[edk2] [PATCH v2] NetworkPkg: Fix IpSec run into infinite loop issue
v2: * Update the copyright year and conditional judgment for removing. When use -e to edit SPD database, the corresponding SA entry will be updated to the sas list of the new SPD entry. But before that, all of them should be removed from the original sas list. If not, the list will be broken into infinite loop. Cc: Ye Ting ting...@intel.com Cc: Fu Siyuan siyuan...@intel.com Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu jiaxin...@intel.com --- NetworkPkg/IpSecDxe/IpSecConfigImpl.c | 5 - 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/NetworkPkg/IpSecDxe/IpSecConfigImpl.c b/NetworkPkg/IpSecDxe/IpSecConfigImpl.c index 6eabfe4..bd49245 100644 --- a/NetworkPkg/IpSecDxe/IpSecConfigImpl.c +++ b/NetworkPkg/IpSecDxe/IpSecConfigImpl.c @@ -1,9 +1,9 @@ /** @file The implementation of IPSEC_CONFIG_PROTOCOL. - Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.BR + Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.BR This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php. @@ -1197,10 +1197,13 @@ SetSpdEntry ( if (CompareSaId ( (EFI_IPSEC_CONFIG_SELECTOR *) SpdData-SaId[Index], (EFI_IPSEC_CONFIG_SELECTOR *) SadEntry-Id )) { +if (SadEntry-Data-SpdEntry != NULL) { + RemoveEntryList (SadEntry-BySpd); +} InsertTailList (SpdEntry-Data-Sas, SadEntry-BySpd); SadEntry-Data-SpdEntry = SpdEntry; DuplicateSpdSelector ( (EFI_IPSEC_CONFIG_SELECTOR *)SadEntry-Data-SpdSelector, (EFI_IPSEC_CONFIG_SELECTOR *)SpdEntry-Selector, -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [PATCH v3 2/2] MdePkg UefiDevicePathLib: Fix possible memory read/write cross boundary
Good discovery. Reviewed-by: Feng Tian feng.t...@intel.com -Original Message- From: Wu, Hao A Sent: Friday, August 28, 2015 1:16 PM To: edk2-devel@lists.01.org; Tian, Feng; Gao, Liming Cc: Wu, Hao A Subject: RE: [edk2] [PATCH v3 2/2] MdePkg UefiDevicePathLib: Fix possible memory read/write cross boundary I've discovered that: AsciiStrnCpyS ( (CHAR8 *)SSId, sizeof (SSId) / sizeof (SSId[0]), (CHAR8 *)WiFi-SSId, sizeof (SSId) / sizeof (SSId[0]) - 1 ); in DevicePathToText.c will cause a 1-byte memory read cross boundary in function AsciiStrnLenS(), when WiFi-SSId do not contain a NULL terminator. Therefore, I replace the above code as below: SSId[32] = '\0'; CopyMem (SSId, WiFi-SSId, 32); Best Regards, Hao Wu -Original Message- From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Hao Wu Sent: Friday, August 28, 2015 11:49 AM To: edk2-devel@lists.01.org; Tian, Feng; Gao, Liming Cc: Wu, Hao A Subject: [edk2] [PATCH v3 2/2] MdePkg UefiDevicePathLib: Fix possible memory read/write cross boundary The SSID field of a Wi-Fi device path node may not contain a NULL termination. Additonal handle is added to make sure no cross-boundary memory read/write will occur. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Hao Wu hao.a...@intel.com --- MdePkg/Library/UefiDevicePathLib/DevicePathFromText.c | 15 --- MdePkg/Library/UefiDevicePathLib/DevicePathToText.c | 11 ++- 2 files changed, 22 insertions(+), 4 deletions(-) diff --git a/MdePkg/Library/UefiDevicePathLib/DevicePathFromText.c b/MdePkg/Library/UefiDevicePathLib/DevicePathFromText.c index 10ba6a4..abb2642 100644 --- a/MdePkg/Library/UefiDevicePathLib/DevicePathFromText.c +++ b/MdePkg/Library/UefiDevicePathLib/DevicePathFromText.c @@ -2826,7 +2826,8 @@ DevPathFromTextWiFi ( ) { CHAR16*SSIdStr; - CHAR8 *AsciiStr; + CHAR8 AsciiStr[33]; + UINTN DataLen; WIFI_DEVICE_PATH *WiFiDp; SSIdStr = GetNextParamStr (TextDeviceNode); @@ -2836,8 +2837,16 @@ DevPathFromTextWiFi ( (UINT16) sizeof (WIFI_DEVICE_PATH) ); - AsciiStr = (CHAR8 *) WiFiDp-SSId; - StrToAscii (SSIdStr, AsciiStr); + if (NULL != SSIdStr) { +DataLen = StrLen (SSIdStr); +if (StrLen (SSIdStr) 32) { + SSIdStr[32] = L'\0'; + DataLen = 32; +} + +UnicodeStrToAsciiStr (SSIdStr, AsciiStr); +CopyMem (WiFiDp-SSId, AsciiStr, DataLen); } return (EFI_DEVICE_PATH_PROTOCOL *) WiFiDp; } diff --git a/MdePkg/Library/UefiDevicePathLib/DevicePathToText.c b/MdePkg/Library/UefiDevicePathLib/DevicePathToText.c index 20d8812..abf4dfb 100644 --- a/MdePkg/Library/UefiDevicePathLib/DevicePathToText.c +++ b/MdePkg/Library/UefiDevicePathLib/DevicePathToText.c @@ -1616,9 +1616,18 @@ DevPathToTextWiFi ( ) { WIFI_DEVICE_PATH *WiFi; + UINT8 SSId[33]; WiFi = DevPath; - UefiDevicePathLibCatPrint (Str, LWi-Fi(%a), WiFi-SSId); + + AsciiStrnCpyS ( +(CHAR8 *)SSId, +sizeof (SSId) / sizeof (SSId[0]), +(CHAR8 *)WiFi-SSId, +sizeof (SSId) / sizeof (SSId[0]) - 1 +); + + UefiDevicePathLibCatPrint (Str, LWi-Fi(%a), SSId); } /** -- 1.9.5.msysgit.0 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [PATCH 11/15] OvmfPkg: Link separated VarCheckUefiLib NULL class library instance
