| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Intel's ACPICA download is no longer on acpica.org, but that site
redirects to pages on intel.com. Update the link to acpica.org to
the new ACPICA download page.
Microsoft's acpi.info no longer exists, so update the link to point to
Microsoft's ACPI compiler information page.
While here, update the nasm link from http to https.
Signed-off-by: Rebecca Cran <rebecca@bsdio.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update Tpm12.h and Tpm20.h and not use c++ reserved keywords
operator and xor in C structures to support use of these
include files when building with a C++ compiler.
This patch removes the temporary use of anonymous unions and
warning 4201 disable for VS20xx tool chains to complete the
following field name changes:
* operator -> operator_
* xor -> xor_
NOTE: This is a non-backwards compatible change to Tpm12.h
and Tmp20.h. And consumers of these include files that access
the "operator" or "xor" fields must be updated.
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
|
| |
|
|
|
|
|
| |
Change xor to xor_ to avoid C++ reserved work name collisions
when building with C++ compilers.
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update Tpm12.h and Tpm20.h and not use c++ reserved keywords
operator and xor in C structures to support use of these
include files when building with a C++ compiler.
This patch temporarily introduces an anonymous union to add
operator_ and xor_ fields to support migration from the current
field names to the new field names.
Warning 4201 is disabled for VS20xx tool chains is a temporary
change to allow the use of anonymous unions.
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
|
| |
|
|
|
|
|
| |
Links from acpica.org are now redirected to the ACPICA overview page
on intel.com. Update the link so it goes to the 20200517 download page.
Signed-off-by: Rebecca Cran <rebecca@bsdio.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4874
Question CheckBox, OneOf and Numeric can refer to Bit EFI VarStore.
CheckBox: data type is Boolean (1 byte),
Numeric/Oneof: data type is always UNIT32 for BIT VarStore,
When get default value for BIT VarStore, should return default value
with sizeof (UINT32) rather than the byte the bit width occupied.
Or incorrect default value will be used due to the size mismatch.
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
|
| |
|
|
|
|
|
|
| |
When updating memory attributes, if only access attributes are changed,
the default memory cache attribute is NULL and a CACHE_CC is added by
default.
Signed-off-by: Chao Li <lichao@loongson.cn>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BlockIo2 Read/Write/Flush APIs should signal the token's event when the
I/O operation completes, but the Emulator APIs do not. As a result, any
code that tries to implement async I/O will hang on emulator.
Both Windows and Unix emulator hosts work the same way:
- All I/O is completed synchronously.
- All I/O implementations contain the comment:
`// Caller is responsible for signaling EFI Event`
However, the protocol implementations do not signal the event, so the
event is never signalled.
Fix is to signal the event in the appropriate protocol implementations.
- If the host API returns success then the I/O is complete since it's
always synchronous.
- If there is a Token and Token->Event is not null and the I/O is
successful then the event should be signalled.
Signed-off-by: Doug Cook <idigdoug@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Introduce support for generating ACPI CPU SSDT table
for the X64 architecture.
Creates processor objects based on configuration data.
Cc: Sami Mujawar <Sami.Mujawar@arm.com>
Cc: Pierre Gondois <pierre.gondois@arm.com>
Signed-off-by: Abdul Lateef Attar <AbdulLateef.Attar@amd.com>
|
| |
|
|
|
|
|
|
|
|
| |
Updates X64 namespace object.
Updates the object parser.
Updates the Readme.
Cc: Sami Mujawar <Sami.Mujawar@arm.com>
Cc: Pierre Gondois <pierre.gondois@arm.com>
Signed-off-by: Abdul Lateef Attar <AbdulLateef.Attar@amd.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, PciHostBridgeUtilityGetRootBridgesHostProvided allocates memory
for aperture structures without clearing memory. This causes garbage in
the Translation field, but the Base and Limit fields have the correct
values because they are copied from the HOST_BRIDGE_INFO fields in the
HardwareInfoPciHostBridgeHostBridgeHostBridgeGetApertures function.
