedicated file for variable operations specific
to non-volatile variables. This decreases the overall length of the
relatively large Variable.c file.
Cc: Dandan Bi <dandan.bi@intel.com> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Eric Dong <eric.dong@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Liming Gao <liming.gao@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Hao A Wu <hao.a.wu@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com> Reviewed-by: Jian J Wang <jian.j.wang@intel.com> Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
Michael Kubacki [Fri, 27 Sep 2019 22:18:42 +0000 (15:18 -0700)]
MdeModulePkg/Variable: Parameterize auth status in VariableParsing
The file VariableParsing.c provides generic functionality related
to parsing variable related structures and information. In order to
calculate offsets for certain operations, the functions must know if
authenticated variables are enabled as this increases the size of
variable headers.
This change removes linking against a global variable in an external file
in favor of passing the authenticated variable status as a parameter to
the variable parsing functions.
Cc: Dandan Bi <dandan.bi@intel.com> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Eric Dong <eric.dong@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Liming Gao <liming.gao@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Hao A Wu <hao.a.wu@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com> Reviewed-by: Jian J Wang <jian.j.wang@intel.com> Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
UpdateVariableInfo () currently accepts parameters regarding updates
to be made to a global variable of type VARIABLE_INFO_ENTRY. This
change passes the structure by pointer to UpdateVariableInfo ()
so structures other than the fixed global variable can be updated.
Cc: Dandan Bi <dandan.bi@intel.com> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Eric Dong <eric.dong@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Liming Gao <liming.gao@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Hao A Wu <hao.a.wu@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com> Reviewed-by: Jian J Wang <jian.j.wang@intel.com> Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
The majority of logic related to GetNextVariableName () is currently
implemented in VariableServiceGetNextVariableInternal (). The list
of variable stores to search for the given variable name and variable
GUID is defined in the function body. This change adds a new parameter
so that the caller must pass in the list of variable stores to be used
in the variable search.
Cc: Dandan Bi <dandan.bi@intel.com> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Eric Dong <eric.dong@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Liming Gao <liming.gao@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Hao A Wu <hao.a.wu@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com> Reviewed-by: Jian J Wang <jian.j.wang@intel.com> Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
Michael Kubacki [Tue, 24 Sep 2019 00:32:07 +0000 (17:32 -0700)]
MdeModulePkg/Variable: Consolidate common parsing functions
This change moves the following functions into a dedicated file
so they may be used in other variable files as needed. These are
commonly needed for basic variable data structure parsing
operations. The functions are grouped together in VariableParsing.c
to support cohesiveness for these operations in the file.
Furthermore, it reduces the overall size of the common Variable.c
file.
Cc: Dandan Bi <dandan.bi@intel.com> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Eric Dong <eric.dong@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Liming Gao <liming.gao@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Hao A Wu <hao.a.wu@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com> Reviewed-by: Jian J Wang <jian.j.wang@intel.com> Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
Before called by GetBufferForValue(), Value has already been called
function IsTypeInBuffer to make sure the value must be buffer type.
So GetBufferForValue can not return NULL.
This commit adds ASSERT to assume (GetBufferForValue (&Value) is not
NULL.
Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Hao A Wu <hao.a.wu@intel.com> Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com> Reviewed-by: Dandan Bi <dandan.bi@intel.com>
Shenglei Zhang [Mon, 21 Oct 2019 07:53:42 +0000 (15:53 +0800)]
CryptoPkg: Upgrade OpenSSL to 1.1.1d
Upgrade openssl from 1.1.1b to 1.1.1d.
Something needs to be noticed is that, there is a bug existing in the
released 1_1_1d version(894da2fb7ed5d314ee5c2fc9fd2d9b8b74111596),
which causes build failure. So we switch the code base to a usable
version, which is 2 commits later than the stable tag.
Now we use the version c3656cc594daac8167721dde7220f0e59ae146fc.
This log is to fix the build failure.
https://bugzilla.tianocore.org/show_bug.cgi?id=2226
Besides, the absense of "DSO_NONE" in dso_conf.h causes build failure
in OvmfPkg. So update process_files.pl to generate information from
"crypto/include/internal/dso_conf.h.in".
shm.h and utsname.h are added to avoid GCC build failure.
Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Xiaoyu Lu <xiaoyux.lu@intel.com> Cc: Liming Gao <liming.gao@intel.com> Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com> Reviewed-by: Jian J Wang <jian.j.wang@intel.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Tested-by: Laszlo Ersek <lersek@redhat.com>
Ray Ni [Wed, 23 Oct 2019 06:54:57 +0000 (14:54 +0800)]
UefiCpuPkg/MpInitLib: Remove global variable X2ApicEnable
MpInitLib sets X2ApicEnable in two places.
1. CollectProcessorCount()
This function is called when MpInitLibInitialize() hasn't been
called before.
It sets X2ApicEnable and later in the same function it configures
all CPUs to operate in X2 APIC mode.
2. MpInitLibInitialize()
The X2ApicEnable setting happens when this function is called in
second time. But after that setting, no code consumes that flag.
With the above analysis and with the purpose of simplifying the code,
the X2ApicEnable in #1 is changed to local variable and the #2 can be
changed to remove the setting of X2ApicEnable.
Signed-off-by: Ray Ni <ray.ni@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Ray Ni [Wed, 23 Oct 2019 06:23:38 +0000 (14:23 +0800)]
UefiCpuPkg/MpInitLib: Set X2ApicEnable flag from BSP
Today's logic sets X2ApicEnable flag in each AP's initialization
path when InitFlag == ApInitConfig.
Since all CPUs update the same global data, a spin-lock is used
to avoid modifications from multiple CPUs happen at the same time.
The spin-lock causes two problems:
1. Potential performance downgrade.
2. Undefined behavior when improper timer lib is used.
For example we saw certain platforms used AcpiTimerLib from
PcAtChipsetPkg and that library depends on retrieving PeiServices
from idtr. But in fact AP's (idtr - 4) doesn't point to
PeiServices.
The patch simplifies the code to let BSP set the X2ApicEnable flag so
the spin-lock acquisition from AP is not needed any more.
Signed-off-by: Ray Ni <ray.ni@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> Acked-by: Laszlo Ersek <lersek@redhat.com>
Currently, when 'ls' is run on an entirely empty directory (this
includes not having '.' and '..'), the output is always 'File not
found'. For when not filtering its children, this patch rather
displays the usual header and footer.
Cc: Ray Ni <ray.ni@intel.com> Cc: Zhichao Gao <zhichao.gao@intel.com> Signed-off-by: Marvin Haeuser <mhaeuser@outlook.de> Reviewed-by: Zhichao Gao <zhichao.gao@intel.com>
EFI_RUNTIME_SERVICES.GetTime() might return an unspecified Timezone,
such as when SetTime() has not been called after the RTC was cut off
power. Consider this case by not attempting Timezone translations for
when it is invalid.
Cc: Ray Ni <ray.ni@intel.com> Cc: Zhichao Gao <zhichao.gao@intel.com> Signed-off-by: Marvin Haeuser <mhaeuser@outlook.de> Reviewed-by: Zhichao Gao <zhichao.gao@intel.com>
Shenglei Zhang [Tue, 15 Oct 2019 02:06:42 +0000 (10:06 +0800)]
MdeModulePkg/UhciPei: Initialize the variable RequestMap
RequestMap is used but not Initialized.
RequestMap is called by UhciMapUserRequest, in which RequestMap(Map)
is called by IoMmuMap, and is finally called by IoMmu->Map.
We can not assume RequestMap is given an initial value at any step.
Cc: Hao A Wu <hao.a.wu@intel.com> Cc: Ray Ni <ray.ni@intel.com> Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com> Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
Shenglei Zhang [Wed, 9 Oct 2019 06:28:50 +0000 (14:28 +0800)]
MdeModulePkg/EhciPei: Initialize the variable Map
Map is used but not Initialized.
Map is called by IoMmuMap, in which Mapping(Map) is called by IoMmu->Map.
We can not assume Map is given an initial value at any step.
Cc: Hao A Wu <hao.a.wu@intel.com> Cc: Ray Ni <ray.ni@intel.com> Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com> Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
Shenglei Zhang [Tue, 15 Oct 2019 05:51:55 +0000 (13:51 +0800)]
MdeModulePkg/SdBlockIoPei: Add check for DeviceIndex
DeviceIndex is used as index in Slot[]. The max size of Slot[]
is SD_PEIM_MAX_SLOTS. So DeviceIndex should be checked before used.