On 08/28/15 04:37, Zeng, Star wrote: On 2015/8/26 18:57, Laszlo Ersek wrote: On 08/26/15 12:27, Laszlo Ersek wrote: Star, On 08/17/15 10:24, Star Zeng wrote: Cc: Jordan Justen jordan.l.jus...@intel.com Cc: Laszlo Ersek ler...@redhat.com Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng star.z...@intel.com --- OvmfPkg/OvmfPkgIa32.dsc| 5 - OvmfPkg/OvmfPkgIa32X64.dsc | 5 - OvmfPkg/OvmfPkgX64.dsc | 5 - 3 files changed, 12 insertions(+), 3 deletions(-) diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index df00011..e55f0db 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -461,7 +461,10 @@ [Components] PlatformFvbLib|OvmfPkg/Library/EmuVariableFvbLib/EmuVariableFvbLib.inf } MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf - MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf + MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf { +LibraryClasses + NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf + } MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf should we use the same library instance with MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf as well? That driver is not part of the OVMF build just yet, but I'm rebasing my SMM series on current master, and I'm thinking that the same library should *probably* be hooked into the non-privileged part of the SMM-flavored variable driver, ie. VariableSmmRuntimeDxe. Can you please confirm? actually I think it should be hooked into the privileged half: MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf The theoretical part of the reason is that variable checking should occur in the protected part of the driver. The practical part of the reason is that the constructor of the VarCheckUefiLib plugin, VarCheckUefiLibNullClassConstructor(), calls VarCheckLibRegisterSetVariableCheckHandler(), which is defined in MdeModulePkg/Library/VarCheckLib/VarCheckLib.c, ie. an implementation of the VarCheckLib class. Ie. the plugin requires the receiving module to link against VarCheckLib in the first place. And, VariableSmmRuntimeDxe does not use that library class, only VariableSmm.inf does. Yes, you are right. VariableSmmRuntimeDxe is a wrapper based on VariableSmm, it does not do real variable check/get/set work. Vlv2TbltDevicePkg/PlatformPkgX64.dsc has the example. Thanks! Laszlo ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [PATCH v2] NetworkPkg: Fix IpSec run into infinite loop issue
Reviewed-by: Ye Ting ting...@intel.com -Original Message- From: Wu, Jiaxin Sent: Friday, August 28, 2015 2:42 PM To: Fu, Siyuan; edk2-devel@lists.01.org Cc: Ye, Ting Subject: RE: [PATCH v2] NetworkPkg: Fix IpSec run into infinite loop issue Thanks Siyuan, I will revise the description before check in. -Original Message- From: Fu, Siyuan Sent: Friday, August 28, 2015 2:37 PM To: Wu, Jiaxin; edk2-devel@lists.01.org Cc: Ye, Ting Subject: RE: [PATCH v2] NetworkPkg: Fix IpSec run into infinite loop issue Jiaxin The patch is good to me, but I suggest you do not use -e in the patch comments since it's just a flag of the IpsecConfig tool, not for the IpSec driver. You'd better describe what happened in IpSec when user use -e more clearly. Reviewed-by: Fu Siyuan siyuan...@intel.com -Original Message- From: Wu, Jiaxin Sent: Friday, August 28, 2015 2:07 PM To: edk2-devel@lists.01.org Cc: Ye, Ting ting...@intel.com; Fu, Siyuan siyuan...@intel.com Subject: [PATCH v2] NetworkPkg: Fix IpSec run into infinite loop issue v2: * Update the copyright year and conditional judgment for removing. When use -e to edit SPD database, the corresponding SA entry will be updated to the sas list of the new SPD entry. But before that, all of them should be removed from the original sas list. If not, the list will be broken into infinite loop. Cc: Ye Ting ting...@intel.com Cc: Fu Siyuan siyuan...@intel.com Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu jiaxin...