Commit Graph

880 Commits

Author SHA1 Message Date
Ruiyu Ni e9e9ad644f OvmfPkg/PlatformBootManagerLib: Init console vars in *BeforeConsole()
The major difference between IntelFrameworkModulePkg/BDS and
MdeModulePkg/BDS is the latter connects the consoles in core
code while the former connects in platform code.
The change initializes the console variables in
PlatformBootManagerBeforeConsole() and removes the console
connection code.
It also removes unused functions: PlatformBdsNoConsoleAction()
and LockKeyboards().

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2016-05-04 08:47:39 +08:00
Ruiyu Ni 77f47588a7 OvmfPkg/PlatformBootManagerLib: Use ConvertDevicePathToText()
The DevicePathToStr() function (in
"IntelFrameworkModulePkg/Library/GenericBdsLib/DevicePath.c") is a
simple wrapper around ConvertDevicePathToText().

DevicePathToStr() passes DisplayOnly=TRUE and AllowShortcuts=TRUE to
ConvertDevicePathToText(), whereas in this patch, both parameters are
flipped to FALSE.

The formatted devpaths are used only for debugging purposes, so this
change is safe.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2016-05-04 08:47:38 +08:00
Ruiyu Ni 2b23b8d45b OvmfPkg/PlatformBootManagerLib: link to UefiBootManagerLib
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2016-05-04 08:47:37 +08:00
Ruiyu Ni 9dc08ec657 OvmfPkg/PlatformBootManagerLib: use EfiBootManagerUpdateConsoleVariable
Call EfiBootManagerUpdateConsoleVariable in UefiBootManagerLib
instead of BdsLibUpdateConsoleVariable in GenericBdsLib.

Still cannot pass build.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2016-05-04 08:47:37 +08:00
Ruiyu Ni a7566234e9 OvmfPkg/PlatformBootManagerLib: Follow PlatformBootManagerLib interfaces
Change the function name to follow new library class
PlatformBootManagerLib interfaces.

NOTE: There is no progress bar during BDS timeout waiting.
In order to show the progress bar, PlatformBootManagerWaitCallback ()
needs to change to draw it.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2016-05-04 08:47:36 +08:00
Ruiyu Ni 3054188189 OvmfPkg: Duplicate PlatformBdsLib to PlatformBootManagerLib
It will be changed to build with MdeModulePkg/BDS.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2016-05-04 08:47:36 +08:00
Ruiyu Ni d27ec22d11 OvmfPkg/QemuNewBootOrderLib: Build with UefiBootManagerLib
NOTE: SetBootOrderFromQemu() interface is not changed.
But when the old IntelFrameworkModulePkg/BDS is no longer used in
OVMF and ArmVirtPkg, additional patch will be submitted to change
this interface to remove parameter BootOptionList.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
2016-05-04 08:47:35 +08:00
Ruiyu Ni 6b40e66a48 OvmfPkg: Duplicate QemuBootOrderLib to QemuNewBootOrderLib
QemuNewBootOrderLib will be changed to work with MdeModulePkg/BDS.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2016-05-04 08:47:35 +08:00
Ruiyu Ni 035ce3b37c OvmfPkg/PlatformPei: Add memory above 4GB as tested
Since PlatformBootManagerLib do not run memory test
to convert untested memory to tested.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2016-05-04 08:47:34 +08:00
Laszlo Ersek 84d2070aef OvmfPkg: PlatformBdsLib: lock down SMM regardless of S3
At the moment, the EFI_DXE_SMM_READY_TO_LOCK_PROTOCOL is only installed if
S3 is enabled -- at the end of SaveS3BootScript().

While a runtime OS is never booted with SMM unlocked (because the SMM IPL
locks down SMM as a last resort:

> SMM IPL!  DXE SMM Ready To Lock Protocol not installed before Ready To
> Boot signal
> SmmInstallProtocolInterface: [EfiSmmReadyToLockProtocol] 0
> Patch page table start ...
> Patch page table done!
> SMM IPL locked SMRAM window

), we shouldn't allow UEFI drivers and applications either to mess with
SMM just because S3 is disabled. So install
EFI_DXE_SMM_READY_TO_LOCK_PROTOCOL in PlatformBdsInit() unconditionally.

Cc: Feng Tian <feng.tian@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Acked-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-04-28 19:35:29 +02:00
Laszlo Ersek 70017e4461 OvmfPkg: PlatformBdsLib: lock down SMM in PlatformBdsInit()
OVMF's PlatformBdsLib currently makes SMM vulnerable to the following
attack:

(1) a malicious guest OS copies a UEFI driver module to the EFI system
    partition,

(2) the OS adds the driver as a Driver#### option, and references it from
    DriverOrder,

(3) at next boot, the BdsEntry() function in
    "IntelFrameworkModulePkg/Universal/BdsDxe/BdsEntry.c" processes
    Driver#### and DriverOrder between the calls to PlatformBdsInit() and
    PlatformBdsPolicyBehavior(),

(4) OVMF locks down SMM only in PlatformBdsPolicyBehavior(), hence the
    driver runs with SMM unlocked.

The BdsEntry() function of the MdeModulePkg BDS driver (in file
"MdeModulePkg/Universal/BdsDxe/BdsEntry.c") recommends to "Signal
ReadyToLock event" in PlatformBootManagerBeforeConsole() -- which
corresponds to PlatformBdsInit() --, not in
PlatformBootManagerAfterConsole() -- which corresponds to
PlatformBdsPolicyBehavior().

Albeit an independent question, but it's worth mentioning: this patch also
brings OvmfPkg's PlatformBdsInit() closer to ArmVirtPkg's. Namely, the
latter signals End-of-Dxe in PlatformBdsInit() already.

Cc: Feng Tian <feng.tian@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Acked-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-04-28 19:35:26 +02:00
Laszlo Ersek 0b448dd8b2 OvmfPkg: SataControllerDxe: SataControllerStop: fix use after free
It would be possible to remove the UAF without local variables, by calling
SataPrivateData->PciIo->Attributes() before releasing SataPrivateData.

However, by keeping the location of the call (for which temporary
variables are necessary), we continue to match the error path logic in
SataControllerStart(), which is always recommended.

Reported-by: wang xiaofeng <winggundum82@163.com>
Fixes: bcab714134
Cc: wang xiaofeng <winggundum82@163.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-04-26 17:59:40 +02:00
Laszlo Ersek 81310a62be OvmfPkg: SataControllerDxe: SataControllerStop: remove useless null check
"ASSERT (SataPrivateData != NULL)" is just a few lines higher up.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-04-26 17:59:22 +02:00
Volker Rümelin 90bb4c577d OvmfPkg: AcpiPlatformDxe: Don't enable unsupported PCI attributes
Current code in PciEnableDecoding tries to unconditionally enable
EFI_PCI_IO_ATTRIBUTE_IO and EFI_PCI_IO_ATTRIBUTE_MEMORY even if they
are unsupported attributes. This fails on devices which don't
support both attributes.

This patch masks out unsupported attributes.

Information to reproduce the bug.

Host lspci -s 0000:04:00.0 -vnn:
04:00.0 USB controller [0c03]: Renesas Technology Corp. uPD720201 USB
3.0 Host Controller [1912:0014] (rev 03) (prog-if 30 [XHCI])
	Flags: fast devsel, IRQ 19
	Memory at ef900000 (64-bit, non-prefetchable) [size=8K]
	Capabilities: [50] Power Management version 3
	Capabilities: [70] MSI: Enable- Count=1/8 Maskable- 64bit+
	Capabilities: [90] MSI-X: Enable- Count=8 Masked-
	Capabilities: [a0] Express Endpoint, MSI 00
	Capabilities: [100] Advanced Error Reporting
	Capabilities: [150] Latency Tolerance Reporting
	Kernel driver in use: pci-stub
	Kernel modules: xhci_pci

libvirt xml:
    <hostdev mode='subsystem' type='pci' managed='yes'>
      <driver name='vfio'/>
      <source>
        <address domain='0x0000' bus='0x04' slot='0x00' function='0'/>
      </source>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x11'
       function='0'/>
    </hostdev>

OVMF debug log with additional DEBUG statement:
OnRootBridgesConnected: root bridges have been connected, installing
ACPI tables
Select Item: 0x19
EnablePciDecoding: GetLocation: D=0000:00:00.0
    OrigAttr=0000000000004000 SuppAttr=000000000000E700
EnablePciDecoding: GetLocation: D=0000:00:10.0
    OrigAttr=0000000000004000 SuppAttr=000000000000E700
EnablePciDecoding: GetLocation: D=0000:00:11.0
    OrigAttr=0000000000004000 SuppAttr=000000000000E600
EnablePciDecoding: EfiPciIoAttributeOperationEnable: Unsupported
Select Item: 0x28
Select Item: 0x19
Select Item: 0x2A
Select Item: 0x19
Select Item: 0x27
InstallQemuFwCfgTables: installed 6 tables

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Volker Rümelin <vr_qemu@t-online.de>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
2016-04-19 13:18:34 +02:00
Ard Biesheuvel 8b0fc598cf OvmfPkg/XenIoMmioLib: add missing MemoryAllocationLib dependency to INF
XenIoMmioLib depends on MemoryAllocationLib, and uses its header, but
failed to declare the dependency in its INF.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2016-04-13 17:26:06 +02:00
Laszlo Ersek 4a392a451d OvmfPkg: remove PciHostBridgeDxe fork
This driver is now unused.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-04-07 21:08:49 +02:00
Laszlo Ersek cef83a3050 OvmfPkg: remove USE_OLD_PCI_HOST build option
It's been a month since the following commits appeared in the repo:

  4014885ffd OvmfPkg: switch to MdeModulePkg/Bus/Pci/PciHostBridgeDxe
  c47ed6fcb5 OvmfPkg: match PCI config access to machine type (if not
                USE_OLD_PCI_HOST)

in which we introduced the USE_OLD_PCI_HOST fallback, and made other work
depend on it. I have not heard of any problems (primarily from the
vfio-users group that uses Gerd's daily / hourly OVMF builds), so it's
time to drop the fallback.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-04-07 21:08:42 +02:00
Jordan Justen aa47e52978 OvmfPkg: Convert to using FatPkg in the EDK II tree
Now that FatPkg is open source (and therefore can be included in the
EDK II tree) we build and use it directly.

