Re: [edk2-devel] [PATCH v5 17/19] SecurityPkg: Add EncryptionVariable lib with AES
Judah, Just some typos found. See inline comments below starting with "[JianJW]". With them addressed, Reviewed-by: Jian J Wang Regards, Jian > -Original Message- > From: Vang, Judah > Sent: Sunday, November 06, 2022 3:35 PM > To: devel@edk2.groups.io > Cc: Wang, Jian J ; Yao, Jiewen ; > Xu, Min M ; Mistry, Nishant C > > Subject: [PATCH v5 17/19] SecurityPkg: Add EncryptionVariable lib with AES > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 > > V3: Change AllocateZeroPool() with AllocatePages() and FreePool() > with FreePages(). FreePool() is not supported in PEI phase so this was > causing a memory leak. Reverse the order of the FreePages() call. > > V1: Add encryption/decryption of protected variable functionality. > Add functions to get/set cipher data of a protected variable. > This is use for supporting confidentiality for protected > variables. > > Cc: Jian J Wang > Cc: Jiewen Yao > Cc: Min Xu > Cc: Nishant C Mistry > Signed-off-by: Jian J Wang > Signed-off-by: Nishant C Mistry > Signed-off-by: Judah Vang > --- > SecurityPkg/Library/EncryptionVariableLib/EncryptionVariableLib.inf | 43 ++ > SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.h | 49 ++ > SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.c | 734 > > 3 files changed, 826 insertions(+) > > diff --git > a/SecurityPkg/Library/EncryptionVariableLib/EncryptionVariableLib.inf > b/SecurityPkg/Library/EncryptionVariableLib/EncryptionVariableLib.inf > new file mode 100644 > index ..7ece52f2fb58 > --- /dev/null > +++ b/SecurityPkg/Library/EncryptionVariableLib/EncryptionVariableLib.inf > @@ -0,0 +1,43 @@ > +## @file > +# Provides variable encryption/decryption services. > +# > +# Copyright (c) 2022, Intel Corporation. All rights reserved. > +# > +# SPDX-License-Identifier: BSD-2-Clause-Patent > +# > +## > + > +[Defines] > + INF_VERSION= 0x00010029 > + BASE_NAME = EncryptionVariableLib > + FILE_GUID = 459E2CB0-AF4B-4415-B6A1-335E71FD8B85 > + MODULE_TYPE= BASE > + VERSION_STRING = 1.0 > + LIBRARY_CLASS = EncryptionVariableLib > + > +# > +# The following information is for reference only and not required by the > build > tools. > +# > +# VALID_ARCHITECTURES = IA32 X64 > +# > + > +[Sources] > + EncryptionVariable.c > + EncryptionVariable.h > + > +[Packages] > + MdePkg/MdePkg.dec > + MdeModulePkg/MdeModulePkg.dec > + SecurityPkg/SecurityPkg.dec > + CryptoPkg/CryptoPkg.dec > + > +[LibraryClasses] > + BaseLib > + BaseMemoryLib > + DebugLib > + MemoryAllocationLib > + BaseCryptLib > + > +[Guids] > + gEfiVariableGuid > + gEfiAuthenticatedVariableGuid > diff --git a/SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.h > b/SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.h > new file mode 100644 > index ..f35f9f9e3ad7 > --- /dev/null > +++ b/SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.h > @@ -0,0 +1,49 @@ > +/** @file > + Definitions used by this library implementation. > + > +Copyright (c) 2022, Intel Corporation. All rights reserved. > +SPDX-License-Identifier: BSD-2-Clause-Patent > + > +**/ > + > +#ifndef ENCRYPTION_VARIABLE_H_ > +#define ENCRYPTION_VARIABLE_H_ > + > +#define ENC_KEY_SEPL":" > +#define ENC_KEY_SEP_SIZE 2 > +#define ENC_KEY_NAME L"VAR_ENC_KEY" > +#define ENC_KEY_NAME_SIZE 22 > + > +#define ENC_KEY_SIZE(256/8) > +#define ENC_BLOCK_SIZE AES_BLOCK_SIZE > +#define ENC_IVEC_SIZE ENC_BLOCK_SIZE > + > +#define ENC_PADDING_BYTE 0x0F > + > +// > +// PKCS#5 padding > +// > +// #define AES_CIPHER_DATA_SIZE(PlainDataSize) > +// (AES_BLOCK_SIZE + (PlainDataSize)) & (~(AES_BLOCK_SIZE - 1)) > +// > +#define AES_CIPHER_DATA_SIZE(PlainDataSize) ALIGN_VALUE (PlainDataSize, > AES_BLOCK_SIZE) > + > +#define FREE_POOL(Address) \ > +if ((Address) != NULL) {\ > + FreePool (Address); \ > + (Address) = NULL; \ > +} > + > +#pragma pack(1) > + > +typedef struct { > + UINT32DataType; // SYM_TYPE_AES > + UINT32HeaderSize; // sizeof(VARIABLE_ENCRYPTION_HEADER) > + UINT32PlainDataSize;// Plain data size > + UINT32CipherDataSize; // Cipher data size > + UINT8 KeyIvec[ENC_IVEC_SIZE]; > +} VARIABLE_ENCRYPTION_HEADER; > + > +#pragma pack() > + > +#endif // _ENCRYPTION_VARIABLE_H_ > diff --git a/SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.c > b/SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.c > new file mode 100644 > index ..d128b32f93e0 > --- /dev/null > +++ b/SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.c > @@ -0,0 +1,734 @@ > +/** @file > + Implementation of EncryptionVariableLib with AES algorithm support. > + > +Copyright (c) 2022, Intel Corporation. All rights reserved. > +SPDX-License-Ide
Re: [edk2-devel] [PATCH v5 15/19] SecurityPkg: Add null encryption variable libs
Reviewed-by: Jian J Wang Regards, Jian > -Original Message- > From: Vang, Judah > Sent: Sunday, November 06, 2022 3:35 PM > To: devel@edk2.groups.io > Cc: Wang, Jian J ; Yao, Jiewen ; > Mistry, Nishant C > Subject: [PATCH v5 15/19] SecurityPkg: Add null encryption variable libs > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 > > V4: Applied code review - Remove empty Guids section > from .inf file. Update description in *.c. Remove *.uni file > and reference to it. > > V1: Provide null ecryption variable libraries. > These will be used by default for platforms that don't > support protected variable encryption. > > Cc: Jian J Wang > Cc: Jiewen Yao > Cc: Nishant C Mistry > Signed-off-by: Jian J Wang > Signed-off-by: Nishant C Mistry > Signed-off-by: Judah Vang > --- > SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariableLibNull.inf | > 34 > SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariable.c > | 92 > > 2 files changed, 126 insertions(+) > > diff --git > a/SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariableLibNull.inf > b/SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariableLibNull.inf > new file mode 100644 > index ..185b6f9bedf7 > --- /dev/null > +++ > b/SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariableLibNull.inf > @@ -0,0 +1,34 @@ > +## @file > +# Provides NULL version of encryption variable services. > +# > +# Copyright (c) 2015 - 2022, Intel Corporation. All rights reserved. > +# > +# SPDX-License-Identifier: BSD-2-Clause-Patent > +# > +## > + > +[Defines] > + INF_VERSION= 0x00010005 > + BASE_NAME = EncryptionVariableLibNull > + FILE_GUID = 3972E6FE-74D5-45C3-A9FB-DB9E5E5C9C17 > + MODULE_TYPE= BASE > + VERSION_STRING = 1.0 > + LIBRARY_CLASS = EncryptionVariableLib > + > +# > +# The following information is for reference only and not required by the > build > tools. > +# > +# VALID_ARCHITECTURES = IA32 X64 > +# > + > +[Sources] > + EncryptionVariable.c > + > +[Packages] > + MdePkg/MdePkg.dec > + MdeModulePkg/MdeModulePkg.dec > + SecurityPkg/SecurityPkg.dec > + > +[LibraryClasses] > + BaseLib > + DebugLib > diff --git > a/SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariable.c > b/SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariable.c > new file mode 100644 > index ..52ee8a7b5aae > --- /dev/null > +++ b/SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariable.c > @@ -0,0 +1,92 @@ > +/** @file > + NULL implementation of EncryptionVariableLib. > + > +Copyright (c) 2022, Intel Corporation. All rights reserved. > +SPDX-License-Identifier: BSD-2-Clause-Patent > + > +**/ > + > +#include > + > +#include > +#include > + > +/** > + Encrypt variable data. > + > + Null version. > + > + @param[in, out] VarEncInfo Pointer to structure containing detailed > + information about a variable. > + > + @retval EFI_UNSUPPORTED Unsupported to encrypt variable. > + > +**/ > +EFI_STATUS > +EFIAPI > +EncryptVariable ( > + IN OUT VARIABLE_ENCRYPTION_INFO *VarEncInfo > + ) > +{ > + return EFI_UNSUPPORTED; > +} > + > +/** > + Decrypt variable data. > + > + Null version. > + > + @param[in, out] VarEncInfo Pointer to structure containing detailed > + information about a variable. > + > + @retval EFI_UNSUPPORTED Unsupported to encrypt variable. > + > +**/ > +EFI_STATUS > +EFIAPI > +DecryptVariable ( > + IN OUT VARIABLE_ENCRYPTION_INFO *VarEncInfo > + ) > +{ > + return EFI_UNSUPPORTED; > +} > + > +/** > + Get cipher information. > + > + Null version. > + > + @param[in] VarEncInfo Pointer to structure containing detailed > +information about a variable. > + > + @retval EFI_UNSUPPORTED Unsupported interface. > + > +**/ > +EFI_STATUS > +EFIAPI > +GetCipherDataInfo ( > + IN VARIABLE_ENCRYPTION_INFO *VarEncInfo > + ) > +{ > + return EFI_UNSUPPORTED; > +} > + > +/** > + Set cipher information for a variable. > + > + Null version. > + > + @param[in] VarEncInfo Pointer to structure containing detailed > +information about a variable. > + > + @retval EFI_UNSUPPORTED If this method is not supported. > + > +**/ > +EFI_STATUS > +EFIAPI > +SetCipherDataInfo ( > + IN VARIABLE_ENCRYPTION_INFO *VarEncInfo > + ) > +{ > + return EFI_UNSUPPORTED; > +} > -- > 2.35.1.windows.2 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#96539): https://edk2.groups.io/g/devel/message/96539 Mute This Topic: https://groups.io/mt/94840831/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH v5 11/19] SecurityPkg: Add new KeyService types and defines
