Commit Graph

375 Commits

Author SHA1 Message Date
Shenglei Zhang 1fde2b9d5b ArmVirtPkg/ArmVirtPkg.ci.yaml: Add configuration for Ecc check
Add configuration ExceptionList and IgnoreFiles for package config
files. So users can rely on this to ignore some Ecc issues.

Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
2020-08-17 03:28:09 +00:00
Shenglei Zhang 53936785b7 ArmVirtPkg/ArmVirtPkg.ci.yaml: Add configuration for LicenseCheck
Add configuration IgnoreFiles for package config files.
So users can rely on this to skip license conflict for
some generated files.

Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2020-07-31 02:49:51 +00:00
Ard Biesheuvel a4a2258a1f ArmVirtPkg/NorFlashQemuLib: disable NOR flash DT nodes upon discovery
Our UEFI guest firmware takes ownership of the emulated NOR flash in
order to support the variable runtime services, and it does not expect
the OS to interfere with the underlying storage directly. So disable
the NOR flash DT nodes as we discover them, in a way similar to how we
disable the PL031 RTC in the device tree when we attach our RTC runtime
driver to it.

Note that this also hides the NOR flash bank that carries the UEFI
executable code, but this is not intended to be updatable from inside
the guest anyway, and if it was, we should use capsule update to do so.
Also, the first -pflash argument that defines the backing for this flash
bank is often issued with the 'readonly' modifier, in order to prevent
any changes whatsoever to be made to the executable firmware image by
the guest.

This issue has become relevant due to the following Linux changes,
which enable the flash driver stack for default build configurations
targetting arm64 and 32-bit ARM.

ce693fc2a877
("arm64: defconfig: Enable flash device drivers for QorIQ boards", 2020-03-16).

5f068190cc10
("ARM: multi_v7_defconfig: Enable support for CFI NOR FLASH", 2019-04-03)

Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
2020-06-24 16:05:53 +00:00
Ard Biesheuvel 9af1064995 ArmVirtPkg: remove unused files
We no longer use ELF PIE executables to implement the self-relocating
PrePi so drop the custom linker script and visibility override header
file.

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Acked-by: Sami Mujawar <Sami.Mujawar@arm.com>
2020-06-12 22:17:46 +00:00
Ard Biesheuvel b16fd231f6 ArmVirtPkg/PrePi: use standard PeCoff routines for self-relocation
Instead of having a GCC specific routine to perform self-relocation
based on ELF metadata, use the PE/COFF metadata and the existing
PeCoff library routines. This reduces the amount of bespoke assembler
code that is a burden to maintain, and is not portable across the set
of toolchains we support.

This does require some special care, as we have no control over how
the C code references global symbols, so we need to emit these
references from the calling assembler code. Otherwise, they may be
emitted as absolute references, in which case they need to be fixed
up themselves, leading to a circular dependency.

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Acked-by: Sami Mujawar <Sami.Mujawar@arm.com>
2020-06-12 22:17:46 +00:00
Ard Biesheuvel fd708fe0e1 ArmVirtPkg: add FDF rule for self-relocating PrePi
In preparation for making the self-relocating PrePi use the ordinary
BasePeCoffLib routines for relocating the image in place in memory
at start, add a special FDF rule that builds SEC modules as PE32
images with the relocation metadata preserved.

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Acked-by: Sami Mujawar <Sami.Mujawar@arm.com>
2020-06-12 22:17:46 +00:00
Laszlo Ersek cdc3fa5418 ArmVirtPkg: control PXEv4 / PXEv6 boot support from the QEMU command line
Port the DSC file changes from the similarly titled OvmfPkg patch in this
series to ArmVirtPkg.

Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Per Sundstrom <per_sundstrom@yahoo.com>
Cc: Philippe Mathieu-Daudé <philmd@redhat.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2681
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20200424075353.8489-8-lersek@redhat.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2020-04-28 22:37:35 +00:00
Laszlo Ersek 270fece684 ArmVirtPkg/QemuFwCfgLib: allow UEFI_DRIVER modules
We don't distribute UEFI_DRIVER modules stand-alone that were built as
part of an ArmVirtQemu* platform. ArmVirtQemu* UEFI_DRIVERs are allowed to
inherit platform dependencies.

By enabling UEFI_DRIVERs to consume QemuFwCfgLib, we can hook fw_cfg-based
NULL class libraries into UEFI drivers, e.g. in order to set dynamic PCDs.

Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Per Sundstrom <per_sundstrom@yahoo.com>
Cc: Philippe Mathieu-Daudé <philmd@redhat.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2681
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20200424075353.8489-7-lersek@redhat.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2020-04-28 22:37:35 +00:00
Sean Brogan 0c7f189e60 ArmVirtPkg: Add Platform CI and configuration for Core CI
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2570

Add new Azure Pipeline definitions to build and run ArmVirtPkg with:
  * Ubuntu GCC5
Add PyTool based build of ArmVirtPkg
Add extdep for managing the iasl dependency
Add ArmVirtPkg.ci.yaml for Core CI
Add ReadMe.md for details and instructions

Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>

Reviewed-by: Shenglei Zhang <shenglei.zhang@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
Reviewed-by: Bret Barkelew <bret.barkelew@microsoft.com>
2020-04-28 18:07:59 +00:00
Samer El-Haj-Mahmoud b447a20bdf ArmVirtPkg/ArmVirtQemu: Revert "limit ACPI support to v5.0 and higher"
This reverts commit e069278905.

The default value for PcdAcpiExposedTableVersions is now set to 0x20
for Aarch64 systems. Setting this PCD in ArmVirtPkg/ArmVirtQemu.dsc
is no longer necessary.

Signed-off-by: Samer El-Haj-Mahmoud <samer@elhajmahmoud.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2020-04-21 17:06:06 +00:00
Leendert van Doorn a5d8a39963 ArmVirtPkg: Include NVMe support in ArmVirtQemu*
Enable support for NVMe storage in ArmVirtQemu/QemVirtQemuKernel in order
to simplify booting/installing operating systems that don't support
virtio.

Signed-off-by: Leif Lindholm <leif@nuviainc.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2020-04-09 17:42:15 +00:00
Ard Biesheuvel f52b30e73d ArmVirtPkg/PlatformPeiLib: add dummy assignment to work around older GCC
Older GCC (<= 4.9) fail to infer that Parent is never used unless it
has been assigned before, and may throw an error like

  /work/git/edk2/ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.c:
      In function ‘PlatformPeim’:
  /work/git/edk2/ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.c:132:24:
      error: ‘Parent’ may be used uninitialized in this function
                                                [-Werror=maybe-uninitialized]
             RangesProp = fdt_getprop (Base, Parent, "ranges", &RangesLen);

Set Parent to 0 at the start of the sequence to work around this.

Link: https://bugzilla.tianocore.org/show_bug.cgi?id=2601
Fixes: 82662a3b5f ("ArmVirtPkg/PlatformPeiLib: discover the TPM base ...")
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2020-03-26 08:09:53 +00:00
Leif Lindholm 01ce872739 ArmVirtPkg: fix ASSERT in ArmVirtGicArchLib with virtualization=on
ArmVirtGicArchLib was originally implemented before virtualization
emulation was implemented in QEMU, and the GICv2 model implemented only
the physical copy of control registers.

Enabling virtualization emulation to QEMU adds also the virtual copy,
doubling the RegSize returned by FindCompatibleNodeReg () in
ArmVirtGicArchLibConstructor (). This triggered an ASSERT when running
QEMU with -M virt,virtualization=on. Address this by testing for both
possible valid values of RegSize.

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=2588

Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Leif Lindholm <leif@nuviainc.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2020-03-17 15:06:11 +00:00
Ard Biesheuvel 364e0b4cda ArmVirtPkg/PlatformBootManagerLib: switch to separate QEMU loader
Drop the QEMU loader file system implementation inside this library,
and switch to the separate QemuLoadImageLib library and the associated
driver to expose the kernel and initrd passed via the QEMU command line.

Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2566
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2020-03-05 19:45:05 +00:00
Ard Biesheuvel e569fbd205 ArmVirtPkg: incorporate the new QEMU kernel loader driver and library
Add the QEMU loader DXE driver and client library to the build for
our QEMU targeted implementations in ArmVirtPkg.

Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2566
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2020-03-05 19:45:05 +00:00
Laszlo Ersek 7288ff4095 ArmVirtPkg/PlatformBootManagerLib: sync Timeout with PcdPlatformBootTimeOut
Set the Timeout global variable to the same value as
PcdPlatformBootTimeOut. This way the "setvar" command in the UEFI shell,
and the "efibootmgr" command in a Linux guest, can report the front page
timeout that was requested on the QEMU command line (see
GetFrontPageTimeoutFromQemu()).

A DEBUG_VERBOSE message is logged on success too, for our QE team's sake.

