VA_START, VA_END and VA_COPY are the same as the generic macros.
VA_ARG was reverse engineered from MS ARM assembly output.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Pete Batard <pete@akeo.ie>
Reviewed-by: Liming Gao <liming.gao@intel.com>
We disable the exact same warnings as IA32 and X64.
Also create a dummy macro for PRESERVE8, as this is not supported by
the Microsoft ARM assembler.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Pete Batard <pete@akeo.ie>
Reviewed-by: Liming Gao <liming.gao@intel.com>
In SafeUintnToChar8(), update its output parameter name.
Update pui8Result --> Result to match its library implementation
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Michael Kinney <michael.d.kinney@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
The Type field of EFI_ACPI_6_2_PPTT_STRUCTURE_PROCESSOR should
be UINT8 as ACPI version 6.2 specification.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ming Huang <huangming23@huawei.com>
Signed-off-by: Heyi Guo <heyi.guo@linaro.org>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
https://bugzilla.tianocore.org/show_bug.cgi?id=798
SafeIntLib provides helper functions to prevent integer overflow
during type conversion, addition, subtraction, and multiplication.
Conversion Functions
====================
* Converting from a signed type to an unsigned type of the same
size, or vice-versa.
* Converting to a smaller type that could possibly overflow.
* Converting from a signed type to a larger unsigned type.
Unsigned Addition, Subtraction, Multiplication
===============================================
* Unsigned integer math functions protect from overflow and
underflow (in case of subtraction).
Signed Addition, Subtraction, Multiplication
============================================
* Strongly consider using unsigned numbers.
* Signed numbers are often used where unsigned numbers should
be used. For example file sizes and array indices should always
be unsigned. Subtracting a larger positive signed number from a
smaller positive signed number with SafeInt32Sub() will succeed,
producing a negative number, that then must not be used as an
array index (but can occasionally be used as a pointer index.)
Similarly for adding a larger magnitude negative number to a
smaller magnitude positive number.
* SafeIntLib does not protect you from such errors. It tells you
if your integer operations overflowed, not if you are doing the
right thing with your non-overflowed integers.
* Likewise you can overflow a buffer with a non-overflowed
unsigned index.
Based on content from the following branch/commits:
https://github.com/Microsoft/MS_UEFI/tree/share/MsCapsuleSupport21ef3a321cca516b1a6133bab4031a
Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Sean Brogan <sean.brogan@microsoft.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Support TPM Command cancel if executing command timeouts. Cancel could
happen in long running command case
Cc: Yao Jiewen <jiewen.yao@intel.com>
Cc: Chinnusamy Rajkumar K <rajkumar.k.chinnusamy@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
It was missed to be updated at
SHA-1: 043026ac12.
Cc: Liming Gao <liming.gao@intel.com>
Cc: Michael Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
For the support of VTd 2.5, add the BIT definition of
DMA_CTRL_PLATFORM_OPT_IN_FLAG
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
When compiling with any ARM toolchain and Os, registers can get
trashed when returning for the second time from SetJump because GCC
only handles this correctly when using standard names like 'setjmp' or
'getcontext'. When different names are used you have to use the
attribute 'returns_twice' to tell gcc to be extra careful.
example:
extern int FN_NAME(void*);
void jmp_buf_set(void *jmpb, void (*f)(void))
{
if (!FN_NAME(jmpb))
f();
}
this code produces this wrong code with Os:
00000000 <jmp_buf_set>:
0: e92d4010 push {r4, lr}
4: e1a04001 mov r4, r1
8: ebfffffe bl 0 <nonstandard_setjmp>
c: e3500000 cmp r0, #0
10: 01a03004 moveq r3, r4
14: 08bd4010 popeq {r4, lr}
18: 012fff13 bxeq r3
1c: e8bd4010 pop {r4, lr}
20: e12fff1e bx lr
The generated code pushes backups of r4 and lr to the stack and then
saves all registers using nonstandard_setjmp.
Then it pops the stack and jumps to the function in r3 which is the
main problem because now the function can overwrite our register
backups on the stack.
When we return a second time from the call to nonstandard_setjmp, the
stack pointer has it's original(pushed) position and when the code
pops r4 and lr from the stack the values are not guaranteed to be the
same.
