CPU_AP_DATA contains AP's information such as CpuHealthy and
VolatileRegisters. Exchange the whole CPU_AP_DATA buffer instead
some fields to make code more simple.
Signed-off-by: Zhiguang Liu <zhiguang.liu@intel.com>
ArmPsciResetSystemLib has been deprecated since commit
b2c55e7328 in 2017. The
lib itself has not been meaningfully updated in 10 years.
This commit removes the library to complete the deprecation
process and remove confusion over which library to use for
resetting an ARM platform.
Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
This patch moves GnuNoteBti.bin from ArmPkg to BaseTools as it
is used during the build by GCC. This removes an unnecessary
dependency on ArmPkg from BaseTools and keeps build related
files in BaseTools.
Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
This moves the GccLto files from ArmPkg to BaseTools as they
are files that are only used in the build. This removes an
artificial dependency on ArmPkg from BaseTools and keeps build
related files in BaseTools.
Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
Add a new pareser for the Hardware Error Source Table (HEST).
The HEST table is used to describe a system's hardware error sources
to OSPM.
Cc: Zhichao Gao <zhichao.gao@intel.com>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Pierre Gondois <pierre.gondois@arm.com>
Signed-off-by: levi.yun <yeoreum.yun@arm.com>
This reverts commit ae59b8ba41.
The commit ae59b8ba41 was added to modify the GenSmmPageTable()
to map SMRAM in 4K page granularity. It was to urgently fix a
smm hang issue by avoiding page split in paging structures that
covers SMRAM range when SMI happens. But finally the smm hang
issue was root caused and fixed by commit 839bd17973.
Meanwhile a smm page table creation related issue was introduced
by commit ae59b8ba41:
In the function GenSmmPageTable(), the paging level for the range
outside SMRAM is depend on the Input parameter PagingMode. However,
the paging level for SMRAM range is depend on m5LevelPagingNeeded.
If the two paging levels are different, then the smm page table is
created incorrectly.
So let's revert the commit "UefiCpuPkg/PiSmmCpuDxeSmm:Map SMRAM
in 4K page granularity"
Signed-off-by: Dun Tan <dun.tan@intel.com>
Add changes to print PMIC and RCD details of Smbios Type17 in Shell
smbiosview command.
Cc: Gaoliming <gaoliming@byosoft.com.cn>
Cc: Sainadh N <sainadhn@ami.com>
Cc: Sundaresan S <sundaresans@ami.com>
Cc: Srinivasan M <srinivasanm@ami.com>
Cc: Ramesh R <rameshr@ami.com>
Cc: Karthika R <karthikar@ami.com>
Signed-off-by: Shenbagadevi R <shenbagadevir@ami.com>
Reviewed-by: Giri Mudusuru <girimudusuru@microsoft.com>
PL031RealTimeClockLib will clear EFI_MEMORY_XP if a platform
has set it for MMIO memory when it does not include that bit
in its SetMemoryAttributes call. This region is not intended
to be executed from and as such the lib should explicitly set
EFI_MEMORY_XP to this region.
Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
When setting memory attributes on its MMIO region,
KvmtoolRtcFdtClientLib will clear EFI_MEMORY_XP from
the region if a platform has it set. This MMIO region is
not intended to be executed from, so fix this by explicitly
setting EFI_MEMORY_XP on this region in the lib.
Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
This adds logging in failure cases of SetMemoryAttributes. This
is useful generally as if an attribute update fails, code will
typically break, but is added in particular to make debugging
incorrect bootloader usage of the Memory Attribute Protocol. This
patch updates the AARCH64 UpdateRegionMapping.
Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
This adds logging in failure cases of SetMemoryAttributes. This
is useful generally as if an attribute update fails, code will
typically break, but is added in particular to make debugging
incorrect bootloader usage of the Memory Attribute Protocol. This
patch updates the ARM32 SetMemoryAttributes.
Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
The memory attribute protocol is primarily used by bootloaders
and there are many released bootloaders who use the protocol
incorrectly. It is challenging to debug these situations
because the bootloaders are generally black boxes and we
silently fail on the FW side.
This patch adds logging to some common memory attribute
protocol failures in CpuDxe.
Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
Platforms today may use this PCD as a dynamic PCD as that is an
allowed type in its PCD declaration. From `ArmPkg.dec`:
[PcdsFixedAtBuild.common, PcdsDynamic.common, PcdsPatchableInModule.common]
gArmTokenSpaceGuid.PcdSystemMemorySize|0|UINT64|0x0000002A
This library causes a build error if it used as a dynamic PCD since
it places the PCD in a `[FixedPcd]` section in the INF.
