Re: [edk2] [Patch] UefiCpuPkg/CpuMpPei: Add missing point at function header
Reviewed-by: Qiu Shumin -Original Message- From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Jeff Fan Sent: Monday, December 07, 2015 3:41 PM To: edk2-devel@lists.01.org Cc: Shuming Qiu Subject: [edk2] [Patch] UefiCpuPkg/CpuMpPei: Add missing point at function header Cc: Shuming Qiu Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan --- UefiCpuPkg/CpuMpPei/CpuMpPei.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/UefiCpuPkg/CpuMpPei/CpuMpPei.c b/UefiCpuPkg/CpuMpPei/CpuMpPei.c index ab1260d..2e6e761 100644 --- a/UefiCpuPkg/CpuMpPei/CpuMpPei.c +++ b/UefiCpuPkg/CpuMpPei/CpuMpPei.c @@ -142,7 +142,7 @@ GetMpHobData ( } /** - Save the volatile registers required to be restored following INIT IPI + Save the volatile registers required to be restored following INIT IPI. @param VolatileRegistersReturns buffer saved the volatile resisters **/ @@ -173,7 +173,7 @@ SaveVolatileRegisters ( } /** - Restore the volatile registers following INIT IPI + Restore the volatile registers following INIT IPI. @param VolatileRegisters Pointer to volatile resisters @param IsRestoreDr TRUE: Restore DRx if supported -- 1.9.5.msysgit.0 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [Patch 0/3] Add MtrrSetMemoryAttributeInMtrrSettings()
Looks good to me Reviewed-by: Feng Tian -Original Message- From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Jeff Fan Sent: Thursday, December 03, 2015 22:28 To: edk2-devel@lists.01.org Subject: [edk2] [Patch 0/3] Add MtrrSetMemoryAttributeInMtrrSettings() Add new API MtrrSetMemoryAttributeInMtrrSettings() in MtrrLib. Platform could use this API to set MTRR setting into local MTRR settings buffer instead of MTRRs. At last, platform could use MtrrSetAllMtrrs() to set the MTRR settings into MTRRs totally. It could improve MTRRs programming performance obviously, specially when platform is going to program a set of MTRRs. Jeff Fan (3): UefiCpuPkg/MtrrLib: Add worker functions to access MTRRs or variable UefiCpuPkg/MtrrLib: Add MtrrDebugPrintAllMtrrsWorker() UefiCpuPkg/MtrrLib: Add MtrrSetMemoryAttributeInMtrrSettings() UefiCpuPkg/Include/Library/MtrrLib.h | 31 UefiCpuPkg/Library/MtrrLib/MtrrLib.c | 302 --- 2 files changed, 275 insertions(+), 58 deletions(-) -- 1.9.5.msysgit.0 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch] UefiCpuPkg/CpuMpPei: Add missing point at function header
Cc: Shuming Qiu Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan --- UefiCpuPkg/CpuMpPei/CpuMpPei.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/UefiCpuPkg/CpuMpPei/CpuMpPei.c b/UefiCpuPkg/CpuMpPei/CpuMpPei.c index ab1260d..2e6e761 100644 --- a/UefiCpuPkg/CpuMpPei/CpuMpPei.c +++ b/UefiCpuPkg/CpuMpPei/CpuMpPei.c @@ -142,7 +142,7 @@ GetMpHobData ( } /** - Save the volatile registers required to be restored following INIT IPI + Save the volatile registers required to be restored following INIT IPI. @param VolatileRegistersReturns buffer saved the volatile resisters **/ @@ -173,7 +173,7 @@ SaveVolatileRegisters ( } /** - Restore the volatile registers following INIT IPI + Restore the volatile registers following INIT IPI. @param VolatileRegisters Pointer to volatile resisters @param IsRestoreDr TRUE: Restore DRx if supported -- 1.9.5.msysgit.0 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [Patch 0/8] Reduce hardware operations when program MTRR
Reviewed-by: Feng Tian -Original Message- From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Jeff Fan Sent: Thursday, December 03, 2015 22:28 To: edk2-devel@lists.01.org Subject: [edk2] [Patch 0/8] Reduce hardware operations when program MTRR Try to avoid access hardware when program MTRR. It could improve the performance of MTRR programming. Jeff Fan (8): UefiCpuPkg/MtrrLib: Fix some typo and clean up code format UefiCpuPkg/MtrrLib: Add worker functions not invoke IsMtrrSupported() UefiCpuPkg/MtrrLib: Adjust functions order UefiCpuPkg/MtrrLib: Make use of worker functions to get MTRRs count UefiCpuPkg/MtrrLib: Add MtrrGetMemoryAttributeInVariableMtrrWorker () UefiCpuPkg/MtrrLib: Reduce hardware init when program fixed MTRRs UefiCpuPkg/MtrrLib: Reduce hardware init when program variable MTRRs UefiCpuPkg/MtrrLib: Print MTRR settings when set fixed/variable MTRRs UefiCpuPkg/Include/Library/MtrrLib.h | 70 +- UefiCpuPkg/Library/MtrrLib/MtrrLib.c | 1278 -- 2 files changed, 785 insertions(+), 563 deletions(-) -- 1.9.5.msysgit.0 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [PATCH] ArmPkg: update InvalidateInstructionCacheRange to flush only to PoU
From: "Cohen, Eugene" This patch updates the ArmPkg variant of InvalidateInstructionCacheRange to flush the data cache only to the point of unification (PoU). This improves performance and also allows invalidation in scenarios where it would be inappropriate to flush to the point of coherency (like when executing code from L2 configured as cache-as-ram). Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eugene Cohen Added AARCH64 and ARM/GCC implementations of the above. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel --- ArmPkg/Include/Library/ArmLib.h| 8 +++- ArmPkg/Library/ArmCacheMaintenanceLib/ArmCacheMaintenanceLib.c | 2 +- ArmPkg/Library/ArmLib/AArch64/AArch64Support.S | 6 ++ ArmPkg/Library/ArmLib/ArmV7/ArmV7Support.S | 6 ++ ArmPkg/Library/ArmLib/ArmV7/ArmV7Support.asm | 5 + 5 files changed, 25 insertions(+), 2 deletions(-) diff --git a/ArmPkg/Include/Library/ArmLib.h b/ArmPkg/Include/Library/ArmLib.h index 9622444ec63f..85fa1f600ba9 100644 --- a/ArmPkg/Include/Library/ArmLib.h +++ b/ArmPkg/Include/Library/ArmLib.h @@ -183,12 +183,18 @@ ArmInvalidateDataCacheEntryByMVA ( VOID EFIAPI -ArmCleanDataCacheEntryByMVA ( +ArmCleanDataCacheEntryToPoUByMVA( IN UINTN Address ); VOID EFIAPI +ArmCleanDataCacheEntryByMVA( +IN UINTN Address +); + +VOID +EFIAPI ArmCleanInvalidateDataCacheEntryByMVA ( IN UINTN Address ); diff --git a/ArmPkg/Library/ArmCacheMaintenanceLib/ArmCacheMaintenanceLib.c b/ArmPkg/Library/ArmCacheMaintenanceLib/ArmCacheMaintenanceLib.c index feab4497ac1b..1045f9068f4d 100644 --- a/ArmPkg/Library/ArmCacheMaintenanceLib/ArmCacheMaintenanceLib.c +++ b/ArmPkg/Library/ArmCacheMaintenanceLib/ArmCacheMaintenanceLib.c @@ -64,7 +64,7 @@ InvalidateInstructionCacheRange ( IN UINTN Length ) { - CacheRangeOperation (Address, Length, ArmCleanDataCacheEntryByMVA); + CacheRangeOperation (Address, Length, ArmCleanDataCacheEntryToPoUByMVA); ArmInvalidateInstructionCache (); return Address; } diff --git a/ArmPkg/Library/ArmLib/AArch64/AArch64Support.S