[edk2-devel] [PATCH v3 1/1] MdeModulePkg: Add the EFI_RESOURCE_ATTRIBUTE_SPECIAL_PURPOSE attribute

[Michael Kubacki]

From: Patrick Payne 

Add the EFI_RESOURCE_ATTRIBUTE_SPECIAL_PURPOSE resource attribute as
per the PI 1.8 spec. This flag is used to indicate that the memory
should be treated as special purpose memory (SPM).

Cc: Liming Gao 
Cc: Michael D Kinney 
Signed-off-by: Michael Kubacki 
---

Notes:
V3: Assign the GCD memory type for resource HOBs with
the SPECIAL_PURPOSE attribute set prior to assigning
the GCD memory type for the PERSISTENT attribute.

Assign the GCD memory type EfiGcdMemoryTypeReserved
instead of EfiGcdMemoryTypeSystemMemory for resource
HOBs with the SPECIAL_PURPOSE attribute set.

V2: Adds package name to commit subject and updates
Signed-off-by.

 MdeModulePkg/Core/Dxe/Gcd/Gcd.c | 12 +++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/MdeModulePkg/Core/Dxe/Gcd/Gcd.c b/MdeModulePkg/Core/Dxe/Gcd/Gcd.c
index fe1bbd6974b7..4cc0940c0a7d 100644
--- a/MdeModulePkg/Core/Dxe/Gcd/Gcd.c
+++ b/MdeModulePkg/Core/Dxe/Gcd/Gcd.c
@@ -26,7 +26,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
EFI_RESOURCE_ATTRIBUTE_16_BIT_IO
   | \
EFI_RESOURCE_ATTRIBUTE_32_BIT_IO
   | \
EFI_RESOURCE_ATTRIBUTE_64_BIT_IO
   | \
-   EFI_RESOURCE_ATTRIBUTE_PERSISTENT   
   )
+   EFI_RESOURCE_ATTRIBUTE_PERSISTENT   
   | \
+   EFI_RESOURCE_ATTRIBUTE_SPECIAL_PURPOSE  
   )
 
 #define TESTED_MEMORY_ATTRIBUTES  (EFI_RESOURCE_ATTRIBUTE_PRESENT | \
EFI_RESOURCE_ATTRIBUTE_INITIALIZED | \
@@ -92,6 +93,7 @@ GCD_ATTRIBUTE_CONVERSION_ENTRY  mAttributeConversionTable[] = 
{
   { EFI_RESOURCE_ATTRIBUTE_TESTED,  EFI_MEMORY_TESTED,
FALSE },
   { EFI_RESOURCE_ATTRIBUTE_PERSISTABLE, EFI_MEMORY_NV,
TRUE  },
   { EFI_RESOURCE_ATTRIBUTE_MORE_RELIABLE,   EFI_MEMORY_MORE_RELIABLE, 
TRUE  },
+  { EFI_RESOURCE_ATTRIBUTE_SPECIAL_PURPOSE, EFI_MEMORY_SP,
TRUE  },
   { 0,  0,
FALSE }
 };
 
@@ -691,6 +693,10 @@ ConverToCpuArchAttributes (
 CpuArchAttributes |= EFI_MEMORY_WP;
   }
 
+  if ((Attributes & EFI_MEMORY_SP) == EFI_MEMORY_SP) {
+CpuArchAttributes |= EFI_MEMORY_SP;
+  }
+
   return CpuArchAttributes;
 }
 
@@ -2656,6 +2662,10 @@ CoreInitializeGcdServices (
 GcdMemoryType = EfiGcdMemoryTypeReserved;
   }
 
+  if ((ResourceHob->ResourceAttribute & 
EFI_RESOURCE_ATTRIBUTE_SPECIAL_PURPOSE) == 
EFI_RESOURCE_ATTRIBUTE_SPECIAL_PURPOSE) {
+GcdMemoryType = EfiGcdMemoryTypeReserved;
+  }
+
   if ((ResourceHob->ResourceAttribute & 
EFI_RESOURCE_ATTRIBUTE_PERSISTENT) == EFI_RESOURCE_ATTRIBUTE_PERSISTENT) {
 GcdMemoryType = EfiGcdMemoryTypePersistent;
   }
-- 
2.45.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119065): https://edk2.groups.io/g/devel/message/119065
Mute This Topic: https://groups.io/mt/106165072/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v1 1/1] CodeQL: Update from 2.16.1 to 2.17.3

[Michael D Kinney]

Approved. I agree there is no impact to FW.

Mike

> -Original Message-
> From: Michael Kubacki 
> Sent: Friday, May 17, 2024 4:28 PM
> To: Kinney, Michael D ; devel@edk2.groups.io;
> Andrew Fish ; Leif Lindholm ;
> Liming Gao 
> Cc: Feng, Bob C ; Joey Vagedes
> ; Rebecca Cran ; Sean Brogan
> ; Chen, Christine 
> Subject: Re: [PATCH v1 1/1] CodeQL: Update from 2.16.1 to 2.17.3
> 
> Forgot about the hard freeze.
> 
> Added remaining stewards to consider merging this. It has no impact on
> firmware but is needed to unblock an immediate issue in CI where the
> CodeQL queries being fetched are newer and incompatible with the CodeQL
> CLI being used.
> 
> As I mentioned in the release notes, I will follow up in the future for
> a change that should be able to lock the CodeQL query versions against
> the CLI version.
> 
> Thanks,
> Michael
> 
> On 5/17/2024 7:20 PM, Michael Kubacki wrote:
> > To ensure CI is unblocked, I am going to add the push tag now.
> >
> > On 5/17/2024 6:31 PM, Michael Kubacki wrote:
> >> Thanks Mike. Are you okay with me completing the PR now?
> >>
> >> On 5/17/2024 5:31 PM, Kinney, Michael D wrote:
> >>> Reviewed-by: Michael D Kinney 
> >>>
>  -Original Message-
>  From: mikub...@linux.microsoft.com 
>  Sent: Friday, May 17, 2024 2:09 PM
>  To: devel@edk2.groups.io
>  Cc: Feng, Bob C ; Joey Vagedes
>  ; Liming Gao ;
>  Kinney,
>  Michael D ; Rebecca Cran
>  ;
>  Sean Brogan ; Chen, Christine
>  
>  Subject: [PATCH v1 1/1] CodeQL: Update from 2.16.1 to 2.17.3
> 
>  From: Michael Kubacki 
> 
>  This fixes an issue where the CodeQL queries currently fetched in the
>  pipeline are incompatible with the current executable used.
> 
>  Update to pick up functional and security fixes. See the following
>  comparison for detailed differences:
> 
>  https://github.com/github/codeql-cli-binaries/compare/v2.16.1...v2.17.3
> 
>  Cc: Bob Feng 
>  Cc: Joey Vagedes 
>  Cc: Liming Gao 
>  Cc: Michael D Kinney 
>  Cc: Rebecca Cran 
>  Cc: Sean Brogan 
>  Cc: Yuwei Chen 
>  Signed-off-by: Michael Kubacki 
>  ---
> 
>  Notes:
>   This change fixes an immediate compatibility issue between
>   the latest queries being pulled and the CodeQL CLI being
>   used.
> 
>   A follow up change will attempt to lock queries against a
>   compatibile version to prevent queries from pulling ahead
>   to incompatible versions in the future.
> 
>   ---
> 
>   This change was tested in edk2 CI:
> 
>   https://github.com/tianocore/edk2/pull/5667
> 
>    BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml | 6 +++---
>    BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml   | 6 +++---
>    BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml | 6 +++---
>    3 files changed, 9 insertions(+), 9 deletions(-)
> 
>  diff --git a/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
>  b/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
>  index 5ec56c6bf06f..dbc9c2ba0290 100644
>  --- a/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
>  +++ b/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
>  @@ -16,9 +16,9 @@
>      "scope": "codeql-ext-dep",
>      "type": "web",
>      "name": "codeql_cli",
>  -  "source": "https://github.com/github/codeql-cli-
>  binaries/releases/download/v2.16.1/codeql.zip",
>  -  "version": "2.16.1",
>  -  "sha256":
>  "86a98f6ebb8fd49efadf367f3275c438669fcb8426962c33415129aad8e093e6",
>  +  "source": "https://github.com/github/codeql-cli-
>  binaries/releases/download/v2.17.3/codeql.zip",
>  +  "version": "2.17.3",
>  +  "sha256":
>  "e5ac1d87ab38e405c9af5db234a338b10dffabc98a648903f1664dd2a566dfd5",
>      "compression_type": "zip",
>      "internal_path": "/codeql/",
>      "flags": ["set_shell_var", ],
>  diff --git a/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
>  b/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
>  index 5b4a919f1de4..536322f2b331 100644
>  --- a/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
>  +++ b/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
>  @@ -14,9 +14,9 @@
>      "scope": "codeql-linux-ext-dep",
>      "type": "web",
>      "name": "codeql_linux_cli",
>  -  "source": "https://github.com/github/codeql-cli-
>  binaries/releases/download/v2.16.1/codeql-linux64.zip",
>  -  "version": "2.16.1",
>  -  "sha256":
>  "40dbb6c0c4064bd14601a02e60c61661fdc0271469f90eb91a2e7d51d4cbc171",
>  +  "source": "https://github.com/github/codeql-cli-
>  binaries/releases/download/v2.17.3/codeql-linux64.zip",
>  +  "version": "2.17.3",
>  +  "sha256":
>  "9fba000c4b821534d354bc16821aa066fdb1304446226ea449870e64a8ad3c7a",
>      "compression_type": 

Re: [edk2-devel] [PATCH v1 1/1] CodeQL: Update from 2.16.1 to 2.17.3

[Michael Kubacki]

Forgot about the hard freeze.

Added remaining stewards to consider merging this. It has no impact on 
firmware but is needed to unblock an immediate issue in CI where the 
CodeQL queries being fetched are newer and incompatible with the CodeQL 
CLI being used.


As I mentioned in the release notes, I will follow up in the future for 
a change that should be able to lock the CodeQL query versions against 
the CLI version.


Thanks,
Michael

On 5/17/2024 7:20 PM, Michael Kubacki wrote:

To ensure CI is unblocked, I am going to add the push tag now.

On 5/17/2024 6:31 PM, Michael Kubacki wrote:

Thanks Mike. Are you okay with me completing the PR now?

On 5/17/2024 5:31 PM, Kinney, Michael D wrote:

Reviewed-by: Michael D Kinney 


-Original Message-
From: mikub...@linux.microsoft.com 
Sent: Friday, May 17, 2024 2:09 PM
To: devel@edk2.groups.io
Cc: Feng, Bob C ; Joey Vagedes
; Liming Gao ; 
Kinney,
Michael D ; Rebecca Cran 
;

Sean Brogan ; Chen, Christine

Subject: [PATCH v1 1/1] CodeQL: Update from 2.16.1 to 2.17.3

From: Michael Kubacki 

This fixes an issue where the CodeQL queries currently fetched in the
pipeline are incompatible with the current executable used.

Update to pick up functional and security fixes. See the following
comparison for detailed differences:

https://github.com/github/codeql-cli-binaries/compare/v2.16.1...v2.17.3

Cc: Bob Feng 
Cc: Joey Vagedes 
Cc: Liming Gao 
Cc: Michael D Kinney 
Cc: Rebecca Cran 
Cc: Sean Brogan 
Cc: Yuwei Chen 
Signed-off-by: Michael Kubacki 
---

Notes:
 This change fixes an immediate compatibility issue between
 the latest queries being pulled and the CodeQL CLI being
 used.

 A follow up change will attempt to lock queries against a
 compatibile version to prevent queries from pulling ahead
 to incompatible versions in the future.

 ---

 This change was tested in edk2 CI:

 https://github.com/tianocore/edk2/pull/5667

  BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml | 6 +++---
  BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml   | 6 +++---
  BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml | 6 +++---
  3 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
b/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
index 5ec56c6bf06f..dbc9c2ba0290 100644
--- a/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
+++ b/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
@@ -16,9 +16,9 @@
    "scope": "codeql-ext-dep",
    "type": "web",
    "name": "codeql_cli",
-  "source": "https://github.com/github/codeql-cli-
binaries/releases/download/v2.16.1/codeql.zip",
-  "version": "2.16.1",
-  "sha256":
"86a98f6ebb8fd49efadf367f3275c438669fcb8426962c33415129aad8e093e6",
+  "source": "https://github.com/github/codeql-cli-
binaries/releases/download/v2.17.3/codeql.zip",
+  "version": "2.17.3",
+  "sha256":
"e5ac1d87ab38e405c9af5db234a338b10dffabc98a648903f1664dd2a566dfd5",
    "compression_type": "zip",
    "internal_path": "/codeql/",
    "flags": ["set_shell_var", ],
diff --git a/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
b/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
index 5b4a919f1de4..536322f2b331 100644
--- a/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
+++ b/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
@@ -14,9 +14,9 @@
    "scope": "codeql-linux-ext-dep",
    "type": "web",
    "name": "codeql_linux_cli",
-  "source": "https://github.com/github/codeql-cli-
binaries/releases/download/v2.16.1/codeql-linux64.zip",
-  "version": "2.16.1",
-  "sha256":
"40dbb6c0c4064bd14601a02e60c61661fdc0271469f90eb91a2e7d51d4cbc171",
+  "source": "https://github.com/github/codeql-cli-
binaries/releases/download/v2.17.3/codeql-linux64.zip",
+  "version": "2.17.3",
+  "sha256":
"9fba000c4b821534d354bc16821aa066fdb1304446226ea449870e64a8ad3c7a",
    "compression_type": "zip",
    "internal_path": "/codeql/",
    "flags": ["set_shell_var", ],
diff --git a/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml
b/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml
index c0c018c9538f..93a81ffd5020 100644
--- a/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml
+++ b/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml
@@ -14,9 +14,9 @@
    "scope": "codeql-windows-ext-dep",
    "type": "web",
    "name": "codeql_windows_cli",
-  "source": "https://github.com/github/codeql-cli-
binaries/releases/download/v2.16.1/codeql-win64.zip",
-  "version": "2.16.1",
-  "sha256":
"9ebe5ea8a7d0a77425428d50d49912319117fccee24ecb62f6219c12584f4f28",
+  "source": "https://github.com/github/codeql-cli-
binaries/releases/download/v2.17.3/codeql-win64.zip",
+  "version": "2.17.3",
+  "sha256":
"4c6fbf2ea2eaf0f47bf0347eacf54c6b9d6bdf7acb6b63e17f9e6f2dd83b34e7",
    "compression_type": "zip",
    "internal_path": "/codeql/",
    "flags": ["set_shell_var", ],
--
2.45.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

Re: [edk2-devel] [PATCH v1 1/1] CodeQL: Update from 2.16.1 to 2.17.3

[Michael Kubacki]

To ensure CI is unblocked, I am going to add the push tag now.

On 5/17/2024 6:31 PM, Michael Kubacki wrote:

Thanks Mike. Are you okay with me completing the PR now?

On 5/17/2024 5:31 PM, Kinney, Michael D wrote:

Reviewed-by: Michael D Kinney 


-Original Message-
From: mikub...@linux.microsoft.com 
Sent: Friday, May 17, 2024 2:09 PM
To: devel@edk2.groups.io
Cc: Feng, Bob C ; Joey Vagedes
; Liming Gao ; Kinney,
Michael D ; Rebecca Cran 
;

Sean Brogan ; Chen, Christine

Subject: [PATCH v1 1/1] CodeQL: Update from 2.16.1 to 2.17.3

From: Michael Kubacki 

This fixes an issue where the CodeQL queries currently fetched in the
pipeline are incompatible with the current executable used.

Update to pick up functional and security fixes. See the following
comparison for detailed differences:

https://github.com/github/codeql-cli-binaries/compare/v2.16.1...v2.17.3

Cc: Bob Feng 
Cc: Joey Vagedes 
Cc: Liming Gao 
Cc: Michael D Kinney 
Cc: Rebecca Cran 
Cc: Sean Brogan 
Cc: Yuwei Chen 
Signed-off-by: Michael Kubacki 
---

Notes:
 This change fixes an immediate compatibility issue between
 the latest queries being pulled and the CodeQL CLI being
 used.

 A follow up change will attempt to lock queries against a
 compatibile version to prevent queries from pulling ahead
 to incompatible versions in the future.

 ---

 This change was tested in edk2 CI:

 https://github.com/tianocore/edk2/pull/5667

  BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml | 6 +++---
  BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml   | 6 +++---
  BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml | 6 +++---
  3 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
b/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
index 5ec56c6bf06f..dbc9c2ba0290 100644
--- a/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
+++ b/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
@@ -16,9 +16,9 @@
    "scope": "codeql-ext-dep",
    "type": "web",
    "name": "codeql_cli",
-  "source": "https://github.com/github/codeql-cli-
binaries/releases/download/v2.16.1/codeql.zip",
-  "version": "2.16.1",
-  "sha256":
"86a98f6ebb8fd49efadf367f3275c438669fcb8426962c33415129aad8e093e6",
+  "source": "https://github.com/github/codeql-cli-
binaries/releases/download/v2.17.3/codeql.zip",
+  "version": "2.17.3",
+  "sha256":
"e5ac1d87ab38e405c9af5db234a338b10dffabc98a648903f1664dd2a566dfd5",
    "compression_type": "zip",
    "internal_path": "/codeql/",
    "flags": ["set_shell_var", ],
diff --git a/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
b/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
index 5b4a919f1de4..536322f2b331 100644
--- a/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
+++ b/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
@@ -14,9 +14,9 @@
    "scope": "codeql-linux-ext-dep",
    "type": "web",
    "name": "codeql_linux_cli",
-  "source": "https://github.com/github/codeql-cli-
binaries/releases/download/v2.16.1/codeql-linux64.zip",
-  "version": "2.16.1",
-  "sha256":
"40dbb6c0c4064bd14601a02e60c61661fdc0271469f90eb91a2e7d51d4cbc171",
+  "source": "https://github.com/github/codeql-cli-
binaries/releases/download/v2.17.3/codeql-linux64.zip",
+  "version": "2.17.3",
+  "sha256":
"9fba000c4b821534d354bc16821aa066fdb1304446226ea449870e64a8ad3c7a",
    "compression_type": "zip",
    "internal_path": "/codeql/",
    "flags": ["set_shell_var", ],
diff --git a/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml
b/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml
index c0c018c9538f..93a81ffd5020 100644
--- a/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml
+++ b/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml
@@ -14,9 +14,9 @@
    "scope": "codeql-windows-ext-dep",
    "type": "web",
    "name": "codeql_windows_cli",
-  "source": "https://github.com/github/codeql-cli-
binaries/releases/download/v2.16.1/codeql-win64.zip",
-  "version": "2.16.1",
-  "sha256":
"9ebe5ea8a7d0a77425428d50d49912319117fccee24ecb62f6219c12584f4f28",
+  "source": "https://github.com/github/codeql-cli-
binaries/releases/download/v2.17.3/codeql-win64.zip",
+  "version": "2.17.3",
+  "sha256":
"4c6fbf2ea2eaf0f47bf0347eacf54c6b9d6bdf7acb6b63e17f9e6f2dd83b34e7",
    "compression_type": "zip",
    "internal_path": "/codeql/",
    "flags": ["set_shell_var", ],
--
2.45.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119062): https://edk2.groups.io/g/devel/message/119062
Mute This Topic: https://groups.io/mt/106161774/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v1 1/1] CodeQL: Update from 2.16.1 to 2.17.3

[Michael Kubacki]

Thanks Mike. Are you okay with me completing the PR now?

On 5/17/2024 5:31 PM, Kinney, Michael D wrote:

Reviewed-by: Michael D Kinney 


-Original Message-
From: mikub...@linux.microsoft.com 
Sent: Friday, May 17, 2024 2:09 PM
To: devel@edk2.groups.io
Cc: Feng, Bob C ; Joey Vagedes
; Liming Gao ; Kinney,
Michael D ; Rebecca Cran ;
Sean Brogan ; Chen, Christine

Subject: [PATCH v1 1/1] CodeQL: Update from 2.16.1 to 2.17.3

From: Michael Kubacki 

This fixes an issue where the CodeQL queries currently fetched in the
pipeline are incompatible with the current executable used.

Update to pick up functional and security fixes. See the following
comparison for detailed differences:

https://github.com/github/codeql-cli-binaries/compare/v2.16.1...v2.17.3

Cc: Bob Feng 
Cc: Joey Vagedes 
Cc: Liming Gao 
Cc: Michael D Kinney 
Cc: Rebecca Cran 
Cc: Sean Brogan 
Cc: Yuwei Chen 
Signed-off-by: Michael Kubacki 
---

Notes:
 This change fixes an immediate compatibility issue between
 the latest queries being pulled and the CodeQL CLI being
 used.

 A follow up change will attempt to lock queries against a
 compatibile version to prevent queries from pulling ahead
 to incompatible versions in the future.

 ---

 This change was tested in edk2 CI:

 https://github.com/tianocore/edk2/pull/5667

  BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml | 6 +++---
  BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml   | 6 +++---
  BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml | 6 +++---
  3 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
b/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
index 5ec56c6bf06f..dbc9c2ba0290 100644
--- a/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
+++ b/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
@@ -16,9 +16,9 @@
"scope": "codeql-ext-dep",
"type": "web",
"name": "codeql_cli",
-  "source": "https://github.com/github/codeql-cli-
binaries/releases/download/v2.16.1/codeql.zip",
-  "version": "2.16.1",
-  "sha256":
"86a98f6ebb8fd49efadf367f3275c438669fcb8426962c33415129aad8e093e6",
+  "source": "https://github.com/github/codeql-cli-
binaries/releases/download/v2.17.3/codeql.zip",
+  "version": "2.17.3",
+  "sha256":
"e5ac1d87ab38e405c9af5db234a338b10dffabc98a648903f1664dd2a566dfd5",
"compression_type": "zip",
"internal_path": "/codeql/",
"flags": ["set_shell_var", ],
diff --git a/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
b/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
index 5b4a919f1de4..536322f2b331 100644
--- a/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
+++ b/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
@@ -14,9 +14,9 @@
"scope": "codeql-linux-ext-dep",
"type": "web",
"name": "codeql_linux_cli",
-  "source": "https://github.com/github/codeql-cli-
binaries/releases/download/v2.16.1/codeql-linux64.zip",
-  "version": "2.16.1",
-  "sha256":
"40dbb6c0c4064bd14601a02e60c61661fdc0271469f90eb91a2e7d51d4cbc171",
+  "source": "https://github.com/github/codeql-cli-
binaries/releases/download/v2.17.3/codeql-linux64.zip",
+  "version": "2.17.3",
+  "sha256":
"9fba000c4b821534d354bc16821aa066fdb1304446226ea449870e64a8ad3c7a",
"compression_type": "zip",
"internal_path": "/codeql/",
"flags": ["set_shell_var", ],
diff --git a/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml
b/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml
index c0c018c9538f..93a81ffd5020 100644
--- a/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml
+++ b/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml
@@ -14,9 +14,9 @@
"scope": "codeql-windows-ext-dep",
"type": "web",
"name": "codeql_windows_cli",
-  "source": "https://github.com/github/codeql-cli-
binaries/releases/download/v2.16.1/codeql-win64.zip",
-  "version": "2.16.1",
-  "sha256":
"9ebe5ea8a7d0a77425428d50d49912319117fccee24ecb62f6219c12584f4f28",
+  "source": "https://github.com/github/codeql-cli-
binaries/releases/download/v2.17.3/codeql-win64.zip",
+  "version": "2.17.3",
+  "sha256":
"4c6fbf2ea2eaf0f47bf0347eacf54c6b9d6bdf7acb6b63e17f9e6f2dd83b34e7",
"compression_type": "zip",
"internal_path": "/codeql/",
"flags": ["set_shell_var", ],
--
2.45.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119061): https://edk2.groups.io/g/devel/message/119061
Mute This Topic: https://groups.io/mt/106161774/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v1 1/1] CodeQL: Update from 2.16.1 to 2.17.3

[Joey Vagedes via groups.io]

Reviewed-by: Joey Vagedes 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119060): https://edk2.groups.io/g/devel/message/119060
Mute This Topic: https://groups.io/mt/106161774/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v1 1/1] CodeQL: Update from 2.16.1 to 2.17.3

[Michael D Kinney]

Reviewed-by: Michael D Kinney 

> -Original Message-
> From: mikub...@linux.microsoft.com 
> Sent: Friday, May 17, 2024 2:09 PM
> To: devel@edk2.groups.io
> Cc: Feng, Bob C ; Joey Vagedes
> ; Liming Gao ; Kinney,
> Michael D ; Rebecca Cran ;
> Sean Brogan ; Chen, Christine
> 
> Subject: [PATCH v1 1/1] CodeQL: Update from 2.16.1 to 2.17.3
> 
> From: Michael Kubacki 
> 
> This fixes an issue where the CodeQL queries currently fetched in the
> pipeline are incompatible with the current executable used.
> 
> Update to pick up functional and security fixes. See the following
> comparison for detailed differences:
> 
> https://github.com/github/codeql-cli-binaries/compare/v2.16.1...v2.17.3
> 
> Cc: Bob Feng 
> Cc: Joey Vagedes 
> Cc: Liming Gao 
> Cc: Michael D Kinney 
> Cc: Rebecca Cran 
> Cc: Sean Brogan 
> Cc: Yuwei Chen 
> Signed-off-by: Michael Kubacki 
> ---
> 
> Notes:
> This change fixes an immediate compatibility issue between
> the latest queries being pulled and the CodeQL CLI being
> used.
> 
> A follow up change will attempt to lock queries against a
> compatibile version to prevent queries from pulling ahead
> to incompatible versions in the future.
> 
> ---
> 
> This change was tested in edk2 CI:
> 
> https://github.com/tianocore/edk2/pull/5667
> 
>  BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml | 6 +++---
>  BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml   | 6 +++---
>  BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml | 6 +++---
>  3 files changed, 9 insertions(+), 9 deletions(-)
> 
> diff --git a/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
> b/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
> index 5ec56c6bf06f..dbc9c2ba0290 100644
> --- a/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
> +++ b/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
> @@ -16,9 +16,9 @@
>"scope": "codeql-ext-dep",
>"type": "web",
>"name": "codeql_cli",
> -  "source": "https://github.com/github/codeql-cli-
> binaries/releases/download/v2.16.1/codeql.zip",
> -  "version": "2.16.1",
> -  "sha256":
> "86a98f6ebb8fd49efadf367f3275c438669fcb8426962c33415129aad8e093e6",
> +  "source": "https://github.com/github/codeql-cli-
> binaries/releases/download/v2.17.3/codeql.zip",
> +  "version": "2.17.3",
> +  "sha256":
> "e5ac1d87ab38e405c9af5db234a338b10dffabc98a648903f1664dd2a566dfd5",
>"compression_type": "zip",
>"internal_path": "/codeql/",
>"flags": ["set_shell_var", ],
> diff --git a/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
> b/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
> index 5b4a919f1de4..536322f2b331 100644
> --- a/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
> +++ b/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
> @@ -14,9 +14,9 @@
>"scope": "codeql-linux-ext-dep",
>"type": "web",
>"name": "codeql_linux_cli",
> -  "source": "https://github.com/github/codeql-cli-
> binaries/releases/download/v2.16.1/codeql-linux64.zip",
> -  "version": "2.16.1",
> -  "sha256":
> "40dbb6c0c4064bd14601a02e60c61661fdc0271469f90eb91a2e7d51d4cbc171",
> +  "source": "https://github.com/github/codeql-cli-
> binaries/releases/download/v2.17.3/codeql-linux64.zip",
> +  "version": "2.17.3",
> +  "sha256":
> "9fba000c4b821534d354bc16821aa066fdb1304446226ea449870e64a8ad3c7a",
>"compression_type": "zip",
>"internal_path": "/codeql/",
>"flags": ["set_shell_var", ],
> diff --git a/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml
> b/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml
> index c0c018c9538f..93a81ffd5020 100644
> --- a/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml
> +++ b/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml
> @@ -14,9 +14,9 @@
>"scope": "codeql-windows-ext-dep",
>"type": "web",
>"name": "codeql_windows_cli",
> -  "source": "https://github.com/github/codeql-cli-
> binaries/releases/download/v2.16.1/codeql-win64.zip",
> -  "version": "2.16.1",
> -  "sha256":
> "9ebe5ea8a7d0a77425428d50d49912319117fccee24ecb62f6219c12584f4f28",
> +  "source": "https://github.com/github/codeql-cli-
> binaries/releases/download/v2.17.3/codeql-win64.zip",
> +  "version": "2.17.3",
> +  "sha256":
> "4c6fbf2ea2eaf0f47bf0347eacf54c6b9d6bdf7acb6b63e17f9e6f2dd83b34e7",
>"compression_type": "zip",
>"internal_path": "/codeql/",
>"flags": ["set_shell_var", ],
> --
> 2.45.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119059): https://edk2.groups.io/g/devel/message/119059
Mute This Topic: https://groups.io/mt/106161774/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 1/1] CodeQL: Update from 2.16.1 to 2.17.3

[Michael Kubacki]

From: Michael Kubacki 

This fixes an issue where the CodeQL queries currently fetched in the
pipeline are incompatible with the current executable used.

Update to pick up functional and security fixes. See the following
comparison for detailed differences:

https://github.com/github/codeql-cli-binaries/compare/v2.16.1...v2.17.3

Cc: Bob Feng 
Cc: Joey Vagedes 
Cc: Liming Gao 
Cc: Michael D Kinney 
Cc: Rebecca Cran 
Cc: Sean Brogan 
Cc: Yuwei Chen 
Signed-off-by: Michael Kubacki 
---

Notes:
This change fixes an immediate compatibility issue between
the latest queries being pulled and the CodeQL CLI being
used.

A follow up change will attempt to lock queries against a
compatibile version to prevent queries from pulling ahead
to incompatible versions in the future.

---

This change was tested in edk2 CI:

https://github.com/tianocore/edk2/pull/5667

 BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml | 6 +++---
 BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml   | 6 +++---
 BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml | 6 +++---
 3 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml 
b/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
index 5ec56c6bf06f..dbc9c2ba0290 100644
--- a/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
+++ b/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
@@ -16,9 +16,9 @@
   "scope": "codeql-ext-dep",
   "type": "web",
   "name": "codeql_cli",
-  "source": 
"https://github.com/github/codeql-cli-binaries/releases/download/v2.16.1/codeql.zip;,
-  "version": "2.16.1",
-  "sha256": "86a98f6ebb8fd49efadf367f3275c438669fcb8426962c33415129aad8e093e6",
+  "source": 
"https://github.com/github/codeql-cli-binaries/releases/download/v2.17.3/codeql.zip;,
+  "version": "2.17.3",
+  "sha256": "e5ac1d87ab38e405c9af5db234a338b10dffabc98a648903f1664dd2a566dfd5",
   "compression_type": "zip",
   "internal_path": "/codeql/",
   "flags": ["set_shell_var", ],
diff --git a/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml 
b/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
index 5b4a919f1de4..536322f2b331 100644
--- a/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
+++ b/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
@@ -14,9 +14,9 @@
   "scope": "codeql-linux-ext-dep",
   "type": "web",
   "name": "codeql_linux_cli",
-  "source": 
"https://github.com/github/codeql-cli-binaries/releases/download/v2.16.1/codeql-linux64.zip;,
-  "version": "2.16.1",
-  "sha256": "40dbb6c0c4064bd14601a02e60c61661fdc0271469f90eb91a2e7d51d4cbc171",
+  "source": 
"https://github.com/github/codeql-cli-binaries/releases/download/v2.17.3/codeql-linux64.zip;,
+  "version": "2.17.3",
+  "sha256": "9fba000c4b821534d354bc16821aa066fdb1304446226ea449870e64a8ad3c7a",
   "compression_type": "zip",
   "internal_path": "/codeql/",
   "flags": ["set_shell_var", ],
diff --git a/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml 
b/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml
index c0c018c9538f..93a81ffd5020 100644
--- a/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml
+++ b/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml
@@ -14,9 +14,9 @@
   "scope": "codeql-windows-ext-dep",
   "type": "web",
   "name": "codeql_windows_cli",
-  "source": 
"https://github.com/github/codeql-cli-binaries/releases/download/v2.16.1/codeql-win64.zip;,
-  "version": "2.16.1",
-  "sha256": "9ebe5ea8a7d0a77425428d50d49912319117fccee24ecb62f6219c12584f4f28",
+  "source": 
"https://github.com/github/codeql-cli-binaries/releases/download/v2.17.3/codeql-win64.zip;,
+  "version": "2.17.3",
+  "sha256": "4c6fbf2ea2eaf0f47bf0347eacf54c6b9d6bdf7acb6b63e17f9e6f2dd83b34e7",
   "compression_type": "zip",
   "internal_path": "/codeql/",
   "flags": ["set_shell_var", ],
-- 
2.45.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119058): https://edk2.groups.io/g/devel/message/119058
Mute This Topic: https://groups.io/mt/106161774/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH] NetworkPkg:MnpDxe:CoverityIssues

[Saloni Kasbekar]

Both the cases have ASSERTs checking that the value is greater than 0. Move the 
checks to the same location as the ASSERT. I'd also prefer if we return with a 
failure instead of forcing continuation of the function with an invalid value.

Thanks,
Saloni

-Original Message-
From: Santhosh Kumar V  
Sent: Friday, May 10, 2024 3:05 AM
To: devel@edk2.groups.io; Santhosh Kumar V 
Cc: Sivaraman Nainar ; Raj V Akilan ; 
Kasbekar, Saloni ; Clark-williams, Zachary 

Subject: [PATCH] NetworkPkg:MnpDxe:CoverityIssues

Resolved INTEGER_OVERFLOW Coverity Issues in MNP Dxe 
1.MnpStop,MnpInstanceDeliverPacket
Expression "MnpDeviceData->ConfiguredChildrenNumber--" and 
Instance->RcvdPacketQueueSize--  where Both variables are known to be equal to 
0, underflows the type that receives it.


Cc: Saloni Kasbekar 
Cc: Zachary Clark-williams 

Signed-off-by: SanthoshKumarV 
---
 NetworkPkg/MnpDxe/MnpConfig.c | 3 ++-
 NetworkPkg/MnpDxe/MnpIo.c | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/NetworkPkg/MnpDxe/MnpConfig.c b/NetworkPkg/MnpDxe/MnpConfig.c 
index 93587d53aa..80253e88de 100644
--- a/NetworkPkg/MnpDxe/MnpConfig.c
+++ b/NetworkPkg/MnpDxe/MnpConfig.c
@@ -1313,7 +1313,8 @@ MnpStop (
   //

   // Decrease the children number.

   //

-  MnpDeviceData->ConfiguredChildrenNumber--;

+  if (MnpDeviceData->ConfiguredChildrenNumber > 0)

+  MnpDeviceData->ConfiguredChildrenNumber--;



   if (MnpDeviceData->ConfiguredChildrenNumber > 0) {

 //

diff --git a/NetworkPkg/MnpDxe/MnpIo.c b/NetworkPkg/MnpDxe/MnpIo.c index 
087c879c46..492edd9b66 100644
--- a/NetworkPkg/MnpDxe/MnpIo.c
+++ b/NetworkPkg/MnpDxe/MnpIo.c
@@ -351,7 +351,8 @@ MnpInstanceDeliverPacket (
   // All resources are OK, remove the packet from the queue.

   //

   NetListRemoveHead (>RcvdPacketQueue);

-  Instance->RcvdPacketQueueSize--;

+  if (Instance->RcvdPacketQueueSize != 0)

+  Instance->RcvdPacketQueueSize--;



   RxData  = >RxData;

   SnpMode = MnpDeviceData->Snp->Mode;

--
2.42.0.windows.2
-The information contained in this message may be confidential and proprietary 
to American Megatrends (AMI). This communication is intended to be read only by 
the individual or entity to whom it is addressed or by their designee. If the 
reader of this message is not the intended recipient, you are on notice that 
any distribution of this message, in any form, is strictly prohibited. Please 
promptly notify the sender by reply e-mail or by telephone at 770-246-8600, and 
then delete or destroy all copies of the transmission.


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119057): https://edk2.groups.io/g/devel/message/119057
Mute This Topic: https://groups.io/mt/106018089/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v2 1/1] MdePkg: Add the EFI_RESOURCE_ATTRIBUTE_SPECIAL_PURPOSE attribute

[Michael Kubacki]

From: Patrick Payne 

Add the EFI_RESOURCE_ATTRIBUTE_SPECIAL_PURPOSE resource attribute as
per the PI 1.8 spec. This flag is used to indicate that the memory
should be treated as special purpose memory (SPM).

Cc: Liming Gao 
Cc: Michael D Kinney 
Signed-off-by: Michael Kubacki 
---

Notes:
V2: Adds package name to commit subject and updates
Signed-off-by.

Note: There is an open question whether this should be
  Reserved instead of System Memory. That seems to
  better align with the spec intention. The code
  will be updated in a future patch after a conclusion
  is reached.

 MdeModulePkg/Core/Dxe/Gcd/Gcd.c | 12 +++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/MdeModulePkg/Core/Dxe/Gcd/Gcd.c b/MdeModulePkg/Core/Dxe/Gcd/Gcd.c
index fe1bbd6974b7..c941fe941276 100644
--- a/MdeModulePkg/Core/Dxe/Gcd/Gcd.c
+++ b/MdeModulePkg/Core/Dxe/Gcd/Gcd.c
@@ -26,7 +26,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
EFI_RESOURCE_ATTRIBUTE_16_BIT_IO
   | \
EFI_RESOURCE_ATTRIBUTE_32_BIT_IO
   | \
EFI_RESOURCE_ATTRIBUTE_64_BIT_IO
   | \
-   EFI_RESOURCE_ATTRIBUTE_PERSISTENT   
   )
+   EFI_RESOURCE_ATTRIBUTE_PERSISTENT   
   | \
+   EFI_RESOURCE_ATTRIBUTE_SPECIAL_PURPOSE  
   )
 
 #define TESTED_MEMORY_ATTRIBUTES  (EFI_RESOURCE_ATTRIBUTE_PRESENT | \
EFI_RESOURCE_ATTRIBUTE_INITIALIZED | \
@@ -92,6 +93,7 @@ GCD_ATTRIBUTE_CONVERSION_ENTRY  mAttributeConversionTable[] = 
{
   { EFI_RESOURCE_ATTRIBUTE_TESTED,  EFI_MEMORY_TESTED,
FALSE },
   { EFI_RESOURCE_ATTRIBUTE_PERSISTABLE, EFI_MEMORY_NV,
TRUE  },
   { EFI_RESOURCE_ATTRIBUTE_MORE_RELIABLE,   EFI_MEMORY_MORE_RELIABLE, 
TRUE  },
+  { EFI_RESOURCE_ATTRIBUTE_SPECIAL_PURPOSE, EFI_MEMORY_SP,
TRUE  },
   { 0,  0,
FALSE }
 };
 
@@ -691,6 +693,10 @@ ConverToCpuArchAttributes (
 CpuArchAttributes |= EFI_MEMORY_WP;
   }
 
+  if ((Attributes & EFI_MEMORY_SP) == EFI_MEMORY_SP) {
+CpuArchAttributes |= EFI_MEMORY_SP;
+  }
+
   return CpuArchAttributes;
 }
 
@@ -2660,6 +2666,10 @@ CoreInitializeGcdServices (
 GcdMemoryType = EfiGcdMemoryTypePersistent;
   }
 
+  if ((ResourceHob->ResourceAttribute & 
EFI_RESOURCE_ATTRIBUTE_SPECIAL_PURPOSE) == 
EFI_RESOURCE_ATTRIBUTE_SPECIAL_PURPOSE) {
+GcdMemoryType = EfiGcdMemoryTypeSystemMemory;
+  }
+
   break;
 case EFI_RESOURCE_MEMORY_MAPPED_IO:
 case EFI_RESOURCE_FIRMWARE_DEVICE:
-- 
2.45.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119056): https://edk2.groups.io/g/devel/message/119056
Mute This Topic: https://groups.io/mt/106160035/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 7/9] MdeModulePkg:Consume gEdkiiVariableRuntimeCacheInfoHobGuid

[Kun Qin via groups.io]

Hi Ray & Dun,

Thanks for adding me to the patch. I think the proposed solution should work. 
One question, which is actually on the hob creator patch 
(https://edk2.groups.io/g/devel/message/119022), is that I understand the hob 
creation depends on "gEfiPeiMemoryDiscoveredPpiGuid", but does this routine 
still run properly if variable PEIM is loaded much later than memory discovered?

Regards,
Kun

From: Ni, Ray 
Sent: Friday, May 17, 2024 5:10 AM
To: Tan, Dun ; devel@edk2.groups.io
Cc: Liming Gao ; Kun Qin ; 
Sean Brogan 
Subject: [EXTERNAL] Re: [PATCH 7/9] MdeModulePkg:Consume 
gEdkiiVariableRuntimeCacheInfoHobGuid

Reviewed-by: Ray Ni mailto:ray...@intel.com>>

Thanks,
Ray

From: Tan, Dun mailto:dun@intel.com>>
Sent: Friday, May 17, 2024 17:49
To: devel@edk2.groups.io 
mailto:devel@edk2.groups.io>>
Cc: Ni, Ray mailto:ray...@intel.com>>; Liming Gao 
mailto:gaolim...@byosoft.com.cn>>
Subject: [PATCH 7/9] MdeModulePkg:Consume gEdkiiVariableRuntimeCacheInfoHobGuid

Consume gEdkiiVariableRuntimeCacheInfoHobGuid in

VariableSmmRuntimeDxe driver to initialize the following

variable cache related buffer:
  *mVariableRuntimeHobCacheBuffer
  *mVariableRuntimeNvCacheBuffer
  *mVariableRuntimeVolatileCacheBuffer
  *mVariableRuntimeCachePendingUpdate
  *mVariableRuntimeCacheReadLock
  *mHobFlushComplete

The code to to allocate
and unblock the buffer for
different type cache in VariableSmmRuntimeDxe is also
removed in this commit.

