[edk2-devel] [PATCH 1/3] UefiPayloadPkg: Simplify code logic
A little overdesign about VisitAllPciInstances function, since there are
two call back functions. Simplify the code logic by combining the two call
back functions.
Cc: Guo Dong
Cc: Ray Ni
Cc: Maurice Ma
Cc: Benjamin You
Cc: Sean Rhodes
Signed-off-by: Zhiguang Liu
---
.../PlatformBootManagerLib/PlatformConsole.c | 83 +--
1 file changed, 21 insertions(+), 62 deletions(-)
diff --git a/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformConsole.c
b/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformConsole.c
index bfaf89e74c..9887183624 100644
--- a/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformConsole.c
+++ b/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformConsole.c
@@ -387,18 +387,20 @@ VisitAllInstancesOfProtocol (
}
/**
- For every PCI instance execute a callback function.
+ Do platform specific PCI Device check and add them to
+ ConOut, ConIn, ErrOut.
- @param[in] Handle - The PCI device handle
- @param[in] Instance - The instance of the PciIo protocol
- @param[in] Context- The context of the callback
+ @param[in] Handle- Handle of PCI device instance
+ @param[in] Instance - The instance of PCI device
+ @param[in] Context - The context of the callback
- @retval EFI_STATUS - Callback function failed.
+ @retval EFI_SUCCESS - PCI Device check and Console variable update
successfully.
+ @retval EFI_STATUS - PCI Device check or Console variable update fail.
**/
EFI_STATUS
EFIAPI
-VisitingAPciInstance (
+DetectAndPreparePlatformPciDevicePath (
IN EFI_HANDLE Handle,
IN VOID*Instance,
IN VOID*Context
@@ -424,56 +426,6 @@ VisitingAPciInstance (
return Status;
}
- return (*(VISIT_PCI_INSTANCE_CALLBACK)(UINTN)Context)(
- Handle,
- PciIo,
- &Pci
- );
-}
-
-/**
- For every PCI instance execute a callback function.
-
- @param[in] CallBackFunction - Callback function pointer
-
- @retval EFI_STATUS - Callback function failed.
-
-**/
-EFI_STATUS
-EFIAPI
-VisitAllPciInstances (
- IN VISIT_PCI_INSTANCE_CALLBACK CallBackFunction
- )
-{
- return VisitAllInstancesOfProtocol (
- &gEfiPciIoProtocolGuid,
- VisitingAPciInstance,
- (VOID *)(UINTN)CallBackFunction
- );
-}
-
-/**
- Do platform specific PCI Device check and add them to
- ConOut, ConIn, ErrOut.
-
- @param[in] Handle - Handle of PCI device instance
- @param[in] PciIo - PCI IO protocol instance
- @param[in] Pci - PCI Header register block
-
- @retval EFI_SUCCESS - PCI Device check and Console variable update
successfully.
- @retval EFI_STATUS - PCI Device check or Console variable update fail.
-
-**/
-EFI_STATUS
-EFIAPI
-DetectAndPreparePlatformPciDevicePath (
- IN EFI_HANDLE Handle,
- IN EFI_PCI_IO_PROTOCOL *PciIo,
- IN PCI_TYPE00 *Pci
- )
-{
- EFI_STATUS Status;
-
Status = PciIo->Attributes (
PciIo,
EfiPciIoAttributeOperationEnable,
@@ -486,9 +438,9 @@ DetectAndPreparePlatformPciDevicePath (
//
// Here we decide whether it is LPC Bridge
//
-if ((IS_PCI_LPC (Pci)) ||
-((IS_PCI_ISA_PDECODE (Pci)) &&
- (Pci->Hdr.VendorId == 0x8086)
+if ((IS_PCI_LPC (&Pci)) ||
+((IS_PCI_ISA_PDECODE (&Pci)) &&
+ (Pci.Hdr.VendorId == 0x8086)
)
)
{
@@ -504,7 +456,7 @@ DetectAndPreparePlatformPciDevicePath (
//
// Here we decide which Serial device to enable in PCI bus
//
-if (IS_PCI_16550SERIAL (Pci)) {
+if (IS_PCI_16550SERIAL (&Pci)) {
//
// Add them to ConOut, ConIn, ErrOut.
//
@@ -517,7 +469,7 @@ DetectAndPreparePlatformPciDevicePath (
//
// Enable all display devices
//
- if (IS_PCI_DISPLAY (Pci)) {
+ if (IS_PCI_DISPLAY (&Pci)) {
//
// Add them to ConOut.
//
@@ -543,6 +495,8 @@ DetectAndPreparePlatformPciDevicePaths (
BOOLEAN DetectDisplayOnly
)
{
+ EFI_STATUS Status;
+
mDetectDisplayOnly = DetectDisplayOnly;
EfiBootManagerUpdateConsoleVariable (
@@ -551,7 +505,12 @@ DetectAndPreparePlatformPciDevicePaths (
NULL
);
- return VisitAllPciInstances (DetectAndPreparePlatformPciDevicePath);
+ Status = VisitAllInstancesOfProtocol (
+ &gEfiPciIoProtocolGuid,
+ DetectAndPreparePlatformPciDevicePath,
+ NULL
+ );
+ return Status;
}
/**
--
2.32.0.windows.2
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89637): https://edk2.groups.io/g/devel/message/89637
Mute This Topic: https://groups.io/mt/91007797/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH 0/3] UefiPayloadPkg: Enhance the logic to add ConIn and ConOut
Fix the bug that in some platform, there is no serial output or graphics output. Code passed open CI, and pleae check in https://github.com/tianocore/edk2/pull/2864 Cc: Guo Dong Cc: Ray Ni Cc: Maurice Ma Cc: Benjamin You Cc: Sean Rhodes Signed-off-by: Zhiguang Liu Zhiguang Liu (3): UefiPayloadPkg: Simplify code logic UefiPayloadPkg: Add Serial IO device path according to related protocol UefiPayloadPkg: Connect all root bridge in PlatformBootManagerBeforeConsole .../PlatformBootManagerLib.inf| 2 + .../PlatformBootManagerLib/PlatformConsole.c | 282 +- .../PlatformBootManagerLib/PlatformConsole.h | 1 - 3 files changed, 82 insertions(+), 203 deletions(-) -- 2.32.0.windows.2 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#89636): https://edk2.groups.io/g/devel/message/89636 Mute This Topic: https://groups.io/mt/91007796/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH 2/3] UefiPayloadPkg: Add Serial IO device path according to related protocol
Current code follow some rules to check if the PCI device connected to a
serial port device, but some platform or hardware doesn't follow such rule.
By locating gEfiSerialIoProtocolGuid protocol, we can find the related
device path.
Cc: Guo Dong
Cc: Ray Ni
Cc: Maurice Ma
Cc: Benjamin You
Cc: Sean Rhodes
Signed-off-by: Zhiguang Liu
---
.../PlatformBootManagerLib.inf| 1 +
.../PlatformBootManagerLib/PlatformConsole.c | 149 +-
.../PlatformBootManagerLib/PlatformConsole.h | 1 -
3 files changed, 44 insertions(+), 107 deletions(-)
diff --git
a/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
b/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
index 80390e0d98..acf2880d22 100644
--- a/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
+++ b/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
@@ -60,6 +60,7 @@
gEfiDxeSmmReadyToLockProtocolGuid
gEfiSmmAccess2ProtocolGuid
gUniversalPayloadPlatformBootManagerOverrideProtocolGuid
+ gEfiSerialIoProtocolGuid
[Pcd]
gEfiMdePkgTokenSpaceGuid.PcdPlatformBootTimeOut
diff --git a/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformConsole.c
b/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformConsole.c
index 9887183624..5e1c77d866 100644
--- a/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformConsole.c
+++ b/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformConsole.c
@@ -47,36 +47,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#define gPnpPs2Keyboard \
PNPID_DEVICE_PATH_NODE(0x0303)
-#define gUartVendor \
- { \
-{ \
- HARDWARE_DEVICE_PATH, \
- HW_VENDOR_DP, \
- { \
-(UINT8) (sizeof (VENDOR_DEVICE_PATH)), \
-(UINT8) ((sizeof (VENDOR_DEVICE_PATH)) >> 8) \
- } \
-}, \
-EDKII_SERIAL_PORT_LIB_VENDOR_GUID \
- }
-
-#define gUart \
- { \
-{ \
- MESSAGING_DEVICE_PATH, \
- MSG_UART_DP, \
- { \
-(UINT8) (sizeof (UART_DEVICE_PATH)), \
-(UINT8) ((sizeof (UART_DEVICE_PATH)) >> 8) \
- } \
-}, \
-0, \
-115200, \
-8, \
-1, \
-1 \
- }
-
#define gPcAnsiTerminal \
{ \
{ \
@@ -92,9 +62,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
ACPI_HID_DEVICE_PATH gPnpPs2KeyboardDeviceNode = gPnpPs2Keyboard;
ACPI_HID_DEVICE_PATH gPnp16550ComPortDeviceNode = gPnp16550ComPort;
-UART_DEVICE_PATH gUartDeviceNode= gUart;
VENDOR_DEVICE_PATHgTerminalTypeDeviceNode= gPcAnsiTerminal;
-VENDOR_DEVICE_PATHgUartDeviceVendorNode = gUartVendor;
//
// Predefined platform root bridge
@@ -112,13 +80,11 @@ EFI_DEVICE_PATH_PROTOCOL *gPlatformRootBridges[] = {
BOOLEAN mDetectDisplayOnly;
/**
- Add IsaKeyboard to ConIn; add IsaSerial to ConOut, ConIn, ErrOut.
+ Add IsaKeyboard to ConIn.
@param[in] DeviceHandle Handle of the LPC Bridge device.
- @retval EFI_SUCCESS Console devices on the LPC bridge have been added to
- ConOut, ConIn, and ErrOut.
-
+ @retval EFI_SUCCESS IsaKeyboard on the LPC bridge have been added to ConIn.
@return Error codes, due to EFI_DEVICE_PATH_PROTOCOL missing
from DeviceHandle.
**/
@@ -129,7 +95,6 @@ PrepareLpcBridgeDevicePath (
{
EFI_STATUSStatus;
EFI_DEVICE_PATH_PROTOCOL *DevicePath;
- EFI_DEVICE_PATH_PROTOCOL *TempDevicePath;
DevicePath = NULL;
Status = gBS->HandleProtocol (
@@ -141,26 +106,11 @@ PrepareLpcBridgeDevicePath (
return Status;
}
- TempDevicePath = DevicePath;
-
//
// Register Keyboard
//
DevicePath = AppendDevicePathNode (DevicePath, (EFI_DEVICE_PATH_PROTOCOL
*)&gPnpPs2KeyboardDeviceNode);
EfiBootManagerUpdateConsoleVariable (ConIn, DevicePath, NULL);
-
- //
- // Register COM1
- //
- DevicePath = TempDevicePath;
- DevicePath = AppendDevicePathNode ((EFI_DEVICE_PATH_PROTOCOL *)NULL,
(EFI_DEVICE_PATH_PROTOCOL *)&gUartDeviceVendorNode);
- DevicePath = AppendDevicePathNode (DevicePath, (EFI_DEVICE_PATH_PROTOCOL
*)&gUartDeviceNode);
- DevicePath = AppendDevicePathNode (DevicePath, (EFI_DEVICE_PATH_PROTOCOL
*)&gTerminalTypeDeviceNode);
-
- EfiBootManagerUpdateConsoleVariable (ConOut, DevicePath, NULL);
- EfiBootManagerUpdateConsoleVariable (ConIn, DevicePath, NULL);
- EfiBootManagerUpdateConsoleVariable (ErrOut, DevicePath, NULL);
-
return EFI_SUCCESS;
}
@@ -291,43 +241,6 @@ PreparePciVgaDevicePath (
return EFI_SUCCESS;
}
-/**
- Add PCI Serial to ConOut, ConIn, ErrOut.
-
- @param[in] DeviceHandle - Handle of PciIo protocol.
-
- @retval EFI_SUCCESS - PCI Serial is added to ConOut, ConIn, and ErrOut.
- @retval EFI_STATUS - No PCI Serial device is added.
-
-**/
-EFI_STATUS
-PreparePciSerialDevicePath (
- IN EFI_HANDLE DeviceHandle
- )
-{
- EFI_STATUSStatus;
- EFI_DEVICE_PATH_PROTOCOL *DevicePath;
-
- DevicePath = NULL;
- Status = gBS->HandleProtoc
[edk2-devel] [PATCH 3/3] UefiPayloadPkg: Connect all root bridge in PlatformBootManagerBeforeConsole
Some ConIn or ConOut device may not in the first root bridge, so connect all
root bridge before detect ConIn and ConOut device.
Cc: Guo Dong
Cc: Ray Ni
Cc: Maurice Ma
Cc: Benjamin You
Cc: Sean Rhodes
Signed-off-by: Zhiguang Liu
---
.../PlatformBootManagerLib.inf| 1 +
.../PlatformBootManagerLib/PlatformConsole.c | 52 ++-
2 files changed, 18 insertions(+), 35 deletions(-)
diff --git
a/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
b/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
index acf2880d22..9f58c460cd 100644
--- a/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
+++ b/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
@@ -61,6 +61,7 @@
gEfiSmmAccess2ProtocolGuid
gUniversalPayloadPlatformBootManagerOverrideProtocolGuid
gEfiSerialIoProtocolGuid
+ gEfiPciRootBridgeIoProtocolGuid
[Pcd]
gEfiMdePkgTokenSpaceGuid.PcdPlatformBootTimeOut
diff --git a/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformConsole.c
b/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformConsole.c
index 5e1c77d866..e4a9f5f0f9 100644
--- a/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformConsole.c
+++ b/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformConsole.c
@@ -38,9 +38,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
0 \
}
-#define gPciRootBridge \
- PNPID_DEVICE_PATH_NODE(0x0A03)
-
#define gPnp16550ComPort \
PNPID_DEVICE_PATH_NODE(0x0501)
@@ -64,19 +61,6 @@ ACPI_HID_DEVICE_PATH gPnpPs2KeyboardDeviceNode =
gPnpPs2Keyboard;
ACPI_HID_DEVICE_PATH gPnp16550ComPortDeviceNode = gPnp16550ComPort;
VENDOR_DEVICE_PATHgTerminalTypeDeviceNode= gPcAnsiTerminal;
-//
-// Predefined platform root bridge
-//
-PLATFORM_ROOT_BRIDGE_DEVICE_PATH gPlatformRootBridge0 = {
- gPciRootBridge,
- gEndEntire
-};
-
-EFI_DEVICE_PATH_PROTOCOL *gPlatformRootBridges[] = {
- (EFI_DEVICE_PATH_PROTOCOL *)&gPlatformRootBridge0,
- NULL
-};
-
BOOLEAN mDetectDisplayOnly;
/**
@@ -456,32 +440,26 @@ DetectAndPreparePlatformPciDevicePaths (
}
/**
- The function will connect root bridge
+ The function will connect one root bridge
- @return EFI_SUCCESS Connect RootBridge successfully.
