[edk2-devel] [PATCH v1] UefiCpuPkg/PiSmmCpuDxeSmm: Fix S3 failure in SmmRestoreCpu

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4368 This issue is caused by the commit: ec07fd0e35d90dbcc36be300a9ceeac29c5de2ad GetFirstGuidHob() should not be used after exit boot service. Cc: Eric Dong Cc: Ray Ni Cc: Zeng Star Cc: Laszlo Ersek Cc: Gerd Hoffmann Signed-off-by: Jiaxin

[edk2-devel] PcdLib instance for OVMF SecMain

Another issue exposed during boot OVMF: SecCoreStartupWithStack(0xFFFCC000, 0x82) ASSERT [SecMain] c:\dev\code\edk2\MdePkg\Library\BasePcdLibNull\PcdLib.c(95): ((BOOLEAN)(0==1)) I WA it as below fix by overriding PcdLib for SecMain driver: # # SEC Phase modules # OvmfPkg/S

Re: [edk2-devel] [PATCH 1/2] UefiCpuPkg/MpInitLib: Ensure SEV-SNP VMSA allocations are not 2MB aligned

Hi, >// Allocate a single page for the SEV-ES Save Area and initialize it. > + // Due to an erratum that prevents a VMSA being on a 2MB boundary, > + // allocate an extra page to work around the issue. A reference to the erratum (web link or erratum id) would be nice here. Also swapping t

Re: [edk2-devel] [PATCH 1/2] UefiCpuPkg/MpInitLib: Ensure SEV-SNP VMSA allocations are not 2MB aligned

> > +#define IS_ALIGNED(x, y) UINTN)(x) & (y - 1)) == 0)) 1. Can you use the existing macro ALIGN_POINTER() defined in Base.h? -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#101059): https://edk2.groups.io/g/devel/message/101059 Mu

[edk2-devel] [PATCH 01/22] CryptoPkg/openssl: update submodule to openssl-3.0.8

Signed-off-by: Gerd Hoffmann --- CryptoPkg/Library/OpensslLib/openssl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CryptoPkg/Library/OpensslLib/openssl b/CryptoPkg/Library/OpensslLib/openssl index 830bf8e1e474..31157bc0b46e 16 --- a/CryptoPkg/Library/OpensslLib/openssl

[edk2-devel] [PATCH 02/22] CryptoPkg/openssl: remove openssl 1.1.1 header files

Signed-off-by: Gerd Hoffmann --- CryptoPkg/Library/Include/crypto/dso_conf.h | 16 - .../Library/Include/openssl/opensslconf.h | 333 -- 2 files changed, 349 deletions(-) delete mode 100644 CryptoPkg/Library/Include/crypto/dso_conf.h delete mode 100644 CryptoPkg/Library/I

[edk2-devel] [PATCH 05/22] CryptoPkg/openssl: UefiAsm.conf update for openssl 3.0, add aarch64

New naming convention for the configs: UEFI-${efiarch}-${compiler}. Signed-off-by: Gerd Hoffmann --- CryptoPkg/Library/OpensslLib/UefiAsm.conf | 44 +-- 1 file changed, 16 insertions(+), 28 deletions(-) diff --git a/CryptoPkg/Library/OpensslLib/UefiAsm.conf b/CryptoPkg/Lib

[edk2-devel] [PATCH 00/22] [edk2-staging] CryptoPkg/openssl: switch to openssl-3.0

Does not yet pass CI, mostly IA32 build failures due to compiler intrinsics missing. Openssl configuration has been reorganized, all generated files are in a single subtree now, and the script to configure openssl has been rewritten in python. Gerd Hoffmann (22): CryptoPkg/openssl: update submo

[edk2-devel] [PATCH 04/22] CryptoPkg/openssl: add openssl3 configure scripts

Rewrite the script to configure openssl 3.0 from scratch. It's two scripts now: * Tiny helper script, dumping the perl configdata as json. * Actual configure.py script, written in python, which copies over the generated files to openssl-gen and updates the OpensslLib*.inf file lists and b

[edk2-devel] [PATCH 08/22] CryptoPkg/BaseCryptLib; adapt CryptSm3.c to openssl 3.0 changes.

Functions have been renamed. Signed-off-by: Gerd Hoffmann --- CryptoPkg/Library/BaseCryptLib/Hash/CryptSm3.c | 14 +++--- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSm3.c b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSm3.c index b

[edk2-devel] [PATCH 07/22] CryptoPkg/BaseCryptLib: no openssl deprecation warnings please

Stop using deprecated interfaces is left as exercise for another day. So please don't warn for now so -Werror builds can work. Signed-off-by: Gerd Hoffmann --- CryptoPkg/Library/BaseCryptLib/InternalCryptLib.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CryptoPkg/Library/BaseCryptLib/I

[edk2-devel] [PATCH 03/22] CryptoPkg/openssl: remove generated file lists

Remove the generated file lists from the OpensslLib*.inf files. Doing this in a separate patch to makes it easier to review the functional changes needed in the *.inf files for openssl 3.0. Signed-off-by: Gerd Hoffmann --- CryptoPkg/Library/OpensslLib/OpensslLib.inf | 544 --- ...

