BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Groups.io Inc//Groups.io Calendar//EN
METHOD:PUBLISH
REFRESH-INTERVAL;VALUE=DURATION:PT1H
X-PUBLISHED-TTL:PT1H
CALSCALE:GREGORIAN
BEGIN:VTIMEZONE
TZID:America/Los_Angeles
LAST-MODIFIED:20201011T015911Z
TZURL:http://tzurl.org/zoneinfo-outlook/America/Los_Angeles
I think another option to pursue is to how to control the openssl configuration
from module or platform level.
E.g. what if platform-A has enough size and wants to use ECC, while platform-B
has size constrain and wants to disable ECC ?
We can let platform choose if ECC is needed or not? I hope
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2668
WindowOpen will fail in some case. for example, without XServer.
Shouldn't set ModeInfo in this case to avoid the caller use it
incorrectly
Cc: Andrew Fish
Reviewed-by: Ray Ni
Signed-off-by: Guomin Jiang
---
EmulatorPkg/EmuGopDxe/GopSc
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2668
SetMode will fail in some case. for example, without XServer.
Should handle these case when SetMode fail.
If we don't handle it, it will Segmentation fault.
Cc: Jian J Wang
Cc: Liming Gao
Cc: Zhichao Gao
Reviewed-by: Ray Ni
Signed-off-
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2668
Correct the logic to handle the case that XServer not present to avoid
Segmentation fault
V3:
Fix uncrustify error
V2:
Fix typo error.
Guomin Jiang (2):
MdeModulePkg/GraphicsConsoleDxe: Check status to make sure no error
EmulatorPkg/
On Tue, 1 Mar 2022 at 08:18, Gerd Hoffmann wrote:
>
> This is an attept to start cleaning up the messy compiler intrinsics
> situation. Today we don't have a core intrinsics library, resulting
> in everybody creating their own. ArmPkg has one, CryptoPkg has one.
> I'm sure there are many more.
>
Thanks for your information,
1.See also https://edk2.groups.io/g/devel/message/87130 & followups.
git branch here: https://github.com/kraxel/edk2/commits/intrinsics
It's good to me, make code more clear.
2. Jiewen (Cc'ed) suggested to look into using CryptoPkg/Driver instead of
linking openssl
Acked, for CryptoPkg/OvmfPkg/SecurityPkg/StandaloneMmPkg update.
Thank you
Yao, Jiewen
> -Original Message-
> From: devel@edk2.groups.io On Behalf Of gaoliming
> Sent: Wednesday, March 2, 2022 10:06 AM
> To: devel@edk2.groups.io; kra...@redhat.com
> Cc: Lu, Xiaoyu1 ; Feng, Bob C ;
> 'Re
BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Groups.io Inc//Groups.io Calendar//EN
METHOD:PUBLISH
REFRESH-INTERVAL;VALUE=DURATION:PT1H
X-PUBLISHED-TTL:PT1H
CALSCALE:GREGORIAN
BEGIN:VTIMEZONE
TZID:America/Los_Angeles
LAST-MODIFIED:20201011T015911Z
TZURL:http://tzurl.org/zoneinfo-outlook/America/Los_Angeles
Thanks,
Reviewed-by: Hao A Wu
Best Regards,
Hao Wu
> -Original Message-
> From: Sean Rhodes
> Sent: Thursday, February 24, 2022 3:59 PM
> To: devel@edk2.groups.io
> Cc: Dong, Guo ; Rhodes, Sean
> ; Wu, Hao A ; Ni, Ray
> ; Wang, Jian J ; Gao, Liming
> ; Matt DeVillier
> Subject: [PATCH
Reviewed-by: Hao A Wu
Best Regards,
Hao Wu
> -Original Message-
> From: Sean Rhodes
> Sent: Thursday, February 24, 2022 7:38 PM
> To: devel@edk2.groups.io
> Cc: Dong, Guo ; Rhodes, Sean
> ; Wu, Hao A ; Ni, Ray
> ; Matt DeVillier ; Patrick
> Rudolph
> Subject: [PATCH] MdeModulePkg/Usb/K
Gerd:
Thanks for your great work. This is a really good progress. I agree to add
CompilerIntrinsicsLib in MdePkg.