+ @param[in] Handle - The root bridge handle
+ @param[in] Instance - The instance of the root bridge
+ @param[in] Context- The context of the callback
+
+ @return EFI_SUCCESS Connect RootBridge successfully.
**/
EFI_STATUS
-ConnectRootBridge (
- VOID
+EFIAPI
+ConnectOneRootBridge (
+ IN EFI_HANDLE Handle,
+ IN VOID*Instance,
+ IN VOID*Context
)
{
EFI_STATUS Status;
- EFI_HANDLE RootHandle;
-
- //
- // Make all the PCI_IO protocols on PCI Seg 0 show up
- //
- Status = gBS->LocateDevicePath (
- &gEfiDevicePathProtocolGuid,
- &gPlatformRootBridges[0],
- &RootHandle
- );
- if (EFI_ERROR (Status)) {
-return Status;
- }
- Status = gBS->ConnectController (RootHandle, NULL, NULL, FALSE);
+ Status = gBS->ConnectController (Handle, NULL, NULL, FALSE);
if (EFI_ERROR (Status)) {
return Status;
}
@@ -500,7 +478,11 @@ PlatformConsoleInit (
VOID
)
{
- ConnectRootBridge ();
+ VisitAllInstancesOfProtocol (
+&gEfiPciRootBridgeIoProtocolGuid,
+ConnectOneRootBridge,
+NULL
+);
//
// Do platform specific PCI Device check and add them to ConOut, ConIn,
ErrOut
--
2.32.0.windows.2
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89639): https://edk2.groups.io/g/devel/message/89639
Mute This Topic: https://groups.io/mt/91007799/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH V4 0/5] CryptoPkg/openssl: Enable EC conditionally.
Recommend from Gerd: (2) Keep the EC config option, but update process_files.pl to automatically add the PcdEcEnabled config option handling to the files it generates. This patch set does (2). When remove 'no-ec' from openssl configure list, will automatically remove 'OPENSSL_NO_EC', 'OPENSSL_NO_ECDH', 'OPENSSL_NO_ECDSA', 'OPENSSL_NO_TLS1_3', 'OPENSSL_NO_SM2' from header, and add '/ec/.', '/sm2/.' files to INF files. Signed-off-by: Yi Li Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Gerd Hoffmann Yi Li (5): CryptoPkg: Rename PCD about openssl EC configuration CryptoPkg: Separate auto-generated openssl config and edk2 openssl config CryptoPkg: Update process_files.pl to automatically add PCD config option CryptoPkg/openssl: update generated files CryptoPkg/openssl: disable codestyle checks for generated files CryptoPkg/CryptoPkg.ci.yaml | 14 +- CryptoPkg/CryptoPkg.dec | 2 +- .../Library/BaseCryptLib/BaseCryptLib.inf | 2 +- .../Library/BaseCryptLib/PeiCryptLib.inf | 2 +- .../Library/BaseCryptLib/RuntimeCryptLib.inf | 2 +- .../Library/BaseCryptLib/SmmCryptLib.inf | 2 +- .../BaseCryptLib/UnitTestHostBaseCryptLib.inf | 2 +- CryptoPkg/Library/Include/crypto/dso_conf.h | 7 +- .../Library/Include/openssl/opensslconf.h | 348 +- .../Include/openssl/opensslconf_generated.h | 333 + CryptoPkg/Library/OpensslLib/OpensslLib.inf | 98 ++--- .../Library/OpensslLib/OpensslLibCrypto.inf | 98 ++--- CryptoPkg/Library/OpensslLib/process_files.pl | 77 +++- CryptoPkg/Library/TlsLib/TlsLib.inf | 2 +- 14 files changed, 552 insertions(+), 437 deletions(-) create mode 100644 CryptoPkg/Library/Include/openssl/opensslconf_generated.h -- 2.31.1.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#89640): https://edk2.groups.io/g/devel/message/89640 Mute This Topic: https://groups.io/mt/91007892/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH V4 1/5] CryptoPkg: Rename PCD about openssl EC configuration
PcdOpensslXXXEnabled is a more appropriate choice.
Signed-off-by: Yi Li
Cc: Jiewen Yao
Cc: Jian J Wang
Cc: Xiaoyu Lu
Cc: Guomin Jiang
---
CryptoPkg/CryptoPkg.dec | 2 +-
.../Library/BaseCryptLib/BaseCryptLib.inf | 2 +-
.../Library/BaseCryptLib/PeiCryptLib.inf | 2 +-
.../Library/BaseCryptLib/RuntimeCryptLib.inf | 2 +-
.../Library/BaseCryptLib/SmmCryptLib.inf | 2 +-
.../BaseCryptLib/UnitTestHostBaseCryptLib.inf | 2 +-
.../Library/Include/openssl/opensslconf.h | 2 +-
CryptoPkg/Library/OpensslLib/OpensslLib.inf | 94 +--
.../Library/OpensslLib/OpensslLibCrypto.inf | 94 +--
CryptoPkg/Library/TlsLib/TlsLib.inf | 2 +-
10 files changed, 102 insertions(+), 102 deletions(-)
diff --git a/CryptoPkg/CryptoPkg.dec b/CryptoPkg/CryptoPkg.dec
index ebec64050b71..d9b64e5763ce 100644
--- a/CryptoPkg/CryptoPkg.dec
+++ b/CryptoPkg/CryptoPkg.dec
@@ -83,7 +83,7 @@
## Enable/Disable the ECC feature in openssl library. The default is
disabled.
# If ECC feature is disabled, all related source files will not be compiled.
- gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled|FALSE|BOOLEAN|0x003
+ gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled|FALSE|BOOLEAN|0x003
[UserExtensions.TianoCore."ExtraFiles"]
CryptoPkgExtra.uni
diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
index 5bbdb387d6ba..59e21a5b48f8 100644
--- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
@@ -89,7 +89,7 @@
PrintLib
[FixedPcd]
- gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
#
# Remove these [BuildOptions] after this library is cleaned up
diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
index fd500e61ec99..2ea1fbfcd728 100644
--- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
@@ -78,7 +78,7 @@
IntrinsicLib
[FixedPcd]
- gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
#
# Remove these [BuildOptions] after this library is cleaned up
diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
index 3e4524896c45..69656fd28bdd 100644
--- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
@@ -94,7 +94,7 @@
PrintLib
[FixedPcd]
- gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
#
# Remove these [BuildOptions] after this library is cleaned up
diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
index ae75bc87b5e5..91a171509540 100644
--- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
@@ -93,7 +93,7 @@
SynchronizationLib
[FixedPcd]
- gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
#
# Remove these [BuildOptions] after this library is cleaned up
diff --git a/CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf
b/CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf
index 44c183b90563..17062ce84e15 100644
--- a/CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf
@@ -73,7 +73,7 @@
OpensslLib
[FixedPcd]
- gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
#
# Remove these [BuildOptions] after this library is cleaned up
diff --git a/CryptoPkg/Library/Include/openssl/opensslconf.h
b/CryptoPkg/Library/Include/openssl/opensslconf.h
index 1485b8c9f108..22a7216cc46c 100644
--- a/CryptoPkg/Library/Include/openssl/opensslconf.h
+++ b/CryptoPkg/Library/Include/openssl/opensslconf.h
@@ -55,7 +55,7 @@ extern "C" {
#ifndef OPENSSL_NO_DSA
#define OPENSSL_NO_DSA
#endif
-#if !FixedPcdGetBool (PcdEcEnabled)
+#if !FixedPcdGetBool (PcdOpensslEcEnabled)
#ifndef OPENSSL_NO_EC
#define OPENSSL_NO_EC
#endif
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
index a97b3f5e8ff2..a92eefcc9466 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
@@ -199,43 +199,43 @@
$(OPENSSL_PATH)/crypto/dso/dso_vms.c
$(OPENSSL_PATH)/crypto/dso/dso_win32.c
$(OPENSSL_PATH)/crypto/ebcdic.c
- $(OPENSSL_PATH)/crypto/ec/curve25519.c
|*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c
|*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c
|*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c
|*|*|*|gEfiCryp
[edk2-devel] [PATCH V4 2/5] CryptoPkg: Separate auto-generated openssl config and edk2 openssl config
Move auto-generated openssl config to openssl/opensslconf_generated,
And openssl/opensslconf.h will contain both edk2 conditional openssl
feature and openssl/opensslconf_generated.
Will make two part more clear.
New conditional feture code in opensslconf.h will look like:
/* Autogenerated conditional openssl feature list starts here */
[.]
/* Autogenerated conditional openssl feature list ends here */
Signed-off-by: Yi Li
Cc: Jiewen Yao
Cc: Jian J Wang
Cc: Xiaoyu Lu
Cc: Guomin Jiang
Cc: Gerd Hoffmann
---
.../Library/Include/openssl/opensslconf.h | 331 +
.../Include/openssl/opensslconf_generated.h | 349 ++
2 files changed, 352 insertions(+), 328 deletions(-)
create mode 100644 CryptoPkg/Library/Include/openssl/opensslconf_generated.h
diff --git a/CryptoPkg/Library/Include/openssl/opensslconf.h
b/CryptoPkg/Library/Include/openssl/opensslconf.h
index 22a7216cc46c..98962e0fe378 100644
--- a/CryptoPkg/Library/Include/openssl/opensslconf.h
+++ b/CryptoPkg/Library/Include/openssl/opensslconf.h
@@ -10,339 +10,14 @@
* https://www.openssl.org/source/license.html
*/
#include
-#include
+#include
#ifdef __cplusplus
extern "C" {
#endif
-#ifdef OPENSSL_ALGORITHM_DEFINES
- #error OPENSSL_ALGORITHM_DEFINES no longer supported
-#endif
-
-/*
- * OpenSSL was configured with the following options:
- */
-
-#ifndef OPENSSL_SYS_UEFI
-#define OPENSSL_SYS_UEFI 1
-#endif
-#define OPENSSL_MIN_API 0x1010L
-#ifndef OPENSSL_NO_BF
-#define OPENSSL_NO_BF
-#endif
-#ifndef OPENSSL_NO_BLAKE2
-#define OPENSSL_NO_BLAKE2
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-#define OPENSSL_NO_CAMELLIA
-#endif
-#ifndef OPENSSL_NO_CAST
-#define OPENSSL_NO_CAST
-#endif
-#ifndef OPENSSL_NO_CHACHA
-#define OPENSSL_NO_CHACHA
-#endif
-#ifndef OPENSSL_NO_CMS
-#define OPENSSL_NO_CMS
-#endif
-#ifndef OPENSSL_NO_CT
-#define OPENSSL_NO_CT
-#endif
-#ifndef OPENSSL_NO_DES
-#define OPENSSL_NO_DES
-#endif
-#ifndef OPENSSL_NO_DSA
-#define OPENSSL_NO_DSA
-#endif
-#if !FixedPcdGetBool (PcdOpensslEcEnabled)
- #ifndef OPENSSL_NO_EC
-#define OPENSSL_NO_EC
- #endif
-#endif
-#ifndef OPENSSL_NO_IDEA
-#define OPENSSL_NO_IDEA
-#endif
-#ifndef OPENSSL_NO_MD2
-#define OPENSSL_NO_MD2
-#endif
-#ifndef OPENSSL_NO_MD4
-#define OPENSSL_NO_MD4
-#endif
-#ifndef OPENSSL_NO_MDC2
-#define OPENSSL_NO_MDC2
-#endif
-#ifndef OPENSSL_NO_POLY1305
-#define OPENSSL_NO_POLY1305
-#endif
-#ifndef OPENSSL_NO_RC2
-#define OPENSSL_NO_RC2
-#endif
-#ifndef OPENSSL_NO_RC4
-#define OPENSSL_NO_RC4
-#endif
-#ifndef OPENSSL_NO_RC5
-#define OPENSSL_NO_RC5
-#endif
-#ifndef OPENSSL_NO_RMD160
-#define OPENSSL_NO_RMD160
-#endif
-#ifndef OPENSSL_NO_SEED
-#define OPENSSL_NO_SEED
-#endif
-#ifndef OPENSSL_NO_SM2
-#define OPENSSL_NO_SM2
-#endif
-#ifndef OPENSSL_NO_SRP
-#define OPENSSL_NO_SRP
-#endif
-#ifndef OPENSSL_NO_TS
-#define OPENSSL_NO_TS
-#endif
-#ifndef OPENSSL_NO_WHIRLPOOL
-#define OPENSSL_NO_WHIRLPOOL
-#endif
-#ifndef OPENSSL_RAND_SEED_NONE
-#define OPENSSL_RAND_SEED_NONE
-#endif
-#ifndef OPENSSL_NO_AFALGENG
-#define OPENSSL_NO_AFALGENG
-#endif
-#ifndef OPENSSL_NO_APPS
-#define OPENSSL_NO_APPS
-#endif
-#ifndef OPENSSL_NO_ASAN
-#define OPENSSL_NO_ASAN
-#endif
-#ifndef OPENSSL_NO_ASYNC
-#define OPENSSL_NO_ASYNC
-#endif
-#ifndef OPENSSL_NO_AUTOERRINIT
-#define OPENSSL_NO_AUTOERRINIT
-#endif
-#ifndef OPENSSL_NO_AUTOLOAD_CONFIG
-#define OPENSSL_NO_AUTOLOAD_CONFIG
-#endif
-#ifndef OPENSSL_NO_CAPIENG
-#define OPENSSL_NO_CAPIENG
-#endif
-#ifndef OPENSSL_NO_CRYPTO_MDEBUG
-#define OPENSSL_NO_CRYPTO_MDEBUG
-#endif
-#ifndef OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
-#define OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
-#endif
-#ifndef OPENSSL_NO_DEPRECATED
-#define OPENSSL_NO_DEPRECATED
-#endif
-#ifndef OPENSSL_NO_DEVCRYPTOENG
-#define OPENSSL_NO_DEVCRYPTOENG
-#endif
-#ifndef OPENSSL_NO_DGRAM
-#define OPENSSL_NO_DGRAM
-#endif
-#ifndef OPENSSL_NO_DTLS
-#define OPENSSL_NO_DTLS
-#endif
-#ifndef OPENSSL_NO_DTLS1
-#define OPENSSL_NO_DTLS1
-#endif
-#ifndef OPENSSL_NO_DTLS1_2
-#define OPENSSL_NO_DTLS1_2
-#endif
-#ifndef OPENSSL_NO_EC2M
-#define OPENSSL_NO_EC2M
-#endif
-#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
-#define OPENSSL_NO_EC_NISTP_64_GCC_128
-#endif
-#ifndef OPENSSL_NO_ECDH
-#define OPENSSL_NO_ECDH
-#endif
-#ifndef OPENSSL_NO_ECDSA
-#define OPENSSL_NO_ECDSA
-#endif
-#ifndef OPENSSL_NO_EGD
-#define OPENSSL_NO_EGD
-#endif
-#ifndef OPENSSL_NO_ENGINE
-#define OPENSSL_NO_ENGINE
-#endif
-#ifndef OPENSSL_NO_ERR
-#define OPENSSL_NO_ERR
-#endif
-#ifndef OPENSSL_NO_EXTERNAL_TESTS
-#define OPENSSL_NO_EXTERNAL_TESTS
-#endif
-#ifndef OPENSSL_NO_FILENAMES
-#define OPENSSL_NO_FILENAMES
-#endif
-#ifndef OPENSSL_NO_FUZZ_AFL
-#define OPENSSL_NO_FUZZ_AFL
-#endif
-#ifndef OPENSSL_NO_FUZZ_LIBFUZZER
-#define OPENSSL_NO_FUZZ_LIBFUZZER
-#endif
-#ifndef OPENSSL_NO_GOST
-#define OPENSSL_NO_GOST
-#endif
-#ifndef OPENSSL_NO_HEARTBEATS
-#define OPENSSL_NO_HEARTBEATS
-#endif
-#ifndef OPENSSL_NO_HW
-#define OPENSSL_NO_HW
-#endif
-#ifndef OPENSSL_NO_MSAN
-#define OPENSSL_NO_MSAN
-#endif
-#ifndef OPE
[edk2-devel] [PATCH V4 3/5] CryptoPkg: Update process_files.pl to automatically add PCD config option
Recommend from Gerd:
(2) Keep the EC config option, but update process_files.pl to
automatically add the PcdEcEnabled config option handling
to the files it generates.
