Tcg2Dxe and its libraries are currently the noisiest modules in
edk2. For a sample platform printing at INFO level, Tcg2Dxe
printed 4,000 lines out of 5,700 total lines printed.
This commit defines a DEBUG_SECURITY bit to control the debug output
of Tcg2Dxe and other security related components. Most of the output is
not useful except for deep debugging of TPM transactions, so it is
appropriate to only print when the DEBUG_SECURITY bit is present.
Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
Implements the _aulldiv() intrinsic function necessary to compile CryptoPkg
using the CLANGPDB toolchain. The existing MASM assembly implementation of
this function has been converted to NASM to enable it to be used with both
the Visual Studio and Clang compilers.
Signed-off-by: Nate DeSimone <nathaniel.l.desimone@intel.com>
During USB device enumeration, issuing a hot reset on a port is skipped if
there is a reset change status already detected on the port. This can
happen when enumerating devices after a host controller soft reset (which
drives a hot reset down the ports).
However, in certain cases an attached device may not be responsive even if
the reset change and connection status bits are set. For e.g., according
to xHCI spec section 4.19.5.1 the port reset change bits can be set when
a hot reset driven on the port transitions to a warm reset and completes
with errors. For such instances it is worthwhile to force a hot reset
during enumeration to try and recover unresponsive devices.
During enumeration check whether querying port status returns
EFI_DEVICE_ERROR and try a port reset if there is a device attached to
the port.
Signed-off-by: Aaron Pop <aaronpop@microsoft.com>
If IASL_PREFIX is not already defined, then edksetup.bat should set it.
This unifies the behavior between Visual Studio and Mingw-w64.
Signed-off-by: Nate DeSimone <nathaniel.l.desimone@intel.com>
Update the CLANGPDB toolchain configuration to use MSVC ABI targets and
retain frame pointers in generated code. This improves compatibility with
the Microsoft Debug Interface Access (DIA) SDK and improves debuggability
with any debugger that uses the Microsoft PDB parser, for example the Visual
Studio debugger or windbg.
Without these changes, code generated by the Clang compiler will have a mix
of calling conventions. With the current configuration, any function declared
with EFIAPI will use the Microsoft x64 calling convention. However, the default
calling convention will be the SysV x64 calling convention. This mixing of
calling conventions prevents debuggers from decoding the call stack.
With these changes, only the Microsoft x64 calling convention will be used.
These modifications enable debuggers to properly parse and
display call stacks on binaries built with the CLANGPDB toolchain.
The changes include:
- Switch from GNU ABI target (*-unknown-windowsl-gnu) to MSVC ABI targets
(*-pc-windows-msvc) for both IA32 and X64 architectures.
- Remove -fseh-exceptions as not supported.
- Add -fno-omit-frame-pointer as required for call stack.
- Undefine the _MSC_VER macro, and define the __GNUC__ macro, so that
pre-processor conditionals will continue to function as expected.
Co-authored-by: Muhammad Mustafa <muhammad.mustafa@intel.com>
Signed-off-by: Nate DeSimone <nathaniel.l.desimone@intel.com>
A change was made to the following pytool releases to prevent a
platform from needing to include additional logic to consider
command-line build variable parameters for PR evaluation.
- edk2-pytool-library v0.23.4
- edk2-pytool-extensions v0.29.11
Commit 33e58db was added as a workaround, but that is no longer
needed after these pytool updates, so revert it.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Updates pytools to the latest releases to include changes for PR
evaluation that include command-line build variable arguments by
default in PR evaluation.
Versions updated:
- edk2-pytool-library v0.23.4
- edk2-pytool-extensions v0.29.11
Full release details are available on the pytool release pages:
- https://github.com/tianocore/edk2-pytool-library/releases
- https://github.com/tianocore/edk2-pytool-extensions/releases
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Due to PEIM will do following MM notify event under API mode:
1.MM end of dxe notify Event
2.MM ready to lock notify Event
3.MM ready to boot notify Event
4.MM exit boot services notify Event
It will conflict with the notify event in MmCommunicationDxe.inf
on edk2 bootloader under API mode, so split following MmEvent to
MmCommunicationNotifyDxe.inf, and avoid run this driver under API
mode.