@intel.com --- NetworkPkg/IpSecDxe/IpSecConfigImpl.c | 5 - 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/NetworkPkg/IpSecDxe/IpSecConfigImpl.c b/NetworkPkg/IpSecDxe/IpSecConfigImpl.c index 6eabfe4..bd49245 100644 --- a/NetworkPkg/IpSecDxe/IpSecConfigImpl.c +++ b/NetworkPkg/IpSecDxe/IpSecConfigImpl.c @@ -1,9 +1,9 @@ /** @file The implementation of IPSEC_CONFIG_PROTOCOL. - Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.BR + Copyright (c) 2009 - 2015, Intel Corporation. All rights + reserved.BR This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php. @@ -1197,10 +1197,13 @@ SetSpdEntry ( if (CompareSaId ( (EFI_IPSEC_CONFIG_SELECTOR *) SpdData-SaId[Index], (EFI_IPSEC_CONFIG_SELECTOR *) SadEntry-Id )) { +if (SadEntry-Data-SpdEntry != NULL) { + RemoveEntryList (SadEntry-BySpd); +} InsertTailList (SpdEntry-Data-Sas, SadEntry-BySpd); SadEntry-Data-SpdEntry = SpdEntry; DuplicateSpdSelector ( (EFI_IPSEC_CONFIG_SELECTOR *)SadEntry-Data-SpdSelector, (EFI_IPSEC_CONFIG_SELECTOR *)SpdEntry-Selector, -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [PATCH] OvmfPkg: prevent code execution from DXE stack
On 08/08/15 02:02, Zeng, Star wrote: -Original Message- From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Laszlo Ersek Sent: Saturday, August 8, 2015 12:00 AM To: edk2-devel-01 Cc: Paolo Bonzini; Zeng, Star; Justen, Jordan L Subject: [edk2] [PATCH] OvmfPkg: prevent code execution from DXE stack SVN rev 18166 (MdeModulePkg DxeIpl: Add stack NX support) enables platforms to request non-executable stack for the DXE phase, by setting PcdSetNxForStack to TRUE. The PCD defaults to FALSE, because: (a) A non-executable DXE stack is a new feature and causes changes in behavior. Some platform could rely on executing code from the stack. (b) The code enabling NX in the DXE IPL PEIM enforces the PcdSetNxForStack == PcdDxeIplBuildPageTables implication for 64-bit PEI + 64-bit DXE platforms, with a new ASSERT(). Some platform might not comply with this requirement immediately. Regarding (a), in none of the OVMF builds do we try to execute code from the stack. Regarding (b): - In the OvmfPkgX64.dsc build (which is where (b) applies) we simply inherit the PcdDxeIplBuildPageTables|TRUE default from MdeModulePkg/MdeModulePkg.dec. Therefore we can set PcdSetNxForStack to TRUE. - In OvmfPkgIa32X64.dsc, page tables are built by default for DXE. Hence we can set PcdSetNxForStack to TRUE. - In OvmfPkgIa32.dsc, page tables used not to be necessary until now. After we set PcdSetNxForStack to TRUE in this patch, the DXE IPL will construct page tables even when it is built as part of OvmfPkgIa32.dsc, provided the (virtual) hardware supports both PAE mode and the XD bit. Should this setting cause problems in a GPU (or other device) passthru scenario, with a UEFI_DRIVER in the PCI option rom attempting to execute code from the stack, the feature can be dynamically disabled on the QEMU command line, with -cpu MODEL,-nx. Cc: Paolo Bonzini pbonz...@redhat.com Cc: Jordan Justen jordan.l.jus...@intel.com Cc: Zeng, Star star.z...@intel.com Suggested-by: Paolo Bonzini pbonz...@redhat.com Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek ler...@redhat.com Reviewed by: Star Zeng star.z...@intel.com Committed as SVN r18360. Thanks! Laszlo --- Notes: - This patch depends on Star's [edk2] [PATCH] UefiCpuPkg CpuDxe: Sync up the settings of Execute Disable to APs http://thread.gmane.org/gmane.comp.bios.edk2.devel/960 and should be applied only after that patch. OvmfPkg/OvmfPkgIa32.dsc| 1 + OvmfPkg/OvmfPkgIa32X64.dsc | 1 + OvmfPkg/OvmfPkgX64.dsc | 1 + 3 files changed, 3 insertions(+) diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index 48118cc..38954109 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -303,6 +303,7 @@ [PcdsFeatureFlag] !endif [PcdsFixedAtBuild] + gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|TRUE gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeMemorySize|1 gEfiMdeModulePkgTokenSpaceGuid.PcdResetOnMemoryTypeInformationC hange|FALSE gEfiMdePkgTokenSpaceGuid.PcdMaximumGuidedExtractHandler|0x10 diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index 6860ad7..6f6517c 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -308,6 +308,7 @@ [PcdsFeatureFlag] !endif [PcdsFixedAtBuild] + gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|TRUE gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeMemorySize|1 gEfiMdeModulePkgTokenSpaceGuid.PcdResetOnMemoryTypeInformationC hange|FALSE gEfiMdePkgTokenSpaceGuid.PcdMaximumGuidedExtractHandler|0x10 diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index f877fda..6b7f955 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -308,6 +308,7 @@ [PcdsFeatureFlag] !endif [PcdsFixedAtBuild] + gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|TRUE gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeMemorySize|1 gEfiMdeModulePkgTokenSpaceGuid.PcdResetOnMemoryTypeInformationC hange|FALSE gEfiMdePkgTokenSpaceGuid.PcdMaximumGuidedExtractHandler|0x10 -- 1.8.3.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [PATCH] OvmfPkg: Build HTTP utilities driver
