REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3769
Current FvLib will hit parse issue when encountering LARGE file, then
ignore latter ffs/section, thus causing required drivers not being
dispatched. Therefore, need to add support for EFI_FFS_FILE_HEADER2
and EFI_COMMON_SECTION_HEADER2 in Fv
Hi Sebatien
I got some format error when I try to merge.
Have you tried latest CI?
> -Original Message-
> From: Boeuf, Sebastien
> Sent: Monday, December 6, 2021 11:59 PM
> To: devel@edk2.groups.io
> Cc: Yao, Jiewen ; Justen, Jordan L
> ; kra...@redhat.com; Boeuf, Sebastien
>
> Subject
This patch has been merged - https://github.com/tianocore/edk2/pull/2269
> -Original Message-
> From: devel@edk2.groups.io On Behalf Of Brijesh
> Singh via groups.io
> Sent: Thursday, December 9, 2021 11:27 AM
> To: devel@edk2.groups.io
> Cc: James Bottomley ; Xu, Min M ;
> Yao, Jiewen
From: Tom Lendacky
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275
Use the SEV-SNP AP Creation NAE event to create and launch APs under
SEV-SNP. This capability will be advertised in the SEV Hypervisor
Feature Support PCD (PcdSevEsHypervisorFeatures).
Cc: Michael Roth
Cc: Eric Dong
Cc
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275
The MpInitLib uses the ConfidentialComputingAttr PCD to determine whether
AMD SEV is active so that it can use the VMGEXITs defined in the GHCB
specification to create APs.
Cc: Michael Roth
Cc: Ray Ni
Cc: Rahul Kumar
Cc: Eric Dong
Cc: Ja
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275
Version 2 of the GHCB specification added the support to query the
hypervisor feature bitmap. The feature bitmap provide information
such as whether to use the AP create VmgExit or use the AP jump table
approach to create the APs. The MpInitL
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275
Now that both the secrets and cpuid pages are reserved in the HOB,
extract the location details through fixed PCD and make it available
to the guest OS through the configuration table.
Cc: Michael Roth
Cc: James Bottomley
Cc: Min Xu
Cc: J
The SetMemoryEncDec() is used by the higher level routines to set or clear
the page encryption mask for system RAM and Mmio address. When SEV-SNP is
active, in addition to set/clear page mask it also updates the RMP table.
The RMP table updates are required for the system RAM address and not
the Mm
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275
The MemEncryptSev{Set,Clear}PageEncMask() functions are used to set or
clear the memory encryption attribute in the page table. When SEV-SNP
is active, we also need to change the page state in the RMP table so that
it is in sync with the memo
When SEV-SNP is active, the CPUID and Secrets memory range contains the
information that is used during the VM boot. The content need to be persist
across the kexec boot. Mark the memory range as Reserved in the EFI map
so that guest OS or firmware does not use the range as a system RAM.
Cc: Micha
From: Michael Roth
During AP bringup, just after switching to long mode, APs will do some
cpuid calls to verify that the extended topology leaf (0xB) is available
so they can fetch their x2 APIC IDs from it. In the case of SEV-ES,
these cpuid instructions must be handled by direct use of the GHCB
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275
Now that OvmfPkg supports version 2 of the GHCB specification, bump the
protocol version.
Cc: Michael Roth
Cc: Ray Ni
Cc: Rahul Kumar
Cc: Eric Dong
Cc: James Bottomley
Cc: Min Xu
Cc: Jiewen Yao
Cc: Tom Lendacky
Cc: Jordan Justen
Cc:
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275
An SEV-SNP guest requires that the physical address of the GHCB must
be registered with the hypervisor before using it. See the GHCB
specification section 2.3.2 for more details.
Cc: Michael Roth
Cc: Eric Dong
Cc: Ray Ni
Cc: Rahul Kumar
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275
Version 2 of the GHCB specification added a new VMGEXIT that the guest
could use for querying the hypervisor features. One of the immediate
users for it will be an AP creation code. When SEV-SNP is enabled, the
guest can use the newly added A
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275
Previous commit introduced a generic confidential computing PCD that can
determine whether AMD SEV-ES is enabled. Update the MpInitLib to drop the
PcdSevEsIsEnabled in favor of PcdConfidentialComputingAttr.
Cc: Michael Roth
Cc: Ray Ni
Cc:
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275
While initializing APs, the MpInitLib may need to know whether the
guest is running with active AMD SEV or Intel TDX memory encryption.