Cc: Hao A Wu <hao.a.wu@intel.com> Cc: Ray Ni <ray.ni@intel.com> Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com> Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
Foreground and background color are saved in a single byte.
Bits 0..3 are the foreground color and bits 4..6 are the background color.
If the Private->Attribute defined correctly, (Private->Attribute >> 4)
must be less than 8.
This commit uses ASSERT to assume "Attribute >> 4" is less than 8.
Cc: Dandan Bi <dandan.bi@intel.com> Cc: Eric Dong <eric.dong@intel.com> Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com> Reviewed-by: Dandan Bi <dandan.bi@intel.com>
Shenglei Zhang [Tue, 15 Oct 2019 06:46:26 +0000 (14:46 +0800)]
MdeModulePkg/Oniguruma: Remove redundant IF statement
The if statement is not necessary, so keep it to edk2 style.
And this change has been merged to onigruma.
REF:https://github.com/kkos/oniguruma/pull/158
Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Hao A Wu <hao.a.wu@intel.com> Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com> Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
The current implementation of the FileHandleGetFileName() function
assumes that the Root directory always has the FileName '\0'.
However, the only requirement the UEFI specification defines is that
a prepended '\\' must be supported to access files and folders
relative to the Root directory.
This patch removes this assumption and supports constructing valid
paths for any value of FileName for the Root Directory.
In practice, this fixes compatibility issues with File System drivers
that report '\\' as the FileName of the Root directory, which
currently is both generating an invalid path ("\\\\") and resulting
in an EFI_NOT_FOUND result from the CurrentHandle->Open() call.
The second argument of "UnicodeVSPrintAsciiFormat" is "BufferSize",
which takes the size of the buffer in bytes. Replace the currently
used MAX_DEBUG_MESSAGE_LENGTH usage, which is the buffer's length,
with the actual buffer size.
Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Liming Gao <liming.gao@intel.com> Signed-off-by: Marvin Haeuser <mhaeuser@outlook.de> Reviewed-by: Liming Gao <liming.gao@intel.com>
The second argument of "UnicodeVSPrintAsciiFormat" is "BufferSize",
which takes the size of the buffer in bytes. Replace the currently
used MAX_DEBUG_MESSAGE_LENGTH usage, which is the buffer's length,
with the actual buffer size.
Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Liming Gao <liming.gao@intel.com> Signed-off-by: Marvin Haeuser <mhaeuser@outlook.de> Reviewed-by: Liming Gao <liming.gao@intel.com>
NetworkPkg/HttpDxe: Set the HostName for the verification (CVE-2019-14553)
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=960
CVE: CVE-2019-14553
Set the HostName by consuming TLS protocol to enable the host name
check so as to avoid the potential Man-In-The-Middle attack.
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Long Qin <qin.long@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> Acked-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20190927034441.3096-5-Jiaxin.wu@intel.com> Cc: David Woodhouse <dwmw2@infradead.org> Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Jiaxin Wu <jiaxin.wu@intel.com> Cc: Sivaraman Nainar <sivaramann@amiindia.co.in> Cc: Xiaoyu Lu <xiaoyux.lu@intel.com> Signed-off-by: Laszlo Ersek <lersek@redhat.com>
NetworkPkg/TlsDxe: Add the support of host validation to TlsDxe driver (CVE-2019-14553)
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=960
CVE: CVE-2019-14553
The new data type named "EfiTlsVerifyHost" and the
EFI_TLS_VERIFY_HOST_FLAG are supported in TLS protocol.
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Long Qin <qin.long@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> Acked-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20190927034441.3096-4-Jiaxin.wu@intel.com> Cc: David Woodhouse <dwmw2@infradead.org> Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Jiaxin Wu <jiaxin.wu@intel.com> Cc: Sivaraman Nainar <sivaramann@amiindia.co.in> Cc: Xiaoyu Lu <xiaoyux.lu@intel.com> Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Laszlo Ersek [Thu, 24 Oct 2019 19:17:36 +0000 (21:17 +0200)]
CryptoPkg/TlsLib: TlsSetVerifyHost: parse IP address literals as such (CVE-2019-14553)
Using the inet_pton() function that we imported in the previous patches,
recognize if "HostName" is an IP address literal, and then parse it into
binary representation. Passing the latter to OpenSSL for server
certificate validation is important, per RFC-2818
<https://tools.ietf.org/html/rfc2818#section-3.1>:
> In some cases, the URI is specified as an IP address rather than a
> hostname. In this case, the iPAddress subjectAltName must be present in
> the certificate and must exactly match the IP in the URI.