b/ArmPkg/Library/ArmLib/AArch64/AArch64Support.S index c530d19e897e..db21f73f0ed7 100644 --- a/ArmPkg/Library/ArmLib/AArch64/AArch64Support.S +++ b/ArmPkg/Library/ArmLib/AArch64/AArch64Support.S @@ -22,6 +22,7 @@ GCC_ASM_EXPORT (ArmInvalidateInstructionCache) GCC_ASM_EXPORT (ArmInvalidateDataCacheEntryByMVA) GCC_ASM_EXPORT (ArmCleanDataCacheEntryByMVA) +GCC_ASM_EXPORT (ArmCleanDataCacheEntryToPoUByMVA) GCC_ASM_EXPORT (ArmCleanInvalidateDataCacheEntryByMVA) GCC_ASM_EXPORT (ArmInvalidateDataCacheEntryBySetWay) GCC_ASM_EXPORT (ArmCleanDataCacheEntryBySetWay) @@ -72,6 +73,11 @@ ASM_PFX(ArmCleanDataCacheEntryByMVA): ret +ASM_PFX(ArmCleanDataCacheEntryToPoUByMVA): + dc cvau, x0// Clean single data cache line to PoU + ret + + ASM_PFX(ArmCleanInvalidateDataCacheEntryByMVA): dc civac, x0 // Clean and invalidate single data cache line ret diff --git a/ArmPkg/Library/ArmLib/ArmV7/ArmV7Support.S b/ArmPkg/Library/ArmLib/ArmV7/ArmV7Support.S index 5f030d92de31..7de1b11ef818 100644 --- a/ArmPkg/Library/ArmLib/ArmV7/ArmV7Support.S +++ b/ArmPkg/Library/ArmLib/ArmV7/ArmV7Support.S @@ -19,6 +19,7 @@ GCC_ASM_EXPORT (ArmInvalidateInstructionCache) GCC_ASM_EXPORT (ArmInvalidateDataCacheEntryByMVA) GCC_ASM_EXPORT (ArmCleanDataCacheEntryByMVA) +GCC_ASM_EXPORT (ArmCleanDataCacheEntryToPoUByMVA) GCC_ASM_EXPORT (ArmCleanInvalidateDataCacheEntryByMVA) GCC_ASM_EXPORT (ArmInvalidateDataCacheEntryBySetWay) GCC_ASM_EXPORT (ArmCleanDataCacheEntryBySetWay) @@ -69,6 +70,11 @@ ASM_PFX(ArmCleanDataCacheEntryByMVA): bx lr +ASM_PFX(ArmCleanDataCacheEntryToPoUByMVA): + mcr p15, 0, r0, c7, c11, 1 @clean single data cache line to PoU + bx lr + + ASM_PFX(ArmCleanInvalidateDataCacheEntryByMVA): mcr p15, 0, r0, c7, c14, 1 @clean and invalidate single data cache line bx lr diff --git a/ArmPkg/Library/ArmLib/ArmV7/ArmV7Support.asm b/ArmPkg/Library/ArmLib/ArmV7/ArmV7Support.asm index df7e22dca2d9..a460bd2da7a9 100644 --- a/ArmPkg/Library/ArmLib/ArmV7/ArmV7Support.asm +++ b/ArmPkg/Library/ArmLib/ArmV7/ArmV7Support.asm @@ -34,6 +34,11 @@ CTRL_I_BIT EQU (1 << 12) bx lr + RVCT_ASM_EXPORT ArmCleanDataCacheEntryToPoUByMVA + mcr p15, 0, r0, c7, c11, 1 ; clean single data cache line to PoU + bx lr + + RVCT_ASM_EXPORT ArmCleanInvalidateDataCacheEntryByMVA mcr p15, 0, r0, c7, c14, 1 ; clean and invalidate single data cache line bx lr -- 1.9.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [PATCH v2 03/20] ArmPlatformPkg: Convert all .uni files to utf-8
On 4 December 2015 at 21:13, Jordan Justen wrote: > To convert these files I ran: > > $ python3 BaseTools/Scripts/ConvertUni.py ArmPlatformPkg > > Cc: Leif Lindholm > Cc: Ard Biesheuvel > Contributed-under: TianoCore Contribution Agreement 1.0 > Signed-off-by: Jordan Justen > --- Acked-by: Ard Biesheuvel > .../Library/ArmShellCmdRunAxf/ArmShellCmdRunAxf.uni | Bin 6472 -> 3235 > bytes > 1 file changed, 0 insertions(+), 0 deletions(-) > > diff --git a/ArmPlatformPkg/Library/ArmShellCmdRunAxf/ArmShellCmdRunAxf.uni > b/ArmPlatformPkg/Library/ArmShellCmdRunAxf/ArmShellCmdRunAxf.uni > index 33cc734..6b72960 100644 > Binary files a/ArmPlatformPkg/Library/ArmShellCmdRunAxf/ArmShellCmdRunAxf.uni > and b/ArmPlatformPkg/Library/ArmShellCmdRunAxf/ArmShellCmdRunAxf.uni differ > -- > 2.6.2 > ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [PATCH v2 02/20] ArmPkg: Convert all .uni files to utf-8
On 4 December 2015 at 21:13, Jordan Justen wrote: > To convert these files I ran: > > $ python3 BaseTools/Scripts/ConvertUni.py ArmPkg > > Cc: Leif Lindholm > Cc: Ard Biesheuvel > Contributed-under: TianoCore Contribution Agreement 1.0 > Signed-off-by: Jordan Justen I can't actually review this from the list, but I am fine with the change, so Acked-by: Ard Biesheuvel > --- > ArmPkg/Application/LinuxLoader/LinuxLoader.uni | Bin 8166 -> 4082 bytes > 1 file changed, 0 insertions(+), 0 deletions(-) > > diff --git a/ArmPkg/Application/LinuxLoader/LinuxLoader.uni > b/ArmPkg/Application/LinuxLoader/LinuxLoader.uni > index 861c2b4..5da072d 100644 > Binary files a/ArmPkg/Application/LinuxLoader/LinuxLoader.uni and > b/ArmPkg/Application/LinuxLoader/LinuxLoader.uni differ > -- > 2.6.2 > ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [PATCH v2 06/20] EmbeddedPkg: Convert all .uni files to utf-8
On 4 December 2015 at 21:13, Jordan Justen wrote: > To convert these files I ran: > > $ python3 BaseTools/Scripts/ConvertUni.py EmbeddedPkg > > Cc: Leif Lindholm > Cc: Ard Biesheuvel > Contributed-under: TianoCore Contribution Agreement 1.0 > Signed-off-by: Jordan Justen > --- Acked-by: Ard Biesheuvel > EmbeddedPkg/Drivers/FdtPlatformDxe/FdtPlatformDxe.uni | Bin 9422 -> 4710 > bytes > 1 file changed, 0 insertions(+), 0 deletions(-) > > diff --git a/EmbeddedPkg/Drivers/FdtPlatformDxe/FdtPlatformDxe.uni > b/EmbeddedPkg/Drivers/FdtPlatformDxe/FdtPlatformDxe.uni > index 876c6c0..f8bde83 100644 > Binary files a/EmbeddedPkg/Drivers/FdtPlatformDxe/FdtPlatformDxe.uni and > b/EmbeddedPkg/Drivers/FdtPlatformDxe/FdtPlatformDxe.uni differ > -- > 2.6.2 > ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [PATCH] CryptoPkg: remove global variable 'timeval' from OpenSslSupport.h
On 4 December 2015 at 19:09, Long, Qin wrote: > Sorry, I missed this patch. Yes, this looks good. > > Reviewed-by: Qin Long > Thanks Qin, Committed as SVN r19135 >> -Original Message- >> From: Ard Biesheuvel [mailto:ard.biesheu...@linaro.org] >> Sent: Saturday, December 5, 2015 12:45 AM >> To: edk2-devel@lists.01.org; Long, Qin >> Cc: Ard Biesheuvel >> Subject: Re: [PATCH] CryptoPkg: remove global variable 'timeval' from >> OpenSslSupport.h >> >> On 3 December 2015 at 10:32, Ard Biesheuvel >> wrote: >> > The header file OpenSslSupport.h not only defines a type 'struct timeval' >> > but also defines a global variable 'timeval' of that type. The RVCT >> > compiler does not merge this definition into a common symbol, resulting >> > in duplicate definition errors in the final link. So remove the >> > variable definition. >> > >> > Contributed-under: TianoCore Contribution Agreement 1.0 >> > Signed-off-by: Ard Biesheuvel >> >> Qin, >> >> This is another patch that fixes the build for RVCT. Note that this is >> also related to the -fno-common discussion, but in this particular >> case, I don't think the 'timeval' variable is actually ever used. >> >> Thanks, >> Ard. >> >> >> >> > --- >> > CryptoPkg/Include/OpenSslSupport.h | 2 +- >> > 1 file changed, 1 insertion(+), 1 deletion(-) >> > >> > diff --git a/CryptoPkg/Include/OpenSslSupport.h >> > b/CryptoPkg/Include/OpenSslSupport.h >> > index 64bef42d0595..239ae8bd6f41 100644 >> > --- a/CryptoPkg/Include/OpenSslSupport.h >> > +++ b/CryptoPkg/Include/OpenSslSupport.h >> > @@ -139,7 +139,7 @@ struct tm { >> > struct timeval { >> >long tv_sec; /* time value, in seconds */ >> >long tv_usec; /* time value, in microseconds */ >> > -} timeval; >> > +}; >> > >> > struct dirent { >> >UINT32 d_fileno; /* file number of entry */ >> > -- >> > 1.9.1 >> > ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [Patch] UefiCpuPkg/MtrrLib: Add PCD PcdCpuNumberOfReservedVariableMtrrs
