On Fri, Jan 27, 2023 at 08:11:00AM +0800, Min Xu wrote:
> From: Min M Xu
>
> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4243
>
> 2 new functions are added in PeilessStartupLib/IntelTdx.c.
> - BuildTdxMeasurementGuidHob
> - InternalBuildGuidHobForTdxMeasurement
>
> These 2 functions bu
On Fri, 27 Jan 2023 at 00:11, Tom Lendacky wrote:
>
> Might want to fix up the commit title from MdePkg to OvmfPkg before
> committing.
>
I've fixed that up - thanks.
> On 1/26/23 15:17, Dionna Glaze wrote:
> > The default behavior for unaccepted memory in SEV-SNP is to accept all
> > memory wh
Sorry, I just accidentally sent it twice.
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#99123): https://edk2.groups.io/g/devel/message/99123
Mute This Topic: https://groups.io/mt/96524716/21656
Group Owner: devel+ow...@edk2.groups.io
Uns
Hi Pierre,
On 12/7/22 19:04, Pierre Gondois wrote:
Hello Vivek,
Sorry for the long wait. I think the whole patchset needs to be
rebased on latest master. I just have some comments for patches:
- [PATCH V1 2/6] Platform/Sgi: add ssdt table for non-discoverable IO
virtualization block
- [PATCH V
Could I get some more reviews on this please?
Thanks.
Rebecca Cran
On 1/16/23 21:57, Rebecca Cran wrote:
Implement EFI_MP_SERVICES_PROTOCOL based on PSCI calls for AArch64.
Note that several tests from UefiCpuPkg/Test/UnitTest/EfiMpServicesPpiProtocol
will fail because there's currently no m
[AMD Official Use Only - General]
Hi houjingyi,
May I know why there are two messages with the same subject? Are these two
identical?
Thanks
Abner
From: devel@edk2.groups.io On Behalf Of houjingyi via
groups.io
Sent: Wednesday, January 25, 2023 10:23 PM
To: devel@edk2.groups.io
Subject: [edk2-d
From: Min M Xu
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4243
The implementation of TdxHelperProcessTdxHob is moved from
PlatformInitLib/IntelTdx.c. Its counterpart in PlatformInitLib is
ProcessTdxHobList. After it is implemented, the duplicated codes in
PlatformInitLib are deleted.
Cc
From: Min M Xu
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4243
TdxHelperBuildGuidHobForTdxMeasurement is called in PlatformPei to build
GuidHob for Tdx measurement.
Cc: Erdem Aktas
Cc: James Bottomley
Cc: Jiewen Yao
Cc: Gerd Hoffmann
Cc: Tom Lendacky
Cc: Michael Roth
Acked-by: Ger
From: Min M Xu
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4243
TdxHelperLib provides below helper functions for a td-guest.
- TdxHelperProcessTdHob
- TdxHelperMeasureTdHob
- TdxHelperMeasureCfvImage
- TdxHelperBuildGuidHobForTdxMeasurement
PeiTdxHelperLib is the PEI instance of TdxH
From: Min M Xu
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4243
This patch enables Tdx measurement in OvmfPkgX64 with below changes:
1) TDX_MEASUREMENT_ENABLE is introduced in OvmfPkgX64.dsc. This flag
indicates if Intel TDX measurement is enabled in OvmfPkgX64. Its
default value is
From: Min M Xu
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4243
TdxHelperBuildGuidHobForTdxMeasurement builds GuidHob for tdx-measurement
which is measured in SEC phase. The implementation is movded from
PeilessStartupLib/IntelTdx.c.
Cc: Erdem Aktas
Cc: James Bottomley
Cc: Jiewen Yao
From: Min M Xu
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4243
TdxHelperBuildGuidHobForTdxMeasurement builds GuidHob for tdx-measurement
which is measured in SEC phase. This function is exported by TdxHelperLib.
It is designed to replace below functions in PeilessStartupLib:
- MeasureHo
From: Min M Xu
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4243
2 new functions are added in PeilessStartupLib/IntelTdx.c.