When remove 'no-ec' from openssl configure list, will automatically remove
'OPENSSL_NO_EC', 'OPENSSL_NO_ECDH', 'OPENSSL_NO_ECDSA', 'OPENSSL_NO_TLS1_3',
form header, and add '/ec/.', '/sm2/.' files to INF files.
Signed-off-by: Yi Li
Cc: Jiewen Yao
Cc: Jian J Wang
Cc: Xiaoyu Lu
Cc: Guomin Jiang
Cc: Gerd Hoffmann
---
CryptoPkg/Library/OpensslLib/process_files.pl | 77 ++-
1 file changed, 74 insertions(+), 3 deletions(-)
diff --git a/CryptoPkg/Library/OpensslLib/process_files.pl
b/CryptoPkg/Library/OpensslLib/process_files.pl
index 2ebfbbbca0de..545f2182842b 100755
--- a/CryptoPkg/Library/OpensslLib/process_files.pl
+++ b/CryptoPkg/Library/OpensslLib/process_files.pl
@@ -81,6 +81,19 @@ my $uefi_config;
my $extension;
my $arch;
my @inf;
+#
+# Use PCD to conditionally enable certain openssl features.
+# $conditional_feature contains pcd_name:fetures_names pairs
+# of conditional features.
+# @conditional_feature_dir contains relative_path:pcd_name pairs
+# of conditional features in openssl, MUST correspond to the content
+# in $conditional_feature.
+#
+# Configure list [openssl_configuration : new_define_list : new_file_list :
pcd]
+# 1. no-ec : {NO_EC, NO_ECDH, NO_ECDSA, NO_TLS1_3, NO_SM2} : {/ec/, /sm2/} :
PcdOpensslEcEnabled
+#
+my %conditional_feature = ("PcdOpensslEcEnabled"=>["EC", "ECDH", "ECDSA",
"TLS1_3", "SM2"]);
+my %conditional_feature_dir = ("/ec/"=>"PcdOpensslEcEnabled",
"/sm2/"=>"PcdOpensslEcEnabled");
BEGIN {
$inf_file = "OpensslLib.inf";
@@ -282,7 +295,13 @@ foreach my $product ((@{$unified_info{libraries}},
push @sslfilelist, ' $(OPENSSL_PATH)/' . $s . "\r\n";
next;
}
-push @cryptofilelist, ' $(OPENSSL_PATH)/' . $s . "\r\n";
+push @cryptofilelist, ' $(OPENSSL_PATH)/' . $s;
+foreach (keys(%conditional_feature_dir)) {
+if ($s =~ $_) {
+push @cryptofilelist, '
|*|*|*|gEfiCryptoPkgTokenSpaceGuid.' . $conditional_feature_dir{$_};
+}
+}
+push @cryptofilelist, "\r\n";
}
}
}
@@ -311,7 +330,13 @@ foreach (@headers){
push @sslfilelist, ' $(OPENSSL_PATH)/' . $_ . "\r\n";
next;
}
- push @cryptofilelist, ' $(OPENSSL_PATH)/' . $_ . "\r\n";
+ push @cryptofilelist, ' $(OPENSSL_PATH)/' . $_;
+ foreach my $conditional_key (keys(%conditional_feature_dir)) {
+if ($_ =~ $conditional_key) {
+push @cryptofilelist, ' |*|*|*|gEfiCryptoPkgTokenSpaceGuid.' .
$conditional_feature_dir{$conditional_key};
+}
+ }
+ push @cryptofilelist, "\r\n";
}
@@ -416,7 +441,7 @@ print "\n--> Duplicating opensslconf.h into Include/openssl
... ";
system(
"perl -pe 's/\\n/\\r\\n/' " .
"< " . $OPENSSL_PATH . "/include/openssl/opensslconf.h " .
-"> " . $OPENSSL_PATH . "/../../Include/openssl/opensslconf.h"
+"> " . $OPENSSL_PATH . "/../../Include/openssl/opensslconf_generated.h"
) == 0 ||
die "Cannot copy opensslconf.h!";
print "Done!";
@@ -428,6 +453,52 @@ system(
"> " . $OPENSSL_PATH . "/../../Include/crypto/dso_conf.h"
) == 0 ||
die "Cannot copy dso_conf.h!";
+print "Done!";
+
+#
+# Add conditional feature to opensslconf.h
+#
+my $conf_file = "../Include/openssl/opensslconf.h";
+my @conf_raw = ();
+my @conditional_define = ();
+print "\n--> Updating conditional feature in $conf_file ... ";
+
+foreach my $pcd_name (keys(%conditional_feature)) {
+push @conditional_define, "#if !FixedPcdGetBool ($pcd_name)\r\n";
+foreach (@{$conditional_feature{$pcd_name}}) {
+push @conditional_define, "# ifndef OPENSSL_NO_$_\r\n";
+push @conditional_define, "# define OPENSSL_NO_$_\r\n";
+push @conditional_define, "# endif\r\n";
+}
+push @conditional_define, "#endif\r\n";
+}
+
+open( FD, "<" . $conf_file ) ||
+die $conf_file;
+foreach () {
+# Insert conditional define to the begin of opensslconf.h
+if ($_ =~ "Autogenerated conditional openssl feature list starts here") {
+push @conf_raw, $_, @conditional_define;
+$subbing = 1;
+next;
+}
+if ($_ =~ "Autogenerated conditional openssl feature list ends here") {
+push @conf_raw, $_;
+$subbing = 0;
+next;
+}
+push @conf_raw, $_
+unless ($subbing);
+}
+close(FD) ||
+die $conf_file;
+
+open( FD, ">" . $conf_file ) ||
+die $conf_file;
+print( FD @conf_raw ) ||
+die $conf_file;
+close(FD) ||
+die $conf_file;
print "Done!\n";
print "\nProcessing Files Done!\n";
--
2.31.1.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89643): https://edk2.groups.io/g/devel/message/89643
Mute This Topic: https://groups.io/mt/91007896/21656
Gro
[edk2-devel] [PATCH V4 4/5] CryptoPkg/openssl: update generated files
Run process_files.pl with the current openssl submodule version.
Signed-off-by: Yi Li
Cc: Jiewen Yao
Cc: Jian J Wang
Cc: Xiaoyu Lu
Cc: Guomin Jiang
Cc: Gerd Hoffmann
---
CryptoPkg/Library/Include/crypto/dso_conf.h | 7 +-
.../Library/Include/openssl/opensslconf.h | 17 ++
.../Include/openssl/opensslconf_generated.h | 240 --
CryptoPkg/Library/OpensslLib/OpensslLib.inf | 34 +--
.../Library/OpensslLib/OpensslLibCrypto.inf | 96 +++
5 files changed, 201 insertions(+), 193 deletions(-)
diff --git a/CryptoPkg/Library/Include/crypto/dso_conf.h
b/CryptoPkg/Library/Include/crypto/dso_conf.h
index b9c38b416697..95f4db2b1586 100644
--- a/CryptoPkg/Library/Include/crypto/dso_conf.h
+++ b/CryptoPkg/Library/Include/crypto/dso_conf.h
@@ -1,6 +1,5 @@
/* WARNING: do not edit! */
/* Generated from include/crypto/dso_conf.h.in */
-
/*
* Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
*
@@ -11,7 +10,7 @@
*/
#ifndef OSSL_CRYPTO_DSO_CONF_H
-#define OSSL_CRYPTO_DSO_CONF_H
-#define DSO_NONE
-#define DSO_EXTENSION ".so"
+# define OSSL_CRYPTO_DSO_CONF_H
+# define DSO_NONE
+# define DSO_EXTENSION ".so"
#endif
diff --git a/CryptoPkg/Library/Include/openssl/opensslconf.h
b/CryptoPkg/Library/Include/openssl/opensslconf.h
index 98962e0fe378..53dd8c3efbe6 100644
--- a/CryptoPkg/Library/Include/openssl/opensslconf.h
+++ b/CryptoPkg/Library/Include/openssl/opensslconf.h
@@ -17,6 +17,23 @@ extern "C" {
#endif
/* Autogenerated conditional openssl feature list starts here */
+#if !FixedPcdGetBool (PcdOpensslEcEnabled)
+# ifndef OPENSSL_NO_EC
+# define OPENSSL_NO_EC
+# endif
+# ifndef OPENSSL_NO_ECDH
+# define OPENSSL_NO_ECDH
+# endif
+# ifndef OPENSSL_NO_ECDSA
+# define OPENSSL_NO_ECDSA
+# endif
+# ifndef OPENSSL_NO_TLS1_3
+# define OPENSSL_NO_TLS1_3
+# endif
+# ifndef OPENSSL_NO_SM2
+# define OPENSSL_NO_SM2
+# endif
+#endif
/* Autogenerated conditional openssl feature list ends here */
#ifdef __cplusplus
diff --git a/CryptoPkg/Library/Include/openssl/opensslconf_generated.h
b/CryptoPkg/Library/Include/openssl/opensslconf_generated.h
index 22a7216cc46c..09a6641ffcf9 100644
--- a/CryptoPkg/Library/Include/openssl/opensslconf_generated.h
+++ b/CryptoPkg/Library/Include/openssl/opensslconf_generated.h
@@ -9,7 +9,7 @@
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
-#include
+
#include
#ifdef __cplusplus
@@ -17,7 +17,7 @@ extern "C" {
#endif
#ifdef OPENSSL_ALGORITHM_DEFINES
- #error OPENSSL_ALGORITHM_DEFINES no longer supported
+# error OPENSSL_ALGORITHM_DEFINES no longer supported
#endif
/*
@@ -25,233 +25,217 @@ extern "C" {
*/
#ifndef OPENSSL_SYS_UEFI
-#define OPENSSL_SYS_UEFI 1
+# define OPENSSL_SYS_UEFI 1
#endif
-#define OPENSSL_MIN_API 0x1010L
+#define OPENSSL_MIN_API 0x1010L
#ifndef OPENSSL_NO_BF
-#define OPENSSL_NO_BF
+# define OPENSSL_NO_BF
#endif
#ifndef OPENSSL_NO_BLAKE2
-#define OPENSSL_NO_BLAKE2
+# define OPENSSL_NO_BLAKE2
#endif
#ifndef OPENSSL_NO_CAMELLIA
-#define OPENSSL_NO_CAMELLIA
+# define OPENSSL_NO_CAMELLIA
#endif
#ifndef OPENSSL_NO_CAST
-#define OPENSSL_NO_CAST
+# define OPENSSL_NO_CAST
#endif
#ifndef OPENSSL_NO_CHACHA
-#define OPENSSL_NO_CHACHA
+# define OPENSSL_NO_CHACHA
#endif
#ifndef OPENSSL_NO_CMS
-#define OPENSSL_NO_CMS
+# define OPENSSL_NO_CMS
#endif
#ifndef OPENSSL_NO_CT
-#define OPENSSL_NO_CT
+# define OPENSSL_NO_CT
#endif
#ifndef OPENSSL_NO_DES
-#define OPENSSL_NO_DES
+# define OPENSSL_NO_DES
#endif
#ifndef OPENSSL_NO_DSA
-#define OPENSSL_NO_DSA
-#endif
-#if !FixedPcdGetBool (PcdOpensslEcEnabled)
- #ifndef OPENSSL_NO_EC
-#define OPENSSL_NO_EC
- #endif
+# define OPENSSL_NO_DSA
#endif
#ifndef OPENSSL_NO_IDEA
-#define OPENSSL_NO_IDEA
+# define OPENSSL_NO_IDEA
#endif
#ifndef OPENSSL_NO_MD2
-#define OPENSSL_NO_MD2
+# define OPENSSL_NO_MD2
#endif
#ifndef OPENSSL_NO_MD4
-#define OPENSSL_NO_MD4
+# define OPENSSL_NO_MD4
#endif
#ifndef OPENSSL_NO_MDC2
-#define OPENSSL_NO_MDC2
+# define OPENSSL_NO_MDC2
#endif
#ifndef OPENSSL_NO_POLY1305
-#define OPENSSL_NO_POLY1305
+# define OPENSSL_NO_POLY1305
#endif
#ifndef OPENSSL_NO_RC2
-#define OPENSSL_NO_RC2
+# define OPENSSL_NO_RC2
#endif
#ifndef OPENSSL_NO_RC4
-#define OPENSSL_NO_RC4
+# define OPENSSL_NO_RC4
#endif
#ifndef OPENSSL_NO_RC5
-#define OPENSSL_NO_RC5
+# define OPENSSL_NO_RC5
#endif
#ifndef OPENSSL_NO_RMD160
-#define OPENSSL_NO_RMD160
+# define OPENSSL_NO_RMD160
#endif
#ifndef OPENSSL_NO_SEED
-#define OPENSSL_NO_SEED
-#endif
-#ifndef OPENSSL_NO_SM2
-#define OPENSSL_NO_SM2
+# define OPENSSL_NO_SEED
#endif
#ifndef OPENSSL_NO_SRP
-#define OPENSSL_NO_SRP
+# define OPENSSL_NO_SRP
#endif
#ifndef OPENSSL_NO_TS
-#define OPENSSL_NO_TS
+# define OPENSSL_NO_TS
#endif
#ifndef OPENSSL_NO_WHIRLPOOL
-#define OPENSSL_NO_WHIRLPOOL
+# define OPENSSL_NO_WHIRLPOOL
#endif
#ifndef OPENSSL_RAND_SEED_NONE
-#define OPENSSL_RAND_SEED_NONE
+# define OPENSSL_RAND_SE
[edk2-devel] [PATCH V4 5/5] CryptoPkg/openssl: disable codestyle checks for generated files
Files generated by process_files.pl from openssl sources should not be checked
for edk2 code style.