When using a standard name like setjmp or getcontext or adding
'__attribute__((returns_twice))' to nonstandard_setjmp's declaration
the code looks different:
00000000 <jmp_buf_set>:
0: e92d4007 push {r0, r1, r2, lr}
4: e58d1004 str r1, [sp, #4]
8: ebfffffe bl 0 <setjmp>
c: e3500000 cmp r0, #0
10: 059d3004 ldreq r3, [sp, #4]
14: 01a0e00f moveq lr, pc
18: 012fff13 bxeq r3
1c: e28dd00c add sp, sp, #12
20: e49de004 pop {lr} ; (ldr lr, [sp], #4)
24: e12fff1e bx lr
Here the problem is being solved by restoring r3 from the stack
without popping it.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Michael Zimmermann <sigmaepsilon92@gmail.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
PCI_ECAM_ADDRESS() macro is defined in PciExpress21.h so
always include PciExpress21.h in the library header file.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Change the PEI and DXE service table revisions to 1.6.
The SMM part is already done by commit:
07c6a47e70 &
2f208e59e4
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
DUAL_ADDRESS_CYCLE is missing in the EFI_UNSUPPORTED
return status description.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
The ARM calling convention is fundamentally incompatible with EBC,
and having a cross compatible machine type identical to the native
type does not make a lot of sense either. So restrict the compatible
machine type for ARM to EFI_IMAGE_MACHINE_ARMTHUMB_MIXED, and remove
the cross compatible.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Liming Gao <liming.gao@intel.com>
The new definitions include two structures
IA32_TASK_STATE_SEGMENT
IA32_TSS_DESCRIPTOR
two macros
IA32_GDT_TYPE_TSS
IA32_GDT_ALIGNMENT
and one API
VOID
EFIAPI
AsmWriteTr (
IN UINT16 Selector
);
They're needed to setup task gate and interrupt stack table for stack switch.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Suggested-by: Ayellet Wolman <ayellet.wolman@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jeff Fan <vanjeff_919@hotmail.com>
Reviewed-by: Jiewen.yao@intel.com
clang, when used as a preprocessor for dtc, does not discard #pragma
statements although -x assembler-with-cpp is specified. This causes dtc
to barf at a #pragma pack() statement that is already filtered out for
__GNUC__. So add a check to also filter this out if __ASSEMBLER__.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Follow PI spec (>= 1.5) to add new return status code description
and make CommSize OPTIONAL.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
The definitions are introduced by PI 1.6 spec.
The EFI_FIRMWARE_VOLUME_EXT_ENTRY_USED_SIZE_TYPE can be used to find
out how many EFI_FVB2_ERASE_POLARITY bytes are at the end of the FV.
When the FV gets shadowed into memory you only need to copy the used
bytes into memory and fill the rest of the memory buffer with the
erase value.
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
SerialSetAttributes is meant to match the behavior of the function
EFI_SERIAL_IO_PROTOCOL.SetAttributes() in the UEFI spec (v2.7). This
means the function can only return:
- EFI_SUCCESS
- EFI_INVALID_PARAMETER
- EFI_DEVICE_ERROR
However the function SerialPortSetAttributes may also validly return
EFI_UNSUPPORTED. For instance this is the case of the Xen Console
driver.
EFI_UNSUPPORTED could be also interpreted as "One or more of the attributes
has an unsupported value". So return EFI_INVALID_PARAMETER in that case.
Lastly, to prevent another return slipping in the future, all the errors
but EFI_INVALID_PARAMETER and EFI_UNSUPPORTED will return
EFI_DEVICE_ERROR.
Contributed-under: Tianocore Contribution Agreement 1.1
Signed-off-by: Julien Grall <julien.grall@linaro.org>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Per the UEFIv2.7 spec, EFI_DEVICE_ERROR is returned when the serial
device is not functioning correctly. Update the description to avoid
confusion.
Contributed-under: Tianocore Contribution Agreement 1.1
Signed-off-by: Julien Grall <julien.grall@linaro.org>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
This commit adds header files for the SPI protocols introduced in the
UEFI PI 1.6 specification, as well as their GUIDs to MdePkg.dec.
EFI_SPI_TRANSACTION_TYPE assumes an enum with its members ordered the
way they are listed in the specification, as there are no values given
explicitely.
EFI_LEGACY_SPI_CONTROLLER_GUID assumes the character 'l' used in the
specification was meant to be '1'.
V2:
- Fixed LegacySpiFlash.h's header guard.
- Fixed LegacySpiSmmController's GUID name.
- Removed EFI_SPI_NOR_FLASH_PROTOCOL_LF_READ_DATA as it's unused.
- Added the missing SpiSmmNorFlash header.
