Re: [edk2] Dxe Core support for EFI_SECTION_PEI_DEPEX section.

[Gao, Liming]

Mike:
  I agree to update DXE dispatcher to directly handle FV image with PEI_DEPEX. 
If FV image with SMM_DEPEX, SMM dispatcher should handle it. Once SMM_DEPEX is 
satisfied, SMM core can trig event and let DxeCore install FV protocol for it. 

Thanks
Liming
-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Kinney, 
Michael D
Sent: Tuesday, February 2, 2016 9:04 AM
To: Andrew Fish; edk2-devel@lists.01.org; Kinney, Michael D
Subject: Re: [edk2] Dxe Core support for EFI_SECTION_PEI_DEPEX section.

Andrew,

I agree that it looks like we can improve the logic here.

1) PEI Dispatcher: The logic looks correct to me.  It only looks for a section 
of type EFI_SECTION_PEI_DEPEX.

2) DXE Dispatcher: The current logic ignores an FV if there is either a PEI 
depex or an SMM depex present.  I think it would be safe to remove the checks 
for the PEI depex and the SMM depex, so it only pays attention to a DXE depex.  
If no DXE depex is present, then the FV can be evaluated immediately.  BTW, I 
did look at the history.  It appears that this aggressive filter has been in 
place since the first commit to the DXE Core to support FV scoped depex 
expressions.

3) SMM Dispatcher: Does not evaluate depex associated with FV.  Instead, it 
depends on the DXE Dispatcher to notify SMM Dispatcher when the SMM dispatcher 
should look in FVs for SMM drivers to dispatch.  So I do not think any logic 
changes are required in SMM.

Best regards,

Mike

> -Original Message-
> From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Andrew 
> Fish
> Sent: Monday, February 1, 2016 8:34 AM
> To: edk2-devel@lists.01.org 
> Subject: [edk2] Dxe Core support for EFI_SECTION_PEI_DEPEX section.
> 
> I have an FV and I'd like to have PEI and DXE code in it. The code that I 
> need to
> access at PEI Time (DXE Core) is a compressed file in the FV. The code that 
> only needs
> to be accessed at DXE time is in a compressed FV. By default PEI will try to 
> decompress
> the FV Section, so I added a EFI_SECTION_PEI_DEPEX of FALSE to prevent this. 
> To my
> surprise this prevented the FV from being dispatched in DXE.
> 
> I don't see any language in the PI spec that calls out this behavior. I think 
> we should
> remove the checks for EFI_SECTION_PEI_DEPEX, and maybe even 
> EFI_SECTION_SMM_DEPEX. I
> think it is a better design to have the FV prevent the dispatch from the 
> phase(s) it is
> discovered in if that is the intent.
> 
> So for my example I added:
> SECTION PEI_DEPEX_EXP = {FALSE}
> 
> If you had a FV that showed up in DXE, but was for SMM you could:
> SECTION DXE_DEPEX_EXP = {FALSE}
> 
> This is the code I'm talking about:
> MdeModulePkg/Core/Dxe/Dispatcher/Dispatcher.c
> 
> //
> // Check if this EFI_FV_FILETYPE_FIRMWARE_VOLUME_IMAGE file has 
> PEI depex
> section.
> //
> DepexBuffer  = NULL;
> SizeOfBuffer = 0;
> Status = Fv->ReadSection (
>Fv,
>,
>EFI_SECTION_PEI_DEPEX,
>0,
>,
>,
>
>);
> if (!EFI_ERROR (Status)) {
>   //
>   // If PEI depex section is found, this FV image will be ignored 
> in DXE
> phase.
>   // Now, DxeCore doesn't support FV image with more one type 
> DEPEX
> section.
>   //
>   FreePool (DepexBuffer);
>   continue;
> }
> 
> 
> Thanks,
> 
> Andrew Fish
> 
> PS This logic also exists.
> 
> //
> // Check if this EFI_FV_FILETYPE_FIRMWARE_VOLUME_IMAGE file has 
> SMM depex
> section.
> //
> DepexBuffer  = NULL;
> SizeOfBuffer = 0;
> Status = Fv->ReadSection (
>Fv,
>,
>EFI_SECTION_SMM_DEPEX,
>0,
>,
>,
>
>);
> if (!EFI_ERROR (Status)) {
>   //
>   // If SMM depex section is found, this FV image will be ignored 
> in DXE
> phase.
>   // Now, DxeCore doesn't support FV image with more one type 
> DEPEX
> section.
>   //
>   FreePool (DepexBuffer);
>   continue;
> }
> 
> ___
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org

Re: [edk2] Dxe Core support for EFI_SECTION_PEI_DEPEX section.

[Kinney, Michael D]

Andrew,

I agree that it looks like we can improve the logic here.

1) PEI Dispatcher: The logic looks correct to me.  It only looks for a section 
of type EFI_SECTION_PEI_DEPEX.

2) DXE Dispatcher: The current logic ignores an FV if there is either a PEI 
depex or an SMM depex present.  I think it would be safe to remove the checks 
for the PEI depex and the SMM depex, so it only pays attention to a DXE depex.  
If no DXE depex is present, then the FV can be evaluated immediately.  BTW, I 
did look at the history.  It appears that this aggressive filter has been in 
place since the first commit to the DXE Core to support FV scoped depex 
expressions.

3) SMM Dispatcher: Does not evaluate depex associated with FV.  Instead, it 
depends on the DXE Dispatcher to notify SMM Dispatcher when the SMM dispatcher 
should look in FVs for SMM drivers to dispatch.  So I do not think any logic 
changes are required in SMM.

Best regards,

Mike

> -Original Message-
> From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Andrew 
> Fish
> Sent: Monday, February 1, 2016 8:34 AM
> To: edk2-devel@lists.01.org 
> Subject: [edk2] Dxe Core support for EFI_SECTION_PEI_DEPEX section.
> 
> I have an FV and I'd like to have PEI and DXE code in it. The code that I 
> need to
> access at PEI Time (DXE Core) is a compressed file in the FV. The code that 
> only needs
> to be accessed at DXE time is in a compressed FV. By default PEI will try to 
> decompress
> the FV Section, so I added a EFI_SECTION_PEI_DEPEX of FALSE to prevent this. 
> To my
> surprise this prevented the FV from being dispatched in DXE.
> 
> I don't see any language in the PI spec that calls out this behavior. I think 
> we should
> remove the checks for EFI_SECTION_PEI_DEPEX, and maybe even 
> EFI_SECTION_SMM_DEPEX. I
> think it is a better design to have the FV prevent the dispatch from the 
> phase(s) it is
> discovered in if that is the intent.
> 
> So for my example I added:
> SECTION PEI_DEPEX_EXP = {FALSE}
> 
> If you had a FV that showed up in DXE, but was for SMM you could:
> SECTION DXE_DEPEX_EXP = {FALSE}
> 
> This is the code I'm talking about:
> MdeModulePkg/Core/Dxe/Dispatcher/Dispatcher.c
> 
> //
> // Check if this EFI_FV_FILETYPE_FIRMWARE_VOLUME_IMAGE file has 
> PEI depex
> section.
> //
> DepexBuffer  = NULL;
> SizeOfBuffer = 0;
> Status = Fv->ReadSection (
>Fv,
>,
>EFI_SECTION_PEI_DEPEX,
>0,
>,
>,
>
>);
> if (!EFI_ERROR (Status)) {
>   //
>   // If PEI depex section is found, this FV image will be ignored 
> in DXE
> phase.
>   // Now, DxeCore doesn't support FV image with more one type 
> DEPEX
> section.
>   //
>   FreePool (DepexBuffer);
>   continue;
> }
> 
> 
> Thanks,
> 
> Andrew Fish
> 
> PS This logic also exists.
> 
> //
> // Check if this EFI_FV_FILETYPE_FIRMWARE_VOLUME_IMAGE file has 
> SMM depex
> section.
> //
> DepexBuffer  = NULL;
> SizeOfBuffer = 0;
> Status = Fv->ReadSection (
>Fv,
>,
>EFI_SECTION_SMM_DEPEX,
>0,
>,
>,
>
>);
> if (!EFI_ERROR (Status)) {
>   //
>   // If SMM depex section is found, this FV image will be ignored 
> in DXE
> phase.
>   // Now, DxeCore doesn't support FV image with more one type 
> DEPEX
> section.
>   //
>   FreePool (DepexBuffer);
>   continue;
> }
> 
> ___
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [patch 3/6] OvmfPkg:Add FileExplorerLib.inf to the dsc file

[Dandan Bi]

Because SecureBootConfigDxe use FileExplorerLib now,but 
FileExplorerLib is not in the dsc file of the package
which use SecureBootConfigDxe.Now add it to pass build.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi 
---
 OvmfPkg/OvmfPkgIa32.dsc| 3 ++-
 OvmfPkg/OvmfPkgIa32X64.dsc | 3 ++-
 OvmfPkg/OvmfPkgX64.dsc | 3 ++-
 3 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index a6d8d63..2cf6c74 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -1,9 +1,9 @@
 ## @file
 #  EFI/Framework Open Virtual Machine Firmware (OVMF) platform
 #
-#  Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.
+#  Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.
 #
 #  This program and the accompanying materials
 #  are licensed and made available under the terms and conditions of the BSD 
License
 #  which accompanies this distribution. The full text of the license may be 
found at
 #  http://opensource.org/licenses/bsd-license.php
@@ -103,10 +103,11 @@
   UefiUsbLib|MdePkg/Library/UefiUsbLib/UefiUsbLib.inf
   
SerializeVariablesLib|OvmfPkg/Library/SerializeVariablesLib/SerializeVariablesLib.inf
   QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.inf
   VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf
   LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf
+  FileExplorerLib|MdeModulePkg/Library/FileExplorerLib/FileExplorerLib.inf
 !if $(SMM_REQUIRE) == FALSE
   LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
 !endif
   
CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/CustomizedDisplayLib.inf
 
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index 299c862..67b9c9e 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -1,9 +1,9 @@
 ## @file
 #  EFI/Framework Open Virtual Machine Firmware (OVMF) platform
 #
-#  Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.
+#  Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.
 #
 #  This program and the accompanying materials
 #  are licensed and made available under the terms and conditions of the BSD 
License
 #  which accompanies this distribution. The full text of the license may be 
found at
 #  http://opensource.org/licenses/bsd-license.php
@@ -108,10 +108,11 @@
   UefiUsbLib|MdePkg/Library/UefiUsbLib/UefiUsbLib.inf
   
SerializeVariablesLib|OvmfPkg/Library/SerializeVariablesLib/SerializeVariablesLib.inf
   QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.inf
   VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf
   LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf
+  FileExplorerLib|MdeModulePkg/Library/FileExplorerLib/FileExplorerLib.inf
 !if $(SMM_REQUIRE) == FALSE
   LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
 !endif
   
CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/CustomizedDisplayLib.inf
 
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index fa37b1e..6d18871 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -1,9 +1,9 @@
 ## @file
 #  EFI/Framework Open Virtual Machine Firmware (OVMF) platform
 #
-#  Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.
+#  Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.
 #
 #  This program and the accompanying materials
 #  are licensed and made available under the terms and conditions of the BSD 
License
 #  which accompanies this distribution. The full text of the license may be 
found at
 #  http://opensource.org/licenses/bsd-license.php
@@ -108,10 +108,11 @@
   UefiUsbLib|MdePkg/Library/UefiUsbLib/UefiUsbLib.inf
   
SerializeVariablesLib|OvmfPkg/Library/SerializeVariablesLib/SerializeVariablesLib.inf
   QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.inf
   VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf
   LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf
+  FileExplorerLib|MdeModulePkg/Library/FileExplorerLib/FileExplorerLib.inf
 !if $(SMM_REQUIRE) == FALSE
   LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
 !endif
   
CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/CustomizedDisplayLib.inf
 
-- 
1.9.5.msysgit.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [patch 5/6] SecurityPkg:Add FileExplorerLib.inf to the dsc file

[Dandan Bi]

Because SecureBootConfigDxe use FileExplorerLib now,but 
FileExplorerLib is not in the dsc file of the package
which use SecureBootConfigDxe.Now add it to pass build.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi 
---
 SecurityPkg/SecurityPkg.dsc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc
index 0f1fc0f..fa46ffb 100644
--- a/SecurityPkg/SecurityPkg.dsc
+++ b/SecurityPkg/SecurityPkg.dsc
@@ -61,10 +61,11 @@
   
TrEEPhysicalPresenceLib|SecurityPkg/Library/DxeTrEEPhysicalPresenceLib/DxeTrEEPhysicalPresenceLib.inf
   TcgPpVendorLib|SecurityPkg/Library/TcgPpVendorLibNull/TcgPpVendorLibNull.inf
   
Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf
   
TrEEPpVendorLib|SecurityPkg/Library/TrEEPpVendorLibNull/TrEEPpVendorLibNull.inf
   RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf
+  FileExplorerLib|MdeModulePkg/Library/FileExplorerLib/FileExplorerLib.inf
 
 [LibraryClasses.common.PEIM]
   PeimEntryPoint|MdePkg/Library/PeimEntryPoint/PeimEntryPoint.inf
   PeiServicesLib|MdePkg/Library/PeiServicesLib/PeiServicesLib.inf
   
PeiServicesTablePointerLib|MdePkg/Library/PeiServicesTablePointerLib/PeiServicesTablePointerLib.inf
-- 
1.9.5.msysgit.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [patch 2/6] ArmVirPkg:Add FileExplorerLib.inf to the dsc file

[Dandan Bi]