Reviewed-by: Feng Tian -Original Message- From: Fan, Jeff Sent: Thursday, December 03, 2015 22:28 To: edk2-devel@lists.01.org Cc: Scott Duplichan; Tian, Feng; Kinney, Michael D Subject: [Patch] UefiCpuPkg/MtrrLib: Add PCD PcdCpuNumberOfReservedVariableMtrrs Current MtrrLib reserves 2 variable MTRRs for some legacy OS boot (CSM boots) may require some MTRRs to be reserved for OS use. But UEFI OS boot will not use MTRRs. Per Scott's suggestion in link: http://article.gmane.org/gmane.comp.bios.edk2.devel/4099 Add one PCD PcdCpuNumberOfReservedVariableMtrrs to specify the number of variable MTRRs reserved for OS use. Setting its default value to 2 is for back-compatibility. Cc: Scott Duplichan Cc: Feng Tian Cc: Michael Kinney Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan Suggested-by: Scott Duplichan --- UefiCpuPkg/Include/Library/MtrrLib.h | 3 ++- UefiCpuPkg/Library/MtrrLib/MtrrLib.c | 6 -- UefiCpuPkg/Library/MtrrLib/MtrrLib.inf | 5 - UefiCpuPkg/UefiCpuPkg.dec | 5 + 4 files changed, 15 insertions(+), 4 deletions(-) diff --git a/UefiCpuPkg/Include/Library/MtrrLib.h b/UefiCpuPkg/Include/Library/MtrrLib.h index e06fff7..f9002e7 100644 --- a/UefiCpuPkg/Include/Library/MtrrLib.h +++ b/UefiCpuPkg/Include/Library/MtrrLib.h @@ -1,7 +1,7 @@ /** @file MTRR setting library - Copyright (c) 2008 - 2011, Intel Corporation. All rights reserved. + Copyright (c) 2008 - 2015, Intel Corporation. All rights + reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -26,6 +26,7 @@ #define MTRR_NUMBER_OF_VARIABLE_MTRR 32 // // Firmware need reserve 2 MTRR for OS +// Note: It is replaced by PCD PcdCpuNumberOfReservedVariableMtrrs // #define RESERVED_FIRMWARE_VARIABLE_MTRR_NUMBER 2 diff --git a/UefiCpuPkg/Library/MtrrLib/MtrrLib.c b/UefiCpuPkg/Library/MtrrLib/MtrrLib.c index a655605..8222337 100644 --- a/UefiCpuPkg/Library/MtrrLib/MtrrLib.c +++ b/UefiCpuPkg/Library/MtrrLib/MtrrLib.c @@ -140,13 +140,15 @@ GetFirmwareVariableMtrrCount ( ) { UINT32 VariableMtrrCount; + UINT32 ReservedMtrrNumber; VariableMtrrCount = GetVariableMtrrCount (); - if (VariableMtrrCount < RESERVED_FIRMWARE_VARIABLE_MTRR_NUMBER) { + ReservedMtrrNumber = PcdGet32 (PcdCpuNumberOfReservedVariableMtrrs); + if (VariableMtrrCount < ReservedMtrrNumber) { return 0; } - return VariableMtrrCount - RESERVED_FIRMWARE_VARIABLE_MTRR_NUMBER; + return VariableMtrrCount - ReservedMtrrNumber; } /** diff --git a/UefiCpuPkg/Library/MtrrLib/MtrrLib.inf b/UefiCpuPkg/Library/MtrrLib/MtrrLib.inf index 64ec9bd..01a4d84 100644 --- a/UefiCpuPkg/Library/MtrrLib/MtrrLib.inf +++ b/UefiCpuPkg/Library/MtrrLib/MtrrLib.inf @@ -1,7 +1,7 @@ ## @file # MTRR library provides APIs for MTRR operation. # -# Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved. +# Copyright (c) 2006 - 2015, Intel Corporation. All rights +reserved. # This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at @@ -41,3 +41,6 @@ CpuLib DebugLib +[Pcd] + gUefiCpuPkgTokenSpaceGuid.PcdCpuNumberOfReservedVariableMtrrs ## SOMETIMES_CONSUMES + diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec index e783a7b..a694146 100644 --- a/UefiCpuPkg/UefiCpuPkg.dec +++ b/UefiCpuPkg/UefiCpuPkg.dec @@ -167,6 +167,11 @@ # @Prompt SMM CPU Synchronization Method. gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmSyncMode|0x00|UINT8|0x6014 + ## Specifies the number of variable MTRRs reserved for OS use. The + default number of # MTRRs reserved for OS use is 2. + # @Prompt Number of reserved variable MTRRs. + + gUefiCpuPkgTokenSpaceGuid.PcdCpuNumberOfReservedVariableMtrrs|0x2|UINT + 32|0x0015 + [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx] ## Specifies timeout value in microseconds for the BSP to detect all APs for the first time. # @Prompt Timeout for the BSP to detect all APs for the first time. -- 1.9.5.msysgit.0 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [Patch] BaseTools: Enhance GenFv Tool to report error message
Reviewed-by: Liming Gao -Original Message- From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Yonghong Zhu Sent: Wednesday, December 02, 2015 4:46 PM To: edk2-devel@lists.01.org Subject: [edk2] [Patch] BaseTools: Enhance GenFv Tool to report error message When two vtf files in one FV image, no FV file can be generated, but it report the stack trace info. so we enhance the tool to report error message directly but not the stack trace info. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Yonghong Zhu --- Source/C/GenFv/GenFvInternalLib.c | 23 +++-- Source/Python/GenFds/Fv.py| 43 +-- 2 files changed, 35 insertions(+), 31 deletions(-) diff --git a/Source/C/GenFv/GenFvInternalLib.c b/Source/C/GenFv/GenFvInternalLib.c index 6d2d5d1..10bb88b 100644 --- a/Source/C/GenFv/GenFvInternalLib.c +++ b/Source/C/GenFv/GenFvInternalLib.c @@ -2852,21 +2852,22 @@ Returns: // close file // fclose (fpin); if (FvInfoPtr->IsPiFvImage) { - // - // Check whether this ffs file is vtf file - // - if (IsVtfFile (&FfsHeader)) { - if (VtfFileFlag) { - // - // One Fv image can't have two vtf files. - // - return EFI_ABORTED; - } - VtfFileFlag = TRUE; +// +// Check whether this ffs file is vtf file +// +if (IsVtfFile (&FfsHeader)) { + if (VtfFileFlag) { +// +// One Fv image can't have two vtf files. +// +Error (NULL, 0, 3000,"Invalid", "One Fv image can't have two vtf files."); +return EFI_ABORTED; + } + VtfFileFlag = TRUE; VtfFileSize = FfsFileSize; continue; } // diff --git a/Source/Python/GenFds/Fv.py b/Source/Python/GenFds/Fv.py index 163ccd3..df97ccb 100644 --- a/Source/Python/GenFds/Fv.py +++ b/Source/Python/GenFds/Fv.py @@ -179,34 +179,37 @@ class FV (FvClassObject): ) # # Write the Fv contents to Buffer # -FvFileObj = open ( FvOutputFile,'r+b') +if os.path.isfile(FvOutputFile): +FvFileObj = open ( FvOutputFile,'r+b') -GenFdsGlobalVariable.VerboseLogger( "\nGenerate %s FV Successfully" %self.UiFvName) -GenFdsGlobalVariable.SharpCounter = 0 +GenFdsGlobalVariable.VerboseLogger( "\nGenerate %s FV Successfully" %self.UiFvName) +GenFdsGlobalVariable.SharpCounter = 0 -Buffer.write(FvFileObj.read()) -FvFileObj.seek(0) -# PI FvHeader