Reviewed-by: Ray Ni
Thanks,
Ray
From: Wu, Jiaxin
Sent: Thursday, April 18, 2024 14:55
To: devel@edk2.groups.io
Cc: Ni, Ray ; Zeng, Star ; Gerd Hoffmann
; Kumar, Rahul R
Subject: [PATCH v3 02/13] UefiCpuPkg/SmmRelocationLib: Add SmmRelocationLib
library instan
Reviewed-by: Ray Ni
Thanks,
Ray
From: Wu, Jiaxin
Sent: Thursday, April 18, 2024 14:55
To: devel@edk2.groups.io
Cc: Ni, Ray ; Zeng, Star ; Gerd Hoffmann
; Kumar, Rahul R
Subject: [PATCH v3 03/13] UefiCpuPkg/SmmRelocationLib: Rename global variables
This patch
Reviewed-by: Ray Ni
Thanks,
Ray
From: Wu, Jiaxin
Sent: Thursday, April 18, 2024 14:55
To: devel@edk2.groups.io
Cc: Ni, Ray ; Zeng, Star ; Gerd Hoffmann
; Kumar, Rahul R
Subject: [PATCH v3 04/13] UefiCpuPkg/SmmRelocationLib: Avoid unnecessary memory
allocation
UINT64
EFIAPI
HookReturnFromSmm (
- IN UINTN CpuIndex,
IN OUT SMRAM_SAVE_STATE_MAP *CpuState,
IN UINT64NewInstructionPointer32,
IN UINT64NewInstructionPointer
)
{
diff --git a/UefiCpuPkg/Library/SmmRelocationLib/X64/Semap
Sure, I will you split the removal of CpuIndex parameter in a new patch.
Thanks,
Jiaxin
From: Ni, Ray
Sent: Thursday, April 18, 2024 3:48 PM
To: Wu, Jiaxin ; devel@edk2.groups.io
Cc: Zeng, Star ; Gerd Hoffmann ; Kumar,
Rahul R
Subject: Re: [PATCH v3 05/13] UefiCpuPkg/SmmRelocationLib: Remove u
Hi Gerd,
Could you help review & check below OVMF related patches?
> OvmfPkg/SmmRelocationLib: Add library instance for OVMF
> OvmfPkg/PlatformInitLib: Create gEfiSmmSmramMemoryGuid
> OvmfPkg: Refine SmmAccess implementation
> OvmfPkg/SmmCpuFeaturesLib: Check Smbase Relocation is done or
Hi Tom & Abner,
Could you help check & review AMD related patch?
> UefiCpuPkg/SmmRelocationLib: Add library instance for AMD
Thanks,
Jiaxin
> -Original Message-
> From: devel@edk2.groups.io On Behalf Of Wu,
> Jiaxin
> Sent: Thursday, April 18, 2024 2:56 PM
> To: devel@edk2.groups.io
Thanks Adam and Ard.
Since this #VC specific hardening, I would rely on AMD people's expertise to
fix it.
I have no objection for the patch.
Thank you
Yao, Jiewen
> -Original Message-
> From: Adam Dunlap
> Sent: Thursday, April 18, 2024 1:45 AM
> To: Ard Biesheuvel
> Cc: devel@edk2.gr
+ //
+ // Check whether the Required TileSize is enough.
+ //
+ if (TileSize > SIZE_8KB) {
+DEBUG ((DEBUG_ERROR, "The Range of Smbase in SMRAM is not enough --
Required TileSize = 0x%08x, Actual TileSize = 0x%08x\n", TileSize, SIZE_8KB));
+FreePool (mCpuHotPlugData.SmBase);
+FreeP
Hi Liming,
Could you help pick the change to the master branch?
Thanks,
Xianglei
-Original Message-
From: gaoliming
Sent: Monday, April 15, 2024 5:52 PM
To: devel@edk2.groups.io; Cai, Xianglei
Cc: Ni, Ray ; Lewandowski, Krzysztof
; Huang, Jenny ; Shih,
More
Subject: 回复: [edk2-devel
Hi Liming,
Could you help pick the change to master branch?
Thanks,
Xianglei
-Original Message-
From: gaoliming
Sent: Monday, April 15, 2024 2:36 PM
To: Cai, Xianglei ; devel@edk2.groups.io
Cc: Ni, Ray ; Lewandowski, Krzysztof
; Huang, Jenny ; Shih,
More ; Chiu, Ian
Subject: 回复: [PA
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2479
In PFP spec 1.06, platform firmware records the device certificate and device
measurement for each SPDM responder.