Signed-off-by: Gerd Hoffmann
Signed-off-by: Yi Li
Cc: Jiewen Yao
Cc: Jian J Wang
Cc: Xiaoyu Lu
Cc: Guomin Jiang
---
CryptoPkg/CryptoPkg.ci.yaml | 14 +-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/CryptoPkg/CryptoPkg.ci.yaml b/CryptoPkg/CryptoPkg.ci.yaml
index 396ca93dbe49..bb52ceb54733 100644
--- a/CryptoPkg/CryptoPkg.ci.yaml
+++ b/CryptoPkg/CryptoPkg.ci.yaml
@@ -10,7 +10,8 @@
"IgnoreFiles": [
# These directories contain auto-generated OpenSSL content
"Library/OpensslLib/X64",
-"Library/OpensslLib/X64Gcc"
+"Library/OpensslLib/X64Gcc",
+"Library/Include/openssl"
]
},
"EccCheck": {
@@ -26,6 +27,8 @@
## Both file path and directory path are accepted.
"IgnoreFiles": [
"Library/OpensslLib/openssl",
+"Library/Include/openssl",
+"Library/Include/crypto",
# The unit testing folder is not to be checked
"Test/UnitTest",
# This has OpenSSL interfaces that aren't UEFI spec compliant
@@ -89,5 +92,14 @@
"ExtendWords": [], # words to extend to the dictionary for
this package
"IgnoreStandardPaths": [], # Standard Plugin defined paths that
should be ignore
"AdditionalIncludePaths": [] # Additional paths to spell check
(wildcards supported)
+},
+
+# options defined in .pytool/Plugin/UncrustifyCheck
+"UncrustifyCheck": {
+"IgnoreFiles": [
+"opensslconf.h",
+"dso_conf.h",
+"opensslconf_generated.h"
+]
}
}
--
2.31.1.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89645): https://edk2.groups.io/g/devel/message/89645
Mute This Topic: https://groups.io/mt/91007901/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH 1/3] UefiPayloadPkg: Simplify code logic
> > +DetectAndPreparePlatformPciDevicePath ( > >IN EFI_HANDLE Handle, > >IN VOID*Instance, > >IN VOID*Context Is "Context" needed? Can you please remove it? -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#89646): https://edk2.groups.io/g/devel/message/89646 Mute This Topic: https://groups.io/mt/91007797/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH V4 0/5] CryptoPkg/openssl: Enable EC conditionally.
Series reviewed-by: Jiewen Yao > -Original Message- > From: Li, Yi1 > Sent: Tuesday, May 10, 2022 3:19 PM > To: devel@edk2.groups.io > Cc: Li, Yi1 ; Yao, Jiewen ; Wang, Jian > J ; Lu, Xiaoyu1 ; Jiang, Guomin > ; Gerd Hoffmann > Subject: [PATCH V4 0/5] CryptoPkg/openssl: Enable EC conditionally. > > Recommend from Gerd: > (2) Keep the EC config option, but update process_files.pl to > automatically add the PcdEcEnabled config option handling > to the files it generates. > > This patch set does (2). > > When remove 'no-ec' from openssl configure list, will automatically remove > 'OPENSSL_NO_EC', 'OPENSSL_NO_ECDH', 'OPENSSL_NO_ECDSA', > 'OPENSSL_NO_TLS1_3', 'OPENSSL_NO_SM2' from header, and add '/ec/.', > '/sm2/.' files to INF files. > > Signed-off-by: Yi Li > Cc: Jiewen Yao > Cc: Jian J Wang > Cc: Xiaoyu Lu > Cc: Guomin Jiang > Cc: Gerd Hoffmann > > Yi Li (5): > CryptoPkg: Rename PCD about openssl EC configuration > CryptoPkg: Separate auto-generated openssl config and edk2 openssl > config > CryptoPkg: Update process_files.pl to automatically add PCD config > option > CryptoPkg/openssl: update generated files > CryptoPkg/openssl: disable codestyle checks for generated files > > CryptoPkg/CryptoPkg.ci.yaml | 14 +- > CryptoPkg/CryptoPkg.dec | 2 +- > .../Library/BaseCryptLib/BaseCryptLib.inf | 2 +- > .../Library/BaseCryptLib/PeiCryptLib.inf | 2 +- > .../Library/BaseCryptLib/RuntimeCryptLib.inf | 2 +- > .../Library/BaseCryptLib/SmmCryptLib.inf | 2 +- > .../BaseCryptLib/UnitTestHostBaseCryptLib.inf | 2 +- > CryptoPkg/Library/Include/crypto/dso_conf.h | 7 +- > .../Library/Include/openssl/opensslconf.h | 348 +- > .../Include/openssl/opensslconf_generated.h | 333 + > CryptoPkg/Library/OpensslLib/OpensslLib.inf | 98 ++--- > .../Library/OpensslLib/OpensslLibCrypto.inf | 98 ++--- > CryptoPkg/Library/OpensslLib/process_files.pl | 77 +++- > CryptoPkg/Library/TlsLib/TlsLib.inf | 2 +- > 14 files changed, 552 insertions(+), 437 deletions(-) > create mode 100644 > CryptoPkg/Library/Include/openssl/opensslconf_generated.h > > -- > 2.31.1.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#89647): https://edk2.groups.io/g/devel/message/89647 Mute This Topic: https://groups.io/mt/91007892/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH edk2-platforms 1/1] Silicon/SynQuacer/Fip006Dxe: Support 4-bytes address for erase and write
From: Kazuhiko Sakamoto
Support 4-bytes address for erase and write, so that we can
access whole region of SPI-NOR Flash(64MiB) implemented on the
Developerbox.
This commit also fixes the wrong macro name. SPINOR_OP_SE and
SPINOR_OP_SE_4B is the commoand for 64KB block erase,
it must be SPINOR_OP_BE and SPINOR_OP_BE_4B.
Signed-off-by: Masahisa Kojima
---
Silicon/Socionext/SynQuacer/Drivers/Fip006Dxe/NorFlash.h | 4 ++--
Silicon/Socionext/SynQuacer/Drivers/Fip006Dxe/NorFlash.c | 13 +
2 files changed, 7 insertions(+), 10 deletions(-)
diff --git a/Silicon/Socionext/SynQuacer/Drivers/Fip006Dxe/NorFlash.h
b/Silicon/Socionext/SynQuacer/Drivers/Fip006Dxe/NorFlash.h
index bade5706e6ae..3cb86ab588e0 100644
--- a/Silicon/Socionext/SynQuacer/Drivers/Fip006Dxe/NorFlash.h
+++ b/Silicon/Socionext/SynQuacer/Drivers/Fip006Dxe/NorFlash.h
@@ -313,7 +313,7 @@ NorFlashReadID (
#define SPINOR_OP_BE_4K_PMC 0xd7 // Erase 4KiB block on PMC chips
#define SPINOR_OP_BE_32K 0x52 // Erase 32KiB block
#define SPINOR_OP_CHIP_ERASE 0xc7 // Erase whole flash chip
-#define SPINOR_OP_SE 0xd8 // Sector erase (usually 64KiB)
+#define SPINOR_OP_BE 0xd8 // Block erase (usually 64KiB)
#define SPINOR_OP_RDID0x9f // Read JEDEC ID
#define SPINOR_OP_RDSFDP 0x5a // Read SFDP
#define SPINOR_OP_RDCR0x35 // Read configuration register
@@ -329,7 +329,7 @@ NorFlashReadID (
#define SPINOR_OP_PP_1_4_4_4B 0x3e // Quad page program
#define SPINOR_OP_BE_4K_4B0x21 // Erase 4KiB block
#define SPINOR_OP_BE_32K_4B 0x5c // Erase 32KiB block
-#define SPINOR_OP_SE_4B 0xdc // Sector erase (usually 64KiB)
+#define SPINOR_OP_BE_4B 0xdc // Block erase (usually 64KiB)
#define SPINOR_OP_RD_ARRAY0xe8 // Read array
#define SPINOR_OP_RD_NVCFG0xb5 // Read non-volatile config
register
#define SPINOR_OP_RD_VCR 0x85 // Read VCR register
diff --git a/Silicon/Socionext/SynQuacer/Drivers/Fip006Dxe/NorFlash.c
b/Silicon/Socionext/SynQuacer/Drivers/Fip006Dxe/NorFlash.c
index 8cdaa0eeb83f..b2ca0033ac13 100644
--- a/Silicon/Socionext/SynQuacer/Drivers/Fip006Dxe/NorFlash.c
+++ b/Silicon/Socionext/SynQuacer/Drivers/Fip006Dxe/NorFlash.c
@@ -51,12 +51,10 @@ STATIC CONST CSDC_DEFINITION mN25qCSDCDefTable[] = {
{ SPINOR_OP_READ_4B, TRUE, TRUE, FALSE, FALSE, CS_CFG_MBM_SINGLE,
CSDC_TRP_SINGLE },
// Write Operations
- { SPINOR_OP_PP, TRUE, FALSE, FALSE, TRUE, CS_CFG_MBM_SINGLE,
-CSDC_TRP_SINGLE },
- { SPINOR_OP_PP_1_1_4, TRUE, FALSE, FALSE, TRUE, CS_CFG_MBM_QUAD,
+ { SPINOR_OP_PP_4B,TRUE, TRUE, FALSE, TRUE, CS_CFG_MBM_SINGLE,
CSDC_TRP_SINGLE },
// Erase Operations
- { SPINOR_OP_SE, FALSE, FALSE, FALSE, TRUE, CS_CFG_MBM_SINGLE,
+ { SPINOR_OP_BE_4B,FALSE, FALSE, FALSE, TRUE, CS_CFG_MBM_SINGLE,
CSDC_TRP_SINGLE },
};
@@ -446,9 +444,8 @@ NorFlashEraseSingleBlock (
BlockAddress -= Instance->RegionBaseAddress;
BlockAddress += Instance->OffsetLba * Instance->BlockSize;
- NorFlashSetHostCSDC (Instance, TRUE, mFip006NullCmdSeq);
- MmioWrite32 (Instance->DeviceBaseAddress,
- SwapBytes32 (BlockAddress & 0x00FF) | SPINOR_OP_SE);
+ NorFlashSetHostCommand (Instance, SPINOR_OP_BE_4B);
+ MmioWrite32 (Instance->DeviceBaseAddress, SwapBytes32 (BlockAddress));
NorFlashWaitProgramErase (Instance);
NorFlashSetHostCSDC (Instance, TRUE, mFip006NullCmdSeq);
@@ -515,7 +512,7 @@ NorFlashWriteSingleWord (
if (EFI_ERROR (NorFlashEnableWrite (Instance))) {
return EFI_DEVICE_ERROR;
}
- NorFlashSetHostCommand (Instance, SPINOR_OP_PP);
+ NorFlashSetHostCommand (Instance, SPINOR_OP_PP_4B);
MmioWrite32 (WordAddress, WriteData);
NorFlashWaitProgramErase (Instance);
--
2.17.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89648): https://edk2.groups.io/g/devel/message/89648
Mute This Topic: https://groups.io/mt/91008367/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] "FceFmmt2022" branch on edk2-staging
Hello, The "FceFmmt2022" branch was created on edk2-staging repository. https://github.com/tianocore/edk2-staging/tree/FceFmmt2022. This branch is based on the edk2 SHA-1: 0e31124877cc8bc0140a03ad3196f0d58b2fd966 and it's for resolving the conflict issues when downstream user cherry-pick the Fmmt & Fce tools related commits from edk2-staging back to edk2 master. Best Regards, Bob Feng -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#89649): https://edk2.groups.io/g/devel/message/89649 Mute This Topic: https://groups.io/mt/91008885/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH V2 0/6] Support 2 CpuMpPei/CpuDxe in One image
On Mon, May 09, 2022 at 12:44:58PM +, Xu, Min M wrote: > Gerd & Tom > What are your comments about this patch-set? > > > BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3918 > > > > Above BZ reports an issue that commit 88da06ca triggers ASSERT in some > > scenario. This patch-set is to fix this issue. > > > > As commit 88da06ca describes TDVF BSP and APs are simplied and it can > > simply use MpInitLibUp instead of MpInitLib. To achieve this goal, we > > include 2 CpuMpPei/CpuDxe drivers in OvmfPkgX64 and IntelTdxX64. This is > > done by setting different FILE_GUID to these drivers (of the same name). In > > the other hand, we import a set of MpInitLibDepLib. These libs simply > > depend on the PPI/Protocols. While these PPI/Protocols are installed > > according to the guest type. So the idea is to pick the one or the other implementations via guid and depex dependencies? The approach looks sane to me. Assuming the above is correct: Acked-by: Gerd Hoffmann take care, Gerd -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#89650): https://edk2.groups.io/g/devel/message/89650 Mute This Topic: https://groups.io/mt/90946714/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH 0/5] CryptoPkg/openssl: enable EC unconditionally.