RootBridge: PciRoot(0x0)
Support/Attr: 70069 / 70069
DmaAbove4G: No
NoExtConfSpace: No
AllocAttr: 3 (CombineMemPMem Mem64Decode)
Bus: 0 - 80 Translation=0
Io: 6000 - FFFF Translation=5E9EB018
Mem: 80000000 - DFFFFFFF Translation=0
MemAbove4G: 600000000000 - 7FFFFFFFFFFF Translation=0
PMem: FFFFFFFFFFFFFFFF - 0 Translation=0
PMemAbove4G: FFFFFFFFFFFFFFFF - 0 Translation=0
Signed-off-by: Alexander Gryanko <xpahos@gmail.com>
|
| |
|
|
| |
Signed-off-by: Yang Gang <yanggang@byosoft.com.cn>
|
| |
|
|
|
|
|
| |
Clean up PcdOvmfHostBridgePciDevId and PcdNullPointerDetectionPropertyMask
from QemuVideoDxe.inf
Signed-off-by: Marc Chen <marc.chen@microsoft.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since the pixiefail CVE fix the network stack requires a hardware
random number generator. This can currently be a modern CPU supporting
the RDRAND instruction or a virtio-rng device.
The latter is initialized during the BDS phase.
To ensure all depending (network) modules are also started, we need to
run the dispatcher once more after the device was initialized.
Without this, network boot is not available under certain hardware
configurations.
Fixes: 4c4ceb2ceb ("NetworkPkg: SECURITY PATCH CVE-2023-45237")
Analysed-by: Stefano Garzarella <sgarzare@redhat.com>
Suggested-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Oliver Steffen <osteffen@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
StrSize() cannot return 0. As done in other packages, StrSize()
checks the length of the string doesn't exceed
PcdMaximumUnicodeStringLength. Add comments to make it more obvious.
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4859
Reported-by: Tormod Volden <debian.tormod@gmail.com>
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
|
| |
|
|
|
|
|
|
|
| |
StrSize() account the terminating NULL character and cannot return 0.
Replace StrSize() StrLen().
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4859
Reported-by: Tormod Volden <debian.tormod@gmail.com>
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
|
| |
|
|
|
|
|
| |
The "Found ACPI table" messages are informative and don't indicate an
error, so reduce the debug level from DEBUG_ERROR to DEBUG_INFO.
Signed-off-by: Rebecca Cran <rebecca@bsdio.com>
|
| |
|
|
|
|
|
|
|
| |
Update SecureBootDefaultKeys.fdf.inc to add support for 2 more DB
certificates, for a total of 5. This allows all the files from
https://github.com/microsoft/secureboot_objects/tree/main/PreSignedObjects/DB/Certificates
to be supported.
Signed-off-by: Rebecca Cran <rebecca@bsdio.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
ArmVirtKvmTool might execute at EL2 when running under nested
virtualization, and in this case, it should not use HVC but SMC to
invoke PSCI and SMCCC services.
Like QEMU, kvmtool provides the PSCI conduit via a node in the FDT, and
as per the SMCCC, the PSCI conduit and the SMCCC conduit are guaranteed
to be the same. So switch to the ArmMonitorLib implementation that
selects the conduit based on this FDT node.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
|
| |
|
|
|
|
|
|
| |
The implementation of ArmMonitorLib that selects the conduit (SMC or
HVC) based on the PSCI FDT node is suitable for other VMMs as well, so
rename it more appropriately.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
|
| |
|
|
|
|
|
|
| |
HCR_EL2 may contain fields that should be preserved (such as E2H, which
may be RES1 for all intents and purposes other than reading back the
register). So preserve the existing value when setting the TGE bit.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
With VHE enabled, EL2 uses the EL2&0 translation regime, which is
compatible with the EL1&0 translation regime when it comes to the TCR
configuration register and the page table descriptor.
Given that some CPUs may have VHE force enabled when executing at EL2,
the MMU code needs to be able to deal with this even if it doesn't
enable VHE itself.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
|
| |
|
|
|
|
|
|
|
| |
Remove the code path for execution at EL3, which just dumps an error.
None of the other code is remotely suitable for execution at EL3, and so
just ASSERT()'ing here is sufficient, and simplifies future changes
related to VHE.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
When VHE is enabled, some pre-existing timer system register specifiers
are redirected to the HYP timer. To access the conventional timer,
special aliases have to be used that end in _EL02.
These aliases are not understood by Clang's internal assembler, so use
the generic mnemonics instead.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
|
| |
|
|
|
|
|
| |
Add definitions for the non-global page tables descriptor attribute, as
well as the E2H TCR bit, so that we can use them in the MMU code.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
ARM requires softfloat routines when incorporating OpenSSL, which is a
bit of a hassle for no benefit, given that ARM is mostly obsolete at
this point.