This PATCH set implement the DeviceSecurityLib to support spdm device
Authentication and Measurement.
Libspdm as submodule
Update Spdm.h to support 1.2 new features, such as:
Authentication and measurement. It wil be used in DeviceSecurity.
The DeviceSecurity feature is from
TCG PC Client Platform Firmware Profile Specification 1.06.
Cc: Michael D Kinney
Cc: Liming Gao
Cc: Zhiguang Liu
Cc: Jiewen Yao
Signed-off-by
Add support for
TCG PC Client Platform Firmware Profile Specification 1.06.
Cc: Michael D Kinney
Cc: Liming Gao
Cc: Zhiguang Liu
Cc: Jiewen Yao
Signed-off-by: Wenxing Hou
---
MdePkg/Include/IndustryStandard/Spdm.h| 4 +-
.../IndustryStandard/UefiTcgPlatform.h| 186
According to UEFI 2.10 spec 3.3 Globally Defined Variables section,
add devAuthBoot GlobalVariable.
Cc: Michael D Kinney
Cc: Liming Gao
Cc: Zhiguang Liu
Cc: Jiewen Yao
Signed-off-by: Wenxing Hou
Reviewed-by: Liming Gao
---
MdePkg/Include/Guid/GlobalVariable.h | 8 +++-
MdePkg/Inclu
Add EV_EFI_SPDM_DEVICE_POLICY support for MeasureVariable.
Cc: Liming Gao
Cc: Jiewen Yao
Signed-off-by: Wenxing Hou
---
MdeModulePkg/MdeModulePkg.dec | 5 +++
.../Variable/RuntimeDxe/Measurement.c | 38 ---
.../RuntimeDxe/VariableRuntimeDxe.inf
Add new api Tpm2ExtendNvIndex.
It is uesd in HashCompleteAndExtend when PcrIndex > MAX_PCR_INDEX.
Cc: Jiewen Yao
Cc: Rahul Kumar
Signed-off-by: Wenxing Hou
Reviewed-by: Jiewen Yao
---
SecurityPkg/Include/Library/Tpm2CommandLib.h | 23 +++-
.../HashLibBaseCryptoRouterDxe.c | 88
libspdm is submodule, which will be used in DeviceSecurity.
Cc: Andrew Fish
Cc: Michael D Kinney
Cc: Michael D Kinney
Cc: Jiewen Yao
Signed-off-by: Wenxing Hou
---
.gitmodules | 3 +++
1 file changed, 3 insertions(+)
diff --git a/.gitmodules b/.gitmodules
index 60d54b45eb..7f069abd3d 100644
libspdm is submodule to support DeviceSecurity feature.
Cc: Jiewen Yao
Signed-off-by: Wenxing Hou
Reviewed-by: Jiewen Yao
---
SecurityPkg/DeviceSecurity/SpdmLib/libspdm | 1 +
1 file changed, 1 insertion(+)
create mode 16 SecurityPkg/DeviceSecurity/SpdmLib/libspdm
diff --git a/SecurityPk
This patch add libspdm submodule license.
Cc: Andrew Fish
Cc: Leif Lindholm
Cc: Michael D Kinney
Signed-off-by: Wenxing Hou
---
ReadMe.rst | 1 +
1 file changed, 1 insertion(+)
diff --git a/ReadMe.rst b/ReadMe.rst
index 808ccd37af..cfd522fdbd 100644
--- a/ReadMe.rst
+++ b/ReadMe.rst
@@ -99,6
Add DeviceSecurity submodule libspdm.
Cc: Sean Brogan
Cc: Joey Vagedes
Cc: Michael D Kinney
Cc: Liming Gao
Signed-off-by: Wenxing Hou
Reviewed-by: Joey Vagedes
---
.pytool/CISettings.py | 2 ++
1 file changed, 2 insertions(+)
diff --git a/.pytool/CISettings.py b/.pytool/CISettings.py
index
Dear EDKII reviewers:
Thank you for your previous review of this patch set.
Currently, five patches have been reviewed by.
But there are five patches need review.
Patch1: MdePkg: Add SPDM1.2 support.
Patch2: MdePkg: Add TCG PFP 1.06 support.
