[edk2-devel] Debug OVMF

Hi, I'm trying to debug OVMF with gdb connected to Cloud Hypervisor but the problem is that the debug binary that I have generated doesn't contain any symbols. Do you know how to generate debug symbols for OVMF? Thanks, Sebastien ---

Re: [edk2-devel] [PATCH 1/3] CryptoPkg: Update process_files.pl to automatically add PCD config option

Hi, > +# > +# Add conditional feature to opensslconf.h > +# I'd suggest to write the opensslconf.h created by openssl unmodified to opensslconf-generated.h, then have a opensslconf.h like this: #include #include "opensslconf-generated.h" #if !FixedPcdGetBool(PcdEcEnable) # define OPENSSL_NO_E

Re: [edk2-devel] [PATCH 3/3] CryptoPkg/openssl: update generated files

On Mon, May 09, 2022 at 03:25:24AM +, Yao, Jiewen wrote: > Thanks for the update. > > think some changes are unnecessary. > > > -#define OSSL_CRYPTO_DSO_CONF_H > > -#define DSO_NONE > > -#define DSO_EXTENSION ".so" > > +# define OSSL_CRYPTO_DSO_CONF_H > > +# define DSO_NONE > > +# define DS

[edk2-devel] Question about PCD and FW_BASE_ADDRESS

Hi, I have a question related to the MMIO accesses performed by OVMF that I can see are happening whenever PcdGet() is invoked. Could you tell me how PCD works that can explain why I can see some MMIO read accesses on address 0xFFFD5A24? Also, I'm using the CloudHv target, meaning it's loaded as

Re: [edk2-devel] [PATCH 0/5] CryptoPkg/openssl: enable EC unconditionally.

On Mon, May 09, 2022 at 01:38:35AM +, Yao, Jiewen wrote: > Thank you Gerd. > > I collected feedback from Intel BIOS team, both client and server, both old > platform and new platform. > > In general, the new platform will leave enough space for crypto improvement. > Size is not a big issue.

Re: [edk2-devel] Debug OVMF

On Mon, May 09, 2022 at 09:32:52AM +, Boeuf, Sebastien wrote: > Hi, > > I'm trying to debug OVMF with gdb connected to Cloud Hypervisor but the > problem is that the debug binary that I have generated doesn't contain > any symbols. Do you know how to generate debug symbols for OVMF? Build/Ovm

Re: [edk2-devel] [PATCH 1/3] CryptoPkg: Update process_files.pl to automatically add PCD config option

Sounds good, I like this idea which make openssl generated part and edk2 conditional part more clear. Thank you, Yi -Original Message- From: devel@edk2.groups.io On Behalf Of Gerd Hoffmann Sent: Monday, May 9, 2022 5:34 PM To: Li, Yi1 Cc: devel@edk2.groups.io; Yao, Jiewen ; Wang, Jian

Re: [edk2-devel] Debug OVMF

On Mon, 2022-05-09 at 11:49 +0200, kra...@redhat.com wrote: > On Mon, May 09, 2022 at 09:32:52AM +, Boeuf, Sebastien wrote: > > Hi, > > > > I'm trying to debug OVMF with gdb connected to Cloud Hypervisor but > > the > > problem is that the debug binary that I have generated doesn't > > contain

Re: [edk2-devel] [PATCH 3/3] CryptoPkg/openssl: update generated files

Yes it does come from running the generated files though uncrustify once last year when uncrustify was introduced: https://github.com/tianocore/edk2/commit/7c342378317039e632d9a1a5d4cf7c21aec8cb7a I can remove those change next patch to avoid confusion. Thank you, Yi -Original Message

Re: [edk2-devel] [PATCH 0/5] CryptoPkg/openssl: enable EC unconditionally.