Because SecureBootConfigDxe use FileExplorerLib now,but 
FileExplorerLib is not in the dsc file of the package
which use SecureBootConfigDxe.Now add it to pass build.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi 
---
 ArmVirtPkg/ArmVirtQemu.dsc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
index e6440ec..5e12430 100644
--- a/ArmVirtPkg/ArmVirtQemu.dsc
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
@@ -1,9 +1,9 @@
 #
 #  Copyright (c) 2011-2015, ARM Limited. All rights reserved.
 #  Copyright (c) 2014, Linaro Limited. All rights reserved.
-#  Copyright (c) 2015, Intel Corporation. All rights reserved.
+#  Copyright (c) 2015-2016, Intel Corporation. All rights reserved.
 #
 #  This program and the accompanying materials
 #  are licensed and made available under the terms and conditions of the BSD 
License
 #  which accompanies this distribution.  The full text of the license may be 
found at
 #  http://opensource.org/licenses/bsd-license.php
@@ -60,10 +60,11 @@
   CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf
   GenericBdsLib|IntelFrameworkModulePkg/Library/GenericBdsLib/GenericBdsLib.inf
   PlatformBdsLib|ArmVirtPkg/Library/PlatformIntelBdsLib/PlatformIntelBdsLib.inf
   
CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/CustomizedDisplayLib.inf
   QemuBootOrderLib|OvmfPkg/Library/QemuBootOrderLib/QemuBootOrderLib.inf
+  FileExplorerLib|MdeModulePkg/Library/FileExplorerLib/FileExplorerLib.inf
 
 [LibraryClasses.common.UEFI_DRIVER]
   UefiScsiLib|MdePkg/Library/UefiScsiLib/UefiScsiLib.inf
 
 [LibraryClasses.AARCH64.SEC]
-- 
1.9.5.msysgit.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [patch 4/6] Vlv2TbltDevicePkg:Add FileExplorerLib.inf to the dsc file

[Dandan Bi]

Because SecureBootConfigDxe use FileExplorerLib now,but 
FileExplorerLib is not in the dsc file of the package
which use SecureBootConfigDxe.Now add it to pass build.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi 
---
 Vlv2TbltDevicePkg/PlatformPkgGccX64.dsc | 3 ++-
 Vlv2TbltDevicePkg/PlatformPkgIA32.dsc   | 3 ++-
 Vlv2TbltDevicePkg/PlatformPkgX64.dsc| 3 ++-
 3 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/Vlv2TbltDevicePkg/PlatformPkgGccX64.dsc 
b/Vlv2TbltDevicePkg/PlatformPkgGccX64.dsc
index a2a5b02..7f83798 100644
--- a/Vlv2TbltDevicePkg/PlatformPkgGccX64.dsc
+++ b/Vlv2TbltDevicePkg/PlatformPkgGccX64.dsc
@@ -1,9 +1,9 @@
 #/** @file
 # Platform description.
 #
-# Copyright (c) 2012  - 2015, Intel Corporation. All rights reserved.
+# Copyright (c) 2012  - 2016, Intel Corporation. All rights reserved.
 #  

 # This program and the accompanying materials are licensed and made available 
under
 # the terms and conditions of the BSD License that accompanies this 
distribution.  
 # The full text of the license may be found at 

 # http://opensource.org/licenses/bsd-license.php.  

@@ -147,10 +147,11 @@
   
GenericBdsLib|$(PLATFORM_PACKAGE)/Override/IntelFrameworkModulePkg/Library/GenericBdsLib/GenericBdsLib.inf
   PlatformBdsLib|$(PLATFORM_PACKAGE)/Library/PlatformBdsLib/PlatformBdsLib.inf
   NetLib|MdeModulePkg/Library/DxeNetLib/DxeNetLib.inf
   DpcLib|MdeModulePkg/Library/DxeDpcLib/DxeDpcLib.inf
   FlashDeviceLib|$(PLATFORM_PACKAGE)/Library/FlashDeviceLib/FlashDeviceLib.inf
+  FileExplorerLib|MdeModulePkg/Library/FileExplorerLib/FileExplorerLib.inf
   #
   # Framework
   #
 !if $(S3_ENABLE) == TRUE
   
S3BootScriptLib|MdeModulePkg/Library/PiDxeS3BootScriptLib/DxeS3BootScriptLib.inf
diff --git a/Vlv2TbltDevicePkg/PlatformPkgIA32.dsc 
b/Vlv2TbltDevicePkg/PlatformPkgIA32.dsc
index f42995b..8490432 100644
--- a/Vlv2TbltDevicePkg/PlatformPkgIA32.dsc
+++ b/Vlv2TbltDevicePkg/PlatformPkgIA32.dsc
@@ -1,9 +1,9 @@
 #/** @file
 # Platform description.
 #
-# Copyright (c) 2012  - 2015, Intel Corporation. All rights reserved.
+# Copyright (c) 2012  - 2016, Intel Corporation. All rights reserved.
 #  

 # This program and the accompanying materials are licensed and made available 
under
 # the terms and conditions of the BSD License that accompanies this 
distribution.  
 # The full text of the license may be found at 

 # http://opensource.org/licenses/bsd-license.php.  

@@ -147,10 +147,11 @@
   
GenericBdsLib|$(PLATFORM_PACKAGE)/Override/IntelFrameworkModulePkg/Library/GenericBdsLib/GenericBdsLib.inf
   PlatformBdsLib|$(PLATFORM_PACKAGE)/Library/PlatformBdsLib/PlatformBdsLib.inf
   NetLib|MdeModulePkg/Library/DxeNetLib/DxeNetLib.inf
   DpcLib|MdeModulePkg/Library/DxeDpcLib/DxeDpcLib.inf
   FlashDeviceLib|$(PLATFORM_PACKAGE)/Library/FlashDeviceLib/FlashDeviceLib.inf
+  FileExplorerLib|MdeModulePkg/Library/FileExplorerLib/FileExplorerLib.inf
   #
   # Framework
   #
 !if $(S3_ENABLE) == TRUE
   
S3BootScriptLib|MdeModulePkg/Library/PiDxeS3BootScriptLib/DxeS3BootScriptLib.inf
diff --git a/Vlv2TbltDevicePkg/PlatformPkgX64.dsc 
b/Vlv2TbltDevicePkg/PlatformPkgX64.dsc
index e2bba65..972773b 100644
--- a/Vlv2TbltDevicePkg/PlatformPkgX64.dsc
+++ b/Vlv2TbltDevicePkg/PlatformPkgX64.dsc
@@ -1,9 +1,9 @@
 #/** @file
 # Platform description.
 #
-# Copyright (c) 2012  - 2015, Intel Corporation. All rights reserved.
+# Copyright (c) 2012  - 2016, Intel Corporation. All rights reserved.
 #  

 # This program and the accompanying materials are licensed and made available 
under
 # the terms and conditions of the BSD License that accompanies this 
distribution.  
 # The full text of the license may be found at 

 # http://opensource.org/licenses/bsd-license.php.  

@@ -147,10 +147,11 @@
   
GenericBdsLib|$(PLATFORM_PACKAGE)/Override/IntelFrameworkModulePkg/Library/GenericBdsLib/GenericBdsLib.inf
   PlatformBdsLib|$(PLATFORM_PACKAGE)/Library/PlatformBdsLib/PlatformBdsLib.inf
   NetLib|MdeModulePkg/Library/DxeNetLib/DxeNetLib.inf
   DpcLib|MdeModulePkg/Library/DxeDpcLib/DxeDpcLib.inf
   FlashDeviceLib|$(PLATFORM_PACKAGE)/Library/FlashDeviceLib/FlashDeviceLib.inf
+  FileExplorerLib|MdeModulePkg/Library/FileExplorerLib/FileExplorerLib.inf
   #
   # Framework
   #
 !if $(S3_ENABLE) == TRUE
   
S3BootScriptLib|MdeModulePkg/Library/PiDxeS3BootScriptLib/DxeS3BootScriptLib.inf
-- 
1.9.5.msysgit.1

___
edk2-devel mailing list
edk2-devel@lists.01.org

[edk2] [patch 1/6] ArmPlatformPkg:Add FileExplorerLib.inf to the dsc file

[Dandan Bi]

Because SecureBootConfigDxe use FileExplorerLib now,but 
FileExplorerLib is not in the dsc file of the package
which use SecureBootConfigDxe.Now add it to pass build.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi 
---
 ArmPlatformPkg/ArmVExpressPkg/ArmVExpress-FVP-AArch64.dsc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/ArmPlatformPkg/ArmVExpressPkg/ArmVExpress-FVP-AArch64.dsc 
b/ArmPlatformPkg/ArmVExpressPkg/ArmVExpress-FVP-AArch64.dsc
index af46331..4837ca1 100644
--- a/ArmPlatformPkg/ArmVExpressPkg/ArmVExpress-FVP-AArch64.dsc
+++ b/ArmPlatformPkg/ArmVExpressPkg/ArmVExpress-FVP-AArch64.dsc
@@ -1,8 +1,8 @@
 #
 #  Copyright (c) 2011-2015, ARM Limited. All rights reserved.
-#  Copyright (c) 2015, Intel Corporation. All rights reserved.
+#  Copyright (c) 2015-2016, Intel Corporation. All rights reserved.
 #
 #  This program and the accompanying materials
 #  are licensed and made available under the terms and conditions of the BSD 
License
 #  which accompanies this distribution.  The full text of the license may be 
found at
 #  http://opensource.org/licenses/bsd-license.php
@@ -47,10 +47,11 @@
   TimerLib|ArmPkg/Library/ArmArchTimerLib/ArmArchTimerLib.inf
 
   # Virtio Support
   VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf
   
VirtioMmioDeviceLib|OvmfPkg/Library/VirtioMmioDeviceLib/VirtioMmioDeviceLib.inf
+  FileExplorerLib|MdeModulePkg/Library/FileExplorerLib/FileExplorerLib.inf
 
 [LibraryClasses.common.SEC]
   ArmLib|ArmPkg/Library/ArmLib/AArch64/AArch64LibSec.inf
   
ArmPlatformSecLib|ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressSecLibRTSM/ArmVExpressSecLib.inf
   
ArmPlatformLib|ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibRTSM/ArmVExpressLibSec.inf
-- 
1.9.5.msysgit.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [patch 0/6] Use FileExplorerLib in SecureBootConfigDxe

[Dandan Bi]

Using existing library FileExplorerLib to replace the same
logic in SecureBootConfigDxe.And add FileExplorerLib to
dsc files of related packages which use SecureBootConfigDxe.


Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi 

Dandan Bi (6):
  ArmPlatformPkg:Add FileExplorerLib.inf to the dsc file
  ArmVirPkg:Add FileExplorerLib.inf to the dsc file
  OvmfPkg:Add FileExplorerLib.inf to the dsc file
  Vlv2TbltDevicePkg:Add FileExplorerLib.inf to the dsc file
  SecurityPkg:Add FileExplorerLib.inf to the dsc file
  SecurityPkg:Use FileExplorerLib in SecureBootConfigDxe

 .../ArmVExpressPkg/ArmVExpress-FVP-AArch64.dsc |3 +-
 ArmVirtPkg/ArmVirtQemu.dsc |3 +-
 OvmfPkg/OvmfPkgIa32.dsc|3 +-
 OvmfPkg/OvmfPkgIa32X64.dsc |3 +-
 OvmfPkg/OvmfPkgX64.dsc |3 +-
 SecurityPkg/SecurityPkg.dsc|1 +
 .../SecureBootConfigDxe/SecureBootConfig.vfr   |  109 +-
 .../SecureBootConfigDxe/SecureBootConfigDxe.inf|3 +-
 .../SecureBootConfigFileExplorer.c | 1127 +---
 .../SecureBootConfigDxe/SecureBootConfigImpl.c |  167 ++-
 .../SecureBootConfigDxe/SecureBootConfigImpl.h |  142 +--
 .../SecureBootConfigDxe/SecureBootConfigNvData.h   |   10 +
 Vlv2TbltDevicePkg/PlatformPkgGccX64.dsc|3 +-
 Vlv2TbltDevicePkg/PlatformPkgIA32.dsc  |3 +-
 Vlv2TbltDevicePkg/PlatformPkgX64.dsc   |3 +-
 15 files changed, 1242 insertions(+), 341 deletions(-)

-- 
1.9.5.msysgit.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [patch 6/6] SecurityPkg:Use FileExplorerLib in SecureBootConfigDxe

[Dandan Bi]

Using existing library FileExplorerLib to replace the same
logic in SecureBootConfigDxe to make the code clear.After using
FileExplorerLib,the UI behavior for enroll PK will change,
previously when select one PK file,commit/discard changes will
return to Device Manager,press ESC will return to FileExplorer.
Now using FileExplorerLib the behavior will keep same with
enroll KEK/DB/...,commit/discard changes will return to Custom
Secure Boot Options form and ESC will return to PK options form.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi 
---
 .../SecureBootConfigDxe/SecureBootConfig.vfr   |  109 +-
 .../SecureBootConfigDxe/SecureBootConfigDxe.inf|3 +-
 .../SecureBootConfigFileExplorer.c | 1127 +---
 .../SecureBootConfigDxe/SecureBootConfigImpl.c |  167 ++-
 .../SecureBootConfigDxe/SecureBootConfigImpl.h |  142 +--
 .../SecureBootConfigDxe/SecureBootConfigNvData.h   |   10 +
 6 files changed, 1225 insertions(+), 333 deletions(-)

diff --git 
a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr 
b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
index 484da2c..e53630c 100644
--- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
+++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
@@ -1,9 +1,9 @@
 /** @file
   VFR file used by the SecureBoot configuration component.
 