Other libraries do set the PCD and depend on the dynamic PCD behavior.
Since this library accesses the PCD with `PcdGet64 ()` which is
compatible with FixedAtBuild PCDs, this change moves the PCD out an
explicit `[FixedPcd]` section to resolve the following build error:
```
INFO - : error 3000: Building modules from source INFs, following
PCD use Dynamic and FixedAtBuild access method.
It must be corrected to use only one access
method.
INFO - gArmTokenSpaceGuid.PcdSystemMemorySize
```
Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
When allocating memory for a non-coherent DMA device, the current core
code removes the XP attribute, allowing code to execute from that
region. This is a security vulnerability and unneeded. This change
updates to mark the region as XP when allocating memory for the
non-coherent DMA device.
Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
Makes the `#` character used for comparison against wildcard
characters in `CHAR16` strings to be prefixed with `L` so the
character is treated as a wide character constant.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Library previously returned EFI_SUCCESS which causes the platform to
continue initializing LCD HW. Should return EFI_NOT_FOUND.
Resolves TCBZ3351.
Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
Includes the profiler SMI in the profile itself for completeness.
Co-authored-by: Michael Kubacki <michael.kubacki@microsoft.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Improves the CI output with more actionable messages and downgrades
some errors/warnings.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2411
With Use-After-Free heap guard feature enabled, the DxeCore would blindly
attempt to "level-up" when the `GuardAllFreedPages` inspect a non-max
level table entry from the last loop. This could cause the next round of
inspection to dereference a potentially null pointer and as such causing
a page fault.
This change adds a null pointer check to prevent such case from happening.
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: Kun Qin <kun.qin@microsoft.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4812
When the Select is out of support, use method break exception
instead of method return -1, avoid unknown errors caused by untimely
detection.
Cc: Chao Li <lichao@loongson.cn>
Signed-off-by: Dongyan Qian <qiandongyan@loongson.cn>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4655
[Feature Description]
- UFS device would clear fDeviceInit flag once the device initialization
is completed.
- This change is polling to check the flag is cleared or not with
specific timeout (UFS_INIT_COMPLETION_TIMEOUT - 600ms).
- This behavior is the same as UfsPassThruDxe module.
[Notes]
- This change included as a partial of below SHA1-ID
- 95ad8f7f6a
- c5740f3606
Signed-off-by: Jason1 Lin <jason1.lin@intel.com>
Add a new parser for the Error Injection Table (EINJ).
The EINJ table provides machinism through which OSPM
can inject hardware errors to the platform without requiring platform
specific OSPM software.
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhichao Gao <zhichao.gao@intel.com>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Pierre Gondois <pierre.gondois@arm.com>
Signed-off-by: levi.yun <yeoreum.yun@arm.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4563
As per Smbios 3.7.0 spec, added CXL 3.0 support in Type 9,
also added PMIC & RCD manufacturer ID and Revision information in Type17.
Cc: Sainadh N <sainadhn@ami.com>
Cc: Sundaresan S <sundaresans@ami.com>
Cc: Srinivasan M <srinivasanm@ami.com>
Cc: Ramesh R <rameshr@ami.com>
Signed-off-by: Shenbagadevi R <shenbagadevir@ami.com>
Reviewed-by: Gaoliming <gaoliming@byosoft.com.cn>
As the SMBIOS table types belong to the SMBIOS standard,
they were moved from the SMBIOS IndustryStandard into the
SMBIOS Protocol header with the EFI_-prefix.
Filling in definitions facilitates consistent use of header files:
EFI_SMBIOS_TYPE_TPM_DEVICE
EFI_SMBIOS_TYPE_PROCESSOR_ADDITIONAL_INFORMATION
EFI_SMBIOS_TYPE_FIRMWARE_INVENTORY_INFORMATION
EFI_SMBIOS_TYPE_STRING_PROPERTY_INFORMATION
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: Chao Li <lichao@loongson.cn>
Signed-off-by: Dongyan Qian <qiandongyan@loongson.cn>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4653
In DxeIplFindDxeCore function, there exists different behavior between
Debug and Release built BIOS. This change is used to unify both of
the code flow and fix the potential overflow of "Instance" variable.
In this change,
[1] Move the ASSERT_EFI_ERROR (Status) in failure to find DxeCore
in any firmware volume condition.