Build tested with GCC 5.3 on IA32 and X64. Boot tested to UEFI Shell
on IA32 and UEFI Linux on X64.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2016-04-07 20:45:46 +02:00
Star Zeng 0b5d1fb2ba OvmfPkg: Retire AcpiS3SaveDxe
The same functional code has been in S3SaveStateDxe,
OVMF AcpiS3SaveDxe can be retired now.

Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
2016-04-07 17:32:03 +02:00
Star Zeng 522e17544f OvmfPkg: Install LockBox protocol in constructor of LockBoxDxeLib
Currently, the LockBox protocol is installed in entrypoint of
OVMF AcpiS3SaveDxe.

We can let the first driver run with LockBoxDxeLib linked to have its
library constructor to install LockBox protocol on the ImageHandle.
As other drivers may have gEfiLockBoxProtocolGuid dependency,
the first driver should run before them.

The later patches to retire AcpiS3SaveDxe for OVMF depends on this patch.

Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2016-04-07 17:31:49 +02:00
Star Zeng a1726e3089 OvmfPkg: Set PcdAcpiS3Enable according to QemuFwCfgS3Enabled()
Also need to declare PcdAcpiS3Enable as DynamicDefault in *.dsc.

Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2016-04-07 17:31:31 +02:00
Laszlo Ersek eccc28bfcb OvmfPkg: disable PcdHiiOsRuntimeSupport
Edk2 commit 8a45f80eda ("MdeModulePkg: Make HII configuration settings
available to OS runtime") implements the optional UEFI feature described
in "31.2.11.1 OS Runtime Utilization" in UEFI v2.6.

While this feature might show benefits down the road even in QEMU virtual
machines, at the moment it only presents drawbacks:
- it increases the EfiRuntimeServicesData footprint,
- it triggers HII compatibility problems between edk2 and external drivers
  unconditionally, even if the end-user is not interested in HII and/or in
  configuring said drivers (see
  <https://www.redhat.com/archives/vfio-users/2016-March/msg00153.html>
  and <http://thread.gmane.org/gmane.comp.bios.edk2.devel/9894> for an
  example).

While the feature was being introduced, popular demand for a controlling
Feature PCD rose (see
<http://thread.gmane.org/gmane.comp.bios.edk2.devel/7626>), which is why
we can set it now to FALSE.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-04-06 19:41:08 +02:00
Laszlo Ersek 29d0259e06 OvmfPkg: remove PcdMaxHardwareErrorVariableSize from the DSC files
PcdMaxHardwareErrorVariableSize sets the size limit for individual
Hardware Error Record Variables (see "7.2.3 Hardware Error Record
Persistence" and "Appendix P, Hardware Error Record Persistence Usage" in
the UEFI-2.6 spec).

Since Hardware Error Record Persistence is an optional firmware feature,
according to the spec, and OVMF does not enable it -- it inherits
PcdHwErrStorageSize and PcdHardwareErrorRecordLevel with zero values --,
the PcdMaxHardwareErrorVariableSize setting in our DSC files has no
effect. Remove it in order to eliminate future confusion.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Suggested-by: Star Zeng <star.zeng@intel.com>
Ref: http://thread.gmane.org/gmane.comp.bios.edk2.devel/9743/focus=9780
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-04-06 19:40:38 +02:00
Laszlo Ersek 8456a7daf7 OvmfPkg: include Virtio10Dxe
Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-04-06 19:21:51 +02:00
Laszlo Ersek 9399f68ae3 OvmfPkg: Virtio10Dxe: non-transitional driver for virtio-1.0 PCI devices
This driver implements the VIRTIO_DEVICE_PROTOCOL for non-transitional PCI
devices, based on the virtio-1.0 specification (csprd05). Non-transitional
means that it only binds QEMU's virtio-xxx-pci devices that receive the
",disable-legacy=on,disable-modern=off" properties on the QEMU command
line. These devices have distinct PCI Device IDs from those that are bound
by VirtioPciDeviceDxe.

The central abstraction of this driver is the VIRTIO_1_0_CONFIG type. It
is practically a "fat pointer" to a register block. The pointed-to
register block
- may or may not exist (the latter being mostly useful for virtio-1.0
  devices that have no device-specific registers),
- lives in one of the device's BARs,
- lives in an IO or MMIO BAR,
- lives at an offset relative to the BAR start,
- has its size also maintained.

Such VIRTIO_1_0_CONFIG "fat pointers" (i.e., the locations of the register
blocks) are parsed from vendor capabilities that reside in the device's
standard PCI capabilities list (in PCI config space).

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Acked-by: Jordan Justen <jordan.l.justen@intel.com>
2016-04-06 19:21:51 +02:00
Laszlo Ersek c6e2d064ab OvmfPkg: VirtioNetDxe: adapt virtio-net packet header size to virtio-1.0
In virtio-0.9.5, the size of the virtio-net packet header depends on
whether the VIRTIO_NET_F_MRG_RXBUF feature is negotiated -- the
"num_buffers" field is only appended to the header if the feature is
negotiated.

Since we never negotiate this feature, VirtioNetDxe never allocates room
for the "num_buffers" field.

With virtio-1.0, the "num_buffers" field is always there (although it
doesn't carry useful information without VIRTIO_NET_F_MRG_RXBUF). Adapt
the buffers that depend on the virtio-net header size (otherwise we have
skewed / truncated packets).

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-04-06 19:21:50 +02:00
Laszlo Ersek 39c2d33962 OvmfPkg: VirtioScsiDxe: adapt feature negotiation to virtio-1.0
Relative to virtio-0.9.5, virtio-1.0 reverses the order of queue discovery
and feature negotiation. In virtio-1.0, feature negotiation has to
complete first, and the device can also reject a self-inconsistent feature
request through the new VSTAT_FEATURES_OK status bit. (For example if the
driver requests a higher level feature but clears a prerequisite feature.)

Furthermore, we retain the VIRTIO_F_VERSION_1 feature bit if the
VIRTIO_DEVICE_PROTOCOL provider has high enough revision.

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-04-06 19:21:50 +02:00
Laszlo Ersek 0a781bdc7f OvmfPkg: VirtioRngDxe: adapt feature negotiation to virtio-1.0
Relative to virtio-0.9.5, virtio-1.0 reverses the order of queue discovery
and feature negotiation. In virtio-1.0, feature negotiation has to
complete first, and the device can also reject a self-inconsistent feature
request through the new VSTAT_FEATURES_OK status bit. (For example if the
driver requests a higher level feature but clears a prerequisite feature.)

Furthermore, we retain the VIRTIO_F_VERSION_1 feature bit if the
VIRTIO_DEVICE_PROTOCOL provider has high enough revision.

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-04-06 19:21:50 +02:00
Laszlo Ersek 33c6b934bf OvmfPkg: VirtioNetDxe: adapt feature negotiation to virtio-1.0
Relative to virtio-0.9.5, virtio-1.0 reverses the order of queue discovery
and feature negotiation. In virtio-1.0, feature negotiation has to
complete first, and the device can also reject a self-inconsistent feature
request through the new VSTAT_FEATURES_OK status bit. (For example if the
driver requests a higher level feature but clears a prerequisite feature.)

Furthermore, we retain the VIRTIO_F_VERSION_1 feature bit if the
VIRTIO_DEVICE_PROTOCOL provider has high enough revision.

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-04-06 19:21:50 +02:00
Laszlo Ersek cbad8e4ccc OvmfPkg: VirtioBlkDxe: adapt feature negotiation to virtio-1.0
Relative to virtio-0.9.5, virtio-1.0 reverses the order of queue discovery
and feature negotiation. In virtio-1.0, feature negotiation has to
complete first, and the device can also reject a self-inconsistent feature
request through the new VSTAT_FEATURES_OK status bit. (For example if the
driver requests a higher level feature but clears a prerequisite feature.)

Furthermore, we retain the VIRTIO_F_VERSION_1 feature bit if the
VIRTIO_DEVICE_PROTOCOL provider has high enough revision.

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-04-06 19:21:50 +02:00
Laszlo Ersek d0ece0d850 OvmfPkg: VirtioLib: add Virtio10WriteFeatures() function
In VirtIo 1.0, a device can reject a self-inconsistent feature bitmap
through the new VSTAT_FEATURES_OK status bit. (For example if the driver
requests a higher level feature but clears a prerequisite feature.) This
function is a small wrapper around
VIRTIO_DEVICE_PROTOCOL.SetGuestFeatures() that also verifies if the VirtIo
1.0 device accepts the feature bitmap.