I think we can add this CompilerIntrinsicsLib first to meet with current
usage. It can be extended in future.
Thanks
Liming
> -邮件原件-
> 发件人: devel@edk2.groups.io 代表 G
Min:
Is this GUID from
intel-tdx-guest-hypervisor-communication-interface-1.0-344426-002.pdf?
Thanks
Liming
> -邮件原件-
> 发件人: Min Xu
> 发送时间: 2022年3月2日 8:28
> 收件人: devel@edk2.groups.io
> 抄送: Min Xu ; Michael D Kinney
> ; Liming Gao ;
> Zhiguang Liu ; Gerd Hoffmann ;
> Jiewen Yao ; Sami Mu
Kun:
The change looks good to me. Reviewed-by: Liming Gao
Thanks
Liming
> -邮件原件-
> 发件人: devel@edk2.groups.io 代表 Kun Qin
> 发送时间: 2022年3月2日 3:33
> 收件人: devel@edk2.groups.io; michael.d.kin...@intel.com
> 抄送: af...@apple.com; l...@nuviainc.com; gaolim...@byosoft.com.cn;
> zhiguang@int
On March 1, 2022 9:45 PM, Gerd Hoffmann wrote:
> On Mon, Feb 28, 2022 at 04:16:29PM +0800, Min Xu wrote:
> > RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429
> >
> > Host VMM may inject OptionRom which is untrusted in Td guest. So PCI
> > OptionRom needs to be ignored if it is of Td guest.
On March 1, 2022 9:31 PM, Gerd Hoffmann wrote:
> On Mon, Feb 28, 2022 at 04:16:25PM +0800, Min Xu wrote:
> > RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429
> >
> > PeilessStarupLib provides a function (PeilessStartup) which brings up
> > both Legacy and Tdx guest from SEC phase to DXE pha
On March 1, 2022 9:10 PM, Gerd Hoffmann wrote:
> On Mon, Feb 28, 2022 at 03:20:51PM +0800, Min Xu wrote:
> > Below functions are introduced in PlatformInitLib:
> > - PlatformGetFirstNonAddress
> > - PlatformAddressWidthInitialization
> > - PlatformGetSystemMemorySizeBelow4gb
> > - PlatformQemuU
On March 1, 2022 9:27 PM, Gerd Hoffmann wrote:
>
> > @@ -15,6 +15,22 @@
> > typedef struct {
> >EFI_HOB_GUID_TYPEGuidHeader;
> >UINT16 HostBridgePciDevId;
> > + BOOLEAN PcdSetNxForStack;
> > +
> > + UINT64 PcdConfidentialComputingGuestAttr;
>
RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3853
Enable RTMR based measurement and measure boot for Td guest.
Cc: Brijesh Singh
Cc: Erdem Aktas
Cc: James Bottomley
Cc: Jiewen Yao
Cc: Tom Lendacky
Cc: Ken Lu
Cc: Sami Mujawar
Cc: Gerd Hoffmann
Signed-off-by: Min Xu
---
OvmfPkg/Int
RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3853
TdTcg2Dxe mimics the Security/Tcg/Tcg2Dxe. It does below tasks:
- Set up and install CC_EVENTLOG ACPI table
- Parse the GUIDed HOB (gCcEventEntryHobGuid) and create CC event log
- Measure handoff tables, Boot# variables etc
- Measure
RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3853
Add PCDs to records LAML/LASA field in CC EVENTLOG ACPI table.
Cc: Brijesh Singh
Cc: Erdem Aktas
Cc: James Bottomley
Cc: Jiewen Yao
Cc: Tom Lendacky
Cc: Ken Lu
Cc: Sami Mujawar
Cc: Gerd Hoffmann
Signed-off-by: Min Xu
---
OvmfPkg/O
RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3853
TDVF set up an ACPI table (EFI_CC_EVENTLOG_ACPI_TABLE) to pass the
event-log information. The event log created by the TD owner contains
the hashes to reconstruct the MRTD and RTMR registers.
Please refer to Sec 4.3.3 in blow link:
https://
RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3853
This is the Cryptographic library instance for SEC. The motivation of
this library is to support SHA384 in SEC phase for Td guest. So only
Hash/CryptSha512.c is included which supports SHA384 and SHA512.