- Fixed all file endings to be CRLF.
- Removed trailing whitespaces.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Marvin Haeuser <Marvin.Haeuser@outlook.com>
Reviewed-by: Dandan Bi <dandan.bi@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
NVDIMM_LABEL protocol is defined in UEFI 2.7 spec, to provide
services that allow management of labels contained in a Label
Storage Area in NVDIMM.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
BTT definitions are defined in UEFI spec 2.7, to defines
a layout and set of rules for doing block I/O that provide
powerfail write atomicity of a single block in NVDIMM.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
PCI_REG_PCIE_SLOT_CONTROL contains a typo. It is defined as:
typedef union {
struct {
UINT32 AttentionButtonPressed : 1;
UINT32 ...
...
} Bits;
UINT16 Uint16;
} PCI_REG_PCIE_SLOT_CONTROL;
The bit field data type should be UINT16 instead of UINT32,
results sizeof (PCI_REG_PCIE_SLOT_CONTROL) equals to 4 instead of 2.
Because this structure is used in PCI_CAPABILITY_PCIEXP as below:
typedef struct {
...
PCI_REG_PCIE_SLOT_CONTROL SlotControl;
PCI_REG_PCIE_SLOT_STATUS SlotStatus;
} PCI_CAPABILITY_PCIEXP;
It cause the OFFSET_OF (PCI_CAPABILITY_PCIEXP, SlotStatus) equal
to a wrong value.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Mark EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS as deprecated. Also update
some function descriptors accordingly.
Cc: Long Qin <qin.long@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
Add the comments to address security problems in the Pkcs7Verify Protocol
per UEFI 2.7 updates.
The Pkcs7Verifier function VerifySignature() has problematic use cases
where it might be used to unwittingly bypass security checks. The specific
problem is that if the supplied hash is a different algorithm from the
blacklist hash, the hash will be approved even if it should have been
denied. The added comments place a strong warning about the problem.
It is possible to use the protocol reliably, either by agreeing a hash to
use for all time (like sha256) or by looping over all supported hashes when
using the protocol.
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: James Bottomley <James.Bottomley@HansenPartnership.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.long@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
Add BuildFv3Hob API in HobLib.h and implement the API
in HobLib instances PeiHobLib, DxeHobLib and DxeCoreHobLib.
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
CalculateCrc32() bases on the initialized mCrcTable. When CalculateCrc32()
is used, mCrcTable will take 1KB size in the image. When CalculateCrc32()
is not used, mCrcTable will not be built in the image, and no size impact.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Liming Gao <liming.gao@intel.com>
Revision 2.2 of the PCI Spec defines Capability IDs 0 through 6,
inclusive, in Appendix H. It reserves IDs 7 through 255.
Revision 2.3 of the PCI Spec adds Capability IDs 7 through 0xC, inclusive,
in Appendix H. Capability ID 9 stands for "Vendor Specific".
Add the EFI_PCI_CAPABILITY_ID_VENDOR macro and the
EFI_PCI_CAPABILITY_VENDOR_HDR structure type to MdePkg/IndustryStandard,
in order to describe this capability header.
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Follow PI 1.6 spec to add FFS_ATTRIB_DATA_ALIGNMENT_2 definition for
FFS alignment extended to support maximum 16MB.
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
This patch adds a few more UDF volume structures in order to detect an
UDF file system which is supported by current EDK2 UDF file system
implementation in Partition driver.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Paulo Alcantara <pcacjr@zytor.com>
Build-tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Tested-by: Hao Wu <hao.a.wu@intel.com>
Build-tested-by: Star Zeng <star.zeng@intel.com>
Build-tested-by: Paulo Alcantara <paulo@hp.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
This patch adds basic volume structure definitions necessary to identify
a valid UDF file system on a block device, as specified by OSTA
Universal Disk Format Specification 2.60.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Paulo Alcantara <pcacjr@zytor.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Follow PI 1.6 spec to add FreePages definition and comments for
AllocatePages that will support pre permanent memory page allocation.
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Pete Batard
Liming Gao
Heyi Guo
Ruiyu Ni
Ming Huang
Sean Brogan
Zhang, Chao B
Star Zeng
Hao Wu
M1cha
Jian J Wang
Zenith432
Ard Biesheuvel
Leif Lindholm
Julien Grall
Marvin.Haeuser@outlook.com
Long Qin
Laszlo Ersek
Jiaxin Wu
Paulo Alcantara
Jiewen Yao
Eric Dong
Wang Fan