Signed-off-by: Dun Tan mailto:dun@intel.com>>
Cc: Ray Ni mailto:ray...@intel.com>>
Cc: Liming Gao mailto:gaolim...@byosoft.com.cn>>

Cc: Jiaxin Wu mailto:jiaxin...@intel.com>>
---
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c   | 120 
+---
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf |   5 
+++--
 2 files changed, 52 insertions(+), 73 deletions(-)

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c 
b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
index 8b42ae7d72..68a249c5ac 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
@@ -35,10 +35,11 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #include 
 #include 
 #include 
-#include 
+#include 

 #include 
 #include 
+#include 

 #include "PrivilegePolymorphic.h"
 #include "VariableParsing.h"
@@ -56,10 +57,10 @@ VARIABLE_STORE_HEADER   
*mVariableRuntimeVolatileCacheBuffer = NULL;
 UINTN   mVariableBufferSize;
 UINTN   mVariableRuntimeHobCacheBufferSize;
 UINTN   mVariableBufferPayloadSize;
-BOOLEAN mVariableRuntimeCachePendingUpdate;
-BOOLEAN mVariableRuntimeCacheReadLock;
+BOOLEAN *mVariableRuntimeCachePendingUpdate;
+BOOLEAN *mVariableRuntimeCacheReadLock;
 BOOLEAN mVariableAuthFormat;
-BOOLEAN mHobFlushComplete;
+BOOLEAN *mHobFlushComplete;
 EFI_LOCKmVariableServicesLock;
 EDKII_VARIABLE_LOCK_PROTOCOLmVariableLock;
 EDKII_VAR_CHECK_PROTOCOLmVarCheck;
@@ -180,27 +181,6 @@ InitVariableCache (

   *TotalVariableCacheSize = ALIGN_VALUE (*TotalVariableCacheSize, sizeof 
(UINT32));

-  //
-  // Allocate NV Storage Cache and initialize it to all 1's (like an erased FV)
-  //
-  *VariableCacheBuffer =  (VARIABLE_STORE_HEADER *)AllocateRuntimePages (
- EFI_SIZE_TO_PAGES 
(*TotalVariableCacheSize)
- );
-  if (*VariableCacheBuffer == NULL) {
-return EFI_OUT_OF_RESOURCES;
-  }
-
-  //
-  // Request to unblock the newly allocated cache region to be accessible from 
inside MM
-  //
-  Status = MmUnblockMemoryRequest (
- (EFI_PHYSICAL_ADDRESS)(UINTN)*VariableCacheBuffer,
- EFI_SIZE_TO_PAGES (*TotalVariableCacheSize)
- );
-  if ((Status != EFI_UNSUPPORTED) && EFI_ERROR (Status)) {
-return Status;
-  }
-
   VariableCacheStorePtr = *VariableCacheBuffer;
   SetMem32 ((VOID *)VariableCacheStorePtr, *TotalVariableCacheSize, 
(UINT32)0x);

@@ -568,16 +548,16 @@ CheckForRuntimeCacheSync (
   VOID
   )
 {
-  if (mVariableRuntimeCachePendingUpdate) {
+  if (*mVariableRuntimeCachePendingUpdate) {
 SyncRuntimeCache ();
   }

-  ASSERT (!mVariableRuntimeCachePendingUpdate);
+  ASSERT (!(*mVariableRuntimeCachePendingUpdate));

   //
   // The HOB variable data may have finished being flushed in the runtime 
cache sync update
   //
-  if (mHobFlushComplete && (mVariableRuntimeHobCacheBuffer != NULL)) {
+  if ((*mHobFlushComplete) && 

[edk2-devel] [PATCH] CryptoPkg: Check ASN1_get_object() return value

[Sountharya N via groups.io]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4509

In ASN1_get_object(), Inf should compare with 0x80 instead of 0x00.

Cc: Sountharya N 

Signed-off-by: Sountharya N 
---
 CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c 
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
index 1182323b63..021cc328f8 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
@@ -839,17 +839,17 @@ X509GetTBSCert (
   Length = 0;

   Inf= ASN1_get_object (, (long *), (int *), (int 
*), (long)CertSize);



-  if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) {

+  if (((Inf & 0x80) == 0x80) || (Asn1Tag != V_ASN1_SEQUENCE)) {

 return FALSE;

   }



   *TBSCert = (UINT8 *)Temp;



-  ASN1_get_object (, (long *), (int *), (int *), 
(long)Length);

+  Inf = ASN1_get_object (, (long *), (int *), (int 
*), (long)Length);

   //

   // Verify the parsed TBSCertificate is one correct SEQUENCE data.

   //

-  if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) {

+  if (((Inf & 0x80) == 0x80) || (Asn1Tag != V_ASN1_SEQUENCE)) {

 return FALSE;

   }



--
2.35.1.windows.2
-The information contained in this message may be confidential and proprietary 
to American Megatrends (AMI). This communication is intended to be read only by 
the individual or entity to whom it is addressed or by their designee. If the 
reader of this message is not the intended recipient, you are on notice that 
any distribution of this message, in any form, is strictly prohibited. Please 
promptly notify the sender by reply e-mail or by telephone at 770-246-8600, and 
then delete or destroy all copies of the transmission.


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119054): https://edk2.groups.io/g/devel/message/119054
Mute This Topic: https://groups.io/mt/106158469/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH] CryptoPkg: Check ASN1_get_object() return value

[Sountharya N via groups.io]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4509

ASN1_get_object() returns (0x80) in error case and it is compared with (0x00). 
If ASN1_get_object() returns 0x80 it should returns FALSE, but here it is 
compared with (0x00) and if it returns 0x80 it is coming out of the condition 
and makes the function TRUE.

Cc: Sountharya N 

Cc: Prarthana Sagar V 

Cc: Gayathri Thunuguntla 

Cc: Srinivasan Mani 

Cc: Yi Li 

Signed-off-by: Sountharya N 
---
 ...e-check-ASN1_get_object-return-value.patch | 47 +++
 1 file changed, 47 insertions(+)
 create mode 100644 0001-Add-variable-check-ASN1_get_object-return-value.patch

diff --git a/0001-Add-variable-check-ASN1_get_object-return-value.patch 
b/0001-Add-variable-check-ASN1_get_object-return-value.patch
new file mode 100644
index 00..3bd7f69ab2
--- /dev/null
+++ b/0001-Add-variable-check-ASN1_get_object-return-value.patch
@@ -0,0 +1,47 @@
+grom 4bffb95cc9f16f1ee25155b0dde9e7dc7288134a Mon Sep 17 00:00:00 2001
+From: Sountharya N 
+Date: Fri, 17 May 2024 15:30:51 +0530
+Subject: [PATCH] Add variable ASN1_get_object() return value
+To: sounthar...@ami.com
+
+REF: "https://bugzilla.tianocore.org/show_bug.cgi?id=4509;
+
+ASN1_get_object() returns (0x80) in error case and it is compared with (0x00). 
If ASN1_get_object() returns 0x80 it should returns FALSE, but here it is 
compared with (0x00) and if it returns 0x80 it is coming out of the condition 
and makes the function TRUE.
+
+Cc: Sountharya N 
+
+Cc: Shenba 
+
+Signed-off-by: Sountharya N 
+---
+ CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c 
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
+index 1182323b63..021cc328f8 100644
+--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
 b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
+@@ -839,17 +839,17 @@ X509GetTBSCert (
+   Length = 0;

+   Inf= ASN1_get_object (, (long *), (int *), (int 
*), (long)CertSize);

+

+-  if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) {

++  if (((Inf & 0x80) == 0x80) || (Asn1Tag != V_ASN1_SEQUENCE)) {

+ return FALSE;

+   }

+

+   *TBSCert = (UINT8 *)Temp;

+

+-  ASN1_get_object (, (long *), (int *), (int *), 
(long)Length);

++  Inf = ASN1_get_object (, (long *), (int *), (int 
*), (long)Length);

+   //

+   // Verify the parsed TBSCertificate is one correct SEQUENCE data.

+   //

+-  if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) {

++  if (((Inf & 0x80) == 0x80) || (Asn1Tag != V_ASN1_SEQUENCE)) {

+ return FALSE;

+   }

+

+--
+2.35.1.windows.2
+
--
2.35.1.windows.2
-The information contained in this message may be confidential and proprietary 
to American Megatrends (AMI). This communication is intended to be read only by 
the individual or entity to whom it is addressed or by their designee. If the 
reader of this message is not the intended recipient, you are on notice that 
any distribution of this message, in any form, is strictly prohibited. Please 
promptly notify the sender by reply e-mail or by telephone at 770-246-8600, and 
then delete or destroy all copies of the transmission.


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119053): https://edk2.groups.io/g/devel/message/119053
Mute This Topic: https://groups.io/mt/106158469/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v2] MdeModulePkg/PciBusDxe: plug device hierarchy leak upon bridge hot-unplug

[Ding, Feng (Sunnyvale) via groups.io]

[AMD Official Use Only - AMD Internal Distribution Only]

Hi Ray,

You are right. The change is NOT necessary.

Thanks
feng

From: Ni, Ray 
Sent: Tuesday, May 7, 2024 8:26 PM
To: Hsueh, Hong-Chih (Neo) ; Laszlo Ersek 
; devel@edk2.groups.io
Cc: Ding, Feng (Sunnyvale) ; He, Jiangang 
; Chang, Abner ; 
gaolim...@byosoft.com.cn
Subject: Re: [PATCH v2] MdeModulePkg/PciBusDxe: plug device hierarchy leak upon 
bridge hot-unplug

Caution: This message originated from an External Source. Use proper caution 
when opening attachments, clicking links, or responding.

Neo,
I don't think your change is needed because of the following existing logic 
where RemoveAllPciDeviceOnBridge() is called to destroy/free all PCI nodes.




  if (Operation == EfiPciHotplugRequestRemove) {

if (*NumberOfChildren == 0) {

  //

  // Remove all devices on the bridge

  //

  RemoveAllPciDeviceOnBridge (RootBridgeHandle, Bridge);

  return EFI_SUCCESS;

}


Thanks,
Ray

From: Hsueh, Hong-Chih (Neo) 
mailto:hong-chih.hs...@amd.com>>
Sent: Wednesday, May 1, 2024 2:24
To: Laszlo Ersek mailto:ler...@redhat.com>>; 
devel@edk2.groups.io 
mailto:devel@edk2.groups.io>>; Ni, Ray 
mailto:ray...@intel.com>>
Cc: Ding, Feng (Sunnyvale) mailto:feng1.d...@amd.com>>; He, 
Jiangang mailto:jiangang...@amd.com>>; Chang, Abner 
mailto:abner.ch...@amd.com>>; 
gaolim...@byosoft.com.cn 
mailto:gaolim...@byosoft.com.cn>>
Subject: Re: [PATCH v2] MdeModulePkg/PciBusDxe: plug device hierarchy leak upon 
bridge hot-unplug


[AMD Official Use Only - General]

Hi @ray...@intel.com,

Sorry you bother you, may I have your feedback for this patch?
If it looks good to you could you help to give me an R-b ?

Thank you.

Regards,
Neo


From: Laszlo Ersek mailto:ler...@redhat.com>>
Sent: Sunday, February 25, 2024 7:59 AM
To: Hsueh, Hong-Chih (Neo) 
mailto:hong-chih.hs...@amd.com>>; 
devel@edk2.groups.io 
mailto:devel@edk2.groups.io>>
Cc: Ding, Feng (Sunnyvale) mailto:feng1.d...@amd.com>>; He, 
Jiangang mailto:jiangang...@amd.com>>; Chang, Abner 
mailto:abner.ch...@amd.com>>; 
ray...@intel.com 
mailto:ray...@intel.com>>; 
gaolim...@byosoft.com.cn 
mailto:gaolim...@byosoft.com.cn>>
Subject: Re: [PATCH v2] MdeModulePkg/PciBusDxe: plug device hierarchy leak upon 
bridge hot-unplug

Caution: This message originated from an External Source. Use proper caution 
when opening attachments, clicking links, or responding.


On 2/22/24 17:28, Neo Hsueh wrote:
> A USB4 or TBT bridge can be plugged or unplugged on USB4 port. The actions 
> require PciHotPlugRequestNotify to add a root bridge or remove a root bridge 
> completely.
> In the plug-unplug-plug scenerio, PciHotPlugRequestNotify will return with 
> no-action on second plug because bridge tree shows configured.
> Destroy Pci Device Tree in function PciHotPlugRequestNotify for unplug event 
> to fix this issue.
>
> Cc: Feng Ding mailto:feng1.d...@amd.com>>
> Cc: Jiangang He mailto:jiangang...@amd.com>>
> Signed-off-by: Neo Hsueh 
> mailto:hong-chih.hs...@amd.com>>
> ---
>  MdeModulePkg/Bus/Pci/PciBusDxe/PciEnumerator.c | 2 ++
>  1 file changed, 2 insertions(+)
>
> diff --git a/MdeModulePkg/Bus/Pci/PciBusDxe/PciEnumerator.c 
> b/MdeModulePkg/Bus/Pci/PciBusDxe/PciEnumerator.c
> index 3f8c6e6da7..2b7af60e0a 100644
> --- a/MdeModulePkg/Bus/Pci/PciBusDxe/PciEnumerator.c
> +++ b/MdeModulePkg/Bus/Pci/PciBusDxe/PciEnumerator.c
> @@ -2103,6 +2103,8 @@ PciHotPlugRequestNotify (
>}
>  }
>
> +DestroyPciDeviceTree (Bridge);
> +
>  //
>  // End for
>  //

This looks convincing to me, but I don't now nearly enough about
PciBusDxe internals (resource management in particular) to confidently
approve this patch. I can give an

Acked-by: Laszlo Ersek mailto:ler...@redhat.com>>

but the patch should not be merged until Ray provides an R-b.

Laszlo


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119051): https://edk2.groups.io/g/devel/message/119051
Mute This Topic: https://groups.io/mt/104511503/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH] XiangshanSeriesPkg:Add Support for Xilinx RC(PCIE) Driver

[suijingfeng]

On Thu, May 16, 2024 at 10:54 AM, WangYang wrote:

Hi,

>
> Hi,Ray
> 
> Thank you very much for your attention.
>

The reviewer Ray told you that  you patch has some small problems, 
For example, the clause "if ((Bus == 1) || (Bus == 2) || (Bus == 3) || (Bus == 
4)) "  is useless.
As both code path returns same value. 

You should solve this small problems, also cut this big patch into smaller 
pieces as smaller patch is easier to review.
and when all problem solved, you should send the updated patch as V2. Since 
this version is V1 as far as I know.





-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119052): https://edk2.groups.io/g/devel/message/119052
Mute This Topic: https://groups.io/mt/105572700/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] Soft Feature Freeze starts now for edk2-stable202405

[Wenxing Hou]

Hi Liming and Mike,

For the PATCH: Add more crypt APIs based on Mbedtls 
(https://edk2.groups.io/g/devel/message/118772),
I have fixed the code based on Mike’s feedback
and added the platform integration test table in commit message.

Could you approve this PATCH to catch this table tag?


Thanks,
Wenxing
From: gaoliming 
Sent: Wednesday, May 15, 2024 8:49 AM
To: Kinney, Michael D ; devel@edk2.groups.io; 
'Andrew Fish' ; 'Leif Lindholm' 
Cc: 'Ard Biesheuvel' ; sam.kay...@arm.com; 
dougfl...@microsoft.com; Mathews, John ; Hou, Wenxing 
; Li, Yi1 ; Yao, Jiewen 

Subject: 回复: [edk2-devel] Soft Feature Freeze starts now for edk2-stable202405

Mike:
  Thanks for your comments. I update the status below.

Thanks
Liming
发件人: Kinney, Michael D 
mailto:michael.d.kin...@intel.com>>
发送时间: 2024年5月15日 0:35
收件人: gaoliming mailto:gaolim...@byosoft.com.cn>>; 
devel@edk2.groups.io; 'Andrew Fish' 
mailto:af...@apple.com>>; 'Leif Lindholm' 
mailto:quic_llind...@quicinc.com>>
抄送: 'Ard Biesheuvel' mailto:a...@kernel.org>>; 
sam.kay...@arm.com; 
dougfl...@microsoft.com; Mathews, John 
mailto:john.math...@intel.com>>; Hou, Wenxing 
mailto:wenxing@intel.com>>; Li, Yi1 
mailto:yi1...@intel.com>>; Yao, Jiewen 
mailto:jiewen@intel.com>>; Kinney, Michael D 
mailto:michael.d.kin...@intel.com>>
主题: RE: [edk2-devel] Soft Feature Freeze starts now for edk2-stable202405

Hi Liming,

My responses below in [Mike].

Mike


From: gaoliming mailto:gaolim...@byosoft.com.cn>>
Sent: Friday, May 10, 2024 8:29 AM
To: devel@edk2.groups.io; Kinney, Michael D 
mailto:michael.d.kin...@intel.com>>; 'Andrew Fish' 
mailto:af...@apple.com>>; 'Leif Lindholm' 
mailto:quic_llind...@quicinc.com>>
Cc: 'Ard Biesheuvel' mailto:a...@kernel.org>>; 
sam.kay...@arm.com; 
dougfl...@microsoft.com; Mathews, John 
mailto:john.math...@intel.com>>; Hou, Wenxing 
mailto:wenxing@intel.com>>
Subject: 回复: [edk2-devel] Soft Feature Freeze starts now for edk2-stable202405

Stewards:
  Now, there are several patches to catch this table tag. Could you give the 
comments for them?


1. Adding support for verbose UEFI Table dumping to Dmem.c 
(https://edk2.groups.io/g/devel/message/118582)

[Liming] This patch set has been reviewed before soft feature freeze. It plans 
to catch this stable tag.



[Mike] I see this PR: https://github.com/tianocore/edk2/pull/5653 that is not 
passing CI and appears it will require additional code changes



[Mike] Reject for edk2-stable202405



2.  MdePkg/BaseLib: Fix AARCH64 compilation error 
(https://edk2.groups.io/g/devel/message/118690)

[Liming] This bug fix is reviewed in soft feature freeze phase. It plans to 
catch this stable tag.

[Mike] Approved for edk2-stable202405

[Liming] I add push label for https://github.com/tianocore/edk2/pull/5642



3.  MdeModulePkg: Potential UINT32 overflow in S3 ResumeCount 
(https://edk2.groups.io/g/devel/message/118745)

[Liming] This security fix is reviewed in soft feature freeze phase. It plans 
to catch this stable tag.


[Mike] Approved for edk2-stable202405
[Liming] I add push label for https://github.com/tianocore/edk2/pull/5659



4.  NetworkPkg: CVE-2023-45236 and CVE-2023-45237 
(https://edk2.groups.io/g/devel/message/118768)

[Liming] This security fix is still under code review. It plans to catch this 
stable tag.



[Mike] Is the code review complete?  Is there a link to the PR?

[Liming] NetworkPkg reviewer will review this patch set this week.



Thanks



5.  Add more crypt APIs based on Mbedtls 
(https://edk2.groups.io/g/devel/message/118772)

[Liming] This patch set passes code review in soft feature freeze phase. It 
plans to catch this stable tag.

[Mike] This patch series uses ‘..’ in INF to access source files in another 
component.  This is not legal.  I am surprised this was not caught in code 
review.

DEFINE OPENSSL_PATH= ../OpensslLib/openssl
DEFINE BASE_CRYPT_PATH = ../BaseCryptLib

[Mike] I see a reference to some “platform integration” testing.  Given that 
this patch series implements a number of
crypto service APIs and is a large number of new lines of code, it would be 
good to know if all of the newly added APIs
were tested in a platform integration. A table of the added APIs and the 
platform integration test status would be good to
know if there was any functional testing of each API.  If there are APIs that 
are not covered by any platform integration
testing, then I would be concerned with such a large change with limited 
testing.

Thanks
Liming
发件人: devel@edk2.groups.io 
mailto:devel@edk2.groups.io>> 代表 gaoliming via groups.io
发送时间: 2024年5月7日 9:25
收件人: devel@edk2.groups.io; 
annou...@edk2.groups.io
抄送: 'Michael D Kinney' 
mailto:michael.d.kin...@intel.com>>; 'Andrew 

Re: [edk2-devel] [edk2-libc Patch 1/1] edk2-libc: Add cpuid_ex API to execute CPUID instructions on specific CPU

[Jayaprakash, N]

Changes looks good.

Reviewed-by: Jayaprakash N 

Regards,
JP
-Original Message-
From: R, Vishal  
Sent: Friday, May 17, 2024 12:08 PM
To: devel@edk2.groups.io
Cc: R, Vishal ; Rebecca Cran ; Kinney, 
Michael D ; Jayaprakash, N 
Subject: [edk2-libc Patch 1/1] edk2-libc: Add cpuid_ex API to execute CPUID 
instructions on specific CPU

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4749

This commit adds cpuid_ex function to edk2module to provide capability to 
execute cpuid instruction on specific cpu.
This feature was requested via BZ 4749

Cc: Rebecca Cran 
Cc: Michael D Kinney 
Cc: Jayaprakash N 
Signed-off-by: Vishal R 
---
 .../PyMod-3.6.8/Modules/edk2module.c  | 93 +++
 1 file changed, 93 insertions(+)

diff --git 
a/AppPkg/Applications/Python/Python-3.6.8/PyMod-3.6.8/Modules/edk2module.c 
b/AppPkg/Applications/Python/Python-3.6.8/PyMod-3.6.8/Modules/edk2module.c
index 163fc7f..d419428 100644
--- a/AppPkg/Applications/Python/Python-3.6.8/PyMod-3.6.8/Modules/edk2module.c
+++ b/AppPkg/Applications/Python/Python-3.6.8/PyMod-3.6.8/Modules/edk2mo
+++ dule.c
@@ -45,6 +45,15 @@ typedef struct {
 UINT64 data; // data, to be filled by the AP function  } 
AP_FUNCTION_MSR_ARGS;
 
+typedef struct {
+UINT32 eax; // eax value
+UINT32 ecx; // ecx value
+UINT32 rax_value;   // retrun value for eax
+UINT32 rbx_value;   // return value for ebx
+UINT32 rcx_value;   // retrun value for ecx
+UINT32 rdx_value;   // return value for edx
+} AP_FUNCTION_CPUID_ARGS;
+
 #define AP_FUNCTION_EXECUTION_TIMEOUT  500   // setting the max time out 
value to be 5 seconds
 
 extern void _swsmi( unsigned int smi_code_data, unsigned int rax_value, 
unsigned int rbx_value, unsigned int rcx_value, unsigned int rdx_value, 
unsigned int rsi_value, unsigned int rdi_value ); @@ -223,6 +232,13 @@ VOID 
EFIAPI MSRWriteToRunOnAP(IN VOID *context)
 AsmWriteMsr64(msr, data);
 }
 
+// CPUID execution function to run on specific cpu core using 
+MPServices Protocol VOID EFIAPI CPUIDToRunOnAP(IN VOID *context) {
+AP_FUNCTION_CPUID_ARGS *args = (AP_FUNCTION_CPUID_ARGS *)context;
+AsmCpuidEx( args->eax, args->ecx, >rax_value, 
+>rbx_value, >rcx_value, >rdx_value); }
+
 #ifndef UEFI_C_SOURCE
 /* Return a dictionary corresponding to the POSIX environment table */  extern 
char **environ; @@ -4153,6 +4169,82 @@ edk2_cpuid(PyObject *self, PyObject 
*args)
 return Py_BuildValue("())",  (unsigned long)rax_value,  (unsigned 
long)rbx_value,  (unsigned long)rcx_value,  (unsigned long)rdx_value);  }
 
+PyDoc_STRVAR(efi_cpuid_ex__doc__,
+"cpuid_ex(cpu, eax, ecx) -> (eax:ebx:ecx:edx)\n\ Read the CPUID from a 
+specific cpu.";);
+
+static PyObject *
+edk2_cpuid_ex(PyObject *self, PyObject *args) {
+UINT32 cpu, eax, ecx, rax_value, rbx_value, rcx_value, rdx_value;
+BOOLEAN is_function_finished = FALSE;
+EFI_STATUS status = 0;
+AP_FUNCTION_CPUID_ARGS cpuid_args = {0};
+
+if (!PyArg_ParseTuple(args, "III", , , ))
+return NULL;
+Py_BEGIN_ALLOW_THREADS
+
+cpuid_args.eax = eax;
+cpuid_args.ecx = ecx;
+
+if (cpu == gCurrentBSPProcessorNumber)
+{
+// cpu provided as input is same as the current BSP processor
+// then directly call the CPUIDToRunOnAP function to execute
+// cpuid instruction on current BSP processor itself.
+CPUIDToRunOnAP(_args);
+}
+else if (cpu < gNumberOfProcessors)
+{
+// if cpu provided as input is different from the current
+// BSP processor and is less than the number of processors
+// on this system, then make use of the MPService protocols
+// StartupThisAP function to run the CPUIDToRunOnAP function on
+// specific AP indicated by cpu parameter.
+// Start the AP with the arguments structure
+
+status = gpMpService->StartupThisAP(
+gpMpService,
+CPUIDToRunOnAP, // Function to run
+cpu,// AP number
+NULL,   // WaitEvent (optional)
+AP_FUNCTION_EXECUTION_TIMEOUT,  // Timeout in microseconds
+_args,// Buffer to pass to the function
+_function_finished   // Finished (optional)
+);
+if (EFI_ERROR(status))
+{
+PyErr_SetString(PyExc_OSError, "Could not start the requested 
cpu");
+Py_INCREF(Py_None);
+return Py_None;
+}
+
+if (!is_function_finished)
+{
+PyErr_SetString(PyExc_OSError,
+"Timeout while running the cpuid instruction on 
given cpu");
+Py_INCREF(Py_None);
+return Py_None;
+}
+}
+else
+{
+// if cpu provided exeeds the number of processors
+// then set the ValueError exception and return Py_None
+PyErr_SetString(PyExc_ValueError,
+  

Re: [edk2-devel] [PATCH 9/9] MdeModulePkg:Add global variable mVariableRtCacheInfo

[Ni, Ray]

I didn't read through all changes.
2 comments:

  1.
Please do not remember to call ConvertPointer() for any pointers accessed at 
runtime. I think your patch contains 4 pointers in the mVariableRtCacheInfo 
structure.
  2.
Please do not call FreePages() to free a PEI-allocated runtime memory. It won't 
succeed as PEI and DXE memory services do not share one database.
 *
The FreePages() call should be removed in earlier patch when you let the 
Variable driver consume the PEI-allocated memory.

Thanks,
Ray

From: Tan, Dun 
Sent: Friday, May 17, 2024 17:49
To: devel@edk2.groups.io 
Cc: Ni, Ray ; Liming Gao ; Wu, 
Jiaxin 
Subject: [PATCH 9/9] MdeModulePkg:Add global variable mVariableRtCacheInfo

Add global variable mVariableRtCacheInfo to save the
content in gEdkiiVariableRuntimeCacheInfoHobGuid. With
this new global variable, 7 global variables can be
removed.

Signed-off-by: Dun Tan 
Cc: Ray Ni 
Cc: Liming Gao 
Cc: Jiaxin Wu 
---
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c | 97 
+
 1 file changed, 41 insertions(+), 56 deletions(-)

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c 
b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
index 6efe5cee10..de39462d68 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
@@ -44,26 +44,20 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #include "PrivilegePolymorphic.h"
 #include "VariableParsing.h"

-EFI_HANDLE  mHandle  = NULL;
-EFI_SMM_VARIABLE_PROTOCOL   *mSmmVariable= NULL;
-EFI_EVENT   mVirtualAddressChangeEvent   = NULL;
-EFI_MM_COMMUNICATION2_PROTOCOL  *mMmCommunication2   = NULL;
-UINT8   *mVariableBuffer = NULL;
-UINT8   *mVariableBufferPhysical = NULL;
-VARIABLE_INFO_ENTRY *mVariableInfo   = NULL;
-VARIABLE_STORE_HEADER   *mVariableRuntimeHobCacheBuffer  = NULL;
-VARIABLE_STORE_HEADER   *mVariableRuntimeNvCacheBuffer   = NULL;
-VARIABLE_STORE_HEADER   *mVariableRuntimeVolatileCacheBuffer = NULL;
+EFI_HANDLE  mHandle= NULL;
+EFI_SMM_VARIABLE_PROTOCOL   *mSmmVariable  = NULL;
+EFI_EVENT   mVirtualAddressChangeEvent = NULL;
+EFI_MM_COMMUNICATION2_PROTOCOL  *mMmCommunication2 = NULL;
+UINT8   *mVariableBuffer   = NULL;
+UINT8   *mVariableBufferPhysical   = NULL;
+VARIABLE_INFO_ENTRY *mVariableInfo = NULL;
 UINTN   mVariableBufferSize;
-UINTN   mVariableRuntimeHobCacheBufferSize;
 UINTN   mVariableBufferPayloadSize;
-BOOLEAN *mVariableRuntimeCachePendingUpdate;
-BOOLEAN *mVariableRuntimeCacheReadLock;
 BOOLEAN mVariableAuthFormat;
-BOOLEAN *mHobFlushComplete;
 EFI_LOCKmVariableServicesLock;
 EDKII_VARIABLE_LOCK_PROTOCOLmVariableLock;
 EDKII_VAR_CHECK_PROTOCOLmVarCheck;
+VARIABLE_RUNTIME_CACHE_INFO mVariableRtCacheInfo;

 /**
   The logic to initialize the VariablePolicy engine is in its own file.
@@ -500,21 +494,21 @@ CheckForRuntimeCacheSync (
   VOID
   )
 {
-  if (*mVariableRuntimeCachePendingUpdate) {
+  if (mVariableRtCacheInfo.CacheInfoFlag->PendingUpdate) {
 SyncRuntimeCache ();
   }

-  ASSERT (!(*mVariableRuntimeCachePendingUpdate));
+  ASSERT (!(mVariableRtCacheInfo.CacheInfoFlag->PendingUpdate));

   //
   // The HOB variable data may have finished being flushed in the runtime 
cache sync update
   //
-  if ((*mHobFlushComplete) && (mVariableRuntimeHobCacheBuffer != NULL)) {
+  if ((mVariableRtCacheInfo.CacheInfoFlag->HobFlushComplete) && 
(mVariableRtCacheInfo.RuntimeHobCacheBuffer != 0)) {
 if (!EfiAtRuntime ()) {
-  FreePages (mVariableRuntimeHobCacheBuffer, EFI_SIZE_TO_PAGES 
(mVariableRuntimeHobCacheBufferSize));
+  FreePages ((VOID *)(UINTN)mVariableRtCacheInfo.RuntimeHobCacheBuffer, 
mVariableRtCacheInfo.RuntimeHobCachePages);
 }

-mVariableRuntimeHobCacheBuffer = NULL;
+mVariableRtCacheInfo.RuntimeHobCacheBuffer = 0;
   }
 }

@@ -565,20 +559,20 @@ FindVariableInRuntimeCache (
   // a GetVariable () or GetNextVariable () call from being issued until a 
prior call has returned. The runtime
   // cache read lock should always be free when entering this function.
   //
-  ASSERT (!(*mVariableRuntimeCacheReadLock));
+  ASSERT (!(mVariableRtCacheInfo.CacheInfoFlag->ReadLock));

-  

Re: [edk2-devel] [PATCH 7/9] MdeModulePkg:Consume gEdkiiVariableRuntimeCacheInfoHobGuid

[Ni, Ray]

Dun,
All the 6 new pointers that are accessed at runtime should be converted through 
ConvertPointer().
Please ignore my previous Reviewed-by.

Thanks,
Ray

From: Tan, Dun 
Sent: Friday, May 17, 2024 17:49
To: devel@edk2.groups.io 
Cc: Ni, Ray ; Liming Gao 
Subject: [PATCH 7/9] MdeModulePkg:Consume gEdkiiVariableRuntimeCacheInfoHobGuid

Consume gEdkiiVariableRuntimeCacheInfoHobGuid in

VariableSmmRuntimeDxe driver to initialize the following

variable cache related buffer:
  *mVariableRuntimeHobCacheBuffer
  *mVariableRuntimeNvCacheBuffer
  *mVariableRuntimeVolatileCacheBuffer
  *mVariableRuntimeCachePendingUpdate
  *mVariableRuntimeCacheReadLock
  *mHobFlushComplete

The code to to allocate
and unblock the buffer for
different type cache in VariableSmmRuntimeDxe is also
removed in this commit.

Signed-off-by: Dun Tan 
Cc: Ray Ni 
Cc: Liming Gao 

Cc: Jiaxin Wu 
---
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c   | 120 
+---
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf |   5 
+++--
 2 files changed, 52 insertions(+), 73 deletions(-)

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c 
b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
index 8b42ae7d72..68a249c5ac 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
@@ -35,10 +35,11 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #include 
 #include 
 #include 
-#include 
+#include 

 #include 
 #include 
+#include 

 #include "PrivilegePolymorphic.h"
 #include "VariableParsing.h"
@@ -56,10 +57,10 @@ VARIABLE_STORE_HEADER   
*mVariableRuntimeVolatileCacheBuffer = NULL;
 UINTN   mVariableBufferSize;
 UINTN   mVariableRuntimeHobCacheBufferSize;
 UINTN   mVariableBufferPayloadSize;
-BOOLEAN mVariableRuntimeCachePendingUpdate;
-BOOLEAN mVariableRuntimeCacheReadLock;
+BOOLEAN *mVariableRuntimeCachePendingUpdate;
+BOOLEAN *mVariableRuntimeCacheReadLock;
 BOOLEAN mVariableAuthFormat;
-BOOLEAN mHobFlushComplete;
+BOOLEAN *mHobFlushComplete;
 EFI_LOCKmVariableServicesLock;
 EDKII_VARIABLE_LOCK_PROTOCOLmVariableLock;
 EDKII_VAR_CHECK_PROTOCOLmVarCheck;
@@ -180,27 +181,6 @@ InitVariableCache (

   *TotalVariableCacheSize = ALIGN_VALUE (*TotalVariableCacheSize, sizeof 
(UINT32));

-  //
-  // Allocate NV Storage Cache and initialize it to all 1's (like an erased FV)
-  //
-  *VariableCacheBuffer =  (VARIABLE_STORE_HEADER *)AllocateRuntimePages (
- EFI_SIZE_TO_PAGES 
(*TotalVariableCacheSize)
- );
-  if (*VariableCacheBuffer == NULL) {
-return EFI_OUT_OF_RESOURCES;
-  }
-
-  //
-  // Request to unblock the newly allocated cache region to be accessible from 
inside MM
-  //
-  Status = MmUnblockMemoryRequest (
- (EFI_PHYSICAL_ADDRESS)(UINTN)*VariableCacheBuffer,
- EFI_SIZE_TO_PAGES (*TotalVariableCacheSize)
- );
-  if ((Status != EFI_UNSUPPORTED) && EFI_ERROR (Status)) {
-return Status;
-  }
-
   VariableCacheStorePtr = *VariableCacheBuffer;
   SetMem32 ((VOID *)VariableCacheStorePtr, *TotalVariableCacheSize, 
(UINT32)0x);

@@ -568,16 +548,16 @@ CheckForRuntimeCacheSync (
   VOID
   )
 {
-  if (mVariableRuntimeCachePendingUpdate) {
+  if (*mVariableRuntimeCachePendingUpdate) {
 SyncRuntimeCache ();
   }

-  ASSERT (!mVariableRuntimeCachePendingUpdate);
+  ASSERT (!(*mVariableRuntimeCachePendingUpdate));

   //
   // The HOB variable data may have finished being flushed in the runtime 
cache sync update
   //
-  if (mHobFlushComplete && (mVariableRuntimeHobCacheBuffer != NULL)) {
+  if ((*mHobFlushComplete) && (mVariableRuntimeHobCacheBuffer != NULL)) {
 if (!EfiAtRuntime ()) {
   FreePages (mVariableRuntimeHobCacheBuffer, EFI_SIZE_TO_PAGES 
(mVariableRuntimeHobCacheBufferSize));
 }
@@ -633,12 +613,12 @@ FindVariableInRuntimeCache (
   // a GetVariable () or GetNextVariable () call from being issued until a 
prior call has returned. The runtime
   // cache read lock should always be free when entering this function.
   //
-  ASSERT (!mVariableRuntimeCacheReadLock);
+  ASSERT (!(*mVariableRuntimeCacheReadLock));

-  mVariableRuntimeCacheReadLock = TRUE;
+  *mVariableRuntimeCacheReadLock = TRUE;
   CheckForRuntimeCacheSync ();

-  if (!mVariableRuntimeCachePendingUpdate) {
+  if (!(*mVariableRuntimeCachePendingUpdate)) {
 //
 // 0: Volatile, 1: HOB, 2: Non-Volatile.
 // The 

Re: [edk2-devel] [PATCH 7/9] MdeModulePkg:Consume gEdkiiVariableRuntimeCacheInfoHobGuid

[Ni, Ray]

Reviewed-by: Ray Ni 

Thanks,
Ray

From: Tan, Dun 
Sent: Friday, May 17, 2024 17:49
To: devel@edk2.groups.io 
Cc: Ni, Ray ; Liming Gao 
Subject: [PATCH 7/9] MdeModulePkg:Consume gEdkiiVariableRuntimeCacheInfoHobGuid

Consume gEdkiiVariableRuntimeCacheInfoHobGuid in

VariableSmmRuntimeDxe driver to initialize the following

variable cache related buffer:
  *mVariableRuntimeHobCacheBuffer
  *mVariableRuntimeNvCacheBuffer
  *mVariableRuntimeVolatileCacheBuffer
  *mVariableRuntimeCachePendingUpdate
  *mVariableRuntimeCacheReadLock
  *mHobFlushComplete

The code to to allocate
and unblock the buffer for
different type cache in VariableSmmRuntimeDxe is also
removed in this commit.

Signed-off-by: Dun Tan 
Cc: Ray Ni 
Cc: Liming Gao 

Cc: Jiaxin Wu 
---
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c   | 120 
+---
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf |   5 
+++--
 2 files changed, 52 insertions(+), 73 deletions(-)

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c 
b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
index 8b42ae7d72..68a249c5ac 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
@@ -35,10 +35,11 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #include 
 #include 
 #include 
-#include 
+#include 

 #include 
 #include 
+#include 

 #include "PrivilegePolymorphic.h"
 #include "VariableParsing.h"
@@ -56,10 +57,10 @@ VARIABLE_STORE_HEADER   
*mVariableRuntimeVolatileCacheBuffer = NULL;
 UINTN   mVariableBufferSize;
 UINTN   mVariableRuntimeHobCacheBufferSize;
 UINTN   mVariableBufferPayloadSize;
-BOOLEAN mVariableRuntimeCachePendingUpdate;
-BOOLEAN mVariableRuntimeCacheReadLock;
+BOOLEAN *mVariableRuntimeCachePendingUpdate;
+BOOLEAN *mVariableRuntimeCacheReadLock;
 BOOLEAN mVariableAuthFormat;
-BOOLEAN mHobFlushComplete;
+BOOLEAN *mHobFlushComplete;
 EFI_LOCKmVariableServicesLock;
 EDKII_VARIABLE_LOCK_PROTOCOLmVariableLock;
 EDKII_VAR_CHECK_PROTOCOLmVarCheck;
@@ -180,27 +181,6 @@ InitVariableCache (

   *TotalVariableCacheSize = ALIGN_VALUE (*TotalVariableCacheSize, sizeof 
(UINT32));

-  //
-  // Allocate NV Storage Cache and initialize it to all 1's (like an erased FV)
-  //
-  *VariableCacheBuffer =  (VARIABLE_STORE_HEADER *)AllocateRuntimePages (
- EFI_SIZE_TO_PAGES 
(*TotalVariableCacheSize)
- );
-  if (*VariableCacheBuffer == NULL) {
-return EFI_OUT_OF_RESOURCES;
-  }
-
-  //
-  // Request to unblock the newly allocated cache region to be accessible from 
inside MM
-  //
-  Status = MmUnblockMemoryRequest (
- (EFI_PHYSICAL_ADDRESS)(UINTN)*VariableCacheBuffer,
- EFI_SIZE_TO_PAGES (*TotalVariableCacheSize)
- );
-  if ((Status != EFI_UNSUPPORTED) && EFI_ERROR (Status)) {
-return Status;
-  }
-
   VariableCacheStorePtr = *VariableCacheBuffer;
   SetMem32 ((VOID *)VariableCacheStorePtr, *TotalVariableCacheSize, 
(UINT32)0x);

@@ -568,16 +548,16 @@ CheckForRuntimeCacheSync (
   VOID
   )
 {
-  if (mVariableRuntimeCachePendingUpdate) {
+  if (*mVariableRuntimeCachePendingUpdate) {
 SyncRuntimeCache ();
   }

-  ASSERT (!mVariableRuntimeCachePendingUpdate);
+  ASSERT (!(*mVariableRuntimeCachePendingUpdate));

   //
   // The HOB variable data may have finished being flushed in the runtime 
cache sync update
   //
-  if (mHobFlushComplete && (mVariableRuntimeHobCacheBuffer != NULL)) {
+  if ((*mHobFlushComplete) && (mVariableRuntimeHobCacheBuffer != NULL)) {
 if (!EfiAtRuntime ()) {
   FreePages (mVariableRuntimeHobCacheBuffer, EFI_SIZE_TO_PAGES 
(mVariableRuntimeHobCacheBufferSize));
 }
@@ -633,12 +613,12 @@ FindVariableInRuntimeCache (
   // a GetVariable () or GetNextVariable () call from being issued until a 
prior call has returned. The runtime
   // cache read lock should always be free when entering this function.
   //
-  ASSERT (!mVariableRuntimeCacheReadLock);
+  ASSERT (!(*mVariableRuntimeCacheReadLock));

-  mVariableRuntimeCacheReadLock = TRUE;
+  *mVariableRuntimeCacheReadLock = TRUE;
   CheckForRuntimeCacheSync ();

-  if (!mVariableRuntimeCachePendingUpdate) {
+  if (!(*mVariableRuntimeCachePendingUpdate)) {
 //
 // 0: Volatile, 1: HOB, 2: Non-Volatile.
 // The index and attributes mapping must be kept in this order as 
FindVariable
@@ -698,7 +678,7 @@ Done:
 }
   }

-  

Re: [edk2-devel] [PATCH 6/9] MdeModulePkg:Remove unnecessary global variable

[Ni, Ray]

Reviewed-by: Ray Ni 

Thanks,
Ray

From: Tan, Dun 
Sent: Friday, May 17, 2024 17:49
To: devel@edk2.groups.io 
Cc: Ni, Ray ; Liming Gao ; Wu, 
Jiaxin 
Subject: [PATCH 6/9] MdeModulePkg:Remove unnecessary global variable

Remove the two unnecessary global variables and
replace them by two local variables:
mVariableRuntimeNvCacheBufferSize
mVariableRuntimeVolatileCacheBufferSize

Signed-off-by: Dun Tan 
Cc: Ray Ni 
Cc: Liming Gao 
Cc: Jiaxin Wu 
---
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c | 14 
+++---
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c 
b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
index 6930875e9f..8b42ae7d72 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
@@ -13,7 +13,7 @@

   InitCommunicateBuffer() is really function to check the variable data size.