Cc: Jiewen Yao
Cc: Jian J Wang
Cc:
RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3853
TdHobList and Configuration FV are external data provided by Host VMM.
These are not trusted in Td guest. So they should be validated , measured
and extended to Td RTMR registers. In the meantime 2 EFI_CC_EVENT_HOB are
created. These 2 GUIDe
RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3853
EFI_CC_EVENT_HOB_GUID is the global ID of a GUIDed HOB used to pass
TDX_DIGEST_VALUE from SEC to a DXE Driver ( This DXE driver will
be introduced in the following commit in this patch-sets ). In that
DXE driver this GUIDed HOB will be parse
RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3853
This library provides hash service by registered hash handler in Td
guest. It redirects hash request to each individual hash handler
(currently only SHA384 is supported). After that the hash value is
extended to Td RTMR registers which is si
RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3853
Intel's Trust Domain Extensions (Intel TDX) refers to an Intel technology
that extends Virtual Machines Extensions (VMX) and Multi-Key Total Memory
Encryption (MKTME) with a new kind of virutal machines guest called a
Trust Domain (TD). A TD
Hi edk2 maintainers,
I have been trying to propose a PI spec change to extend status code
definitions.
The proposed PI spec change along with the code change around this proposal are
all pushed to edk2-staging repo:
https://github.com/tianocore/edk2-staging/tree/BZ3794-expand_status_codes
Cou
On 3/1/2022 6:04 AM, Gerd Hoffmann wrote:
CryptoPkg: Add instrinsics to support building ECC on IA32 windows
See also https://edk2.groups.io/g/devel/message/87130 & followups.
git branch here: https://github.com/kraxel/edk2/commits/intrinsics
OvmfPkg: Increase DXEFV size to accommodate ECC
> CryptoPkg: Add instrinsics to support building ECC on IA32 windows
See also https://edk2.groups.io/g/devel/message/87130 & followups.
git branch here: https://github.com/kraxel/edk2/commits/intrinsics
> OvmfPkg: Increase DXEFV size to accommodate ECC ciphers related changes
Changing flash size
On Mon, Feb 28, 2022 at 04:16:29PM +0800, Min Xu wrote:
> RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429
>
> Host VMM may inject OptionRom which is untrusted in Td guest. So PCI
> OptionRom needs to be ignored if it is of Td guest. According to
> "Table 20. ACPI 2.0 & 3.0 QWORD Address S
On Mon, Feb 28, 2022 at 04:16:25PM +0800, Min Xu wrote:
> RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429
>
> PeilessStarupLib provides a function (PeilessStartup) which brings
> up both Legacy and Tdx guest from SEC phase to DXE phase. PEI phase
> is skipped so that the attack surfaces a
On Tue, 2022-03-01 at 12:28 +0100, kra...@redhat.com wrote:
> On Tue, Mar 01, 2022 at 08:53:10AM +, Boeuf, Sebastien wrote:
> > On Tue, 2022-03-01 at 08:16 +0100, Gerd Hoffmann wrote:
> > > On Mon, Feb 28, 2022 at 03:12:53PM +, Boeuf, Sebastien wrote:
> > > > So what do you think I should d
From: Sebastien Boeuf
Add some documentation to the CloudHv target in order to clarify how to
use it and what to expect from it.
Signed-off-by: Sebastien Boeuf
---
OvmfPkg/CloudHv/README | 67 ++
1 file changed, 67 insertions(+)
create mode 100644 OvmfP
From: Sebastien Boeuf
Instead of using the CMOS, the CloudHv platform relies on the list of
memmap entries provided through the PVH boot protocol to determine the
last RAM address below 4G.
Acked-by: Gerd Hoffmann
Signed-off-by: Sebastien Boeuf
---
OvmfPkg/PlatformPei/MemDetect.c | 73 +++
From: Sebastien Boeuf
Instead of hardcoding the address of the RSDP in the firmware, let's
rely on the PVH structure hvm_start_info to retrieve this information.