Note: we cannot use X509_VERIFY_PARAM_set1_ip_asc() because in the OpenSSL
version that is currently consumed by edk2, said function depends on
sscanf() for parsing IPv4 literals. In
"CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c", we only provide an
empty -- always failing -- stub for sscanf(), however.
Cc: David Woodhouse <dwmw2@infradead.org> Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Jiaxin Wu <jiaxin.wu@intel.com> Cc: Sivaraman Nainar <sivaramann@amiindia.co.in> Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=960
CVE: CVE-2019-14553 Suggested-by: David Woodhouse <dwmw2@infradead.org> Signed-off-by: Laszlo Ersek <lersek@redhat.com> Acked-by: Jian J Wang <jian.j.wang@intel.com> Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
For TianoCore BZ#1734, StdLib has been moved from the edk2 project to the
edk2-libc project, in commit 964f432b9b0a ("edk2: Remove AppPkg, StdLib,
StdLibPrivateInternalFiles", 2019-04-29).
We'd like to use the inet_pton() function in CryptoPkg. Resurrect the
"inet_pton.c" file from just before the StdLib removal, as follows:
$ git show \ 964f432b9b0a^:StdLib/BsdSocketLib/inet_pton.c \
> CryptoPkg/Library/BaseCryptLib/SysCall/inet_pton.c
The inet_pton() function is only intended for the DXE phase at this time,
therefore only the "BaseCryptLib" instance INF file receives the new file.
Cc: David Woodhouse <dwmw2@infradead.org> Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Jiaxin Wu <jiaxin.wu@intel.com> Cc: Sivaraman Nainar <sivaramann@amiindia.co.in> Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=960
CVE: CVE-2019-14553 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Jian J Wang <jian.j.wang@intel.com> Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
In a later patch in this series, we're going to resurrect "inet_pton.c"
(originally from the StdLib package). That source file has a number of
standard C and BSD socket dependencies. Provide those dependencies here:
- The header files below will simply #include <CrtLibSupport.h>:
- EAFNOSUPPORT comes from "StdLib/Include/errno.h", at commit e2d3a25f1a31; which is the commit immediately preceding the removal of
StdLib from edk2 (964f432b9b0a).
Note that the other error macro, which we alread #define, namely EINVAL,
has a value (22) that also matches "StdLib/Include/errno.h".
- The AF_INET and AF_INET6 address family macros come from
"StdLib/Include/sys/socket.h".
- The NS_INT16SZ, NS_INADDRSZ and NS_IN6ADDRSZ macros come from
"StdLib/Include/arpa/nameser.h".
- The "u_int" and "u_char" types come from "StdLib/Include/sys/types.h".
Cc: David Woodhouse <dwmw2@infradead.org> Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Jiaxin Wu <jiaxin.wu@intel.com> Cc: Sivaraman Nainar <sivaramann@amiindia.co.in> Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=960
CVE: CVE-2019-14553 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Jian J Wang <jian.j.wang@intel.com> Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
Laszlo Ersek [Thu, 24 Oct 2019 14:44:08 +0000 (16:44 +0200)]
CryptoPkg/Crt: turn strchr() into a function (CVE-2019-14553)
According to the ISO C standard, strchr() is a function. We #define it as
a macro. Unfortunately, our macro evaluates the first argument ("str")
twice. If the expression passed for "str" has side effects, the behavior
may be undefined.
In a later patch in this series, we're going to resurrect "inet_pton.c"
(originally from the StdLib package), which calls strchr() just like that:
CryptoPkg/TlsLib: Add the new API "TlsSetVerifyHost" (CVE-2019-14553)
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=960
CVE: CVE-2019-14553
In the patch, we add the new API "TlsSetVerifyHost" for the TLS
protocol to set the specified host name that need to be verified.