Reviewed-by: Jian J Wang Regards, Jian > -Original Message- > From: Vang, Judah > Sent: Sunday, November 06, 2022 3:35 PM > To: devel@edk2.groups.io > Cc: Wang, Jian J ; Yao, Jiewen ; > Mistry, Nishant C > Subject: [PATCH v5 11/19] SecurityPkg: Add new KeyService types and defines > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 > > V4: revert copyright date change. > > V1: Add new KeyService types and defines. > > Cc: Jian J Wang > Cc: Jiewen Yao > Cc: Nishant C Mistry > Signed-off-by: Jian J Wang > Signed-off-by: Nishant C Mistry > Signed-off-by: Judah Vang > --- > SecurityPkg/Include/Ppi/KeyServicePpi.h | 57 > 1 file changed, 57 insertions(+) > > diff --git a/SecurityPkg/Include/Ppi/KeyServicePpi.h > b/SecurityPkg/Include/Ppi/KeyServicePpi.h > new file mode 100644 > index ..8cfec04f96e5 > --- /dev/null > +++ b/SecurityPkg/Include/Ppi/KeyServicePpi.h > @@ -0,0 +1,57 @@ > +/** @file > + Provides Key Services. > + > +Copyright (c) 2008 - 2022, Intel Corporation. All rights reserved. > +SPDX-License-Identifier: BSD-2-Clause-Patent > + > +@par Specification Reference: > +**/ > + > +#ifndef PEI_KEY_SERVICE_PPI_H_ > +#define PEI_KEY_SERVICE_PPI_H_ > +/// > +/// KEY SERVICE PPI GUID > +/// > +extern EFI_GUID gKeyServicePpiGuid; > + > +/** > + Generate a new key from root key. > + > + @param[in] Salt Pointer to the salt(non-secret) > value. > + @param[in] SaltSize Salt size in bytes. > + @param[out] NewKey Pointer to buffer to receive new key. > + @param[in] NewKeySize Size of new key bytes to generate. > + > + @retval EFI_SUCCESS The function completed successfully > + @retval OTHER The function completed with failure. > +**/ > +typedef > +EFI_STATUS > +(EFIAPI *KEY_SERVICE_GEN_KEY)( > + IN UINT8*Salt, > + IN UINTNSaltSize, > + OUT UINT8*NewKey, > + IN UINTNNewKeySize > + ); > + > +#define KEY_SERVICE_PPI_REVISION 1 > +#define ROOT_KEY_LEN 64 > +#define SALT_SIZE_MIN_LEN 64 > +#define KEY_SERVICE_KEY_NAME L"KEY_SERVICE_KEY" > + > +typedef struct { > + UINT8RootKey[ROOT_KEY_LEN]; > + UINT8PreviousRootKey[ROOT_KEY_LEN]; > +} KEY_SERVICE_DATA; > + > +typedef struct _KEY_SERVICE_PPI KEY_SERVICE_PPI; > + > +/// > +/// KEY SERVICE PPI > +/// The interface functions are for Key Service in PEI Phase > +/// > +struct _KEY_SERVICE_PPI { > + KEY_SERVICE_GEN_KEYGenerateKey; /// Generate Key > +}; > + > +#endif > -- > 2.35.1.windows.2 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#96538): https://edk2.groups.io/g/devel/message/96538 Mute This Topic: https://groups.io/mt/94840827/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH v5 09/19] MdeModulePkg: Reference Null ProtectedVariableLib
Reviewed-by: Jian J Wang Regards, Jian > -Original Message- > From: Vang, Judah > Sent: Sunday, November 06, 2022 3:35 PM > To: devel@edk2.groups.io > Cc: Wang, Jian J ; Gao, Liming > ; Mistry, Nishant C > Subject: [PATCH v5 09/19] MdeModulePkg: Reference Null ProtectedVariableLib > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 > > V5: Add reference to new Protected Variable libs. > > V1: Make reference to new Null ProtectVariableLib. > The null ProtectedVariableLib is used by default. > > Cc: Jian J Wang > Cc: Liming Gao > Cc: Nishant C Mistry > Signed-off-by: Jian J Wang > Signed-off-by: Nishant C Mistry > Signed-off-by: Judah Vang > --- > MdeModulePkg/MdeModulePkg.dsc | 20 +++- > MdeModulePkg/Test/MdeModulePkgHostTest.dsc | 8 > 2 files changed, 27 insertions(+), 1 deletion(-) > > diff --git a/MdeModulePkg/MdeModulePkg.dsc > b/MdeModulePkg/MdeModulePkg.dsc > index 659482ab737f..65ec6d1e0918 100644 > --- a/MdeModulePkg/MdeModulePkg.dsc > +++ b/MdeModulePkg/MdeModulePkg.dsc > @@ -2,7 +2,7 @@ > # EFI/PI Reference Module Package for All Architectures > # > # (C) Copyright 2014 Hewlett-Packard Development Company, L.P. > -# Copyright (c) 2007 - 2021, Intel Corporation. All rights reserved. > +# Copyright (c) 2007 - 2022, Intel Corporation. All rights reserved. > # Copyright (c) Microsoft Corporation. > # > #SPDX-License-Identifier: BSD-2-Clause-Patent > @@ -104,6 +104,7 @@ [LibraryClasses] > > VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Variab > lePolicyHelperLib.inf > > MmUnblockMemoryLib|MdePkg/Library/MmUnblockMemoryLib/MmUnblockM > emoryLibNull.inf > > VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVar > iableFlashInfoLib.inf > + > ProtectedVariableLib|MdeModulePkg/Library/ProtectedVariableLibNull/Protect > edVariableLibNull.inf > > [LibraryClasses.EBC.PEIM] >IoLib|MdePkg/Library/PeiIoLibCpuIo/PeiIoLibCpuIo.inf > @@ -318,6 +319,7 @@ [Components] > > MdeModulePkg/Library/PlatformBootManagerLibNull/PlatformBootManagerLi > bNull.inf >MdeModulePkg/Library/BootLogoLib/BootLogoLib.inf > > MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf > + > MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull.inf >MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf >MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf >MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeDxe.inf > @@ -397,6 +399,7 @@ [Components] >MdeModulePkg/Application/VariableInfo/VariableInfo.inf >MdeModulePkg/Universal/FaultTolerantWritePei/FaultTolerantWritePei.inf >MdeModulePkg/Universal/Variable/Pei/VariablePei.inf > + MdeModulePkg/Universal/Variable/Protected/Pei/VariablePei.inf >MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf >MdeModulePkg/Universal/TimestampDxe/TimestampDxe.inf >MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf > @@ -461,6 +464,7 @@ [Components.IA32, Components.X64, > Components.ARM, Components.AARCH64] > !if $(TOOL_CHAIN_TAG) != "XCODE5" > > MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandalon > eMm.inf >MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf > + > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableStandalone > Mm.inf > !endif > > [Components.IA32, Components.X64] > @@ -475,13 +479,27 @@ [Components.IA32, Components.X64] >NULL|MdeModulePkg/Library/VarCheckHiiLib/VarCheckHiiLib.inf >NULL|MdeModulePkg/Library/VarCheckPcdLib/VarCheckPcdLib.inf >} > + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.inf { > + > + NULL|MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf > + NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf > + NULL|MdeModulePkg/Library/VarCheckHiiLib/VarCheckHiiLib.inf > + NULL|MdeModulePkg/Library/VarCheckPcdLib/VarCheckPcdLib.inf > + } >MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf { > >NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf >NULL|MdeModulePkg/Library/VarCheckHiiLib/VarCheckHiiLib.inf >NULL|MdeModulePkg/Library/VarCheckPcdLib/VarCheckPcdLib.inf >} > + > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntimeDxe > .inf { > + > + NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf > + NULL|MdeModulePkg/Library/VarCheckHiiLib/VarCheckHiiLib.inf > + NULL|MdeModulePkg/Library/VarCheckPcdLib/VarCheckPcdLib.inf > + } >MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf > + > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmRuntim > eDxe.inf > > MdeModulePkg/Library/SmmReportStatusCodeLib/SmmReportStatusCodeLib.in > f > > MdeModulePkg/Library/SmmReportStatusCodeLib/StandaloneMmReportStatus > CodeLib.inf > > MdeModulePkg/Universal
Re: [edk2-devel] [PATCH v5 06/19] MdeModulePkg: Add Null ProtectedVariable Library
Judah, Just some typos. See inline comments starting with "[JianJW]". With them addressed, Reviewed-by: Jian J Wang Regards, Jian > -Original Message- > From: Vang, Judah > Sent: Sunday, November 06, 2022 3:35 PM > To: devel@edk2.groups.io > Cc: Wang, Jian J ; Gao, Liming > ; Mistry, Nishant C > Subject: [PATCH v5 06/19] MdeModulePkg: Add Null ProtectedVariable Library > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 > > V4: Applied code review comments - removed APIs that are not being > used. > > V1: Add Null versions of the ProtectedVariable Library. > This will be the default libraries for platforms that > do not support ProtectedVariable. > > Cc: Jian J Wang > Cc: Liming Gao > Cc: Nishant C Mistry > Signed-off-by: Jian J Wang > Signed-off-by: Nishant C Mistry > Signed-off-by: Judah Vang > --- > MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull.inf > | 34 ++ > MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariable.c | > 336 > 2 files changed, 370 insertions(+) > > diff --git > a/MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull.in > f > b/MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull.in > f > new file mode 100644 > index ..6a17191c4e1e > --- /dev/null > +++ > b/MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull.in > f > @@ -0,0 +1,34 @@ > +## @file > +# Provides null version of protected variable services. > +# > +# Copyright (c) 2022, Intel Corporation. All rights reserved. > +# SPDX-License-Identifier: BSD-2-Clause-Patent > +# > +## > + > +[Defines] > + INF_VERSION= 0x00010029 > + BASE_NAME = ProtectedVariableLibNull > + FILE_GUID = 352C6A1B-403A-4E37-8517-FAA50BC45251 > + MODULE_TYPE= BASE > + VERSION_STRING = 0.1 > + LIBRARY_CLASS = ProtectedVariableLib > + > +# > +# The following information is for reference only and not required by the > build > tools. > +# > +# VALID_ARCHITECTURES = IA32 X64 > +# > + > +[Sources] > + ProtectedVariable.c > + > +[Packages] > + MdePkg/MdePkg.dec > + MdeModulePkg/MdeModulePkg.dec > + > +[LibraryClasses] > + BaseLib > + BaseMemoryLib > + DebugLib > + > diff --git > a/MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariable.c > b/MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariable.c > new file mode 100644 > index ..074559f84f52 > --- /dev/null > +++ b/MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariable.c > @@ -0,0 +1,336 @@ > +/** @file > + NULL version of ProtectedVariableLib used to disable protected variable > services. > + > +Copyright (c) 2022, Intel Corporation. All rights reserved. > +SPDX-License-Identifier: BSD-2-Clause-Patent > + > +**/ > + > +#include > +#include > + > +#include > +#include > +#include > + > +/** > + > + Initialization for protected varibale services. [JianJW] typo: " varibale" -> "variable" > + > + @param[in] ContextIn Pointer to variable service context needed by > + protected variable. > + > + @retval EFI_UNSUPPORTED Unsupported to process protected > variable. > + > +**/ > +EFI_STATUS > +EFIAPI > +ProtectedVariableLibInitialize ( > + IN PROTECTED_VARIABLE_CONTEXT_IN *ContextIn > + ) > +{ > + return EFI_UNSUPPORTED; > +} > + > +/** > + > + Prepare for variable update. > + > + @retval EFI_UNSUPPORTED Unsupported to process protected > variable. > + > +**/ > +EFI_STATUS > +EFIAPI > +ProtectedVariableLibWriteInit ( > + VOID > + ) > +{ > + return EFI_UNSUPPORTED; > +} > + > +/** > + > + Update a variable with protection provided by this library. > + > + @param[in,out] CurrVariableVariable to be updated. It's NULL if > + adding a new variable. > + @param[in] CurrVariableInDel In-delete-transiion copy of updating > variable. [JianJW] typo: " transiion" -> "transition" > + @param[in,out] NewVariable Buffer of new variable data. > + Buffer of "MetaDataHmacVar" and new > + variable (encrypted). > + @param[in,out] NewVariableSize Size of NewVariable. > + Size of (encrypted) NewVariable and > + "MetaDataHmacVar". > + > + @retval EFI_UNSUPPORTED Unsupported to process protected > variable. > + > +**/ > +EFI_STATUS > +EFIAPI > +ProtectedVariableLibUpdate ( > + IN OUT VARIABLE_HEADER *CurrVariable, > + IN VARIABLE_HEADER *CurrVariableInDel, > + IN OUT VARIABLE_HEADER *NewVariable, > + IN OUT UINTN*NewVariableSize > + ) > +{ > + return EFI_UNSUPPORTED; > +} > + > +/** > + > + Finalize a variable updating after it's written to NV variable storage > + successfully