SignedCapsulePkg relies on OpenSSL for authentication, and while it
might be feasible to migrate ARM to MbedTLS and retain support, let's
just drop support entirely.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
|
| |
|
|
|
|
| |
This code is no longer in use so it can be dropped.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
|
| |
|
|
|
|
| |
Drop the softfloat library implementation now that it is no longer used.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
|
| |
|
|
|
|
|
| |
ArmSoftFloatLib is going away, so remove all residual references to it.
Continuous-integration-options: PatchCheck.ignore-multi-package
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Redfish uses JsonLib, which supports encoding real numbers. This
handling is implemented using C floating point types, which means that
on 32-bit ARM, a softfloat library is required, even though the CPUs we
still (marginally) care about all support floating point in hardware.
The UEFI spec does not permit the use of floating point on ARM at all,
and so the correct thing to do here is to simply disable this driver on
32-bit ARM entirely.
Note that the ARM platform code does allow the VFP unit to be enabled at
boot time, and so rebuilding this driver with hardware FP should be
feasible, in case anyone has an interest in running it on a 32-bit ARM
system.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Drop the ArmSoftFloatLib dependency from the OpensslLib implementations,
so that we can retire this git submodule and associated dependencies in
other components.
The upshot of this is that OpenSSL can no longer be used on 32-bit ARM
by components that rely on the random number generation routines (which
is where the floating point usage resides). In practice, this means that
ARM platforms should use MbedTLs instead for things like signed
capsules, authenticated variables and TPM2 support. HTTPS boot is no
longer supported, as TlsDxe depends on OpensslLib directly.
Note that MbedTLS itself -surprisingly- depends on OpensslLib as well,
but only for the SM3 routines, and incorporating those does not require
softfloat support.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
|
| |
|
|
|
|
|
|
| |
If a GitHub account has been deleted entirely, a `None` user will
be returrned from the GitHub API. This change accounts for a `None`
user when querying GitHub APIs for user information.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch updates libspdm to pull in various bug fixes,
but primarily commit ca4854be3325bd8fc7f2c714574d17aac2d4e13b
which updates libspdm's MbedTLS submodule to v3.6.2, fixing
CVE https://nvd.nist.gov/vuln/detail/CVE-2023-37920 there.
This CVE does not affect libspdm or edk2, but automatic
CVE scanning tools see the bad version of the certifi
pip module in the edk2/libspdm code trees and flag these
projects as failing.
libspdm has been updated to pull in the newer MbedTLS that
fixes this issue and this patch updates edk2 to pull in
the newer libspdm.
Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
As TPM2.0 is popular, updating default value for the Setup menu supports
a benefit for some systems that have another TPM Setup menu to select
TPM2.0 devices (e.g. dTPM, fTPM) depending on platform bios.
For example, when loading default configuration using F9 key in Setup
(Brower Action: SystemLevel), it is possible for them to load an
unsynchronized value. If user does not adjust the value before saving
Setup, it could influence an unexpected TPM initialization at next boot.
Setting TPM2.0 as default value supports the benefit related to the case.
Signed-off-by: Phil Noh <Phil.Noh@amd.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This commit is to check if the resource HOB range does not
exceed the max supported physical address.
The function BuildMemoryMapFromResDescHobs is to build Memory
Region from resource HOBs. Then the memory maps will be used
during creating or modifying SMM page table. If the resource
HOB range exceeds the max supported physical address, then
subsequent calling of PageTableMap() will fail.
Signed-off-by: Dun Tan <dun.tan@intel.com>
|
| |
|
|
|
|
|
| |
BaseCryptLib turn gettimeofday() from a Macro into a function call,
apply the same change to BaseCryptLibMbedTls
Signed-off-by: Amy Chan <amy.chan@intel.com>
|
| |
|
|
|
|
|
| |
Enable x2apic mode in case the number of possible CPUs (including
hotplug-able CPus which are not (yet) online) is larger than 255.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The UpdateArgcArgv() function documentation says "If OldArgv or OldArgc
is NULL then that value is not returned."
However, only OldArgc was checked for NULL, probably because of
copy-pasto. In case OldArgc was non-NULL, but OldArgv was null, it could
cause a segmentation fault.
Check OldArgv is not NULL before dereferencing the value.
Signed-off-by: Tormod Volden <debian.tormod@gmail.com>
|
| |
|
|
|
|
|
| |
Add a debug message that indicates when the NV variables are being
initialized through the template structure.
