This change fixes an issue where the returned section data length
is always 4 bytes larger than the actual section length. This could
cause an issue where the caller accesses the final 4 bytes which
would be invalid.
Co-authored-by: Kun Qin <kuqin@microsoft.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
MMIO ranges within the mProtectionMemRange array may exceed 4G
and should be configured as 'Present & NX'. However, the initial
attribute for these MMIO addresses in the page table is
'non-present'. Other attributes should not be set or updated for
a non-present range if the present bit mask is zero, as this could
result in an error during the InitPaging for the page table update
process.
This patch is to resolve the error to make sure MMIO page table
can be configured correctly.
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
For TDCALL leaf TDG.VP.INFO, the bit 31:0 in R8 returns NUM_VCPUS and
bit 63:32 in R8 returns MAX_VCPUS. Current struct
TDCALL_INFO_RETURN_DATA defines them in wrong order.
Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cast pointer type to VOID* to avoid potential build error.
If the two PCD are FixAtBuild, PcdGetPtr will return a const
type pointer. Since the second parameter of BuildGuidDataHob
is VOID*, build error may happen with following log:
C4090: 'function': different 'const' qualifiers
Signed-off-by: Dun Tan <dun.tan@intel.com>
Write the feature bit into PcdConfidentialComputingGuestAttr
and enable DebugVirtualization in PEI, SEC, DXE.
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: Min Xu <min.m.xu@intel.com>
Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Alexey Kardashevskiy <aik@amd.com>
---
Changes:
v5:
* "rb" from Tom
v4:
* s/DebugSwap/DebugVirtualization/g
CONFIDENTIAL_COMPUTING_GUEST_ATTR is not a simple SEV level anymore
and includes a feature mask since the previous commit.
Fix AmdMemEncryptionAttrCheck to check the level and feature
correctly and add DebugVirtualization support.
Since the actual feature flag is not set yet, this should cause
no behavioural change.
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Alexey Kardashevskiy <aik@amd.com>
---
Changes:
v5:
* "rb" from Tom
The SEV-ES DebugVirtualization feature enables type B swapping of
debug registers on #VMEXIT and makes #DB and DR7 intercepts
unnecessary and unwanted.
When DebugVirtualization is enabled, this stops booting if
interaction from the HV.
Add new API to PEI, SEC, DXE.
This does not change the existing behaviour yet.
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: Min Xu <min.m.xu@intel.com>
Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Alexey Kardashevskiy <aik@amd.com>
---
Changes:
v5:
* "rb" from Tom
v4:
* s/DebugSwap/DebugVirtualization/
PcdConfidentialComputingGuestAttr so far only contained an SEV mode bit
but there are more other features which do not translate to levels
such as DebugVirtualization or SecureTsc.
Add the feature mask and the DebugVirtualization feature bit to the PCD.
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Alexey Kardashevskiy <aik@amd.com>
---
Changes:
v4:
* s/CCAttrFeatureAmdSevDebugSwap/CCAttrFeatureAmdSevEsDebugVirtualization/
v2:
* expanded features mask
* added type mask
For now we need DebugSwap but others are likely to be needed too.
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Alexey Kardashevskiy <aik@amd.com>
Changes:
v5:
* "rb" from Tom
v4:
* added more from April/2024 APM
RISC-V ovmf used VirtualRealTimeClockLib but the default epoch is a
compilation time. It causes that the RISC-V ovmf binary image is NOT
reproducible.
This patch added the support of SOURCE_DATE_EPOCH by printenv command.
If SOURCE_DATE_EPOCH be found then we use it as BUILD_EPOCH. Otherwise
we run date command for setting BUILD_EPOCH.
For distributions want a reproducible RISC-V ovmf image, they should
export SOURCE_DATE_EPOCH environment variable before building ovmf.
References: https://reproducible-builds.org/docs/source-date-epoch/
Cc: Pete Batard <pete@akeo.ie>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: "Lee, Chun-Yi" <jlee@suse.com>
Most of the definitions in this file are currently well documented.
