The Linux persistent store (pstore) feature serves, among other things,
for saving the trailing portion of the dmesg in case of a kernel oops. One
backend for the pstore facility is "efivars", ie. non-volatile UEFI
variables.
Linux splits the tail of the dmesg that is to be dumped in 1KB chunks, and
tries to save each chunk as a specially (and differently) named
non-volatile variable. The 1KB chunk size accounts for the variable data
only; Linux expects this size to be available per variable *without*
accounting for the variable name or any firmware-internal overhead.
For non-authenticated (ie. non-secure-boot) variables, OvmfPkg currently
sets the per-variable limit to 0x400 (1KB) through PcdMaxVariableSize.
However this PCD determines the size *before* subtracting the internal
overhead (which is sizeof(VARIABLE_HEADER) == 0x20 bytes for
non-authenticated variables, see
"MdeModulePkg/Include/Guid/VariableFormat.h"), and also before subtracting
the given variable's UCS-2 encoded name (including the trailing 0x0000).
Linux maximizes these special variable names in DUMP_NAME_LEN==52 code
points (including the trailing NUL). Hence we must provide at least
0x020 == sizeof(VARIABLE_HEADER), for the internal overhead
0x068 == 2 * 52, for the UCS-2 encoded name, including trailing 0x0000
0x400 for the variable body
-----
0x488 == 1160
bytes in PcdMaxVariableSize, so that Linux's efivars-backed pstore can
work even on non-secure-boot builds of OVMF.
However, as PcdMaxVariableSize=0x2000 has proven reasonable when secure
boot is enabled, it should also be okay when secure boot is disabled; so
for simplicity's sake set PcdMaxVariableSize to 0x2000 unconditionally.
Tested-by: Seiji Aguchi <seiji.aguchi@hds.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15142 6f19259b-4bc3-4df7-8a09-765794883524
The QemuFwCfgSecLib library instance
- is stateless,
- has no library constructor,
- is available to SEC client code,
- must be queried with QemuFwCfgIsAvailable() before use,
- is restricted to SEC in order to limit the explicit querying
requirement. (There is no current user.)
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15046 6f19259b-4bc3-4df7-8a09-765794883524
This change replaces the accesses to the PCI bus from the Block, Scsi and Net drivers by
the use of the new VIRTIO_DEVICE_PROTOCOL protocol that abstracts the transport layer.
It means these drivers can be used on PCI and MMIO transport layer.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Olivier Martin <olivier.martin@arm.com>
v5:
- VirtioFlush(): update comment block in VirtioLib.[hc]; error code is
propagated from VirtIo->SetQueueNotify().
- VirtioBlkInit(): jump to Failed label if SetPageSize() fails
- VirtioBlkInit(): fixup comment, and add error handling, near
SetQueueNum() call
- VirtioBlkDriverBindingStart(): remove redundant (always false) check for
a subsystem device ID different from VIRTIO_SUBSYSTEM_BLOCK_DEVICE;
VirtioBlkDriverBindingSupported() handles it already
- VirtioNetGetFeatures(): update stale comment block
- VirtioNetGetFeatures(): retrieve MAC address byte for byte (open-coded
loop)
- VirtioNetDriverBindingStart(): remove redundant (always false) check for
a subsystem device ID different from VIRTIO_SUBSYSTEM_NETWORK_CARD;
VirtioNetDriverBindingSupported() handles it already
- VirtioNetInitRing(): call SetQueueNum() and SetQueueAlign() for proper
MMIO operation
- VirtioNetInitialize(): fix destination error label for when
SetPageSize() fails
- VirtioScsi.c: fix comment block of VIRTIO_CFG_WRITE()/VIRTIO_CFG_READ()
- VirtioScsiInit(): fix destination error label for when SetPageSize()
fails
- VirtioScsiInit(): call SetQueueNum() and SetQueueAlign() for proper MMIO
operation
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14966 6f19259b-4bc3-4df7-8a09-765794883524
This patch sets PcdPciDisableBusEnumeration to true then makes use of
PublishPeiMemory and XenMemMapInitialization to construct memory map for
Xen guest.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wei Liu <wei.liu2@citrix.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14946 6f19259b-4bc3-4df7-8a09-765794883524
This driver will support a flash FVB implementation if QEMU flash
is detected.
The driver is added to the apriori list to make sure it runs
before the EmuVariableFvbRuntimeDxe driver. If this driver detects
flash support, then it will disable the EmuVariableFvbRuntimeDxe
driver by setting PcdFlashNvStorageVariableBase64.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14840 6f19259b-4bc3-4df7-8a09-765794883524
This is to prepare for QEMU flash support which will allow
non-volatile variables to be saved in the flash image.