Signed-off-by: Hongbin1 Zhang <hongbin1.zhang@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Dun Tan <dun.tan@intel.com>
Cc: Khor Swee Aun <swee.aun.khor@intel.com>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
In the MpInitLib, pages are allocated for
the APs, and data is copied into them. Depending
on the allocation type, Nx needs to be removed
from the pages to allow the processors to execute.
Additionally, ReadOnly needs to be applied to the
pages after they have been filled with the
instructions that the APs need to execute.
Signed-off-by: Aaron Pop <aaronpop@microsoft.com>
Co-authored-by: Oliver Smith-Denny <osde@microsoft.com>
Update the comments for PcdDxeNxMemoryProtectionPolicy
which contained old information.
Signed-off-by: Aaron Pop <aaronpop@microsoft.com>
Co-authored-by: Oliver Smith-Denny <osde@microsoft.com>
Currently, if the DebugClearMemory bit is set in the
PcdDebugPropertyMask, CoreConvertPagesEx will attempt to write
a pattern to the pages being freed. However, it does not check
that the page is writeable, which will cause a page fault if not.
Furthermore, if NX protections are not enabled, the core does not
ensure that any freed pages are RW, which is the state expected
when they are allocated next. If they are not RW, the allocating
driver will crash trying to use them.
This patch updates the page freeing code to query the memory
attributes protocol, if present, for the attributes. If this call
fails or the attributes are not RW at a minimum, the core leaks
the memory (returning success to the caller). If the memory
attribute protocol is not present (either because a platform doesn't
produce it or it is before the protocol has been produced, the core
continues with freeing memory. This is either before the CPU Arch
protocol is available (so drivers can't change memory attributes) or
otherwise matches existing behavior. This was deemed the best
approach to let memory that can't be guaranteed to be RW leak
instead of letting a driver crash when allocating it. It was deemed
less brittle to simply leak the memory instead of attempting to
change the attributes.
Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
These libraries required dependency on EmbeddedPkg for the
FdtHob which has been moved to MdePkg. This dependency is not
needed anymore and can now be removed.
Signed-off-by: Akshay Behl <cap2k4@rivosinc.com>
Co-authored-by: Dhaval Sharma <dhaval@rivosinc.com>
There is GetPerformanceCounterProperties() that relies
on Device Tree to fetch timer frequency and removes the
dependency from the PCDs, use that instead.
Signed-off-by: Akshay Behl <cap2k4@rivosinc.com>
Co-authored-by: Dhaval Sharma <dhaval@rivosinc.com>
There is GetPerformanceCounterProperties() that relies
on Device Tree to fetch timer frequency and removes the
dependency from the PCDs, use that instead.
Signed-off-by: Akshay Behl <cap2k4@rivosinc.com>
Co-authored-by: Dhaval Sharma <dhaval@rivosinc.com>
MdePkg has a more refined implementation of Fdt as compared
to the EmbeddedPkg which was the initial implementation, hence
moving the Fdt Guid from EmbeddedPkg to MdePkg.
Continuous-integration-options: PatchCheck.ignore-multi-package
Signed-off-by: Akshay Behl <cap2k4@rivosinc.com>
Co-authored-by: Dhaval Sharma <dhaval@rivosinc.com>
On RISC-V platforms, just like other platforms, we need to pass various
information from one stage to another (hartid/cmo operations etc).
Also there are some settings like Timer freq which are platform dependent
which use PCDs. Today hartid is extracted through Firmware Context
(custom in mem structure passed from one stage to another). For CMO we
have a features HOB. Going forward we would like to have a standard
mechanism to pass on such information and DT is handy as it can easily
carry all this information (in some cases nodes already exists). This
patch implement timebase frequency extraction from DT.
Signed-off-by: Akshay Behl <cap2k4@rivosinc.com>
Co-authored-by: Dhaval Sharma <dhaval@rivosinc.com>
The Universal Graphics Adapter (UGA) is a graphic abstraction.
The UGA I/O and Draw protocols are deprecated since UEFI 2.0 was
introduced. Cf. the UEFI spec v2.9:
"Appendix L - EFI 1.10 Protocol Changes and Deprecation List"
section L.2 "Deprecated Protocols"
Remove the UGA support.
Signed-off-by: GuoMinJ <newexplorerj@gmail.com>
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
The Universal Graphics Adapter (UGA) is a graphic abstraction.