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When OVMF is built with SECURE_BOOT_ENABLE, the variable store will be
populated and validated in PlatformValidateNvVarStore(). When an SEV
or an SEV-ES guest is running, this may be encrypted or unencrypted
depending on how the guest was started. If the guest was started with the
combined code and variable contents (OVMF.fd), then the variable store
will be encrypted. If the guest was started with the separate code and
variables contents (OVMF_CODE.fd and OVMF_VARS.fd), then the variable
store will be unencrypted.
When PlatformValidateNvVarStore() is first invoked, the variable store
area is initially mapped encrypted, which may or may not pass the variable
validation step depending how the guest was launched. To accomodate this,
retry the validation step on failure after remapping the variable store
area as unencrypted.
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
When OVMF is built with the SECURE_BOOT_ENABLE set to true, reserving and
initializing the emulated variable store happens before memory has been
accepted under SEV-SNP. This results in a #VC exception for accessing
memory that hasn't been validated (error code 0x404). The #VC handler
treats this error code as a fatal error, causing the OVMF boot to fail.
Move the call to ReserveEmuVariableNvStore() to after memory has been
accepted by AmdSevInitialize().
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
|
| |
|
|
|
|
|
|
|
|
| |
SEV-SNP does not support the use of the Qemu flash device as SEV-SNP
guests are started using the Qemu -bios option instead of the Qemu -drive
if=pflash option. Perform runtime detection of SEV-SNP and exit early from
the Qemu flash device initialization, indicating the Qemu flash device is
not present. SEV-SNP guests will use the emulated variable support.
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are two issues in the GIC FDT parsing code:
- the GICC Flags 'Enabled' bit is overwritten when parsing the VGIC
Maintenance Interrupt, whose trigger type occupies another bit in the
same field;
- only the first CPU's Flags field is updated.
This breaks both SMP boot and KVM support on Linux, given that the boot
CPU is disabled in the MADT, and the VGIC maintenance interrupt is set
to 0x0 on all others.
Fix this, by OR'ing the trigger type into the field, and by iterating
over all discovered CPUs.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
|
| |
|
|
|
|
|
|
| |
This patch fixes a few instances of error cases in NetworkPkg
returning after a RaiseTPL call without restoring the TPL
first.
Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
|
| |
|
|
|
|
|
|
| |
gEfiHobMemoryAllocModuleGuid is referenced in the HobPrintLib,
but it is not defined in the INF file, causing an unresolved
external error when the module is consumed by code.
Signed-off-by: Aaron Pop <aaronpop@microsoft.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As a BASE type library, some PEI drivers could link and use it.
Tcg2Pei.inf is an example. On edk2-stable202408 version, PEI drivers
that link the library include the global variable of mRdRandSupported.
The previous commit (c3a8ca7) that refers to the global variable actually
is found to influence the link status. Updating the global variable
in PEI drivers could affect the following issues.
PEI ROM Boot : Global variable is not updated
PEI RAM Boot : PEI FV integration/security check is failed
To address these issues, remove the global variable usage.
Signed-off-by: Phil Noh <Phil.Noh@amd.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
The PCD token, PcdPciExpressBaseAddress is referred in the constructor.
If the token is defined as PcdsDynamic type, the PCD function that gets
the token value uses the gBS service to locate PCD protocol internally.
In this case, it is possible for the function to be called before
initializing gBS variable, then cause a system hang due to gBS variable.
Need to ensure the availability of gBS variable.
Signed-off-by: Phil Noh <Phil.Noh@amd.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4873
Currently the function does not cover the 5 level paging case. it will
casued pagetable protection region set incorrectly. This patch do the
enhancemant and with the patch protection region has been set correctly.
Signed-off-by: Ning Feng <ning.feng@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4873
Currently the function does not cover the 5 level paging case. it will
casued pagetable protection region set incorrectly. This patch do the
enhancemant and with the patch protection region has been set correctly.
Signed-off-by: Ning Feng <ning.feng@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Resolves several issues in UefiCpuPkg related to:
1. Unchecked returns leading to potential NULL or uninitialized access.
2. Potential unchecked integer overflows.
3. Incorrect comparison between integers of different sizes.
Co-authored-by: kenlautner <85201046+kenlautner@users.noreply.github.com>
Signed-off-by: Chris Fernald <chfernal@microsoft.com>
|