[edk2-devel] [PATCH 06/22] CryptoPkg/openssl: update Openssl*.inf files for openssl 3.0

The configure workflow as changed, see the commit adding the configure script for details. Adapt the *.inf files to the changes. The configuration define handling has changed a bit. The new configure script will build a single per-arch file list, which simplifies the Accel configs. Signed-off-b

[edk2-devel] [PATCH 11/22] CryptoPkg/TlsLib: use unsigned long for ErrorCode

Signed-off-by: Gerd Hoffmann --- CryptoPkg/Library/TlsLib/TlsConfig.c | 3 ++- CryptoPkg/Library/TlsLib/TlsProcess.c | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/CryptoPkg/Library/TlsLib/TlsConfig.c b/CryptoPkg/Library/TlsLib/TlsConfig.c index 37f6cfc27095..a05633fce4

[edk2-devel] [PATCH 13/22] CryptoPkg/openssl: move compiler_flags to buildinf.c

Seems with openssl 3.0 this is used by multiple source files, so we get duplicate symbol errors when linking. Fix that by moving compiler_flags from header file to a source file. Signed-off-by: Gerd Hoffmann --- CryptoPkg/Library/OpensslLib/OpensslLib.inf | 1 + CryptoPkg/Library/Op

[edk2-devel] [PATCH 10/22] CryptoPkg/TlsLib: ERR_GET_FUNC is gone

Signed-off-by: Gerd Hoffmann --- CryptoPkg/Library/TlsLib/TlsConfig.c | 2 +- CryptoPkg/Library/TlsLib/TlsProcess.c | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/CryptoPkg/Library/TlsLib/TlsConfig.c b/CryptoPkg/Library/TlsLib/TlsConfig.c index 60559de4a7f3..37f6cfc2709

[edk2-devel] [PATCH 12/22] CryptoPkg/openssl: adapt rand_pool.c to openssl 3.0 changes

Some functions have been renamed. Signed-off-by: Gerd Hoffmann --- CryptoPkg/Library/OpensslLib/rand_pool.c | 24 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/CryptoPkg/Library/OpensslLib/rand_pool.c b/CryptoPkg/Library/OpensslLib/rand_pool.c index 13

[edk2-devel] [PATCH 14/22] CryptoPkg/openssl: store dummy update for openssl 3.0

Signed-off-by: Gerd Hoffmann --- CryptoPkg/Library/OpensslLib/ossl_store.c | 154 ++ 1 file changed, 154 insertions(+) diff --git a/CryptoPkg/Library/OpensslLib/ossl_store.c b/CryptoPkg/Library/OpensslLib/ossl_store.c index b4297395d7ae..7cc729853473 100644 --- a/CryptoPkg/L

[edk2-devel] [PATCH 15/22] CryptoPkg/openssl: adapt EcSm2Null.c for openssl 3.0

Signed-off-by: Gerd Hoffmann --- CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf | 2 +- CryptoPkg/Library/OpensslLib/EcSm2Null.c | 7 --- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/Library/OpensslLi

[edk2-devel] [PATCH 17/22] [hash] OvmfPkg: wire up OpensslLibHash.inf

--- OvmfPkg/OvmfPkgX64.dsc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index 00f7005fca40..7da571d63a78 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -352,6 +352,7 @@ [LibraryClasses.common.PEIM] MemEncryptSevLib|

[edk2-devel] [PATCH 16/22] [hash] CryptoPkg/openssl: add OpensslLibHash.inf

Add *.inf variant with hash functions only, to support SEC and PEI doing measurements. I don't think we really need this, using OpensslLibCrypto.inf and depending on the linker dropping unused object files should work equally well. For trouble-shooting it's handy though because you'll get linker

[edk2-devel] [PATCH 09/22] CryptoPkg/BaseCryptLib: drop BIO_* dummy functions

openssl 3.0 requires a functional BIO_sprintf() implementation. Signed-off-by: Gerd Hoffmann --- .../Library/BaseCryptLib/SysCall/CrtWrapper.c | 27 --- 1 file changed, 27 deletions(-) diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c b/CryptoPkg/Library/BaseCryp

[edk2-devel] [PATCH 18/22] [provider] CryptoPkg/openssl: use our own predefined providers

Define our own ossl_predefined_providers, so we can easily compile out some or all of them for testing purposes. Effect seems to not be that big though: 1157758 TlsDxe ('default' + 'base' + 'null') 897022 TlsDxe (only 'null') So not sure yet if we actually want/need this ... Signed-off-by:

[edk2-devel] [PATCH 20/22] CryptoPkg/openssl: update CI config for openssl 3.0

Signed-off-by: Gerd Hoffmann --- CryptoPkg/CryptoPkg.ci.yaml | 9 +++-- 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/CryptoPkg/CryptoPkg.ci.yaml b/CryptoPkg/CryptoPkg.ci.yaml index 47f29759676d..b0a1b2cda27d 100644 --- a/CryptoPkg/CryptoPkg.ci.yaml +++ b/CryptoPkg/CryptoPkg.c