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-04-06 19:21:50 +02:00
Laszlo Ersek acb81416cc OvmfPkg: IndustryStandard: add definitions from the VirtIo 1.0 spec
These header files are intentionally minimal, and intentionally kept apart
from the VirtIo 0.9.5 headers.

The header inclusion chains end up like this (the Virtio10*.h header files
in the middle are new):

  Virtio.h    -> Virtio10.h    -> Virtio095.h

                     ^                 ^
                     |                 |

  VirtioNet.h -> Virtio10Net.h -> Virtio095Net.h

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Acked-by: Jordan Justen <jordan.l.justen@intel.com>
2016-04-06 19:21:39 +02:00
Laszlo Ersek 0bad4cb6f6 OvmfPkg: IndustryStandard: factor out Virtio095Net.h
In the upcoming virtio-1.0 series, we'll introduce "Virtio10Net.h".
However, the "VirtioNet.h" header file should continue to expose the
Virtio Network Device specific type and macro definitions for all virtio
versions that OvmfPkg supports. Therefore extract "Virtio095Net.h" like
this:

  VirtioNet.h -> Virtio095Net.h

so that in the upcoming patches, we can insert "Virtio10Net.h" in the
middle of the inclusion chain.

This follows the example of "Acpi.h" and "Pci.h" under
"MdePkg/Include/IndustryStandard".

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Suggested-by: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-04-06 19:21:26 +02:00
Laszlo Ersek 3eb6278a64 OvmfPkg: IndustryStandard: factor out Virtio095.h
In the upcoming virtio-1.0 series, we'll introduce "Virtio10.h". However,
the "Virtio.h" header file should continue to expose the generic type and
macro definitions for all virtio versions that OvmfPkg supports. Therefore
extract "Virtio095.h" like this:

  Virtio.h -> Virtio095.h

so that in the upcoming patches, we can insert "Virtio10.h" in the middle
of the inclusion chain.

This follows the example of "Acpi.h" and "Pci.h" under
"MdePkg/Include/IndustryStandard".

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Suggested-by: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-04-06 19:21:16 +02:00
Laszlo Ersek 28daafe0ad OvmfPkg: VirtioRngDxe: clear all feature bits more explicitly
This too is in preparation for the following patches.

After this patch, all four drivers manage their feature bits with explicit
masking.

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-04-06 13:04:04 +02:00
Laszlo Ersek 0c2a486078 OvmfPkg: VirtioBlkDxe: don't clear non-negotiable feature bits
VirtioBlkDxe only recognizes virtio-block feature bits that the device
offers non-negotiably. Nonetheless, in preparation for the following
patches, don't try to clear them even for simplicity.

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-04-06 13:04:03 +02:00
Laszlo Ersek 07af4eee93 OvmfPkg: VIRTIO_DEVICE_PROTOCOL: pass VRING object to SetQueueAddress()
In virtio-1.0, it is not enough to pass the base address of the virtio
queue to the hypervisor (as a frame number); instead it will want the
addresses of the descriptor table, the available ring, and the used ring
separately. Pass the VRING object to the SetQueueAddress() member
function; this will enable a virtio-1.0 implementation. Convert the
current producers and consumers to this prototype.

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-04-06 13:04:03 +02:00
Laszlo Ersek 235be6a0f1 OvmfPkg: VIRTIO_DEVICE_PROTOCOL: remove GetQueueAddress() member
This function was never consumed by drivers, and the current prototype is
unsupportable with virtio-1.0. Remove the function from the protocol
definition, and drop the current (unused) implementations.

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-04-06 13:04:03 +02:00
Laszlo Ersek bc8fde6f62 OvmfPkg: VIRTIO_DEVICE_PROTOCOL: widen the Features bitmap to 64 bits
The virtio-1.0 spec widens the Features bitmap to 64 bits. Modify the
declarations of the GetDeviceFeatures() and SetGuestFeatures() protocol
member functions accordingly.

Normally, a protocol cannot be changed in incompatible ways if the GUID
stays the same; however, we've always been extremely clear that
VIRTIO_DEVICE_PROTOCOL is internal to edk2. See for example the top of
"OvmfPkg/Include/Protocol/VirtioDevice.h".

In this patch, all producers and consumers of the GetDeviceFeatures() and
SetGuestFeatures() protocol members are updated.

The drivers that currently produce these members are "legacy" drivers (in
virtio-1.0 terminology), and they cannot (and will not) handle feature
bits above BIT31. Therefore their conversion is only for compatibility
with the modified protocol interface. The consumers will be responsible
for checking the VIRTIO_DEVICE_PROTOCOL.Revision field, and for not
passing feature bits that these backends cannot handle.

The VirtioMmioGetDeviceFeatures() implementation stores the result of an
MmioRead32() call with normal assignment, so it needs no change beyond
adapting its prototype.

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-04-06 13:04:03 +02:00
Alcantara, Paulo 00f18da1ca OvmfPkg: Add RAM disk support
Currently booting off of a RAM disk is not supported by
IntelFrameWorkModulePkg BDS, however on systems without writable
disks, the RAM disk can be made useful when loading raw HDD images
into it -- specially the ones with a FAT32 partition on which files
can be natively accessed by system firmware.

This patch adds RamDiskDxe driver by default in OVMF platform.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Paulo Alcantara <paulo.alc.cavalcanti@hp.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-04-01 08:58:20 -07:00
James Bottomley f5404a3eba OvmfPkg: Increase the maximum size for Authenticated variables
During real world testing I was getting an error with too many entries
in db: On my Secure boot laptop, I currently have seven certificates:
two Microsoft ones, Three Kernel ones from various distributions, my
own Secure Key and a temporary test key.  That gives a total EFI
Signature List size of 8317 which is over the 0x2000 maximum.

Fix this by setting the PcdMaxAuthVariableSize to 0x2800 (10K) which
isn't much of an increase but allows for 9-10 certificates.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Regression-tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
2016-03-25 11:25:31 +01:00
Laszlo Ersek 4f5eff8193 OvmfPkg: PciHostBridgeLib: install 64-bit PCI host aperture
On the normal boot path (which is when PciHostBridgeDxe runs), the PCDs
have been calculated; report the 64-bit PCI host aperture to
PciHostBridgeDxe.

In the Ia32 build, the PCD values (zeros) come directly from the DEC file,
and this patch makes no difference.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Cc: Thomas Lamprecht <t.lamprecht@proxmox.com>
Ref: https://github.com/tianocore/edk2/issues/59
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-03-23 17:47:31 +01:00
Laszlo Ersek 7e5b1b670c OvmfPkg: PlatformPei: determine the 64-bit PCI host aperture for X64 DXE
The main observation about the 64-bit PCI host aperture is that it is the
highest part of the useful address space. It impacts the top of the GCD
memory space map, and, consequently, our maximum address width calculation
for the CPU HOB too.

Thus, modify the GetFirstNonAddress() function to consider the following
areas above the high RAM, while calculating the first non-address (i.e.,
the highest inclusive address, plus one):

- the memory hotplug area (optional, the size comes from QEMU),

- the 64-bit PCI host aperture (we set a default size).

While computing the first non-address, capture the base and the size of
the 64-bit PCI host aperture at once in PCDs, since they are natural parts
of the calculation.

(Similarly to how PcdPciMmio32* are not rewritten on the S3 resume path
(see the InitializePlatform() -> MemMapInitialization() condition), nor
are PcdPciMmio64*. Only the core PciHostBridgeDxe driver consumes them,
through our PciHostBridgeLib instance.)

Set 32GB as the default size for the aperture. Issue#59 mentions the
NVIDIA Tesla K80 as an assignable device. According to nvidia.com, these
cards may have 24GB of memory (probably 16GB + 8GB BARs).

As a strictly experimental feature, the user can specify the size of the
aperture (in MB) as well, with the QEMU option

  -fw_cfg name=opt/ovmf/X-PciMmio64Mb,string=65536

The "X-" prefix follows the QEMU tradition (spelled "x-" there), meaning
that the property is experimental, unstable, and might go away any time.
Gerd has proposed heuristics for sizing the aperture automatically (based
on 1GB page support and PCPU address width), but such should be delayed to
a later patch (which may very well back out "X-PciMmio64Mb" then).

For "everyday" guests, the 32GB default for the aperture size shouldn't
impact the PEI memory demand (the size of the page tables that the DXE IPL
PEIM builds). Namely, we've never reported narrower than 36-bit addresses;
the DXE IPL PEIM has always built page tables for 64GB at least.

For the aperture to bump the address width above 36 bits, either the guest
must have quite a bit of memory itself (in which case the additional PEI
memory demand shouldn't matter), or the user must specify a large aperture
manually with "X-PciMmio64Mb" (and then he or she is also responsible for
giving enough RAM to the VM, to satisfy the PEI memory demand).