Re: [edk2-devel] [PATCH v5 04/19] MdeModulePkg: Add new include files
Reviewed-by: Jian J Wang Regards, Jian > -Original Message- > From: Vang, Judah > Sent: Sunday, November 06, 2022 3:35 PM > To: devel@edk2.groups.io > Cc: Wang, Jian J ; Gao, Liming > ; Mistry, Nishant C > Subject: [PATCH v5 04/19] MdeModulePkg: Add new include files > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 > > V4: Updated with review comments for misspellings, mismatch > function prototype, missing function header comments, incorrect > function description. > > V1: Add EncryptionVariableLib.h for providing encryption and > decryption services for protected variables. > Add ProtectedVariableLib.h for providing integrity or > variables. > > Cc: Jian J Wang > Cc: Liming Gao > Cc: Nishant C Mistry > Signed-off-by: Jian J Wang > Signed-off-by: Nishant C Mistry > Signed-off-by: Judah Vang > --- > MdeModulePkg/Include/Library/EncryptionVariableLib.h | 165 ++ > MdeModulePkg/Include/Library/ProtectedVariableLib.h | 607 > > 2 files changed, 772 insertions(+) > > diff --git a/MdeModulePkg/Include/Library/EncryptionVariableLib.h > b/MdeModulePkg/Include/Library/EncryptionVariableLib.h > new file mode 100644 > index ..68981f5aad6a > --- /dev/null > +++ b/MdeModulePkg/Include/Library/EncryptionVariableLib.h > @@ -0,0 +1,165 @@ > +/** @file > + Provides services to encrypt/decrypt variables. > + > +Copyright (c) 2022, Intel Corporation. All rights reserved. > +SPDX-License-Identifier: BSD-2-Clause-Patent > + > +**/ > + > +#ifndef ENCRYPTION_VARIABLE_LIB_H_ > +#define ENCRYPTION_VARIABLE_LIB_H_ > + > +#include > + > +#include > + > +#include > + > +#define ENC_TYPE_NULL 0 > +#define ENC_TYPE_AES TPM_ALG_AES > + > +typedef struct _VARIABLE_ENCRYPTION_FLAGS { > + BOOLEANAuth;// Variable is authenticated or not > + BOOLEANDecryptInPlace; // Do decryption in place > + BOOLEANProtected; // Variable is protected or not > +} VARIABLE_ENCRYPTION_FLAGS; > + > +typedef struct _VARIABLE_ENCRYPTION_INFO { > + AUTH_VARIABLE_INFO Header;// Authenticated varabile > header > + VARIABLE_HEADER *Buffer; // Pointer to variable > buffer > + UINT64 StoreIndex;// Variable store index > + VOID *PlainData;// Pointer to plain data > + UINT32 PlainDataSize; // Size of plain data > + VOID *CipherData; // Pointer to cipher data > + UINT32 CipherDataSize;// Size of cipher data > + UINT32 CipherHeaderSize; // Size of cipher header > + UINT32 CipherDataType;// Type of cipher data > + VOID *Key; // Pointer to > encrypt/decrypt key > + UINT32 KeySize; // Size of key > + VARIABLE_ENCRYPTION_FLAGSFlags; // Encryption flags > +} VARIABLE_ENCRYPTION_INFO; > + > +/** > + Encrypt variable data. > + > + @param[in, out] VarInfo Pointer to structure containing detailed > information about a variable. > + > + @retval EFI_SUCCESS Function successfully executed. > + @retval EFI_INVALID_PARAMETER If ProtectedVarLibContextIn == NULL or > ProtectedVarLibContextOut == NULL. > + @retval EFI_OUT_OF_RESOURCES Fail to allocate enough resource. > + @retval EFI_UNSUPPORTED Unsupported to process encrypted > variable. > + > +**/ > +EFI_STATUS > +EFIAPI > +EncryptVariable ( > + IN OUT VARIABLE_ENCRYPTION_INFO *VarInfo > + ); > + > +/** > + Decrypt variable data. > + > + If VarEncInfo->CipherData is not NULL, it must holds the cipher data to be > + decrypted. Otherwise, assume the cipher data from variable data buffer, > i.e. > + VarEncInfo->Header.Data. > + > + If VarEncInfo->Flags.DecryptInPlace is TRUE, the decrypted data will be put > + back in the same buffer as cipher buffer got above, after encryption > header, > + which helps to identify later if the data in buffer is decrypted or not. > This > + can avoid repeat decryption when accessing the same variable more than > once. > + > + If VarEncInfo->Flags.DecryptInPlace is FALSE, VarEncInfo->PlainData must be > + passed in with a valid buffer with VarEncInfo->PlainDataSize set correctly > + with its size. > + > + Note the VarEncInfo->PlainData is always pointing to the buffer address > with > + decrypted data without encryption header, and VarEncInfo->PlainDataSize is > + always the size of original variable data, if this function returned > + successfully. > + > + @param[in, out] VarInfo Pointer to structure containing detailed > + information about a variable. > + > + @retval EFI_SUCCESS Variable was decrypted successfully. > + @retval EFI_INVALID_PARAMETER Variable information in VarEncInfo is > invalid. > + @retval EFI_BUFFER_TOO_SMALLVarEncI
Re: [edk2-devel] [PATCH] edk II C Coding Standard: Remove section 5.4.2.2 STATIC
[AMD Official Use Only - General] Hi Ray, >From the last week edk2 Bug triage meeting, my understanding from Mike was to >remove the entire 5.4.2.2 section and no need to add anything because we >already mention at the beginning in CCS to follow C dialect. @Kinney, Michael D and @Liming Gao, is that correct? Abner > -Original Message- > From: Ni, Ray > Sent: Tuesday, November 22, 2022 1:48 PM > To: devel@edk2.groups.io; Chang, Abner > Cc: Kinney, Michael D > Subject: RE: [edk2-devel] [PATCH] edk II C Coding Standard: Remove section > 5.4.2.2 STATIC > > Caution: This message originated from an External Source. Use proper > caution when opening attachments, clicking links, or responding. > > > Abner, > From what I read, the idea of BZ1766 is to add recommendations to use static > for local symbols. > > "Add recommendations to the EDK II C Coding Standards Specification to use > 'static' for all functions and global variables that are not referenced > outside > the current C file." > > Do you want to capture that in the EDKII C Coding Standard? > > Thanks, > Ray > > > -Original Message- > > From: devel@edk2.groups.io On Behalf Of Chang, > > Abner via groups.io > > Sent: Tuesday, November 22, 2022 12:47 PM > > To: devel@edk2.groups.io > > Cc: Ni, Ray ; Kinney, Michael D > > > > Subject: [edk2-devel] [PATCH] edk II C Coding Standard: Remove section > > 5.4.2.2 STATIC > > > > From: Abner Chang > > > > BZ #1766 > > > > Remove the entire 5.4.2.2 section. > > We are not allowed to use upper-case STATIC in the source file now. > > Just follow C standard and use the lower-case 'static'. > > > > Leave the macro "#deifne STATIC static" there without removing it to > > keep the backward compatable. > > > > Signed-off-by: Abner Chang > > Cc: Ray Ni > > Cc: Michael D Kinney > > --- > > 5_source_files/54_code_file_structure.md | 16 > > 1 file changed, 16 deletions(-) > > > > diff --git a/5_source_files/54_code_file_structure.md > > b/5_source_files/54_code_file_structure.md > > index 0c4d6a2..9acc620 100644 > > --- a/5_source_files/54_code_file_structure.md > > +++ b/5_source_files/54_code_file_structure.md > > @@ -267,19 +267,3 @@ specified in Section 5.4.1.3 "Compile-Time Names". > > Thus, while it might be legal C, do **not** declare external > > variables anywhere other than at the top level of a file as specified > > by this document. > > > > - 5.4.2.2 Static > > - > > -An object declared `STATIC` has either file or block scope. > > - > > -# 5.4.2.2.1 Do not reuse an object or function identifier with > > static storage duration. > > - > > -Throughout the set of source files defined within a single .inf file, > > do not -reuse an identifier with static storage duration. The compiler > > may not be -confused by this, but the user may confuse unrelated > > variables with the same -name. > > - > > -# 5.4.2.2.2 Functions should not be declared STATIC. > > - > > -Some source-level debuggers are unable to resolve static functions. > > Until it -can be verified that no one is dependent upon a debugger > > with this limitation, -it is strongly recommended that functions not > > be declared static. > > -- > > 2.37.1.windows.1 > > > > > > > > > > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#96532): https://edk2.groups.io/g/devel/message/96532 Mute This Topic: https://groups.io/mt/95190239/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=- <>
Re: [edk2-devel] [PATCH] edk II C Coding Standard: Remove section 5.4.2.2 STATIC