[edk2-devel] [PATCH 22/22] CryptoPkg/openssl: update HOWTO file

Signed-off-by: Gerd Hoffmann --- CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt b/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt index e52ee27b491c..fff47d9f6bf5 100644 --- a/Cr

Re: [edk2-devel] [PATCH 1/2] UefiCpuPkg/MpInitLib: Ensure SEV-SNP VMSA allocations are not 2MB aligned

Agree with both comments😊 > -Original Message- > From: Gerd Hoffmann > Sent: Monday, March 13, 2023 4:00 PM > To: Tom Lendacky > Cc: devel@edk2.groups.io; Dong, Eric ; Ni, Ray > ; Kumar, Rahul R ; Michael > Roth ; Ashish Kalra > Subject: Re: [PATCH 1/2] UefiCpuPkg/MpInitLib: Ensure SEV-

Re: [edk2-devel] PcdLib instance for OVMF SecMain

On Mon, Mar 13, 2023 at 07:13:39AM +, Wu, Jiaxin wrote: > Another issue exposed during boot OVMF: > > > > SecCoreStartupWithStack(0xFFFCC000, 0x82) > > ASSERT [SecMain] c:\dev\code\edk2\MdePkg\Library\BasePcdLibNull\PcdLib.c(95): > ((BOOLEAN)(0==1)) All PCDs SecMain reads are fixed, s

Re: [edk2-devel] [PATCH v1] UefiCpuPkg/PiSmmCpuDxeSmm: Fix S3 failure in SmmRestoreCpu

Jiaxin, Thanks for fixing the bug. Reviewed-by: Ray Ni > -Original Message- > From: Wu, Jiaxin > Sent: Monday, March 13, 2023 3:04 PM > To: devel@edk2.groups.io > Cc: Dong, Eric ; Ni, Ray ; Zeng, Star > ; Laszlo Ersek ; Gerd Hoffmann > > Subject: [PATCH v1] UefiCpuPkg/PiSmmCpuDxeSmm:

Re: [edk2-devel] [PATCH 1/2] UefiCpuPkg/MpInitLib: Ensure SEV-SNP VMSA allocations are not 2MB aligned

On Mon, Mar 13, 2023 at 08:28:57AM +, Ni, Ray wrote: > > > > +#define IS_ALIGNED(x, y) UINTN)(x) & (y - 1)) == 0)) > > 1. Can you use the existing macro ALIGN_POINTER() defined in Base.h? Having copies of this all over the tree is indeed a bad idea. See https://edk2.groups.io/g/devel/m

Re: [edk2-devel] [PATCH 1/2] UefiCpuPkg/MpInitLib: Ensure SEV-SNP VMSA allocations are not 2MB aligned

That depends on review from other package maintainers. > -Original Message- > From: devel@edk2.groups.io On Behalf Of Gerd > Hoffmann > Sent: Monday, March 13, 2023 4:46 PM > To: Ni, Ray > Cc: Tom Lendacky ; devel@edk2.groups.io; > Dong, Eric ; Kumar, Rahul R > ; Michael Roth ; Ashish >

Re: [edk2-devel] [PATCH v1] UefiCpuPkg/PiSmmCpuDxeSmm: Fix S3 failure in SmmRestoreCpu

Hi, > - // > - // Make sure the gSmmBaseHobGuid existence status is the same between > normal and S3 boot. > - // > - ASSERT (mSmmRelocated == (BOOLEAN)(GetFirstGuidHob (&gSmmBaseHobGuid) != > NULL)); > - if (mSmmRelocated != (BOOLEAN)(GetFirstGuidHob (&gSmmBaseHobGuid) != > NULL)) { > -

Re: [edk2-devel] [PATCH v1] UefiCpuPkg/PiSmmCpuDxeSmm: Fix S3 failure in SmmRestoreCpu

Reviewed-by: Star Zeng -Original Message- From: Wu, Jiaxin Sent: Monday, March 13, 2023 3:04 PM To: devel@edk2.groups.io Cc: Dong, Eric ; Ni, Ray ; Zeng, Star ; Laszlo Ersek ; Gerd Hoffmann Subject: [PATCH v1] UefiCpuPkg/PiSmmCpuDxeSmm: Fix S3 failure in SmmRestoreCpu REF: https://b

Re: [edk2-devel] [PATCH 2/3] MdeModulePkg/Logo: Add a PCD to control the position of the Logo

Hi Ray, What is your thought on this? Best Regards, *Lean Sheng Tan* 9elements GmbH, Kortumstraße 19-21, 44787 Bochum, Germany Email: sheng@9elements.com Phone: *+49 234 68 94 188 <+492346894188>* Mobile: *+49 176 76 113842 <+4917676113842>* Registered office: Bochum Commercial register: A

[edk2-devel] [PATCH] Platform/RPi4: fix build

MpServicesTest was dropped in favor of EfiMpServiceProtocolShellUnitTest. Update the dsc file accordingly. Signed-off-by: Gerd Hoffmann --- Platform/RaspberryPi/RPi4/RPi4.dsc | 7 ++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/Platform/RaspberryPi/RPi4/RPi4.dsc b/Platform/