- BuildTdxMeasurementGuidHob
- InternalBuildGuidHobForTdxMeasurement
These 2 functions build GuidHob for Tdx measurement. These 2 functions
are to be moved to TdxH
From: Min M Xu
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4243
FV_HANDOFF_TABLE_POINTERS2 once was defined in IntelTdx.c. Its structure
is same as PLATFORM_FIRMWARE_BLOB2_STRUCT which is defined in
Library/TcgEventLogRecordLib.h. So this patch reuse the define of
PLATFORM_FIRMWARE_BLOB2_
From: Min M Xu
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4243
After TdxHelperLib is instroduced, the SecMain.c in IntelTdx is updated
with the new functions provided by TdxHelperLib.
Cc: Erdem Aktas
Cc: James Bottomley
Cc: Jiewen Yao
Cc: Gerd Hoffmann
Cc: Tom Lendacky
Cc: Michael
From: Min M Xu
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4243
TdxHelperLib provides below helper functions for a td-guest.
- TdxHelperProcessTdHob
- TdxHelperMeasureTdHob
- TdxHelperMeasureCfvImage
- TdxHelperBuildGuidHobForTdxMeasurement
SecTdxHelperLib is the SEC instance of TdxH
From: Min M Xu
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4243
TdxHelperLib provides below helper functions for a td-guest.
- TdxHelperProcessTdHob
- TdxHelperMeasureTdHob
- TdxHelperMeasureCfvImage
- TdxHelperBuildGuidHobForTdxMeasurement
TdxHelperLibNull is the NULL instance of Td
From: Min M Xu
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4243
>From the perspective of security any external input should be measured
and extended to some registers (TPM PCRs or TDX RTMR registers).
There are below 2 external input in a Td guest:
- TdHob
- Configuration FV (CFV)
TdH
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4243
Tdx measurement (RTMR based measurement) is enabled in OvmfPkg/IntelTdx.
This patch-set enables the feature in OvmfPkgX64 as well.
Patch #1:
Introduce TDX_MEASUREMETNS_DATA in SEC_TDX_WORK_AREA. That is because
the RTMR measurement of Td
Might want to fix up the commit title from MdePkg to OvmfPkg before
committing.
Thanks,
Tom
On 1/26/23 15:17, Dionna Glaze wrote:
The default behavior for unaccepted memory in SEV-SNP is to accept all
memory when ExitBootServices is called. An OS loader can use this
protocol to disable this be
On Thu, 26 Jan 2023 at 22:17, Dionna Glaze wrote:
>
> We make eager memory acceptance the default behavior at
> ExitBootServices for SEV-SNP machines by using the standard-enforced
> behavior that if the call returns an error code, then the map key is
> incorrect and the caller must re-call GetMem
> Shouldn't this check be inside the if () below? Or are all resources
> that start at or above 4 GiB guaranteed to be system memory?
>
> No need to resend - if needed, I can fix that up when applying.
>
Ah, yes that sounds right.
--
-Dionna Glaze, PhD (she/her)
-=-=-=-=-=-=-=-=-=-=-=-
Group
On Thu, 26 Jan 2023 at 22:17, Dionna Glaze wrote:
>
> Instead of eagerly accepting all memory in PEI, only accept memory under
> the 4GB address. This allows a loaded image to use the
> MEMORY_ACCEPTANCE_PROTOCOL to disable the accept behavior and indicate
> that it can interpret the memory type a
Instead of eagerly accepting all memory in PEI, only accept memory under
the 4GB address. This allows a loaded image to use the
MEMORY_ACCEPTANCE_PROTOCOL to disable the accept behavior and indicate
that it can interpret the memory type accordingly.
This classification is safe since ExitBootServic
This protocol implementation disables the accept-all-memory behavior
of the BeforeExitBootServices event this driver adds.
Cc: Gerd Hoffmann
Cc: James Bottomley
Cc: Jiewen Yao
Cc: Tom Lendacky
Cc: Ard Biesheuvel
Cc: "Min M. Xu"
Cc: Andrew Fish
Cc: "Michael D. Kinney"
Signed-off-by: Dionna
The default behavior for unaccepted memory in SEV-SNP is to accept all
memory when ExitBootServices is called. An OS loader can use this
protocol to disable this behavior to assume responsibility for memory
acceptance and to affirm that the OS can handle the unaccepted memory
type.
Cc: Gerd Hoffma
The added behavior is to accept all unaccepted memory at
ExitBootServices if the behavior is not disabled. This allows safe
upgrades for OS loaders to affirm their support for the unaccepted
memory type.
