Re: [edk2-devel] [edk2-staging][PATCH] edk2-staging/RedfishClientPkg: Do not create attribute for NULL object

[Abner Chang]

Merged!

> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of Abner
> Chang
> Sent: Thursday, April 21, 2022 12:57 PM
> To: devel@edk2.groups.io; Wang, Nickle (Server BIOS)
> 
> Cc: Chang, Abner (HPS SW/FW Technologist) 
> Subject: Re: [edk2-devel] [edk2-staging][PATCH] edk2-
> staging/RedfishClientPkg: Do not create attribute for NULL object
> 
> I will merge it. Thanks
> 
> Reviewed-by: Abner Chang 
> 
> 
> > -Original Message-
> > From: devel@edk2.groups.io  On Behalf Of Wang,
> > Nickle (Server BIOS)
> > Sent: Thursday, April 21, 2022 11:16 AM
> > To: devel@edk2.groups.io
> > Cc: Wang, Nickle (Server BIOS) ; Chang, Abner
> (HPS
> > SW/FW Technologist) 
> > Subject: [edk2-devel] [edk2-staging][PATCH] edk2-
> staging/RedfishClientPkg:
> > Do not create attribute for NULL object
> >
> > While input object is NULL, do not generate attribute with empty string
> > value. This can reduce the size of HTTP context while sending "PATCH"
> > or "POST" request to Redfish service.
> >
> > Signed-off-by: Nickle Wang 
> > Cc: Abner Chang 
> > ---
> >  RedfishClientPkg/ConverterLib/src/RedfishCsCommon.c | 5 ++---
> >  1 file changed, 2 insertions(+), 3 deletions(-)
> >
> > diff --git a/RedfishClientPkg/ConverterLib/src/RedfishCsCommon.c
> > b/RedfishClientPkg/ConverterLib/src/RedfishCsCommon.c
> > index 624314a8ec..02e4c50c5f 100644
> > --- a/RedfishClientPkg/ConverterLib/src/RedfishCsCommon.c
> > +++ b/RedfishClientPkg/ConverterLib/src/RedfishCsCommon.c
> > @@ -1,6 +1,6 @@
> >  /** @file
> >
> > -  (C) Copyright 2018-2021 Hewlett Packard Enterprise Development
> LP
> > +  (C) Copyright 2018-2022 Hewlett Packard Enterprise Development
> LP
> >
> >SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > @@ -795,7 +795,6 @@ RedfishCS_status GetRedfishPropertyVague (void
> > *Cs, json_t *JsonObj, char *Key,
> >  RedfishCS_status InsertJsonStringObj (json_t *ParentJsonObj, char *Key,
> > RedfishCS_char *StringValue)
> >  {
> >json_t  *JsonValue;
> > -  RedfishCS_char NullStr[] = "";
> >RedfishCS_char *InsertStr;
> >
> >InsertStr = StringValue;
> > @@ -803,7 +802,7 @@ RedfishCS_status InsertJsonStringObj (json_t
> > *ParentJsonObj, char *Key, RedfishC
> >  return RedfishCS_status_invalid_parameter;
> >}
> >if (InsertStr == (char *)NULL) {
> > -InsertStr = NullStr;
> > +return RedfishCS_status_success;
> >}
> >JsonValue = json_string(InsertStr);
> >if (JsonValue == NULL) {
> > --
> > 2.32.0.windows.2
> >
> >
> >
> >
> >
> 
> 
> 
> 
> 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89175): https://edk2.groups.io/g/devel/message/89175
Mute This Topic: https://groups.io/mt/90599292/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [edk2-staging][PATCH] edk2-staging/RedfishClientPkg: Do not create attribute for NULL object

[Abner Chang]

I will merge it. Thanks

Reviewed-by: Abner Chang 


> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of Wang,
> Nickle (Server BIOS)
> Sent: Thursday, April 21, 2022 11:16 AM
> To: devel@edk2.groups.io
> Cc: Wang, Nickle (Server BIOS) ; Chang, Abner (HPS
> SW/FW Technologist) 
> Subject: [edk2-devel] [edk2-staging][PATCH] edk2-staging/RedfishClientPkg:
> Do not create attribute for NULL object
> 
> While input object is NULL, do not generate attribute with empty string
> value. This can reduce the size of HTTP context while sending "PATCH"
> or "POST" request to Redfish service.
> 
> Signed-off-by: Nickle Wang 
> Cc: Abner Chang 
> ---
>  RedfishClientPkg/ConverterLib/src/RedfishCsCommon.c | 5 ++---
>  1 file changed, 2 insertions(+), 3 deletions(-)
> 
> diff --git a/RedfishClientPkg/ConverterLib/src/RedfishCsCommon.c
> b/RedfishClientPkg/ConverterLib/src/RedfishCsCommon.c
> index 624314a8ec..02e4c50c5f 100644
> --- a/RedfishClientPkg/ConverterLib/src/RedfishCsCommon.c
> +++ b/RedfishClientPkg/ConverterLib/src/RedfishCsCommon.c
> @@ -1,6 +1,6 @@
>  /** @file
> 
> -  (C) Copyright 2018-2021 Hewlett Packard Enterprise Development LP
> +  (C) Copyright 2018-2022 Hewlett Packard Enterprise Development LP
> 
>SPDX-License-Identifier: BSD-2-Clause-Patent
> 
> @@ -795,7 +795,6 @@ RedfishCS_status GetRedfishPropertyVague (void
> *Cs, json_t *JsonObj, char *Key,
>  RedfishCS_status InsertJsonStringObj (json_t *ParentJsonObj, char *Key,
> RedfishCS_char *StringValue)
>  {
>json_t  *JsonValue;
> -  RedfishCS_char NullStr[] = "";
>RedfishCS_char *InsertStr;
> 
>InsertStr = StringValue;
> @@ -803,7 +802,7 @@ RedfishCS_status InsertJsonStringObj (json_t
> *ParentJsonObj, char *Key, RedfishC
>  return RedfishCS_status_invalid_parameter;
>}
>if (InsertStr == (char *)NULL) {
> -InsertStr = NullStr;
> +return RedfishCS_status_success;
>}
>JsonValue = json_string(InsertStr);
>if (JsonValue == NULL) {
> --
> 2.32.0.windows.2
> 
> 
> 
> 
> 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89172): https://edk2.groups.io/g/devel/message/89172
Mute This Topic: https://groups.io/mt/90599292/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [edk2-staging][PATCH] edk2-staging/RedfishClientPkg: Do not create attribute for NULL object

[Nickle Wang]

While input object is NULL, do not generate attribute with empty string
value. This can reduce the size of HTTP context while sending "PATCH"
or "POST" request to Redfish service.

Signed-off-by: Nickle Wang 
Cc: Abner Chang 
---
 RedfishClientPkg/ConverterLib/src/RedfishCsCommon.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/RedfishClientPkg/ConverterLib/src/RedfishCsCommon.c 
b/RedfishClientPkg/ConverterLib/src/RedfishCsCommon.c
index 624314a8ec..02e4c50c5f 100644
--- a/RedfishClientPkg/ConverterLib/src/RedfishCsCommon.c
+++ b/RedfishClientPkg/ConverterLib/src/RedfishCsCommon.c
@@ -1,6 +1,6 @@
 /** @file
 
-  (C) Copyright 2018-2021 Hewlett Packard Enterprise Development LP
+  (C) Copyright 2018-2022 Hewlett Packard Enterprise Development LP
 
   SPDX-License-Identifier: BSD-2-Clause-Patent
 
@@ -795,7 +795,6 @@ RedfishCS_status GetRedfishPropertyVague (void *Cs, json_t 
*JsonObj, char *Key,
 RedfishCS_status InsertJsonStringObj (json_t *ParentJsonObj, char *Key, 
RedfishCS_char *StringValue)
 {
   json_t  *JsonValue;
-  RedfishCS_char NullStr[] = "";
   RedfishCS_char *InsertStr;
 
   InsertStr = StringValue;
@@ -803,7 +802,7 @@ RedfishCS_status InsertJsonStringObj (json_t 
*ParentJsonObj, char *Key, RedfishC
 return RedfishCS_status_invalid_parameter;
   }
   if (InsertStr == (char *)NULL) {
-InsertStr = NullStr;
+return RedfishCS_status_success;
   }
   JsonValue = json_string(InsertStr);
   if (JsonValue == NULL) {
-- 
2.32.0.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89171): https://edk2.groups.io/g/devel/message/89171
Mute This Topic: https://groups.io/mt/90599292/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [edk2-platforms][PATCH v1 07/10] U5SeriesPkg: Add VariableFlashInfoLib

[Abner Chang]

Reviewed-by: Abner Chang 

> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of Michael
> Kubacki
> Sent: Thursday, April 21, 2022 4:44 AM
> To: devel@edk2.groups.io
> Cc: Chang, Abner (HPS SW/FW Technologist) ;
> Gilbert Chen ; Schaefer, Daniel (ROM Janitor)
> 
> Subject: [edk2-devel] [edk2-platforms][PATCH v1 07/10] U5SeriesPkg: Add
> VariableFlashInfoLib
> 
> From: Michael Kubacki 
> 
> REF:INVALID URI REMOVED.
> cgi?id=3479__;!!NpxR!3PhEOFQSnwjCzmgG3JnYXRlZBh_ix2221KBb7AJK4fIG_
> PlogbyEkSE_3IJvCdQ$
> 
> Adds an instance for the library class VariableFlashInfoLib that
> was recently introduced in MdeModulePkg. This change is made to
> allow the new variable driver to build that has a dependency on
> this library class and does not require any further platform
> changes.
> 
> Cc: Abner Chang 
> Cc: Gilbert Chen 
> Cc: Daniel Schaefer 
> Signed-off-by: Michael Kubacki 
> ---
>  Platform/SiFive/U5SeriesPkg/FreedomU500VC707Board/U500.dsc   | 1 +
> 
> Platform/SiFive/U5SeriesPkg/FreedomU540HiFiveUnleashedBoard/U540.dsc
> | 1 +
>  2 files changed, 2 insertions(+)
> 
> diff --git a/Platform/SiFive/U5SeriesPkg/FreedomU500VC707Board/U500.dsc
> b/Platform/SiFive/U5SeriesPkg/FreedomU500VC707Board/U500.dsc
> index 318851332a7f..7b36b2c885e0 100644
> --- a/Platform/SiFive/U5SeriesPkg/FreedomU500VC707Board/U500.dsc
> +++ b/Platform/SiFive/U5SeriesPkg/FreedomU500VC707Board/U500.dsc
> @@ -100,6 +100,7 @@ [LibraryClasses]
>ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf
> 
> UefiBootManagerLib|MdeModulePkg/Library/UefiBootManagerLib/UefiBoo
> tManagerLib.inf
>FdtLib|EmbeddedPkg/Library/FdtLib/FdtLib.inf
> +
> VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/Base
> VariableFlashInfoLib.inf
> 
> VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Va
> riablePolicyHelperLib.inf
> 
>  # RISC-V Platform Library
> diff --git
> a/Platform/SiFive/U5SeriesPkg/FreedomU540HiFiveUnleashedBoard/U540.d
> sc
> b/Platform/SiFive/U5SeriesPkg/FreedomU540HiFiveUnleashedBoard/U540.
> dsc
> index 98a6a69ca3ec..26895a75ec2f 100644
> ---
> a/Platform/SiFive/U5SeriesPkg/FreedomU540HiFiveUnleashedBoard/U540.d
> sc
> +++
> b/Platform/SiFive/U5SeriesPkg/FreedomU540HiFiveUnleashedBoard/U540.
> dsc
> @@ -100,6 +100,7 @@ [LibraryClasses]
>ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf
> 
> UefiBootManagerLib|MdeModulePkg/Library/UefiBootManagerLib/UefiBoo
> tManagerLib.inf
>FdtLib|EmbeddedPkg/Library/FdtLib/FdtLib.inf
> +
> VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/Base
> VariableFlashInfoLib.inf
> 
> VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Va
> riablePolicyHelperLib.inf
> 
>  # RISC-V Platform Library
> --
> 2.28.0.windows.1
> 
> 
> 
> 
> 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89169): https://edk2.groups.io/g/devel/message/89169
Mute This Topic: https://groups.io/mt/90592926/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v4 6/8] EmulatorPkg: Add VariableFlashInfoLib

[Abner Chang]

I am not the reviewer for the changes under EmulatorPkg other than Redfish 
stuff. However, I have no problem with the entire patch set, so does the change 
under for EmulatorPkg.

Reviewed-by: Abner Chang 

> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of Michael
> Kubacki
> Sent: Thursday, April 21, 2022 6:52 AM
> To: devel@edk2.groups.io; Andrew Fish ; Ray Ni
> ; Chang, Abner (HPS SW/FW Technologist)
> ; Wang, Nickle (Server BIOS)
> 
> Subject: Re: [edk2-devel] [PATCH v4 6/8] EmulatorPkg: Add
> VariableFlashInfoLib
> 
> Hi EmulatorPkg maintainers,
> 
> This is the only package in the series that has not given a review yet.
> Can you please help review it?
> 
> Thanks,
> Michael
> 
> On 4/12/2022 12:29 PM, Michael Kubacki wrote:
> > From: Michael Kubacki 
> >
> >
> REF:INVALID URI REMOVED.
> cgi?id=3479__;!!NpxR!3XNUZ5NC9M4mSbD7tIR6y_88TLasCu1rZ5-dyKIh2qyl-
> RQ7xt-gSz5UZ-tm4Zs$
> >
> > Adds an instance of VariableFlashInfoLib to the platform build as
> > it is a new library class introduced in MdeModulePkg.
> >
> > Cc: Andrew Fish 
> > Cc: Ray Ni 
> > Cc: Abner Chang 
> > Cc: Nickle Wang 
> > Signed-off-by: Michael Kubacki 
> > ---
> >   EmulatorPkg/EmulatorPkg.dsc | 1 +
> >   1 file changed, 1 insertion(+)
> >
> > diff --git a/EmulatorPkg/EmulatorPkg.dsc b/EmulatorPkg/EmulatorPkg.dsc
> > index 554c13ddb500..4cf886b9eac7 100644
> > --- a/EmulatorPkg/EmulatorPkg.dsc
> > +++ b/EmulatorPkg/EmulatorPkg.dsc
> > @@ -122,6 +122,7 @@ [LibraryClasses]
> > VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
> >
> VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLi
> bRuntimeDxe.inf
> >
> VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Va
> riablePolicyHelperLib.inf
> > +
> VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/Base
> VariableFlashInfoLib.inf
> > SortLib|MdeModulePkg/Library/BaseSortLib/BaseSortLib.inf
> > ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf
> > FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf
> 
> 
> 
> 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89168): https://edk2.groups.io/g/devel/message/89168
Mute This Topic: https://groups.io/mt/90595285/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] Some questions about Azure CI

[Chao Li]

Hi Micheal,

Sorry for my so carelessness, I actually fixed our code yesterday, I think this 
bug was brought on by when I modified the code formatting, I will check 
carefully next time. Sorry again.

--
Thanks,
Chao


On 4月 20 2022, at 10:45 晚上, "Michael Kubacki"  
wrote:
> My understanding is that you were referring to the document on my fork
> being difficult to access and you shared a link to your CI results that
> does not have the message pointing to the wiki page yet.
>
> This is all correct. The wiki content has moved from my fork to the
> official wiki page and the patch that adds the message to the CI results
> has not been merged yet. It is posted on the mailing list here and
> waiting for reviews:
>
> https://edk2.groups.io/g/devel/message/89098
> ---
> As for your build failing between yesterday and today, note that the
> builds are based on different commits.
>
> Yesterday:
> https://github.com/loongson/edk2/commit/8d100910a2ad98b71acaabc0dcdd70be7e0eba63
>
> Today:
> https://github.com/loongson/edk2/commit/6ca5d9d6c55ca773a652fe52508e980c7aa372d3
>
> The commits have different content. In particular, I took a quick look
> at a build that is failing now (Build_GCC5 TARGET_MDEMODULE_DEBUG) but
> previously succeeded.
>
> The compilation step is failing for reasons such as the following:
> INFO -
> /home/vsts/work/1/s/MdePkg/Include/LoongArch64/ProcessorBind.h:35:24:
> error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘UINT16’
> INFO - 35 | typedef unsigned shor UINT16;
>
> Notice, that there is a typo introduced in the new commit. "shor" versus
> "short", this is what is causing compilation failure.
>
> Here is a comparison of those two commits showing the line in
> ProcessorBind.h that is causing the problem:
>
> https://github.com/loongson/edk2/compare/8d10091..6ca5d9d#diff-50b24eb92c5785d5c70097a70104040fcacfb70225dd8196c1a97ef3bbb305c8R35-R36
> Regards,
> Michael
>
> On 4/20/2022 7:08 AM, Chao Li wrote:
> > Hi Micheal,
> >
> > Do you know if anyone has modified the Azure CI today? I did a CI test
> > today, and many modules reported errors, but yesterday, only two modules
> > reported errors, I don't know what happened. Please refer following two
> > links:
> >
> > Today:
> > https://dev.azure.com/kilaterlee/LoongArch_edk2/_build/results?buildId=32=results
> > 
> > Yesterday:
> > https://dev.azure.com/kilaterlee/LoongArch_edk2/_build/results?buildId=31=results
> > 
> >
> > --
> > Thanks,
> > Chao
> > 
> >
> >
> > On 4月 20 2022, at 6:10 晚上, Chao Li  wrote:
> >
> > Hi Micheal,
> >
> > Sorry for late reply, I'm busy with other things, focusing on
> > modifying our code, refer to the detailed error log file.
> >
> > I am learning how to get the detailed log from this link:
> > https://github.com/makubacki/tianocore.github.io/blob/add_ci_uncrustify_instructions/EDK-II-Code-Formatting.md#how-to-find-uncrustify-formatting-errors-in-continuous-integration-ci
> > .
> > I didn't find the detailed log link in the Azure error log, it looks
> > like:
> > https://dev.azure.com/kilaterlee/LoongArch_edk2/_build/results?buildId=31=logs=9701361e-2546-5093-77e5-58c75d95b7ce=27131ef8-75e1-57c3-3236-d806181f2f1f
> > .
> >
> > --
> > Thanks,
> > Chao
> > 
> >
> >
> > On 4月 20 2022, at 9:56 上午, "Michael Kubacki"
> >  wrote:
> >
> > Hi Chao,
> >
> > Are you referring to the 

Re: [edk2-devel] [PATCH V3 1/1] OvmfPkg/OvmfPkgX64: Adjust load sequence of TdxDxe and AmdSevDxe driver

[Yao, Jiewen]

Thanks for the follow up.

Merged - https://github.com/tianocore/edk2/pull/2809

> -Original Message-
> From: Xu, Min M 
> Sent: Thursday, April 21, 2022 8:45 AM
> To: devel@edk2.groups.io
> Cc: Xu, Min M ; Brijesh Singh ;
> Aktas, Erdem ; James Bottomley
> ; Yao, Jiewen ; Tom Lendacky
> 
> Subject: [PATCH V3 1/1] OvmfPkg/OvmfPkgX64: Adjust load sequence of TdxDxe
> and AmdSevDxe driver
> 
> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3904
> 
> TdxDxe driver is introduced for Intel TDX feature. Unfortunately, this
> driver also breaks boot process in SEV-ES guest. The root cause is in
> the PciLib which is imported by TdxDxe driver.
> 
> In a SEV-ES guest the AmdSevDxe driver performs a
> MemEncryptSevClearMmioPageEncMask() call against the
> PcdPciExpressBaseAddress range to mark it shared/unencrypted. However,
> the TdxDxe driver is loaded before the AmdSevDxe driver, and the PciLib
> in TdxDxe is DxePciLibI440FxQ35 which will access the
> PcdPciExpressBaseAddress range. Since the range has not been marked
> shared/unencrypted, the #VC handler terminates the guest for trying to
> do MMIO to an encrypted region.
> 
> Adjusting the load sequence of TdxDxe and AmdSevDxe can fix the issue.
> 
> Cc: Brijesh Singh 
> Cc: Erdem Aktas 
> Cc: James Bottomley 
> Cc: Jiewen Yao 
> Cc: Tom Lendacky 
> SEV-Tested-by: Tom Lendacky 
> TDX-Tested-by: Min Xu 
> Reviewed-by: Jiewen Yao 
> Signed-off-by: Min Xu 
> ---
>  OvmfPkg/OvmfPkgX64.fdf | 7 ++-
>  1 file changed, 6 insertions(+), 1 deletion(-)
> 
> diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
> index 71df28705ea8..6e72cdf3453e 100644
> --- a/OvmfPkg/OvmfPkgX64.fdf
> +++ b/OvmfPkg/OvmfPkgX64.fdf
> @@ -214,8 +214,13 @@ READ_LOCK_STATUS   = TRUE
>  APRIORI DXE {
>INF  MdeModulePkg/Universal/DevicePathDxe/DevicePathDxe.inf
>INF  MdeModulePkg/Universal/PCD/Dxe/Pcd.inf
> -  INF  OvmfPkg/TdxDxe/TdxDxe.inf
> +  # AmdSevDxe must be loaded before TdxDxe. Because in SEV guest
> AmdSevDxe
> +  # driver performs a MemEncryptSevClearMmioPageEncMask() call against the
> +  # PcdPciExpressBaseAddress range to mark it shared/unencrypted.
> +  # Otherwise #VC handler terminates the guest for trying to do MMIO to an
> +  # encrypted region (Since the range has not been marked 
> shared/unencrypted).
>INF  OvmfPkg/AmdSevDxe/AmdSevDxe.inf
> +  INF  OvmfPkg/TdxDxe/TdxDxe.inf
>  !if $(SMM_REQUIRE) == FALSE
>INF  OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf
>  !endif
> --
> 2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89166): https://edk2.groups.io/g/devel/message/89166
Mute This Topic: https://groups.io/mt/90597181/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] 回复: [PATCH v2 1/1] BaseTools: disable stack protector (gcc, AARCH64)

[gaoliming]

Oliver: 
  The change is good to me. I also include ARM maintainer Ard to review this
change. 
  