On 08/28/15 03:58, Gary Ching-Pang Lin wrote: On Thu, Aug 27, 2015 at 12:54:13PM +0200, Laszlo Ersek wrote: Gary, On 08/27/15 05:41, Gary Ching-Pang Lin wrote: The HTTP driver now needs the HTTP utilities driver to parse the headers of HTTP requests. Can you point out the SVN rev / git commit that makes this necessary? I'd like to reference that patch in this commit message. It's r18316 / 5ca29abe5297. That commit removed HttpUtilities.* from HttpDxe and make the driver consume EFI_HTTP_UTILITIES_PROTOCOL instead. Committed as r18359. Thanks. Gary Lin You don't need to resubmit, I can edit the reference into the commit message when I commit the patch. Thanks Laszlo Add the driver into OVMF so that the HTTP driver can work properly. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Gary Ching-Pang Lin g...@suse.com --- OvmfPkg/OvmfPkgIa32.dsc| 1 + OvmfPkg/OvmfPkgIa32.fdf| 1 + OvmfPkg/OvmfPkgIa32X64.dsc | 1 + OvmfPkg/OvmfPkgIa32X64.fdf | 1 + OvmfPkg/OvmfPkgX64.dsc | 1 + OvmfPkg/OvmfPkgX64.fdf | 1 + 6 files changed, 6 insertions(+) diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index 5741eac..d92a327 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -562,6 +562,7 @@ [Components] !endif !if $(HTTP_BOOT_ENABLE) == TRUE NetworkPkg/DnsDxe/DnsDxe.inf + NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf NetworkPkg/HttpDxe/HttpDxe.inf NetworkPkg/HttpBootDxe/HttpBootDxe.inf !endif diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf index 0e4ee49..f3dcfff 100644 --- a/OvmfPkg/OvmfPkgIa32.fdf +++ b/OvmfPkg/OvmfPkgIa32.fdf @@ -326,6 +326,7 @@ [FV.DXEFV] !endif !if $(HTTP_BOOT_ENABLE) == TRUE INF NetworkPkg/DnsDxe/DnsDxe.inf + INF NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf INF NetworkPkg/HttpDxe/HttpDxe.inf INF NetworkPkg/HttpBootDxe/HttpBootDxe.inf !endif diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index 753ab27..1c39cc7 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -569,6 +569,7 @@ [Components.X64] !endif !if $(HTTP_BOOT_ENABLE) == TRUE NetworkPkg/DnsDxe/DnsDxe.inf + NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf NetworkPkg/HttpDxe/HttpDxe.inf NetworkPkg/HttpBootDxe/HttpBootDxe.inf !endif diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf index 74412d4..3a509da 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf @@ -326,6 +326,7 @@ [FV.DXEFV] !endif !if $(HTTP_BOOT_ENABLE) == TRUE INF NetworkPkg/DnsDxe/DnsDxe.inf + INF NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf INF NetworkPkg/HttpDxe/HttpDxe.inf INF NetworkPkg/HttpBootDxe/HttpBootDxe.inf !endif diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index 540333d..778ea28 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -567,6 +567,7 @@ [Components] !endif !if $(HTTP_BOOT_ENABLE) == TRUE NetworkPkg/DnsDxe/DnsDxe.inf + NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf NetworkPkg/HttpDxe/HttpDxe.inf NetworkPkg/HttpBootDxe/HttpBootDxe.inf !endif diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf index e9ba97b..153dd82 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf @@ -326,6 +326,7 @@ [FV.DXEFV] !endif !if $(HTTP_BOOT_ENABLE) == TRUE INF NetworkPkg/DnsDxe/DnsDxe.inf + INF NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf INF NetworkPkg/HttpDxe/HttpDxe.inf INF NetworkPkg/HttpBootDxe/HttpBootDxe.inf !endif ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [Patch] ShellPkg: Get media status in ifconfig command