[2] Break the while-loop when not found required DxeCore.
This would make the Instance variable not overflow in while-loop.
[3] Add the CpuDeadLoop () in the end of the function and do not
return since DxeCore is mandatory for the following booting
to hand-off the PEI phase to DXE phase.
[4] In case of the CpuDeadLoop () is de-assert by debugger,
return the NULL pointer.
Signed-off-by: Jason1 Lin <jason1.lin@intel.com>
The Redfish drivers log messages as errors in various places when they
don't find an appropriate network interface - even when one has already
been found. Reduce those log messages to DEBUG_MANAGEABILITY to avoid
spamming the console in Release builds.
Signed-off-by: Rebecca Cran <rebecca@os.amperecomputing.com>
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3083
Since this is a library, make the function ExitBootServicesCallback()
STATIC to prevent the likelihood that it collides with other symbols.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
ASSERT_EFI_ERROR would be removed in release build.
This means it would trigger wrong behavior when invalid pin number given
to Get(), Set() and GetMode().
Adding error check routine for invalid pin number and before check the
pin number, check first other argument given to each function.
Signed-off-by: Levi Yun <yeoreum.yun@arm.com>
Introduce a driver that allows users to disable the EFI Memory Attribute
protocol through an HII setup option, in order to work around a broken
version of rhboot's shim used in some distros (e.g. CentOS Stream 9)
which incorrectly invokes the protocol and results in a Synchronous
Exception.
Default is enabled, which can also be overridden at build time by
changing `gEmbeddedTokenSpaceGuid.PcdMemoryAttributeEnabledDefault`.
It is only applicable to ARM64 and there isn't any other technical
reason for disabling this security feature.
See:
- https://github.com/microsoft/mu_silicon_arm_tiano/issues/124
- https://edk2.groups.io/g/devel/topic/99631663
- https://github.com/tianocore/edk2/pull/5840
Signed-off-by: Mario Bălănică <mariobalanica02@gmail.com>
This query seems to produce a rate of false positives with some
common patterns in edk2 like passing function pointers for callback.
Due to the usage of `STATIC` instead of `static` particularly for
functions, this query was rarely used in the past. It is removed
here to prevent future false positives.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Some unit tests would fail to execute or execute and not produce any output
logs. In these cases, the only output would be in the CI Log as
`UnitTest Execution Error`.
A UnitTest Execution Error should be considered the same as a unit tests
test failing.
Signed-off-by: Aaron Pop <aaronpop@microsoft.com>
The GeneralCheckNonAscii() function is a sledgehammer rejecting any file
containing any character outside of the 7-bit ASCII encoding space, as
well as the DEL character (which seems unrelated).
This conflicts with basic stuff like correctly spelling certain proper
nouns in comments (like copyright statements), or string literals (for
example in multi-language driver binding ComponentNames).
So rip it out, to be replaced by more fine-grained checks to be added as
identified and needed.
Signed-off-by: Leif Lindholm <quic_llindhol@quicinc.com>
Ecc concistently referred to ASCII/Ascii as ACSII/Acsii, which
bugged me to no end when trying to figure out how those tests
worked. Fix all instances.
Signed-off-by: Leif Lindholm <quic_llindhol@quicinc.com>
Open the network option to enable networking on the LoongArch QEMU
platform.
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Chao Li <lichao@loongson.cn>
Keep ZKR feature disabled by default until HW supports
it. Feature is implemented in RISC-V BaseRngLib.
Cc: Andrei Warkentin <andrei.warkentin@intel.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Sunil V L <sunilvl@ventanamicro.com>
Signed-off-by: Dhaval Sharma <dhaval@rivosinc.com>
Co-authored-by: Tim Wawrzynczak <tim@rivosinc.com>
The ratified RISC-V crypto scalar extensions provide entropy bits via the
seed CSR, as exposed by the Zkr extension. The Zkr extension is ratified
and provides 16 bits of entropy seed when reading the SEED CSR.
Guarded by a RISCV64 Feature PCD, 64-bit random numbers can be
accumulated from the `seed` CSR. This driver is based on the driver in
the Linux kernel.
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Signed-off-by: Dhaval Sharma <dhaval@rivosinc.com>
Co-authored-by: Tim Wawrzynczak <tim@rivosinc.com>
This debug print may attempt to print a string without a null
terminator that can lead to a machine check.