Re: [edk2-devel] [PATCH] Platform/RPi4: fix build

On Mon, 13 Mar 2023 at 13:12, Gerd Hoffmann wrote: > > MpServicesTest was dropped in favor of EfiMpServiceProtocolShellUnitTest. > Update the dsc file accordingly. > > Signed-off-by: Gerd Hoffmann Thanks Gerd, Pushed as 95b58f71d9ee..0d558830c3af > --- > Platform/RaspberryPi/RPi4/RPi4.dsc | 7

Re: [edk2-devel] [PATCH 1/2] UefiCpuPkg/MpInitLib: Ensure SEV-SNP VMSA allocations are not 2MB aligned

On 3/13/23 03:28, Ni, Ray wrote: +#define IS_ALIGNED(x, y) UINTN)(x) & (y - 1)) == 0)) 1. Can you use the existing macro ALIGN_POINTER() defined in Base.h? See my reply to the cover letter where I say I want to replace the usage with Gerd's definitions/updates series (but wanted genera

[edk2-devel] [PATCH] EmbeddedPkg/PrePiHobLib: Get rid of PeCoffLoaderProtocol

Signed-off-by: Ard Biesheuvel --- EmbeddedPkg/EmbeddedPkg.dec | 1 - EmbeddedPkg/Include/Library/PrePiLib.h | 6 - EmbeddedPkg/Include/Protocol/PeCoffLoader.h | 220 EmbeddedPkg/Library/PrePiHobLib/Hob.c | 22 -- EmbeddedPkg/Library/PrePiLib/Pr

Re: [edk2-devel] [PATCH v4 0/2] SecurityPkg: Fixes for RngDxe

On 3/7/23 18:15, PierreGondois via groups.io wrote: From: Pierre Gondois v1: - https://edk2.groups.io/g/devel/message/96356 v2: - https://edk2.groups.io/g/devel/message/96434 - Reformulate commit message. - Do not warn if no algorithm is found as the message would be printed on non-Arm pl

Re: [edk2-devel] [PATCH 1/2] UefiCpuPkg/MpInitLib: Ensure SEV-SNP VMSA allocations are not 2MB aligned

On 3/13/23 03:00, Gerd Hoffmann wrote: Hi, // Allocate a single page for the SEV-ES Save Area and initialize it. + // Due to an erratum that prevents a VMSA being on a 2MB boundary, + // allocate an extra page to work around the issue. A reference to the erratum (web link or erratum

Re: [edk2-devel] [PATCH v4 00/11] ArmPkg: implement EFI memory attributes protocol

On Wed, 8 Mar 2023 at 18:24, Taylor Beebe wrote: > > My mistake - the DEBUG_PROPERTY_DEBUG_CLEAR_MEMORY_ENABLED feature is > why FreePagesWithProtectionAttributesTestCase might fail. > > To make the clear memory feature more compatible with the memory > attribute protocol, can you add a check to D

Re: [edk2-devel] [PATCH] EmbeddedPkg/PrePiHobLib: Get rid of PeCoffLoaderProtocol

No objection as such, but do we know what it was ever used for? / Leif On Mon, Mar 13, 2023 at 14:45:17 +0100, Ard Biesheuvel wrote: > Signed-off-by: Ard Biesheuvel > --- > EmbeddedPkg/EmbeddedPkg.dec | 1 - > EmbeddedPkg/Include/Library/PrePiLib.h | 6 - > Embedded

Re: [edk2-devel] [PATCH 1/1] ArmPkg/SmbiosMiscDxe: Adjust the priority of getting firmware version

On Mon, Mar 13, 2023 at 13:43:21 +0700, Tinh Nguyen wrote: > The BIOS Firmware Version in the SMBIOS Type 0 can be fetched from > the fixed PcdFirmwareVersionString or platform specific OemMiscLib. > In fact, the support from OemMiscLib comes into play when the firmware > version may be modified at

Re: [edk2-devel] [PATCH 01/22] CryptoPkg/openssl: update submodule to openssl-3.0.8

Hi Gerd, I also have some work on Openssl3, mainly to research how to reduce the binary size increase after the upgrade: https://github.com/tianocore/edk2-staging/blob/OpenSSL11_EOL/CryptoPkg/Readme-OpenSSL3.0.md I really appreciate your work in this patch series, especially the clear py scr

Re: [edk2-devel] [PATCH 19/22] CryptoPkg/openssl: update *.inf, add generated files

>+ DEFINE OPENSSL_FLAGS_NOASM = -DSTATIC_LEGACY Why we need this macro, EDK2 does not seem to use the algorithm in the legacy provider. -Original Message- From: devel@edk2.groups.io devel@edk2.groups.io On Behalf Of Ge

Re: [edk2-devel] [PATCH 16/22] [hash] CryptoPkg/openssl: add OpensslLibHash.inf

A bit confused here, why we need this inf, just to make it clear? As you mentioned, it doesn't help with binary file size. Regards, Yi -Original Message- From: devel@edk2.groups.io On Behalf Of Gerd Hoffmann Sent: Monday, March 13, 2023 4:30 PM To: devel@edk2.groups.io Cc: Wang, Jian J

Re: [edk2-devel] [PATCH 1/1] ArmPkg/SmbiosMiscDxe: Adjust the priority of getting firmware version