-Copyright (c) 2011 - 2016, Intel Corporation. All rights reserved.
+Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD 
License
 which accompanies this distribution.  The full text of the license may be 
found at
 http://opensource.org/licenses/bsd-license.php
 
@@ -200,33 +200,15 @@ formset
   form formid = FORMID_ENROLL_PK_FORM,
 title  = STRING_TOKEN(STR_ENROLL_PK);
 
 subtitle text = STRING_TOKEN(STR_NULL);
 
-goto FORMID_ENROLL_PK_FORM,
+goto FORM_FILE_EXPLORER_ID_PK,
  prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
  help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
  flags = INTERACTIVE,
- key = FORMID_ENROLL_PK_FORM;
-
-subtitle text = STRING_TOKEN(STR_NULL);
-label FORMID_ENROLL_PK_FORM;
-label LABEL_END;
-subtitle text = STRING_TOKEN(STR_NULL);
-
-goto FORMID_SECURE_BOOT_OPTION_FORM,
-  prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
-  help   = STRING_TOKEN(STR_SAVE_AND_EXIT),
-  flags  = INTERACTIVE| RESET_REQUIRED,
-  key= KEY_VALUE_SAVE_AND_EXIT_PK;
-
-goto FORMID_SECURE_BOOT_OPTION_FORM,
-  prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
-  help   = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
-  flags  = INTERACTIVE,
-  key= KEY_VALUE_NO_SAVE_AND_EXIT_PK;
-
+ key = SECUREBOOT_ADD_PK_FILE_FORM_ID;
   endform;
 
   //
   // ##5 Form: 'KEK Options'
   //
@@ -261,11 +243,11 @@ formset
   form formid = FORMID_ENROLL_KEK_FORM,
 title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);
 
 subtitle text = STRING_TOKEN(STR_NULL);
 
-goto FORMID_ENROLL_KEK_FORM,
+goto FORM_FILE_EXPLORER_ID_KEK,
  prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),
  help   = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),
  flags  = INTERACTIVE,
  key= FORMID_ENROLL_KEK_FORM;
 
@@ -424,11 +406,11 @@ formset
   form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
 
 subtitle text = STRING_TOKEN(STR_NULL);
 
-goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
+goto FORM_FILE_EXPLORER_ID_DB,
  prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
  help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
  flags = INTERACTIVE,
  key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;
 
@@ -469,11 +451,11 @@ formset
   form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
 
 subtitle text = STRING_TOKEN(STR_NULL);
 
-goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
+goto FORM_FILE_EXPLORER_ID_DBX,
  prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
  help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
  flags = INTERACTIVE,
  key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
 
@@ -545,11 +527,11 @@ formset
   form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
 
 subtitle text = STRING_TOKEN(STR_NULL);
 
-goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
+goto FORM_FILE_EXPLORER_ID_DBT,
  prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
  help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
  flags = INTERACTIVE,
  key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;
 
@@ -582,6 

Re: [edk2] EFI_IP4_CONFIG2_PROTOCOL [was: Re: [PATCH v2] MdeModulePkg: Update MNP driver to recycle TX buffer asynchronously.]

[Laszlo Ersek]

On 02/01/16 05:11, Josh Triplett wrote:
> On Wed, Jan 13, 2016 at 10:24:00AM -0800, Josh Triplett wrote:
>> On Wed, Jan 13, 2016 at 01:43:38PM +0100, Laszlo Ersek wrote:
>>> I just noticed that the most recent release of BITS provides a
>>> standalone HTTP client!
>>>
>>> http://biosbits.org/news/bits-2070/
>>>
>>> Josh, a couple of points:
>>>
>>> - edk2 doesn't provide EFI_IP4_CONFIG_PROTOCOL any longer; it provides
>>>   EFI_IP4_CONFIG2_PROTOCOL. I haven't tested this new release of BITS
>>>   just yet, but I know this caused problems for a few consumers of edk2.
>>
>> Most existing BIOSes we've worked with don't provide the newer protocol,
>> though.  So at a minimum we'll have to support both.  Probably not too
>> difficult to do, though.
> 
> The latest release of BITS (bits-2073, released today) now uses
> EFI_IP4_CONFIG2_PROTOCOL, and falls back to EFI_IP4_CONFIG_PROTOCOL.

Thanks a lot, I'm tagging this. Hopefully I can check it out soon.

Laszlo

> We also added support for using the existing configuration if already
> configured, and only kicking off DHCP if not already configured.  In
> particular, if you have manual IP configuration set up in your firmware,
> or manually configure IP via the shell, BITS will use that
> configuration.
> 
> A couple of questions about EFI_IP4_CONFIG2_PROTOCOL:
> 
> First, as far as I can tell, the implementation in edk2 does not trigger
> any of the events possible to register via RegisterDataNotify when DHCP
> completes.  Switching to Ip4Config2PolicyDhcp will wipe the three manual
> configuration items (and signal the events for them), and any call to
> SetData will signal the corresponding event, but DHCP completion just
> sets the various configuration information without signaling an event.
> As a result, we ended up just polling GetData of
> Ip4Config2DataTypeInterfaceInfo until it returned a valid IP.
> 
> Second, how can we explicitly tell EFI_IP4_CONFIG2_PROTOCOL to obtain an
> address via DHCP, if it hasn't already?  To kick off DHCP, we ended up
> having to change the policy from DHCP to static and back to DHCP (since
> SetData won't call Ip4StartAutoConfig unless the policy changes to DHCP
> from something other than DHCP).
> 
> - Josh Triplett
> 

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [patch] SecurityPkg:Use FileExplorerLib in SecureBootConfigDxe

[Dandan Bi]

Using existing library FileExplorerLib to replace the same
logic in SecureBootConfigDxe to make the code clear.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi 
---
 .../SecureBootConfigDxe/SecureBootConfig.vfr   |  109 +-
 .../SecureBootConfigDxe/SecureBootConfigDxe.inf|3 +-
 .../SecureBootConfigFileExplorer.c | 1127 +++-
 .../SecureBootConfigDxe/SecureBootConfigImpl.c |  167 +--
 .../SecureBootConfigDxe/SecureBootConfigImpl.h |  142 ++-
 .../SecureBootConfigDxe/SecureBootConfigNvData.h   |   10 -
 6 files changed, 333 insertions(+), 1225 deletions(-)

diff --git 
a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr 
b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
index e53630c..484da2c 100644
--- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
+++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
@@ -1,9 +1,9 @@
 /** @file
   VFR file used by the SecureBoot configuration component.
 
-Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.
+Copyright (c) 2011 - 2016, Intel Corporation. All rights reserved.
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD 
License
 which accompanies this distribution.  The full text of the license may be 
found at
 http://opensource.org/licenses/bsd-license.php
 
@@ -200,15 +200,33 @@ formset
   form formid = FORMID_ENROLL_PK_FORM,
 title  = STRING_TOKEN(STR_ENROLL_PK);
 
 subtitle text = STRING_TOKEN(STR_NULL);
 
-goto FORM_FILE_EXPLORER_ID_PK,
+goto FORMID_ENROLL_PK_FORM,
  prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
  help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
  flags = INTERACTIVE,
- key = SECUREBOOT_ADD_PK_FILE_FORM_ID;
+ key = FORMID_ENROLL_PK_FORM;
+
+subtitle text = STRING_TOKEN(STR_NULL);
+label FORMID_ENROLL_PK_FORM;
+label LABEL_END;
+subtitle text = STRING_TOKEN(STR_NULL);
+
+goto FORMID_SECURE_BOOT_OPTION_FORM,
+  prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
+  help   = STRING_TOKEN(STR_SAVE_AND_EXIT),
+  flags  = INTERACTIVE| RESET_REQUIRED,
+  key= KEY_VALUE_SAVE_AND_EXIT_PK;
+
+goto FORMID_SECURE_BOOT_OPTION_FORM,
+  prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
+  help   = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
+  flags  = INTERACTIVE,
+  key= KEY_VALUE_NO_SAVE_AND_EXIT_PK;
+
   endform;
 
   //
   // ##5 Form: 'KEK Options'
   //
@@ -243,11 +261,11 @@ formset
   form formid = FORMID_ENROLL_KEK_FORM,
 title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);
 
 subtitle text = STRING_TOKEN(STR_NULL);
 
-goto FORM_FILE_EXPLORER_ID_KEK,
+goto FORMID_ENROLL_KEK_FORM,
  prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),
  help   = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),
  flags  = INTERACTIVE,
  key= FORMID_ENROLL_KEK_FORM;
 
@@ -406,11 +424,11 @@ formset
   form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
 
 subtitle text = STRING_TOKEN(STR_NULL);
 
-goto FORM_FILE_EXPLORER_ID_DB,
+goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
  prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
  help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
  flags = INTERACTIVE,
  key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;
 
@@ -451,11 +469,11 @@ formset
   form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
 
 subtitle text = STRING_TOKEN(STR_NULL);
 
-goto FORM_FILE_EXPLORER_ID_DBX,
+goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
  prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
  help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
  flags = INTERACTIVE,
  key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
 
@@ -527,11 +545,11 @@ formset
   form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
 
 subtitle text = STRING_TOKEN(STR_NULL);
 
-goto FORM_FILE_EXPLORER_ID_DBT,
+goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
  prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
  help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
  flags = INTERACTIVE,
  key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;
 
@@ -564,83 +582,6 @@ formset
  flags  = INTERACTIVE,
  key= KEY_VALUE_NO_SAVE_AND_EXIT_DBT;
 
   endform;
 
-  //
-  // File Explorer for PK
-  //
-  form formid = FORM_FILE_EXPLORER_ID_PK,
-   title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);
-
-   label FORM_FILE_EXPLORER_ID;
-   label LABEL_END;
-  endform;
-
-  //
-  // File Explorer for KEK
-  //
-  form 

Re: [edk2] [patch] SecurityPkg:Use FileExplorerLib in SecureBootConfigDxe

[Laszlo Ersek]

On 02/01/16 10:06, Dandan Bi wrote:
> Using existing library FileExplorerLib to replace the same
> logic in SecureBootConfigDxe to make the code clear.
> 
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Dandan Bi 
> ---
>  .../SecureBootConfigDxe/SecureBootConfig.vfr   |  109 +-
>  .../SecureBootConfigDxe/SecureBootConfigDxe.inf|3 +-
>  .../SecureBootConfigFileExplorer.c | 1127 
> +++-
>  .../SecureBootConfigDxe/SecureBootConfigImpl.c |  167 +--
>  .../SecureBootConfigDxe/SecureBootConfigImpl.h |  142 ++-
>  .../SecureBootConfigDxe/SecureBootConfigNvData.h   |   10 -
>  6 files changed, 333 insertions(+), 1225 deletions(-)

This is probably a great idea, but the patch is incomplete.

The following edk2 DSC files list 
"SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf":

- ArmPlatformPkg/ArmVExpressPkg/ArmVExpress-FVP-AArch64.dsc
- ArmVirtPkg/ArmVirtQemu.dsc
- Nt32Pkg/Nt32Pkg.dsc
- OvmfPkg/OvmfPkgIa32.dsc
- OvmfPkg/OvmfPkgIa32X64.dsc
- OvmfPkg/OvmfPkgX64.dsc
- QuarkPlatformPkg/Quark.dsc
- SecurityPkg/SecurityPkg.dsc
- Vlv2TbltDevicePkg/PlatformPkgGccX64.dsc
- Vlv2TbltDevicePkg/PlatformPkgIA32.dsc
- Vlv2TbltDevicePkg/PlatformPkgX64.dsc

Of these, only the following resolve "FileExplorerLib":

- Nt32Pkg/Nt32Pkg.dsc
- QuarkPlatformPkg/Quark.dsc

Which means that the patch will break the build for the other DSC files:

- ArmPlatformPkg/ArmVExpressPkg/ArmVExpress-FVP-AArch64.dsc
- ArmVirtPkg/ArmVirtQemu.dsc
- OvmfPkg/OvmfPkgIa32.dsc
- OvmfPkg/OvmfPkgIa32X64.dsc
- OvmfPkg/OvmfPkgX64.dsc
- SecurityPkg/SecurityPkg.dsc
- Vlv2TbltDevicePkg/PlatformPkgGccX64.dsc
- Vlv2TbltDevicePkg/PlatformPkgIA32.dsc
- Vlv2TbltDevicePkg/PlatformPkgX64.dsc

So, this change should be implemented in a 6-part series, where the first five 
patches resolve FileExplorerLib for each of ArmPlatformPkg, ArmVirtPkg, OvmfPkg 
(three DSC files in one patch), SecurityPkg, Vlv2TbltDevicePkg (three DSC files 
in one patch). Then this patch should be included as the last one in the series.

Thanks
Laszlo

> diff --git 
> a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr 
> b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
> index e53630c..484da2c 100644
> --- 
> a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
> +++ 
> b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
> @@ -1,9 +1,9 @@
>  /** @file
>VFR file used by the SecureBoot configuration component.
>  
> -Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.
> +Copyright (c) 2011 - 2016, Intel Corporation. All rights reserved.
>  This program and the accompanying materials
>  are licensed and made available under the terms and conditions of the BSD 
> License
>  which accompanies this distribution.  The full text of the license may be 
> found at
>  http://opensource.org/licenses/bsd-license.php
>  
> @@ -200,15 +200,33 @@ formset
>form formid = FORMID_ENROLL_PK_FORM,
>  title  = STRING_TOKEN(STR_ENROLL_PK);
>  
>  subtitle text = STRING_TOKEN(STR_NULL);
>  
> -goto FORM_FILE_EXPLORER_ID_PK,
> +goto FORMID_ENROLL_PK_FORM,
>   prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
>   help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
>   flags = INTERACTIVE,
> - key = SECUREBOOT_ADD_PK_FILE_FORM_ID;
> + key = FORMID_ENROLL_PK_FORM;
> +
> +subtitle text = STRING_TOKEN(STR_NULL);
> +label FORMID_ENROLL_PK_FORM;
> +label LABEL_END;
> +subtitle text = STRING_TOKEN(STR_NULL);
> +
> +goto FORMID_SECURE_BOOT_OPTION_FORM,
> +  prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
> +  help   = STRING_TOKEN(STR_SAVE_AND_EXIT),
> +  flags  = INTERACTIVE| RESET_REQUIRED,
> +  key= KEY_VALUE_SAVE_AND_EXIT_PK;
> +
> +goto FORMID_SECURE_BOOT_OPTION_FORM,
> +  prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
> +  help   = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
> +  flags  = INTERACTIVE,
> +  key= KEY_VALUE_NO_SAVE_AND_EXIT_PK;
> +
>endform;
>  
>//
>// ##5 Form: 'KEK Options'
>//
> @@ -243,11 +261,11 @@ formset
>form formid = FORMID_ENROLL_KEK_FORM,
>  title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);
>  
>  subtitle text = STRING_TOKEN(STR_NULL);
>  
> -goto FORM_FILE_EXPLORER_ID_KEK,
> +goto FORMID_ENROLL_KEK_FORM,
>   prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),
>   help   = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),
>   flags  = INTERACTIVE,
>   key= FORMID_ENROLL_KEK_FORM;
>  
> @@ -406,11 +424,11 @@ formset
>form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
>  title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
>  
>  subtitle text = STRING_TOKEN(STR_NULL);
>  
> -goto FORM_FILE_EXPLORER_ID_DB,
> +goto 

Re: [edk2] [patch] SecurityPkg:Use FileExplorerLib in SecureBootConfigDxe

[Bi, Dandan]

Hi Laszlo,

Thanks for your comments. I will  update the related package.dsc files, and new 
patch series will send out later.