This adds documentation for a few missing fields in the NVMe
Controller Capabilities structure.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
If kernel hashes are enabled but no initrd is provided,
QEMU will still create an entry in the hash table, but it
will be the hash of an empty buffer.
Remove the explicit check for the length of the blob.
This logic will be handled by the later hash comparison,
which will still fail when the blob is not present
but is expected, but will pass when the blob is not present
and the hash table contains a hash of an empty buffer.
Signed-off-by: Tobin Feldman-Fitzthum <tobin@linux.ibm.com>
Eui64 is a 64 bit value, so the "L" or "l" is required for
format specifier, otherwise only lower 32 bit will be converted.
Signed-off-by: Mike Maslenkin <mike.maslenkin@gmail.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Update retrieval of private guids, protocols, or ppis from a package's
declaration file to use the original path of the module's INF file
rather than the current path. When building the same module multiple
times in the same INF (by override the define's FILE_GUID), a temporary
instance of the module is generated outside the package, causing the
retrieval of private values to fail as the check to access private
values is done by verifying the module to build, is inside the package.
Signed-off-by: Joey Vagedes <Joey.Vagedes@gmail.com>
Cc: Rebecca Cran <rebecca@bsdio.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Bob Feng <bob.c.feng@intel.com>
Cc: Yuwei Chen <yuwei.chen@intel.com>
Allows ignore lines in the CI YAML file to use git ignore syntax.
This is especially useful for ignore files recursively in directories
like those that may exist in an external dependency folder.
Co-authored-by: Michael Kubacki <michael.kubacki@microsoft.com>
Signed-off-by: Joey Vagedes <joey.vagedes@gmail.com>
BZ #4456
Fixed a bug which led to an ASSERT due to the USB device
context being maintained after a port reset, but the
underlying XHCI context was uninitialized. Specifically,
Xhc->UsbDevContext is freed after a reset and only
re-allocates the default [0] enpoint transfer ring.
In order to avoid a memory leak, device enumeration is
performed after freeing the necessary buffers. This
allocates the Xhc->UsbDevContext for all endpoints of
the USB device.
Signed-off-by: Britton Chesley <Brit.Chesley@amd.com>
Pass build variables (those passed to build.py through -D) to the DSC
parser to provide a more accurate parsing of the DSC file.
Signed-off-by: Joey Vagedes <joey.vagedes@gmail.com>
Signed firmware measurements are allowed to be passed along to in the
TCG and CC event logs according to the TCG PC Client Platform Firware
Profile. The event logs include events that Tcg2Dxe reads from
appropriately GUIDed HOBs, so allow opt/org.tianocode/sp800155evt/%d to
pass along events that the VMM sees fit to provide. One event per
number, starting from 0, increasing by 1 until there are no more
contiguous files.
The VMM may provide reference measurements through UEFI variables that
it references from the SP800-155 event3 structure given the appropriate
RIM locator type, or via URL, etc.
Each event read from fw_cfg, is written one-by-one to
a EFI_HOB_GUID_TYPE HOB created for the event. The name they target
gTcg800155PlatformIdEventHobGuid for the later Dxe driver to use to
extend the event log.
Signed-off-by: Dionna Glaze <dionnaglaze@google.com>
The TCG_Sp800_155_PlatformId_Event2 and 3 structures both list the
platform model string twice, which is incorrect according to the
TCG PC Client Platform Firmware Profile.
Also add constant definitions for the locator types added in the
December 2023 revision.
Signed-off-by: Dionna Glaze <dionnaglaze@google.com>
A new contributor has a name not describable by the character set
developed for 1960s US teleprinters, causing the CI to object and
blocking their code from being merged due to the copyright statement.
While we do want to keep the code clean from characters other
contributors cannot trivially reproduce, this should not extend to
requiring intentionally misstating legal claims.
Until we figure out the long-term fix, add an exception for the surname
triggering the failure.
