REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2411
With Use-After-Free heap guard feature enabled, the DxeCore would blindly
attempt to "level-up" when the `GuardAllFreedPages` inspect a non-max
level table entry from the last loop. This could cause the next round of
inspection to dereference a potentially null pointer and as such causing
a page fault.
This change adds a null pointer check to prevent such case from happening.
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: Kun Qin <kun.qin@microsoft.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4812
When the Select is out of support, use method break exception
instead of method return -1, avoid unknown errors caused by untimely
detection.
Cc: Chao Li <lichao@loongson.cn>
Signed-off-by: Dongyan Qian <qiandongyan@loongson.cn>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4655
[Feature Description]
- UFS device would clear fDeviceInit flag once the device initialization
is completed.
- This change is polling to check the flag is cleared or not with
specific timeout (UFS_INIT_COMPLETION_TIMEOUT - 600ms).
- This behavior is the same as UfsPassThruDxe module.
[Notes]
- This change included as a partial of below SHA1-ID
- 95ad8f7f6a
- c5740f3606
Signed-off-by: Jason1 Lin <jason1.lin@intel.com>
Add a new parser for the Error Injection Table (EINJ).
The EINJ table provides machinism through which OSPM
can inject hardware errors to the platform without requiring platform
specific OSPM software.
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhichao Gao <zhichao.gao@intel.com>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Pierre Gondois <pierre.gondois@arm.com>
Signed-off-by: levi.yun <yeoreum.yun@arm.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4563
As per Smbios 3.7.0 spec, added CXL 3.0 support in Type 9,
also added PMIC & RCD manufacturer ID and Revision information in Type17.
Cc: Sainadh N <sainadhn@ami.com>
Cc: Sundaresan S <sundaresans@ami.com>
Cc: Srinivasan M <srinivasanm@ami.com>
Cc: Ramesh R <rameshr@ami.com>
Signed-off-by: Shenbagadevi R <shenbagadevir@ami.com>
Reviewed-by: Gaoliming <gaoliming@byosoft.com.cn>
As the SMBIOS table types belong to the SMBIOS standard,
they were moved from the SMBIOS IndustryStandard into the
SMBIOS Protocol header with the EFI_-prefix.
Filling in definitions facilitates consistent use of header files:
EFI_SMBIOS_TYPE_TPM_DEVICE
EFI_SMBIOS_TYPE_PROCESSOR_ADDITIONAL_INFORMATION
EFI_SMBIOS_TYPE_FIRMWARE_INVENTORY_INFORMATION
EFI_SMBIOS_TYPE_STRING_PROPERTY_INFORMATION
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: Chao Li <lichao@loongson.cn>
Signed-off-by: Dongyan Qian <qiandongyan@loongson.cn>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4653
In DxeIplFindDxeCore function, there exists different behavior between
Debug and Release built BIOS. This change is used to unify both of
the code flow and fix the potential overflow of "Instance" variable.
In this change,
[1] Move the ASSERT_EFI_ERROR (Status) in failure to find DxeCore
in any firmware volume condition.
[2] Break the while-loop when not found required DxeCore.
This would make the Instance variable not overflow in while-loop.
[3] Add the CpuDeadLoop () in the end of the function and do not
return since DxeCore is mandatory for the following booting
to hand-off the PEI phase to DXE phase.
[4] In case of the CpuDeadLoop () is de-assert by debugger,
return the NULL pointer.
Signed-off-by: Jason1 Lin <jason1.lin@intel.com>
The Redfish drivers log messages as errors in various places when they
don't find an appropriate network interface - even when one has already
been found. Reduce those log messages to DEBUG_MANAGEABILITY to avoid
spamming the console in Release builds.
Signed-off-by: Rebecca Cran <rebecca@os.amperecomputing.com>
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3083
Since this is a library, make the function ExitBootServicesCallback()
STATIC to prevent the likelihood that it collides with other symbols.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
ASSERT_EFI_ERROR would be removed in release build.
This means it would trigger wrong behavior when invalid pin number given
to Get(), Set() and GetMode().
Adding error check routine for invalid pin number and before check the
pin number, check first other argument given to each function.
Signed-off-by: Levi Yun <yeoreum.yun@arm.com>
Introduce a driver that allows users to disable the EFI Memory Attribute
protocol through an HII setup option, in order to work around a broken
version of rhboot's shim used in some distros (e.g. CentOS Stream 9)
which incorrectly invokes the protocol and results in a Synchronous
Exception.
Default is enabled, which can also be overridden at build time by
changing `gEmbeddedTokenSpaceGuid.PcdMemoryAttributeEnabledDefault`.
It is only applicable to ARM64 and there isn't any other technical
reason for disabling this security feature.
