Add AeadAesGcm Encrypt and Decrypt.
With this change, the size increase of BaseCyrptLib is about 60K bytes.
The new functions are verifed by the Host UnitTest.
And also it has been integratd in
https://github.com/tianocore/edk2-staging/tree/DeviceSecurity and been
verified.
All the code change is
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4036
Signed-off-by: Qi Zhang
Cc: Jiewen Yao
Cc: Jian J Wang
Cc: Xiaoyu Lu
Cc: Guomin Jiang
---
CryptoPkg/Include/Library/BaseCryptLib.h | 87
1 file changed, 87 insertions(+)
diff --git a/CryptoPkg/Include/Library/
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4036
Signed-off-by: Qi Zhang
Cc: Jiewen Yao
Cc: Jian J Wang
Cc: Xiaoyu Lu
Cc: Guomin Jiang
---
.../Library/BaseCryptLib/BaseCryptLib.inf | 1 +
.../BaseCryptLib/Cipher/CryptAeadAesGcm.c | 279 ++
.../BaseCryptLib/C
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4036
Signed-off-by: Qi Zhang
Cc: Jiewen Yao
Cc: Jian J Wang
Cc: Xiaoyu Lu
Cc: Guomin Jiang
---
CryptoPkg/CryptoPkg.dsc | 2 +
CryptoPkg/Driver/Crypto.c | 94 ++-
.../Pcd/PcdCryptoSe
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4036
Signed-off-by: Qi Zhang
Cc: Jiewen Yao
Cc: Jian J Wang
Cc: Xiaoyu Lu
Cc: Guomin Jiang
---
.../BaseCryptLib/UnitTestHostBaseCryptLib.inf | 1 +
.../Library/BaseCryptLib/AeadAesGcmTests.c| 112 ++
.../BaseCryptLib/B
https://bugzilla.tianocore.org/show_bug.cgi?id=4035
64bit FSP FV map file cannot be created correctly when using CLANG
compiler. When compiling 64bit FSP with CLANG, there is no prefix
symbol '_' added to function name. Hence FSP FV map file cannot be
created properly. Updated the if condition for
On Fri, Aug 26, 2022 at 11:15:20PM +0800, Lee, Chun-Yi wrote:
> Reference: https://bugzilla.tianocore.org/show_bug.cgi?id=4031
>
> This patch is similar to the c477b2783f patch for Td guest.
>
> Host VMM may inject OptionRom which is untrusted in Sev guest. So PCI
> OptionRom needs to be ignored
On Sat, Aug 27, 2022 at 07:07:06AM +0800, Min Xu wrote:
> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3974
>
> CcProbeLib once was designed to probe the Confidential Computing guest
> type by checking the PcdOvmfWorkArea. But this memory is allocated with
> either EfiACPIMemoryNVS or EfiBoo
Reviewed-by: Nickle Wang
Thanks,
Nickle
於 2022年8月28日 週日 晚上7:30寫道:
> From: Abner Chang
>
> Temporary modified on the auto-generated lib to support
> Redfish BIOS attributes. RedfishScemaToCStructure python
> script needs to be updated for fixing this issue.
>
> Signed-off-by: Abner Chang
> C
Thanks Andrew / Sivaraman for the guidance.
Definitely good places for me to start.
Thanks
Rafael
Em dom., 28 de ago. de 2022 às 08:25, Sivaraman Nainar
escreveu:
> Hello Rafael.
>
>
>
> HttpBootCheckUriScheme() in HttpBootDxe\HttpBootSupport.c should be the
> right place to filter the URI.
>
On 8/26/22 18:07, Min Xu wrote:
From: Min M Xu
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3974
CcProbeLib once was designed to probe the Confidential Computing guest
type by checking the PcdOvmfWorkArea. But this memory is allocated with
either EfiACPIMemoryNVS or EfiBootServicesData.
The MpServicesTest application exercises the EFI_MP_SERVICES_PROTOCOL.
usage:
MpServicesTest -A [-O]
MpServicesTest -T
MpServicesTest -S
MpServicesTest -P
MpServicesTest -U
MpServicesTest -W
MpServicesTest -E
MpServicesTest -D
MpServicesTest -h
Parameter:
-A: Run all APs
This is the rework of the patches I sent out in late 2021,
building on fixes done by Ard at
https://github.com/ardbiesheuvel/edk2/tree/armpkg-mpservicesdxe-refactor.
The most significant changes are the addition of code to enable
the MMU and caches on the APs, and changing MpServicesTest to
use co
Add support for EFI_MP_SERVICES_PROTOCOL during the DXE phase under
AArch64.
PSCI_CPU_ON is called to power on the core, the supplied procedure is
executed and PSCI_CPU_OFF is called to power off the core.
Fixes contributed by Ard Biesheuvel.