Add a new ConfidentialComputingGuestAttr PCD that can be used to query
the memory encryption attribute.
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275
When SEV-SNP is active, a memory region mapped encrypted in the page
table must be validated before access. There are two approaches that
can be taken to validate the system RAM detected during the PEI phase:
1) Validate on-demand
OR
2) Vali
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275
The VMM launch sequence should have pre-validated all the data pages used
in the Reset vector. The range does not cover the data pages used during
the SEC phase (mainly PEI and DXE firmware volume decompression memory).
When SEV-SNP is activ
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275
The initial page built during the SEC phase is used by the
MemEncryptSevSnpValidateSystemRam() for the system RAM validation. The
page validation process requires using the PVALIDATE instruction; the
instruction accepts a virtual address of
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275
The MemEncryptSevSnpPreValidateSystemRam() is used for pre-validating the
system RAM. As the boot progress, each phase validates a fixed region of
the RAM. In the PEI phase, the PlatformPei detects all the available RAM
and calls to pre-valid
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275
Commit 85b8eac59b8c5bd9c7eb9afdb64357ce1aa2e803 added support to ensure
that MMIO is only performed against the un-encrypted memory. If MMIO
is performed against encrypted memory, a #GP is raised.
The AmdSevDxe uses the functions provided by
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275
Virtual Machine Privilege Level (VMPL) feature in the SEV-SNP
architecture allows a guest VM to divide its address space into four
levels. The level can be used to provide the hardware isolated
abstraction layers with a VM. The VMPL0 is the h
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275
Many of the integrity guarantees of SEV-SNP are enforced through the
Reverse Map Table (RMP). Each RMP entry contains the GPA at which a
particular page of DRAM should be mapped. The guest can request the
hypervisor to add pages in the RMP ta
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275
The SEV-SNP guest requires that GHCB GPA must be registered before using.
See the GHCB specification section 2.3.2 for more details.
Cc: Michael Roth
Cc: James Bottomley
Cc: Min Xu
Cc: Jiewen Yao
Cc: Tom Lendacky
Cc: Jordan Justen
Cc:
From: Michael Roth
SEV-SNP firmware allows a special guest page to be populated with
guest CPUID values so that they can be validated against supported
host features before being loaded into encrypted guest memory to be
used instead of hypervisor-provided values [1].
Add handling for this in the
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275
The SEV-SNP guest requires that GHCB GPA must be registered before using.
See the GHCB specification section 2.3.2 for more details.
Cc: Michael Roth
Cc: James Bottomley
Cc: Min Xu
Cc: Jiewen Yao
Cc: Tom Lendacky
Cc: Jordan Justen
Cc:
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275
Create a function that can be used to determine if VM is running as an
SEV-SNP guest.
Cc: Michael Roth
Cc: James Bottomley
Cc: Min Xu
Cc: Jiewen Yao
Cc: Tom Lendacky
Cc: Jordan Justen
Cc: Ard Biesheuvel
Cc: Erdem Aktas
Cc: Gerd Hoffm
From: Michael Roth
CPUID instructions are issued during early boot to do things like probe
for SEV support. Currently these are handled by a minimal #VC handler
that uses the MSR-based GHCB protocol to fetch the CPUID values from
the hypervisor. When SEV-SNP is enabled, use the firmware-validated
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275
An SEV-SNP guest requires that private memory (aka pages mapped encrypted)
must be validated before being accessed.
The validation process consist of the following sequence:
1) Set the memory encryption attribute in the page table (aka C-bi
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275
Platform features and capabilities are traditionally discovered via the
CPUID instruction. Hypervisors typically trap and emulate the CPUID
instruction for a variety of reasons. There are some cases where incorrect
CPUID information can poten
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275
During the SNP guest launch sequence, a special secrets page needs to be
inserted by the VMM. The PSP will populate the page; it will contain the
VM Platform Communication Key (VMPCKs) used by the guest to send and
receive secure messages to
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275
The OvmfPkgX86 build reserves memory regions in MEMFD. The memory regions
get accessed in the SEC phase. AMD SEV-SNP require that the guest's
private memory be accepted or validated before access.
Introduce a Guided metadata structure that d
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275
In preparation for SEV-SNP support move clearing of the GHCB memory from
the ResetVector/AmdSev.asm to SecMain/AmdSev.c. The GHCB page is not
accessed until SevEsProtocolCheck() switch to full GHCB. So, the move
does not make any changes in t
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275
Move all the SEV specific function in AmdSev.c.
