[edk2-devel] [PATCH v2 0/1] DynamicTablesPkg: Adds integer to the AML package node

[Abdul Lateef Attar via groups.io]

This patch adds integer to the AML package node.
v2 delta : Addressed comments from Pierre Gondois

Cc: Pierre Gondois 
Cc: Sami Mujawar 

Abdul Lateef Attar (1):
  DynamicTablesPkg: Adds integer to the AML package node

 .../Include/Library/AmlLib/AmlLib.h   | 41 +++-
 .../Common/AmlLib/CodeGen/AmlCodeGen.c| 67 +++
 2 files changed, 107 insertions(+), 1 deletion(-)

-- 
2.34.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118640): https://edk2.groups.io/g/devel/message/118640
Mute This Topic: https://groups.io/mt/105957056/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v2 1/1] DynamicTablesPkg: Adds integer to the AML package node

[Abdul Lateef Attar via groups.io]

Adds an AmlAddIntegerToNamedPackage() API to generate AML code,
which adds an integer value to the package node.

Cc: Pierre Gondois 
Cc: Sami Mujawar 
Signed-off-by: Abdul Lateef Attar 
---
 .../Include/Library/AmlLib/AmlLib.h   | 41 +++-
 .../Common/AmlLib/CodeGen/AmlCodeGen.c| 67 +++
 2 files changed, 107 insertions(+), 1 deletion(-)

diff --git a/DynamicTablesPkg/Include/Library/AmlLib/AmlLib.h 
b/DynamicTablesPkg/Include/Library/AmlLib/AmlLib.h
index 82d5464084..4427ab68fa 100644
--- a/DynamicTablesPkg/Include/Library/AmlLib/AmlLib.h
+++ b/DynamicTablesPkg/Include/Library/AmlLib/AmlLib.h
@@ -2,7 +2,7 @@
   AML Lib.
 
   Copyright (c) 2019 - 2023, Arm Limited. All rights reserved.
-  Copyright (C) 2023 Advanced Micro Devices, Inc. All rights reserved.
+  Copyright (C) 2023 - 2024, Advanced Micro Devices, Inc. All rights 
reserved.
 
   SPDX-License-Identifier: BSD-2-Clause-Patent
 **/
@@ -1743,6 +1743,45 @@ AmlAddNameStringToNamedPackage (
   IN AML_OBJECT_NODE_HANDLE  NamedNode
   );
 
+/** Add an integer value to the named package node.
+
+  AmlCodeGenNamePackage ("_CID", NULL, &PackageNode);
+  AmlGetEisaIdFromString ("PNP0A03", &EisaId);
+  AmlAddIntegerToNamedPackage (EisaId, NameNode);
+  AmlGetEisaIdFromString ("PNP0A08", &EisaId);
+  AmlAddIntegerToNamedPackage (EisaId, NameNode);
+
+  equivalent of the following ASL code:
+  Name (_CID, Package (0x02)  // _CID: Compatible ID
+  {
+  EisaId ("PNP0A03"),
+  EisaId ("PNP0A08")
+  })
+
+  The package is added at the tail of the list of the input package node
+  name:
+Name ("NamePackageNode", Package () {
+  [Pre-existing package entries],
+  [Newly created integer entry]
+})
+
+
+  @ingroup CodeGenApis
+
+  @param [in]   Integer   Integer value that need to be added to 
package node.
+  @param [in, out]  NameNode  Package named node to add the object to.
+
+  @retval EFI_SUCCESS Success.
+  @retval EFI_INVALID_PARAMETER   Invalid parameter.
+  @retval Others  Error occurred during the operation.
+**/
+EFI_STATUS
+EFIAPI
+AmlAddIntegerToNamedPackage (
+  INUINT32  Integer,
+  IN  OUT   AML_OBJECT_NODE_HANDLE  NameNode
+  );
+
 /** AML code generation to invoke/call another method.
 
   This method is a subset implementation of MethodInvocation
diff --git a/DynamicTablesPkg/Library/Common/AmlLib/CodeGen/AmlCodeGen.c 
b/DynamicTablesPkg/Library/Common/AmlLib/CodeGen/AmlCodeGen.c
index 22c2d598d0..89fa4e06f8 100644
--- a/DynamicTablesPkg/Library/Common/AmlLib/CodeGen/AmlCodeGen.c
+++ b/DynamicTablesPkg/Library/Common/AmlLib/CodeGen/AmlCodeGen.c
@@ -3871,6 +3871,73 @@ exit_handler:
   return Status;
 }
 
+/** Add an integer value to the named package node.
+
+  AmlCodeGenNamePackage ("_CID", NULL, &PackageNode);
+  AmlGetEisaIdFromString ("PNP0A03", &EisaId);
+  AmlAddIntegerToNamedPackage (EisaId, NameNode);
+  AmlGetEisaIdFromString ("PNP0A08", &EisaId);
+  AmlAddIntegerToNamedPackage (EisaId, NameNode);
+
+  equivalent of the following ASL code:
+  Name (_CID, Package (0x02)  // _CID: Compatible ID
+  {
+  EisaId ("PNP0A03"),
+  EisaId ("PNP0A08")
+  })
+
+  The package is added at the tail of the list of the input package node
+  name:
+Name ("NamePackageNode", Package () {
+  [Pre-existing package entries],
+  [Newly created integer entry]
+})
+
+
+  @ingroup CodeGenApis
+
+  @param [in]   Integer   Integer value that need to be added to 
package node.
+  @param [in, out]  NameNode  Package named node to add the object to.
+
+  @retval EFI_SUCCESS Success.
+  @retval EFI_INVALID_PARAMETER   Invalid parameter.
+  @retval Others  Error occurred during the operation.
+**/
+EFI_STATUS
+EFIAPI
+AmlAddIntegerToNamedPackage (
+  INUINT32  Integer,
+  IN  OUT   AML_OBJECT_NODE_HANDLE  NameNode
+  )
+{
+  EFI_STATUS   Status;
+  AML_OBJECT_NODE  *PackageNode;
+
+  if (NameNode == NULL) {
+ASSERT_EFI_ERROR (FALSE);
+return EFI_INVALID_PARAMETER;
+  }
+
+  PackageNode = (AML_OBJECT_NODE_HANDLE)AmlGetFixedArgument (
+  NameNode,
+  EAmlParseIndexTerm1
+  );
+  if ((PackageNode == NULL)  ||
+  (AmlGetNodeType ((AML_NODE_HANDLE)PackageNode) != EAmlNodeObject)  ||
+  (!AmlNodeHasOpCode (PackageNode, AML_PACKAGE_OP, 0)))
+  {
+ASSERT_EFI_ERROR (FALSE);
+return EFI_INVALID_PARAMETER;
+  }
+
+  Status = AmlAddRegisterOrIntegerToPackage (NULL, Integer, PackageNode);
+  if (EFI_ERROR (Status)) {
+ASSERT_EFI_ERROR (Status);
+  }
+
+  return Status;
+}
+
 /** AML code generation to invoke/call another method.
 