  Reviewed-by: Liming Gao 
  
Thanks
Liming
> -邮件原件-
> 发件人: Oliver Steffen 
> 发送时间: 2022年4月20日 16:16
> 收件人: devel@edk2.groups.io
> 抄送: bob.c.f...@intel.com; gaolim...@byosoft.com.cn;
> yuwei.c...@intel.com; Oliver Steffen 
> 主题: [PATCH v2 1/1] BaseTools: disable stack protector (gcc, AARCH64)
> 
> Explicity disable the stack protection with
> -fno-stack-protection for builds using GCC on
> AARCH64.
> 
> The gcc on Ubuntu enables -fstack-protector-strong
> by default starting with Ubuntu 21.10.
> 
> GenFw fails if stack protection is enabled.
> 
> Signed-off-by: Oliver Steffen 
> ---
>  BaseTools/Conf/tools_def.template | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/BaseTools/Conf/tools_def.template
> b/BaseTools/Conf/tools_def.template
> index 9c310cf23d25..1a49671a2708 100755
> --- a/BaseTools/Conf/tools_def.template
> +++ b/BaseTools/Conf/tools_def.template
> @@ -1915,7 +1915,7 @@ DEFINE GCC48_ARM_ASM_FLAGS   =
> $(ARCHASM_FLAGS) $(PLATFORM_FLAGS) DEF(GC
>  DEFINE GCC48_AARCH64_ASM_FLAGS   = $(ARCHASM_FLAGS)
> $(PLATFORM_FLAGS) DEF(GCC_ASM_FLAGS) -mlittle-endian
>  DEFINE GCC48_ARM_CC_FLAGS= $(ARCHCC_FLAGS)
> $(PLATFORM_FLAGS) DEF(GCC_ARM_CC_FLAGS) -fstack-protector
> -mword-relocations
>  DEFINE GCC48_ARM_CC_XIPFLAGS =
> DEF(GCC_ARM_CC_XIPFLAGS)
> -DEFINE GCC48_AARCH64_CC_FLAGS= $(ARCHCC_FLAGS)
> $(PLATFORM_FLAGS) -mcmodel=large DEF(GCC_AARCH64_CC_FLAGS)
> +DEFINE GCC48_AARCH64_CC_FLAGS= $(ARCHCC_FLAGS)
> $(PLATFORM_FLAGS) -mcmodel=large DEF(GCC_AARCH64_CC_FLAGS)
> -fno-stack-protector
>  DEFINE GCC48_AARCH64_CC_XIPFLAGS =
> DEF(GCC_AARCH64_CC_XIPFLAGS)
>  DEFINE GCC48_ARM_DLINK_FLAGS =
> DEF(GCC_ARM_DLINK_FLAGS) -Wl,--oformat=elf32-littlearm
>  DEFINE GCC48_ARM_DLINK2_FLAGS=
> DEF(GCC_DLINK2_FLAGS_COMMON)
> -Wl,--defsym=PECOFF_HEADER_SIZE=0x220
> --
> 2.36.0





-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89165): https://edk2.groups.io/g/devel/message/89165
Mute This Topic: https://groups.io/mt/90597935/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

回复: [edk2-devel] 回复: [PATCH v2 1/1] MdePkg/Include: Use DEBUG_FILE_PATH to specify debug file path.

[gaoliming]

Guomin:
  gEfiCallerBaseName is the module base name, not source file name. It can 
verify the build reproduce, but it can't provide the same functionality to 
_FILE_.  

Thanks
Liming
> -邮件原件-
> 发件人: Jiang, Guomin 
> 发送时间: 2022年4月20日 16:58
> 收件人: Gao, Liming ; devel@edk2.groups.io
> 抄送: Kinney, Michael D ; Liu, Zhiguang
> 
> 主题: RE: [edk2-devel] 回复: [PATCH v2 1/1] MdePkg/Include: Use
> DEBUG_FILE_PATH to specify debug file path.
> 
> Hi Liming,
> 
> I just add ```-D DEBUG_FILE_PATH=gEfiCallerBaseName``` to BuildOptions
> 
> Thanks
> Guomin
> 
> > -Original Message-
> > From: gaoliming 
> > Sent: Sunday, April 17, 2022 11:21 AM
> > To: Jiang, Guomin ; devel@edk2.groups.io
> > Cc: Kinney, Michael D ; Liu, Zhiguang
> > 
> > Subject: 回复: [edk2-devel] 回复: [PATCH v2 1/1] MdePkg/Include: Use
> > DEBUG_FILE_PATH to specify debug file path.
> >
> > Guomin:
> >   I understand the purpose. But, I don't see the complete solution to
> > configure DEBUG_FILE_PATH for every source file in order to meet with the
> > debug image reproducible builds. Have you verified this solution with the
> real
> > DEBUG_FILE_PATH for every source file? Or, you just set DEBUG_FILE_PATH
> > to the same value for the different source file?
> >
> > Thanks
> > Liming
> > > -邮件原件-
> > > 发件人: Jiang, Guomin 
> > > 发送时间: 2022年4月13日 13:43
> > > 收件人: devel@edk2.groups.io; Gao, Liming
> 
> > > 抄送: Kinney, Michael D ; Liu, Zhiguang
> > > 
> > > 主题: RE: [edk2-devel] 回复: [PATCH v2 1/1] MdePkg/Include: Use
> > > DEBUG_FILE_PATH to specify debug file path.
> > >
> > > Hi Liming,
> > >
> > > Below is the detail why need this change. If you only care usage.
> > > Please jump to "How to use it" directly.
> > >
> > > Why need:
> > > 1. Replication build is not new, you can refer
> > > https://reproducible-builds.org for detail 2. The benefit is that 1)
> > > make sure the same commit generate same binary so we can sure that it
> > > is not modified by anyone 2) store the binary in the repo without
> > > concern of different binary with same code.
> > >
> > > What's barrier in EDK2 implement?
> > > 1. Very depend on Toolchain(for example VS, GCC, CLANG). Different
> > > toolchain have different feature set and different toolchain version
> > > have different feature set.
> > > 2. Deploy new toolchain need big effort, include but not limit deploy
> > > it in CI CD system, update toolchain, size concern, feature change,
> > > etc
> > >
> > > What's the change:
> > > 1. The change want to address one issue that we encounter in
> > > replication
> > > build: the ASSERT in EDK2 will be different in different environment.
> > > For
> > > example: file path, back slash or forward slash, etc
> > >
> > > How to use it:
> > > 1. If you want to keep current ASSERT string format. No action is
> > > required and the change keep back compatible 2. If you want to
> > > customize the ASSERT string format. You can use additional tool to
> > > generate PATH and define macro in BuildOptions or tools_def.
> > >
> > > Note:
> > > 1. Replication build need many effort: 1) address the pdb path, 2)
> > > address the timestamp, etc 2. This change is not target for resolving
> > > all issue in replication build 3. I think it is a small step toward
> > > space even though it haven't fix every thing.
> > >
> > > Thank
> > > Guomin
> > >
> > > > -Original Message-
> > > > From: devel@edk2.groups.io  On Behalf Of
> > > > gaoliming
> > > > Sent: Wednesday, April 13, 2022 9:03 AM
> > > > To: Jiang, Guomin ; devel@edk2.groups.io
> > > > Cc: Kinney, Michael D ; Liu, Zhiguang
> > > > 
> > > > Subject: [edk2-devel] 回复: [PATCH v2 1/1] MdePkg/Include: Use
> > > > DEBUG_FILE_PATH to specify debug file path.
> > > >
> > > > Guomin:
> > > >   Can you introduce DEBUG_FILE_PATH usage? If the developer wants
> to
> > > > enable this feature, how configure DEBUG_FILE_PATH?
> > > >
> > > > Thanks
> > > > Liming
> > > > > -邮件原件-
> > > > > 发件人: Guomin Jiang 
> > > > > 发送时间: 2022年4月12日 18:25
> > > > > 收件人: devel@edk2.groups.io
> > > > > 抄送: Michael D Kinney ; Liming Gao
> > > > > ; Zhiguang Liu 
> > > > > 主题: [PATCH v2 1/1] MdePkg/Include: Use DEBUG_FILE_PATH to
> > specify
> > > > > debug file path.
> > > > >
> > > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3840
> > > > >
> > > > > Use DEBUG_FILE_PATH to control ASSERT path
> > > > >
> > > > > Motivation and Goal:
> > > > > 1. Make replication build more easy and less toolchain dependency 2.
> > > > > Consume the ASSERT string easy for downstream 3. Make code more
> > > clear
> > > > >
> > > > > Cc: Michael D Kinney 
> > > > > Cc: Liming Gao 
> > > > > Cc: Zhiguang Liu 
> > > > > Signed-off-by: Guomin Jiang 
> > > > > ---
> > > > >  MdePkg/Include/Library/DebugLib.h | 34
> > > > > +--
> > > > >  1 file changed, 23 insertions(+), 11 deletions(-)
> > > > >
> > > > > diff --git a/MdePkg/Include/Library/DebugLib.h
> > > > > b/MdePkg/Include/Library/DebugLib.h
> > > > > index 

回复: [edk2-devel] [PATCH v2] MdePkg: Update smbiosview type 9 with SMBIOS 3.5 fields

[gaoliming]

Chang:
  PR shows the patch coding style issue. Please fix them. 

Thanks
Liming
> -邮件原件-
> 发件人: devel@edk2.groups.io  代表 gaoliming
> 发送时间: 2022年4月20日 7:50
> 收件人: devel@edk2.groups.io; zhichao@intel.com; 'Ke, Bo-ChangX'
> 
> 抄送: 'Liu, Zhiguang' ; 'Bi, Dandan'
> ; 'Zeng, Star' ; 'Kinney, Michael
> D' 
> 主题: 回复: [edk2-devel] [PATCH v2] MdePkg: Update smbiosview type 9
> with SMBIOS 3.5 fields
> 
> PR https://github.com/tianocore/edk2/pull/2797 is created.
> 
> Thanks
> Liming
> > -邮件原件-
> > 发件人: devel@edk2.groups.io  代表 Gao,
> Zhichao
> > 发送时间: 2022年4月19日 13:09
> > 收件人: devel@edk2.groups.io; Gao, Liming ;
> Ke,
> > Bo-ChangX 
> > 抄送: Liu, Zhiguang ; Bi, Dandan
> > ; Zeng, Star ; Kinney, Michael
> D
> > 
> > 主题: Re: [edk2-devel] [PATCH v2] MdePkg: Update smbiosview type 9
> with
> > SMBIOS 3.5 fields
> >
> > Hi Liming, Mike,
> >
> > Can you help to create the PR of these patch set? This is the first patch 
> > and
> > the second one is ShellPkg with the same titile.
> >
> > Thanks,
> > Zhichao
> >
> > > -Original Message-
> > > From: devel@edk2.groups.io  On Behalf Of
> > > gaoliming
> > > Sent: Sunday, April 17, 2022 11:25 AM
> > > To: devel@edk2.groups.io; Ke, Bo-ChangX ;
> Gao,
> > > Zhichao 
> > > Cc: Liu, Zhiguang ; Bi, Dandan
> > > ; Zeng, Star ; Kinney,
> Michael
> > > D 
> > > Subject: 回复: [edk2-devel] [PATCH v2] MdePkg: Update smbiosview type
> 9
> > > with SMBIOS 3.5 fields
> > >
> > > Reviewed-by: Liming Gao 
> > >
> > > > -邮件原件-
> > > > 发件人: devel@edk2.groups.io  代表 Bo
> Chang
> > Ke
> > > > 发送时间: 2022年4月15日 16:35
> > > > 收件人: Gao, Zhichao ; devel@edk2.groups.io
> > > > 抄送: Liu, Zhiguang ; Bi, Dandan
> > > > ; Zeng, Star ; Gao, Liming
> > > > ; Kinney, Michael D
> > > > 
> > > > 主题: Re: [edk2-devel] [PATCH v2] MdePkg: Update smbiosview type 9
> > > with
> > > > SMBIOS 3.5 fields
> > > >
> > > > Add Kinney, Michael D and Gao, Liming
> > > >
> > > > Best Regards.
> > > >
> > > > -Original Message-
> > > > From: Gao, Zhichao 
> > > > Sent: Thursday, April 14, 2022 10:25 AM
> > > > To: Ke, Bo-ChangX ; devel@edk2.groups.io
> > > > Cc: Liu, Zhiguang ; Bi, Dandan
> > > > ; Zeng, Star 
> > > > Subject: RE: [PATCH v2] MdePkg: Update smbiosview type 9 with
> SMBIOS
> > > > 3.5 fields
> > > >
> > > > Reviewed-by: Zhichao Gao 
> > > >
> > > > Thanks,
> > > > Zhichao
> > > >
> > > > > -Original Message-
> > > > > From: Ke, Bo-ChangX 
> > > > > Sent: Wednesday, April 13, 2022 11:14 AM
> > > > > To: devel@edk2.groups.io
> > > > > Cc: Liu, Zhiguang ; Gao, Zhichao
> > > > > ; Bi, Dandan ; Zeng,
> > > > > Star 
> > > > > Subject: [PATCH v2] MdePkg: Update smbiosview type 9 with SMBIOS
> > 3.5
> > > > > fields
> > > > >
> > > > > REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3896
> > > > >
> > > > > update smbiosview type 9 related fileds.
> > > > >
> > > > > Signed-off-by: Bo Chang Ke 
> > > > > Cc: Zhiguang Liu 
> > > > > Cc: Zhichao Gao 
> > > > > Cc: Dandan Bi 
> > > > > Cc: Star Zeng 
> > > > > ---
> > > > >  MdePkg/Include/IndustryStandard/SmBios.h | 49
> > > > > +++-
> > > > >  1 file changed, 48 insertions(+), 1 deletion(-)
> > > > >
> > > > > diff --git a/MdePkg/Include/IndustryStandard/SmBios.h
> > > > > b/MdePkg/Include/IndustryStandard/SmBios.h
> > > > > index 2b1567b052..52f2e35ee9 100644
> > > > > --- a/MdePkg/Include/IndustryStandard/SmBios.h
> > > > > +++ b/MdePkg/Include/IndustryStandard/SmBios.h
> > > > > @@ -1306,6 +1306,11 @@ typedef enum {
> > > > >SlotTypePciExpressMini52pinWithBSKO= 0x21,///< PCI
> > > > Express Mini 52-pin
> > > > > (CEM spec. 2.0) with bottom-side keep-outs.
> > > > >SlotTypePciExpressMini52pinWithoutBSKO = 0x22,///< PCI
> > Express
> > > > Mini 52-
> > > > > pin (CEM spec. 2.0) without bottom-side keep-outs.
> > > > >SlotTypePciExpressMini76pin= 0x23,///< PCI
> > > > Express Mini 76-pin (CEM
> > > > > spec. 2.0) Corresponds to Display-Mini card.
> > > > > +  SlotTypePCIExpressGen4SFF_8639 = 0x24,///< U.2
> > > > > +  SlotTypePCIExpressGen5SFF_8639 = 0x25,///< U.2
> > > > > +  SlotTypeOCPNIC30SmallFormFactor= 0x26,///< SFF
> > > > > +  SlotTypeOCPNIC30LargeFormFactor= 0x27,///< LFF
> > > > > +  SlotTypeOCPNICPriorto30= 0x28,
> > > > >SlotTypeCXLFlexbus10   = 0x30,
> > > > >SlotTypePC98C20= 0xA0,
> > > > >SlotTypePC98C24= 0xA1,
> > > > > @@ -1335,7 +1340,16 @@ typedef enum {
> > > > >SlotTypePciExpressGen4X2   = 0xBA,
> > > > >SlotTypePciExpressGen4X4   = 0xBB,
> > > > >SlotTypePciExpressGen4X8   = 0xBC,
> > > > > -  SlotTypePciExpressGen4X16  = 0xBD
> > > > > +  SlotTypePciExpressGen4X16  = 0xBD,
> > > > > +  SlotTypePCIExpressGen5 = 0xBE,
> > > > > +  SlotTypePCIExpressGen5X1   = 0xBF,
> > > > > +  SlotTypePCIExpressGen5X2 

Re: [edk2-devel] [PATCH 1/1] CryptoPkg: Declare PcdEcEnabled in Library consuming OpensslLib

[Yao, Jiewen]

Reviewed-by: Jiewen Yao 

> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of yi1 li
> Sent: Tuesday, April 19, 2022 10:38 PM
> To: devel@edk2.groups.io
> Cc: Li, Yi1 ; Yao, Jiewen ; Wang, Jian
> J 
> Subject: [edk2-devel] [PATCH 1/1] CryptoPkg: Declare PcdEcEnabled in Library
> consuming OpensslLib
> 
> From: Yi Li 
> 
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3679
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3828
> 
> Tls/Base/Pei/Smm/RuntimeCryptLib.inf will use OpensslLib,
> and the opensslconf.h in openssllib will use PcdEcEnabled,
> but it is not declared in the inf file now,
> it will cause warnings in some compilers.
> 
> Cc: Jiewen Yao 
> Cc: Jian J Wang 
> 
> Signed-off-by: Yi Li 
> ---
>  CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 3 +++
>  CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf  | 3 +++
>  CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf  | 3 +++
>  CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf  | 3 +++
>  CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf | 3 +++
>  CryptoPkg/Library/OpensslLib/OpensslLib.inf | 2 +-
>  CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf   | 2 +-
>  CryptoPkg/Library/TlsLib/TlsLib.inf | 3 +++
>  8 files changed, 20 insertions(+), 2 deletions(-)
> 
> diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> index 15cf3dab105c..5bbdb387d6ba 100644
> --- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> +++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> @@ -88,6 +88,9 @@
>IntrinsicLib
>PrintLib
> 
> +[FixedPcd]
> +  gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> +
>  #
>  # Remove these [BuildOptions] after this library is cleaned up
>  #
> diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> index bf1563b06407..fd500e61ec99 100644
> --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> @@ -77,6 +77,9 @@
>OpensslLib
>IntrinsicLib
> 
> +[FixedPcd]
> +  gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> +
>  #
>  # Remove these [BuildOptions] after this library is cleaned up
>  #
> diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> index 6742da0be4fe..3e4524896c45 100644
> --- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> +++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> @@ -93,6 +93,9 @@
>IntrinsicLib
>PrintLib
> 
> +[FixedPcd]
> +  gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> +
>  #
>  # Remove these [BuildOptions] after this library is cleaned up
>  #
> diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> index 8f39517f78b7..ae75bc87b5e5 100644
> --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> @@ -92,6 +92,9 @@
>MmServicesTableLib
>SynchronizationLib
> 
> +[FixedPcd]
> +  gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> +
>  #
>  # Remove these [BuildOptions] after this library is cleaned up
>  #
> diff --git a/CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf
> b/CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf
> index b98f9635b27b..44c183b90563 100644
> --- a/CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf
> +++ b/CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf
> @@ -72,6 +72,9 @@
>DebugLib
>OpensslLib
> 
> +[FixedPcd]
> +  gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> +
>  #
>  # Remove these [BuildOptions] after this library is cleaned up
>  #
> diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> index 459ac4864a4e..a97b3f5e8ff2 100644
> --- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> +++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> @@ -633,7 +633,7 @@
>  [LibraryClasses.ARM]
>ArmSoftFloatLib
> 
> -[Pcd]
> +[FixedPcd]
>gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled  ## CONSUMES
> 
>  [BuildOptions]
> diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> index c9d69a368e3c..490b83602be9 100644
> --- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> +++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> @@ -582,7 +582,7 @@
>  [LibraryClasses.ARM]
>ArmSoftFloatLib
> 
> -[Pcd]
> +[FixedPcd]
>gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled  ## CONSUMES
> 
>  [BuildOptions]
> diff --git a/CryptoPkg/Library/TlsLib/TlsLib.inf
> b/CryptoPkg/Library/TlsLib/TlsLib.inf
> index 27209f4d7fe3..001e13e3990b 100644
> --- a/CryptoPkg/Library/TlsLib/TlsLib.inf
> +++ b/CryptoPkg/Library/TlsLib/TlsLib.inf
> @@ -41,6 +41,9 @@
>OpensslLib
>SafeIntLib
> 
> +[FixedPcd]
> +  gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> +
>  [BuildOptions]
> 

[edk2-devel] [PATCH V3 1/1] OvmfPkg/OvmfPkgX64: Adjust load sequence of TdxDxe and AmdSevDxe driver

[Min Xu]

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3904

TdxDxe driver is introduced for Intel TDX feature. Unfortunately, this
driver also breaks boot process in SEV-ES guest. The root cause is in
the PciLib which is imported by TdxDxe driver.

In a SEV-ES guest the AmdSevDxe driver performs a
MemEncryptSevClearMmioPageEncMask() call against the
PcdPciExpressBaseAddress range to mark it shared/unencrypted. However,
the TdxDxe driver is loaded before the AmdSevDxe driver, and the PciLib
in TdxDxe is DxePciLibI440FxQ35 which will access the
PcdPciExpressBaseAddress range. Since the range has not been marked
shared/unencrypted, the #VC handler terminates the guest for trying to
do MMIO to an encrypted region.

Adjusting the load sequence of TdxDxe and AmdSevDxe can fix the issue.

Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
SEV-Tested-by: Tom Lendacky 
TDX-Tested-by: Min Xu 
Reviewed-by: Jiewen Yao 
Signed-off-by: Min Xu 
---
 OvmfPkg/OvmfPkgX64.fdf | 7 ++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
index 71df28705ea8..6e72cdf3453e 100644
--- a/OvmfPkg/OvmfPkgX64.fdf
+++ b/OvmfPkg/OvmfPkgX64.fdf
@@ -214,8 +214,13 @@ READ_LOCK_STATUS   = TRUE
 APRIORI DXE {
   INF  MdeModulePkg/Universal/DevicePathDxe/DevicePathDxe.inf
   INF  MdeModulePkg/Universal/PCD/Dxe/Pcd.inf
-  INF  OvmfPkg/TdxDxe/TdxDxe.inf
+  # AmdSevDxe must be loaded before TdxDxe. Because in SEV guest AmdSevDxe
+  # driver performs a MemEncryptSevClearMmioPageEncMask() call against the
+  # PcdPciExpressBaseAddress range to mark it shared/unencrypted.
+  # Otherwise #VC handler terminates the guest for trying to do MMIO to an
+  # encrypted region (Since the range has not been marked shared/unencrypted).
   INF  OvmfPkg/AmdSevDxe/AmdSevDxe.inf
+  INF  OvmfPkg/TdxDxe/TdxDxe.inf
 !if $(SMM_REQUIRE) == FALSE
   INF  OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf
 !endif
-- 
2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89161): https://edk2.groups.io/g/devel/message/89161
Mute This Topic: https://groups.io/mt/90597181/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v4 6/8] EmulatorPkg: Add VariableFlashInfoLib

[Michael Kubacki]

Hi EmulatorPkg maintainers,

This is the only package in the series that has not given a review yet. 
Can you please help review it?


Thanks,
Michael

On 4/12/2022 12:29 PM, Michael Kubacki wrote:

From: Michael Kubacki 

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3479

Adds an instance of VariableFlashInfoLib to the platform build as
it is a new library class introduced in MdeModulePkg.

Cc: Andrew Fish 
Cc: Ray Ni 
Cc: Abner Chang 
Cc: Nickle Wang 
Signed-off-by: Michael Kubacki 
---
  EmulatorPkg/EmulatorPkg.dsc | 1 +
  1 file changed, 1 insertion(+)

diff --git a/EmulatorPkg/EmulatorPkg.dsc b/EmulatorPkg/EmulatorPkg.dsc
index 554c13ddb500..4cf886b9eac7 100644
--- a/EmulatorPkg/EmulatorPkg.dsc
+++ b/EmulatorPkg/EmulatorPkg.dsc
@@ -122,6 +122,7 @@ [LibraryClasses]
VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf

VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeDxe.inf

VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
+  
VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf
SortLib|MdeModulePkg/Library/BaseSortLib/BaseSortLib.inf
ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf
FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89160): https://edk2.groups.io/g/devel/message/89160
Mute This Topic: https://groups.io/mt/90595285/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH V3 5/9] OvmfPkg/IntelTdx: Measure Td HobList and Configuration FV

[Yao, Jiewen]

The Root-of-Trust for Measurement (RTM) for TDX is TDX-Module. The TDX-Module 
will enforce the MRTD calculation for the TDVF code.
Then TDVF can then act as Chain-of-Trust for Measurement (CTM) to setup RTMR 
and continue the rest.

