The ramdisk is modelled as an NVDIMM which have a naturally higher
alignment than 4K. Operating systems may wish to map NVDIMMs using large
pages, so force the allocation alignment to 2MB.
This change was tested using HTTP ramdisk boot, targeting a flat windows
image.
Signed-off-by: Aaron Pop <aaronpop@microsoft.com>
Mbedtls requires the use of strpbrk(), but it is currently
included in BaseCryptLib, which is not part of
BaseCryptLibMbedTls. To resolve this, add strpbrk() to
CrtWrapper.c, as BaseCryptLibMbedTls is not dependent
on OpensslLib.
Signed-off-by: HemaAnmisha <hema.anmisha.kalavakolanu@intel.com>
Mitigates CVE-2025-3770
Do not assume that IDT.limit is loaded with a zero value upon SMM entry.
Delay enabling Machine Check Exceptions in SMM until after the SMM IDT
has been reloaded.
Signed-off-by: John Mathews <john.mathews@intel.com>
Introduce EArchCommonObjMcfgPciConfigSpaceInfo as an alias for
EArchCommonObjPciConfigSpaceInfo.
The CM_ARCH_COMMON_PCI_CONFIG_SPACE_INFO object is utilized by both
the MCFG and ACPI SSDT PCIE generators. Assigning a unique configuration
object ID ensures the platform configuration driver supplies the correct data.
Signed-off-by: Abdul Lateef Attar <AbdulLateef.Attar@amd.com>
When using the FMMT FvHandler function, new padding size
should be calculated correctly comparing with origin ffs
and new ffs, else it will cause the binary size changes.
This patch is used to fix the bug.
Signed-off-by: Yuwei Chen <yuwei.chen@intel.com>
Move PcdSerialRegisterBase from [PcdsFixedAtBuild, PcdsPatchableInModule]
section to [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic,
PcdsDynamicEx] section to enable dynamic configuration.
Signed-off-by: Pranav V V <pranav.v.v@intel.com>
When register a root SMI handler, it is expected to use windows calling
convention for the SMI handler. This patch adds missing EFIAPI for the
SMI handler SmmSwDispatcher to avoid potential issue from Linux build.
Signed-off-by: Guo Dong <guo.dong@intel.com>
Introduce Tpm2DeviceTableLib to generate SSDT table which describes
Tpm2 devices.
This dynamic table generation is controlled by PcdGenTpm2DeviceTable
which default value is FALSE.
When it is TRUE, the TPM2 device ssdt table is generated when TPM2 ACPI
table is generated.
Signed-off-by: Yeoreum Yun <yeoreum.yun@arm.com>
DTB address can be modified through the config table. Use
this address in dmem output.
EmbeddedPkg dependency added to
ShellPkg/Library/UefiShellDebug1CommandsLib/UefiShellDebug1CommandsLib.inf
and ShellPkg/ShellPkg.ci.yaml
Adds to: 42b0443599
("ShellPkg: UefiShellDebug1CommandsLib: Uefi Config Tables in Dmem.c")
Signed-off-by: Prachotan Reddy Bathi <Prachotan.Bathi@arm.com>
Add ArmTransferListLib as a library to platforms using
ArmVirtCloudHv.dsc and ArmVirtQemu.dsc.
Signed-off-by: Prachotan Bathi <prachotan.bathi@arm.com>
ArmTransferListHobGuid holds TransferList base address
If there's no valid TransferList found, or if a Guid HOB
is already present Guid HOB is not built, boot progresses
as usual.
https://firmwarehandoff.github.io/firmware_handoff
Signed-off-by: Prachotan Bathi <prachotan.bathi@arm.com>
Populate the gArmTransferListPpiGuid with the TransferList
base address.
Place the Ppi at the end of the PpiList
For platforms with no TransferList support,
boot continues without any errors.
https://firmwarehandoff.github.io/firmware_handoff
Signed-off-by: Prachotan Bathi <prachotan.bathi@arm.com>
ArmTransferListHobGuid will hold the TransferList base address
https://firmwarehandoff.github.io/firmware_handoff
SEC platforms can utilise this PPI to build the TransferList HOB
Signed-off-by: Prachotan Bathi <prachotan.bathi@arm.com>
Capture TransferList address from register x3
Refer to section 3 of the FW Handoff Specification
https://firmwarehandoff.github.io/firmware_handoff
The TransferList header is present at the base address
captured by this variable.
For platforms with no TransferList support,
boot continues without any errors.
Signed-off-by: Prachotan Bathi <prachotan.bathi@arm.com>
ArmTransferListHobGuid holds TransferList base address
If there's no valid TransferList found, Guid HOB is not built,
boot progresses as usual.