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20200304094413.19462-3-lersek@redhat.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
2020-03-05 08:55:21 +00:00
Laszlo Ersek a5c2ce7cd1 ArmVirtPkg: convert LFs to CRLF
We're going to switch the internal line terminators globally to LF at some
point, but until then, let's use CRLF consistently. Convert source files
with LFs in them to CRLF, using "unix2dos".

"git show -b" prints no code changes for this patch.

(I collected all the file name suffixes in this package, with:

$ git ls-files -- $PACKAGE | rev | cut -f 1 -d . | sort -u | rev

I eliminated those suffixes that didn't stand for text files, then
blanket-converted the rest with unix2dos. Finally, picked up the actual
changes with git-add.)

The CRLF conversion is motivated by "PatchCheck.py".

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Philippe Mathieu-Daudé <philmd@redhat.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1659
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20200227213903.13884-3-lersek@redhat.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
2020-03-04 12:22:07 +00:00
Ard Biesheuvel 1e404c405a ArmVirtPkg: add the 'initrd' dynamic shell command
Add the 'initrd' dynamic shell command to the build so we can load
Linux initrds straight from the shell using the new generic protocol,
which does not rely on initrd= being passed on the command line.

Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2564
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2020-03-04 09:26:45 +00:00
Ard Biesheuvel 0980779a9d ArmVirtPkg/ArmVirtQemu: enable TPM2 based measured boot
Now that all the TPM2 related plumbing is in place, we can add the
final piece that performs the measurements of loaded images into
the appropriate PCRs.

This patch ports commit d5a002aba0 ("OvmfPkg: plug
DxeTpm2MeasureBootLib into SecurityStubDxe", 2018-03-09) to ArmVirtQemu.

Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2560
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2020-03-04 08:48:09 +00:00
Ard Biesheuvel e521b3c54e ArmVirtPkg/ArmVirtQemu: enable the TPM2 configuration module
Enable the DXE phase component that publishes the HII pages and
associated logic to enable TPM2 parameters to be configured by
the user via the setup menu.

This patch ports (parts of) the following commits to ArmVirtQemu:

- 3103389043 ("OvmfPkg: Add TCG2 Configuration menu to the Device
                Manager menu", 2019-02-11)

- cf3ad972a2 ("OvmfPkg: reorganize TPM2 support in DSC/FDF files",
                2020-01-09)

- f55477fe2d ("OvmfPkg: use HII type PCDs for TPM2 config related
                variables", 2020-01-09)

Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2560
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2020-03-04 08:48:09 +00:00
Ard Biesheuvel 82f6f44fc4 ArmVirtPkg/ArmVirtQemu: enable the DXE phase TPM2 support module
Enable the TPM2 support module in the DXE phase, and the associated
libraries and PCDs that it requires. This will be wired into the
measured boot support code in a subsequent patch.

Note that Tcg2Dxe.inf is added to ArmVirtQemuFvMain.fdf.inc, which
is shared with other platforms in ArmVirtPkg, but as those will not
set the TPM2_ENABLE define, this change does not affect them.

This patch ports (parts of) the following OvmfPkg commits to
ArmVirtQemu:

- 0c0a50d6b3 ("OvmfPkg: include Tcg2Dxe module", 2018-03-09)

- b9777bb42e ("OvmfPkg: add Tcg2PhysicalPresenceLibQemu", 2018-05-22)
               -- only to match OVMF's current lib class resolutions

- 1ec05b81e5 ("OvmfPkg: use DxeTpmMeasurementLib if and only if
                TPM2_ENABLE", 2019-07-04)

- b9130c866d ("OvmfPkg: link Sha384 and Sha512 support into Tcg2Pei
                and Tcg2Dxe", 2018-08-16)

- 5d3ef15da7 ("OvmfPkg: link SM3 support into Tcg2Pei and Tcg2Dxe",
                2019-07-19)

Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2560
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2020-03-04 08:48:09 +00:00
Ard Biesheuvel d9cd82e8bc ArmVirtPkg: unshare TpmMeasurementLib resolution between platforms
In preparation of conditializing the choice of resolution based on
TPM2_ENABLE for ArmVirtQemu, move the TpmMeasurementLib out of the
shared .DSC include and into the individual DSCs.

Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2560
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2020-03-04 08:48:09 +00:00
Ard Biesheuvel c241c96f85 ArmVirtPkg; avoid DxeTpmMeasurementLib in shared .DSC
DxeTpmMeasurementLib should only be used on platforms that implement
measured boot, which we will do in a future patch, but only for
ArmVirtQemu, as the remaining ones are fundamentally incompatible,
given that they do not implement a PEI phase.