Acked-by: Gerd Hoffmann
Signed-off-by: Sebastien Boeuf
---
OvmfPkg/AcpiPlatformDxe/AcpiPlatformDxe.inf | 2 ++
OvmfPkg/AcpiPlatfor
From: Sebastien Boeuf
Following the model from the Xen target, CloudHv is generated as a PVH
ELF binary to take advantage of the PVH specification, which requires
less emulation from the VMM.
The fdf include file CloudHvElfHeader.fdf.inc has been generated from
the following commands:
$ gcc -D
From: Sebastien Boeuf
Updating the fdf include file based on the run of the ELF header
generator. The diff from this patch is the result of:
$ gcc -o elf_gen OvmfPkg/OvmfXenElfHeaderGenerator.c
$ ./elf_gen 2097152 OvmfPkg/XenElfHeader.fdf.inc
Acked-by: Gerd Hoffmann
Signed-off-by: Sebastien Bo
From: Sebastien Boeuf
Instead of having the PVH ELF header part of the fdf file directly, we
move it to a dedicated include file. This is the first step in
automating the generation of the header.
Acked-by: Gerd Hoffmann
Signed-off-by: Sebastien Boeuf
---
OvmfPkg/OvmfXen.fdf | 57 ++-
From: Sebastien Boeuf
Adding some flexibility to the program through optional parameters and
global define, so that other targets can use the generator.
* A global define is added so that we can choose at build time if we
want to use 32-bit or 64-bit base structures.
* A first optional paramet
From: Sebastien Boeuf
Cloud Hypervisor aims at emulating the minimal amount of legacy devices
and this is why the PVH boot specification is supported. The point is to
be able to share some information with the guest without the need for
emulating devices that would be present on real hardware.
S
> @@ -15,6 +15,22 @@
> typedef struct {
>EFI_HOB_GUID_TYPEGuidHeader;
>UINT16 HostBridgePciDevId;
> + BOOLEAN PcdSetNxForStack;
> +
> + UINT64 PcdConfidentialComputingGuestAttr;
> + BOOLEAN PcdIa32EferChangeAllowed;
> + UINT64
On Mon, Feb 28, 2022 at 03:21:01PM +0800, Min Xu wrote:
> RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429
>
> OvmfPkg/PlatformPei is updated to support Tdx guest. There are below
> major changes.
> - Set Tdx related PCDs
> - Publish Tdx RamRegions
>
> In this patch there is another new
On Mon, Feb 28, 2022 at 03:21:00PM +0800, Min Xu wrote:
> RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429
>
> In Tdx guest, the system memory is passed in TdHob by host VMM. So
> the major task of PlatformTdxPublishRamRegions is to walk thru the
> TdHob list and transfer the ResourceDescr
On Mon, Feb 28, 2022 at 03:20:55PM +0800, Min Xu wrote:
> RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429
>
> There are below major changes in this commit.
>
> 1. SecEntry.nasm
> In TDX BSP and APs goes to the same entry point in SecEntry.nasm.
>
> BSP initialize the temporary stack and
On Mon, Feb 28, 2022 at 03:20:51PM +0800, Min Xu wrote:
> Below functions are introduced in PlatformInitLib:
> - PlatformGetFirstNonAddress
> - PlatformAddressWidthInitialization
> - PlatformGetSystemMemorySizeBelow4gb
> - PlatformQemuUc32BaseInitialization
> - PlatformInitializeRamRegions
>
On Mon, Feb 28, 2022 at 03:20:50PM +0800, Min Xu wrote:
> RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429
>
> In this patch of PlatformInitLib, below hob functions are introduced:
> - PlatformAddIoMemoryBaseSizeHob
> - PlatformAddIoMemoryRangeHob
> - PlatformAddMemoryBaseSizeHob
> - P
On Mon, Feb 28, 2022 at 03:20:49PM +0800, Min Xu wrote:
> RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429
>
> There are 3 variants of PlatformPei in OvmfPkg:
> - OvmfPkg/PlatformPei
> - OvmfPkg/XenPlatformPei
> - OvmfPkg/Bhyve/PlatformPei/PlatformPei.inf
> These PlatformPeis can share
On Tue, Mar 01, 2022 at 08:53:10AM +, Boeuf, Sebastien wrote:
> On Tue, 2022-03-01 at 08:16 +0100, Gerd Hoffmann wrote:
> > On Mon, Feb 28, 2022 at 03:12:53PM +, Boeuf, Sebastien wrote:
> > > So what do you think I should do with this patch?