Signed-off-by: Prachotan Bathi <prachotan.bathi@arm.com>
Capture TransferList address from register x3
Refer to section 3 of the FW Handoff Specification
https://firmwarehandoff.github.io/firmware_handoff
The TransferList header is present at the base address
captured by this variable.
For platforms with no TransferList support,
boot continues without any errors.
Signed-off-by: Prachotan Reddy Bathi <Prachotan.Bathi@arm.com>
Added functionality TransferList Library
TransferListVerifyChecksum - Verify TransferList CheckSum
TransferListCheckHeader - Check if TransferList header is valid,
return suitable opcodes validating the header
TransferListFindEntry - Find a specific entry on the TransferList
using the TagId
TransferListDump - Dump the contents of the TransferList header
and the entry headers
Signed-off-by: Prachotan Reddy Bathi <Prachotan.Bathi@arm.com>
To support TPM2 devices that operate over the FF-A specification using CRB
in the Tcg2Pei PEIM, add the Tcg2ConfigFfaPei PEIM to
detect the presence of such TPM2 devices.
Signed-off-by: Yeoreum Yun <yeoreum.yun@arm.com>
To support measurement and extend PCR in PeilessSec with
TPM device using FF-A over CRB, add Tpm2DeviceSecLibFfa for PeilessSec.
Signed-off-by: Yeoreum Yun <yeoreum.yun@arm.com>
This is preparation patch to add Tpm2DeviceSecLibFfa for SEC
used in PeilessSec.
In SEC phase, DynamicPcd used for cacahing TPM2 information
couldn't be used.
To resolve this, writes wrapper functions to get TPM2 information
so that in the wrapper functions used in SEC wouldn't use the
related DyanmicPcd.
Signed-off-by: Yeoreum Yun <yeoreum.yun@arm.com>
Makes changes to comply with alerts raised by CodeQL.
Most of the issues here fall into the following two categories:
1. Potential use of uninitialized pointer.
2. Inconsistent integer width in comparison.
Co-authored-by: Taylor Beebe <31827475+TaylorBeebe@users.noreply.github.com>
Co-authored-by: kenlautner <85201046+kenlautner@users.noreply.github.com>
Co-authored-by: Bret Barkelew <bret@corthon.com>
Signed-off-by: Doug Flick <dougflick@microsoft.com>
When DEBUG_SECURITY was added, not all prints in
Tpm2DeviceLibDTpmDump.c were updated. This commit updates
the remaining prints.
Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
The various cores all attempt to print the EfiFileName when
loading/dispatching drivers, but they are not unified on
approach. This commit ensures they are using the same buffer
size and the loop parsing variables are unsigned, as we should
not have a negative index.
Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
The various cores all attempt to print the EfiFileName when
loading/dispatching drivers, but they are not unified on
approach. This commit ensures they are using the same buffer
size and the loop parsing variables are unsigned, as we should
not have a negative index.
Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
Today, StandaloneMM Core's image loader only prints driver load messages
if debug code is enabled. However, these are some of the most
important prints in the codebase: on a given system even if you
have nothing else to debug with, you can see the last driver
executed.
Debug code blocks are used to skip logic that only exists for
debug purposes and wastes time on a release build. However, the
logic to print a line and determine the filename from the PDB
is not extensive and provides critical information, so it is
inappropriate to wrap in a debug code section.
Platforms can still choose to disable logging at DEBUG_INFO/DEBUG_LOAD
and will not see the error messages.
Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
Today, DXE/PEI/SMM Core's image loaders only print driver load messages
if debug code is enabled. However, these are some of the most
important prints in the codebase: on a given system even if you
have nothing else to debug with, you can see the last driver
executed.
Debug code blocks are used to skip logic that only exists for
debug purposes and wastes time on a release build. However, the
logic to print a line and determine the filename from the PDB
is not extensive and provides critical information, so it is
inappropriate to wrap in a debug code section.
Platforms can still choose to disable logging at DEBUG_INFO/DEBUG_LOAD
and will not see the error messages.
Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
Map the feature control MSR config from the OVMF platform info HOB to
FIRST_SMI_HANDLER_CONTEXT.
(Note that CpuHotplugSmm already consumes -- indirectly -- the
"MdePkg/Library/DxeHobLib/DxeHobLib.inf" library instance, according to
the build report; therefore adding an explicit HobLib class dependency
shouldn't *generally* increase this SMM driver's exposure. The consumed
lib instances are the same before and after this patch, at least in
"OvmfPkgIa32X64.dsc".)
Fixes: https://github.com/tianocore/edk2/issues/11188
Signed-off-by: Laszlo Ersek <laszlo.ersek@posteo.net>
Introduce new fields to FIRST_SMI_HANDLER_CONTEXT:
- a UINT8 (effectively: boolean) value that controls whether the first SMI
handler of the hot-added CPU is supposed to set
MSR_IA32_FEATURE_CONTROL,
- and for when that is the case, two UINT32 values, for passing the
desired EDX:EAX (64-bit) MSR value.
