Allows to use the qemu kernel loader pseudo file system for other
purposes than loading a linux kernel (or efi binary). Passing
startup.nsh for EFI shell is one example.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Triggers when trying to get root directory info.
Reproducer:
* Use qemu -kernel with something edk2 can not load.
* When dropped into the efi shell try inspect the file system.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
QEMU_FW_CFG_FNAME_SIZE is 56. 'etc/boot/' prefix is minus 9. Add one
for the terminating '\0'. Effective max size is 48.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Split KERNEL_BLOB struct into two:
* One (KERNEL_BLOB_ITEMS) static array describing how to load (unnamed)
blobs from fw_cfg.
* And one (KERNEL_BLOB) dynamically allocated linked list carrying the
data blobs for the pseudo filesystem.
Also add some debug logging. Prefix most functions with 'QemuKernel'
for consistency and easier log file grepping. Add some small helper
functions.
This refactoring prepares for loading blobs in other ways.
No (intentional) change in filesystem protocol behavior.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Setting PcdSetupConOut* to zero turns on autodetection mode
for rows and cols, so the firmware setup application will use
the use complete available screen space.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Set both PcdVideo*Resolution and PcdSetupVideo*Resolution PCDs.
This avoids pointless video mode changes when entering and leaving
the firmware setup application.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Set both PcdVideo*Resolution and PcdSetupVideo*Resolution PCDs.
This avoids pointless video mode changes when entering and leaving
the firmware setup application.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Set both PcdVideo*Resolution and PcdSetupVideo*Resolution PCDs.
This avoids pointless video mode changes when entering and leaving
the firmware setup application.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Set both PcdVideo*Resolution and PcdSetupVideo*Resolution PCDs.
This avoids pointless video mode changes when entering and leaving
the firmware setup application.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This way we have the display configuration in a single place and
need to change one file only to update all build variants.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
While fixing https://github.com/tianocore/edk2/pull/6092 (the
fact that some OvmfPkg and ArmVirtPkg platforms included residual
NetworkPkg components even when compiled with -D NETWORK_ENABLE=0),
it was noted that OvmfPkg/Include/*/Shell*.inc files which apply
the required fix logic are available and already used in some
OvmfPkg platforms.
This commit applies these files consistently within OvmfPkg.
This has the side effect that some platforms now include one or
more of HttpDynamicCommand, VariablePolicyDynamicCommand and
LinuxInitrdDynamicShellCommand when they previously did not.
This fixes unintentional drift between platforms, and provides
additional shell commands which may be useful in some cases.
Signed-off-by: Mike Beaton <mjsbeaton@gmail.com>
This issue showed up when addressing
https://bugzilla.tianocore.org/show_bug.cgi?id=4829
in https://github.com/tianocore/edk2/pull/6087 .
Various OvmfPkg and ArmVirtPkg platforms include some residual NetworkPkg
components when compiled with -D NETWORK_ENABLE=0, even though they use
NetworkPkg includes intended to allow all NetworkPkg components to be
disabled on this flag.
For the OvmfPkg Intel platforms only, commit
d933ec115bdf9be1d8dfe6a818414a14973cc0d3 started
the change of not including these residual NetworkPkg
components, and commit
7f17a155640a2a9e1f7b0f3522628ee2c6f62624 completed it.
This commit rolls these changes out to the remaining OvmfPkg platforms
where they make sense in the same way.
Signed-off-by: Mike Beaton <mjsbeaton@gmail.com>
Since commit d64d1e195ceb ("MdeModulePkg: PeiMain: Introduce
implementation of delayed dispatch") the pei core wants read PCDs, so
the NULL lib doesn't cut it any more.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Currently, multiple dsc files within the OvmfPkg directory use the NULL
version of the CcProbeLib library. However, these packages have support
for confidential guests (usage of CcExitLib, MemEncrypt{Sev,Tdx}Lib, etc.)
and should be using the OvmfPkg version of the CcProbeLib.
