While IScsiDxe certainly is a useful feature it is rarely used, and it
slows down firmware boot quite a bit. So disable it by default and only
load it in case this is explicitly requested via fw_cfg.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
UefiDriverEntryPointFwCfgOverrideLib will use
PcdEntryPointOverrideDefaultValue to decide what to do in case the
fw_cfg file specified via PcdEntryPointOverrideFwCfgVarName is not
present. Default is "yes".
This allows to disable drivers by default and only enable them when
requested via fw_cfg.
Also log a message with the config option applied and whenever the
default value or a fw_cfg option was used.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Use UefiDriverEntryPointFwCfgOverrideLib for UsbMassStorageDxe so
the driver can be enabled/disabled via fw_cfg option.
usage: qemu -fw_cfg name=opt/org.tianocore/UsbStorageSupport,string={yes,no}
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Use UefiDriverEntryPointFwCfgOverrideLib for IScsiDxe so the driver
can be enabled/disabled via fw_cfg option.
usage: qemu -fw_cfg name=opt/org.tianocore/ISCSISupport,string={yes,no}
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Use UefiDriverEntryPointFwCfgOverrideLib for VirtioNetDxe so the driver
can be enabled/disabled via fw_cfg option.
usage: qemu -fw_cfg name=opt/org.tianocore/VirtioNetSupport,string={yes,no}
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Currently, the only way to disable PXE boot options is to change the PCD
variables PcdIPv4PXESupport and PcdIPv6PXESupport in the source code or
use the "--pcd" option in the build script. Other boot options such
as HTTP or iSCSI can be disabled using the -D<option> flag.
NETWORK_PXE_BOOT_ENABLE will add a consistent way to disable PXE booting.
This is the third and final part of a series of patches to enable the
NETWORK_PXE_BOOT_ENABLE build flag. At this point, the flag will be able
to disable PXE functionality.
Signed-off-by: Alexander Gryanko <xpahos@gmail.com>
The second step is to add an option to the OvmfPkg module to disable
PXE booting using the NETWORK_PXE_BOOT_ENABLE flag. The patch is divided
into 3 parts. At the current stage the flag is not functional.
Signed-off-by: Alexander Gryanko <xpahos@gmail.com>
The first step is to add an option to disable PXE loading. The patch is
divided into 3 parts. This part adds the NETWORK_PXE_BOOT_ENABLE flag
to the ArmVirtPkg module. At the current stage the flag is not functional.
Signed-off-by: Alexander Gryanko <xpahos@gmail.com>
The GetRandomNumber functions in DxeRngLib can return success without
actually generating a random number. This occurs because there are code
paths through `GenerateRandomNumberViaNist800Algorithm` that do not
initialize the `Status` variable.
- Assume mFirstAlgo == MAX_UINTN (no secure algorithms available)
- Assume none of the secure algorithms have `Available` set.
- Assume PcdEnforceSecureRngAlgorithms is TRUE.
In this condition, the `Status` variable is never initialized, `Buffer`
data is never touched. It is fairly likely that Status is 0, so we can
return EFI_SUCCESS without writing anything to Buffer.
Fix is to set `Status = error_code` in this code path.
`EFI_SECURITY_VIOLATION` seems appropriate.
Signed-off-by: Doug Cook <idigdoug@gmail.com>
DebugLib PCDs are very important, but they're confusing and not
well-explained anywhere. Improve the documentation comments for them to
explain how they work and how they relate to each other.
Signed-off-by: Doug Cook <idigdoug@gmail.com>
The scratch buffer (EfiBootServicesData) is assigned to extract DXE FVs
that are compressed. The matching decompression library returns the buffer
size as below. The buffer is no longer used after completing extraction.
Need to free the buffer to optimize memory allocation and usage.
BaseUefiDecompressLib : sizeof (SCRATCH_DATA)
LzmaCustomDecompressLib : SCRATCH_BUFFER_REQUEST_SIZE (64KB)
BrotliCustomDecompressLib : From EncodeData header (usually, xxMB checked)
In case of Brotli decompression, it is found that a big chunk of memory is
required, based on EncodeData header. (e.g. a 4MB compressed FV reports
about 39MB scratch size)
Signed-off-by: Phil Noh <Phil.Noh@amd.com>
The issue with locating the expected interface and endpoint descriptors
arises because `configDesc` (USB_CONFIG_DESCRIPTOR) and `IfDesc`
(USB_INTERFACE_DESCRIPTOR) are incremented by structure size rather than
by actual descriptor length.
Specifically:
- `configDesc` should be incremented by its actual length.
- `IfDesc` should be incremented by its actual length.
This incorrect increment causes misalignment, preventing access to the
subsequent interface and endpoint descriptors.
[Suggested Solution]
Update the code to increment the pointers by the actual descriptor lengths,
ensuring proper access to all descriptors in the USB configuration.