   This method is a subset implementation of MethodInvocation
-- 
2.34.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this 

Re: [edk2-devel] Assistance Needed: ArmVirtPkg

[Gerd Hoffmann]

On Mon, May 06, 2024 at 10:22:07PM GMT, Doug Flick wrote:
> All,
> 
> In order to patch Tianocore Bugzilla issues and CVEs:
>  4541 – Bug 08 - edk2/NetworkPkg: Predictable TCP ISNs 
> (tianocore.org)
> and
> 4542 – Bug 09 - edk2/NetworkPkg: Use of a Weak PseudoRandom Number Generator 
> (tianocore.org)
> 
> I've added as a dependency Hash2CryptoDxe and RngDxe lib to NetworkPkg. I've 
> been able to add the relevant libraries to the DSCs of OvmfPkg and 
> EmulatorPkg however I'm seeing odd behavior with ArmVirtPkg.
> 
> Would someone more knowledgeable with ArmVirtPkg take a look this PR.

Both OVMF and ArmVirt use the virtio random number device as
source for random numbers.

Driver: OvmfPkg/VirtioRngDxe
Some Background: https://wiki.qemu.org/Features/VirtIORNG

Typically the virtio rng device is present in virtual machine
configurations.  It might be missing though.

I'd recommend:
  (1) Do *not* add RngDxe to OvmfPkg and ArmVirtPkg dsc files, instead
  continue to depend on VirtioRngDxe.
  (2) Keep the time-based not-really-random RNG generator as fallback in
  case EFI_RNG_PROTOCOL is not present (possibly requiring a PCD
  being set so the fallback option can be disabled at build time).

HTH & take care,
  Gerd



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118642): https://edk2.groups.io/g/devel/message/118642
Mute This Topic: https://groups.io/mt/105949609/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH 0/1] MdeModulePkg: Load Serial driver in early DXE

[Borzeszkowski, Alan]

On Intel platforms, we use LPSS UART for debug prints in DXE phase. Current 
implementation involves using custom driver.
In order to reduce code maintenance cost and flash usage, we want to switch to 
EDK2 Serial driver.
Given that PciSioSerialDxe is a UEFI driver and for purposes of loading this 
driver in early DXE,
new driver entrypoint with separate .inf file was added. This way, Serial 
driver can be treated as DXE driver.
Also, several smaller changes were made in Serial.c and SerialIo.c to enable 
debug prints.

Change was tested on Intel platform, debug prints appeared shortly after DXE 
phase begun.
https://github.com/tianocore/edk2/pull/5542

Alan Borzeszkowski (1):
  MdeModulePkg: Load Serial driver in early DXE

 .../PciSioSerialDxe/PciSioSerialDxeEarly.inf  |  81 
 MdeModulePkg/Bus/Pci/PciSioSerialDxe/Serial.c | 184 ++
 .../Bus/Pci/PciSioSerialDxe/SerialIo.c|  16 +-
 MdeModulePkg/MdeModulePkg.dsc |   1 +
 4 files changed, 245 insertions(+), 37 deletions(-)
 create mode 100644 
MdeModulePkg/Bus/Pci/PciSioSerialDxe/PciSioSerialDxeEarly.inf

-- 
2.34.1

-
Intel Technology Poland sp. z o.o.
ul. Slowackiego 173 | 80-298 Gdansk | Sad Rejonowy Gdansk Polnoc | VII Wydzial 
Gospodarczy Krajowego Rejestru Sadowego - KRS 101882 | NIP 957-07-52-316 | 
Kapital zakladowy 200.000 PLN.
Spolka oswiadcza, ze posiada status duzego przedsiebiorcy w rozumieniu ustawy z 
dnia 8 marca 2013 r. o przeciwdzialaniu nadmiernym opoznieniom w transakcjach 
handlowych.

Ta wiadomosc wraz z zalacznikami jest przeznaczona dla okreslonego adresata i 
moze zawierac informacje poufne. W razie przypadkowego otrzymania tej 
wiadomosci, prosimy o powiadomienie nadawcy oraz trwale jej usuniecie; 
jakiekolwiek przegladanie lub rozpowszechnianie jest zabronione.
This e-mail and any attachments may contain confidential material for the sole 
use of the intended recipient(s). If you are not the intended recipient, please 
contact the sender and delete all copies; any review or distribution by others 
is strictly prohibited.



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118643): https://edk2.groups.io/g/devel/message/118643
Mute This Topic: https://groups.io/mt/105959578/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH 1/1] MdeModulePkg: Load Serial driver in early DXE

[Borzeszkowski, Alan]

For the purpose of UEFI debug prints enablement in early DXE,
Serial driver should load earlier. To comply with EDK2 specification
and maximize code reuse, new driver entrypoint was created
and separate .inf file was added.

Cc: Zhichao Gao 
Cc: Ray Ni 
Cc: Michael D Kinney 
Signed-off-by: Alan Borzeszkowski 
---
 .../PciSioSerialDxe/PciSioSerialDxeEarly.inf  |  81 
 MdeModulePkg/Bus/Pci/PciSioSerialDxe/Serial.c | 184 ++
 .../Bus/Pci/PciSioSerialDxe/SerialIo.c|  16 +-
 MdeModulePkg/MdeModulePkg.dsc |   1 +
 4 files changed, 245 insertions(+), 37 deletions(-)
 create mode 100644 
MdeModulePkg/Bus/Pci/PciSioSerialDxe/PciSioSerialDxeEarly.inf