So use TpmMeasurementLibNull as the default resolution for all
ArmVirtPkg platforms, regardless of how they are built.

This mirrors commit 1ec05b81e5 ("OvmfPkg: use DxeTpmMeasurementLib
if and only if TPM2_ENABLE", 2019-07-04).

Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2560
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2020-03-04 08:48:09 +00:00
Ard Biesheuvel ddd34a8183 ArmVirtPkg/ArmVirtQemu: enable TPM2 support in the PEI phase
Incorporate the PEI components and the associated library class
resolutions and PCD declarations to enable TPM2 support in the
PEI phase.

This patch ports (parts of) the following OvmfPkg commits to
ArmVirtQemu:
- 6cf1880fb5 ("OvmfPkg: add customized Tcg2ConfigPei clone",
                2018-03-09)
- 4672a48928 ("OvmfPkg: include Tcg2Pei module", 2018-03-09)
- b9130c866d ("OvmfPkg: link Sha384 and Sha512 support into Tcg2Pei
                and Tcg2Dxe", 2018-08-16)
- 5d3ef15da7 ("OvmfPkg: link SM3 support into Tcg2Pei and Tcg2Dxe",
                2019-07-19)

gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask defaults to 0x0 so
that the TPM init code adopts the currently active PCR banks as
the ones that are enabled by default.

Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2560
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2020-03-04 08:48:09 +00:00
Ard Biesheuvel f5cb376703 ArmVirtPkg/ArmVirtQemu: add ResetSystem PEIM for upcoming TPM2 support
As a first step in gradually adding TPM2 support to ArmVirtQemu, add
the TPM2_ENABLE configurable to the [Defines] section, and if it is
set, add the ResetSystem PEIM to the build, along with the library
class references that we will need to support it:
- wire ArmVirtPsciResetSystemPeiLib into the ResetSystem PEIM itself,
  which will be in charge of performing the actual reset
- add PeiResetSystemLib as the common ResetSystemLib resolution for
  PEIM class modules, so that other PEIMs will invoke the PPI
  published by the ResetSystem PEIM.

Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2560
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2020-03-04 08:48:09 +00:00
Ard Biesheuvel 39c503f155 ArmVirtPkg: implement ArmVirtPsciResetSystemPeiLib
Implement a ArmVirtPkg specific version of the PSCI ResetSystemLib that
is usable in the PEI phase, as the existing one relies on the FDT client
protocol, making it unsuitable.

Note that accessing the device tree passed by QEMU via its initial base
address is guaranteed to be safe at any time during the PEI phase, so we
can defer discovery of the PSCI method until the time the reset library
is actually invoked (which is rarely)

Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2560
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Acked-by: Laszlo Ersek <lersek@redhat.com>
2020-03-04 08:48:09 +00:00
Ard Biesheuvel 82662a3b5f ArmVirtPkg/PlatformPeiLib: discover the TPM base address from the DT
Introduce a boolean PCD that tells us whether TPM support is enabled
in the build, and if it is, record the TPM base address in the existing
routine that traverses the device tree in the platform PEIM.

If a TPM is found, install the gOvmfTpmDiscoveredPpiGuid signalling PPI
that will unlock the dispatch of OvmfPkg's Tcg2ConfigPei. If TPM2
support is enabled in the build but no TPM2 device is found, install the
gPeiTpmInitializationDonePpiGuid PPI, which is normally installed by
Tcg2ConfigPei if no TPM2 is found, but in our case Tcg2ConfigPei will
never run so let's do it here instead.

Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2560
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Acked-by: Laszlo Ersek <lersek@redhat.com>
2020-03-04 08:48:09 +00:00
Ard Biesheuvel fdb3f06b82 ArmVirtPkg/PlatformPeiLib: make PcdLib dependency explicit in .INF
We currently include PcdLib.h in PlatformPeiLib, without declaring
this dependency in its .INF description. Since all the PCDs we use
resolve to fixed type in practice, this does not really matter at
the moment, but since we will be adding dynamic PCD references in
a subsequent patch, let's make the PcdLib dependency explicit, so
that its dispatch is guaranteed to be ordered correctly with respect
to the provider of the dynamic PCD PPI.

Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2560
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2020-03-04 08:48:09 +00:00
Ard Biesheuvel 9d1c9d0379 ArmVirtPkg: remove EnterS3WithImmediateWake () from ResetSystemLib
EnterS3WithImmediateWake () no longer has any callers, so remove it
from ResetSystemLib.