Abner, >From what I read, the idea of BZ1766 is to add recommendations to use static >for local symbols. "Add recommendations to the EDK II C Coding Standards Specification to use 'static' for all functions and global variables that are not referenced outside the current C file." Do you want to capture that in the EDKII C Coding Standard? Thanks, Ray > -Original Message- > From: devel@edk2.groups.io On Behalf Of Chang, > Abner via groups.io > Sent: Tuesday, November 22, 2022 12:47 PM > To: devel@edk2.groups.io > Cc: Ni, Ray ; Kinney, Michael D > > Subject: [edk2-devel] [PATCH] edk II C Coding Standard: Remove section > 5.4.2.2 STATIC > > From: Abner Chang > > BZ #1766 > > Remove the entire 5.4.2.2 section. > We are not allowed to use upper-case STATIC in the source file now. > Just follow C standard and use the lower-case 'static'. > > Leave the macro "#deifne STATIC static" there without removing > it to keep the backward compatable. > > Signed-off-by: Abner Chang > Cc: Ray Ni > Cc: Michael D Kinney > --- > 5_source_files/54_code_file_structure.md | 16 > 1 file changed, 16 deletions(-) > > diff --git a/5_source_files/54_code_file_structure.md > b/5_source_files/54_code_file_structure.md > index 0c4d6a2..9acc620 100644 > --- a/5_source_files/54_code_file_structure.md > +++ b/5_source_files/54_code_file_structure.md > @@ -267,19 +267,3 @@ specified in Section 5.4.1.3 "Compile-Time Names". > Thus, while it might be legal C, do **not** declare external variables > anywhere > other than at the top level of a file as specified by this document. > > - 5.4.2.2 Static > - > -An object declared `STATIC` has either file or block scope. > - > -# 5.4.2.2.1 Do not reuse an object or function identifier with static > storage duration. > - > -Throughout the set of source files defined within a single .inf file, do not > -reuse an identifier with static storage duration. The compiler may not be > -confused by this, but the user may confuse unrelated variables with the > same > -name. > - > -# 5.4.2.2.2 Functions should not be declared STATIC. > - > -Some source-level debuggers are unable to resolve static functions. Until it > -can be verified that no one is dependent upon a debugger with this > limitation, > -it is strongly recommended that functions not be declared static. > -- > 2.37.1.windows.1 > > > > > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#96531): https://edk2.groups.io/g/devel/message/96531 Mute This Topic: https://groups.io/mt/95190239/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH] edk II C Coding Standard: Remove section 5.4.2.2 STATIC
From: Abner Chang BZ #1766 Remove the entire 5.4.2.2 section. We are not allowed to use upper-case STATIC in the source file now. Just follow C standard and use the lower-case 'static'. Leave the macro "#deifne STATIC static" there without removing it to keep the backward compatable. Signed-off-by: Abner Chang Cc: Ray Ni Cc: Michael D Kinney --- 5_source_files/54_code_file_structure.md | 16 1 file changed, 16 deletions(-) diff --git a/5_source_files/54_code_file_structure.md b/5_source_files/54_code_file_structure.md index 0c4d6a2..9acc620 100644 --- a/5_source_files/54_code_file_structure.md +++ b/5_source_files/54_code_file_structure.md @@ -267,19 +267,3 @@ specified in Section 5.4.1.3 "Compile-Time Names". Thus, while it might be legal C, do **not** declare external variables anywhere other than at the top level of a file as specified by this document. - 5.4.2.2 Static - -An object declared `STATIC` has either file or block scope. - -# 5.4.2.2.1 Do not reuse an object or function identifier with static storage duration. - -Throughout the set of source files defined within a single .inf file, do not -reuse an identifier with static storage duration. The compiler may not be -confused by this, but the user may confuse unrelated variables with the same -name. - -# 5.4.2.2.2 Functions should not be declared STATIC. - -Some source-level debuggers are unable to resolve static functions. Until it -can be verified that no one is dependent upon a debugger with this limitation, -it is strongly recommended that functions not be declared static. -- 2.37.1.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#96530): https://edk2.groups.io/g/devel/message/96530 Mute This Topic: https://groups.io/mt/95190239/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [edk2-platforms: PATCH] BIOS needs to present cores in order of relative performance in MADT
Pedro. Thanks for the comments. I agree that detailed commit message helps to explain that this MADT order change is to help some legacy APPs that assume the high performance cores are before low performance ones in MADT and use OS APIs to explicitly request running on certain target cpu cores to get higher APP performance. Thanks, Ray From: devel@edk2.groups.io On Behalf Of Pedro Falcato Sent: Saturday, November 19, 2022 3:11 AM To: Lin, JackX Cc: devel@edk2.groups.io; Chiu, Chasel ; Desimone, Nathaniel L ; Oram, Isaac W ; Gao, Liming ; Dong, Eric ; Kuo, Donald ; Kumar, Chandana C Subject: Re: [edk2-devel] [edk2-platforms: PATCH] BIOS needs to present cores in order of relative performance in MADT On Fri, Nov 18, 2022 at 8:35 AM Lin, JackX mailto:jackx@intel.com>> wrote: Hi Pedro, Yes, it is for some specific test tools. There are different performance between CPU cores, and the big cores are better than small cores. Some legacy tools are executing with the highest performance CPU cores, In early CPU design, it is usually the first one. We have to put them at the front of all CPU cores, otherwise some tests cannot pass. Due to avoid this happened, we need to ensure CPU cores are ordered by big core first. Thank you for the thorough description. Could you please (or whoever is pushing this) add this to the commit message? I've been following the evolution of this specific file over the last few months with mild interest and getting things properly documented should be pretty important! Might help avoid any future breakage too :D Thanks, Pedro -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#96529): https://edk2.groups.io/g/devel/message/96529 Mute This Topic: https://groups.io/mt/95059445/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] Event: TianoCore Bug Triage - APAC / NAMO - Tuesday, November 22, 2022 #cal-reminder
*Reminder: TianoCore Bug Triage - APAC / NAMO* *When:* Tuesday, November 22, 2022 6:30pm to 7:30pm (UTC-08:00) America/Los Angeles *Where:* https://teams.microsoft.com/l/meetup-join/19%3ameeting_OTk1YzJhN2UtOGQwNi00NjY4LWEwMTktY2JiODRlYTY1NmY0%40thread.v2/0?context=%7b%22Tid%22%3a%2246c98d88-e344-4ed4-8496-4ed7712e255d%22%2c%22Oid%22%3a%226e4ce4c4-1242-431b-9a51-92cd01a5df3c%22%7d *Organizer:* Liming Gao gaolim...@byosoft.com.cn ( gaolim...@byosoft.com.cn?subject=Re:%20Event:%20TianoCore%20Bug%20Triage%20-%20APAC%20%2F%20NAMO ) View Event ( https://edk2.groups.io/g/devel/viewevent?eventid=1268290 ) *Description:* TianoCore Bug Triage - APAC / NAMO Hosted by Liming Gao Microsoft Teams meeting *Join on your computer or mobile app* Click here to join the meeting ( https://teams.microsoft.com/l/meetup-join/19%3ameeting_OTk1YzJhN2UtOGQwNi00NjY4LWEwMTktY2JiODRlYTY1NmY0%40thread.v2/0?context=%7b%22Tid%22%3a%2246c98d88-e344-4ed4-8496-4ed7712e255d%22%2c%22Oid%22%3a%226e4ce4c4-1242-431b-9a51-92cd01a5df3c%22%7d ) *Join with a video conferencing device* te...@conf.intel.com Video Conference ID: 116 062 094 0 Alternate VTC dialing instructions ( https://conf.intel.com/teams/?conf=1160620940&ivr=teams&d=conf.intel.com&test=test_call ) *Or call in (audio only)* +1 916-245-6934,,77463821# ( tel:+19162456934,,77463821# ) United States, Sacramento Phone Conference ID: 774 638 21# Find a local number ( https://dialin.teams.microsoft.com/d195d438-2daa-420e-b9ea-da26f9d1d6d5?id=77463821 ) | Reset PIN ( https://mysettings.lync.com/pstnconferencing ) Learn More ( https://aka.ms/JoinTeamsMeeting ) | Meeting options ( https://teams.microsoft.com/meetingOptions/?organizerId=b286b53a-1218-4db3-bfc9-3d4c5aa7669e&tenantId=46c98d88-e344-4ed4-8496-4ed7712e255d&threadId=19_meeting_OTUyZTg2NjgtNDhlNS00ODVlLTllYTUtYzg1OTNjNjdiZjFh@thread.v2&messageId=0&language=en-US ) -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#96528): https://edk2.groups.io/g/devel/message/96528 Mute This Topic: https://groups.io/mt/95188154/21656 Mute #cal-reminder:https://edk2.groups.io/g/devel/mutehashtag/cal-reminder Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] Now: Tools, CI, Code base construction meeting series - Monday, November 21, 2022 #cal-notice
*Tools, CI, Code base construction meeting series* *When:* Monday, November 21, 2022 4:30pm to 5:30pm (UTC-08:00) America/Los Angeles *Where:* https://github.com/tianocore/edk2/discussions/2614 View Event ( https://edk2.groups.io/g/devel/viewevent?eventid=1623295 ) *Description:* TianoCore community, Microsoft and Intel will be hosting a series of open meetings to discuss build, CI, tools, and other related topics. If you are interested, have ideas/opinions please join us. These meetings will be Monday 4:30pm Pacific Time on Microsoft Teams. MS Teams Link in following discussion: * https://github.com/tianocore/edk2/discussions/2614 Anyone is welcome to join. * tianocore/edk2: EDK II (github.com) * tianocore/edk2-basetools: EDK II BaseTools Python tools as a PIP module (github.com) https://github.com/tianocore/edk2-basetools * tianocore/edk2-pytool-extensions: Extensions to the edk2 build system allowing for a more robust and plugin based build system and tool execution environment (github.com) https://github.com/tianocore/edk2-pytool-extensions * tianocore/edk2-pytool-library: Python library package that supports UEFI development (github.com) https://github.com/tianocore/edk2-pytool-library MS Teams Browser Clients * https://docs.microsoft.com/en-us/microsoftteams/get-clients?tabs=Windows#browser-client -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#96527): https://edk2.groups.io/g/devel/message/96527 Mute This Topic: https://groups.io/mt/95185795/21656 Mute #cal-notice:https://edk2.groups.io/g/devel/mutehashtag/cal-notice Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] Event: Tools, CI, Code base construction meeting series - Monday, November 21, 2022 #cal-reminder