Thanks,
Dandan

-Original Message-
From: Laszlo Ersek [mailto:ler...@redhat.com] 
Sent: Monday, February 1, 2016 5:22 PM
To: Bi, Dandan
Cc: Zhang, Chao B; Dong, Eric; edk2-de...@ml01.01.org
Subject: Re: [edk2] [patch] SecurityPkg:Use FileExplorerLib in 
SecureBootConfigDxe

On 02/01/16 10:06, Dandan Bi wrote:
> Using existing library FileExplorerLib to replace the same
> logic in SecureBootConfigDxe to make the code clear.
> 
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Dandan Bi 
> ---
>  .../SecureBootConfigDxe/SecureBootConfig.vfr   |  109 +-
>  .../SecureBootConfigDxe/SecureBootConfigDxe.inf|3 +-
>  .../SecureBootConfigFileExplorer.c | 1127 
> +++-
>  .../SecureBootConfigDxe/SecureBootConfigImpl.c |  167 +--
>  .../SecureBootConfigDxe/SecureBootConfigImpl.h |  142 ++-
>  .../SecureBootConfigDxe/SecureBootConfigNvData.h   |   10 -
>  6 files changed, 333 insertions(+), 1225 deletions(-)

This is probably a great idea, but the patch is incomplete.

The following edk2 DSC files list 
"SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf":

- ArmPlatformPkg/ArmVExpressPkg/ArmVExpress-FVP-AArch64.dsc
- ArmVirtPkg/ArmVirtQemu.dsc
- Nt32Pkg/Nt32Pkg.dsc
- OvmfPkg/OvmfPkgIa32.dsc
- OvmfPkg/OvmfPkgIa32X64.dsc
- OvmfPkg/OvmfPkgX64.dsc
- QuarkPlatformPkg/Quark.dsc
- SecurityPkg/SecurityPkg.dsc
- Vlv2TbltDevicePkg/PlatformPkgGccX64.dsc
- Vlv2TbltDevicePkg/PlatformPkgIA32.dsc
- Vlv2TbltDevicePkg/PlatformPkgX64.dsc

Of these, only the following resolve "FileExplorerLib":

- Nt32Pkg/Nt32Pkg.dsc
- QuarkPlatformPkg/Quark.dsc

Which means that the patch will break the build for the other DSC files:

- ArmPlatformPkg/ArmVExpressPkg/ArmVExpress-FVP-AArch64.dsc
- ArmVirtPkg/ArmVirtQemu.dsc
- OvmfPkg/OvmfPkgIa32.dsc
- OvmfPkg/OvmfPkgIa32X64.dsc
- OvmfPkg/OvmfPkgX64.dsc
- SecurityPkg/SecurityPkg.dsc
- Vlv2TbltDevicePkg/PlatformPkgGccX64.dsc
- Vlv2TbltDevicePkg/PlatformPkgIA32.dsc
- Vlv2TbltDevicePkg/PlatformPkgX64.dsc

So, this change should be implemented in a 6-part series, where the first five 
patches resolve FileExplorerLib for each of ArmPlatformPkg, ArmVirtPkg, OvmfPkg 
(three DSC files in one patch), SecurityPkg, Vlv2TbltDevicePkg (three DSC files 
in one patch). Then this patch should be included as the last one in the series.

Thanks
Laszlo

> diff --git 
> a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr 
> b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
> index e53630c..484da2c 100644
> --- 
> a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
> +++ 
> b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
> @@ -1,9 +1,9 @@
>  /** @file
>VFR file used by the SecureBoot configuration component.
>  
> -Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.
> +Copyright (c) 2011 - 2016, Intel Corporation. All rights reserved.
>  This program and the accompanying materials
>  are licensed and made available under the terms and conditions of the BSD 
> License
>  which accompanies this distribution.  The full text of the license may be 
> found at
>  http://opensource.org/licenses/bsd-license.php
>  
> @@ -200,15 +200,33 @@ formset
>form formid = FORMID_ENROLL_PK_FORM,
>  title  = STRING_TOKEN(STR_ENROLL_PK);
>  
>  subtitle text = STRING_TOKEN(STR_NULL);
>  
> -goto FORM_FILE_EXPLORER_ID_PK,
> +goto FORMID_ENROLL_PK_FORM,
>   prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
>   help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
>   flags = INTERACTIVE,
> - key = SECUREBOOT_ADD_PK_FILE_FORM_ID;
> + key = FORMID_ENROLL_PK_FORM;
> +
> +subtitle text = STRING_TOKEN(STR_NULL);
> +label FORMID_ENROLL_PK_FORM;
> +label LABEL_END;
> +subtitle text = STRING_TOKEN(STR_NULL);
> +
> +goto FORMID_SECURE_BOOT_OPTION_FORM,
> +  prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
> +  help   = STRING_TOKEN(STR_SAVE_AND_EXIT),
> +  flags  = INTERACTIVE| RESET_REQUIRED,
> +  key= KEY_VALUE_SAVE_AND_EXIT_PK;
> +
> +goto FORMID_SECURE_BOOT_OPTION_FORM,
> +  prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
> +  help   = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
> +  flags  = INTERACTIVE,
> +  key= KEY_VALUE_NO_SAVE_AND_EXIT_PK;
> +
>endform;
>  
>//
>// ##5 Form: 'KEK Options'
>//
> @@ -243,11 +261,11 @@ formset
>form formid = FORMID_ENROLL_KEK_FORM,
>  title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);
>  
>  subtitle text = STRING_TOKEN(STR_NULL);
>  
> -goto FORM_FILE_EXPLORER_ID_KEK,
> +goto FORMID_ENROLL_KEK_FORM,
>   prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),
>   help   = 

Re: [edk2] [patch] SecurityPkg:Use FileExplorerLib in SecureBootConfigDxe

[Zhang, Chao B]

Dandan:
  Can you also add more specific description in check in log about the 
SecureBoot Config UI behavior change after your patch?





Thanks & Best regards
Chao Zhang


-Original Message-
From: Bi, Dandan 
Sent: Monday, February 01, 2016 6:02 PM
To: Laszlo Ersek
Cc: Zhang, Chao B; Dong, Eric; edk2-de...@ml01.01.org
Subject: RE: [edk2] [patch] SecurityPkg:Use FileExplorerLib in 
SecureBootConfigDxe

Hi Laszlo,

Thanks for your comments. I will  update the related package.dsc files, and new 
patch series will send out later.

Thanks,
Dandan

-Original Message-
From: Laszlo Ersek [mailto:ler...@redhat.com] 
Sent: Monday, February 1, 2016 5:22 PM
To: Bi, Dandan
Cc: Zhang, Chao B; Dong, Eric; edk2-de...@ml01.01.org
Subject: Re: [edk2] [patch] SecurityPkg:Use FileExplorerLib in 
SecureBootConfigDxe

On 02/01/16 10:06, Dandan Bi wrote:
> Using existing library FileExplorerLib to replace the same
> logic in SecureBootConfigDxe to make the code clear.
> 
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Dandan Bi 
> ---
>  .../SecureBootConfigDxe/SecureBootConfig.vfr   |  109 +-
>  .../SecureBootConfigDxe/SecureBootConfigDxe.inf|3 +-
>  .../SecureBootConfigFileExplorer.c | 1127 
> +++-
>  .../SecureBootConfigDxe/SecureBootConfigImpl.c |  167 +--
>  .../SecureBootConfigDxe/SecureBootConfigImpl.h |  142 ++-
>  .../SecureBootConfigDxe/SecureBootConfigNvData.h   |   10 -
>  6 files changed, 333 insertions(+), 1225 deletions(-)

This is probably a great idea, but the patch is incomplete.

The following edk2 DSC files list 
"SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf":

- ArmPlatformPkg/ArmVExpressPkg/ArmVExpress-FVP-AArch64.dsc
- ArmVirtPkg/ArmVirtQemu.dsc
- Nt32Pkg/Nt32Pkg.dsc
- OvmfPkg/OvmfPkgIa32.dsc
- OvmfPkg/OvmfPkgIa32X64.dsc
- OvmfPkg/OvmfPkgX64.dsc
- QuarkPlatformPkg/Quark.dsc
- SecurityPkg/SecurityPkg.dsc
- Vlv2TbltDevicePkg/PlatformPkgGccX64.dsc
- Vlv2TbltDevicePkg/PlatformPkgIA32.dsc
- Vlv2TbltDevicePkg/PlatformPkgX64.dsc

Of these, only the following resolve "FileExplorerLib":

- Nt32Pkg/Nt32Pkg.dsc
- QuarkPlatformPkg/Quark.dsc

Which means that the patch will break the build for the other DSC files:

- ArmPlatformPkg/ArmVExpressPkg/ArmVExpress-FVP-AArch64.dsc
- ArmVirtPkg/ArmVirtQemu.dsc
- OvmfPkg/OvmfPkgIa32.dsc
- OvmfPkg/OvmfPkgIa32X64.dsc
- OvmfPkg/OvmfPkgX64.dsc
- SecurityPkg/SecurityPkg.dsc
- Vlv2TbltDevicePkg/PlatformPkgGccX64.dsc
- Vlv2TbltDevicePkg/PlatformPkgIA32.dsc
- Vlv2TbltDevicePkg/PlatformPkgX64.dsc

So, this change should be implemented in a 6-part series, where the first five 
patches resolve FileExplorerLib for each of ArmPlatformPkg, ArmVirtPkg, OvmfPkg 
(three DSC files in one patch), SecurityPkg, Vlv2TbltDevicePkg (three DSC files 
in one patch). Then this patch should be included as the last one in the series.

Thanks
Laszlo

> diff --git 
> a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr 
> b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
> index e53630c..484da2c 100644
> --- 
> a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
> +++ 
> b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
> @@ -1,9 +1,9 @@
>  /** @file
>VFR file used by the SecureBoot configuration component.
>  
> -Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.
> +Copyright (c) 2011 - 2016, Intel Corporation. All rights reserved.
>  This program and the accompanying materials
>  are licensed and made available under the terms and conditions of the BSD 
> License
>  which accompanies this distribution.  The full text of the license may be 
> found at
>  http://opensource.org/licenses/bsd-license.php
>  
> @@ -200,15 +200,33 @@ formset
>form formid = FORMID_ENROLL_PK_FORM,
>  title  = STRING_TOKEN(STR_ENROLL_PK);
>  
>  subtitle text = STRING_TOKEN(STR_NULL);
>  
> -goto FORM_FILE_EXPLORER_ID_PK,
> +goto FORMID_ENROLL_PK_FORM,
>   prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
>   help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
>   flags = INTERACTIVE,
> - key = SECUREBOOT_ADD_PK_FILE_FORM_ID;
> + key = FORMID_ENROLL_PK_FORM;
> +
> +subtitle text = STRING_TOKEN(STR_NULL);
> +label FORMID_ENROLL_PK_FORM;
> +label LABEL_END;
> +subtitle text = STRING_TOKEN(STR_NULL);
> +
> +goto FORMID_SECURE_BOOT_OPTION_FORM,
> +  prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
> +  help   = STRING_TOKEN(STR_SAVE_AND_EXIT),
> +  flags  = INTERACTIVE| RESET_REQUIRED,
> +  key= KEY_VALUE_SAVE_AND_EXIT_PK;
> +
> +goto FORMID_SECURE_BOOT_OPTION_FORM,
> +  prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
> +  help   = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
> +  flags  = INTERACTIVE,
> +  key= KEY_VALUE_NO_SAVE_AND_EXIT_PK;
> +
>

Re: [edk2] Variable length PcdRsa2048Sha256PublicKeyBuffer PCD

[Cohen, Eugene]

Mike,

Thank you - I was looking at the DEC spec for size stuff and somehow it didn't 
occur to me to check the DSC spec.

This is exactly what I needed.

Eugene

> -Original Message-
> From: Kinney, Michael D [mailto:michael.d.kin...@intel.com]
> Sent: Saturday, January 30, 2016 9:59 AM
> To: Cohen, Eugene ; edk2-devel@lists.01.org; Kinney,
> Michael D 
> Cc: Zhang, Chao B 
> Subject: RE: Variable length PcdRsa2048Sha256PublicKeyBuffer PCD
> 
> Eugene,
> 
> I can address the general PCD question.
> 
> Dynamic PCDs can be stored in 3 different locations.  VPD which is read-only,
> so the value can not be changed.  UEFI Variable which is non-volatile and
> read-write, so the value and size can be changed.  Database in a memory
> buffer that is volatile and read-write, so the value and size can be changed 
> up
> to a specified max size (if max size not specified, then build time size and 
> max
> size are the same).
> 
> Part of the PCD setting in the DSC file is the maximum size of the PCD.  You
> can set the maximum size to the largest size a PCD supports, and the build
> time setting can be any size up to that maximum size.
> 
> Here is the syntax for the 6 types of DSC sections.  The MaximumDatumSize
> is the optional field that can be specified to reserve space.  The Hii type 
> does
> not require a maximum size in DSC file.  The max size of Hii type is limited
> only by what SetVariale() supports.
> 
> [PcdsDynamic.common.DEFAULT]
> 
> PcdTokenSpaceGuidCName.PcdCName|Value[|DatumType[|MaximumDatu
> mSize]]
> 
> [PcdsDynamicHii.common.DEFAULT]
> 
> PcdTokenSpaceGuidCName.PcdCName|VariableName|VariableGuid|Variabl
> eOffset|HiiDefaultValue
> 
> [PcdsDynamicVpd.common.DEFAULT]
>   PcdTokenSpaceGuidCName.PcdCName|VpdOffset[|MaximumDatumSize
> [|Value]]
> 
> [PcdsDynamicEx.common.DEFAULT]
> 
> PcdTokenSpaceGuidCName.PcdCName|Value[|DatumType[|MaximumDatu
> mSize]]
> 
> [PcdsDynamicExHii.common.DEFAULT]
> 
> PcdTokenSpaceGuidCName.PcdCName|VariableName|VariableGuid|Variabl
> eOffset|HiiDefaultValue
> 
> [PcdsDynamicExVpd.common.DEFAULT]
> 
> PcdTokenSpaceGuidCName.PcdCName|VpdOffset[|MaximumDatumSize[|
> Value]]
> 
> Best regards,
> 
> Mike
> 
> > -Original Message-
> > From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of
> > Cohen, Eugene
> > Sent: Saturday, January 30, 2016 5:36 AM
> > To: edk2-devel@lists.01.org
> > Cc: Kinney, Michael D ; Zhang, Chao B
> > 
> > Subject: [edk2] Variable length PcdRsa2048Sha256PublicKeyBuffer PCD
> >
> > Dear SecurityPkg maintainer,
> >
> > The SecurityPkg Rsa2048Sha256 system depends on a dynamic PCD called
> > gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer .  This
> > stores a set of hashes used to verify public keys.
> >
> > It appears that the length of this PCD is determined at build time.
> > How we could handle a case where the number of public keys is not
> > known until runtime?  Is there some way to make a Ptr-type Dynamic PCD
> variable sized?
> >
> > Thanks,
> >
> > Eugene
> >
> >
> > ___
> > edk2-devel mailing list
> > edk2-devel@lists.01.org
> > https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [Patch 1/3] MdeModulePkg: Update the default size of MNP TX buffer pool.

[Laszlo Ersek]

On 02/01/16 03:51, Fu Siyuan wrote:
> This patch update the default MNP TX buffer increasement to 32, so the default
> TX pool length is same as the maximum recycled buffer numbers in one UNDI
> GetStatus command.

Is that MAX_XMIT_BUFFERS in PxeGetStatus()?

> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Fu Siyuan 
> CC: Ye Ting 
> CC: Wu Jiaxin 
> ---
>  MdeModulePkg/Universal/Network/MnpDxe/MnpImpl.h | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/MdeModulePkg/Universal/Network/MnpDxe/MnpImpl.h 
> b/MdeModulePkg/Universal/Network/MnpDxe/MnpImpl.h
> index c66be64..51391af 100644
> --- a/MdeModulePkg/Universal/Network/MnpDxe/MnpImpl.h
> +++ b/MdeModulePkg/Universal/Network/MnpDxe/MnpImpl.h
> @@ -27,7 +27,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER 
> EXPRESS OR IMPLIED.
>  #define MNP_INIT_NET_BUFFER_NUM   512
>  #define MNP_NET_BUFFER_INCREASEMENT   64
>  #define MNP_MAX_NET_BUFFER_NUM65536
> -#define MNP_TX_BUFFER_INCREASEMENT64
> +#define MNP_TX_BUFFER_INCREASEMENT32// Same as the recycling Q 
> length for xmit_done in UNDI command.
>  #define MNP_MAX_TX_BUFFER_NUM 65536
>  
>  #define MNP_MAX_RCVD_PACKET_QUE_SIZE  256
> 

Out of curiosity: is this a bugfix or an optimization?

If a bugfix, then can you please explain why those two things (i.e.,
MNP_TX_BUFFER_INCREASEMENT in MnpAllocTxBuf(), and MAX_XMIT_BUFFERS in
PxeGetStatus) should match?

As a perf optimization I guess this makes sense, but otherwise, SNP
internals and MNP should be independent, shouldn't they?

Thanks
Laszlo
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] Not able to run into shell

[Peng Fan]

Hi,

I am porting edk2 to a ARM64 based SoC, but when starting shell, edk2 hangs.
I do not have a clear idea on this. Does anyone know this?

"
UEFI v2.50 (IMX board EFI Jan  8 2016 06:52:28, 0x)
Mapping table
map: No mapping found.
No SimpleTextInputEx was found. CTRL-based features are not usable.
No SimpleTextInputEx was found. CTRL-based features are not usable.
Press ESC in 5 seconds to skip startup.nsh or any other key to continue.
"

Appreciate your help.

Thanks,
Peng.

Add More log in case needed:
UEFI firmware (version  built at 07:25:36 on Jan  8 2016)
UEFI firmware (version  built at 09:27:49 on Jan  8 2016)
add-symbol-file 
/home/Freenix/work/sw-stash/imx/uefi/uefi-src/Build/IMX/DEBUG_GCC49/AARCH64/MdeModulePkg/Core/Dxe/DxeMain/DEBUG/DxeCore.dll
 0xBFB20240
Loading DxeCore at 0x00BFB2 EntryPoint=0x00BFB20240
CoreInitializeMemoryServices:
  BaseAddress - 0x800D Length - 0x3EF3 MinimalMemorySizeNeeded - 
0xDDA000
InstallProtocolInterface: 5B1B31A1-9562-11D2-8E3F-00A0C969723B BFB4FE78
add-symbol-file 
/home/Freenix/work/sw-stash/imx/uefi/uefi-src/Build/IMX/DEBUG_GCC49/AARCH64/MdeModulePkg/Core/Dxe/DxeMain/DEBUG/DxeCore.dll
 0xBFB2
InstallProtocolInterface: 76B6BDFA-2ACD-4462-9E3F-CB58C969D937 BFB50D60
InstallProtocolInterface: 1EA81BEC-F01A-4D98-A201-4A61CE2FC022 BFB50D78
HOBLIST address in DXE = 0xBEDDE018
Memory Allocation 0x0004 0xBFFEF000 - 0xBFFE
Memory Allocation 0x0004 0xBFFED000 - 0xBFFEEFFF
Memory Allocation 0x0004 0xBFFF - 0xBFFF
Memory Allocation 0x0004 0xBFFDD000 - 0xBFFECFFF
Memory Allocation 0x0004 0xBFD98000 - 0xBFFDCFFF
Memory Allocation 0x0004 0xBFB53000 - 0xBFD97FFF
Memory Allocation 0x0004 0xBFB2 - 0xBFB52FFF
Memory Allocation 0x0003 0xBFB2 - 0xBFB52FFF
FV Hob0x8000 - 0x800C
FV Hob0xBFB53000 - 0xBFD9625F
FV2 Hob   0xBFB53000 - 0xBFD9625F
InstallProtocolInterface: D8117CFE-94A6-11D4-9A3A-0090273FC14D BFB4FE08
InstallProtocolInterface: 8F644FA9-E850-4DB1-9CE2-0B44698E8DA4 BEDC5030
InstallProtocolInterface: 09576E91-6D3F-11D2-8E39-00A0C969723B BEDC5E98
InstallProtocolInterface: 8F644FA9-E850-4DB1-9CE2-0B44698E8DA4 BEDC5C70
InstallProtocolInterface: 09576E91-6D3F-11D2-8E39-00A0C969723B BEDC5A58
InstallProtocolInterface: 220E73B6-6BDB-4413-8405-B974B108619A BEDC5270
InstallProtocolInterface: 220E73B6-6BDB-4413-8405-B974B108619A BEDC40B0
InstallProtocolInterface: FC1BCDB0-7D31-49AA-936A-A4600D9DD083 BFB4FE28
Loading driver B8D9777E-D72A-451F-9BDB-BAFB52A68415
InstallProtocolInterface: 5B1B31A1-9562-11D2-8E3F-00A0C969723B BECD70C0
add-symbol-file 
/home/Freenix/work/sw-stash/imx/uefi/uefi-src/Build/IMX/DEBUG_GCC49/AARCH64/ArmPkg/Drivers/CpuDxe/CpuDxe/DEBUG/ArmCpuDxe.dll
 0xBEF61800
Loading driver at 0x000BEF61000 EntryPoint=0x000BEF61844 ArmCpuDxe.efi
InstallProtocolInterface: BC62157E-3E33-4FEC-9920-2D3B36D750DF BECD7E58
InstallProtocolInterface: 26BACCB1-6F42-11D4-BCE7-0080C73C8881 BEF6E800
InstallProtocolInterface: AD651C7D-3C22-4DBF-92E8-38A7CDAE87B2 BEF6E8A8
Loading driver B601F8C4-43B7-4784-95B1-F4226CB40CEE
InstallProtocolInterface: 5B1B31A1-9562-11D2-8E3F-00A0C969723B BECCF040
add-symbol-file 
/home/Freenix/work/sw-stash/imx/uefi/uefi-src/Build/IMX/DEBUG_GCC49/AARCH64/MdeModulePkg/Core/RuntimeDxe/RuntimeDxe/DEBUG/RuntimeDxe.dll
 0xBEF80240
  InsertImageRecord - Section Alignment(0x20) is not 64K  
!
!!!  Image - 
/home/Freenix/work/sw-stash/imx/uefi/uefi-src/Build/IMX/DEBUG_GCC49/AARCH64/MdeModulePkg/Core/RuntimeDxe/RuntimeDxe/DEBUG/RuntimeDxe.dll
  
Loading driver at 0x000BEF8 EntryPoint=0x000BEF80284 RuntimeDxe.efi
InstallProtocolInterface: BC62157E-3E33-4FEC-9920-2D3B36D750DF BECD7B98
InstallProtocolInterface: B7DFB4E1-052F-449F-87BE-9818FC91B733 BEF86380
Loading driver F80697E9-7FD6-4665-8646-88E33EF71DFC
InstallProtocolInterface: 5B1B31A1-9562-11D2-8E3F-00A0C969723B BECCFB40
add-symbol-file 
/home/Freenix/work/sw-stash/imx/uefi/uefi-src/Build/IMX/DEBUG_GCC49/AARCH64/MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe/DEBUG/SecurityStubDxe.dll
 0xBEF5A240
Loading driver at 0x000BEF5A000 EntryPoint=0x000BEF5A284 SecurityStubDxe.efi
InstallProtocolInterface: BC62157E-3E33-4FEC-9920-2D3B36D750DF BECCFD98
InstallProtocolInterface: 94AB2F58-1438-4EF1-9152-18941A3A0E68 BEF60A28
InstallProtocolInterface: A46423E3-4617-49F1-B9FF-D1BFA9115839 BEF60A20
Loading driver 3
48C4D62-BFBD-4882-9ECE-C80BB1C4783B
InstallProtocolInterface: 5B1B31A1-9562-11D2-8E3F-00A0C969723B BECCF400
add-symbol-file 
/home/Freenix/work/sw-stash/imx/uefi/uefi-src/Build/IMX/DEBUG_GCC49/AARCH64/MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe/DEBUG/HiiDatabase.dll
 0xBEF30240
Loading driver at 0x000BEF3 EntryPoint=0x000BEF30284 HiiDatabase.efi
InstallProtocolInterface: BC62157E-3E33-4FEC-9920-2D3B36D750DF BECCF858
InstallProtocolInterface: E9CA4775-8657-47FC-97E7-7ED65A084324 BEF59AA8
InstallProtocolInterface: 0FD96974-23AA-4CDC-B9CB-98D17750322A 

[edk2] Dxe Core support for EFI_SECTION_PEI_DEPEX section.

[Andrew Fish]

I have an FV and I'd like to have PEI and DXE code in it. The code that I need 
to access at PEI Time (DXE Core) is a compressed file in the FV. The code that 
only needs to be accessed at DXE time is in a compressed FV. By default PEI 
will try to decompress the FV Section, so I added a EFI_SECTION_PEI_DEPEX of 
FALSE to prevent this. To my surprise this prevented the FV from being 
dispatched in DXE. 

I don't see any language in the PI spec that calls out this behavior. I think 
we should remove the checks for EFI_SECTION_PEI_DEPEX, and maybe even 
EFI_SECTION_SMM_DEPEX. I think it is a better design to have the FV prevent the 
dispatch from the phase(s) it is discovered in if that is the intent.  

So for my example I added:
SECTION PEI_DEPEX_EXP = {FALSE} 

If you had a FV that showed up in DXE, but was for SMM you could:
SECTION DXE_DEPEX_EXP = {FALSE} 

This is the code I'm talking about:
MdeModulePkg/Core/Dxe/Dispatcher/Dispatcher.c

//
// Check if this EFI_FV_FILETYPE_FIRMWARE_VOLUME_IMAGE file has PEI 
depex section.
//
DepexBuffer  = NULL;
SizeOfBuffer = 0;
Status = Fv->ReadSection (
   Fv,
   ,
   EFI_SECTION_PEI_DEPEX,
   0,
   ,
   ,
   
   );
if (!EFI_ERROR (Status)) {
  //
  // If PEI depex section is found, this FV image will be ignored 
in DXE phase.
  // Now, DxeCore doesn't support FV image with more one type DEPEX 
section.
  //
  FreePool (DepexBuffer);
  continue;
}


Thanks,

Andrew Fish

PS This logic also exists. 

//
// Check if this EFI_FV_FILETYPE_FIRMWARE_VOLUME_IMAGE file has SMM 
depex section.
//
DepexBuffer  = NULL;
SizeOfBuffer = 0;
Status = Fv->ReadSection (
   Fv,
   ,
   EFI_SECTION_SMM_DEPEX,
   0,
   ,
   ,
   
   );
if (!EFI_ERROR (Status)) {
  //
  // If SMM depex section is found, this FV image will be ignored 
in DXE phase.
  // Now, DxeCore doesn't support FV image with more one type DEPEX 
section.
  //
  FreePool (DepexBuffer);
  continue;
}

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH v4] NetworkPkg:Add a new error status code EFI_HTTP_ERROR

[Zhang Lubo]

v4:
* Update macro HTTP_ERROR_STATUS to HTTP_ERROR_OR_NOT_SUPPORT_STATUS_CODE
Update copyright year.
When the Error Status of ResponseData returned from HttpIoRecvResponse
function during the Http HEAD method, it should also return error status
to Load file protocol.

Cc: Fu Siyuan 
Cc: Ye Ting 
Cc: Wu Jiaxin 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo 
---
 NetworkPkg/HttpBootDxe/HttpBootClient.c  | 10 --
 NetworkPkg/HttpBootDxe/HttpBootSupport.c | 18 +-
 NetworkPkg/HttpBootDxe/HttpBootSupport.h | 14 +-
 NetworkPkg/HttpDxe/HttpImpl.c| 19 +++
 NetworkPkg/HttpDxe/HttpImpl.h|  4 +++-
 NetworkPkg/HttpDxe/HttpProto.h   |  4 +++-
 6 files changed, 47 insertions(+), 22 deletions(-)

diff --git a/NetworkPkg/HttpBootDxe/HttpBootClient.c 
b/NetworkPkg/HttpBootDxe/HttpBootClient.c
index f0817e9..dd835c4 100644
--- a/NetworkPkg/HttpBootDxe/HttpBootClient.c
+++ b/NetworkPkg/HttpBootDxe/HttpBootClient.c
@@ -1,9 +1,9 @@
 /** @file
   Implementation of the boot file download function.
 
-Copyright (c) 2015, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.
 This program and the accompanying materials are licensed and made available 
under 
 the terms and conditions of the BSD License that accompanies this 
distribution.  
 The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php.
  
 
@@ -715,10 +715,11 @@ HttpBootGetBootFile (
   IN OUT UINTN*BufferSize,
  OUT UINT8*Buffer
   )
 {
   EFI_STATUS Status;
+  EFI_HTTP_STATUS_CODE   StatusCode;
   CHAR8  *HostName;
   EFI_HTTP_REQUEST_DATA  *RequestData;
   HTTP_IO_RESPONSE_DATA  *ResponseData;
   HTTP_IO_RESPONSE_DATA  ResponseBody;
   HTTP_IO*HttpIo;
@@ -892,11 +893,16 @@ HttpBootGetBootFile (
   Status = HttpIoRecvResponse (
  >HttpIo,
  TRUE,
  ResponseData
  );
-  if (EFI_ERROR (Status)) {
+  if (EFI_ERROR (Status) || EFI_ERROR (ResponseData->Status)) {
+if (EFI_ERROR (ResponseData->Status)) {
+  StatusCode = HttpIo->RspToken.Message->Data.Response->StatusCode;
+  HttpBootPrintErrorMessage (StatusCode);
+  Status = ResponseData->Status;
+}
 goto ERROR_5;
   }
 
   //
   // 3.2 Cache the response header.
diff --git a/NetworkPkg/HttpBootDxe/HttpBootSupport.c 
b/NetworkPkg/HttpBootDxe/HttpBootSupport.c
index f9bbe4b..db2af78 100644
--- a/NetworkPkg/HttpBootDxe/HttpBootSupport.c
+++ b/NetworkPkg/HttpBootDxe/HttpBootSupport.c
@@ -1,9 +1,9 @@
 /** @file
   Support functions implementation for UEFI HTTP boot driver.
 
-Copyright (c) 2015, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.
 This program and the accompanying materials are licensed and made available 
under 
 the terms and conditions of the BSD License that accompanies this 
distribution.  
 The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php.
  
 
@@ -928,11 +928,10 @@ HttpIoRecvResponse (
  OUT  HTTP_IO_RESPONSE_DATA*ResponseData
   )
 {
   EFI_STATUS Status;
   EFI_HTTP_PROTOCOL  *Http;
-  EFI_HTTP_STATUS_CODE   StatusCode;
 
   if (HttpIo == NULL || HttpIo->Http == NULL || ResponseData == NULL) {
 return EFI_INVALID_PARAMETER;
   }
 
@@ -969,19 +968,12 @@ HttpIoRecvResponse (
   }
 
   //
   // Store the received data into the wrapper.
   //
-  Status = HttpIo->RspToken.Status;
-  if (!EFI_ERROR (Status)) {
-ResponseData->HeaderCount = HttpIo->RspToken.Message->HeaderCount;
-ResponseData->Headers = HttpIo->RspToken.Message->Headers;
-ResponseData->BodyLength  = HttpIo->RspToken.Message->BodyLength;
-  }
-  
-  if (RecvMsgHeader) {
-StatusCode = HttpIo->RspToken.Message->Data.Response->StatusCode;
-HttpBootPrintErrorMessage (StatusCode);
-  }
+  ResponseData->Status = HttpIo->RspToken.Status;
+  ResponseData->HeaderCount = HttpIo->RspToken.Message->HeaderCount;
+  ResponseData->Headers = HttpIo->RspToken.Message->Headers;
+  ResponseData->BodyLength  = HttpIo->RspToken.Message->BodyLength;
 
   return Status;
 }
diff --git a/NetworkPkg/HttpBootDxe/HttpBootSupport.h 
b/NetworkPkg/HttpBootDxe/HttpBootSupport.h
index 2eba14e..8e0fc37 100644
--- a/NetworkPkg/HttpBootDxe/HttpBootSupport.h
+++ b/NetworkPkg/HttpBootDxe/HttpBootSupport.h
@@ -1,9 +1,9 @@
 /** @file
   Support functions declaration for UEFI HTTP boot driver.
 
-Copyright (c) 2015, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.
 This program and the accompanying 

Re: [edk2] [PATCH v4] NetworkPkg:Add a new error status code EFI_HTTP_ERROR

[Fu, Siyuan]

Reviewed-by: Siyuan Fu 

-Original Message-
From: Zhang, Lubo 
Sent: Tuesday, February 2, 2016 2:52 PM
To: edk2-devel@lists.01.org
Cc: Fu, Siyuan ; Ye, Ting ; Wu, Jiaxin 

Subject: [PATCH v4] NetworkPkg:Add a new error status code EFI_HTTP_ERROR

v4:
* Update macro HTTP_ERROR_STATUS to HTTP_ERROR_OR_NOT_SUPPORT_STATUS_CODE
Update copyright year.
When the Error Status of ResponseData returned from HttpIoRecvResponse function 
during the Http HEAD method, it should also return error status to Load file 
protocol.

Cc: Fu Siyuan 
Cc: Ye Ting 
Cc: Wu Jiaxin 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo 
---
 NetworkPkg/HttpBootDxe/HttpBootClient.c  | 10 --  
NetworkPkg/HttpBootDxe/HttpBootSupport.c | 18 +-  
NetworkPkg/HttpBootDxe/HttpBootSupport.h | 14 +-
 NetworkPkg/HttpDxe/HttpImpl.c| 19 +++
 NetworkPkg/HttpDxe/HttpImpl.h|  4 +++-
 NetworkPkg/HttpDxe/HttpProto.h   |  4 +++-
 6 files changed, 47 insertions(+), 22 deletions(-)

diff --git a/NetworkPkg/HttpBootDxe/HttpBootClient.c 
b/NetworkPkg/HttpBootDxe/HttpBootClient.c
index f0817e9..dd835c4 100644
--- a/NetworkPkg/HttpBootDxe/HttpBootClient.c
+++ b/NetworkPkg/HttpBootDxe/HttpBootClient.c
@@ -1,9 +1,9 @@
 /** @file
   Implementation of the boot file download function.
 
-Copyright (c) 2015, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.
 This program and the accompanying materials are licensed and made available 
under  the terms and conditions of the BSD License that accompanies this 
distribution.  
 The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php.
  
 
@@ -715,10 +715,11 @@ HttpBootGetBootFile (
   IN OUT UINTN*BufferSize,
  OUT UINT8*Buffer
   )
 {
   EFI_STATUS Status;
+  EFI_HTTP_STATUS_CODE   StatusCode;
   CHAR8  *HostName;
   EFI_HTTP_REQUEST_DATA  *RequestData;
   HTTP_IO_RESPONSE_DATA  *ResponseData;
   HTTP_IO_RESPONSE_DATA  ResponseBody;
   HTTP_IO*HttpIo;
@@ -892,11 +893,16 @@ HttpBootGetBootFile (
   Status = HttpIoRecvResponse (
  >HttpIo,
  TRUE,
  ResponseData
  );
-  if (EFI_ERROR (Status)) {
+  if (EFI_ERROR (Status) || EFI_ERROR (ResponseData->Status)) {
+if (EFI_ERROR (ResponseData->Status)) {
+  StatusCode = HttpIo->RspToken.Message->Data.Response->StatusCode;
+  HttpBootPrintErrorMessage (StatusCode);
+  Status = ResponseData->Status;
+}
 goto ERROR_5;
   }
 
   //
   // 3.2 Cache the response header.
diff --git a/NetworkPkg/HttpBootDxe/HttpBootSupport.c 
b/NetworkPkg/HttpBootDxe/HttpBootSupport.c
index f9bbe4b..db2af78 100644
--- a/NetworkPkg/HttpBootDxe/HttpBootSupport.c
+++ b/NetworkPkg/HttpBootDxe/HttpBootSupport.c
@@ -1,9 +1,9 @@
 /** @file
   Support functions implementation for UEFI HTTP boot driver.
 
-Copyright (c) 2015, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.
 This program and the accompanying materials are licensed and made available 
under  the terms and conditions of the BSD License that accompanies this 
distribution.  
 The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php.
  
 
@@ -928,11 +928,10 @@ HttpIoRecvResponse (
  OUT  HTTP_IO_RESPONSE_DATA*ResponseData
   )
 {
   EFI_STATUS Status;
   EFI_HTTP_PROTOCOL  *Http;
-  EFI_HTTP_STATUS_CODE   StatusCode;
 
   if (HttpIo == NULL || HttpIo->Http == NULL || ResponseData == NULL) {
 return EFI_INVALID_PARAMETER;
   }
 
@@ -969,19 +968,12 @@ HttpIoRecvResponse (
   }
 
   //
   // Store the received data into the wrapper.
   //
-  Status = HttpIo->RspToken.Status;
-  if (!EFI_ERROR (Status)) {
-ResponseData->HeaderCount = HttpIo->RspToken.Message->HeaderCount;
-ResponseData->Headers = HttpIo->RspToken.Message->Headers;
-ResponseData->BodyLength  = HttpIo->RspToken.Message->BodyLength;
-  }
-
-  if (RecvMsgHeader) {
-StatusCode = HttpIo->RspToken.Message->Data.Response->StatusCode;
-HttpBootPrintErrorMessage (StatusCode);
-  }
+  ResponseData->Status = HttpIo->RspToken.Status;  
+ ResponseData->HeaderCount = HttpIo->RspToken.Message->HeaderCount;
+  ResponseData->Headers = HttpIo->RspToken.Message->Headers;
+  ResponseData->BodyLength  = HttpIo->RspToken.Message->BodyLength;
 
   return Status;
 }
diff --git a/NetworkPkg/HttpBootDxe/HttpBootSupport.h 
b/NetworkPkg/HttpBootDxe/HttpBootSupport.h
index 2eba14e..8e0fc37 100644
--- 

[edk2] SATA 3.0 AHCI host controller codebase

[Shaveta Leekha]

Hi,

Is there some SATA 3.0 AHCI driver implementation in UEFI / EDK code?
The one I need to write for our platform is not PCI based.

I have seen few implementations in EDK2:
DuetPkg/SataControllerDxe/SataController.c
OvmfPkg/SataControllerDxe/SataController.c
But in all of them SATA connectivity is via PCI Express switch.

Kindly point me to some non-PCI based "SATA 3.0 AHCI driver code" for UEFI, if 
there is any such code.

Thanks and Regards,
Shaveta
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH] SecurityPkg: TcgConfigDxe: Move TPM state string update to CallBack function

[Bi, Dandan]

Reviewed-by: Dandan Bi 

-Original Message-
From: Zhang, Chao B 
Sent: Friday, January 29, 2016 4:47 PM
To: edk2-de...@ml01.01.org
Cc: Yao, Jiewen; Bi, Dandan; Zhang, Chao B
Subject: [PATCH] SecurityPkg: TcgConfigDxe: Move TPM state string update to 
CallBack function

TPM state string update requires HiiHandle which may not be ready when calling 
ExtractConfig.
Move this logic to CallBack function.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang 
---
 SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDriver.c | 10 -
 SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.c   | 55 +++---
 SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.h   |  1 +
 3 files changed, 40 insertions(+), 26 deletions(-)

diff --git a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDriver.c 
b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDriver.c
index 29ec7b0..a9d3105 100644
--- a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDriver.c
+++ b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDriver.c
@@ -73,9 +73,15 @@ TcgConfigDriverEntryPoint (
   if (PrivateData == NULL) {
 return EFI_OUT_OF_RESOURCES;
   }
-  
+
+  PrivateData->Configuration = AllocatePool (sizeof 
+ (TCG_CONFIGURATION));  if (PrivateData->Configuration == NULL) {
+Status = EFI_OUT_OF_RESOURCES;
+goto ErrorExit;
+  }
+
   PrivateData->TcgProtocol = TcgProtocol;
-  
+
   //
   // Install TCG configuration form
   //
diff --git a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.c 
b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.c
index c2e3b34..7fa5611 100644
--- a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.c
+++ b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.c
@@ -1,7 +1,7 @@
 /** @file
   HII Config Access protocol implementation of TCG configuration module.
 
-Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.
+Copyright (c) 2011 - 2016, Intel Corporation. All rights reserved.
 This program and the accompanying materials  are licensed and made available 
under the terms and conditions of the BSD License  which accompanies this 
distribution.  The full text of the license may be found at @@ -149,8 +149,6 @@ 
TcgExtractConfig (
   )
 {
   EFI_STATUS Status;
-  UINTN  BufferSize;
-  TCG_CONFIGURATION  Configuration;
   TCG_CONFIG_PRIVATE_DATA*PrivateData;
   EFI_STRING ConfigRequestHdr;
   EFI_STRING ConfigRequest;
@@ -158,7 +156,6 @@ TcgExtractConfig (
   UINTN  Size;
   BOOLEANTpmEnable;
   BOOLEANTpmActivate;
-  CHAR16 State[32];
 
   if (Progress == NULL || Results == NULL) {
 return EFI_INVALID_PARAMETER;
@@ -179,12 +176,10 @@ TcgExtractConfig (
   //
   // Convert buffer data to  by helper function BlockToConfig()
   //
-  ZeroMem (, sizeof (TCG_CONFIGURATION));
-
-  Configuration.TpmOperation= PHYSICAL_PRESENCE_ENABLE;
+  PrivateData->Configuration->TpmOperation = PHYSICAL_PRESENCE_ENABLE;
 
   //
-  // Display current TPM state.
+  // Get current TPM state.
   //
   if (PrivateData->TcgProtocol != NULL) {
 Status = GetTpmState (PrivateData->TcgProtocol, , );
@@ -192,20 +187,10 @@ TcgExtractConfig (
   return Status;
 }
 
-UnicodeSPrint (
-  State,
-  sizeof (State),
-  L"%s, and %s",
-  TpmEnable   ? L"Enabled"   : L"Disabled",
-  TpmActivate ? L"Activated" : L"Deactivated"
-  );
-Configuration.TpmEnable   = TpmEnable;
-Configuration.TpmActivate = TpmActivate;
-
-HiiSetString (PrivateData->HiiHandle, STRING_TOKEN 
(STR_TPM_STATE_CONTENT), State, NULL);
+PrivateData->Configuration->TpmEnable   = TpmEnable;
+PrivateData->Configuration->TpmActivate = TpmActivate;
   }
 
-  BufferSize = sizeof (Configuration);
   ConfigRequest = Request;
   if ((Request == NULL) || (StrStr (Request, L"OFFSET") == NULL)) {
 //
@@ -218,15 +203,15 @@ TcgExtractConfig (
 ConfigRequest = AllocateZeroPool (Size);
 ASSERT (ConfigRequest != NULL);
 AllocatedRequest = TRUE;
-UnicodeSPrint (ConfigRequest, Size, L"%s=0=%016LX", 
ConfigRequestHdr, (UINT64) BufferSize);
+UnicodeSPrint (ConfigRequest, Size, L"%s=0=%016LX", 
ConfigRequestHdr, sizeof (TCG_CONFIGURATION));
 FreePool (ConfigRequestHdr);
   }
 
   Status = gHiiConfigRouting->BlockToConfig (
 gHiiConfigRouting,
 ConfigRequest,
-(UINT8 *) ,
-BufferSize,
+(UINT8 *) PrivateData->Configuration,
+sizeof (TCG_CONFIGURATION),
 Results,
 Progress
 );
@@ -386,10 +371,29 @@ TcgCallback (
  OUT EFI_BROWSER_ACTION_REQUEST*ActionRequest
   )
 {
+  TCG_CONFIG_PRIVATE_DATA*PrivateData;
+  CHAR16 State[32];

Re: [edk2] [patch 6/6] SecurityPkg:Use FileExplorerLib in SecureBootConfigDxe

[Bi, Dandan]

Hi Chao,

Thanks for your comments.

1. The copyright info has updated in the latest  [patch 6/6] patch.
2. The FileExplorerLib  is already  in NT32Pkg.dsc & Quark.dsc,
 So no need to update.


Thanks,
Dandan

-Original Message-
From: Zhang, Chao B 
Sent: Tuesday, February 2, 2016 1:45 PM
To: Bi, Dandan; Dong, Eric; ler...@redhat.com; edk2-devel@lists.01.org
Subject: RE: [patch 6/6] SecurityPkg:Use FileExplorerLib in SecureBootConfigDxe

Dandan:
  1. The copyright head file change is not right.
  2. Do we need to update NT32Pkg.dsc & Quark Platform dsc?
Other changes are good to me




Thanks & Best regards
Chao Zhang


-Original Message-
From: Bi, Dandan 
Sent: Tuesday, February 02, 2016 10:18 AM
To: Zhang, Chao B; Dong, Eric; ler...@redhat.com; edk2-devel@lists.01.org
Subject: [patch 6/6] SecurityPkg:Use FileExplorerLib in SecureBootConfigDxe

Using existing library FileExplorerLib to replace the same
logic in SecureBootConfigDxe to make the code clear.After using
FileExplorerLib,the UI behavior for enroll PK will change,
previously when select one PK file,commit/discard changes will
return to Device Manager,press ESC will return to FileExplorer.
Now using FileExplorerLib the behavior will keep same with
enroll KEK/DB/...,commit/discard changes will return to Custom
Secure Boot Options form and ESC will return to PK options form.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi 
---
 .../SecureBootConfigDxe/SecureBootConfig.vfr   |  109 +-
 .../SecureBootConfigDxe/SecureBootConfigDxe.inf|3 +-
 .../SecureBootConfigFileExplorer.c | 1127 +---
 .../SecureBootConfigDxe/SecureBootConfigImpl.c |  167 ++-
 .../SecureBootConfigDxe/SecureBootConfigImpl.h |  142 +--
 .../SecureBootConfigDxe/SecureBootConfigNvData.h   |   10 +
 6 files changed, 1225 insertions(+), 333 deletions(-)

diff --git 
a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr 
b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
index 484da2c..e53630c 100644
--- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
+++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
@@ -1,9 +1,9 @@
 /** @file
   VFR file used by the SecureBoot configuration component.
 
-Copyright (c) 2011 - 2016, Intel Corporation. All rights reserved.
+Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD 
License
 which accompanies this distribution.  The full text of the license may be 
found at
 http://opensource.org/licenses/bsd-license.php
 
@@ -200,33 +200,15 @@ formset
   form formid = FORMID_ENROLL_PK_FORM,
 title  = STRING_TOKEN(STR_ENROLL_PK);
 
 subtitle text = STRING_TOKEN(STR_NULL);
 
-goto FORMID_ENROLL_PK_FORM,
+goto FORM_FILE_EXPLORER_ID_PK,
  prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
  help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
  flags = INTERACTIVE,
- key = FORMID_ENROLL_PK_FORM;
-
-subtitle text = STRING_TOKEN(STR_NULL);
-label FORMID_ENROLL_PK_FORM;
-label LABEL_END;
-subtitle text = STRING_TOKEN(STR_NULL);
-
-goto FORMID_SECURE_BOOT_OPTION_FORM,
-  prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
-  help   = STRING_TOKEN(STR_SAVE_AND_EXIT),
-  flags  = INTERACTIVE| RESET_REQUIRED,
-  key= KEY_VALUE_SAVE_AND_EXIT_PK;
-
-goto FORMID_SECURE_BOOT_OPTION_FORM,
-  prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
-  help   = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
-  flags  = INTERACTIVE,
-  key= KEY_VALUE_NO_SAVE_AND_EXIT_PK;
-
+ key = SECUREBOOT_ADD_PK_FILE_FORM_ID;
   endform;
 
   //
   // ##5 Form: 'KEK Options'
   //
@@ -261,11 +243,11 @@ formset
   form formid = FORMID_ENROLL_KEK_FORM,
 title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);
 
 subtitle text = STRING_TOKEN(STR_NULL);
 
-goto FORMID_ENROLL_KEK_FORM,
+goto FORM_FILE_EXPLORER_ID_KEK,
  prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),
  help   = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),
  flags  = INTERACTIVE,
  key= FORMID_ENROLL_KEK_FORM;
 
@@ -424,11 +406,11 @@ formset
   form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
 
 subtitle text = STRING_TOKEN(STR_NULL);
 
-goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
+goto FORM_FILE_EXPLORER_ID_DB,
  prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
  help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
  flags = INTERACTIVE,
  key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;
 
@@ -469,11 +451,11 @@ formset
   form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
 title = 

Re: [edk2] [patch] NetworkPkg: Fix suspicious dereference of pointer 'Mode.Ia'

[Fu, Siyuan]

Reviewed-by: Siyuan Fu 


-Original Message-
From: Zhang, Lubo 
Sent: Tuesday, February 2, 2016 2:51 PM
To: edk2-devel@lists.01.org
Cc: Fu, Siyuan ; Ye, Ting ; Wu, Jiaxin 

Subject: [patch] NetworkPkg: Fix suspicious dereference of pointer 'Mode.Ia'

This patch is used to fix suspicious dereference of pointer 'Mode.Ia'
before NULL check.

Cc: Fu Siyuan 
Cc: Ye Ting 
Cc: Wu Jiaxin 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo 
---
 NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c 
b/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
index 6d39437..8003f31 100644
--- a/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
+++ b/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
@@ -2071,11 +2071,11 @@ PxeBcDhcp6Sarr (
   if (EFI_ERROR (Status)) {
 Dhcp6->Stop (Dhcp6);
 return Status;
   }
 
-  ASSERT (Mode.Ia->State == Dhcp6Bound);
+  ASSERT ((Mode.Ia != NULL) && (Mode.Ia->State == Dhcp6Bound));
   //
   // DHCP6 doesn't have an option to specify the router address on the subnet, 
the only way to get the
   // router address in IP6 is the router discovery mechanism (the RS and RA, 
which only be handled when
   // the IP policy is Automatic). So we just hold the station IP address here 
and leave the IP policy as
   // Automatic, until we get the server IP address. This could let IP6 driver 
finish the router discovery 
-- 
1.9.5.msysgit.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [patch] NetworkPkg: Fix suspicious dereference of pointer 'Mode.Ia'

[Wu, Jiaxin]

Reviewed-by: Jiaxin Wu 


-Original Message-
From: Zhang, Lubo 
Sent: Tuesday, February 2, 2016 2:51 PM
To: edk2-devel@lists.01.org
Cc: Fu, Siyuan; Ye, Ting; Wu, Jiaxin
Subject: [patch] NetworkPkg: Fix suspicious dereference of pointer 'Mode.Ia'

This patch is used to fix suspicious dereference of pointer 'Mode.Ia'
before NULL check.

Cc: Fu Siyuan 
Cc: Ye Ting 
Cc: Wu Jiaxin 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo 
---
 NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c 
b/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
index 6d39437..8003f31 100644
--- a/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
+++ b/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
@@ -2071,11 +2071,11 @@ PxeBcDhcp6Sarr (
   if (EFI_ERROR (Status)) {
 Dhcp6->Stop (Dhcp6);
 return Status;
   }
 
-  ASSERT (Mode.Ia->State == Dhcp6Bound);
+  ASSERT ((Mode.Ia != NULL) && (Mode.Ia->State == Dhcp6Bound));
   //
   // DHCP6 doesn't have an option to specify the router address on the subnet, 
the only way to get the
   // router address in IP6 is the router discovery mechanism (the RS and RA, 
which only be handled when
   // the IP policy is Automatic). So we just hold the station IP address here 
and leave the IP policy as
   // Automatic, until we get the server IP address. This could let IP6 driver 
finish the router discovery 
-- 
1.9.5.msysgit.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [Patch] MdePkg: Add TLS related protocol definition

[Jiaxin Wu]

This patch is used to add Tls.h and TlsConfig.h header
files to define EFI TLS Configuration Protocol,
EFI TLS Service Binding Protocol and
EFI TLS Configuration Protocol.