diff --git a/MdeModulePkg/Bus/Pci/PciSioSerialDxe/PciSioSerialDxeEarly.inf 
b/MdeModulePkg/Bus/Pci/PciSioSerialDxe/PciSioSerialDxeEarly.inf
new file mode 100644
index 00..1b88f7a1cc
--- /dev/null
+++ b/MdeModulePkg/Bus/Pci/PciSioSerialDxe/PciSioSerialDxeEarly.inf
@@ -0,0 +1,81 @@
+## @file
+# Serial driver for standard UARTS on a SIO chip or PCI/PCIE card.
+#
+# Produces the Serial I/O protocol for standard UARTS using Super I/O or PCI 
I/O.
+#
+# This is Early DXE version of Serial driver. It's intended use is for debug 
purposes
+# in early DXE. There is added dependency on either Super I/O Protocol or PCI 
I/O Protocol.
+#
+# Copyright (c) 2007 - 2024, Intel Corporation. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+  INF_VERSION= 0x00010005
+  BASE_NAME  = PciSioSerialDxeEarly
+  MODULE_UNI_FILE= PciSioSerialDxe.uni
+  FILE_GUID  = E47C4BFB-9CCC-47B6-A3C1-79C3FBF8B6C8
+  MODULE_TYPE= DXE_DRIVER
+  VERSION_STRING = 1.0
+  ENTRY_POINT= DxePciSioSerialDriverEntrypoint
+
+#
+# The following information is for reference only and not required by the 
build tools.
+#
+#  VALID_ARCHITECTURES   = IA32 X64 EBC
+#
+#  DRIVER_BINDING=  gSerialControllerDriver
+#  COMPONENT_NAME=  gPciSioSerialComponentName
+#  COMPONENT_NAME2   =  gPciSioSerialComponentName2
+#
+
+[Sources]
+  ComponentName.c
+  SerialIo.c
+  Serial.h
+  Serial.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+  MdeModulePkg/MdeModulePkg.dec
+
+[LibraryClasses]
+  PcdLib
+  ReportStatusCodeLib
+  UefiBootServicesTableLib
+  MemoryAllocationLib
+  BaseMemoryLib
+  DevicePathLib
+  UefiLib
+  UefiDriverEntryPoint
+  DebugLib
+  IoLib
+
+[Guids]
+  gEfiUartDevicePathGuid## SOMETIMES_CONSUMES   ## GUID
+
+[Protocols]
+  gEfiSioProtocolGuid   ## TO_START
+  gEfiDevicePathProtocolGuid## TO_START
+  gEfiPciIoProtocolGuid ## TO_START
+  gEfiSerialIoProtocolGuid  ## BY_START
+  gEfiDevicePathProtocolGuid## BY_START
+
+[FeaturePcd]
+  gEfiMdeModulePkgTokenSpaceGuid.PcdSerialUseHalfHandshake|FALSE   ## CONSUMES
+
+[Pcd]
+  gEfiMdePkgTokenSpaceGuid.PcdUartDefaultBaudRate|115200## CONSUMES
+  gEfiMdePkgTokenSpaceGuid.PcdUartDefaultDataBits|8 ## CONSUMES
+  gEfiMdePkgTokenSpaceGuid.PcdUartDefaultParity|1   ## CONSUMES
+  gEfiMdePkgTokenSpaceGuid.PcdUartDefaultStopBits|1 ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdSerialClockRate|1843200 ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdPciSerialParameters ## CONSUMES
+
+[UserExtensions.TianoCore."ExtraFiles"]
+  PciSioSerialDxeExtra.uni
+
+[Depex]
+  gEfiSioProtocolGuid OR gEfiPciIoProtocolGuid
diff --git a/MdeModulePkg/Bus/Pci/PciSioSerialDxe/Serial.c 
b/MdeModulePkg/Bus/Pci/PciSioSerialDxe/Serial.c
index 8b1ce70118..cc77d12748 100644
--- a/MdeModulePkg/Bus/Pci/PciSioSerialDxe/Serial.c
+++ b/MdeModulePkg/Bus/Pci/PciSioSerialDxe/Serial.c
@@ -156,6 +156,7 @@ InitializePciSioSerial (
 /**
   Return whether the controller is a SIO serial controller.
 
+  @param  This A pointer to the EFI_DRIVER_BINDING_PROTOCOL instance.
   @param  Controller   The controller handle.
 
   @retval EFI_SUCCESS  The controller is a SIO serial controller.
@@ -163,7 +164,8 @@ InitializePciSioSerial (
 **/
 EFI_STATUS
 IsSioSerialController (
-  EFI_HANDLE  Controller
+  IN EFI_DRIVER_BINDING_PROTOCOL  *This,
+  EFI_HANDLE  Controller
   )
 {
   EFI_STATUSStatus;
@@ -178,7 +180,7 @@ IsSioSerialController (
   Controller,
   &gEfiSioProtocolGuid,
   (VOID **)&Sio,
-  gSerialControllerDriver.DriverBindingHandle,
+  This->DriverBindingHandle,
   Controller,
   EFI_OPEN_PROTOCOL_BY_DRIVER
   );
@@ -193,7 +195,7 @@ IsSioSerialController (
 gBS->CloseProtocol (
Controller,
&gEfiSioProtocolGuid,
-   gSerialControllerDriver.DriverBindingHandle,
+   This->DriverB

Re: [edk2-devel] [PATCH v2] MdePkg: Add MmUnblockMemoryLib to MdeLibs.dsc

[Michael D Kinney]

Reviewed-by: Michael D Kinney 


> -Original Message-
> From: Wu, Jiaxin 
> Sent: Monday, May 6, 2024 9:55 PM
> To: Zhang, Hongbin1 ; devel@edk2.groups.io
> Cc: Kinney, Michael D ; Ni, Ray
> ; Liming Gao ; Liu, Zhiguang
> ; Xie, Yuanhao 
> Subject: RE: [PATCH v2] MdePkg: Add MmUnblockMemoryLib to MdeLibs.dsc
> 
> Reviewed-by: Jiaxin Wu 
> 
> 
> 
> > -Original Message-
> > From: Zhang, Hongbin1 
> > Sent: Monday, April 29, 2024 2:25 PM
> > To: devel@edk2.groups.io
> > Cc: Zhang, Hongbin1 ; Kinney, Michael D
> > ; Ni, Ray ; Liming Gao
> > ; Liu, Zhiguang ; Wu,
> > Jiaxin ; Xie, Yuanhao 
> > Subject: [PATCH v2] MdePkg: Add MmUnblockMemoryLib to MdeLibs.dsc
> >
> > MdeLibs.dsc.inc included some default libraries provided by MdePkg.
> > Platform can include MdeLibs.dsc.inc file to avoid some potential
> > incompatible changes to platform dsc file in future.
> >
> > Cc: Michael D Kinney 
> > Cc: Ray Ni 
> > Cc: Liming Gao 
> > Cc: Zhiguang Liu 
> > Cc: Jiaxin Wu 
> > Cc: Yuanhao Xie 
> > ---
> >  MdePkg/MdeLibs.dsc.inc | 3 ++-
> >  1 file changed, 2 insertions(+), 1 deletion(-)
> >
> > diff --git a/MdePkg/MdeLibs.dsc.inc b/MdePkg/MdeLibs.dsc.inc
> > index d782dbf4ff..ddd27115f5 100644
> > --- a/MdePkg/MdeLibs.dsc.inc
> > +++ b/MdePkg/MdeLibs.dsc.inc
> > @@ -5,7 +5,7 @@
> >  # by using "!include MdePkg/MdeLibs.dsc.inc" to specify the library
> instances
> >  # of some EDKII basic/common library classes.
> >  #
> > -# Copyright (c) 2021 - 2022, Intel Corporation. All rights
> reserved.
> > +# Copyright (c) 2021 - 2024, Intel Corporation. All rights
> reserved.
> >  #
> >  #SPDX-License-Identifier: BSD-2-Clause-Patent
> >  #
> > @@ -18,3 +18,4 @@
> >
> > SmmCpuRendezvousLib|MdePkg/Library/SmmCpuRendezvousLibNull/SmmC
> > puRendezvousLibNull.inf
> >SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf
> >
> > SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchroniz
> > ationLib.inf
> > +
> > MmUnblockMemoryLib|MdePkg/Library/MmUnblockMemoryLib/MmUnblo
> > ckMemoryLibNull.inf
> > --
> > 2.37.0.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118645): https://edk2.groups.io/g/devel/message/118645
Mute This Topic: https://groups.io/mt/105796510/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] Assistance Needed: ArmVirtPkg