On Mon, May 09, 2022 at 09:41:02AM -0400, James Bottomley wrote: > On Mon, 2022-05-09 at 12:03 +, Yao, Jiewen wrote: > > It is possible to switch to other crypt lib. > > > > For example, the *mbedtls* version POC can be found at > > https://github.com/jyao1/edk2/tree/DeviceSecurity/CryptoMbedTlsPkg > > The advantage is: the size is much smaller. > > The disadvantage is: some required functions are not available, such > > as PKCS7. > > Perhaps as a first step, we should look at our options. I would say > missing functionality is problematic, but not necessarily a killer: > we'd have to help the chosen project develop the capability and figure > out how to maintain the fork while it was going upstream. I don't feel like entering the business of maintaining a tls library ... > Other libraries could be: > > wolfssl Hmm? Apparently no git repository? > gnutls Might be a issue license-wise. > boringssl Looks like an option worth investigating. The "designed to meet Google's needs" and "not intended for general use" notes in the toplevel README don't look that great though. Might turn out to be be difficult to get changes needed for edk2 merged (hasn't been a problem so far for me with openssl). > LibreSSL There was some hype around it after it was forked from openssl in the heartbleed aftermath. More recent news are less enthusiastic: https://lwn.net/Articles/841664/ Another possible option would be to add openssl3 as alternative OpensslLib implementation, so platforms can pick the one or the other depending on size constrains. I've also experimented a bit with CryptoPkg/Driver. It's not a clear win, at least for OVMF. PEI FV is larger in any case. Seems LTO works very well for the few hashes needed by TPM support code, and so the overhead added by using the crypto service protocol instead of direct linking is much larger than the savings by sharing code. DXE FV is smaller in the builds with secure boot and smm support, seems with the large tls codebase included we have enough wins by sharing the crypto code then, so the protocol overhead is worth the effort. I'm wondering where the crypto algorithm selection in CryptoPkg/CryptoPkg.dsc comes from though, specifically for MIN_DXE_MIN_SMM. Why is the crypto feature selection identical for DXE and SMM? Specifically why TLS is enabled for SMM? take care, Gerd -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#89651): https://edk2.groups.io/g/devel/message/89651 Mute This Topic: https://groups.io/mt/90832153/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH V2 2/5] CryptoPkg: Separate auto-generated openssl config and edk2 openssl config
On Tue, May 10, 2022 at 12:40:13PM +0800, Yi Li wrote: > Move auto-generated openssl config to opensslconf_generated.h, > And opensslconf.h will contain both edk2 conditional openssl > feature and opensslconf_generated.h. > Will make two part more clear. > New conditional feture code in opensslconf.h will look like: > > /* Autogenerated conditional openssl feature list starts here */ > [.] > /* Autogenerated conditional openssl feature list ends here */ Why generate opensslconf.h at all? I think the content doesn't depend on the openssl submodule sources, so there is no good reason to take the extra indirection and write it with process_files.pl. Just commit it ;) take care, Gerd -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#89652): https://edk2.groups.io/g/devel/message/89652 Mute This Topic: https://groups.io/mt/91006616/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH 0/5] CryptoPkg/openssl: enable EC unconditionally.
> I'm wondering where the crypto algorithm selection in > CryptoPkg/CryptoPkg.dsc comes from though, specifically for > MIN_DXE_MIN_SMM. Why is the crypto feature selection identical > for DXE and SMM? Specifically why TLS is enabled for SMM? [Jiewen] So far, I don't know if any SMM feature requires TLS. I guess we may win the flash size by creating identical binary for CryptoDxe and CryptoSmm *with compression*. But I don't have data and I am not sure. Just guess. You may have a try to remove TLS for SMM and check the final compressed FV size. > -Original Message- > From: kra...@redhat.com > Sent: Tuesday, May 10, 2022 6:40 PM > To: James Bottomley > Cc: devel@edk2.groups.io; Yao, Jiewen ; Pawel > Polawski ; Li, Yi1 ; Oliver Steffen > ; Wang, Jian J ; Ard Biesheuvel > ; Jiang, Guomin ; Lu, > Xiaoyu1 ; Justen, Jordan L > Subject: Re: [edk2-devel] [PATCH 0/5] CryptoPkg/openssl: enable EC > unconditionally. > > On Mon, May 09, 2022 at 09:41:02AM -0400, James Bottomley wrote: > > On Mon, 2022-05-09 at 12:03 +, Yao, Jiewen wrote: > > > It is possible to switch to other crypt lib. > > > > > > For example, the *mbedtls* version POC can be found at > > > https://github.com/jyao1/edk2/tree/DeviceSecurity/CryptoMbedTlsPkg > > > The advantage is: the size is much smaller. > > > The disadvantage is: some required functions are not available, such > > > as PKCS7. > > > > Perhaps as a first step, we should look at our options. I would say > > missing functionality is problematic, but not necessarily a killer: > > we'd have to help the chosen project develop the capability and figure > > out how to maintain the fork while it was going upstream. > > I don't feel like entering the business of maintaining a tls > library ... > > > Other libraries could be: > > > > wolfssl > > Hmm? Apparently no git repository? > > > gnutls > > Might be a issue license-wise. > > > boringssl > > Looks like an option worth investigating. > > The "designed to meet Google's needs" and "not intended for general use" > notes in the toplevel README don't look that great though. Might turn > out to be be difficult to get changes needed for edk2 merged (hasn't > been a problem so far for me with openssl). > > > LibreSSL > > There was some hype around it after it was forked from openssl in the > heartbleed aftermath. More recent news are less enthusiastic: > https://lwn.net/Articles/841664/ > > Another possible option would be to add openssl3 as alternative > OpensslLib implementation, so platforms can pick the one or the > other depending on size constrains. > > > I've also experimented a bit with CryptoPkg/Driver. It's not a > clear win, at least for OVMF. > > PEI FV is larger in any case. Seems LTO works very well for the > few hashes needed by TPM support code, and so the overhead added > by using the crypto service protocol instead of direct linking is > much larger than the savings by sharing code. > > DXE FV is smaller in the builds with secure boot and smm support, > seems with the large tls codebase included we have enough wins by > sharing the crypto code then, so the protocol overhead is worth > the effort. > > I'm wondering where the crypto algorithm selection in > CryptoPkg/CryptoPkg.dsc comes from though, specifically for > MIN_DXE_MIN_SMM. Why is the crypto feature selection identical > for DXE and SMM? Specifically why TLS is enabled for SMM? > > take care, > Gerd -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#89653): https://edk2.groups.io/g/devel/message/89653 Mute This Topic: https://groups.io/mt/90832153/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH V2 2/5] CryptoPkg: Separate auto-generated openssl config and edk2 openssl config
Just for convenience. There are too many places need to configure, so I think putting all the configuration options close together, all in process_file.pl, will be more clear to user ;) Thank you, Yi -Original Message- From: devel@edk2.groups.io On Behalf Of Gerd Hoffmann Sent: Tuesday, May 10, 2022 6:50 PM To: Li, Yi1 Cc: devel@edk2.groups.io; Yao, Jiewen ; Wang, Jian J ; Lu, Xiaoyu1 ; Jiang, Guomin Subject: Re: [edk2-devel] [PATCH V2 2/5] CryptoPkg: Separate auto-generated openssl config and edk2 openssl config On Tue, May 10, 2022 at 12:40:13PM +0800, Yi Li wrote: > Move auto-generated openssl config to opensslconf_generated.h, And > opensslconf.h will contain both edk2 conditional openssl feature and > opensslconf_generated.h. > Will make two part more clear. > New conditional feture code in opensslconf.h will look like: > > /* Autogenerated conditional openssl feature list starts here */ > [.] > /* Autogenerated conditional openssl feature list ends here */ Why generate opensslconf.h at all? I think the content doesn't depend on the openssl submodule sources, so there is no good reason to take the extra indirection and write it with process_files.pl. Just commit it ;) take care, Gerd -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#89654): https://edk2.groups.io/g/devel/message/89654 Mute This Topic: https://groups.io/mt/91006616/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH 1/4] OvmfPkg: CloudHv: Fix FW_BASE_ADDRESS
From: Sebastien Boeuf The FW_BASE_ADDRESS value provided by OvmfPkgDefines.fdf.inc is incorrect for the CloudHv target. We know the generated firmware contains a PVH ELF header, meaning it will be loaded according to the address provided through this header. And since we know this address isn't going to change as it's part of CloudHvElfHeader.fdf.inc, we can hardcode it through a new include file CloudHvDefines.fdf.inc, which replaces the generic one OvmfPkgDefines.fdf.inc. With this change, we prevent the firmware from accessing MMIO addresses from the address range 0xffc0-0x since we know the firmware hasn't been loaded on this address range. Signed-off-by: Sebastien Boeuf --- OvmfPkg/CloudHv/CloudHvDefines.fdf.inc | 65 ++ OvmfPkg/CloudHv/CloudHvX64.fdf | 2 +- 2 files changed, 66 insertions(+), 1 deletion(-) create mode 100644 OvmfPkg/CloudHv/CloudHvDefines.fdf.inc diff --git a/OvmfPkg/CloudHv/CloudHvDefines.fdf.inc b/OvmfPkg/CloudHv/CloudHvDefines.fdf.inc new file mode 100644 index 00..2198cbcd87 --- /dev/null +++ b/OvmfPkg/CloudHv/CloudHvDefines.fdf.inc @@ -0,0 +1,65 @@ +## @file +# FDF include file that defines the main macros and sets the dependent PCDs. +# +# Copyright (C) 2014, Red Hat, Inc. +# Copyright (c) 2006 - 2022, Intel Corporation. All rights reserved. +# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + +DEFINE BLOCK_SIZE= 0x1000 +DEFINE VARS_OFFSET = 0 + +DEFINE VARS_SIZE = 0x84000 +DEFINE VARS_BLOCKS = 0x84 +DEFINE VARS_LIVE_SIZE= 0x4 +DEFINE VARS_SPARE_SIZE = 0x42000 + +DEFINE FW_BASE_ADDRESS = 0x004FFFD0 +DEFINE FW_SIZE = 0x0040 +DEFINE FW_BLOCKS = 0x400 +DEFINE CODE_BASE_ADDRESS = 0x00583FD0 +DEFINE CODE_SIZE = 0x0037C000 +DEFINE CODE_BLOCKS = 0x37C +DEFINE FVMAIN_SIZE = 0x00348000 +DEFINE SECFV_OFFSET = 0x003CC000 +DEFINE SECFV_SIZE= 0x34000 + +SET gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFdBaseAddress = $(FW_BASE_ADDRESS) +SET gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFirmwareFdSize= $(FW_SIZE) +SET gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFirmwareBlockSize = $(BLOCK_SIZE) + +SET gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashNvStorageVariableBase = $(FW_BASE_ADDRESS) +SET gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize = $(VARS_LIVE_SIZE) + +SET gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashNvStorageEventLogBase = gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashNvStorageVariableBase + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize +SET gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashNvStorageEventLogSize = $(BLOCK_SIZE) + +SET gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashNvStorageFtwWorkingBase = gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashNvStorageEventLogBase + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashNvStorageEventLogSize +SET gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingSize = $(BLOCK_SIZE) + +SET gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashNvStorageFtwSpareBase = gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashNvStorageFtwWorkingBase + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingSize +SET gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize = $(VARS_SPARE_SIZE) + +# The OVMF WorkArea contains a fixed size header followed by the actual data. +# The size of header is accessed through a fixed PCD in the reset vector code. +# The value need to be kept in sync with the any changes to the Confidential +# Computing Work Area header defined in the Include/WorkArea.h +SET gUefiOvmfPkgTokenSpaceGuid.PcdOvmfConfidentialComputingWorkAreaHeader = 4 + +SET gUefiOvmfPkgTokenSpaceGuid.PcdCfvBase = $(FW_BASE_ADDRESS) +SET gUefiOvmfPkgTokenSpaceGuid.PcdCfvRawDataOffset = $(VARS_OFFSET) +SET gUefiOvmfPkgTokenSpaceGuid.PcdCfvRawDataSize= $(VARS_SIZE) + +SET gUefiOvmfPkgTokenSpaceGuid.PcdBfvBase = $(CODE_BASE_ADDRESS) +SET gUefiOvmfPkgTokenSpaceGuid.PcdBfvRawDataOffset = $(VARS_SIZE) +SET gUefiOvmfPkgTokenSpaceGuid.PcdBfvRawDataSize= $(CODE_SIZE) + +!if $(SMM_REQUIRE) == TRUE +SET gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64 = gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashNvStorageVariableBase +SET gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase = gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashNvStorageFtwWorkingBase +SET gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase = gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashNvStorageFtwSpareBase +!endif + +DEFINE MEMFD_BASE_ADDRESS = 0x80 diff --git a/OvmfPkg/CloudHv/CloudHvX64.fdf b/OvmfPkg/CloudHv/CloudHvX64.fdf index de64a3a709..a41a553693 100644 --- a/OvmfPkg/CloudHv/CloudHvX64.fdf +++ b/OvmfPkg/CloudHv/CloudHvX64.fdf @@ -11,7 +11,7 @@ [Defines] -!include OvmfPkg/OvmfPkgDefines.fdf.inc +!include CloudHvDefines.fdf.inc # # This will allow the flash device image to be recognize as an ELF, with first -- 2.32.0 -