Cc: Gerd Hoffmann
Cc: James Bottomley
Cc: Jiewen Yao
Cc: Tom Lendacky
Cc: Ard Biesheuvel
We make eager memory acceptance the default behavior at
ExitBootServices for SEV-SNP machines by using the standard-enforced
behavior that if the call returns an error code, then the map key is
incorrect and the caller must re-call GetMemoryMap to ensure the
contents are correct.
Eager memory acce
Edk2 was failing, rather than creating more PML4 entries, when they
weren't present in the initial memory acceptance flow. Because of that
VMs with more than 512G memory were crashing. This code fixes that.
This change affects only SEV-SNP VMs.
The code was tested by successfully booting a 512G S
buildzip.sh was referencing the obsolete sct_parser project
which has been replaced with edk2-test-parser.
The script now checks for the edk2-test-parser repo in $pwd,
if not present then the script exits and reminds the user to
clone edk2-test-parser.
Now the script copies edk2-test-parser/* recu
buildzip.sh was referencing the obsolete sct_parser project
which has been replaced with edk2-test-parser.
The script now checks for the edk2-test-parser repo in $pwd,
if not present then the script exits and reminds the user to
clone edk2-test-parser.
Now the script copies edk2-test-parser/* re
Hi All,
My name is Przemysław Gierszyński and I work as a Firmware Engineer in Intel
Technology Poland.
I was doing some work that required review of some parts of EDK2 and I think I
have found a small bug in ArmPkg module.
Here below are some details concerning the issue:
File: edk2/ArmPkg/Libr
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=4317
The "if" condition on line 554 ensures that Guid won't be NULL (or 0) on line
600.
So, there will never be a situation where the "else" block on line 603 is
executed.
Signed-off-by: Sahil Siddiq
---
MdeModulePkg/Library/SmmLockBoxLib/Sm
On Thu, 26 Jan 2023 12:01:51 +,
Gerd Hoffmann wrote:
>
> On Thu, Jan 19, 2023 at 02:21:30PM +0100, Ard Biesheuvel wrote:
> > On Thu, 19 Jan 2023 at 13:55, Oliver Steffen wrote:
> > >
> > > Quoting Gerd Hoffmann (2023-01-19 13:00:21)
> > > > Hi,
> > > >
> > > > > > I tried the most recent Q
On Thu, 26 Jan 2023 14:46:13 +,
Gerd Hoffmann wrote:
>
> On Thu, Jan 26, 2023 at 01:48:12PM +, Marc Zyngier wrote:
> > On Thu, 26 Jan 2023 12:01:51 +,
> > Gerd Hoffmann wrote:
> > >
> > > > > Thanks for the koji link, Gerd.
> > > > >
> > > > > It works with 6.1.7-200.fc37.aarch64.
>
Pushed as 9822126, thank you.
On Thu, Jan 26, 2023 at 6:08 PM Pedro Falcato wrote:
>
> On Thu, Jan 26, 2023 at 6:07 PM Marvin Häuser wrote:
> >
> > Fix typos discovered by SpellCheck, which were discovered as part of the
> > initial CI enablement effort.
> >
> > Cc: Pedro Falcato
> > Signed-off
On Thu, Jan 26, 2023 at 6:07 PM Marvin Häuser wrote:
>
> Fix typos discovered by SpellCheck, which were discovered as part of the
> initial CI enablement effort.
>
> Cc: Pedro Falcato
> Signed-off-by: Marvin Häuser
> ---
> Features/Ext4Pkg/Ext4Dxe/BlockMap.c | 6 +++---
> Features/Ext4Pkg/Ex
Fix typos discovered by SpellCheck, which were discovered as part of the
initial CI enablement effort.
Cc: Pedro Falcato
Signed-off-by: Marvin Häuser
---
Features/Ext4Pkg/Ext4Dxe/BlockMap.c | 6 +++---
Features/Ext4Pkg/Ext4Dxe/Directory.c | 2 +-
Features/Ext4Pkg/Ext4Dxe/Ext4Dxe.h| 16
On Thu, 26 Jan 2023 at 18:04, Dionna Amalie Glaze
wrote:
>
> > As Gerd and I discussed before, this protocol should be in OvmfPkg.
> > Please move to
> > https://github.com/tianocore/edk2/tree/master/OvmfPkg/Include/Protocol
> >
>
> Ah, I misinterpreted your response to Gerd's message. v11 will h
> As Gerd and I discussed before, this protocol should be in OvmfPkg.