The use of the NULL library causes the PCI option ROM to be enabled, which
can't be trusted as it originates from the hypervisor. The use of the NULL
library also causes a KVM hypervisor error when attempting to map/back the
option ROM region when running an SEV-SNP guest.
Update the various dsc files to reference the OvmfPkg version of the
CcProbeLib library and prevent usage of PCI option ROMs.
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Since the tdx measurement APIs are implemented by
TdxMeasurementLib, the duplicate code are removed.
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
Signed-off-by: Ceping Sun <cepingx.sun@intel.com>
This patch is to implement default IsCpuSyncAlwaysNeeded definition
for SmmCpuPlatformHookLibQemu. This interface will determine whether the first
CPU Synchronization should be executed unconditionally when a SMI occurs.
If the function returns true, it indicates that there is no need to check the system
configuration and status, and the first CPU Synchronization should be executed
unconditionally.
If the function returns false, it indicates that the first CPU Synchronization is
not executed unconditionally, and the decision to synchronize should be based on
the system configuration and status.
Signed-off-by: Khor Swee Aun <swee.aun.khor@intel.com>
The VirtIO spec states that "Upon receipt of a
VIRTIO_CONSOLE_CONSOLE_PORT message, the driver SHOULD treat the port in
a manner suitable for text console access and MUST respond with a
VIRTIO_CONSOLE_PORT_OPEN message, which MUST have value set to 1". See
https://docs.oasis-open.org/virtio/virtio/v1.3/virtio-v1.3.html#x1-3330002.
The current driver implementation, however, does not comply with that
and only sends PORT_OPEN messages upon receipt of PORT_OPEN messages.
This causes a problem in platforms like Apple's Virtualization
Framework, where PORT_OPEN messages are not sent back to the driver
after CONSOLE_PORT messages are received by the device, a behaviour that
is compliant with the VirtIO specification.
This patch addresses this issue by always responding CONSOLE_PORT
messages with PORT_OPEN messages.
Signed-off-by: Pedro Tôrres <t0rr3sp3dr0@gmail.com>
This is virtio based keyboard driver designed to be used on ARM platform.
The driver implements basic and extended text input interface.
UEFI shell requires only basic text input interface, but Grub needs
extended text input to work on.
Signed-off-by: Paweł Poławski <ppolawsk@redhat.com>
This commit adds:
- missing virtio subsystem ID for input device
- PrepareVirtioKeyboardDevicePath() handler to boot manager library
Signed-off-by: Paweł Poławski <ppolawsk@redhat.com>
Add a FileIsInFv check to PlatformRegisterFvBootOption, this is to
to avoid adding and then removing a boot option shortly after,
because the file is no longer in the firmware volume.
Signed-off-by: Luigi Leonardi <leonardi@redhat.com>
Move out file presence check from RemoveStaleFvFileOptions
to a new helper function for reusability. No functional changes
intended.
Signed-off-by: Luigi Leonardi <leonardi@redhat.com>
BaseCryptLib, RngLib, IntrinsicLib and OpensslLib are enabled by default
on LoongArch VM, since some APPs or OS require them.
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Chao Li <lichao@loongson.cn>
The Python version used for build and CI should always be at least
the minimum version supported by edk2-pytool-extensions. A badge
is added that keeps this information dynamically up-to-date based
on the minimum version specified in edk2-pytool-extensions
pyproject.toml file.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Refer to intel-tdx-module-api spec section 5.5.21, GPR mask
(TDVMCALL_EXPOSE_REGS_MASK) is a bitmap that controls which
part of the guest TD GPR and XMM state is passed as-is to
the VMM and back.
- A bit value of 0 indicates that the corresponding register
is saved by the Intel TDX module and not passed as-is to
Host VMM.
- A bit value of 1 indicates that the corresponding register
is passed as-is to the host VMM.
