ArmFfaLibCommonInit will return EFI_UNSUPPORTED when there is no FFA
supported on the platform. This is expected behavior. However, the return
of error code will incur program asserts.
This change fixed the non-FFA path for the Standalone MM instance.
Signed-off-by: Kun Qin <kun.qin@microsoft.com>
SEC, PEI_CORE and PEIM type modules generally execute in place from
memory that is not writable. This means that it is not generally
possible to use an entrypoint implementation that stores a dynamically
generated stack cookie into a global variable. For PEIMs in particular,
there may be other options, such as a DEPEX on the permanent memory PPI,
but the current dynamic implementations of the stack checking library
entrypoints for PEI_CORE and PEIM modules must not be used as-is.
So remove them, and update the readme accordingly.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Remove some source files that were part of an earlier incarnation of
DynamicStackCookieEntryPointLib but are no longer actually in use.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Commit efbf5ed moves StackCheckLibStaticInit to StackCheckLib,
and each SEC module has a dependency on StackCheckLib now.
Add StackCheckLib in FitUniversalPayloadEntry.inf to fix build
issue.
Signed-off-by: Ajan Zhong <ajan.zhong@newfw.com>
StandaloneMmCoreMemoryAllocationLib.c and StandaloneMmServicesTableLib.c
are both defining gMmst, StandaloneMmCoreMemoryAllocationLib will be
linked to StandaloneMmCore directly, StandaloneMmServicesTableLib may be
linked to StandaloneMmCore indirectly, when they are both linked to
StandaloneMmCore, there will be "lld-link: error: duplicate symbol: gMmst"
build error with Clang compiler.
gMmst is declared in MmServicesTableLib.h and its definition should be
owned by MmServicesTableLib.
This patch renames gMmst in StandaloneMmCoreMemoryAllocationLib.c to
mMemoryAllocationMmst to avoid this build error.
Signed-off-by: Star Zeng <star.zeng@intel.com>
Adds X64 support to the SRAT table generator library.
Adds EX64ObjLocalApicX2ApicAffinity CM object to get
platform configuration information.
Update the parser with newly added CM object.
Cc: Sami Mujawar <Sami.Mujawar@arm.com>
Cc: Pierre Gondois <pierre.gondois@arm.com>
Signed-off-by: Abdul Lateef Attar <AbdulLateef.Attar@amd.com>
In order to provide an example and test out dynamic stack
cookies in edk2, dynamic stack cookies are added to ArmVirtPkg
platforms using ArmVirt.dsc.inc, per maintainer request.
This does require moving the ArmVirt.dsc.inc to be included
before MdeLibs.dsc.inc as the BaseTools does not expand all
the Defines sections before processing.
Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
In order to use dynamic stack cookies in ArmVirtQemu, we need
RNDR support. This is added by using the neoverse-n2 cpu.
Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
To provide an example and test the code within edk2, this
adds stack cookie checking to OvmfIA32X64, doing no checking
for SEC and PEI_CORE modules, static cookies for PEIMs, and
dynamic cookies for all other module types.
Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
In order to use dynamic stack cookies, we need RDRAND support
from QEMU, so this updates the QEMU launching code for OvmfPkg
to include RDRAND support.
Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
Adds dynamic stack cookies in the form of copies of the entry
point libraries that use shared logic to update stack cookies
at runtime.
This relies on RDRAND on IA32/X64 and RNDR on AARCH64 to get a
random number to apply to the stack cookie on module entry point.
This simplifies the logic a platform must do to include stack
check functionality.
Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
This commit oves StackCheckLib from a NULL lib to an instance of
StackCheckLib. This requires every entry point to add a library
dependency on StackCheckLib. It also requires every SEC module
to have a dependency on StackCheckLib because there is no
standard SEC entry point.
It allows for greater flexibility for a platform to apply stack
cookies and simplifies DSC logic.