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Cc: Thomas Lamprecht <t.lamprecht@proxmox.com>
Ref: https://github.com/tianocore/edk2/issues/59
Ref: http://www.nvidia.com/object/tesla-servers.html
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-03-23 17:47:27 +01:00
Laszlo Ersek d537168063 OvmfPkg: PlatformPei: factor out GetFirstNonAddress()
Factor out the expression that is currently the basis of the address width
calculation into a standalone function. In the next patches we'll raise
the return value under certain circumstances.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Cc: Thomas Lamprecht <t.lamprecht@proxmox.com>
Ref: https://github.com/tianocore/edk2/issues/59
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-03-23 17:46:56 +01:00
Laszlo Ersek 8f35eb92c4 OvmfPkg: AcpiPlatformDxe: enable PCI IO and MMIO while fetching QEMU tables
Now that the previous patches ensure that we can access all PCI devices in
AcpiPlatformDxe, we can enable IO and MMIO decoding for all of them while
we contact QEMU for the ACPI tables. See more details in the patch titled:

  OvmfPkg: introduce gRootBridgesConnectedEventGroupGuid

In particular, this patch will prevent the bug when the 64-bit MMIO
aperture is completely missing from QEMU's _CRS, and consequently Linux
rejects 64-bit BARs with the error message

  pci 0000:00:03.0: can't claim BAR 4 [mem 0x800000000-0x8007fffff 64bit
                    pref]: no compatible bridge window

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-03-23 17:39:35 +01:00
Laszlo Ersek b6bc800d5a OvmfPkg: AcpiPlatformDxe: when PCI is enabled, wait for Platform BDS's cue
This patch doesn't change the behavior of AcpiPlatformDxe when
PcdPciDisableBusEnumeration is TRUE -- that is, when the driver runs on
Xen (OvmfPkg and ArmVirtPkg both), or when the driver runs on QEMU as part
of ArmVirtPkg but no PCI host bridge was found by VirtFdtDxe. In these
cases the driver continues to install the ACPI tables immediately.

However, when PcdPciDisableBusEnumeration is FALSE (i.e., when the driver
runs on QEMU as part of OVMF, or as part of ArmVirtPkg and VirtFdtDxe
finds a PCI host bridge), we now delay the ACPI table download from QEMU.
We wait until the Platform BDS tells us that root bridges have been
connected, and PciIo instances are available.

The explanation is in the patch titled

  OvmfPkg: introduce gRootBridgesConnectedEventGroupGuid

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-03-23 17:39:35 +01:00
Laszlo Ersek 0f6ff51d88 OvmfPkg: PlatformBdsLib: signal gRootBridgesConnectedEventGroupGuid
The explanation is in the patch titled

  OvmfPkg: introduce gRootBridgesConnectedEventGroupGuid

At this point, this signal doesn't do anything yet.

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-03-23 17:38:12 +01:00
Laszlo Ersek 9116c9c5d8 OvmfPkg: introduce gRootBridgesConnectedEventGroupGuid
QEMU's ACPI table generator can only create meaningful _CRS objects --
apertures -- for the root buses if all of the PCI devices behind those
buses are actively decoding their IO and MMIO resources, at the time of
the firmware fetching the "etc/table-loader" fw_cfg file. This is not a
QEMU error; QEMU follows the definition of BARs (which are meaningless
when decoding is disabled).

Currently we hook up AcpiPlatformDxe to the PCI Bus driver's
gEfiPciEnumerationCompleteProtocolGuid cue. Unfortunately, when the PCI
Bus driver installs this protocol, it's *still* not the right time for
fetching "etc/table-loader": although resources have been allocated and
BARs have been programmed with them, the PCI Bus driver has also cleared
IO and MMIO decoding in the command registers of the devices.

Furthermore, we couldn't reenable IO and MMIO decoding temporarily in our
gEfiPciEnumerationCompleteProtocolGuid callback even if we wanted to,
because at that time the PCI Bus driver has not produced PciIo instances
yet.

Our Platform BDSes are responsible for connecting the root bridges, hence
they know exactly when the PciIo instances become available -- not when
PCI enumeration completes (signaled by the above protocol), but when the
ConnectController() calls return.

This is when our Platform BDSes should explicitly cue in AcpiPlatformDxe.
Then AcpiPlatformDxe can temporarily enable IO and MMIO decoding for all
devices, while it contacts QEMU for the ACPI payload.

This patch introduces the event group GUID that we'll use for unleashing
AcpiPlatformDxe from our Platform BDSes.

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-03-23 17:38:09 +01:00
Laszlo Ersek 29ebe47cbf OvmfPkg: OvmfPkg.dec: add horizontal whitespace under Guids and Protocols
We'll need more room in the next patch. No functional changes.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-03-23 17:37:49 +01:00
Laszlo Ersek 36e8e6992d OvmfPkg/PlatformBdsLib: rebase to EfiEventGroupSignal
Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
2016-03-23 12:06:20 +01:00
Laszlo Ersek 02d6f4ce0c OvmfPkg/PlatformPei: suppress wrong VS2008 warning (use of uninited local)
VS2008 seems to think that the "PciExBarBase" variable (introduced in
commit 7b8fe63561) can be evaluated for the
AddReservedMemoryBaseSizeHob() function call with its value being
uninitialized / indeterminate. This is not the case (see
"mHostBridgeDevId"); suppress the warning.

Reported-by: David Woodhouse <dwmw2@infradead.org>
Ref: http://thread.gmane.org/gmane.comp.bios.edk2.devel/8871/focus=9431
Cc: David Woodhouse <dwmw2@infradead.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: David Woodhouse <David.Woodhouse@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-03-19 02:24:47 +01:00
Ruiyu Ni db27e9f3d8 OvmfPkg/LegacyRegion: Support legacy region manipulation of Q35
Current implementation only supports legacy region of 440 chip.
When QEMU is launched in Q35 mode using CSM enabled OVMF image,
LegacyBios driver fails to start due to the legacy region
[0xC0000, 0xFFFFF] cannot be written.

v2:
 * just updates the comments.

v3:
 * uses PcdOvmfHostBridgePciDevId as Jordan suggested.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Justen Jordan <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-03-15 14:50:06 -07:00
Laszlo Ersek 7daf2401d4 OvmfPkg: PciHostBridgeLib: permit access to the full extended config space
By now OVMF makes MdeModulePkg/Bus/Pci/PciHostBridgeDxe go through
MMCONFIG (when running on Q35). Enable the driver to address each B/D/F's
config space up to and including offset 0xFFF.

Cc: Gabriel Somlo <somlo@cmu.edu>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Cc: Micha Zegan <webczat_200@poczta.onet.pl>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Tested-by: Gabriel Somlo <somlo@cmu.edu>
Tested-by: Micha Zegan <webczat_200@poczta.onet.pl>
2016-03-10 21:28:37 +01:00
Laszlo Ersek c47ed6fcb5 OvmfPkg: match PCI config access to machine type (if not USE_OLD_PCI_HOST)
If USE_OLD_PCI_HOST is FALSE, then we switch all executable module types
supported by DxePciLibI440FxQ35 to the following library instance stack:

  BasePciSegmentLibPci  [class: PciSegmentLib]
    DxePciLibI440FxQ35  [class: PciLib]
      BasePciCf8Lib     [class: PciCf8Lib]
      BasePciExpressLib [class: PciExpressLib]

Every module will select 0xCF8 vs. ECAM based on the OVMF platform type
(i440fx or Q35). Notably, MdeModulePkg/Bus/Pci/PciHostBridgeDxe is among
the affected drivers.

The BasePciExpressLib instance is where the PcdPciExpressBaseAddress PCD
fills its original role.

Cc: Gabriel Somlo <somlo@cmu.edu>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Cc: Micha Zegan <webczat_200@poczta.onet.pl>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Tested-by: Gabriel Somlo <somlo@cmu.edu>
Tested-by: Micha Zegan <webczat_200@poczta.onet.pl>
2016-03-10 21:28:34 +01:00
Laszlo Ersek 7523788faa OvmfPkg: add DxePciLibI440FxQ35
This library is a trivial unification of the following two PciLib
instances (and the result is easily diffable against each):
- MdePkg/Library/BasePciLibCf8
- MdePkg/Library/BasePciLibPciExpress

The PCI config access method is determined in the constructor function,
from the dynamic PCD "PcdOvmfHostBridgePciDevId" that is set by
PlatformPei.

The library instance is usable in DXE phase or later modules: the PciLib
instances being unified have no firmware phase / client module type
restrictions, and here the only PCD access is made in the constructor
function. That is, even before a given client executable's entry point is
invoked.

The library instance depends on PlatformPei both for setting the PCD
mentioned above, and also for enabling MMCONFIG on Q35. PEI and earlier
phase modules are not expected to need extended config access even on Q35.

Cc: Gabriel Somlo <somlo@cmu.edu>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Cc: Micha Zegan <webczat_200@poczta.onet.pl>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Tested-by: Gabriel Somlo <somlo@cmu.edu>
Tested-by: Micha Zegan <webczat_200@poczta.onet.pl>
2016-03-10 21:28:29 +01:00
Laszlo Ersek 7b8fe63561 OvmfPkg: PlatformPei: enable PCIEXBAR (aka MMCONFIG / ECAM) on Q35
The comments in the code should speak for themselves; here we note only
two facts:

- The PCI config space writes (to the PCIEXBAR register) are performed
  using the 0xCF8 / 0xCFC IO ports, by virtue of PciLib being resolved to
  BasePciLibCf8. (This library resolution will permanently remain in place
  for the PEI phase.)