is 0x48 byte -FvHeaderBuffer = FvFileObj.read(0x48) -# FV alignment position. -FvAlignmentValue = 1 << (ord (FvHeaderBuffer[0x2E]) & 0x1F) -# FvAlignmentValue is larger than or equal to 1K -if FvAlignmentValue >= 0x400: -if FvAlignmentValue >= 0x1: -#The max alignment supported by FFS is 64K. -self.FvAlignment = "64K" +Buffer.write(FvFileObj.read()) +FvFileObj.seek(0) +# PI FvHeader is 0x48 byte +FvHeaderBuffer = FvFileObj.read(0x48) +# FV alignment position. +FvAlignmentValue = 1 << (ord (FvHeaderBuffer[0x2E]) & 0x1F) +# FvAlignmentValue is larger than or equal to 1K +if FvAlignmentValue >= 0x400: +if FvAlignmentValue >= 0x1: +#The max alignment supported by FFS is 64K. +self.FvAlignment = "64K" +else: +self.FvAlignment = str (FvAlignmentValue / 0x400) + "K" else: -self.FvAlignment = str (FvAlignmentValue / 0x400) + "K" +# FvAlignmentValue is less than 1K +self.FvAlignment = str (FvAlignmentValue) +FvFileObj.close() +GenFds.ImageBinDict[self.UiFvName.upper() + 'fv'] = FvOutputFile +GenFdsGlobalVariable.LargeFileInFvFlags.pop() else: -# FvAlignmentValue is less than 1K -self.FvAlignment = str (FvAlignmentValue) -FvFileObj.close() -GenFds.ImageBinDict[self.UiFvName.upper() + 'fv'] = FvOutputFile -GenFdsGlobalVariable.LargeFileInFvFlags.pop() +GenFdsGlobalVariable.ErrorLogger("Failed to generate %s FV + file." %self.UiFvName) return FvOutputFile ## _GetBlockSize() # # Calculate FV's block size -- 2.6.1.windows.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] MdeModulePkg: DebugAssert enhancement
Reviewed-by: Liming Gao And, I have committed your serial patches into EDKII project at 19127~19128. Thanks Liming -Original Message- From: Anbazhagan, Baraneedharan [mailto:anbazha...@hp.com] Sent: Saturday, December 05, 2015 4:21 AM To: Gao, Liming; Kinney, Michael D; edk2-devel@lists.01.org Subject: RE: MdeModulePkg: DebugAssert enhancement Thanks. I will send updated code change for the same library in IntelFrameworkModulePkg. > -Original Message- > From: Gao, Liming [mailto:liming@intel.com] > Sent: Friday, December 04, 2015 3:32 AM > To: Anbazhagan, Baraneedharan; Kinney, Michael D; > edk2-devel@lists.01.org > Subject: RE: MdeModulePkg: DebugAssert enhancement > > Reviewed-by: Liming Gao > > I would like to help commit your serial patches if no other comments. > > Thanks > Liming > -Original Message- > From: Anbazhagan, Baraneedharan [mailto:anbazha...@hp.com] > Sent: Friday, December 04, 2015 1:13 AM > To: Kinney, Michael D; Gao, Liming; edk2-devel@lists.01.org > Subject: RE: MdeModulePkg: DebugAssert enhancement > > Updated code based on your suggestion to use copy mem and > ModuleNameSize calculation. > > > diff --git > a/MdeModulePkg/Library/PeiDxeDebugLibReportStatusCode/DebugLib.c > b/MdeModulePkg/Library/PeiDxeDebugLibReportStatusCode/DebugLib.c > index f1d9827..c3010df 100644 > --- a/MdeModulePkg/Library/PeiDxeDebugLibReportStatusCode/DebugLib.c > +++ b/MdeModulePkg/Library/PeiDxeDebugLibReportStatusCode/DebugLib.c > @@ -261,6 +261,7 @@ DebugAssert ( >UINTN HeaderSize; >UINTN TotalSize; >CHAR8 *Temp; > + UINTN ModuleNameSize; >UINTN FileNameSize; >UINTN DescriptionSize; > > @@ -268,31 +269,40 @@ DebugAssert ( >// Get string size >// >HeaderSize = sizeof (EFI_DEBUG_ASSERT_DATA); > + // > + // Compute string size of module name enclosed by [] // > + ModuleNameSize = 2 + AsciiStrSize (gEfiCallerBaseName); >FileNameSize = AsciiStrSize (FileName); >DescriptionSize = AsciiStrSize (Description); > >// >// Make sure it will all fit in the passed in buffer. >// > - if (HeaderSize + FileNameSize + DescriptionSize > sizeof (Buffer)) > { > + if (HeaderSize + ModuleNameSize + FileNameSize + DescriptionSize > > + sizeof (Buffer)) { > // > -// FileName + Description is too long to be filled into buffer. > +// remove module name if it's too long to be filled into buffer > // > -if (HeaderSize + FileNameSize < sizeof (Buffer)) { > - // > - // Description has enough buffer to be truncated. > - // > - DescriptionSize = sizeof (Buffer) - HeaderSize - FileNameSize; > -} else { > +ModuleNameSize = 0; > +if (HeaderSize + FileNameSize + DescriptionSize > sizeof > + (Buffer)) { >// > - // FileName is too long to be filled into buffer. > - // FileName will be truncated. Reserved one byte for Description NULL > terminator. > + // FileName + Description is too long to be filled into buffer. >// > - DescriptionSize = 1; > - FileNameSize= sizeof (Buffer) - HeaderSize - DescriptionSize; > + if (HeaderSize + FileNameSize < sizeof (Buffer)) { > +// > +// Description has enough buffer to be truncated. > +// > +DescriptionSize = sizeof (Buffer) - HeaderSize - FileNameSize; > + } else { > +// > +// FileName is too long to be filled into buffer. > +// FileName will be truncated. Reserved one byte for > + Description NULL > terminator. > +// > +DescriptionSize = 1; > +FileNameSize= sizeof (Buffer) - HeaderSize - DescriptionSize; > + } > } >} > - >// >// Fill in EFI_DEBUG_ASSERT_DATA >// > @@ -300,12 +310,23 @@ DebugAssert ( >AssertData->LineNumber = (UINT32)LineNumber; >TotalSize = sizeof (EFI_DEBUG_ASSERT_DATA); > > + Temp = (CHAR8 *)(AssertData + 1); > + > + // > + // Copy Ascii [ModuleName]. > + // > + if (ModuleNameSize != 0) { > +CopyMem(Temp, "[", 1); > +CopyMem(Temp + 1, gEfiCallerBaseName, ModuleNameSize - 3); > +CopyMem(Temp + ModuleNameSize - 2, "] ", 2); } > + >// >// Copy Ascii FileName including NULL terminator. >// > - Temp = CopyMem (AssertData + 1, FileName, FileNameSize); > + Temp = CopyMem (Temp + ModuleNameSize, FileName, FileNameSize); >Temp[FileNameSize - 1] = 0; > - TotalSize += FileNameSize; > + TotalSize += (ModuleNameSize + FileNameSize); > >// >// Copy Ascii Description include NULL terminator. > -- > 2.6.3.windows.1 > > > > -Original Message- > > From: Kinney, Michael D [mailto:michael.d.kin...@intel.com] > > Sent: Wednesday, December 02, 2015 8:22 PM > > To: Gao, Liming; Anbazhagan, Baraneedharan; edk2-devel@lists.01.org; > > Kinney, Michael D > > Subject: RE: MdeModulePkg: DebugAssert enhancement
Re: [edk2] InsertImageRecord and Section Alignment