Attach patch and UNI file. -Original Message- From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Jiaxin Wu Sent: Friday, August 28, 2015 4:55 PM To: edk2-devel@lists.01.org Cc: Ye, Ting; Carsey, Jaben; Fu, Siyuan Subject: [edk2] [Patch] ShellPkg: Get media status in ifconfig command This patch is used to get media status in ifconfig command. Cc: Ye Ting ting...@intel.com Cc: Fu Siyuan siyuan...@intel.com Cc: Jaben Carsey jaben.car...@intel.com Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu jiaxin...@intel.com --- .../UefiShellNetwork1CommandsLib/Ifconfig.c| 85 +++-- .../UefiShellNetwork1CommandsLib.uni | Bin 20910 - 21094 bytes 2 files changed, 80 insertions(+), 5 deletions(-) diff --git a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c index 273f1a8..4637f28 100644 --- a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c +++ b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c @@ -378,10 +378,68 @@ IfConfigPrintMacAddr ( } ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IFCONFIG_INFO_NEWLINE), gShellNetwork1HiiHandle); } +/** + Get network physical device NIC information. + + @param[in] Handle The network physical device handle. + @param[out] MediaPresent Upon successful return, TRUE is media present +is enabled. FALSE otherwise. + + @retval EFI_SUCCESS The operation was successful. + @retval othersGet media status failed. +**/ +EFI_STATUS +EFIAPI +IfConfigGetNicMediaStatus ( + IN EFI_HANDLEServiceHandle, + OUT BOOLEAN *MediaPresent + ) + +{ + EFI_STATUS Status; + EFI_HANDLE SnpHandle; + EFI_SIMPLE_NETWORK_PROTOCOL *Snp; + UINT32 InterruptStatus; + + ASSERT (MediaPresent != NULL); + + // + // Get SNP handle + // + Snp = NULL; + SnpHandle = NetLibGetSnpHandle (ServiceHandle, Snp); if (SnpHandle + == NULL) { +return EFI_INVALID_PARAMETER; + } + + // + // Check whether SNP support media detection // if + (!Snp-Mode-MediaPresentSupported) { +return EFI_UNSUPPORTED; + } + + // + // Invoke Snp-GetStatus() to refresh MediaPresent field in SNP mode + data // Status = Snp-GetStatus (Snp, InterruptStatus, NULL); if + (EFI_ERROR (Status)) { +return Status; + } + + if (Snp-Mode-MediaPresent) { +*MediaPresent = TRUE; + } else { +*MediaPresent = FALSE; + } + + return EFI_SUCCESS; +} + /** The get current status of all handles. @param[in] IfName The pointer of IfName(interface name). @@ -594,15 +652,18 @@ ON_ERROR: EFI_STATUS IfConfigShowInterfaceInfo ( IN LIST_ENTRY*IfList ) { - LIST_ENTRY*Entry; - LIST_ENTRY*Next; - IFCONFIG_INTERFACE_CB *IfCb; - EFI_IPv4_ADDRESS Gateway; - UINT32Index; + LIST_ENTRY *Entry; + LIST_ENTRY *Next; + IFCONFIG_INTERFACE_CB*IfCb; + BOOLEAN MediaPresent; + EFI_IPv4_ADDRESS Gateway; + UINT32Index; + + MediaPresent = TRUE; if (IsListEmpty (IfList)) { ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IFCONFIG_INVALID_INTERFACE), gShellNetwork1HiiHandle); } @@ -618,10 +679,24 @@ IfConfigShowInterfaceInfo ( // Print interface name. // ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IFCONFIG_INFO_IF_NAME), gShellNetwork1HiiHandle, IfCb-IfInfo-Name); // +// Get media state. +// +IfConfigGetNicMediaStatus (IfCb-NicHandle, MediaPresent); + +// +// Print media state. +// +if (!MediaPresent) { + ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IFCONFIG_INFO_MEDIA_STATE), gShellNetwork1HiiHandle, LMedia disconnected); +} else { + ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IFCONFIG_INFO_MEDIA_STATE), gShellNetwork1HiiHandle, LMedia present); +} + +// // Print interface config policy. // if (IfCb-Policy == Ip4Config2PolicyDhcp) { ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IFCONFIG_INFO_POLICY_DHCP), gShellNetwork1HiiHandle); } else { diff --git a/ShellPkg/Library/UefiShellNetwork1CommandsLib/UefiShellNetwork1CommandsLib.uni b/ShellPkg/Library/UefiShellNetwork1CommandsLib/UefiShellNetwork1CommandsLib.uni index 7cc7b7d672246a62ef97a8b002a780003d3da330..43259591820582cc38937ad680739fcff21b96c5 100644 GIT binary patch delta 66 zcmZ3tnDN;X#toCSgnb!Y8C)1V85|kn8G;!?fON@hnk|30}QmpJs5l$QW;VhG8qyX S6o9fNK)Qqb+fZpwmJY$n-Ez5 delta 14 WcmaF1gmK+s#toCSHhXEyr~?2pOQ_= -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [Patch] ShellPkg: Get media status in ifconfig command
Hi, Jiaxin The Snp-Getstatus may not support media present report, please use NetLib interface NetLibDetectMedia() instead. -Original Message- From: Wu, Jiaxin Sent: Friday, August 28, 2015 4:55 PM To: edk2-devel@lists.01.org Cc: Ye, Ting ting...@intel.com; Fu, Siyuan siyuan...@intel.com; Carsey, Jaben jaben.car...@intel.com Subject: [Patch] ShellPkg: Get media status in ifconfig command This patch is used to get media status in ifconfig command. Cc: Ye Ting ting...@intel.com Cc: Fu Siyuan siyuan...@intel.com Cc: Jaben Carsey jaben.car...@intel.com Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu jiaxin...