*Reminder: Tools, CI, Code base construction meeting series* *When:* Monday, November 21, 2022 4:30pm to 5:30pm (UTC-08:00) America/Los Angeles *Where:* https://github.com/tianocore/edk2/discussions/2614 View Event ( https://edk2.groups.io/g/devel/viewevent?eventid=1623295 ) *Description:* TianoCore community, Microsoft and Intel will be hosting a series of open meetings to discuss build, CI, tools, and other related topics. If you are interested, have ideas/opinions please join us. These meetings will be Monday 4:30pm Pacific Time on Microsoft Teams. MS Teams Link in following discussion: * https://github.com/tianocore/edk2/discussions/2614 Anyone is welcome to join. * tianocore/edk2: EDK II (github.com) * tianocore/edk2-basetools: EDK II BaseTools Python tools as a PIP module (github.com) https://github.com/tianocore/edk2-basetools * tianocore/edk2-pytool-extensions: Extensions to the edk2 build system allowing for a more robust and plugin based build system and tool execution environment (github.com) https://github.com/tianocore/edk2-pytool-extensions * tianocore/edk2-pytool-library: Python library package that supports UEFI development (github.com) https://github.com/tianocore/edk2-pytool-library MS Teams Browser Clients * https://docs.microsoft.com/en-us/microsoftteams/get-clients?tabs=Windows#browser-client -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#96526): https://edk2.groups.io/g/devel/message/96526 Mute This Topic: https://groups.io/mt/95163327/21656 Mute #cal-reminder:https://edk2.groups.io/g/devel/mutehashtag/cal-reminder Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH] Silicon/Intel/FitGen:FitGen Supporting MultiFIT 2 rc
Reviewed-by: Bob Feng -Original Message- From: Kumar, Rahul R Sent: Wednesday, November 16, 2022 9:58 AM To: devel@edk2.groups.io; Feng, Bob C ; Gao, Liming ; Chen, Christine ; Oram, Isaac W ; Chaganty, Rangasai V ; West, Catharine Cc: Kumar, Rahul R Subject: [PATCH] Silicon/Intel/FitGen:FitGen Supporting MultiFIT 2 rc REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4155 With new implementation, FITGEN will populate info needed for the PROT assisted BootGuard solution and TXT on servers using FIT 4 Entry. FitGen based on the CPU FMS FITGEN will decide to call one of the two Type 2 FIT entry. Signed-off-by: Rahul R Kumar --- Silicon/Intel/Tools/FitGen/FitGen.c | 1186 --- Silicon/Intel/Tools/FitGen/FitGen.h |7 +- 2 files changed, 722 insertions(+), 471 deletions(-) diff --git a/Silicon/Intel/Tools/FitGen/FitGen.c b/Silicon/Intel/Tools/FitGen/FitGen.c index 87123f9922..4ba07945a6 100644 --- a/Silicon/Intel/Tools/FitGen/FitGen.c +++ b/Silicon/Intel/Tools/FitGen/FitGen.c @@ -44,11 +44,18 @@ typedef struct { #define BIOS_MODULE_ALIGNMENT 0x3F // 64 bytes for AnC #define MICROCODE_ALIGNMENT0x7FF +#define MICROCODE_EXTERNAL_HEADER_SIZE 0x30 + #define ACM_PKCS_1_5_RSA_SIGNATURE_SHA256_SIZE 256 #define ACM_PKCS_1_5_RSA_SIGNATURE_SHA384_SIZE 384 -#define ACM_HEADER_VERSION_3 (3 << 16) -#define ACM_HEADER_VERSION_0 (0) +#define ACM_XMSS_PUBLIC_KEY_SIZE64 +#define ACM_XMSS_SIGNATURE_SIZE 2692 + +#define ACM_HEADER_VERSION_50x50004 +#define ACM_HEADER_VERSION_4(4 << 16) +#define ACM_HEADER_VERSION_3(3 << 16) +#define ACM_HEADER_VERSION_0(0) #define ACM_MODULE_TYPE_CHIPSET_ACM 2 #define ACM_MODULE_SUBTYPE_CAPABLE_OF_EXECUTE_AT_RESET 0x1 #define ACM_MODULE_SUBTYPE_ANC_MODULE 0x2 @@ -56,6 +63,37 @@ typedef struct { #define ACM_MODULE_FLAG_DEBUG_SIGN 0x8000 #define NIBBLES_TO_BYTE(A, B) (UINT8)(((A & (0x0F)) << 4) | (B & 0x0F)) +// +//Flash Map 0 Register (Flash Descriptor Records) +// +typedef struct { + UINT32 Fcba : 8; //Bits[7:0]: Flash Component Base Address + UINT32 Nc : 2; //Bits[9:8]: Number of Components + UINT32 Rsvd0: 1; //Bit10: Reserved + UINT32 Rsvd1: 1; //Bit11: Reserved + UINT32 Rsvd2: 1; //Bit12: Reserved + UINT32 Rsvd3: 3; //Bits[15:13]: Reserved + UINT32 Frba : 8; //Bits[23:16]: Flash Region Base Address + UINT32 Rsvd4: 3; //Bits[26:24]: Reserved + UINT32 Rsvd5: 5; //Bits[31:27]: Reserved +} FLASH_MAP_0_REGISTER; + +// +//Flash Region 1 (BIOS) Register (Flash Descriptor Records) +// +typedef struct { + UINT32 RegionBase : 15; //Bits[14:0]: Region base + UINT32 Rsvd : 1; //Bit15: Reserved + UINT32 RegionLimit: 15; //Bits[30:16]: Region limit + UINT32 Rsvd1 : 1; //Bit31: Reserved +} FLASH_REGION_1_BIOS_REGISTER; + +#define FLASH_VALID_SIGNATURE 0x0FF0A55A //Flash Valid Signature (Flash Descriptor Records) +#define FLVALSIG_BASE_OFFSET0x10 //Flash Valid Signature Base Offset +#define FLMAP0_BASE_OFFSET 0x14 //Flash Map 0 Register Base Offset + +#define ACMFV_GUID \ + { 0x8a4b197f, 0x1113, 0x43d0, { 0xa2, 0x3f, 0x26, 0xf3, 0x69, 0xb2, 0xb8, 0x41 }} typedef struct { UINT16 ModuleType; @@ -98,6 +136,8 @@ typedef struct { #define CHIPSET_ACM_TYPE_BIOS 0 #define CHIPSET_ACM_TYPE_SINIT 1 +#define DEFAULT_ACM_EXTENDED_MASK 0x00FF + typedef struct { UINT32Guid0; UINT32Guid1; @@ -238,6 +278,7 @@ typedef struct { #define FIT_TABLE_TYPE_MICROCODE 1 #define FIT_TABLE_TYPE_STARTUP_ACM 2 #define FIT_TABLE_TYPE_DIAGNST_ACM 3 +#define FIT_TABLE_TYPE_PROT_BOOT_POLICY4 #define FIT_TABLE_TYPE_BIOS_MODULE 7 #define FIT_TABLE_TYPE_TPM_POLICY 8 #define FIT_TABLE_TYPE_BIOS_POLICY 9 @@ -252,7 +293,6 @@ typedef struct { #define FIT_TABLE_TYPE_VAB_BOOT_IMAGE_MANIFEST 27 #define FIT_TABLE_TYPE_VAB_BOOT_KEY_MANIFEST 28 - // // With OptionalModule Address isn't known until free space has been // identified and the optional module has been copied into the FLASH @@ -284,9 +324,10 @@ typedef struct { UINT32 GlobalVersion; UINT32 FitHeaderVersion; FIT_TABLE_CONTEXT_ENTRYStartupAcm[MAX_STARTUP_ACM_ENTRY]; - UINT32 StartupAcmVersion[MAX_STARTUP_ACM_ENTRY]; + UINT32 StartupAcmFvSize; FIT_TABLE_CONTEXT_ENTRYDiagnstAcm; UINT32 DiagnstAcmVersion; + F
Re: [edk2-devel] EmulatorPkg: fixes for NetBSD compilation
On Mon, Nov 21, 2022 at 9:21 PM wrote: > diff --git a/EmulatorPkg/Unix/Host/BlockIo.c > b/EmulatorPkg/Unix/Host/BlockIo.c > index cf2d6b4cda..c0c694be55 100644 > --- a/EmulatorPkg/Unix/Host/BlockIo.c > +++ b/EmulatorPkg/Unix/Host/BlockIo.c > @@ -133,6 +133,20 @@ EmuBlockIoOpenDevice ( > >ioctl (Private->fd, DKIOCGETMAXBLOCKCOUNTWRITE, > &Private->Media->OptimalTransferLengthGranularity); > } > + #elif _NETBSD_SOURCE > +{ > + u_int BlockSize; > Hi, Again, thanks for the patches. Please send them in the way I kind of described in my other reply. s/u_int/UINT/ + off_t DiskSize; > I think this off_t is fine, per the other off_t usages, I don't know if the maintainers agree. > + > + if (ioctl (Private->fd, DIOCGSECTORSIZE, &BlockSize) == 0) { > +Private->Media->BlockSize = BlockSize; > + } > + > + if (ioctl (Private->fd, DIOCGMEDIASIZE, &DiskSize) == 0) { > +Private->NumberOfBlocks = DivU64x32 (DiskSize, > (UINT32)BlockSize); > +Private->Media->LastBlock = Private->NumberOfBlocks - 1; > + } > +} > #else > { >size_t BlockSize; > > diff --git a/EmulatorPkg/Unix/Host/Host.c b/EmulatorPkg/Unix/Host/Host.c > index 38c01c84af..c505300129 100644 > --- a/EmulatorPkg/Unix/Host/Host.c > +++ b/EmulatorPkg/Unix/Host/Host.c > @@ -12,6 +12,12 @@ SPDX-License-Identifier: BSD-2-Clause-Patent > #define MAP_ANONYMOUS MAP_ANON > #endif > > +#ifdef _NETBSD_SOURCE > +#define MAP_ANON_FD_ (-1) > +#else > +#define MAP_ANON_FD_ (0) > +#endif > Would there be a harm if we just passed -1 everywhere? It's a bit odd NetBSD explicitly requires this, but AFAIK implementations either EINVAL on fd != -1 or take whatever since it's anon. The main implementations (Linux, FreeBSD, NetBSD, OpenBSD, macOS) seem to agree that passing -1 should be safe everywhere (in fact, it's pretty funny that all BSD-derived implementations agree with the fd = -1 thing, but I digress). The rest of the patch looks mostly ok to me, but then again, I'm not a maintainer for this. Thanks, Pedro -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#96524): https://edk2.groups.io/g/devel/message/96524 Mute This Topic: https://groups.io/mt/95182515/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] edksetup.sh: fix for non POSIX whereis(1)
On Mon, Nov 21, 2022 at 9:21 PM wrote: > diff --git a/edksetup.sh b/edksetup.sh > index 06d2f041e6..46b295c430 100755 > --- a/edksetup.sh > +++ b/edksetup.sh > @@ -105,6 +105,19 @@ function SetupEnv() >fi > } > > +# whereis(1) is not a POSIX utility and, for example, its implementation > +# in NetBSD is different form the Linux one. > +# > +function whereis() > +{ > + ( > +IFS=: > +for dir in $PATH; do > + eval ls $dir/${1}* 2>/dev/null || true > +done > + ) > +} > Hi Thierry, First of all, thanks for the patch! I had noticed this problem when running edksetup.sh on a POSIX but not quite Linux system before. I kind of dislike your solution. Does NetBSD ship /bin/which by default? I think replacing whereis with "which -a" would be a lot better. I don't think there's a 100% standard way to do this in POSIX, as which isn't POSIX either, and your solution seems... hacky? Also, please send patches in the standard git format (git commit -s + git format-patch + git send-email with the proper CCs to the maintainers, see the proper guides for more details). Thanks, Pedro -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#96523): https://edk2.groups.io/g/devel/message/96523 Mute This Topic: https://groups.io/mt/95182516/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] EmulatorPkg: fixes for NetBSD compilation