No functional change intended.
Cc: Eric Dong
Cc: Ray Ni
Cc: Rahul Kumar
Cc: Michael Roth
Cc: James Bottomley
Cc: Min Xu
Cc: Jiewen Yao
Cc: Tom Lendacky
Cc: Jordan Justen
Cc: Ard Biesh
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275
Move all the SEV specific function in AmdSev.c.
No functional change intended.
Cc: Michael Roth
Cc: James Bottomley
Cc: Min Xu
Cc: Jiewen Yao
Cc: Tom Lendacky
Cc: Jordan Justen
Cc: Ard Biesheuvel
Cc: Erdem Aktas
Cc: Gerd Hoffmann
A
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275
SEV-SNP builds upon existing SEV and SEV-ES functionality while adding
new hardware-based memory protections. SEV-SNP adds strong memory integrity
protection to help prevent malicious hypervisor-based attacks like data
replay, memory re-mappi
Pushed via:
PR - https://github.com/tianocore/edk2/pull/2267
Commit -
https://github.com/tianocore/edk2/commit/d25b803e514a11a25de91d4174b289d2ae783338
Best Regards,
Hao Wu
From: devel@edk2.groups.io On Behalf Of Wu, Hao A
Sent: Thursday, November 25, 2021 1:47 PM
To: devel@edk2.groups.io; jdzh
Reviewed-by: Bob Feng
-Original Message-
From: devel@edk2.groups.io On Behalf Of gaoliming
Sent: Monday, November 29, 2021 1:05 PM
To: devel@edk2.groups.io; Jiang, Xiaolu
Cc: Feng, Bob C ; Chen, Christine
Subject: 回复: [edk2-devel][PATCH] BaseTools: Increase the DevicePath length for
s
From: Michael Kubacki
This wiki page describes how Uncrustify is used in EDK II and how
to install and use Uncrustify during the EDK II code development
process.
Cc: Andrew Fish
Cc: Leif Lindholm
Cc: Michael D Kinney
Cc: Liming Gao
Signed-off-by: Michael Kubacki
---
Notes:
v2 changes:
From: Philippe Mathieu-Daude
We use .mailmap to display contributors email addresses in an
uniform format.
Add an entry for Jiahui Cen to have his/her name and email
address displayed properly in the git history (in particular,
commit 7a6172f88bb0: "OvmfPkg: Introduce PciHostBridgeUtilityLib
cla
From: Philippe Mathieu-Daude
We use .mailmap to display contributors email addresses in an
uniform format.
Add an entry for Brijesh Singh to have his/her name and email
address displayed properly in the git history (in particular,
commit dc485c556d5f: "OvmfPkg/ResetVector: add the macro to
reque
From: Philippe Mathieu-Daude
We use .mailmap to display contributors email addresses in an
uniform format.
Add an entry for Wenyi Xie to have his/her name and email address
displayed properly in the git history (in particular, commit
dfafa8e453: "MdeModulePkg/DxeCorePerformanceLib:Variable Initi
From: Philippe Mathieu-Daude
The .mailmap git feature helps fixing commit mistakes (in name/email).
The easiest way to use it is with the --use-mailmap flag:
$ git log --use-mailmap
See documentation [1] and [2], and interesting blog [3].
In this series we fix 3 morecontributors emails, eat
Hi Ming,
Thanks for this patch. This patch helps to resolve Standalone MM issue while
exercising RAS use case.
Few comments mentioned inline.
- Omkar
On 10/15/21 2:39 PM, Ming Huang via groups.io wrote:
> There are two scene communicate with StandaloneMm(MM):
> 1 edk2 -> TF-A -> MM, communica
On 12/8/21 17:47, Ard Biesheuvel wrote:
> On Wed, 8 Dec 2021 at 17:43, Philippe Mathieu-Daudé wrote:
>>
>> Ping?
>>
>
> I'll pick this up once the stable tag is released.
Oh, I read "The hard freeze has ended and normal development
activities can continue." in https://edk2.groups.io/g/devel/mess
On Wed, 8 Dec 2021 at 17:43, Philippe Mathieu-Daudé wrote:
>
> Ping?
>
I'll pick this up once the stable tag is released.