MSR_IA32_FEATURE_CONTROL might as well be settable in the post-SMM pen
("PostSmmPen.nasm"); however, I find the first SMI handler better for this
purpose:
- we already have a nice context structure we can extend,
- in SMM, we have tighter control than after SMM (see the comments near
the top of "PostSmmPen.nasm").
MSR_IA32_FEATURE_CONTROL is orthogonal to the SMRAM State Save Map, and
WRMSR is permitted in the real mode-like initial environment of SMM, so
functionally speaking, this should be fine.
For now, the feature is disabled.
Signed-off-by: Laszlo Ersek <laszlo.ersek@posteo.net>
In a subsequent patch, we'll introduce fields with long names to
"FIRST_SMI_HANDLER_CONTEXT". Make room for those field names in
"FirstSmiHandler.nasm".
"git show -b" produces no patch output for this commit.
Signed-off-by: Laszlo Ersek <laszlo.ersek@posteo.net>
A zero "FeatureControlValue" currently means "no feature control, or
feature control with zero value". Distinguish both cases by explicitly
recording the presence of the "etc/msr_feature_control" fw_cfg file. This
will be helpful later in this series, when we won't want to touch fw_cfg
again, but still know if "etc/msr_feature_control" was read OK.
Signed-off-by: Laszlo Ersek <laszlo.ersek@posteo.net>
When FvSimpleFileSystem is included in a firmware image,
the FV is accessible as a simple file system.
Shell contained a bad assumption that the FileDevicepath,
the path where the efi shell was loaded from, was always
a Media device path/media vendor device path. It would
make a blind cast of the device path node.
Add a check to verify device path type/subtype before
casting the node to a FILEPATH_DEVICE_PATH.
Signed-off-by: Aaron Pop <aaronpop@microsoft.com>
Add -fno-omit-frame-pointer to RISC-V targets to ensure frame pointers
are preserved, supporting stack backtraces for debugging.
Signed-off-by: Tuan Phan <tphan@ventanamicro.com>
In HardwareInterrupt2.h the define for the protocol does not match the definition
of the protocol in the dec file. The definition in the dec file is 32898322-2da1-474a-baaa-f3f7cf569470
where in the definition the define is 32898322-2d1a-474a-baaa-f3f7cf569470 and the string
is even less correct with various bit swaps.
This commit changes all the strings and definitions to be consistent with the dec definition.
Signed-off-by: Chris Fernald <chfernal@microsoft.com>
Commit a257988f59 added -Wl,-z,notext, but
only when linking for IA32/X64 with LLD.
BFD can also be configured to either warn or error when text relocations
are detected. It does not check at all by default, but Gentoo Linux
tells it to warn in its regular configuration and tells it to error in
its hardened configuration.
Commit 14cb48b0a0 made linker warnings
fatal in all BFD cases. At least the AARCH64 and IA32/X64 code does
include text relocations, so this now fails to build on Gentoo Linux.
We should therefore always use -Wl,-z,notext.
Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
These haven't been used since before 2d07607d8b,
when UNIXGCC support was dropped.
The recent change in 14cb48b0a0 to make
linker warnings fatal was therefore ineffective for these architectures.
As requested, also make linker warnings fatal for GCC5 only. The last
release made them fatal for AARCH64 on GCC48/GCC49, but it seems likely
no one has actually tested that yet.
Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
Convert UART configuration PCDs from FixedPcd to dynamic Pcd to enable
runtime modification of serial port parameters.
Changes made:
- Replace FixedPcdGet64/FixedPcdGet8 calls with PcdGet64/PcdGet8 for:
* PcdUartDefaultBaudRate
* PcdUartDefaultParity
* PcdUartDefaultDataBits
* PcdUartDefaultStopBits
- Update INF file to declare these PCDs under [Pcd].
Signed-off-by: Pranav V V <pranav.v.v@intel.com>
Introduce an X64-specific implementation of the
SsdtSerialPortFixupLib library class.
Utilizes the AML library to generate COM or serial device dynamically.
Signed-off-by: Abdul Lateef Attar <AbdulLateef.Attar@amd.com>
Adds AML code generation for Serial UART resource descriptor.
This commit introduces helper functions to generate
AML resource data for serial UART resource descriptor.
Signed-off-by: Abdul Lateef Attar <AbdulLateef.Attar@amd.com>
Adds AML code generation for IRQ resource descriptor.
This commit introduces helper functions to generate
AML resource data for IRQ resource descriptors.
Signed-off-by: Abdul Lateef Attar <AbdulLateef.Attar@amd.com>