Hi Mike I agree that we can change this from ERROR to WARNING, and only add 1 ERROR message. However, the \MdeModulePkg\Universal\PropertiesTableAttributesDxe module is optional module, because a platform may use its own module to set attributes for ACPINvs or reserved. How about we add error message when install this table in DxeCore.InstallPropertiesTable(). if ((mPropertiesTable.MemoryProtectionAttribute & EFI_PROPERTIES_RUNTIME_MEMORY_PROTECTION_NON_EXECUTABLE_PE_DATA) == 0) { DEBUG ((EFI_D_ERROR, "MemoryProtectionAttribute NON_EXECUTABLE_PE_DATA not set\n")); <== New line return ; } Thank you Yao Jiewen -Original Message- From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Kinney, Michael D Sent: Friday, December 04, 2015 8:27 AM To: Laszlo Ersek; Kinney, Michael D Cc: Hamel, Lee M; edk2-devel@lists.01.org Subject: Re: [edk2] InsertImageRecord and Section Alignment Laszlo, That is a good question. If a platform requires EFI_PROPERTIES_RUNTIME_MEMORY_PROTECTION_NON_EXECUTABLE_PE_DATA to be set, then it is an error condition. That is why it is an error message and not a warning message. We could consider changing this specific message to a warning, and add one error message from the \MdeModulePkg\Universal\PropertiesTableAttributesDxe module. That way, only platforms that include this module will get an error message if any runtime modules for not use 4KB aligned. Mike > -Original Message- > From: Laszlo Ersek [mailto:ler...@redhat.com] > Sent: Thursday, December 3, 2015 3:36 PM > To: Kinney, Michael D > Cc: Hamel, Lee M ; edk2-devel@lists.01.org > > Subject: Re: [edk2] InsertImageRecord and Section Alignment > > On 12/03/15 21:16, Kinney, Michael D wrote: > > Lee, > > > > It is a feature from UEFI Specification 2.5 - Section 4.6 - > > EFI_PROPERTIES_TABLE > > > > In order to set the > > EFI_PROPERTIES_RUNTIME_MEMORY_PROTECTION_NON_EXECUTABLE_PE_DATA bit, > > runtime drivers need to be built so their PE/COFF code and data > > sections do not share the same 4KB page. > > > > The log message you are seeing is not an error. It is a warning > > message that a runtime driver was loaded that does not meet the > > requirements to set this bit. > > Should the message be downgraded from EFI_D_ERROR to EFI_D_WARN > ("MdeModulePkg/Core/Dxe/Misc/PropertiesTable.c")? > > Thanks > Laszlo > > > > > Mike > > > >> -Original Message- > >> From: Hamel, Lee M > >> Sent: Thursday, December 3, 2015 11:19 AM > >> To: Kinney, Michael D ; > >> edk2-devel@lists.01.org > >> Subject: RE: InsertImageRecord and Section Alignment > >> > >> Thanks for the solution. Any idea why my code was fine before and > >> now it's not (the design change reason, not that tools_def.txt changed)? > >> I'm trying to understand why a change was made that caused the problem. > >> > >> -Original Message- > >> From: Kinney, Michael D > >> Sent: Thursday, December 03, 2015 11:13 AM > >> To: Hamel, Lee M ; edk2-devel@lists.01.org; > >> Kinney, Michael D > >> Subject: RE: InsertImageRecord and Section Alignment > >> > >> Lee, > >> > >> You can fix this by adding the following to the DSC file to force modules > >> of type DXE_RUNTIME_DRIVER to use 4KB alignment. > >> > >> [BuildOptions.common.EDKII.DXE_RUNTIME_DRIVER] > >> MSFT:*_*_*_DLINK_FLAGS = /ALIGN:4096 > >> > >> Mike > >> > >>> -Original Message- > >>> From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On > >>> Behalf Of Hamel, Lee M > >>> Sent: Thursday, December 3, 2015 10:57 AM > >>> To: edk2-devel@lists.01.org > >>> Subject: [edk2] InsertImageRecord and Section Alignment > >>> > >>> I recently synced to a newer UDK 2015 and now get this serial output many > >>> times for different images: > >>> > >>> InsertImageRecord - Section Alignment(0x20) is not 4K > >>> Image - \ReportStatusCodeRouterRuntimeDxe.pdb > >>> > >>> Has anyone seen this problem when syncing to UDK 2015? I am using Visual > >>> Studio 2010 to build. > >>> > >>> ___ > >>> edk2-devel mailing list > >>> edk2-devel@lists.01.org > >>> https://lists.01.org/mailman/listinfo/edk2-devel > > ___ > > edk2-devel mailing list > > edk2-devel@lists.01.org > > https://lists.01.org/mailman/listinfo/edk2-devel > > ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [PATCH V3 0/3] Enable Customized Secure Boot
Zhang, Chao B (3): SecurityPkg: Enable Customized Secure Boot feature SecurityPkg: AuthVariableLib: Customized SecureBoot Mode transition. Implement Customized SecureBoot Mode transition logic according to Mantis 1263, including AuditMode/DeployedMode/PK update management. Also implement image verification logic in AuditMode. Image Certificate & Hash are recorded to EFI Image Execution Table. https://mantis.uefi.org/mantis/view.php?id=1263 SecurityPkg: SecureBootConfigDxe: SecureBoot UI for Customized SecureBoot Mode Add SecureBoot UI support for Customized SecureBoot Mode transition according to Mantis 1263. User can do secure boot mode transition through UI. https://mantis.uefi.org/mantis/view.php?id=1263 .../Include/Guid/AuthenticatedVariableFormat.h |1 + SecurityPkg/Library/AuthVariableLib/AuthService.c | 1414 +--- .../Library/AuthVariableLib/AuthServiceInternal.h | 93 ++ .../Library/AuthVariableLib/AuthVariableLib.c | 109 +- .../Library/AuthVariableLib/AuthVariableLib.inf|4 + .../DxeImageVerificationLib.c | 670 +- SecurityPkg/SecurityPkg.dec|6 +- .../SecureBootConfigDxe/SecureBootConfig.vfr | 77 +- .../SecureBootConfigDxe/SecureBootConfigImpl.c | 432 +- .../SecureBootConfigDxe/SecureBootConfigNvData.h | 11 +- .../SecureBootConfigStrings.uni| Bin 13086 -> 14876 bytes 11 files changed, 2437 insertions(+), 380 deletions(-) -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [PATCH 1/3] SecurityPkg: Enable Customized Secure Boot feature
Enable Secure Boot feature defined in UEFI2.5 ECR1263. Add gEfiSecureBootModeGuid definition Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang Reviewed-by: Zeng Star Reviewed-by: Long Qin --- SecurityPkg/Include/Guid/AuthenticatedVariableFormat.h | 1 + SecurityPkg/SecurityPkg.dec| 6 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/SecurityPkg/Include/Guid/AuthenticatedVariableFormat.h b/SecurityPkg/Include/Guid/AuthenticatedVariableFormat.h index 1f007cf..7094d52 100644 --- a/SecurityPkg/Include/Guid/AuthenticatedVariableFormat.h +++ b/SecurityPkg/Include/Guid/AuthenticatedVariableFormat.h @@ -28,6 +28,7 @@ extern EFI_GUID gEfiSecureBootEnableDisableGuid; extern EFI_GUID gEfiCertDbGuid; extern EFI_GUID gEfiCustomModeEnableGuid; extern EFI_GUID gEfiVendorKeysNvGuid; +extern EFI_GUID gEdkiiSecureBootModeGuid; /// /// "SecureBootEnable" variable for the Secure Boot feature enable/disable. diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec index 959acf0..d568b47 100644 --- a/SecurityPkg/SecurityPkg.dec +++ b/SecurityPkg/SecurityPkg.dec @@ -109,7 +109,11 @@ ## GUID used to "certdb" variable to store the signer's certificates for common variables with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS attribute. # Include/Guid/AuthenticatedVariableFormat.h gEfiCertDbGuid = { 0xd9bee56e, 0x75dc, 0x49d9, { 0xb4, 0xd7, 0xb5, 0x34, 0x21, 0xf, 0x63, 0x7a } } - + + ## GUID used to "SecureBootMode" variable to save platform secure boot mode + # Include/Guid/AuthenticatedVariableFormat.h + gEdkiiSecureBootModeGuid = { 0xc573b77, 0xeb93, 0x4d3d, { 0xaf, 0xfc, 0x5f, 0xeb, 0xca, 0xfb, 0x65, 0xb0 } } + ## Hob GUID used to pass a TCG_PCR_EVENT from a TPM PEIM to a TPM DXE Driver. # Include/Guid/TcgEventHob.h gTcgEventEntryHobGuid = { 0x2b9ffb52, 0x1b13, 0x416f, { 0xa8, 0x7b, 0xbc, 0x93, 0xd, 0xef, 0x92, 0xa8 }} -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [PATCH 2/3] SecurityPkg: AuthVariableLib: Customized SecureBoot Mode transition. Implement Customized SecureBoot Mode transition logic according to Mantis 1263, including AuditMode/DeployedMode