@intel.com --- .../UefiShellNetwork1CommandsLib/Ifconfig.c| 85 +++-- .../UefiShellNetwork1CommandsLib.uni | Bin 20910 - 21094 bytes 2 files changed, 80 insertions(+), 5 deletions(-) diff --git a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c index 273f1a8..4637f28 100644 --- a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c +++ b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c @@ -378,10 +378,68 @@ IfConfigPrintMacAddr ( } ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IFCONFIG_INFO_NEWLINE), gShellNetwork1HiiHandle); } +/** + Get network physical device NIC information. + + @param[in] Handle The network physical device handle. + @param[out] MediaPresent Upon successful return, TRUE is media present +is enabled. FALSE otherwise. + + @retval EFI_SUCCESS The operation was successful. + @retval othersGet media status failed. +**/ +EFI_STATUS +EFIAPI +IfConfigGetNicMediaStatus ( + IN EFI_HANDLEServiceHandle, + OUT BOOLEAN *MediaPresent + ) + +{ + EFI_STATUS Status; + EFI_HANDLE SnpHandle; + EFI_SIMPLE_NETWORK_PROTOCOL *Snp; + UINT32 InterruptStatus; + + ASSERT (MediaPresent != NULL); + + // + // Get SNP handle + // + Snp = NULL; + SnpHandle = NetLibGetSnpHandle (ServiceHandle, Snp); if (SnpHandle + == NULL) { +return EFI_INVALID_PARAMETER; + } + + // + // Check whether SNP support media detection // if + (!Snp-Mode-MediaPresentSupported) { +return EFI_UNSUPPORTED; + } + + // + // Invoke Snp-GetStatus() to refresh MediaPresent field in SNP mode + data // Status = Snp-GetStatus (Snp, InterruptStatus, NULL); if + (EFI_ERROR (Status)) { +return Status; + } + + if (Snp-Mode-MediaPresent) { +*MediaPresent = TRUE; + } else { +*MediaPresent = FALSE; + } + + return EFI_SUCCESS; +} + /** The get current status of all handles. @param[in] IfName The pointer of IfName(interface name). @@ -594,15 +652,18 @@ ON_ERROR: EFI_STATUS IfConfigShowInterfaceInfo ( IN LIST_ENTRY*IfList ) { - LIST_ENTRY*Entry; - LIST_ENTRY*Next; - IFCONFIG_INTERFACE_CB *IfCb; - EFI_IPv4_ADDRESS Gateway; - UINT32Index; + LIST_ENTRY *Entry; + LIST_ENTRY *Next; + IFCONFIG_INTERFACE_CB*IfCb; + BOOLEAN MediaPresent; + EFI_IPv4_ADDRESS Gateway; + UINT32Index; + + MediaPresent = TRUE; if (IsListEmpty (IfList)) { ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IFCONFIG_INVALID_INTERFACE), gShellNetwork1HiiHandle); } @@ -618,10 +679,24 @@ IfConfigShowInterfaceInfo ( // Print interface name. // ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IFCONFIG_INFO_IF_NAME), gShellNetwork1HiiHandle, IfCb-IfInfo-Name); // +// Get media state. +// +IfConfigGetNicMediaStatus (IfCb-NicHandle, MediaPresent); + +// +// Print media state. +// +if (!MediaPresent) { + ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IFCONFIG_INFO_MEDIA_STATE), gShellNetwork1HiiHandle, LMedia disconnected); +} else { + ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IFCONFIG_INFO_MEDIA_STATE), gShellNetwork1HiiHandle, LMedia present); +} + +// // Print interface config policy. // if (IfCb-Policy == Ip4Config2PolicyDhcp) { ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IFCONFIG_INFO_POLICY_DHCP), gShellNetwork1HiiHandle); } else { diff --git a/ShellPkg/Library/UefiShellNetwork1CommandsLib/UefiShellNetwork1CommandsLib.uni b/ShellPkg/Library/UefiShellNetwork1CommandsLib/UefiShellNetwork1CommandsLib.uni index 7cc7b7d672246a62ef97a8b002a780003d3da330..43259591820582cc38937ad680739fcff21b96c5 100644 GIT binary patch delta 66 zcmZ3tnDN;X#toCSgnb!Y8C)1V85|kn8G;!?fON@hnk|30}QmpJs5l$QW;VhG8qyX S6o9fNK)Qqb+fZpwmJY$n-Ez5 delta 14 WcmaF1gmK+s#toCSHhXEyr~?2pOQ_= -- 1.9.5.msysgit.1 ___ edk2-devel
[edk2] [PATCH] OvmfPkg: AcpiTables: serialize control methods that create named objects
Bruce Cran reported the following issue: With iasl version 20150410-64 building OvmfX64 (using OvmfPkg/build.sh -a X64 -t GCC49 -b RELEASE) results in a couple of warnings about methods that should be serialized: .../OvmfPkg/AcpiTables/AcpiTables/OUTPUT/./Dsdt. 95: Method (_CRS, 0) { Remark 2120 - Control Method should be made Serialized ^ (due to creation of named objects within) .../OvmfPkg/AcpiTables/AcpiTables/OUTPUT/./Dsdt. 235: Method (PCRS, 1, NotSerialized) { Remark 2120 - Control Method should be made Serialized ^ (due to creation of named objects within) The ACPI 6.0 spec justifies the above warnings in 19.6.82 Method (Declare Control Method): [...] The serialize rule can be used to prevent reentering of a method. This is especially useful if the method creates namespace objects. Without the serialize rule, the reentering of a method will fail when it attempts to create the same namespace object. [...] Cc: Bruce Cran br...