The UGA I/O and Draw protocols are deprecated since UEFI 2.0 was
introduced. Cf. the UEFI spec v2.9:
"Appendix L - EFI 1.10 Protocol Changes and Deprecation List"
section L.2 "Deprecated Protocols"
Remove the UGA support.
Signed-off-by: GuoMinJ <newexplorerj@gmail.com>
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
The Universal Graphics Adapter (UGA) is a graphic abstraction.
The UGA I/O and Draw protocols are deprecated since UEFI 2.0 was
introduced. Cf. the UEFI spec v2.9:
"Appendix L - EFI 1.10 Protocol Changes and Deprecation List"
section L.2 "Deprecated Protocols"
Remove the UGA support.
Signed-off-by: GuoMinJ <newexplorerj@gmail.com>
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
The Universal Graphics Adapter (UGA) is a graphic abstraction.
The UGA I/O and Draw protocols are deprecated since UEFI 2.0 was
introduced. Cf. the UEFI spec v2.9:
"Appendix L - EFI 1.10 Protocol Changes and Deprecation List"
section L.2 "Deprecated Protocols"
Remove the UGA support.
Signed-off-by: GuoMinJ <newexplorerj@gmail.com>
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
The Universal Graphics Adapter (UGA) is a graphic abstraction.
The UGA I/O and Draw protocols are deprecated since UEFI 2.0 was
introduced. Cf. the UEFI spec v2.9:
"Appendix L - EFI 1.10 Protocol Changes and Deprecation List"
section L.2 "Deprecated Protocols"
Remove the UGA support.
Signed-off-by: GuoMinJ <newexplorerj@gmail.com>
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
The Universal Graphics Adapter (UGA) is a graphic abstraction.
The UGA I/O and Draw protocols are deprecated since UEFI 2.0 was
introduced. Cf. the UEFI spec v2.9:
"Appendix L - EFI 1.10 Protocol Changes and Deprecation List"
section L.2 "Deprecated Protocols"
Remove the UGA support.
Signed-off-by: GuoMinJ <newexplorerj@gmail.com>
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
The Universal Graphics Adapter (UGA) is a graphic abstraction.
The UGA I/O and Draw protocols are deprecated since UEFI 2.0 was
introduced. Cf. the UEFI spec v2.9:
"Appendix L - EFI 1.10 Protocol Changes and Deprecation List"
section L.2 "Deprecated Protocols"
Remove the UGA support.
Signed-off-by: GuoMinJ <newexplorerj@gmail.com>
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
The Universal Graphics Adapter (UGA) is a graphic abstraction.
The UGA I/O and Draw protocols are deprecated since UEFI 2.0 was
introduced. Cf. the UEFI spec v2.9:
"Appendix L - EFI 1.10 Protocol Changes and Deprecation List"
section L.2 "Deprecated Protocols"
Remove the UGA support.
Signed-off-by: GuoMinJ <newexplorerj@gmail.com>
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
The Universal Graphics Adapter (UGA) is a graphic abstraction.
The UGA I/O and Draw protocols are deprecated since UEFI 2.0 was
introduced. Cf. the UEFI spec v2.9:
"Appendix L - EFI 1.10 Protocol Changes and Deprecation List"
section L.2 "Deprecated Protocols"
Remove the UGA support.
Signed-off-by: GuoMinJ <newexplorerj@gmail.com>
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
The Universal Graphics Adapter (UGA) is a graphic abstraction.
The UGA I/O and Draw protocols are deprecated since UEFI 2.0 was
introduced. Cf. the UEFI spec v2.9:
"Appendix L - EFI 1.10 Protocol Changes and Deprecation List"
section L.2 "Deprecated Protocols"
Remove the UGA support.
Signed-off-by: GuoMinJ <newexplorerj@gmail.com>
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
The Universal Graphics Adapter (UGA) is a graphic abstraction.
The UGA I/O and Draw protocols are deprecated since UEFI 2.0 was
introduced. Cf. the UEFI spec v2.9:
"Appendix L - EFI 1.10 Protocol Changes and Deprecation List"
section L.2 "Deprecated Protocols"
Remove the UGA support.