- Since PCIEXBAR counts as a chipset register, it is the responsibility of
  the firmware to reprogram it at S3 resume. Therefore
  PciExBarInitialization() is called regardless of the boot path. (Marcel
  recently posted patches for SeaBIOS that implement this.)

This patch suffices to enable PCIEXBAR (and the dependent ACPI table
generation in QEMU), for the sake of "PCIeHotplug" in the Linux guest:

  ACPI: MCFG 0x000000007E17F000 00003C
        (v01 BOCHS  BXPCMCFG 00000001 BXPC 00000001)
  PCI: MMCONFIG for domain 0000 [bus 00-ff] at [mem 0x80000000-0x8fffffff]
       (base 0x80000000)
  PCI: MMCONFIG at [mem 0x80000000-0x8fffffff] reserved in E820
  acpi PNP0A08:00: _OSC: OS supports
                   [ExtendedConfig ASPM ClockPM Segments MSI]
  acpi PNP0A08:00: _OSC: OS now controls
                   [PCIeHotplug PME AER PCIeCapability]

In the following patches, we'll equip the core PCI host bridge / root
bridge driver and the rest of DXE as well to utilize ECAM on Q35.

Cc: Gabriel Somlo <somlo@cmu.edu>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Cc: Micha Zegan <webczat_200@poczta.onet.pl>
Ref: https://github.com/tianocore/edk2/issues/32
Ref: http://thread.gmane.org/gmane.comp.bios.coreboot.seabios/10548
Suggested-by: Marcel Apfelbaum <marcel@redhat.com>
Reported-by: Micha Zegan <webczat_200@poczta.onet.pl>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
Tested-by: Gabriel Somlo <somlo@cmu.edu>
Tested-by: Micha Zegan <webczat_200@poczta.onet.pl>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-03-10 21:28:20 +01:00
Laszlo Ersek b01acf6ea7 OvmfPkg: PlatformPei: lower the 32-bit PCI MMIO base to 2GB on Q35
Gerd has advised us that long term support Q35 machine types have no low
RAM above 2GB, hence we should utilize the [2GB, 3GB) gap -- that we
currently leave unused -- for MMIO. (Plus, later in this series, for the
PCIEXBAR too.)

Cc: Gabriel Somlo <somlo@cmu.edu>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Cc: Micha Zegan <webczat_200@poczta.onet.pl>
Ref: https://github.com/tianocore/edk2/issues/32
Ref: http://thread.gmane.org/gmane.comp.bios.edk2.devel/8707/focus=8817
Suggested-by: Gerd Hoffmann <kraxel@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Gabriel Somlo <somlo@cmu.edu>
Tested-by: Micha Zegan <webczat_200@poczta.onet.pl>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-03-10 21:28:07 +01:00
Laszlo Ersek 0aff49e20f OvmfPkg: IndustryStandard/Q35MchIch9.h: add PCIEXBAR macros
Section 5.1.16 ("PCIEXBAR -- PCI Express Register Range Base Address") in
Intel document #316966-002 (already referenced near the top of this header
file) describes the Q35 DRAM Controller register that configures the
memory-mapped PCI config space (also known as MMCONFIG, and ECAM /
Enhanced Configuration Access Method).

In this patch we add the macros we'll need later. We'll only support the
256 MB memory-mapped config space -- enough for buses [0, 255].

Cc: Gabriel Somlo <somlo@cmu.edu>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Cc: Micha Zegan <webczat_200@poczta.onet.pl>
Ref: https://github.com/tianocore/edk2/issues/32
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Tested-by: Gabriel Somlo <somlo@cmu.edu>
Tested-by: Micha Zegan <webczat_200@poczta.onet.pl>
2016-03-10 21:26:29 +01:00
Gary Lin 96302b80d9 OvmfPkg: Enable Network2 Shell Commands for IPv6
Enable the network2 commands when NETWORK_IP6_ENABLE is TRUE, so we
would have Ping6 and Ifconfig6.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Ching-Pang Lin <glin@suse.com>
[lersek@redhat.com: added the word "Shell" to the subject]
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2016-03-08 12:10:51 +01:00
Jordan Justen ace1d0517b OvmfPkg PciHostBridgeDxe: Convert X64/IoFifo.asm to NASM
The BaseTools/Scripts/ConvertMasmToNasm.py script was used to convert
X64/IoFifo.asm to X64/IoFifo.nasm

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2016-03-08 10:52:33 +01:00
Jordan Justen 6026bf4600 OvmfPkg PciHostBridgeDxe: Convert Ia32/IoFifo.asm to NASM
The BaseTools/Scripts/ConvertMasmToNasm.py script was used to convert
Ia32/IoFifo.asm to Ia32/IoFifo.nasm

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2016-03-08 10:52:21 +01:00
Laszlo Ersek 4014885ffd OvmfPkg: switch to MdeModulePkg/Bus/Pci/PciHostBridgeDxe
The old driver is retained for now; it remains available with "-D
USE_OLD_PCI_HOST". This is because I'd like to involve end users and
downstreams in testing the new drier, but also allow them to switch back
to the old driver at the first sight of trouble, while we debug the new
driver in parallel.

In a few weeks the ifdeffery and the "OvmfPkg/PciHostBridgeDxe/" driver
should be removed.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Cc: Alex Williamson <alex.williamson@redhat.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-03-03 18:18:43 +01:00
Laszlo Ersek 75f4533119 OvmfPkg: resolve PciSegmentLib
In the next patch we'll build "MdeModulePkg/Bus/Pci/PciHostBridgeDxe".
That driver depends on the PciSegmentLib class. Edk2 offers four
instances:

(1) MdePkg/Library/UefiPciSegmentLibPciRootBridgeIo/

    Inappropriate here because it consumes
    EFI_PCI_ROOT_BRIDGE_IO_PROTOCOL, but
    "MdeModulePkg/Bus/Pci/PciHostBridgeDxe" needs the library class for
    producing that protocol.

(2) MdePkg/Library/PeiPciSegmentLibPciCfg2/

    Restricted to PEIM, SEC, and PEI_CORE client modules.

(3) MdePkg/Library/DxePciSegmentLibEsal/

    "uses ESAL services to perform PCI Configuration cycles"

(4) MdePkg/Library/BasePciSegmentLibPci/

    A simple BASE library instance that sits on top of PciLib. This is our
    choice. We can resolve PciSegmentLib to this instance for all module
    types.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-03-03 18:18:43 +01:00
Laszlo Ersek 1f4e2299e7 OvmfPkg: PciHostBridgeLib: initialize RootBus->DevicePath
We copy the code from InitRootBridge()
[OvmfPkg/PciHostBridgeDxe/PciHostBridge.c], with a slight change: the
device path is allocated separately now.

This is the final field to initialize in PCI_ROOT_BRIDGE.

The type EFI_PCI_ROOT_BRIDGE_DEVICE_PATH is renamed to
OVMF_PCI_ROOT_BRIDGE_DEVICE_PATH. The original is a misnomer (it is not a
standard UEFI type) that dates back to PcAtChipsetPkg/PciHostBridgeDxe.
Simply removing the EFI_ suffix would result in
PCI_ROOT_BRIDGE_DEVICE_PATH, where PCI_ could incorrectly suggest a
relation with the PCI standards or the PCI-related generic edk2 code.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-03-03 18:18:43 +01:00
Laszlo Ersek cb81595b5d OvmfPkg: PciHostBridgeLib: set RootBus->NoExtendedConfigSpace
In "OvmfPkg/PciHostBridgeDxe/PciRootBridgeIo.c", the
RootBridgeIoCheckParameter() function hard-codes the maximum offset for
the PCI config space as 0xFF (see the MAX_PCI_REG_ADDRESS macro), which
matches OVMF's 0xCF8 / 0xCFC config access method.

The "MdeModulePkg/Bus/Pci/PciHostBridgeDxe" driver abstracts away config
space access via the PciSegmentLib class, so it has to be informed
separately about the config space size.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-03-03 18:18:40 +01:00
Laszlo Ersek 390951c2b8 OvmfPkg: PciHostBridgeLib: set bus, IO and 32-bit MMIO windows in RootBus
The bus aperture is copied verbatim from InitRootBridge()
[OvmfPkg/PciHostBridgeDxe/PciHostBridge.c].

The IO and 32-bit MMIO apertures are matched to PlatformPei's settings.
PciHostBridgeLibDxe expects PciHostBridgeLib instances to advertize the
exact apertures.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-03-03 18:18:39 +01:00
Laszlo Ersek 0dcd1b1b2a OvmfPkg: PciHostBridgeLib: set RootBus->AllocationAttributes
InitRootBridge() in "OvmfPkg/PciHostBridgeDxe/PciHostBridge.c" passes the
EFI_PCI_HOST_BRIDGE_COMBINE_MEM_PMEM allocation attribute to
RootBridgeConstructor(); we should do the same here.

From "MdePkg/Include/Protocol/PciHostBridgeResourceAllocation.h":

/// If this bit is set, then the PCI Root Bridge does not support separate
/// windows for Non-prefetchable and Prefetchable memory. A PCI bus driver
/// needs to include requests for Prefetchable memory in the
/// Non-prefetchable memory pool.

Which implies that both the 32-bit and 64-bit prefetchable MMIO apertures
should be marked empty. (The CreateRootBridge() function actually enforces
this in "MdeModulePkg/Bus/Pci/PciHostBridgeDxe/PciRootBridgeIo.c".)