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2020-01-10 07:00:51 +00:00
Pete Batard 23ab8df01a ArmVirtPkg/PlatformBootManagerLib: Don't update progress if Pcd is 0
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=2266

Similar to what we now do for OVMF, we need to consider the possibility
that PlatformBootManagerWaitCallback () may be called with a
PcdPlatformBootTimeOut that was set to zero, in which case the call should
simply return.

We also change the initial timeout variable name to make the code explicit.

Signed-off-by: Pete Batard <pete@akeo.ie>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Message-Id: <20191014150311.16740-3-pete@akeo.ie>
2019-10-16 18:27:42 +02:00
Ard Biesheuvel 7551529ce1 ArmVirtPkg: increase FD/FV size for NOOPT builds
After upgrading the CI system we use for building the ArmVirtPkg
targets, we started seeing failures due to the NOOPT build running
out of space when using the CLANG38 toolchain definition combined
with clang 7.

We really don't want to increase the FD/FV sizes in general to
accommodate this, so parameterize the relevant quantities and
increase them by 50% for NOOPT builds.

Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
2019-09-13 14:25:33 +01:00
Laszlo Ersek ae9f12058d ArmVirtPkg/PlatformBootManagerLib: unload image on EFI_SECURITY_VIOLATION
The LoadImage() boot service is a bit unusual in that it allocates
resources in a particular failure case; namely, it produces a valid
"ImageHandle" when it returns EFI_SECURITY_VIOLATION. This is supposed to
happen e.g. when Secure Boot verification fails for the image, but the
platform policy for the particular image origin (such as "fixed media" or
"removable media") is DEFER_EXECUTE_ON_SECURITY_VIOLATION. The return code
allows platform logic to selectively override the verification failure,
and launch the image nonetheless.

ArmVirtPkg/PlatformBootManagerLib does not override EFI_SECURITY_VIOLATION
for the kernel image loaded from fw_cfg -- any LoadImage() error is
considered fatal. When we simply treat EFI_SECURITY_VIOLATION like any
other LoadImage() error, we leak the resources associated with
"KernelImageHandle". From a resource usage perspective,
EFI_SECURITY_VIOLATION must be considered "success", and rolled back.

Implement this rollback, without breaking the proper "nesting" of error
handling jumps and labels.

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Leif Lindholm <leif.lindholm@linaro.org>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1992
Fixes: 23d04b58e2
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Dandan Bi <dandan.bi@intel.com>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
2019-09-05 19:22:43 +02:00
Ard Biesheuvel 04d9d89b7d ArmVirtPkg/ArmVirtPrePiUniCoreRelocatable: revert to PIE linking
In some cases, the CLANG38 toolchain profile in LTO mode emits GOT
based relocations in spite of our attempts to avoid this, by using
hidden visibility, -Bsymbolic etc.

On AARCH64, we managed to work around this by processing the GOT
based relocations in GenFw. As it turns out, the same issue exists
on 32-bit ARM, but unfortunately, we cannot use a similar trick to
get rid of the GOT entry, and the relocation metadata is insufficient
to locate the GOT entry in the binary.

Note that in this particular case, we are interested in PIE linking
only (i.e., producing a .rela section containing dynamic relocations
that the startup code can process directly), and not in position
independent code generation, and by passing the -pie option to the
linker directly using -Wl,-pie (and dropping -shared), we can coerce
the GOLD linker into doing only the former rather than both when it
performs its LTO code generation.

Acked-by: Leif Lindholm <leif.lindholm@linaro.org>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
2019-09-05 10:05:08 -07:00
Anthony PERARD 4870639f55 OvmfPkg: Move XenRealTimeClockLib from ArmVirtPkg
Move XenRealTimeClockLib from ArmVirtPkg to OvmfPkg so it can be used
from the OvmfPkg by the following patch, "OvmfPkg/OvmfXen: use
RealTimeClockRuntimeDxe from EmbeddedPkg"

Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1689
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20190813113119.14804-35-anthony.perard@citrix.com>
2019-08-21 18:03:50 +02:00
Laszlo Ersek ffe048a080 ArmVirtPkg: handle NETWORK_TLS_ENABLE in ArmVirtQemu*
Port the [LibraryClasses], [PcdsFixedAtBuild] and [Components] settings
that are related to NETWORK_TLS_ENABLE from OvmfPkg to ArmVirtPkg.
ArmVirtXen is not modified because it doesn't include the edk2 network
stack.

(This change is now simpler than it would have been when TianoCore#1009
was originally filed, due to ArmVirtPkg consuming the NetworkPkg include
fragments meanwhile, from TianoCore#1293 / commit 157a3b1aa50f.)