Old == the launched platform, or the platform will be launched shortly where the flash size and layout are locked. It is huge risk to change the layout suddenly. And it is not practical to change the flash size. (E.g. How can you change your flash size on your laptop? ) New platform usually does

Re: [edk2-devel] [PATCH 3/3] CryptoPkg/openssl: update generated files

On Mon, May 09, 2022 at 10:05:21AM +, Li, Yi1 wrote: > Yes it does come from running the generated files though uncrustify once last > year when uncrustify was introduced: > https://github.com/tianocore/edk2/commit/7c342378317039e632d9a1a5d4cf7c21aec8cb7a Thanks for checking. > I can remove

Re: [edk2-devel] [PATCH 0/5] CryptoPkg/openssl: enable EC unconditionally.

Hi, > Old == the launched platform, or the platform will be launched shortly > where the flash size and layout are locked. So everything you can buy today. > It is huge risk to change the layout suddenly. And it is not practical > to change the flash size. (E.g. How can you change your flash

Re: [edk2-devel] [PATCH 0/5] CryptoPkg/openssl: enable EC unconditionally.

On Mon, 2022-05-09 at 13:27 +0200, Gerd Hoffmann wrote: [...] > > 1) Please keep the good work to enable OPENSSL3.0 in your personal > > branch. > > 2) If you have some way to control the size, then do it. If there > > is no much size difference by default, then you can submit to EDKII > > directly

Re: [edk2-devel] [PATCH 3/4] MpInitLib: Put SEV logic in separate file

Tom, Can you please review this change? Does it cause any regression to SEV feature? > -Original Message- > From: devel@edk2.groups.io On Behalf Of Ni, Ray > Sent: Saturday, May 7, 2022 11:13 PM > To: devel@edk2.groups.io > Cc: Dong, Eric ; Kumar, Rahul1 ; > Michael Roth ; > James Bottom

Re: [edk2-devel] [PATCH 0/5] CryptoPkg/openssl: enable EC unconditionally.

It is possible to switch to other crypt lib. For example, the *mbedtls* version POC can be found at https://github.com/jyao1/edk2/tree/DeviceSecurity/CryptoMbedTlsPkg The advantage is: the size is much smaller. The disadvantage is: some required functions are not available, such as PKCS7. Thank

Re: [edk2-devel] [PATCH 0/5] CryptoPkg/openssl: enable EC unconditionally.

I am not sure how good the openssl MACRO is designed to remove unnecessary crypto. I think we may submit patch to openssl to add more configuration, if that can help reduce size. Thank you Yao Jiewen > -Original Message- > From: devel@edk2.groups.io On Behalf Of Yao, Jiewen > Sent: M

Re: [edk2-devel] [PATCH V2 0/6] Support 2 CpuMpPei/CpuDxe in One image

Gerd & Tom What are your comments about this patch-set? > -Original Message- > From: Xu, Min M > Sent: Saturday, May 7, 2022 9:36 AM > To: devel@edk2.groups.io > Cc: Xu, Min M ; Dong, Eric ; Ni, > Ray ; Brijesh Singh ; Aktas, > Erdem ; James Bottomley ; > Yao, Jiewen ; Tom Lendacky > ; Ge

Re: [edk2-devel] [PATCH 0/5] CryptoPkg/openssl: enable EC unconditionally.

On Mon, 2022-05-09 at 12:03 +, Yao, Jiewen wrote: > It is possible to switch to other crypt lib. > > For example, the *mbedtls* version POC can be found at > https://github.com/jyao1/edk2/tree/DeviceSecurity/CryptoMbedTlsPkg > The advantage is: the size is much smaller. > The disadvantage is:

回复: [edk2-devel] [PATCH] MdeModulePkg/PCD: Pcd initialize DXE have assert

I have merged it by https://github.com/tianocore/edk2/pull/2865 Thanks Liming 发件人: Guo, Gua 发送时间: 2022年5月9日 9:31 收件人: Gao, Liming ; devel@edk2.groups.io 抄送: Guo, Gua 主题: RE: [edk2-devel] [PATCH] MdeModulePkg/PCD: Pcd initialize DXE have assert @gaolim