Furthermore, since OvmfPkg/PciHostBridgeDxe does *not* set the
EFI_PCI_HOST_BRIDGE_MEM64_DECODE allocation attribute:

/// If this bit is set, then the PCI Root Bridge supports 64 bit memory
/// windows.  If this bit is not set, the PCI bus driver needs to include
/// requests for 64 bit memory address in the corresponding 32 bit memory
/// pool.

we follow suit in the PciHostBridgeLib instance.

In turn, the 64-bit MMIO apertures (both prefetchable and
non-prefetchable) should be marked empty.
MdeModulePkg/Bus/Pci/PciHostBridgeDxe enforces this too.

(64-bit MMIO aperture support, based on yet more fw_cfg files, is a
planned future improvement.)

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-03-03 18:18:39 +01:00
Laszlo Ersek c789d61dcb OvmfPkg: PciHostBridgeLib: clear RootBus->DmaAbove4G
When this BOOLEAN member is FALSE, and the caller tries to set up a DMA
transfer between a PCI device and a host buffer not entirely under 4GB,
then "MdeModulePkg/Bus/Pci/PciHostBridgeDxe" sets up a bounce buffer under
4GB, in the implementation of EFI_PCI_ROOT_BRIDGE_IO_PROTOCOL.Map().

Since that's exactly what RootBridgeIoMap() does in
"OvmfPkg/PciHostBridgeDxe/PciRootBridgeIo.c", stick with it in this
conversion.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-03-03 18:18:39 +01:00
Laszlo Ersek a5ece62d79 OvmfPkg: PciHostBridgeLib: set supported and initial attributes in RootBus
These settings are copied from the RootBridgeConstructor() function, file
"OvmfPkg/PciHostBridgeDxe/PciRootBridgeIo.c".

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-03-03 18:18:39 +01:00
Laszlo Ersek 65de2ef54f OvmfPkg: PciHostBridgeLib: set RootBus->Segment
This is the first of the patches that set the fields of PCI_ROOT_BRIDGE.
The structure is zero-filled as a precaution for later field additions.

Here we set the Segment member explicitly to zero (so that any later
customization can be easier).

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-03-03 18:18:39 +01:00
Laszlo Ersek dc4d64670a OvmfPkg: PciHostBridgeLib: implement PciHostBridgeFreeRootBridges()
This function has no counterpart in OvmfPkg/PciHostBridgeDxe/, but the
PciHostBridgeLib class requires it.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-03-03 18:18:39 +01:00
Laszlo Ersek 46e46eaf62 OvmfPkg: PciHostBridgeLib: convert main loop from PciHostBridgeDxe
In this patch we import the scan for extra root buses from the
InitializePciHostBridge() function, in file
"OvmfPkg/PciHostBridgeDxe/PciHostBridge.c".

For the time being, the InitRootBridge() and UninitRootBridge() functions
are just placeholders.

The PciHostBridgeGetRootBridges() API expects us to return the
PCI_ROOT_BRIDGE structures in a contiguous array, instead of a linked
list. Therefore the following bits have to be converted manually:

(1) The array is allocated in advance, in a single step.

(2) The calculation of the array size depends on an explicit
    multiplication, which we must check against overflow. Since more than
    255 extra root bridges make no sense anyway, we use (1 + 255) as the
    limit on the main plus all extra root bridges. This also ensures that
    the UINTN multiplication doesn't overflow.

(3) The PciHostBridgeDxe code decrements "ExtraRootBridgesLeft" to
    terminate the scanning early. Here we need track the increasing count
    of used array elements as well, so we employ "ExtraRootBridges" as a
    constant limit, and increment the new local variable "Initialized".

(4) The prototypes of InitRootBridge() and UninitRootBridge() reflect that
    the PCI_ROOT_BRIDGE structure is allocated by the caller; only
    in-place initialization is necessary.

Additionally, macros are employed for standard PCI quantities, from
"MdePkg/Include/IndustryStandard/Pci22.h":

- MAX_PCI_DEVICE_NUMBER (31) is replaced with PCI_MAX_DEVICE (same),
- the constant 255 is replaced with PCI_MAX_BUS,
- the (RootBridgeNumber < 256) condition is replaced with
  (RootBridgeNumber <= PCI_MAX_BUS).

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-03-03 18:18:35 +01:00
Laszlo Ersek d85861d718 OvmfPkg: clone PciHostBridgeLib from MdeModulePkg's Null instance
In this patch we clone "MdeModulePkg/Library/PciHostBridgeLibNull" for
customization under OvmfPkg. Differences relative to a verbatim copy:

- the Null suffix is dropped from file names,
- the UNI file is dropped, together with the corresponding MODULE_UNI_FILE
  reference in the INF file,
- the INF file receives a new FILE_GUID,
- the top comments in the files mention OVMF, not a null instance.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-03-03 18:18:35 +01:00
Laszlo Ersek 03845e90cc OvmfPkg: factor the MMIO aperture shared by all PCI root bridges into PCDs
Going forward, two modules will need to know about the aperture:
PlatformPei (as before), and OVMF's upcoming PciHostBridgeLib instance
(because the core PciHostBridgeDxe driver requires the library to state
the exact apertures for all root bridges).

On QEMU, all root bridges share the same MMIO aperture, hence one pair of
PCDs suffices.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-03-03 18:18:28 +01:00
Laszlo Ersek e705f899af OvmfPkg: factor the IO aperture shared by all PCI root bridges into PCDs
At the moment we don't intend to customize this aperture at runtime, but
going forward, two modules will need to know about it: PlatformPei (as
before), and OVMF's upcoming PciHostBridgeLib instance (because the core
PciHostBridgeDxe driver requires the library to state the exact apertures
for all root bridges).

On QEMU, all root bridges share the same IO port aperture, hence one pair
of PCDs suffices.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-03-03 10:19:32 +01:00
Laszlo Ersek d54c5fdcaa OvmfPkg: remove superfluous [PcdsFixedAtBuild] section header
At the location of this header an earlier [PcdsFixedAtBuild] section is in
effect already.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-03-03 10:19:32 +01:00
Laszlo Ersek cf23c02ae1 OvmfPkg: copy log level comments from DebugLib.h
Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-03-02 06:47:32 +01:00
Dandan Bi cf62182136 OvmfPkg: Add FileExplorerLib.inf to the dsc file
Because SecureBootConfigDxe use FileExplorerLib now, but
FileExplorerLib is not in the dsc file of the package
that use SecureBootConfigDxe. Now add it to pass build.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Eric Dong <eric.dong@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-02-26 16:52:50 +08:00
Ard Biesheuvel b38ec3cd2f OvmfPkg: add driver for Virtio-RNG device
This adds the new Virtio-RNG DXE module to all three builds of
OvmfPkg. Note that QEMU needs to be invoked with the 'device
virtio-rng-pci' option in order for this device to be exposed to
the guest.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2016-02-24 12:07:34 +01:00
Ard Biesheuvel 5528732a51 OvmfPkg: implement UEFI driver for Virtio RNG devices
This implements a UEFI driver model driver for Virtio devices of type
VIRTIO_SUBSYSTEM_ENTROPY_SOURCE, and exposes them via instances of
the EFI_RNG_PROTOCOL protocol, supporting the EFI_RNG_ALGORITHM_RAW
algorithm only.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2016-02-24 12:07:32 +01:00
Laszlo Ersek 8bc951a264 OvmfPkg: VirtioFlush(): return the number of bytes written by the host
VirtioLib provides an API for simple, synchronous (request/response-style)
virtio communication. The guest driver builds one descriptor chain, link
for link, with VirtioPrepare() and VirtioAppendDesc(), then submits the
chain, and awaits the processing, with VirtioFlush().

The descriptor chain is always built at the beginning of the descriptor
area, with the head descriptor having descriptor index 0.

In order to submit the descriptor chain to the host, the guest always
pushes a new "available element" to the Available Ring, in genuine
queue-like fashion, with the new element referencing the head descriptor
(which always has index 0, see above).

In turn, after processing, the host always pushes a new "used element" to
the Used Ring, in genuine queue-like fashion, with the new element
referencing the head descriptor of the chain that was just processed. The
same element also reports the number of bytes that the host wrote,
consecutively across the host-writeable buffers that were linked by the
descriptors.

(See "OvmfPkg/VirtioNetDxe/TechNotes.txt" for a diagram about the
descriptor area and the rings.)

Because at most one descriptor chain can be in flight with VirtioLib at
any time,

- the Available Ring and the Used Ring proceed in lock-step,

- and the head descriptor that the new "available" and "used" elements can
  ever reference has index 0.

Based on the above, we can modify VirtioFlush() to return the number of
bytes written by the host across the descriptor chain. The virtio-block
and virtio-scsi drivers don't care (they have other ways to parse the data
produced by the host), while the virtio-net driver doesn't use
VirtioFlush() at all (it employs VirtioLib only to set up its rings).

However, the virtio entropy device,  to be covered in the upcoming
patches, reports the amount of randomness produced by the host only
through this quantity.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
2016-02-24 12:07:32 +01:00
Laszlo Ersek d92eaabefb OvmfPkg: simplify VARIABLE_STORE_HEADER generation
Before the merger of the authenticated and non-authenticated variable
drivers (commit fa0737a839), we had to match the varstore header GUID in
"OvmfPkg/VarStore.fdf.inc" to SECURE_BOOT_ENABLE, because the opposite
GUID would cause either driver to fail an assertion. The header structures
for individual variables residing in the varstore were different
(VARIABLE_HEADER vs. AUTHENTICATED_VARIABLE_HEADER), and each driver could
only handle its own, so this GUID enforcement was necessary.