[Ard Biesheuvel]

On Tue, 7 May 2024 at 00:22, Doug Flick  wrote:
>
> All,
>
> In order to patch Tianocore Bugzilla issues and CVEs:
>  4541 – Bug 08 - edk2/NetworkPkg: Predictable TCP ISNs (tianocore.org)
> and
> 4542 – Bug 09 - edk2/NetworkPkg: Use of a Weak PseudoRandom Number Generator 
> (tianocore.org)
>
> I've added as a dependency Hash2CryptoDxe and RngDxe lib to NetworkPkg. I've 
> been able to add the relevant libraries to the DSCs of OvmfPkg and 
> EmulatorPkg however I'm seeing odd behavior with ArmVirtPkg.
>
> Would someone more knowledgeable with ArmVirtPkg take a look this PR.
>
> PixieFail #8 and #9 TCBZ4541 and TCBZ4542 by Flickdm · Pull Request #5582 · 
> tianocore/edk2 (github.com)
>
> The issue was introduced in the commit "ArmVirtPkg: : Add RngDxe to 
> ArmVirtPkg"
>
> Right now PlatformCI_ArmVirtPkg_Ubuntu_GCC5_PR is crashing

You need to configure the TrngLib to use either secure monitor calls
or hypervisor calls, and this might be different depending on the
context:

- ordinary VMs running under proper virtualization will execute at EL1
under a hypervisor that implements the TRNG service, so it can only
use HVC (and SMC will trap, as you've experienced)

- QEMU itself does not implement the TRNG service (to my knowledge) so
running a VM under TCG emulation of EL1 will not have access to the
TRNG

- other emulation modes of QEMU may run the firmware in a different
way, where SMC is actually appropriate, and this could be either EL1
or EL2.

This makes it slightly awkward to decide whether or not to dispatch
RngDxe, and this is why nobody has gotten around to it (and I forgot
about this tbh)


TL;DR

building with --pcd PcdMonitorConduitHvc=TRUE will avoid the crash but
may not result in a usable RngDxe


It also seems to me that those network drivers will now need to DEPEX
on the RNG protocol, as they may get dispatched too early otherwise:

Failed to generate random data using secure algorithm 0: Unsupported
Failed to generate random data using secure algorithm 1: Unsupported
Failed to generate random data using secure algorithm 2: Unsupported

ASSERT_EFI_ERROR (Status = Unsupported)
ASSERT [Udp4Dxe] DxeNetLib.c(973): !(((INTN)(RETURN_STATUS)(Status)) < 0)
QEMU: Terminated

This is with -device virtio-rng-pci and the VirtioRngDxe driver (which
is already included in OVMF and ArmVirtQemu) but the driver dispatches
before the driver model can instantiate the protocol.


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118646): https://edk2.groups.io/g/devel/message/118646
Mute This Topic: https://groups.io/mt/105949609/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] Assistance Needed: ArmVirtPkg

[Doug Flick via groups.io]

Thanks Ard for the explanation! 
Would you be able to tell me the exact changes you made to get to this point 
and if that would be an acceptable change to make to get these CVE patches on 
the mailing list? I'm happy adding the depex but fundamentally I think the goal 
is get these patches into this release. My attempts to rollback some of my 
changes and use VirtioRngDxe have been unsuccessful so far.


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118647): https://edk2.groups.io/g/devel/message/118647
Mute This Topic: https://groups.io/mt/105949609/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v1] MinPlatformPkg: Add MM_STANDALONE LibraryClasses

[Nate DeSimone]

Pushed as d335e04

> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of Nate
> DeSimone
> Sent: Friday, February 9, 2024 2:48 PM
> To: devel@edk2.groups.io
> Cc: Chiu, Chasel ; Liming Gao
> ; Dong, Eric 
> Subject: [edk2-devel] [PATCH v1] MinPlatformPkg: Add MM_STANDALONE
> LibraryClasses
> 
> Adds MM_STANDALONE instances for core LibraryClasses to facilitate using
> Standalone MM in platform code.
> 
> Cc: Chasel Chiu 
> Cc: Liming Gao 
> Cc: Eric Dong 
> Signed-off-by: Nate DeSimone 
> ---
>  .../Intel/MinPlatformPkg/Include/Dsc/CoreDxeLib.dsc   | 11 +++
>  Platform/Intel/MinPlatformPkg/MinPlatformPkg.dsc  |  9 -
>  2 files changed, 11 insertions(+), 9 deletions(-)
> 
> diff --git a/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreDxeLib.dsc
> b/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreDxeLib.dsc
> index b469938823..1e86de282f 100644
> --- a/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreDxeLib.dsc
> +++ b/Platform/Intel/MinPlatformPkg/Include/Dsc/CoreDxeLib.dsc
> @@ -97,6 +97,17 @@
> 
> ReportStatusCodeLib|MdeModulePkg/Library/SmmReportStatusCodeLib/Sm
> mReportStatusCodeLib.inf
>SmmMemLib|MdePkg/Library/SmmMemLib/SmmMemLib.inf
> 
> +[LibraryClasses.common.MM_STANDALONE]
> +
> +MemoryAllocationLib|StandaloneMmPkg/Library/StandaloneMmMemoryAl
> locatio
> +nLib/StandaloneMmMemoryAllocationLib.inf
> +
> +MmServicesTableLib|MdePkg/Library/StandaloneMmServicesTableLib/Stand
> alo
> +neMmServicesTableLib.inf
> +  PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
> +
> +HobLib|StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmH
> obLib.in
> +f
> +
> +TimerLib|PcAtChipsetPkg/Library/AcpiTimerLib/StandaloneMmAcpiTimerLib.
> i
> +nf
> +
> +ReportStatusCodeLib|MdeModulePkg/Library/SmmReportStatusCodeLib/St
> andal
> +oneMmReportStatusCodeLib.inf
> +
> +StandaloneMmDriverEntryPoint|MdePkg/Library/StandaloneMmDriverEntr
> yPoin
> +t/StandaloneMmDriverEntryPoint.inf
> +
> +VariableReadLib|MinPlatformPkg/Library/SmmVariableReadLib/Standalone
> MmV
> +ariableReadLib.inf
> +
> +VariableWriteLib|MinPlatformPkg/Library/SmmVariableWriteLib/Standalone
> M
> +mVariableWriteLib.inf
> +
>  !if gMinPlatformPkgTokenSpaceGuid.PcdPerformanceEnable == TRUE
> 
> PerformanceLib|MdeModulePkg/Library/SmmCorePerformanceLib/SmmCore
> PerformanceLib.inf
>  !endif
> diff --git a/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dsc
> b/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dsc
> index 4b295babf5..ecb4d8f65e 100644
> --- a/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dsc
> +++ b/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dsc
> @@ -111,15 +111,6 @@
> 
> TestPointCheckLib|MinPlatformPkg/Test/Library/TestPointCheckLib/SmmTest
> PointCheckLib.inf
> 
> TestPointLib|MinPlatformPkg/Test/Library/TestPointLib/SmmTestPointLib.inf
> 
> -[LibraryClasses.common.MM_STANDALONE]
> -  DebugLib|MdePkg/Library/BaseDebugLibNull/BaseDebugLibNull.inf
> -
> MemoryAllocationLib|StandaloneMmPkg/Library/StandaloneMmMemoryAll
> ocationLib/StandaloneMmMemoryAllocationLib.inf
> -
> MmServicesTableLib|MdePkg/Library/StandaloneMmServicesTableLib/Standa
> loneMmServicesTableLib.inf
> -  PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
> -
> StandaloneMmDriverEntryPoint|MdePkg/Library/StandaloneMmDriverEntry
> Point/StandaloneMmDriverEntryPoint.inf
> -
> VariableReadLib|MinPlatformPkg/Library/SmmVariableReadLib/StandaloneM
> mVariableReadLib.inf
> -
> VariableWriteLib|MinPlatformPkg/Library/SmmVariableWriteLib/Standalone
> MmVariableWriteLib.inf
> -
> 
> ###
> 
>  #
>  # Components Section - list of the modules and components that will be
> processed by compilation
> --
> 2.39.2.windows.1
> 
> 
> 
> 
> 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118648): https://edk2.groups.io/g/devel/message/118648
Mute This Topic: https://groups.io/mt/104269623/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] Assistance Needed: ArmVirtPkg