Hi Leif, My comments is in below On 3/13/2023 10:03 PM, Leif Lindholm wrote: On Mon, Mar 13, 2023 at 13:43:21 +0700, Tinh Nguyen wrote: The BIOS Firmware Version in the SMBIOS Type 0 can be fetched from the fixed PcdFirmwareVersionString or platform specific OemMiscLib. In fact, the support fr

[edk2-devel] [PATCH v5 00/38] Implement strict memory permissions throughout

Link: https://bugzilla.tianocore.org/show_bug.cgi?id=4369 This v5 now covers a lot more ground, and has ballooned quite substantially as a result. The series is essentially a proof of concept of a way to implement rigorous W^X memory protections from SEC all the way to booting the OS. In particul

[edk2-devel] [PATCH v5 01/38] ArmPkg/ArmMmuLib ARM: Remove half baked large page support

Large page support on 32-bit ARM is essentially a glorified contiguous bit where 16 consecutive entries describing a contiguous range with the same attributes are presented in a way that permits the TLB to cache its translation with a single entry. This was never wired up completely, and does not

[edk2-devel] [PATCH v5 03/38] ArmPkg/CpuDxe ARM: Fix page-to-section attribute conversion

The section-to-page attribute conversion takes the shareability and execute-never attributes into account, whereas the page-to-section counterpart does not. The result is that GetMemoryRegionPage () -which takes a section attribute argument (via *RegionAttributes) that is ostensibly based on the fi

[edk2-devel] [PATCH v5 02/38] ArmPkg/ArmMmuLib ARM: Split off XN page descriptor bit from type field

With large page support out of the picture, we can treat bits 1 and 0 of the page descriptor as individual valid and XN bits, instead of treating XN as a page type. Doing so aligns the handling of the attribute with the section descriptor layout, as well as the XN handling on AArch64, and this is b

[edk2-devel] [PATCH v5 04/38] ArmPkg/ArmMmuLib ARM: Isolate the access flag from AP mask

Split the ARM permission fields in the short descriptors into an access flag and AP[2:1] as per the recommendation in the ARM ARM. This makes the access flag available separately, which allows us to implement EFI_MEMORY_RP memory analogous to how it will be implemented for AArch64. Signed-off-by:

[edk2-devel] [PATCH v5 05/38] ArmPkg/ArmMmuLib ARM: Clear individual permission bits

Currently, the MMU code that is supposed to clear the RO or XP attributes from a region just clears both unconditionally. This approximates the desired behavior to some extent, but it does mean that setting the RO bit first on a code region, and then clearing the XP bit results both RO and XP being

[edk2-devel] [PATCH v5 06/38] ArmPkg/ArmMmuLib: Implement EFI_MEMORY_RP using access flag

Implement support for read-protected memory by wiring it up to the access flag in the page table descriptor. The resulting mapping is implicitly non-writable and non-executable as well, but this is good enough for implementing this attribute, as we never rely on write or execute permissions without

[edk2-devel] [PATCH v5 07/38] ArmVirtPkg: Enable stack guard

Enable the stack guard in ArmVirtPkg builds, so that stack overflows are caught as they occur, rather than when they happen to hit a read-only memory region. Signed-off-by: Ard Biesheuvel --- ArmVirtPkg/ArmVirt.dsc.inc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ArmVirtPkg/ArmVirt.dsc.

[edk2-devel] [PATCH v5 08/38] ArmPkg/ArmMmuLib: Avoid splitting block entries if possible

Currently, the ARM MMU page table logic will break down any block entry that overlaps with the region being mapped, even if the block entry in question is using the same attributes as the new region. This means that creating a non-executable mapping inside a region that is already mapped non-execu

[edk2-devel] [PATCH v5 09/38] ArmPkg/CpuDxe: Expose unified region-to-EFI attribute conversion

In preparation for introducing an implementation of the EFI memory attributes protocol that is shared between ARM and AArch64, unify the existing code that converts a page table descriptor into a EFI_MEMORY_xxx bitfield, so it can be called from the generic code. Signed-off-by: Ard Biesheuvel ---

[edk2-devel] [PATCH v5 10/38] MdePkg: Add Memory Attribute Protocol definition

Add the Memory Attribute Protocol definition, which was adopted and included in version 2.10 of the UEFI specification. Link: https://bugzilla.tianocore.org/show_bug.cgi?id=3519 Signed-off-by: Ard Biesheuvel Reviewed-by: Liming Gao --- MdePkg/Include/Protocol/MemoryAttribute.h | 142 +++

[edk2-devel] [PATCH v5 11/38] ArmPkg/CpuDxe: Implement EFI memory attributes protocol

Expose the protocol introduced in v2.10 that permits the caller to manage mapping permissions in the page tables. Signed-off-by: Ard Biesheuvel --- ArmPkg/Drivers/CpuDxe/CpuDxe.c | 2 + ArmPkg/Drivers/CpuDxe/CpuDxe.h | 3 + ArmPkg/Drivers/CpuDxe/CpuDxe.inf| 2 + A

[edk2-devel] [PATCH v5 12/38] ArmPkg/CpuDxe: Perform preliminary NX remap of free memory