Note two size changes:
* NV Varstore size increased from 0xc000 to 0xe000
* FTW work size decreased from 0x2000 to 0x1000
The reason for this change is that the fault-tolerant write
support requires that the work area fit within the block
just before the fault-tolerant write spare storage blocks.
Since QEMU flash blocks have a size of 0x1000, this means
that the maximum FTW work size is 0x1000.
v2:
* Update commit message and PcdVariableStoreSize
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14835 6f19259b-4bc3-4df7-8a09-765794883524
(1) OVMF depends on
MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf
unconditionally.
(2) When OVMF is built with -D SECURE_BOOT_ENABLE, then
SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
is injected into SecurityStubDxe above.
(3) SVN r14687 ("Add TPM2 implementation.") has made
DxeImageVerificationLib dependent on TpmMeasurementLib.
Currently the last link of the
OVMF -> SecurityStubDxe -> DxeImageVerificationLib -> TpmMeasurementLib
dependency chain is unresolved:
build.py...
/.../OvmfPkg/OvmfPkgX64.dsc(...): error 4000: Instance of library class [TpmMeasurementLib] is not found
in [/.../SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf] [X64]
consumed by module [/.../MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf]
Let's provide a library instance for TpmMeasurementLib the same way as
"SecurityPkg/SecurityPkg.dsc" does (SVN r13964.)
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14690 6f19259b-4bc3-4df7-8a09-765794883524
2. ASSERT if PCD value is set to 5 (QUERY_USER_ON_SECURITY_VIOLATION).
3. Update override PCD setting from 5 to 4 in platform DSC file.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ni Ruiyu <ruiyu.ni@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14607 6f19259b-4bc3-4df7-8a09-765794883524
Previously OVMF included the older EFI shell binary when building.
Now we will build and use the UEFI shell (ShellPkg) instead.
v2:
* Don't bother building UEFI shell when USE_OLD_SHELL is defined
* Fix errors in OvmfPkgIa32X64.fdf
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14600 6f19259b-4bc3-4df7-8a09-765794883524
r14252 causes OVMF to crash if SECURE_BOOT_ENABLE is set,
because PcdMaxVariableSize is set to a larger value than
required. In other platforms, 0x2000 seems to be sufficient.
Reported-by: Gary Ching-Pang Lin <glin@suse.com>
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14423 6f19259b-4bc3-4df7-8a09-765794883524
Also summarize the resultant NIC driver options in the README file.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14421 6f19259b-4bc3-4df7-8a09-765794883524
DHCP, PXE, and StdLib socket apps are enabled in OVMF by the sum of:
(a) a UEFI NIC driver,
(b) the generic network stack.
The only choice for (a) used to be the proprietary Intel E1000 driver,
which is cumbersome to obtain and enable.
The iPXE UEFI NIC drivers packaged with qemu-1.5 cover (a) for each NIC
type supported by qemu, and are easy to obtain & configure, even for
earlier qemu versions. Therefore enable (b) per default as well.
This doesn't take up much space; the binaries (b) adds to the firmware
don't seem to need -D FD_SIZE_2MB.
Intel's e1000 driver remains an option, requested by the -D E1000_ENABLE
build flag.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14366 6f19259b-4bc3-4df7-8a09-765794883524
This code is based on efilinux's bzimage support.
git://git.kernel.org/pub/scm/boot/efilinux/efilinux.git
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Matt Fleming <matt.fleming@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13922 6f19259b-4bc3-4df7-8a09-765794883524
Introduce a new library called VirtioLib, for now only collecting the
following reusable functions with as little changes as possible:
- VirtioWrite()
- VirtioRead()
- VirtioRingInit()
- VirtioRingUninit()
- AppendDesc()
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13842 6f19259b-4bc3-4df7-8a09-765794883524
In OvmfPkgIa32X64.dsc:
Paraphrasing svn rev 13350: gPcAtChipsetPkgTokenSpaceGuid is declared in
PcAtChipsetPkg.dec and used via AcpiPlatformDxe.inf, but with the latest
build tools, since this package builds multiple architectures (IA32 & X64)
and AcpiPlatformDxe is used on X64 only, it is now necessary to place the
gPcAtChipsetPkgTokenSpaceGuid PCD's in the [PcdsFixedAtBuild.X64] section.
In the two other .dsc files:
Make a similar change to keep file contents more easily comparable.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
[jordan.l.justen@intel.com: change all .dsc files to keep them diffable]
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13724 6f19259b-4bc3-4df7-8a09-765794883524
We don't force a platform reset for OVMF when PK is changed in
custom mode setup.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Lee Rosenbaum <lee.g.rosenbaum@intel.com>
Reviewed-by: Erik Bjorge <erik.c.bjorge@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13635 6f19259b-4bc3-4df7-8a09-765794883524
Represent the set of possible PCI link target IRQs with
Pcd8259LegacyModeEdgeLevel. This ensures that the 8259 Interrupt
Controller code in PcAtChipsetPkg will treat them as level-triggered too.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13628 6f19259b-4bc3-4df7-8a09-765794883524
ConSplitterDxe (UEFI_DRIVER) now uses this library class.