[Ard Biesheuvel]

There are no code changes, the only difference is adding the --pcd
PcdMonitorConduitHvc=TRUE option to the build.sh command line, and
running QEMU with -device virtio-rng-pci (which we should be doing in
any case, IMO)

The DEPEX might fix this, and this is actually the appropriate thing
to do if the driver cannot even be dispatched without the RNG protocol
available. However, I'm not convinced this is the right approach - I
think dispatching the driver but failing in the Supported() call on a
missing RNG protocol would be less disruptive, and give more
opportunity for a meaningful warning/error message to the actual user.

But I must admit I have only taken a very cursory look at the
underlying CVE and your proposed mitigation.



On Wed, 8 May 2024 at 00:28, Doug Flick via groups.io
 wrote:
>
> Thanks Ard for the explanation! Would you be able to tell me the exact 
> changes you made to get to this point and if that would be an acceptable 
> change to make to get these CVE patches on the mailing list? I'm happy adding 
> the depex but fundamentally I think the goal is get these patches into this 
> release. My attempts to rollback some of my changes and use VirtioRngDxe have 
> been unsuccessful so far.


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118649): https://edk2.groups.io/g/devel/message/118649
Mute This Topic: https://groups.io/mt/105949609/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] Assistance Needed: ArmVirtPkg

[Doug Flick via groups.io]

Thanks!

I figured out out what I was missing (a mistake on my end) and I now have it 
booting to shell! I'll make the required changes to OvmfPkg and ArmVirtPkg 
based on your suggestions and put the Patch Series on the mailing list.

The assert you were seeing was the patch attempting to use the EDK2 Nist 
algorithms where VirtioRngDxe doesn't supply them. In that case, I created a 
PCD to disable the attempt to use the Nist algorithms and just take whichever 
algorithm the Rng Producer provides. This allows a platform to implement 
however they deem fit and puts the responsibility of secure algorithms on the 
platform. 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118650): https://edk2.groups.io/g/devel/message/118650
Mute This Topic: https://groups.io/mt/105949609/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] Event: TianoCore Bug Triage - APAC / NAMO - Wednesday, May 8, 2024 #cal-reminder

[Group Notification]

*Reminder: TianoCore Bug Triage - APAC / NAMO*

*When:*
Wednesday, May 8, 2024
5:30pm to 6:30pm
(UTC-07:00) America/Los Angeles

*Where:*
https://teams.microsoft.com/l/meetup-join/19%3ameeting_OTk1YzJhN2UtOGQwNi00NjY4LWEwMTktY2JiODRlYTY1NmY0%40thread.v2/0?context=%7b%22Tid%22%3a%2246c98d88-e344-4ed4-8496-4ed7712e255d%22%2c%22Oid%22%3a%226e4ce4c4-1242-431b-9a51-92cd01a5df3c%22%7d

*Organizer:*
Liming Gao
gaolim...@byosoft.com.cn ( 
gaolim...@byosoft.com.cn?subject=Re:%20Event:%20TianoCore%20Bug%20Triage%20-%20APAC%20%2F%20NAMO
 )

View Event ( https://edk2.groups.io/g/devel/viewevent?eventid=2324061 )

*Description:*

TianoCore Bug Triage - APAC / NAMO

Hosted by Liming Gao



Microsoft Teams meeting

*Join on your computer or mobile app*

Click here to join the meeting ( 
https://teams.microsoft.com/l/meetup-join/19%3ameeting_OTk1YzJhN2UtOGQwNi00NjY4LWEwMTktY2JiODRlYTY1NmY0%40thread.v2/0?context=%7b%22Tid%22%3a%2246c98d88-e344-4ed4-8496-4ed7712e255d%22%2c%22Oid%22%3a%226e4ce4c4-1242-431b-9a51-92cd01a5df3c%22%7d
 )

*Join with a video conferencing device*

te...@conf.intel.com

Video Conference ID: 116 062 094 0

Alternate VTC dialing instructions ( 
https://conf.intel.com/teams/?conf=1160620940&ivr=teams&d=conf.intel.com&test=test_call
 )

*Or call in (audio only)*

+1 916-245-6934,,77463821# ( tel:+19162456934,,77463821# ) United States, 
Sacramento

Phone Conference ID: 774 638 21#

Find a local number ( 
https://dialin.teams.microsoft.com/d195d438-2daa-420e-b9ea-da26f9d1d6d5?id=77463821
 ) | Reset PIN ( https://mysettings.lync.com/pstnconferencing )

Learn More ( https://aka.ms/JoinTeamsMeeting ) | Meeting options ( 
https://teams.microsoft.com/meetingOptions/?organizerId=b286b53a-1218-4db3-bfc9-3d4c5aa7669e&tenantId=46c98d88-e344-4ed4-8496-4ed7712e255d&threadId=19_meeting_OTUyZTg2NjgtNDhlNS00ODVlLTllYTUtYzg1OTNjNjdiZjFh@thread.v2&messageId=0&language=en-US
 )


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118651): https://edk2.groups.io/g/devel/message/118651
Mute This Topic: https://groups.io/mt/105972294/21656
Mute #cal-reminder:https://edk2.groups.io/g/devel/mutehashtag/cal-reminder
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 1/3] StandaloneMmPkg: Add LockBox Dependency DXE Driver

[Ni, Ray]

+#include 

[Ray] Can you check if BaseLib is really needed?