The DXE core implementation of PcdDxeNxMemoryProtectionPolicy already contains an assertion that EfiConventionalMemory and EfiBootServicesData are subjected to the same policy when it comes to the use of NX permissions. The reason for this is that we may otherwise end up with unbounded recursion in

[edk2-devel] [PATCH v5 13/38] MdeModulePkg/DxeCore: Unconditionally set memory protections

Instead of relying on a questionable heuristic that avoids calling into the SetMemoryAttributes () DXE service when the old memory type and the new one are subjected to the same NX memory protection policy, make this call unconditionally. This avoids corner cases where memory region attributes are

[edk2-devel] [PATCH v5 14/38] ArmPkg/Mmu: Remove handling of NONSECURE memory regions

Non-secure memory is a distinction that only matters when executing code in the secure world that reasons about the secure vs non-secure address spaces. EDK2 was not designed for that, and the AArch64 version of the MMU handling library already treats them as identical, so let's just drop the ARM m

[edk2-devel] [PATCH v5 15/38] ArmPkg/ArmMmuLib: Introduce region types for RO/XP WB cached memory

To prepare for the enablement of booting EFI with the SCTLR.WXN control enabled, which makes all writeable memory regions non-executable by default, introduce a memory type that we will use to describe the flash region that carries the SEC and PEIM modules that execute in place. Even if these are i

[edk2-devel] [PATCH v5 16/38] MdePkg/BasePeCoffLib: Add API to keep track of relocation range

Add a library call to obtain the start and end of the region covered by relocation fixups. This will be used in a future patch to limit the range of memory that needs to be remapped with read-write-execute permissions at ExitBootServices() time. Signed-off-by: Ard Biesheuvel --- MdePkg/Include/L

[edk2-devel] [PATCH v5 17/38] MdeModulePkg/DxeIpl: Avoid shadowing IPL PEIM by default

Currently, the DXE IPL relies on permanent memory being available, but does not DEPEX on the associated PPI. Instead, it registers for PEIM shadowing, and only proceeds when running shadowed, and this implies that permanent memory has been installed. While PEIM shadowing is typically good for perf

[edk2-devel] [PATCH v5 18/38] MdeModulePkg/DxeIpl AARCH64: Remap DXE core code section before launch

To permit the platform to adopt a stricter policy when it comes to memory protections, and map all memory XP by default, add the necessary handling to the DXE IPL PEIM to ensure that the DXE core code section is mapped executable before invoking the DXE core. It is up to the DXE core itself to man

[edk2-devel] [PATCH v5 19/38] MdeModulePkg/DxeCore: Reduce range of W+X remaps at EBS time

Instead of remapping all DXE runtime drivers with read-write-execute permissions entirely when ExitBootServices() is called, remap only the parts of those images that require writable access for applying relocation fixups at SetVirtualAddressMap() time. As illustrated below, this greatly reduces t

[edk2-devel] [PATCH v5 20/38] MdeModulePkg/DxeCore: Permit preliminary CPU arch fallback

Store the address of the SetMemoryAttributes() member of the CPU arch protocol in a global variable, and invoke it via this variable. This by itself should have not result in functional changes, but it permits platforms to provide an preliminary implementation of this member at link time, allowing

[edk2-devel] [PATCH v5 21/38] ArmPkg: Implement ArmSetMemoryOverrideLib

Implement the ARM version of a NULL class library that can be overlaid on top of the DXE core to equip it right from its launch with an implementation of the CPU arch protocol member that sets type and permission attributes on memory regions. This bridges the gap between dispatch of DXE core and d

[edk2-devel] [PATCH v5 22/38] MdeModulePkg/PcdPeim: Permit unshadowed execution

PEIM shadowing is optional, but the PCD PEIM does so explicitly, seemingly without a functional need. So make this behavior dependent on the existing PCD, which is generally (and by default) set to TRUE, whereas some systems (such as ARM virtual machines) may prefer to disable shadowing. Signed-of

[edk2-devel] [PATCH v5 23/38] EmbeddedPkg/PrePiLib AARCH64: Remap DXE core before execution

Deal with DRAM memory potentially being mapped with non-executable permissions, by mapping the DXE core code sections explicitly before launch. Signed-off-by: Ard Biesheuvel --- EmbeddedPkg/Include/Library/PrePiLib.h | 16 -- EmbeddedPkg/Library/PrePiLib/Arm/RemapDxeCore.c | 51

[edk2-devel] [PATCH v5 24/38] ArmVirtPkg/ArmVirtQemu: Use XP memory mappings by default

Now that all the plumbing is in place, we can switch to a default policy of XP for all memory mappings straight out of reset. This reduces the risk of running with memory ranges mapped as both writable and executable at the same time. Note this this requires the overlay library to be added to the

[edk2-devel] [PATCH v5 25/38] ArmVirtPkg/ArmVirtQemu: Use PEI flavor of ArmMmuLib for all PEIMs

The PEI flavor of the ArmMmuLib will install a HOB that exposes its implementation of the special helper routine that is used to update live entries, so that other instantiations of ArmMmuLib can invoke it. This is needed to ensure that splitting page tables using break-before-make (BBM) does not u