It is described in [TDX-Module] Chapter 11, [TDVF] Chapter 8.

[TDX-Module] 
https://www.intel.com/content/dam/develop/external/us/en/documents/tdx-module-1.0-public-spec-v0.931.pdf
[TDVF] 
https://www.intel.com/content/dam/develop/external/us/en/documents/tdx-virtual-firmware-design-guide-rev-1.01.pdf


> -Original Message-
> From: Gerd Hoffmann 
> Sent: Thursday, April 21, 2022 12:29 AM
> To: James Bottomley 
> Cc: Yao, Jiewen ; devel@edk2.groups.io; Xu, Min M
> ; Ard Biesheuvel ; Justen,
> Jordan L ; Brijesh Singh ;
> Aktas, Erdem ; Tom Lendacky
> 
> Subject: Re: [edk2-devel] [PATCH V3 5/9] OvmfPkg/IntelTdx: Measure Td
> HobList and Configuration FV
> 
>   Hi,
> 
> > > So, no matter what the order is, you'll figure the system got
> > > compromised after the fact, when checking the hashes later, and in
> > > turn take actions like refusing to hand out secrets to the
> > > compromised system.
> >
> > Not if the code falsifies the measurement both in the log and to the
> > TPM.  That's why the requirement of measured boot is you start with a
> > small rom based root of trust, which can't be updated because it's in
> > rom.  It measures the next stage (usually PEI) before executing it so
> > that the measurement in the TPM would change if the next stage (which
> > is often in flash) got compromised, so any tampering is certain to be
> > detected and if the compromised code tries to falsify the log, the log
> > now wouldn't match the TPM, so it can't evade detection.
> 
> How do we establish the root of trust in case of TDX?  We don't have a
> real rom in virtual machines ...
> 
> Does the tdx firmware measure the firmware code before running it?
> 
> Why handle CFV and BFV differently?  Wouldn't it be easier to have the
> tdx firmware simply measure the complete OVMF.fd image, given that tdx
> doesn't support flash and thus we don't have the code/vars split in the
> first place?
> 
> The TD HobList is prepared by the hypervisor and present at launch time,
> so possibly the tdx firmware could measure it too before handing over
> control to the guest?
> 
> take care,
>   Gerd



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89159): https://edk2.groups.io/g/devel/message/89159
Mute This Topic: https://groups.io/mt/90531017/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [edk2-platforms][PATCH v1 10/10] PlatformStandaloneMmPkg: Add VariableFlashInfoLib

[Michael Kubacki]

From: Michael Kubacki 

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3479

Adds an instance for the library class VariableFlashInfoLib that
was recently introduced in MdeModulePkg. This change is made to
allow the new variable driver to build that has a dependency on
this library class and does not require any further platform
changes.

Cc: Sami Mujawar 
Cc: Ilias Apalodimas 
Signed-off-by: Michael Kubacki 
---
 Platform/StandaloneMm/PlatformStandaloneMmPkg/PlatformStandaloneMmRpmb.dsc | 1 
+
 1 file changed, 1 insertion(+)

diff --git 
a/Platform/StandaloneMm/PlatformStandaloneMmPkg/PlatformStandaloneMmRpmb.dsc 
b/Platform/StandaloneMm/PlatformStandaloneMmPkg/PlatformStandaloneMmRpmb.dsc
index 33364deb1ef0..653029c52fdb 100644
--- a/Platform/StandaloneMm/PlatformStandaloneMmPkg/PlatformStandaloneMmRpmb.dsc
+++ b/Platform/StandaloneMm/PlatformStandaloneMmPkg/PlatformStandaloneMmRpmb.dsc
@@ -34,6 +34,7 @@ [LibraryClasses]
   ArmLib|ArmPkg/Library/ArmLib/ArmBaseLib.inf
   BaseLib|MdePkg/Library/BaseLib/BaseLib.inf
   SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf
+  
VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf
   
VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
   BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf
   
DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf
-- 
2.28.0.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89158): https://edk2.groups.io/g/devel/message/89158
Mute This Topic: https://groups.io/mt/90592933/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [edk2-platforms][PATCH v1 09/10] Softiron: Add VariableFlashInfoLib

[Michael Kubacki]

From: Michael Kubacki 

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3479

Adds an instance for the library class VariableFlashInfoLib that
was recently introduced in MdeModulePkg. This change is made to
allow the new variable driver to build that has a dependency on
this library class and does not require any further platform
changes.

Cc: Ard Biesheuvel 
Cc: Leif Lindholm 
Signed-off-by: Michael Kubacki 
---
 Platform/SoftIron/Overdrive1000Board/Overdrive1000Board.dsc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Platform/SoftIron/Overdrive1000Board/Overdrive1000Board.dsc 
b/Platform/SoftIron/Overdrive1000Board/Overdrive1000Board.dsc
index 25fafca51852..37ce04f6a9e3 100644
--- a/Platform/SoftIron/Overdrive1000Board/Overdrive1000Board.dsc
+++ b/Platform/SoftIron/Overdrive1000Board/Overdrive1000Board.dsc
@@ -121,6 +121,7 @@ [LibraryClasses.common]
   
RealTimeClockLib|Silicon/AMD/Styx/Library/RealTimeClockLib/RealTimeClockLib.inf
   TimeBaseLib|EmbeddedPkg/Library/TimeBaseLib/TimeBaseLib.inf
 
+  
VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf
   
VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
   
VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf
   CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf
-- 
2.28.0.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89157): https://edk2.groups.io/g/devel/message/89157
Mute This Topic: https://groups.io/mt/90592930/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [edk2-platforms][PATCH v1 08/10] Socionext: Add VariableFlashInfoLib

[Michael Kubacki]

From: Michael Kubacki 

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3479

Adds an instance for the library class VariableFlashInfoLib that
was recently introduced in MdeModulePkg. This change is made to
allow the new variable driver to build that has a dependency on
this library class and does not require any further platform
changes.

Cc: Ard Biesheuvel 
Cc: Leif Lindholm 
Cc: Masami Hiramatsu 
Signed-off-by: Michael Kubacki 
---
 Platform/Socionext/SynQuacerEvalBoard/SynQuacerEvalBoard.dsc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Platform/Socionext/SynQuacerEvalBoard/SynQuacerEvalBoard.dsc 
b/Platform/Socionext/SynQuacerEvalBoard/SynQuacerEvalBoard.dsc
index 690cdef9d91c..a052de49c958 100644
--- a/Platform/Socionext/SynQuacerEvalBoard/SynQuacerEvalBoard.dsc
+++ b/Platform/Socionext/SynQuacerEvalBoard/SynQuacerEvalBoard.dsc
@@ -128,6 +128,7 @@ [LibraryClasses.common]
 
   NorFlashInfoLib|EmbeddedPkg/Library/NorFlashInfoLib/NorFlashInfoLib.inf
 
+  
VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf
   
VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
 
 [LibraryClasses.common.SEC]
-- 
2.28.0.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89156): https://edk2.groups.io/g/devel/message/89156
Mute This Topic: https://groups.io/mt/90592928/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [edk2-platforms][PATCH v1 06/10] RaspberryPi: Add VariableFlashInfoLib

[Michael Kubacki]

From: Michael Kubacki 

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3479

Adds an instance for the library class VariableFlashInfoLib that
was recently introduced in MdeModulePkg. This change is made to
allow the new variable driver to build that has a dependency on
this library class and does not require any further platform
changes.

Cc: Ard Biesheuvel 
Cc: Leif Lindholm 
Cc: Jeremy Linton 
Signed-off-by: Michael Kubacki 
---
 Platform/RaspberryPi/RPi3/RPi3.dsc | 1 +
 Platform/RaspberryPi/RPi4/RPi4.dsc | 1 +
 2 files changed, 2 insertions(+)

diff --git a/Platform/RaspberryPi/RPi3/RPi3.dsc 
b/Platform/RaspberryPi/RPi3/RPi3.dsc
index 6dc48dc23302..0eed03c097f8 100644
--- a/Platform/RaspberryPi/RPi3/RPi3.dsc
+++ b/Platform/RaspberryPi/RPi3/RPi3.dsc
@@ -174,6 +174,7 @@ [LibraryClasses.common]
   
AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf
 !endif
   VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
+  
VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf
   
VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf
   
VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
   GpioLib|Silicon/Broadcom/Bcm283x/Library/GpioLib/GpioLib.inf
diff --git a/Platform/RaspberryPi/RPi4/RPi4.dsc 
b/Platform/RaspberryPi/RPi4/RPi4.dsc
index a9c0c36bb12b..eabddd7382cf 100644
--- a/Platform/RaspberryPi/RPi4/RPi4.dsc
+++ b/Platform/RaspberryPi/RPi4/RPi4.dsc
@@ -174,6 +174,7 @@ [LibraryClasses.common]
   
AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf
 !endif
   VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
+  
VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf
   
VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf
   
VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
   GpioLib|Silicon/Broadcom/Bcm283x/Library/GpioLib/GpioLib.inf
-- 
2.28.0.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89154): https://edk2.groups.io/g/devel/message/89154
Mute This Topic: https://groups.io/mt/90592924/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [edk2-platforms][PATCH v1 07/10] U5SeriesPkg: Add VariableFlashInfoLib

[Michael Kubacki]

From: Michael Kubacki 

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3479

Adds an instance for the library class VariableFlashInfoLib that
was recently introduced in MdeModulePkg. This change is made to
allow the new variable driver to build that has a dependency on
this library class and does not require any further platform
changes.

Cc: Abner Chang 
Cc: Gilbert Chen 
Cc: Daniel Schaefer 
Signed-off-by: Michael Kubacki 
---
 Platform/SiFive/U5SeriesPkg/FreedomU500VC707Board/U500.dsc   | 1 +
 Platform/SiFive/U5SeriesPkg/FreedomU540HiFiveUnleashedBoard/U540.dsc | 1 +
 2 files changed, 2 insertions(+)

diff --git a/Platform/SiFive/U5SeriesPkg/FreedomU500VC707Board/U500.dsc 
b/Platform/SiFive/U5SeriesPkg/FreedomU500VC707Board/U500.dsc
index 318851332a7f..7b36b2c885e0 100644
--- a/Platform/SiFive/U5SeriesPkg/FreedomU500VC707Board/U500.dsc
+++ b/Platform/SiFive/U5SeriesPkg/FreedomU500VC707Board/U500.dsc
@@ -100,6 +100,7 @@ [LibraryClasses]
   ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf
   
UefiBootManagerLib|MdeModulePkg/Library/UefiBootManagerLib/UefiBootManagerLib.inf
   FdtLib|EmbeddedPkg/Library/FdtLib/FdtLib.inf
+  
VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf
   
VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
 
 # RISC-V Platform Library
diff --git 
a/Platform/SiFive/U5SeriesPkg/FreedomU540HiFiveUnleashedBoard/U540.dsc 
b/Platform/SiFive/U5SeriesPkg/FreedomU540HiFiveUnleashedBoard/U540.dsc
index 98a6a69ca3ec..26895a75ec2f 100644
--- a/Platform/SiFive/U5SeriesPkg/FreedomU540HiFiveUnleashedBoard/U540.dsc
+++ b/Platform/SiFive/U5SeriesPkg/FreedomU540HiFiveUnleashedBoard/U540.dsc
@@ -100,6 +100,7 @@ [LibraryClasses]
   ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf
   
UefiBootManagerLib|MdeModulePkg/Library/UefiBootManagerLib/UefiBootManagerLib.inf
   FdtLib|EmbeddedPkg/Library/FdtLib/FdtLib.inf
+  
VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf
   
VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
 
 # RISC-V Platform Library
-- 
2.28.0.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89155): https://edk2.groups.io/g/devel/message/89155
Mute This Topic: https://groups.io/mt/90592926/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [edk2-platforms][PATCH v1 05/10] SbsaQemu: Add VariableFlashInfoLib

[Michael Kubacki]

From: Michael Kubacki 

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3479

Adds an instance for the library class VariableFlashInfoLib that
was recently introduced in MdeModulePkg. This change is made to
allow the new variable driver to build that has a dependency on
this library class and does not require any further platform
changes.

Cc: Ard Biesheuvel 
Cc: Leif Lindholm 
Cc: Graeme Gregory 
Cc: Radoslaw Biernacki 
Signed-off-by: Michael Kubacki 
---
 Platform/Qemu/SbsaQemu/SbsaQemu.dsc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Platform/Qemu/SbsaQemu/SbsaQemu.dsc 
b/Platform/Qemu/SbsaQemu/SbsaQemu.dsc
index 1d1a25196e22..97014e2fb630 100644
--- a/Platform/Qemu/SbsaQemu/SbsaQemu.dsc
+++ b/Platform/Qemu/SbsaQemu/SbsaQemu.dsc
@@ -163,6 +163,7 @@ [LibraryClasses.common]
   PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf
 
   VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
+  
VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf
   
VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf
   
VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
 
-- 
2.28.0.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89153): https://edk2.groups.io/g/devel/message/89153
Mute This Topic: https://groups.io/mt/90592917/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [edk2-platforms][PATCH v1 04/10] CelloBoard: Add VariableFlashInfoLib

[Michael Kubacki]

From: Michael Kubacki 

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3479

Adds an instance for the library class VariableFlashInfoLib that
was recently introduced in MdeModulePkg. This change is made to
allow the new variable driver to build that has a dependency on
this library class and does not require any further platform
changes.

Cc: Ard Biesheuvel 
Cc: Leif Lindholm 
Signed-off-by: Michael Kubacki 
---
 Platform/LeMaker/CelloBoard/CelloBoard.dsc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Platform/LeMaker/CelloBoard/CelloBoard.dsc 
b/Platform/LeMaker/CelloBoard/CelloBoard.dsc
index 11d989cf3463..6be8062e60f6 100644
--- a/Platform/LeMaker/CelloBoard/CelloBoard.dsc
+++ b/Platform/LeMaker/CelloBoard/CelloBoard.dsc
@@ -119,6 +119,7 @@ [LibraryClasses.common]
   
RealTimeClockLib|Silicon/AMD/Styx/Library/RealTimeClockLib/RealTimeClockLib.inf
   TimeBaseLib|EmbeddedPkg/Library/TimeBaseLib/TimeBaseLib.inf
 
+  
VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf
   
VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf
   CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf
   
UefiBootManagerLib|MdeModulePkg/Library/UefiBootManagerLib/UefiBootManagerLib.inf
-- 
2.28.0.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89152): https://edk2.groups.io/g/devel/message/89152
Mute This Topic: https://groups.io/mt/90592915/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [edk2-platforms][PATCH v1 03/10] MinPlatformPkg: Add VariableFlashInfoLib

[Michael Kubacki]

From: Michael Kubacki 

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3479

Adds an instance for the library class VariableFlashInfoLib that
was recently introduced in MdeModulePkg. This change is made to
allow the new variable driver to build that has a dependency on
this library class and does not require any further platform
changes.

Cc: Chasel Chiu 
Cc: Nate DeSimone 
Cc: Liming Gao 
Cc: Eric Dong 
Signed-off-by: Michael Kubacki 
---
 Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc 
b/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc
index c3d05fc913a7..58a18fae6ec8 100644
--- a/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc
+++ b/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc
@@ -169,5 +169,6 @@ [LibraryClasses.common]
   
MmUnblockMemoryLib|MdePkg/Library/MmUnblockMemoryLib/MmUnblockMemoryLibNull.inf
 
   SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf
+  
VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf
   
VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf
   
VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
-- 
2.28.0.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89151): https://edk2.groups.io/g/devel/message/89151
Mute This Topic: https://groups.io/mt/90592912/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [edk2-platforms][PATCH v1 02/10] BeagleBoardPkg: Add VariableFlashInfoLib

[Michael Kubacki]

From: Michael Kubacki 

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3479

Adds an instance for the library class VariableFlashInfoLib that
was recently introduced in MdeModulePkg. This change is made to
allow the new variable driver to build that has a dependency on
this library class and does not require any further platform
changes.

Cc: Ard Biesheuvel 
Cc: Leif Lindholm 
Signed-off-by: Michael Kubacki 
---
 Platform/BeagleBoard/BeagleBoardPkg/BeagleBoardPkg.dsc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Platform/BeagleBoard/BeagleBoardPkg/BeagleBoardPkg.dsc 
b/Platform/BeagleBoard/BeagleBoardPkg/BeagleBoardPkg.dsc
index 7df306045d12..2de49fc0932c 100644
--- a/Platform/BeagleBoard/BeagleBoardPkg/BeagleBoardPkg.dsc
+++ b/Platform/BeagleBoard/BeagleBoardPkg/BeagleBoardPkg.dsc
@@ -137,6 +137,7 @@ [LibraryClasses.common]
   
AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf
   
TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
   VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
+  
VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf
   
VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
 
   
UefiDecompressLib|MdePkg/Library/BaseUefiDecompressLib/BaseUefiDecompressLib.inf
-- 
2.28.0.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89150): https://edk2.groups.io/g/devel/message/89150
Mute This Topic: https://groups.io/mt/90592911/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [edk2-platforms][PATCH v1 01/10] OverdriveBoard: Add VariableFlashInfoLib

[Michael Kubacki]

From: Michael Kubacki 

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3479

Adds an instance for the library class VariableFlashInfoLib that
was recently introduced in MdeModulePkg. This change is made to
allow the new variable driver to build that has a dependency on
this library class and does not require any further platform
changes.

Cc: Ard Biesheuvel 
Cc: Leif Lindholm 
Signed-off-by: Michael Kubacki 
---
 Platform/AMD/OverdriveBoard/OverdriveBoard.dsc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Platform/AMD/OverdriveBoard/OverdriveBoard.dsc 
b/Platform/AMD/OverdriveBoard/OverdriveBoard.dsc
index fceb8b64dfde..236e8f1db3dd 100644
--- a/Platform/AMD/OverdriveBoard/OverdriveBoard.dsc
+++ b/Platform/AMD/OverdriveBoard/OverdriveBoard.dsc
@@ -125,6 +125,7 @@ [LibraryClasses.common]
   OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
   RngLib|MdePkg/Library/DxeRngLib/DxeRngLib.inf
   TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf
+  
VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf
   
VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
   
VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf
 
-- 
2.28.0.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89149): https://edk2.groups.io/g/devel/message/89149
Mute This Topic: https://groups.io/mt/90592907/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [edk2-platforms][PATCH v1 00/10] Add variableFlashInfoLib

[Michael Kubacki]

From: Michael Kubacki 

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3479

Adds an instance for the library class VariableFlashInfoLib that
was recently introduced in MdeModulePkg. This change is made to
allow the new variable driver to build that has a dependency on
this library class and does not require any further platform
changes.

Note that this series is for an upcoming change in MdeModulePkg
and requires that change to be present locally for testing.

https://edk2.groups.io/g/devel/message/88787

Cc: Abner Chang 
Cc: Ard Biesheuvel 
Cc: Chasel Chiu 
Cc: Daniel Schaefer 
Cc: Eric Dong 
Cc: Gilbert Chen 
Cc: Graeme Gregory 
Cc: Ilias Apalodimas 
Cc: Jeremy Linton 
Cc: Leif Lindholm 
Cc: Liming Gao 
Cc: Masami Hiramatsu 
Cc: Nate DeSimone 
Cc: Radoslaw Biernacki 
Cc: Sami Mujawar 
Signed-off-by: Michael Kubacki 

Michael Kubacki (10):
  OverdriveBoard: Add VariableFlashInfoLib
  BeagleBoardPkg: Add VariableFlashInfoLib
  MinPlatformPkg: Add VariableFlashInfoLib
  CelloBoard: Add VariableFlashInfoLib
  SbsaQemu: Add VariableFlashInfoLib
  RaspberryPi: Add VariableFlashInfoLib
  U5SeriesPkg: Add VariableFlashInfoLib
  Socionext: Add VariableFlashInfoLib
  Softiron: Add VariableFlashInfoLib
  PlatformStandaloneMmPkg: Add VariableFlashInfoLib

 Platform/AMD/OverdriveBoard/OverdriveBoard.dsc | 1 
+
 Platform/BeagleBoard/BeagleBoardPkg/BeagleBoardPkg.dsc | 1 
+
 Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc| 1 
+
 Platform/LeMaker/CelloBoard/CelloBoard.dsc | 1 
+
 Platform/Qemu/SbsaQemu/SbsaQemu.dsc| 1 
+
 Platform/RaspberryPi/RPi3/RPi3.dsc | 1 
+
 Platform/RaspberryPi/RPi4/RPi4.dsc | 1 
+
 Platform/SiFive/U5SeriesPkg/FreedomU500VC707Board/U500.dsc | 1 
+
 Platform/SiFive/U5SeriesPkg/FreedomU540HiFiveUnleashedBoard/U540.dsc   | 1 
+
 Platform/Socionext/SynQuacerEvalBoard/SynQuacerEvalBoard.dsc   | 1 
+
 Platform/SoftIron/Overdrive1000Board/Overdrive1000Board.dsc| 1 
+
 Platform/StandaloneMm/PlatformStandaloneMmPkg/PlatformStandaloneMmRpmb.dsc | 1 
+
 12 files changed, 12 insertions(+)

-- 
2.28.0.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89148): https://edk2.groups.io/g/devel/message/89148
Mute This Topic: https://groups.io/mt/90592905/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v2 1/1] MdeModulePkg: Use SmmWaitForAllProcessor() in VariableSmm driver.

[Michael Kubacki]

If I understand this patch correctly, it is exactly duplicating the 
SmmCpuRendezvousLib library class/interface in ModeModulePkg because 
code there cannot depend on the library class/interface definition 
currently in UefiCpuPkg:


https://github.com/tianocore/edk2/blob/master/UefiCpuPkg/Include/Library/SmmCpuRendezvousLib.h

If that's the case, this is creating maintenance debt by requiring the 
two interfaces always be kept in sync and developer confusion.


It is okay to have an interface defined in a more broadly scoped package 
(e.g. MdePkg) with instances implemented in other packages.


For example, the HobLib interface is defined in MdePkg:

https://github.com/tianocore/edk2/blob/master/MdePkg/Include/Library/HobLib.h

But, instances are described in many other packages including a NULL 
instance in MdeModulePkg:


https://github.com/tianocore/edk2/blob/master/MdeModulePkg/Library/BaseHobLibNull/BaseHobLibNull.inf

And a Standalone MM instance in StandaloneMmPkg:

https://github.com/tianocore/edk2/blob/master/StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.inf

If this interface is actually consumed by MdeModulePkg, the interface 
should be defined in a single package that is allowed to be a dependency 
for MdeModulePkg. The NULL library instance referenced in the 
MdeModulePkg build should also be implemented in an allowed package.


The library interface should be removed from other packages 
(UefiCpuPkg). Other library instances can then be implemented elsewhere 
using the library class interface from the singly defined location.


Regards,
Michael

On 4/20/2022 1:32 PM, Li, Zhihao wrote:

REF： https://bugzilla.tianocore.org/show_bug.cgi?id=3854

In UefiCpuPkg, there are a new Protocol with the new service
SmmWaitForAllProcessor(), which can be used by SMI handler
to optionally wait for other APs to complete SMM rendezvous in
relaxed AP mode.