Signed-off-by: Aniket Surekar <Aniket.Surekar@Dell.com>
According to UEFI spec 2.10 errata A section 7.4.6
"All events from the EFI_EVENT_GROUP_BEFORE_EXIT_BOOT_SERVICES and
EFI_EVENT_GROUP_EXIT_BOOT_SERVICES event notification groups as well
as events of type EVT_SIGNAL_EXIT_BOOT_SERVICES must be signaled
before ExitBootServices() returns EFI_SUCCESS. The events are only
signaled once even if ExitBootServices() is called multiple times."
So keep track of whether ExitBootServices() has been called, and signal
the event group EFI_EVENT_GROUP_BEFORE_EXIT_BOOT_SERVICES only the first
time around.
EFI_EVENT_GROUP_EXIT_BOOT_SERVICES will only be signalled if
ExitBootServices() is going to run to [successful] completion, after
which calling it a second time is not possible anyway. So for this case,
no special handling is needed.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
When booting at EL2, enable VHE if available so that the early ID map
can be enabled as well. This gets rid of any memory accesses (reads or
writes) before the MMU and caches are enabled.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
With mSecureHashAlgorithms being static this should not be
needed any more.
Suggested-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
With mSecureHashAlgorithms being static this should not be
needed any more.
Suggested-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Links from acpica.org are now redirected to the ACPICA overview page
on intel.com. Update the link so it goes to the 20200717 download page.
Signed-off-by: Rebecca Cran <rebecca@bsdio.com>
Check PcdConfidentialComputingGuestAttr instead of calling
MemEncryptSevIsEnabled() and MemEncryptTdxIsEnabled() to figure
whenever SEV or TDX is enabled.
This allows to remove the MemEncryptSevLib + MemEncryptTdxLib
dependencies.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Improve the formatting of the error message when GetVariable
fails: start the message with an upper-case character, and close the
quotes around the variable name.
Signed-off-by: Rebecca Cran <rebecca@bsdio.com>
The Fedora 40 images uses gcc 14, includes libasan and
libubsan, clang, and some fixes and improvements.
See c98ff99762
Signed-off-by: Oliver Steffen <osteffen@redhat.com>
The BDF format for PCI initiators in the SRAT table is incorrect.
The format is not a UINT16 but specific bytes.
PCI Bus Number (Bits 7:0 of Byte 2)
PCI Device Number (Bits 7:3 of Byte 3)
PCI Function Number (Bits 2:0 of Byte 3)
REF: https://uefi.org/specs/ACPI/6.5/05_ACPI_Software_Programming_Model.html#device-handle-pci
Signed-off-by: Jeff Brasen <jbrasen@nvidia.com>
Intel's ACPICA download is no longer on acpica.org, but that site
redirects to pages on intel.com. Update the link to acpica.org to
the new ACPICA download page.
Microsoft's acpi.info no longer exists, so update the link to point to
Microsoft's ACPI compiler information page.
While here, update the nasm link from http to https.
Signed-off-by: Rebecca Cran <rebecca@bsdio.com>
Update Tpm12.h and Tpm20.h and not use c++ reserved keywords
operator and xor in C structures to support use of these
include files when building with a C++ compiler.
This patch removes the temporary use of anonymous unions and
warning 4201 disable for VS20xx tool chains to complete the
following field name changes:
* operator -> operator_
* xor -> xor_
NOTE: This is a non-backwards compatible change to Tpm12.h
and Tmp20.h. And consumers of these include files that access
the "operator" or "xor" fields must be updated.
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Change xor to xor_ to avoid C++ reserved work name collisions
when building with C++ compilers.
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Update Tpm12.h and Tpm20.h and not use c++ reserved keywords
operator and xor in C structures to support use of these
include files when building with a C++ compiler.
This patch temporarily introduces an anonymous union to add
operator_ and xor_ fields to support migration from the current
field names to the new field names.
Warning 4201 is disabled for VS20xx tool chains is a temporary
change to allow the use of anonymous unions.
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Links from acpica.org are now redirected to the ACPICA overview page
on intel.com. Update the link so it goes to the 20200517 download page.
Signed-off-by: Rebecca Cran <rebecca@bsdio.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4874
Question CheckBox, OneOf and Numeric can refer to Bit EFI VarStore.
CheckBox: data type is Boolean (1 byte),
Numeric/Oneof: data type is always UNIT32 for BIT VarStore,
When get default value for BIT VarStore, should return default value
with sizeof (UINT32) rather than the byte the bit width occupied.
Or incorrect default value will be used due to the size mismatch.
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
When updating memory attributes, if only access attributes are changed,
the default memory cache attribute is NULL and a CACHE_CC is added by
default.
Signed-off-by: Chao Li <lichao@loongson.cn>
Gerd Hoffmann
Alexander Gryanko
Mike Maslenkin
Doug Cook (WINDOWS)
Rebecca Cran
Phil Noh
Aniket_Surekar
Ard Biesheuvel
Chao Li
Oliver Steffen
Ray Ni
Oliver Smith-Denny
Jeff Brasen
Michael D Kinney
Dandan Bi