This Feature PCD causes PiSmmCpuDxe to catch SMM stack overflow at
runtime, logging a clear error message, and entering a CPU dead loop.
Compared to the chaotic and catastrophic consequences of the stack leaking
into, and corrupting, the SMM page table, a stack guard that is enabled by
default is vastly superior.
We should not require sane platforms to explicitly opt in to this
safeguard; instead, we should require platforms that prefer to live
dangerously to opt out of it.
Stack overflow in SMM might even give rise to security vulnerabilities.
Cc: Jeff Fan <jeff.fan@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Ref: http://thread.gmane.org/gmane.comp.bios.edk2.devel/12864
Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1341733
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
When add Font Package, the cell in EFI_HII_FONT_PACKAGE_HDR
contains the measurement of the widest and tallest characters
in the font. The measurement may be not absolutely correct,
so when use this cell information to calculate the baseline may
cause incorrect result. Besides this calculation is not necessary.
So remove it now.
Cc: Liming Gao <liming.gao@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
When render string to screen, for proportional fonts,
the background color may not set to the whole BltBuffer.
And this will cause incorrect display.
Now initialize the background color to fix this issue.
Cc: Liming Gao <liming.gao@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Add UnicodeStrToAsciiStrS() and AsciiStrToUnicodeStrS() API.
These 2 safe version APIs are used to replace UnicodeStrToAsciiStr() and
AsciiStrToUnicodeStr() API.
The safe version string convert APIs use similar check as StrCpyS().
Cc: Liming Gao <Liming.Gao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <Jiewen.Yao@intel.com>
Reviewed-by: Liming Gao <Liming.Gao@intel.com>
Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>
Fix the bug that always use the '-e' as OPTROM_FLAGS even the .INF file
has statement 'PCI_COMPRESS = TRUE'.
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Yonghong Zhu <yonghong.zhu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Add the error handling to cover the case that current_dir is not exist.
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Yonghong Zhu <yonghong.zhu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Prevent the BmRepairAllControllers routine in an infinite loop
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Li <garyli@hpe.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
SecurityPkg\VariableAuthenticated\EsalVariableDxeSal\Variable.c
AutoUpdateLangVariable()
Global->PlatformLangCodes[VirtualMode] = AllocateRuntimeCopyPool
(DataSize, Data);
ASSERT (mVariableModuleGlobal->PlatformLangCodes[VirtualMode] != NULL);
The patch is to use Global instead of mVariableModuleGlobal in the
ASSERT (XXX) to make code more clear although mVariableModuleGlobal is
equal to Global actually.
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Amy Chan <amy.chan@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Amy Chan <amy.chan@intel.com>
Reviewed-by: Giri P Mudusuru <giri.p.mudusuru@intel.com>
When OVMF tried to load the file-based NvVars, it checked all the PCI
instances and connected the drivers to the mass storage device. However,
Xen registered its PCI device with a special class id (0xFF80), so
ConnectRecursivelyIfPciMassStorage() couldn't recognize it and skipped the
driver connecting for Xen PCI devices. In the end, the Xen block device
wasn't initialized until EfiBootManagerConnectAll() was called, and it's
already too late to load NvVars.
This commit connects the Xen drivers in ConnectRecursivelyIfPciMassStorage()
so that Xen can use the file-based NvVars.
v3:
* Introduce XenDetected() to cache the result of Xen detection instead
of relying on PcdPciDisableBusEnumeration.
v2:
* Cosmetic changes
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Lin <glin@suse.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
The Maximum Queue Entries Supported (MQES) field in the CAP (Controller
Capabilities) register for a NVMe controller restrict the maximum
individual queue size that the controller supports.
The origin code does not check this value and always uses a hardcode value
when creating I/O submission/completion queues for asynchronous
transmission. The hardcode value might be larger than the MQES field, this
will lead to an 'Invalid Queue Size' error when creating I/O
submission/completion queues.
The patch will add checks to make sure proper queue size is passed when
creating I/O submission/completion queues.
Cc: Feng Tian <feng.tian@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Feng Tian <feng.tian@Intel.com>
v2:
*Refine the coding style according edk2 community's feedback.
Current SNP UNDI Initialize command does not follow the UEFI Spec
to update the SNP MediaPresent field. The result for the Initialize
command execution check should be:
StatFlags: (1) Monitor the upper two bits (14 & 15) in the field to know
whether the command has been executed by the UNDI (Not started, Queued,
Error, Complete). (2) Check the other field to see if there is an active
connection to this network device (used to update MediaPresent).
StatCode: After command execution completes, either successfully or not,
this field contains the result of the command execution (success or failure).
This patch is used to fix it.
NOTE: If any UNDI driver does not follow the UEFI Spec for the media status
update, it may meet failure with this more conditions check (StatFlags).
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Enhanced the SplitFspBin tool in IntelFsp2Pkg to support:
- Rebase FSP 2.0 components to a different base address
- Display FSP 2.0 information header
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Giri P Mudusuru <giri.p.mudusuru@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Reviewed-by: Giri P Mudusuru <giri.p.mudusuru@intel.com>
Adding defines from FSP EAS v2.0 section 11.2.2 Oem Status code.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Maurice Ma <maurice.ma@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Giri P Mudusuru <giri.p.mudusuru@intel.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Reviewed-by: Maurice Ma <maurice.ma@intel.com>
This module could be linked by CpuMpPei driver to handle reserved vector list
and provide spin lock for BSP/APs to prevent dump message corrupted.
Cc: Michael Kinney <michael.d.kinney@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Feng Tian <feng.tian@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jeff Fan <jeff.fan@intel.com>
Reviewed-by: Feng Tian <feng.tian@intel.com>
Move some global variables location from PeiDxeSmmCpuException.c to
DxeCpuException.c and SmmCpuException.c. And remove some un-used global
vairables.
Cc: Michael Kinney <michael.d.kinney@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Feng Tian <feng.tian@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jeff Fan <jeff.fan@intel.com>
Reviewed-by: Feng Tian <feng.tian@intel.com>
Rename DxeSmmCpuException.c to PeiDxeSmmCpuException.c that will be used by
PeiCpuExceptionHandlerLib.
Cc: Michael Kinney <michael.d.kinney@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Feng Tian <feng.tian@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jeff Fan <jeff.fan@intel.com>
Reviewed-by: Feng Tian <feng.tian@intel.com>
We reached the size limit again.
Building OVMF with the following command
$ ./OvmfPkg/build.sh -D SECURE_BOOT_ENABLE -D NETWORK_IP6_ENABLE -D HTTP_BOOT_ENABLE
and it ended up with
GenFds.py...
GenFv: ERROR 3000: Invalid
: error 7000: Failed to generate FV
the required fv image size 0x900450 exceeds the set fv image size 0x900000
Since the new UEFI features, such as HTTPS, are coming, we need a
larger DEXFV eventually.
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Lin <glin@suse.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
In Ip6CleanService()it first cleaned some resources, then stop the timer .
While before the timer stopped it may try to access some already freed
data, which may generate an exception.
This patch updates the driver to stop the timer event before starting to
clean up the service data.
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Subramanian Sriram <sriram-s@hpe.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Samer El-Haj-Mahmoud <elhaj@hpe.com>
Reviewed-by: Sriram Subramanian <sriram-s@hpe.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
In Ip4CleanService()it first cleaned some resources, then stop the timer .
While before the timer stopped it may try to access some already freed
data, which may generate an exception.
This patch updates the driver to stop the timer event before starting to
clean up the service data.
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Subramanian Sriram <sriram-s@hpe.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Samer El-Haj-Mahmoud <elhaj@hpe.com>
Reviewed-by: Sriram Subramanian <sriram-s@hpe.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
Potentially uninitialized local variables 'TableKey' and 'TableHeader'
might be used in functions RamDiskPublishNfit() and RamDiskUnpublishNfit()
in file RamDiskProtocol.c.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Qiu Shumin <shumin.qiu@intel.com>
According to PI specification, EndOfDxe Event should be signaled before
DxeSmmReadyToLock protocol installation. This update is ASSERT if EndOfDxe
Event is not signaled when DxeSmmReadyToLock protocol installed. And do
REPORT_STATUS_CODE() also.
Cc: Michael Kinney <michael.d.kinney@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Feng Tian <feng.tian@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jeff Fan <jeff.fan@intel.com>
Reviewed-by: Michael Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
PI1.4a spec added "For S3 resume boot modes DXE IPL must be
prepared to execute without permanent memory installed and
invoke the S3 resume modules."
To follow PI1.4a spec, this patch is to update DxeIpl and
PeiCore to enable S3 resume from temporary memory.
The normal boot path still enforces the permanent memory
requirement.
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Eugene Cohen <eugene@hp.com>
Signed-off-by: Star Zeng <star.zeng@intel.com>
Tested-by: Katie Dellaquila <katie.dellaquila@hp.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
The current PCI 64bit memory BAR size calculation in PciHostBridgeLib
assumes all 32 bits in the upper BAR are fully writable. However,
platform might only support partial address programming, such as 40bit
PCI BAR address. In this case the complement cannot be used for size
calculation. Instead, the lowest non-zero bit should be used for BAR
size calculation.
Cc: Prince Agyeman <prince.agyeman@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Reviewed-by: Prince Agyeman <prince.agyeman@intel.com>
CorebootPayloadPkg has switched to use the generic PciBus and
PciHostBridge driver form MdeModulePkg. As a result, the
non-enumeration drivers including PciBusNoEnumerationDxe and
PciRootBridgenoEnumerationDxe need to be removed.
Cc: Prince Agyeman <prince.agyeman@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Reviewed-by: Prince Agyeman <prince.agyeman@intel.com>
The current GenCfgOpt tool does not generate bit fields in BSF.