> Please move to
> https://github.com/tianocore/edk2/tree/master/OvmfPkg/Include/Protocol
>
Ah, I misinterpreted your response to Gerd's message. v11 will have it
moved. The CI seems to think I've redefined the protocol struct
>
> This driver is now both the producer and consumer of
> gEdkiiMemoryAcceptProtocolGuid.
>
> Are there cases where the protocol we locate here could be different
> from the one installed by this driver? If not, we can simplify this,
> and just call AmdSevMemoryAccept() directly.
>
Ah right. Ther
The Bin/CYGWIN_NT-5.1-i686 and Bin/Darwin-i386 directories contained
files needed for RVCT support.
Since EDK2 no longer supports RVCT, delete those directories.
Signed-off-by: Rebecca Cran
---
BaseTools/Bin/CYGWIN_NT-5.1-i686/BootSectImage | 29
---
BaseTools/Bin
Makes it easier to reuse the predefined config sets in other places.
Signed-off-by: Gerd Hoffmann
---
.../Include/Dsc/CryptoServicePcd.all.dsc.inc | 29 +++
.../Dsc/CryptoServicePcd.min_dxe_smm.dsc.inc | 35 +
.../Dsc/CryptoServicePcd.min_pei.dsc.inc | 20 +
CryptoPkg/Cryp
On Thu, Jan 26, 2023 at 01:48:12PM +, Marc Zyngier wrote:
> On Thu, 26 Jan 2023 12:01:51 +,
> Gerd Hoffmann wrote:
> >
> > > > Thanks for the koji link, Gerd.
> > > >
> > > > It works with 6.1.7-200.fc37.aarch64.
> > > > Perfect.
> > > >
> > > > Thanks Ard, thanks Marc!
> > > >
> > >
> >
Reviewed-by: Michael Kubacki
On 1/24/2023 11:34 AM, Ard Biesheuvel wrote:
Signed-off-by: Ard Biesheuvel
---
ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml | 25 +++
ArmVirtPkg/PlatformCI/KvmToolBuild.py | 32
2 files changed, 57 inse
Reviewed-by: Michael Kubacki
On 1/24/2023 11:34 AM, Ard Biesheuvel wrote:
ArmVirtQemuKernel.dsc describes a firmware build that is loadable at
arbitrary address and can be invoked using the Linux/arm64 kernel boot
protocol. The early code deviates significantly from ArmVirtQemu, and so
it makes
Reviewed-by: Michael Kubacki
On 1/24/2023 11:34 AM, Ard Biesheuvel wrote:
To increase the CI coverage, enable secure boot, TPM2 support and HTTPS
boot on ArmVirtQemu builds used in CI.
Signed-off-by: Ard Biesheuvel
---
ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml | 6 +++---
1 fil
Reviewed-by: Michael Kubacki
On 1/24/2023 11:34 AM, Ard Biesheuvel wrote:
In order to reduce the amount of code duplication, refactor the
PlatformBuild.py script that builds ArmVirtQemu.dsc into a reusable
PlatformBuildLib.py containing most of the bits and pieces, and a small
QemuBuild.py whic
On Thu, Jan 19, 2023 at 02:21:30PM +0100, Ard Biesheuvel wrote:
> On Thu, 19 Jan 2023 at 13:55, Oliver Steffen wrote:
> >
> > Quoting Gerd Hoffmann (2023-01-19 13:00:21)
> > > Hi,
> > >
> > > > > I tried the most recent Qemu master (v7.2.50) and also v7.0.0,
> > > > > on the 5.14 (RHEL) kernel a
I see the note in the cover letter. I am getting the same issue.
Looks like there is more work needed to fix the D0x platforms.
I think this patch should progress regardless, but that is a decision for the
maintainers.
Regards,
Sami Mujawar
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive
Hi Pierre,
Thank you for this patch.
On Wed, Jan 25, 2023 at 02:28 AM, PierreGondois wrote:
>
> - Platform/Hisilicon/D03/D03.dsc
> - Platform/Hisilicon/D06/D06.dsc
There is also Platform/Hisilicon/D05/D05.dsc that probably depends on this fix.
However, I find the builds for all the D0x platfo
Hi Pierre,
Thank you for this patch.