Signed-off-by: Leif Lindholm <quic_llindhol@quicinc.com>
Consume gEdkiiTcg2AcpiCommunicateBufferHobGuid in Tcg2Acpi
driver. Tcg2Acpi will use the buffer stored in the HOB to
exchange information with Tcg2StandaloneMm by the
MM_COMMUNICATION_PROTOCOL.
Signed-off-by: Dun Tan <dun.tan@intel.com>
Install a callback of gEfiPeiMemoryDiscoveredPpiGuid to
build the gEdkiiTcg2AcpiCommunicateBufferHobGuid in the
Tcg2ConfigPei PEIM.
The HOB contains a buffer reserved by MmUnblockMemoryLib.
The buffer will be used in Tcg2Acpi driver to retrive
information from standalone mm environment.
Signed-off-by: Dun Tan <dun.tan@intel.com>
Add a new GUID HOB gEdkiiTcg2AcpiCommunicateBufferHobGuid.
This Tcg2 Acpi Communicate Buffer HOB is used to store the
address of a buffer reserved for Tcg2Acpi driver. The buffer
will be used to retrive information from Standalone mm
environment.
Signed-off-by: Dun Tan <dun.tan@intel.com>
Consume gEdkiiTcgPhysicalPresenceInterfaceVerHobGuid in
StandaloneMmTcg2PhysicalPresenceLib. This is to avoid
using the dynamic PcdTcgPhysicalPresenceInterfaceVer in
StandaloneMm module.
Signed-off-by: Dun Tan <dun.tan@intel.com>
Consume gEdkiiTpmInstanceHobGuid in Tcg2StandaloneMm
driver. It's to avoid using dynamic PcdTpmInstanceGuid
in StandaloneMm driver.
Signed-off-by: Dun Tan <dun.tan@intel.com>
Build following two new HOBs:
gEdkiiTcgPhysicalPresenceInterfaceVerHobGuid
gEdkiiTpmInstanceHobGuid
The two HOBs will be used by Tcg2StandaloneMm driver
to avoid using the related dynamic PCDs.
Signed-off-by: Dun Tan <dun.tan@intel.com>
Add a new gEdkiiTcgPhysicalPresenceInterfaceVerHobGuid.
This new Guid HOB contains a a string of the Version of
Physical Presence interface which is the same as
PcdTcgPhysicalPresenceInterfaceVer. The HOB is used for
StandaloneMm driver which needs to consume the dynamic
PcdTcgPhysicalPresenceInterfaceVer.
Signed-off-by: Dun Tan <dun.tan@intel.com>
This new Guid HOB contains a TPM instance Guid which
is the same as PcdTpmInstanceGuid. The HOB is used for
StandaloneMm driver which needs to consume the dynamic
PcdTpmInstanceGuid.
Signed-off-by: Dun Tan <dun.tan@intel.com>
Now that CONST input strings to the AmlLib APIs
are properly marked as CONST we don't need to cast
them to non-CONST before passing them.
Signed-off-by: Jeshua Smith <jeshuas@nvidia.com>
Several input strings to AmlLib APIs are treated
as CONST but were missing the CONST keyword,
requiring their callers to create unnecessary r/w
copies of r/o input strings. This change properly
marks these input strings as CONST.
Signed-off-by: Jeshua Smith <jeshuas@nvidia.com>
Reviewed-by: Jeff Brasen <jbrasen@nvidia.com>
The xdrlib dependency was removed in commit
5cadb8ce21 but the actual import of the
module was not removed. This commit removes the import of xdrlib and
sorts the imports.
Signed-off-by: Joey Vagedes <joey.vagedes@gmail.com>
There is a list of allowed rng algorithms, if /one/ of them is not
supported this is not a problem, only /all/ of them failing is an
error condition.
Downgrade the message for a single unsupported algorithm from ERROR to
VERBOSE. Add an error message in case we finish the loop without
finding a supported algorithm.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
BZ #4790
Support "^" and "V" key stokes on the pop-up form. Align the
implementation with key support on the regular HII form.