Signed-off-by: Rebecca Cran
---
ArmPkg/ArmPkg.dsc
Series Reviewed-by: Isaac Oram
-Original Message-
From: devel@edk2.groups.io On Behalf Of Théo Jehl
Sent: Friday, August 26, 2022 5:02 PM
To: devel@edk2.groups.io
Cc: Leif Lindholm ; Kinney, Michael D
; Oram, Isaac W ; Pedro
Falcato ; Gerd Hoffmann ; Stefan
Hajnoczi
Subject: [edk2-de
MinPlatform is an open-source EDK2 firmware project that can boot some
mainstream boards. However, it lacked working support for S3 resume, an
important feature for mobile platforms, which means that its
applicability as-is to mainstream use is limited. Therefore, I have now
implemented working S3
SMRAM must be opened to retrieve the lockbox for S3, and SMM
communication depends on this PPI. For security purposes, SMRAM
lock must be performed before EndOfPei (although FSP notify performs
lockdown too).
It seems to me that this library is generic and applicable to all Intel
platforms in the
S3 resume may require communication with SMM, for which we need the
SmmControl PPI. Therefore, port the DXE drivers to a library, like there
is for SMM Access.
As the registers are common across Intel platforms in the tree, while
a helper function definition is not, implement a new library as a
co
Follow-up commits to MinPlatform (PeiFspWrapperHobProcessLib for
memory) and FSP-related board libraries (policy overrides)
required for successful S3 resume.
Factored allocation logic into new module to avoid MinPlatform
dependency on S3Feature package.
TODO: Can optimise required size.
Cc: Nat
Consume S3 resume memory allocation on resume flow.
Also, include complementary FirmwarePerformanceDataTablePei module in
MinPlatform FV for S3 resume performance measurement.
Cc: Chasel Chiu
Cc: Nate DeSimone
Cc: Ankit Sinha
Cc: Isaac Oram
Cc: Liming Gao
Cc: Eric Dong
Signed-off-by: Benjam
Use silicon code to detect S3 resume state. Apply some relevant policy
modifications.
PcdPeiMemSize must be in common scope, for a DXE module to allocate
required memory. Libraries that produce required PPIs are defined.
BootScriptExecutorDxe should only be linked against a functionally
compatibl
On 8/27/22 01:21, Min Xu wrote:
From: Jiaqi Gao
RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3937
When CoreAllocatePages() / CoreAllocatePool() meets error of
EFI_OUT_OF_RESOURCES, locate the EdkiiMemoryAcceptProtocol and accept extra
memory dynamically.
Firstly, find the unaccpeted me
Hi Savva,
Sorry for the huge delay. Comments inline.
On Thu, Jul 28, 2022 at 4:26 PM Savva Mitrofanov wrote:
> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3677
>
> Provided support for symlink file type. Added routine which allows
> reading and following them through recursive open() cal
It would be good if we could get this committed now the stable tag has
been created.
--
Rebecca Cran
On 8/9/22 03:39, Rohit Mathew wrote:
Hi,
Could anyone please let me know if there are any more comments on this patch?
Saw that we have moved into soft freeze for edk2 and wanted to add that w
There currently isn't a way to differentiate the different
levels of DEBUG output: DEBUG_ERROR, DEBUG_WARN, DEBUG_INFO
etc.
To improve this, wrap DEBUG_ERROR and DEBUG_WARN level
messages in ANSI color code escape sequences. DEBUG_ERROR
messages will be displayed in red text, and DEBUG_WARN
in ora
Reviewed-by: Isaac Oram
I would prefer to see contents of sections indented, but it is a nit.
It might be slightly better to have PcdsFixedAtBuild type PCD for the register
information, but this is pretty stable HW, so it is ok.
Regards,
Isaac
-Original Message-
From: Benjamin Doron
*Reminder: Tools, CI, Code base construction meeting series*
*When:*
08/29/2022
4:30pm to 5:30pm
(UTC-07:00) America/Los Angeles
*Where:*
https://github.com/tianocore/edk2/discussions/2614
View Event ( https://edk2.groups.io/g/devel/viewevent?eventid=1608788 )
*Description:*
TianoCore communit
I think that the shim lib might be overkill. PmcGetAcpiBase just resolves to
PcdGet16 (PcdAcpiBaseAddress);
I think that you should be able to use that PCD for any Intel chipset/silicon
for the foreseeable future.
I would prefer to see contents of sections in INF files indented, but it is a
ni
Hi Rebecca,
I think this is a good idea to improve readability.
However, I think there is an assumption today that debug
message output is just ASCII text with no assumptions on
a terminal type and no assumption on screen width or screen
height and no support for cursor control.