> >
> > I think you can:
> >
> > (1) drop FD.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3815
This patch define a new Protocol with the new services
SmmWaitForAllProcessor(), which can be used by SMI handler
to optionally wait for other APs to complete SMM rendezvous in
relaxed AP mode.
A new library SmmCpuRendezvousLib is provided
Hi Ray,
RISC-V doesn't have the similar functions as those are provided in
BaseUefiCpuLib.c. In this case, what we can do is just leverage the library
class but different implementation for archs?
At least we don't need another library class for RISC-V. We can have the common
source file if all
Reviewed-by: Ray Ni
-Original Message-
From: Jiang, Guomin
Sent: Tuesday, March 1, 2022 5:19 PM
To: devel@edk2.groups.io
Cc: Wang, Jian J ; Gao, Liming
; Gao, Zhichao ; Ni, Ray
Subject: [PATCH v2 1/2] MdeModulePkg/GraphicsConsoleDxe: Check status to make
sure no error
REF: https://
Reviewed-by: Ray Ni
-Original Message-
From: Jiang, Guomin
Sent: Tuesday, March 1, 2022 5:19 PM
To: devel@edk2.groups.io
Cc: Andrew Fish ; Ni, Ray
Subject: [PATCH v2 2/2] EmulatorPkg/EmuGopDxe: Set ModeInfo after Open
successfully
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2668
WindowOpen will fail in some case. for example, without XServer.
Shouldn't set ModeInfo in this case to avoid the caller use it
incorrectly
Cc: Andrew Fish
Cc: Ray Ni
Signed-off-by: Guomin Jiang
---
EmulatorPkg/EmuGopDxe/GopScreen.c |
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2668
SetMode will fail in some case. for example, without XServer.
Should handle these case when SetMode fail.
If we don't handle it, it will Segmentation fault.
Cc: Jian J Wang
Cc: Liming Gao
Cc: Zhichao Gao
Cc: Ray Ni
Signed-off-by: Guomi
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2668
Correct the logic to handle the case that XServer not present to avoid
Segmentation fault
V2:
Fix typo error.
Guomin Jiang (2):
MdeModulePkg/GraphicsConsoleDxe: Check status to make sure no error
EmulatorPkg/EmuGopDxe: Set ModeInfo a
On Tue, 2022-03-01 at 08:53 +, Boeuf, Sebastien wrote:
> On Tue, 2022-03-01 at 08:16 +0100, Gerd Hoffmann wrote:
> > On Mon, Feb 28, 2022 at 03:12:53PM +, Boeuf, Sebastien wrote:
> > > So what do you think I should do with this patch?
> >
> > I think you can:
> >
> > (1) drop FD.CLOUDHV
On Tue, 2022-03-01 at 08:16 +0100, Gerd Hoffmann wrote:
> On Mon, Feb 28, 2022 at 03:12:53PM +, Boeuf, Sebastien wrote:
> > So what do you think I should do with this patch?
>
> I think you can:
>
> (1) drop FD.CLOUDHV_VARS
Ok
> (2) drop FD.CLOUDHV_CODE
Ok
> (3) make VARS_SIZE smaller (
From: MingYue Liang
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2988
In FDF file, if INF key word is wrongly written as INT,
build tool will report the execption. Build tool should
report the error message.
build.py In order to capture and handle the exception
of fdfparser, the user-def
Please do not change the lib API name. You can choose a different name for
driver internal function.
-Original Message-
From: Li, Zhihao
Sent: Tuesday, March 1, 2022 4:10 PM
To: Ni, Ray ; devel@edk2.groups.io
Cc: Dong, Eric ; Kumar, Rahul1 ;
Fu, Siyuan
Subject: FW: [edk2-devel] [PATCH
1. InitializeSmmCpuServices(): please keep the ASSERT_EFI_ERROR (Status) for
CpuService protocol installation.
Will add assert.
2. SmmWaitForApArrival (): Can you remove the BlockingMode parameter because I
cannot find any invocation using FALSE as parameter.
Have removed in patchv4.
3. mSmmMpSyn
61 matches
Mail list logo