The usage hints from "OvmfPkg/README", section "HTTPS Boot", apply.

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Gary Lin <glin@suse.com>
Cc: Guillaume GARDET <guillaume.gardet@arm.com>
Cc: Julien Grall <julien.grall@arm.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1009
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Guillaume Gardet <guillaume.gardet@arm.com>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Tested-by: Gary Lin <glin@suse.com>
2019-06-28 18:07:54 +02:00
Anthony PERARD 4ff31c083e ArmVirtPkg/PlatformBootManagerLib: Use EDKII_SERIAL_PORT_LIB_VENDOR_GUID
SERIAL_DXE_FILE_GUID is now defined in MdeModulePkg as
EDKII_SERIAL_PORT_LIB_VENDOR_GUID, simply use it.

Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Message-Id: <20190606131459.1464-3-anthony.perard@citrix.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
[lersek@redhat.com: drop "from MdeModulePkg" from the subject]
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
2019-06-14 21:26:35 +02:00
Fu Siyuan 157a3b1aa5 ArmVirtPkg: Update DSC/FDF to use NetworkPkg's include fragment file.
This patch updates the platform DSC/FDF files to use the include fragment
files provided by NetworkPkg.
The feature enabling flags in [Defines] section have been updated to use
the NetworkPkg's terms, and the value has been overridden with the original
default value on this platform.

v2:Add check for NETWORK_SNP_ENABLE and NETWORK_TLS_ENABLE.

Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Julien Grall <julien.grall@linaro.org>
Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com>
Message-Id: <20190516081810.27840-4-shenglei.zhang@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1293
[lersek@redhat.com: add TianoCore Bugzilla reference]
[lersek@redhat.com: undo spurious whitespace changes]
[lersek@redhat.com: clarify SNP and TLS rejection messages]
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
2019-05-16 16:45:37 +02:00
Laszlo Ersek 034dec6ca1 ArmVirtPkg: build EnrollDefaultKeys.efi
Having removed VALID_ARCHITECTURES from
"OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.inf", it now makes sense to
reflect the related platform DSC bits from OvmfPkg to ArmVirtPkg.

Build "EnrollDefaultKeys.efi" as part of ArmVirtQemu and ArmVirtQemuKernel
(which are the ArmVirtPkg platforms that include SecureBootConfigDxe too).

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Bugzilla: https://bugzilla.tianocore.org/show_bug.cgi?id=1747
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Gary Lin <glin@suse.com>
2019-04-30 14:26:27 +02:00
Zhichao Gao d943e5ad3b ArmVirtPkg/ArmVirtPsciResetSystemLib: Add a new API ResetSystem
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1460

Add a new API ResetSystem to this ResetSystemLib instance.
It only adds the basic functions from ResetSystemRuntimeDxe.
Lacking of this interface may cause link error, if some drivers
use this new API and link to this library instance.
Notes:
This library API only provide a basic function of reset. Full
function should use the instance in the MdeModulePkg and make
sure the depex driver is dispatched.

Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Liming Gao <liming.gao@intel.com>
Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2019-04-28 09:40:20 +08:00
Dandan Bi 746c5b6238 ArmVirtPkg: Update UefiDecompressLib instance
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1683

V2: Use the common UefiDecompressLib resolution in
[LibraryClasses.common] section and drop all the others.

BaseUefiDecompressLib in MdePkg is the
base UEFI decompress Library.
BaseUefiTianoCustomDecompressLib in IntelFrameworkModulePkg
implements the base UEFI decompress functionality and
Tiano decompress functionality.

1. TIANOCOMPRESSED rule in ArmVirtRules.fdf.inc
is not used, so remove it.
2. Platform doesn't use the TianoCompress, so do
not have to use BaseUefiTianoCustomDecompressLib,
can use the BaseUefiDecompressLib in MdePkg directly.
3. UefiDecompressLib common resolution now can apply to
all module types. So keep the UefiDecompressLib resolution
in [LibraryClasses.common] section and remove all others.

Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Julien Grall <julien.grall@arm.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2019-04-10 14:11:48 +08:00
Michael D Kinney 9792fb0e65 ArmVirtPkg: Replace BSD License with BSD+Patent License
https://bugzilla.tianocore.org/show_bug.cgi?id=1373

Replace BSD 2-Clause License with BSD+Patent License.  This change is
based on the following emails:

  https://lists.01.org/pipermail/edk2-devel/2019-February/036260.html
  https://lists.01.org/pipermail/edk2-devel/2018-October/030385.html

RFCs with detailed process for the license change:

  V3: https://lists.01.org/pipermail/edk2-devel/2019-March/038116.html
  V2: https://lists.01.org/pipermail/edk2-devel/2019-March/037669.html
  V1: https://lists.01.org/pipermail/edk2-devel/2019-March/037500.html

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2019-04-09 09:10:21 -07:00
Laszlo Ersek 1797f32e0a ArmVirtPkg/PlatformBootManagerLib: display boot option loading/starting
Consume PlatformBmPrintScLib, added earlier in this series. When
BdsDxe+UefiBootManagerLib report LoadImage() / StartImage() preparations
and return statuses, print the reports to the UEFI console. This allows
end-users better visibility into the boot process.

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1515418
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
2019-02-25 11:51:37 +01:00
Laszlo Ersek 5c574b222e ArmVirtPkg/ArmVirtQemu*: enable minimal Status Code Routing in DXE
The EFI_RETURN_STATUS_EXTENDED_DATA feature from PI-1.7
(<https://mantis.uefi.org/mantis/view.php?id=1885>) enables platform code
to learn about boot option failures (loading and launching) via status
codes reported by the UEFI Boot Manager.

In commit 59541d4163, we removed all status code support from
ArmVirtPkg. Reenable that support now, minimally, just to the extent so we
can benefit from the PI-1.7 feature mentioned above:

(1) Include the ReportStatusCodeRouterRuntimeDxe driver.

    This driver produces two protocols, EFI_STATUS_CODE_PROTOCOL and
    EFI_RSC_HANDLER_PROTOCOL. The former allows DXE phase modules and
    runtime modules to report (produce) status codes. The latter allows
    the same types of modules to register callbacks for status code
    handling (consumption).

    (Handler registration  occurs only at boot time. Status codes are
    delivered to each handler at runtime as well, unless the handler is
    unregistered at ExitBootServices().)

(2) Resolve ReportStatusCodeLib to a non-Null instance, for DXE_DRIVER
    modules only. This way DXE_DRIVER modules that use the
    REPORT_STATUS_CODE_EX() macro and friends will reach
    EFI_STATUS_CODE_PROTOCOL from point (1).

(3) Set PcdReportStatusCodePropertyMask to 3 (the default value is 0).
    This causes the REPORT_STATUS_CODE_EX() macro and friends to let
    Progress Codes (bit#0) and Error Codes (bit#1) through to point (1).
    Debug Codes (bit#2) are filtered out.

(4) Include no driver, for now, that registers any status code handler via
    EFI_RSC_HANDLER_PROTOCOL, from point (1). Status codes that reach
    ReportStatusCodeRouterRuntimeDxe will be thrown away.

(5) Modify only the ArmVirtQemu* platforms. A status code handler will
    be added to "ArmVirtPkg/Library/PlatformBootManagerLib" in the next patch,
    and this library instance is not consumed by ArmVirtXen.

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Julien Grall <julien.grall@linaro.org>
Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1515418
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
2019-02-25 11:51:36 +01:00
Laszlo Ersek da06a2a2fa ArmVirtPkg/ArmVirtXen: don't set Pcd*ImageVerificationPolicy
According to the

  PCDs not used by modules or in conditional directives

sections of all the build reports for

  {AARCH64,ARM} x {Xen} x {DEBUG,NOOPT,RELEASE} x {feat-1}

(6 builds in total), PcdOptionRomImageVerificationPolicy,
PcdFixedMediaImageVerificationPolicy, and
PcdRemovableMediaImageVerificationPolicy are not used in any of those
builds.

Restrict the settings to the ArmVirtQemu and ArmVirtQemuKernel platforms
(preserving the -D SECURE_BOOT_ENABLE restriction in the process).

("feat-1" stands for "-D HTTP_BOOT_ENABLE -D NETWORK_IP6_ENABLE -D
SECURE_BOOT_ENABLE -D TTY_TERMINAL", while "feat-0" stands for "".)

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Julien Grall <julien.grall@linaro.org>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
2019-02-13 07:10:26 +01:00
Laszlo Ersek c0b612b3a4 ArmVirtPkg/ArmVirtXen: don't set PcdTurnOffUsbLegacySupport
According to the

  PCDs not used by modules or in conditional directives

sections of all the build reports for

  {AARCH64,ARM} x {Xen} x {DEBUG,NOOPT,RELEASE} x {feat-0,feat-1}

(12 builds in total), the PCD is not used in any of those builds. Restrict
the setting to the ArmVirtQemu and ArmVirtQemuKernel platforms.