-Copyright (c) 2010 - 2019, Intel Corporation. All rights reserved.
+Copyright (c) 2010 - 2024, Intel Corporation. All rights reserved.
 Copyright (c) Microsoft Corporation.
 SPDX-License-Identifier: BSD-2-Clause-Patent

@@ -55,8 +55,6 @@ VARIABLE_STORE_HEADER   
*mVariableRuntimeNvCacheBuffer   = NULL;
 VARIABLE_STORE_HEADER   *mVariableRuntimeVolatileCacheBuffer = NULL;
 UINTN   mVariableBufferSize;
 UINTN   mVariableRuntimeHobCacheBufferSize;
-UINTN   mVariableRuntimeNvCacheBufferSize;
-UINTN   mVariableRuntimeVolatileCacheBufferSize;
 UINTN   mVariableBufferPayloadSize;
 BOOLEAN mVariableRuntimeCachePendingUpdate;
 BOOLEAN mVariableRuntimeCacheReadLock;
@@ -1691,6 +1689,8 @@ SmmVariableReady (
   )
 {
   EFI_STATUS  Status;
+  UINTN   RuntimeNvCacheSize;
+  UINTN   RuntimeVolatileCacheSize;

   Status = gBS->LocateProtocol (, NULL, (VOID 
**));
   if (EFI_ERROR (Status)) {
@@ -1721,16 +1721,16 @@ SmmVariableReady (
 //
 Status =  GetRuntimeCacheInfo (
 ,
-,
-,
+,
+,
 
 );
 if (!EFI_ERROR (Status)) {
   Status = InitVariableCache (, 
);
   if (!EFI_ERROR (Status)) {
-Status = InitVariableCache (, 
);
+Status = InitVariableCache (, 
);
 if (!EFI_ERROR (Status)) {
-  Status = InitVariableCache (, 
);
+  Status = InitVariableCache (, 
);
   if (!EFI_ERROR (Status)) {
 Status = SendRuntimeVariableCacheContextToSmm ();
 if (!EFI_ERROR (Status)) {
--
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119045): https://edk2.groups.io/g/devel/message/119045
Mute This Topic: https://groups.io/mt/106150803/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 5/9] MdeModulePkg:Create gEdkiiVariableRuntimeCacheInfoHobGuid

[Ni, Ray]

+  VariableRuntimeCacheHob = BuildGuidHob 
(, sizeof (VARIABLE_RUNTIME_CACHE_INFO));
+  ASSERT (VariableRuntimeCacheHob != NULL);
+  ZeroMem (VariableRuntimeCacheHob, sizeof (VARIABLE_RUNTIME_CACHE_INFO));
+
+  //
+  // AllocateRuntimePages for CACHE_INFO_FLAG and unblock it.
+  //
+  Pages  = EFI_SIZE_TO_PAGES (sizeof (CACHE_INFO_FLAG));
+  Buffer = AllocateRuntimePages (Pages);
+  ASSERT (Buffer != NULL);
+  Status = MmUnblockMemoryRequest (
+ (EFI_PHYSICAL_ADDRESS)(UINTN)Buffer,
+ Pages
+ );
+  if ((Status != EFI_UNSUPPORTED) && EFI_ERROR (Status)) {
+return Status;

[Ray.1] The GUID hob is created already. Maybe you should defer the HOB 
creation to later phase.

+  }
+
+  VariableRuntimeCacheHob->CacheInfoFlag = (CACHE_INFO_FLAG *)(UINTN)Buffer;
+  DEBUG ((
+DEBUG_INFO,
+"PeiVariable: CACHE_INFO_FLAG Buffer is: 0x%x, number of pages is: 0x%x\n",
[Ray.2] please use "%p" for pointer dump. "%x" only prints "int" type value.


[Ray.3]I think you should create HOB at this point.


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119044): https://edk2.groups.io/g/devel/message/119044
Mute This Topic: https://groups.io/mt/106150802/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 4/9] OvmfPkg: Add MmUnblockMemoryLib in DSC

[Ni, Ray]

it's not needed.

Thanks,
Ray

From: Tan, Dun 
Sent: Friday, May 17, 2024 17:49
To: devel@edk2.groups.io 
Cc: Ni, Ray ; Ard Biesheuvel ; 
Yao, Jiewen ; Gerd Hoffmann 
Subject: [PATCH 4/9] OvmfPkg: Add MmUnblockMemoryLib in DSC

Add MmUnblockMemoryLib in OvmfPkgIa32X64.dsc.
This lib will be required by VariablePei in
following commits.

Signed-off-by: Dun Tan 
Cc: Ray Ni 
Cc: Ard Biesheuvel 
Cc: Jiewen Yao 
Cc: Gerd Hoffmann 
---
 OvmfPkg/OvmfPkgIa32X64.dsc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index d27a4c7278..cc03104aac 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -233,7 +233,7 @@
   
VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf
   
VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
   
VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf
-
+  
MmUnblockMemoryLib|MdePkg/Library/MmUnblockMemoryLib/MmUnblockMemoryLibNull.inf

   #
   # Network libraries
--
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119043): https://edk2.groups.io/g/devel/message/119043
Mute This Topic: https://groups.io/mt/106150800/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 3/9] EmulatorPkg: Add MmUnblockMemoryLib in DSC

[Ni, Ray]

It's not needed.

Thanks,
Ray

From: Tan, Dun 
Sent: Friday, May 17, 2024 17:49
To: devel@edk2.groups.io 
Cc: Andrew Fish ; Ni, Ray 
Subject: [PATCH 3/9] EmulatorPkg: Add MmUnblockMemoryLib in DSC

Add MmUnblockMemoryLib in EmulatorPkg.dsc.
This lib will be required by VariablePei in
following commits.

Signed-off-by: Dun Tan 
Cc: Andrew Fish 
Cc: Ray Ni 
---
 EmulatorPkg/EmulatorPkg.dsc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/EmulatorPkg/EmulatorPkg.dsc b/EmulatorPkg/EmulatorPkg.dsc
index 5fa1ed345a..0e15dafb5c 100644
--- a/EmulatorPkg/EmulatorPkg.dsc
+++ b/EmulatorPkg/EmulatorPkg.dsc
@@ -127,6 +127,7 @@
   ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf
   FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf
   
ImagePropertiesRecordLib|MdeModulePkg/Library/ImagePropertiesRecordLib/ImagePropertiesRecordLib.inf
+  
MmUnblockMemoryLib|MdePkg/Library/MmUnblockMemoryLib/MmUnblockMemoryLibNull.inf

 !if $(SECURE_BOOT_ENABLE) == TRUE
   RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
--
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119042): https://edk2.groups.io/g/devel/message/119042
Mute This Topic: https://groups.io/mt/106150799/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 2/9] ArmVirtPkg: Add MmUnblockMemoryLib in DSC

[Ni, Ray]

+  
MmUnblockMemoryLib|MdePkg/Library/MmUnblockMemoryLib/MmUnblockMemoryLibNull.inf
[Ray] Do you really need this line as the next "!include" already includes the 
NULL instance lib?


+
 !include MdePkg/MdeLibs.dsc.inc


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119041): https://edk2.groups.io/g/devel/message/119041
Mute This Topic: https://groups.io/mt/106150798/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 1/9] MdeModulePkg:Add new gEdkiiVariableRuntimeCacheInfoHobGuid

[Ni, Ray]

There is no need to use pack(1).
Explicit pack(1) is needed when you really need to save spaces or the data is 
saved in some NV storage to be accessed by a different software component.

Thanks,
Ray

From: Tan, Dun 
Sent: Friday, May 17, 2024 17:49
To: devel@edk2.groups.io 
Cc: Ni, Ray ; Liming Gao ; Wu, 
Jiaxin 
Subject: [PATCH 1/9] MdeModulePkg:Add new gEdkiiVariableRuntimeCacheInfoHobGuid

This commit defines VARIABLE_RUNTIME_CACHE_INFO HOB.
The HOB is used to store the address and size of the
buffer that will be used for variable runtime service
when the PcdEnableVariableRuntimeCache is TRUE.

In following patches, when PcdEnableVariableRuntimeCache
is TRUE, VariablePei module will install a callback of
gEfiPeiMemoryDiscoveredPpiGuid to allocate needed buffer
for different type cache, unblock the buffer and build HOB.
Then VariableSmmRuntimeDxe driver will consume the
gEdkiiVariableRuntimeCacheInfoHobGuid to initialize the
variable runtime cache related content.

Signed-off-by: Dun Tan 
Cc: Ray Ni 
Cc: Liming Gao 
Cc: Jiaxin Wu 
---
 MdeModulePkg/Include/Guid/VariableRuntimeCacheInfo.h | 65 
+
 MdeModulePkg/MdeModulePkg.dec|  3 +++
 2 files changed, 68 insertions(+)

diff --git a/MdeModulePkg/Include/Guid/VariableRuntimeCacheInfo.h 
b/MdeModulePkg/Include/Guid/VariableRuntimeCacheInfo.h
new file mode 100644
index 00..c2a8b77945
--- /dev/null
+++ b/MdeModulePkg/Include/Guid/VariableRuntimeCacheInfo.h
@@ -0,0 +1,65 @@
+/** @file
+  This Variable Runtime Cache Info HOB is used to store the address
+  and the size of the buffer that will be used for variable runtime
+  service when the PcdEnableVariableRuntimeCache is TRUE.
+
+  Copyright (c) 2024, Intel Corporation. All rights reserved.
+
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef VARIABLE_RUNTIME_CACHE_INFO_H_
+#define VARIABLE_RUNTIME_CACHE_INFO_H_
+
+#include 
+
+#define VARIABLE_RUNTIME_CACHE_INFO_HOB_REVISION  1
+
+#define VARIABLE_RUNTIME_CACHE_INFO_GUID \
+  { \
+0x0f472f7d, 0x6713, 0x4915, {0x96, 0x14, 0x5d, 0xda, 0x28, 0x40, 0x10, 
0x56}  \
+  }
+
+#pragma pack(1)
+typedef struct {
+  ///
+  /// TRUE indicates GetVariable () or GetNextVariable () is being called.
+  /// When the value is FALSE, the given update (and any other pending updates)
+  /// can be flushed to the runtime cache.
+  ///
+  BOOLEANReadLock;
+  ///
+  /// TRUE indicates there is pending update for the given variable store 
needed
+  /// to be flushed to the runtime cache.
+  ///
+  BOOLEANPendingUpdate;
+  ///
+  /// TRUE indicates all HOB variables have been flushed in flash.
+  ///
+  BOOLEANHobFlushComplete;
+} CACHE_INFO_FLAG;
+
+typedef struct {
+  CACHE_INFO_FLAG*CacheInfoFlag;
+  ///
+  /// Buffer reserved for runtime Hob cache
+  ///
+  UINT64 RuntimeHobCacheBuffer;
+  UINTN  RuntimeHobCachePages;
+  ///
+  /// Buffer reserved for Non-Volatile runtime cache
+  ///
+  UINT64 RuntimeNvCacheBuffer;
+  UINTN  RuntimeNvCachePages;
+  ///
+  /// Buffer reserved for Volatile runtime cache
+  ///
+  UINT64 RuntimeVolatileCacheBuffer;
+  UINTN  RuntimeVolatileCachePages;
+} VARIABLE_RUNTIME_CACHE_INFO;
+#pragma pack()
+
+extern EFI_GUID  gEdkiiVariableRuntimeCacheInfoHobGuid;
+
+#endif
diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec
index f7339f0aec..1bf5e31b7c 100644
--- a/MdeModulePkg/MdeModulePkg.dec
+++ b/MdeModulePkg/MdeModulePkg.dec
@@ -465,6 +465,9 @@
   gEdk2JedecSfdpSpiDxeDriverGuid  = { 0xBE71701E, 0xB63C, 0x4574, { 0x9C, 
0x5C, 0x36, 0x29, 0xE8, 0xEA, 0xC4, 0x14 }}
   gEdk2JedecSfdpSpiSmmDriverGuid  = { 0x95A1E915, 0x195C, 0x477C, { 0x92, 
0x6F, 0x7E, 0x24, 0x67, 0xC1, 0xB3, 0x1F }}

+  ## Include/Guid/VariableRuntimeCacheInfo.h
+  gEdkiiVariableRuntimeCacheInfoHobGuid = { 0x0f472f7d, 0x6713, 0x4915, { 
0x96, 0x14, 0x5d, 0xda, 0x28, 0x40, 0x10, 0x56 }}
+
 [Ppis]
   ## Include/Ppi/FirmwareVolumeShadowPpi.h
   gEdkiiPeiFirmwareVolumeShadowPpiGuid = { 0x7dfe756c, 0xed8d, 0x4d77, {0x9e, 
0xc4, 0x39, 0x9a, 0x8a, 0x81, 0x51, 0x16 } }
--
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119040): https://edk2.groups.io/g/devel/message/119040
Mute This Topic: https://groups.io/mt/106150797/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH] UefiCpuPkg:fix issue when splitting paging entry

[Ni, Ray]

Reviewed-by: Ray Ni 

Thanks,
Ray

From: Tan, Dun 
Sent: Friday, May 17, 2024 17:44
To: devel@edk2.groups.io 
Cc: Ni, Ray ; Kumar, Rahul R ; Gerd 
Hoffmann ; Wu, Jiaxin ; Zhou, Jianfeng 

Subject: [PATCH] UefiCpuPkg:fix issue when splitting paging entry

This patch is to fix issue when splitting leaf paging
entry in CpuPageTableLib code.

In previous code, before we assign the new child paging
structure address to the content of splitted paging entry,
PageTableLibSetPnle() is called to make sure the bit7 is
set to 0, which indicate the previous leaf entry is
changed to non-leaf entry now. There is a gap between
we change the bit7 and we assign the new child paging
structure address to the content of the splitted paging
entry. If the address of code execution or data access
happens to be in the range covered by the splitted paging
entry, this gap may cause issue.

In this patch, we prepare the new paging entry content
value in a local variable and assign the value to the
splitted paging entry at once. The volatile keyword
is used to ensure that no optimization will occur in
compilation.

Signed-off-by: Dun Tan 
Cc: Ray Ni 
Cc: Rahul Kumar 
Cc: Gerd Hoffmann 
Cc: Jiaxin Wu 
Cc: Zhou Jianfeng 
---
 UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableMap.c | 9 +++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableMap.c 
b/UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableMap.c
index b10a3008e4..bdc411338f 100644
--- a/UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableMap.c
+++ b/UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableMap.c
@@ -342,6 +342,7 @@ PageTableLibMapInLevel (
   UINT64  PhysicalAddrInAttr;
   IA32_PAGING_ENTRY   OriginalParentPagingEntry;
   IA32_PAGING_ENTRY   OriginalCurrentPagingEntry;
+  IA32_PAGING_ENTRY   TempPagingEntry;

   ASSERT (Level != 0);
   ASSERT ((Attribute != NULL) && (Mask != NULL));
@@ -359,6 +360,8 @@ PageTableLibMapInLevel (

   OriginalParentPagingEntry.Uint64 = ParentPagingEntry->Uint64;
   OneOfPagingEntry.Uint64  = 0;
+  TempPagingEntry.Uint64   = 0;
+
   //
   // RegionLength: 256T (1 << 48) 512G (1 << 39), 1G (1 << 30), 2M (1 << 21) 
or 4K (1 << 12).
   //
@@ -441,8 +444,10 @@ PageTableLibMapInLevel (
   // Non-leaf entry doesn't have PAT bit. So use 
~IA32_PE_BASE_ADDRESS_MASK_40 is to make sure PAT bit
   // (bit12) in original big-leaf entry is not assigned to 
PageTableBaseAddress field of non-leaf entry.
   //
-  PageTableLibSetPnle (>Pnle, , 
);
-  ParentPagingEntry->Uint64 = ((UINTN)(VOID *)PagingEntry) | 
(ParentPagingEntry->Uint64 & (~IA32_PE_BASE_ADDRESS_MASK_40));
+  TempPagingEntry.Uint64 = ParentPagingEntry->Uint64;
+  PageTableLibSetPnle (, , );
+  TempPagingEntry.Uint64   = ((UINTN)(VOID 
*)PagingEntry) | (TempPagingEntry.Uint64 & (~IA32_PE_BASE_ADDRESS_MASK_40));
+  *(volatile UINT64 *)&(ParentPagingEntry->Uint64) = 
TempPagingEntry.Uint64;
 }
   } else {
 //
--
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119039): https://edk2.groups.io/g/devel/message/119039
Mute This Topic: https://groups.io/mt/106150750/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v4 10/11] CryptoPkg: Update *.inf in BaseCryptLibMbedTls

[Wenxing Hou]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177

Update all *.inf in BaseCryptLibMbedTls based on new implementation.

Cc: Jiewen Yao 
Cc: Yi Li 
Signed-off-by: Wenxing Hou 
Reviewed-by: Yi Li 
Acked-by: Jiewen Yao 
---
 .../BaseCryptLibMbedTls/BaseCryptLib.inf  | 42 ++-
 .../BaseCryptLibMbedTls/PeiCryptLib.inf   | 18 
 .../BaseCryptLibMbedTls/RuntimeCryptLib.inf   | 23 +-
 .../BaseCryptLibMbedTls/SmmCryptLib.inf   | 27 ++--
 .../BaseCryptLibMbedTls/TestBaseCryptLib.inf  | 36 
 5 files changed, 80 insertions(+), 66 deletions(-)

diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf 
b/CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf
index 16def792c5..cb282fe648 100644
--- a/CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf
@@ -27,33 +27,37 @@
 
 [Sources]
   InternalCryptLib.h
-  Cipher/CryptAeadAesGcmNull.c
-  Cipher/CryptAes.c
+  Hash/CryptMd5.c
+  Hash/CryptSha1.c
   Hash/CryptSha256.c
   Hash/CryptSha512.c
-  Hash/CryptParallelHashNull.c
   Hash/CryptSm3Null.c
-  Hash/CryptMd5.c
-  Hash/CryptSha1.c
+
+  Hash/CryptParallelHashNull.c
+
   Hmac/CryptHmac.c
   Kdf/CryptHkdf.c
+  Cipher/CryptAes.c
+  Cipher/CryptAeadAesGcm.c
   Pk/CryptRsaBasic.c
-  Pk/CryptRsaExtNull.c
-  Pk/CryptRsaPss.c
-  Pk/CryptRsaPssSignNull.c
-  Bn/CryptBnNull.c
-  Pem/CryptPemNull.c
+  Pk/CryptRsaExt.c
+  Pk/CryptPkcs1Oaep.c
+  Pk/CryptPkcs5Pbkdf2.c
+  Pk/CryptPkcs7Sign.c
+  Pk/CryptPkcs7VerifyCommon.c
+  Pk/CryptPkcs7VerifyBase.c
+  Pk/CryptPkcs7VerifyEku.c
   Pk/CryptDhNull.c
+  Pk/CryptX509.c
+  Pk/CryptAuthenticode.c
+  Pk/CryptTs.c
+  Pk/CryptRsaPss.c
+  Pk/CryptRsaPssSign.c
   Pk/CryptEcNull.c
-  Pk/CryptPkcs1OaepNull.c
-  Pk/CryptPkcs5Pbkdf2Null.c
-  Pk/CryptPkcs7SignNull.c
-  Pk/CryptPkcs7VerifyNull.c
-  Pk/CryptPkcs7VerifyEkuNull.c
-  Pk/CryptX509Null.c
-  Pk/CryptAuthenticodeNull.c
-  Pk/CryptTsNull.c
-  Rand/CryptRandNull.c
+  Pem/CryptPem.c
+  Bn/CryptBnNull.c
+  Rand/CryptRand.c
+
   SysCall/CrtWrapper.c
   SysCall/TimerWrapper.c
 
diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/PeiCryptLib.inf 
b/CryptoPkg/Library/BaseCryptLibMbedTls/PeiCryptLib.inf
index 72b22a24e8..660e11a96e 100644
--- a/CryptoPkg/Library/BaseCryptLibMbedTls/PeiCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLibMbedTls/PeiCryptLib.inf
@@ -47,21 +47,23 @@
   Cipher/CryptAeadAesGcmNull.c
   Pk/CryptRsaBasic.c
   Pk/CryptRsaExtNull.c
-  Pk/CryptRsaPss.c
-  Pk/CryptRsaPssSignNull.c
-  Bn/CryptBnNull.c
-  Pem/CryptPemNull.c
-  Pk/CryptDhNull.c
-  Pk/CryptEcNull.c
   Pk/CryptPkcs1OaepNull.c
   Pk/CryptPkcs5Pbkdf2Null.c
   Pk/CryptPkcs7SignNull.c
-  Pk/CryptPkcs7VerifyNull.c
-  Pk/CryptPkcs7VerifyEkuNull.c
+  Pk/CryptPkcs7VerifyCommon.c
+  Pk/CryptPkcs7VerifyBase.c
+  Pk/CryptPkcs7VerifyEku.c
+  Pk/CryptDhNull.c
   Pk/CryptX509Null.c
   Pk/CryptAuthenticodeNull.c
   Pk/CryptTsNull.c
+  Pk/CryptRsaPss.c
+  Pk/CryptRsaPssSignNull.c
+  Pk/CryptEcNull.c
+  Pem/CryptPemNull.c
   Rand/CryptRandNull.c
+  Bn/CryptBnNull.c
+
   SysCall/CrtWrapper.c
   SysCall/ConstantTimeClock.c
 
diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLib.inf 
b/CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLib.inf
index 9f17ef00bf..280b1a9c29 100644
--- a/CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLib.inf
@@ -46,21 +46,23 @@
   Cipher/CryptAeadAesGcmNull.c
   Pk/CryptRsaBasic.c
   Pk/CryptRsaExtNull.c
-  Pk/CryptRsaPssNull.c
-  Pk/CryptRsaPssSignNull.c
-  Bn/CryptBnNull.c
-  Pem/CryptPemNull.c
-  Pk/CryptDhNull.c
-  Pk/CryptEcNull.c
   Pk/CryptPkcs1OaepNull.c
   Pk/CryptPkcs5Pbkdf2Null.c
   Pk/CryptPkcs7SignNull.c
-  Pk/CryptPkcs7VerifyNull.c
-  Pk/CryptPkcs7VerifyEkuNull.c
-  Pk/CryptX509Null.c
+  Pk/CryptPkcs7VerifyCommon.c
+  Pk/CryptPkcs7VerifyRuntime.c
+  Pk/CryptPkcs7VerifyEkuRuntime.c
+  Pk/CryptDhNull.c
+  Pk/CryptX509.c
   Pk/CryptAuthenticodeNull.c
   Pk/CryptTsNull.c
-  Rand/CryptRandNull.c
+  Pk/CryptRsaPssNull.c
+  Pk/CryptRsaPssSignNull.c
+  Pk/CryptEcNull.c
+  Pem/CryptPem.c
+  Bn/CryptBnNull.c
+  Rand/CryptRand.c
+
   SysCall/CrtWrapper.c
   SysCall/TimerWrapper.c
   SysCall/RuntimeMemAllocation.c
@@ -77,6 +79,7 @@
   MbedTlsLib
   IntrinsicLib
   PrintLib
+  RngLib
 
 #
 # Remove these [BuildOptions] after this library is cleaned up
diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/SmmCryptLib.inf 
b/CryptoPkg/Library/BaseCryptLibMbedTls/SmmCryptLib.inf
index 40c56d1b7d..4a519b06ee 100644
--- a/CryptoPkg/Library/BaseCryptLibMbedTls/SmmCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLibMbedTls/SmmCryptLib.inf
@@ -45,21 +45,23 @@
   Cipher/CryptAeadAesGcmNull.c
   Pk/CryptRsaBasic.c
   Pk/CryptRsaExtNull.c
-  Pk/CryptRsaPss.c
-  Pk/CryptRsaPssSignNull.c
-  Bn/CryptBnNull.c
-  Pem/CryptPemNull.c
-  Pk/CryptDhNull.c
-  Pk/CryptEcNull.c
-  Pk/CryptPkcs1OaepNull.c
-  Pk/CryptPkcs5Pbkdf2Null.c
+  Pk/CryptPkcs1Oaep.c
+  

[edk2-devel] [PATCH v4 11/11] Add SM3 functions with openssl for Mbedtls

[Wenxing Hou]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177

Because the Mbedlts 3.3.0 doesn't have Sm3, the Sm3
implementaion is based on Openssl.

Cc: Jiewen Yao 
Cc: Yi Li 
Signed-off-by: Wenxing Hou 
Reviewed-by: Yi Li 
Acked-by: Jiewen Yao 
---
 CryptoPkg/CryptoPkgMbedTls.dsc|   1 +
 .../BaseCryptLibMbedTls/BaseCryptLib.inf  |   7 +-
 .../BaseCryptLibMbedTls/Hash/CryptSm3.c   | 235 +++
 .../BaseCryptLibMbedTls/PeiCryptLib.inf   |   5 +-
 .../BaseCryptLibMbedTls/RuntimeCryptLib.inf   |   4 +-
 .../BaseCryptLibMbedTls/SecCryptLib.inf   |   1 -
 .../BaseCryptLibMbedTls/SmmCryptLib.inf   |   5 +-
 .../SysCall/BaseMemAllocation.c   | 122 
 .../SysCall/DummyOpensslSupport.c | 571 ++
 .../SysCall/UnitTestHostCrtWrapper.c  |  63 ++
 .../BaseCryptLibMbedTls/TestBaseCryptLib.inf  |   4 +-
 11 files changed, 1010 insertions(+), 8 deletions(-)
 create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSm3.c
 create mode 100644 
CryptoPkg/Library/BaseCryptLibMbedTls/SysCall/BaseMemAllocation.c
 create mode 100644 
CryptoPkg/Library/BaseCryptLibMbedTls/SysCall/DummyOpensslSupport.c
 create mode 100644 
CryptoPkg/Library/BaseCryptLibMbedTls/SysCall/UnitTestHostCrtWrapper.c

diff --git a/CryptoPkg/CryptoPkgMbedTls.dsc b/CryptoPkg/CryptoPkgMbedTls.dsc
index 5d0ae6ff3f..c97b28c0b5 100644
--- a/CryptoPkg/CryptoPkgMbedTls.dsc
+++ b/CryptoPkg/CryptoPkgMbedTls.dsc
@@ -88,6 +88,7 @@
   
UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf
   IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf
   MbedTlsLib|CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf
+  OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
   IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
   SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf
 
diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf 
b/CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf
index cb282fe648..b76b4e6067 100644
--- a/CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf
@@ -31,10 +31,8 @@
   Hash/CryptSha1.c
   Hash/CryptSha256.c
   Hash/CryptSha512.c
-  Hash/CryptSm3Null.c
-
   Hash/CryptParallelHashNull.c
-
+  Hash/CryptSm3.c
   Hmac/CryptHmac.c
   Kdf/CryptHkdf.c
   Cipher/CryptAes.c
@@ -59,6 +57,8 @@
   Rand/CryptRand.c
 
   SysCall/CrtWrapper.c
+  SysCall/DummyOpensslSupport.c
+  SysCall/BaseMemAllocation.c
   SysCall/TimerWrapper.c
 
 [Packages]
@@ -72,6 +72,7 @@
   UefiRuntimeServicesTableLib
   DebugLib
   MbedTlsLib
+  OpensslLib
   PrintLib
   IntrinsicLib
   RngLib
diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSm3.c 
b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSm3.c
new file mode 100644
index 00..1a442d714e
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSm3.c
@@ -0,0 +1,235 @@
+/** @file
+  SM3 Digest Wrapper Implementations over openssl.
+
+Copyright (c) 2024, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "InternalCryptLib.h"
+#include "internal/sm3.h"
+
+/**
+  Retrieves the size, in bytes, of the context buffer required for SM3 hash 
operations.
+
+  @return  The size, in bytes, of the context buffer required for SM3 hash 
operations.
+
+**/
+UINTN
+EFIAPI
+Sm3GetContextSize (
+  VOID
+  )
+{
+  //
+  // Retrieves Openssl SM3 Context Size
+  //
+  return (UINTN)(sizeof (SM3_CTX));
+}
+
+/**
+  Initializes user-supplied memory pointed by Sm3Context as SM3 hash context 
for
+  subsequent use.
+
+  If Sm3Context is NULL, then return FALSE.
+
+  @param[out]  Sm3Context  Pointer to SM3 context being initialized.
+
+  @retval TRUE   SM3 context initialization succeeded.
+  @retval FALSE  SM3 context initialization failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sm3Init (
+  OUT  VOID  *Sm3Context
+  )
+{
+  //
+  // Check input parameters.
+  //
+  if (Sm3Context == NULL) {
+return FALSE;
+  }
+
+  //
+  // Openssl SM3 Context Initialization
+  //
+  ossl_sm3_init ((SM3_CTX *)Sm3Context);
+  return TRUE;
+}
+
+/**
+  Makes a copy of an existing SM3 context.
+
+  If Sm3Context is NULL, then return FALSE.
+  If NewSm3Context is NULL, then return FALSE.
+  If this interface is not supported, then return FALSE.
+
+  @param[in]  Sm3Context Pointer to SM3 context being copied.
+  @param[out] NewSm3Context  Pointer to new SM3 context.
+
+  @retval TRUE   SM3 context copy succeeded.
+  @retval FALSE  SM3 context copy failed.
+  @retval FALSE  This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+Sm3Duplicate (
+  IN   CONST VOID  *Sm3Context,
+  OUT  VOID*NewSm3Context
+  )
+{
+  //
+  // Check input parameters.
+  //
+  if ((Sm3Context == NULL) || (NewSm3Context == NULL)) {
+return FALSE;
+  }
+
+  CopyMem (NewSm3Context, Sm3Context, sizeof (SM3_CTX));
+
+  return TRUE;
+}
+
+/**
+  Digests the input data and 

[edk2-devel] [PATCH v4 09/11] CryptoPkg: Add ImageTimestampVerify based on Mbedtls

[Wenxing Hou]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177

Timestamp Countersignature Verification implementaion based on Mbedtls.

Cc: Jiewen Yao 
Cc: Yi Li 
Signed-off-by: Wenxing Hou 
Reviewed-by: Yi Li 
Acked-by: Jiewen Yao 
---
 .../Library/BaseCryptLibMbedTls/Pk/CryptTs.c  | 381 ++
 1 file changed, 381 insertions(+)
 create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptTs.c

diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptTs.c 
b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptTs.c
new file mode 100644
index 00..d3fa205f9c
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptTs.c
@@ -0,0 +1,381 @@
+/** @file
+  RFC3161 Timestamp Countersignature Verification Wrapper Implementation which 
does
+  not provide real capabilities.
+
+Copyright (c) 2024, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "InternalCryptLib.h"
+#include 
+
+//
+// OID ASN.1 Value for SPC_RFC3161_OBJID ("1.3.6.1.4.1.311.3.3.1")
+//
+GLOBAL_REMOVE_IF_UNREFERENCED const UINT8  mSpcRFC3161OidValue[] = {
+  0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x03, 0x03, 0x01
+};
+
+/**
+  Convert ASN.1 GeneralizedTime to EFI Time.
+
+  @param[in]  Ptr  Pointer to the ASN.1 GeneralizedTime to be 
converted.
+  @param[out] EfiTime  Return the corresponding EFI Time.
+
+  @retval  TRUE   The time conversion succeeds.
+  @retval  FALSE  Invalid parameters.
+
+**/
+STATIC
+BOOLEAN
+ConvertAsn1TimeToEfiTime (
+  IN  UINT8 *Ptr,
+  OUT EFI_TIME  *EfiTime
+  )
+{
+  CONST CHAR8  *Str;
+  UINTNIndex;
+
+  if ((Ptr == NULL) || (EfiTime == NULL)) {
+return FALSE;
+  }
+
+  Str = (CONST CHAR8 *)Ptr;
+  SetMem (EfiTime, sizeof (EFI_TIME), 0);
+
+  Index = 0;
+
+  /* four digit year */
+  EfiTime->Year  = (Str[Index++] - '0') * 1000;
+  EfiTime->Year += (Str[Index++] - '0') * 100;
+  EfiTime->Year += (Str[Index++] - '0') * 10;
+  EfiTime->Year += (Str[Index++] - '0');
+  if ((EfiTime->Year < 1900) || (EfiTime->Year > )) {
+return FALSE;
+  }
+
+  EfiTime->Month  = (Str[Index++] - '0') * 10;
+  EfiTime->Month += (Str[Index++] - '0');
+  if ((EfiTime->Month < 1) || (EfiTime->Month > 12)) {
+return FALSE;
+  }
+
+  EfiTime->Day  = (Str[Index++] - '0') * 10;
+  EfiTime->Day += (Str[Index++] - '0');
+  if ((EfiTime->Day < 1) || (EfiTime->Day > 31)) {
+return FALSE;
+  }
+
+  EfiTime->Hour  = (Str[Index++] - '0') * 10;
+  EfiTime->Hour += (Str[Index++] - '0');
+  if (EfiTime->Hour > 23) {
+return FALSE;
+  }
+
+  EfiTime->Minute  = (Str[Index++] - '0') * 10;
+  EfiTime->Minute += (Str[Index++] - '0');
+  if (EfiTime->Minute > 59) {
+return FALSE;
+  }
+
+  EfiTime->Second  = (Str[Index++] - '0') * 10;
+  EfiTime->Second += (Str[Index++] - '0');
+  if (EfiTime->Second > 59) {
+return FALSE;
+  }
+
+  /* Note: we did not adjust the time based on time zone information */
+
+  return TRUE;
+}
+
+/**
+  Verifies the validity of a RFC3161 Timestamp CounterSignature embedded in 
PE/COFF Authenticode
+  signature.
+
+  Return FALSE to indicate this interface is not supported.
+
+  @param[in]  AuthData Pointer to the Authenticode Signature retrieved 
from signed
+   PE/COFF image to be verified.
+  @param[in]  DataSize Size of the Authenticode Signature in bytes.
+  @param[in]  TsaCert  Pointer to a trusted/root TSA certificate encoded 
in DER, which
+   is used for TSA certificate chain verification.
+  @param[in]  CertSize Size of the trusted certificate in bytes.
+  @param[out] SigningTime  Return the time of timestamp generation time if the 
timestamp
+   signature is valid.
+
+  @retval  FALSE  This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+ImageTimestampVerify (
+  IN  CONST UINT8  *AuthData,
+  IN  UINTNDataSize,
+  IN  CONST UINT8  *TsaCert,
+  IN  UINTNCertSize,
+  OUT EFI_TIME *SigningTime
+  )
+{
+  BOOLEAN  Status;
+  UINT8*Ptr;
+  UINT8*End;
+  INT32Len;
+  UINTNObjLen;
+  UINT8*TempPtr;
+
+  //
+  // Initializations
+  //
+  if (SigningTime != NULL) {
+SetMem (SigningTime, sizeof (EFI_TIME), 0);
+  }
+
+  //
+  // Input Parameters Checking.
+  //
+  if ((AuthData == NULL) || (TsaCert == NULL)) {
+return FALSE;
+  }
+
+  if ((DataSize > INT_MAX) || (CertSize > INT_MAX)) {
+return FALSE;
+  }
+
+  Ptr = (UINT8 *)(UINTN)AuthData;
+  Len = (UINT32)DataSize;
+  End = Ptr + Len;
+
+  // ContentInfo
+  if (mbedtls_asn1_get_tag (, End, , MBEDTLS_ASN1_CONSTRUCTED | 
MBEDTLS_ASN1_SEQUENCE) != 0) {
+return FALSE;
+  }
+
+  // ContentType
+  if (mbedtls_asn1_get_tag (, End, , MBEDTLS_ASN1_OID) != 0) {
+return FALSE;
+  }
+
+  Ptr += ObjLen;
+  // content
+  if (mbedtls_asn1_get_tag (, End, , MBEDTLS_ASN1_CONSTRUCTED | 
MBEDTLS_ASN1_CONTEXT_SPECIFIC) != 0) {
+return FALSE;
+  }
+
+  End = Ptr + ObjLen;
+  // signedData
+  if 

[edk2-devel] [PATCH v4 08/11] CryptoPkg: Add AuthenticodeVerify based on Mbedtls

[Wenxing Hou]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177

Implement AuthenticodeVerify based on Mbedtls.

Cc: Jiewen Yao 
Cc: Yi Li 
Signed-off-by: Wenxing Hou 
Reviewed-by: Yi Li 
Acked-by: Jiewen Yao 
---
 .../Pk/CryptAuthenticode.c| 214 ++
 1 file changed, 214 insertions(+)
 create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptAuthenticode.c

diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptAuthenticode.c 
b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptAuthenticode.c
new file mode 100644
index 00..9d8301b2c0
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptAuthenticode.c
@@ -0,0 +1,214 @@
+/** @file
+  Authenticode Portable Executable Signature Verification which does not 
provide
+  real capabilities.
+
+Copyright (c) 2024, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "InternalCryptLib.h"
+#include 
+
+//
+// OID ASN.1 Value for SPC_INDIRECT_DATA_OBJID
+//
+GLOBAL_REMOVE_IF_UNREFERENCED const UINT8  mSpcIndirectOidValue[] = {
+  0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x04
+};
+
+/**
+  Verifies the validity of a PE/COFF Authenticode Signature as described in 
"Windows
+  Authenticode Portable Executable Signature Format".
+
+  Return FALSE to indicate this interface is not supported.
+
+  @param[in]  AuthData Pointer to the Authenticode Signature retrieved 
from signed
+   PE/COFF image to be verified.
+  @param[in]  DataSize Size of the Authenticode Signature in bytes.
+  @param[in]  TrustedCert  Pointer to a trusted/root certificate encoded in 
DER, which
+   is used for certificate chain verification.
+  @param[in]  CertSize Size of the trusted certificate in bytes.
+  @param[in]  ImageHashPointer to the original image file hash value. The 
procedure
+   for calculating the image hash value is described 
in Authenticode
+   specification.
+  @param[in]  HashSize Size of Image hash value in bytes.
+
+  @retval FALSE  This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+AuthenticodeVerify (
+  IN CONST UINT8  *AuthData,
+  IN UINTNDataSize,
+  IN CONST UINT8  *TrustedCert,
+  IN UINTNCertSize,
+  IN CONST UINT8  *ImageHash,
+  IN UINTNHashSize
+  )
+{
+  BOOLEAN  Status;
+  CONST UINT8  *OrigAuthData;
+  UINT8*SpcIndirectDataContent;
+  UINT8Asn1Byte;
+  UINTNContentSize;
+  CONST UINT8  *SpcIndirectDataOid;
+  UINT8*Ptr;
+  UINT8*End;
+  INT32Len;
+  UINTNObjLen;
+
+  OrigAuthData = AuthData;
+
+  //
+  // Check input parameters.
+  //
+  if ((AuthData == NULL) || (TrustedCert == NULL) || (ImageHash == NULL)) {
+return FALSE;
+  }
+
+  if ((DataSize > INT_MAX) || (CertSize > INT_MAX) || (HashSize > INT_MAX)) {
+return FALSE;
+  }
+
+  if (DataSize <= HashSize) {
+return FALSE;
+  }
+
+  Ptr = (UINT8 *)(UINTN)AuthData;
+  Len = (UINT32)DataSize;
+  End = Ptr + Len;
+
+  // ContentInfo
+  if (mbedtls_asn1_get_tag (, End, , MBEDTLS_ASN1_CONSTRUCTED | 
MBEDTLS_ASN1_SEQUENCE) != 0) {
+return FALSE;
+  }
+
+  // ContentType
+  if (mbedtls_asn1_get_tag (, End, , MBEDTLS_ASN1_OID) != 0) {
+return FALSE;
+  }
+
+  Ptr += ObjLen;
+  // content
+  if (mbedtls_asn1_get_tag (, End, , MBEDTLS_ASN1_CONSTRUCTED | 
MBEDTLS_ASN1_CONTEXT_SPECIFIC) != 0) {
+return FALSE;
+  }
+
+  End = Ptr + ObjLen;
+  // signedData
+  if (mbedtls_asn1_get_tag (, End, , MBEDTLS_ASN1_CONSTRUCTED | 
MBEDTLS_ASN1_SEQUENCE) != 0) {
+return FALSE;
+  }
+
+  // version
+  if (mbedtls_asn1_get_tag (, End, , MBEDTLS_ASN1_INTEGER) != 0) {
+return FALSE;
+  }
+
+  Ptr += ObjLen;
+  // digestAlgo
+  if (mbedtls_asn1_get_tag (, End, , MBEDTLS_ASN1_CONSTRUCTED | 
MBEDTLS_ASN1_SET) != 0) {
+return FALSE;
+  }
+
+  Ptr += ObjLen;
+
+  // encapContentInfo
+  if (mbedtls_asn1_get_tag (, End, , MBEDTLS_ASN1_CONSTRUCTED | 
MBEDTLS_ASN1_SEQUENCE) != 0) {
+return FALSE;
+  }
+
+  End = Ptr + ObjLen;
+  // eContentType
+  if (mbedtls_asn1_get_tag (, End, , MBEDTLS_ASN1_OID) != 0) {
+return FALSE;
+  }
+
+  Status = FALSE;
+
+  SpcIndirectDataOid = Ptr;
+  if ((ObjLen != sizeof (mSpcIndirectOidValue)) ||
+  (CompareMem (
+ SpcIndirectDataOid,
+ mSpcIndirectOidValue,
+ sizeof (mSpcIndirectOidValue)
+ ) != 0))
+  {
+//
+// Un-matched SPC_INDIRECT_DATA_OBJID.
+//
+goto _Exit;
+  }
+
+  Ptr += ObjLen;
+  // eContent
+  if (mbedtls_asn1_get_tag (, End, , MBEDTLS_ASN1_CONSTRUCTED | 
MBEDTLS_ASN1_CONTEXT_SPECIFIC) != 0) {
+return FALSE;
+  }
+
+  SpcIndirectDataContent = Ptr;
+
+  //
+  // Retrieve the SEQUENCE data size from ASN.1-encoded SpcIndirectDataContent.
+  //
+  Asn1Byte = *(SpcIndirectDataContent + 1);
+
+  if ((Asn1Byte & 0x80) == 0) {
+//
+// Short Form of Length Encoding (Length < 128)
+ 

[edk2-devel] [PATCH v4 07/11] CryptoPkg: Add more RSA related functions based on Mbedtls

[Wenxing Hou]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177

Implement more RSA functions such as RsaPkcs1Sign based Mbedlts.