This patch use the new service to let VariableSmm driver work
normally in relaxed AP mode.

Due to MdeModulePkg can not depend on UefiCpuPkg, use null version
implementation in MdeModulePkg.dsc.

Cc: Jian J Wang 
Cc: Liming Gao 
Cc: Siyuan Fu 
Cc: Ni Ray 
Cc: Sami Mujawar 
Cc: Ilias Apalodimas 
Cc: Ard Biesheuvel 
Cc: Leif Lindholm 

Signed-off-by: Zhihao Li 
---
  MdeModulePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.c   | 29 

  MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c | 10 
++-
  MdeModulePkg/Include/Library/SmmCpuRendezvousLib.h   | 27 
++
  MdeModulePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.inf | 27 
++
  MdeModulePkg/MdeModulePkg.dec|  5 
+++-
  MdeModulePkg/MdeModulePkg.dsc|  5 
+++-
  MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf   |  3 
+-
  MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf  |  3 
+-
  8 files changed, 104 insertions(+), 5 deletions(-)

diff --git 
a/MdeModulePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.c 
b/MdeModulePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.c
new file mode 100644
index ..474195bbb374
--- /dev/null
+++ b/MdeModulePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.c
@@ -0,0 +1,29 @@
+/** @file

+  SMM CPU Rendezvous sevice implement.

+

+  Copyright (c) 2022, Intel Corporation. All rights reserved.

+  SPDX-License-Identifier: BSD-2-Clause-Patent

+

+**/

+

+#include 

+#include 

+

+/**

+  This routine wait for all AP processors to arrive in SMM.

+

+  @param[in] BlockingMode  Blocking mode or non-blocking mode.

+

+  @retval EFI_SUCCESS  All avaiable APs arrived.

+  @retval EFI_TIMEOUT  Wait for all APs until timeout.

+  @retval OTHERFail to register SMM CPU Rendezvous service Protocol.

+**/

+EFI_STATUS

+EFIAPI

+SmmWaitForAllProcessor (

+  IN BOOLEAN  BlockingMode

+  )

+{

+  ASSERT (FALSE);

+  return EFI_SUCCESS;

+}

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c 
b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
index 517cae7b00f8..52a9b0e6b202 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
@@ -14,7 +14,7 @@
VariableServiceSetVariable(), VariableServiceQueryVariableInfo(), 
ReclaimForOS(),

SmmVariableGetStatistics() should also do validation based on its own 
knowledge.

  


-Copyright (c) 2010 - 2019, Intel Corporation. All rights reserved.

+Copyright (c) 2010 - 2022, Intel Corporation. All rights reserved.

  Copyright (c) 2018, Linaro, Ltd. All rights reserved.

  SPDX-License-Identifier: BSD-2-Clause-Patent

  


@@ -28,6 +28,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
  


  #include 

  #include 

+#include 

  


  #include 

  #include "Variable.h"

@@ -656,6 +657,13 @@ SmmVariableHandler (
  goto 

Re: [edk2-devel] [PATCH v1 1/1] .azurepipelines: Add NOOPT to all package builds

[Michael Kubacki]

Here's a PR with this change that has an additional temp commit to 
trigger builds:


https://github.com/tianocore/edk2/pull/2806

Ignore the patch check failure, that is related to the temp commit.

Regards,
Michael

On 4/19/2022 9:43 PM, Michael Kubacki wrote:

From: Michael Kubacki 

The NOOPT build target is used for host-based unit tests. This
change adds the NOOPT target for all packages to ensure that tests
are executed if present.

If the host-based DSC is not specified in the packages CI YAML file,
the host-based compiler plugin will be reported as a skipped test.

Cc: Sean Brogan 
Cc: Bret Barkelew 
Cc: Michael D Kinney 
Cc: Liming Gao 
Signed-off-by: Michael Kubacki 
---
  .azurepipelines/templates/pr-gate-build-job.yml | 10 +-
  1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/.azurepipelines/templates/pr-gate-build-job.yml 
b/.azurepipelines/templates/pr-gate-build-job.yml
index 69e4c50afdbb..0e4ad019bf03 100644
--- a/.azurepipelines/templates/pr-gate-build-job.yml
+++ b/.azurepipelines/templates/pr-gate-build-job.yml
@@ -35,10 +35,10 @@ jobs:
  Build.Targets: 'RELEASE,NO-TARGET'
TARGET_NETWORK:
  Build.Pkgs: 'NetworkPkg,RedfishPkg'
-Build.Targets: 'DEBUG,RELEASE,NO-TARGET'
+Build.Targets: 'DEBUG,RELEASE,NO-TARGET,NOOPT'
TARGET_OTHER:
  Build.Pkgs: 'PcAtChipsetPkg,PrmPkg,ShellPkg,StandaloneMmPkg'
-Build.Targets: 'DEBUG,RELEASE,NO-TARGET'
+Build.Targets: 'DEBUG,RELEASE,NO-TARGET,NOOPT'
TARGET_FMP_FAT_TEST:
  Build.Pkgs: 
'FmpDevicePkg,FatPkg,UnitTestFrameworkPkg,DynamicTablesPkg'
  Build.Targets: 'DEBUG,RELEASE,NO-TARGET,NOOPT'
@@ -47,15 +47,15 @@ jobs:
  Build.Targets: 'DEBUG,RELEASE,NO-TARGET,NOOPT'
TARGET_SECURITY:
  Build.Pkgs: 'SecurityPkg'
-Build.Targets: 'DEBUG,RELEASE,NO-TARGET'
+Build.Targets: 'DEBUG,RELEASE,NO-TARGET,NOOPT'
TARGET_UEFIPAYLOAD:
  Build.Pkgs: 'UefiPayloadPkg'
-Build.Targets: 'DEBUG,RELEASE,NO-TARGET'
+Build.Targets: 'DEBUG,RELEASE,NO-TARGET,NOOPT'
TARGET_PLATFORMS:
  # For Platforms only check code. Leave it to Platform CI
  # to build them.
  Build.Pkgs: 'ArmVirtPkg,EmulatorPkg,OvmfPkg'
-Build.Targets: 'NO-TARGET'
+Build.Targets: 'NO-TARGET,NOOPT'
  
workspace:

  clean: all



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89146): https://edk2.groups.io/g/devel/message/89146
Mute This Topic: https://groups.io/mt/90576320/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v2 1/1] MdeModulePkg: Use SmmWaitForAllProcessor() in VariableSmm driver.

[Li, Zhihao]

REF： https://bugzilla.tianocore.org/show_bug.cgi?id=3854

In UefiCpuPkg, there are a new Protocol with the new service
SmmWaitForAllProcessor(), which can be used by SMI handler
to optionally wait for other APs to complete SMM rendezvous in
relaxed AP mode.

This patch use the new service to let VariableSmm driver work
normally in relaxed AP mode.

Due to MdeModulePkg can not depend on UefiCpuPkg, use null version
implementation in MdeModulePkg.dsc.

Cc: Jian J Wang 
Cc: Liming Gao 
Cc: Siyuan Fu 
Cc: Ni Ray 
Cc: Sami Mujawar 
Cc: Ilias Apalodimas 
Cc: Ard Biesheuvel 
Cc: Leif Lindholm 

Signed-off-by: Zhihao Li 
---
 MdeModulePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.c   | 29 

 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c | 10 
++-
 MdeModulePkg/Include/Library/SmmCpuRendezvousLib.h   | 27 
++
 MdeModulePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.inf | 27 
++
 MdeModulePkg/MdeModulePkg.dec|  5 
+++-
 MdeModulePkg/MdeModulePkg.dsc|  5 
+++-
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf   |  3 
+-
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf  |  3 
+-
 8 files changed, 104 insertions(+), 5 deletions(-)

diff --git 
a/MdeModulePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.c 
b/MdeModulePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.c
new file mode 100644
index ..474195bbb374
--- /dev/null
+++ b/MdeModulePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.c
@@ -0,0 +1,29 @@
+/** @file

+  SMM CPU Rendezvous sevice implement.

+

+  Copyright (c) 2022, Intel Corporation. All rights reserved.

+  SPDX-License-Identifier: BSD-2-Clause-Patent

+

+**/

+

+#include 

+#include 

+

+/**

+  This routine wait for all AP processors to arrive in SMM.

+

+  @param[in] BlockingMode  Blocking mode or non-blocking mode.

+

+  @retval EFI_SUCCESS  All avaiable APs arrived.

+  @retval EFI_TIMEOUT  Wait for all APs until timeout.

+  @retval OTHERFail to register SMM CPU Rendezvous service Protocol.

+**/

+EFI_STATUS

+EFIAPI

+SmmWaitForAllProcessor (

+  IN BOOLEAN  BlockingMode

+  )

+{

+  ASSERT (FALSE);

+  return EFI_SUCCESS;

+}

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c 
b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
index 517cae7b00f8..52a9b0e6b202 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
@@ -14,7 +14,7 @@
   VariableServiceSetVariable(), VariableServiceQueryVariableInfo(), 
ReclaimForOS(),

   SmmVariableGetStatistics() should also do validation based on its own 
knowledge.

 

-Copyright (c) 2010 - 2019, Intel Corporation. All rights reserved.

+Copyright (c) 2010 - 2022, Intel Corporation. All rights reserved.

 Copyright (c) 2018, Linaro, Ltd. All rights reserved.

 SPDX-License-Identifier: BSD-2-Clause-Patent

 

@@ -28,6 +28,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 

 #include 

 #include 

+#include 

 

 #include 

 #include "Variable.h"

@@ -656,6 +657,13 @@ SmmVariableHandler (
 goto EXIT;

   }

 

+  if ((SmmVariableHeader->Attributes & EFI_VARIABLE_NON_VOLATILE) != 0) {

+if (EFI_ERROR (SmmWaitForAllProcessor (TRUE))) {

+  DEBUG ((DEBUG_ERROR, "SetVariable: fail to wait for all AP check in 
SMM!\n"));

+  goto EXIT;

+}

+  }

+

   Status = VariableServiceSetVariable (

  SmmVariableHeader->Name,

  >Guid,

diff --git a/MdeModulePkg/Include/Library/SmmCpuRendezvousLib.h 
b/MdeModulePkg/Include/Library/SmmCpuRendezvousLib.h
new file mode 100644
index ..82e459e9106e
--- /dev/null
+++ b/MdeModulePkg/Include/Library/SmmCpuRendezvousLib.h
@@ -0,0 +1,27 @@
+/** @file

+  SMM CPU Rendezvous library header file.

+

+  Copyright (c) 2022, Intel Corporation. All rights reserved.

+  SPDX-License-Identifier: BSD-2-Clause-Patent

+

+**/

+

+#ifndef SMM_CPU_RENDEZVOUS_H_

+#define SMM_CPU_RENDEZVOUS_H_

+

+/**

+  This routine wait for all AP processors to arrive in SMM.

+

+  @param[in]  BlockingMode  Blocking mode or non-blocking mode.

+

+  @retval EFI_SUCCESS   All processors checked in to SMM.

+  @retval EFI_TIMEOUT   Wait for all APs until timeout.

+

+**/

+EFI_STATUS

+EFIAPI

+SmmWaitForAllProcessor (

+  IN  BOOLEAN  BlockingMode

+  );

+

+#endif

diff --git 
a/MdeModulePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.inf 
b/MdeModulePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.inf
new file mode 100644
index ..0bd4f39e7277
--- /dev/null
+++ b/MdeModulePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.inf
@@ -0,0 +1,27 @@
+## @file

+# SMM CPU Rendezvous service 

Re: [edk2-devel] [PATCH V3 5/9] OvmfPkg/IntelTdx: Measure Td HobList and Configuration FV

[Gerd Hoffmann]

  Hi,
 
> > So, no matter what the order is, you'll figure the system got
> > compromised after the fact, when checking the hashes later, and in
> > turn take actions like refusing to hand out secrets to the
> > compromised system.
> 
> Not if the code falsifies the measurement both in the log and to the
> TPM.  That's why the requirement of measured boot is you start with a
> small rom based root of trust, which can't be updated because it's in
> rom.  It measures the next stage (usually PEI) before executing it so
> that the measurement in the TPM would change if the next stage (which
> is often in flash) got compromised, so any tampering is certain to be
> detected and if the compromised code tries to falsify the log, the log
> now wouldn't match the TPM, so it can't evade detection.

How do we establish the root of trust in case of TDX?  We don't have a
real rom in virtual machines ...

Does the tdx firmware measure the firmware code before running it?

Why handle CFV and BFV differently?  Wouldn't it be easier to have the
tdx firmware simply measure the complete OVMF.fd image, given that tdx
doesn't support flash and thus we don't have the code/vars split in the
first place?

The TD HobList is prepared by the hypervisor and present at launch time,
so possibly the tdx firmware could measure it too before handing over
control to the guest?

take care,
  Gerd



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89144): https://edk2.groups.io/g/devel/message/89144
Mute This Topic: https://groups.io/mt/90531017/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v1 1/1] PrmPkg/DxePrmContextBufferLib: Fix unit test GCC compilation errors

[Sinha, Ankit]

Reviewed-by: Ankit Sinha 


> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of Michael
> Kubacki
> Sent: Monday, April 18, 2022 6:27 PM
> To: devel@edk2.groups.io
> Cc: Michael Kubacki ; Desimone, Nathaniel
> L ; Sinha, Ankit 
> Subject: [edk2-devel] [PATCH v1 1/1] PrmPkg/DxePrmContextBufferLib: Fix
> unit test GCC compilation errors
> 
> From: Michael Kubacki 
> 
> https://bugzilla.tianocore.org/show_bug.cgi?id=3905
> 
> Fixes GCC compilation errors in DxePrmContextBufferLibUnitTest.c.
> 
> Cc: Michael Kubacki 
> Cc: Nate DeSimone 
> Cc: Ankit Sinha 
> Signed-off-by: Michael Kubacki 
> ---
> 
> PrmPkg/Library/DxePrmContextBufferLib/UnitTest/DxePrmContextBufferLi
> bUnitTest.c | 28 +++-
>  1 file changed, 10 insertions(+), 18 deletions(-)
> 
> diff --git
> a/PrmPkg/Library/DxePrmContextBufferLib/UnitTest/DxePrmContextBuffer
> LibUnitTest.c
> b/PrmPkg/Library/DxePrmContextBufferLib/UnitTest/DxePrmContextBuffer
> LibUnitTest.c
> index e244e7b09575..fdc32993b82d 100644
> ---
> a/PrmPkg/Library/DxePrmContextBufferLib/UnitTest/DxePrmContextBuffer
> LibUnitTest.c
> +++
> b/PrmPkg/Library/DxePrmContextBufferLib/UnitTest/DxePrmContextBuffer
> +++ LibUnitTest.c
> @@ -237,17 +237,17 @@ NullPointerArgumentsShouldFailGracefully (
>PRM_MODULE_CONTEXT_BUFFERS  *ModuleContextBuffersPtr;
> 
>UT_ASSERT_EQUAL (FindContextBufferInModuleBuffers (NULL, NULL,
> NULL), EFI_INVALID_PARAMETER);
> -  UT_ASSERT_EQUAL (FindContextBufferInModuleBuffers (NULL,
> , ), EFI_INVALID_PARAMETER);
> -  UT_ASSERT_EQUAL (FindContextBufferInModuleBuffers (, NULL,
> ), EFI_INVALID_PARAMETER);
> +  UT_ASSERT_EQUAL (FindContextBufferInModuleBuffers (NULL,
> + , (CONST PRM_CONTEXT_BUFFER
> + **)), EFI_INVALID_PARAMETER);  UT_ASSERT_EQUAL
> + (FindContextBufferInModuleBuffers (, NULL, (CONST
> + PRM_CONTEXT_BUFFER **)),
> EFI_INVALID_PARAMETER);
>UT_ASSERT_EQUAL (FindContextBufferInModuleBuffers (,
> , NULL), EFI_INVALID_PARAMETER);
> 
>UT_ASSERT_EQUAL (GetModuleContextBuffers (ByModuleGuid, NULL,
> NULL), EFI_INVALID_PARAMETER);
> -  UT_ASSERT_EQUAL (GetModuleContextBuffers (ByModuleGuid, NULL,
> ), EFI_INVALID_PARAMETER);
> +  UT_ASSERT_EQUAL (GetModuleContextBuffers (ByModuleGuid, NULL,
> (CONST
> + PRM_MODULE_CONTEXT_BUFFERS **)),
> + EFI_INVALID_PARAMETER);
>UT_ASSERT_EQUAL (GetModuleContextBuffers (ByModuleGuid, ,
> NULL), EFI_INVALID_PARAMETER);
> 
>UT_ASSERT_EQUAL (GetContextBuffer (NULL, NULL, NULL),
> EFI_INVALID_PARAMETER);
> -  UT_ASSERT_EQUAL (GetContextBuffer (NULL, ,
> ), EFI_INVALID_PARAMETER);
> -  UT_ASSERT_EQUAL (GetContextBuffer (, NULL, ),
> EFI_NOT_FOUND);
> +  UT_ASSERT_EQUAL (GetContextBuffer (NULL, ,
> + (CONST PRM_CONTEXT_BUFFER **)),
> + EFI_INVALID_PARAMETER);  UT_ASSERT_EQUAL (GetContextBuffer
> (,
> + NULL, (CONST PRM_CONTEXT_BUFFER **)),
> EFI_NOT_FOUND);
>UT_ASSERT_EQUAL (GetContextBuffer (, ,
> NULL), EFI_INVALID_PARAMETER);
> 
>return UNIT_TEST_PASSED;
> @@ -322,7 +322,7 @@ InitializeFunctionalCorrectness (
> 
>  **/
>  STATIC
> -UNIT_TEST_STATUS
> +VOID
>  EFIAPI
>  DeInitializeFunctionalCorrectness (
>IN  UNIT_TEST_CONTEXT  Context
> @@ -332,7 +332,6 @@ DeInitializeFunctionalCorrectness (
>PRM_CONFIG_PROTOCOL   *PrmConfigProtocol;
>PRM_CONTEXT_BUFFERS_TEST_CONTEXT  *TestContext;
> 
> -  UT_ASSERT_NOT_NULL (Context);
>TestContext = (PRM_CONTEXT_BUFFERS_TEST_CONTEXT *)Context;
> 
>Status = gBS->HandleProtocol (
> @@ -340,7 +339,6 @@ DeInitializeFunctionalCorrectness (
>,
>(VOID **)
>);
> -  UT_ASSERT_NOT_EFI_ERROR (Status);
> 
>if (!EFI_ERROR (Status)) {
>  Status =  gBS->UninstallProtocolInterface ( @@ -348,13 +346,10 @@
> DeInitializeFunctionalCorrectness (
>   ,
>   PrmConfigProtocol
>   );
> -UT_ASSERT_NOT_EFI_ERROR (Status);
>  if (!EFI_ERROR (Status)) {
>FreePool (PrmConfigProtocol);
>  }
>}
> -
> -  return UNIT_TEST_PASSED;
>  }
> 
>  /**
> @@ -382,7 +377,7 @@ VerifyGetModuleContextBuffers (
>ContextBuffers = NULL;
>TestContext= (PRM_CONTEXT_BUFFERS_TEST_CONTEXT *)Context;
> 
> -  Status = GetModuleContextBuffers (TestContext->GuidSearchType,
> TestContext->Guid, );
> +  Status = GetModuleContextBuffers (TestContext->GuidSearchType,
> + TestContext->Guid, (CONST PRM_MODULE_CONTEXT_BUFFERS
> + **));
>UT_ASSERT_STATUS_EQUAL (Status, TestContext->ExpectedStatus);
> 
>if (!EFI_ERROR (TestContext->ExpectedStatus)) { @@ -419,14 +414,12 @@
> VerifyFindContextBufferInModuleBuffers (  {
>EFI_STATUS   Status;
>PRM_CONTEXT_BUFFER   *FoundContextBuffer;
> -  PRM_MODULE_CONTEXT_BUFFERS   *ContextBuffers;
>PRM_CONTEXT_BUFFER_TEST_CONTEXT  *TestContext;
> 
> -  ContextBuffers = NULL;
>FoundContextBuffer = NULL;
>TestContext= (PRM_CONTEXT_BUFFER_TEST_CONTEXT *)Context;
> 
> -  Status = 

Re: [edk2-devel] [PATCH V3 5/9] OvmfPkg/IntelTdx: Measure Td HobList and Configuration FV

[Gerd Hoffmann]

On Wed, Apr 20, 2022 at 09:46:13AM +, Yao, Jiewen wrote:
> Gerd
> I cannot agree your statement on ordering.
> 
> Smart attacker can forge the good measurement based upon the severity of 
> vulnerability.
> 
> One famous example in 2011:
> https://invisiblethingslab.com/resources/2011/Attacking_Intel_TXT_via_SINIT_hijacking.pdf
> Because the attack happens before PCR18 measurement, the PCR18 is forged 
> successfully.

Ok, understood.  The paper explains it nicely.

thanks,
  Gerd



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89142): https://edk2.groups.io/g/devel/message/89142
Mute This Topic: https://groups.io/mt/90531017/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v1 1/1] MdeModulePkg: Use SmmWaitForAllProcessor() in VariableSmm driver.

[Li, Zhihao]

Hi 

As Liming's mail below, PlatformStandaloneMm.fdf, DeveloperBoxMm.fdf and 
PlatformStandaloneMmRpmb.fdf consume 
VariableStandaloneMm module.
I send the patch that made VariableStandaloneMm driver use 
SmmWaitForAllProcessor function and depend on SmmCpuRendezvousLib. In 
MdeModulePkg, it will be a NullLib version. The patch_V2 using nulllib version 
will send later and will cc you.

If any problem in it, please give me some comments.