("feat-1" stands for "-D HTTP_BOOT_ENABLE -D NETWORK_IP6_ENABLE -D
SECURE_BOOT_ENABLE -D TTY_TERMINAL", while "feat-0" stands for "".)

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Julien Grall <julien.grall@linaro.org>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
2019-02-13 07:10:24 +01:00
Laszlo Ersek 1138bed18f ArmVirtPkg/ArmVirtXen: don't set PcdShellFile
According to the

  PCDs not used by modules or in conditional directives

sections of all the build reports for

  {AARCH64,ARM} x {Xen} x {DEBUG,NOOPT,RELEASE} x {feat-0,feat-1}

(12 builds in total), the PCD is not used in any of those builds. Remove
the setting.

("feat-1" stands for "-D HTTP_BOOT_ENABLE -D NETWORK_IP6_ENABLE -D
SECURE_BOOT_ENABLE -D TTY_TERMINAL", while "feat-0" stands for "".)

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Julien Grall <julien.grall@linaro.org>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
2019-02-13 07:10:20 +01:00
Laszlo Ersek 81d5daea11 ArmVirtPkg/ArmVirtXen: don't set PcdTerminalTypeGuidBuffer
According to the

  PCDs not used by modules or in conditional directives

sections of all the build reports for

  {AARCH64,ARM} x {Xen} x {DEBUG,NOOPT,RELEASE} x {feat-0,feat-1}

(12 builds in total), the PCD is not used in any of those builds.

Restrict the setting to the ArmVirtQemu and ArmVirtQemuKernel platforms.
Restrict the TTY_TERMINAL define similarly.

("feat-1" stands for "-D HTTP_BOOT_ENABLE -D NETWORK_IP6_ENABLE -D
SECURE_BOOT_ENABLE -D TTY_TERMINAL", while "feat-0" stands for "".)

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Julien Grall <julien.grall@linaro.org>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
2019-02-13 07:10:18 +01:00
Laszlo Ersek f440d0427f ArmVirtPkg/ArmVirtXen: don't set PcdPL031RtcBase
According to the

  PCDs not used by modules or in conditional directives

sections of all the build reports for

  {AARCH64,ARM} x {Xen} x {DEBUG,NOOPT,RELEASE} x {feat-0,feat-1}

(12 builds in total), the PCD is not used in any of those builds. Remove
the setting.

("feat-1" stands for "-D HTTP_BOOT_ENABLE -D NETWORK_IP6_ENABLE -D
SECURE_BOOT_ENABLE -D TTY_TERMINAL", while "feat-0" stands for "".)

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Julien Grall <julien.grall@linaro.org>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
2019-02-13 07:10:16 +01:00
Laszlo Ersek cf83784509 ArmVirtPkg: don't set PcdDebugPrintErrorLevel in RELEASE builds
According to the

  PCDs not used by modules or in conditional directives

sections of all the build reports for

  {AARCH64,ARM} x {Qemu,QemuKernel,Xen} x {RELEASE} x {feat-0,feat-1}

(12 builds in total), the PCD is not used in any of those builds. Restrict
the PCD setting to ($(TARGET) != RELEASE).

("feat-1" stands for "-D HTTP_BOOT_ENABLE -D NETWORK_IP6_ENABLE -D
SECURE_BOOT_ENABLE -D TTY_TERMINAL", while "feat-0" stands for "".)

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Julien Grall <julien.grall@linaro.org>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
2019-02-13 07:10:13 +01:00
Laszlo Ersek b649ee1904 ArmVirtPkg: don't set PcdDebugClearMemoryValue
According to the

  PCDs not used by modules or in conditional directives

sections of all the build reports for

  {AARCH64,ARM} x {Qemu,QemuKernel,Xen} x {RELEASE} x {feat-0,feat-1}

(12 builds in total), the PCD is not used in any of those builds.

Rather than just restrict the PCD setting to ($(TARGET) != RELEASE),
remove the setting completely. The current value is identical to the 0xAF
default in "MdePkg/MdePkg.dec", which recognizes Andrew Fish, and so it's
unlikely to ever change.

("feat-1" stands for "-D HTTP_BOOT_ENABLE -D NETWORK_IP6_ENABLE -D
SECURE_BOOT_ENABLE -D TTY_TERMINAL", while "feat-0" stands for "".)

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Julien Grall <julien.grall@linaro.org>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
2019-02-13 07:10:11 +01:00