Cc: Jiewen Yao 
Cc: Yi Li 
Signed-off-by: Wenxing Hou 
Reviewed-by: Yi Li 
Acked-by: Jiewen Yao 
---
 .../BaseCryptLibMbedTls/Pk/CryptPkcs1Oaep.c   | 278 ++
 .../BaseCryptLibMbedTls/Pk/CryptRsaExt.c  | 352 ++
 .../BaseCryptLibMbedTls/Pk/CryptRsaPssSign.c  | 140 +++
 3 files changed, 770 insertions(+)
 create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs1Oaep.c
 create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaExt.c
 create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPssSign.c

diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs1Oaep.c 
b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs1Oaep.c
new file mode 100644
index 00..61ccdd78e6
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs1Oaep.c
@@ -0,0 +1,278 @@
+/** @file
+  This file contains UEFI wrapper functions for RSA PKCS1v2 OAEP encryption 
routines.
+
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+  Copyright (c) 2024, Intel Corporation. All rights reserved.
+
+**/
+
+#include "InternalCryptLib.h"
+#include 
+#include 
+#include 
+
+/**
+  Encrypts a blob using PKCS1v2 (RSAES-OAEP) schema. On success, will return 
the
+  encrypted message in a newly allocated buffer.
+
+  Things that can cause a failure include:
+  - X509 key size does not match any known key size.
+  - Fail to parse X509 certificate.
+  - Fail to allocate an intermediate buffer.
+  - Null pointer provided for a non-optional parameter.
+  - Data size is too large for the provided key size (max size is a function 
of key size
+and hash digest size).
+
+  @param[in]  PublicKey   A pointer to the DER-encoded X509 
certificate that
+  will be used to encrypt the data.
+  @param[in]  PublicKeySize   Size of the X509 cert buffer.
+  @param[in]  InData  Data to be encrypted.
+  @param[in]  InDataSize  Size of the data buffer.
+  @param[in]  PrngSeed[Optional] If provided, a pointer to a 
random seed buffer
+  to be used when initializing the PRNG. NULL 
otherwise.
+  @param[in]  PrngSeedSize[Optional] If provided, size of the random 
seed buffer.
+  0 otherwise.
+  @param[out] EncryptedData   Pointer to an allocated buffer containing 
the encrypted
+  message.
+  @param[out] EncryptedDataSize   Size of the encrypted message buffer.
+
+  @retval TRUEEncryption was successful.
+  @retval FALSE   Encryption failed.
+
+**/
+BOOLEAN
+EFIAPI
+Pkcs1v2Encrypt (
+  IN CONST UINT8  *PublicKey,
+  IN UINTNPublicKeySize,
+  IN UINT8*InData,
+  IN UINTNInDataSize,
+  IN CONST UINT8  *PrngSeed OPTIONAL,
+  IN UINTNPrngSeedSize OPTIONAL,
+  OUT UINT8   **EncryptedData,
+  OUT UINTN   *EncryptedDataSize
+  )
+{
+  BOOLEAN  Result;
+  UINT32   Ret;
+  UINT8*OutData;
+  mbedtls_x509_crt CertContext;
+  mbedtls_rsa_context  RsaContext;
+
+  //
+  // Check input parameters.
+  //
+  if ((PublicKey == NULL) || (InData == NULL) ||
+  (EncryptedData == NULL) || (EncryptedDataSize == NULL))
+  {
+return FALSE;
+  }
+
+  //
+  // Check public key size.
+  //
+  if (PublicKeySize > UINT_MAX) {
+//
+// Public key size is too large for implementation.
+//
+return FALSE;
+  }
+
+  *EncryptedData = NULL;
+  *EncryptedDataSize = 0;
+  Result = FALSE;
+  OutData= NULL;
+
+  mbedtls_x509_crt_init ();
+
+  if (mbedtls_x509_crt_parse_der (, PublicKey, 
(UINT32)PublicKeySize) != 0) {
+goto _Exit;
+  }
+
+  if (mbedtls_pk_get_type () != MBEDTLS_PK_RSA) {
+goto _Exit;
+  }
+
+  mbedtls_rsa_init ();
+  if (mbedtls_rsa_set_padding (, MBEDTLS_RSA_PKCS_V21, 
MBEDTLS_MD_NONE) != 0) {
+goto _Exit;
+  }
+
+  Ret = mbedtls_rsa_copy (, mbedtls_pk_rsa (CertContext.pk));
+  if (Ret != 0) {
+goto _Exit;
+  }
+
+  *EncryptedDataSize = RsaContext.len;
+
+  //
+  // Allocate a buffer for the output data.
+  //
+  OutData = AllocateZeroPool (*EncryptedDataSize);
+  if (OutData == NULL) {
+//
+// Fail to allocate the output buffer.
+//
+goto _Exit;
+  }
+
+  Ret = mbedtls_rsa_pkcs1_encrypt (
+  ,
+  MbedtlsRand,
+  NULL,
+  InDataSize,
+  InData,
+  OutData
+  );
+  if (Ret != 0) {
+FreePool (OutData);
+OutData = NULL;
+goto _Exit;
+  }
+
+  *EncryptedData = OutData;
+  Result = TRUE;
+
+_Exit:
+  //
+  // Release Resources
+  //
+  if ( != NULL) {
+mbedtls_x509_crt_free ();
+  }
+
+  if ( != NULL) {
+mbedtls_rsa_free ();
+  }
+
+  return Result;
+}
+
+/**
+  Encrypts a blob using PKCS1v2 (RSAES-OAEP) schema. On success, 

[edk2-devel] [PATCH v4 04/11] CryptoPkg: Add X509 functions based on Mbedtls

[Wenxing Hou]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177

X.509 Certificate Handler Wrapper Implementation over MbedTLS.

Cc: Jiewen Yao 
Cc: Yi Li 
Signed-off-by: Wenxing Hou 
Reviewed-by: Yi Li 
Acked-by: Jiewen Yao 
---
 .../BaseCryptLibMbedTls/Pk/CryptX509.c| 1940 +
 1 file changed, 1940 insertions(+)
 create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptX509.c

diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptX509.c 
b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptX509.c
new file mode 100644
index 00..84b67c8f0a
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptX509.c
@@ -0,0 +1,1940 @@
+/** @file
+  X.509 Certificate Handler Wrapper Implementation over MbedTLS.
+
+Copyright (c) 2024, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "InternalCryptLib.h"
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+///
+/// OID
+///
+STATIC CONST UINT8  OID_commonName[] = {
+  0x55, 0x04, 0x03
+};
+STATIC CONST UINT8  OID_organizationName[] = {
+  0x55, 0x04, 0x0A
+};
+STATIC CONST UINT8  OID_extKeyUsage[] = {
+  0x55, 0x1D, 0x25
+};
+STATIC CONST UINT8  OID_BasicConstraints[] = {
+  0x55, 0x1D, 0x13
+};
+
+/* Profile for backward compatibility. Allows RSA 1024, unlike the default
+   profile. */
+STATIC mbedtls_x509_crt_profile  gCompatProfile =
+{
+  /* Hashes from SHA-256 and above. Note that this selection
+   * should be aligned with ssl_preset_default_hashes in ssl_tls.c. */
+  MBEDTLS_X509_ID_FLAG (MBEDTLS_MD_SHA256) |
+  MBEDTLS_X509_ID_FLAG (MBEDTLS_MD_SHA384) |
+  MBEDTLS_X509_ID_FLAG (MBEDTLS_MD_SHA512),
+  0xFFF,   /* Any PK alg*/
+
+  /* Curves at or above 128-bit security level. Note that this selection
+   * should be aligned with ssl_preset_default_curves in ssl_tls.c. */
+  MBEDTLS_X509_ID_FLAG (MBEDTLS_ECP_DP_SECP256R1) |
+  MBEDTLS_X509_ID_FLAG (MBEDTLS_ECP_DP_SECP384R1) |
+  MBEDTLS_X509_ID_FLAG (MBEDTLS_ECP_DP_SECP521R1) |
+  MBEDTLS_X509_ID_FLAG (MBEDTLS_ECP_DP_BP256R1) |
+  MBEDTLS_X509_ID_FLAG (MBEDTLS_ECP_DP_BP384R1) |
+  MBEDTLS_X509_ID_FLAG (MBEDTLS_ECP_DP_BP512R1) |
+  0,
+  1024,
+};
+
+/**
+  Construct a X509 object from DER-encoded certificate data.
+
+  If Cert is NULL, then return FALSE.
+  If SingleX509Cert is NULL, then return FALSE.
+
+  @param[in]  CertPointer to the DER-encoded certificate data.
+  @param[in]  CertSizeThe size of certificate data in bytes.
+  @param[out] SingleX509Cert  The generated X509 object.
+
+  @retval TRUEThe X509 object generation succeeded.
+  @retval FALSE   The operation failed.
+
+**/
+BOOLEAN
+EFIAPI
+X509ConstructCertificate (
+  IN CONST UINT8  *Cert,
+  IN UINTNCertSize,
+  OUT UINT8   **SingleX509Cert
+  )
+{
+  mbedtls_x509_crt  *MbedTlsCert;
+  INT32 Ret;
+
+  if ((Cert == NULL) || (SingleX509Cert == NULL) || (CertSize == 0)) {
+return FALSE;
+  }
+
+  MbedTlsCert = AllocateZeroPool (sizeof (mbedtls_x509_crt));
+  if (MbedTlsCert == NULL) {
+return FALSE;
+  }
+
+  mbedtls_x509_crt_init (MbedTlsCert);
+
+  *SingleX509Cert = (UINT8 *)(VOID *)MbedTlsCert;
+  Ret = mbedtls_x509_crt_parse_der (MbedTlsCert, Cert, CertSize);
+  if (Ret == 0) {
+return TRUE;
+  } else {
+mbedtls_x509_crt_free (MbedTlsCert);
+FreePool (MbedTlsCert);
+return FALSE;
+  }
+}
+
+/**
+  Construct a X509 stack object from a list of DER-encoded certificate data.
+
+  If X509Stack is NULL, then return FALSE.
+  If this interface is not supported, then return FALSE.
+
+  @param[in, out]  X509Stack  On input, pointer to an existing or NULL X509 
stack object.
+  On output, pointer to the X509 stack object with 
new
+  inserted X509 certificate.
+  @param[in]   Args   VA_LIST marker for the variable argument list.
+  A list of DER-encoded single certificate data 
followed
+  by certificate size. A NULL terminates the list. 
The
+  pairs are the arguments to 
X509ConstructCertificate().
+
+  @retval TRUEThe X509 stack construction succeeded.
+  @retval FALSE   The construction operation failed.
+  @retval FALSE   This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+X509ConstructCertificateStackV (
+  IN OUT UINT8  **X509Stack,
+  IN VA_LISTArgs
+  )
+{
+  UINT8 *Cert;
+  UINTN CertSize;
+  INT32 Index;
+  INT32 Ret;
+  mbedtls_x509_crt  *Crt;
+
+  if (X509Stack == NULL) {
+return FALSE;
+  }
+
+  Ret = 0;
+  Crt = NULL;
+  if (*X509Stack == NULL) {
+Crt = AllocateZeroPool (sizeof (mbedtls_x509_crt));
+if (Crt == NULL) {
+  return FALSE;
+}
+
+mbedtls_x509_crt_init (Crt);
+*X509Stack = (UINT8 *)Crt;
+  }
+
+  for (Index = 0; ; Index++) {
+//
+   

[edk2-devel] [PATCH v4 06/11] CryptoPkg: Add Pkcs5 functions based on Mbedtls

[Wenxing Hou]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177

PBKDF2 Key Derivation Function Wrapper Implementation over MbedTLS.

Cc: Jiewen Yao 
Cc: Yi Li 
Signed-off-by: Wenxing Hou 
Reviewed-by: Yi Li 
Acked-by: Jiewen Yao 
---
 .../BaseCryptLibMbedTls/Pk/CryptPkcs5Pbkdf2.c | 100 ++
 1 file changed, 100 insertions(+)
 create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs5Pbkdf2.c

diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs5Pbkdf2.c 
b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs5Pbkdf2.c
new file mode 100644
index 00..94f1fcfa3b
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs5Pbkdf2.c
@@ -0,0 +1,100 @@
+/** @file
+  PBKDF2 Key Derivation Function Wrapper Implementation over MbedTLS.
+
+Copyright (c) 2024, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "InternalCryptLib.h"
+#include 
+
+/**
+  Derives a key from a password using a salt and iteration count, based on 
PKCS#5 v2.0
+  password based encryption key derivation function PBKDF2, as specified in 
RFC 2898.
+
+  If Password or Salt or OutKey is NULL, then return FALSE.
+  If the hash algorithm could not be determined, then return FALSE.
+
+  @param[in]  PasswordLength  Length of input password in bytes.
+  @param[in]  PasswordPointer to the array for the password.
+  @param[in]  SaltLength  Size of the Salt in bytes.
+  @param[in]  SaltPointer to the Salt.
+  @param[in]  IterationCount  Number of iterations to perform. Its value 
should be
+  greater than or equal to 1.
+  @param[in]  DigestSize  Size of the message digest to be used (eg. 
SHA256_DIGEST_SIZE).
+  NOTE: DigestSize will be used to determine the 
hash algorithm.
+Only SHA1_DIGEST_SIZE or 
SHA256_DIGEST_SIZE is supported.
+  @param[in]  KeyLength   Size of the derived key buffer in bytes.
+  @param[out] OutKey  Pointer to the output derived key buffer.
+
+  @retval  TRUE   A key was derived successfully.
+  @retval  FALSE  One of the pointers was NULL or one of the sizes was too 
large.
+  @retval  FALSE  The hash algorithm could not be determined from the digest 
size.
+  @retval  FALSE  The key derivation operation failed.
+
+**/
+BOOLEAN
+EFIAPI
+Pkcs5HashPassword (
+  IN UINTNPasswordLength,
+  IN CONST CHAR8  *Password,
+  IN UINTNSaltLength,
+  IN CONST UINT8  *Salt,
+  IN UINTNIterationCount,
+  IN UINTNDigestSize,
+  IN UINTNKeyLength,
+  OUT UINT8   *OutKey
+  )
+{
+  mbedtls_md_type_t  HashAlg;
+
+  //
+  // Parameter Checking.
+  //
+  if ((Password == NULL) || (Salt == NULL) || (OutKey == NULL)) {
+return FALSE;
+  }
+
+  if ((PasswordLength == 0) || (PasswordLength > INT_MAX) ||
+  (SaltLength == 0) || (SaltLength > INT_MAX) ||
+  (KeyLength == 0) || (KeyLength > INT_MAX) ||
+  (IterationCount < 1) || (IterationCount > INT_MAX))
+  {
+return FALSE;
+  }
+
+  //
+  // Make sure the digest algorithm is supported.
+  //
+  switch (DigestSize) {
+case SHA1_DIGEST_SIZE:
+  HashAlg = MBEDTLS_MD_SHA1;
+  break;
+case SHA256_DIGEST_SIZE:
+  HashAlg = MBEDTLS_MD_SHA256;
+  break;
+default:
+  return FALSE;
+  break;
+  }
+
+  //
+  // Perform password-based key derivation routines.
+  //
+  if (mbedtls_pkcs5_pbkdf2_hmac_ext (
+HashAlg,
+(CONST UINT8 *)Password,
+(int)PasswordLength,
+(CONST UINT8 *)Salt,
+(int)SaltLength,
+(int)IterationCount,
+(int)KeyLength,
+(UINT8 *)OutKey
+) != 0)
+  {
+return FALSE;
+  } else {
+return TRUE;
+  }
+}
-- 
2.26.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119033): https://edk2.groups.io/g/devel/message/119033
Mute This Topic: https://groups.io/mt/106151221/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v4 05/11] CryptoPkg: Add Pkcs7 related functions based on Mbedtls

[Wenxing Hou]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177

Because the current Mbedlts pkcs7 library doesn't support
authenticatedAttributes
and only support 0 or 1 certificates in Signed data,
the patch implement Pkcs7 by low Mbedtls Api.

And the implementation has pass unit_tes and integration test.

Cc: Jiewen Yao 
Cc: Yi Li 
Signed-off-by: Wenxing Hou 
Reviewed-by: Yi Li 
Acked-by: Jiewen Yao 
---
 CryptoPkg/Include/Library/BaseCryptLib.h  |2 +
 .../BaseCryptLibMbedTls/InternalCryptLib.h|   33 +
 .../Pk/CryptPkcs7Internal.h   |   29 +-
 .../BaseCryptLibMbedTls/Pk/CryptPkcs7Sign.c   |  635 
 .../Pk/CryptPkcs7VerifyBase.c |  113 ++
 .../Pk/CryptPkcs7VerifyCommon.c   | 1354 +
 .../Pk/CryptPkcs7VerifyEku.c  |  689 +
 7 files changed, 2843 insertions(+), 12 deletions(-)
 create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7Sign.c
 create mode 100644 
CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7VerifyBase.c
 create mode 100644 
CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7VerifyCommon.c
 create mode 100644 
CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7VerifyEku.c

diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h 
b/CryptoPkg/Include/Library/BaseCryptLib.h
index 111df8e78b..ac5841f1d9 100644
--- a/CryptoPkg/Include/Library/BaseCryptLib.h
+++ b/CryptoPkg/Include/Library/BaseCryptLib.h
@@ -2351,6 +2351,8 @@ Pkcs7FreeSigners (
   unchained to the signer's certificates.
   The input signed data could be wrapped in a ContentInfo structure.
 
+  Pkcs7GetCertificatesList has not been implemented in BaseCryptoLibMbedTls.
+
   @param[in]  P7DataPointer to the PKCS#7 message.
   @param[in]  P7Length  Length of the PKCS#7 message in bytes.
   @param[out] SignerChainCerts  Pointer to the certificates list chained to 
signer's
diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h 
b/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h
index a30666cef4..c9f19dd0cd 100644
--- a/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h
+++ b/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h
@@ -38,4 +38,37 @@ MbedtlsRand (
   UINT8  *Output,
   UINTN  Len
   );
+
+/**
+  Check input P7Data is a wrapped ContentInfo structure or not. If not 
construct
+  a new structure to wrap P7Data.
+
+  Caution: This function may receive untrusted input.
+  UEFI Authenticated Variable is external input, so this function will do basic
+  check for PKCS#7 data structure.
+
+  @param[in]  P7Data   Pointer to the PKCS#7 message to verify.
+  @param[in]  P7Length Length of the PKCS#7 message in bytes.
+  @param[out] WrapFlag If TRUE P7Data is a ContentInfo structure, otherwise
+   return FALSE.
+  @param[out] WrapData If return status of this function is TRUE:
+   1) when WrapFlag is TRUE, pointer to P7Data.
+   2) when WrapFlag is FALSE, pointer to a new 
ContentInfo
+   structure. It's caller's responsibility to free this
+   buffer.
+  @param[out] WrapDataSize Length of ContentInfo structure in bytes.
+
+  @retval TRUE The operation is finished successfully.
+  @retval FALSEThe operation is failed due to lack of resources.
+
+**/
+BOOLEAN
+WrapPkcs7Data (
+  IN  CONST UINT8  *P7Data,
+  IN  UINTNP7Length,
+  OUT BOOLEAN  *WrapFlag,
+  OUT UINT8**WrapData,
+  OUT UINTN*WrapDataSize
+  );
+
 #endif
diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7Internal.h 
b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7Internal.h
index 207f493cbb..cbdd1dc530 100644
--- a/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7Internal.h
+++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7Internal.h
@@ -4,7 +4,7 @@
 
   RFC 2315 - PKCS #7: Cryptographic Message Syntax Version 1.5
 
-Copyright (c) 2023, Intel Corporation. All rights reserved.
+Copyright (c) 2023-2024, Intel Corporation. All rights reserved.
 SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
@@ -31,10 +31,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #define MBEDTLS_OID_PKCS7_DIGESTED_DATA  MBEDTLS_OID_PKCS7 "\x05"
 #define MBEDTLS_OID_PKCS7_ENCRYPTED_DATA MBEDTLS_OID_PKCS7 "\x06"
 
-typedef mbedtls_asn1_buf MBEDTLSPKCS7BUF;
-typedef mbedtls_asn1_named_data  MBEDTLSPKCS7NAME;
-typedef mbedtls_asn1_sequenceMBEDTLSPKCS7SEQUENCE;
-
 ///
 /// PKCS7 SignerInfo type
 /// https://tools.ietf.org/html/rfc2315#section-9.2
@@ -48,8 +44,8 @@ typedef struct MbedtlsPkcs7SignerInfo {
   mbedtls_x509_buf SigAlgIdentifier;
   mbedtls_x509_buf AuthAttr;
   mbedtls_x509_buf Sig;
-  struct MBEDTLSPKCS7SIGNERINFO*Next;
-} MBEDTLSPKCS7SIGNERINFO;
+  struct MbedtlsPkcs7SignerInfo*Next;
+} MbedtlsPkcs7SignerInfo;
 
 ///
 /// 

[edk2-devel] [PATCH v4 03/11] CryptoPkg: Add Pem APIs based on Mbedtls

[Wenxing Hou]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177

Implement Pem API based on Mbedtls.

Cc: Jiewen Yao 
Cc: Yi Li 
Signed-off-by: Wenxing Hou 
Reviewed-by: Yi Li 
Acked-by: Jiewen Yao 
---
 .../BaseCryptLibMbedTls/Pem/CryptPem.c| 138 ++
 1 file changed, 138 insertions(+)
 create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pem/CryptPem.c

diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Pem/CryptPem.c 
b/CryptoPkg/Library/BaseCryptLibMbedTls/Pem/CryptPem.c
new file mode 100644
index 00..56411174dd
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Pem/CryptPem.c
@@ -0,0 +1,138 @@
+/** @file
+  PEM (Privacy Enhanced Mail) Format Handler Wrapper Implementation over 
MbedTLS.
+
+Copyright (c) 2024, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "InternalCryptLib.h"
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+/**
+  Retrieve the RSA Private Key from the password-protected PEM key data.
+
+  @param[in]  PemData  Pointer to the PEM-encoded key data to be retrieved.
+  @param[in]  PemSize  Size of the PEM key data in bytes.
+  @param[in]  Password NULL-terminated passphrase used for encrypted PEM 
key data.
+  @param[out] RsaContext   Pointer to new-generated RSA context which contain 
the retrieved
+   RSA private key component. Use RsaFree() function 
to free the
+   resource.
+
+  If PemData is NULL, then return FALSE.
+  If RsaContext is NULL, then return FALSE.
+
+  @retval  TRUE   RSA Private Key was retrieved successfully.
+  @retval  FALSE  Invalid PEM key data or incorrect password.
+
+**/
+BOOLEAN
+EFIAPI
+RsaGetPrivateKeyFromPem (
+  IN   CONST UINT8  *PemData,
+  IN   UINTNPemSize,
+  IN   CONST CHAR8  *Password,
+  OUT  VOID **RsaContext
+  )
+{
+  INT32Ret;
+  mbedtls_pk_context   Pk;
+  mbedtls_rsa_context  *Rsa;
+  UINT8*NewPemData;
+  UINTNPasswordLen;
+
+  if ((PemData == NULL) || (RsaContext == NULL) || (PemSize > INT_MAX)) {
+return FALSE;
+  }
+
+  NewPemData = NULL;
+  if (PemData[PemSize - 1] != 0) {
+NewPemData = AllocateZeroPool (PemSize + 1);
+if (NewPemData == NULL) {
+  return FALSE;
+}
+
+CopyMem (NewPemData, PemData, PemSize + 1);
+NewPemData[PemSize] = 0;
+PemData = NewPemData;
+PemSize+= 1;
+  }
+
+  mbedtls_pk_init ();
+
+  if (Password != NULL) {
+PasswordLen = AsciiStrLen (Password);
+  } else {
+PasswordLen = 0;
+  }
+
+  Ret = mbedtls_pk_parse_key (, PemData, PemSize, (CONST UINT8 *)Password, 
PasswordLen, NULL, NULL);
+
+  if (NewPemData != NULL) {
+FreePool (NewPemData);
+NewPemData = NULL;
+  }
+
+  if (Ret != 0) {
+mbedtls_pk_free ();
+return FALSE;
+  }
+
+  if (mbedtls_pk_get_type () != MBEDTLS_PK_RSA) {
+mbedtls_pk_free ();
+return FALSE;
+  }
+
+  Rsa = RsaNew ();
+  if (Rsa == NULL) {
+mbedtls_pk_free ();
+return FALSE;
+  }
+
+  Ret = mbedtls_rsa_copy (Rsa, mbedtls_pk_rsa (Pk));
+  if (Ret != 0) {
+RsaFree (Rsa);
+mbedtls_pk_free ();
+return FALSE;
+  }
+
+  mbedtls_pk_free ();
+
+  *RsaContext = Rsa;
+  return TRUE;
+}
+
+/**
+  Retrieve the EC Private Key from the password-protected PEM key data.
+
+  @param[in]  PemData  Pointer to the PEM-encoded key data to be retrieved.
+  @param[in]  PemSize  Size of the PEM key data in bytes.
+  @param[in]  Password NULL-terminated passphrase used for encrypted PEM 
key data.
+  @param[out] EcContextPointer to new-generated EC DSA context which 
contain the retrieved
+   EC private key component. Use EcFree() function to 
free the
+   resource.
+
+  If PemData is NULL, then return FALSE.
+  If EcContext is NULL, then return FALSE.
+
+  @retval  TRUE   EC Private Key was retrieved successfully.
+  @retval  FALSE  Invalid PEM key data or incorrect password.
+
+**/
+BOOLEAN
+EFIAPI
+EcGetPrivateKeyFromPem (
+  IN   CONST UINT8  *PemData,
+  IN   UINTNPemSize,
+  IN   CONST CHAR8  *Password,
+  OUT  VOID **EcContext
+  )
+{
+  ASSERT (FALSE);
+  return FALSE;
+}
-- 
2.26.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119030): https://edk2.groups.io/g/devel/message/119030
Mute This Topic: https://groups.io/mt/106151217/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v4 02/11] CryptoPkg: Add rand function for BaseCryptLibMbedTls

[Wenxing Hou]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177

Add rand function for BaseCryptLibMbedTls.

Cc: Jiewen Yao 
Cc: Yi Li 
Signed-off-by: Wenxing Hou 
Reviewed-by: Yi Li 
Acked-by: Jiewen Yao 
---
 CryptoPkg/Include/Library/BaseCryptLib.h  |   2 +
 .../BaseCryptLibMbedTls/InternalCryptLib.h|  16 +++
 .../BaseCryptLibMbedTls/Rand/CryptRand.c  | 114 ++
 .../BaseCryptLibMbedTls/Rand/CryptRandTsc.c   | 114 ++
 4 files changed, 246 insertions(+)
 create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRand.c
 create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRandTsc.c

diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h 
b/CryptoPkg/Include/Library/BaseCryptLib.h
index 86f784a1d2..111df8e78b 100644
--- a/CryptoPkg/Include/Library/BaseCryptLib.h
+++ b/CryptoPkg/Include/Library/BaseCryptLib.h
@@ -3139,6 +3139,8 @@ DhComputeKey (
   If Seed is NULL, then default seed is used.
   If this interface is not supported, then return FALSE.
 
+  RandomSeed has not been implemented in BaseCryptoLibMbedTls.
+
   @param[in]  Seed  Pointer to seed value.
 If NULL, default seed is used.
   @param[in]  SeedSize  Size of seed value.
diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h 
b/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h
index 039aa32028..a30666cef4 100644
--- a/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h
+++ b/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h
@@ -22,4 +22,20 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 //
 #include 
 
+/**
+  The MbedTLS function f_rng, which MbedtlsRand implements.
+
+  @param[in]   RngState Not used, just for compatibility with mbedlts.
+  @param[out]  Output  Pointer to buffer to receive random value.
+  @param[in]   LenSize of random bytes to generate.
+
+  @retval 0  Pseudorandom byte stream generated successfully.
+  @retval Non-0  Pseudorandom number generator fails to generate due to lack 
of entropy.
+**/
+INT32
+MbedtlsRand (
+  VOID   *RngState,
+  UINT8  *Output,
+  UINTN  Len
+  );
 #endif
diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRand.c 
b/CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRand.c
new file mode 100644
index 00..e01aabc0de
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRand.c
@@ -0,0 +1,114 @@
+/** @file
+  Pseudorandom Number Generator Wrapper Implementation over MbedTLS.
+
+Copyright (c) 2024, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "InternalCryptLib.h"
+#include 
+
+/**
+  Sets up the seed value for the pseudorandom number generator.
+
+  This function sets up the seed value for the pseudorandom number generator.
+  If Seed is not NULL, then the seed passed in is used.
+  If Seed is NULL, then default seed is used.
+
+  @param[in]  Seed  Pointer to seed value.
+If NULL, default seed is used.
+  @param[in]  SeedSize  Size of seed value.
+If Seed is NULL, this parameter is ignored.
+
+  @retval TRUE   Pseudorandom number generator has enough entropy for random 
generation.
+  @retval FALSE  Pseudorandom number generator does not have enough entropy 
for random generation.
+
+**/
+BOOLEAN
+EFIAPI
+RandomSeed (
+  IN  CONST  UINT8  *Seed  OPTIONAL,
+  IN  UINTN SeedSize
+  )
+{
+  return TRUE;
+}
+
+/**
+  Generates a pseudorandom byte stream of the specified size.
+
+  If Output is NULL, then return FALSE.
+
+  @param[out]  Output  Pointer to buffer to receive random value.
+  @param[in]   SizeSize of random bytes to generate.
+
+  @retval TRUE   Pseudorandom byte stream generated successfully.
+  @retval FALSE  Pseudorandom number generator fails to generate due to lack 
of entropy.
+
+**/
+BOOLEAN
+EFIAPI
+RandomBytes (
+  OUT  UINT8  *Output,
+  IN   UINTN  Size
+  )
+{
+  BOOLEAN  Ret;
+  volatile UINT64  TempRand;
+
+  //
+  // Check input parameters.
+  //
+  if ((Output == NULL) || (Size > INT_MAX)) {
+return FALSE;
+  }
+
+  Ret = FALSE;
+
+  while (Size > 0) {
+// Use RngLib to get random number
+Ret = GetRandomNumber64 ((UINT64 *));
+
+if (!Ret) {
+  TempRand = 0;
+  return Ret;
+}
+
+if (Size >= sizeof (TempRand)) {
+  *((UINT64 *)Output) = TempRand;
+  Output += sizeof (UINT64);
+  Size   -= sizeof (TempRand);
+} else {
+  CopyMem (Output, (VOID *), Size);
+  Size = 0;
+}
+  }
+
+  TempRand = 0;
+  return Ret;
+}
+
+/**
+  The MbedTLS function f_rng, which MbedtlsRand implements.
+
+  @param[in]   RngState Not used, just for compatibility with mbedlts.
+  @param[out]  Output  Pointer to buffer to receive random value.
+  @param[in]   LenSize of random bytes to generate.
+
+  @retval 0  Pseudorandom byte stream generated successfully.
+  @retval Non-0  Pseudorandom number generator fails to generate due to 

[edk2-devel] [PATCH v4 00/11] Add more crypt APIs based on Mbedtls

[Wenxing Hou]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177

Add AeadAesGcm/Pem(only RSA)/X509(only RSA)/More 
RSA/PKCS5/pKCS7/Authenticode/Timestamp
implementation based on Mbedtls.

The patch has passed the EDKII CI check:
https://github.com/tianocore/edk2/pull/5645

And the patch has passed unit_test in EDKII and integration test for platform.
And the patch hass passed the fuzz test:
https://github.com/tianocore/edk2-staging/commit/4f19398053c92e4f7791d468a184530b6ab89128


There are three types of newly implemented APIs.
1.  First type of APIs pass the platform integration test by some secure 
features, such as Secure Boot, RPMC, etc.These APIs are: 
Sm3GetContextSize/ Sm3Init/Sm3Duplicate/ 
Sm3Update/Sm3Final/Sm3HashAll/RsaGetPrivateKeyFromPem/AuthenticodeVerify
Pkcs5HashPassword/Pkcs7GetSigners/Pkcs7FreeSigners/Pkcs7Sign/Pkcs7Verify/VerifyEKUsInPkcs7Signature/Pkcs7GetAttachedContent
RsaGetKey/ImageTimestampVerify/X509GetCommonName/X509GetTBSCert/RandomBytes

2.  Second type of APIs pass the platform integration test by 
DevieSecurity. These APIs are: 
AeadAesGcmEncrypt/AeadAesGcmDecrypt/RsaGenerateKey/RsaCheckKey/RsaPkcs1Sign/RsaPssSign/X509GetSubjectName
X509GetOrganizationName/X509VerifyCert/X509ConstructCertificate/X509ConstructCertificateStackV/X509ConstructCertificateStack
X509Free/X509StackFree

3.  Third type of APIs don't have platform integration, but the API passed 
the EDKII uint_test. The API is:
Pcs1v2Encrypt

v2 changes:
 - Fix format variable name/hardcode number issue;
 - Fix Pkcs7 memory leak;

v3 changes:
 - Fix some issues form reviewer;
 - Add SHA3/SM3 implementation;
 - Update *.inf files;

v4 changes:
 - Delete SHA3 implementation;
 - Complete Sm3 by linking OopensslLib;
 - collection data for platform integration test for newly implemented APIs;

Cc: Jiewen Yao 
Cc: Yi Li 
Signed-off-by: Wenxing Hou 
Reviewed-by: Yi Li 
Acked-by: Jiewen Yao 

Wenxing Hou (11):
  CryptoPkg: Add AeadAesGcm based on Mbedtls
  CryptoPkg: Add rand function for BaseCryptLibMbedTls
  CryptoPkg: Add Pem APIs based on Mbedtls
  CryptoPkg: Add X509 functions based on Mbedtls
  CryptoPkg: Add Pkcs7 related functions based on Mbedtls
  CryptoPkg: Add Pkcs5 functions based on Mbedtls
  CryptoPkg: Add more RSA related functions based on Mbedtls
  CryptoPkg: Add AuthenticodeVerify based on Mbedtls
  CryptoPkg: Add ImageTimestampVerify based on Mbedtls
  CryptoPkg: Update *.inf in BaseCryptLibMbedTls
  Add SM3 functions with openssl for Mbedtls

 CryptoPkg/CryptoPkgMbedTls.dsc|1 +
 CryptoPkg/Include/Library/BaseCryptLib.h  |4 +
 .../BaseCryptLibMbedTls/BaseCryptLib.inf  |   43 +-
 .../Cipher/CryptAeadAesGcm.c  |  227 ++
 .../BaseCryptLibMbedTls/Hash/CryptSm3.c   |  235 ++
 .../BaseCryptLibMbedTls/InternalCryptLib.h|   49 +
 .../BaseCryptLibMbedTls/PeiCryptLib.inf   |   23 +-
 .../BaseCryptLibMbedTls/Pem/CryptPem.c|  138 ++
 .../Pk/CryptAuthenticode.c|  214 ++
 .../BaseCryptLibMbedTls/Pk/CryptPkcs1Oaep.c   |  278 +++
 .../BaseCryptLibMbedTls/Pk/CryptPkcs5Pbkdf2.c |  100 +
 .../Pk/CryptPkcs7Internal.h   |   29 +-
 .../BaseCryptLibMbedTls/Pk/CryptPkcs7Sign.c   |  635 ++
 .../Pk/CryptPkcs7VerifyBase.c |  113 +
 .../Pk/CryptPkcs7VerifyCommon.c   | 1354 
 .../Pk/CryptPkcs7VerifyEku.c  |  689 ++
 .../BaseCryptLibMbedTls/Pk/CryptRsaExt.c  |  352 +++
 .../BaseCryptLibMbedTls/Pk/CryptRsaPssSign.c  |  140 ++
 .../Library/BaseCryptLibMbedTls/Pk/CryptTs.c  |  381 
 .../BaseCryptLibMbedTls/Pk/CryptX509.c| 1940 +
 .../BaseCryptLibMbedTls/Rand/CryptRand.c  |  114 +
 .../BaseCryptLibMbedTls/Rand/CryptRandTsc.c   |  114 +
 .../BaseCryptLibMbedTls/RuntimeCryptLib.inf   |   27 +-
 .../BaseCryptLibMbedTls/SecCryptLib.inf   |1 -
 .../BaseCryptLibMbedTls/SmmCryptLib.inf   |   32 +-
 .../SysCall/BaseMemAllocation.c   |  122 ++
 .../SysCall/DummyOpensslSupport.c |  571 +
 .../SysCall/UnitTestHostCrtWrapper.c  |   63 +
 .../BaseCryptLibMbedTls/TestBaseCryptLib.inf  |   40 +-
 29 files changed, 7946 insertions(+), 83 deletions(-)
 create mode 100644 
CryptoPkg/Library/BaseCryptLibMbedTls/Cipher/CryptAeadAesGcm.c
 create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSm3.c
 create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pem/CryptPem.c
 create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptAuthenticode.c
 create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs1Oaep.c
 create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs5Pbkdf2.c
 create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7Sign.c
 create mode 100644 
CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7VerifyBase.c
 create mode 100644 
CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7VerifyCommon.c
 create mode 100644 

[edk2-devel] [PATCH v4 01/11] CryptoPkg: Add AeadAesGcm based on Mbedtls

[Wenxing Hou]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177

AeadAesGcm implementation based on Mbedtls.

Cc: Jiewen Yao 
Cc: Yi Li 
Signed-off-by: Wenxing Hou 
Reviewed-by: Yi Li 
Acked-by: Jiewen Yao 
---
 .../Cipher/CryptAeadAesGcm.c  | 227 ++
 1 file changed, 227 insertions(+)
 create mode 100644 
CryptoPkg/Library/BaseCryptLibMbedTls/Cipher/CryptAeadAesGcm.c

diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Cipher/CryptAeadAesGcm.c 
b/CryptoPkg/Library/BaseCryptLibMbedTls/Cipher/CryptAeadAesGcm.c
new file mode 100644
index 00..b49d6f9f87
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Cipher/CryptAeadAesGcm.c
@@ -0,0 +1,227 @@
+/** @file
+  AEAD (AES-GCM) Wrapper Implementation over MbedTLS.
+
+  RFC 5116 - An Interface and Algorithms for Authenticated Encryption
+  NIST SP800-38d - Cipher Modes of Operation: Galois / Counter Mode(GCM) and 
GMAC
+
+Copyright (c) 2024, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "InternalCryptLib.h"
+#include 
+
+/**
+  Performs AEAD AES-GCM authenticated encryption on a data buffer and 
additional authenticated data (AAD).
+
+  IvSize must be 12, otherwise FALSE is returned.
+  KeySize must be 16, 24 or 32, otherwise FALSE is returned.
+  TagSize must be 12, 13, 14, 15, 16, otherwise FALSE is returned.
+
+  @param[in]   Key Pointer to the encryption key.
+  @param[in]   KeySize Size of the encryption key in bytes.
+  @param[in]   Iv  Pointer to the IV value.
+  @param[in]   IvSize  Size of the IV value in bytes.
+  @param[in]   AData   Pointer to the additional authenticated data (AAD).
+  @param[in]   ADataSize   Size of the additional authenticated data (AAD) in 
bytes.
+  @param[in]   DataIn  Pointer to the input data buffer to be encrypted.
+  @param[in]   DataInSize  Size of the input data buffer in bytes.
+  @param[out]  TagOut  Pointer to a buffer that receives the 
authentication tag output.
+  @param[in]   TagSize Size of the authentication tag in bytes.
+  @param[out]  DataOut Pointer to a buffer that receives the encryption 
output.
+  @param[out]  DataOutSize Size of the output data buffer in bytes.
+
+  @retval TRUE   AEAD AES-GCM authenticated encryption succeeded.
+  @retval FALSE  AEAD AES-GCM authenticated encryption failed.
+
+**/
+BOOLEAN
+EFIAPI
+AeadAesGcmEncrypt (
+  IN   CONST UINT8  *Key,
+  IN   UINTNKeySize,
+  IN   CONST UINT8  *Iv,
+  IN   UINTNIvSize,
+  IN   CONST UINT8  *AData,
+  IN   UINTNADataSize,
+  IN   CONST UINT8  *DataIn,
+  IN   UINTNDataInSize,
+  OUT  UINT8*TagOut,
+  IN   UINTNTagSize,
+  OUT  UINT8*DataOut,
+  OUT  UINTN*DataOutSize
+  )
+{
+  mbedtls_gcm_context  Ctx;
+  INT32Ret;
+
+  if (DataInSize > INT_MAX) {
+return FALSE;
+  }
+
+  if (ADataSize > INT_MAX) {
+return FALSE;
+  }
+
+  if (IvSize != 12) {
+return FALSE;
+  }
+
+  switch (KeySize) {
+case 16:
+case 24:
+case 32:
+  break;
+default:
+  return FALSE;
+  }
+
+  if ((TagSize != 12) && (TagSize != 13) && (TagSize != 14) && (TagSize != 15) 
&& (TagSize != 16)) {
+return FALSE;
+  }
+
+  if (DataOutSize != NULL) {
+if ((*DataOutSize > INT_MAX) || (*DataOutSize < DataInSize)) {
+  return FALSE;
+}
+  }
+
+  mbedtls_gcm_init ();
+
+  Ret = mbedtls_gcm_setkey (, MBEDTLS_CIPHER_ID_AES, Key, (UINT32)(KeySize 
* 8));
+  if (Ret != 0) {
+return FALSE;
+  }
+
+  Ret = mbedtls_gcm_crypt_and_tag (
+  ,
+  MBEDTLS_GCM_ENCRYPT,
+  (UINT32)DataInSize,
+  Iv,
+  (UINT32)IvSize,
+  AData,
+  (UINT32)ADataSize,
+  DataIn,
+  DataOut,
+  TagSize,
+  TagOut
+  );
+  mbedtls_gcm_free ();
+  if (Ret != 0) {
+return FALSE;
+  }
+
+  if (DataOutSize != NULL) {
+*DataOutSize = DataInSize;
+  }
+
+  return TRUE;
+}
+
+/**
+  Performs AEAD AES-GCM authenticated decryption on a data buffer and 
additional authenticated data (AAD).
+
+  IvSize must be 12, otherwise FALSE is returned.
+  KeySize must be 16, 24 or 32, otherwise FALSE is returned.
+  TagSize must be 12, 13, 14, 15, 16, otherwise FALSE is returned.
+  If additional authenticated data verification fails, FALSE is returned.
+
+  @param[in]   Key Pointer to the encryption key.
+  @param[in]   KeySize Size of the encryption key in bytes.
+  @param[in]   Iv  Pointer to the IV value.
+  @param[in]   IvSize  Size of the IV value in bytes.
+  @param[in]   AData   Pointer to the additional authenticated data (AAD).
+  @param[in]   ADataSize   Size of the additional authenticated data (AAD) in 
bytes.
+  @param[in]   DataIn  Pointer to the input data buffer to be decrypted.
+  @param[in]   DataInSize  Size of the input data buffer in bytes.
+  @param[in]   Tag Pointer to a buffer that contains the 

[edk2-devel] [PATCH 9/9] MdeModulePkg:Add global variable mVariableRtCacheInfo

[duntan]

Add global variable mVariableRtCacheInfo to save the
content in gEdkiiVariableRuntimeCacheInfoHobGuid. With
this new global variable, 7 global variables can be
removed.

Signed-off-by: Dun Tan 
Cc: Ray Ni 
Cc: Liming Gao 
Cc: Jiaxin Wu 
---
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c | 97 
+
 1 file changed, 41 insertions(+), 56 deletions(-)

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c 
b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
index 6efe5cee10..de39462d68 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
@@ -44,26 +44,20 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #include "PrivilegePolymorphic.h"
 #include "VariableParsing.h"
 
-EFI_HANDLE  mHandle  = NULL;
-EFI_SMM_VARIABLE_PROTOCOL   *mSmmVariable= NULL;
-EFI_EVENT   mVirtualAddressChangeEvent   = NULL;
-EFI_MM_COMMUNICATION2_PROTOCOL  *mMmCommunication2   = NULL;
-UINT8   *mVariableBuffer = NULL;
-UINT8   *mVariableBufferPhysical = NULL;
-VARIABLE_INFO_ENTRY *mVariableInfo   = NULL;
-VARIABLE_STORE_HEADER   *mVariableRuntimeHobCacheBuffer  = NULL;
-VARIABLE_STORE_HEADER   *mVariableRuntimeNvCacheBuffer   = NULL;
-VARIABLE_STORE_HEADER   *mVariableRuntimeVolatileCacheBuffer = NULL;
+EFI_HANDLE  mHandle= NULL;
+EFI_SMM_VARIABLE_PROTOCOL   *mSmmVariable  = NULL;
+EFI_EVENT   mVirtualAddressChangeEvent = NULL;
+EFI_MM_COMMUNICATION2_PROTOCOL  *mMmCommunication2 = NULL;
+UINT8   *mVariableBuffer   = NULL;
+UINT8   *mVariableBufferPhysical   = NULL;
+VARIABLE_INFO_ENTRY *mVariableInfo = NULL;
 UINTN   mVariableBufferSize;
-UINTN   mVariableRuntimeHobCacheBufferSize;
 UINTN   mVariableBufferPayloadSize;
-BOOLEAN *mVariableRuntimeCachePendingUpdate;
-BOOLEAN *mVariableRuntimeCacheReadLock;
 BOOLEAN mVariableAuthFormat;
-BOOLEAN *mHobFlushComplete;
 EFI_LOCKmVariableServicesLock;
 EDKII_VARIABLE_LOCK_PROTOCOLmVariableLock;
 EDKII_VAR_CHECK_PROTOCOLmVarCheck;
+VARIABLE_RUNTIME_CACHE_INFO mVariableRtCacheInfo;
 
 /**
   The logic to initialize the VariablePolicy engine is in its own file.
@@ -500,21 +494,21 @@ CheckForRuntimeCacheSync (
   VOID
   )
 {
-  if (*mVariableRuntimeCachePendingUpdate) {
+  if (mVariableRtCacheInfo.CacheInfoFlag->PendingUpdate) {
 SyncRuntimeCache ();
   }
 
-  ASSERT (!(*mVariableRuntimeCachePendingUpdate));
+  ASSERT (!(mVariableRtCacheInfo.CacheInfoFlag->PendingUpdate));
 
   //
   // The HOB variable data may have finished being flushed in the runtime 
cache sync update
   //
-  if ((*mHobFlushComplete) && (mVariableRuntimeHobCacheBuffer != NULL)) {
+  if ((mVariableRtCacheInfo.CacheInfoFlag->HobFlushComplete) && 
(mVariableRtCacheInfo.RuntimeHobCacheBuffer != 0)) {
 if (!EfiAtRuntime ()) {
-  FreePages (mVariableRuntimeHobCacheBuffer, EFI_SIZE_TO_PAGES 
(mVariableRuntimeHobCacheBufferSize));
+  FreePages ((VOID *)(UINTN)mVariableRtCacheInfo.RuntimeHobCacheBuffer, 
mVariableRtCacheInfo.RuntimeHobCachePages);
 }
 
-mVariableRuntimeHobCacheBuffer = NULL;
+mVariableRtCacheInfo.RuntimeHobCacheBuffer = 0;
   }
 }
 
@@ -565,20 +559,20 @@ FindVariableInRuntimeCache (
   // a GetVariable () or GetNextVariable () call from being issued until a 
prior call has returned. The runtime
   // cache read lock should always be free when entering this function.
   //
-  ASSERT (!(*mVariableRuntimeCacheReadLock));
+  ASSERT (!(mVariableRtCacheInfo.CacheInfoFlag->ReadLock));
 
-  *mVariableRuntimeCacheReadLock = TRUE;
+  mVariableRtCacheInfo.CacheInfoFlag->ReadLock = TRUE;
   CheckForRuntimeCacheSync ();
 
-  if (!(*mVariableRuntimeCachePendingUpdate)) {
+  if (!(mVariableRtCacheInfo.CacheInfoFlag->PendingUpdate)) {
 //
 // 0: Volatile, 1: HOB, 2: Non-Volatile.
 // The index and attributes mapping must be kept in this order as 
FindVariable
 // makes use of this mapping to implement search algorithm.
 //
-VariableStoreList[VariableStoreTypeVolatile] = 
mVariableRuntimeVolatileCacheBuffer;
-VariableStoreList[VariableStoreTypeHob]  = 
mVariableRuntimeHobCacheBuffer;
-VariableStoreList[VariableStoreTypeNv]   = 
mVariableRuntimeNvCacheBuffer;
+

[edk2-devel] [PATCH 8/9] MdeModulePkg: Refine InitVariableCache()

[duntan]

Refine the code logic in InitVariableCache().
In this commit, three times calling of
InitVariableCache() for different type cache are
merged into one calling. This commit is to make
the code looks cleaner and doesn't change any
code functionality.

Signed-off-by: Dun Tan 
Cc: Ray Ni 
Cc: Liming Gao 
Cc: Jiaxin Wu 
---
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c | 198 
+++---
 1 file changed, 95 insertions(+), 103 deletions(-)

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c 
b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
index 68a249c5ac..6efe5cee10 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
@@ -144,54 +144,6 @@ AtRuntime (
   return EfiAtRuntime ();
 }
 
-/**
-  Initialize the variable cache buffer as an empty variable store.
-
-  @param[out] VariableCacheBuffer A pointer to pointer of a cache 
variable store.
-  @param[in,out]  TotalVariableCacheSize  On input, the minimum size needed 
for the UEFI variable store cache
-  buffer that is allocated. On output, 
the actual size of the buffer allocated.
-  If TotalVariableCacheSize is zero, a 
buffer will not be allocated and the
-  function will return with 
EFI_SUCCESS.
-
-  @retval EFI_SUCCESS The variable cache was allocated and 
initialized successfully.
-  @retval EFI_INVALID_PARAMETER   A given pointer is NULL or an invalid 
variable store size was specified.
-  @retval EFI_OUT_OF_RESOURCESInsufficient resources are available to 
allocate the variable store cache buffer.
-
-**/
-EFI_STATUS
-InitVariableCache (
-  OUTVARIABLE_STORE_HEADER  **VariableCacheBuffer,
-  IN OUT UINTN  *TotalVariableCacheSize
-  )
-{
-  VARIABLE_STORE_HEADER  *VariableCacheStorePtr;
-  EFI_STATUS Status;
-
-  if (TotalVariableCacheSize == NULL) {
-return EFI_INVALID_PARAMETER;
-  }
-
-  if (*TotalVariableCacheSize == 0) {
-return EFI_SUCCESS;
-  }
-
-  if ((VariableCacheBuffer == NULL) || (*TotalVariableCacheSize < sizeof 
(VARIABLE_STORE_HEADER))) {
-return EFI_INVALID_PARAMETER;
-  }
-
-  *TotalVariableCacheSize = ALIGN_VALUE (*TotalVariableCacheSize, sizeof 
(UINT32));
-
-  VariableCacheStorePtr = *VariableCacheBuffer;
-  SetMem32 ((VOID *)VariableCacheStorePtr, *TotalVariableCacheSize, 
(UINT32)0x);
-
-  ZeroMem ((VOID *)VariableCacheStorePtr, sizeof (VARIABLE_STORE_HEADER));
-  VariableCacheStorePtr->Size   = (UINT32)*TotalVariableCacheSize;
-  VariableCacheStorePtr->Format = VARIABLE_STORE_FORMATTED;
-  VariableCacheStorePtr->State  = VARIABLE_STORE_HEALTHY;
-
-  return EFI_SUCCESS;
-}
-
 /**
   Initialize the communicate buffer using DataSize and Function.
 
@@ -1554,6 +1506,92 @@ Done:
   return Status;
 }
 
+/**
+  Initialize the variable cache buffer as an empty variable store.
+
+  @param[in]  VariableCacheBuffer A pointer to pointer of a cache variable 
store.
+  @param[in]  TotalVariableCacheSize  The size needed for the UEFI variable 
store cache buffer that is allocated.
+
+**/
+VOID
+InitVariableStoreHeader (
+  IN  VARIABLE_STORE_HEADER  *VariableCacheBuffer,
+  IN  UINTN  TotalVariableCacheSize
+  )
+{
+  if (TotalVariableCacheSize > 0) {
+ASSERT ((VariableCacheBuffer != NULL) && (TotalVariableCacheSize >= sizeof 
(VARIABLE_STORE_HEADER)));
+
+SetMem32 ((VOID *)VariableCacheBuffer, TotalVariableCacheSize, 
(UINT32)0x);
+ZeroMem ((VOID *)VariableCacheBuffer, sizeof (VARIABLE_STORE_HEADER));
+VariableCacheBuffer->Size   = (UINT32)TotalVariableCacheSize;
+VariableCacheBuffer->Format = VARIABLE_STORE_FORMATTED;
+VariableCacheBuffer->State  = VARIABLE_STORE_HEALTHY;
+  }
+}
+
+/**
+  Initialize the runtime variable cache related content.
+
+  @retval EFI_SUCCESSInitialize the runtime variable cache related content 
successfully.
+  @retval Others Could not initialize the runtime variable cache 
related content successfully.
+
+**/
+EFI_STATUS
+InitVariableCache (
+  VOID
+  )
+{
+  EFI_STATUS   Status;
+  UINTNExpectedHobCacheSize;
+  UINTNExpectedNvCacheSize;
+  UINTNExpectedVolatileCacheSize;
+  UINTNAllocatedHobCacheSize;
+  UINTNAllocatedNvCacheSize;
+  UINTNAllocatedVolatileCacheSize;
+  EFI_HOB_GUID_TYPE*GuidHob;
+  VARIABLE_RUNTIME_CACHE_INFO  *VariableRuntimeCacheHob;
+
+  DEBUG ((DEBUG_INFO, "Variable driver runtime cache is enabled.\n"));
+  //
+  // Get 

[edk2-devel] [PATCH 7/9] MdeModulePkg:Consume gEdkiiVariableRuntimeCacheInfoHobGuid

[duntan]

Consume gEdkiiVariableRuntimeCacheInfoHobGuid in

VariableSmmRuntimeDxe driver to initialize the following

variable cache related buffer:
  *mVariableRuntimeHobCacheBuffer
  *mVariableRuntimeNvCacheBuffer
  *mVariableRuntimeVolatileCacheBuffer
  *mVariableRuntimeCachePendingUpdate
  *mVariableRuntimeCacheReadLock
  *mHobFlushComplete

The code to to allocate 
and unblock the buffer for
different type cache in VariableSmmRuntimeDxe is also
removed in this commit.

Signed-off-by: Dun Tan 
Cc: Ray Ni 
Cc: Liming Gao 

Cc: Jiaxin Wu 
---
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c   | 120 
+---
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf |   5 
+++--
 2 files changed, 52 insertions(+), 73 deletions(-)

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c 
b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
index 8b42ae7d72..68a249c5ac 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
@@ -35,10 +35,11 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #include 
 #include 
 #include 
-#include 
+#include 
 
 #include 
 #include 
+#include 
 
 #include "PrivilegePolymorphic.h"
 #include "VariableParsing.h"
@@ -56,10 +57,10 @@ VARIABLE_STORE_HEADER   
*mVariableRuntimeVolatileCacheBuffer = NULL;
 UINTN   mVariableBufferSize;
 UINTN   mVariableRuntimeHobCacheBufferSize;
 UINTN   mVariableBufferPayloadSize;
-BOOLEAN mVariableRuntimeCachePendingUpdate;
-BOOLEAN mVariableRuntimeCacheReadLock;
+BOOLEAN *mVariableRuntimeCachePendingUpdate;
+BOOLEAN *mVariableRuntimeCacheReadLock;
 BOOLEAN mVariableAuthFormat;
-BOOLEAN mHobFlushComplete;
+BOOLEAN *mHobFlushComplete;
 EFI_LOCKmVariableServicesLock;
 EDKII_VARIABLE_LOCK_PROTOCOLmVariableLock;
 EDKII_VAR_CHECK_PROTOCOLmVarCheck;
@@ -180,27 +181,6 @@ InitVariableCache (
 
   *TotalVariableCacheSize = ALIGN_VALUE (*TotalVariableCacheSize, sizeof 
(UINT32));
 
-  //
-  // Allocate NV Storage Cache and initialize it to all 1's (like an erased FV)
-  //
-  *VariableCacheBuffer =  (VARIABLE_STORE_HEADER *)AllocateRuntimePages (
- EFI_SIZE_TO_PAGES 
(*TotalVariableCacheSize)
- );
-  if (*VariableCacheBuffer == NULL) {
-return EFI_OUT_OF_RESOURCES;
-  }
-
-  //
-  // Request to unblock the newly allocated cache region to be accessible from 
inside MM
-  //
-  Status = MmUnblockMemoryRequest (
- (EFI_PHYSICAL_ADDRESS)(UINTN)*VariableCacheBuffer,
- EFI_SIZE_TO_PAGES (*TotalVariableCacheSize)
- );
-  if ((Status != EFI_UNSUPPORTED) && EFI_ERROR (Status)) {
-return Status;
-  }
-
   VariableCacheStorePtr = *VariableCacheBuffer;
   SetMem32 ((VOID *)VariableCacheStorePtr, *TotalVariableCacheSize, 
(UINT32)0x);
 
@@ -568,16 +548,16 @@ CheckForRuntimeCacheSync (
   VOID
   )
 {
-  if (mVariableRuntimeCachePendingUpdate) {
+  if (*mVariableRuntimeCachePendingUpdate) {
 SyncRuntimeCache ();
   }
 
-  ASSERT (!mVariableRuntimeCachePendingUpdate);
+  ASSERT (!(*mVariableRuntimeCachePendingUpdate));
 
   //
   // The HOB variable data may have finished being flushed in the runtime 
cache sync update
   //
-  if (mHobFlushComplete && (mVariableRuntimeHobCacheBuffer != NULL)) {
+  if ((*mHobFlushComplete) && (mVariableRuntimeHobCacheBuffer != NULL)) {
 if (!EfiAtRuntime ()) {
   FreePages (mVariableRuntimeHobCacheBuffer, EFI_SIZE_TO_PAGES 
(mVariableRuntimeHobCacheBufferSize));
 }
@@ -633,12 +613,12 @@ FindVariableInRuntimeCache (
   // a GetVariable () or GetNextVariable () call from being issued until a 
prior call has returned. The runtime
   // cache read lock should always be free when entering this function.
   //
-  ASSERT (!mVariableRuntimeCacheReadLock);
+  ASSERT (!(*mVariableRuntimeCacheReadLock));
 
-  mVariableRuntimeCacheReadLock = TRUE;
+  *mVariableRuntimeCacheReadLock = TRUE;
   CheckForRuntimeCacheSync ();
 
-  if (!mVariableRuntimeCachePendingUpdate) {
+  if (!(*mVariableRuntimeCachePendingUpdate)) {
 //
 // 0: Volatile, 1: HOB, 2: Non-Volatile.
 // The index and attributes mapping must be kept in this order as 
FindVariable
@@ -698,7 +678,7 @@ Done:
 }
   }
 
-  mVariableRuntimeCacheReadLock = FALSE;
+  *mVariableRuntimeCacheReadLock = FALSE;
 
   return Status;
 }
@@ -921,12 +901,12 @@ GetNextVariableNameInRuntimeCache (
   // a GetVariable () or GetNextVariable () call from being issued until a 
prior 

[edk2-devel] [PATCH 6/9] MdeModulePkg:Remove unnecessary global variable

[duntan]

Remove the two unnecessary global variables and
replace them by two local variables:
mVariableRuntimeNvCacheBufferSize
mVariableRuntimeVolatileCacheBufferSize

Signed-off-by: Dun Tan 
Cc: Ray Ni 
Cc: Liming Gao 
Cc: Jiaxin Wu 
---
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c | 14 
+++---
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c 
b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
index 6930875e9f..8b42ae7d72 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
@@ -13,7 +13,7 @@
 
   InitCommunicateBuffer() is really function to check the variable data size.
 
-Copyright (c) 2010 - 2019, Intel Corporation. All rights reserved.
+Copyright (c) 2010 - 2024, Intel Corporation. All rights reserved.
 Copyright (c) Microsoft Corporation.
 SPDX-License-Identifier: BSD-2-Clause-Patent
 
@@ -55,8 +55,6 @@ VARIABLE_STORE_HEADER   
*mVariableRuntimeNvCacheBuffer   = NULL;
 VARIABLE_STORE_HEADER   *mVariableRuntimeVolatileCacheBuffer = NULL;
 UINTN   mVariableBufferSize;
 UINTN   mVariableRuntimeHobCacheBufferSize;
-UINTN   mVariableRuntimeNvCacheBufferSize;
-UINTN   mVariableRuntimeVolatileCacheBufferSize;
 UINTN   mVariableBufferPayloadSize;
 BOOLEAN mVariableRuntimeCachePendingUpdate;
 BOOLEAN mVariableRuntimeCacheReadLock;
@@ -1691,6 +1689,8 @@ SmmVariableReady (
   )
 {
   EFI_STATUS  Status;
+  UINTN   RuntimeNvCacheSize;
+  UINTN   RuntimeVolatileCacheSize;
 
   Status = gBS->LocateProtocol (, NULL, (VOID 
**));
   if (EFI_ERROR (Status)) {
@@ -1721,16 +1721,16 @@ SmmVariableReady (
 //
 Status =  GetRuntimeCacheInfo (
 ,
-,
-,
+,
+,
 
 );
 if (!EFI_ERROR (Status)) {
   Status = InitVariableCache (, 
);
   if (!EFI_ERROR (Status)) {
-Status = InitVariableCache (, 
);
+Status = InitVariableCache (, 
);
 if (!EFI_ERROR (Status)) {
-  Status = InitVariableCache (, 
);
+  Status = InitVariableCache (, 
);
   if (!EFI_ERROR (Status)) {
 Status = SendRuntimeVariableCacheContextToSmm ();
 if (!EFI_ERROR (Status)) {
-- 
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119023): https://edk2.groups.io/g/devel/message/119023
Mute This Topic: https://groups.io/mt/106150803/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH 5/9] MdeModulePkg:Create gEdkiiVariableRuntimeCacheInfoHobGuid

[duntan]

Install the callback of gEfiPeiMemoryDiscoveredPpiGuid
to create gEdkiiVariableRuntimeCacheInfoHobGuid in
VariablePei module. When PcdEnableVariableRuntimeCache
is TRUE, the callback will be installed to allocate
the needed buffer for different type variable runtime
cache, unblock the buffer and build this HOB. Then the
runtime cache buffer address and size will be saved in
the HOB content.

Signed-off-by: Dun Tan 
Cc: Ray Ni 
Cc: Liming Gao 
Cc: Jiaxin Wu 
---
 MdeModulePkg/Universal/Variable/Pei/Variable.c  | 298 
+-
 MdeModulePkg/Universal/Variable/Pei/Variable.h  |   3 +++
 MdeModulePkg/Universal/Variable/Pei/VariablePei.inf |   8 +++-
 3 files changed, 307 insertions(+), 2 deletions(-)

diff --git a/MdeModulePkg/Universal/Variable/Pei/Variable.c 
b/MdeModulePkg/Universal/Variable/Pei/Variable.c
index 26a4c73b45..15419eb437 100644
--- a/MdeModulePkg/Universal/Variable/Pei/Variable.c
+++ b/MdeModulePkg/Universal/Variable/Pei/Variable.c
@@ -2,7 +2,7 @@
   Implement ReadOnly Variable Services required by PEIM and install
   PEI ReadOnly Varaiable2 PPI. These services operates the non volatile 
storage space.
 
-Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.
+Copyright (c) 2006 - 2024, Intel Corporation. All rights reserved.
 Copyright (c) Microsoft Corporation.
 SPDX-License-Identifier: BSD-2-Clause-Patent
 
@@ -24,6 +24,31 @@ EFI_PEI_PPI_DESCRIPTOR  mPpiListVariable = {
   
 };
 
+/**
+  Build gEdkiiVariableRuntimeCacheInfoHobGuid.
+
+  @param[in] PeiServices  General purpose services available to every 
PEIM.
+  @param[in] NotifyDescriptor The notification structure this PEIM 
registered on install.
+  @param[in] Ppi  The memory discovered PPI.  Not used.
+
+  @retval EFI_SUCCESS The function completed successfully.
+  @retval others  Failed to build VariableRuntimeCacheInfo Hob.
+
+**/
+EFI_STATUS
+EFIAPI
+BuildVariableRuntimeCacheInfoHob (
+  IN EFI_PEI_SERVICES   **PeiServices,
+  IN EFI_PEI_NOTIFY_DESCRIPTOR  *NotifyDescriptor,
+  IN VOID   *Ppi
+  );
+
+EFI_PEI_NOTIFY_DESCRIPTOR  mPostMemNotifyList = {
+  (EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK | 
EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST),
+  ,
+  BuildVariableRuntimeCacheInfoHob
+};
+
 /**
   Provide the functionality of the variable services.
 
@@ -41,6 +66,10 @@ PeimInitializeVariableServices (
   IN CONST EFI_PEI_SERVICES **PeiServices
   )
 {
+  if (FeaturePcdGet (PcdEnableVariableRuntimeCache)) {
+PeiServicesNotifyPpi ();
+  }
+
   return PeiServicesInstallPpi ();
 }
 
@@ -1250,3 +1279,270 @@ PeiGetNextVariableName (
 }
   }
 }
+
+/**
+  Calculate the auth variable storage size converted from normal variable 
storage.
+
+  @param[in]  StoreInfo Pointer to the store info
+  @param[in]  NormalHobVarStorage  Pointer to the normal variable storage 
header
+
+  @retval the auth variable storage size
+**/
+UINTN
+CalculateAuthVarStorageSize (
+  IN  VARIABLE_STORE_INFO*StoreInfo,
+  IN  VARIABLE_STORE_HEADER  *NormalHobVarStorage
+  )
+{
+  VARIABLE_HEADER  *StartPtr;
+  VARIABLE_HEADER  *EndPtr;
+  UINTNAuthVarStroageSize;
+
+  AuthVarStroageSize = sizeof (VARIABLE_STORE_HEADER);
+
+  //
+  // Calculate Auth Variable Storage Size
+  //
+  StartPtr = GetStartPointer (NormalHobVarStorage);
+  EndPtr   = GetEndPointer (NormalHobVarStorage);
+  while (StartPtr < EndPtr) {
+if (StartPtr->State == VAR_ADDED) {
+  AuthVarStroageSize  = HEADER_ALIGN (AuthVarStroageSize);
+  AuthVarStroageSize += sizeof (AUTHENTICATED_VARIABLE_HEADER);
+  AuthVarStroageSize += StartPtr->NameSize + GET_PAD_SIZE 
(StartPtr->NameSize);
+  AuthVarStroageSize += StartPtr->DataSize + GET_PAD_SIZE 
(StartPtr->DataSize);
+}
+
+StartPtr = GetNextVariablePtr (StoreInfo, StartPtr, StartPtr);
+  }
+
+  return AuthVarStroageSize;
+}
+
+/**
+  Calculate Hob variable cache size.
+
+  @param[in]  NvAuthFlag   If the NV variable store is Auth.
+
+  @retval Maximum of Nv variable cache size.
+
+**/
+UINTN
+CalculateHobVariableCacheSize (
+  IN BOOLEAN  NvAuthFlag
+  )
+{
+  VARIABLE_STORE_INFOStoreInfo;
+  VARIABLE_STORE_HEADER  *VariableStoreHeader;
+
+  VariableStoreHeader = NULL;
+  GetHobVariableStore (, );
+
+  if (VariableStoreHeader == NULL) {
+return 0;
+  }
+
+  if (NvAuthFlag == StoreInfo.AuthFlag) {
+return VariableStoreHeader->Size;
+  } else {
+//
+// Normal NV variable store + Auth HOB variable store is not supported
+//
+ASSERT (NvAuthFlag && (!StoreInfo.AuthFlag));
+
+//
+// Need to calculate auth variable storage size converted from normal 
variable storage
+//
+

[edk2-devel] [PATCH 3/9] EmulatorPkg: Add MmUnblockMemoryLib in DSC

[duntan]

Add MmUnblockMemoryLib in EmulatorPkg.dsc.
This lib will be required by VariablePei in
following commits.

Signed-off-by: Dun Tan 
Cc: Andrew Fish 
Cc: Ray Ni 
---
 EmulatorPkg/EmulatorPkg.dsc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/EmulatorPkg/EmulatorPkg.dsc b/EmulatorPkg/EmulatorPkg.dsc
index 5fa1ed345a..0e15dafb5c 100644
--- a/EmulatorPkg/EmulatorPkg.dsc
+++ b/EmulatorPkg/EmulatorPkg.dsc
@@ -127,6 +127,7 @@
   ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf
   FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf
   
ImagePropertiesRecordLib|MdeModulePkg/Library/ImagePropertiesRecordLib/ImagePropertiesRecordLib.inf
+  
MmUnblockMemoryLib|MdePkg/Library/MmUnblockMemoryLib/MmUnblockMemoryLibNull.inf
 
 !if $(SECURE_BOOT_ENABLE) == TRUE
   RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
-- 
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119020): https://edk2.groups.io/g/devel/message/119020
Mute This Topic: https://groups.io/mt/106150799/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH 4/9] OvmfPkg: Add MmUnblockMemoryLib in DSC

[duntan]

Add MmUnblockMemoryLib in OvmfPkgIa32X64.dsc.
This lib will be required by VariablePei in
following commits.

Signed-off-by: Dun Tan 
Cc: Ray Ni 
Cc: Ard Biesheuvel 
Cc: Jiewen Yao 
Cc: Gerd Hoffmann 
---
 OvmfPkg/OvmfPkgIa32X64.dsc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index d27a4c7278..cc03104aac 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -233,7 +233,7 @@
   
VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf
   
VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
   
VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf
-
+  
MmUnblockMemoryLib|MdePkg/Library/MmUnblockMemoryLib/MmUnblockMemoryLibNull.inf
 
   #
   # Network libraries
-- 
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119021): https://edk2.groups.io/g/devel/message/119021
Mute This Topic: https://groups.io/mt/106150800/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH 2/9] ArmVirtPkg: Add MmUnblockMemoryLib in DSC

[duntan]

Add MmUnblockMemoryLib in ArmVirtCloudHv.dsc.
This lib will be required by VariablePei in
following commits.

Signed-off-by: Dun Tan 
Cc: Ray Ni 
Cc: Ard Biesheuvel 
Cc: Leif Lindholm 
Cc: Sami Mujawar 
Cc: Gerd Hoffmann 
---
 ArmVirtPkg/ArmVirtCloudHv.dsc | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/ArmVirtPkg/ArmVirtCloudHv.dsc b/ArmVirtPkg/ArmVirtCloudHv.dsc
index 5cb2a609b1..a8ede49ef9 100644
--- a/ArmVirtPkg/ArmVirtCloudHv.dsc
+++ b/ArmVirtPkg/ArmVirtCloudHv.dsc
@@ -57,6 +57,8 @@
   
TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
   
TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.inf
 
+  
MmUnblockMemoryLib|MdePkg/Library/MmUnblockMemoryLib/MmUnblockMemoryLibNull.inf
+
 !include MdePkg/MdeLibs.dsc.inc
 
 [LibraryClasses.common.PEIM]
-- 
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119019): https://edk2.groups.io/g/devel/message/119019
Mute This Topic: https://groups.io/mt/106150798/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH 1/9] MdeModulePkg:Add new gEdkiiVariableRuntimeCacheInfoHobGuid

[duntan]

This commit defines VARIABLE_RUNTIME_CACHE_INFO HOB.
The HOB is used to store the address and size of the
buffer that will be used for variable runtime service
when the PcdEnableVariableRuntimeCache is TRUE.

In following patches, when PcdEnableVariableRuntimeCache
is TRUE, VariablePei module will install a callback of
gEfiPeiMemoryDiscoveredPpiGuid to allocate needed buffer
for different type cache, unblock the buffer and build HOB.
Then VariableSmmRuntimeDxe driver will consume the
gEdkiiVariableRuntimeCacheInfoHobGuid to initialize the
variable runtime cache related content.

Signed-off-by: Dun Tan 
Cc: Ray Ni 
Cc: Liming Gao 
Cc: Jiaxin Wu 
---
 MdeModulePkg/Include/Guid/VariableRuntimeCacheInfo.h | 65 
+
 MdeModulePkg/MdeModulePkg.dec|  3 +++
 2 files changed, 68 insertions(+)

diff --git a/MdeModulePkg/Include/Guid/VariableRuntimeCacheInfo.h 
b/MdeModulePkg/Include/Guid/VariableRuntimeCacheInfo.h
new file mode 100644
index 00..c2a8b77945
--- /dev/null
+++ b/MdeModulePkg/Include/Guid/VariableRuntimeCacheInfo.h
@@ -0,0 +1,65 @@
+/** @file
+  This Variable Runtime Cache Info HOB is used to store the address
+  and the size of the buffer that will be used for variable runtime
+  service when the PcdEnableVariableRuntimeCache is TRUE.
+
+  Copyright (c) 2024, Intel Corporation. All rights reserved.
+
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef VARIABLE_RUNTIME_CACHE_INFO_H_
+#define VARIABLE_RUNTIME_CACHE_INFO_H_
+
+#include 
+
+#define VARIABLE_RUNTIME_CACHE_INFO_HOB_REVISION  1
+
+#define VARIABLE_RUNTIME_CACHE_INFO_GUID \
+  { \
+0x0f472f7d, 0x6713, 0x4915, {0x96, 0x14, 0x5d, 0xda, 0x28, 0x40, 0x10, 
0x56}  \
+  }
+
+#pragma pack(1)
+typedef struct {
+  ///
+  /// TRUE indicates GetVariable () or GetNextVariable () is being called.
+  /// When the value is FALSE, the given update (and any other pending updates)
+  /// can be flushed to the runtime cache.
+  ///
+  BOOLEANReadLock;
+  ///
+  /// TRUE indicates there is pending update for the given variable store 
needed
+  /// to be flushed to the runtime cache.
+  ///
+  BOOLEANPendingUpdate;
+  ///
+  /// TRUE indicates all HOB variables have been flushed in flash.
+  ///
+  BOOLEANHobFlushComplete;
+} CACHE_INFO_FLAG;
+
+typedef struct {
+  CACHE_INFO_FLAG*CacheInfoFlag;
+  ///
+  /// Buffer reserved for runtime Hob cache
+  ///
+  UINT64 RuntimeHobCacheBuffer;
+  UINTN  RuntimeHobCachePages;
+  ///
+  /// Buffer reserved for Non-Volatile runtime cache
+  ///
+  UINT64 RuntimeNvCacheBuffer;
+  UINTN  RuntimeNvCachePages;
+  ///
+  /// Buffer reserved for Volatile runtime cache
+  ///
+  UINT64 RuntimeVolatileCacheBuffer;
+  UINTN  RuntimeVolatileCachePages;
+} VARIABLE_RUNTIME_CACHE_INFO;
+#pragma pack()
+
+extern EFI_GUID  gEdkiiVariableRuntimeCacheInfoHobGuid;
+
+#endif
diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec
index f7339f0aec..1bf5e31b7c 100644
--- a/MdeModulePkg/MdeModulePkg.dec
+++ b/MdeModulePkg/MdeModulePkg.dec
@@ -465,6 +465,9 @@
   gEdk2JedecSfdpSpiDxeDriverGuid  = { 0xBE71701E, 0xB63C, 0x4574, { 0x9C, 
0x5C, 0x36, 0x29, 0xE8, 0xEA, 0xC4, 0x14 }}
   gEdk2JedecSfdpSpiSmmDriverGuid  = { 0x95A1E915, 0x195C, 0x477C, { 0x92, 
0x6F, 0x7E, 0x24, 0x67, 0xC1, 0xB3, 0x1F }}
 
+  ## Include/Guid/VariableRuntimeCacheInfo.h
+  gEdkiiVariableRuntimeCacheInfoHobGuid = { 0x0f472f7d, 0x6713, 0x4915, { 
0x96, 0x14, 0x5d, 0xda, 0x28, 0x40, 0x10, 0x56 }}
+
 [Ppis]
   ## Include/Ppi/FirmwareVolumeShadowPpi.h
   gEdkiiPeiFirmwareVolumeShadowPpiGuid = { 0x7dfe756c, 0xed8d, 0x4d77, {0x9e, 
0xc4, 0x39, 0x9a, 0x8a, 0x81, 0x51, 0x16 } }
-- 
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119018): https://edk2.groups.io/g/devel/message/119018
Mute This Topic: https://groups.io/mt/106150797/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH 0/9] Allocate and unblock variable runtime cache buffer in PEI

[duntan]

This patch set defines a new VARIABLE_RUNTIME_CACHE_INFO HOB. The HOB is used 
to store the address and size of the buffer that will be used for variable 
runtime service when the PcdEnableVariableRuntimeCache is TRUE.
In following patches, when PcdEnableVariableRuntimeCache is TRUE, VariablePei 
will install a callback of gEfiPeiMemoryDiscoveredPpiGuid to allocate the 
needed buffer for different type variable runtime cache and build the HOB.
Then VariableSmmRuntimeDxe driver will consume 
gEdkiiVariableRuntimeCacheInfoHobGuid to initialize the variable runtime cache 
related content. The code to allocate and unblock the runtime cache buffer in 
VariableSmmRuntimeDxe is also removed in this patc set.

PR for review: https://github.com/tianocore/edk2/pull/5607

Cc: Ray Ni 
Cc: Liming Gao 
Cc: Jiaxin Wu 
Cc: Ard Biesheuvel 
Cc: Leif Lindholm 
Cc: Sami Mujawar 
Cc: Gerd Hoffmann 
Cc: Andrew Fish 
Cc: Jiewen Yao 

Dun Tan (9):
  MdeModulePkg:Add new gEdkiiVariableRuntimeCacheInfoHobGuid
  ArmVirtPkg: Add MmUnblockMemoryLib in DSC
  EmulatorPkg: Add MmUnblockMemoryLib in DSC
  OvmfPkg: Add MmUnblockMemoryLib in DSC
  MdeModulePkg:Create gEdkiiVariableRuntimeCacheInfoHobGuid
  MdeModulePkg:Remove unnecessary global variable
  MdeModulePkg:Consume gEdkiiVariableRuntimeCacheInfoHobGuid
  MdeModulePkg: Refine InitVariableCache()
  MdeModulePkg:Add global variable mVariableRtCacheInfo

 ArmVirtPkg/ArmVirtCloudHv.dsc|   2 ++
 EmulatorPkg/EmulatorPkg.dsc  |   1 +
 MdeModulePkg/Include/Guid/VariableRuntimeCacheInfo.h |  65 
+
 MdeModulePkg/MdeModulePkg.dec|   3 +++
 MdeModulePkg/Universal/Variable/Pei/Variable.c   | 298 
+-
 MdeModulePkg/Universal/Variable/Pei/Variable.h   |   3 +++
 MdeModulePkg/Universal/Variable/Pei/VariablePei.inf  |   8 
+++-
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c   | 293 
-
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf |   5 
+++--
 OvmfPkg/OvmfPkgIa32X64.dsc   |   2 +-
 10 files changed, 506 insertions(+), 174 deletions(-)
 create mode 100644 MdeModulePkg/Include/Guid/VariableRuntimeCacheInfo.h

-- 
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119017): https://edk2.groups.io/g/devel/message/119017
Mute This Topic: https://groups.io/mt/106150796/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] 回复: [edk2-devel] [PATCH v2 03/13] OvmfPkg:PlatformCI: Support virtio-rng-pci

[Gerd Hoffmann]

On Fri, May 17, 2024 at 09:27:53AM GMT, Ard Biesheuvel wrote:
> On Fri, 17 May 2024 at 05:27, Doug Flick via groups.io
>  wrote:
> >
> > On ARM, we can actually do better than this: I have taken Doug's v2 and 
> > applied some changes on top to make it work with ArmVirtQemu.
> >
> > https://github.com/ardbiesheuvel/edk2/tree/doug-v2
> >
> > Ard, would you be comfortable with this patch series if I take the commits 
> > you're suggesting? I'm being asked to see what it would take to get these 
> > commits in for this release.
> 
> I won't object to that, but I'd like Gerd's take as well, given that a
> similar concern appears to apply to OVMF/x86 IIUC.

I think including RngDxe in OvmfPkg is not an option.  That would
be a silent regression on the random number quality delivered by
EFI_RNG_PROTOCOL because OvmfPkg uses BaseRngLibTimerLib.

Switching to BaseRngLib is an easy way out for physical platforms
with a sufficient recent processor.  OVMF can not assume the rdrand
instruction is available, so that is not possible.

So short-term (i.e. 2024-05 stable tag) the only option I see is
depending on virtio-rng.  Which is a regression too (network booting
without '-device virtio-rng-pci' breaks), but it is an obvious failure
with an easy fix.  Not an ideal solution, but much better than a
regression which can easily go unnoticed.

Longer term it probably makes sense to have a EFI_RNG_PROTOCOL driver
using the rdrand instruction and runtime detection whenever the
instruction is available or not.  Either by adapting RngDxe accordingly,
or by having an OVMF-specific driver handling the runtime detection.

take care,
  Gerd



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119016): https://edk2.groups.io/g/devel/message/119016
Mute This Topic: https://groups.io/mt/106013302/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [Patch V2 18/18] UefiCpuPkg: Remove GetAcpiCpuData() in CpuS3.c

[duntan]

Remove GetAcpiCpuData() in CpuS3.c. The mAcpiCpuData
is not needed in S3 boot anymore.

Signed-off-by: Dun Tan 
Reviewed-by: Ray Ni 
Cc: Rahul Kumar 
Cc: Gerd Hoffmann 
Cc: Jiaxin Wu 
---
 UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c  | 243 
+--
 UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c |   8 +++-
 UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h |  26 +-
 3 files changed, 5 insertions(+), 272 deletions(-)

diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c 
b/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c
index 4f69326fdf..c37a2d4d1b 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c
@@ -9,22 +9,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #include "PiSmmCpuDxeSmm.h"
 #include 
 
-//
-// Flags used when program the register.
-//
-typedef struct {
-  volatile UINTN MemoryMappedLock;  // Spinlock used to 
program mmio
-  volatile UINT32*CoreSemaphoreCount;   // Semaphore container 
used to program
-// core level semaphore.
-  volatile UINT32*PackageSemaphoreCount;// Semaphore container 
used to program
-// package level semaphore.
-} PROGRAM_CPU_REGISTER_FLAGS;
-
-#define LEGACY_REGION_SIZE  (2 * 0x1000)
-#define LEGACY_REGION_BASE  (0xA - LEGACY_REGION_SIZE)
-
-ACPI_CPU_DATA  mAcpiCpuData;
-BOOLEANmRestoreSmmConfigurationInS3 = FALSE;
+BOOLEAN  mRestoreSmmConfigurationInS3 = FALSE;
 
 //
 // S3 boot flag
@@ -266,232 +251,6 @@ InitSmmS3ResumeState (
   }
 }
 
-/**
-  Copy register table from non-SMRAM into SMRAM.
-
-  @param[in] DestinationRegisterTableList  Points to destination register 
table.
-  @param[in] SourceRegisterTableList   Points to source register table.
-  @param[in] NumberOfCpus  Number of CPUs.
-
-**/
-VOID
-CopyRegisterTable (
-  IN CPU_REGISTER_TABLE  *DestinationRegisterTableList,
-  IN CPU_REGISTER_TABLE  *SourceRegisterTableList,
-  IN UINT32  NumberOfCpus
-  )
-{
-  UINTN Index;
-  CPU_REGISTER_TABLE_ENTRY  *RegisterTableEntry;
-
-  CopyMem (DestinationRegisterTableList, SourceRegisterTableList, NumberOfCpus 
* sizeof (CPU_REGISTER_TABLE));
-  for (Index = 0; Index < NumberOfCpus; Index++) {
-if (DestinationRegisterTableList[Index].TableLength != 0) {
-  DestinationRegisterTableList[Index].AllocatedSize = 
DestinationRegisterTableList[Index].TableLength * sizeof 
(CPU_REGISTER_TABLE_ENTRY);
-  RegisterTableEntry= AllocateCopyPool (
-
DestinationRegisterTableList[Index].AllocatedSize,
-(VOID 
*)(UINTN)SourceRegisterTableList[Index].RegisterTableEntry
-);
-  ASSERT (RegisterTableEntry != NULL);
-  DestinationRegisterTableList[Index].RegisterTableEntry = 
(EFI_PHYSICAL_ADDRESS)(UINTN)RegisterTableEntry;
-}
-  }
-}
-
-/**
-  Check whether the register table is empty or not.
-
-  @param[in] RegisterTable  Point to the register table.
-  @param[in] NumberOfCpus   Number of CPUs.
-
-  @retval TRUE  The register table is empty.
-  @retval FALSE The register table is not empty.
-**/
-BOOLEAN
-IsRegisterTableEmpty (
-  IN CPU_REGISTER_TABLE  *RegisterTable,
-  IN UINT32  NumberOfCpus
-  )
-{
-  UINTN  Index;
-
-  if (RegisterTable != NULL) {
-for (Index = 0; Index < NumberOfCpus; Index++) {
-  if (RegisterTable[Index].TableLength != 0) {
-return FALSE;
-  }
-}
-  }
-
-  return TRUE;
-}
-
-/**
-  Copy the data used to initialize processor register into SMRAM.
-
-  @param[in,out]  CpuFeatureInitDataDst   Pointer to the destination 
CPU_FEATURE_INIT_DATA structure.
-  @param[in]  CpuFeatureInitDataSrc   Pointer to the source 
CPU_FEATURE_INIT_DATA structure.
-
-**/
-VOID
-CopyCpuFeatureInitDatatoSmram (
-  IN OUT CPU_FEATURE_INIT_DATA  *CpuFeatureInitDataDst,
-  IN CPU_FEATURE_INIT_DATA  *CpuFeatureInitDataSrc
-  )
-{
-  CPU_STATUS_INFORMATION  *CpuStatus;
-
-  if (!IsRegisterTableEmpty ((CPU_REGISTER_TABLE 
*)(UINTN)CpuFeatureInitDataSrc->PreSmmInitRegisterTable, 
mAcpiCpuData.NumberOfCpus)) {
-CpuFeatureInitDataDst->PreSmmInitRegisterTable = 
(EFI_PHYSICAL_ADDRESS)(UINTN)AllocatePool (mAcpiCpuData.NumberOfCpus * sizeof 
(CPU_REGISTER_TABLE));
-ASSERT (CpuFeatureInitDataDst->PreSmmInitRegisterTable != 0);
-
-CopyRegisterTable (
-  (CPU_REGISTER_TABLE 
*)(UINTN)CpuFeatureInitDataDst->PreSmmInitRegisterTable,
-  (CPU_REGISTER_TABLE 
*)(UINTN)CpuFeatureInitDataSrc->PreSmmInitRegisterTable,
-  

[edk2-devel] [Patch V2 16/18] UefiCpuPkg: Remove unneeded MpService2Ppi assignment

[duntan]

Remove the unneeded assignment of MpService2Ppi field
in SmmS3ResumeState. Previously, when the execution
combination of PEI and DXE are the same, the pointer
of mpservice ppi will be passed to CpuS3.c in smm cpu
driver to wakeup all APs, instead of init-sipi-sipi.
Currently, CpuS3.c doesn't need to wakeup Aps anymore.
So remove the duplicated mpservice locate and assignment
to MpService2Ppi field in SmmS3ResumeState.

Signed-off-by: Dun Tan 
Reviewed-by: Ray Ni 
Cc: Rahul Kumar 
Cc: Gerd Hoffmann 
Cc: Jiaxin Wu 
---
 UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume.c | 14 --
 1 file changed, 14 deletions(-)

diff --git a/UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume.c 
b/UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume.c
index e6dfa09c71..3e64a115bf 100644
--- a/UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume.c
+++ b/UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume.c
@@ -1152,7 +1152,6 @@ S3RestoreConfig2 (
 SmmS3ResumeState->ReturnContext1 = 
(EFI_PHYSICAL_ADDRESS)(UINTN)AcpiS3Context;
 SmmS3ResumeState->ReturnContext2 = 
(EFI_PHYSICAL_ADDRESS)(UINTN)EfiBootScriptExecutorVariable;
 SmmS3ResumeState->ReturnStackPointer = 
(EFI_PHYSICAL_ADDRESS)STACK_ALIGN_DOWN ();
-SmmS3ResumeState->MpService2Ppi  = 0;
 
 DEBUG ((DEBUG_INFO, "SMM S3 Signature= %x\n", 
SmmS3ResumeState->Signature));
 DEBUG ((DEBUG_INFO, "SMM S3 Stack Base   = %x\n", 
SmmS3ResumeState->SmmS3StackBase));
@@ -1181,19 +1180,6 @@ S3RestoreConfig2 (
 if (((SmmS3ResumeState->Signature == SMM_S3_RESUME_SMM_32) && (sizeof 
(UINTN) == sizeof (UINT32))) ||
 ((SmmS3ResumeState->Signature == SMM_S3_RESUME_SMM_64) && (sizeof 
(UINTN) == sizeof (UINT64
 {
-  //
-  // Get MP Services2 Ppi to pass it to Smm S3.
-  //
-  Status = PeiServicesLocatePpi (
- ,
- 0,
- NULL,
- (VOID **)
- );
-  ASSERT_EFI_ERROR (Status);
-  SmmS3ResumeState->MpService2Ppi = 
(EFI_PHYSICAL_ADDRESS)(UINTN)MpService2Ppi;
-  DEBUG ((DEBUG_INFO, "SMM S3 MpService2Ppi Point = %lx\n", 
SmmS3ResumeState->MpService2Ppi));
-
   SwitchStack (
 
(SWITCH_STACK_ENTRY_POINT)(UINTN)SmmS3ResumeState->SmmS3ResumeEntryPoint,
 (VOID *)AcpiS3Context,
-- 
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119014): https://edk2.groups.io/g/devel/message/119014
Mute This Topic: https://groups.io/mt/106150779/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [Patch V2 17/18] MdeModulePkg:Remove MpService2Ppi field in SMM_S3_RESUME_STATE

[duntan]

This MpService2Ppi field in SMM_S3_RESUME_STATE is used to
wakeup AP to do the CPU initialization during smm s3 boot when
the execution mode of PEI and DXE are the same.
Currently, in CpuS3.c of smm cpu driver, BSP doesn't need to
wakeup AP anymore. The initialization for AP will be done in
S3Resume.c before transfer to CpuS3.c of smm cpu driver.
So we can remove the MpService2Ppi field in SMM_S3_RESUME_STATE.

Signed-off-by: Dun Tan 
Reviewed-by: Ray Ni 
Cc: Jian J Wang 
Cc: Liming Gao 
---
 MdeModulePkg/Include/Guid/AcpiS3Context.h | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/MdeModulePkg/Include/Guid/AcpiS3Context.h 
b/MdeModulePkg/Include/Guid/AcpiS3Context.h
index 72d173c4fd..6c7237727e 100644
--- a/MdeModulePkg/Include/Guid/AcpiS3Context.h
+++ b/MdeModulePkg/Include/Guid/AcpiS3Context.h
@@ -1,7 +1,7 @@
 /** @file
   Definitions for data structures used in S3 resume.
 
-Copyright (c) 2011 - 2023, Intel Corporation. All rights reserved.
+Copyright (c) 2011 - 2024, Intel Corporation. All rights reserved.
 
 SPDX-License-Identifier: BSD-2-Clause-Patent
 
@@ -30,7 +30,6 @@ typedef struct {
   EFI_PHYSICAL_ADDRESSReturnContext1;
   EFI_PHYSICAL_ADDRESSReturnContext2;
   EFI_PHYSICAL_ADDRESSReturnStackPointer;
-  EFI_PHYSICAL_ADDRESSMpService2Ppi;
   EFI_PHYSICAL_ADDRESSSmst;
 } SMM_S3_RESUME_STATE;
 
-- 
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119013): https://edk2.groups.io/g/devel/message/119013
Mute This Topic: https://groups.io/mt/106150778/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [Patch V2 15/18] UefiCpuPkg:Remove code to wakeup AP and relocate ap

[duntan]

After the code to load mtrr setting, set register table,
handle APIC setting and Interrupt after INIT-SIPI-SIPI
is moved, the InitializeCpuProcedure() only contains
following code logic:
1.Bsp runs ExecuteFirstSmiInit().
2.Bsp transfers AP to safe hlt-loop

During S3 boot, since APs will be relocated to new safe
buffer by the callback of gEdkiiEndOfS3ResumeGuid in
PeiMpLib, Bsp doesn't need to transfer AP to safe hlt-loop
any more. SmmRestoreCpu() in CpuS3 only needs to runs the
ExecuteFirstSmiInit() on BSP. So remove code to wakeup
AP by INIT-SIPI-SIPI and remove code to relocate ap to
safe hlt-loop.

Signed-off-by: Dun Tan 
Reviewed-by: Ray Ni 
Cc: Rahul Kumar 
Cc: Gerd Hoffmann 
Cc: Jiaxin Wu 
---
 UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c | 292 
+---
 UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/MpFuncs.nasm   | 153 
-
 UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmFuncsArch.c |  29 
+
 UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf  |   5 +
 UefiCpuPkg/PiSmmCpuDxeSmm/X64/MpFuncs.nasm| 189 
-
 UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c  |  30 
+-
 6 files changed, 12 insertions(+), 686 deletions(-)

diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c 
b/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c
index 89223e1726..4f69326fdf 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c
@@ -8,30 +8,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 
 #include "PiSmmCpuDxeSmm.h"
 #include 
-#include 
-
-#pragma pack(1)
-typedef struct {
-  UINTN  Lock;
-  VOID   *StackStart;
-  UINTN  StackSize;
-  VOID   *ApFunction;
-  IA32_DESCRIPTORGdtrProfile;
-  IA32_DESCRIPTORIdtrProfile;
-  UINT32 BufferStart;
-  UINT32 Cr3;
-  UINTN  InitializeFloatingPointUnitsAddress;
-} MP_CPU_EXCHANGE_INFO;
-#pragma pack()
-
-typedef struct {
-  UINT8*RendezvousFunnelAddress;
-  UINTNPModeEntryOffset;
-  UINTNFlatJumpOffset;
-  UINTNSize;
-  UINTNLModeEntryOffset;
-  UINTNLongJumpOffset;
-} MP_ASSEMBLY_ADDRESS_MAP;
 
 //
 // Flags used when program the register.
@@ -44,31 +20,11 @@ typedef struct {
 // package level semaphore.
 } PROGRAM_CPU_REGISTER_FLAGS;
 
-//
-// Signal that SMM BASE relocation is complete.
-//
-volatile BOOLEAN  mInitApsAfterSmmBaseReloc;
-
-/**
-  Get starting address and size of the rendezvous entry for APs.
-  Information for fixing a jump instruction in the code is also returned.
-
-  @param AddressMap  Output buffer for address map information.
-**/
-VOID *
-EFIAPI
-AsmGetAddressMap (
-  MP_ASSEMBLY_ADDRESS_MAP  *AddressMap
-  );
-
 #define LEGACY_REGION_SIZE  (2 * 0x1000)
 #define LEGACY_REGION_BASE  (0xA - LEGACY_REGION_SIZE)
 
-PROGRAM_CPU_REGISTER_FLAGS  mCpuFlags;
-ACPI_CPU_DATA   mAcpiCpuData;
-volatile UINT32 mNumberToFinish;
-MP_CPU_EXCHANGE_INFO*mExchangeInfo;
-BOOLEAN mRestoreSmmConfigurationInS3 = FALSE;
+ACPI_CPU_DATA  mAcpiCpuData;
+BOOLEANmRestoreSmmConfigurationInS3 = FALSE;
 
 //
 // S3 boot flag
@@ -82,191 +38,6 @@ SMM_S3_RESUME_STATE  *mSmmS3ResumeState = NULL;
 
 BOOLEAN  mAcpiS3Enable = TRUE;
 
-UINT8  *mApHltLoopCode  = NULL;
-UINT8  mApHltLoopCodeTemplate[] = {
-  0x8B, 0x44, 0x24, 0x04, // mov  eax, dword ptr [esp+4]
-  0xF0, 0xFF, 0x08,   // lock dec  dword ptr [eax]
-  0xFA,   // cli
-  0xF4,   // hlt
-  0xEB, 0xFC  // jmp $-2
-};
-
-/**
-  The function is invoked before SMBASE relocation in S3 path to restores CPU 
status.
-
-  The function is invoked before SMBASE relocation in S3 path. It does first 
time microcode load
-  and restores MTRRs for both BSP and APs.
-
-  @param   IsBsp   The CPU this function executes on is BSP or not.
-
-**/
-VOID
-InitializeCpuBeforeRebase (
-  IN BOOLEAN  IsBsp
-  )
-{
-  //
-  // Count down the number with lock mechanism.
-  //
-  InterlockedDecrement ();
-
-  if (IsBsp) {
-//
-// Bsp wait here till all AP finish the initialization before rebase
-//
-while (mNumberToFinish > 0) {
-  CpuPause ();
-}
-  }
-}
-
-/**
-  The function is invoked after SMBASE relocation in S3 path to restores CPU 
status.
-
-  The function is invoked after SMBASE relocation in S3 path. 

[edk2-devel] [Patch V2 14/18] UefiCpuPkg:Remove code to handle APIC setting and Interrupt

[duntan]

Remove ProgramVirtualWireMode()/DisableLvtInterrupts()
since APs won't be waken by INIT-SIPI-SIPI in CpuS3.c
any more. The two functions has been executed in
MpInitLibInitialize() in PeiMplib.

Signed-off-by: Dun Tan 
Reviewed-by: Ray Ni 
Cc: Rahul Kumar 
Cc: Gerd Hoffmann 
Cc: Jiaxin Wu 
---
 UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c | 5 -
 1 file changed, 5 deletions(-)

diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c 
b/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c
index 0bc4a3572d..89223e1726 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c
@@ -105,11 +105,6 @@ InitializeCpuBeforeRebase (
   IN BOOLEAN  IsBsp
   )
 {
-  ProgramVirtualWireMode ();
-  if (!IsBsp) {
-DisableLvtInterrupts ();
-  }
-
   //
   // Count down the number with lock mechanism.
   //
-- 
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119011): https://edk2.groups.io/g/devel/message/119011
Mute This Topic: https://groups.io/mt/106150774/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [Patch V2 13/18] UefiCpuPkg:Relocate AP to new safe buffer in PeiMpLib

[duntan]

In this commit, change PeiMpLib to install callback
of gEdkiiEndOfS3ResumeGuid to relocate AP to new safe
buffer. The gEdkiiEndOfS3ResumeGuid is installed in
S3Resume.c before jmping to OS waking vector.

Previously, code in CpuS3.c of PiSmmCpuDxe driver will
prepare the new safe buffer for AP and place AP in hlt
loop state. With this code change, we can remove the
Machine Instructions of mApHltLoopCode in PiSmmCpuDxe.
Also we can reuse the related code in DxeMpLib for
PeiMpLib.

Signed-off-by: Dun Tan 
Reviewed-by: Ray Ni 
Cc: Rahul Kumar 
Cc: Gerd Hoffmann 
Cc: Jiaxin Wu 
---
 UefiCpuPkg/Library/MpInitLib/MpLib.h  |   3 +++
 UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf |   6 +-
 UefiCpuPkg/Library/MpInitLib/PeiMpLib.c   | 154 
+-
 3 files changed, 161 insertions(+), 2 deletions(-)

diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.h 
b/UefiCpuPkg/Library/MpInitLib/MpLib.h
index a4a33bf538..cc850c7dd5 100644
--- a/UefiCpuPkg/Library/MpInitLib/MpLib.h
+++ b/UefiCpuPkg/Library/MpInitLib/MpLib.h
@@ -33,6 +33,7 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 
 #include 
@@ -68,6 +69,8 @@
 //
 #define DEFAULT_MAX_MICROCODE_PATCH_NUM  8
 
+#define PAGING_4K_ADDRESS_MASK_64  0x000FF000ull
+
 //
 // Data structure for microcode patch information
 //
diff --git a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf 
b/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
index e31e34b6f9..e4a7485fef 100644
--- a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
+++ b/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
@@ -1,7 +1,7 @@
 ## @file
 #  MP Initialize Library instance for PEI driver.
 #
-#  Copyright (c) 2016 - 2021, Intel Corporation. All rights reserved.
+#  Copyright (c) 2016 - 2024, Intel Corporation. All rights reserved.
 #  Copyright (c) 2024, Loongson Technology Corporation Limited. All rights 
reserved.
 #  SPDX-License-Identifier: BSD-2-Clause-Patent
 #
@@ -25,10 +25,12 @@
 [Sources.IA32]
   Ia32/AmdSev.c
   Ia32/MpFuncs.nasm
+  Ia32/CreatePageTable.c
 
 [Sources.X64]
   X64/AmdSev.c
   X64/MpFuncs.nasm
+  X64/CreatePageTable.c
 
 [Sources.IA32, Sources.X64]
   AmdSev.c
@@ -64,6 +66,7 @@
   LocalApicLib
   MicrocodeLib
   MtrrLib
+  CpuPageTableLib
 
 [Pcd]
   gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase   ## CONSUMES
@@ -87,6 +90,7 @@
   gEdkiiS3SmmInitDoneGuid
   gEdkiiMicrocodePatchHobGuid
   gGhcbApicIdsGuid   ## SOMETIMES_CONSUMES
+  gEdkiiEndOfS3ResumeGuid
 
 [Guids.LoongArch64]
   gProcessorResourceHobGuid  ## SOMETIMES_CONSUMES  ## HOB
diff --git a/UefiCpuPkg/Library/MpInitLib/PeiMpLib.c 
b/UefiCpuPkg/Library/MpInitLib/PeiMpLib.c
index 4d3acb491f..16a858d542 100644
--- a/UefiCpuPkg/Library/MpInitLib/PeiMpLib.c
+++ b/UefiCpuPkg/Library/MpInitLib/PeiMpLib.c
@@ -1,7 +1,7 @@
 /** @file
   MP initialize support functions for PEI phase.
 
-  Copyright (c) 2016 - 2020, Intel Corporation. All rights reserved.
+  Copyright (c) 2016 - 2024, Intel Corporation. All rights reserved.
   SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
@@ -9,6 +9,7 @@
 #include "MpLib.h"
 #include 
 #include 
+#include 
 #include 
 
 STATIC UINT64  mSevEsPeiWakeupBuffer = BASE_1MB;
@@ -449,6 +450,47 @@ BuildMicrocodeCacheHob (
   return;
 }
 
+/**
+  S3 SMM Init Done notification function.
+
+  @param  PeiServices  Indirect reference to the PEI Services Table.
+  @param  NotifyDesc   Address of the notification descriptor data 
structure.
+  @param  InvokePpiAddress of the PPI that was invoked.
+
+  @retval EFI_SUCCESS  The function completes successfully.
+
+**/
+EFI_STATUS
+EFIAPI
+NotifyOnEndOfS3Resume (
+  IN  EFI_PEI_SERVICES   **PeiServices,
+  IN  EFI_PEI_NOTIFY_DESCRIPTOR  *NotifyDesc,
+  IN  VOID   *InvokePpi
+  )
+{
+  CPU_MP_DATA  *CpuMpData;
+
+  CpuMpData   = GetCpuMpData ();
+  mNumberToFinish = CpuMpData->CpuCount - 1;
+  WakeUpAP (CpuMpData, TRUE, 0, RelocateApLoop, NULL, TRUE);
+  while (mNumberToFinish > 0) {
+CpuPause ();
+  }
+
+  DEBUG ((DEBUG_INFO, "%a() done!\n", __func__));
+
+  return EFI_SUCCESS;
+}
+
+//
+// Global function
+//
+EFI_PEI_NOTIFY_DESCRIPTOR  mEndOfS3ResumeNotifyDesc = {
+  EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK | 
EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST,
+  ,
+  NotifyOnEndOfS3Resume
+};
+
 /**
   Initialize global data for MP support.
 
@@ -463,12 +505,16 @@ InitMpGlobalData (
 
   BuildMicrocodeCacheHob (CpuMpData);
   SaveCpuMpData (CpuMpData);
+  PrepareApLoopCode (CpuMpData);
 
   ///
   /// Install Notify
   ///
   Status = PeiServicesNotifyPpi ();
   ASSERT_EFI_ERROR (Status);
+
+  Status = PeiServicesNotifyPpi ();
+  ASSERT_EFI_ERROR (Status);
 }
 
 /**
@@ -815,3 +861,109 @@ PlatformShadowMicrocode (
 
   return EFI_SUCCESS;
 }
+
+/**
+  Allocate buffer for ApLoopCode.
+
+  @param[in]  PagesNumber 

[edk2-devel] [Patch V2 12/18] UefiCpuPkg: Install gEdkiiEndOfS3ResumeGuid in S3Resume

[duntan]

Install gEdkiiEndOfS3ResumeGuid in S3Resume to trigger
callback registered by PeiMpLib. The callback is to
relocate Ap to new safe memory before jump to OS waking
vector in S3 boot flow.

Signed-off-by: Dun Tan 
Reviewed-by: Ray Ni 
Cc: Rahul Kumar 
Cc: Gerd Hoffmann 
Cc: Jiaxin Wu 
---
 UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume.c | 13 +
 1 file changed, 13 insertions(+)

diff --git a/UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume.c 
b/UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume.c
index 078ae2d72d..e6dfa09c71 100644
--- a/UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume.c
+++ b/UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume.c
@@ -260,6 +260,12 @@ EFI_PEI_PPI_DESCRIPTOR  mPpiListS3SmmInitDoneTable = {
   0
 };
 
+EFI_PEI_PPI_DESCRIPTOR  mPpiListEndOfS3ResumeTable = {
+  (EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST),
+  ,
+  0
+};
+
 //
 // Global Descriptor Table (GDT)
 //
@@ -490,6 +496,13 @@ S3ResumeBootOs (
   PERF_INMODULE_BEGIN ("EndOfS3Resume");
 
   DEBUG ((DEBUG_INFO, "Signal EndOfS3Resume\n"));
+
+  //
+  // Install EndOfS3Resume.
+  //
+  Status = PeiServicesInstallPpi ();
+  ASSERT_EFI_ERROR (Status);
+
   //
   // Signal EndOfS3Resume to SMM.
   //
-- 
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119009): https://edk2.groups.io/g/devel/message/119009
Mute This Topic: https://groups.io/mt/106150771/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [Patch V2 11/18] UefiCpuPkg:Move some code in DxeMpLib to common place

[duntan]

Move some code in DxeMpLib.C to common MpLib.c.
The related code is to relocate Ap to new safe buffer
before booting into OS. In next commits, these code
also will be used by PeiMpLib. This commit doesn't
change any code functionality.

Signed-off-by: Dun Tan 
Reviewed-by: Ray Ni 
Cc: Rahul Kumar 
Cc: Gerd Hoffmann 
Cc: Jiaxin Wu 
---
 UefiCpuPkg/Library/MpInitLib/DxeMpLib.c | 151 
+--
 UefiCpuPkg/Library/MpInitLib/MpLib.c| 144 
+++-
 UefiCpuPkg/Library/MpInitLib/MpLib.h|  53 
+++--
 3 files changed, 199 insertions(+), 149 deletions(-)

diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c 
b/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c
index 5f0a87c024..f9c5c92c22 100644
--- a/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c
+++ b/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c
@@ -20,15 +20,11 @@
 
 #define  AP_SAFE_STACK_SIZE  128
 
-CPU_MP_DATA *mCpuMpData  = NULL;
-EFI_EVENT   mCheckAllApsEvent= NULL;
-EFI_EVENT   mMpInitExitBootServicesEvent = NULL;
-EFI_EVENT   mLegacyBootEvent = NULL;
-volatile BOOLEANmStopCheckAllApsStatus   = TRUE;
-RELOCATE_AP_LOOP_ENTRY  mReservedApLoop;
-UINTN   mReservedTopOfApStack;
-volatile UINT32 mNumberToFinish = 0;
-UINTN   mApPageTable;
+CPU_MP_DATA   *mCpuMpData  = NULL;
+EFI_EVENT mCheckAllApsEvent= NULL;
+EFI_EVENT mMpInitExitBootServicesEvent = NULL;
+EFI_EVENT mLegacyBootEvent = NULL;
+volatile BOOLEAN  mStopCheckAllApsStatus   = TRUE;
 
 //
 // Begin wakeup buffer allocation below 0x88000
@@ -368,60 +364,6 @@ GetProtectedModeCS (
   return Index * 8;
 }
 
-/**
-  Do sync on APs.
-
-  @param[in, out] Buffer  Pointer to private data buffer.
-**/
-VOID
-EFIAPI
-RelocateApLoop (
-  IN OUT VOID  *Buffer
-  )
-{
-  CPU_MP_DATA  *CpuMpData;
-  BOOLEAN  MwaitSupport;
-  UINTNProcessorNumber;
-  UINTNStackStart;
-
-  MpInitLibWhoAmI ();
-  CpuMpData= GetCpuMpData ();
-  MwaitSupport = IsMwaitSupport ();
-  if (CpuMpData->UseSevEsAPMethod) {
-//
-// 64-bit AMD processors with SEV-ES
-//
-StackStart = CpuMpData->SevEsAPResetStackStart;
-mReservedApLoop.AmdSevEntry (
-  MwaitSupport,
-  CpuMpData->ApTargetCState,
-  CpuMpData->PmCodeSegment,
-  StackStart - ProcessorNumber * AP_SAFE_STACK_SIZE,
-  (UINTN),
-  CpuMpData->Pm16CodeSegment,
-  CpuMpData->SevEsAPBuffer,
-  CpuMpData->WakeupBuffer
-  );
-  } else {
-//
-// Intel processors (32-bit or 64-bit), 32-bit AMD processors, or 64-bit 
AMD processors without SEV-ES
-//
-StackStart = mReservedTopOfApStack;
-mReservedApLoop.GenericEntry (
-  MwaitSupport,
-  CpuMpData->ApTargetCState,
-  StackStart - ProcessorNumber * AP_SAFE_STACK_SIZE,
-  (UINTN),
-  mApPageTable
-  );
-  }
-
-  //
-  // It should never reach here
-  //
-  ASSERT (FALSE);
-}
-
 /**
   Allocate buffer for ApLoopCode.
 
@@ -477,89 +419,6 @@ RemoveNxprotection (
   }
 }
 
-/**
-  Prepare ApLoopCode.
-
-  @param[in] CpuMpData  Pointer to CpuMpData.
-**/
-VOID
-PrepareApLoopCode (
-  IN CPU_MP_DATA  *CpuMpData
-  )
-{
-  EFI_PHYSICAL_ADDRESS Address;
-  MP_ASSEMBLY_ADDRESS_MAP  *AddressMap;
-  UINT8*ApLoopFunc;
-  UINTNApLoopFuncSize;
-  UINTNStackPages;
-  UINTNFuncPages;
-  IA32_CR0 Cr0;
-
-  AddressMap = >AddressMap;
-  if (CpuMpData->UseSevEsAPMethod) {
-//
-// 64-bit AMD processors with SEV-ES
-//
-Address= BASE_4GB - 1;
-ApLoopFunc = AddressMap->RelocateApLoopFuncAddressAmdSev;
-ApLoopFuncSize = AddressMap->RelocateApLoopFuncSizeAmdSev;
-  } else {
-//
-// Intel processors (32-bit or 64-bit), 32-bit AMD processors, or 64-bit 
AMD processors without SEV-ES
-//
-Address= MAX_ADDRESS;
-ApLoopFunc = AddressMap->RelocateApLoopFuncAddressGeneric;
-ApLoopFuncSize = AddressMap->RelocateApLoopFuncSizeGeneric;
-  }
-
-  //
-  // Avoid APs access invalid buffer data which allocated by BootServices,
-  // so we will allocate reserved data for AP loop code. We also need to
-  // allocate this buffer below 4GB due to APs may be transferred to 32bit
-  // protected mode on long mode DXE.
-  // Allocating it in advance 

[edk2-devel] [Patch V2 10/18] UefiCpuPkg:Abstract some DxeMpLib code to function

[duntan]

Abstract some DxeMpLib code to function in this commit.
Some of these internal functions will be moved to common
MpLib.c in following commits. Then PeiMpLib can reuse
the code.

Signed-off-by: Dun Tan 
Reviewed-by: Ray Ni 
Cc: Rahul Kumar 
Cc: Gerd Hoffmann 
Cc: Jiaxin Wu 
---
 UefiCpuPkg/Library/MpInitLib/DxeMpLib.c | 222 
--
 1 file changed, 140 insertions(+), 82 deletions(-)

diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c 
b/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c
index 57ddb86600..5f0a87c024 100644
--- a/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c
+++ b/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c
@@ -1,7 +1,7 @@
 /** @file
   MP initialize support functions for DXE phase.
 
-  Copyright (c) 2016 - 2023, Intel Corporation. All rights reserved.
+  Copyright (c) 2016 - 2024, Intel Corporation. All rights reserved.
   SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
@@ -422,6 +422,144 @@ RelocateApLoop (
   ASSERT (FALSE);
 }
 
+/**
+  Allocate buffer for ApLoopCode.
+
+  @param[in]  PagesNumber of pages to allocate.
+  @param[in, out] Address  Pointer to the allocated buffer.
+**/
+VOID
+AllocateApLoopCodeBuffer (
+  IN UINTN Pages,
+  IN OUT EFI_PHYSICAL_ADDRESS  *Address
+  )
+{
+  EFI_STATUS  Status;
+
+  Status = gBS->AllocatePages (
+  AllocateMaxAddress,
+  EfiReservedMemoryType,
+  Pages,
+  Address
+  );
+  ASSERT_EFI_ERROR (Status);
+}
+
+/**
+  Remove Nx protection for the range specific by BaseAddress and Length.
+
+  The PEI implementation uses CpuPageTableLib to change the attribute.
+  The DXE implementation uses gDS to change the attribute.
+
+  @param[in] BaseAddress  BaseAddress of the range.
+  @param[in] Length   Length of the range.
+**/
+VOID
+RemoveNxprotection (
+  IN EFI_PHYSICAL_ADDRESS  BaseAddress,
+  IN UINTN Length
+  )
+{
+  EFI_STATUS   Status;
+  EFI_GCD_MEMORY_SPACE_DESCRIPTOR  MemDesc;
+
+  //
+  // TODO: Check EFI_MEMORY_XP bit set or not once it's available in DXE GCD
+  //   service.
+  //
+  Status = gDS->GetMemorySpaceDescriptor (BaseAddress, );
+  if (!EFI_ERROR (Status)) {
+gDS->SetMemorySpaceAttributes (
+   BaseAddress,
+   Length,
+   MemDesc.Attributes & (~EFI_MEMORY_XP)
+   );
+  }
+}
+
+/**
+  Prepare ApLoopCode.
+
+  @param[in] CpuMpData  Pointer to CpuMpData.
+**/
+VOID
+PrepareApLoopCode (
+  IN CPU_MP_DATA  *CpuMpData
+  )
+{
+  EFI_PHYSICAL_ADDRESS Address;
+  MP_ASSEMBLY_ADDRESS_MAP  *AddressMap;
+  UINT8*ApLoopFunc;
+  UINTNApLoopFuncSize;
+  UINTNStackPages;
+  UINTNFuncPages;
+  IA32_CR0 Cr0;
+
+  AddressMap = >AddressMap;
+  if (CpuMpData->UseSevEsAPMethod) {
+//
+// 64-bit AMD processors with SEV-ES
+//
+Address= BASE_4GB - 1;
+ApLoopFunc = AddressMap->RelocateApLoopFuncAddressAmdSev;
+ApLoopFuncSize = AddressMap->RelocateApLoopFuncSizeAmdSev;
+  } else {
+//
+// Intel processors (32-bit or 64-bit), 32-bit AMD processors, or 64-bit 
AMD processors without SEV-ES
+//
+Address= MAX_ADDRESS;
+ApLoopFunc = AddressMap->RelocateApLoopFuncAddressGeneric;
+ApLoopFuncSize = AddressMap->RelocateApLoopFuncSizeGeneric;
+  }
+
+  //
+  // Avoid APs access invalid buffer data which allocated by BootServices,
+  // so we will allocate reserved data for AP loop code. We also need to
+  // allocate this buffer below 4GB due to APs may be transferred to 32bit
+  // protected mode on long mode DXE.
+  // Allocating it in advance since memory services are not available in
+  // Exit Boot Services callback function.
+  //
+  // ++ (TopOfApStack)
+  // |  Stack * N |
+  // ++ (stack base, 4k aligned)
+  // |  Padding   |
+  // ++
+  // |  Ap Loop   |
+  // ++ ((low address, 4k-aligned)
+  //
+
+  StackPages = EFI_SIZE_TO_PAGES (CpuMpData->CpuCount * AP_SAFE_STACK_SIZE);
+  FuncPages  = EFI_SIZE_TO_PAGES (ApLoopFuncSize);
+
+  AllocateApLoopCodeBuffer (StackPages + FuncPages, );
+  ASSERT (Address != 0);
+
+  Cr0.UintN = AsmReadCr0 ();
+  if (Cr0.Bits.PG != 0) {
+//
+// Make sure that the buffer memory is executable if NX protection is 
enabled
+// for EfiReservedMemoryType.
+//
+RemoveNxprotection (Address, EFI_PAGES_TO_SIZE (FuncPages));
+  }
+
+  mReservedTopOfApStack = (UINTN)Address + EFI_PAGES_TO_SIZE 
(StackPages+FuncPages);
+  ASSERT ((mReservedTopOfApStack & (UINTN)(CPU_STACK_ALIGNMENT - 1)) == 0);
+  mReservedApLoop.Data = (VOID *)(UINTN)Address;
+  ASSERT (mReservedApLoop.Data != NULL);
+  CopyMem (mReservedApLoop.Data, 

[edk2-devel] [Patch V2 09/18] UefiCpuPkg: Disable PG in IA32 ApLoopCode

[duntan]

Disable paging in IA32 RelocateApLoop assembly
code to fix the issue that the AP page table is
unavailiable after boot OS under IA32 execution mode.

This issue exist in IA32 PEI + IA32 DXE normal boot
(also S3 boot with IA32 PEI after previous three commits
are accepted). In current MpLib code, the IA32 execution
mode code did not create page table in reserved memory
like what X64 code did. If PcdCpuStackGuard is TRUE, the
PG is enabled for AP in current RelocateApLoop assembly
code. And the page table for AP is unavailiable after
boot OS. This might cause potential issue. So disable PG
in IA32 RelocateApLoop.

Signed-off-by: Dun Tan 
Reviewed-by: Ray Ni 
Cc: Rahul Kumar 
Cc: Gerd Hoffmann 
Cc: Jiaxin Wu 
---
 UefiCpuPkg/Library/MpInitLib/Ia32/MpFuncs.nasm | 6 +-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/UefiCpuPkg/Library/MpInitLib/Ia32/MpFuncs.nasm 
b/UefiCpuPkg/Library/MpInitLib/Ia32/MpFuncs.nasm
index d117f09ef5..c0fe631635 100644
--- a/UefiCpuPkg/Library/MpInitLib/Ia32/MpFuncs.nasm
+++ b/UefiCpuPkg/Library/MpInitLib/Ia32/MpFuncs.nasm
@@ -1,5 +1,5 @@
 
;-- 
;
-; Copyright (c) 2015 - 2023, Intel Corporation. All rights reserved.
+; Copyright (c) 2015 - 2024, Intel Corporation. All rights reserved.
 ; SPDX-License-Identifier: BSD-2-Clause-Patent
 ;
 ; Module Name:
@@ -225,6 +225,10 @@ RendezvousFunnelProcEnd:
 ;  specific to SEV-ES support and are not applicable on IA32.
 
;-
 AsmRelocateApLoopGenericStart:
+moveax, cr0
+btreax, 31 ; Clear CR0.PG
+movcr0, eax; Disable paging since the page table might 
be unavailiable
+
 moveax, esp
 movesp, [eax + 12] ; TopOfApStack
 push   dword [eax] ; push return address for stack trace
-- 
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119006): https://edk2.groups.io/g/devel/message/119006
Mute This Topic: https://groups.io/mt/106150767/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [Patch V2 08/18] UefiCpuPkg: Remove code to set register table

[duntan]

Remove code to set register table in CpuS3.c.
In previous commit, PcdCpuFeaturesInitOnS3Resume
has been set to TRUE. So that CpuFeaturesPei PEIM
will initialize the CPU registers and perform CPU
features initialization.

Signed-off-by: Dun Tan 
Reviewed-by: Ray Ni 
Cc: Rahul Kumar 
Cc: Gerd Hoffmann 
Cc: Jiaxin Wu 
---
 UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c | 423 
---
 1 file changed, 423 deletions(-)

diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c 
b/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c
index 75b8c0d3de..0bc4a3572d 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c
@@ -91,425 +91,6 @@ UINT8  mApHltLoopCodeTemplate[] = {
   0xEB, 0xFC  // jmp $-2
 };
 
-/**
-  Increment semaphore by 1.
-
-  @param  SemIN:  32-bit unsigned integer
-
-**/
-VOID
-S3ReleaseSemaphore (
-  IN OUT  volatile UINT32  *Sem
-  )
-{
-  InterlockedIncrement (Sem);
-}
-
-/**
-  Decrement the semaphore by 1 if it is not zero.
-
-  Performs an atomic decrement operation for semaphore.
-  The compare exchange operation must be performed using
-  MP safe mechanisms.
-
-  @param  SemIN:  32-bit unsigned integer
-
-**/
-VOID
-S3WaitForSemaphore (
-  IN OUT  volatile UINT32  *Sem
-  )
-{
-  UINT32  Value;
-
-  do {
-Value = *Sem;
-  } while (Value == 0 ||
-   InterlockedCompareExchange32 (
- Sem,
- Value,
- Value - 1
- ) != Value);
-}
-
-/**
-  Read / write CR value.
-
-  @param[in]  CrIndex The CR index which need to read/write.
-  @param[in]  ReadRead or write. TRUE is read.
-  @param[in,out]  CrValue CR value.
-
-  @retvalEFI_SUCCESS means read/write success, else return EFI_UNSUPPORTED.
-**/
-UINTN
-ReadWriteCr (
-  IN UINT32   CrIndex,
-  IN BOOLEAN  Read,
-  IN OUT UINTN*CrValue
-  )
-{
-  switch (CrIndex) {
-case 0:
-  if (Read) {
-*CrValue = AsmReadCr0 ();
-  } else {
-AsmWriteCr0 (*CrValue);
-  }
-
-  break;
-case 2:
-  if (Read) {
-*CrValue = AsmReadCr2 ();
-  } else {
-AsmWriteCr2 (*CrValue);
-  }
-
-  break;
-case 3:
-  if (Read) {
-*CrValue = AsmReadCr3 ();
-  } else {
-AsmWriteCr3 (*CrValue);
-  }
-
-  break;
-case 4:
-  if (Read) {
-*CrValue = AsmReadCr4 ();
-  } else {
-AsmWriteCr4 (*CrValue);
-  }
-
-  break;
-default:
-  return EFI_UNSUPPORTED;
-  }
-
-  return EFI_SUCCESS;
-}
-
-/**
-  Initialize the CPU registers from a register table.
-
-  @param[in]  RegisterTable The register table for this AP.
-  @param[in]  ApLocationAP location info for this ap.
-  @param[in]  CpuStatus CPU status info for this CPU.
-  @param[in]  CpuFlags  Flags data structure used when program the 
register.
-
-  @note This service could be called by BSP/APs.
-**/
-VOID
-ProgramProcessorRegister (
-  IN CPU_REGISTER_TABLE  *RegisterTable,
-  IN EFI_CPU_PHYSICAL_LOCATION   *ApLocation,
-  IN CPU_STATUS_INFORMATION  *CpuStatus,
-  IN PROGRAM_CPU_REGISTER_FLAGS  *CpuFlags
-  )
-{
-  CPU_REGISTER_TABLE_ENTRY  *RegisterTableEntry;
-  UINTN Index;
-  UINTN Value;
-  CPU_REGISTER_TABLE_ENTRY  *RegisterTableEntryHead;
-  volatile UINT32   *SemaphorePtr;
-  UINT32FirstThread;
-  UINT32CurrentThread;
-  UINT32CurrentCore;
-  UINTN ProcessorIndex;
-  UINT32*ThreadCountPerPackage;
-  UINT8 *ThreadCountPerCore;
-  EFI_STATUSStatus;
-  UINT64CurrentValue;
-
-  //
-  // Traverse Register Table of this logical processor
-  //
-  RegisterTableEntryHead = (CPU_REGISTER_TABLE_ENTRY 
*)(UINTN)RegisterTable->RegisterTableEntry;
-
-  for (Index = 0; Index < RegisterTable->TableLength; Index++) {
-RegisterTableEntry = [Index];
-
-//
-// Check the type of specified register
-//
-switch (RegisterTableEntry->RegisterType) {
-  //
-  // The specified register is Control Register
-  //
-  case ControlRegister:
-Status = ReadWriteCr (RegisterTableEntry->Index, TRUE, );
-if (EFI_ERROR (Status)) {
-  break;
-}
-
-if (RegisterTableEntry->TestThenWrite) {
-  CurrentValue = BitFieldRead64 (
-   Value,
-   RegisterTableEntry->ValidBitStart,
-   

[edk2-devel] [Patch V2 07/18] UefiCpuPkg:Set PcdCpuFeaturesInitOnS3Resume to TRUE

[duntan]

Set PcdCpuFeaturesInitOnS3Resume to TRUE. So that
CpuFeaturesPei PEIM will initialize the CPU registers
and perform CPU features initialization.

Signed-off-by: Dun Tan 
Reviewed-by: Ray Ni 
Cc: Rahul Kumar 
Cc: Gerd Hoffmann 
Cc: Jiaxin Wu 
---
 UefiCpuPkg/UefiCpuPkg.dec | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec
index f86a6d2bcb..73bae90ddb 100644
--- a/UefiCpuPkg/UefiCpuPkg.dec
+++ b/UefiCpuPkg/UefiCpuPkg.dec
@@ -1,7 +1,7 @@
 ## @file  UefiCpuPkg.dec
 # This Package provides UEFI compatible CPU modules and libraries.
 #
-# Copyright (c) 2007 - 2023, Intel Corporation. All rights reserved.
+# Copyright (c) 2007 - 2024, Intel Corporation. All rights reserved.
 # Copyright (C) 2023 - 2024, Advanced Micro Devices, Inc. All rights 
reserved.
 # Copyright (c) 2024, Loongson Technology Corporation Limited. All rights 
reserved.
 #
@@ -310,7 +310,7 @@
 
   ## Specifies if CPU features will be initialized during S3 resume.
   # @Prompt If CPU features will be initialized during S3 resume.
-  
gUefiCpuPkgTokenSpaceGuid.PcdCpuFeaturesInitOnS3Resume|FALSE|BOOLEAN|0x001D
+  
gUefiCpuPkgTokenSpaceGuid.PcdCpuFeaturesInitOnS3Resume|TRUE|BOOLEAN|0x001D
 
   ## Specifies CPUID Leaf 0x15 Time Stamp Counter and Nominal Core Crystal 
Clock Frequency.
   # TSC Frequency = ECX (core crystal clock frequency) * EBX/EAX.
-- 
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119004): https://edk2.groups.io/g/devel/message/119004
Mute This Topic: https://groups.io/mt/106150765/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [Patch V2 06/18] UefiCpuPkg: Remove code to load mtrr setting

[duntan]

Remove code to load mtrr setting in CpuS3.c.
In previous commits, before transferring to
CpuS3.c, MTRR setting has been loaded in
S3RestoreConfig2() for all CPU.

Signed-off-by: Dun Tan 
Reviewed-by: Ray Ni 
Cc: Rahul Kumar 
Cc: Gerd Hoffmann 
Cc: Jiaxin Wu 
---
 UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c | 34 +-
 1 file changed, 1 insertion(+), 33 deletions(-)

diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c 
b/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c
index d67fb49890..75b8c0d3de 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c
@@ -1,7 +1,7 @@
 /** @file
 Code for Processor S3 restoration
 
-Copyright (c) 2006 - 2023, Intel Corporation. All rights reserved.
+Copyright (c) 2006 - 2024, Intel Corporation. All rights reserved.
 SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
@@ -91,36 +91,6 @@ UINT8  mApHltLoopCodeTemplate[] = {
   0xEB, 0xFC  // jmp $-2
 };
 
-/**
-  Sync up the MTRR values for all processors.
-
-  @param MtrrTable  Table holding fixed/variable MTRR values to be loaded.
-**/
-VOID
-EFIAPI
-LoadMtrrData (
-  EFI_PHYSICAL_ADDRESS  MtrrTable
-  )
-
-/*++
-
-Routine Description:
-
-  Sync up the MTRR values for all processors.
-
-Arguments:
-
-Returns:
-None
-
---*/
-{
-  MTRR_SETTINGS  *MtrrSettings;
-
-  MtrrSettings = (MTRR_SETTINGS *)(UINTN)MtrrTable;
-  MtrrSetAllMtrrs (MtrrSettings);
-}
-
 /**
   Increment semaphore by 1.
 
@@ -554,8 +524,6 @@ InitializeCpuBeforeRebase (
   IN BOOLEAN  IsBsp
   )
 {
-  LoadMtrrData (mAcpiCpuData.MtrrTable);
-
   SetRegister (TRUE);
 
   ProgramVirtualWireMode ();
-- 
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119003): https://edk2.groups.io/g/devel/message/119003
Mute This Topic: https://groups.io/mt/106150764/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [Patch V2 04/18] UefiCpuPkg: Save MTRR by lockbox in CpuS3DataDxe

[duntan]

Save MTRR by lockbox in CpuS3DataDxe. In S3 boot,
The MTRR setting will be restored in S3Resume.c
in following patches. Then S3Resume.c will wakeup
all APs to load the MTRR setting. This can avoid
waking up APs in CpuS3.c.

Signed-off-by: Dun Tan 
Reviewed-by: Ray Ni 
Cc: Rahul Kumar 
Cc: Gerd Hoffmann 
Cc: Jiaxin Wu 
---
 UefiCpuPkg/CpuS3DataDxe/CpuS3Data.c  | 13 -
 UefiCpuPkg/CpuS3DataDxe/CpuS3DataDxe.inf |  4 +++-
 2 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/UefiCpuPkg/CpuS3DataDxe/CpuS3Data.c 
b/UefiCpuPkg/CpuS3DataDxe/CpuS3Data.c
index 86ce5303ca..c87f82bc22 100644
--- a/UefiCpuPkg/CpuS3DataDxe/CpuS3Data.c
+++ b/UefiCpuPkg/CpuS3DataDxe/CpuS3Data.c
@@ -9,7 +9,7 @@ number of CPUs reported by the MP Services Protocol, so this 
module does not
 support hot plug CPUs.  This module can be copied into a CPU specific package
 and customized if these additional features are required.
 
-Copyright (c) 2013 - 2021, Intel Corporation. All rights reserved.
+Copyright (c) 2013 - 2024, Intel Corporation. All rights reserved.
 Copyright (c) 2015, Red Hat, Inc.
 
 SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -26,6 +26,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #include 
 #include 
 #include 
+#include 
 
 #include 
 #include 
@@ -130,6 +131,16 @@ CpuS3DataOnEndOfDxe (
   DEBUG ((DEBUG_VERBOSE, "%a\n", __func__));
   MtrrGetAllMtrrs (>MtrrTable);
 
+  //
+  // Save MTRR in lockbox
+  //
+  Status = SaveLockBox (
+ ,
+ >MtrrTable,
+ sizeof (MTRR_SETTINGS)
+ );
+  ASSERT_EFI_ERROR (Status);
+
   //
   // Close event, so it will not be invoked again.
   //
diff --git a/UefiCpuPkg/CpuS3DataDxe/CpuS3DataDxe.inf 
b/UefiCpuPkg/CpuS3DataDxe/CpuS3DataDxe.inf
index 510133a614..c690f7df5b 100644
--- a/UefiCpuPkg/CpuS3DataDxe/CpuS3DataDxe.inf
+++ b/UefiCpuPkg/CpuS3DataDxe/CpuS3DataDxe.inf
@@ -9,7 +9,7 @@
 #  support hot plug CPUs.  This module can be copied into a CPU specific 
package
 #  and customized if these additional features are required.
 #
-#  Copyright (c) 2013-2016, Intel Corporation. All rights reserved.
+#  Copyright (c) 2013-2024, Intel Corporation. All rights reserved.
 #  Copyright (c) 2015, Red Hat, Inc.
 #
 #  SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -46,9 +46,11 @@
   BaseLib
   MtrrLib
   MemoryAllocationLib
+  LockBoxLib
 
 [Guids]
   gEfiEndOfDxeEventGroupGuid ## CONSUMES   ## Event
+  gEdkiiS3MtrrSettingGuid
 
 [Protocols]
   gEfiMpServiceProtocolGuid  ## CONSUMES
-- 
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119001): https://edk2.groups.io/g/devel/message/119001
Mute This Topic: https://groups.io/mt/106150762/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [Patch V2 05/18] UefiCpuPkg: LoadMtrrData for all cpu in S3Resume

[duntan]

In this commit, S3Resume.c wakeup all Aps to run
LoadMtrrData for all cpu before transfer to CpuS3.c
in smm cpu driver. The MtrrSetting table can be restored
by gEdkiiS3MtrrSettingGuid which is saved by lockbox in
PEI phase. This can avoid waking up APs in CpuS3.c.

Signed-off-by: Dun Tan 
Reviewed-by: Ray Ni 
Cc: Rahul Kumar 
Cc: Gerd Hoffmann 
Cc: Jiaxin Wu 
---
 UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume.c   | 51 
++-
 UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume2Pei.inf |  4 +++-
 2 files changed, 53 insertions(+), 2 deletions(-)

diff --git a/UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume.c 
b/UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume.c
index 4cf676fb3e..078ae2d72d 100644
--- a/UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume.c
+++ b/UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume.c
@@ -4,7 +4,7 @@
   This module will execute the boot script saved during last boot and after 
that,
   control is passed to OS waking up handler.
 
-  Copyright (c) 2006 - 2023, Intel Corporation. All rights reserved.
+  Copyright (c) 2006 - 2024, Intel Corporation. All rights reserved.
   Copyright (c) 2017, AMD Incorporated. All rights reserved.
 
   SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -39,6 +39,7 @@
 #include 
 #include 
 #include 
+#include 
 
 #include 
 #include 
@@ -938,6 +939,20 @@ S3ResumeExecuteBootScript (
   CpuDeadLoop ();
 }
 
+/**
+  Sync up the MTRR values for all processors.
+
+  @param[in] MtrrTable  Address of MTRR setting.
+**/
+VOID
+EFIAPI
+LoadMtrrData (
+  IN VOID  *MtrrTable
+  )
+{
+  MtrrSetAllMtrrs (MtrrTable);
+}
+
 /**
   Restores the platform to its preboot configuration for an S3 resume and
   jumps to the OS waking vector.
@@ -990,6 +1005,7 @@ S3RestoreConfig2 (
   BOOLEANInterruptStatus;
   IA32_CR0   Cr0;
   EDKII_PEI_MP_SERVICES2_PPI *MpService2Ppi;
+  MTRR_SETTINGS  MtrrTable;
 
   TempAcpiS3Context = 0;
   TempEfiBootScriptExecutorVariable = 0;
@@ -1082,6 +1098,39 @@ S3RestoreConfig2 (
   Status = SmmAccess->Open ((EFI_PEI_SERVICES 
**)GetPeiServicesTablePointer (), SmmAccess, Index);
 }
 
+//
+// Get MP Services2 Ppi to pass it to Smm S3.
+//
+Status = PeiServicesLocatePpi (
+   ,
+   0,
+   NULL,
+   (VOID **)
+   );
+ASSERT_EFI_ERROR (Status);
+
+//
+// Restore MTRR setting
+//
+VarSize = sizeof (MTRR_SETTINGS);
+Status  = RestoreLockBox (
+,
+,
+
+);
+ASSERT_EFI_ERROR (Status);
+
+//
+// Sync up the MTRR values for all processors.
+//
+Status = MpService2Ppi->StartupAllCPUs (
+  MpService2Ppi,
+  (EFI_AP_PROCEDURE)LoadMtrrData,
+  0,
+  (VOID *)
+  );
+ASSERT_EFI_ERROR (Status);
+
 SmramDescriptor  = (EFI_SMRAM_DESCRIPTOR *)GET_GUID_HOB_DATA (GuidHob);
 SmmS3ResumeState = (SMM_S3_RESUME_STATE *)(UINTN)SmramDescriptor->CpuStart;
 
diff --git a/UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume2Pei.inf 
b/UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume2Pei.inf
index 9c9b6f3db3..54de8bc91f 100644
--- a/UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume2Pei.inf
+++ b/UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume2Pei.inf
@@ -5,7 +5,7 @@
 # This module will excute the boot script saved during last boot and after 
that,
 # control is passed to OS waking up handler.
 #
-# Copyright (c) 2010 - 2023, Intel Corporation. All rights reserved.
+# Copyright (c) 2010 - 2024, Intel Corporation. All rights reserved.
 # Copyright (c) 2017, AMD Incorporated. All rights reserved.
 #
 # SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -67,6 +67,7 @@
   LocalApicLib
   ReportStatusCodeLib
   LockBoxLib
+  MtrrLib
 
 [Guids]
   gEfiBootScriptExecutorVariableGuid## SOMETIMES_CONSUMES ## 
UNDEFINED # LockBox
@@ -79,6 +80,7 @@
   ## SOMETIMES_PRODUCES ## UNDEFINED # Install PPI
   ## SOMETIMES_CONSUMES ## UNDEFINED # Used to do smm communication
   gEdkiiS3SmmInitDoneGuid
+  gEdkiiS3MtrrSettingGuid
 
 [Ppis]
   gEfiPeiS3Resume2PpiGuid   ## PRODUCES
-- 
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119002): https://edk2.groups.io/g/devel/message/119002
Mute This Topic: https://groups.io/mt/106150763/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [Patch V2 03/18] UefiCpuPkg: Add locbox lib instance in DSC

[duntan]

Add locbox lib instance in DSC. The SmmLockBoxDxeLib
will be consumed by CpuS3DataDxe driver

Signed-off-by: Dun Tan 
Reviewed-by: Ray Ni 
Cc: Rahul Kumar 
Cc: Gerd Hoffmann 
Cc: Jiaxin Wu 
---
 UefiCpuPkg/UefiCpuPkg.dsc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/UefiCpuPkg/UefiCpuPkg.dsc b/UefiCpuPkg/UefiCpuPkg.dsc
index 3d49f72588..1b52760e1a 100644
--- a/UefiCpuPkg/UefiCpuPkg.dsc
+++ b/UefiCpuPkg/UefiCpuPkg.dsc
@@ -1,7 +1,7 @@
 ## @file
 #  UefiCpuPkg Package
 #
-#  Copyright (c) 2007 - 2023, Intel Corporation. All rights reserved.
+#  Copyright (c) 2007 - 2024, Intel Corporation. All rights reserved.
 #  Copyright (C) 2023 - 2024, Advanced Micro Devices, Inc. All rights 
reserved.
 #
 #  SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -68,6 +68,7 @@
   UnitTestLib|UnitTestFrameworkPkg/Library/UnitTestLib/UnitTestLib.inf
   
UnitTestPersistenceLib|UnitTestFrameworkPkg/Library/UnitTestPersistenceLibNull/UnitTestPersistenceLibNull.inf
   
UnitTestResultReportLib|UnitTestFrameworkPkg/Library/UnitTestResultReportLib/UnitTestResultReportLibDebugLib.inf
+  LockBoxLib|MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxDxeLib.inf
 
 [LibraryClasses.common.SEC]
   PlatformSecLib|UefiCpuPkg/Library/PlatformSecLibNull/PlatformSecLibNull.inf
-- 
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119000): https://edk2.groups.io/g/devel/message/119000
Mute This Topic: https://groups.io/mt/106150761/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [Patch V2 02/18] OvmfPkg: Save MTRR by lockbox in CpuS3DataDxe

[duntan]

Save MTRR by lockbox in CpuS3DataDxe. In S3 boot,
The MTRR setting will be restored in S3Resume.c
in following patches. Then S3Resume.c will wakeup
all APs to load the MTRR setting. This can avoid
waking up APs in CpuS3.c.

Signed-off-by: Dun Tan 
Cc: Ard Biesheuvel 
Cc: Jiewen Yao 
Cc: Gerd Hoffmann 
Reviewed-by: Ray Ni 
Cc: Jiaxin Wu 
---
 OvmfPkg/CpuS3DataDxe/CpuS3Data.c  | 13 -
 OvmfPkg/CpuS3DataDxe/CpuS3DataDxe.inf |  4 +++-
 2 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/OvmfPkg/CpuS3DataDxe/CpuS3Data.c b/OvmfPkg/CpuS3DataDxe/CpuS3Data.c
index 289048b75d..eacdfa12c3 100644
--- a/OvmfPkg/CpuS3DataDxe/CpuS3Data.c
+++ b/OvmfPkg/CpuS3DataDxe/CpuS3Data.c
@@ -9,7 +9,7 @@ number of CPUs reported by the MP Services Protocol, so this 
module does not
 support hot plug CPUs.  This module can be copied into a CPU specific package
 and customized if these additional features are required.
 
-Copyright (c) 2013 - 2021, Intel Corporation. All rights reserved.
+Copyright (c) 2013 - 2024, Intel Corporation. All rights reserved.
 Copyright (c) 2015 - 2020, Red Hat, Inc.
 
 SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -26,6 +26,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #include 
 #include 
 #include 
+#include 
 
 #include 
 #include 
@@ -130,6 +131,16 @@ CpuS3DataOnEndOfDxe (
   DEBUG ((DEBUG_VERBOSE, "%a\n", __func__));
   MtrrGetAllMtrrs (>MtrrTable);
 
+  //
+  // Save MTRR in lockbox
+  //
+  Status = SaveLockBox (
+ ,
+ >MtrrTable,
+ sizeof (MTRR_SETTINGS)
+ );
+  ASSERT_EFI_ERROR (Status);
+
   //
   // Close event, so it will not be invoked again.
   //
diff --git a/OvmfPkg/CpuS3DataDxe/CpuS3DataDxe.inf 
b/OvmfPkg/CpuS3DataDxe/CpuS3DataDxe.inf
index 228d5ae1b2..5369613f5d 100644
--- a/OvmfPkg/CpuS3DataDxe/CpuS3DataDxe.inf
+++ b/OvmfPkg/CpuS3DataDxe/CpuS3DataDxe.inf
@@ -9,7 +9,7 @@
 #  support hot plug CPUs.  This module can be copied into a CPU specific 
package
 #  and customized if these additional features are required.
 #
-#  Copyright (c) 2013-2016, Intel Corporation. All rights reserved.
+#  Copyright (c) 2013-2024, Intel Corporation. All rights reserved.
 #  Copyright (c) 2015-2020, Red Hat, Inc.
 #
 #  SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -46,9 +46,11 @@
   MtrrLib
   UefiBootServicesTableLib
   UefiDriverEntryPoint
+  LockBoxLib
 
 [Guids]
   gEfiEndOfDxeEventGroupGuid ## CONSUMES   ## Event
+  gEdkiiS3MtrrSettingGuid
 
 [Protocols]
   gEfiMpServiceProtocolGuid  ## CONSUMES
-- 
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118999): https://edk2.groups.io/g/devel/message/118999
Mute This Topic: https://groups.io/mt/106150760/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [Patch V2 01/18] MdeModulePkg: Add gEdkiiS3MtrrSettingGuid

[duntan]

Add gEdkiiS3MtrrSettingGuid a new GUID for s3
MTRR setting. This GUID will be used to save
MTRR_SETTINGS at EndOfDxe by LockBox and restore
at S3 boot PEI phase for s3 usage.

Signed-off-by: Dun Tan 
Reviewed-by: Ray Ni 
Cc: Liming Gao 
Cc: Jiaxin Wu 
---
 MdeModulePkg/MdeModulePkg.dec | 5 -
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec
index f7339f0aec..02f330a453 100644
--- a/MdeModulePkg/MdeModulePkg.dec
+++ b/MdeModulePkg/MdeModulePkg.dec
@@ -4,7 +4,7 @@
 # and libraries instances, which are used for those modules.
 #
 # Copyright (c) 2019, NVIDIA CORPORATION. All rights reserved.
-# Copyright (c) 2007 - 2021, Intel Corporation. All rights reserved.
+# Copyright (c) 2007 - 2024, Intel Corporation. All rights reserved.
 # Copyright (c) 2016, Linaro Ltd. All rights reserved.
 # (C) Copyright 2016 - 2019 Hewlett Packard Enterprise Development LP
 # Copyright (c) 2017, AMD Incorporated. All rights reserved.
@@ -465,6 +465,9 @@
   gEdk2JedecSfdpSpiDxeDriverGuid  = { 0xBE71701E, 0xB63C, 0x4574, { 0x9C, 
0x5C, 0x36, 0x29, 0xE8, 0xEA, 0xC4, 0x14 }}
   gEdk2JedecSfdpSpiSmmDriverGuid  = { 0x95A1E915, 0x195C, 0x477C, { 0x92, 
0x6F, 0x7E, 0x24, 0x67, 0xC1, 0xB3, 0x1F }}
 
+  ## This GUID will be used to save MTRR_SETTINGS at EndOfDxe by LockBox and 
restore at S3 boot PEI phase for s3 usage.
+  gEdkiiS3MtrrSettingGuid = { 0xd77baa84, 0xb332, 0x4463, { 0x9f, 0x1d, 0xce, 
0x81, 0x00, 0xfe, 0x7f, 0x35 }}
+
 [Ppis]
   ## Include/Ppi/FirmwareVolumeShadowPpi.h
   gEdkiiPeiFirmwareVolumeShadowPpiGuid = { 0x7dfe756c, 0xed8d, 0x4d77, {0x9e, 
0xc4, 0x39, 0x9a, 0x8a, 0x81, 0x51, 0x16 } }
-- 
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118998): https://edk2.groups.io/g/devel/message/118998
Mute This Topic: https://groups.io/mt/106150759/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [Patch V2 00/18] Remove some S3 related code in CpuS3.c of smm cpu driver

[duntan]

Comparing to V1 patchs set, the V2 patch set only adjusts the commits ordering 
and modifies copy right year in some files.
This patch set is to remove some S3 related code in CpuS3.c of smm cpu driver. 
It contain commits to:
1) S3 MTRRs operation:
>   MdeModulePkg: Add gEdkiiS3MtrrSettingGuid
>   OvmfPkg: Save MTRR by lockbox in CpuS3DataDxe
>   UefiCpuPkg: Add locbox lib instance in DSC
>   UefiCpuPkg: Save MTRR by lockbox in CpuS3DataDxe
>   UefiCpuPkg: LoadMtrrData for all cpu in S3Resume
>   UefiCpuPkg: Remove code to load mtrr setting

2) AP page table unavailiable issue fix:
>   UefiCpuPkg: Disable PG in IA32 ApLoopCode

3) Register table cleanup:
>   UefiCpuPkg:Set PcdCpuFeaturesInitOnS3Resume to TRUE
>   UefiCpuPkg: Remove code to set register table

4)  S3 ApHltLoopCode Operation:
>   UefiCpuPkg:Abstract some DxeMpLib code to function
>   UefiCpuPkg:Move some code in DxeMpLib to common place
>   UefiCpuPkg: Install gEdkiiEndOfS3ResumeGuid in S3Resume
>   UefiCpuPkg:Relocate AP to new safe buffer in PeiMpLib
>   UefiCpuPkg:Remove code to handle APIC setting and Interrupt
>   UefiCpuPkg:Rremove code to wakeup AP and relocate ap
>   UefiCpuPkg: Remove the duplicated mpservice locate
>   MdeModulePkg: remove MpService2Ppi field in SMM_S3_RESUME_STATE

5)  Remove code to get AcpiCpuData:
>   UefiCpuPkg: Remove GetAcpiCpuData() in CpuS3.c

With this patch set, CpuS3.c in smm CPU driver can be simplified.
The whole patch set has been reviewed-by Ray.
PR for review: https://github.com/tianocore/edk2/pull/5606

Cc: Liming Gao 
Cc: Jiaxin Wu 
Cc: Ray Ni 
Cc: Ard Biesheuvel 
Cc: Jiewen Yao 
Cc: Gerd Hoffmann 
Cc: Rahul Kumar 
Cc: Gerd Hoffmann 

Dun Tan (18):
  MdeModulePkg: Add gEdkiiS3MtrrSettingGuid
  OvmfPkg: Save MTRR by lockbox in CpuS3DataDxe
  UefiCpuPkg: Add locbox lib instance in DSC
  UefiCpuPkg: Save MTRR by lockbox in CpuS3DataDxe
  UefiCpuPkg: LoadMtrrData for all cpu in S3Resume
  UefiCpuPkg: Remove code to load mtrr setting
  UefiCpuPkg:Set PcdCpuFeaturesInitOnS3Resume to TRUE
  UefiCpuPkg: Remove code to set register table
  UefiCpuPkg: Disable PG in IA32 ApLoopCode
  UefiCpuPkg:Abstract some DxeMpLib code to function
  UefiCpuPkg:Move some code in DxeMpLib to common place
  UefiCpuPkg: Install gEdkiiEndOfS3ResumeGuid in S3Resume
  UefiCpuPkg:Relocate AP to new safe buffer in PeiMpLib
  UefiCpuPkg:Remove code to handle APIC setting and Interrupt
  UefiCpuPkg:Remove code to wakeup AP and relocate ap
  UefiCpuPkg: Remove unneeded MpService2Ppi assignment
  MdeModulePkg:Remove MpService2Ppi field in SMM_S3_RESUME_STATE
  UefiCpuPkg: Remove GetAcpiCpuData() in CpuS3.c

 MdeModulePkg/Include/Guid/AcpiS3Context.h   |   3 +--
 MdeModulePkg/MdeModulePkg.dec   |   5 -
 OvmfPkg/CpuS3DataDxe/CpuS3Data.c|  13 -
 OvmfPkg/CpuS3DataDxe/CpuS3DataDxe.inf   |   4 +++-
 UefiCpuPkg/CpuS3DataDxe/CpuS3Data.c |  13 -
 UefiCpuPkg/CpuS3DataDxe/CpuS3DataDxe.inf|   4 +++-
 UefiCpuPkg/Library/MpInitLib/DxeMpLib.c | 183 
-
 UefiCpuPkg/Library/MpInitLib/Ia32/MpFuncs.nasm  |   6 +-
 UefiCpuPkg/Library/MpInitLib/MpLib.c| 144 
+++-
 UefiCpuPkg/Library/MpInitLib/MpLib.h|  56 
+++--
 UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf   |   6 +-
 UefiCpuPkg/Library/MpInitLib/PeiMpLib.c | 154 
+-
 UefiCpuPkg/PiSmmCpuDxeSmm/CpuS3.c   | 993 
+--
 UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/MpFuncs.nasm | 153 
-
 UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmFuncsArch.c   |  29 
+---
 UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c  |   8 +++-
 UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h  |  26 
+
 UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf|   5 +
 UefiCpuPkg/PiSmmCpuDxeSmm/X64/MpFuncs.nasm  | 189 
--
 

[edk2-devel] [PATCH] UefiCpuPkg:fix issue when splitting paging entry

[duntan]

This patch is to fix issue when splitting leaf paging
entry in CpuPageTableLib code.

In previous code, before we assign the new child paging
structure address to the content of splitted paging entry,
PageTableLibSetPnle() is called to make sure the bit7 is
set to 0, which indicate the previous leaf entry is
changed to non-leaf entry now. There is a gap between
we change the bit7 and we assign the new child paging
structure address to the content of the splitted paging
entry. If the address of code execution or data access
happens to be in the range covered by the splitted paging
entry, this gap may cause issue.

In this patch, we prepare the new paging entry content
value in a local variable and assign the value to the
splitted paging entry at once. The volatile keyword
is used to ensure that no optimization will occur in
compilation.

Signed-off-by: Dun Tan 
Cc: Ray Ni 
Cc: Rahul Kumar 
Cc: Gerd Hoffmann 
Cc: Jiaxin Wu 
Cc: Zhou Jianfeng 
---
 UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableMap.c | 9 +++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableMap.c 
b/UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableMap.c
index b10a3008e4..bdc411338f 100644
--- a/UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableMap.c
+++ b/UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableMap.c
@@ -342,6 +342,7 @@ PageTableLibMapInLevel (
   UINT64  PhysicalAddrInAttr;
   IA32_PAGING_ENTRY   OriginalParentPagingEntry;
   IA32_PAGING_ENTRY   OriginalCurrentPagingEntry;
+  IA32_PAGING_ENTRY   TempPagingEntry;
 
   ASSERT (Level != 0);
   ASSERT ((Attribute != NULL) && (Mask != NULL));
@@ -359,6 +360,8 @@ PageTableLibMapInLevel (
 
   OriginalParentPagingEntry.Uint64 = ParentPagingEntry->Uint64;
   OneOfPagingEntry.Uint64  = 0;
+  TempPagingEntry.Uint64   = 0;
+
   //
   // RegionLength: 256T (1 << 48) 512G (1 << 39), 1G (1 << 30), 2M (1 << 21) 
or 4K (1 << 12).
   //
@@ -441,8 +444,10 @@ PageTableLibMapInLevel (
   // Non-leaf entry doesn't have PAT bit. So use 
~IA32_PE_BASE_ADDRESS_MASK_40 is to make sure PAT bit
   // (bit12) in original big-leaf entry is not assigned to 
PageTableBaseAddress field of non-leaf entry.
   //
-  PageTableLibSetPnle (>Pnle, , 
);
-  ParentPagingEntry->Uint64 = ((UINTN)(VOID *)PagingEntry) | 
(ParentPagingEntry->Uint64 & (~IA32_PE_BASE_ADDRESS_MASK_40));
+  TempPagingEntry.Uint64 = ParentPagingEntry->Uint64;
+  PageTableLibSetPnle (, , );
+  TempPagingEntry.Uint64   = ((UINTN)(VOID 
*)PagingEntry) | (TempPagingEntry.Uint64 & (~IA32_PE_BASE_ADDRESS_MASK_40));
+  *(volatile UINT64 *)&(ParentPagingEntry->Uint64) = 
TempPagingEntry.Uint64;
 }
   } else {
 //
-- 
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118996): https://edk2.groups.io/g/devel/message/118996
Mute This Topic: https://groups.io/mt/106150750/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [edk2-platforms][PATCH v2] ManageabilityPkg: add support for the phosphor ipmi blob transfer protocol

[Nhi Pham via groups.io]

Hi Abner,

It' hard to say actually. I don't spend full-time for open-source work. 
But I will try to complete it within 2 weeks or sooner.


Most of Ampere Altra drivers including IPMI SSIF are living at 
https://github.com/AmpereComputing/edk2-platforms. The effort now is to 
port to be compatible with ManageabilityPkg.


Regards,
Nhi

On 5/17/2024 3:16 PM, Chang, Abner wrote:

[AMD Official Use Only - AMD Internal Distribution Only]

Hi Nhi,
How much effort you think to have the SSIF ManageabilityPkg port?

Regards,
Abner


-Original Message-
From: Nhi Pham 
Sent: Friday, May 17, 2024 3:49 PM
To: Nickle Wang ; devel@edk2.groups.io
Cc: Chang, Abner ; Attar, AbdulLateef (Abdul
Lateef) ; Tinh Nguyen
; Thang Nguyen OS
; Mike Maslenkin

Subject: Re: [edk2-platforms][PATCH v2] ManageabilityPkg: add support for
the phosphor ipmi blob transfer protocol

Caution: This message originated from an External Source. Use proper caution
when opening attachments, clicking links, or responding.


Hi Nickle,

Please see my comments inline...

P/s: I just realized that I can not test this protocol without IPMI SSIF
to be compatible with ManageabilityPkg framework.

On 5/15/2024 10:06 PM, Nickle Wang wrote:

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4773

This change implements the blob transfer protocol used in OpenBmc
documented here: https://github.com/openbmc/phosphor-ipmi-blobs

Signed-off-by: Nick Ramirez 
Co-authored-by: Nickle Wang 
Cc: Abner Chang 
Cc: Abdul Lateef Attar 
Cc: Tinh Nguyen 
Cc: Nhi Pham 
Cc: Thang Nguyen OS 
Cc: Mike Maslenkin 
---
   .../ManageabilityPkg/ManageabilityPkg.dec |3 +
   .../Include/Manageability.dsc |2 +
   .../IpmiBlobTransferDxe.inf   |   39 +
   .../IpmiBlobTransferTestUnitTestsHost.inf |   40 +
   .../Include/Protocol/IpmiBlobTransfer.h   |  253 
   .../InternalIpmiBlobTransfer.h|  407 ++
   .../IpmiBlobTransferDxe/IpmiBlobTransferDxe.c |  872 +
   .../UnitTest/IpmiBlobTransferTestUnitTests.c  | 1113 +
   .../Universal/IpmiBlobTransferDxe/Readme.md   |   24 +
   9 files changed, 2753 insertions(+)
   create mode 100644

Features/ManageabilityPkg/Universal/IpmiBlobTransferDxe/IpmiBlobTransfer
Dxe.inf

   create mode 100644

Features/ManageabilityPkg/Universal/IpmiBlobTransferDxe/UnitTest/IpmiBlo
bTransferTestUnitTestsHost.inf

   create mode 100644

Features/ManageabilityPkg/Include/Protocol/IpmiBlobTransfer.h

   create mode 100644

Features/ManageabilityPkg/Universal/IpmiBlobTransferDxe/InternalIpmiBlob
Transfer.h

   create mode 100644

Features/ManageabilityPkg/Universal/IpmiBlobTransferDxe/IpmiBlobTransfer
Dxe.c

   create mode 100644

Features/ManageabilityPkg/Universal/IpmiBlobTransferDxe/UnitTest/IpmiBlo
bTransferTestUnitTests.c

   create mode 100644

Features/ManageabilityPkg/Universal/IpmiBlobTransferDxe/Readme.md


diff --git a/Features/ManageabilityPkg/ManageabilityPkg.dec

b/Features/ManageabilityPkg/ManageabilityPkg.dec

index eb0ee67cba..dc1d00162c 100644
--- a/Features/ManageabilityPkg/ManageabilityPkg.dec
+++ b/Features/ManageabilityPkg/ManageabilityPkg.dec
@@ -4,6 +4,7 @@
   # those are related to the platform management.
   #
   # Copyright (C) 2023 Advanced Micro Devices, Inc. All rights reserved.
+# Copyright (c) 2024, NVIDIA CORPORATION & AFFILIATES. All rights

reserved.

   # SPDX-License-Identifier: BSD-2-Clause-Patent
   #
   ##
@@ -58,6 +59,8 @@
 gEdkiiPldmProtocolGuid= { 0x60997616, 0xDB70, 0x4B5F, { 
0x86,

0xA4, 0x09, 0x58, 0xA3, 0x71, 0x47, 0xB4 } }

 gEdkiiPldmSmbiosTransferProtocolGuid  = { 0xFA431C3C, 0x816B, 0x4B32,

{ 0xA3, 0xE0, 0xAD, 0x9B, 0x7F, 0x64, 0x27, 0x2E } }

 gEdkiiMctpProtocolGuid= { 0xE93465C1, 0x9A31, 0x4C96, { 
0x92,

0x56, 0x22, 0x0A, 0xE1, 0x80, 0xB4, 0x1B } }

+  ## Include/Protocol/IpmiBlobTransfer.h
+  gEdkiiIpmiBlobTransferProtocolGuid= { 0x05837c75, 0x1d65, 0x468b,

{ 0xb1, 0xc2, 0x81, 0xaf, 0x9a, 0x31, 0x5b, 0x2c } }


   [PcdsFixedAtBuild]
 ## This value is the MCTP Interface source and destination endpoint ID for

transmiting MCTP message.

diff --git a/Features/ManageabilityPkg/Include/Manageability.dsc

b/Features/ManageabilityPkg/Include/Manageability.dsc

index 2e410df9ba..aae343a733 100644
--- a/Features/ManageabilityPkg/Include/Manageability.dsc
+++ b/Features/ManageabilityPkg/Include/Manageability.dsc
@@ -2,6 +2,7 @@
   # Common libraries for Manageabilty Package
   #
   # Copyright (C) 2023 Advanced Micro Devices, Inc. All rights reserved.
+# Copyright (c) 2024, NVIDIA CORPORATION & AFFILIATES. All rights

reserved.

   # SPDX-License-Identifier: BSD-2-Clause-Patent
   #
   ##
@@ -37,6 +38,7 @@
   [Components.X64, Components.AARCH64]
   !if gManageabilityPkgTokenSpaceGuid.PcdManageabilityDxeIpmiEnable ==

TRUE

 ManageabilityPkg/Universal/IpmiProtocol/Dxe/IpmiProtocolDxe.inf
+

Re: [edk2-devel] [edk2-platforms][PATCH v2] ManageabilityPkg: add support for the phosphor ipmi blob transfer protocol

[Nhi Pham via groups.io]

Hi Nickle,

Please see my comments inline...

P/s: I just realized that I can not test this protocol without IPMI SSIF 
to be compatible with ManageabilityPkg framework.


On 5/15/2024 10:06 PM, Nickle Wang wrote:

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4773

This change implements the blob transfer protocol used in OpenBmc
documented here: https://github.com/openbmc/phosphor-ipmi-blobs

Signed-off-by: Nick Ramirez 
Co-authored-by: Nickle Wang 
Cc: Abner Chang 
Cc: Abdul Lateef Attar 
Cc: Tinh Nguyen 
Cc: Nhi Pham 
Cc: Thang Nguyen OS 
Cc: Mike Maslenkin 
---
  .../ManageabilityPkg/ManageabilityPkg.dec |3 +
  .../Include/Manageability.dsc |2 +
  .../IpmiBlobTransferDxe.inf   |   39 +
  .../IpmiBlobTransferTestUnitTestsHost.inf |   40 +
  .../Include/Protocol/IpmiBlobTransfer.h   |  253 
  .../InternalIpmiBlobTransfer.h|  407 ++
  .../IpmiBlobTransferDxe/IpmiBlobTransferDxe.c |  872 +
  .../UnitTest/IpmiBlobTransferTestUnitTests.c  | 1113 +
  .../Universal/IpmiBlobTransferDxe/Readme.md   |   24 +
  9 files changed, 2753 insertions(+)
  create mode 100644 
Features/ManageabilityPkg/Universal/IpmiBlobTransferDxe/IpmiBlobTransferDxe.inf
  create mode 100644 
Features/ManageabilityPkg/Universal/IpmiBlobTransferDxe/UnitTest/IpmiBlobTransferTestUnitTestsHost.inf
  create mode 100644 
Features/ManageabilityPkg/Include/Protocol/IpmiBlobTransfer.h
  create mode 100644 
Features/ManageabilityPkg/Universal/IpmiBlobTransferDxe/InternalIpmiBlobTransfer.h
  create mode 100644 
Features/ManageabilityPkg/Universal/IpmiBlobTransferDxe/IpmiBlobTransferDxe.c
  create mode 100644 
Features/ManageabilityPkg/Universal/IpmiBlobTransferDxe/UnitTest/IpmiBlobTransferTestUnitTests.c
  create mode 100644 
Features/ManageabilityPkg/Universal/IpmiBlobTransferDxe/Readme.md

diff --git a/Features/ManageabilityPkg/ManageabilityPkg.dec 
b/Features/ManageabilityPkg/ManageabilityPkg.dec
index eb0ee67cba..dc1d00162c 100644
--- a/Features/ManageabilityPkg/ManageabilityPkg.dec
+++ b/Features/ManageabilityPkg/ManageabilityPkg.dec
@@ -4,6 +4,7 @@
  # those are related to the platform management.
  #
  # Copyright (C) 2023 Advanced Micro Devices, Inc. All rights reserved.
+# Copyright (c) 2024, NVIDIA CORPORATION & AFFILIATES. All rights reserved.
  # SPDX-License-Identifier: BSD-2-Clause-Patent
  #
  ##
@@ -58,6 +59,8 @@
gEdkiiPldmProtocolGuid= { 0x60997616, 0xDB70, 0x4B5F, { 
0x86, 0xA4, 0x09, 0x58, 0xA3, 0x71, 0x47, 0xB4 } }
gEdkiiPldmSmbiosTransferProtocolGuid  = { 0xFA431C3C, 0x816B, 0x4B32, { 
0xA3, 0xE0, 0xAD, 0x9B, 0x7F, 0x64, 0x27, 0x2E } }
gEdkiiMctpProtocolGuid= { 0xE93465C1, 0x9A31, 0x4C96, { 
0x92, 0x56, 0x22, 0x0A, 0xE1, 0x80, 0xB4, 0x1B } }
+  ## Include/Protocol/IpmiBlobTransfer.h
+  gEdkiiIpmiBlobTransferProtocolGuid= { 0x05837c75, 0x1d65, 0x468b, { 
0xb1, 0xc2, 0x81, 0xaf, 0x9a, 0x31, 0x5b, 0x2c } }
  
  [PcdsFixedAtBuild]

## This value is the MCTP Interface source and destination endpoint ID for 
transmiting MCTP message.
diff --git a/Features/ManageabilityPkg/Include/Manageability.dsc 
b/Features/ManageabilityPkg/Include/Manageability.dsc
index 2e410df9ba..aae343a733 100644
--- a/Features/ManageabilityPkg/Include/Manageability.dsc
+++ b/Features/ManageabilityPkg/Include/Manageability.dsc
@@ -2,6 +2,7 @@
  # Common libraries for Manageabilty Package
  #
  # Copyright (C) 2023 Advanced Micro Devices, Inc. All rights reserved.
+# Copyright (c) 2024, NVIDIA CORPORATION & AFFILIATES. All rights reserved.
  # SPDX-License-Identifier: BSD-2-Clause-Patent
  #
  ##
@@ -37,6 +38,7 @@
  [Components.X64, Components.AARCH64]
  !if gManageabilityPkgTokenSpaceGuid.PcdManageabilityDxeIpmiEnable == TRUE
ManageabilityPkg/Universal/IpmiProtocol/Dxe/IpmiProtocolDxe.inf
+  ManageabilityPkg/Universal/IpmiBlobTransferDxe/IpmiBlobTransferDxe.inf
  !endif
  
  [Components.X64]

diff --git 
a/Features/ManageabilityPkg/Universal/IpmiBlobTransferDxe/IpmiBlobTransferDxe.inf
 
b/Features/ManageabilityPkg/Universal/IpmiBlobTransferDxe/IpmiBlobTransferDxe.inf
new file mode 100644
index 00..108f4bb5f8
--- /dev/null
+++ 
b/Features/ManageabilityPkg/Universal/IpmiBlobTransferDxe/IpmiBlobTransferDxe.inf
@@ -0,0 +1,39 @@
+## @file
+# IPMI Blob Transfer Protocol DXE Driver.
+#
+#  Copyright (c) 2022-2024, NVIDIA CORPORATION & AFFILIATES. All rights 
reserved.
+#
+#  SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+
+[Defines]
+  INF_VERSION= 0x00010005
+  BASE_NAME  = IpmiBlobTransferDxe
+  FILE_GUID  = 6357c804-78bb-4b0c-abdf-c75df942f319
+  MODULE_TYPE= DXE_DRIVER
+  VERSION_STRING = 1.0
+  ENTRY_POINT= IpmiBlobTransferDxeDriverEntryPoint
+
+[Sources.common]
+  IpmiBlobTransferDxe.c
+
+[LibraryClasses]
+  BaseLib
+  BaseMemoryLib
+  DebugLib
+  IpmiLib
+  

Re: [edk2-devel] [PATCH v1 0/2] Add a new FdtNorFalshQemuLib and enable it in

[Chao Li]

Hi Ard,

No, it's just that my email was bounced just now, the groupio didn't 
receive my email when I send the first time, and I sent them again after 
it unbounce.



Thanks,
Chao
On 2024/5/17 15:21, Ard Biesheuvel wrote:

Hello Chao Li,

You sent two series in quick succession. Is there any difference
between the two?


On Fri, 17 May 2024 at 09:17, Chao Li  wrote:

Patch1: Added a new library called FdtNorFlashQemuLib in OvmfPkg/Library
which is non-hardcode dependency.
Patch2: Enable the new library in ArmVirtQemu.dsc and
ArmVirtQemuKernel.dsc.

BZ:https://bugzilla.tianocore.org/show_bug.cgi?id=4770

I have verified on both of the two platforms:
Prepare:
install libvirt, virt-manager, qemu-systemaarch64.

Step 1:
Built the two platforms with ArmVirtQemu.dsc and
ArmVirtQemuKernel.dsc, and then using the command create the pflash
files:
Build the two platforms firmware using ArmVirtQemu.dsc and
ArmVirtQemuKernel.dsc, and then create the pflash files using following
command:
cat QEMU_EFI.fd  /dev/zero | head -c 64m > ./QEMU_EFI-pflash.raw
cat QEMU_VARS.fd  /dev/zero | head -c 64m > ./vars-template-pflash.raw
qemu-img convert -f raw -O qcow2 -o cluster_size=4096 -S 4096 
QEMU_EFI-pflash.raw  QEMU_EFI-pflash.qcow2
qemu-img convert -f raw -O qcow2 -o cluster_size=4096 -S 4096 
vars-template-pflash.raw vars-template-pflash.qcow2

Download a AARCH64 QCOW2 image.
Copy them into /usr/share/edk2/aarch64/.

Step 2:
Verification the pflash working:
ArmVirtQemu:
Run the QEMU ARM virt machine using the following command:
qemu-system-aarch64 \
 -blockdev 
'{"driver":"file","filename":"/usr/share/edk2/aarch64/QEMU_EFI-pflash.qcow2","node-name":"libvirt-pflash0-storage","auto-read-only":true,"discard":"unmap"}'
 \
 -blockdev 
'{"node-name":"libvirt-pflash0-format","read-only":true,"driver":"qcow2","file":"libvirt-pflash0-storage"}'
 \
 -blockdev 
'{"driver":"file","filename":"/usr/share/edk2/aarch64/vars-template-pflash.qcow2","node-name":"libvirt-pflash1-storage","auto-read-only":true,"discard":"unmap"}'
 \
 -blockdev 
'{"node-name":"libvirt-pflash1-format","read-only":false,"driver":"qcow2","file":"libvirt-pflash1-storage"}'
 \
 -machine 
virt,pflash0=libvirt-pflash0-format,pflash1=libvirt-pflash1-format,acpi=on \
 -cpu cortex-a57 \
 -m size=2097152k \
 -serial stdio \
 -net none \
 -device ramfb \
 -device nec-usb-xhci \
 -device usb-mouse \
 -device usb-kbd

ArmVirtQemuKernel:
Run the QEMU kernel ARM virt machine using the following command:
qemu-system-aarch64 \
 -blockdev 
'{"driver":"file","filename":"/usr/share/edk2/aarch64/vars-template-pflash.raw","node-name":"libvirt-pflash1-storage","auto-read-only":true,"discard":"unmap"}'
 \
 -blockdev 
'{"node-name":"libvirt-pflash1-format","read-only":false,"driver":"raw","file":"libvirt-pflash1-storage"}'
 \
 -machine 
virt,usb=off,dump-guest-core=off,gic-version=3,pflash1=libvirt-pflash1-format \
 -cpu cortex-a57 \
 -m 4096 \
 -smp 1,sockets=1,cores=1,threads=1 \
 -no-user-config \
 -nodefaults \
 -device virtio-gpu-pci \
 -kernel /usr/share/edk2/aarch64/QEMU_EFI-pflash.raw \
 -serial stdio \
 -device nec-usb-xhci \
 -device usb-mouse \
 -device usb-kbd  \
 -hda /usr/share/edk2/aarch64/openEuler-22.03-LTS-SP3-aarch64.qcow2 \
 -monitor tcp::,server,nowait

Step 3:
After the virt-machines starts, enter "F2" to enter the setup UI, try to
change the boot order or some ther variables stored in the flash, then
enter "F10" to save the changes and reboot it.
After restarting, enter "F2" to enter the setup UI and check whether the
changes before the restart operation have been saved.