Thanks a lot 
Best Regard
Zhihao

> -Original Message-
> From: gaoliming 
> Sent: Sunday, April 17, 2022 11:28 AM
> To: devel@edk2.groups.io; Li, Zhihao ; 'Michael Kubacki'
> ; 'Ard Biesheuvel'
> ; 'Leif Lindholm' ; 'Sean
> Brogan' 
> Cc: Wang, Jian J ; Fu, Siyuan ; 
> Ni,
> Ray ; Kinney, Michael D ; Yao,
> Jiewen 
> Subject: 回复: [edk2-devel] [PATCH v1 1/1] MdeModulePkg: Use
> SmmWaitForAllProcessor() in VariableSmm driver.
> 
> Zhihao:
>   I see three platforms in edk2-platforms to consume VariableStandaloneMm
> module. So, I think this change will impact them. Can you confirm this change
> with those platform owners?
> 
> Platform\ARM\SgiPkg\PlatformStandaloneMm.fdf
> Platform\Socionext\DeveloperBox\DeveloperBoxMm.fdf
> Platform\StandaloneMm\PlatformStandaloneMmPkg\PlatformStandaloneMmR
> pmb.fdf
> 
> Thanks
> Liming
> > -邮件原件-
> > 发件人: devel@edk2.groups.io  代表 Li, Zhihao
> > 发送时间: 2022年4月15日 17:12
> > 收件人: Gao, Liming ; devel@edk2.groups.io;
> > 'Michael Kubacki' ; 'Ard Biesheuvel'
> > ; 'Leif Lindholm' ;
> > 'Sean Brogan' 
> > 抄送: Wang, Jian J ; Fu, Siyuan
> > ; Ni, Ray ; Kinney, Michael D
> > ; Yao, Jiewen 
> > 主题: Re: [edk2-devel] [PATCH v1 1/1] MdeModulePkg: Use
> > SmmWaitForAllProcessor() in VariableSmm driver.
> >
> > I see the configuration in MdeModulePkg\MdeModulePkg.ci.yaml. I add
> > SmmCpuRendezvousLib.h in MdeModulePkg/Include/Library folder so that
> > it doesn't need add UefiCpuPkg.dec in [Packages] and bypass the check.
> >
> > For the second point, due to the patch pass the CI test, it also pass
> > the PlatformCI_ArmVirtPkg. I don't realize that any problem in Arm
> > platform build.
> > Leif and Ard
> > Does the patch has any influence on arm platform build?
> >
> > Liming:
> > If the solution is not acceptable, how about I create NULL version of
> > SmmCpuRendezvousLib in MdeModulePkg and use it in MdeModulePkg.dsc?
> > Is that a acceptable solution for you?
> >
> > > -Original Message-
> > > From: gaoliming 
> > > Sent: Wednesday, April 13, 2022 9:30 AM
> > > To: Li, Zhihao ; devel@edk2.groups.io; 'Michael
> > Kubacki'
> > > ; 'Ard Biesheuvel'
> > > ; 'Leif Lindholm' ;
> > > 'Sean Brogan' 
> > > Cc: Wang, Jian J ; Fu, Siyuan
> > > ;
> > Ni,
> > > Ray ; Kinney, Michael D
> > > ;
> > Yao,
> > > Jiewen 
> > > Subject: 回复: [edk2-devel] [PATCH v1 1/1] MdeModulePkg: Use
> > > SmmWaitForAllProcessor() in VariableSmm driver.
> > >
> > > Zhihao:
> > >   I remember CI has the check for the package dependency. If this
> > > patch
> > passes
> > > CI, seemly this checker doesn't do. You can see DependencyCheck in
> > > MdeModulePkg\MdeModulePkg.ci.yaml.
> > >   And, this patch introduces new dependency in VariableStandaloneMm.
> > > It
> > has
> > > been used in edk2 platform ARM platform. This change will break
> > > these
> > platform
> > > build. Please notify the platform owners.
> > >
> > > Sean and Michael:
> > >   This patch adds UefiCpuPkg library instance SmmCpuRendezvousLib
> > > into MdeModulePkg.dsc. But, CI can pass. Is this the expected behavior?
> > >
> > > Thanks
> > > Liming
> > > > -邮件原件-
> > > > 发件人: Li, Zhihao 
> > > > 发送时间: 2022年4月13日 2:14
> > > > 收件人: Gao, Liming ;
> > devel@edk2.groups.io
> > > > 抄送: Wang, Jian J ; Fu, Siyuan
> > > > ; Ni, Ray ; Kinney, Michael
> > > > D 
> > > > 主题: RE: [edk2-devel] [PATCH v1 1/1] MdeModulePkg: Use
> > > > SmmWaitForAllProcessor() in VariableSmm driver.
> > > >
> > > > 1. Although SmmCpuRendezvousLib in UefiCpuPkg, add
> > SmmRendezvousLib.h
> > > > into MdeModulePkg/Include/Library folder bypass the check.
> > > > 2. The SmmRendezvousLib is a standalone MM library and doesn’t
> > > > have any DXE service dependency. It can be used by SMM variable
> > > > module and MM variable module.
> > > >
> > > > As the patch following, it have passed the Edk2 CI test. The code
> > > > can run successfully in practice, but I'm not sure if this is
> > > > acceptable in terms of the standard.
> > > >
> > > > -Original Message-
> > > > From: gaoliming 
> > > > Sent: Tuesday, April 12, 2022 9:00 AM
> > > > To: devel@edk2.groups.io; Li, Zhihao 
> > > > Cc: Wang, Jian J ; Fu, Siyuan
> > > > ; Ni, Ray ; Kinney, Michael
> > > > D 
> > > > Subject: 回复: [edk2-devel] [PATCH v1 1/1] MdeModulePkg: Use
> > > > SmmWaitForAllProcessor() in VariableSmm driver.
> > > >
> > > > Zhihao:
> > > >   This patch breaks two things. One is to let MdeModulePkg depend
> > > > on UefiCpuPkg, another is to let VariableStandaloneMm depend on
> > > > UefiCpuPkg SmmCpuRendezvousLib. Please provide your 

Re: [edk2-devel] Some questions about Azure CI

[Michael Kubacki]

My understanding is that you were referring to the document on my fork 
being difficult to access and you shared a link to your CI results that 
does not have the message pointing to the wiki page yet.


This is all correct. The wiki content has moved from my fork to the 
official wiki page and the patch that adds the message to the CI results 
has not been merged yet. It is posted on the mailing list here and 
waiting for reviews:


https://edk2.groups.io/g/devel/message/89098

---

As for your build failing between yesterday and today, note that the 
builds are based on different commits.


Yesterday:
https://github.com/loongson/edk2/commit/8d100910a2ad98b71acaabc0dcdd70be7e0eba63

Today:
https://github.com/loongson/edk2/commit/6ca5d9d6c55ca773a652fe52508e980c7aa372d3

The commits have different content. In particular, I took a quick look 
at a build that is failing now (Build_GCC5 TARGET_MDEMODULE_DEBUG) but 
previously succeeded.


The compilation step is failing for reasons such as the following:

INFO - 
/home/vsts/work/1/s/MdePkg/Include/LoongArch64/ProcessorBind.h:35:24: 
error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘UINT16’

INFO -35 | typedef unsigned shor  UINT16;

Notice, that there is a typo introduced in the new commit. "shor" versus 
"short", this is what is causing compilation failure.


Here is a comparison of those two commits showing the line in 
ProcessorBind.h that is causing the problem:


https://github.com/loongson/edk2/compare/8d10091..6ca5d9d#diff-50b24eb92c5785d5c70097a70104040fcacfb70225dd8196c1a97ef3bbb305c8R35-R36

Regards,
Michael

On 4/20/2022 7:08 AM, Chao Li wrote:

Hi Micheal,

Do you know if anyone has modified the Azure CI today? I did a CI test 
today, and many modules reported errors, but yesterday, only two modules 
reported errors, I don't know what happened. Please refer following two 
links:


Today:
https://dev.azure.com/kilaterlee/LoongArch_edk2/_build/results?buildId=32=results 


Yesterday:
https://dev.azure.com/kilaterlee/LoongArch_edk2/_build/results?buildId=31=results 



--
Thanks,
Chao



On 4月 20 2022, at 6:10 晚上, Chao Li  wrote:

Hi Micheal,

Sorry for late reply, I'm busy with other things, focusing on
modifying our code, refer to the detailed error log file.

I am learning how to get the detailed log from this link:

https://github.com/makubacki/tianocore.github.io/blob/add_ci_uncrustify_instructions/EDK-II-Code-Formatting.md#how-to-find-uncrustify-formatting-errors-in-continuous-integration-ci

.
I didn't find the detailed log link in the Azure error log, it looks
like:

https://dev.azure.com/kilaterlee/LoongArch_edk2/_build/results?buildId=31=logs=9701361e-2546-5093-77e5-58c75d95b7ce=27131ef8-75e1-57c3-3236-d806181f2f1f

.

--
Thanks,
Chao



On 4月 20 2022, at 9:56 上午, "Michael Kubacki"
 wrote:

Hi Chao,

Are you referring to the change I made to put the link to the
instructions in the build log. Here's an example of what that
will look
like:


https://github.com/makubacki/tianocore.github.io/blob/temp_show_uncrustify_ci_link_in_build_log/images/edk-ii-code-formatting/temp-example-instruction-link-in-build-log.png?raw=true

(some of the words running together are not in the actual change)

I'm open to 

Re: [edk2-devel] [PATCH V3 5/9] OvmfPkg/IntelTdx: Measure Td HobList and Configuration FV

[James Bottomley]

On Wed, 2022-04-20 at 10:16 +0200, Gerd Hoffmann wrote:
>   Hi,
> 
> > > Yes for validation (aka sanity-checking the fields, etc).
> > > But for measurement I don't see why the ordering matters.
> > > Whenever you do that before or after consuming the TdHob
> > > should not make a difference.
> > 
> > [Jiewen] I disagree. The order matters from security perspective.
> > If you use it, there is risk that the buggy code will compromise
> > the system before you have chance to measure it.
> 
> Measurement will only record hashes for verification later on.
> It will not prevent running possibly buggy/compromised code.

This is true, but this is also the design of measured boot: it's for
proof of correctness (or not) after the fact.  Secure boot is more the
technology that can prevent boot.

> So, no matter what the order is, you'll figure the system got
> compromised after the fact, when checking the hashes later, and in
> turn take actions like refusing to hand out secrets to the
> compromised system.

Not if the code falsifies the measurement both in the log and to the
TPM.  That's why the requirement of measured boot is you start with a
small rom based root of trust, which can't be updated because it's in
rom.  It measures the next stage (usually PEI) before executing it so
that the measurement in the TPM would change if the next stage (which
is often in flash) got compromised, so any tampering is certain to be
detected and if the compromised code tries to falsify the log, the log
now wouldn't match the TPM, so it can't evade detection.

The requirement from the TCG is that the trusted code measures the
untrusted code through the TPM before executing it to get this
proveable detection of tampering.  The TCG allows you to be elastic
about when you record the measurements in the log as long as you
measure through the TPM at the correct points.

The above applies equally to TPM substitutes like the TDX msrs.

James




-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89139): https://edk2.groups.io/g/devel/message/89139
Mute This Topic: https://groups.io/mt/90531017/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 1/1] CryptoPkg/Crt: fix strcpy build on older VS compilers

[Yao, Jiewen]

Merged - https://github.com/tianocore/edk2/pull/2805

> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of Yao, Jiewen
> Sent: Wednesday, April 20, 2022 3:01 PM
> To: Gerd Hoffmann ; devel@edk2.groups.io
> Cc: Lu, Xiaoyu1 ; Oliver Steffen ;
> Pawel Polawski ; Jiang, Guomin
> ; Wang, Jian J 
> Subject: Re: [edk2-devel] [PATCH 1/1] CryptoPkg/Crt: fix strcpy build on 
> older VS
> compilers
> 
> Reviewed-by: Jiewen Yao 
> 
> > -Original Message-
> > From: Gerd Hoffmann 
> > Sent: Wednesday, April 20, 2022 2:17 PM
> > To: devel@edk2.groups.io
> > Cc: Lu, Xiaoyu1 ; Oliver Steffen
> ;
> > Pawel Polawski ; Yao, Jiewen
> ;
> > Jiang, Guomin ; Wang, Jian J
> > ; Gerd Hoffmann 
> > Subject: [PATCH 1/1] CryptoPkg/Crt: fix strcpy build on older VS compilers
> >
> > Drop 'restrict' keyword which older visual studio compiler
> > versions complain about.
> >
> > Fixes: fab6285a73c4 ("CryptoPkg/CrtLibSupport: fix strcpy")
> > Signed-off-by: Gerd Hoffmann 
> > ---
> >  CryptoPkg/Library/Include/CrtLibSupport.h   | 4 ++--
> >  CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c | 4 ++--
> >  2 files changed, 4 insertions(+), 4 deletions(-)
> >
> > diff --git a/CryptoPkg/Library/Include/CrtLibSupport.h
> > b/CryptoPkg/Library/Include/CrtLibSupport.h
> > index bdc2654b6eef..e49060124ff6 100644
> > --- a/CryptoPkg/Library/Include/CrtLibSupport.h
> > +++ b/CryptoPkg/Library/Include/CrtLibSupport.h
> > @@ -397,8 +397,8 @@ inet_pton   (
> >
> >  char *
> >  strcpy (
> > -  char *restrict  strDest,
> > -  const char  *strSource
> > +  char*strDest,
> > +  const char  *strSource
> >);
> >
> >  //
> > diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
> > b/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
> > index 6fcbe5885e7b..c1fc33538f9b 100644
> > --- a/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
> > +++ b/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
> > @@ -267,8 +267,8 @@ strcspn (
> >
> >  char *
> >  strcpy (
> > -  char *restrict  strDest,
> > -  const char  *strSource
> > +  char*strDest,
> > +  const char  *strSource
> >)
> >  {
> >AsciiStrCpyS (strDest, MAX_STRING_SIZE, strSource);
> > --
> > 2.35.1
> 
> 
> 
> 
> 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89138): https://edk2.groups.io/g/devel/message/89138
Mute This Topic: https://groups.io/mt/90579023/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] Some questions about Azure CI

[Chao Li]

Hi Micheal,

Do you know if anyone has modified the Azure CI today? I did a CI test today, 
and many modules reported errors, but yesterday, only two modules reported 
errors, I don't know what happened. Please refer following two links:
Today:
https://dev.azure.com/kilaterlee/LoongArch_edk2/_build/results?buildId=32=results
 
(https://link.getmailspring.com/link/3fb8cf0a-bf1b-4a0a-924b-3b5f6d7eb...@getmailspring.com/0?redirect=https%3A%2F%2Fdev.azure.com%2Fkilaterlee%2FLoongArch_edk2%2F_build%2Fresults%3FbuildId%3D32%26view%3Dresults=ZGV2ZWxAZWRrMi5ncm91cHMuaW8%3D)
Yesterday:
https://dev.azure.com/kilaterlee/LoongArch_edk2/_build/results?buildId=31=results
 
(https://link.getmailspring.com/link/3fb8cf0a-bf1b-4a0a-924b-3b5f6d7eb...@getmailspring.com/1?redirect=https%3A%2F%2Fdev.azure.com%2Fkilaterlee%2FLoongArch_edk2%2F_build%2Fresults%3FbuildId%3D31%26view%3Dresults=ZGV2ZWxAZWRrMi5ncm91cHMuaW8%3D)

--
Thanks,
Chao


On 4月 20 2022, at 6:10 晚上, Chao Li  wrote:
> Hi Micheal,
>
> Sorry for late reply, I'm busy with other things, focusing on modifying our 
> code, refer to the detailed error log file.
> I am learning how to get the detailed log from this link:
> https://github.com/makubacki/tianocore.github.io/blob/add_ci_uncrustify_instructions/EDK-II-Code-Formatting.md#how-to-find-uncrustify-formatting-errors-in-continuous-integration-ci
>  
> (https://link.getmailspring.com/link/3fb8cf0a-bf1b-4a0a-924b-3b5f6d7eb...@getmailspring.com/2?redirect=https%3A%2F%2Flink.getmailspring.com%2Flink%2FCA5CE175-A392-4D5E-9BE9-392B7A97BB32%40getmailspring.com%2F0%3Fredirect%3Dhttps%253A%252F%252Fgithub.com%252Fmakubacki%252Ftianocore.github.io%252Fblob%252Fadd_ci_uncrustify_instructions%252FEDK-II-Code-Formatting.md%2523how-to-find-uncrustify-formatting-errors-in-continuous-integration-ci%26recipient%3DZGV2ZWxAZWRrMi5ncm91cHMuaW8%253D=ZGV2ZWxAZWRrMi5ncm91cHMuaW8%3D).
> I didn't find the detailed log link in the Azure error log, it looks like:
> https://dev.azure.com/kilaterlee/LoongArch_edk2/_build/results?buildId=31=logs=9701361e-2546-5093-77e5-58c75d95b7ce=27131ef8-75e1-57c3-3236-d806181f2f1f
>  
> (https://link.getmailspring.com/link/3fb8cf0a-bf1b-4a0a-924b-3b5f6d7eb...@getmailspring.com/3?redirect=https%3A%2F%2Flink.getmailspring.com%2Flink%2FCA5CE175-A392-4D5E-9BE9-392B7A97BB32%40getmailspring.com%2F1%3Fredirect%3Dhttps%253A%252F%252Fdev.azure.com%252Fkilaterlee%252FLoongArch_edk2%252F_build%252Fresults%253FbuildId%253D31%2526view%253Dlogs%2526j%253D9701361e-2546-5093-77e5-58c75d95b7ce%2526t%253D27131ef8-75e1-57c3-3236-d806181f2f1f%26recipient%3DZGV2ZWxAZWRrMi5ncm91cHMuaW8%253D=ZGV2ZWxAZWRrMi5ncm91cHMuaW8%3D).
>
> --
> Thanks,
> Chao
> 
>
>
>
> On 4月 20 2022, at 9:56 上午, "Michael Kubacki"  
> wrote:
> > Hi Chao,
> >
> > Are you referring to the change I made to put the link to the
> > instructions in the build log. Here's an example of what that will look
> > like:
> >
> > https://github.com/makubacki/tianocore.github.io/blob/temp_show_uncrustify_ci_link_in_build_log/images/edk-ii-code-formatting/temp-example-instruction-link-in-build-log.png?raw=true
> > (some of the words running together are not in the actual change)
> > I'm open to moving it elsewhere but developers will need to know how to
> > at least find that or they will have trouble fixing build issues.
> >
> > Regards,
> > Michael
> >
> >
> > On 4/19/2022 9:46 PM, Chao Li wrote:
> > > Hi Micheal,
> > > Using the way your provided the link, I found the detail log, thanks,
> > > but this way is not friendly to newbies, because they don't know how to
> > > find the tutorial.:)
> > >
> > > --
> > > Thanks,
> > > Chao
> > > 
> > >
> > >
> > > On 4月 20 2022, at 7:43 早上, "Michael Kubacki"
> > >  wrote:
> > >
> > > The wiki update is here:
> > > https://github.com/makubacki/tianocore.github.io/blob/add_ci_uncrustify_instructions/EDK-II-Code-Formatting.md#how-to-find-uncrustify-formatting-errors-in-continuous-integration-ci
> > >
> > > I am waiting for permissions to be updated so I can update the actual
> > > wiki page and then I'll send a patch for the plugin change with the link
> > > to that section.
> > >
> > > Regards,
> > > Michael
> > >
> > > On 4/19/2022 6:15 PM, Michael Kubacki wrote:
> > > > I agree that is ideal but I'm not aware of how to do that at the
> > > moment.
> > > >
> > > > Thanks,
> > > > Michael
> > > >
> > > > On 4/19/2022 4:52 PM, Michael D Kinney wrote:
> > > >> Hi Michael,
> > > >>
> > > >> Can the build log provide a direct link to the log file artifact
> > > if an
> > > >> error is detected?
> > > >>
> > > >> Mike
> > > >>
> > > >>> -Original Message-
> > > >>> From: devel@edk2.groups.io  On Behalf Of
> > > >>> Michael Kubacki
> > > >>> Sent: Tuesday, April 19, 2022 12:42 PM
> > > >>> To: devel@edk2.groups.io; quic_rc...@quicinc.com;
> > > >>> spbro...@outlook.com; Chao Li 
> > > >>> Subject: Re: [edk2-devel] Some questions about Azure CI
> > > >>>
> > > 

Re: [edk2-devel] Some questions about Azure CI

[Chao Li]

Hi Micheal,

Sorry for late reply, I'm busy with other things, focusing on modifying our 
code, refer to the detailed error log file.
I am learning how to get the detailed log from this link:
https://github.com/makubacki/tianocore.github.io/blob/add_ci_uncrustify_instructions/EDK-II-Code-Formatting.md#how-to-find-uncrustify-formatting-errors-in-continuous-integration-ci
 
(https://link.getmailspring.com/link/ca5ce175-a392-4d5e-9be9-392b7a97b...@getmailspring.com/0?redirect=https%3A%2F%2Fgithub.com%2Fmakubacki%2Ftianocore.github.io%2Fblob%2Fadd_ci_uncrustify_instructions%2FEDK-II-Code-Formatting.md%23how-to-find-uncrustify-formatting-errors-in-continuous-integration-ci=ZGV2ZWxAZWRrMi5ncm91cHMuaW8%3D).
I didn't find the detailed log link in the Azure error log, it looks like:
https://dev.azure.com/kilaterlee/LoongArch_edk2/_build/results?buildId=31=logs=9701361e-2546-5093-77e5-58c75d95b7ce=27131ef8-75e1-57c3-3236-d806181f2f1f
 
(https://link.getmailspring.com/link/ca5ce175-a392-4d5e-9be9-392b7a97b...@getmailspring.com/1?redirect=https%3A%2F%2Fdev.azure.com%2Fkilaterlee%2FLoongArch_edk2%2F_build%2Fresults%3FbuildId%3D31%26view%3Dlogs%26j%3D9701361e-2546-5093-77e5-58c75d95b7ce%26t%3D27131ef8-75e1-57c3-3236-d806181f2f1f=ZGV2ZWxAZWRrMi5ncm91cHMuaW8%3D).