diff --git a/EmulatorPkg/Unix/Host/BlockIo.c b/EmulatorPkg/Unix/Host/BlockIo.c index cf2d6b4cda..c0c694be55 100644 --- a/EmulatorPkg/Unix/Host/BlockIo.c +++ b/EmulatorPkg/Unix/Host/BlockIo.c @@ -133,6 +133,20 @@ EmuBlockIoOpenDevice ( ioctl (Private->fd, DKIOCGETMAXBLOCKCOUNTWRITE, &Private->Media->OptimalTransferLengthGranularity); } + #elif _NETBSD_SOURCE +{ + u_int BlockSize; + off_t DiskSize; + + if (ioctl (Private->fd, DIOCGSECTORSIZE, &BlockSize) == 0) { +Private->Media->BlockSize = BlockSize; + } + + if (ioctl (Private->fd, DIOCGMEDIASIZE, &DiskSize) == 0) { +Private->NumberOfBlocks = DivU64x32 (DiskSize, (UINT32)BlockSize); +Private->Media->LastBlock = Private->NumberOfBlocks - 1; + } +} #else { size_t BlockSize; @@ -154,7 +168,7 @@ EmuBlockIoOpenDevice ( Private->Media->LastBlock = Private->NumberOfBlocks - 1; if (fstatfs (Private->fd, &buf) == 0) { - #if __APPLE__ + #if __APPLE__ || _NETBSD_SOURCE Private->Media->OptimalTransferLengthGranularity = buf.f_iosize/buf.f_bsize; #else Private->Media->OptimalTransferLengthGranularity = buf.f_bsize/buf.f_bsize; diff --git a/EmulatorPkg/Unix/Host/Host.c b/EmulatorPkg/Unix/Host/Host.c index 38c01c84af..c505300129 100644 --- a/EmulatorPkg/Unix/Host/Host.c +++ b/EmulatorPkg/Unix/Host/Host.c @@ -12,6 +12,12 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #define MAP_ANONYMOUS MAP_ANON #endif +#ifdef _NETBSD_SOURCE +#define MAP_ANON_FD_ (-1) +#else +#define MAP_ANON_FD_ (0) +#endif + // // Globals // @@ -187,7 +193,7 @@ main ( // InitialStackMemorySize = STACK_SIZE; InitialStackMemory = (UINTN)MapMemory ( -0, +MAP_ANON_FD_, (UINT32)InitialStackMemorySize, PROT_READ | PROT_WRITE | PROT_EXEC, MAP_ANONYMOUS | MAP_PRIVATE @@ -348,6 +354,7 @@ MapMemory ( while ((!isAligned) && (base != 0)) { res = mmap ((void *)base, length, prot, flags, fd, 0); if (res == MAP_FAILED) { + perror("MapMemory"); return NULL; } @@ -640,7 +647,7 @@ SecUnixPeiAutoScan ( *MemoryBase = 0; res = MapMemory ( - 0, + MAP_ANON_FD_, gSystemMemory[Index].Size, PROT_READ | PROT_WRITE | PROT_EXEC, MAP_PRIVATE | MAP_ANONYMOUS diff --git a/EmulatorPkg/Unix/Host/Host.h b/EmulatorPkg/Unix/Host/Host.h index 0c81cdfc01..0de925adaf 100644 --- a/EmulatorPkg/Unix/Host/Host.h +++ b/EmulatorPkg/Unix/Host/Host.h @@ -31,6 +31,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #if __CYGWIN__ #include +#elif _NETBSD_SOURCE + #include #else #include #endif @@ -55,7 +57,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include -#ifdef __APPLE__ +#if defined(__APPLE__) #include #include #include @@ -65,6 +67,9 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #ifndef _Bool #define _Bool char // for clang debug #endif +#elif defined(_NETBSD_SOURCE) + #define statfs statvfs + #define fstatfs fstatvfs #else #include #include signed-off-by: Thierry LARONDE -- Thierry Laronde http://www.kergis.com/ http://kertex.kergis.com/ Key fingerprint = 0FF7 E906 FBAF FE95 FD89 250D 52B1 AE95 6006 F40C -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#96521): https://edk2.groups.io/g/devel/message/96521 Mute This Topic: https://groups.io/mt/95182515/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 1/1] StandaloneMmPkg: Add StandaloneMmIplPei driver.
Add StandaloneMmIplPei IA32/X64 driver at PEI stage. FSP will use this driver to load Standalone MM code to dispatch other Standalone MM drivers. Signed-off-by: Hongbin1 Zhang Cc: Jiewen Yao Cc: Ray Ni Cc: Star Zeng Cc: Jiaxin Wu Cc: Sami Mujawar Cc: Ard Biesheuvel Cc: Supreeth Venkatesh --- StandaloneMmPkg/Drivers/StandaloneMmIplPei/Ia32/LoadSmmCore.c | 442 +++ StandaloneMmPkg/Drivers/StandaloneMmIplPei/StandaloneMmIplPei.c | 787 StandaloneMmPkg/Drivers/StandaloneMmIplPei/X64/LoadSmmCore.c | 32 + StandaloneMmPkg/Drivers/StandaloneMmIplPei/Ia32/Thunk32To64.nasm | 148 StandaloneMmPkg/Drivers/StandaloneMmIplPei/StandaloneMmIplPei.h | 66 ++ StandaloneMmPkg/Drivers/StandaloneMmIplPei/StandaloneMmIplPei.inf | 75 ++ StandaloneMmPkg/StandaloneMmPkg.ci.yaml | 4 +- StandaloneMmPkg/StandaloneMmPkg.dsc | 15 +- 8 files changed, 1566 insertions(+), 3 deletions(-) diff --git a/StandaloneMmPkg/Drivers/StandaloneMmIplPei/Ia32/LoadSmmCore.c b/StandaloneMmPkg/Drivers/StandaloneMmIplPei/Ia32/LoadSmmCore.c new file mode 100644 index ..0dfb574bd228 --- /dev/null +++ b/StandaloneMmPkg/Drivers/StandaloneMmIplPei/Ia32/LoadSmmCore.c @@ -0,0 +1,442 @@ +/** @file + SMM IPL that load the SMM Core into SMRAM + + Copyright (c) 2022, Intel Corporation. All rights reserved. + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include +#include +#include +#include +#include +#include +#include + +#pragma pack(1) + +// +// Page-Map Level-4 Offset (PML4) and +// Page-Directory-Pointer Offset (PDPE) entries 4K & 2MB +// + +typedef union { + struct { +UINT64Present : 1; // 0 = Not present in memory, 1 = Present in memory +UINT64ReadWrite: 1; // 0 = Read-Only, 1= Read/Write +UINT64UserSupervisor : 1; // 0 = Supervisor, 1=User +UINT64WriteThrough : 1; // 0 = Write-Back caching, 1=Write-Through caching +UINT64CacheDisabled: 1; // 0 = Cached, 1=Non-Cached +UINT64Accessed : 1; // 0 = Not accessed, 1 = Accessed (set by CPU) +UINT64Reserved : 1; // Reserved +UINT64MustBeZero : 2; // Must Be Zero +UINT64Available: 3; // Available for use by system software +UINT64PageTableBaseAddress : 40; // Page Table Base Address +UINT64AvailableHigh: 11; // Available for use by system software +UINT64Nx : 1; // No Execute bit + } Bits; + UINT64Uint64; +} PAGE_MAP_AND_DIRECTORY_POINTER; + +// +// Page Table Entry 2MB +// +typedef union { + struct { +UINT64Present : 1; // 0 = Not present in memory, 1 = Present in memory +UINT64ReadWrite: 1; // 0 = Read-Only, 1= Read/Write +UINT64UserSupervisor : 1; // 0 = Supervisor, 1=User +UINT64WriteThrough : 1; // 0 = Write-Back caching, 1=Write-Through caching +UINT64CacheDisabled: 1; // 0 = Cached, 1=Non-Cached +UINT64Accessed : 1; // 0 = Not accessed, 1 = Accessed (set by CPU) +UINT64Dirty: 1; // 0 = Not Dirty, 1 = written by processor on access to page +UINT64MustBe1 : 1; // Must be 1 +UINT64Global : 1; // 0 = Not global page, 1 = global page TLB not cleared on CR3 write +UINT64Available: 3; // Available for use by system software +UINT64Pat : 1; // +UINT64MustBeZero : 8; // Must be zero +UINT64PageTableBaseAddress : 31; // Page Table Base Address +UINT64AvailableHigh: 11; // Available for use by system software +UINT64Nx : 1; // 0 = Execute Code, 1 = No Code Execution + } Bits; + UINT64Uint64; +} PAGE_TABLE_ENTRY; + +// +// Page Table Entry 1GB +// +typedef union { + struct { +UINT64Present : 1; // 0 = Not present in memory, 1 = Present in memory +UINT64ReadWrite: 1; // 0 = Read-Only, 1= Read/Write +UINT64UserSupervisor : 1; // 0 = Supervisor, 1=User +UINT64WriteThrough : 1; // 0 = Write-Back caching, 1=Write-Through caching +UINT64CacheDisabled: 1; // 0 = Cached, 1=Non-Cached +UINT64Accessed : 1; // 0 = Not accessed, 1 = Accessed (set by CPU) +UINT64Dirty: 1; // 0 = Not Dirty, 1 = written by processor on access to page +UINT64MustBe1 : 1; // Must be 1 +UINT64Global : 1; // 0 = Not global page, 1 = global page TLB not cleared on CR3 write +UINT64Available: 3; // Available for use by system software +UINT64Pat : 1; // +UINT64MustBeZero
[edk2-devel] edksetup.sh: fix for non POSIX whereis(1)
diff --git a/edksetup.sh b/edksetup.sh index 06d2f041e6..46b295c430 100755 --- a/edksetup.sh +++ b/edksetup.sh @@ -105,6 +105,19 @@ function SetupEnv() fi } +# whereis(1) is not a POSIX utility and, for example, its implementation +# in NetBSD is different form the Linux one. +# +function whereis() +{ + ( +IFS=: +for dir in $PATH; do + eval ls $dir/${1}* 2>/dev/null || true +done + ) +} + function SetupPython3() { if [ $origin_version ];then signed-off-by: Thierry LARONDE -- Thierry Laronde http://www.kergis.com/ http://kertex.kergis.com/ Key fingerprint = 0FF7 E906 FBAF FE95 FD89 250D 52B1 AE95 6006 F40C -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#96522): https://edk2.groups.io/g/devel/message/96522 Mute This Topic: https://groups.io/mt/95182516/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [AddResetEnd v1] ShellPkg/DpDynamicCommand: Add ResetEnd support in DP command
From: zhenhuay DP command should be able to parse the FPDT ACPI table and dump the ResetEnd which was logged at the beginning of the firmware image execution. So that DP can calculate SEC phase time duration start from the beginning of firmware image execution. Cc: Ray Ni Cc: Zhichao Gao Cc: Star Zeng Signed-off-by: zhenhuay --- ShellPkg/DynamicCommand/DpDynamicCommand/Dp.c | 14 ++ ShellPkg/DynamicCommand/DpDynamicCommand/DpTrace.c| 9 + ShellPkg/DynamicCommand/DpDynamicCommand/Dp.uni | 1 + ShellPkg/DynamicCommand/DpDynamicCommand/DpInternal.h | 1 + 4 files changed, 25 insertions(+) diff --git a/ShellPkg/DynamicCommand/DpDynamicCommand/Dp.c b/ShellPkg/DynamicCommand/DpDynamicCommand/Dp.c index 1799ab176a..512a146da6 100644 --- a/ShellPkg/DynamicCommand/DpDynamicCommand/Dp.c +++ b/ShellPkg/DynamicCommand/DpDynamicCommand/Dp.c @@ -57,6 +57,7 @@ UINT8*mBootPerformanceTable; UINTNmBootPerformanceTableSize; BOOLEAN mPeiPhase = FALSE; BOOLEAN mDxePhase = FALSE; +UINT64 mResetEnd = 0; PERF_SUMMARY_DATA SummaryData = { 0 }; ///< Create the SummaryData structure and init. to ZERO. MEASUREMENT_RECORD *mMeasurementList = NULL; @@ -542,6 +543,8 @@ BuildMeasurementList ( { EFI_ACPI_5_0_FPDT_PERFORMANCE_RECORD_HEADER *RecordHeader; UINT8*PerformanceTablePtr; + UINT8*BasicBootTablePtr; + UINT64 ResetEnd; UINT16 StartProgressId; UINTNTableLength; UINT8*StartRecordEvent; @@ -552,6 +555,17 @@ BuildMeasurementList ( return EFI_OUT_OF_RESOURCES; } + // + // Update the ResetEnd which was logged at the beginning of firmware image execution + // + TableLength = sizeof (EFI_ACPI_5_0_FPDT_PERFORMANCE_TABLE_HEADER); + BasicBootTablePtr = (mBootPerformanceTable + TableLength); + ResetEnd = ((EFI_ACPI_5_0_FPDT_FIRMWARE_BASIC_BOOT_RECORD *)BasicBootTablePtr)->ResetEnd; + + if (ResetEnd > 0) { +mResetEnd = ResetEnd; + } + TableLength = sizeof (BOOT_PERFORMANCE_TABLE); PerformanceTablePtr = (mBootPerformanceTable + TableLength); diff --git a/ShellPkg/DynamicCommand/DpDynamicCommand/DpTrace.c b/ShellPkg/DynamicCommand/DpDynamicCommand/DpTrace.c index 0abb8797ec..9c0a9a06a1 100644 --- a/ShellPkg/DynamicCommand/DpDynamicCommand/DpTrace.c +++ b/ShellPkg/DynamicCommand/DpDynamicCommand/DpTrace.c @@ -548,6 +548,15 @@ ProcessPhases ( Total = 0; + // print Reset End if it's valid + // + if (SecTime > mResetEnd) { +SecTime = SecTime - mResetEnd;// Calculate sec time duration start from the beginning of firmware image execution +ElapsedTime = DurationInMicroSeconds (mResetEnd); // Calculate elapsed time in microseconds +Total += DivU64x32 (ElapsedTime, 1000); // Accumulate time in milliseconds +ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_DP_RESET_END), mDpHiiHandle, ElapsedTime); + } + // print SEC phase duration time // if (SecTime > 0) { diff --git a/ShellPkg/DynamicCommand/DpDynamicCommand/Dp.uni b/ShellPkg/DynamicCommand/DpDynamicCommand/Dp.uni index 8d8700573e..ef2e7708b8 100644 --- a/ShellPkg/DynamicCommand/DpDynamicCommand/Dp.uni +++ b/ShellPkg/DynamicCommand/DpDynamicCommand/Dp.uni @@ -41,6 +41,7 @@ #string STR_DP_TIMER_PROPERTIES#language en-US "System Performance Timer counts %s from 0x%Lx to 0x%Lx\n" #string STR_DP_VERBOSE_THRESHOLD #language en-US "Measurements less than %,Ld microseconds are not displayed.