Move the library mapping to the common LibraryClasses section.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13570 6f19259b-4bc3-4df7-8a09-765794883524
UNIXGCC builds larger images than GCC44, and can have issues
fitting into the FD image. Therefore, when using UNIXGCC,
debug will be disabled by default.
The README file is updated with instructions for selectively
enabling debug for UNIXGCC.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13569 6f19259b-4bc3-4df7-8a09-765794883524
This patch adds support for a debug console on the same port that is used
by SeaBIOS. This makes it easier to debug OVMF, because it does not mix
debug and serial output on the same device. It also makes it easier to
leave some of the debug messages on even in release builds.
To enable it, pass "-debugcon stdio -global isa-debugcon.iobase=0x402" to
QEMU.
The new mechanism is enabled by default, but a regular serial console can
be chosen by adding -D DEBUG_ON_SERIAL_PORT to the build options.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
[jordan.l.justen@intel.com: MAX_DEBUG_MESSAGE_LENGTH=>0x100, p=>Ptr]
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13562 6f19259b-4bc3-4df7-8a09-765794883524
This driver is currently a direct copy of
MdeModulePkg/Universal/Acpi/AcpiPlatformDxe.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13384 6f19259b-4bc3-4df7-8a09-765794883524
If –D SECURE_BOOT_ENABLE is specified with the build command, Secure Boot support is enabled including custom mode setup.
This allows Secure Boot to be configured through setup allowing OvmfPkgX64, OvmfPkgIa32 and OvmfPkg3264 to be a fully functional Secure Boot reference platforms.
Remove redundant library class definitions for BaseCryptLib and OpenSslLib.
Signed-off-by: Lee Rosenbaum <lee.g.rosenbaum@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Erik Bjorge <erik.c.bjorge@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13160 6f19259b-4bc3-4df7-8a09-765794883524
Adjust PCD settings, library mappings and driver usage
to enable secure-boot when -D SECURE_BOOT_ENABLE=TRUE
is used on the build command line.
Signed-off-by: lgrosenb
Reviewed-by: jljusten
Reviewed-by: mdkinney
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13093 6f19259b-4bc3-4df7-8a09-765794883524
Note: The CSM16 binary must be copied into the tree at
OvmfPkg/Csm/Csm16/Csm16.bin in order to use CSM_ENABLE.
If CSM_ENABLE is set during the build, then the CSM16 binary
and the CSM support (Legacy BIOS) drivers will be added to
the build.
Signed-off-by: jljusten
Reviewed-by: geekboy15a
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12682 6f19259b-4bc3-4df7-8a09-765794883524
This library installs the legacy interrupt, region
and platform support required for CSM support
drivers.
Signed-off-by: jljusten
Reviewed-by: geekboy15a
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12681 6f19259b-4bc3-4df7-8a09-765794883524
Locates Xen SMBIOS data and installs it using the SMBIOS
protocol.
Signed-off-by: gavinguan
Reviewed-by: Andrei Warkentin <andreiw@motorola.com>
Signed-off-by: jljusten
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12125 6f19259b-4bc3-4df7-8a09-765794883524
When building:
-D BUILD_NEW_SHELL - Build and include UEFI shell in firmware
-D USE_NEW_SHELL - Include UEFI shell binary build in firmware
The default is to use the older EFI shell.
Signed-off-by: jljusten
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@11890 6f19259b-4bc3-4df7-8a09-765794883524
This driver provides a UEFI Graphics Output Protocol (GOP) driver
for the QEMU Cirrus VGA hardware. It enables 24-bit color,
and uses the standard 32-bit GOP pixel format whenever possible.
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@11524 6f19259b-4bc3-4df7-8a09-765794883524
Change from using PcdFlashNvStorageVariableBase to
PcdFlashNvStorageVariableBase64.
This will make sure the EMU Variable FVB will
function in systems with more than 4GB of memory.
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@11252 6f19259b-4bc3-4df7-8a09-765794883524
When OVMF is run with kvm and grub2 (efi), an exception
occurs when mmx/sse registers are accessed.
As a work around, this change eliminates firmware usage
of these register types.
First, only the BaseMemoryLib implementation
MdePkg/Library/BaseMemoryLibRepStr/BaseMemoryLibRepStr.inf
is used.
Second, the GCC compiler is passes the additional
'-mno-mmx -mno-sse' parameters.
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@11218 6f19259b-4bc3-4df7-8a09-765794883524