@cran.org.uk Reported-by: Bruce Cran br...@cran.org.uk Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek ler...@redhat.com --- OvmfPkg/AcpiTables/Dsdt.asl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/OvmfPkg/AcpiTables/Dsdt.asl b/OvmfPkg/AcpiTables/Dsdt.asl index 519a312..2c3a314 100644 --- a/OvmfPkg/AcpiTables/Dsdt.asl +++ b/OvmfPkg/AcpiTables/Dsdt.asl @@ -130,7 +130,7 @@ DefinitionBlock (Dsdt.aml, DSDT, 1, INTEL , OVMF , 4) { ) }) - Method (_CRS, 0) { + Method (_CRS, 0, Serialized) { // // see the FIRMWARE_DATA structure in OvmfPkg/AcpiPlatformDxe/Qemu.c // @@ -360,7 +360,7 @@ DefinitionBlock (Dsdt.aml, DSDT, 1, INTEL , OVMF , 4) { // _CRS method for LNKA, LNKB, LNKC, LNKD // Arg0[in]: value of PIRA / PIRB / PIRC / PIRD // -Method (PCRS, 1, NotSerialized) { +Method (PCRS, 1, Serialized) { // // create temporary buffer with an Extended Interrupt Descriptor // whose single vector defaults to zero -- 1.8.3.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [Patch] ShellPkg: Get media status in ifconfig command
This patch is used to get media status in ifconfig command. Cc: Ye Ting ting...@intel.com Cc: Fu Siyuan siyuan...@intel.com Cc: Jaben Carsey jaben.car...@intel.com Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu jiaxin...@intel.com --- .../UefiShellNetwork1CommandsLib/Ifconfig.c| 85 +++-- .../UefiShellNetwork1CommandsLib.uni | Bin 20910 - 21094 bytes 2 files changed, 80 insertions(+), 5 deletions(-) diff --git a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c index 273f1a8..4637f28 100644 --- a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c +++ b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c @@ -378,10 +378,68 @@ IfConfigPrintMacAddr ( } ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IFCONFIG_INFO_NEWLINE), gShellNetwork1HiiHandle); } +/** + Get network physical device NIC information. + + @param[in] Handle The network physical device handle. + @param[out] MediaPresent Upon successful return, TRUE is media present +is enabled. FALSE otherwise. + + @retval EFI_SUCCESS The operation was successful. + @retval othersGet media status failed. +**/ +EFI_STATUS +EFIAPI +IfConfigGetNicMediaStatus ( + IN EFI_HANDLEServiceHandle, + OUT BOOLEAN *MediaPresent + ) + +{ + EFI_STATUS Status; + EFI_HANDLE SnpHandle; + EFI_SIMPLE_NETWORK_PROTOCOL *Snp; + UINT32 InterruptStatus; + + ASSERT (MediaPresent != NULL); + + // + // Get SNP handle + // + Snp = NULL; + SnpHandle = NetLibGetSnpHandle (ServiceHandle, Snp); + if (SnpHandle == NULL) { +return EFI_INVALID_PARAMETER; + } + + // + // Check whether SNP support media detection + // + if (!Snp-Mode-MediaPresentSupported) { +return EFI_UNSUPPORTED; + } + + // + // Invoke Snp-GetStatus() to refresh MediaPresent field in SNP mode data + // + Status = Snp-GetStatus (Snp, InterruptStatus, NULL); + if (EFI_ERROR (Status)) { +return Status; + } + + if (Snp-Mode-MediaPresent) { +*MediaPresent = TRUE; + } else { +*MediaPresent = FALSE; + } + + return EFI_SUCCESS; +} + /** The get current status of all handles. @param[in] IfName The pointer of IfName(interface name). @@ -594,15 +652,18 @@ ON_ERROR: EFI_STATUS IfConfigShowInterfaceInfo ( IN LIST_ENTRY*IfList ) { - LIST_ENTRY*Entry; - LIST_ENTRY*Next; - IFCONFIG_INTERFACE_CB *IfCb; - EFI_IPv4_ADDRESS Gateway; - UINT32Index; + LIST_ENTRY *Entry; + LIST_ENTRY *Next; + IFCONFIG_INTERFACE_CB*IfCb; + BOOLEAN MediaPresent; + EFI_IPv4_ADDRESS Gateway; + UINT32Index; + + MediaPresent = TRUE; if (IsListEmpty (IfList)) { ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IFCONFIG_INVALID_INTERFACE), gShellNetwork1HiiHandle); } @@ -618,10 +679,24 @@ IfConfigShowInterfaceInfo ( // Print interface name. // ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IFCONFIG_INFO_IF_NAME), gShellNetwork1HiiHandle, IfCb-IfInfo-Name); // +// Get media state. +// +IfConfigGetNicMediaStatus (IfCb-NicHandle, MediaPresent); + +// +// Print media state. +// +if (!MediaPresent) { + ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IFCONFIG_INFO_MEDIA_STATE), gShellNetwork1HiiHandle, LMedia disconnected); +} else { + ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IFCONFIG_INFO_MEDIA_STATE), gShellNetwork1HiiHandle, LMedia present); +} + +// // Print interface config policy. // if (IfCb-Policy == Ip4Config2PolicyDhcp) { ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IFCONFIG_INFO_POLICY_DHCP), gShellNetwork1HiiHandle); } else { diff --git a/ShellPkg/Library/UefiShellNetwork1CommandsLib/UefiShellNetwork1CommandsLib.uni b/ShellPkg/Library/UefiShellNetwork1CommandsLib/UefiShellNetwork1CommandsLib.uni index 7cc7b7d672246a62ef97a8b002a780003d3da330..43259591820582cc38937ad680739fcff21b96c5 100644 GIT binary patch delta 66 zcmZ3tnDN;X#toCSgnb!Y8C)1V85|kn8G;!?fON@hnk|30}QmpJs5l$QW;VhG8qyX S6o9fNK)Qqb+fZpwmJY$n-Ez5 delta 14 WcmaF1gmK+s#toCSHhXEyr~?2pOQ_= -- 1.9.5.msysgit.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [PATCH] ArmPkg/CpuDxe: Disable interrupt before restoring context