--
Thanks,
Chao


On 4月 20 2022, at 9:56 上午, "Michael Kubacki"  
wrote:
> Hi Chao,
>
> Are you referring to the change I made to put the link to the
> instructions in the build log. Here's an example of what that will look
> like:
>
> https://github.com/makubacki/tianocore.github.io/blob/temp_show_uncrustify_ci_link_in_build_log/images/edk-ii-code-formatting/temp-example-instruction-link-in-build-log.png?raw=true
> (some of the words running together are not in the actual change)
> I'm open to moving it elsewhere but developers will need to know how to
> at least find that or they will have trouble fixing build issues.
>
> Regards,
> Michael
>
>
> On 4/19/2022 9:46 PM, Chao Li wrote:
> > Hi Micheal,
> > Using the way your provided the link, I found the detail log, thanks,
> > but this way is not friendly to newbies, because they don't know how to
> > find the tutorial.:)
> >
> > --
> > Thanks,
> > Chao
> > 
> >
> >
> > On 4月 20 2022, at 7:43 早上, "Michael Kubacki"
> >  wrote:
> >
> > The wiki update is here:
> > https://github.com/makubacki/tianocore.github.io/blob/add_ci_uncrustify_instructions/EDK-II-Code-Formatting.md#how-to-find-uncrustify-formatting-errors-in-continuous-integration-ci
> >
> > I am waiting for permissions to be updated so I can update the actual
> > wiki page and then I'll send a patch for the plugin change with the link
> > to that section.
> >
> > Regards,
> > Michael
> >
> > On 4/19/2022 6:15 PM, Michael Kubacki wrote:
> > > I agree that is ideal but I'm not aware of how to do that at the
> > moment.
> > >
> > > Thanks,
> > > Michael
> > >
> > > On 4/19/2022 4:52 PM, Michael D Kinney wrote:
> > >> Hi Michael,
> > >>
> > >> Can the build log provide a direct link to the log file artifact
> > if an
> > >> error is detected?
> > >>
> > >> Mike
> > >>
> > >>> -Original Message-
> > >>> From: devel@edk2.groups.io  On Behalf Of
> > >>> Michael Kubacki
> > >>> Sent: Tuesday, April 19, 2022 12:42 PM
> > >>> To: devel@edk2.groups.io; quic_rc...@quicinc.com;
> > >>> spbro...@outlook.com; Chao Li 
> > >>> Subject: Re: [edk2-devel] Some questions about Azure CI
> > >>>
> > >>> Hi Rebecca,
> > >>>
> > >>> We are trying to keep the results reporting experience
> > consistent with
> > >>> other plugins and prevent an overwhelming amount of information
> > being
> > >>> printed to the build log.
> > >>>
> > >>> In case other errors are present, providing high-level
> > information from
> > >>> each plugin can help point the user in the right direction to
> > get more
> > >>> detail.
> > >>>
> > >>> I completely understand the concern though, so I'm planning to make
> > >>> another step toward providing more information about how to
> > debug an
> > >>> issue, when it occurs. That is to put the step-by-step
> > information about
> > >>> where to find the file diff into the EDK II Code Formatting
> > wiki page
> > >>> and then if a failure occurs, print a link to that section of
> > the wiki
> > >>> page. I am hoping this will provide sufficient information to
> > get to the
> > >>> file diff at the point of failure.
> > >>>
> > >>> I should be able to send these patches later today.
> > >>>
> > >>> Regards,
> > >>> Michael
> > >>>
> > >>> On 4/19/2022 12:43 PM, Rebecca Cran wrote:
> >  Since people are going to keep running into this, could we
> > just output
> >  the file diff to the console? That would avoid having to go
> > hunting for
> >  the log file.
> > 
> > >>>
> > >>>
> > >>>
> > >>>
> > >>
> > >>
> > >>
> > >>
> > >>
> > >>
> >
> >
> > Sent from Mailspring
> > 
>



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online 

Re: [edk2-devel] [PATCH v3 1/6] MdeModulePkg/PciHostBridge: io range is not mandatory

[Abner Chang]

> -Original Message-
> From: Gerd Hoffmann 
> Sent: Tuesday, April 19, 2022 9:15 PM
> To: devel@edk2.groups.io; Chang, Abner (HPS SW/FW Technologist)
> 
> Cc: Leif Lindholm ; Ard Biesheuvel
> ; Jordan Justen ;
> Jian J Wang ; Ray Ni ; Hao A Wu
> ; Jiewen Yao ; Liming Gao
> ; Pawel Polawski ;
> Oliver Steffen ; Ard Biesheuvel 
> Subject: Re: [edk2-devel] [PATCH v3 1/6] MdeModulePkg/PciHostBridge: io
> range is not mandatory
> 
> On Wed, Apr 13, 2022 at 01:44:55PM +, Abner Chang wrote:
> >
> >
> > > -Original Message-
> > > From: Gerd Hoffmann 
> > > Sent: Wednesday, April 13, 2022 4:12 PM
> > > To: devel@edk2.groups.io; Chang, Abner (HPS SW/FW Technologist)
> > > 
> > > Cc: Leif Lindholm ; Ard Biesheuvel
> > > ; Jordan Justen
> ;
> > > Jian J Wang ; Ray Ni ; Hao A
> Wu
> > > ; Jiewen Yao ; Liming
> Gao
> > > ; Pawel Polawski ;
> > > Oliver Steffen ; Ard Biesheuvel
> 
> > > Subject: Re: [edk2-devel] [PATCH v3 1/6] MdeModulePkg/PciHostBridge:
> io
> > > range is not mandatory
> > >
> > >   Hi,
> > >
> > > > > diff --git
> a/MdeModulePkg/Bus/Pci/PciHostBridgeDxe/PciHostBridge.c
> > > > > b/MdeModulePkg/Bus/Pci/PciHostBridgeDxe/PciHostBridge.c
> > > > > index b20bcd310ad5..51a3b987967f 100644
> > > > > --- a/MdeModulePkg/Bus/Pci/PciHostBridgeDxe/PciHostBridge.c
> > > > > +++ b/MdeModulePkg/Bus/Pci/PciHostBridgeDxe/PciHostBridge.c
> > > > > @@ -1085,6 +1085,9 @@ NotifyPhase (
> > > > >RootBridge->ResAllocNode[Index].Base   = BaseAddress;
> > > > >RootBridge->ResAllocNode[Index].Status = ResAllocated;
> > > > >DEBUG ((DEBUG_INFO, "Success\n"));
> > > > > +} else if (Index == TypeIo) {
> > > > How do we tell the BaseAddress is set to UINT64 because
> "(BaseAddress <
> > > Limit)" or "gDS->AllocateMemorySpace()" returns error in
> AllocateResource()
> > > for TypeIo ?
> > >
> > > Does the reason matter?
> > >
> > > io resources are optional, so if there is no io address space available
> > > it should not be a fatal error, no matter what the root cause is.
> > If the device requires I/O resource however the io address space is not
> available, shouldn't this an error?
> 
> How do you figure that?
> 
> The PCIe spec requires devices being fully functional without io address
> space resources, so in theory this case should not exist.  In practice
> things are not that simple unfortunately.  But the pure presence of an
> io bar doesn't imply it is actually required.
> 
> I think we can't do much about that at this point.  An actual driver for
> the device which has more knowledge about the device would be in a
> better position to figure whenever not having io resources is a fatal
> error or not.
Ok.
> 
> > > > Is "else if (Index == TypeIo  && RootBridge->Io.Base == MAX_UINT64)"
> > > more reliable? Or I missed the code logic here?
> > >
> > > I think it is not needed, but if you think it is better that way I can
> > > change it.
> > This is more clear to reader. That means that we don't have to treat it as 
> > an
> error on the TypeIo if the base address for it is MAX_UINT64.
> 
> Ok, I'll change it.
Thanks
Abner
> 
> take care,
>   Gerd



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89135): https://edk2.groups.io/g/devel/message/89135
Mute This Topic: https://groups.io/mt/90309345/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH V3 5/9] OvmfPkg/IntelTdx: Measure Td HobList and Configuration FV

[Yao, Jiewen]

Gerd
I cannot agree your statement on ordering.

Smart attacker can forge the good measurement based upon the severity of 
vulnerability.

One famous example in 2011:
https://invisiblethingslab.com/resources/2011/Attacking_Intel_TXT_via_SINIT_hijacking.pdf
Because the attack happens before PCR18 measurement, the PCR18 is forged 
successfully.




> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of Gerd
> Hoffmann
> Sent: Wednesday, April 20, 2022 4:17 PM
> To: Yao, Jiewen 
> Cc: devel@edk2.groups.io; Xu, Min M ; Ard Biesheuvel
> ; Justen, Jordan L ;
> Brijesh Singh ; Aktas, Erdem
> ; James Bottomley ; Tom
> Lendacky 
> Subject: Re: [edk2-devel] [PATCH V3 5/9] OvmfPkg/IntelTdx: Measure Td
> HobList and Configuration FV
> 
>   Hi,
> 
> > > Yes for validation (aka sanity-checking the fields, etc).
> > > But for measurement I don't see why the ordering matters.
> > > Whenever you do that before or after consuming the TdHob
> > > should not make a difference.
> >
> > [Jiewen] I disagree. The order matters from security perspective.
> > If you use it, there is risk that the buggy code will compromise the system
> before you have chance to measure it.
> 
> Measurement will only record hashes for verification later on.
> It will not prevent running possibly buggy/compromised code.
> 
> So, no matter what the order is, you'll figure the system got
> compromised after the fact, when checking the hashes later, and in turn
> take actions like refusing to hand out secrets to the compromised
> system.
> 
> > There was already known attacks: The measurement was in wrong place,
> > which caused the attack can forge the measurement.
> 
> Do you have a link or CVE number for me?
> 
> thanks,
>   Gerd
> 
> 
> 
> 
> 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89134): https://edk2.groups.io/g/devel/message/89134
Mute This Topic: https://groups.io/mt/90531017/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 0/4] CI: Use Fedora 35 container for Linux jobs

[Oliver Steffen]

On 20.04.2022 11:16, Ard Biesheuvel wrote:

On Wed, 20 Apr 2022 at 09:30, Gerd Hoffmann  wrote:


On Tue, Apr 19, 2022 at 11:54:38PM +0200, Ard Biesheuvel wrote:
> On Tue, 19 Apr 2022 at 09:35, Oliver Steffen  wrote:
> >
> > PR: https://github.com/tianocore/edk2/pull/2711
> >
> > Update CI, run all Linux (aka Ubuntu-GCC5) based jobs in a custom
> > Fedora 35 container.
>
> Why?
>
> > The image provides gcc 11 from Fedora for all
> > architectures. The external dependencies for gcc have been removed
> > so stuart does not download them. iasl and nasm are also
> > included in the image, but remain as ext-dep for now (CI jobs on
> > Windows need those).

^^^ this for example.

The idea is to (a) switch linux CI builds from vm images to container
images, and (b) use our own, custom container images.

This allows to roll the dependencies needed for CI into the container
images, so there is no need to download them in CI jobs.  Fixes
temporary CI failures due to network problems and download errors.

This also allows to remove any distribution-specific commands (apt-get
for example) from CI jobs.  This will be handled in the Dockerfiles used
to build our custom container images instead.

Oliver is also working on ubuntu containers, look here:

> > The Dockerfiles are here:
> > https://github.com/osteffenrh/edk2-build-images,

Fedora is a bit faster on updating stuff.  For example: ubuntu 22.04
uses gcc 11 whereas Fedora 36 uses gcc 12 (both distros are in beta
right now).  Whenever we want:

  (a) stick to ubuntu, or
  (b) switch to fedora, or
  (c) use both

is up for debate.

> > but they should, of
> > course, then move to a repo in the Tianocore group, or something like
> > that. The images are built automatically via GitHub Actions and then
> > pushed to ghcr.io.

That is the next question: where should we host the Dockerfiles and
container images?

For the Dockerfiles that should probably a git repo in the tianocore
group.

For the container images the obvious choices are github and azure.
Given that microsoft owns github I'd expect both github actions and
azure pipelines are running on the same cloud infrastructure and it
doesn't make much of a difference whenever github or azure container
registry is used to host container images.



Thanks for the explanation.

Please put information like this in the commit logs, rather than
assuming it will obvious to everyone without providing any background.


Will do.

There is a related discussion about CI and containers here:
https://github.com/tianocore/edk2/discussions/2614#discussioncomment-2595253
as well as in the meeting recording attached in that post.

Cheers,
 Oliver



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89133): https://edk2.groups.io/g/devel/message/89133
Mute This Topic: https://groups.io/mt/90557209/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 0/4] CI: Use Fedora 35 container for Linux jobs

[Ard Biesheuvel]

On Wed, 20 Apr 2022 at 09:30, Gerd Hoffmann  wrote:
>
> On Tue, Apr 19, 2022 at 11:54:38PM +0200, Ard Biesheuvel wrote:
> > On Tue, 19 Apr 2022 at 09:35, Oliver Steffen  wrote:
> > >
> > > PR: https://github.com/tianocore/edk2/pull/2711
> > >
> > > Update CI, run all Linux (aka Ubuntu-GCC5) based jobs in a custom
> > > Fedora 35 container.
> >
> > Why?
> >
> > > The image provides gcc 11 from Fedora for all
> > > architectures. The external dependencies for gcc have been removed
> > > so stuart does not download them. iasl and nasm are also
> > > included in the image, but remain as ext-dep for now (CI jobs on
> > > Windows need those).
>
> ^^^ this for example.
>
> The idea is to (a) switch linux CI builds from vm images to container
> images, and (b) use our own, custom container images.
>
> This allows to roll the dependencies needed for CI into the container
> images, so there is no need to download them in CI jobs.  Fixes
> temporary CI failures due to network problems and download errors.
>
> This also allows to remove any distribution-specific commands (apt-get
> for example) from CI jobs.  This will be handled in the Dockerfiles used
> to build our custom container images instead.
>
> Oliver is also working on ubuntu containers, look here:
>
> > > The Dockerfiles are here:
> > > https://github.com/osteffenrh/edk2-build-images,
>
> Fedora is a bit faster on updating stuff.  For example: ubuntu 22.04
> uses gcc 11 whereas Fedora 36 uses gcc 12 (both distros are in beta
> right now).  Whenever we want:
>
>   (a) stick to ubuntu, or
>   (b) switch to fedora, or
>   (c) use both
>
> is up for debate.
>
> > > but they should, of
> > > course, then move to a repo in the Tianocore group, or something like
> > > that. The images are built automatically via GitHub Actions and then
> > > pushed to ghcr.io.
>
> That is the next question: where should we host the Dockerfiles and
> container images?
>
> For the Dockerfiles that should probably a git repo in the tianocore
> group.
>
> For the container images the obvious choices are github and azure.
> Given that microsoft owns github I'd expect both github actions and
> azure pipelines are running on the same cloud infrastructure and it
> doesn't make much of a difference whenever github or azure container
> registry is used to host container images.
>

Thanks for the explanation.

Please put information like this in the commit logs, rather than
assuming it will obvious to everyone without providing any background.

For these changes,

Acked-by: Ard Biesheuvel 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89131): https://edk2.groups.io/g/devel/message/89131
Mute This Topic: https://groups.io/mt/90557209/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v2 09/14] OvmfPkg: Remove UefiCpuLib from module INFs.

[Ard Biesheuvel]

On Wed, 13 Apr 2022 at 10:14, Gerd Hoffmann  wrote:
>
> On Tue, Apr 12, 2022 at 10:51:39PM +0800, Yu Pu wrote:
> > Because UefiCpuPkg/UefiCpuLib is merged to MdePkg/CpuLib, remove the
> > dependency of UefiCpuLib.
> >
> > Cc: Ard Biesheuvel 
> > Cc: Jiewen Yao 
> > Cc: Jordan Justen 
> > Cc: Gerd Hoffmann 
> > Signed-off-by: Yu Pu 
>
> Acked-by: Gerd Hoffmann 
>

Acked-by: Ard Biesheuvel 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89130): https://edk2.groups.io/g/devel/message/89130
Mute This Topic: https://groups.io/mt/90431726/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v2 04/14] OvmfPkg: Add CpuLib to module INFs that depend on UefiCpuLib.

[Ard Biesheuvel]

On Wed, 13 Apr 2022 at 10:13, Gerd Hoffmann  wrote:
>
> On Tue, Apr 12, 2022 at 10:51:34PM +0800, Yu Pu wrote:
> > There are two libraries: MdePkg/CpuLib and UefiCpuPkg/UefiCpuLib and
> > UefiCpuPkg/UefiCpuLib will be merged to MdePkg/CpuLib. To avoid build
> > failure, add CpuLib dependency to all modules that depend on UefiCpuLib.
> >
> > Cc: Ard Biesheuvel 
> > Cc: Jiewen Yao 
> > Cc: Jordan Justen 
> > Cc: Gerd Hoffmann 
> > Signed-off-by: Yu Pu 
>
> Acked-by: Gerd Hoffmann 
>

Acked-by: Ard Biesheuvel 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89129): https://edk2.groups.io/g/devel/message/89129
Mute This Topic: https://groups.io/mt/90431721/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] 回复: [PATCH v2 1/1] MdePkg/Include: Use DEBUG_FILE_PATH to specify debug file path.

[Guomin Jiang]

Hi Liming,

I just add ```-D DEBUG_FILE_PATH=gEfiCallerBaseName``` to BuildOptions

Thanks
Guomin

> -Original Message-
> From: gaoliming 
> Sent: Sunday, April 17, 2022 11:21 AM
> To: Jiang, Guomin ; devel@edk2.groups.io
> Cc: Kinney, Michael D ; Liu, Zhiguang
> 
> Subject: 回复: [edk2-devel] 回复: [PATCH v2 1/1] MdePkg/Include: Use
> DEBUG_FILE_PATH to specify debug file path.
> 
> Guomin:
>   I understand the purpose. But, I don't see the complete solution to
> configure DEBUG_FILE_PATH for every source file in order to meet with the
> debug image reproducible builds. Have you verified this solution with the real
> DEBUG_FILE_PATH for every source file? Or, you just set DEBUG_FILE_PATH
> to the same value for the different source file?
> 
> Thanks
> Liming
> > -邮件原件-
> > 发件人: Jiang, Guomin 
> > 发送时间: 2022年4月13日 13:43
> > 收件人: devel@edk2.groups.io; Gao, Liming 
> > 抄送: Kinney, Michael D ; Liu, Zhiguang
> > 
> > 主题: RE: [edk2-devel] 回复: [PATCH v2 1/1] MdePkg/Include: Use
> > DEBUG_FILE_PATH to specify debug file path.
> >
> > Hi Liming,
> >
> > Below is the detail why need this change. If you only care usage.
> > Please jump to "How to use it" directly.
> >
> > Why need:
> > 1. Replication build is not new, you can refer
> > https://reproducible-builds.org for detail 2. The benefit is that 1)
> > make sure the same commit generate same binary so we can sure that it
> > is not modified by anyone 2) store the binary in the repo without
> > concern of different binary with same code.
> >
> > What's barrier in EDK2 implement?
> > 1. Very depend on Toolchain(for example VS, GCC, CLANG). Different
> > toolchain have different feature set and different toolchain version
> > have different feature set.
> > 2. Deploy new toolchain need big effort, include but not limit deploy
> > it in CI CD system, update toolchain, size concern, feature change,
> > etc
> >
> > What's the change:
> > 1. The change want to address one issue that we encounter in
> > replication
> > build: the ASSERT in EDK2 will be different in different environment.
> > For
> > example: file path, back slash or forward slash, etc
> >
> > How to use it:
> > 1. If you want to keep current ASSERT string format. No action is
> > required and the change keep back compatible 2. If you want to
> > customize the ASSERT string format. You can use additional tool to
> > generate PATH and define macro in BuildOptions or tools_def.
> >
> > Note:
> > 1. Replication build need many effort: 1) address the pdb path, 2)
> > address the timestamp, etc 2. This change is not target for resolving
> > all issue in replication build 3. I think it is a small step toward
> > space even though it haven't fix every thing.
> >
> > Thank
> > Guomin
> >
> > > -Original Message-
> > > From: devel@edk2.groups.io  On Behalf Of
> > > gaoliming
> > > Sent: Wednesday, April 13, 2022 9:03 AM
> > > To: Jiang, Guomin ; devel@edk2.groups.io
> > > Cc: Kinney, Michael D ; Liu, Zhiguang
> > > 
> > > Subject: [edk2-devel] 回复: [PATCH v2 1/1] MdePkg/Include: Use
> > > DEBUG_FILE_PATH to specify debug file path.
> > >
> > > Guomin:
> > >   Can you introduce DEBUG_FILE_PATH usage? If the developer wants to
> > > enable this feature, how configure DEBUG_FILE_PATH?
> > >
> > > Thanks
> > > Liming
> > > > -邮件原件-
> > > > 发件人: Guomin Jiang 
> > > > 发送时间: 2022年4月12日 18:25
> > > > 收件人: devel@edk2.groups.io
> > > > 抄送: Michael D Kinney ; Liming Gao
> > > > ; Zhiguang Liu 
> > > > 主题: [PATCH v2 1/1] MdePkg/Include: Use DEBUG_FILE_PATH to
> specify
> > > > debug file path.
> > > >
> > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3840
> > > >
> > > > Use DEBUG_FILE_PATH to control ASSERT path
> > > >
> > > > Motivation and Goal:
> > > > 1. Make replication build more easy and less toolchain dependency 2.
> > > > Consume the ASSERT string easy for downstream 3. Make code more
> > clear
> > > >
> > > > Cc: Michael D Kinney 
> > > > Cc: Liming Gao 
> > > > Cc: Zhiguang Liu 
> > > > Signed-off-by: Guomin Jiang 
> > > > ---
> > > >  MdePkg/Include/Library/DebugLib.h | 34
> > > > +--
> > > >  1 file changed, 23 insertions(+), 11 deletions(-)
> > > >
> > > > diff --git a/MdePkg/Include/Library/DebugLib.h
> > > > b/MdePkg/Include/Library/DebugLib.h
> > > > index 8d3d08638d73..a76a268a00b6 100644
> > > > --- a/MdePkg/Include/Library/DebugLib.h
> > > > +++ b/MdePkg/Include/Library/DebugLib.h
> > > > @@ -8,7 +8,7 @@
> > > >of size reduction when compiler optimization is disabled. If
> > > > MDEPKG_NDEBUG is
> > > >defined, then debug and assert related macros wrapped by it are
> > > > the NULL implementations.
> > > >
> > > > -Copyright (c) 2006 - 2020, Intel Corporation. All rights
> > > > reserved.
> > > > +Copyright (c) 2006 - 2022, Intel Corporation. All rights
> > > > +reserved.
> > > >  SPDX-License-Identifier: BSD-2-Clause-Patent
> > > >
> > > >  **/
> > > > @@ -85,6 +85,26 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > 

Re: [edk2-devel] [edk2-platforms PATCH] Marvell/SolidRun: Rework Readme.md files

[Ard Biesheuvel]

On Wed, 6 Apr 2022 at 22:02, Marcin Wojtas  wrote:
>
> Hi,
>
> pon., 14 mar 2022 o 18:17 Sunny Wang  napisał(a):
> >
> > Looks good. Thanks much, Marcin.
> >
> > This will be helpful as http://wiki.macchiatobin.net/tiki-index.php has 
> > been not accessible for quite a while.
> >
> > Reviewed-by: Sunny Wang 
> >
>
> Do you have any feedback about the patch?
>

Pushed as  fe223fb30f74..c06b98a171be

Thanks,


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89127): https://edk2.groups.io/g/devel/message/89127
Mute This Topic: https://groups.io/mt/89771621/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [edk2-platforms PATCH 0/8] Marvell Pp2Dxe fixes

[Ard Biesheuvel]

On Thu, 7 Apr 2022 at 12:52, Sunny Wang  wrote:
>
> Sorry for the delay and thanks for fixing the issues, Marcin.
>
> The patch series look good to me.  Also, we have tested the patches on a 
> CN9130 based system, and it works fine. The patches fix the SCT failures 
> below, and UEFI network function works fine.
> - PlatformSpecificElements: [FAILED]
> - Shutdown_Func: [FAILED]
> - Start_Conf: [FAILED]
> - Start_Func: [FAILE]
> - Stop_Conf: [FAILED]
>
> Reviewed-by: Sunny Wang 
>

Pushed as 170f455d1b1b..fe223fb30f74

Thanks all,


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89126): https://edk2.groups.io/g/devel/message/89126
Mute This Topic: https://groups.io/mt/89776249/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH V3 5/9] OvmfPkg/IntelTdx: Measure Td HobList and Configuration FV

[Gerd Hoffmann]

  Hi,

> > Yes for validation (aka sanity-checking the fields, etc).
> > But for measurement I don't see why the ordering matters.
> > Whenever you do that before or after consuming the TdHob
> > should not make a difference.
> 
> [Jiewen] I disagree. The order matters from security perspective.
> If you use it, there is risk that the buggy code will compromise the system 
> before you have chance to measure it.

Measurement will only record hashes for verification later on.
It will not prevent running possibly buggy/compromised code.

So, no matter what the order is, you'll figure the system got
compromised after the fact, when checking the hashes later, and in turn
take actions like refusing to hand out secrets to the compromised
system.

> There was already known attacks: The measurement was in wrong place,
> which caused the attack can forge the measurement.

Do you have a link or CVE number for me?

thanks,
  Gerd



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89125): https://edk2.groups.io/g/devel/message/89125
Mute This Topic: https://groups.io/mt/90531017/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v2 0/1] BaseTools: disable stack protector (gcc, AARCH64)

[Oliver Steffen]

PR: https://github.com/tianocore/edk2/pull/2795

Explicity disable the stack protection with
-fno-stack-protection for builds using GCC on
AARCH64.