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Long Qin <qin.long@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> Acked-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20190927034441.3096-3-Jiaxin.wu@intel.com> Cc: David Woodhouse <dwmw2@infradead.org> Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Jiaxin Wu <jiaxin.wu@intel.com> Cc: Sivaraman Nainar <sivaramann@amiindia.co.in> Cc: Xiaoyu Lu <xiaoyux.lu@intel.com> Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com> Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
MdePkg/Include/Protocol/Tls.h: Add the data type of EfiTlsVerifyHost (CVE-2019-14553)
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=960
CVE: CVE-2019-14553
In the patch, we add the new data type named "EfiTlsVerifyHost" and
the EFI_TLS_VERIFY_HOST_FLAG for the TLS protocol consumer (HTTP)
to enable the host name check so as to avoid the potential
Man-In-The-Middle attack.
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Long Qin <qin.long@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> Acked-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20190927034441.3096-2-Jiaxin.wu@intel.com> Cc: David Woodhouse <dwmw2@infradead.org> Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Jiaxin Wu <jiaxin.wu@intel.com> Cc: Sivaraman Nainar <sivaramann@amiindia.co.in> Cc: Xiaoyu Lu <xiaoyux.lu@intel.com> Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Liming Gao <liming.gao@intel.com>
Sunny Wang [Wed, 16 Oct 2019 09:19:22 +0000 (17:19 +0800)]
MdeModulePkg/BdsDxe: Fix PlatformRecovery issue
For now, PlatformRecovery doesn't work if OsIndications variable
doesn't exist, which is wrong.
According to the UEFI specification section 3.4.1 and 3.4.2, if
processing of BootOrder does not result in success, the OsRecovery
and PlatformRecovery options should still be processed regardless of
the existence of the OsIndications variable.
Therefore, update the code to check PcdPlatformRecoverySupport instead
of the value of OsIndications variable (PlatformRecovery) to fix
this issue.
Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Hao Wu <hao.a.wu@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Zhichao Gao <zhichao.gao@intel.com> Cc: Walon Li <walon.li@hpe.com> Signed-off-by: Sunny Wang <sunnywang@hpe.com> Reviewed-by: Ray Ni <ray.ni@intel.com> Reviewed-by: Zhichao Gao <zhichao.gao@intel.com> Acked-by: Jian J Wang <jian.j.wang@intel.com>
Shenglei Zhang [Tue, 29 Oct 2019 15:43:11 +0000 (15:43 +0000)]
CryptoPkg/OpensslLib: Update process_files.pl to generate .h files
There are missing headers added into INF files at 8906f076de35b222a..
They are now manually added but not auto-generated. So we update the
perl script to enable this feature.
Meanwhile, update the order of the .h files in INF files, which are
auto-generated now.
https://bugzilla.tianocore.org/show_bug.cgi?id=2085
Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Xiaoyu Lu <xiaoyux.lu@intel.com> Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com> Reviewed-by: Jian J Wang <jian.j.wang@intel.com> Reviewed-by: Xiaoyu Lu <xiaoyux.lu@intel.com>
This patch is for fixing unexpected system hang during S3 unlock process.
FatPei driver maintained and updated internal BlockIo devices list
when there is new BlockIo PPI has installed, and it relied on BlockIo PPI
service to get data from devices. Because BlockIo Ppi leverage
NvmExpressPei Ppi to transit Nvm command to device, we should make sure
NvmePassThruPpi installed before BlockIo PPI.
Signed-off-by: Maggie Chu <maggie.chu@intel.com> Reviewed-by: Hao A Wu <hao.a.wu@intel.com> Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Star Zeng <star.zeng@intel.com> Cc: Eric Dong <eric.dong@intel.com>
When target FV 99% used and only few bytes space left,
SplitFspBin.py may crash with below error:
File "SplitFspBin.py", line 457, in ParseFv
ffshdr = EFI_FFS_FILE_HEADER.from_buffer (self.FvData, offset)
ValueError: Buffer size too small
(40960 instead of at least 40968 bytes)
It was because the offset used by FFS_HEADER parser out of bounds.
It should stop parsing when offset equal or larger than
(buffer size - FFS_HEADER size).