Continuous-integration-options: PatchCheck.ignore-multi-package
Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
Now that the X64 StandaloneMmCoreEntryPoint has been moved to
MdePkg, it can be removed from StandaloneMmPkg and consumed
from MdePpkg.
Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
Moves StandaloneMmCoreEntryPoint for X64 to MdePkg to live with
the other entry point libs. It does not move the ARM64 version,
as this was just moved to ArmPkg due to its heavy coupling with
ArmPkg code. This will need to be revisited when dynamic stack
cookie support is added to ARM64 StMM.
This commit just adds the library in MdePkg, a separate commit
will remove it from StandaloneMmPkg to make it easier to consume.
Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
StackCheckLib defines the interface between a compiler
and the stack checking code. It is being converted from
a NULL library class to an actual library class to make
it easier to use for a platform and be easier to define
the expected interface with a compiler, so if there is
a compiler change it can be tracked and caught.
Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
RNDR is a standard register defined in the ARM ARM for
AARCH64. Move the definition from BaseRngLib to AArch64.h.
Furthermore, move the inclusion of this register definition
to the ARM specific header file.
Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
REF:https://github.com/tianocore/edk2/issues/10529
The `RngPei` PEIM can be used if RNG should be provided over a
dynamic binary interface to other PEIMs on a platform.
Tested with:
- SecurityPkg CI
- Verify RNG linked with RngLib is executed as expected
- Verify random numbers are generated successfully with a valid
RngLib
Integration instructions:
Use the `RngPei` module if a platform needs to produce
`gEfiRngPpiGuid`.
The platform should usually link a different `RngLib` instance to
`RngPei` than other PEIMs that may use the RNG PPI produced since
`RngPei` is responsible for producing the PPI.
For example, a `RngLib` instance that uses the rdrand instruction
may be linked against `RngPei` and a `RngLib` instance that uses
the RNG PPI may be linked against other PEIMs.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
REF:https://github.com/tianocore/edk2/issues/10529
Adds a new PEI library instance for RngLib that uses the RNG services
provided by the RNG PPI.
This library instance will add a DEPEX on gEfiRngPpiGuid on modules
it links against. It can be used to allow PEIMs to get RNG support
over a dynamic interface.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
REF:https://github.com/tianocore/edk2/issues/10529
Adds a new PPI that serves the same purpose as EFI_RNG_PROTOCOL in
DXE. This PPI can be produced by a PEIM to provide a dynamic interface
to RNG services in PEI.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Move the structure definition to a common location that can be shared
with the RNG PPI. Move the algorithms to a common header that can be
referenced independent of the protocol.
Include the algorithm header in the interface header since the
algorithms are directly used in the interface and for compatibility
with existing code.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
We've migrated bugzilla bugs to github issues, so update the references
to specific bugs called out in the top-level readme.
Also delete the references to BZ2661 and BZ2668 which are both *closed*:
https://github.com/tianocore/edk2/issues/8453https://github.com/tianocore/edk2/issues/8458
And drop bugzilla.tianocore.org from "references".
The server is no longer in use, and the certificate has expired,
so stop telling people to go there.
Signed-off-by: Leif Lindholm <leif.lindholm@oss.qualcomm.com>
Update BZ links to corresponding GitHub issues links now that the
BZ -> GitHub issue migration is complete.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
By default, Doxygen tries to nicely format all text within doc blocks.
Unfortunately this mangles ASCII art: add @verbatim statements
to EdkiiSystemFmpCapsule.h to cause Doxygen to display the text as
provided.
Signed-off-by: Rebecca Cran <rebecca@bsdio.com>
With the latest GccBase.lds combining with CLANG build, there is no
need to enforce 4KB alignment of in UPL CLANGDWARF build.
This reverts commit b3bfb8f22d.
Signed-off-by: Chasel Chiu <chasel.chiu@intel.com>
This adds #defines and struct typedefs for the various structure
types in the CXL Early Discovery Table (CEDT).
Signed-off-by: Yuquan Wang <wangyuquan1236@phytium.com.cn>
If command line options are moved into a response file
of a GCC family build, then the file path separators are
converted from '\' to '/'. However, this can corrupt
command line options that are quoted strings.
Update GenMake to no convert '\' to '/' in quoted strings.
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
The linker option 'no-warn-rwx-segments' breaks both the LLVM linker and
versions of the binutils ld.bfd linker prior to 2.39.
Now that the ELF image is made up of separate R-X and RW- segments, this
warning is no longer emitted and so there is no longer a need to
suppress it either.
While at it, move GCC_DLINK_FLAGS_COMMON (which is not common but only
used by Ia32 and X64) into its only user so it can be dropped.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
To prevent the ELF linkers from complaining about emitted ELF segments
that require both writable and executable permissions, define two
separate R-X and RW- ELF segments, and emit the output sections
explicitly into those segments as appropriate.
Note that this has no bearing on the PE image, and using a single RW-
segment would probably be fine too.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
The original reason for creating a separate version of the ELF linker
script for Clang was the difference between COMMONPAGESIZE and
MAXPAGESIZE, which can we provided on the command line to the respective
linkers (ld.bfd versus lld). That difference no longer exists, and both
use COMMONPAGE_SIZE. So there is no longer a need to maintain a fork,
which has already been going out of sync with the original for no good
reason.
So merge the two and call it GccBase.lds
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
The GccBase.lds and ClangBase.lds ELF linker scripts have been laid out
very carefully to ensure that the memory mappings of .text and .data are
such that they can be preserved in the PE/COFF memory image. This
removes the need to update any place-relative ELF relocations when
generating the PE/COFF image, making its job much easier, and
potentially allowing it to disregard static ELF relocations altogether,
and rely solely on dynamic ELF relocations.
Adding an arbitrary .entry section before .text breaks those
assumptions, so instead of emitting it as a separate section, move its
payload to the start of .text.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Original ELF segment/section syncup process having layout assumption
which has caused build failure when layout changing.
New process will parse both existing segments and sections firstly to
support different layout.
Signed-off-by: Chasel Chiu <chasel.chiu@intel.com>
The command line option --no-warn-rwx-segments was added to the linker
command line for all GCC family builds on ARM and AARCH64, including
CLANGDWARF and GCC49 and older, none of which are intended for use with
linkers that actually understand this option.
So instead, move it to the GCC5 DLINK FLAGS definitions for ARM and
AARCH64 (which are inherited by the versionless GCC which is intended to
replace GCC5 at some point).
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
This reverts commit 43233ff9f8.
The TPM code (and possibly others too) must be fixed to also
map their MMIO ranges before we can do this cleanup.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
When running the verbose builds on arm for development and testing
it is quite convenient to use virtio serial to interact with the
system because console and logging are separated then. Except that
the virtio serial driver spams the debug log in that case. Set the
debug level for the driver to zero to avoid that.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The prehistoric code base doesn't build with ISO C23. Set the C
standard to C11 (for both clang and gcc) so it continues to build with
gcc 15 (which uses C23 by default).
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
gcc 15 switched to use the new ISO C23 standard by default.
'bool', 'true' and 'false' are keywords in C23, so do not
try to define them.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
UEFI 2.11 has been published on https://uefi.org/specifications
It defines SM3 crypto algorithm GUID and structure.
Signed-off-by: Liming Gao <gaoliming@byosoft.com.cn>
Since the CI is now running on Fedora 40, let's also switch over
VSCode Devcontainer to use the same.
Signed-off-by: Oliver Steffen <osteffen@redhat.com>
Kun Qin
Ard Biesheuvel
Ajan Zhong
Star Zeng
Kane Chen
Abdul Lateef Attar
Oliver Smith-Denny
Leif Lindholm
Chasel Chiu
Michael Kubacki
Aaron Li
Rebecca Cran
Dionna Glaze
Yuquan Wang
Michael D Kinney
INDIA\sachinganesh
Gerd Hoffmann
Andrei Warkentin
Liming Gao
Oliver Steffen