The gcc on Ubuntu enables -fstack-protector-strong
by default starting with Ubuntu 21.10.

GenFw fails if stack protection is enabled.

v2: Set -fno-stack-portector for GCC starting with version 4.8 instead
for all versions.

Oliver Steffen (1):
  BaseTools: disable stack protector (gcc, AARCH64)

 BaseTools/Conf/tools_def.template | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

-- 
2.36.0



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89124): https://edk2.groups.io/g/devel/message/89124
Mute This Topic: https://groups.io/mt/90579800/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v2 1/1] BaseTools: disable stack protector (gcc, AARCH64)

[Oliver Steffen]

Explicity disable the stack protection with
-fno-stack-protection for builds using GCC on
AARCH64.

The gcc on Ubuntu enables -fstack-protector-strong
by default starting with Ubuntu 21.10.

GenFw fails if stack protection is enabled.

Signed-off-by: Oliver Steffen 
---
 BaseTools/Conf/tools_def.template | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/BaseTools/Conf/tools_def.template 
b/BaseTools/Conf/tools_def.template
index 9c310cf23d25..1a49671a2708 100755
--- a/BaseTools/Conf/tools_def.template
+++ b/BaseTools/Conf/tools_def.template
@@ -1915,7 +1915,7 @@ DEFINE GCC48_ARM_ASM_FLAGS   = $(ARCHASM_FLAGS) 
$(PLATFORM_FLAGS) DEF(GC
 DEFINE GCC48_AARCH64_ASM_FLAGS   = $(ARCHASM_FLAGS) $(PLATFORM_FLAGS) 
DEF(GCC_ASM_FLAGS) -mlittle-endian
 DEFINE GCC48_ARM_CC_FLAGS= $(ARCHCC_FLAGS) $(PLATFORM_FLAGS) 
DEF(GCC_ARM_CC_FLAGS) -fstack-protector -mword-relocations
 DEFINE GCC48_ARM_CC_XIPFLAGS = DEF(GCC_ARM_CC_XIPFLAGS)
-DEFINE GCC48_AARCH64_CC_FLAGS= $(ARCHCC_FLAGS) $(PLATFORM_FLAGS) 
-mcmodel=large DEF(GCC_AARCH64_CC_FLAGS)
+DEFINE GCC48_AARCH64_CC_FLAGS= $(ARCHCC_FLAGS) $(PLATFORM_FLAGS) 
-mcmodel=large DEF(GCC_AARCH64_CC_FLAGS) -fno-stack-protector
 DEFINE GCC48_AARCH64_CC_XIPFLAGS = DEF(GCC_AARCH64_CC_XIPFLAGS)
 DEFINE GCC48_ARM_DLINK_FLAGS = DEF(GCC_ARM_DLINK_FLAGS) 
-Wl,--oformat=elf32-littlearm
 DEFINE GCC48_ARM_DLINK2_FLAGS= DEF(GCC_DLINK2_FLAGS_COMMON) 
-Wl,--defsym=PECOFF_HEADER_SIZE=0x220
-- 
2.36.0



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89123): https://edk2.groups.io/g/devel/message/89123
Mute This Topic: https://groups.io/mt/90579799/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [edk2-platforms][PATCH V2 0/9] Upadate the ACPI tables for RD platforms

[Pranav Madhu]

Hi Ard,

Thanks for your time in reviewing this patch series. Please find my response 
inline.

> -Original Message-
> From: Ard Biesheuvel 
> Sent: Wednesday, April 20, 2022 1:11 PM
> To: Pranav Madhu 
> Cc: edk2-devel-groups-io ; Ard Biesheuvel
> ; Sami Mujawar 
> Subject: Re: [edk2-platforms][PATCH V2 0/9] Upadate the ACPI tables for RD
> platforms
> 
> On Mon, 18 Apr 2022 at 13:54, Pranav Madhu 
> wrote:
> >
> > Changes since V1:
> > - Rebased on top of latest master branch.
> > - Rebased on top of patch to remove SLC cache entries from PPTT (link
> >   for the same in edk2.groups.io is provided below)
> >
> > Arm infrastructure reference design platforms uses ACPI tables to
> > provide the hardware information to the operating system. Currently
> > the ACPI tables are aligned with ACPI v6.2 and v6.3 specification.
> > This patch series update the tables to ACPI v6.4 specificaion.
> >
> 
> Why is this necessary? By doing this, you will lose the ability to boot an OS 
> that
> implements ACPI 6.2 but not ACPI 6.4, and so this should only be done if you 
> are
> actually relying on a feature that was not available in ACPI 6.2. Otherwise, 
> this
> is just pointless busywork.
> 

As per SystemReady SBBR specification, all the ACPI tables should adhere to a 
specific ACPI revision. At present the FADT, GTDT, MADT... tables are as per 
ACPI specification 6.2 and PPTT, HMAT... tables are as per specification 6.3. 
To achieve compliance, we need to either downgrade some tables to 6.2 or else 
upgrade the rest of the tables to 6.3. As a solution for this, upgrade all 
tables to 6.4 as this is the most recent. The effort required to bring all 
tables to ACPI 6.3 and 6.4 are almost same. Also, with ACPI 6.4 we successfully 
validated WinPE and other Linux distributions.
 
> 
> > The first patch in this series update the generic tables which are
> > common for all platfoms. The subsequent patches in this series update
> > platform specific ACPI tables to v6.4 for the respective platform.
> >
> > This patch series also update the headers in the .aslc files to match
> > the coding style as per edk2 coding guidelines.
> >
> > This patch series should be applied on top of the patch series
> > https://edk2.groups.io/g/devel/message/88996
> >
> > Link to github branch with the patches in this series -
> > https://github.com/Pranav-Madhu/edk2-platforms/tree/topics/acpi64_for_
> > rd_platforms
> >
> >
> > Pranav Madhu (9):
> >   Platform/Sgi: Update ACPI version to v6.4
> >   Platform/Sgi: Update ACPI version to v6.4 for SGI-575 platform
> >   Platform/Sgi: Update ACPI version to v6.4 for Rd-N1-Edge platform
> >   Platform/Sgi: Update ACPI version to v6.4 for Rd-N1-Edge-X2 platform
> >   Platform/Sgi: Update ACPI version to v6.4 for Rd-E1-Edge platform
> >   Platform/Sgi: Update ACPI version to v6.4 for Rd-V1 platform
> >   Platform/Sgi: Update ACPI version to v6.4 for Rd-V1-MC platform
> >   Platform/Sgi: Update ACPI version to v6.4 for Rd-N2 platform
> >   Platform/Sgi: Update ACPI version to v6.4 for Rd-N2-Cfg1 platform
> >
> >  Platform/ARM/SgiPkg/Include/SgiAcpiHeader.h   | 219 
> >  Platform/ARM/SgiPkg/AcpiTables/Dbg2.aslc  |  30 ++-
> >  Platform/ARM/SgiPkg/AcpiTables/Fadt.aslc  |  38 +--
> >  Platform/ARM/SgiPkg/AcpiTables/Gtdt.aslc  |  69 ++---
> >  Platform/ARM/SgiPkg/AcpiTables/Mcfg.aslc  |  26 +-
> >  .../ARM/SgiPkg/AcpiTables/RdE1Edge/Madt.aslc  | 247
> > +-  .../ARM/SgiPkg/AcpiTables/RdE1Edge/Pptt.aslc  |
> > 106   .../ARM/SgiPkg/AcpiTables/RdN1Edge/Madt.aslc  | 105
> >   .../ARM/SgiPkg/AcpiTables/RdN1Edge/Pptt.aslc  |  88 ---
> >  .../SgiPkg/AcpiTables/RdN1EdgeX2/Hmat.aslc|  52 ++--
> >  .../SgiPkg/AcpiTables/RdN1EdgeX2/Madt.aslc| 151 ++-
> >  .../SgiPkg/AcpiTables/RdN1EdgeX2/Pptt.aslc|  92 +++
> >  .../SgiPkg/AcpiTables/RdN1EdgeX2/Srat.aslc|  74 +++---
> >  Platform/ARM/SgiPkg/AcpiTables/RdN2/Madt.aslc | 163 ++--
> > Platform/ARM/SgiPkg/AcpiTables/RdN2/Pptt.aslc |  77 +++---
> > .../ARM/SgiPkg/AcpiTables/RdN2Cfg1/Madt.aslc  | 112 
> > .../ARM/SgiPkg/AcpiTables/RdN2Cfg1/Pptt.aslc  |  73 +++---
> > Platform/ARM/SgiPkg/AcpiTables/RdV1/Madt.aslc | 159 +--
> > Platform/ARM/SgiPkg/AcpiTables/RdV1/Pptt.aslc |  77 +++---
> >  .../ARM/SgiPkg/AcpiTables/RdV1Mc/Hmat.aslc|  64 +++--
> >  .../ARM/SgiPkg/AcpiTables/RdV1Mc/Madt.aslc| 165 ++--
> >  .../ARM/SgiPkg/AcpiTables/RdV1Mc/Pptt.aslc|  81 +++---
> >  .../ARM/SgiPkg/AcpiTables/RdV1Mc/Srat.aslc|  82 +++---
> >  .../ARM/SgiPkg/AcpiTables/Sgi575/Madt.aslc| 105 
> >  .../ARM/SgiPkg/AcpiTables/Sgi575/Pptt.aslc|  86 +++---
> >  Platform/ARM/SgiPkg/AcpiTables/Spcr.aslc  |  29 +-
> >  26 files changed, 1343 insertions(+), 1227 deletions(-)
> >
> > --
> > 2.17.1
> >

Regards,
Pranav


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89122): 

Re: [edk2-devel] [edk2-platforms][PATCH V1 1/1] Platform/Sgi: Remove SLC entry from PPTT table

[Pranav Madhu]

Hi Ard,

Please find my response inline.

> -Original Message-
> From: Ard Biesheuvel 
> Sent: Wednesday, April 20, 2022 1:05 PM
> To: Pranav Madhu 
> Cc: edk2-devel-groups-io ; Ard Biesheuvel
> ; Sami Mujawar 
> Subject: Re: [edk2-platforms][PATCH V1 1/1] Platform/Sgi: Remove SLC entry
> from PPTT table
> 
> On Mon, 18 Apr 2022 at 10:14, Pranav Madhu 
> wrote:
> >
> > Remove system level cache (SLC) entry from ACPI PPTT table. SLC on the
> > Neoverse reference design platforms is the memory side cache and so it
> > is removed from PPTT table.
> >
> 
> Could you elaborate? Why does the former justify/imply the latter?

The SLC cache in Neoverse reference design is not a processor resource, instead 
it is an interconnect resource. As PPTT is used to describe the processor 
topology and processor resources, it is better to remove the SLC cache from 
PPTT and the best place for SLC is HMAT/SRAT tables.

> 
> > Signed-off-by: Pranav Madhu 
> > ---
> >  Platform/ARM/SgiPkg/Include/SgiAcpiHeader.h |  4 +---
> >  Platform/ARM/SgiPkg/AcpiTables/RdE1Edge/Pptt.aslc   | 24 
> > +++-
> >  Platform/ARM/SgiPkg/AcpiTables/RdN1Edge/Pptt.aslc   | 20 +++-
> >  Platform/ARM/SgiPkg/AcpiTables/RdN1EdgeX2/Pptt.aslc | 23 +++---
> -
> >  Platform/ARM/SgiPkg/AcpiTables/RdN2/Pptt.aslc   | 21 -
> >  Platform/ARM/SgiPkg/AcpiTables/RdN2Cfg1/Pptt.aslc   | 21 -
> >  Platform/ARM/SgiPkg/AcpiTables/RdV1/Pptt.aslc   | 21 -
> >  Platform/ARM/SgiPkg/AcpiTables/RdV1Mc/Pptt.aslc | 23 
> > ---
> >  8 files changed, 26 insertions(+), 131 deletions(-)
> >
> > Link to github branch for this patch -
> > https://github.com/Pranav-Madhu/edk2-platforms/tree/topics/remove_slc_
> > from_pptt
> >

<...>

Regards,
Pranav


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89121): https://edk2.groups.io/g/devel/message/89121
Mute This Topic: https://groups.io/mt/90535814/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v4 0/8] Add Variable Flash Info HOB

[Ard Biesheuvel]

On Tue, 12 Apr 2022 at 18:30,  wrote:
>
> From: Michael Kubacki 
>
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3479
>
> The UEFI variable drivers such as VariableRuntimeDxe, VariableSmm,
> VariableStandaloneMm, etc. (and their dependent protocol/library
> stack), typically acquire UEFI variable store flash information
> with PCDs declared in MdeModulePkg.
>
> For example:
> [Pcd]
>   gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase
>   gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64
>   gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize
>
> These PCDs work as-is in the StandaloneMm driver if they are not
> dynamic such as Dynamic or DynamicEx because PCD services are not
> readily available in the Standalone MM environment. Platforms that
> use Standalone MM today, must define these PCDs as FixedAtBuild in
> their platform build. However, the PCDs do allow platforms to treat
> the PCDs as Dynamic/DynamicEx and being able to support that is
> currently a gap for Standalone MM.
>
> This patch series introduces a HOB that can be produced by the
> platform to provide the same information. The HOB list is
> available to Standalone MM.
>
> The PCD declarations are left as-is in MdeModulePkg for backward
> compatibility. This means unless a platform wants to use the HOB,
> their code will continue to work with no change (they do not need
> to produce the HOB). Only if the HOB is found, is its value used
> instead of the PCDs.
>
> Due to the large number of consumers of this information, access
> to the base address and size values is abstracted in a new library
> class (as requested in the v1 series) called VariableFlashInfoLib.
>
> The API of VariableFlashInfoLib does not bind the underlying data
> structure to the information returned to library users to allow
> flexibility in the library implementation in the future.
>
> V4 changes:
> 1. Add a UINT32 "Reserved" field to VARIABLE_FLASH_INFO.
> 2. Add a descriptive comment to VariableFlashInfo.h to explain
>HOB usage.
>
> V3 changes:
> 1. To better clarify usage, renamed the members
>"NvStorageBaseAddress" and "NvStorageLength" in
>"VARIABLE_FLASH_INFO" to "NvVariableBaseAddress" and
>"NvVariableLength".
> 2. Added description comments to the fields in "VARIABLE_FLASH_INFO".
>
> V2 changes:
> 1. Abstracted flash info data access with VariableFlashInfoLib.
> 2. Updated package builds in the repo that build the variable and
>FTW drivers to include VariableFlashInfoLib.
> 3. Removed a redundant variable assignment in VariableSmm.c.
> 4. Updated comments in FtwMisc.c and FaultTolerantWritePei.c to
>indicate driver assumption is UINTN (not UINT32)
> 5. Added a version field to the VARIABLE_FLASH_INFO structure.
>
> Cc: Abner Chang 
> Cc: Andrew Fish 
> Cc: Anthony Perard 
> Cc: Ard Biesheuvel 
> Cc: Benjamin You 
> Cc: Brijesh Singh 
> Cc: Erdem Aktas 
> Cc: Gerd Hoffmann 
> Cc: Guo Dong 
> Cc: Hao A Wu 
> Cc: James Bottomley 
> Cc: Jian J Wang 
> Cc: Jiewen Yao 
> Cc: Jordan Justen 
> Cc: Julien Grall 
> Cc: Leif Lindholm 
> Cc: Liming Gao 
> Cc: Maurice Ma 
> Cc: Min Xu 
> Cc: Nickle Wang 
> Cc: Peter Grehan 
> Cc: Ray Ni 
> Cc: Rebecca Cran 
> Cc: Sami Mujawar 
> Cc: Sean Rhodes 
> Cc: Sebastien Boeuf 
> Cc: Tom Lendacky 
> Signed-off-by: Michael Kubacki 
>
> Michael Kubacki (8):
>   MdeModulePkg: Add Variable Flash Info HOB
>   MdeModulePkg/VariableFlashInfoLib: Add initial library
>   MdeModulePkg/Variable: Consume Variable Flash Info
>   MdeModulePkg/FaultTolerantWrite: Consume Variable Flash Info
>   ArmVirtPkg/ArmVirt.dsc.inc: Add VariableFlashInfoLib
>   EmulatorPkg: Add VariableFlashInfoLib
>   OvmfPkg: Add VariableFlashInfoLib
>   UefiPayloadPkg: Add VariableFlashInfoLib
>

For the series,

Acked-by: Ard Biesheuvel 

>  MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.c 
>| 178 
>  MdeModulePkg/Universal/FaultTolerantWriteDxe/FtwMisc.c   
>|  41 +++--
>  MdeModulePkg/Universal/FaultTolerantWriteDxe/UpdateWorkingBlock.c
>|   7 +-
>  MdeModulePkg/Universal/FaultTolerantWritePei/FaultTolerantWritePei.c 
>|  28 +--
>  MdeModulePkg/Universal/Variable/Pei/Variable.c   
>|  14 +-
>  MdeModulePkg/Universal/Variable/RuntimeDxe/VariableDxe.c 
>|  16 +-
>  MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.c 
>|  14 +-
>  MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c 
>|  17 +-
>  ArmVirtPkg/ArmVirt.dsc.inc   
>|   1 +
>  EmulatorPkg/EmulatorPkg.dsc  
>|   1 +
>  MdeModulePkg/Include/Guid/VariableFlashInfo.h
>| 111 
>  MdeModulePkg/Include/Library/VariableFlashInfoLib.h  
>|  68 
>  

Re: [edk2-devel] [edk2-platforms][PATCH V2 0/9] Upadate the ACPI tables for RD platforms

[Ard Biesheuvel]

On Mon, 18 Apr 2022 at 13:54, Pranav Madhu  wrote:
>
> Changes since V1:
> - Rebased on top of latest master branch.
> - Rebased on top of patch to remove SLC cache entries from PPTT (link
>   for the same in edk2.groups.io is provided below)
>
> Arm infrastructure reference design platforms uses ACPI tables to
> provide the hardware information to the operating system. Currently the
> ACPI tables are aligned with ACPI v6.2 and v6.3 specification. This
> patch series update the tables to ACPI v6.4 specificaion.
>

Why is this necessary? By doing this, you will lose the ability to
boot an OS that implements ACPI 6.2 but not ACPI 6.4, and so this
should only be done if you are actually relying on a feature that was
not available in ACPI 6.2. Otherwise, this is just pointless busywork.


> The first patch in this series update the generic tables which are
> common for all platfoms. The subsequent patches in this series update
> platform specific ACPI tables to v6.4 for the respective platform.
>
> This patch series also update the headers in the .aslc files to match
> the coding style as per edk2 coding guidelines.
>
> This patch series should be applied on top of the patch series
> https://edk2.groups.io/g/devel/message/88996
>
> Link to github branch with the patches in this series -
> https://github.com/Pranav-Madhu/edk2-platforms/tree/topics/acpi64_for_rd_platforms
>
>
> Pranav Madhu (9):
>   Platform/Sgi: Update ACPI version to v6.4
>   Platform/Sgi: Update ACPI version to v6.4 for SGI-575 platform
>   Platform/Sgi: Update ACPI version to v6.4 for Rd-N1-Edge platform
>   Platform/Sgi: Update ACPI version to v6.4 for Rd-N1-Edge-X2 platform
>   Platform/Sgi: Update ACPI version to v6.4 for Rd-E1-Edge platform
>   Platform/Sgi: Update ACPI version to v6.4 for Rd-V1 platform
>   Platform/Sgi: Update ACPI version to v6.4 for Rd-V1-MC platform
>   Platform/Sgi: Update ACPI version to v6.4 for Rd-N2 platform
>   Platform/Sgi: Update ACPI version to v6.4 for Rd-N2-Cfg1 platform
>
>  Platform/ARM/SgiPkg/Include/SgiAcpiHeader.h   | 219 
>  Platform/ARM/SgiPkg/AcpiTables/Dbg2.aslc  |  30 ++-
>  Platform/ARM/SgiPkg/AcpiTables/Fadt.aslc  |  38 +--
>  Platform/ARM/SgiPkg/AcpiTables/Gtdt.aslc  |  69 ++---
>  Platform/ARM/SgiPkg/AcpiTables/Mcfg.aslc  |  26 +-
>  .../ARM/SgiPkg/AcpiTables/RdE1Edge/Madt.aslc  | 247 +-
>  .../ARM/SgiPkg/AcpiTables/RdE1Edge/Pptt.aslc  | 106 
>  .../ARM/SgiPkg/AcpiTables/RdN1Edge/Madt.aslc  | 105 
>  .../ARM/SgiPkg/AcpiTables/RdN1Edge/Pptt.aslc  |  88 ---
>  .../SgiPkg/AcpiTables/RdN1EdgeX2/Hmat.aslc|  52 ++--
>  .../SgiPkg/AcpiTables/RdN1EdgeX2/Madt.aslc| 151 ++-
>  .../SgiPkg/AcpiTables/RdN1EdgeX2/Pptt.aslc|  92 +++
>  .../SgiPkg/AcpiTables/RdN1EdgeX2/Srat.aslc|  74 +++---
>  Platform/ARM/SgiPkg/AcpiTables/RdN2/Madt.aslc | 163 ++--
>  Platform/ARM/SgiPkg/AcpiTables/RdN2/Pptt.aslc |  77 +++---
>  .../ARM/SgiPkg/AcpiTables/RdN2Cfg1/Madt.aslc  | 112 
>  .../ARM/SgiPkg/AcpiTables/RdN2Cfg1/Pptt.aslc  |  73 +++---
>  Platform/ARM/SgiPkg/AcpiTables/RdV1/Madt.aslc | 159 +--
>  Platform/ARM/SgiPkg/AcpiTables/RdV1/Pptt.aslc |  77 +++---
>  .../ARM/SgiPkg/AcpiTables/RdV1Mc/Hmat.aslc|  64 +++--
>  .../ARM/SgiPkg/AcpiTables/RdV1Mc/Madt.aslc| 165 ++--
>  .../ARM/SgiPkg/AcpiTables/RdV1Mc/Pptt.aslc|  81 +++---
>  .../ARM/SgiPkg/AcpiTables/RdV1Mc/Srat.aslc|  82 +++---
>  .../ARM/SgiPkg/AcpiTables/Sgi575/Madt.aslc| 105 
>  .../ARM/SgiPkg/AcpiTables/Sgi575/Pptt.aslc|  86 +++---
>  Platform/ARM/SgiPkg/AcpiTables/Spcr.aslc  |  29 +-
>  26 files changed, 1343 insertions(+), 1227 deletions(-)
>
> --
> 2.17.1
>


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89119): https://edk2.groups.io/g/devel/message/89119
Mute This Topic: https://groups.io/mt/90537675/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: 回复: [edk2-devel] [PATCH 1/1] BaseTools: disable stack protector (gcc, AARCH64)

[Oliver Steffen]

On 20.04.2022 07:36, gaoliming wrote:

GCC Stack Protector options come from GCC4.9.3. But, there is GCC48 in
tools_def. I am not sure whether GCC48 is still used.


A valid point.

GCC 4.8 accepts -fno-stack-protector.
For IA32 and X64 this option is set in GCC48_$ARCH_CC_FLAGS.
Setting it for AARCH64 starting with GCC4.8 would be more consistent
than setting it for all versions by default.