Re: [edk2-devel] [PATCH 3/4] MpInitLib: Put SEV logic in separate file

On 5/9/22 06:54, Ni, Ray wrote: Tom, Can you please review this change? Does it cause any regression to SEV feature? Hi Ray, I just got back from vacation today and I'm going through all my email. I'll take a look as soon as I can. Thanks, Tom -Original Message- From: devel@edk2

Re: [edk2-devel] [PATCH] MdeModulePkg/PCD: Pcd initialize DXE have assert

@gaoliming May I get your help to add push Label on the PR ? https://github.com/tianocore/edk2/pull/2844 It seems I don't have access right to add push Label by myself. If have any concern please also share me. Thanks, Gua -Original Message- From

Re: [edk2-devel] [PATCH V2 0/6] Support 2 CpuMpPei/CpuDxe in One image

On 5/9/22 07:44, Xu, Min M wrote: Gerd & Tom What are your comments about this patch-set? Hi Min, This appears to resolve the issue. I was able to boot a 64 vCPU guest in legacy, SEV, SEV-ES and SEV-SNP modes without any asserts. I'm assuming that you were able to see the ASSERTs on your en

Re: [edk2-devel] Debug OVMF

Sebastien, The UEFI ROMs generally contain sets of PE/COFF images (drivers, apps, etc) that execute not at their linked address. These PE/COFF images have been stripped of debug information and optionally contain a PE/COFF debug directory entry that points to a file that contains the debug info

Re: [edk2-devel] [PATCH 0/4] Refactor MpInitLib

Hi Ray, Do you have a public git tree with these patches that I can use to test with? I'm having lots of problems pulling these patches out of my mail client and applying them. Thanks, Tom On 5/7/22 10:13, Ni, Ray via groups.io wrote: Ray Ni (4): MpInitLib: Allocate code buffer for PEI

Re: [edk2-devel] [PATCH 0/4] Refactor MpInitLib

https://github.com/niruiyu/edk2/tree/refactormp thanks, ray From: devel@edk2.groups.io on behalf of Lendacky, Thomas via groups.io Sent: Tuesday, May 10, 2022 5:39:51 AM To: devel@edk2.groups.io ; Ni, Ray Subject: Re: [edk2-devel] [PATCH 0/4] Refactor MpInitLib

[edk2-devel] Now: Tools, CI, Code base construction meeting series - 05/09/2022 #cal-notice

*Tools, CI, Code base construction meeting series* *When:* 05/09/2022 4:30pm to 5:30pm (UTC-07:00) America/Los Angeles *Where:* https://github.com/tianocore/edk2/discussions/2614 View Event ( https://edk2.groups.io/g/devel/viewevent?eventid=1492551 ) *Description:* TianoCore community, Micros

Re: [edk2-devel] [PATCH V2 0/6] Support 2 CpuMpPei/CpuDxe in One image

On May 10, 2022 1:30 AM, Tom Lendacky wrote: > > On 5/9/22 07:44, Xu, Min M wrote: > > Gerd & Tom > > What are your comments about this patch-set? > > Hi Min, > > This appears to resolve the issue. I was able to boot a 64 vCPU guest in > legacy, SEV, SEV-ES and SEV-SNP modes without any asserts.