[edk2-devel] [PATCH v5 26/38] ArmVirtPkg/ArmVirtQemu: Use read-only memory region type for code flash

Map the code flash with read-only attributes so we can execute from it even under a memory protection regime that enables WXN, making all writable memory regions non-executable by default. Signed-off-by: Ard Biesheuvel --- ArmVirtPkg/Library/QemuVirtMemInfoLib/QemuVirtMemInfoLib.c | 2 +- 1 file

[edk2-devel] [PATCH v5 27/38] BaseTools/GccBase AARCH64: Avoid page sharing between code and data

The AArch64 ARM architecture supports a hardware enforcement mode for mutual exclusion between code and data: any page that is mapped writable is implicitly non-executable as well. This means that remapping part of a runtime image for reapplying relocation fixups may result in any code sharing the

[edk2-devel] [PATCH v5 28/38] ArmVirtPkg/ArmVirtQemu: Enable hardware enforced W^X memory permissions

Enable the WXN system control bit straight out of reset when running in EL1 with the initial ID map from flash. This setting will be inherited by the page table code after it sets up the permanent boot time page tables, resulting in all memory mappings that are not explicitly mapped as read-only to

[edk2-devel] [PATCH v5 29/38] MdePkg/PeCoffLib: Capture DLL characteristics field in image context

When loading a PE/COFF image, capture the DLL characteristics field of the header into our image context structure so we can refer to it when mapping the image. Signed-off-by: Ard Biesheuvel --- MdePkg/Include/Library/PeCoffLib.h| 4 MdePkg/Library/BasePeCoffLib/BasePeCoff.c | 23 +

[edk2-devel] [PATCH v5 30/38] MdePkg/IndustryStandard: PeImage.h: Import DLL characteristics

Add the various symbolic constants that the PE/COFF spec v8.3 defines for the DllCharacteristics field of the PE optional header as preprocessor macros so we can test for them in C code. Signed-off-by: Ard Biesheuvel --- MdePkg/Include/IndustryStandard/PeImage.h | 15 +++ 1 file chan

[edk2-devel] [PATCH v5 31/38] MdeModulePkg/DxeCore: Remove redundant DEBUG statements

The image name is printed at DEBUG_VERBOSE level already when entering the routine that enables the memory protections, so printing it again after issuing a warning is unnecessary - let's remove it. Signed-off-by: Ard Biesheuvel --- MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 10 --

[edk2-devel] [PATCH v5 32/38] MdeModulePkg/DxeCore: Update memory protections before freeing a region

Currently, we invoke ApplyMemoryProtectionPolicy() after CoreInternalFreePages() has returned successfully, in order to update the memory permission attributes of the region to match the policy for EfiConventionalMemory. There are two problems with that: - CoreInternalFreePages() will round up the

[edk2-devel] [PATCH v5 33/38] MdeModulePkg/DxeCore: Disregard runtime alignment for image protection

Image protection in DXE pertains to the memory permission attributes used at boot time, when the page size is guaranteed to be 4k. Whether or not the minimum section alignment is even higher when running under the OS is not relevant here, so just use the EFI page size as the minimum section alignme

[edk2-devel] [PATCH v5 34/38] MdeModulePkg/DxeCore: Deal with failure in UefiProtectImage()

In preparation for adding support for a more restrictive NX memory policy, update the prototype of UefiProtectImage() so it returns a EFI_STATUS, and deal with its failure in CoreLoadImage. This should never fail for the DxeCore itself or for drivers that are loaded before the CPU arch protocol is

[edk2-devel] [PATCH v5 35/38] MdeModulePkg/DxeCore: Clear NX permissions on non-protected images

Currently, we rely on the memory type for loading images being executable by default, and only restrict the permissions if the policy says so, and the image sections are suitably aligned. This requires that the various 'code' memory types are executable by default, which is unfortunate. In order t

[edk2-devel] [PATCH v5 36/38] MdeModulePkg/DxeCore: Permit NX protection for code regions

We currently do not permit NX protection for code regions, as these regions are normally populated by the image loader, which will set different permissions for the code and data sections of the PE/COFF image, all of which will be covered by a single code region in the EFI memory map. However, thi

[edk2-devel] [PATCH v5 37/38] MdeModulePkg/DxeCore: Check NX compat when using restricted code regions

We currently do not permit the various 'code' type regions to be covered by the NX memory policy, and so allocations of such types are created as both writable and executable before being populated with executable code. Before adding the ability to protect those regions as well, let's make sure th

[edk2-devel] [PATCH v5 38/38] MdeModulePkg DEC: Remove inaccurate comment

The comment regarding the configured image protection policy states that data regions of a loaded image may be mapped NX based on the configured NX memory policy for boot/runtime services or loader data regions. This is inaccurate: all image sections will be covered by the same code region in the

Re: [edk2-devel] [PATCH] EmbeddedPkg/PrePiHobLib: Get rid of PeCoffLoaderProtocol

On Mon, 13 Mar 2023 at 15:50, Leif Lindholm wrote: > > No objection as such, but do we know what it was ever used for? > > / > Leif > >From edk2-platforms (see below). The reason was probably to avoid having two copies of that code in the firmware binary. commit b7505f9c27f11064373ce3359ec