See:
- https://github.com/microsoft/mu_silicon_arm_tiano/issues/124
- https://edk2.groups.io/g/devel/topic/99631663
- https://github.com/tianocore/edk2/pull/5840
Signed-off-by: Mario Bălănică <mariobalanica02@gmail.com>
This query seems to produce a rate of false positives with some
common patterns in edk2 like passing function pointers for callback.
Due to the usage of `STATIC` instead of `static` particularly for
functions, this query was rarely used in the past. It is removed
here to prevent future false positives.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Some unit tests would fail to execute or execute and not produce any output
logs. In these cases, the only output would be in the CI Log as
`UnitTest Execution Error`.
A UnitTest Execution Error should be considered the same as a unit tests
test failing.
Signed-off-by: Aaron Pop <aaronpop@microsoft.com>
The GeneralCheckNonAscii() function is a sledgehammer rejecting any file
containing any character outside of the 7-bit ASCII encoding space, as
well as the DEL character (which seems unrelated).
This conflicts with basic stuff like correctly spelling certain proper
nouns in comments (like copyright statements), or string literals (for
example in multi-language driver binding ComponentNames).
So rip it out, to be replaced by more fine-grained checks to be added as
identified and needed.
Signed-off-by: Leif Lindholm <quic_llindhol@quicinc.com>
Ecc concistently referred to ASCII/Ascii as ACSII/Acsii, which
bugged me to no end when trying to figure out how those tests
worked. Fix all instances.
Signed-off-by: Leif Lindholm <quic_llindhol@quicinc.com>
Open the network option to enable networking on the LoongArch QEMU
platform.
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Chao Li <lichao@loongson.cn>
Keep ZKR feature disabled by default until HW supports
it. Feature is implemented in RISC-V BaseRngLib.
Cc: Andrei Warkentin <andrei.warkentin@intel.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Sunil V L <sunilvl@ventanamicro.com>
Signed-off-by: Dhaval Sharma <dhaval@rivosinc.com>
Co-authored-by: Tim Wawrzynczak <tim@rivosinc.com>
The ratified RISC-V crypto scalar extensions provide entropy bits via the
seed CSR, as exposed by the Zkr extension. The Zkr extension is ratified
and provides 16 bits of entropy seed when reading the SEED CSR.
Guarded by a RISCV64 Feature PCD, 64-bit random numbers can be
accumulated from the `seed` CSR. This driver is based on the driver in
the Linux kernel.
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Signed-off-by: Dhaval Sharma <dhaval@rivosinc.com>
Co-authored-by: Tim Wawrzynczak <tim@rivosinc.com>
This debug print may attempt to print a string without a null
terminator that can lead to a machine check.
The value printed is substituted with a source buffer to still
allow debug.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
There was a wild pointer in Fdt16550SerialProtHookLib which pointed to
an unknown space, which was very wrong and has been fixed.
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Chao Li <lichao@loongson.cn>
Static relocation types have been handled in GenFw if using the PIC, and
the CC flags not enable `fno-pic` by default.
The option `fno-plt` is not necessary, as is not created by defualt in
edk2(static linking) regardless of wether `fplt` is used or not, so
remove this option from the LoongArch common CC flags.
Cc: Rebecca Cran <rebecca@bsdio.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Bob Feng <bob.c.feng@intel.com>
Cc: Yuwei Chen <yuwei.chen@intel.com>
Signed-off-by: Chao Li <lichao@loongson.cn>
CC_MEASUREMENT_ENABLE is designed to control the loading of TdTcg2Dxe
driver which is for EFI_CC_MEASUREMENT_PROTOCOL. TdTcg2Dxe is TD-Guest
specific driver.
From the security perspective a TD-Guest shall always load the TdTcg2Dxe
driver so that EFI_CC_MEASUREMENT_PROTOCOL is installed and booting
events are measured and extended to RTMRs.
TdTcg2Dxe will check if it is running in a TD-Guest. If not then it
returns right now and no EFI_CC_MEASUREMENT_PROTOCOL is installed.
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Michael Roth <michael.roth@amd.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
REF : https://bugzilla.tianocore.org/show_bug.cgi?id=4725
ACM provides register to report TPM measurement status. If ACM has
already measured FSP component, BIOS shoule be able to skip measurement.
PcdFspMeasurementConfig should be DynamicEx to skip measurement.
Signed-off-by: Awiral Shrivastava <awiral.shrivastava@intel.com>
Makes the `mInternalRT` global static in this library instance to
avoid conflicting with other code such as a global variable with
the same name in MdePkg/Library/UefiRuntimeLib.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
In EfiHttpRequest(), length of target URLs was always compared to
fixed-size value, even after allocating a larger URL buffer. Added
UrlLen to HTTP_PROTOCOL to store the size and reallocate if the size
changes.
Signed-off-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
With the commit ce4c76e (“OvmfPkg/Sec: Setup MTRR early
in the boot process.”), we find an unexpected #VE is triggered
in TD-Guest.