Re: [edk2-devel] Question about PCD and FW_BASE_ADDRESS

> On May 9, 2022, at 2:42 AM, Boeuf, Sebastien > wrote: > > Hi, > > I have a question related to the MMIO accesses performed by OVMF that I > can see are happening whenever PcdGet() is invoked. Could you tell me > how PCD works that can explain why I can see some MMIO read accesses on > addres

[edk2-devel] Event: TianoCore Bug Triage - APAC / NAMO - 05/10/2022 #cal-reminder

*Reminder:* TianoCore Bug Triage - APAC / NAMO *When:* 05/10/2022 6:30pm to 7:30pm (UTC-07:00) America/Los Angeles *Where:* https://teams.microsoft.com/l/meetup-join/19%3ameeting_OTk1YzJhN2UtOGQwNi00NjY4LWEwMTktY2JiODRlYTY1NmY0%40thread.v2/0?context=%7b%22Tid%22%3a%2246c98d88-e344-4ed4-8496-4ed77

[edk2-devel] [PATCH V2 0/5] CryptoPkg/openssl: Enable EC conditionally.

Recommend from Gerd: (2) Keep the EC config option, but update process_files.pl to automatically add the PcdEcEnabled config option handling to the files it generates. This patch set does (2). When remove 'no-ec' from openssl configure list, will automatically remove 'OPENSSL_NO_EC', 'OPENSSL

[edk2-devel] [PATCH V2 1/5] CryptoPkg: Rename PCD about openssl EC configuration

PcdOpensslXXXEnabled is a more appropriate choice. Signed-off-by: Yi Li Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang --- CryptoPkg/CryptoPkg.dec | 2 +- .../Library/BaseCryptLib/BaseCryptLib.inf | 2 +- .../Library/BaseCryptLib/PeiCryptLib.inf

[edk2-devel] [PATCH V2 2/5] CryptoPkg: Separate auto-generated openssl config and edk2 openssl config

Move auto-generated openssl config to opensslconf_generated.h, And opensslconf.h will contain both edk2 conditional openssl feature and opensslconf_generated.h. Will make two part more clear. New conditional feture code in opensslconf.h will look like: /* Autogenerated conditional openssl featur

[edk2-devel] [PATCH V2 3/5] CryptoPkg: Update process_files.pl to automatically add PCD config option

Recommend from Gerd: (2) Keep the EC config option, but update process_files.pl to automatically add the PcdEcEnabled config option handling to the files it generates. When remove 'no-ec' from openssl configure list, will automatically remove 'OPENSSL_NO_EC', 'OPENSSL_NO_ECDH', 'OPENSSL_NO_ECD

[edk2-devel] [PATCH V2 4/5] CryptoPkg/openssl: update generated files

Run process_files.pl with the current openssl submodule version. Signed-off-by: Yi Li Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Gerd Hoffmann --- CryptoPkg/Library/Include/crypto/dso_conf.h | 7 +- .../Library/Include/openssl/opensslconf.h | 17 ++ .../Inclu

[edk2-devel] [PATCH V2 5/5] CryptoPkg/openssl: disable codestyle checks for generated files

Files generated by process_files.pl from openssl sources should not be checked for edk2 code style. Signed-off-by: Gerd Hoffmann Signed-off-by: Yi Li Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang --- CryptoPkg/CryptoPkg.ci.yaml | 11 +++ 1 file changed, 11 insertion

[edk2-devel] [PATCH V3 5/5] CryptoPkg/openssl: disable codestyle checks for generated files

Files generated by process_files.pl from openssl sources should not be checked for edk2 code style. Signed-off-by: Gerd Hoffmann Signed-off-by: Yi Li Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang --- CryptoPkg/CryptoPkg.ci.yaml | 14 +- 1 file changed, 13 insert

[edk2-devel] Cancelled Event: TianoCore Bug Triage - APAC / NAMO - Tuesday, May 10, 2022 #cal-cancelled

BEGIN:VCALENDAR VERSION:2.0 PRODID:-//Groups.io Inc//Groups.io Calendar//EN METHOD:CANCELLED REFRESH-INTERVAL;VALUE=DURATION:PT1H X-PUBLISHED-TTL:PT1H CALSCALE:GREGORIAN BEGIN:VTIMEZONE TZID:America/Los_Angeles LAST-MODIFIED:20220317T223602Z TZURL:http://tzurl.org/zoneinfo-outlook/America/Los_Angel