The value printed is substituted with a source buffer to still
allow debug.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
There was a wild pointer in Fdt16550SerialProtHookLib which pointed to
an unknown space, which was very wrong and has been fixed.
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Chao Li <lichao@loongson.cn>
Static relocation types have been handled in GenFw if using the PIC, and
the CC flags not enable `fno-pic` by default.
The option `fno-plt` is not necessary, as is not created by defualt in
edk2(static linking) regardless of wether `fplt` is used or not, so
remove this option from the LoongArch common CC flags.
Cc: Rebecca Cran <rebecca@bsdio.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Bob Feng <bob.c.feng@intel.com>
Cc: Yuwei Chen <yuwei.chen@intel.com>
Signed-off-by: Chao Li <lichao@loongson.cn>
CC_MEASUREMENT_ENABLE is designed to control the loading of TdTcg2Dxe
driver which is for EFI_CC_MEASUREMENT_PROTOCOL. TdTcg2Dxe is TD-Guest
specific driver.
From the security perspective a TD-Guest shall always load the TdTcg2Dxe
driver so that EFI_CC_MEASUREMENT_PROTOCOL is installed and booting
events are measured and extended to RTMRs.
TdTcg2Dxe will check if it is running in a TD-Guest. If not then it
returns right now and no EFI_CC_MEASUREMENT_PROTOCOL is installed.
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Michael Roth <michael.roth@amd.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
REF : https://bugzilla.tianocore.org/show_bug.cgi?id=4725
ACM provides register to report TPM measurement status. If ACM has
already measured FSP component, BIOS shoule be able to skip measurement.
PcdFspMeasurementConfig should be DynamicEx to skip measurement.
Signed-off-by: Awiral Shrivastava <awiral.shrivastava@intel.com>
Makes the `mInternalRT` global static in this library instance to
avoid conflicting with other code such as a global variable with
the same name in MdePkg/Library/UefiRuntimeLib.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
In EfiHttpRequest(), length of target URLs was always compared to
fixed-size value, even after allocating a larger URL buffer. Added
UrlLen to HTTP_PROTOCOL to store the size and reallocate if the size
changes.
Signed-off-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
With the commit ce4c76e (“OvmfPkg/Sec: Setup MTRR early
in the boot process.”), we find an unexpected #VE is triggered
in TD-Guest.
The background of importing the above commit is that:
Before running lzma uncompress of the main firmware volume,
if not correctly set MTRR, that would make the uncompress be
extremely slow.
Detailed discussion info can refer to below links:
https://edk2.groups.io/g/devel/message/114202https://edk2.groups.io/g/devel/message/114977
Refer to [intel-tdx-module-1.5-base-spec] Section 11.3 and
section11.6.1, CR0.CD is enforced to 0 in TD-Guest.
And refer to section 18.2.1.4, TDX module MTRR emulation
enforces WB in VMM.
Currently the initial MTRR are:
- Td-Guest : MTRR disabled, Type is WB.
- Non-Td-Guest : MTRR disabled, Type is UC.
In DXE phase, OVMF/TDVF would check the MTRR Type for MMIO
(in CpuSetMemoryAttributes -> MtrrGetMemoryAttribute ->
MtrrGetMemoryAttributeworker:
https://github.com/tianocore/edk2/blob/master/UefiCpuPkg/Library/MtrrLib/MtrrLib.c#L929
).
If MTRR is disabled, it always returns UC. Otherwise, it returns
the actual value.
If it checks that the type is not UC then the MTRR is programmed.
It is required to disable cache by setting CR0.CD to 1. That will trigger
an unexpected #VE in TD-Guest.
Based on above analysis we propose to skip "Setup MTRR early" in
TD-Guest because of:
- TD-Guest doesn’t have the issue that lzma uncompress extremely slow.
- This patch will trigger an unexpected #VE in TD-Guest.
intel-tdx-module-1.5-base-spec:
https://cdrdv2.intel.com/v1/dl/getContent/733575
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Ceping Sun <cepingx.sun@intel.com>
Zhiguang Liu
Oliver Smith-Denny
levi.yun
Dun Tan
Shenbagadevi R
Michael Kubacki
Oliver Smith-Denny
Bret Barkelew
Bret Barkelew
Kun Qin
Dongyan Qian
Jason1 Lin
Rebecca Cran
Mario Bălănică
v-bhavanisu
Leif Lindholm
Chao Li
Dhaval
KasimX Liu
Min M Xu
Awiral Shrivastava
Saloni Kasbekar
Ceping Sun