Hi Ard, Sorry for the late reply. However I think you've got what I meant :) In my opinion, UEFI actually needs timer interrupt nesting, e.g. we have a timer event with low TPL and long execution time, UEFI should support a higher TPL timer event interrupt the execution of this low TPL event, isn't it? Also, I took a look at the code of Linux kernel for ARM64 interrupt handler; it also disables IRQ before restoring context. And, thanks for your comments; I'll send another version of the patch. Heyi Guo On 08/24/2015 07:05 PM, Ard Biesheuvel wrote: On 23 August 2015 at 17:59, Ard Biesheuvel ard.biesheu...@linaro.org wrote: On 23 August 2015 at 15:39, Heyi Guo heyi@linaro.org wrote: On 08/17/2015 05:52 PM, Ard Biesheuvel wrote: On 13 August 2015 at 05:10, Heyi Guoheyi@linaro.org wrote: Interrupt must be disabled before we storing ELR and other system registers, or else ELR will be overridden by interrupt reentrance. This bug is critical as we may get occasional exception or dead loop when interrupt reentrance occurs: After increasing SP ... Before popping out registers Or After restoring ELR The 1st circumstance could also be resolved by optimizing SP operation (Pop out registers before adding SP back), but the 2nd could not be resolved by disabling interrupt. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Heyi Guoheyi@linaro.org Cc: Leif Lindholmleif.lindh...@linaro.org Cc: Ard Biesheuvelard.biesheu...@linaro.org --- ArmPkg/Drivers/CpuDxe/AArch64/ExceptionSupport.S | 8 1 file changed, 8 insertions(+) diff --git a/ArmPkg/Drivers/CpuDxe/AArch64/ExceptionSupport.S b/ArmPkg/Drivers/CpuDxe/AArch64/ExceptionSupport.S index 2682f4f..ca6c9a1 100644 --- a/ArmPkg/Drivers/CpuDxe/AArch64/ExceptionSupport.S +++ b/ArmPkg/Drivers/CpuDxe/AArch64/ExceptionSupport.S @@ -358,6 +358,14 @@ ASM_PFX(AsmCommonExceptionEntry): #define REG_PAIR(REG1, REG2, OFFSET, CONTEXT_SIZE)ldp REG1, REG2, [sp, #(OFFSET-CONTEXT_SIZE)] #define REG_ONE(REG1, OFFSET, CONTEXT_SIZE) ldur REG1, [sp, #(OFFSET-CONTEXT_SIZE)] + // + // Disable interrupt(IRQ and FIQ) before restoring context, + // or else the context will be corrupted by interrupt reentrance. + // Interrupt mask will be restored from spsr by hardware when we call eret + // + msr daifset, #3 + isb + Are you sure this is necessary? According to the ARM ARM On taking any exception to an Exception level using AArch64, all of PSTATE.{A, I, F} are set to 1, masking all interrupts that target that Exception level. Yes. However, in timer interrupt handler, we will raise TPL to HIGH_LEVEL and then restore TPL, while restore TPL will enable interrupt. Is that in the generic ARM timer code? Perhaps we should raise and lower the TPL in the common interrupt entry/exit path, since the architecture implicitly raises the TPL by entering the interrupt handler with interrupts disabled. In general, I don't think it is correct for TPL lowering code to enable interrupts if it did not find the enabled when it raised the TPL. So I think we can't avoid interrupt reentering in UEFI architecture and need protection when restoring interrupt context. Yes, it seems you are right. Even though I am not happy with the idea that we are supporting nested interrupts without exactly understanding the implication and without there being a real need (since we use interrupts for the timer tick only), the core does not really allow us to change that for AARCH64 only. So I think your patch is correct. There are still two issues to resolve, though: 1. Could you update the comment in the code to mention that interrupts have been re-enabled by the TPL lowering code, and that we need to disable them again only to protect the critical section that restores the interrupted context from the stack? 2. The 32-bit ARM code appears to suffer from the same problem, so we should fix that as well. ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel