- In c36414b131 change, it was introduced
the ReadyToBoot event check to prevent the boot service got called
in runtime to cause the issue.
- In this patch introduced the ExitBootService event to replace it.
It would be better to base on the BootService status to decide
the source of ESRT table.
- Based on the BootService availability to decide,
- Exit : Use cache ESRT table in IF-condition
- Not Exit: Use boot service to locate protocol in ELSE-condition
Co-authored-by: Dakota Chiang <dakota.chiang@intel.com>
Signed-off-by: Jason1 Lin <jason1.lin@intel.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4831
In this patch introduced the below changes,
[1] Add the event of system resource table installed callback.
- Register the event in DxeRuntimeCapsuleLibConstructor ()
- Unregister the event in DxeRuntimeCapsuleLibDestructor ()
[2] Migrate the event to update the module variable to cache ESRT table
from ReadyToBoot to system resource table installed.
[3] Add the condition to free the pool of buffer when the "mEsrtTable"
is not NULL.
Co-authored-by: Dakota Chiang <dakota.chiang@intel.com>
Signed-off-by: Jason1 Lin <jason1.lin@intel.com>
If we search the codebase for &gEdkiiVariablePolicyProtocolGuid
we can find two drivers which install this policy:
VariableRuntimeDxe (installed in VariableDxe.c) and
VariableSmmRuntimeDxe (installed in VariablePolicySmmDxe.c).
The .inf file for VariableRuntimeDxe incorrectly lists the protocol
as CONSUMES in the comment, so change this to PRODUCES.
Signed-off-by: Mike Beaton <mjsbeaton@gmail.com>
This patch breaks the section processing loop if an invalid section with zero SectionLength is encountered.
Signed-off-by: Ragavarshini B <ragavarshinib@ami.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Dhanaraj V <vdhanaraj@ami.com>
Cc: Sachin Ganesh <sachinganesh@ami.com>
In BmFindBootOptionInVariable() we prevent passing a NULL pointer to
EfiBootManagerFindLoadOption(). However, it can accept a NULL pointer as
the second argument as long as count is zero. This change updates the
assert condtion to only assert if the pointer is NULL and the count is
non-zero.
Signed-off-by: Kenneth Lautner <kenlautner3@gmail.com>
Comments out a redundant call to RestoreTpl(). While this does not
technically violate spec on raise/restore TPL, TPL should already be at
the specified level. This extra call introduces an asymmetry between
RaiseTpl and RestoreTpl calls, which makes analysis of TPL correctness
more difficult and hampers certain non-standard TPL usages that some
platforms require. Additionally, the two TPL variables were renamed to
provide context for each of them.
Signed-off-by: Kenneth Lautner <kenlautner3@gmail.com>
Adds a call to RestoreTpl() in DiskIo2ReadWriteDisk(). While the current
implementation does not technically violate spec on raise/restore TPL,
this extra call ensures symmetry between RaiseTpl and RestoreTpl calls,
which makes analysis of TPL correctness simpler and permits certain
non-standard TPL usages that some platforms require.
Signed-off-by: Kenneth Lautner <kenlautner3@gmail.com>
- This PR aims to prevent a buffer overrun issue found in FtwGetLastWriteHeader
function.As per the current code, when there is a malformed blocks (with all bytes as 0s)
then `Offset += FTW_WRITE_TOTAL_SIZE (FtwHeader->NumberOfWrites,
FtwHeader->PrivateDataSize)` would access beyond FtwWorkSpaceSize.
- Also added the signature check to validate work space
Signed-off-by: Sureshkumar Ponnusamy <sponnusamy@microsoft.com>
This library is designed for handling variable HII checks within the
Standalone MMm environment. It includes the functions
dedicated to registering handlers that process information received
from VarCheckHiiLibMmDependency.
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Hongbin1 Zhang <hongbin1.zhang@intel.com>
Cc: Wei6 Xu <wei6.xu@intel.com>
Cc: Dun Tan <dun.tan@intel.com>
Cc: Dandan Bi <dandan.bi@intel.com>
Signed-off-by: Yuanhao Xie <yuanhao.xie@intel.com>
Rename SetVariableCheckHandlerHii and wrap it as a common API to
facilitate the usage in the following patches.
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Hongbin1 Zhang <hongbin1.zhang@intel.com>
Cc: Wei6 Xu <wei6.xu@intel.com>
Cc: Dun Tan <dun.tan@intel.com>
Cc: Dandan Bi <dandan.bi@intel.com>
Signed-off-by: Yuanhao Xie <yuanhao.xie@intel.com>
Change the Size parameter of BuildVarCheckHiiBin from OUT to an
input-output parameter.