On Wed, Jan 25, 2023 at 02:28 AM, PierreGondois wrote:
>
> --- a/Silicon/Hisilicon/Drivers/FlashFvbDxe/FlashFvbDxe.inf
> +++ b/Silicon/Hisilicon/Drivers/FlashFvbDxe/FlashFvbDxe.inf
> @@ -25,6 +25,7 @@ [Packages]
> MdePkg/MdePkg.dec
> MdeModulePkg/MdeModulePk
Hi Sahil, Thomas,
Please find my response inline marked [SAMI].
Regards,
Sami Mujawar
On 25/01/2023, 19:53, "Thomas Abraham" wrote:
Hi Sahil,
On 06/01/2023 06:09, sahil via groups.io wrote:
> From: Himanshu Sharma
>
> In DBG2 table, IRQ ID was set as 0 for the UART. T
On Thu, 26 Jan 2023 at 01:56, Dionna Glaze wrote:
>
> The added behavior is to accept all unaccepted memory at
> ExitBootServices if the behavior is not disabled. This allows safe
> upgrades for OS loaders to affirm their support for the unaccepted
> memory type.
>
> Cc: Gerd Hoffmann
> Cc: James
GenFvInternalLib.c: useless inclusion and dependency on uuid.h.
>From 6c0ba96fa11390750e102ebd277f59ef38970394 Mon Sep 17 00:00:00 2001
From: Thierry LARONDE
Date: Thu, 26 Jan 2023 10:49:12 +0100
Subject: [PATCH] Remove useless uuid.h include.
Signed-off-by: Thierry LARONDE
---
BaseTools/Sourc
On Thu, 26 Jan 2023 at 11:35, Thomas Abraham wrote:
>
>
>
> On 25/01/2023 10:27, pierre.gond...@arm.com wrote:
> > From: Pierre Gondois
> >
> > The '-march=armv8-a+nofp' flag used for PlatformStandaloneMm.dsc
> > was removed in the previous patch. The same flag was probably copied
> > from this f
On 25/01/2023 10:28, pierre.gond...@arm.com wrote:
From: Pierre Gondois
Building the following images with the SECURE_STORAGE_ENABLE flag
fails due to VariableFlashInfoLib being missing:
- Platform/ARM/SgiPkg/PlatformStandaloneMm.dsc
- Platform/ARM/SgiPkg/PlatformStandaloneMm2.dsc
Add t
On 25/01/2023 10:27, pierre.gond...@arm.com wrote:
From: Pierre Gondois
The '-march=armv8-a+nofp' flag used for PlatformStandaloneMm.dsc
was removed in the previous patch. The same flag was probably copied
from this first configuration in:
commit bd5071cfbde01 ("StMMRpmb: Add support for bui
On 25/01/2023 10:27, pierre.gond...@arm.com wrote:
From: Pierre Gondois
The '-march=armv8-a+nofp' flag abort the following build:
build -a AARCH64 -p Platform/ARM/SgiPkg/PlatformStandaloneMm.dsc
-t GCC5 -D SECURE_STORAGE_ENABLE
Error message:
CryptoPkg/Library/OpensslLib/openssl/cry
On Thu, 26 Jan 2023 at 02:48, Yao, Jiewen wrote:
>
> Reviewed-by: Jiewen Yao
>
Merged as #3947, thanks
> > -Original Message-
> > From: devel@edk2.groups.io On Behalf Of Gerd
> > Hoffmann
> > Sent: Thursday, January 26, 2023 1:11 AM
> > To: devel@edk2.groups.io
> > Cc: Pawel Polawski ;
On Thu, 26 Jan 2023 at 09:03, Ard Biesheuvel wrote:
>
> On Thu, 26 Jan 2023 at 02:42, Yao, Jiewen wrote:
> >
> > Reviewed-by: Jiewen Yao
> >
>
> Thanks, I'll go and merge this.
>
>
Merged as #3947, thanks
> > > -Original Message-
> > > From: Kinney, Michael D
> > > Sent: Thursday, Jan
On Thu, 26 Jan 2023 at 02:42, Yao, Jiewen wrote:
>
> Reviewed-by: Jiewen Yao
>
Thanks, I'll go and merge this.
> > -Original Message-
> > From: Kinney, Michael D
> > Sent: Thursday, January 26, 2023 3:44 AM
> > To: Jake Garver ; devel@edk2.groups.io
> > Cc: jbra...@nvidia.com; ashishs
62 matches
Mail list logo