This change woul
*Tools, CI, Code base construction meeting series*
*When:*
08/29/2022
4:30pm to 5:30pm
(UTC-07:00) America/Los Angeles
*Where:*
https://github.com/tianocore/edk2/discussions/2614
View Event ( https://edk2.groups.io/g/devel/viewevent?eventid=1608788 )
*Description:*
TianoCore community,
Micros
On August 29, 2022 9:37 PM, Tom Lendacky wrote:
> On 8/26/22 18:07, Min Xu wrote:
> > From: Min M Xu
> >
> > BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3974
> >
> > To gurantee the GuestType is cached, we read the value in both
>
> s/gurantee/guarantee/
Thanks for reminder. It will be fix
S3Feature.dsc
- remove commented out code
# Add library instances here that are not included in package components and
should be tested
# in the package build.
- These comments don't make a lot of sense to me in the feature include DSC.
Looks like cut and paste propagation that is not appro
FspWrapperHobProcessLib.h
- Resolve ToDo
CorePeiInclude.dsc, CorePostMemoryInclude.fdf
- MinPlatformPkg should not consume advanced feature content directly.
- I dislike conditioning the performance on boot to shell. Please remove.
Basically, items can be removed in stage 7 (optimization) if they
Doran,
Which platform are you using? I thought those platforms are quite old and no
one is using them.
> -Original Message-
> From: Oram, Isaac W
> Sent: Tuesday, August 30, 2022 6:27 AM
> To: Benjamin Doron ; devel@edk2.groups.io
> Cc: Desimone, Nathaniel L ; Sinha, Ankit
> ; Ni, Ray
>
Can you please explain more about this patch?
I am a little nervous when seeing patches that change the fundamental memory
services.
> -Original Message-
> From: devel@edk2.groups.io On Behalf Of Lendacky,
> Thomas via groups.io
> Sent: Tuesday, August 30, 2022 4:47 AM
> To: Xu, Min M ;
Right, but Kabylake has a different implementation that retrieves it from
HW registers - PchAcpiBaseGet(). This is probably optional, there is a PCD,
but it's in a different package scope. I don't know how to handle the
Packages in the INF to keep this silicon package agnostic. For that matter,
it
From: Min M Xu
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3974
CcProbeLib once was designed to probe the Confidential Computing guest
type by checking the PcdOvmfWorkArea. But this memory is allocated with
either EfiACPIMemoryNVS or EfiBootServicesData. It cannot be accessed
after ExitBo
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3974
CcProbeLib once was designed to probe the Confidential Computing guest
type by checking the PcdOvmfWorkArea. But this memory is allocated with
either EfiACPIMemoryNVS or EfiBootServicesData. It cannot be accessed
after ExitBootService. Please
From: Min M Xu
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3974
SecPeiCcProbeLib is designed to probe the Confidential Computing guest
type in SEC/PEI phase. The CC guest type was set by each CC guest at
the beginning of boot up and saved in PcdOvmfWorkArea.
Cc: Erdem Aktas
Cc: James Bo
https://bugzilla.tianocore.org/show_bug.cgi?id=4017
This change modifies NvmExpressPei library to allow usage EDKII_PCI_DEVICE_PPI
to manage Nvme device.
For now, the part that performs the enumeration and creates
EDKII_PCI_DEVICE_PPI will be implemented in the silicon code.
Sample code can be s
https://bugzilla.tianocore.org/show_bug.cgi?id=4017
This change modifies NvmExpressPei library
to allow usage both EDKII_PCI_DEVICE_PPI and
EDKII_NVM_EXPRESS_HOST_CONTROLLER_PPI to manage Nvme device.
Signed-off-by: Xiao X Chen
Cc: Hao A Wu
Cc: Ray Ni
---
.../Bus/Pci/NvmExpressPei/DevicePath.
Ray,
My primary platform for firmware development is the Skylake laptop I've
submitted to the tree. I have a Tigerlake laptop too, but my porting
efforts there are generally too WIP to test patches anywhere yet.
Regardless, this patch series is intended to support as many platforms as
possible. It
*Reminder: TianoCore Bug Triage - APAC / NAMO*
*When:*
08/30/2022
6:30pm to 7:30pm
(UTC-07:00) America/Los Angeles
*Where:*
https://teams.microsoft.com/l/meetup-join/19%3ameeting_OTk1YzJhN2UtOGQwNi00NjY4LWEwMTktY2JiODRlYTY1NmY0%40thread.v2/0?context=%7b%22Tid%22%3a%2246c98d88-e344-4ed4-8496-4ed77
Thanks for the patch, it looks good to me generally.
One comment within NvmeInitControllerDataFromPciDevice(), could you help to
refine the BAR type check?
For bits 2:0
000: 32 bit memory space
100: 64 bit memory space
All other values are not supported by the driver.