Signed-off-by: GuoMinJ <newexplorerj@gmail.com>
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
If a memory debug log buffer is present, register the buffer location as
config table so the OS can find and show it.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
PrePiMemoryAllocationLib does not implement functions to allocate
EfiMemoryReservedType. These are implemented in other instances of
MemoryAllocationLib (Dxe, Uefi, PiSmmCore, SmmMemory).
Add AllocateReservedPages() and AllocateAlignedReservedPages()
functions to make it consistent with other MemoryAllocationLib
intstances.
Signed-off-by: Vishal Oliyil Kunnil <vishalo@qti.qualcomm.com>
This check is present for every call to `MemDebugLogWrite` but it is
missing here. This may cause an unwanted write to the
buffer, when the buffer's address is not null and MemDebug is disabled.
Signed-off-by: Luigi Leonardi <leonardi@redhat.com>
Allow PR eval to operate with the same input variable values as the
build command would.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Currently DxeIpl attempts to set page 0 to all 0's and to
create a memory allocation HOB for it. However, DxeIpl will
also unmap the page when mapping page tables and if null
detection is not enabled, DxeCore will set the page to 0,
regardless of allocation status.
Because no consumers are using the memory allocation HOB for
page 0, drop it. Instead, ensure that PeiCore and DxeCore do
not allow allocating page 0; it should always be reserved for
null pointer detection. It also complicates the story for
platforms that are attempting to audit the system and ensure that
no modules are using page 0. With these memory allocation HOBs
in place, it is difficult to tell if it is simply DxeIpl who
has allocated the memory or another module.
This commit drops the memory allocation HOB publishing and ensures
that DxeCore and PeiCore do not allocate page 0. DxeCore already
will not allocate page 0 to callers of AllocatePages who call with
a type other than AllocateAddress, this just changes so that
AllocateAddress cannot allocate at page 0 (which if null detection
is enabled will cause a page fault). PeiCore does not have
AllocateAddress and so this ensures standard allocations do not
receive page 0.
Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
OvmfPkg has copied the MdeModulePkg DxeIpl behavior to
create a memory allocation HOB for page 0. That is being changed
(see that commit for details), so also remove it here.
Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
UefiPayloadPkg has copied the MdeModulePkg DxeIpl behavior to
create a memory allocation HOB for page 0. That is being changed
(see that commit for details), so also remove it here.
Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
Build report would not detect a nested FV if the nested
FV was not in a subsection of an FFS statement.
Modify the build report to better handle some of the
variations of nested FVs.
Failing Example:
[Fv.FvName1]
INF <path to some driver>.inf
[Fv.FvName0]
FILE FV_IMAGE = B25ACDEF-39CE-4FA5-B50A-33E24DB1BDDF {
SECTION FV_IMAGE = FvName1
}
Working Example:
[Fv.FvName1]
INF <path to some driver>.inf
[Fv.FvName0]
FILE FV_IMAGE = DA04F6BF-A0FD-47EC-928B-5101A6C95026 {
SECTION GUIDED EE4E5898-3914-4259-9D6E-DC7BD79403CF
PROCESSING_REQUIRED = TRUE {
SECTION FV_IMAGE = FvName1
}
}
Signed-off-by: Aaron Pop <aaronpop@microsoft.com>
Add QEMU_PV_VARS build option, when enables the firmware build will
support (and require) the qemu uefi variable store.
This also enables proper (as-in: actually being secure) secure boot
support.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
32-bit architecture (ia32 + arm) are not supported. Update inf file
accordingly. Add a VALID_ARCHITECTURES line. Drop ARM configuration.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
REF:https://github.com/tianocore/edk2/issues/11245
Enable the time check flag to verify the current time during the TLS
certificate validation.
Signed-off-by: Kanagavel S <kanagavels@ami.com>
Introduce AArch64 architecture support in BlSupportDxe. Translation
table would be created based on the memory maps, which is provided
by bootloader, in case MMU is disabled when execution is handed
over to Universal Payload.
Signed-off-by: Ajan Zhong <ajan.zhong@newfw.com>
Move ArmMmuLib from ArmPkg to UefiCpuPkg for easy maintaining.
Continuous-integration-options: PatchCheck.ignore-multi-package
Signed-off-by: Ajan Zhong <ajan.zhong@newfw.com>