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Zhang, Chao Reviewed-by: Zeng Star Reviewed-by: Long Qin --- SecurityPkg/Library/AuthVariableLib/AuthService.c | 1414 +--- .../Library/AuthVariableLib/AuthServiceInternal.h | 93 ++ .../Library/AuthVariableLib/AuthVariableLib.c | 109 +- .../Library/AuthVariableLib/AuthVariableLib.inf|4 + .../DxeImageVerificationLib.c | 670 +- 5 files changed, 1967 insertions(+), 323 deletions(-) diff --git a/SecurityPkg/Library/AuthVariableLib/AuthService.c b/SecurityPkg/Library/AuthVariableLib/AuthService.c index 1f9ba15..5546c2e 100644 --- a/SecurityPkg/Library/AuthVariableLib/AuthService.c +++ b/SecurityPkg/Library/AuthVariableLib/AuthService.c @@ -56,6 +56,54 @@ EFI_SIGNATURE_ITEM mSupportSigItem[] = { {EFI_CERT_X509_SHA512_GUID, 0, 80 } }; +// +// Secure Boot Mode state machine +// +SECURE_BOOT_MODE mSecureBootState[SecureBootModeTypeMax] = { + // USER MODE + { + AUDIT_MODE_DISABLE,// AuditMode + FALSE, // IsAuditModeRO, AuditMode is RW + DEPLOYED_MODE_DISABLE, // DeployedMode + FALSE, // IsDeployedModeRO, DeployedMode is RW + SETUP_MODE_DISABLE,// SetupMode + // SetupMode is always RO + SECURE_BOOT_MODE_ENABLE// SecureBoot + }, + // SETUP MODE + { + AUDIT_MODE_DISABLE,// AuditMode + FALSE, // IsAuditModeRO, AuditMode is RW + DEPLOYED_MODE_DISABLE, // DeployedMode + TRUE, // IsDeployedModeRO, DeployedMode is RO + SETUP_MODE_ENABLE, // SetupMode + // SetupMode is always RO + SECURE_BOOT_MODE_DISABLE // SecureBoot + }, + // AUDIT MODE + { + AUDIT_MODE_ENABLE, // AuditMode + TRUE, // AuditModeValAttr RO, AuditMode is RO + DEPLOYED_MODE_DISABLE, // DeployedMode + TRUE, // DeployedModeValAttr RO, DeployedMode is RO + SETUP_MODE_ENABLE, // SetupMode + // SetupMode is always RO + SECURE_BOOT_MODE_DISABLE // SecureBoot + }, + // DEPLOYED MODE + { + AUDIT_MODE_DISABLE,// AuditMode, AuditMode is RO + TRUE, // AuditModeValAttr RO + DEPLOYED_MODE_ENABLE, // DeployedMode + TRUE, // DeployedModeValAttr RO, DeployedMode is RO + SETUP_MODE_DISABLE,// SetupMode + // SetupMode is always RO + SECURE_BOOT_MODE_ENABLE// SecureBoot + } +}; + +SECURE_BOOT_MODE_TYPE mSecureBootMode; + /** Finds variable in storage blocks of volatile and non-volatile storage areas. @@ -179,74 +227,982 @@ AuthServiceInternalUpdateVariableWithMonotonicCount ( } /** - Update the variable region with Variable information. + Update the variable region with Variable information. + + @param[in] VariableName Name of variable. + @param[in] VendorGuid Guid of variable. + @param[in] Data Data pointer. + @param[in] DataSize Size of Data. + @param[in] Attributes Attribute value of the variable. + @param[in] TimeStamp Value of associated TimeStamp. + + @retval EFI_SUCCESS The update operation is success. + @retval EFI_INVALID_PARAMETER Invalid parameter. + @retval EFI_WRITE_PROTECTED Variable is write-protected. + @retval EFI_OUT_OF_RESOURCES There is not enough resource. + +**/ +EFI_STATUS +AuthServiceInternalUpdateVariableWithTimeStamp ( + IN CHAR16 *VariableName, + IN EFI_GUID *VendorGuid, + IN VOID *Data, + IN UINTN DataSize, + IN UINT32 Attributes, + IN EFI_TIME *TimeStamp + ) +{ + EFI_STATUSFindStatus; + VOID *OrgData; + UINTN OrgDataSize; + AUTH_VARIABLE_INFOAuthVariableInfo; + + FindStatus = AuthServiceInternalFindVariable ( + VariableName, + VendorGuid, + &OrgData, + &OrgDataSize + ); + + // + // EFI_VARIABLE_APPEND_WRITE attribute only effects for existing variable + // + if (!EFI_ERROR (FindStatus) && ((Attributes & EFI_VARIABLE_APPEND_WRITE) != 0)) { +if ((CompareGuid (VendorGuid, &gEfi
[edk2] [PATCH 3/3] SecurityPkg: SecureBootConfigDxe: SecureBoot UI for Customized SecureBoot Mode Add SecureBoot UI support for Customized SecureBoot Mode transition according to Mantis 1263. User can
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Zhang, Chao --- .../SecureBootConfigDxe/SecureBootConfig.vfr | 77 +++- .../SecureBootConfigDxe/SecureBootConfigImpl.c | 432 ++--- .../SecureBootConfigDxe/SecureBootConfigNvData.h | 11 +- .../SecureBootConfigStrings.uni| Bin 13086 -> 14876 bytes 4 files changed, 464 insertions(+), 56 deletions(-) diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr index 3c99431..1eb3599 100644 --- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr +++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr @@ -1,7 +1,7 @@ /** @file VFR file used by the SecureBoot configuration component. -Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved. +Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -33,6 +33,14 @@ formset subtitle text = STRING_TOKEN(STR_NULL); +// +// Display current secure boot mode(one of SetupMode/AuditMode/UserMode/DeployedMode) +// +text + help = STRING_TOKEN(STR_CUR_SECURE_BOOT_MODE_HELP), + text = STRING_TOKEN(STR_CUR_SECURE_BOOT_MODE_PROMPT), +text = STRING_TOKEN(STR_CUR_SECURE_BOOT_MODE_CONTENT); + text help = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP), text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT), @@ -84,18 +92,18 @@ formset endoneof; // -// -// Display of 'Current Secure Boot Mode' +// Display PK include page // suppressif questionref(SecureBootMode) == SECURE_BOOT_MODE_STANDARD; - grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1; - goto FORMID_SECURE_BOOT_OPTION_FORM, - prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION), - help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP), - flags = INTERACTIVE, - key= KEY_SECURE_BOOT_OPTION; - endif; +grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1; +goto FORMID_SECURE_BOOT_OPTION_FORM, + prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION), + help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP), + flags = INTERACTIVE, + key= KEY_SECURE_BOOT_OPTION; +endif; endif; + endform; // @@ -106,6 +114,55 @@ formset subtitle text = STRING_TOKEN(STR_NULL); +// +// Display of SetupMode/UserMode/AuditMode/DeployedMode transition +// +disableif TRUE; + oneof varid = SECUREBOOT_CONFIGURATION.TransSecureBootMode, +prompt = STRING_TOKEN(STR_TRANS_SECURE_BOOT_MODE_PROMPT), +help = STRING_TOKEN(STR_TRANS_SECURE_BOOT_MODE_HELP), +flags = INTERACTIVE, + suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_AUDIT_MODE + OR (ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_DEPLOYED_MODE AND + ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 0); +option text = STRING_TOKEN(STR_USER_MODE), value = SECURE_BOOT_MODE_USER_MODE, flags = 0; + endif + suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_AUDIT_MODE; +option text = STRING_TOKEN(STR_SETUP_MODE),value = SECURE_BOOT_MODE_SETUP_MODE, flags = 0; + endif + suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_DEPLOYED_MODE; +option text = STRING_TOKEN(STR_AUDIT_MODE),value = SECURE_BOOT_MODE_AUDIT_MODE, flags = 0; + endif + suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_SETUP_MODE; +option text = STRING_TOKEN(STR_DEPLOYED_MODE), value = SECURE_BOOT_MODE_DEPLOYED_MODE, flags = 0; + endif +option text = STRING_TOKEN(STR_DEPLOYED_MODE), value = 4, flags = 0; + endoneof; +endif; + oneof name = TransSecureBootMode, +questionid = KEY_TRANS_SECURE_BOOT_MODE, +prompt = STRING_TOKEN(STR_TRANS_SECURE_BOOT_MODE_PROMPT), +help = STRING_TOKEN(STR_TRANS_SECURE_BOOT_MODE_HELP), +flags = INTERACTIVE | NUMERIC_SIZE_1, + suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_AUDIT_MODE + OR (ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_DEPLOYED_MODE AND + ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 0); +option text = STRING_TOKEN(STR_USER_MODE), value = SECURE_BOOT_MODE_USER_MODE, flags = 0; + endif + suppressif
Re: [edk2] [PATCH v2 17/20] ShellPkg: Convert all .uni files to utf-8
Reviewed-by: Qiu Shumin -Original Message- From: Justen, Jordan L Sent: Saturday, December 05, 2015 4:14 AM To: edk2-devel@lists.01.org Cc: Justen, Jordan L; Carsey, Jaben; Qiu, Shumin Subject: [PATCH v2 17/20] ShellPkg: Convert all .uni files to utf-8 To convert these files I ran: $ python3 BaseTools/Scripts/ConvertUni.py ShellPkg Cc: Jaben Carsey Cc: Shumin Qiu Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jordan Justen --- ShellPkg/Application/Shell/Shell.uni | Bin 4840 -> 2419 bytes ShellPkg/Library/UefiDpLib/UefiDpLib.uni | Bin 18146 -> 9072 bytes .../UefiHandleParsingLib/UefiHandleParsingLib.uni | Bin 32404 -> 16201 bytes .../UefiShellBcfgCommandLib.uni| Bin 18414 -> 9206 bytes .../Edit/TextEditStrings.uni | Bin 11484 -> 5741 bytes .../HexEdit/HexeditStrings.uni | Bin 13156 -> 6577 bytes .../SmbiosView/SmbiosViewStrings.uni | Bin 109944 -> 54971 bytes .../UefiShellDebug1CommandsLib.uni | Bin 140676 -> 70337 bytes .../UefiShellDriver1CommandsLib.uni| Bin 70806 -> 35402 bytes .../UefiShellLevel1CommandsLib.uni | Bin 43930 -> 21964 bytes .../UefiShellLevel2CommandsLib.uni | Bin 109742 -> 54870 bytes .../UefiShellLevel3CommandsLib.uni | Bin 44956 -> 22477 bytes .../UefiShellNetwork1CommandsLib.uni | Bin 21094 -> 10546 bytes .../UefiShellTftpCommandLib.uni| Bin 9952 -> 4975 bytes 14 files changed, 0 insertions(+), 0 deletions(-) diff --git a/ShellPkg/Application/Shell/Shell.uni b/ShellPkg/Application/Shell/Shell.uni index 25cf699..301d879 100644 Binary files a/ShellPkg/Application/Shell/Shell.uni and b/ShellPkg/Application/Shell/Shell.uni differ diff --git a/ShellPkg/Library/UefiDpLib/UefiDpLib.uni b/ShellPkg/Library/UefiDpLib/UefiDpLib.uni index 5bcb496..b092274 100644 Binary files a/ShellPkg/Library/UefiDpLib/UefiDpLib.uni and b/ShellPkg/Library/UefiDpLib/UefiDpLib.uni differ diff --git a/ShellPkg/Library/UefiHandleParsingLib/UefiHandleParsingLib.uni b/ShellPkg/Library/UefiHandleParsingLib/UefiHandleParsingLib.uni index d8e45d0..1d142e9 100644 Binary files a/ShellPkg/Library/UefiHandleParsingLib/UefiHandleParsingLib.uni and b/ShellPkg/Library/UefiHandleParsingLib/UefiHandleParsingLib.uni differ diff --git a/ShellPkg/Library/UefiShellBcfgCommandLib/UefiShellBcfgCommandLib.uni b/ShellPkg/Library/UefiShellBcfgCommandLib/UefiShellBcfgCommandLib.uni index d34f314..b680a48 100644 Binary files a/ShellPkg/Library/UefiShellBcfgCommandLib/UefiShellBcfgCommandLib.uni and b/ShellPkg/Library/UefiShellBcfgCommandLib/UefiShellBcfgCommandLib.uni differ diff --git a/ShellPkg/Library/UefiShellDebug1CommandsLib/Edit/TextEditStrings.uni b/ShellPkg/Library/UefiShellDebug1CommandsLib/Edit/TextEditStrings.uni index a61cae3..f799148 100644 Binary files a/ShellPkg/Library/UefiShellDebug1CommandsLib/Edit/TextEditStrings.uni and b/ShellPkg/Library/UefiShellDebug1CommandsLib/Edit/TextEditStrings.uni differ diff --git a/ShellPkg/Library/UefiShellDebug1CommandsLib/HexEdit/HexeditStrings.uni b/ShellPkg/Library/UefiShellDebug1CommandsLib/HexEdit/HexeditStrings.uni index f521931..d9591ca 100644 Binary files a/ShellPkg/Library/UefiShellDebug1CommandsLib/HexEdit/HexeditStrings.uni and b/ShellPkg/Library/UefiShellDebug1CommandsLib/HexEdit/HexeditStrings.uni differ diff --git a/ShellPkg/Library/UefiShellDebug1CommandsLib/SmbiosView/SmbiosViewStrings.uni b/ShellPkg/Library/UefiShellDebug1CommandsLib/SmbiosView/SmbiosViewStrings.uni index f368825..24fca87 100644 Binary files a/ShellPkg/Library/UefiShellDebug1CommandsLib/SmbiosView/SmbiosViewStrings.uni and b/ShellPkg/Library/UefiShellDebug1CommandsLib/SmbiosView/SmbiosViewStrings.uni differ diff --git a/ShellPkg/Library/UefiShellDebug1CommandsLib/UefiShellDebug1CommandsLib.uni b/ShellPkg/Library/UefiShellDebug1CommandsLib/UefiShellDebug1CommandsLib.uni index e16175a..1974060 100644 Binary files a/ShellPkg/Library/UefiShellDebug1CommandsLib/UefiShellDebug1CommandsLib.uni and b/ShellPkg/Library/UefiShellDebug1CommandsLib/UefiShellDebug1CommandsLib.uni differ diff --git a/ShellPkg/Library/UefiShellDriver1CommandsLib/UefiShellDriver1CommandsLib.uni b/ShellPkg/Library/UefiShellDriver1CommandsLib/UefiShellDriver1CommandsLib.uni index a289853..a14469a 100644 Binary files a/ShellPkg/Library/UefiShellDriver1CommandsLib/UefiShellDriver1CommandsLib.uni and b/ShellPkg/Library/UefiShellDriver1CommandsLib/UefiShellDriver1CommandsLib.uni differ diff --git a/ShellPkg/Library/UefiShellLevel1CommandsLib/UefiShellLevel1CommandsLib.uni b/ShellPkg/Library/UefiShellLevel1CommandsLib/UefiShellLevel1CommandsLib.uni index 40fa57e..73e8655 100644 Binary files a/ShellPkg/Library/UefiShellLevel1CommandsLib/UefiShellLevel1CommandsLib.uni and b/ShellPkg/Library/UefiShellLevel1CommandsLib/UefiShellLevel1Comm
Re: [edk2] [PATCH] BaseTools GCC: avoid the use of COMMON symbols