> On 11/18/21 21:46, Philippe Mathieu-Daudé wrote:
> > From: Philippe Mathieu-Daude
> >
> > PrintDxe produces gEfiPrint2ProtocolGuid and gEfiPrint2SProtocolGuid,
> > and tho
Ping?
On 11/18/21 21:46, Philippe Mathieu-Daudé wrote:
> From: Philippe Mathieu-Daude
>
> PrintDxe produces gEfiPrint2ProtocolGuid and gEfiPrint2SProtocolGuid,
> and those are consumed by the following PrintLib instance:
>
> MdeModulePkg/Library/DxePrintLibPrint2Protocol/DxePrintLibPrint2Protoc
Can I tentatively suggest ALIGN_VALUE_OFFSET as a better name? (Speaking as a
native English speaker, and with a relatively high level of command including
technical language, addend is not at all a common word!)
While I'm here additional ping and +1 for this to be merged, pls!
-=-=-=-=-=-=-=-
That's correct. I recommend using the "stuart_update -c
.pytool/CISettings.py" command so the proper version will automatically
get brought down into your local workspace.
Thanks,
Michael
On 12/8/2021 11:10 AM, Brijesh Singh wrote:
On 12/8/21 8:39 AM, Brijesh Singh wrote:
...
OvmfPkg Exam
On 12/8/21 8:39 AM, Brijesh Singh wrote:
...
OvmfPkg Example:
git ls-files OvmfPkg/*.c OvmfPkg/*.h :!BaseTools/* |
.pytool\Plugin\UncrustifyCheck\mu-uncrustify-release_extdep\Windows-x86\uncrustify.exe
-c .pytool\Plugin\UncrustifyCheck\uncrustify.cfg -F - --replace
--no-backup --if-c
Bugzilla: 3697 (https://bugzilla.tianocore.org/show_bug.cgi?id=3697)
The ACPI 6.3A specification deprecated the PPTT ID type structure (type
2) therefore remove it from Acpi64.h.
Mantis ID: 2072 (https://mantis.uefi.org/mantis/view.php?id=2072)
Signed-off-by: Chris Jones
Reviewed-by: Liming Gao
Bugzilla: 3697 (https://bugzilla.tianocore.org/show_bug.cgi?id=3697)
Update the Acpiview PPTT parser to use Acpi64.h. As part of the changes,
remove support for parsing PPTT type 2 ID structure.
Mantis ID for removing PPTT type 2 structure:
2072 (https://mantis.uefi.org/mantis/view.php?id=2072)
Bugzilla: 3697 (https://bugzilla.tianocore.org/show_bug.cgi?id=3697)
Update the PPTT generator to use Acpi64.h.
Signed-off-by: Chris Jones
---
DynamicTablesPkg/Library/Acpi/Arm/AcpiPpttLibArm/PpttGenerator.c | 44
++--
1 file changed, 22 insertions(+), 22 deletions(-)
diff --g
Bugzilla: 3697 (https://bugzilla.tianocore.org/show_bug.cgi?id=3697)
This patch series updates the Acpiview PPTT parser and DynamicTablesPkg
PPTT generator to support ACPI 6.4. This consists of two main changes:
- The addition of the 'Cache ID' field.
- The removal of the PPTT ID (type 2) struct
Bugzilla: 3697 (https://bugzilla.tianocore.org/show_bug.cgi?id=3697)
ACPI 6.3A deprecated PPTT ID (type 2) structure which was subsequently
removed in ACPI 6.4. Therefore remove support for generating PPTT ID
structures.
Mantis ID for removing PPTT type 2 structure:
2072 (https://mantis.uefi.org/
Bugzilla: 3697 (https://bugzilla.tianocore.org/show_bug.cgi?id=3697)
Update the PPTT generator with the CacheId field as defined in table
5.140 of the ACPI 6.4 specification.
Also add validations to ensure that the cache id generated is unique.
Signed-off-by: Chris Jones
---
DynamicTablesPkg/I
Bugzilla: 3697 (https://bugzilla.tianocore.org/show_bug.cgi?id=3697)
Update the Acpiview PPTT parser with the Cache ID field and relevant
validations as defined in tables 5.140 and 5.141 of the ACPI 6.4
specification.
Signed-off-by: Chris Jones
Reviewed-by: Zhichao Gao
---
ShellPkg/Library/Uef
Bugzilla: 3697 (https://bugzilla.tianocore.org/show_bug.cgi?id=3697)
Add Cache ID valid/invalid defines to Acpi64.h which were not initially
added when the CacheIdValid field was added to
EFI_ACPI_6_4_PPTT_STRUCTURE_CACHE_FLAGS.