Since the unification of the variable driver however, it treats (a)
variable store format, and (b) AuthVariableLib instance as independent
characteristics; it can always manipulate variable stores with both header
types. All variations boot now; the difference is whether authenticated
variables, and special variables computed from them (like SecureBoot) are
supported at runtime:

    variable store                                  non-auth   auth and SB
    header GUID            AuthVariableLib          variables  variables
--  ---------------------  -------------------  ->  ---------  -----------
 1  Variable               SecurityPkg/...          supported  unsupported
 2  Variable               AuthVariableLibNull      supported  unsupported
 3  AuthenticatedVariable  SecurityPkg/...          supported  supported
 4  AuthenticatedVariable  AuthVariableLibNull      supported  unsupported

At the moment, SECURE_BOOT_ENABLE selects between cases #2 (FALSE) and #3
(TRUE). That is, it controls both the varstore header GUID in
"OvmfPkg/VarStore.fdf.inc", and the AuthVariableLib resolution in the DSC
files.

Exploiting the unified driver's flexibility, we can simplify
"OvmfPkg/VarStore.fdf.inc" by picking the AuthenticatedVariable GUID as a
constant, and letting SECURE_BOOT_ENABLE control only the AuthVariableLib
resolution. This amounts to SECURE_BOOT_ENABLE choosing between cases #3
(TRUE) and #4 (FALSE), with identical results as before.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Ref: http://thread.gmane.org/gmane.comp.bios.edk2.devel/7319/focus=7344
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
2016-02-15 17:47:29 +01:00
Laszlo Ersek d7c0dfaef2 OvmfPkg: QemuBootOrderLib: recognize NVMe devices
This patch enables QemuBootOrderLib to parse OFW device paths formatted by
QEMU commit a907ec52cc1a:

  nvme: generate OpenFirmware device path in the "bootorder" fw_cfg file

With both patches applied, OVMF will honor the bootindex=N property of the
NVMe device:

  -drive id=drive0,if=none,format=FORMAT,file=PATHNAME \
  -device nvme,drive=drive0,serial=SERIAL,bootindex=N
                                          ^^^^^^^^^^^

Cc: Vladislav Vovchenko <vladislav.vovchenko@sk.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Reference: https://github.com/tianocore/edk2/issues/48
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Tested-by: Vladislav Vovchenko <vladislav.vovchenko@sk.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19792 6f19259b-4bc3-4df7-8a09-765794883524
2016-02-02 15:30:27 +00:00
Laszlo Ersek 8ae3832df9 OvmfPkg: include NvmExpressDxe driver
QEMU emulates NVMe. NvmExpressDxe seems to work well with it. The relevant
QEMU options are

  -drive id=drive0,if=none,format=FORMAT,file=PATHNAME \
  -device nvme,drive=drive0,serial=SERIAL

where the required SERIAL value sets the Serial Number (SN) field of the
"Identify Controller Data Structure". It is an ASCII string with up to 20
characters, which QEMU pads with spaces to maximum length.

(Refer to "NVME_ADMIN_CONTROLLER_DATA.Sn" in
"MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressHci.h".)

Cc: Vladislav Vovchenko <vladislav.vovchenko@sk.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Reference: https://github.com/tianocore/edk2/issues/48
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Tested-by: Vladislav Vovchenko <vladislav.vovchenko@sk.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19791 6f19259b-4bc3-4df7-8a09-765794883524
2016-02-02 15:30:25 +00:00
Jordan Justen e3dca1859b OvmfPkg: Increase default RELEASE build image size to 2MB
Fixes: https://github.com/tianocore/edk2/issues/47
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Cc: Bruce Cran <bruce@cran.org.uk>
Cc: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19775 6f19259b-4bc3-4df7-8a09-765794883524
2016-01-29 19:06:47 +00:00
Laszlo Ersek 1fea9ddb4e OvmfPkg: execute option ROM images regardless of Secure Boot
Change the image verification policy for option ROM images to 0x00
(ALWAYS_EXECUTE).

While this may not be a good idea for physical platforms (see e.g.
<https://trmm.net/Thunderstrike>), on the QEMU platform the benefits seem
to outweigh the drawbacks:

- For QEMU's virtual PCI devices, and for some assigned PCI devices, the
  option ROMs come from host-side files, which can never be rewritten from
  within the guest. Since the host admin has full control over a guest
  anyway, executing option ROMs that originate from host-side files
  presents no additional threat to the guest.

- For assigned physical PCI devices with option ROMs, the argument is not
  so clear-cut. In theory a setup could exist where:

  - the host-side UEFI firmware (with DENY_EXECUTE_ON_SECURITY_VIOLATION)
    rejects the option ROM of a malicious physical PCI device, but

  - when the device is assigned to the guest, OVMF executes the option ROM
    in the guest,

  - the option ROM breaks out of the guest (using an assumed QEMU
    vulnerability) and gains QEMU user privileges on the host.

  However, in order to escalate as far as it would happen on the bare
  metal with ALWAYS_EXECUTE (i.e., in order to gain firmware-level access
  on the host), the malicious option ROM would have to break through (1)
  QEMU, (2) traditional UID and GID based privilege separation on the
  host, (3) sVirt (SELinux) on the host, (4) the host OS - host firmware
  boundary. This is not impossible, but not likely enough to discourage
  the use cases below.

- This patch makes it possible to use unsigned iPXE network drivers that
  QEMU presents in the option ROMs of virtual NICs and assigned SR-IOV
  VFs, even if Secure Boot is in User Mode or Deployed Mode.

- The change also makes it possible to execute unsigned, outdated
  (revoked), or downright malicious option ROMs of assigned physical
  devices in guests, for corporate, entertainment, academia, or security
  research purposes.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19614 6f19259b-4bc3-4df7-8a09-765794883524
2016-01-07 18:48:17 +00:00
Laszlo Ersek 65d2bf4223 OvmfPkg: inherit Image Verification Policy defaults from SecurityPkg
Secure Boot support was originally addded to OvmfPkg on 2012-Mar-09, in
SVN r13093 (git 8cee3de7e9), titled

  OvmfPkg: Enable secure-boot support when SECURE_BOOT_ENABLE==TRUE

At that time the image verification policies in
SecurityPkg/SecurityPkg.dec were:

- option ROM image:      0x00 (ALWAYS_EXECUTE)
- removable media image: 0x05 (QUERY_USER_ON_SECURITY_VIOLATION)
- fixed media image:     0x05 (QUERY_USER_ON_SECURITY_VIOLATION)

The author of SVN r13093 apparently didn't want to depend on the
SecurityPkg defaults for the latter two image origins, plus the
ALWAYS_EXECUTE policy for option ROM images must have been deemed too lax.
For this reason SVN r13093 immediately spelled out 0x05
(QUERY_USER_ON_SECURITY_VIOLATION) within OvmfPkg for all three image
origins.

Fast forward to 2013-Aug-28: policy 0x05
(QUERY_USER_ON_SECURITY_VIOLATION) had been forbidden in the UEFI spec,
and SVN r14607 (git db44ea6c4e) reflected this in the source code:

- The policies for the latter two image origins were switched from 0x05 to
  0x04 (DENY_EXECUTE_ON_SECURITY_VIOLATION) in SecurityPkg,

- the patch changed the default policy for option ROM images too, from
  0x00 (ALWAYS_EXECUTE) to 0x04 (DENY_EXECUTE_ON_SECURITY_VIOLATION),

- any other client DSC files, including OvmfPkg's, underwent a whole-sale
  0x05 (QUERY_USER_ON_SECURITY_VIOLATION) -> 0x04
  (DENY_EXECUTE_ON_SECURITY_VIOLATION) replacement too.

The practical result of that patch for OvmfPkg was that the explicit 0x04
settings would equal the strict SecurityPkg defaults exactly.

And that's what we have today: the "override the default values from
SecurityPkg" comments in OvmfPkg's DSC files are stale, in practice.

It is extremely unlikely that SecurityPkg would change the defaults from
0x04 (DENY_EXECUTE_ON_SECURITY_VIOLATION) any time in the future, so let's
just inherit those in OvmfPkg.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19613 6f19259b-4bc3-4df7-8a09-765794883524
2016-01-07 18:48:13 +00:00
Ard Biesheuvel ce44ee32d3 OvfmPkg/XenHypercallLib: add missing GCC_ASM_EXPORT to XenHypercall2
GCC_ASM_EXPORT() not only exports a symbol as a function, it also emits
a .type <xxx>, %function directive, which is used by the ARM linker to
decide whether to emit interworking branches. So replace the explicit
.global with GCC_ASM_EXPORT(), or the code will not be callable from
Thumb-2 code.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Acked-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19329 6f19259b-4bc3-4df7-8a09-765794883524
2015-12-17 17:10:59 +00:00
Liming Gao 17247f53d5 OvmfPkg: Fix VS2015 warning C4459 in XenBusDxe
warning C4459: declaration of 'xs' hides global declaration.
Update code to rename local variable xs to xsp to be different.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Acked-by: Michael Kinney <michael.d.kinney@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19116 6f19259b-4bc3-4df7-8a09-765794883524
2015-12-04 03:16:37 +00:00
Laszlo Ersek 5133d1f1d2 OvmfPkg: replace README fine print about X64 SMM S3 with PlatformPei check
At the moment, the "UefiCpuPkg/Universal/Acpi/S3Resume2Pei" module doesn't
support S3 resume if the platform has SMM enabled and the PEI phase is
built for X64. We document this in the README, but it is not conspicuous
enough.