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Hongbin1 Zhang <hongbin1.zhang@intel.com>
Cc: Wei6 Xu <wei6.xu@intel.com>
Cc: Dun Tan <dun.tan@intel.com>
Cc: Dandan Bi <dandan.bi@intel.com>
Signed-off-by: Yuanhao Xie <yuanhao.xie@intel.com>
VarCheckHiiLibMmDependency retrieve data (mVarCheckHiiBin) at the end
of the DXE phase, and pass the acquired data to the
VarCheckHiiLibStandaloneMm through a communication protocol.
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Hongbin1 Zhang <hongbin1.zhang@intel.com>
Cc: Wei6 Xu <wei6.xu@intel.com>
Cc: Dun Tan <dun.tan@intel.com>
Cc: Dandan Bi <dandan.bi@intel.com>
Signed-off-by: Yuanhao Xie <yuanhao.xie@intel.com>
Relocate the declaration of mVarCheckHiiBin to support for standalone
MM modules utilizing the same mVarCheckHiiBin.
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Hongbin1 Zhang <hongbin1.zhang@intel.com>
Cc: Wei6 Xu <wei6.xu@intel.com>
Cc: Dun Tan <dun.tan@intel.com>
Cc: Dandan Bi <dandan.bi@intel.com>
Signed-off-by: Yuanhao Xie <yuanhao.xie@intel.com>
In Standalone MM, there is no notification to MM drivers that variable
write is ready. Install gSmmVariableWriteGuid into MM handle database
for the notification.
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Ray Ni <ray.ni@intel.com>
Signed-off-by: Wei6 Xu <wei6.xu@intel.com>
According to TCG's Platform Reset Attack Mitigation spec, the OS should
never create the MOR variable, only read and write it.
But some OSes (Fedora 24 and 25) don't follow the TCG's Platform Reset
Attack Mitigation spec and unintentionally create MOR variable.
The commit fda8f631ed added function
VariableHaveTcgProtocols() to check against Tcg/Tcg2 protocol to infer
whether the MOR variable is created by platform firmware or not. If not,
delete the variable created by OS and lock the variable to avoid OS to
create it.
But in VariableStandaloneMm, VariableHaveTcgProtocols() always returns
FALSE, it causes TCG MOR secure feature does not work in standalone MM
environment.
As Fedora 24 and 25 are EOL today, directly returns TRUE in the function
VariableHaveTcgProtocols() for VariableStandaloneMm, and rename the
function to VariableIsMorVariableLegitimate() to make it more obvious
what the narrow use-case is for which it exists.
Signed-off-by: Wei6 Xu <wei6.xu@intel.com>
REF : https://bugzilla.tianocore.org/show_bug.cgi?id=4817
Before entering BIOS setup, CoreValidateHandle function executed
over 600,000 times during BDS phase on latest 8S server platform.
In CoreValidateHandle function, current implementation will go
through the doubly-linked list handle database in each call, and
this will have big impact on boot performance.
The optimization is using Red-black tree to store the EFI handle
address when insert each EFI handle into the handle database, and
remove the handle from Red-black tree if the handle is removed
from the handle database. CoreValidateHandle function changed to
go through the Red-black tree.
After verification on latest 8S server platform, BDS boot time can
save 20s+ after this change.
Cc: Ray Ni <ray.ni@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: Andrew Fish <afish@apple.com>
Tested-by: Xiaoqiang Zhang <xiaoqiang.zhang@intel.com>
Implementation of MEDIA_SANITIZE_PROTOCOL for NIST
purge/clear actions with mapping to NVM Express native
commands.
Signed-off-by: Aaron Pop <aaronpop@microsoft.com>
When allocating memory for a non-discoverable PCI device's IO, the
current core code removes the XP attribute, allowing code to execute
from that region. This is a security vulnerability and unneeded. This
change updates to mark the region as XP when allocating memory for the
non-discoverable PCI device.
These allocations in this function are limited to `EfiBootServicesData`
and `EfiRuntimeServicesData`, which we expect to be XP.
Signed-off-by: Aaron Pop <aaronpop@microsoft.com>
Currently whenever gDS->SetMemorySpaceCapabilities() is called, it
attempts to set the corresponding attributes in the gMemoryMap
descriptor. However, gMemoryMap only contains entries from GCD types
EfiGcdMemoryTypeSystemMemory and EfiGcdMemoryTypeMoreReliable, so
for all other types a failure is reported in the code. This is a
failure that is expected, so it does not provide value and can
lead to real failures being ignored.
This patch updates the gDS->SetMemorySpaceCapabilities() code to
only call into updating gMemoryMap if the GCD type is SystemMemory
or MoreReliable, to avoid spurious errors being reported. This
also avoids the expensive operation of searching through gMemoryMap
for entries we know we will fail to find.
Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
The Memory Attributes Table is generated by fetching the EFI memory map
and splitting entries which contain loaded images so DATA and CODE
sections have separate descriptors. The splitting is done via a call to
SplitTable() which
marks image DATA sections with the EFI_MEMORY_XP attribute and CODE
sections with the EFI_MEMORY_RO attribute when
splitting. After this process, there may still be EfiRuntimeServicesCode
regions which did not have their attributes set because they are not
part of loaded images.
This patch updates the MAT EnforceMemoryMapAttribute logic to set the
access attributes of runtime memory regions which are not part of loaded
images (have not had their access attributes set). The attributes of the
code regions will be read-only and no-execute because the UEFI spec
dictates that runtime code regions should only contain loaded EFI
modules.
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4832
Refs:
1.
https://edk2.groups.io/g/devel/topic/patch_v1_mdemodulepkg/105570114?p=,,,20,0,0,0::recentpostdate/sticky,,,20,2,0,105570114
2.
https://edk2.groups.io/g/devel/topic/mdemodulepkg_fix_mat/105477564?p=,,,20,0,0,0::recentpostdate/sticky,,,20,2,0,105477564
Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
Per UEFI spec 2.10 section 4.6.3 EFI_MEMORY_ATTRIBUTES_TABLE,
"The Memory Attributes Table is currently used to describe memory
protections that may be applied to the EFI Runtime code and data
by an operating system or hypervisor. Consumers of this table must
currently ignore entries containing any values for Type except for
EfiRuntimeServicesData and EfiRuntimeServicesCode to ensure
compatibility with future uses of this table."
However, the current MAT code also enforces attributes for
EfiMemoryMappedIo and EfiMemoryMappedIoPortSpace, which it should
not be. Per
https://edk2.groups.io/g/devel/topic/patch_v1_mdemodulepkg/105570114?p=,,,20,0,0,0::recentpostdate/sticky,,,20,2,0,105570114,
it was suggested to remove these types from the MAT logic.
This patch removes EfiMemoryMappedIo and EfiMemoryMappedIoPortSpace
from the MAT logic in accordance with the UEFI spec.
Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
SmmCommunicationBufferDxe need to re-use FixedCommBuffer from
MmCommBuffer HOB which created under PEI stage.
Signed-off-by: Hongbin1 Zhang <hongbin1.zhang@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
PcdMmCommBufferPages is to specify the page count allocated for
the MM communication buffer.
Signed-off-by: Hongbin1 Zhang <hongbin1.zhang@intel.com>
Co-authored-by: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Co-authored-by: Ray Ni <ray.ni@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Wei6 Xu <wei6.xu@intel.com>
Cc: Dun Tan <dun.tan@intel.com>
Cc: Yuanhao Xie <yuanhao.xie@intel.com>
The MM communicate buffer facilitates data sharing between non-MM
and MM code.
The MM IPL code allocates a "fixed" runtime type memory as the MM
communication buffer, and communicates its address and size to MM
Core via MmCommBuffer GUIDed HOB.
Here, "fixed" implies that the buffer's location remains constant
throughout the boot process.
Data is exchanged between the MM Communication PPI/Protocol and a
software MMI handler using this fixed MM communication buffer.
Signed-off-by: Hongbin1 Zhang <hongbin1.zhang@intel.com>
Co-authored-by: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Co-authored-by: Ray Ni <ray.ni@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Wei6 Xu <wei6.xu@intel.com>
Cc: Dun Tan <dun.tan@intel.com>
Cc: Yuanhao Xie <yuanhao.xie@intel.com>
This patch fixes a leak of memory allocated for the RAM disk in cases
when an error occurred while reading contents of a file from disk
or RamDiskRegister() returned some error condition.
Signed-off-by: Mike Maslenkin <mike.maslenkin@gmail.com>
Some multi-function input devices (e.g. combo keyboard and mouse)
present as IAD-style devices (https://www.usb.org/defined-class-codes,
https://learn.microsoft.com/en-us/windows-hardware/drivers/usbcon/usb-interface-association-descriptor).
Historically, multi-function devices would report a DeviceClass of 0,
indicating that interface matching should be done on the interface
descriptor rather than the global device descriptor.
IAD-style devices us DeviceClass of 0xEF, so they don't match
MatchUsbClass() for keyboard (DeviceClass=3, SubClass=1, Proto=1). If
they are treated as if they had a DeviceClass of zero, which is more
traditional for legacy multi-function devices, then the interface
descriptors are used instead and these types of devices will "just work"
without needing to add a custom USB device path to ConIn.
Signed-off-by: Aaron Pop <aaronpop@microsoft.com>
Add Report status code events to Nvme to trigger when timeouts occur.
This improves traceability when critical errors happen.
Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
- Remove the hardcoded definition (UFS_INIT_COMPLETION_TIMEOUT)
- Migrate the UFS initial completion timeout into PCD value
Signed-off-by: Jason1 Lin <jason1.lin@intel.com>
- Remove the hardcoded definition (UFS_INIT_COMPLETION_TIMEOUT)
- Migrate the UFS initial completion timeout into PCD value
Signed-off-by: Jason1 Lin <jason1.lin@intel.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4820
- Add the PCD to indicate the UFS device initialize completion time
- Default value of this PCD value is 600ms
Signed-off-by: Jason1 Lin <jason1.lin@intel.com>
REF : https://bugzilla.tianocore.org/show_bug.cgi?id=4750
Migrate the FV that doesn't contain the currently executing PEI Core
when permanent memory is initialized but PEI Core is still potentially
running from faster memory (Tepmorary RAM). This may reduce the time
required to migrate FVs to permanent memory. The FV containing PEI
Core is migrated after the PEI Core reentry when it is executed from
permanent memory.
This may or may not improve performance depending on the behavior of
temporary RAM and the actual performance changes must be measured with
the feature enabled and disabled.
This migration algorithm is only used for FVs specified in the
gEdkiiMigrationInfoGuid HOB and built with flag
FLAGS_FV_MIGRATE_BEFORE_PEI_CORE_REENTRY.
Signed-off-by: Awiral Shrivastava <awiral.shrivastava@intel.com>
This patch is to fix issue caused by uninitialized local
variable in Pei/Variable.c.
In the fucntion CalculateHobVariableCacheSize(), the local
variable VARIABLE_STORE_INFO StoreInfo is used without
initialization. When the uninitialized variable is passed
to CalculateAuthVarStorageSize() and GetNextVariablePtr(),
the field StoreInfo->FtwLastWriteData might be a uninitialized
non-zero value. Then the code execution will access the
invalid address StoreInfo->FtwLastWriteData->TargetAddress.
This might cause issue.
So in this commit, the local variable VARIABLE_STORE_INFO
StoreInfo is initialized by a ZeroMem() before use.
Signed-off-by: Dun Tan <dun.tan@intel.com>
Fire an event if a long delay occurs when starting an NVMe device.
This can be used by platforms to draw pictures on the screen or
take other actions to notify a user or move boot forward.
Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
REF : https://bugzilla.tianocore.org/show_bug.cgi?id=4787
If ACPI Silicon Hob has been found from entry of AcpiTableDxe driver,
that means SOC related ACPI tables been pass to the DXE phase by HOB.
Each SOC related ACPI tables will be install.
Signed-off-by: George Liao <george.liao@intel.com>
Now that all of the EFI_MEMORY_* defines live in the
EFI_MEMORY_TYPE enum, remove the old defines.
Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
Makes the `#` character used for comparison against wildcard
characters in `CHAR16` strings to be prefixed with `L` so the
character is treated as a wide character constant.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Includes the profiler SMI in the profile itself for completeness.
Co-authored-by: Michael Kubacki <michael.kubacki@microsoft.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2411
With Use-After-Free heap guard feature enabled, the DxeCore would blindly
attempt to "level-up" when the `GuardAllFreedPages` inspect a non-max
level table entry from the last loop. This could cause the next round of
inspection to dereference a potentially null pointer and as such causing
a page fault.
This change adds a null pointer check to prevent such case from happening.
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: Kun Qin <kun.qin@microsoft.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4655
[Feature Description]
- UFS device would clear fDeviceInit flag once the device initialization
is completed.
- This change is polling to check the flag is cleared or not with
specific timeout (UFS_INIT_COMPLETION_TIMEOUT - 600ms).
- This behavior is the same as UfsPassThruDxe module.
[Notes]
- This change included as a partial of below SHA1-ID
- 95ad8f7f6a
- c5740f3606
Signed-off-by: Jason1 Lin <jason1.lin@intel.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4653
In DxeIplFindDxeCore function, there exists different behavior between
Debug and Release built BIOS. This change is used to unify both of
the code flow and fix the potential overflow of "Instance" variable.
In this change,
[1] Move the ASSERT_EFI_ERROR (Status) in failure to find DxeCore
in any firmware volume condition.
[2] Break the while-loop when not found required DxeCore.
This would make the Instance variable not overflow in while-loop.
[3] Add the CpuDeadLoop () in the end of the function and do not
return since DxeCore is mandatory for the following booting
to hand-off the PEI phase to DXE phase.
[4] In case of the CpuDeadLoop () is de-assert by debugger,
return the NULL pointer.
Signed-off-by: Jason1 Lin <jason1.lin@intel.com>
Makes the `mInternalRT` global static in this library instance to
avoid conflicting with other code such as a global variable with
the same name in MdePkg/Library/UefiRuntimeLib.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Removes an assert if PeiAllocatePool() fails to allocate memory to
defer error handling to the caller so the error can be handled
gracefully or asserted at that location which is more specific to
the call that led to the allocation.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
The HobPrintLib prints all HOB info from the HOB list. The code is
abstracted from UefiPayloadPkg/UefiPayloadEntry/PrintHob.c.