The background of importing the above commit is that:
Before running lzma uncompress of the main firmware volume,
if not correctly set MTRR, that would make the uncompress be
extremely slow.
Detailed discussion info can refer to below links:
https://edk2.groups.io/g/devel/message/114202https://edk2.groups.io/g/devel/message/114977
Refer to [intel-tdx-module-1.5-base-spec] Section 11.3 and
section11.6.1, CR0.CD is enforced to 0 in TD-Guest.
And refer to section 18.2.1.4, TDX module MTRR emulation
enforces WB in VMM.
Currently the initial MTRR are:
- Td-Guest : MTRR disabled, Type is WB.
- Non-Td-Guest : MTRR disabled, Type is UC.
In DXE phase, OVMF/TDVF would check the MTRR Type for MMIO
(in CpuSetMemoryAttributes -> MtrrGetMemoryAttribute ->
MtrrGetMemoryAttributeworker:
https://github.com/tianocore/edk2/blob/master/UefiCpuPkg/Library/MtrrLib/MtrrLib.c#L929
).
If MTRR is disabled, it always returns UC. Otherwise, it returns
the actual value.
If it checks that the type is not UC then the MTRR is programmed.
It is required to disable cache by setting CR0.CD to 1. That will trigger
an unexpected #VE in TD-Guest.
Based on above analysis we propose to skip "Setup MTRR early" in
TD-Guest because of:
- TD-Guest doesn’t have the issue that lzma uncompress extremely slow.
- This patch will trigger an unexpected #VE in TD-Guest.
intel-tdx-module-1.5-base-spec:
https://cdrdv2.intel.com/v1/dl/getContent/733575
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Ceping Sun <cepingx.sun@intel.com>
Currently, `STATIC` is allowed as a function modifier but `static`
results in the below ECC errors:
```
*Error code: 5001
*Return type of a function should exist and in the first line
*file: D:\src\edk2\Build\.pytool\Plugin\EccCheck\MdePkg\Library\UefiDebugLibDebugPortProtocol\DebugLibConstructor.c
*Line number: 37
*[UefiDebugLibDebugPortProtocolExitBootServicesCallback] Return
Type should appear at the start of line
EFI coding style error
*Error code: 5002
*Any optional functional modifiers should exist and next to the
return type
*file: D:\src\edk2\Build\.pytool\Plugin\EccCheck\MdePkg\Library\UefiDebugLibDebugPortProtocol\DebugLibConstructor.c
*Line number: 37
```
This is because `GetDataTypeFromModifier()` will return both `static`
and the return type (e.g. `VOID`) whereas for a modifier in the list
(e.g. `STATIC`) it will return only the return type allowing logic in
Ecc/c.py to process the modifier and return type with current logic.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Change the debug message level to DEBUG_INFO for protocol
notification functions. The protocol notification function
is invoked at least one time. So, the failure of locating
protocol is expected because protocol may not be installed
when Redfish platform config driver is launched.
Signed-off-by: Nickle Wang <nicklew@nvidia.com>
Cc: Abner Chang <abner.chang@amd.com>
Cc: Igor Kulchytskyy <igork@ami.com>
Cc: Rebecca Cran <rebecca@bsdio.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4352
Implemented dumping of the UEFI Conformance Profiles Table using Dmem.c
Uses header file for GUIDs added in previous patches
Cc: Ray Ni <ray.ni@intel.com>
Cc: Zhichao Gao <zhichao.gao@intel.com>
Signed-off-by: Sam Kaynor <Sam.Kaynor@arm.com>
Tested-by: Stuart Yoder <stuart.yoder@arm.com>
Reviewed-by: Stuart Yoder <stuart.yoder@arm.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4352
Adding additional GUIDs for the EFI_CONFORMANCE_PROFILE_TABLE
that are defined in the Embedded Base Boot Requirments (EBBR)
Specification.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Signed-off-by: Sam Kaynor <Sam.Kaynor@arm.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4352
Adding support for EFI_CONFORMANCE_PROFILE_TABLE by adding an
associated header file and relevant GUIDs to MdePkg.dec as defined
in the UEFI 2.10 spec.