+#include 
+
+/**
+  It attempts to install the gEfiLockBoxProtocolGuid protocol into the 
system's DXE database
+  with NULL as the protocol interface to mark the protocol as handled in the 
system or to
+  act as a trigger.
[Ray] "mark the protocol as handled in the system or to act as a trigger", I 
don't quite understand it.



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118653): https://edk2.groups.io/g/devel/message/118653
Mute This Topic: https://groups.io/mt/105955699/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 2/3] MdeModulePkg: Refactors SmmLockBox.c.

[Ni, Ray]

Reviewed-by: Ray Ni 

Thanks,
Ray

From: Xie, Yuanhao 
Sent: Tuesday, May 7, 2024 14:09
To: devel@edk2.groups.io 
Cc: Liming Gao ; Wu, Jiaxin ; 
Ni, Ray ; Xie, Yuanhao 
Subject: [PATCH 2/3] MdeModulePkg: Refactors SmmLockBox.c.

The Lockbox Driver allows sensitive data to be securely stored in a
designated area, thus protected against unauthorized access.

This patch does not introduce any functional modifications.
It refactors the existing logic into a common component to facilitates
the integration of the Standalone MM Lockbox Driver in an upcoming patch

Cc: Liming Gao 
Cc: Jiaxin Wu 
Cc: Ray Ni 

Signed-off-by: Yuanhao Xie 
---
 MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBox.c   | 361 
-
 MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBox.inf |   4 +++-
 MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBoxCommon.c | 384 

 MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBoxCommon.h | 148 

 4 files changed, 547 insertions(+), 350 deletions(-)

diff --git a/MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBox.c 
b/MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBox.c
index c1e15c596b..2774979c34 100644
--- a/MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBox.c
+++ b/MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBox.c
@@ -9,7 +9,7 @@
   SmmLockBoxHandler(), SmmLockBoxRestore(), SmmLockBoxUpdate(), 
SmmLockBoxSave()
   will receive untrusted input and do basic validation.

-Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2010 - 2024, Intel Corporation. All rights reserved.

 SPDX-License-Identifier: BSD-2-Clause-Patent

@@ -31,360 +31,24 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #include 
 #include 

-BOOLEAN  mLocked = FALSE;
+#include "SmmLockBoxCommon.h"

 /**
-  Dispatch function for SMM lock box save.
+  This function is an abstraction layer for implementation specific Mm buffer 
validation routine.

-  Caution: This function may receive untrusted input.
-  Restore buffer and length are external input, so this function will validate
-  it is in SMRAM.
+  @param Buffer  The buffer start address to be checked.
+  @param Length  The buffer length to be checked.

-  @param LockBoxParameterSave  parameter of lock box save
+  @retval TRUE  This buffer is valid per processor architecture and not 
overlap with SMRAM.
+  @retval FALSE This buffer is not valid per processor architecture or overlap 
with SMRAM.
 **/
-VOID
-SmmLockBoxSave (
-  IN EFI_SMM_LOCK_BOX_PARAMETER_SAVE  *LockBoxParameterSave
+BOOLEAN
+IsBufferOutsideMmValid (
+  IN EFI_PHYSICAL_ADDRESS  Buffer,
+  IN UINT64Length
   )
 {
-  EFI_STATUS   Status;
-  EFI_SMM_LOCK_BOX_PARAMETER_SAVE  TempLockBoxParameterSave;
-
-  //
-  // Sanity check
-  //
-  if (mLocked) {
-DEBUG ((DEBUG_ERROR, "SmmLockBox Locked!\n"));
-LockBoxParameterSave->Header.ReturnStatus = (UINT64)EFI_ACCESS_DENIED;
-return;
-  }
-
-  CopyMem (&TempLockBoxParameterSave, LockBoxParameterSave, sizeof 
(EFI_SMM_LOCK_BOX_PARAMETER_SAVE));
-
-  //
-  // Sanity check
-  //
-  if (!SmmIsBufferOutsideSmmValid ((UINTN)TempLockBoxParameterSave.Buffer, 
(UINTN)TempLockBoxParameterSave.Length)) {
-DEBUG ((DEBUG_ERROR, "SmmLockBox Save address in SMRAM or buffer 
overflow!\n"));
-LockBoxParameterSave->Header.ReturnStatus = (UINT64)EFI_ACCESS_DENIED;
-return;
-  }
-
-  //
-  // The SpeculationBarrier() call here is to ensure the above range check for
-  // the CommBuffer have been completed before calling into SaveLockBox().
-  //
-  SpeculationBarrier ();
-
-  //
-  // Save data
-  //
-  Status = SaveLockBox (
- &TempLockBoxParameterSave.Guid,
- (VOID *)(UINTN)TempLockBoxParameterSave.Buffer,
- (UINTN)TempLockBoxParameterSave.Length
- );
-  LockBoxParameterSave->Header.ReturnStatus = (UINT64)Status;
-  return;
-}
-
-/**
-  Dispatch function for SMM lock box set attributes.
-
-  @param LockBoxParameterSetAttributes  parameter of lock box set attributes
-**/
-VOID
-SmmLockBoxSetAttributes (
-  IN EFI_SMM_LOCK_BOX_PARAME

Re: [edk2-devel] [PATCH 3/3] MdeModulePkg: Add Standalone MM Lockbox Driver.

[Ni, Ray]

Reviewed-by: Ray Ni 

Thanks,
Ray

From: Xie, Yuanhao 
Sent: Tuesday, May 7, 2024 14:09
To: devel@edk2.groups.io 
Cc: Liming Gao ; Wu, Jiaxin ; 
Ni, Ray ; Xie, Yuanhao 
Subject: [PATCH 3/3] MdeModulePkg: Add Standalone MM Lockbox Driver.

The Lockbox Driver allows sensitive data to be securely stored in a
designated area, thus protected against unauthorized access.

This patch adds a Standalone MM Lockbox Driver with main modifications:
1. Separating shared code between the Standalone MM driver and the
DXE MM Driver.
2. Utilizing services from the SMM Services Table (gSmst) as opposed to
 relying on Boot Services.