Cc: Guo Dong <guo.dong@intel.com>
Cc: Sean Rhodes <sean@starlabs.systems>
Cc: James Lu <james.lu@intel.com>
Cc: Gua Guo <gua.guo@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Signed-off-by: Wei6 Xu <wei6.xu@intel.com>
Interface PrintHobList() is added to dump all HOBs info in the HobList.
Caller could specify a custom HOB print handler to replace the default
print handler when calling the interface.
Cc: Ray Ni <ray.ni@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: Wei6 Xu <wei6.xu@intel.com>
VariableSmmIsBufferOutsideSmmValid function is to check the buffer
is outside SMM or not. This patch fix the issue that always return
true for MM.
Meanwhile, this patch renames VariableSmmIsBufferOutsideSmmValid
to VariableSmmIsNonPrimaryBufferValid.
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Hongbin1 Zhang <hongbin1.zhang@intel.com>
Cc: Wei6 Xu <wei6.xu@intel.com>
Cc: Dun Tan <dun.tan@intel.com>
Cc: Yuanhao Xie <yuanhao.xie@intel.com>
Add a new function (VariableSmmIsPrimaryBufferValid) to check
Primary Buffer valid or not.
original function (VariableSmmIsBufferOutsideSmmValid) is used to
check the buffer outside MMRAM.
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Hongbin1 Zhang <hongbin1.zhang@intel.com>
Cc: Wei6 Xu <wei6.xu@intel.com>
Cc: Dun Tan <dun.tan@intel.com>
Cc: Yuanhao Xie <yuanhao.xie@intel.com>
For MM, the MM Handlers do not need to validate the buffer if it is
the CommBuffer passed from MmCore through the MmiHandler() parameter.
Return TRUE directly in this case. Fix buffer valid check for MM in
this patch.
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Hongbin1 Zhang <hongbin1.zhang@intel.com>
Cc: Wei6 Xu <wei6.xu@intel.com>
Cc: Dun Tan <dun.tan@intel.com>
Cc: Yuanhao Xie <yuanhao.xie@intel.com>
In the MdeModulePkg/VarCheckPolicyLib, the Primary Buffer
(CommBuffer) check function has been updated to match the buffer
validation behavior.
For SMM, the SMM Handlers is to validate the buffer outside MMRAM.
For MM, the MM Handlers do not need to validate the buffer if it is
the CommBuffer passed from MmCore through the MmiHandler() parameter.
Return TRUE directly in this case. Existing code is incorrect for
the MM check. This will be fixed in the following patch.
There is no function impact.
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Hongbin1 Zhang <hongbin1.zhang@intel.com>
Cc: Wei6 Xu <wei6.xu@intel.com>
Cc: Dun Tan <dun.tan@intel.com>
Cc: Yuanhao Xie <yuanhao.xie@intel.com>
In the MdeModulePkg/FaultTolerantWriteSmm, the Primary Buffer
(CommBuffer) check function has been updated to match the buffer
validation behavior:
For SMM, the SMM Handlers is to validate the buffer outside MMRAM.
For MM, the MM Handlers do not need to validate the buffer if it is
the CommBuffer passed from MmCore through the MmiHandler() parameter.
Return TRUE directly in this case.
There is no function impact.
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Hongbin1 Zhang <hongbin1.zhang@intel.com>
Cc: Wei6 Xu <wei6.xu@intel.com>
Cc: Dun Tan <dun.tan@intel.com>
Cc: Yuanhao Xie <yuanhao.xie@intel.com>
Eui64 is a 64 bit value, so the "L" or "l" is required for
format specifier, otherwise only lower 32 bit will be converted.
Signed-off-by: Mike Maslenkin <mike.maslenkin@gmail.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
BZ #4456
Fixed a bug which led to an ASSERT due to the USB device
context being maintained after a port reset, but the
underlying XHCI context was uninitialized. Specifically,
Xhc->UsbDevContext is freed after a reset and only
re-allocates the default [0] enpoint transfer ring.
In order to avoid a memory leak, device enumeration is
performed after freeing the necessary buffers. This
allocates the Xhc->UsbDevContext for all endpoints of
the USB device.
Signed-off-by: Britton Chesley <Brit.Chesley@amd.com>
BZ #4790
Support "^" and "V" key stokes on the pop-up form. Align the
implementation with key support on the regular HII form.
Signed-off-by: Gaurav Pandya <gaurav.pandya@amd.com>
The presense of PdbPointer (PDB file name) is not an error. Hence, the
debug message should be categorized as VERBOSE or INFO. However, the
DEBUG_VERBOSE is more appropriate since the PDB file name is already
output by the PeCoffLoaderRelocateImageExtraAction() function with the
inline "add-symbol-file" when a platform uses the library instance
DebugPeCoffExtraActionLib.