This table is needed to address changes being made within ShellPkg.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Signed-off-by: Sam Kaynor <Sam.Kaynor@arm.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4352
Implemented dumping of the Image Execution Table using Dmem.c
Cc: Ray Ni <ray.ni@intel.com>
Cc: Zhichao Gao <zhichao.gao@intel.com>
Signed-off-by: Sam Kaynor <Sam.Kaynor@arm.com>
Tested-by: Stuart Yoder <stuart.yoder@arm.com>
Reviewed-by: Stuart Yoder <stuart.yoder@arm.com>
Reviewed-by: Zhichao Gao <zhichao.gao@intel.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4352
Implemented the dumping of the UEFI RT Properties Table using Dmem.c
Added new entry to the help command for the -verbose option
Cc: Ray Ni <ray.ni@intel.com>
Cc: Zhichao Gao <zhichao.gao@intel.com>
Signed-off-by: Sam Kaynor <Sam.Kaynor@arm.com>
Tested-by: Stuart Yoder <stuart.yoder@arm.com>
Reviewed-by: Stuart Yoder <stuart.yoder@arm.com>
Reviewed-by: Zhichao Gao <zhichao.gao@intel.com>
Removes an assert if PeiAllocatePool() fails to allocate memory to
defer error handling to the caller so the error can be handled
gracefully or asserted at that location which is more specific to
the call that led to the allocation.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Commit 2f6f3329ad ("FmpDevicePkg/FmpDxe: Use new Variable Lock interface"),
moved to using gEdkiiVariablePolicyProtocolGuid instead of
gEdkiiVariableLockProtocolGuid however the Depex was not updated to
reflect the change.
Correct the dependency.
Signed-off-by: Vishal Oliyil Kunnil <quic_vishalo@quicinc.com>
Commit ea56fa3d47 ("BaseTools: Enable RISC-V architecture for RISC-V
EDK2 CI") introduced a UTF-8 NBSP (0xc2a0) inside a comment block
otherwise copied identically from pre-existing architectures.
This was clearly unintentional and confuses things when looking for
which files contain UTF-8 encodings, so change it to good old 0x20.
Signed-off-by: Leif Lindholm <quic_llindhol@quicinc.com>
Adding tools_def for VS2022.
Update WindowsVsToolChain to support VS2022.
Update set_vsPrefix_envs and toolsetup and edksetup to support VS2022.
Signed-off-by: Aaron Pop <aaronpop@microsoft.com>
Print HOB information at top of StandaloneMmMain().
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Signed-off-by: Wei6 Xu <wei6.xu@intel.com>
Leverage generic HOB print code in MdeModulePkg/Library/HobPrintLib.
Print UefiPayload specified GUID HOB info as custom HOB print handler
when calling the PrintHobList() interface.
Cc: Guo Dong <guo.dong@intel.com>
Cc: Sean Rhodes <sean@starlabs.systems>
Cc: James Lu <james.lu@intel.com>
Cc: Gua Guo <gua.guo@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Signed-off-by: Wei6 Xu <wei6.xu@intel.com>
The HobPrintLib prints all HOB info from the HOB list. The code is
abstracted from UefiPayloadPkg/UefiPayloadEntry/PrintHob.c.
Cc: Guo Dong <guo.dong@intel.com>
Cc: Sean Rhodes <sean@starlabs.systems>
Cc: James Lu <james.lu@intel.com>
Cc: Gua Guo <gua.guo@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Signed-off-by: Wei6 Xu <wei6.xu@intel.com>
Interface PrintHobList() is added to dump all HOBs info in the HobList.
Caller could specify a custom HOB print handler to replace the default
print handler when calling the interface.
Cc: Ray Ni <ray.ni@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: Wei6 Xu <wei6.xu@intel.com>
For SMM, the SMM Handlers is to validate the buffer outside MMRAM
including the Primary & NonPrimary buffer.
For MM, the MM Handlers do not need to validate the Primary buffer
if it is passed from MmCore through the MmiHandler() parameter.
Return TRUE directly in this case. But need to validate NonPrimary
buffer that outside MMRAM.
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Hongbin1 Zhang <hongbin1.zhang@intel.com>
Cc: Wei6 Xu <wei6.xu@intel.com>
Cc: Dun Tan <dun.tan@intel.com>
Cc: Yuanhao Xie <yuanhao.xie@intel.com>
VariableSmmIsBufferOutsideSmmValid function is to check the buffer
is outside SMM or not. This patch fix the issue that always return
true for MM.
Meanwhile, this patch renames VariableSmmIsBufferOutsideSmmValid
to VariableSmmIsNonPrimaryBufferValid.
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Hongbin1 Zhang <hongbin1.zhang@intel.com>
Cc: Wei6 Xu <wei6.xu@intel.com>
Cc: Dun Tan <dun.tan@intel.com>
Cc: Yuanhao Xie <yuanhao.xie@intel.com>
Kun Qin
Dongyan Qian
Jason1 Lin
levi.yun
Shenbagadevi R
Rebecca Cran
Michael Kubacki
Mario Bălănică
v-bhavanisu
Leif Lindholm
Chao Li
Dhaval
KasimX Liu
Min M Xu
Awiral Shrivastava
Saloni Kasbekar
Ceping Sun
Nickle Wang
Sam Kaynor
Thamballi Sreelalitha
Matthew Carlson
Wei6 Xu
Jiaxin Wu