Replace the "fine print" in the README with a runtime check in
PlatformPei.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Suggested-by: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19070 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-30 23:36:31 +00:00
Laszlo Ersek 5e04f4b7e1 OvmfPkg: README: document SMM status
Cc: Paolo Bonzini <pbonzini@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19066 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-30 18:49:07 +00:00
Laszlo Ersek 46df0216b0 OvmfPkg: pull in SMM-based variable driver stack
When -D SMM_REQUIRE is given, replace both
- OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf and
- OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.inf
with
- OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesSmm.inf.

The outermost (= runtime DXE driver) VariableSmmRuntimeDxe enters SMM, and
the rest:
- the privileged half of the variable driver, VariableSmm,
- the fault tolerant write driver, FaultTolerantWriteSmm,
- and the FVB driver, FvbServicesSmm,
work in SMM purely.

We also resolve the BaseCryptLib class for DXE_SMM_DRIVER modules, for the
authenticated VariableSmm driver's sake.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19065 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-30 18:49:03 +00:00
Laszlo Ersek 1b0a8e6281 OvmfPkg: consolidate variable driver stack in DSC and FDF files
The following modules constitute the variable driver stack:

- QemuFlashFvbServicesRuntimeDxe and EmuVariableFvbRuntimeDxe, runtime
  alternatives for providing the Firmware Volume Block(2) Protocol,
  dependent on qemu pflash presence,

- FaultTolerantWriteDxe, providing the Fault Tolerant Write Protocol,

- MdeModulePkg/Universal/Variable/RuntimeDxe, independently of
  -D SECURE_BOOT_ENABLE, providing the Variable and Variable Write
  Architectural Protocols.

Let's move these drivers closer to each other in the DSC and FDF files, so
that we can switch the variable driver stack to SMM with more local
changes.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19064 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-30 18:48:59 +00:00
Laszlo Ersek b963ec494c OvmfPkg: QemuFlashFvbServicesRuntimeDxe: adhere to -D SMM_REQUIRE
When the user requires "security" by passing -D SMM_REQUIRE, and
consequently by setting PcdSmmSmramRequire, enforce flash-based variables.

Furthermore, add two ASSERT()s to catch if the wrong module were pulled
into the build.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19063 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-30 18:48:54 +00:00
Laszlo Ersek 79397dbd2e OvmfPkg: QemuFlashFvbServicesRuntimeDxe: add DXE_SMM_DRIVER build
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19062 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-30 18:48:50 +00:00
Laszlo Ersek 0d5d4205e3 OvmfPkg: build PiSmmCpuDxeSmm for -D SMM_REQUIRE
At this point we can enable building PiSmmCpuDxeSmm.

CPU specific features, like SMRR detection, and functions that are used to
initialize SMM and process SMIs, are abstracted through the
SmmCpuFeaturesLib class for the PiSmmCpuDxeSmm module. Resolve it to our
own implementation under OvmfPkg -- it allows PiSmmCpuDxeSmm to work with
QEMU's and KVM's 64-bit state save map format, which follows the
definition from AMD's programmer manual.

SmmCpuPlatformHookLib provides platform specific functions that are used
to initialize SMM and process SMIs. Resolve it to the one Null instance
provided by UefiCpuPkg, which is expected to work for most platforms.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
[pbonzini@redhat.com: resolve the SmmCpuFeaturesLib class to OVMF's own
 instance]

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Michael Kinney <michael.d.kinney@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19061 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-30 18:48:46 +00:00
Laszlo Ersek 92b87f1c8c OvmfPkg: build CpuS3DataDxe for -D SMM_REQUIRE
The PiSmmCpuDxeSmm driver from UefiCpuPkg depends on the ACPI_CPU_DATA
structure -- created by a platform- and CPU-specific driver -- in order to
support ACPI S3. The address of this structure is communicated through the
dynamic PCD PcdCpuS3DataAddress.

The "UefiCpuPkg/Include/AcpiCpuData.h" header file documents the fields of
this structure in detail.

The simple/generic "UefiCpuPkg/CpuS3DataDxe" driver creates and populates
the structure in a conformant way, and it co-operates well with
PiSmmCpuDxeSmm, for OVMF's purposes.

         PlatformBdsLib  CpuS3DataDxe     PiSmmCpuDxeSmm    S3Resume2Pei
         (DXE_DRIVER)    (DXE_DRIVER)     (DXE_SMM_DRIVER)  (PEIM)
         --------------  ---------------  ----------------  --------------
normal                   collects data
boot                     except MTRR
                         settings into
                         ACPI_CPU_DATA

                         sets
                         PcdCpuS3Da...

         signals
         End-of-Dxe
            |
            +----------> collects MTRR
                         settings into
                         ACPI_CPU_DATA

         installs
         [Dxe]Smm
         ReadyToLock
            |
            +---------------------------> fetches
                                          PcdCpuS3Dat...

                                          copies
                                          ACPI_CPU_DATA
                                          into SMRAM

runtime

S3
suspend

S3                                                          transfers
resume                                                      control to
                                                            PiSmmCpuDxe...
                                                                |
                                          uses             <----+
                                          ACPI_CPU_DATA
                                          from SMRAM

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Michael Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Michael Kinney <michael.d.kinney@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19060 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-30 18:46:55 +00:00
Laszlo Ersek bb0f18b0bc OvmfPkg: any AP in SMM should not wait for the BSP for more than 100 ms
This patch complements the previous one, "OvmfPkg: use relaxed AP SMM
synchronization mode". While that patch focuses on the case when the SMI
is raised synchronously by the BSP, on the BSP:

  BSPHandler()             [UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c]
    SmmWaitForApArrival()  [UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c]
      IsSyncTimerTimeout() [UefiCpuPkg/PiSmmCpuDxeSmm/SyncTimer.c]

this patch concerns itself with the case when it is one of the APs that
raises (and sees delivered) the synchronous SMI:

  APHandler()            [UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c]
    IsSyncTimerTimeout() [UefiCpuPkg/PiSmmCpuDxeSmm/SyncTimer.c]

Namely, in APHandler() the AP waits for the BSP to enter SMM regardless of
PcdCpuSmmSyncMode, for PcdCpuSmmApSyncTimeout microseconds (the default
value is 1 second). If the BSP doesn't show up in SMM within that
interval, then the AP brings it in with a directed SMI, and waits for the
BSP again for PcdCpuSmmApSyncTimeout microseconds.

Although during boot services, SmmControl2DxeTrigger() is only called by
the BSP, at runtime the OS can invoke runtime services from an AP (it can
even be forced with "taskset -c 1 efibootmgr"). Because on QEMU
SmmControl2DxeTrigger() only raises the SMI for the calling processor (BSP
and AP alike), the first interval above times out invariably in such cases
-- the BSP never shows up before the AP calls it in.

In order to mitigate the performance penalty, decrease
PcdCpuSmmApSyncTimeout to one tenth of its default value: 100 ms. (For
comparison, Vlv2TbltDevicePkg sets 1 ms.)

NOTE: once QEMU becomes capable of synchronous broadcast SMIs, this patch
and the previous one ("OvmfPkg: use relaxed AP SMM synchronization mode")
should be reverted, and SmmControl2DxeTrigger() should be adjusted
instead.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Michael Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Michael Kinney <michael.d.kinney@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19059 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-30 18:46:50 +00:00
Paolo Bonzini 9b1e378811 OvmfPkg: use relaxed AP SMM synchronization mode
Port 0xb2 on QEMU only sends an SMI to the currently executing processor.
The SMI handler, however, and in particular SmmWaitForApArrival, currently
expects that SmmControl2DxeTrigger triggers an SMI IPI on all processors
rather than just the BSP.  Thus all SMM invocations loop for a second (the
default value of PcdCpuSmmApSyncTimeout) before SmmWaitForApArrival sends
another SMI IPI to the APs.

With the default SmmCpuFeaturesLib, 32-bit machines must broadcast SMIs
because 32-bit machines must reset the MTRRs on each entry to system
management modes (they have no SMRRs).  However, our virtual platform
does not have problems with cacheability of SMRAM, so we can use "directed"
SMIs instead.  To do this, just set gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmSyncMode
to 1 (aka SmmCpuSyncModeRelaxedAp).  This fixes SMM on multiprocessor virtual
machines.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Michael Kinney <michael.d.kinney@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19058 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-30 18:46:46 +00:00
Paolo Bonzini c1fcd80bf4 OvmfPkg: SmmCpuFeaturesLib: customize state save map format
This adjusts the previously introduced state save map access functions, to
account for QEMU and KVM's 64-bit state save map following the AMD spec
rather than the Intel one.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
[lersek@redhat.com: reflow commit message, convert patch to CRLF]

Cc: Paolo Bonzini <pbonzini@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Michael Kinney <michael.d.kinney@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19057 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-30 18:46:42 +00:00