Signed-off-by: Nhi Pham <nhi@os.amperecomputing.com>
HBM/CXL memory systems are treated as special purpose memories. In many
cases it is desirable not to use special purpose memory for regular edk2
usages as these memories (HBm/CXL) are either meant for special purposes
or are less reliable to be used. Until such memory systems evolve and
we have better clarity from UEFI spec, avoid using them for edk2
boot memory purposes.
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael Kinney <michael.d.kinney@intel.com>
Cc: Oliver Smith-Denny <osde@linux.microsoft.com>
Signed-off-by: Dhaval Sharma <dhaval@rivosinc.com>
Co-authored-by: Tim Wawrzynczak <tim@rivosinc.com>
The commit "MdeModulePkg/DxeCapsuleLibFmp: Fix crash if no ESRT is
found" leads to a compilation error in
MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf. The issue
occurs because the variable mDxeCapsuleLibReadyToBootEvent which is
declared as extern does not exist, while it is defined in
DxeCapsuleRuntime.c, a file not included in DxeCapsuleLib.inf. This
patch is to fix this by moving the variable defintion to DxeCapsuleLib.c
and declare it as extern in DxeCapsuleRuntime.c.
Reported-by: Gua Guo <gua.guo@intel.com>
Signed-off-by: Nhi Pham <nhi@os.amperecomputing.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4716
Migrate FSP-T/M binary from temporary RAM to permanent RAM before NEM
tear down. Tcg module will use permanent address of FSP-T/M for
measurement. In MdeModulePkg, PeiCore installs mMigrateTempRamPpi if
PcdMigrateTemporaryRamFirmwareVolumes is True before NEM tear down and
after permanent memory ready.
Cc: Chasel Chiu <chasel.chiu@intel.com>
Cc: Nate DeSimone <nathaniel.l.desimone@intel.com>
Cc: Duggapu Chinni B <chinni.b.duggapu@intel.com>
Cc: Chen Gang C <gang.c.chen@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: Zhihao Li <zhihao.li@intel.com>
Add global variable mVariableRtCacheInfo to save the
content in gEdkiiVariableRuntimeCacheInfoHobGuid. With
this new global variable, 7 global variables can be
removed.
Signed-off-by: Dun Tan <dun.tan@intel.com>
Refine the code logic in InitVariableCache().
In this commit, three times calling of
InitVariableCache() for different type cache are
merged into one calling. This commit is to make
the code looks cleaner and doesn't change any
code functionality.
Signed-off-by: Dun Tan <dun.tan@intel.com>
Remove the usage of PcdEnableVariableRuntimeCache. We can
use the existence of gEdkiiVariableRuntimeCacheInfoHobGuid
to indicate if variable runtime cache is enabled or not.
Signed-off-by: Dun Tan <dun.tan@intel.com>
Consume gEdkiiVariableRuntimeCacheInfoHobGuid in
VariableSmmRuntimeDxe driver to initialize the following
variable cache related buffer:
*mVariableRuntimeHobCacheBuffer
*mVariableRuntimeNvCacheBuffer
*mVariableRuntimeVolatileCacheBuffer
*mVariableRuntimeCachePendingUpdate
*mVariableRuntimeCacheReadLock
*mHobFlushComplete
The code to to allocate
and unblock the buffer for
different type cache in VariableSmmRuntimeDxe is also
removed in this commit.
Signed-off-by: Dun Tan <dun.tan@intel.com>
Remove unneed FreePages() for RuntimeHobCacheBuffer which is
allocated in PEI phase.
So the global variable mVariableRuntimeHobCacheBufferSize
also can be removed.
Signed-off-by: Dun Tan <dun.tan@intel.com>
Remove the two unnecessary global variables and
replace them by two local variables:
mVariableRuntimeNvCacheBufferSize
mVariableRuntimeVolatileCacheBufferSize
Signed-off-by: Dun Tan <dun.tan@intel.com>
Install the callback of gEfiPeiMemoryDiscoveredPpiGuid
to create gEdkiiVariableRuntimeCacheInfoHobGuid in
VariablePei module. When PcdEnableVariableRuntimeCache
is TRUE, the callback will be installed to allocate
the needed buffer for different type variable runtime
cache, unblock the buffer and build this HOB. Then the
runtime cache buffer address and size will be saved in
the HOB content.
Signed-off-by: Dun Tan <dun.tan@intel.com>
This commit defines VARIABLE_RUNTIME_CACHE_INFO HOB.
The HOB is used to store the address and size of the
buffer that will be used for variable runtime service
when the PcdEnableVariableRuntimeCache is TRUE.
In following patches, when PcdEnableVariableRuntimeCache
is TRUE, VariablePei module will install a callback of
gEfiPeiMemoryDiscoveredPpiGuid to allocate needed buffer
for different type cache, unblock the buffer and build HOB.