This change will allow bit fields to be created in BSF for a specific
FSP UPD item. The argument for the tool is also updated to be in sync
with the old usage model in IntelFspPkg.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Giri P Mudusuru <giri.p.mudusuru@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Reviewed-by: Giri P Mudusuru <giri.p.mudusuru@intel.com>
OVMF (unlike ArmVirtPkg) has traditionally cleared the screen after
connecting devices. This is not really necessary, and keeping the logo up
while the progress bar is advancing at the bottom looks great. So don't
clear the screen.
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
OVMF's Platform BDS used to have a nice progress bar (with
IntelFrameworkModulePkg BDS). We can restore it by copying the
PlatformBootManagerWaitCallback() function verbatim from
Nt32Pkg/Library/PlatformBootManagerLib/PlatformBootManager.c
It can be tested by passing the following option to QEMU (5 seconds):
-boot menu=on,splash-time=5000
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
In the course of porting OvmfPkg to the MdeModulePkg BDS, commit
817fb3ac2a
OvmfPkg/PlatformBootManagerLib: Add EnableQuietBoot & DisableQuietBoot
open-coded the EnableQuietBoot() function (and its dependencies / friends)
from IntelFrameworkModulePkg BDS.
This code duplication can be avoided; the functionality is available from
the following three libraries in MdeModulePkg:
- BootLogoLib: provides the BootLogoEnableLogo() function. It does not
provide the internal ConvertBmpToGopBlt() function -- that one is
delegated to ImageDecoderLib (function DecodeImage()).
- ImageDecoderLib: a general library that registers decoder plugins for
specific image formats, and provides the generic DecodeImage() on top.
- BmpImageDecoderLib: one of said decoder plugins, for handling BMP images
(which is the format of our logo).
In this patch, we revert 817fb3ac2a, and atomically incorporate the
above libraries. This is inspired by Nt32Pkg commit 859e75c4fc42:
Nt32Pkg: Use BootLogoLib for logo and progress bar drawing.
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
The BootLogoUpdateProgress() function uses the
EFI_GRAPHICS_OUTPUT_BLT_PIXEL type in its parameter list, but the protocol
header that defines this type is not included. This breaks dependent C
source files that don't otherwise include the GraphicsOutput protocol
header. Supply the necessary include directive.
(Similarly, BootLogoEnableLogo() uses
EDKII_PLATFORM_LOGO_DISPLAY_ATTRIBUTE in its parameter list. For that
however, the PlatformLogo protocol header is included already.)
Cc: Feng Tian <feng.tian@intel.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
The PlatformBootManagerWaitCallback() function sets White.Reserved to
0xFF; it should be 0x00. Also, use a more compact form to assign the
component fields.
Suggested-by: Jordan Justen <jordan.l.justen@intel.com>
Cc: Andrew Fish <afish@apple.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Move NvmExpressHci.h definitions to a public industry standard
header in MdePkg. The NvmExpressHci.h contains definitions based
on the NVMe v1.1 specification. These definitions should be in
a public header so that clients of the NVMe passthru protocol
can use them to execute NVMe commands.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Darbin Reyes <darbin.emm.reyes@hpe.com>
Reviewed-by: Samer El-Haj-Mahmoud <samer.el-haj-mahmoud@hpe.com>
Reviewed-by: Feng Tian <feng.tian@intel.com>
Adds a public header for NVMe v1.1 spec. definitions. The majority
of these definitions where copied from a private header in
MdeModulePkg/Bus/Pci/NvmExpress/NvmExpressHci.h. Additional
definitions were added e.g. the NVMe Smart Health Log and
Firmware Info. Log structures. These definitions should be
in a public header so that clients of the NVMe passthru protocol
can use them to execute NVMe commands.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Darbin Reyes <darbin.emm.reyes@hpe.com>
Reviewed-by: Samer El-Haj-Mahmoud <samer.el-haj-mahmoud@hpe.com>
Reviewed-by: Feng Tian <feng.tian@intel.com>
this is something I missed in 8ac46e4
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Michael Zimmermann <sigmaepsilon92@gmail.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
When OVMF tried to restore the variables from the file-based NvVars, it
failed to set the read-only variable and aborted the restoration with
this message:
Variable Check ReadOnly variable fail Write Protected - 04B37FE8-F6AE-480B-BDD5-37D98C5E89AA:VarErrorFlag
Since it's a read-only variable maintained by the firmware, it's
pointless to restore the previous value, so the check can be
relaxed to allow EFI_WRITE_PROTECTED returned from SetVariable.
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Lin <glin@suse.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
"SerializeVariablesLib.h" is pure LF, while "SerializeVariablesLib.c" is
mixed (its only CRLF terminators are from commit e678f9db89). Convert
them both with "unix2dos".
"git show -b" produces no code hunks for this patch. Due to its simple and
mechanic nature (and because it blocks the application of another patch),
it's being committed without review.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
This patch is used to remove the status check for SockProcessRcvToken.
It's not return EFI_STATUS.
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>