Patch4: MdeModulePkg/Variab
On Wed, Apr 17, 2024 at 01:38:20PM +0200, Ard Biesheuvel wrote:
> On Wed, 17 Apr 2024 at 10:18, Gerd Hoffmann wrote:
> >
> > On Fri, Mar 22, 2024 at 03:27:31PM +0100, Gerd Hoffmann wrote:
> > >
> > >
> > > Gerd Hoffmann (2):
> > > OvmfPkg/VirtHstiDxe: add varstore flash check
> > > OvmfPkg/Vir
On Wed, Apr 17, 2024 at 01:20:57PM +, Yao, Jiewen wrote:
> That is good start. The SMRAM lock and Flash lock seem good to me.
>
> Comment:
> 1) Do we really need to add "Q35" for the policy?
> #define VIRT_HSTI_BYTE0_Q35_SMM_SMRAM_LOCK BIT0
> #define VIRT_HSTI_BYTE0_Q35_SMM_SECURE_VARS
Hi,
> -The Intel? TDX Virtual Firmware Design Guide is at
> +The Intel TDX Virtual Firmware Design Guide is at
'' looks more like HTML than markdown.
text updates look fine to me.
take care,
Gerd
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/R
On Wed, Apr 17, 2024 at 09:54:00AM -0700, Adam Dunlap via groups.io wrote:
> Ensure that when a #VC exception happens, the instruction at the
> instruction pointer matches the instruction that is expected given the
> error code. This is to mitigate the ahoi WeSee attack [1] that could
> allow hyper
-Introduce RedfishBootstrapAccountDxe to delete bootstrap
account from /redfish/v1/AccountService/Accounts after BIOS
finished all Redfish jobs. The bootstrap account won't be
available to other application. So deleting bootstrap account
helps to release resource at BMC.
- After bootstrap account i
The wrmsr function always writes 0s to the higher 32 bits of the msr register.
This PR fixes the this issue reported through the BZ4745.
Jayaprakash N (1):
ek2-libc: wrmsr function available in edk2module is not working as
expected
.../Python/Python-3.6.8/PyMod-3.6.8/Modules/edk2module.c
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4745
This commit fixes the issue reported in the BZ4745.
The wrmsr was always writing 0 to the higher 32 bits of the msr register.
This was due to a logical flaw in the code, where the input variable of
type unsigned int was left shitted by 32 bi
Hi Taylor,
>>Extra EfiRuntimeServicesCode regions which aren't part of loaded runtime
>>images.
This may be related to the original size of EfiRuntimeServicesCode in memory
map, and the size can be configured via PcdPlatformEfiRtCodeMemorySize.
If the size is large enough to hold all the runtim
Hello Dandan,
On Thu, 18 Apr 2024 at 15:03, Dandan Bi wrote:
>
> Hi Taylor,
>
>
>
> >>Extra EfiRuntimeServicesCode regions which aren't part of loaded runtime
> >>images.
>
> This may be related to the original size of EfiRuntimeServicesCode in memory
> map, and the size can be configured via P
Ah. That is good. I did not realize they are in one set.
For this one, reviewed-by: Jiewen Yao
> -Original Message-
> From: Sachin Ganesh
> Sent: Thursday, April 18, 2024 9:32 PM
> To: Yao, Jiewen ; devel@edk2.groups.io
> Cc: gaolim...@byosoft.com.cn; ardb+tianoc...@kernel.org; kra...@
The PCD PcdPlatformEfiRtCodeMemorySize is used in
https://github.com/tianocore/edk2-platforms/blob/master/Platform/Intel/MinPlatformPkg/PlatformInit/PlatformInitPei/PlatformInitPreMem.c
This PCD seems defined the size allocated for run time services code, and the
similar PCD is PcdPlatformEfiRtDa
1) Yes, I highly recommend remove Q35 keyword.
2) Got it. I think we had better add such info in the code as comment as well.