[edk2-devel] [PATCH 0/4] OvmfPkg: CloudHv: Reduce PIO and MMIO accesses
From: Sebastien Boeuf The goal of this series is to reduce the amount of inappropriate PIO and MMIO accesses generated by the firmware when running on Cloud Hypervisor. For MMIO accesses, it is about providing the right base address where the firmware will be loaded by the VMM in order to avoid unexpected accesses to some address ranges. For PIO accesses, it is about preventing some read/write to be performed in the first place, as we know the underlying device is not emulated by Cloud Hypervisor. Signed-off-by: Sebastien Boeuf Sebastien Boeuf (4): OvmfPkg: CloudHv: Fix FW_BASE_ADDRESS OvmfPkg: Check for QemuFwCfg availability before accessing it OvmfPkg: CloudHv: Rely on QemuFwCfgLibNull implementation OvmfPkg: Don't access A20 gate register on Cloud Hypervisor OvmfPkg/CloudHv/CloudHvDefines.fdf.inc| 65 +++ OvmfPkg/CloudHv/CloudHvX64.dsc| 4 +- OvmfPkg/CloudHv/CloudHvX64.fdf| 2 +- OvmfPkg/Library/PlatformInitLib/Platform.c| 13 ++-- .../QemuBootOrderLib/QemuBootOrderLib.c | 8 ++- 5 files changed, 82 insertions(+), 10 deletions(-) create mode 100644 OvmfPkg/CloudHv/CloudHvDefines.fdf.inc -- 2.32.0 - Intel Corporation SAS (French simplified joint stock company) Registered headquarters: "Les Montalets"- 2, rue de Paris, 92196 Meudon Cedex, France Registration Number: 302 456 199 R.C.S. NANTERRE Capital: 5 208 026.16 Euros This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). Any review or distribution by others is strictly prohibited. If you are not the intended recipient, please contact the sender and delete all copies. -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#89655): https://edk2.groups.io/g/devel/message/89655 Mute This Topic: https://groups.io/mt/91011837/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH 3/4] OvmfPkg: CloudHv: Rely on QemuFwCfgLibNull implementation
From: Sebastien Boeuf Since Cloud Hypervisor doesn't support the fw_cfg mechanism, it's more appropriate to rely on QemuFwCfgLibNull implementation of QemuFwCfgLib since it provides a null implementation that will not issue any PIO accesses to ports 0x510 and 0x511. Signed-off-by: Sebastien Boeuf --- OvmfPkg/CloudHv/CloudHvX64.dsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc b/OvmfPkg/CloudHv/CloudHvX64.dsc index d1c85f60c7..4d6bc2a84d 100644 --- a/OvmfPkg/CloudHv/CloudHvX64.dsc +++ b/OvmfPkg/CloudHv/CloudHvX64.dsc @@ -175,7 +175,7 @@ UefiCpuLib|UefiCpuPkg/Library/BaseUefiCpuLib/BaseUefiCpuLib.inf SecurityManagementLib|MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.inf SerializeVariablesLib|OvmfPkg/Library/SerializeVariablesLib/SerializeVariablesLib.inf - QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxeLib.inf + QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLibNull.inf QemuFwCfgSimpleParserLib|OvmfPkg/Library/QemuFwCfgSimpleParserLib/QemuFwCfgSimpleParserLib.inf VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf @@ -305,7 +305,7 @@ MpInitLib|UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/PeiQemuFwCfgS3LibFwCfg.inf PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf - QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf + QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLibNull.inf !include OvmfPkg/OvmfTpmLibsPeim.dsc.inc -- 2.32.0 - Intel Corporation SAS (French simplified joint stock company) Registered headquarters: "Les Montalets"- 2, rue de Paris, 92196 Meudon Cedex, France Registration Number: 302 456 199 R.C.S. NANTERRE Capital: 5 208 026.16 Euros This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). Any review or distribution by others is strictly prohibited. If you are not the intended recipient, please contact the sender and delete all copies. -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#89657): https://edk2.groups.io/g/devel/message/89657 Mute This Topic: https://groups.io/mt/91011848/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH 4/4] OvmfPkg: Don't access A20 gate register on Cloud Hypervisor
From: Sebastien Boeuf
Since Cloud Hypervisor doesn't emulate an A20 gate register on I/O port
0x92, it's better to avoid accessing it when the platform is identified
as Cloud Hypervisor.
Signed-off-by: Sebastien Boeuf
---
OvmfPkg/Library/PlatformInitLib/Platform.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/OvmfPkg/Library/PlatformInitLib/Platform.c
b/OvmfPkg/Library/PlatformInitLib/Platform.c
index cb1a893aef..f2b07dc937 100644
--- a/OvmfPkg/Library/PlatformInitLib/Platform.c
+++ b/OvmfPkg/Library/PlatformInitLib/Platform.c
@@ -314,7 +314,9 @@ PlatformMiscInitialization (
//
// Disable A20 Mask
//
- IoOr8 (0x92, BIT1);
+ if (PlatformInfoHob->HostBridgeDevId != CLOUDHV_DEVICE_ID) {
+IoOr8 (0x92, BIT1);
+ }
//
// Build the CPU HOB with guest RAM size dependent address width and 16-bits
--
2.32.0
-
Intel Corporation SAS (French simplified joint stock company)
Registered headquarters: "Les Montalets"- 2, rue de Paris,
92196 Meudon Cedex, France
Registration Number: 302 456 199 R.C.S. NANTERRE
Capital: 5 208 026.16 Euros
This e-mail and any attachments may contain confidential material for
the sole use of the intended recipient(s). Any review or distribution
by others is strictly prohibited. If you are not the intended
recipient, please contact the sender and delete all copies.
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89658): https://edk2.groups.io/g/devel/message/89658
Mute This Topic: https://groups.io/mt/91011856/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH 2/4] OvmfPkg: Check for QemuFwCfg availability before accessing it
From: Sebastien Boeuf
There are few places in the codebase assuming QemuFwCfg will be present
and supported, which can cause some issues when trying to rely on the
QemuFwCfgLibNull implementation of QemuFwCfgLib.
Signed-off-by: Sebastien Boeuf
---
OvmfPkg/Library/PlatformInitLib/Platform.c | 9 ++---
OvmfPkg/Library/QemuBootOrderLib/QemuBootOrderLib.c | 8 +---
2 files changed, 11 insertions(+), 6 deletions(-)
diff --git a/OvmfPkg/Library/PlatformInitLib/Platform.c
b/OvmfPkg/Library/PlatformInitLib/Platform.c
index 101074f610..cb1a893aef 100644
--- a/OvmfPkg/Library/PlatformInitLib/Platform.c
+++ b/OvmfPkg/Library/PlatformInitLib/Platform.c
@@ -410,14 +410,17 @@ PlatformMaxCpuCountInitialization (
IN OUT EFI_HOB_PLATFORM_INFO *PlatformInfoHob
)
{
- UINT16 BootCpuCount;
+ UINT16 BootCpuCount = 0;
UINT32 MaxCpuCount;
//
// Try to fetch the boot CPU count.
//
- QemuFwCfgSelectItem (QemuFwCfgItemSmpCpuCount);
- BootCpuCount = QemuFwCfgRead16 ();
+ if (QemuFwCfgIsAvailable ()) {
+QemuFwCfgSelectItem (QemuFwCfgItemSmpCpuCount);
+BootCpuCount = QemuFwCfgRead16 ();
+ }
+
if (BootCpuCount == 0) {
//
// QEMU doesn't report the boot CPU count. (BootCpuCount == 0) will let
diff --git a/OvmfPkg/Library/QemuBootOrderLib/QemuBootOrderLib.c
b/OvmfPkg/Library/QemuBootOrderLib/QemuBootOrderLib.c
index b5768285d8..67d29ac642 100644
--- a/OvmfPkg/Library/QemuBootOrderLib/QemuBootOrderLib.c
+++ b/OvmfPkg/Library/QemuBootOrderLib/QemuBootOrderLib.c
@@ -2233,6 +2233,11 @@ GetFrontPageTimeoutFromQemu (
{
FIRMWARE_CONFIG_ITEM BootMenuWaitItem;
UINTN BootMenuWaitSize;
+ UINT16Timeout = PcdGet16 (PcdPlatformBootTimeOut);
+
+ if (!QemuFwCfgIsAvailable ()) {
+return Timeout;
+ }
QemuFwCfgSelectItem (QemuFwCfgItemBootMenu);
if (QemuFwCfgRead16 () == 0) {
@@ -2257,9 +2262,6 @@ GetFrontPageTimeoutFromQemu (
// return three seconds if the platform default would cause us to skip the
// front page, and return the platform default otherwise.
//
-UINT16 Timeout;
-
-Timeout = PcdGet16 (PcdPlatformBootTimeOut);
if (Timeout == 0) {
Timeout = 3;
}
--
2.32.0
-
Intel Corporation SAS (French simplified joint stock company)
Registered headquarters: "Les Montalets"- 2, rue de Paris,
92196 Meudon Cedex, France
Registration Number: 302 456 199 R.C.S. NANTERRE
Capital: 5 208 026.16 Euros
This e-mail and any attachments may contain confidential material for
the sole use of the intended recipient(s). Any review or distribution
by others is strictly prohibited. If you are not the intended
recipient, please contact the sender and delete all copies.
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89659): https://edk2.groups.io/g/devel/message/89659
Mute This Topic: https://groups.io/mt/91011865/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] EDKII CI is broken
Hi Seam/Mike The EDKII CI is broken. All CI fail on PlatformCI_OvmfPkg_Windows_VS2019_PR . For example: https://dev.azure.com/tianocore/edk2-ci/_build/results?buildId=50537&view=logs&j=47cf355a-6eb4-51a8-46a8-ff4028bfcac0&t=f601237e-b16c-5795-7d4b-f60359758ac0&l=98 Could someone help to take a look ? = The remote file either doesn't exist, is unauthorized, or is forbidden for url 'https://qemu.weilnetz.de/w64/2021/qemu-w64-setup-20210505.exe'. Exception calling "GetResponse" with "0" argument(s): "Unable to connect to the remote server" Downloading Qemu 64 bit from 'https://qemu.weilnetz.de/w64/2021/qemu-w64-setup-20210505.exe' ERROR: The remote file either doesn't exist, is unauthorized, or is forbidden for url 'https://qemu.weilnetz.de/w64/2021/qemu-w64-setup-20210505.exe'. Exception calling "GetResponse" with "0" argument(s): "Unable to connect to the remote server" This package is likely not broken for licensed users - see https://docs.chocolatey.org/en-us/features/private-cdn. The install of qemu was NOT successful. Error while running 'C:\ProgramData\chocolatey\lib\Qemu\tools\chocolateyInstall.ps1'. See log for details. Chocolatey installed 0/1 packages. 1 packages failed. See the log for details (C:\ProgramData\chocolatey\logs\chocolatey.log). Failures - qemu (exited 404) - Error while running 'C:\ProgramData\chocolatey\lib\Qemu\tools\chocolateyInstall.ps1'. See log for details. ##[debug]Processed: ##vso[task.prependpath]c:\Program Files\qemu ##[debug]$LASTEXITCODE: 404 ##[debug]Exit code: 1 ##[debug]Leaving Invoke-VstsTool. ##[error]PowerShell exited with code '1'. ##[debug]Processed: ##vso[task.logissue type=error]PowerShell exited with code '1'. ##[debug]Processed: ##vso[task.complete result=Failed]Error detected ##[debug]Leaving D:\a\_tasks\PowerShell_e213ff0f-5d5c-4791-802d-52ea3e7be1f1\2.200.0\powershell.ps1. Finishing: Install QEMU and Set QEMU on path = Thank you Yao Jiewen -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#89660): https://edk2.groups.io/g/devel/message/89660 Mute This Topic: https://groups.io/mt/91012174/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH V2 0/6] Support 2 CpuMpPei/CpuDxe in One image
On 5/9/22 18:37, Xu, Min M wrote: On May 10, 2022 1:30 AM, Tom Lendacky wrote: On 5/9/22 07:44, Xu, Min M wrote: Gerd & Tom What are your comments about this patch-set? Hi Min, This appears to resolve the issue. I was able to boot a 64 vCPU guest in legacy, SEV, SEV-ES and SEV-SNP modes without any asserts. I'm assuming that you were able to see the ASSERTs on your end and validate, too? Yes. I enable a 4 vCPU legacy guest and can see the ASSERTs. But it appears in a random rate so it missed in the CI. Yeah, with a low number of vCPUs, the crashes were random. When I upped the count to 64 vCPUs that could all run in parallel (running on an EPYC server box) it happened on (almost) every boot. But glad that you were able to observe it and create this fix. Thanks, Min! Tom Thanks Min -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#89661): https://edk2.groups.io/g/devel/message/89661 Mute This Topic: https://groups.io/mt/90946714/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH 0/5] CryptoPkg/openssl: enable EC unconditionally.