Then VariableSmmRuntimeDxe driver will consume the
gEdkiiVariableRuntimeCacheInfoHobGuid to initialize the
variable runtime cache related content.
Signed-off-by: Dun Tan <dun.tan@intel.com>
The ESRT table is not required in UEFI firmware. In such cases, the
table may not be present in the UEFI Configuration Table. The mEsrtTable
is to check if the IsNestedFmpCapsule() function is invoked at runtime
to determine whether to use gEsrtManagementProtocolGuid or the ESRT
table from the Configuration Table. Unfortunately, the check does not
cover situations where the ESRT is not present, potentially resulting in
a kernel crash. This patch is intended to fix this issue.
Signed-off-by: Nhi Pham <nhi@os.amperecomputing.com>
Emit a DEBUG_WARN message if there is not enough flash space left to
write/update a variable. This condition is currently not logged
appropriately in all cases, given that full variable store can easily
render the system unbootable.
This new message helps identifying this condition.
Signed-off-by: Oliver Steffen <osteffen@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
It is legal for the VarStoreId of a question to
be 0 per the UEFI spec:
"Specifies the identifier of a previously
declared variable store to use when storing the
question’s value. A value of zero indicates
no associated variable store."
Instead of hitting an assert just skip this
question as there is no value to return.
Signed-off-by: Jeff Brasen <jbrasen@nvidia.com>
Struct assignments are not permitted in EDK2, as they may be converted
by the compiler into calls to the 'memcpy' intrinsic, which is not
guaranteed to be available in EDK2.
So replace the assignment with a call to CopyMem (), and -while at it-
replace the loop with a single CopyMem () call, as the loop operates on
items that are contiguous in memory.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
This MpService2Ppi field in SMM_S3_RESUME_STATE is used to
wakeup AP to do the CPU initialization during smm s3 boot when
the execution mode of PEI and DXE are the same.
Currently, in CpuS3.c of smm cpu driver, BSP doesn't need to
wakeup AP anymore. The initialization for AP will be done in
S3Resume.c before transfer to CpuS3.c of smm cpu driver.
So we can remove the MpService2Ppi field in SMM_S3_RESUME_STATE.
Signed-off-by: Dun Tan <dun.tan@intel.com>
Reviewed-by: Ray Ni <ray.ni@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
Add gEdkiiS3MtrrSettingGuid a new GUID for s3
MTRR setting. This GUID will be used to save
MTRR_SETTINGS at EndOfDxe by LockBox and restore
at S3 boot PEI phase for s3 usage.
Signed-off-by: Dun Tan <dun.tan@intel.com>
Reviewed-by: Ray Ni <ray.ni@intel.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
Add a new entry into GCD attribute conversion table to convert
EFI_RESOURCE_ATTRIBUTE_SPECIAL_PURPOSE to EFI_MEMORY_SP.
Signed-off-by: Du Lin <du.lin@intel.com>
The local variable 'WillReturn' was being used without prior
initialization in some code paths.
This patch ensures that 'WillReturn' is properly initialized
to prevent undefined behavior.
Signed-off-by: Zhiguang Liu <zhiguang.liu@intel.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4677
Attacker able to modify physical memory and ResumeCount.
System will crash/DoS when ResumeCount reaches its MAX_UINT32.
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: Pakkirisamy ShanmugavelX <shanmugavelx.pakkirisamy@intel.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
EFI_RESOURCE_MEMORY_UNACCEPTED has been officially defined in the PI
1.8 specification. So all temporary solutions have been replaced with
the actual definition.
Cc: Felix Polyudov <felixp@ami.com>
Cc: Dhanaraj V <vdhanaraj@ami.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: Sachin Ganesh <sachinganesh@ami.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
Added SpiHc DXE and SMM drivers. This code receives bus transactions
from the SpiBus layer and passes them onto the SpiHcPlatformLib
Platform Initialization Spec 1.7 volume 5 section 18.1.7
Bugzilla #4753
Cc: Abner Chang <abner.chang@amd.com>
Cc: Abdul Lateef Attar <AbdulLateef.Attar@amd.com>
Signed-off-by: Brit Chesley <brit.chesley@amd.com>
Reviewed-by: Abner Chang <abner.chang@amd.com>
Adding NULL SpiHcPlatformLib instance. This library is responsible for
handling the low level details of the SPI host controller. Since this is
platform specific this library will be dependent on OEM SPI
implementation. The SPI host controller layer will utilize this library
for SPI bus transactions.
Bugzilla #4753
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Abner Chang <abner.chang@amd.com>
Cc: Abdul Lateef Attar <AbdulLateef.Attar@amd.com>
Signed-off-by: Brit Chesley <brit.chesley@amd.com>
Acked-by: Abner Chang <abner.chang@amd.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
Added SpiBus DXE and SMM drivers. This code translates SPI requests from
the application layer into SPI Bus transactions on the SPI host
controller. The code is responsible for checking if the transaction is
valid, then setting up the SPI clock and chip select properly before
passing the bus transaction to the host controller.
