convert the list when transferring from physical to virtual mode.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14403 6f19259b-4bc3-4df7-8a09-765794883524
OvmfPkg's file-based NvVar storage is read back as follows at boot (all
paths under OvmfPkg/Library/):
PlatformBdsPolicyBehavior() [PlatformBdsLib/BdsPlatform.c]
PlatformBdsRestoreNvVarsFromHardDisk()
VisitAllInstancesOfProtocol
for each simple file system:
VisitingFileSystemInstance()
ConnectNvVarsToFileSystem() [NvVarsFileLib/NvVarsFileLib.c]
LoadNvVarsFromFs() [NvVarsFileLib/FsAccess.c]
ReadNvVarsFile()
+-------------> SerializeVariablesSetSerializedVariables() [SerializeVariablesLib/SerializeVariablesLib.c]
| SerializeVariablesIterateInstanceVariables()
| +-------------> IterateVariablesInBuffer()
| | for each loaded / deserialized variable:
| +-|-----------------> IterateVariablesCallbackSetSystemVariable()
| | | gRT->SetVariable()
| | |
| | IterateVariablesInBuffer() stops processing variables as soon as the
| | first error is encountered from the callback function.
| |
| | In this case the callback function is
| IterateVariablesCallbackSetSystemVariable(), selected by
SerializeVariablesSetSerializedVariables().
The result is that no NvVar is restored from the file after the first
gRT->SetVariable() failure.
On my system such a failure
- never happens in an OVMF build with secure boot disabled,
- happens *immediately* with SECURE_BOOT_ENABLE, because the first
variable to restore is "AuthVarKeyDatabase".
"AuthVarKeyDatabase" has the EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS
attribute set. Since the loop tries to restore it before any keys (PK, KEK
etc) are enrolled, gRT->SetVariable() rejects it with
EFI_SECURITY_VIOLATION. Consequently the NvVar restore loop terminates
immediately, and we never reach non-authenticated variables such as
Boot#### and BootOrder.
Until work on KVM-compatible flash emulation converges between qemu and
OvmfPkg, improve the SECURE_BOOT_ENABLE boot experience by masking
EFI_SECURITY_VIOLATION in the callback:
- authenticated variables continue to be rejected same as before, but
- at least we allow the loop to progress and restore non-authenticated
variables, for example boot options.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14390 6f19259b-4bc3-4df7-8a09-765794883524
Add the variable name size check in the RequestToLock wrapper.
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14377 6f19259b-4bc3-4df7-8a09-765794883524
Add code in BdsDxe driver to call the protocol to mark the read-only variables defined in the UEFI Spec.
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Guo Dong <guo.dong@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14372 6f19259b-4bc3-4df7-8a09-765794883524
DHCP, PXE, and StdLib socket apps are enabled in OVMF by the sum of:
(a) a UEFI NIC driver,
(b) the generic network stack.
The only choice for (a) used to be the proprietary Intel E1000 driver,
which is cumbersome to obtain and enable.
The iPXE UEFI NIC drivers packaged with qemu-1.5 cover (a) for each NIC
type supported by qemu, and are easy to obtain & configure, even for
earlier qemu versions. Therefore enable (b) per default as well.
This doesn't take up much space; the binaries (b) adds to the firmware
don't seem to need -D FD_SIZE_2MB.
Intel's e1000 driver remains an option, requested by the -D E1000_ENABLE
build flag.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14366 6f19259b-4bc3-4df7-8a09-765794883524
To be compliant with the UEFI specification it is required to update SERIAL_IO_MODE with the values set.
This prototype change allows to get the value used inside SerialPortSetAttributes().
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Olivier Martin <Olivier.martin@arm.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14365 6f19259b-4bc3-4df7-8a09-765794883524
DecodeOneStateful: Properly handle combinations of Src, Dest, or Len being NULL or 0.
EncodeUtf8: Do not zero-terminate the result string in this worker function.
mbsrtowcs: Remove test for **src == '\0', as per ISO/IEC 9899:199409. Allows "".
wcsrtombs: The C Language standard, ISO/IEC 9899:199409, states that the wcsrtombs() function will stop before encountering the terminating NUL character only if Dest is NOT NULL. This implies that if Dest is NULL, the Limit parameter will be ignored. In order to avoid system hangs, if Dest is NULL a Limit value of ASCII_STRING_MAX is automatically used. Also fixed a typo in the function header comment.
With these changes, StdLib now passes all of the C Language Standards Compliance Tests for ISO/IEC 9899:199409 (C95).
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: daryl.mcdaniel@intel.com
Reviewed-by: erik.c.bjorge@intel.com
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14358 6f19259b-4bc3-4df7-8a09-765794883524
SerialPortSetControl, SerialPortGetControl and SerialPortSetAttributes are functions
of the SerialPortExtLib library interface. They should not be implemented by the
SerialPortLib library.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Olivier Martin <Olivier.martin@arm.com>
Reviewed-by: Andrew Fish <afish@apple.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14357 6f19259b-4bc3-4df7-8a09-765794883524