On Tue, 2022-05-10 at 12:40 +0200, Gerd Hoffmann wrote: > On Mon, May 09, 2022 at 09:41:02AM -0400, James Bottomley wrote: > > On Mon, 2022-05-09 at 12:03 +, Yao, Jiewen wrote: > > > It is possible to switch to other crypt lib. > > > > > > For example, the *mbedtls* version POC can be found at > > > https://github.com/jyao1/edk2/tree/DeviceSecurity/CryptoMbedTlsPkg > > > The advantage is: the size is much smaller. > > > The disadvantage is: some required functions are not available, > > > such as PKCS7. > > > > Perhaps as a first step, we should look at our options. I would > > say missing functionality is problematic, but not necessarily a > > killer: we'd have to help the chosen project develop the capability > > and figure out how to maintain the fork while it was going > > upstream. > > I don't feel like entering the business of maintaining a tls > library ... Me neither, but we already maintain some exceptions like the logic to break the X509 chain for UEFI, so if we had to tinker around the edges, I think it's feasible. > > Other libraries could be: > > > > wolfssl > > Hmm? Apparently no git repository? https://github.com/wolfSSL/wolfssl > > gnutls > > Might be a issue license-wise. It's LGPL and our use case entirely embeds it so we're using it within the licence terms. Since we're effectively linking statically, it provides a slight problem for distributions because they need to facilitate relinking, but that's just a nasty mechanical problem > > > boringssl > > Looks like an option worth investigating. > > The "designed to meet Google's needs" and "not intended for general > use" notes in the toplevel README don't look that great > though. Might turnons out to be be difficult to get changes needed > for edk2 merged (hasn't been a problem so far for me with openssl). Right, boringssl is effectively Google's fork of openssl for android which they did because they could never get the openssl people to accept their patches or pay attention to the embedded bloat problem (which is currently our problem). > > LibreSSL > > There was some hype around it after it was forked from openssl in the > heartbleed aftermath. More recent news are less enthusiastic: > https://lwn.net/Articles/841664/ Yes, I'm not hugely enthused about LibreSSL, but I think we do need to list all the alternatives. > Another possible option would be to add openssl3 as alternative > OpensslLib implementation, so platforms can pick the one or the > other depending on size constrains. Really, no, we can't. That would leave the space constrained use case non functional when openssl 1 goes EOL. We have to make openssl 3 work for everything or consider a new crypto provider. > I've also experimented a bit with CryptoPkg/Driver. It's not a > clear win, at least for OVMF. > > PEI FV is larger in any case. Seems LTO works very well for the > few hashes needed by TPM support code, and so the overhead added > by using the crypto service protocol instead of direct linking is > much larger than the savings by sharing code. > > DXE FV is smaller in the builds with secure boot and smm support, > seems with the large tls codebase included we have enough wins by > sharing the crypto code then, so the protocol overhead is worth > the effort. > > I'm wondering where the crypto algorithm selection in > CryptoPkg/CryptoPkg.dsc comes from though, specifically for > MIN_DXE_MIN_SMM. Why is the crypto feature selection identical > for DXE and SMM? Specifically why TLS is enabled for SMM? I think the idea was that using a static openssl library you could link the various algorithm providers with it and make small pieces, but that didn't work out well for openssl which has a massive startup requirement. No idea why SMM would require TLS ... I can look at the code. James -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#89662): https://edk2.groups.io/g/devel/message/89662 Mute This Topic: https://groups.io/mt/90832153/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH 0/4] Refactor MpInitLib
On 5/9/22 18:16, Ni, Ray wrote: https://github.com/niruiyu/edk2/tree/refactormp
Re: 回复: [edk2-devel] [PATCH v5 0/8] Add Variable Flash Info HOB
What's the plan for next steps? The v5 PR has been up for two weeks with no changes. Are we going to try to define a long-term pattern for how to include new library classes in core packages or merge the patch series? Thanks, Michael On 5/5/2022 9:52 PM, Michael Kubacki wrote: I still believe a long term design pattern deserves more focus and documentation than a quick modification to this series. Can you confirm that you envision MdePkg/MdeLibs.dsc.inc serving as a monolithic host of various other default library class instances? That somewhat inverts the package relationships, the code reviewer policy would need to clarify when the original package owners are included on the MdePkg patch (to confirm they agree with the default instance choice), and "core" packages would have to be clearly defined in this context for developers to know what packages are allowed. In addition, this does not mean there still won't be some level of platform integration thrash. For example, if a new library class instance added to MdePkg/MdeLibs.dsc.inc requires another library class (or multiple others), those might not be added to the DSC include file. They could have been satisfied in the original package DSC (or a test platform DSC) but that doesn't mean they will be in all platform DSC files. So when the MdeLibs.dsc.inc file update occurs, those platforms break and need to add the library class that was already specified in other DSC files. So I request that if this is the preferred approach, that it be agreed upon (e.g. dedicated RFC), documented, and consistently followed by other contributions as well. Regards, Michael On 5/4/2022 9:27 PM, gaoliming wrote: Michael: I would suggest to reuse MdePkg/MdeLibs.dsc.inc to list the library and PCD from the edk2 core packages, such as MdePkg, MdeModulePkg, CryptoPkg, SecurirtyPkg and so on. Those packages are required by every platforms. They can't be separated. So, I think MdePkg/MdeLibs.dsc.inc is for edk2 core packages, not only for MdePkg. Thanks Liming -邮件原件- 发件人: devel@edk2.groups.io 代表 Michael Kubacki 发送时间: 2022年4月29日 23:48 收件人: Ard Biesheuvel 抄送: edk2-devel-groups-io ; Abner Chang ; Andrew Fish ; Anthony Perard ; Ard Biesheuvel ; Benjamin You ; Brijesh Singh ; Erdem Aktas ; Gerd Hoffmann ; Guo Dong ; Hao A Wu ; James Bottomley ; Jian J Wang ; Jiewen Yao ; Jordan Justen ; Julien Grall ; Leif Lindholm ; Liming Gao ; Maurice Ma ; Min Xu ; Nickle Wang ; Peter Grehan ; Ray Ni ; Rebecca Cran ; Sami Mujawar ; Sean Rhodes ; Sebastien Boeuf ; Tom Lendacky 主题: Re: [edk2-devel] [PATCH v5 0/8] Add Variable Flash Info HOB I agree that would be a useful tool and in the case of changes such as this that provide backward compatibility with existing functionality, particularly helpful. Some packages such as MdePkg (https://github.com/tianocore/edk2/blob/master/MdePkg/MdeLibs.dsc.inc) and NetworkPkg (https://github.com/tianocore/edk2/blob/master/NetworkPkg/NetworkCom ponents.dsc.inc) provide DSC files that a platform can override if necessary. However, this does not exist for all edk2 packages. I did not introduce such a file in MdeModulePkg because I believe that is an independent package design decision outside the scope of this series and, if that change was made, it should include libraries other than just this instance. That would lead to additional churn and a larger platform integration debate, important to that topic, but separate from the current state this contribution is based against. While includes be helpful, it can encourage platform owners to ignore potential creep in functionality they should be aware of. For example, the DSC update is mostly being given to platforms to fix their immediate build problem. But, a platform owner might also choose to update their FVB driver to use this interface to get flash information as opposed to directly using PCDs as many do today. That's a decision they need to evaluate and make but they should be aware of the interface and make that decision. By directly reviewing/integrating the change for their platform, they are more explicitly made aware of this new interface to form that decision. Also, when many include files get involved, platform build complexity and developer frustration can increase due to nesting and order of include files. Values (library classes, PCDs, etc.) can be overridden more than once. Ultimately, this is technically manageable by utilizing build reports and understanding the EDK II build output in more detail. Again, I think this conversation is useful but requires much more time to address questions such as the following: 1. Should a different mechanism for default library classes be introduced? 2. Should all packages in edk2 provide such an include file? If so, does it only provide the DSC file (like MdePkg) or other files (like NetworkPkg which includes FDF)? 3. Which library classes for a given package should be given default instances? 4. Ho
Re: [edk2-devel] [PATCH 0/4] Refactor MpInitLib
On 5/10/22 09:44, Tom Lendacky wrote: On 5/9/22 18:16, Ni, Ray wrote: https://github.com/niruiyu/edk2/tree/refactormp
Re: [edk2-devel] [PATCH V2 0/6] Support 2 CpuMpPei/CpuDxe in One image
On 5/9/22 18:37, Xu, Min M wrote: On May 10, 2022 1:30 AM, Tom Lendacky wrote: On 5/9/22 07:44, Xu, Min M wrote: Gerd & Tom What are your comments about this patch-set? Hi Min, This appears to resolve the issue. I was able to boot a 64 vCPU guest in legacy, SEV, SEV-ES and SEV-SNP modes without any asserts. I'm assuming that you were able to see the ASSERTs on your end and validate, too? Yes. I enable a 4 vCPU legacy guest and can see the ASSERTs. But it appears in a random rate so it missed in the CI. Hmmm... I hadn't noticed it before, but I'm seeing the following message from the Linux kernel for each AP being brought online: APIC: Stale IRR: ,,,,,,0001, ISR: ,,,,,,, Let me investigate this further to see where this regression was introduced. Thanks, Tom Thanks Min -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#89666): https://edk2.groups.io/g/devel/message/89666 Mute This Topic: https://groups.io/mt/90946714/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [edk2-platforms][PATCH v1 1/1] IntelSiliconPkg/SpiFvbService: Add support for VariableFlashInfoLib
Another reminder to review this patch.
Thanks,
Michael
On 4/29/2022 4:08 PM, Michael Kubacki wrote:
Please help review this patch when possible.
Thanks,
Michael
On 4/22/2022 10:02 AM, Michael Kubacki wrote:
Reminder to review this patch.
On 4/18/2022 7:43 PM, Michael Kubacki wrote:
From: Michael Kubacki
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3478
Adds support for getting the variable flash information from
VariableFlashInfoLib. This library abstracts the source of flash
information so platforms could expect the information to come
from a different source in the library implementation than the
PCDs previously used as the information source in this module.
In particular, the library allows Standalone MM platforms to
dynamically pass the information behind the library API.
Cc: Rangasai V Chaganty
Cc: Ray Ni
Cc: Nate DeSimone
Signed-off-by: Michael Kubacki
---
Notes:
Depends on https://bugzilla.tianocore.org/show_bug.cgi?id=3479
to complete
Silicon/Intel/IntelSiliconPkg/Feature/Flash/SpiFvbService/FvbInfo.c |
120 +---
Silicon/Intel/IntelSiliconPkg/Feature/Flash/SpiFvbService/SpiFvbServiceCommon.c
| 93 +--
Silicon/Intel/IntelSiliconPkg/Feature/Flash/SpiFvbService/SpiFvbServiceMm.c
| 28 -
Silicon/Intel/IntelSiliconPkg/Feature/Flash/SpiFvbService/SpiFvbServiceCommon.h
| 18 ++-
Silicon/Intel/IntelSiliconPkg/Feature/Flash/SpiFvbService/SpiFvbServiceSmm.inf
| 6 +-
Silicon/Intel/IntelSiliconPkg/Feature/Flash/SpiFvbService/SpiFvbServiceStandaloneMm.inf
| 6 +-
Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dsc | 7 ++
7 files changed, 215 insertions(+), 63 deletions(-)
diff --git
a/Silicon/Intel/IntelSiliconPkg/Feature/Flash/SpiFvbService/FvbInfo.c
b/Silicon/Intel/IntelSiliconPkg/Feature/Flash/SpiFvbService/FvbInfo.c
index 7f2678fa9e5a..5e78c1ce0c14 100644
---
a/Silicon/Intel/IntelSiliconPkg/Feature/Flash/SpiFvbService/FvbInfo.c
+++
b/Silicon/Intel/IntelSiliconPkg/Feature/Flash/SpiFvbService/FvbInfo.c
@@ -3,6 +3,7 @@
These data is intent to decouple FVB driver with FV header.
Copyright (c) 2017, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation.
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
@@ -11,51 +12,84 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#define FIRMWARE_BLOCK_SIZE 0x1
#define FVB_MEDIA_BLOCK_SIZE FIRMWARE_BLOCK_SIZE
-
-#define NV_STORAGE_BASE_ADDRESS
FixedPcdGet32(PcdFlashNvStorageVariableBase)
-#define SYSTEM_NV_BLOCK_NUM
((FixedPcdGet32(PcdFlashNvStorageVariableSize)+
FixedPcdGet32(PcdFlashNvStorageFtwWorkingSize) +
FixedPcdGet32(PcdFlashNvStorageFtwSpareSize))/ FVB_MEDIA_BLOCK_SIZE)
-
typedef struct {
EFI_PHYSICAL_ADDRESS BaseAddress;
EFI_FIRMWARE_VOLUME_HEADER FvbInfo;
EFI_FV_BLOCK_MAP_ENTRY End[1];
} EFI_FVB2_MEDIA_INFO;
-//
-// This data structure contains a template of all correct FV
headers, which is used to restore
-// Fv header if it's corrupted.
-//
-EFI_FVB2_MEDIA_INFO mPlatformFvbMediaInfo[] = {
- //
- // Systen NvStorage FVB
- //
- {
- NV_STORAGE_BASE_ADDRESS,
- {
- {0,}, //ZeroVector[16]
- EFI_SYSTEM_NV_DATA_FV_GUID,
- FVB_MEDIA_BLOCK_SIZE * SYSTEM_NV_BLOCK_NUM,
- EFI_FVH_SIGNATURE,
- 0x0004feff, // check MdePkg/Include/Pi/PiFirmwareVolume.h for
details on EFI_FVB_ATTRIBUTES_2
- sizeof (EFI_FIRMWARE_VOLUME_HEADER) + sizeof
(EFI_FV_BLOCK_MAP_ENTRY),
- 0, //CheckSum which will be calucated dynamically.
- 0, //ExtHeaderOffset
- {0,}, //Reserved[1]
- 2, //Revision
- {
- {
- SYSTEM_NV_BLOCK_NUM,
- FVB_MEDIA_BLOCK_SIZE,
- }
- }
- },
- {
- {
- 0,
- 0
- }
- }
+/**
+ Returns FVB media information for NV variable storage.