This patch also fixed another crash issue when running script with
Python 3.x and no input parameter given:
File "SplitFspBin.py", line 868, in main
if args.which in ['rebase', 'split', 'genhdr', 'info']:
AttributeError: 'Namespace' object has no attribute 'which'
Test:
1. Ran script with both py2 and py3 with no input and no crash observed.
2. Compare the script result before and after the patch are identical.
Cc: Maurice Ma <maurice.ma@intel.com> Cc: Nate DeSimone <nathaniel.l.desimone@intel.com> Cc: Star Zeng <star.zeng@intel.com> Signed-off-by: Chasel Chiu <chasel.chiu@intel.com> Reviewed-by: Nate DeSimone <nathaniel.l.desimone@intel.com>
Liming Gao [Tue, 22 Oct 2019 14:44:05 +0000 (22:44 +0800)]
OvmfPkg: Enable CLANG9 tool chain
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=1603
1. Apply CLANG9 Linker option.
2. Exclude -mno-mmx -mno-sse compiler option for CLANG9
These two options will cause CLANG Linker crush.
Liming Gao [Thu, 17 Oct 2019 06:55:54 +0000 (14:55 +0800)]
EmulatorPkg: Enable CLANG9 tool chain
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=1603
1. Add WIN_HOST_BUILD macro check for CLANG9 tool chain
build -p EmulatorPkg\EmulatorPkg.dsc -a IA32 -DWIN_HOST_BUILD=TRUE -t CLANG9
build -p EmulatorPkg\EmulatorPkg.dsc -a X64 -DWIN_HOST_BUILD=TRUE -t CLANG9
2. Append CLANG CC and LINK flags to generate windows HOST.
3. Fix WinHost issue to call GetProcessAffinityMask() API.
The input parameter should be UINTN pointer instead of UINT32 pointer.
Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Andrew Fish <afish@apple.com> Cc: Ray Ni <ray.ni@intel.com> Signed-off-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Ray Ni <ray.ni@intel.com>
Liming Gao [Thu, 17 Oct 2019 06:55:50 +0000 (14:55 +0800)]
MdeModulePkg LzmaCustomDecompressLib: Update macro to be same in CLANG tool
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=1603
Define the same macro in the different OS. It can make CLANG generate the same
image in the different host OS.
Signed-off-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
Liming Gao [Thu, 17 Oct 2019 06:55:49 +0000 (14:55 +0800)]
MdePkg BaseIoLibIntrinsic: Remove __inline__ attribute for IO functions
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=1603
__inline__ has no functional difference effect with the GCC48 / GCC49 / GCC5
toolchains, but it breaks the build with CLANG9. Remove __inline__.
Signed-off-by: Liming Gao <liming.gao@intel.com> Acked-by: Laszlo Ersek <lersek@redhat.com> Cc: Michael Kinney <michael.d.kinney@intel.com> Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com> Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Liming Gao [Thu, 17 Oct 2019 06:55:48 +0000 (14:55 +0800)]
MdePkg Base.h: Add definition for CLANG9 tool chain
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=1603
CLANG9 tool chain defines __clang__ macro only,
doesn't define __GNUC__ macro. But, it uses some same definitions with GCC.
So, update base definition for CLANG9 tool chain.
Signed-off-by: Liming Gao <liming.gao@intel.com> Cc: Michael Kinney <michael.d.kinney@intel.com> Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com> Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Liming Gao [Thu, 17 Oct 2019 06:55:47 +0000 (14:55 +0800)]
BaseTools GenFw: Fix the issue to update the wrong size as SectionSize
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=1603
CLANG9 generated PE image exposes below two issues.
1. SectionSize is used to copy PE section data. It should be smaller than
section raw size.
2. The real data is required to be copied. So, copy the min size of
VirtualSize and SizeOfRawData.
Signed-off-by: Liming Gao <liming.gao@intel.com> Cc: Bob Feng <bob.c.feng@intel.com> Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Add a Null instance of the BaseCryptLib class. This lib instance
can be used as a template for new implementations of the BaseCryptLib
class and can also be used to reduce CI build times for build
checks that depend on the BaseCryptLib class.
Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Xiaoyu Lu <xiaoyux.lu@intel.com> Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
ResetVector.inf is a binary INF, so no source builds are
triggered from adding this line. However, a build with
this component does verify the contents of the INF file.
Cc: Eric Dong <eric.dong@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Ray Ni <ray.ni@intel.com>
Add a Null instance of the TlsLib class. This lib instance
can be used as a template for new implementations of the TlsLib
class and can also be used to reduce CI build times for build
checks that depend on the TlsLib class.
Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Xiaoyu Lu <xiaoyux.lu@intel.com> Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
projects / mirror_edk2.git / log