Cheers,
 Oliver



Thanks
Liming


-邮件原件-
发件人: devel@edk2.groups.io  代表 Oliver Steffen
发送时间: 2022年4月19日 22:47
收件人: devel@edk2.groups.io
抄送: bob.c.f...@intel.com; gaolim...@byosoft.com.cn;
yuwei.c...@intel.com; Oliver Steffen 
主题: [edk2-devel] [PATCH 1/1] BaseTools: disable stack protector (gcc,
AARCH64)

Explicity disable the stack protection with
-fno-stack-protection for builds using GCC on
AARCH64.

The gcc on Ubuntu enables -fstack-protector-strong
by default starting with Ubuntu 21.10.

GenFw fails if stack protection is enabled.

Signed-off-by: Oliver Steffen 
---
 BaseTools/Conf/tools_def.template | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/BaseTools/Conf/tools_def.template
b/BaseTools/Conf/tools_def.template
index 9c310cf23d25..bd3edf0d219b 100755
--- a/BaseTools/Conf/tools_def.template
+++ b/BaseTools/Conf/tools_def.template
@@ -1872,7 +1872,7 @@ DEFINE GCC_IA32_CC_FLAGS   =
DEF(GCC_ALL_CC_FLAGS) -m32 -malign-double -
 DEFINE GCC_X64_CC_FLAGS= DEF(GCC_ALL_CC_FLAGS)
-mno-red-zone -Wno-address -mno-stack-arg-probe
 DEFINE GCC_ARM_CC_FLAGS= DEF(GCC_ALL_CC_FLAGS)
-mlittle-endian -mabi=aapcs -fno-short-enums -funsigned-char
-ffunction-sections -fdata-sections -fomit-frame-pointer -Wno-address
-mthumb -mfloat-abi=soft -fno-pic -fno-pie
 DEFINE GCC_ARM_CC_XIPFLAGS = -mno-unaligned-access
-DEFINE GCC_AARCH64_CC_FLAGS= DEF(GCC_ALL_CC_FLAGS)
-mlittle-endian -fno-short-enums -fverbose-asm -funsigned-char
-ffunction-sections -fdata-sections -Wno-address
-fno-asynchronous-unwind-tables -fno-unwind-tables -fno-pic -fno-pie
-ffixed-x18
+DEFINE GCC_AARCH64_CC_FLAGS= DEF(GCC_ALL_CC_FLAGS)
-mlittle-endian -fno-short-enums -fverbose-asm -funsigned-char
-ffunction-sections -fdata-sections -Wno-address
-fno-asynchronous-unwind-tables -fno-unwind-tables -fno-pic -fno-pie
-ffixed-x18 -fno-stack-protector
 DEFINE GCC_AARCH64_CC_XIPFLAGS = -mstrict-align
-mgeneral-regs-only
 DEFINE GCC_DLINK_FLAGS_COMMON  = -nostdlib --pie
 DEFINE GCC_DLINK2_FLAGS_COMMON =
-Wl,--script=$(EDK_TOOLS_PATH)/Scripts/GccBase.lds
--
2.35.1


















-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89118): https://edk2.groups.io/g/devel/message/89118
Mute This Topic: https://groups.io/mt/90574237/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [edk2-platforms][PATCH V1 1/1] Platform/Sgi: Remove SLC entry from PPTT table

[Ard Biesheuvel]

On Mon, 18 Apr 2022 at 10:14, Pranav Madhu  wrote:
>
> Remove system level cache (SLC) entry from ACPI PPTT table. SLC on the
> Neoverse reference design platforms is the memory side cache and so it
> is removed from PPTT table.
>

Could you elaborate? Why does the former justify/imply the latter?

> Signed-off-by: Pranav Madhu 
> ---
>  Platform/ARM/SgiPkg/Include/SgiAcpiHeader.h |  4 +---
>  Platform/ARM/SgiPkg/AcpiTables/RdE1Edge/Pptt.aslc   | 24 +++-
>  Platform/ARM/SgiPkg/AcpiTables/RdN1Edge/Pptt.aslc   | 20 +++-
>  Platform/ARM/SgiPkg/AcpiTables/RdN1EdgeX2/Pptt.aslc | 23 +++
>  Platform/ARM/SgiPkg/AcpiTables/RdN2/Pptt.aslc   | 21 -
>  Platform/ARM/SgiPkg/AcpiTables/RdN2Cfg1/Pptt.aslc   | 21 -
>  Platform/ARM/SgiPkg/AcpiTables/RdV1/Pptt.aslc   | 21 -
>  Platform/ARM/SgiPkg/AcpiTables/RdV1Mc/Pptt.aslc | 23 ---
>  8 files changed, 26 insertions(+), 131 deletions(-)
>
> Link to github branch for this patch -
> https://github.com/Pranav-Madhu/edk2-platforms/tree/topics/remove_slc_from_pptt
>
> diff --git a/Platform/ARM/SgiPkg/Include/SgiAcpiHeader.h 
> b/Platform/ARM/SgiPkg/Include/SgiAcpiHeader.h
> index d75d54055436..e9b6923cb035 100644
> --- a/Platform/ARM/SgiPkg/Include/SgiAcpiHeader.h
> +++ b/Platform/ARM/SgiPkg/Include/SgiAcpiHeader.h
> @@ -68,10 +68,8 @@ typedef struct {
>  // PPTT processor package structure
>  typedef struct {
>EFI_ACPI_6_3_PPTT_STRUCTURE_PROCESSOR  Package;
> -  UINT32 ResourceOffset;
> -  EFI_ACPI_6_3_PPTT_STRUCTURE_CACHE  Slc;
>RD_PPTT_MINIMAL_CLUSTERCluster[CLUSTER_COUNT];
> -} RD_PPTT_SLC_PACKAGE;
> +} RD_PPTT_PACKAGE;
>  #pragma pack ()
>
>  //
> diff --git a/Platform/ARM/SgiPkg/AcpiTables/RdE1Edge/Pptt.aslc 
> b/Platform/ARM/SgiPkg/AcpiTables/RdE1Edge/Pptt.aslc
> index 3615a11d75b0..0ef9607c0732 100644
> --- a/Platform/ARM/SgiPkg/AcpiTables/RdE1Edge/Pptt.aslc
> +++ b/Platform/ARM/SgiPkg/AcpiTables/RdE1Edge/Pptt.aslc
> @@ -8,7 +8,7 @@
>  * Each cluster includes a 2MB L3 cache. The platform also includes a system
>  * level cache of 8MB.
>  *
> -* Copyright (c) 2021, ARM Limited. All rights reserved.
> +* Copyright (c) 2021 - 2022, Arm Limited. All rights reserved.
>  *
>  * SPDX-License-Identifier: BSD-2-Clause-Patent
>  *
> @@ -168,28 +168,12 @@
>  #define PPTT_PACKAGE_INIT(PackageId) 
>   \
>{  
>   \
>  EFI_ACPI_6_3_PPTT_STRUCTURE_PROCESSOR_INIT ( 
>   \
> -  OFFSET_OF (RDE1EDGE_PPTT_PACKAGE, Slc),
>   \
> +  OFFSET_OF (RDE1EDGE_PPTT_PACKAGE, Cluster[0]), 
>   \
>PPTT_PROCESSOR_PACKAGE_FLAGS,  
>   \
>0, 
>   \
>0, 
>   \
> -  1  
>   \
> +  0  
>   \
>  ),   
>   \
> - 
>   \
> -/* Offsets of the private resources */   
>   \
> -OFFSET_OF (EFI_ACPI_6_3_PROCESSOR_PROPERTIES_TOPOLOGY_TABLE, 
>   \
> -   Package.Slc), 
>   \
> - 
>   \
> -/* SLC parameters */ 
>   \
> -EFI_ACPI_6_3_PPTT_STRUCTURE_CACHE_INIT ( 
>   \
> -  PPTT_CACHE_STRUCTURE_FLAGS, /* Flag */ 
>   \
> -  0,  /* Next level of cache */  
>   \
> -  SIZE_8MB,   /* Size */ 
>   \
> -  8192,   /* Num of sets */  
>   \
> -  16, /* Associativity */
>   \
> -  PPTT_UNIFIED_CACHE_ATTR,/* Attributes */   
>   \
> -  64  /* Line size */
>   \
> -),   
>   \
> - 
>   \
>  {
>   \
>PPTT_CLUSTER_INIT (PackageId, 0),  
>   \
>PPTT_CLUSTER_INIT (PackageId, 1),

Re: [edk2-devel] [PATCH 0/4] CI: Use Fedora 35 container for Linux jobs

[Gerd Hoffmann]

On Tue, Apr 19, 2022 at 11:54:38PM +0200, Ard Biesheuvel wrote:
> On Tue, 19 Apr 2022 at 09:35, Oliver Steffen  wrote:
> >
> > PR: https://github.com/tianocore/edk2/pull/2711
> >
> > Update CI, run all Linux (aka Ubuntu-GCC5) based jobs in a custom
> > Fedora 35 container.
> 
> Why?
> 
> > The image provides gcc 11 from Fedora for all
> > architectures. The external dependencies for gcc have been removed
> > so stuart does not download them. iasl and nasm are also
> > included in the image, but remain as ext-dep for now (CI jobs on
> > Windows need those).

^^^ this for example.

The idea is to (a) switch linux CI builds from vm images to container
images, and (b) use our own, custom container images.

This allows to roll the dependencies needed for CI into the container
images, so there is no need to download them in CI jobs.  Fixes
temporary CI failures due to network problems and download errors.

This also allows to remove any distribution-specific commands (apt-get
for example) from CI jobs.  This will be handled in the Dockerfiles used
to build our custom container images instead.

Oliver is also working on ubuntu containers, look here:

> > The Dockerfiles are here:
> > https://github.com/osteffenrh/edk2-build-images,

Fedora is a bit faster on updating stuff.  For example: ubuntu 22.04
uses gcc 11 whereas Fedora 36 uses gcc 12 (both distros are in beta
right now).  Whenever we want:

  (a) stick to ubuntu, or
  (b) switch to fedora, or
  (c) use both

is up for debate.

> > but they should, of
> > course, then move to a repo in the Tianocore group, or something like
> > that. The images are built automatically via GitHub Actions and then
> > pushed to ghcr.io.

That is the next question: where should we host the Dockerfiles and
container images?

For the Dockerfiles that should probably a git repo in the tianocore
group.

For the container images the obvious choices are github and azure.
Given that microsoft owns github I'd expect both github actions and
azure pipelines are running on the same cloud infrastructure and it
doesn't make much of a difference whenever github or azure container
registry is used to host container images.

take care,
  Gerd



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89116): https://edk2.groups.io/g/devel/message/89116
Mute This Topic: https://groups.io/mt/90557209/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 1/1] CryptoPkg/Crt: fix strcpy build on older VS compilers

[Yao, Jiewen]

Reviewed-by: Jiewen Yao 

> -Original Message-
> From: Gerd Hoffmann 
> Sent: Wednesday, April 20, 2022 2:17 PM
> To: devel@edk2.groups.io
> Cc: Lu, Xiaoyu1 ; Oliver Steffen ;
> Pawel Polawski ; Yao, Jiewen ;
> Jiang, Guomin ; Wang, Jian J
> ; Gerd Hoffmann 
> Subject: [PATCH 1/1] CryptoPkg/Crt: fix strcpy build on older VS compilers
> 
> Drop 'restrict' keyword which older visual studio compiler
> versions complain about.
> 
> Fixes: fab6285a73c4 ("CryptoPkg/CrtLibSupport: fix strcpy")
> Signed-off-by: Gerd Hoffmann 
> ---
>  CryptoPkg/Library/Include/CrtLibSupport.h   | 4 ++--
>  CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c | 4 ++--
>  2 files changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/CryptoPkg/Library/Include/CrtLibSupport.h
> b/CryptoPkg/Library/Include/CrtLibSupport.h
> index bdc2654b6eef..e49060124ff6 100644
> --- a/CryptoPkg/Library/Include/CrtLibSupport.h
> +++ b/CryptoPkg/Library/Include/CrtLibSupport.h
> @@ -397,8 +397,8 @@ inet_pton   (
> 
>  char *
>  strcpy (
> -  char *restrict  strDest,
> -  const char  *strSource
> +  char*strDest,
> +  const char  *strSource
>);
> 
>  //
> diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
> b/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
> index 6fcbe5885e7b..c1fc33538f9b 100644
> --- a/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
> +++ b/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
> @@ -267,8 +267,8 @@ strcspn (
> 
>  char *
>  strcpy (
> -  char *restrict  strDest,
> -  const char  *strSource
> +  char*strDest,
> +  const char  *strSource
>)
>  {
>AsciiStrCpyS (strDest, MAX_STRING_SIZE, strSource);
> --
> 2.35.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89115): https://edk2.groups.io/g/devel/message/89115
Mute This Topic: https://groups.io/mt/90579023/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH V2 1/1] OvmfPkg/OvmfPkgX64: Adjust load sequence of TdxDxe and AmdSevDxe driver

[Yao, Jiewen]

Thanks Min.

Would you please add some comment in the APRIORI section, to explain why the 
order is in this way?
It also reminds people that the order should not be changed.

With comment added, reviewed-by: Jiewen Yao 




> -Original Message-
> From: Xu, Min M 
> Sent: Wednesday, April 20, 2022 2:57 PM
> To: devel@edk2.groups.io
> Cc: Xu, Min M ; Brijesh Singh ;
> Aktas, Erdem ; James Bottomley
> ; Yao, Jiewen ; Tom Lendacky
> 
> Subject: [PATCH V2 1/1] OvmfPkg/OvmfPkgX64: Adjust load sequence of TdxDxe
> and AmdSevDxe driver
> 
> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3904
> 
> TdxDxe driver is introduced for Intel TDX feature. Unfortunately, this
> driver also breaks boot process in SEV-ES guest. The root cause is in
> the PciLib which is imported by TdxDxe driver.
> 
> In a SEV-ES guest the AmdSevDxe driver performs a
> MemEncryptSevClearMmioPageEncMask() call against the
> PcdPciExpressBaseAddress range to mark it shared/unencrypted. However,
> the TdxDxe driver is loaded before the AmdSevDxe driver, and the PciLib
> in TdxDxe is DxePciLibI440FxQ35 which will access the
> PcdPciExpressBaseAddress range. Since the range has not been marked
> shared/unencrypted, the #VC handler terminates the guest for trying to
> do MMIO to an encrypted region.
> 
> Adjusting the load sequence of TdxDxe and AmdSevDxe can fix the issue.
> 
> Cc: Brijesh Singh 
> Cc: Erdem Aktas 
> Cc: James Bottomley 
> Cc: Jiewen Yao 
> Cc: Tom Lendacky 
> SEV-Tested-by: Tom Lendacky 
> TDX-Tested-by: Min Xu 
> Signed-off-by: Min Xu 
> ---
>  OvmfPkg/OvmfPkgX64.fdf | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
> index 71df28705ea8..1f9d0b3f5fcc 100644
> --- a/OvmfPkg/OvmfPkgX64.fdf
> +++ b/OvmfPkg/OvmfPkgX64.fdf
> @@ -214,8 +214,8 @@ READ_LOCK_STATUS   = TRUE
>  APRIORI DXE {
>INF  MdeModulePkg/Universal/DevicePathDxe/DevicePathDxe.inf
>INF  MdeModulePkg/Universal/PCD/Dxe/Pcd.inf
> -  INF  OvmfPkg/TdxDxe/TdxDxe.inf
>INF  OvmfPkg/AmdSevDxe/AmdSevDxe.inf
> +  INF  OvmfPkg/TdxDxe/TdxDxe.inf
>  !if $(SMM_REQUIRE) == FALSE
>INF  OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf
>  !endif
> --
> 2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89114): https://edk2.groups.io/g/devel/message/89114
Mute This Topic: https://groups.io/mt/90579232/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH V2 1/1] OvmfPkg/OvmfPkgX64: Adjust load sequence of TdxDxe and AmdSevDxe driver

[Min Xu]

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3904

TdxDxe driver is introduced for Intel TDX feature. Unfortunately, this
driver also breaks boot process in SEV-ES guest. The root cause is in
the PciLib which is imported by TdxDxe driver.

In a SEV-ES guest the AmdSevDxe driver performs a
MemEncryptSevClearMmioPageEncMask() call against the
PcdPciExpressBaseAddress range to mark it shared/unencrypted. However,
the TdxDxe driver is loaded before the AmdSevDxe driver, and the PciLib
in TdxDxe is DxePciLibI440FxQ35 which will access the
PcdPciExpressBaseAddress range. Since the range has not been marked
shared/unencrypted, the #VC handler terminates the guest for trying to
do MMIO to an encrypted region.

Adjusting the load sequence of TdxDxe and AmdSevDxe can fix the issue.

Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
SEV-Tested-by: Tom Lendacky 
TDX-Tested-by: Min Xu 
Signed-off-by: Min Xu 
---
 OvmfPkg/OvmfPkgX64.fdf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
index 71df28705ea8..1f9d0b3f5fcc 100644
--- a/OvmfPkg/OvmfPkgX64.fdf
+++ b/OvmfPkg/OvmfPkgX64.fdf
@@ -214,8 +214,8 @@ READ_LOCK_STATUS   = TRUE
 APRIORI DXE {
   INF  MdeModulePkg/Universal/DevicePathDxe/DevicePathDxe.inf
   INF  MdeModulePkg/Universal/PCD/Dxe/Pcd.inf
-  INF  OvmfPkg/TdxDxe/TdxDxe.inf
   INF  OvmfPkg/AmdSevDxe/AmdSevDxe.inf
+  INF  OvmfPkg/TdxDxe/TdxDxe.inf
 !if $(SMM_REQUIRE) == FALSE
   INF  OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf
 !endif
-- 
2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89113): https://edk2.groups.io/g/devel/message/89113
Mute This Topic: https://groups.io/mt/90579232/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH] ShellPkg: Update smbiosview type 0 with SMBIOS 3.5 fields

[Bo Chang Ke]

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3906

update smbiosview type 0 related fileds.

Signed-off-by: Bo Chang Ke 
Cc: Ray Ni 
Cc: Zhichao Gao 
---
 .../UefiShellDebug1CommandsLib/SmbiosView/PrintInfo.c   | 6 ++
 .../SmbiosView/SmbiosViewStrings.uni| 2 ++
 2 files changed, 8 insertions(+)

diff --git a/ShellPkg/Library/UefiShellDebug1CommandsLib/SmbiosView/PrintInfo.c 
b/ShellPkg/Library/UefiShellDebug1CommandsLib/SmbiosView/PrintInfo.c
index b144600a25..618bcd1590 100644
--- a/ShellPkg/Library/UefiShellDebug1CommandsLib/SmbiosView/PrintInfo.c
+++ b/ShellPkg/Library/UefiShellDebug1CommandsLib/SmbiosView/PrintInfo.c
@@ -1536,6 +1536,12 @@ DisplayBiosCharacteristicsExt2 (
   if (BIT (byte2, 4) != 0) {
 ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN 
(STR_SMBIOSVIEW_PRINTINFO_VIRTUAL_MACHINE), gShellDebug1HiiHandle);
   }
+  if (BIT (byte2, 5) != 0) {
+ShellPrintHiiEx(-1,-1,NULL,STRING_TOKEN 
(STR_SMBIOSVIEW_PRINTINFO_MCFG_SUPPORTED), gShellDebug1HiiHandle);
+  }
+  if (BIT (byte2, 6) != 0) {
+ShellPrintHiiEx(-1,-1,NULL,STRING_TOKEN 
(STR_SMBIOSVIEW_PRINTINFO_MCFG_ENABLED), gShellDebug1HiiHandle);
+  }
 
   ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN 
(STR_SMBIOSVIEW_PRINTINFO_BITS_RSVD_FOR_FUTURE), gShellDebug1HiiHandle, 5);
 } else {
diff --git 
a/ShellPkg/Library/UefiShellDebug1CommandsLib/SmbiosView/SmbiosViewStrings.uni 
b/ShellPkg/Library/UefiShellDebug1CommandsLib/SmbiosView/SmbiosViewStrings.uni
index 9433e8a25f..5a83e9834b 100644
--- 
a/ShellPkg/Library/UefiShellDebug1CommandsLib/SmbiosView/SmbiosViewStrings.uni
+++ 
b/ShellPkg/Library/UefiShellDebug1CommandsLib/SmbiosView/SmbiosViewStrings.uni
@@ -163,6 +163,8 @@
 #string STR_SMBIOSVIEW_PRINTINFO_ENABLE_TAR_CONT_DIST   #language 
en-US "Enable Targeted Content Distribution\r\n"
 #string STR_SMBIOSVIEW_PRINTINFO_UEFI_SPEC_SUPPORT  #language 
en-US "UEFI Specification is supported\r\n"
 #string STR_SMBIOSVIEW_PRINTINFO_VIRTUAL_MACHINE#language 
en-US "The SMBIOS table describes a virtual machine\r\n"
+#string STR_SMBIOSVIEW_PRINTINFO_MCFG_SUPPORTED #language 
en-US "Manufacturing mode is supported\r\n"
+#string STR_SMBIOSVIEW_PRINTINFO_MCFG_ENABLED   #language 
en-US "Manufacturing mode is enabled\r\n"
 #string STR_SMBIOSVIEW_PRINTINFO_BITS_RSVD_FOR_FUTURE   #language 
en-US " Bits %d:7 are reserved for future assignment\r\n"
 #string STR_SMBIOSVIEW_PRINTINFO_PROCESSOR_FAMILY   #language 
en-US "Processor Family: "
 #string STR_SMBIOSVIEW_PRINTINFO_OTHER  #language 
en-US "Other\r\n"
-- 
2.32.0.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89112): https://edk2.groups.io/g/devel/message/89112
Mute This Topic: https://groups.io/mt/90579157/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH 1/1] CryptoPkg/Crt: fix strcpy build on older VS compilers

[Gerd Hoffmann]

Drop 'restrict' keyword which older visual studio compiler
versions complain about.

Fixes: fab6285a73c4 ("CryptoPkg/CrtLibSupport: fix strcpy")
Signed-off-by: Gerd Hoffmann 
---
 CryptoPkg/Library/Include/CrtLibSupport.h   | 4 ++--
 CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/CryptoPkg/Library/Include/CrtLibSupport.h 
b/CryptoPkg/Library/Include/CrtLibSupport.h
index bdc2654b6eef..e49060124ff6 100644
--- a/CryptoPkg/Library/Include/CrtLibSupport.h
+++ b/CryptoPkg/Library/Include/CrtLibSupport.h
@@ -397,8 +397,8 @@ inet_pton   (
 
 char *
 strcpy (
-  char *restrict  strDest,
-  const char  *strSource
+  char*strDest,
+  const char  *strSource
   );
 
 //
diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c 
b/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
index 6fcbe5885e7b..c1fc33538f9b 100644
--- a/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
@@ -267,8 +267,8 @@ strcspn (
 
 char *
 strcpy (
-  char *restrict  strDest,
-  const char  *strSource
+  char*strDest,
+  const char  *strSource
   )
 {
   AsciiStrCpyS (strDest, MAX_STRING_SIZE, strSource);
-- 
2.35.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89109): https://edk2.groups.io/g/devel/message/89109
Mute This Topic: https://groups.io/mt/90579023/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-