Signed-off-by: Chris Jones
Reviewed-by: Liming Gao
Reviewed-by: Zh
Hi,
When I set up my Windows dev environment a month or two ago, I followed the
following guide:
https://github.com/tianocore/tianocore.github.io/wiki/Windows-systems#compile-tools
This should probably still work.
Best regards,
Pedro
On Wed, Dec 8, 2021 at 3:07 PM Rao G wrote:
> Hi All,
>
> T
Hi All,
The below tools does not seem to be latest
https://github.com/tianocore/edk2-BaseTools-win32
Older Genffs.exe does not understand -oi option
GenFfs -t EFI_FV_FILETYPE_PEIM -g AAC33064-9ED0-4b89-A5AD-3EA767960B22 -o
c:\edk2\Build\EmulatorIA32\DEBUG_VS2012x86\FV\Ffs\AAC33064-9ED0-4b89-A5AD
Hey
First, please include Bugzilla link, so that we can have background.
Second, it is weird to me that you change the INF only.
I don't understand. Is that a complete patch?
> -Original Message-
> From: Reji, RencyX
> Sent: Wednesday, December 8, 2021 8:22 PM
> To: devel@edk2.groups.i
Hi Mike,
On 12/7/21 3:02 PM, Kinney, Michael D wrote:
Hi Brijesh,
Yes. Your branch can be rebased on top of edk2/master after uncrustify changes.
You have added new c/h files, so those files need to be run through uncrustify
locally and
your patch updated with those formatting changes.
The
Hi Khasim,
The modifications would have to be done for both Morello FVP and
Morello SoC platforms and
can be taken up as part of changes to align both the platforms.
Thanks
Chandni
On Wed, Dec 8, 2021 at 8:32 AM Khasim Mohammed wrote:
>
> Hi Chandni,
>
> One input,
>
> On Sat, Dec 4, 2021 at 04
Hi Sami,
Thanks for reviewing the patch.
Sure, will try to use the SSDT CPU generator for both the Morello FVP
and Morello SoC platforms.
Thanks
Chandni
On Wed, Dec 8, 2021 at 2:22 AM Sami Mujawar wrote:
>
> Hi Chandni,
>
> Since you have the CPU information in MADT.GICC and the PPTT table, it
Hey Mike,
Thanks! I agree using "offset" may make it more readable, but I haven't
seen it being used much outside of memory terminology (the macro also
applies to plain integers). Any feedback from the maintainers for
preferences? Thanks!
Best regards,
Marvin
On 08.12.21 10:10, mjsbea...@gm
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3417
This patch set updates the brotli submodule to the latest commit, which
fixes a warning that triggers build failures for both BaseTools and
MdeModulePkg/BrotliCustomDecompressLib in GCC 11 compilers.
Pedro Falcato (2):
BaseTools: Update
Update the brotli submodule to the latest commit (4ec6703)
so that the build isn't broken in GCC 11 compilers.
Cc: Jian J Wang
Cc: Hao A Wu
Cc: Dandan Bi
Cc: Liming Gao
Signed-off-by: Pedro Falcato
---
MdeModulePkg/Library/BrotliCustomDecompressLib/BrotliCustomDecompressLib.inf |
3 +++
Mde
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3417
This updates BaseTools's brotli submodule to the latest upstream,
which fixes GCC 11's issue building BaseTools.
Cc: Bob Feng
Cc: Liming Gao
Cc: Yuwei Chen
Signed-off-by: Pedro Falcato
---
BaseTools/Source/C/BrotliCompress/GNUmakefile
Hi,
> >
> > Add Intel Tdx helper library. The library provides the routines to:
> > - set or clear Shared bit for a given memory region.
> > - query whether TDX is enabled.
>
> Hmm, patch 22 adds functions to set the shared bit too.
> Looks like duplicate functionality on a first glance.
>
Ah y
On Fri, Dec 03, 2021 at 04:27:02PM +, Michael D Kinney wrote:
> You should be able to undefine MIN at the right place instead of turning off
> all warnings as errors.
FYI: trying to get that fixed in openssl upstream.
https://github.com/openssl/openssl/pull/17219
take care,
Gerd
-=-=-=
70 matches
Mail list logo