Re: 回复: [edk2-devel] [PATCH 1/2] MdePkg: Update Base.h to be compliant with C11

I know I have access to the Github tianocore project and can push to the edk2-libc repo, but I've been assuming that I'm not allowed to push to the edk2 repo. Is that correct, or can I go ahead and push this and any other patches that get reviewed? -- Rebecca Cran On 3/9/23 7:45 PM, gaoli

[edk2-devel] [PATCH v1] UefiPayloadPkg: Correct MAX_LOGICAL_PROCESSORS value

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4367 Issue: For GNR FSP API mode, when FSP does not output mCpuInitMpLibHobGuid HOB, the code will wakeup all APs and calculate the processor count in DXE phase. But when processor thread number is above 256, will encounter Startup IPI exception

[edk2-devel][edk2-platforms] Incorrect microcode_fv partition size for platform PurleyOpenBoardPkg/BoardMtOlympus.

Hi. Build fail for PurleyOpenBoardPkg/BoardMtOlympus platform. Error log: Generating MICROCODE_FV FV ['GenFv', '-v', '-a', 'c:\\aptio-oe\\Build\\PurleyOpenBoardPkg\\BoardMtOlympus\\DEBUG_VS2015\\FV\\Ffs\\MICROCODE_FV.inf', '-o', 'c:\\aptio-oe\\Build\\PurleyOpenBoardPkg\\BoardMtOlympus\\DE

[edk2-devel] [PATCH] ShellPkg: Update smbiosview type 0/4/17/41 with SMBIOS 3.5 fields

Cc: Signed-off-by: MillerX Lin Cc: Ray Ni Cc: Zhichao Gao --- .../SmbiosView/PrintInfo.c| 153 +- .../SmbiosView/SmbiosViewStrings.uni | 28 ++-- 2 files changed, 90 insertions(+), 91 deletions(-) diff --git a/ShellPkg/Library/UefiShellDebug1Comma

[edk2-devel] [PATCH v2] UefiPayloadPkg: Correct MAX_LOGICAL_PROCESSORS value

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4367 Issue: For Server platforms, when FSP does not output mCpuInitMpLibHobGuid HOB, the code will wakeup all APs and calculate the processor count in DXE phase. But when processor thread number is above 256, will encounter Startup IPI exception

Re: [edk2-devel] [PATCH] EmbeddedPkg/PrePiHobLib: Get rid of PeCoffLoaderProtocol

On Mon, Mar 13, 2023 at 18:20:20 +0100, Ard Biesheuvel wrote: > On Mon, 13 Mar 2023 at 15:50, Leif Lindholm wrote: > > > > No objection as such, but do we know what it was ever used for? > > > > / > > Leif > > > > From edk2-platforms (see below). The reason was probably to avoid > having two

Re: 回复: [edk2-devel] [PATCH 1/2] MdePkg: Update Base.h to be compliant with C11

Hi Rebecca, You are a member of EDK II Maintainers, so you have permissions to set 'push' label. It is preferred for the maintainer for a package to do this for the packages/content they maintain. If you have updated the patch series with Rbs and synced to latest edk2 repo, then send an email

[edk2-devel] Event: Tools, CI, Code base construction meeting series - Monday, March 13, 2023 #cal-reminder

*Reminder: Tools, CI, Code base construction meeting series* *When:* Monday, March 13, 2023 4:30pm to 5:30pm (UTC-07:00) America/Los Angeles *Where:* https://github.com/tianocore/edk2/discussions/2614 View Event ( https://edk2.groups.io/g/devel/viewevent?eventid=1753769 ) *Description:* TianoC

[edk2-devel] Now: Tools, CI, Code base construction meeting series - Monday, March 13, 2023 #cal-notice

*Tools, CI, Code base construction meeting series* *When:* Monday, March 13, 2023 4:30pm to 5:30pm (UTC-07:00) America/Los Angeles *Where:* https://github.com/tianocore/edk2/discussions/2614 View Event ( https://edk2.groups.io/g/devel/viewevent?eventid=1753769 ) *Description:* TianoCore commun

[edk2-devel] Event: TianoCore Bug Triage - APAC / NAMO - Tuesday, March 14, 2023 #cal-reminder

*Reminder: TianoCore Bug Triage - APAC / NAMO* *When:* Tuesday, March 14, 2023 6:30pm to 7:30pm (UTC-07:00) America/Los Angeles *Where:* https://teams.microsoft.com/l/meetup-join/19%3ameeting_OTk1YzJhN2UtOGQwNi00NjY4LWEwMTktY2JiODRlYTY1NmY0%40thread.v2/0?context=%7b%22Tid%22%3a%2246c98d88-e344-4e

Re: [edk2-devel] [PATCH 2/2] MdePkg: Update code to be more C11 compliant by using __func__

Mike, I think your concerns with this patch were addressed? Could you add a Reviewed-by please? Thanks. Rebecca On 2/9/23 6:01 PM, Michael D Kinney wrote: Hi Rebecca, Did this pass EDK II CI? This change does break EBC compiler builds. The following has to be added to MdePkg/Include/Ebc