Signed-off-by: Gaurav Pandya <gaurav.pandya@amd.com>
The presense of PdbPointer (PDB file name) is not an error. Hence, the
debug message should be categorized as VERBOSE or INFO. However, the
DEBUG_VERBOSE is more appropriate since the PDB file name is already
output by the PeCoffLoaderRelocateImageExtraAction() function with the
inline "add-symbol-file" when a platform uses the library instance
DebugPeCoffExtraActionLib.
Signed-off-by: Nhi Pham <nhi@os.amperecomputing.com>
Specifically before running lzma uncompress of the main firmware volume.
This is needed to make sure caching is enabled, otherwise the uncompress
can be extremely slow.
Adapt the ASSERTs and MTRR setup in PlatformInitLib to the changes.
Background: Depending on virtual machine configuration kvm may uses EPT
memory types to apply guest MTRR settings. In case MTRRs are disabled
kvm will use the uncachable memory type for all mappings. The
vmx_get_mt_mask() function in the linux kernel handles this and can be
found here:
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/arch/x86/kvm/vmx/vmx.c?h=v6.7.1#n7580
In most VM configurations kvm uses MTRR_TYPE_WRBACK unconditionally. In
case the VM has a mdev device assigned that is not the case though.
Before commit e8aa4c6546 ("UefiCpuPkg/ResetVector: Cache Disable
should not be set by default in CR0") kvm also ended up using
MTRR_TYPE_WRBACK due to KVM_X86_QUIRK_CD_NW_CLEARED. After that commit
kvm evaluates guest mtrr settings, which why setting up MTRRs early is
important now.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
PcdArmArchTimerFreqInHz lets platforms override the architectural timer
frequency, but this really isn't supported in hardware by anything lower
than EL3. And we no longer support running edk2 at EL3.
So drop this Pcd and update ArmArchTimerLib to unconditionally use
ArmGenericTimerGetTimerFreq () instead.
Signed-off-by: Leif Lindholm <quic_llindhol@quicinc.com>
PcdArmArchTimerFreqInHz lets platforms override the architectural timer
frequency, but this really isn't supported in hardware by anything lower
than EL3. Setting it to 0 skips the override - but that is also the
default. So drop the explicit setting in ArmVirtPkg platforms in
preparation for deleting the Pcd completely.
Signed-off-by: Leif Lindholm <quic_llindhol@quicinc.com>
There is a bit of legacy code in ArmArchTimerLib that attempts to program
the generic timer based on a Pcd. This was only ever done for (32-bit)
ARM in case the cpu lacked the Security Extensions (because if they were
there, Secure firmware would be expected to have configured this before
switching to Non-secure state).
We don't support operation without Secure firmware anymore, but also the
code has been incorrectly invoked only on platforms that *do* implement
the Security Extensions since December 2020 and commit 0dd0d42ab5
("ArmPkg: use helper to check for Security extensions in ArmArchTimerLib")
As a result, edk2 has been overriding any programming done by Secure
Firmware on ARM platforms. Which is wrong.
Drop this programming in preparation for deleting the Pcd completely.
Signed-off-by: Leif Lindholm <quic_llindhol@quicinc.com>
Cpucfg fetch is a 32-bit register, and AsmCpucfg's function
declaration is a 32-bit address storage operation in BaseLib.h,
So, fix it by replacing stptr.d with stptr.w instrcution.
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4797
Cc: Chao Li <lichao@loongson.cn>
Signed-off-by: Dongyan Qian <qiandongyan@loongson.cn>
Co-authored-by: Chao Li <lichao@loongson.cn>
Jiaxin Wu
Michael Kubacki
Xiaoyao Li
Dun Tan
Alexey Kardashevskiy
Chun-Yi Lee
Tobin Feldman-Fitzthum
Mike Maslenkin
Joey Vagedes
Britton Chesley
Dionna Glaze
Leif Lindholm
Jeshua Smith
dependabot[bot]
Gerd Hoffmann
Gaurav Pandya
Nhi Pham
Wenxing Hou
Dongyan Qian