Currently, RBX is used as the mailbox address in ApRunLoop.nasm,
the corresponding bit value of RBX in MASK(Bit 3) is set as 1 which
means the value is passed to Host VMM as-is and it can be changed by
Host VMM.
So the bitmask shall be set as 0 to avoid this situation.
Reference:
[TDX-API]: intel-tdx-module-abi-spec
https://cdrdv2.intel.com/v1/dl/getContent/733579
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Hunter Adrian <adrian.hunter@intel.com>
Signed-off-by: Ceping Sun <cepingx.sun@intel.com>
Since the UEFI 2.11 has been released, the macro
MAX_LOONGARCH_EXCEPTION has been added in MdePkg, so it is deleted in
LoongArchVirt/Sec/LoongArch64/Start.S
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Chao Li <lichao@loongson.cn>
This PR updates the CI pipelines to use VS2022 instead of VS2019
as that is the latest supported VS toolchain on edk2.
Continuous-integration-options: PatchCheck.ignore-multi-package
Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
Since TdxHelperLib was defined in LibraryClasses for OvmfPkgX64.dsc,
the extra definitions is removed.
And for other dsc, add the Null-TdxHelperLib to remove the extra
definitions.
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Ceping Sun <cepingx.sun@intel.com>
Add TdTcg2Pei in OvmfPkgX64.dsc in early PEI phase to
support CC measurement.
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
Signed-off-by: Ceping Sun <cepingx.sun@intel.com>
Because PeiTpmMeasurementLib supports both TCG measurement and CC
measurement, it shall be controled by TPM2_ENABLE and
CC_MEASUREMENT_EANBLE.
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
Signed-off-by: Ceping Sun <cepingx.sun@intel.com>
TdTcg2Pei is added to install the gEdkiiCcPpi for a TD-Guest.
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
Signed-off-by: Ceping Sun <cepingx.sun@intel.com>
Since TdxHelperLib has the API(TdxHelperMapPcrToMrIndex)
to map PCR to MR index, the duplicate codes are removed.
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Ceping Sun <cepingx.sun@intel.com>
Add below APIs to support the implementation for CC measurement.
- TdxHelperMapPcrToMrIndex
- TdxHelperHashAndExtendToRtmr
- TdxHelperBuildTdxMeasurementGuidHob
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
Signed-off-by: Ceping Sun <cepingx.sun@intel.com>
Since the TdxHelperLib is used for measurement
in PEI phase, it required TDVF to add the library.
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Ceping Sun <cepingx.sun@intel.com>
While IScsiDxe certainly is a useful feature it is rarely used, and it
slows down firmware boot quite a bit. So disable it by default and only
load it in case this is explicitly requested via fw_cfg.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
UefiDriverEntryPointFwCfgOverrideLib will use
PcdEntryPointOverrideDefaultValue to decide what to do in case the
fw_cfg file specified via PcdEntryPointOverrideFwCfgVarName is not
present. Default is "yes".
This allows to disable drivers by default and only enable them when
requested via fw_cfg.
Also log a message with the config option applied and whenever the
default value or a fw_cfg option was used.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Use UefiDriverEntryPointFwCfgOverrideLib for UsbMassStorageDxe so
the driver can be enabled/disabled via fw_cfg option.
usage: qemu -fw_cfg name=opt/org.tianocore/UsbStorageSupport,string={yes,no}
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Use UefiDriverEntryPointFwCfgOverrideLib for IScsiDxe so the driver
can be enabled/disabled via fw_cfg option.
usage: qemu -fw_cfg name=opt/org.tianocore/ISCSISupport,string={yes,no}
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Use UefiDriverEntryPointFwCfgOverrideLib for VirtioNetDxe so the driver
can be enabled/disabled via fw_cfg option.
usage: qemu -fw_cfg name=opt/org.tianocore/VirtioNetSupport,string={yes,no}
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