+
+ @return FvbMediaInfo A pointer to an instance of
FVB media info produced by this function.
+ The buffer is allocated
internally to this function and it is the caller's
+ responsibility to free the memory
+
+**/
+typedef
+EFI_STATUS
+(*FVB_MEDIA_INFO_GENERATOR)(
+ OUT EFI_FVB2_MEDIA_INFO *FvbMediaInfo
+ );
+
+/**
+ Returns FVB media information for NV variable storage.
+
+ @return FvbMediaInfo A pointer to an instance of
FVB media info produced by this function.
+ The buffer is allocated
internally to this function and it is the caller's
+ responsibility to free the memory
+
+**/
+EFI_STATUS
+GenerateNvStorageFvbMediaInfo (
+ OUT EFI_FVB2_MEDIA_INFO *FvbMediaInfo
+ )
+{
+ UINT32 NvBlockNum;
+ UINT32 TotalNvVariableStorageSize;
+ EFI_PHYSICAL_ADDRESS NvStorageBaseAddress;
+ EFI_FIRMWARE_VOLUME_HEADER FvbInfo = {
+ {0,}, //ZeroVector[16]
+ EFI_SYSTEM_NV_DATA
Re: [edk2-devel] [edk2-platforms][PATCH v1 0/3] MinPlatformPkg: Add FADT duty offset and width PCDs
Another reminder to look at this patch. Thanks, Michael On 4/29/2022 4:07 PM, Michael Kubacki wrote: Another reminder to merge this series. Chasel has added his review and that is in this branch: https://github.com/makubacki/edk2-platforms/commits/active/add_duty_pcds_minplatformpkg_v1_rb1 Thanks, Michael On 4/22/2022 10:04 AM, Michael Kubacki wrote: Reminder to review this series. Ankit Sinha has reviewed it but need a maintainer to review and merge. On 4/11/2022 4:58 PM, Michael Kubacki wrote: From: Michael Kubacki REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3543 Adds PCDs to the MinPlatformPkg DEC file so MinPlatformPkg consumers (board packages) can customize the DUTY_OFFSET and DUTY_CYCLE values in their build files. The copy of AcpiPlatform in SimicsOpenBoardPkg is also updated to keep the change in sync with the source MinPlatformPkg module. Cc: Chasel Chiu Cc: Nate DeSimone Cc: Liming Gao Cc: Eric Dong Signed-off-by: Michael Kubacki Michael Kubacki (3): MinPlatformPkg: Add FADT duty offset and duty width PCDs MinPlatformPkg/AcpiPlatform: Use FADT duty offset and width PCDs SimicsOpenBoardPkg/AcpiPlatform: Use FADT duty offset and width PCDs Platform/Intel/MinPlatformPkg/Acpi/AcpiTables/AcpiPlatform.c | 3 +++ Platform/Intel/MinPlatformPkg/Acpi/AcpiTables/Fadt/Fadt.c | 4 ++-- Platform/Intel/SimicsOpenBoardPkg/AcpiTables/MinPlatformAcpiTables/AcpiPlatform.c | 3 +++ Platform/Intel/SimicsOpenBoardPkg/AcpiTables/MinPlatformAcpiTables/Fadt/Fadt.c | 4 ++-- Platform/Intel/MinPlatformPkg/Acpi/AcpiTables/AcpiPlatform.inf | 2 ++ Platform/Intel/MinPlatformPkg/MinPlatformPkg.dec | 15 +++ Platform/Intel/SimicsOpenBoardPkg/AcpiTables/MinPlatformAcpiTables/AcpiPlatform.inf | 2 ++ 7 files changed, 29 insertions(+), 4 deletions(-) -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#89668): https://edk2.groups.io/g/devel/message/89668 Mute This Topic: https://groups.io/mt/90405218/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH V7 36/37] UefiCpuPkg: Setting initial-count register as the last step
On 2/28/22 01:21, Min Xu via groups.io wrote:
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3711
Per SDM, changing the mode of APIC timer (from one-shot to periodic or
vice versa) by writing to the timer LVT entry does not start the timer.
To start the timer, it is necessary to write to the initial-count
register.
If initial-count is wrote before mode change, it's possible that timer
expired before the mode change. Thus failing the periodic mode.
I'm replying to this patch since I can't find patch V12 46/47 anywhere in
my email.
I've bisected a regression in the Linux kernel to this patch when an
SEV-SNP guest is booted. The following message is issued in the kernel for
every AP being brought online:
APIC: Stale IRR:
,,,,,,,0020 ISR:
,,,,,,,
Possibly a timing issue involving the mode switch with the interrupt
unmasked. If I leave the interrupt masked and only un-mask it
after the programming of the init-count, then the message goes away.
Thoughts?
Thanks,
Tom
Cc: Jiewen Yao
Cc: Gerd Hoffmann
Cc: Anthony Perard
Cc: Julien Grall
Cc: Eric Dong
Cc: Ray Ni
Acked-by: Gerd Hoffmann
Signed-off-by: Min Xu
---
.../Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.c| 10 +-
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.c
b/UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.c
index 2d17177df12b..f26d9c93894f 100644
--- a/UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.c
+++ b/UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.c
@@ -967,11 +967,6 @@ InitializeApicTimer (
//
InitializeLocalApicSoftwareEnable (TRUE);
- //
- // Program init-count register.
- //
- WriteLocalApicReg (XAPIC_TIMER_INIT_COUNT_OFFSET, InitCount);
-
if (DivideValue != 0) {
ASSERT (DivideValue <= 128);
ASSERT (DivideValue == GetPowerOfTwo32 ((UINT32)DivideValue));
@@ -996,6 +991,11 @@ InitializeApicTimer (
LvtTimer.Bits.Mask = 0;
LvtTimer.Bits.Vector = Vector;
WriteLocalApicReg (XAPIC_LVT_TIMER_OFFSET, LvtTimer.Uint32);
+
+ //
+ // Program init-count register.
+ //
+ WriteLocalApicReg (XAPIC_TIMER_INIT_COUNT_OFFSET, InitCount);
}
/**
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89669): https://edk2.groups.io/g/devel/message/89669
Mute This Topic: https://groups.io/mt/89446188/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH V2 0/6] Support 2 CpuMpPei/CpuDxe in One image
On May 10, 2022 5:27 PM, Gerd Hoffmann wrote: > On Mon, May 09, 2022 at 12:44:58PM +, Xu, Min M wrote: > > Gerd & Tom > > What are your comments about this patch-set? > > > > > BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3918 > > > > > > Above BZ reports an issue that commit 88da06ca triggers ASSERT in > > > some scenario. This patch-set is to fix this issue. > > > > > > As commit 88da06ca describes TDVF BSP and APs are simplied and it > > > can simply use MpInitLibUp instead of MpInitLib. To achieve this > > > goal, we include 2 CpuMpPei/CpuDxe drivers in OvmfPkgX64 and > > > IntelTdxX64. This is done by setting different FILE_GUID to these > > > drivers (of the same name). In the other hand, we import a set of > > > MpInitLibDepLib. These libs simply depend on the PPI/Protocols. > > > While these PPI/Protocols are installed according to the guest type. > > So the idea is to pick the one or the other implementations via guid and > depex dependencies? The approach looks sane to me. Yes, it is the idea. In this way we can decouple the Tdx guest from MpInitLib (multi-processor version) in current stage. Thanks Min -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#89671): https://edk2.groups.io/g/devel/message/89671 Mute This Topic: https://groups.io/mt/90946714/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH 1/3] UefiPayloadPkg: Simplify code logic
Hi Ray, The function DetectAndPreparePlatformPciDevicePath is the second parameter of VisitAllInstancesOfProtocol. It follows the below type: typedef EFI_STATUS (EFIAPI *PROTOCOL_INSTANCE_CALLBACK)( IN EFI_HANDLEHandle, IN VOID *Instance, IN VOID *Context ); The same function pointer type is also defined in OvmfPkg. I didn't change the function pointer type to avoid same type having different definition in edk2 repo. Do I need to consider that? What's your suggestion? Thanks Zhiguang -Original Message- From: Ni, Ray Sent: Tuesday, May 10, 2022 3:39 PM To: Liu, Zhiguang ; devel@edk2.groups.io Cc: Dong, Guo ; Maurice Ma ; You, Benjamin ; Rhodes, Sean Subject: RE: [PATCH 1/3] UefiPayloadPkg: Simplify code logic > > +DetectAndPreparePlatformPciDevicePath ( > >IN EFI_HANDLE Handle, > >IN VOID*Instance, > >IN VOID*Context Is "Context" needed? Can you please remove it? -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#89672): https://edk2.groups.io/g/devel/message/89672 Mute This Topic: https://groups.io/mt/91007797/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH V7 36/37] UefiCpuPkg: Setting initial-count register as the last step
On May 11, 2022 4:30 AM, Tom Lendacky wrote: > On 2/28/22 01:21, Min Xu via groups.io wrote: > > BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3711 > > > > Per SDM, changing the mode of APIC timer (from one-shot to periodic or > > vice versa) by writing to the timer LVT entry does not start the timer. > > To start the timer, it is necessary to write to the initial-count > > register. > > > > If initial-count is wrote before mode change, it's possible that timer > > expired before the mode change. Thus failing the periodic mode. > > I'm replying to this patch since I can't find patch V12 46/47 anywhere in my > email. > > I've bisected a regression in the Linux kernel to this patch when an SEV-SNP > guest is booted. The following message is issued in the kernel for every AP > being brought online: > > APIC: Stale IRR: > ,,,,,,,000 > 00020 ISR: > ,,,,,,,000 > 0 > > Possibly a timing issue involving the mode switch with the interrupt > unmasked. If I leave the interrupt masked and only un-mask it after the > programming of the init-count, then the message goes away. Do you mean in InitializeApicTimer, it should follow below steps: 1. mask LvtTimer. (set LvtTimer.Bits.Mask = 1) 2. Do other stuff, including programing the init-count register. 3. un-mask LvtTimer (set LvtTimer.Bit.Mask = 0) Thanks Min -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#89673): https://edk2.groups.io/g/devel/message/89673 Mute This Topic: https://groups.io/mt/89446188/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [edk2:PATCH] MdePkg/Acpi62: Add type 7 NFIT Platform Capabilities Structure support
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3915
This commit adds a definition type 7 Platform Capabilities Structure
for NFIT Table Structure Types. The type has been added
since ACPI Specification Version 6.2A.
Signed-off-by: Miki Shindo
Cc: Michael D Kinney
Cc: Liming Gao
Cc: Zhiguang Liu
Cc: Ray Ni
Reviewed-by: Ray Ni
---
MdePkg/Include/IndustryStandard/Acpi62.h | 1 +
MdePkg/Include/IndustryStandard/Acpi63.h | 1 +
MdePkg/Include/IndustryStandard/Acpi64.h | 1 +
3 files changed, 3 insertions(+)
diff --git a/MdePkg/Include/IndustryStandard/Acpi62.h
b/MdePkg/Include/IndustryStandard/Acpi62.h
index 313db63044..aa115d475c 100644
--- a/MdePkg/Include/IndustryStandard/Acpi62.h
+++ b/MdePkg/Include/IndustryStandard/Acpi62.h
@@ -1486,6 +1486,7 @@ typedef struct {
#define EFI_ACPI_6_2_NFIT_NVDIMM_CONTROL_REGION_STRUCTURE_TYPE4
#define EFI_ACPI_6_2_NFIT_NVDIMM_BLOCK_DATA_WINDOW_REGION_STRUCTURE_TYPE 5
#define EFI_ACPI_6_2_NFIT_FLUSH_HINT_ADDRESS_STRUCTURE_TYPE 6
+#define EFI_ACPI_6_2_NFIT_PLATFORM_CAPABILITIES_STRUCTURE_TYPE7
//
// Definition for NFIT Structure Header
diff --git a/MdePkg/Include/IndustryStandard/Acpi63.h
b/MdePkg/Include/IndustryStandard/Acpi63.h
index b1e9d5db5b..d0d2438b3c 100644
--- a/MdePkg/Include/IndustryStandard/Acpi63.h
+++ b/MdePkg/Include/IndustryStandard/Acpi63.h
@@ -1450,6 +1450,7 @@ typedef struct {
#define EFI_ACPI_6_3_NFIT_NVDIMM_CONTROL_REGION_STRUCTURE_TYPE4
#define EFI_ACPI_6_3_NFIT_NVDIMM_BLOCK_DATA_WINDOW_REGION_STRUCTURE_TYPE 5
#define EFI_ACPI_6_3_NFIT_FLUSH_HINT_ADDRESS_STRUCTURE_TYPE 6
+#define EFI_ACPI_6_2_NFIT_PLATFORM_CAPABILITIES_STRUCTURE_TYPE7
//
// Definition for NFIT Structure Header
diff --git a/MdePkg/Include/IndustryStandard/Acpi64.h
b/MdePkg/Include/IndustryStandard/Acpi64.h
index 232697f228..fce77d9f01 100644
--- a/MdePkg/Include/IndustryStandard/Acpi64.h
+++ b/MdePkg/Include/IndustryStandard/Acpi64.h
@@ -1493,6 +1493,7 @@ typedef struct {
#define EFI_ACPI_6_4_NFIT_NVDIMM_CONTROL_REGION_STRUCTURE_TYPE4
#define EFI_ACPI_6_4_NFIT_NVDIMM_BLOCK_DATA_WINDOW_REGION_STRUCTURE_TYPE 5
#define EFI_ACPI_6_4_NFIT_FLUSH_HINT_ADDRESS_STRUCTURE_TYPE 6
+#define EFI_ACPI_6_2_NFIT_PLATFORM_CAPABILITIES_STRUCTURE_TYPE7
//
// Definition for NFIT Structure Header
--
2.27.0.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89674): https://edk2.groups.io/g/devel/message/89674
Mute This Topic: https://groups.io/mt/91027920/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