Platform Initialization Spec 1.7 volume 5 section 18.1.6
Bugzilla #4753
Cc: Abner Chang <abner.chang@amd.com>
Cc: Abdul Lateef Attar <AbdulLateef.Attar@amd.com>
Signed-off-by: Brit Chesley <brit.chesley@amd.com>
Reviewed-by: Abner Chang <abner.chang@amd.com>
https://bugzilla.tianocore.org/show_bug.cgi?id=4727
Recently some of XHCI host controllers require to have
extra 1ms delay before accessing any MMIO register
during reset. PHY transition from P3 to P0 can take
around 1.3ms and the xHCI reset can take around 1.5ms.
Add PCD to control the delay, the default is 2 ms.
Cc: Ray Ni <ray.ni@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Krzysztof Lewandowski <krzysztof.lewandowski@intel.com>
Cc: Jenny Huang <jenny.huang@intel.com>
Cc: More Shih <more.shih@intel.com>
Cc: Ian Chiu <ian.chiu@intel.com>
Signed-off-by: Xianglei Cai <xianglei.cai@intel.com>
Reviewed-by: Krzysztof Lewandowski <krzysztof.lewandowski@intel.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
https://bugzilla.tianocore.org/show_bug.cgi?id=4556
Based on XHCI spec 4.8.3, software should do the
reset endpoint while USB Transaction occur.
Add the error code for USB Transaction error
since UEFI spec don't have the related definition.
Cc: Ray Ni <ray.ni@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Krzysztof Lewandowski <krzysztof.lewandowski@intel.com>
Cc: Jenny Huang <jenny.huang@intel.com>
Cc: More Shih <more.shih@intel.com>
Signed-off-by: Xianglei Cai <xianglei.cai@intel.com>
Reviewed-by: Krzysztof Lewandowski <krzysztof.lewandowski@intel.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
This patch fix a use-after-free issue where unregistering an
SMI handler could lead to the deletion of the SMI_HANDLER while it is
still in use by SmiManage(). The fix involves modifying
SmiHandlerUnRegister() to detect whether it is being called from
within the SmiManage() stack. If so, the removal of the SMI_HANDLER
is deferred until SmiManage() has finished executing.
Additionally, due to the possibility of recursive SmiManage() calls,
the unregistration and subsequent removal of the SMI_HANDLER are
ensured to occur only after the outermost SmiManage() invocation has
completed.
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Zhiguang Liu <zhiguang.liu@intel.com>
As per ACPI Spec 6.5+ Table 5-9 if xDSDT is available,
it should be used first. Handle required flow when xDSDT
is absent or present.
Test: Tested on RISCV64 Qemu platform with xDSDT and booted to
linux kernel.
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Pedro Falcato <pedro.falcato@gmail.com>
Signed-off-by: Dhaval Sharma <dhaval@rivosinc.com>
Acked-by: Chasel Chiu <chasel.chiu@...>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
UEFI spec defined ACPI Tables at boot time can be contained in memory of
type EfiACPIReclaimMemory or EfiAcpiMemoryNVS, although InstallAcpiTable
with AcpiTableProtocol will only allocate memory with type
EfiACPIReclaimMemory (Except FACS).
This patch provides an optional method controlled by PCD to avoid using
EfiACPIReclaimMemory, by setting the PCD PcdNoACPIReclaimMemory to TRUE,
all ACPI allocated memory will use EfiAcpiMemoryNVS instead.
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Liu Yun <yun.y.liu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Signed-off-by: Aaron Li <aaron.li@intel.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
Reviewed-by: Zhiguang Liu <zhiguang.liu@intel.com>
Jason1 Lin
Mike Beaton
ragavarshinib
Ken Lautner
Rebecca Cran
Sureshkumar Ponnusamy
xieyuanh
Wei6 Xu
Xiaoqiang Zhang
Ray Robles
Oliver Smith-Denny
Oliver Smith-Denny
Zhang Hongbin
Mike Maslenkin
John Schock
Sean Brogan
Awiral Shrivastava
Dun Tan
George Liao
Dmitry Antipov
Michael Kubacki
Bret Barkelew
Kun Qin
Jiaxin Wu
Britton Chesley
Gaurav Pandya
Nhi Pham
Dhaval
Zhihao Li
Rebecca Cran
Oliver Steffen
Jeff Brasen
Ard Biesheuvel
Du Lin
Zhiguang Liu
Shanmugavel Pakkirisamy
Sachin Ganesh
Xianglei Cai
Wenxing Hou
abnchang
Abner Chang
Aaron Li