\n" #string STR_DP_SECTION_PHASES #language en-US "Major Phases" +#string STR_DP_RESET_END #language en-US " Reset End: %L8d (us)\n" #string STR_DP_SEC_PHASE #language en-US " SEC Phase Duration: %L8d (us)\n" #string STR_DP_PHASE_BDSTO #language en-US " BDS Timeout: %L8d (ms) included in BDS Duration\n" #string STR_DP_PHASE_DURATION #language en-US "%5a Phase Duration: %L8d (ms)\n" diff --git a/ShellPkg/DynamicCommand/DpDynamicCommand/DpInternal.h b/ShellPkg/DynamicCommand/DpDynamicCommand/DpInternal.h index 39878c6085..97f47f2960 100644 --- a/ShellPkg/DynamicCommand/DpDynamicCommand/DpInternal.h +++ b/ShellPkg/DynamicCommand/DpDynamicCommand/DpInternal.h @@ -28,6 +28,7 @@ extern UINT8 *mBootPerformanceTable; extern UINTN mBootPerformanceTableLength; extern MEASUREMENT_RECORD *mMeasurementList; extern UINTN mMeasurementNum; +extern UINT64 mResetEnd; extern PERF_SUMMARY_DATA SummaryData;///< Create the SummaryData structure and init. to ZERO. -- 2.31.1.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#96520): htt
[edk2-devel] [edk2-libc Patch 0/1] edk2-libc : migration of edk2 module from chipsec repo
This PR contains the changes required to merge the edk2 module enhancements from chipsec repo to edk2-libc. More details are updated in the BZ https://bugzilla.tianocore.org/show_bug.cgi?id=4161 Jayaprakash Nevara (1): edk2-libc: migration of edk2module from chipsec repo .../Python-3.6.8/PyMod-3.6.8/Modules/cpu.asm | 519 .../PyMod-3.6.8/Modules/cpu_ia32.asm | 395 .../PyMod-3.6.8/Modules/edk2module.c | 568 +- .../Python/Python-3.6.8/Python368.inf | 32 +- 4 files changed, 1496 insertions(+), 18 deletions(-) create mode 100644 AppPkg/Applications/Python/Python-3.6.8/PyMod-3.6.8/Modules/cpu.asm create mode 100644 AppPkg/Applications/Python/Python-3.6.8/PyMod-3.6.8/Modules/cpu_ia32.asm -- 2.33.0.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#96518): https://edk2.groups.io/g/devel/message/96518 Mute This Topic: https://groups.io/mt/95172083/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [edk2-libc Patch 1/1] edk2-libc: migration of edk2module from chipsec repo
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4161 This patch merges the enhancements done by chipsec tool to edk2 module into edk2-libc repo. The chipsec enhancements can be used for various other Python based tools to access platform registers. These enhancements providing a set of APIs to access the platform registers directly from the python scripts running on UEFI shell. This will benefit the Python users on UEFI shell in general and enhances it's usability. Python can be used effectively to implement tools, scripts required for automation, debug from UEFI shell. Cc: Rebecca Cran Cc: Michael D Kinney Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Jayaprakash N Reviewed-by: Michael D Kinney --- .../Python-3.6.8/PyMod-3.6.8/Modules/cpu.asm | 519 .../PyMod-3.6.8/Modules/cpu_ia32.asm | 395 .../PyMod-3.6.8/Modules/edk2module.c | 568 +- .../Python/Python-3.6.8/Python368.inf | 32 +- 4 files changed, 1496 insertions(+), 18 deletions(-) create mode 100644 AppPkg/Applications/Python/Python-3.6.8/PyMod-3.6.8/Modules/cpu.asm create mode 100644 AppPkg/Applications/Python/Python-3.6.8/PyMod-3.6.8/Modules/cpu_ia32.asm diff --git a/AppPkg/Applications/Python/Python-3.6.8/PyMod-3.6.8/Modules/cpu.asm b/AppPkg/Applications/Python/Python-3.6.8/PyMod-3.6.8/Modules/cpu.asm new file mode 100644 index 000..65edc96 --- /dev/null +++ b/AppPkg/Applications/Python/Python-3.6.8/PyMod-3.6.8/Modules/cpu.asm @@ -0,0 +1,519 @@ +TITLE cpu.asm: Assembly code for the x64 resources + +.CODE cpu_asm_code$__a + +PUBLIC WritePortDword +PUBLIC WritePortWord +PUBLIC WritePortByte +PUBLIC ReadPortDword +PUBLIC ReadPortWord +PUBLIC ReadPortByte +PUBLIC WriteHighCMOSByte +PUBLIC WriteLowCMOSByte +PUBLIC SendAPMSMI +PUBLIC WritePCIByte +PUBLIC WritePCIWord +PUBLIC WritePCIDword +PUBLIC ReadPCIByte +PUBLIC ReadPCIWord +PUBLIC ReadPCIDword +PUBLIC _rdmsr +PUBLIC _wrmsr +PUBLIC _load_gdt +PUBLIC _rflags +PUBLIC _swsmi + + +;-- +; UINT64 _rflags() +;-- +_rflags PROC +pushfq +pop rax +ret +_rflags ENDP + +;-- +; void _store_idtr( +; unsigned char *address // rcx +; ) +;-- +_store_idtr PROC +sidt fword ptr [rcx] +ret +_store_idtr ENDP + +;-- +; void _load_idtr( +; unsigned char *address // rcx +; ) +;-- +_load_idtr PROC +lidt fword ptr [rcx] +ret +_load_idtr ENDP + +;-- +; void _store_gdtr( +; unsigned char *address // rcx +; ) +;-- +_store_gdtr PROC +sgdt fword ptr [rcx] +ret +_store_gdtr ENDP + +;-- +; void _load_gdtr( +; unsigned char *address // rcx +; ) +;-- +_load_gdtr PROC +lgdt fword ptr [rcx] +ret +_load_gdtr ENDP + +;-- +; void _store_ldtr( +; unsigned char *address // rcx +; ) +;-- +_store_ldtr PROC +;sldt fword ptr [rcx] +ret +_store_ldtr ENDP + +;-- +; void _load_ldtr( +; unsigned char *address // rcx +; ) +;-- +_load_ldtr PROC +;lldt fword ptr [rcx] +ret +_load_ldtr ENDP + + +;-- +; void _load_gdt( +; unsigned char *value // rcx +; ) +;-- +_load_gdt PROC + +sgdt fword ptr [rcx] +lgdt fword ptr [rcx] + +ret +_load_gdt ENDP + +;-- +; void _rdmsr( +;unsigned int msr_num, // rcx +;unsigned int* msr_lo, // rdx +;unsigned int* msr_hi // r8 +;) +;-- +_rdmsr PROC +push r10 +push r11 +push rax +push rdx + +mov r10, rdx ; msr_lo +mov r11, r8 ; msr_hi + +; rcx has msr_num +rdmsr + +; Write MSR results in edx:eax +mov dword ptr [r10], eax +mov dword ptr [r11], edx + +pop rdx +pop rax +pop r11 +pop r10 + +
Re: [edk2-devel] [PATCH] CryptoPkg: Add b_print.c which removed floating-point to OpensslLib
Right. Size is the biggest concern, because some platforms already have limited space based on our internal survey. If we migrate to openssl3 directly, then we have no way to build these platforms. One idea of size optimization is to use MACRO to disable some features in openssl, if they are not needed by UEFI. It could be the MACRO already defined by openssl, or we may add new MACRO to make it smaller. Thank you Yao, Jiewen > -Original Message- > From: devel@edk2.groups.io On Behalf Of Gerd > Hoffmann > Sent: Monday, November 21, 2022 5:22 PM > To: devel@edk2.groups.io; Li, Yi1 > Cc: Wang, Jian J ; Lu, Xiaoyu1 > ; Jiang, Guomin ; Yao, > Jiewen > Subject: Re: [edk2-devel] [PATCH] CryptoPkg: Add b_print.c which removed > floating-point to OpensslLib > > On Mon, Nov 21, 2022 at 08:31:19AM +, Li, Yi wrote: > > Hi Gerd, > > > > Cool! I noticed your patch in openssl3.0 branch. > > Because the Tls cert time check needs to be solved as soon as possible, > > I will cherry-pick your patch to 1.1.1 branch instead of updating edk2 > openssl to 3.0. The latter seems to take a long time. > > > > By the way, I remember you are already working on upstream openssl3.0, > right? > > Tried, yes (that's why it is fixed already in upstream openssl3). > > > How is it doing now, I can help with some work if needed. > > The blocker is that openssl 3 noticeable larger than the 1.1.1 version. > Which is according to Jiewen Yao not acceptable because it wouldn't > fit into the flash layout for existing roms. > > I don't have any good idea how to move forward with this. My old WIP > branch is here: > > https://github.com/kraxel/edk2/commits/archive/openssl3-v1 > > take care, > Gerd > > > > > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#96516): https://edk2.groups.io/g/devel/message/96516 Mute This Topic: https://groups.io/mt/95135786/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH] CryptoPkg: Add b_print.c which removed floating-point to OpensslLib
On Mon, Nov 21, 2022 at 08:31:19AM +, Li, Yi wrote: > Hi Gerd, > > Cool! I noticed your patch in openssl3.0 branch. > Because the Tls cert time check needs to be solved as soon as possible, > I will cherry-pick your patch to 1.1.1 branch instead of updating edk2 > openssl to 3.0. The latter seems to take a long time. > > By the way, I remember you are already working on upstream openssl3.0, right? Tried, yes (that's why it is fixed already in upstream openssl3). > How is it doing now, I can help with some work if needed. The blocker is that openssl 3 noticeable larger than the 1.1.1 version. Which is according to Jiewen Yao not acceptable because it wouldn't fit into the flash layout for existing roms. I don't have any good idea how to move forward with this. My old WIP branch is here: https://github.com/kraxel/edk2/commits/archive/openssl3-v1 take care, Gerd -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#96515): https://edk2.groups.io/g/devel/message/96515 Mute This Topic: https://groups.io/mt/95135786/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [edk2-platforms][PATCH V6 00/16] Platform: Add Loongson support.
Hi Mike and Liming, After the LoongArch EDK2 base code was merged, I become one of the maintainers of LoongArch, but I don't have push permissions in the EDK2 Platformes repo. How do we get the push permissions in EDK2 LoongArch folder and EDK2 Platformes repo? LoongArch Maintainers: M: Chao Li [kilaterlee] M: Baoqi Zhang [zhangbaoqi-ls] R: Dongyan Qian [MarsDoge] Thanks, Chao On 11ζ 17 2022, at 10:39 δΈε, xianglai li wrote: > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4054 > > The uploaded code generates firmware to support Linux launching on the > LoongArch platform under qemu, > So it will run in a virtual machine. > > LoongArch is the general processor architecture of Loongson. > You can get the latest LoongArch documents or LoongArch tools at > https://github.com/loongson/. > > You can also view the code through the Loongson community. > The edk2 code in Loongson community: > https://github.com/loongson/edk2/tree/LoongArch > The edk2-platform code in Loonson community: > https://github.com/loongson/edk2-platforms > The qemu code in Loongson community: > https://gitlab.com/qemu-project/qemu.git > The LoongArch Documentation in Loongson community: > https://github.com/loongson/LoongArch-Documentation/tree/main/docs > The all patches at: > https://github.com/loongson/edk2-platforms/tree/devel-LoongArch-patch > > v2 changes: > - Remove the inline assembly from StableTimerLib. > - troubleshoot TAB strings, convert TAB characters to spaces. > - remove smm related code, loongarch has no smm mode. > > v3 changes: > - delete ExtractHandler related code. > - Boot UEFI with low 256M memory. > - Modify common interrupt handling. > > v4 changes: > - Remove qemu flash related code. > - Modify fdt base address. > > v5 changes: > - Add Udf driver support. > - Split readme file into a separate patch. > - Modify the code style > - delete extra blank lines > - use the assembly function definition macros in MdePkg > - sort out the PCD variable Token value. > > v6 changes: > - Obtain the serial port base address by resolving fdt. > - Obtain the RTC base address by resolving fdt. > - Use the public 16550 serial port driver. > - Add Dxe Hob lib. > > Cc: Ard Biesheuvel > Cc: Bibo Mao > Cc: Chao Li > Cc: Leif Lindholm > Cc: Liming Gao > Cc: Michael D Kinney > > xianglai li (16): > Platform/Loongson: Add Serial Port library > Platform/Loongson: Support SEC > Platform/Loongson: Add PeiServicesTablePointerLib. > Platform/Loongson: Add QemuFwCfgLib. > Platform/Loongson: Add MmuLib. > Platform/Loongson: Add StableTimerLib. > Platform/Loongson: Support PEI phase. > Platform/Loongson: Add CPU DXE driver. > Platform/Loongson: Add PciCpuIoDxe driver. > Platform/Loongson: Add timer Dxe driver. > Platform/Loongson: Add RealTime Clock lib. > Platform/Loongson: Add Platform Boot Manager Lib. > Platform/Loongson: Add Reset System Lib. > Platform/Loongson: Add Hob Dxe Lib. > Platform/Loongson: Support Dxe > Platform/Loongson: Add Readme. > > .../LoongArchQemuPkg/Drivers/CpuDxe/CpuDxe.c | 367 +++ > .../LoongArchQemuPkg/Drivers/CpuDxe/CpuDxe.h | 199 > .../Drivers/CpuDxe/CpuDxe.inf | 59 ++ > .../Drivers/CpuDxe/LoongArch64/Exception.c | 335 +++ > .../Drivers/CpuDxe/LoongArch64/Fpu.S | 97 ++ > .../Drivers/CpuDxe/LoongArch64/LoongArch.S | 321 +++ > .../Drivers/PciCpuIo2Dxe/PciCpuIo2Dxe.c | 538 +++ > .../Drivers/PciCpuIo2Dxe/PciCpuIo2Dxe.h | 207 > .../Drivers/PciCpuIo2Dxe/PciCpuIo2Dxe.inf | 44 + > .../Drivers/StableTimerDxe/Timer.c | 388 > .../Drivers/StableTimerDxe/Timer.h | 172 > .../Drivers/StableTimerDxe/TimerConfig.S | 38 + > .../Drivers/StableTimerDxe/TimerDxe.inf | 44 + > .../Include/Guid/Early16550UartBaseAddress.h | 22 + > .../LoongArchQemuPkg/Include/Library/Cpu.h | 237 + > .../LoongArchQemuPkg/Include/Library/MmuLib.h | 85 ++ > .../Include/Library/QemuFwCfgLib.h | 174 > .../Include/Library/StableTimer.h | 59 ++ > .../Fdt16550SerialPortHookLib.c | 57 ++ > .../Fdt16550SerialPortHookLib.inf | 38 + > .../LsRealTimeClockLib/LsRealTimeClock.h | 40 + > .../LsRealTimeClockLib/LsRealTimeClockLib.c | 335 +++ > .../LsRealTimeClockLib/LsRealTimeClockLib.inf | 47 + > .../LoongArchQemuPkg/Library/MmuLib/Mmu.S | 155 +++ > .../Library/MmuLib/MmuBaseLib.inf | 40 + > .../Library/MmuLib/MmuBaseLibPei.inf | 47 + > .../Library/MmuLib/MmuLibCore.c | 831 > .../Library/MmuLib/MmuLibCore.h | 40 + > .../Library/MmuLib/MmuLibCorePei.c | 231 + > .../LoongArchQemuPkg/Library/MmuLib/mmu.h | 190 > .../LoongArchQemuPkg/Library/MmuLib/page.h | 280 ++ > .../LoongArchQemuPkg/Library/MmuLib/pte.h | 57 ++ > .../PeiServicesTablePointer.c | 79 ++ > .../PeiServicesTablePointer.h | 39 + > .../PeiServicesTablePointerLib.S | 40 + > .../PeiServicesTablePointerLib.inf | 32 + > .../PlatformBootManagerLib/PlatformBm.c | 742 +++ > .../PlatformBootManagerLib/PlatformBm.h | 112 +++ > .../PlatformBootManagerLib.inf | 75 ++ > .../PlatformBootManagerLib/Qem
Re: [edk2-devel] [PATCH] CryptoPkg: Add b_print.c which removed floating-point to OpensslLib
Hi Gerd, Cool! I noticed your patch in openssl3.0 branch. Because the Tls cert time check needs to be solved as soon as possible, I will cherry-pick your patch to 1.1.1 branch instead of updating edk2 openssl to 3.0. The latter seems to take a long time. By the way, I remember you are already working on upstream openssl3.0, right? How is it doing now, I can help with some work if needed. Thanks, Yi -Original Message- From: devel@edk2.groups.io On Behalf Of Gerd Hoffmann Sent: Monday, November 21, 2022 2:24 PM To: devel@edk2.groups.io; Yao, Jiewen Cc: Li, Yi1 ; Wang, Jian J ; Lu, Xiaoyu1 ; Jiang, Guomin Subject: Re: [edk2-devel] [PATCH] CryptoPkg: Add b_print.c which removed floating-point to OpensslLib On Sun, Nov 20, 2022 at 02:18:36AM +, Yao, Jiewen wrote: > HI Yi > I have question for 1 - The original file uses code related to floating-point > and ulldrvm. > > a) Openssl supports OPENSSL_SYS_UEFI macro > (https://github.com/tianocore/edk2/blob/master/CryptoPkg/Library/Include/openssl/opensslconf.h#L28), > why not use OPENSSL_SYS_UEFI macro to eliminate float point action? openssl 3.x already has that btw. take care, Gerd -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#96513): https://edk2.groups.io/g/devel/message/96513 Mute This Topic: https://groups.io/mt/95135786/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-