Also, could you help to add
Reviewed-by: Michael D Kinney
Mike
> -Original Message-
> From: mikub...@linux.microsoft.com
> Sent: Thursday, August 25, 2022 8:37 AM
> To: devel@edk2.groups.io
> Cc: Sean Brogan ; Barkelew, Bret
> ; Kinney, Michael D
> ; Gao, Liming
> Subject: [PATCH v1 1/1] .azurepipelines: Use Py
Reviewed-by: Michael D Kinney
> -Original Message-
> From: Gary Lin
> Sent: Thursday, August 25, 2022 11:58 PM
> To: devel@edk2.groups.io
> Cc: Ard Biesheuvel ; Yao, Jiewen
> ; Justen, Jordan L ;
> Gerd Hoffmann ; Kinney, Michael D
>
> Subject: [PATCH] Maintainers.txt: update Gary's e
On August 30, 2022 4:47 AM, Lendacky, Thomas wrote:
> On 8/27/22 01:21, Min Xu wrote:
> > From: Jiaqi Gao
> >
> > RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3937
> >
> > When CoreAllocatePages() / CoreAllocatePool() meets error of
> > EFI_OUT_OF_RESOURCES, locate the EdkiiMemoryAcceptProt
Reviewed-by: Michael D Kinney
> -Original Message-
> From: Li, Zhihao
> Sent: Sunday, August 28, 2022 9:18 AM
> To: devel@edk2.groups.io
> Cc: Kinney, Michael D ; Gao, Liming
>
> Subject: [PATCH v1 1/1] MdePkg: Remove the restriction of
> SmmCpuRendezvousLibNull.
>
> REF: https://bug
From: Abner Chang
BZ 4037:
Install EFI_DISCOVER_PROTOCOL on each network interface.
This fixes the issue that causes the high-level Redfish driver
on the network interface is stopped when:
1. EFI_DISCOVER_PROTOCOL is reinstalled on a new-found network
interface, or
2. EFI_DISCOVER_PROTOCOL is
Add new Serial port library instance that consumes the HOB defined
in MdeModulePkg/Include/UniversalPayload/SerialPortInfo.h to support
multiple UART's.
Cc: Guo Dong
Cc: Ray Ni
Cc: Sean Rhodes
Cc: Gua Guo
Signed-off-by: Kavya
---
UefiPayloadPkg/Library/BaseSerialPortLibHob/BaseSerialPortLibH
Let DxeMain.inf consume new SerialPortLib to support multiple
channel debug message on early DXE if DEBUG_REAL_INSTANCE_SUPPORT
is true.
Cc: Guo Dong
Cc: Ray Ni
Cc: Sean Rhodes
Cc: Gua Guo
Signed-off-by: Kavya
---
UefiPayloadPkg/UefiPayloadPkg.dsc | 6 ++
1 file changed, 6 insertions(+)
This change modifies NvmExpressPei library to allow usage EDKII_PCI_DEVICE_PPI
to manage Nvme device.
For now, the part that performs the enumeration and creates
EDKII_PCI_DEVICE_PPI will be implemented in the silicon code.
Sample code can be seen here:
https://github.com/mczaj/edk2-platforms/co
https://bugzilla.tianocore.org/show_bug.cgi?id=4017
This change modifies NvmExpressPei library
to allow usage both EDKII_PCI_DEVICE_PPI and
EDKII_NVM_EXPRESS_HOST_CONTROLLER_PPI to manage Nvme device.
Cc: Hao A Wu
Cc: Ray Ni
Signed-off-by: Xiao X Chen
---
.../Bus/Pci/NvmExpressPei/DevicePath.
On August 30, 2022 8:29 AM, Ni, Ray wrote:
> Can you please explain more about this patch?
> I am a little nervous when seeing patches that change the fundamental
> memory services.
>
With the introduction of lazy-page-accept, the OUT_OF_RESOURCE may occur in
Memory Allocation logic (MdeModulePkg
Min,
My understanding is there is a TDX driver in DXE phase that accepts memory
using MP protocol.
We only need to make sure there is sufficient memory for code running before
that point.
Is my understanding correct?
Thanks,
Ray
> -Original Message-
> From: Xu, Min M
> Sent: Tuesday, A
Thanks.
Reviewed-by: Hao A Wu
Will wait a couple of days before merging to see if comments from other
reviewers.
Best Regards,
Hao Wu
> -Original Message-
> From: Chen, Xiao X
> Sent: Tuesday, August 30, 2022 1:47 PM
> To: devel@edk2.groups.io
> Cc: Chen, Xiao X ; Wu, Hao A
> ; Ni, Ra
On August 30, 2022 2:15 PM, Ni Ray wrote:
> Min,
> My understanding is there is a TDX driver in DXE phase that accepts memory
> using MP protocol.
EdkiiMemoryAcceptProtocol is a protocol which accept memories. It is
implemented/installed by the platform drivers, such as TdxDxe driver, or SEV
driv
57 matches
Mail list logo