Cc: Liming Gao 
Cc: Jiaxin Wu 
Cc: Ray Ni 

Signed-off-by: Yuanhao Xie 
---
 MdeModulePkg/MdeModulePkg.dsc |  1 
+
 MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBoxStandaloneMm.c| 84 

 MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBoxStandaloneMm.inf  | 56 

 MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBoxStandaloneMm.uni  | 14 
++
 MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBoxStandaloneMmExtra.uni | 14 
++
 5 files changed, 169 insertions(+)

diff --git a/MdeModulePkg/MdeModulePkg.dsc b/MdeModulePkg/MdeModulePkg.dsc
index 6bed9205ea..f0f02f180f 100644
--- a/MdeModulePkg/MdeModulePkg.dsc
+++ b/MdeModulePkg/MdeModulePkg.dsc
@@ -500,6 +500,7 @@
   
MdeModulePkg/Universal/ReportStatusCodeRouter/Smm/ReportStatusCodeRouterSmm.inf
   
MdeModulePkg/Universal/ReportStatusCodeRouter/Smm/ReportStatusCodeRouterStandaloneMm.inf
   MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBox.inf
+  MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBoxStandaloneMm.inf
   
MdeModulePkg/Library/SmmMemoryAllocationProfileLib/SmmMemoryAllocationProfileLib.inf
   
MdeModulePkg/Library/PiSmmCoreMemoryAllocationLib/PiSmmCoreMemoryAllocationProfileLib.inf
   
MdeModulePkg/Library/PiSmmCoreMemoryAllocationLib/PiSmmCoreMemoryAllocationLib.inf
diff --git a/MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBoxStandaloneMm.c 
b/MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBoxStandaloneMm.c
new file mode 100644
index 00..503be7efa8
--- /dev/null
+++ b/MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBoxStandaloneMm.c
@@ -0,0 +1,84 @@
+/** @file
+  LockBox MM driver.
+
+Copyright (c) 2024, Intel Corporation. All rights reserved.
+
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include 
+#include 
+#include 
+#include 
+
+#include "SmmLockBoxCommon.h"
+
+/**
+  This function is an abstraction layer for implementation specific Mm buffer 
validation routine.
+
+  @param Buffer  The buffer start address to be checked.
+  @param Length  The buffer length to be checked.
+
+  @retval TRUE  This buffer is valid per processor architecture and not 
overlap with SMRAM.
+  @retval FALSE This buffer is not valid per processor architecture or overlap 
with SMRAM.
+**/
+BOOLEAN
+IsBufferOutsideMmValid (
+  IN EFI_PHYSICAL_ADDRESS  Buffer,
+  IN UINT64Length
+  )
+{
+  return MmIsBufferOutsideMmValid (Buffer, Length);
+}
+
+/**
+  Entry Point for LockBox MM driver.
+
+  @param[in] ImageHandle  Image handle of this driver.
+  @param[in] SystemTable  A Pointer to the EFI System Table.
+
+  @retval EFI_SUCEESS
+  @return Others  Some error occurs.
+**/
+EFI_STATUS
+EFIAPI
+SmmLockBoxStandaloneMmEntryPoint (
+  IN EFI_HANDLE   ImageHandle,
+  IN EFI_MM_SYSTEM_TABLE  *SystemTable
+  )
+{
+  EFI_STATUS  Status;
+  EFI_HANDLE  DispatchHandle;
+  VOID*Registration;
+
+  //
+  // Register LockBox communication handler
+  //
+  Status = gMmst->MmiHandlerRegister (
+SmmLockBoxHandler,
+&gEfiSmmLockBoxCommunicationGuid,
+&DispatchHandle
+);
+  ASSERT_EFI_ERROR (Status);
+
+  //
+  // Register SMM Ready To Lock Protocol notification
+  //
+  Status = gMmst->MmRegisterProtocolNotify (
+&gEfiSmmReadyToLockProtocolGuid,
+SmmReadyToLockEventNotify,
+&Registration
+);
+  ASSERT_EFI_ERROR (Status);
+  return Status;
+}
diff --git 
a/MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBoxStandaloneMm.inf 
b/MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBoxStandaloneMm.inf
new file mode 100644
index 00..544c87790c
--- /dev/null
+++ b/MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBoxStandaloneMm.inf
@@ -0,0 +1,56 @@
+## @file
+#  LockBox MM driver.
+#
+# Copyright (c) 2024, Intel Corporation. All rights reserved.
+#
+#  SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+  INF_VERSION= 0x00010005
+  BASE_NAME  = SmmLockBoxStandalo

Re: [edk2-devel] [PATCH v2] MdeModulePkg/PciBusDxe: plug device hierarchy leak upon bridge hot-unplug

[Ni, Ray]

Neo,
I don't think your change is needed because of the following existing logic 
where RemoveAllPciDeviceOnBridge() is called to destroy/free all PCI nodes.

  if (Operation == EfiPciHotplugRequestRemove) {
if (*NumberOfChildren == 0) {
  //
  // Remove all devices on the bridge
  //
  RemoveAllPciDeviceOnBridge (RootBridgeHandle, Bridge);
  return EFI_SUCCESS;
}


Thanks,
Ray

From: Hsueh, Hong-Chih (Neo) 
Sent: Wednesday, May 1, 2024 2:24
To: Laszlo Ersek ; devel@edk2.groups.io 
; Ni, Ray 
Cc: Ding, Feng (Sunnyvale) ; He, Jiangang 
; Chang, Abner ; 
gaolim...@byosoft.com.cn 
Subject: Re: [PATCH v2] MdeModulePkg/PciBusDxe: plug device hierarchy leak upon 
bridge hot-unplug


[AMD Official Use Only - General]

Hi @ray...@intel.com,

Sorry you bother you, may I have your feedback for this patch?
If it looks good to you could you help to give me an R-b ?

Thank you.

Regards,
Neo


From: Laszlo Ersek 
Sent: Sunday, February 25, 2024 7:59 AM
To: Hsueh, Hong-Chih (Neo) ; devel@edk2.groups.io 

Cc: Ding, Feng (Sunnyvale) ; He, Jiangang 
; Chang, Abner ; ray...@intel.com 
; gaolim...@byosoft.com.cn 
Subject: Re: [PATCH v2] MdeModulePkg/PciBusDxe: plug device hierarchy leak upon 
bridge hot-unplug

Caution: This message originated from an External Source. Use proper caution 
when opening attachments, clicking links, or responding.


On 2/22/24 17:28, Neo Hsueh wrote:
> A USB4 or TBT bridge can be plugged or unplugged on USB4 port. The actions 
> require PciHotPlugRequestNotify to add a root bridge or remove a root bridge 
> completely.
> In the plug-unplug-plug scenerio, PciHotPlugRequestNotify will return with 
> no-action on second plug because bridge tree shows configured.
> Destroy Pci Device Tree in function PciHotPlugRequestNotify for unplug event 
> to fix this issue.
>
> Cc: Feng Ding 
> Cc: Jiangang He 
> Signed-off-by: Neo Hsueh 
> ---
>  MdeModulePkg/Bus/Pci/PciBusDxe/PciEnumerator.c | 2 ++
>  1 file changed, 2 insertions(+)
>
> diff --git a/MdeModulePkg/Bus/Pci/PciBusDxe/PciEnumerator.c 
> b/MdeModulePkg/Bus/Pci/PciBusDxe/PciEnumerator.c
> index 3f8c6e6da7..2b7af60e0a 100644
> --- a/MdeModulePkg/Bus/Pci/PciBusDxe/PciEnumerator.c
> +++ b/MdeModulePkg/Bus/Pci/PciBusDxe/PciEnumerator.c
> @@ -2103,6 +2103,8 @@ PciHotPlugRequestNotify (
>}
>  }
>
> +DestroyPciDeviceTree (Bridge);
> +
>  //
>  // End for
>  //

This looks convincing to me, but I don't now nearly enough about
PciBusDxe internals (resource management in particular) to confidently
approve this patch. I can give an

Acked-by: Laszlo Ersek 

but the patch should not be merged until Ray provides an R-b.

Laszlo



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118656): https://edk2.groups.io/g/devel/message/118656
Mute This Topic: https://groups.io/mt/104511503/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 1/1] MdeModulePkg: Load Serial driver in early DXE

[Ni, Ray]

Why not implement a customized SerialPortLib and use 
MdeModulePkg/Universal/SerialDxe/SerialDxe.inf?

Thanks,
Ray

From: Borzeszkowski, Alan 
Sent: Tuesday, May 7, 2024 21:09
To: devel@edk2.groups.io 
Cc: Borzeszkowski, Alan ; Gao, Zhichao 
; Ni, Ray ; Kinney, Michael D 

Subject: [PATCH 1/1] MdeModulePkg: Load Serial driver in early DXE

For the purpose of UEFI debug prints enablement in early DXE,
Serial driver should load earlier. To comply with EDK2 specification
and maximize code reuse, new driver entrypoint was created
and separate .inf file was added.

Cc: Zhichao Gao 
Cc: Ray Ni 
Cc: Michael D Kinney 
Signed-off-by: Alan Borzeszkowski 
---
 .../PciSioSerialDxe/PciSioSerialDxeEarly.inf  |  81 
 MdeModulePkg/Bus/Pci/PciSioSerialDxe/Serial.c | 184 ++
 .../Bus/Pci/PciSioSerialDxe/SerialIo.c|  16 +-
 MdeModulePkg/MdeModulePkg.dsc |   1 +
 4 files changed, 245 insertions(+), 37 deletions(-)
 create mode 100644 
MdeModulePkg/Bus/Pci/PciSioSerialDxe/PciSioSerialDxeEarly.inf

diff --git a/MdeModulePkg/Bus/Pci/PciSioSerialDxe/PciSioSerialDxeEarly.inf 
b/MdeModulePkg/Bus/Pci/PciSioSerialDxe/PciSioSerialDxeEarly.inf
new file mode 100644
index 00..1b88f7a1cc
--- /dev/null
+++ b/MdeModulePkg/Bus/Pci/PciSioSerialDxe/PciSioSerialDxeEarly.inf
@@ -0,0 +1,81 @@
+## @file

+# Serial driver for standard UARTS on a SIO chip or PCI/PCIE card.

+#

+# Produces the Serial I/O protocol for standard UARTS using Super I/O or PCI 
I/O.

+#

+# This is Early DXE version of Serial driver. It's intended use is for debug 
purposes

+# in early DXE. There is added dependency on either Super I/O Protocol or PCI 
I/O Protocol.

+#

+# Copyright (c) 2007 - 2024, Intel Corporation. All rights reserved.

+#

+# SPDX-License-Identifier: BSD-2-Clause-Patent

+#

+##

+

+[Defines]

+  INF_VERSION= 0x00010005

+  BASE_NAME  = PciSioSerialDxeEarly

+  MODULE_UNI_FILE= PciSioSerialDxe.uni

+  FILE_GUID  = E47C4BFB-9CCC-47B6-A3C1-79C3FBF8B6C8

+  MODULE_TYPE= DXE_DRIVER

+  VERSION_STRING = 1.0

+  ENTRY_POINT= DxePciSioSerialDriverEntrypoint

+

+#

+# The following information is for reference only and not required by the 
build tools.

+#

+#  VALID_ARCHITECTURES   = IA32 X64 EBC

+#

+#  DRIVER_BINDING=  gSerialControllerDriver

+#  COMPONENT_NAME=  gPciSioSerialComponentName

+#  COMPONENT_NAME2   =  gPciSioSerialComponentName2

+#

+

+[Sources]

+  ComponentName.c

+  SerialIo.c

+  Serial.h

+  Serial.c

+

+[Packages]

+  MdePkg/MdePkg.dec

+  MdeModulePkg/MdeModulePkg.dec

+

+[LibraryClasses]

+  PcdLib

+  ReportStatusCodeLib

+  UefiBootServicesTableLib

+  MemoryAllocationLib

+  BaseMemoryLib

+  DevicePathLib

+  UefiLib

+  UefiDriverEntryPoint

+  DebugLib

+  IoLib

+

+[Guids]

+  gEfiUartDevicePathGuid## SOMETIMES_CONSUMES   ## GUID

+

+[Protocols]

+  gEfiSioProtocolGuid   ## TO_START

+  gEfiDevicePathProtocolGuid## TO_START

+  gEfiPciIoProtocolGuid ## TO_START

+  gEfiSerialIoProtocolGuid  ## BY_START

+  gEfiDevicePathProtocolGuid## BY_START

+

+[FeaturePcd]

+  gEfiMdeModulePkgTokenSpaceGuid.PcdSerialUseHalfHandshake|FALSE   ## CONSUMES

+

+[Pcd]

+  gEfiMdePkgTokenSpaceGuid.PcdUartDefaultBaudRate|115200## CONSUMES

+  gEfiMdePkgTokenSpaceGuid.PcdUartDefaultDataBits|8 ## CONSUMES

+  gEfiMdePkgTokenSpaceGuid.PcdUartDefaultParity|1   ## CONSUMES

+  gEfiMdePkgTokenSpaceGuid.PcdUartDefaultStopBits|1 ## CONSUMES

+  gEfiMdeModulePkgTokenSpaceGuid.PcdSerialClockRate|1843200 ## CONSUMES

+  gEfiMdeModulePkgTokenSpaceGuid.PcdPciSerialParameters ## CONSUMES

+

+[UserExtensions.TianoCore."ExtraFiles"]

+  PciSioSerialDxeExtra.uni

+

+[Depex]

+  gEfiSioProtocolGuid OR gEfiPciIoProtocolGuid

diff --git a/MdeModulePkg/Bus/Pci/PciSioSerialDxe/Serial.c 
b/MdeModulePkg/Bus/Pci/PciSioSerialDxe/Serial.c
index 8b1ce70118..cc77d12748 100644
--- a/MdeModulePkg/Bus/Pci/PciSioSerialDxe/Serial.c
+++ b/MdeModulePkg/Bus/Pci/PciSioSerialDxe/Serial.c
@@ -156,6 +156,7 @@ InitializePciSioSerial (
 /**

   Return whether the controller is a SIO serial controller.



+  @param  This A pointer to the EFI_DRIVER_BINDING_PROTOCOL instance.

   @param  Controller   The controller handle.



   @retval EFI_SUCCESS  The controller is a SIO serial controller.

@@ -163,7 +164,8 @@ InitializePciSioSerial (
 **/

 EFI_STATUS

 IsSioSerialController (

-  EFI_HANDLE  Controller

+  IN EFI_DRIVER_BINDING_PROTOCOL  *This,

+  EFI_HANDLE  Controller

   )

 {

   EFI_STATUSStatus;

@@ -178,7 +180,7 @@ IsSioSerialController (
   Controller,

   &gEfiS