Using the above three steps, both platforms will works fine.

I have not created the PR in github yet, I will create it once the edk2
merge window reopens.

Cc: Ard Biesheuvel
Cc: Leif Lindholm
Cc: Sami Mujawar
Cc: Gerd Hoffmann
Cc: Jiewen Yao

Chao Li (2):
   OvmfPkg: Add no hardcode version of FtdNorFlashQemuLib
   ArmVirtPkg: Enable the non-hardcode version FtdNorFlashQemuLib

  ArmVirtPkg/ArmVirtQemu.dsc|  21 ++-
  ArmVirtPkg/ArmVirtQemuKernel.dsc  |  20 ++-
  ArmVirtPkg/VarStore.fdf.inc   |   5 +-
  .../FdtNorFlashQemuLib/FdtNorFlashQemuLib.c   | 165 ++
  .../FdtNorFlashQemuLib/FdtNorFlashQemuLib.inf |  46 +
  5 files changed, 249 insertions(+), 8 deletions(-)
  create mode 100644 OvmfPkg/Library/FdtNorFlashQemuLib/FdtNorFlashQemuLib.c
  create mode 100644 OvmfPkg/Library/FdtNorFlashQemuLib/FdtNorFlashQemuLib.inf

--
2.27.0













-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118992): https://edk2.groups.io/g/devel/message/118992
Mute This Topic: https://groups.io/mt/106149594/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] 回复: [edk2-devel] [PATCH v2 03/13] OvmfPkg:PlatformCI: Support virtio-rng-pci

[Ard Biesheuvel]

On Fri, 17 May 2024 at 05:27, Doug Flick via groups.io
 wrote:
>
> On ARM, we can actually do better than this: I have taken Doug's v2 and 
> applied some changes on top to make it work with ArmVirtQemu.
>
> https://github.com/ardbiesheuvel/edk2/tree/doug-v2
>
> Ard, would you be comfortable with this patch series if I take the commits 
> you're suggesting? I'm being asked to see what it would take to get these 
> commits in for this release.

I won't object to that, but I'd like Gerd's take as well, given that a
similar concern appears to apply to OVMF/x86 IIUC.


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118991): https://edk2.groups.io/g/devel/message/118991
Mute This Topic: https://groups.io/mt/106013302/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v1 0/2] Add a new FdtNorFalshQemuLib and enable it in

[Ard Biesheuvel]

Hello Chao Li,

You sent two series in quick succession. Is there any difference
between the two?


On Fri, 17 May 2024 at 09:17, Chao Li  wrote:
>
> Patch1: Added a new library called FdtNorFlashQemuLib in OvmfPkg/Library
> which is non-hardcode dependency.
> Patch2: Enable the new library in ArmVirtQemu.dsc and
> ArmVirtQemuKernel.dsc.
>
> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4770
>
> I have verified on both of the two platforms:
> Prepare:
> install libvirt, virt-manager, qemu-systemaarch64.
>
> Step 1:
> Built the two platforms with ArmVirtQemu.dsc and
> ArmVirtQemuKernel.dsc, and then using the command create the pflash
> files:
> Build the two platforms firmware using ArmVirtQemu.dsc and
> ArmVirtQemuKernel.dsc, and then create the pflash files using following
> command:
> cat QEMU_EFI.fd  /dev/zero | head -c 64m > ./QEMU_EFI-pflash.raw
> cat QEMU_VARS.fd  /dev/zero | head -c 64m > ./vars-template-pflash.raw
> qemu-img convert -f raw -O qcow2 -o cluster_size=4096 -S 4096 
> QEMU_EFI-pflash.raw  QEMU_EFI-pflash.qcow2
> qemu-img convert -f raw -O qcow2 -o cluster_size=4096 -S 4096 
> vars-template-pflash.raw vars-template-pflash.qcow2
>
> Download a AARCH64 QCOW2 image.
> Copy them into /usr/share/edk2/aarch64/.
>
> Step 2:
> Verification the pflash working:
> ArmVirtQemu:
> Run the QEMU ARM virt machine using the following command:
> qemu-system-aarch64 \
> -blockdev 
> '{"driver":"file","filename":"/usr/share/edk2/aarch64/QEMU_EFI-pflash.qcow2","node-name":"libvirt-pflash0-storage","auto-read-only":true,"discard":"unmap"}'
>  \
> -blockdev 
> '{"node-name":"libvirt-pflash0-format","read-only":true,"driver":"qcow2","file":"libvirt-pflash0-storage"}'
>  \
> -blockdev 
> '{"driver":"file","filename":"/usr/share/edk2/aarch64/vars-template-pflash.qcow2","node-name":"libvirt-pflash1-storage","auto-read-only":true,"discard":"unmap"}'
>  \
> -blockdev 
> '{"node-name":"libvirt-pflash1-format","read-only":false,"driver":"qcow2","file":"libvirt-pflash1-storage"}'
>  \
> -machine 
> virt,pflash0=libvirt-pflash0-format,pflash1=libvirt-pflash1-format,acpi=on \
> -cpu cortex-a57 \
> -m size=2097152k \
> -serial stdio \
> -net none \
> -device ramfb \
> -device nec-usb-xhci \
> -device usb-mouse \
> -device usb-kbd
>
> ArmVirtQemuKernel:
> Run the QEMU kernel ARM virt machine using the following command:
> qemu-system-aarch64 \
> -blockdev 
> '{"driver":"file","filename":"/usr/share/edk2/aarch64/vars-template-pflash.raw","node-name":"libvirt-pflash1-storage","auto-read-only":true,"discard":"unmap"}'
>  \
> -blockdev 
> '{"node-name":"libvirt-pflash1-format","read-only":false,"driver":"raw","file":"libvirt-pflash1-storage"}'
>  \
> -machine 
> virt,usb=off,dump-guest-core=off,gic-version=3,pflash1=libvirt-pflash1-format 
> \
> -cpu cortex-a57 \
> -m 4096 \
> -smp 1,sockets=1,cores=1,threads=1 \
> -no-user-config \
> -nodefaults \
> -device virtio-gpu-pci \
> -kernel /usr/share/edk2/aarch64/QEMU_EFI-pflash.raw \
> -serial stdio \
> -device nec-usb-xhci \
> -device usb-mouse \
> -device usb-kbd  \
> -hda /usr/share/edk2/aarch64/openEuler-22.03-LTS-SP3-aarch64.qcow2 \
> -monitor tcp::,server,nowait
>
> Step 3:
> After the virt-machines starts, enter "F2" to enter the setup UI, try to
> change the boot order or some ther variables stored in the flash, then
> enter "F10" to save the changes and reboot it.
> After restarting, enter "F2" to enter the setup UI and check whether the
> changes before the restart operation have been saved.
>
>
> Using the above three steps, both platforms will works fine.
>
> I have not created the PR in github yet, I will create it once the edk2
> merge window reopens.
>
> Cc: Ard Biesheuvel 
> Cc: Leif Lindholm 
> Cc: Sami Mujawar 
> Cc: Gerd Hoffmann 
> Cc: Jiewen Yao 
>
> Chao Li (2):
>   OvmfPkg: Add no hardcode version of FtdNorFlashQemuLib
>   ArmVirtPkg: Enable the non-hardcode version FtdNorFlashQemuLib
>
>  ArmVirtPkg/ArmVirtQemu.dsc|  21 ++-
>  ArmVirtPkg/ArmVirtQemuKernel.dsc  |  20 ++-
>  ArmVirtPkg/VarStore.fdf.inc   |   5 +-
>  .../FdtNorFlashQemuLib/FdtNorFlashQemuLib.c   | 165 ++
>  .../FdtNorFlashQemuLib/FdtNorFlashQemuLib.inf |  46 +
>  5 files changed, 249 insertions(+), 8 deletions(-)
>  create mode 100644 OvmfPkg/Library/FdtNorFlashQemuLib/FdtNorFlashQemuLib.c
>  create mode 100644 OvmfPkg/Library/FdtNorFlashQemuLib/FdtNorFlashQemuLib.inf
>
> --
> 2.27.0
>
>
>
> 
>
>


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118990): https://edk2.groups.io/g/devel/message/118990
Mute This Topic: https://groups.io/mt/106149594/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 2/2] ArmVirtPkg: Enable the non-hardcode version FtdNorFlashQemuLib

[Chao Li]

Enable the non-hardcode version of FtdNorFlashQemuLib in ArmVirtQemu.dsc
and ArmVirtQemuKernel.dsc, and it can work rightly after enabling it.

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4770

Build-tested (with "ArmVirtQemu.dsc" and "ArmVirtQemuKernel.dsc").

Cc: Ard Biesheuvel 
Cc: Leif Lindholm 
Cc: Sami Mujawar 
Cc: Gerd Hoffmann 
Cc: Jiewen Yao 
Signed-off-by: Chao Li 
Signed-off-by: Xianglai Li 
---
 ArmVirtPkg/ArmVirtQemu.dsc   | 21 +++--
 ArmVirtPkg/ArmVirtQemuKernel.dsc | 20 ++--
 ArmVirtPkg/VarStore.fdf.inc  |  5 +
 3 files changed, 38 insertions(+), 8 deletions(-)

diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
index 7e2ff33ad1..2ecbb5d041 100644
--- a/ArmVirtPkg/ArmVirtQemu.dsc
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
@@ -66,7 +66,7 @@ [LibraryClasses.common]
   
QemuLoadImageLib|OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.inf
 
   TimerLib|ArmPkg/Library/ArmArchTimerLib/ArmArchTimerLib.inf
-  
VirtNorFlashPlatformLib|ArmVirtPkg/Library/NorFlashQemuLib/NorFlashQemuLib.inf
+  
VirtNorFlashPlatformLib|OvmfPkg/Library/FdtNorFlashQemuLib/FdtNorFlashQemuLib.inf
 
   CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf
   BootLogoLib|MdeModulePkg/Library/BootLogoLib/BootLogoLib.inf
@@ -152,6 +152,9 @@ [PcdsFixedAtBuild.common]
   gArmTokenSpaceGuid.PcdVFPEnabled|1
 !endif
 
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFdBaseAddress|0x
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFirmwareFdSize|$(FD_SIZE)
+
   gArmPlatformTokenSpaceGuid.PcdCPUCoresStackBase|0x4007c000
   gArmPlatformTokenSpaceGuid.PcdCPUCorePrimaryStackSize|0x4000
   gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x2000
@@ -231,6 +234,10 @@ [PcdsFixedAtBuild.common]
   # System Memory Size -- 128 MB initially, actual size will be fetched from DT
   gArmTokenSpaceGuid.PcdSystemMemorySize|0x800
 
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize   | 0x4
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize   | 0x4
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingSize | 0x4
+
 [PcdsFixedAtBuild.AARCH64]
   # Clearing BIT0 in this PCD prevents installing a 32-bit SMBIOS entry point,
   # if the entry point version is >= 3.0. AARCH64 OSes cannot assume the
@@ -243,6 +250,13 @@ [PcdsFixedAtBuild.AARCH64]
 [PcdsDynamicDefault.common]
   gEfiMdePkgTokenSpaceGuid.PcdPlatformBootTimeOut|3
 
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase | 0
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase64   | 0
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64   | 0
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase | 0
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase   | 0
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64 | 0
+
   ## If TRUE, OvmfPkg/AcpiPlatformDxe will not wait for PCI
   #  enumeration to complete before installing ACPI tables.
   gEfiMdeModulePkgTokenSpaceGuid.PcdPciDisableBusEnumeration|TRUE
@@ -404,7 +418,10 @@ [Components.common]
   MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf
 !endif
   MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf
-  MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf
+  MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf {
+
+  
NULL|EmbeddedPkg/Library/NvVarStoreFormattedLib/NvVarStoreFormattedLib.inf
+  }
   
MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf
   MdeModulePkg/Universal/ResetSystemRuntimeDxe/ResetSystemRuntimeDxe.inf
   EmbeddedPkg/RealTimeClockRuntimeDxe/RealTimeClockRuntimeDxe.inf {
diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc
index efe2df97bd..0242413dc8 100644
--- a/ArmVirtPkg/ArmVirtQemuKernel.dsc
+++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc
@@ -65,7 +65,7 @@ [LibraryClasses.common]
   
ArmVirtMemInfoLib|ArmVirtPkg/Library/QemuVirtMemInfoLib/QemuVirtMemInfoLib.inf
 
   TimerLib|ArmPkg/Library/ArmArchTimerLib/ArmArchTimerLib.inf
-  
VirtNorFlashPlatformLib|ArmVirtPkg/Library/NorFlashQemuLib/NorFlashQemuLib.inf
+  
VirtNorFlashPlatformLib|OvmfPkg/Library/FdtNorFlashQemuLib/FdtNorFlashQemuLib.inf
 
   CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf
   BootLogoLib|MdeModulePkg/Library/BootLogoLib/BootLogoLib.inf
@@ -120,6 +120,8 @@ [PcdsFixedAtBuild.common]
   gArmTokenSpaceGuid.PcdVFPEnabled|1
 !endif
 
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFdBaseAddress|0x
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFirmwareFdSize|$(FD_SIZE)
   gArmPlatformTokenSpaceGuid.PcdCPUCorePrimaryStackSize|0x4000
   gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x2000
   gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize|0x2800
@@ -181,6 +183,10 @@ [PcdsFixedAtBuild.common]
   gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|3
   gEfiShellPkgTokenSpaceGuid.PcdShellFileOperationSize|0x2
 
+  

[edk2-devel] [PATCH v1 1/2] OvmfPkg: Add no hardcode version of FtdNorFlashQemuLib

[Chao Li]

This library is copied from ArmVirtPkg, in the Arm version, the value of
PcdFlashNvStorageVariableBase, PcdFlashNvStorageFtwWorkingBase and
PcdFlashNvStorageFtwSpareBase are hardcoded in INC file.

This version will calculate them from FDT resource and using the set PCD
to store when the NorFlashInitialise is called. By default, the first
available flash(not used for storage UEFI code) as NV variable storage
medium.

In this way, UEFI can better handle the change of flash base address,
which is suitable for different cpu architecture board implementation.

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4770

Cc: Ard Biesheuvel 
Cc: Leif Lindholm 
Cc: Sami Mujawar 
Cc: Gerd Hoffmann 
Cc: Jiewen Yao 
Signed-off-by: Chao Li 
Signed-off-by: Xianglai Li 
---
 .../FdtNorFlashQemuLib/FdtNorFlashQemuLib.c   | 165 ++
 .../FdtNorFlashQemuLib/FdtNorFlashQemuLib.inf |  46 +
 2 files changed, 211 insertions(+)
 create mode 100644 OvmfPkg/Library/FdtNorFlashQemuLib/FdtNorFlashQemuLib.c
 create mode 100644 OvmfPkg/Library/FdtNorFlashQemuLib/FdtNorFlashQemuLib.inf

diff --git a/OvmfPkg/Library/FdtNorFlashQemuLib/FdtNorFlashQemuLib.c 
b/OvmfPkg/Library/FdtNorFlashQemuLib/FdtNorFlashQemuLib.c
new file mode 100644
index 00..e5c7d4cdfa
--- /dev/null
+++ b/OvmfPkg/Library/FdtNorFlashQemuLib/FdtNorFlashQemuLib.c
@@ -0,0 +1,165 @@
+/** @file
+
+  Copyright (c) 2014-2018, Linaro Ltd. All rights reserved.
+  Copyright (c) 2024 Loongson Technology Corporation Limited. All rights 
reserved.
+
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include 
+#include 
+#include 
+#include 
+
+#include 
+#include 
+
+#define QEMU_NOR_BLOCK_SIZE  SIZE_256KB
+#define MAX_FLASH_BANKS  4
+
+STATIC VIRT_NOR_FLASH_DESCRIPTION  mNorFlashDevices[MAX_FLASH_BANKS];
+
+EFI_STATUS
+VirtNorFlashPlatformInitialization (
+  VOID
+  )
+{
+  return EFI_SUCCESS;
+}
+
+EFI_STATUS
+VirtNorFlashPlatformGetDevices (
+  OUT VIRT_NOR_FLASH_DESCRIPTION  **NorFlashDescriptions,
+  OUT UINT32  *Count
+  )
+{
+  FDT_CLIENT_PROTOCOL  *FdtClient;
+  INT32Node;
+  EFI_STATUS   Status;
+  EFI_STATUS   FindNodeStatus;
+  CONST UINT32 *Reg;
+  UINT32   PropSize;
+  UINT32   Num;
+  UINT64   Base;
+  UINT64   Size;
+  BOOLEAN  Found;
+
+  Status = gBS->LocateProtocol (
+  ,
+  NULL,
+  (VOID **)
+  );
+  ASSERT_EFI_ERROR (Status);
+
+  Num   = 0;
+  Found = FALSE;
+  for (FindNodeStatus = FdtClient->FindCompatibleNode (
+ FdtClient,
+ "cfi-flash",
+ 
+ );
+   !EFI_ERROR (FindNodeStatus) && Num < MAX_FLASH_BANKS;
+   FindNodeStatus = FdtClient->FindNextCompatibleNode (
+ FdtClient,
+ "cfi-flash",
+ Node,
+ 
+ ))
+  {
+Status = FdtClient->GetNodeProperty (
+  FdtClient,
+  Node,
+  "reg",
+  (CONST VOID **),
+  
+  );
+if (EFI_ERROR (Status)) {
+  DEBUG ((
+DEBUG_ERROR,
+"%a: GetNodeProperty () failed (Status == %r)\n",
+__func__,
+Status
+));
+  continue;
+}
+
+ASSERT ((PropSize % (4 * sizeof (UINT32))) == 0);
+
+while (PropSize >= (4 * sizeof (UINT32)) && Num < MAX_FLASH_BANKS) {
+  Base = SwapBytes64 (ReadUnaligned64 ((VOID *)[0]));
+  Size = SwapBytes64 (ReadUnaligned64 ((VOID *)[2]));
+  Reg += 4;
+
+  PropSize -= 4 * sizeof (UINT32);
+
+  //
+  // Disregard any flash devices that overlap with the primary FV.
+  // The firmware is not updatable from inside the guest anyway.
+  //
+  if ((PcdGet32 (PcdOvmfFdBaseAddress) + PcdGet32 (PcdOvmfFirmwareFdSize) 
> Base) &&
+  ((Base + Size) > PcdGet32 (PcdOvmfFdBaseAddress)))
+  {
+continue;
+  }
+
+  mNorFlashDevices[Num].DeviceBaseAddress = (UINTN)Base;
+  mNorFlashDevices[Num].RegionBaseAddress = (UINTN)Base;
+  mNorFlashDevices[Num].Size  = (UINTN)Size;
+  mNorFlashDevices[Num].BlockSize = QEMU_NOR_BLOCK_SIZE;
+  Num++;
+  if (!Found) {
+//
+// By default, the second available flash is stored as a non-volatile 
variable.
+//
+Status = PcdSet32S (PcdFlashNvStorageVariableBase, Base);
+ASSERT_EFI_ERROR (Status);
+
+//
+// The Base is the value of PcdFlashNvStorageVariableBase,
+// PcdFlashNvStorageFtwWorkingBase can be got by
+// PcdFlashNvStorageVariableBase + PcdFlashNvStorageVariableSize
+ 

[edk2-devel] [PATCH v1 0/2] Add a new FdtNorFalshQemuLib and enable it in

[Chao Li]

Patch1: Added a new library called FdtNorFlashQemuLib in OvmfPkg/Library
which is non-hardcode dependency.
Patch2: Enable the new library in ArmVirtQemu.dsc and
ArmVirtQemuKernel.dsc.

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4770

I have verified on both of the two platforms:
Prepare:
install libvirt, virt-manager, qemu-systemaarch64.

Step 1:
Built the two platforms with ArmVirtQemu.dsc and
ArmVirtQemuKernel.dsc, and then using the command create the pflash
files:
Build the two platforms firmware using ArmVirtQemu.dsc and
ArmVirtQemuKernel.dsc, and then create the pflash files using following
command:
cat QEMU_EFI.fd  /dev/zero | head -c 64m > ./QEMU_EFI-pflash.raw
cat QEMU_VARS.fd  /dev/zero | head -c 64m > ./vars-template-pflash.raw
qemu-img convert -f raw -O qcow2 -o cluster_size=4096 -S 4096 
QEMU_EFI-pflash.raw  QEMU_EFI-pflash.qcow2
qemu-img convert -f raw -O qcow2 -o cluster_size=4096 -S 4096 
vars-template-pflash.raw vars-template-pflash.qcow2

Download a AARCH64 QCOW2 image.
Copy them into /usr/share/edk2/aarch64/.

Step 2:
Verification the pflash working:
ArmVirtQemu:
Run the QEMU ARM virt machine using the following command:
qemu-system-aarch64 \
-blockdev 
'{"driver":"file","filename":"/usr/share/edk2/aarch64/QEMU_EFI-pflash.qcow2","node-name":"libvirt-pflash0-storage","auto-read-only":true,"discard":"unmap"}'
 \
-blockdev 
'{"node-name":"libvirt-pflash0-format","read-only":true,"driver":"qcow2","file":"libvirt-pflash0-storage"}'
 \
-blockdev 
'{"driver":"file","filename":"/usr/share/edk2/aarch64/vars-template-pflash.qcow2","node-name":"libvirt-pflash1-storage","auto-read-only":true,"discard":"unmap"}'
 \
-blockdev 
'{"node-name":"libvirt-pflash1-format","read-only":false,"driver":"qcow2","file":"libvirt-pflash1-storage"}'
 \
-machine 
virt,pflash0=libvirt-pflash0-format,pflash1=libvirt-pflash1-format,acpi=on \
-cpu cortex-a57 \
-m size=2097152k \
-serial stdio \
-net none \
-device ramfb \
-device nec-usb-xhci \
-device usb-mouse \
-device usb-kbd

ArmVirtQemuKernel:
Run the QEMU kernel ARM virt machine using the following command:
qemu-system-aarch64 \
-blockdev 
'{"driver":"file","filename":"/usr/share/edk2/aarch64/vars-template-pflash.raw","node-name":"libvirt-pflash1-storage","auto-read-only":true,"discard":"unmap"}'
 \
-blockdev 
'{"node-name":"libvirt-pflash1-format","read-only":false,"driver":"raw","file":"libvirt-pflash1-storage"}'
 \
-machine 
virt,usb=off,dump-guest-core=off,gic-version=3,pflash1=libvirt-pflash1-format \
-cpu cortex-a57 \
-m 4096 \
-smp 1,sockets=1,cores=1,threads=1 \
-no-user-config \
-nodefaults \
-device virtio-gpu-pci \
-kernel /usr/share/edk2/aarch64/QEMU_EFI-pflash.raw \
-serial stdio \
-device nec-usb-xhci \
-device usb-mouse \
-device usb-kbd  \
-hda /usr/share/edk2/aarch64/openEuler-22.03-LTS-SP3-aarch64.qcow2 \
-monitor tcp::,server,nowait

Step 3:
After the virt-machines starts, enter "F2" to enter the setup UI, try to
change the boot order or some ther variables stored in the flash, then
enter "F10" to save the changes and reboot it.
After restarting, enter "F2" to enter the setup UI and check whether the
changes before the restart operation have been saved.


Using the above three steps, both platforms will works fine.

I have not created the PR in github yet, I will create it once the edk2
merge window reopens.

Cc: Ard Biesheuvel 
Cc: Leif Lindholm 
Cc: Sami Mujawar 
Cc: Gerd Hoffmann 
Cc: Jiewen Yao 

Chao Li (2):
  OvmfPkg: Add no hardcode version of FtdNorFlashQemuLib
  ArmVirtPkg: Enable the non-hardcode version FtdNorFlashQemuLib

 ArmVirtPkg/ArmVirtQemu.dsc|  21 ++-
 ArmVirtPkg/ArmVirtQemuKernel.dsc  |  20 ++-
 ArmVirtPkg/VarStore.fdf.inc   |   5 +-
 .../FdtNorFlashQemuLib/FdtNorFlashQemuLib.c   | 165 ++
 .../FdtNorFlashQemuLib/FdtNorFlashQemuLib.inf |  46 +
 5 files changed, 249 insertions(+), 8 deletions(-)
 create mode 100644 OvmfPkg/Library/FdtNorFlashQemuLib/FdtNorFlashQemuLib.c
 create mode 100644 OvmfPkg/Library/FdtNorFlashQemuLib/FdtNorFlashQemuLib.inf

-- 
2.27.0



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118987): https://edk2.groups.io/g/devel/message/118987
Mute This Topic: https://groups.io/mt/106149594/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [edk2-redfish-client][PATCH] RedfishClientPkg: introduce RedfishBootstrapAccountDxe

[Nickle Wang via groups.io]

Hi Igor,

Thanks for your idea. This sounds feasible to me. Let me try to test it on my 
system.

Regards,
Nickle

> -Original Message-
> From: Igor Kulchytskyy 
> Sent: Thursday, May 16, 2024 7:34 PM
> To: Nickle Wang ; Chang, Abner
> ; devel@edk2.groups.io
> Cc: Nick Ramirez 
> Subject: RE: [EXTERNAL] RE: [edk2-devel] [edk2-redfish-client][PATCH]
> RedfishClientPkg: introduce RedfishBootstrapAccountDxe
> 
> External email: Use caution opening links or attachments
> 
> 
> We can have some protocol where all Redfish clients register saying that they 
> are
> using the bootstrap credentials.
> And when they finish their job they notify RedfishBootstrapAccountDxe driver 
> and
> when all of registered modules finish their job RedfishBootstrapAccountDxe 
> driver
> delete the account.
> Thank you,
> Igor
> 
> -Original Message-
> From: Nickle Wang 
> Sent: Wednesday, May 15, 2024 11:10 PM
> To: Chang, Abner ; Igor Kulchytskyy ;
> devel@edk2.groups.io
> Cc: Nick Ramirez 
> Subject: RE: [EXTERNAL] RE: [edk2-devel] [edk2-redfish-client][PATCH]
> RedfishClientPkg: introduce RedfishBootstrapAccountDxe
> 
> > RedfishFeatureCore could be one of the Redfish clients, delete the
> > credential from Redfish account service in RedfishFeatureCore
> > lifecycle may impact other Redfish clients that still need the communication
> with Redfish service, right?
> 
> When all Redfish clients are managed by RedfishFeatureCore, I think we don't
> have such case. And this may be a good reason to keep it in RedfishClientPkg. 
> This
> driver offers a way for BIOS to delete bootstrapping account at BMC after
> everything is done. Platform owner can decide to include this driver or not
> depending on the Redfish design in system.
> 
> Regards,
> Nickle
> 
> > -Original Message-
> > From: Chang, Abner 
> > Sent: Thursday, May 16, 2024 10:41 AM
> > To: Nickle Wang ; Igor Kulchytskyy
> > ; devel@edk2.groups.io
> > Cc: Nick Ramirez 
> > Subject: RE: [EXTERNAL] RE: [edk2-devel] [edk2-redfish-client][PATCH]
> > RedfishClientPkg: introduce RedfishBootstrapAccountDxe
> >
> > External email: Use caution opening links or attachments
> >
> >
> > [AMD Official Use Only - General]
> >
> > I think we probably overlook some use cases. Multiple edk2 Redfish
> > applications running simultaneously is allowed from the design
> > perspective. However, we centralized GetAuthInfo in
> > RedfishPlatformCredentialLib for all of edk2 Redfish client entities
> > to leverage the same credential stored in EFI variable. This way we
> > can limit the process of acquiring credential to only one time Redfish IPMI
> bootstrap command sent to BMC.
> > RedfishFeatureCore could be one of the Redfish clients, delete the
> > credential from Redfish account service in RedfishFeatureCore
> > lifecycle may impact other Redfish clients that still need the communication
> with Redfish service, right?
> >
> > Thanks
> > Abner
> >
> > > -Original Message-
> > > From: Nickle Wang 
> > > Sent: Thursday, May 16, 2024 9:38 AM
> > > To: Chang, Abner ; Igor Kulchytskyy
> > > ; devel@edk2.groups.io
> > > Cc: Nick Ramirez 
> > > Subject: RE: [EXTERNAL] RE: [edk2-devel]
> > > [edk2-redfish-client][PATCH]
> > > RedfishClientPkg: introduce RedfishBootstrapAccountDxe
> > >
> > > [AMD Official Use Only - General]
> > >
> > > Caution: This message originated from an External Source. Use proper
> > > caution when opening attachments, clicking links, or responding.
> > >
> > >
> > > Hi Igor, Abner,
> > >
> > > > Maybe we should consider moving RedfishBootstrapAccountDxe driver
> > > > to
> > > RedfishPkg and have some register mechanism which will be used by
> > > interested drivers to notify that they finished their job and after
> > > that RedfishBootstrapAccountDxe driver would delete an account.
> > >
> > > You are saying the mechanism in runtime, right? In current design,
> > > RedfishFeatureCore driver will send "after provisioning" signal to
> > > notify this driver to delete bootstrapping account. This makes sure
> > > that all feature drivers are done with their jobs, so this driver is
> > > safe to delete bootstrapping account at BMC.
> > >
> > > If we move it to RedfishPkg, there is no such centralized Redfish
> > > driver managing Redfish stuff. How does a particular driver know
> > > that there is no other driver running Redfish stuff after it? The
> > > way I can think of now is to rely on EDK2 ready-to-boot event as the
> > > signal to do the notification, since there is not supposed to have
> > > Redfish driver running
> > jobs after this event...
> > >
> > > Regards,
> > > Nickle
> > >
> > > > -Original Message-
> > > > From: Chang, Abner 
> > > > Sent: Thursday, May 16, 2024 9:06 AM
> > > > To: Igor Kulchytskyy ; Nickle Wang
> > > > ; devel@edk2.groups.io
> > > > Cc: Nick Ramirez 
> > > > Subject: RE: [EXTERNAL] RE: [edk2-devel]
> > > > [edk2-redfish-client][PATCH]
> > > > RedfishClientPkg: introduce RedfishBootstrapAccountDxe
> > > >

[edk2-devel] [edk2-libc Patch 1/1] edk2-libc: Add cpuid_ex API to execute CPUID instructions on specific CPU

[Vishal R]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4749

This commit adds cpuid_ex function to edk2module to provide capability
to execute cpuid instruction on specific cpu.
This feature was requested via BZ 4749

Cc: Rebecca Cran 
Cc: Michael D Kinney 
Cc: Jayaprakash N 
Signed-off-by: Vishal R 
---
 .../PyMod-3.6.8/Modules/edk2module.c  | 93 +++
 1 file changed, 93 insertions(+)

diff --git 
a/AppPkg/Applications/Python/Python-3.6.8/PyMod-3.6.8/Modules/edk2module.c 
b/AppPkg/Applications/Python/Python-3.6.8/PyMod-3.6.8/Modules/edk2module.c
index 163fc7f..d419428 100644
--- a/AppPkg/Applications/Python/Python-3.6.8/PyMod-3.6.8/Modules/edk2module.c
+++ b/AppPkg/Applications/Python/Python-3.6.8/PyMod-3.6.8/Modules/edk2module.c
@@ -45,6 +45,15 @@ typedef struct {
 UINT64 data; // data, to be filled by the AP function
 } AP_FUNCTION_MSR_ARGS;
 
+typedef struct {
+UINT32 eax; // eax value
+UINT32 ecx; // ecx value
+UINT32 rax_value;   // retrun value for eax
+UINT32 rbx_value;   // return value for ebx
+UINT32 rcx_value;   // retrun value for ecx
+UINT32 rdx_value;   // return value for edx
+} AP_FUNCTION_CPUID_ARGS;
+
 #define AP_FUNCTION_EXECUTION_TIMEOUT  500   // setting the max time out 
value to be 5 seconds
 
 extern void _swsmi( unsigned int smi_code_data, unsigned int rax_value, 
unsigned int rbx_value, unsigned int rcx_value, unsigned int rdx_value, 
unsigned int rsi_value, unsigned int rdi_value );
@@ -223,6 +232,13 @@ VOID EFIAPI MSRWriteToRunOnAP(IN VOID *context)
 AsmWriteMsr64(msr, data);
 }
 
+// CPUID execution function to run on specific cpu core using MPServices 
Protocol
+VOID EFIAPI CPUIDToRunOnAP(IN VOID *context)
+{
+AP_FUNCTION_CPUID_ARGS *args = (AP_FUNCTION_CPUID_ARGS *)context;
+AsmCpuidEx( args->eax, args->ecx, >rax_value, >rbx_value, 
>rcx_value, >rdx_value);
+}
+
 #ifndef UEFI_C_SOURCE
 /* Return a dictionary corresponding to the POSIX environment table */
 extern char **environ;
@@ -4153,6 +4169,82 @@ edk2_cpuid(PyObject *self, PyObject *args)
 return Py_BuildValue("())",  (unsigned long)rax_value,  (unsigned 
long)rbx_value,  (unsigned long)rcx_value,  (unsigned long)rdx_value);
 }
 
+PyDoc_STRVAR(efi_cpuid_ex__doc__,
+"cpuid_ex(cpu, eax, ecx) -> (eax:ebx:ecx:edx)\n\
+Read the CPUID from a specific cpu.";);
+
+static PyObject *
+edk2_cpuid_ex(PyObject *self, PyObject *args)
+{
+UINT32 cpu, eax, ecx, rax_value, rbx_value, rcx_value, rdx_value;
+BOOLEAN is_function_finished = FALSE;
+EFI_STATUS status = 0;
+AP_FUNCTION_CPUID_ARGS cpuid_args = {0};
+
+if (!PyArg_ParseTuple(args, "III", , , ))
+return NULL;
+Py_BEGIN_ALLOW_THREADS
+
+cpuid_args.eax = eax;
+cpuid_args.ecx = ecx;
+
+if (cpu == gCurrentBSPProcessorNumber)
+{
+// cpu provided as input is same as the current BSP processor
+// then directly call the CPUIDToRunOnAP function to execute
+// cpuid instruction on current BSP processor itself.
+CPUIDToRunOnAP(_args);
+}
+else if (cpu < gNumberOfProcessors)
+{
+// if cpu provided as input is different from the current
+// BSP processor and is less than the number of processors
+// on this system, then make use of the MPService protocols
+// StartupThisAP function to run the CPUIDToRunOnAP function on
+// specific AP indicated by cpu parameter.
+// Start the AP with the arguments structure
+
+status = gpMpService->StartupThisAP(
+gpMpService,
+CPUIDToRunOnAP, // Function to run
+cpu,// AP number
+NULL,   // WaitEvent (optional)
+AP_FUNCTION_EXECUTION_TIMEOUT,  // Timeout in microseconds
+_args,// Buffer to pass to the function
+_function_finished   // Finished (optional)
+);
+if (EFI_ERROR(status))
+{
+PyErr_SetString(PyExc_OSError, "Could not start the requested 
cpu");
+Py_INCREF(Py_None);
+return Py_None;
+}
+
+if (!is_function_finished)
+{
+PyErr_SetString(PyExc_OSError,
+"Timeout while running the cpuid instruction on 
given cpu");
+Py_INCREF(Py_None);
+return Py_None;
+}
+}
+else
+{
+// if cpu provided exeeds the number of processors
+// then set the ValueError exception and return Py_None
+PyErr_SetString(PyExc_ValueError,
+"Invalid cpu number provided");
+Py_INCREF(Py_None);
+return Py_None;
+}
+
+Py_END_ALLOW_THREADS
+return Py_BuildValue("())", (unsigned long)cpuid_args.rax_value,
+(unsigned long)cpuid_args.rbx_value,
+(unsigned 

[edk2-devel] [edk2-libc Patch 0/1] Add cpuid_ex API to execute CPUID instructions on specific CPU

[Vishal R]

This commit adds cpuid_ex function to edk2module to provide capability
to execute cpuid instruction on specific cpu.
This feature was requested via BZ 4749

Vishal R (1):
  edk2-libc: Add cpuid_ex API to execute CPUID instructions on specific
CPU

 .../PyMod-3.6.8/Modules/edk2module.c  | 93 +++
 1 file changed, 93 insertions(+)

-- 
2.44.0.windows.1


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118984): https://edk2.groups.io/g/devel/message/118984
Mute This Topic: https://groups.io/mt/106149327/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

回复: [edk2-devel] [PATCH v1 1/1] Add the EFI_RESOURCE_ATTRIBUTE_SPECIAL_PURPOSE attribute.

[gaoliming via groups.io]

Patrick:
  Commit message needs package name MdePkg. 

  One comment for the change is below. 

Thanks
Liming
> -邮件原件-
> 发件人: devel@edk2.groups.io  代表 Michael Kubacki
> 发送时间: 2024年5月17日 4:20
> 收件人: devel@edk2.groups.io
> 抄送: Liming Gao ; Michael D Kinney
> 
> 主题: [edk2-devel] [PATCH v1 1/1] Add the
> EFI_RESOURCE_ATTRIBUTE_SPECIAL_PURPOSE attribute.
> 
> From: Patrick Payne 
> 
> Add the EFI_RESOURCE_ATTRIBUTE_SPECIAL_PURPOSE resource attribute as
> per the PI 1.8 spec. This flag is used to indicate that the memory
> should be treated as special purpose memory (SPM).
> 
> Also adds GCD code that marks the SPM with the EFI_MEMORY_SP bit and
> sets the GCD memory type to EfiGcdMemoryTypeSystemMemory.
> 
> Cc: Liming Gao 
> Cc: Michael D Kinney 
> Signed-off-by: Patrick Payne 
> ---
>  MdeModulePkg/Core/Dxe/Gcd/Gcd.c | 12 +++-
>  1 file changed, 11 insertions(+), 1 deletion(-)
> 
> diff --git a/MdeModulePkg/Core/Dxe/Gcd/Gcd.c
> b/MdeModulePkg/Core/Dxe/Gcd/Gcd.c
> index fe1bbd6974b7..c941fe941276 100644
> --- a/MdeModulePkg/Core/Dxe/Gcd/Gcd.c
> +++ b/MdeModulePkg/Core/Dxe/Gcd/Gcd.c
> @@ -26,7 +26,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
> 
> EFI_RESOURCE_ATTRIBUTE_16_BIT_IO   | \
> 
> EFI_RESOURCE_ATTRIBUTE_32_BIT_IO   | \
> 
> EFI_RESOURCE_ATTRIBUTE_64_BIT_IO   | \
> -
> EFI_RESOURCE_ATTRIBUTE_PERSISTENT  )
> +
> EFI_RESOURCE_ATTRIBUTE_PERSISTENT  | \
> +
> EFI_RESOURCE_ATTRIBUTE_SPECIAL_PURPOSE )
> 
>  #define TESTED_MEMORY_ATTRIBUTES
> (EFI_RESOURCE_ATTRIBUTE_PRESENT | \
> 
> EFI_RESOURCE_ATTRIBUTE_INITIALIZED | \
> @@ -92,6 +93,7 @@ GCD_ATTRIBUTE_CONVERSION_ENTRY
> mAttributeConversionTable[] = {
>{ EFI_RESOURCE_ATTRIBUTE_TESTED,
> EFI_MEMORY_TESTED,FALSE },
>{ EFI_RESOURCE_ATTRIBUTE_PERSISTABLE, EFI_MEMORY_NV,
> TRUE  },
>{ EFI_RESOURCE_ATTRIBUTE_MORE_RELIABLE,
> EFI_MEMORY_MORE_RELIABLE, TRUE  },
> +  { EFI_RESOURCE_ATTRIBUTE_SPECIAL_PURPOSE, EFI_MEMORY_SP,
> TRUE  },
>{ 0,  0,
> FALSE }
>  };
> 
> @@ -691,6 +693,10 @@ ConverToCpuArchAttributes (
>  CpuArchAttributes |= EFI_MEMORY_WP;
>}
> 
> +  if ((Attributes & EFI_MEMORY_SP) == EFI_MEMORY_SP) {
> +CpuArchAttributes |= EFI_MEMORY_SP;
> +  }
> +
>return CpuArchAttributes;
>  }
> 
> @@ -2660,6 +2666,10 @@ CoreInitializeGcdServices (
>  GcdMemoryType = EfiGcdMemoryTypePersistent;
>}
> 
> +  if ((ResourceHob->ResourceAttribute &
> EFI_RESOURCE_ATTRIBUTE_SPECIAL_PURPOSE) ==
> EFI_RESOURCE_ATTRIBUTE_SPECIAL_PURPOSE) {
> +GcdMemoryType = EfiGcdMemoryTypeSystemMemory;
> +  }
> +
[Liming] The type memory is earmarked for specific purposes such as for
specific device drivers or applications. So, its Gcd memory type may be
EfiGcdMemoryTypeReserved. 
Then, this memory range can't be allocated as the normal system memory. 

Thanks
Liming
>break;
>  case EFI_RESOURCE_MEMORY_MAPPED_IO:
>  case EFI_RESOURCE_FIRMWARE_DEVICE:
> --
> 2.45.1.windows.1
> 
> 
> 
> -=-=-=-=-=-=
> Groups.io Links: You receive all messages sent to this group.
> View/Reply Online (#118972): https://edk2.groups.io/g/devel/message/118972
> Mute This Topic: https://groups.io/mt/106142180/4905953
> Group Owner: devel+ow...@edk2.groups.io
> Unsubscribe: https://edk2.groups.io/g/devel/unsub
> [gaolim...@byosoft.com.cn]
> -=-=-=-=-=-=
> 





-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118983): https://edk2.groups.io/g/devel/message/118983
Mute This Topic: https://groups.io/mt/106149241/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-