Thank you
Yao, Jiewen
> -Original Message-
> From: kra...@redhat.com
> Sent: Thursday, April 18, 2024 7:45 PM
> To: Yao, Jiewen
> Cc: devel@edk2.groups.io; Ard B
On 4/18/2024 6:56 AM, Huang, Yanbo wrote:
The PCD PcdPlatformEfiRtCodeMemorySize is used in
https://github.com/tianocore/edk2-platforms/blob/master/Platform/Intel/MinPlatformPkg/PlatformInit/PlatformInitPei/PlatformInitPreMem.c
This PCD seems defined the size allocated for run time services code
On Thu, Apr 18, 2024 at 5:15 AM Gerd Hoffmann wrote:
>
> On Wed, Apr 17, 2024 at 09:54:00AM -0700, Adam Dunlap via groups.io wrote:
> > + UINT8 OpCode;
>
> The linux kernel patch uses "unsigned int opcode" and apparently
> checks more than just the first byte for multi-byte opcodes. Why
> do it
On Thu, Apr 18, 2024 at 9:39 AM Adam Dunlap wrote:
>
> On Thu, Apr 18, 2024 at 5:15 AM Gerd Hoffmann wrote:
> >
> > On Wed, Apr 17, 2024 at 09:54:00AM -0700, Adam Dunlap via groups.io wrote:
> > > + UINT8 OpCode;
> >
> > The linux kernel patch uses "unsigned int opcode" and apparently
> > check
Hi Jiewen,
The other patches are as follows. They are all related to UEFI 2.10 and PI 1.8
Specification updates:
1) MdePkg: Add definition for NVMe Over Fabric Device Path -
https://edk2.groups.io/g/devel/message/117845?p=%2C%2C%2C20%2C0%2C0%2C0%3A%3Arecentpostdate%2Fsticky%2C%2Csachin%2C20%2C
On Thu, 18 Apr 2024 09:15:55 +0100
Jonathan Cameron via wrote:
> On Wed, 17 Apr 2024 13:07:35 -0700
> Richard Henderson wrote:
>
> > On 4/16/24 08:11, Jonathan Cameron wrote:
> > > On Fri, 1 Mar 2024 10:41:09 -1000
> > > Richard Henderson wrote:
> > >
> > >> If translation is disabled,
The use of BitFieldOr64() is really only required when updating
a portion of a 32-bit or 64-bit value that are not aligned on
a 32-bit boundary and do not have a 32-bit aligned width. Since
this use case is setting the lower 32-bits, simpler logic should
be used.
data = LShiftU64(vedx, 32) | ve
On Thursday, April 18, 2024 7:50 PM, Gerd Hoffmann wrote:
>
> > -The Intel? TDX Virtual Firmware Design Guide is at
> > +The Intel TDX Virtual Firmware Design Guide is at
>
> '' looks more like HTML than markdown.
Thanks for reminder. It is fixed in v2.
>
> text updates look fine to me.
>
Tha
From: Min M Xu
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4756
There are below updates in this patch:
1. Rename README to README.md so that it can be show as markdown
document.
2. Update some information about TDVF.
2. Fix some typo.
Cc: Jiewen Yao
Cc: Gerd Hoffmann
Signed-off-by:
Ok, thanks Ray, I will follow the change in next version.
From: Ni, Ray
Sent: Thursday, April 18, 2024 4:15 PM
To: Wu, Jiaxin ; devel@edk2.groups.io
Cc: Zeng, Star ; Gerd Hoffmann ; Kumar,
Rahul R
Subject: Re: [PATCH v3 13/13] UefiCpuPkg/PiSmmCpuDxeSmm: Remove SmBases
relocation logic
+ //
Jiaxin,
I see Abdul from AMD has given R-B. I assume that's sufficient for merging this
patch.
Thanks,
Ray
From: Wu, Jiaxin
Sent: Thursday, April 18, 2024 16:03
To: devel@edk2.groups.io ; Wu, Jiaxin
Cc: Ni, Ray ; Zeng, Star ; Gerd Hoffmann
; Kumar, Rahul R ; D
[AMD Official Use Only - General]
Right, Abdul's RB is sufficient!
Thanks
Abner
From: Ni, Ray
Sent: Friday, April 19, 2024 11:35:17 AM
To: Wu, Jiaxin ; devel@edk2.groups.io
Cc: Zeng, Star ; Gerd Hoffmann ; Kumar,
Rahul R ; Dong, Guo ; Rhodes, Sean
; Lu, Jame
Oh, sorry, I missed the that email. If so, that's great! Thanks Ray & Abner &
Abdul.
From: Chang, Abner
Sent: Friday, April 19, 2024 11:47 AM
To: Ni, Ray ; Wu, Jiaxin ;
devel@edk2.groups.io
Cc: Zeng, Star ; Gerd Hoffmann ; Kumar,
Rahul R ; Dong, Guo ; Rhodes, Sean
; Lu, James ; Guo, Gua
; A
So this is just junk unallocated memory that we are reporting as
a type it *could* be if an allocation occurs to minimize failures
of ExitBootServices. Which is questionable. But in terms of
attributes, I would expect we either have this unallocated
memory marked the same as the bin type or bette
47 matches
Mail list logo