On 6 December 2015 at 09:03, Jordan Justen wrote: > On 2015-12-05 22:26:53, Ard Biesheuvel wrote: >> On 6 December 2015 at 01:44, Jordan Justen wrote: >> > On 2015-12-04 11:21:18, Ard Biesheuvel wrote: [...] >> >> Is this a clean rebuild? >> > >> > Yes, it was. >> > >> >> And did you regenerate your Conf/tools_def.txt as well? > > Yes-ish. I symlink the templates from BaseTools/Conf to Conf. > >> I cannot reproduce the behavior where COMMON sections are created by >> GCC in the presence of -fno-common. > > The issue appears to be that GCC44_ALL_CC_FLAGS needs to also be > modified. OVMF seems reasonably happy with the flag on GCC49. > Ah yes. I should have remembered that the GCC4x toolchains for X64 and IA32 don't include GCC_ALL_CC_FLAGS while ARM and AARCH64 do. I would expect the OVMF build to fail with secure boot enabled, since I have two patches pending against CryptoPkg dealing with duplicated uninitialized globals. > I found this by searching for '-include AutoGen.h'. Maybe there are > some other cases we should cover? > Well, only the users of GccBase.lds must pass -fno-common (or they will get the same results you got). But once we know the code base is COMMON-clean so to say (i.e., all uninitialized globals with external linkage are defined exactly once), it no longer matters that much, although I would hate to create more ways that VS users can break the GCC build inadvertently. So let's see what Liming can find out about Visual Studio in this regard. ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [PATCH] BaseTools GCC: avoid the use of COMMON symbols
On 2015-12-05 22:26:53, Ard Biesheuvel wrote: > On 6 December 2015 at 01:44, Jordan Justen wrote: > > On 2015-12-04 11:21:18, Ard Biesheuvel wrote: > >> On 4 December 2015 at 20:13, Jordan Justen > >> wrote: > >> > On 2015-12-04 08:43:29, Ard Biesheuvel wrote: > >> >> On 4 December 2015 at 17:27, Laszlo Ersek wrote: > >> >> > On 12/04/15 17:23, Paolo Bonzini wrote: > >> >> >> > >> >> >> > >> >> >> On 04/12/2015 11:39, Laszlo Ersek wrote: > >> >> >>> (4) Linking those two files into a complete program is a violation > >> >> >>> of > >> >> >>> "6.7 External definitions": > >> >> >>> > >> >> >>> [...] If an identifier declared with external linkage is used > >> >> >>> in an > >> >> >>> expression (other than as part of the operand of a *sizeof* > >> >> >>> operator), somewhere in the entire program there shall be > >> >> >>> exactly > >> >> >>> one external definition for the identifier [...] > >> >> >>> > >> >> >>> Again, how does the argument go? > >> >> >>> > >> >> >>> - In each file we have exactly one tentative definition, and no > >> >> >>> declaration that would be, in its own right, an external > >> >> >>> definition. > >> >> >>> Based on (2), the files must behave exactly as-if there was one > >> >> >>> external *definition* for "x" in each. > >> >> >>> > >> >> >>> - Argument (3) explains why "x" has external *linkage*. > >> >> >>> > >> >> >>> - Argument (4) applies to "x" because "x" has external linkage, and > >> >> >>> is > >> >> >>> used in a non-sizeof expression. And the requirement set forth in > >> >> >>> (4) > >> >> >>> is broken by the program because the program is required to behave > >> >> >>> exactly as if "x" had two external definitions. > >> >> >>> > >> >> >>> In practical terms: > >> >> >>> > >> >> >>> - If you compile the first version of the program (without any > >> >> >>> special > >> >> >>> options), it links together successfully: > >> >> >>> > >> >> >>> $ gcc -std=c89 -pedantic -Wall -Wextra -o f f1.c f2.c > >> >> >>> > >> >> >>> - If you compile the second (equivalent) version of the program, > >> >> >>> linkage fails: > >> >> >>> > >> >> >>> $ gcc -std=c89 -pedantic -Wall -Wextra -o f-b f1-b.c f2-b.c > >> >> >>> > >> >> >>> /tmp/cc8Isbn8.o:(.bss+0x0): multiple definition of `x' > >> >> >>> /tmp/cciQUlDz.o:(.bss+0x0): first defined here > >> >> >>> collect2: error: ld returned 1 exit status > >> >> >>> > >> >> >>> - The gcc bug is that linking the first version *too* should fail, > >> >> >>> without any particular options. > >> >> >> > >> >> >> That's true, but it would break existing code that declares > >> >> >> variables in > >> >> >> headers without "extern". > >> >> > > >> >> > I agree. After I posted the email I pondered what it would take to fix > >> >> > this in gcc. It would be impossible. :) > >> >> > > >> >> >> That's why Visual Studio does the same. > >> >> > > >> >> > Looks plausible. > >> >> > > >> >> > Thanks! > >> >> > Laszlo > >> >> > > >> >> > >> >> Indeed. Liming is looking into that. I spotted very few issues with > >> >> -fno-common, only two in CryptoPkg, so I think we should disallow > >> >> common allocations going forward if we can, especially since the > >> >> modularity of EDK2 makes it almost impossible to guarantee that it > >> >> never leads to problems. > >> >> > >> >> Qin has already acked a fix for one of those issues, I will ping him > >> >> for the other one. In the mean time, perhaps GCC users could double > >> >> check whether there is any breakage? Laszlo, could you check your OVMF > >> >> builds, please? > >> > > >> > I'm seeing a build error with MdeModulePkg and OvmfPkg. This is with > >> > gcc 5.2 using the GCC49 toolchain. > >> > > >> > Both cases seem to be unitialized global variables declared in a > >> > single .c file. I'm not sure what needs to be changed to fix this. > >> > > >> > MdeModulePkg: > >> > > >> > "ld" -o > >> > Build/MdeModule/DEBUG_GCC49/X64/MdeModulePkg/Application/MemoryProfileInfo/MemoryProfileInfo/DEBUG/MemoryProfileInfo.dll > >> > -nostdlib -n -q --gc-sections -z common-page-size=0x40 --entry > >> > _ModuleEntryPoint -u _ModuleEntryPoint -Map > >> > Build/MdeModule/DEBUG_GCC49/X64/MdeModulePkg/Application/MemoryProfileInfo/MemoryProfileInfo/DEBUG/MemoryProfileInfo.map > >> > -melf_x86_64 --oformat=elf64-x86-64 --start-group > >> > @Build/MdeModule/DEBUG_GCC49/X64/MdeModulePkg/Application/MemoryProfileInfo/MemoryProfileInfo/OUTPUT/static_library_files.lst > >> > --end-group --defsym=PECOFF_HEADER_SIZE=0x228 > >> > --script=BaseTools/Scripts/GccBase.lds > >> > `mNameString' referenced in section `.text.GetDriverNameString' of > >> > Build/MdeModule/DEBUG_GCC49/X64/MdeModulePkg/Application/MemoryProfileInfo/MemoryProfileInfo/OUTPUT/MemoryProfileInfo.lib(MemoryProfileInfo.obj): > >> > defined in discarded section `COMMON' of > >> > Build/MdeModule/DEBUG_GCC49/X64/MdeModulePkg/Application/MemoryProfileInfo/MemoryProfileInfo/OUTPUT/MemoryProfileInf