Cc: Ye Ting 
Cc: Fu Siyuan 
Cc: Long Qin 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu 
---
 MdePkg/Include/Protocol/Tls.h   | 460 
 MdePkg/Include/Protocol/TlsConfig.h | 132 +++
 MdePkg/MdePkg.dec   |  11 +-
 3 files changed, 602 insertions(+), 1 deletion(-)
 create mode 100644 MdePkg/Include/Protocol/Tls.h
 create mode 100644 MdePkg/Include/Protocol/TlsConfig.h

diff --git a/MdePkg/Include/Protocol/Tls.h b/MdePkg/Include/Protocol/Tls.h
new file mode 100644
index 000..51a3cda
--- /dev/null
+++ b/MdePkg/Include/Protocol/Tls.h
@@ -0,0 +1,460 @@
+/** @file
+  EFI TLS Protocols as defined in UEFI 2.5.
+
+  The EFI TLS Service Binding Protocol is used to locate EFI TLS Protocol 
drivers
+  to create and destroy child of the driver to communicate with other host 
using
+  TLS protocol.
+  The EFI TLS Protocol provides the ability to manage TLS session.
+
+  Copyright (c) 2016, Intel Corporation. All rights reserved.
+  This program and the accompanying materials
+  are licensed and made available under the terms and conditions of the BSD 
License
+  which accompanies this distribution. The full text of the license may be 
found at
+  http://opensource.org/licenses/bsd-license.php
+
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+  @par Revision Reference:
+  This Protocol is introduced in UEFI Specification 2.5
+
+**/
+
+#ifndef __EFI_TLS_PROTOCOL_H__
+#define __EFI_TLS_PROTOCOL_H__
+
+///
+/// The EFI TLS Service Binding Protocol is used to locate EFI TLS Protocol 
drivers to
+/// create and destroy child of the driver to communicate with other host 
using TLS
+/// protocol.
+///
+#define EFI_TLS_SERVICE_BINDING_PROTOCOL_GUID \
+  { \
+0x952cb795, 0xff36, 0x48cf, {0xa2, 0x49, 0x4d, 0xf4, 0x86, 0xd6, 0xab, 
0x8d } \
+  }
+
+///
+/// The EFI TLS protocol provides the ability to manage TLS session.
+///
+#define EFI_TLS_PROTOCOL_GUID \
+  { \
+0xca959f, 0x6cfa, 0x4db1, {0x95, 0xbc, 0xe4, 0x6c, 0x47, 0x51, 0x43, 0x90 
} \
+  }
+
+typedef struct _EFI_TLS_PROTOCOL EFI_TLS_PROTOCOL;
+
+///
+/// EFI_TLS_SESSION_DATA_TYPE
+///
+typedef enum {
+  ///
+  /// Session Configuration
+  ///
+
+  ///
+  /// TLS session Version. The corresponding Data is of type EFI_TLS_VERSION.
+  ///
+  EfiTlsVersion,
+  ///
+  /// TLS session as client or as server. The corresponding Data is of
+  /// EFI_TLS_CONNECTION_END.
+  ///
+  EfiTlsConnectionEnd,
+  ///
+  /// A priority list of preferred algorithms for the TLS session.
+  /// The corresponding Data is a list of EFI_TLS_CIPHER.
+  ///
+  EfiTlsCipherList,
+  ///
+  /// TLS session compression method.
+  /// The corresponding Data is of type EFI_TLS_COMPRESSION.
+  ///
+  EfiTlsCompressionMethod,
+  ///
+  /// TLS session extension data.
+  /// The corresponding Data is a list of type EFI_TLS_EXTENDION.
+  ///
+  EfiTlsExtensionData,
+  ///
+  /// TLS session verify method.
+  /// The corresponding Data is of type EFI_TLS_VERIFY.
+  ///
+  EfiTlsVerifyMethod,
+  ///
+  /// TLS session data session ID.
+  /// For SetSessionData(), it is TLS session ID used for session resumption.
+  /// For GetSessionData(), it is the TLS session ID used for current session.
+  /// The corresponding Data is of type EFI_TLS_SESSION_ID.
+  ///
+  EfiTlsSessionID,
+  ///
+  /// TLS session data session state.
+  /// The corresponding Data is of type EFI_TLS_SESSION_STATE.
+  ///
+  EfiTlsSessionState,
+
+  ///
+  /// Session information
+  ///
+
+  ///
+  /// TLS session data client random.
+  /// The corresponding Data is of type EFI_TLS_RANDOM.
+  ///
+  EfiTlsClientRandom,
+  ///
+  /// TLS session data server random.
+  /// The corresponding Data is of type EFI_TLS_RANDOM.
+  ///
+  EfiTlsServerRandom,
+  ///
+  /// TLS session data key material.
+  /// The corresponding Data is of type EFI_TLS_MASTER_SECRET.
+  ///
+  EfiTlsKeyMaterial,
+
+  EfiTlsSessionDataTypeMaximum
+
+} EFI_TLS_SESSION_DATA_TYPE;
+
+///
+/// EFI_TLS_VERSION
+/// Note: The TLS version definition is from SSL3.0 to the latest TLS (e.g. 
1.2).
+///   SSL2.0 is obsolete and should not be used.
+///
+typedef struct {
+  UINT8 Major;
+  UINT8 Minor;
+} EFI_TLS_VERSION;
+
+///
+/// EFI_TLS_CONNECTION_END to define TLS session as client or server.
+///
+typedef enum {
+  EfiTlsClient,
+  EfiTlsServer,
+} EFI_TLS_CONNECTION_END;
+
+///
+/// EFI_TLS_CIPHER
+/// Note: The definition of EFI_TLS_CIPHER definition is from "RFC 5246, A.4.1.
+///   Hello Messages". The value of EFI_TLS_CIPHER is from TLS Cipher
+///   

Re: [edk2] [patch 6/6] SecurityPkg:Use FileExplorerLib in SecureBootConfigDxe

[Zhang, Chao B]

Dandan:
  1. The copyright head file change is not right.
  2. Do we need to update NT32Pkg.dsc & Quark Platform dsc?
Other changes are good to me




Thanks & Best regards
Chao Zhang


-Original Message-
From: Bi, Dandan 
Sent: Tuesday, February 02, 2016 10:18 AM
To: Zhang, Chao B; Dong, Eric; ler...@redhat.com; edk2-devel@lists.01.org
Subject: [patch 6/6] SecurityPkg:Use FileExplorerLib in SecureBootConfigDxe

Using existing library FileExplorerLib to replace the same
logic in SecureBootConfigDxe to make the code clear.After using
FileExplorerLib,the UI behavior for enroll PK will change,
previously when select one PK file,commit/discard changes will
return to Device Manager,press ESC will return to FileExplorer.
Now using FileExplorerLib the behavior will keep same with
enroll KEK/DB/...,commit/discard changes will return to Custom
Secure Boot Options form and ESC will return to PK options form.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi 
---
 .../SecureBootConfigDxe/SecureBootConfig.vfr   |  109 +-
 .../SecureBootConfigDxe/SecureBootConfigDxe.inf|3 +-
 .../SecureBootConfigFileExplorer.c | 1127 +---
 .../SecureBootConfigDxe/SecureBootConfigImpl.c |  167 ++-
 .../SecureBootConfigDxe/SecureBootConfigImpl.h |  142 +--
 .../SecureBootConfigDxe/SecureBootConfigNvData.h   |   10 +
 6 files changed, 1225 insertions(+), 333 deletions(-)

diff --git 
a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr 
b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
index 484da2c..e53630c 100644
--- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
+++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
@@ -1,9 +1,9 @@
 /** @file
   VFR file used by the SecureBoot configuration component.
 
-Copyright (c) 2011 - 2016, Intel Corporation. All rights reserved.
+Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD 
License
 which accompanies this distribution.  The full text of the license may be 
found at
 http://opensource.org/licenses/bsd-license.php
 
@@ -200,33 +200,15 @@ formset
   form formid = FORMID_ENROLL_PK_FORM,
 title  = STRING_TOKEN(STR_ENROLL_PK);
 
 subtitle text = STRING_TOKEN(STR_NULL);
 
-goto FORMID_ENROLL_PK_FORM,
+goto FORM_FILE_EXPLORER_ID_PK,
  prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
  help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
  flags = INTERACTIVE,
- key = FORMID_ENROLL_PK_FORM;
-
-subtitle text = STRING_TOKEN(STR_NULL);
-label FORMID_ENROLL_PK_FORM;
-label LABEL_END;
-subtitle text = STRING_TOKEN(STR_NULL);
-
-goto FORMID_SECURE_BOOT_OPTION_FORM,
-  prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
-  help   = STRING_TOKEN(STR_SAVE_AND_EXIT),
-  flags  = INTERACTIVE| RESET_REQUIRED,
-  key= KEY_VALUE_SAVE_AND_EXIT_PK;
-
-goto FORMID_SECURE_BOOT_OPTION_FORM,
-  prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
-  help   = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
-  flags  = INTERACTIVE,
-  key= KEY_VALUE_NO_SAVE_AND_EXIT_PK;
-
+ key = SECUREBOOT_ADD_PK_FILE_FORM_ID;
   endform;
 
   //
   // ##5 Form: 'KEK Options'
   //
@@ -261,11 +243,11 @@ formset
   form formid = FORMID_ENROLL_KEK_FORM,
 title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);
 
 subtitle text = STRING_TOKEN(STR_NULL);
 
-goto FORMID_ENROLL_KEK_FORM,
+goto FORM_FILE_EXPLORER_ID_KEK,
  prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),
  help   = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),
  flags  = INTERACTIVE,
  key= FORMID_ENROLL_KEK_FORM;
 
@@ -424,11 +406,11 @@ formset
   form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
 
 subtitle text = STRING_TOKEN(STR_NULL);
 
-goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
+goto FORM_FILE_EXPLORER_ID_DB,
  prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
  help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
  flags = INTERACTIVE,
  key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;
 
@@ -469,11 +451,11 @@ formset
   form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
 
 subtitle text = STRING_TOKEN(STR_NULL);
 
-goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
+goto FORM_FILE_EXPLORER_ID_DBX,
  prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
  help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
  flags = INTERACTIVE,
  key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
 
@@ -545,11 +527,11 @@ formset
   form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
   

[edk2] [patch 6/6] SecurityPkg:Use FileExplorerLib in SecureBootConfigDxe

[Dandan Bi]

Sorry for giving the wrong [patch 6/6] in patches serial,
this is the correct one.

Using existing library FileExplorerLib to replace the same
logic in SecureBootConfigDxe to make the code clear.After using
FileExplorerLib,the UI behavior for enroll PK will change,
previously when select one PK file,commit/discard changes will
return to Device Manager,press ESC will return to FileExplorer.
Now using FileExplorerLib the behavior will keep same with
enroll KEK/DB/...,commit/discard changes will return to Custom
Secure Boot Options form and ESC will return to PK options form.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi 
---
 .../SecureBootConfigDxe/SecureBootConfig.vfr   |  109 +-
 .../SecureBootConfigDxe/SecureBootConfigDxe.inf|3 +-
 .../SecureBootConfigFileExplorer.c | 1127 +++-
 .../SecureBootConfigDxe/SecureBootConfigImpl.c |  167 +--
 .../SecureBootConfigDxe/SecureBootConfigImpl.h |  142 ++-
 .../SecureBootConfigDxe/SecureBootConfigNvData.h   |   10 -
 6 files changed, 333 insertions(+), 1225 deletions(-)

diff --git 
a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr 
b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
index e53630c..484da2c 100644
--- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
+++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
@@ -1,9 +1,9 @@
 /** @file
   VFR file used by the SecureBoot configuration component.
 
-Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.
+Copyright (c) 2011 - 2016, Intel Corporation. All rights reserved.
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD 
License
 which accompanies this distribution.  The full text of the license may be 
found at
 http://opensource.org/licenses/bsd-license.php
 
@@ -200,15 +200,33 @@ formset
   form formid = FORMID_ENROLL_PK_FORM,
 title  = STRING_TOKEN(STR_ENROLL_PK);
 
 subtitle text = STRING_TOKEN(STR_NULL);
 
-goto FORM_FILE_EXPLORER_ID_PK,
+goto FORMID_ENROLL_PK_FORM,
  prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
  help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
  flags = INTERACTIVE,
- key = SECUREBOOT_ADD_PK_FILE_FORM_ID;
+ key = FORMID_ENROLL_PK_FORM;
+
+subtitle text = STRING_TOKEN(STR_NULL);
+label FORMID_ENROLL_PK_FORM;
+label LABEL_END;
+subtitle text = STRING_TOKEN(STR_NULL);
+
+goto FORMID_SECURE_BOOT_OPTION_FORM,
+  prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
+  help   = STRING_TOKEN(STR_SAVE_AND_EXIT),
+  flags  = INTERACTIVE| RESET_REQUIRED,
+  key= KEY_VALUE_SAVE_AND_EXIT_PK;
+
+goto FORMID_SECURE_BOOT_OPTION_FORM,
+  prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
+  help   = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
+  flags  = INTERACTIVE,
+  key= KEY_VALUE_NO_SAVE_AND_EXIT_PK;
+
   endform;
 
   //
   // ##5 Form: 'KEK Options'
   //
@@ -243,11 +261,11 @@ formset
   form formid = FORMID_ENROLL_KEK_FORM,
 title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);
 
 subtitle text = STRING_TOKEN(STR_NULL);
 
-goto FORM_FILE_EXPLORER_ID_KEK,
+goto FORMID_ENROLL_KEK_FORM,
  prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),
  help   = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),
  flags  = INTERACTIVE,
  key= FORMID_ENROLL_KEK_FORM;
 
@@ -406,11 +424,11 @@ formset
   form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
 
 subtitle text = STRING_TOKEN(STR_NULL);
 
-goto FORM_FILE_EXPLORER_ID_DB,
+goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
  prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
  help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
  flags = INTERACTIVE,
  key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;
 
@@ -451,11 +469,11 @@ formset
   form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
 
 subtitle text = STRING_TOKEN(STR_NULL);
 
-goto FORM_FILE_EXPLORER_ID_DBX,
+goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
  prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
  help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
  flags = INTERACTIVE,
  key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
 
@@ -527,11 +545,11 @@ formset
   form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
 
 subtitle text = STRING_TOKEN(STR_NULL);
 
-goto FORM_FILE_EXPLORER_ID_DBT,
+goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
  prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
  help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
  

Re: [edk2] [Patch 0/3] Fix several issues related to TX buffer recycle

[Wu, Jiaxin]

 Series Reviewed-by: Jiaxin Wu 


-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Fu Siyuan
Sent: Monday, February 1, 2016 10:51 AM
To: edk2-devel@lists.01.org
Subject: [edk2] [Patch 0/3] Fix several issues related to TX buffer recycle

1. MdeModulePkg-Update-the-default-size-of-MNP-TX-buffer.
2. Update DBsize in SNP GetStatus command 3. Correct one return status code in 
SNP Transmit function.

Fu Siyuan (3):
  MdeModulePkg: Update the default size of MNP TX buffer pool.
  MdeModulePkg: Update DBsize in SNP GetStatus command.
  MdeModulePkg: Correct one return status code in SNP Transmit function.

 MdeModulePkg/Universal/Network/MnpDxe/MnpImpl.h| 2 +-
 MdeModulePkg/Universal/Network/SnpDxe/Get_status.c | 2 +-
 MdeModulePkg/Universal/Network/SnpDxe/Transmit.c   | 3 ++-
 3 files changed, 4 insertions(+), 3 deletions(-)

--
2.5.0.windows.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [Patch V4 4/4] MdeModulePkg: Add generic PciHostBridgeDxe driver.

[Marcel Apfelbaum]

On 01/26/2016 07:17 AM, Ni, Ruiyu wrote:

Laszlo,
I now understand your problem.
Can you tell me why OVMF needs multiple root bridges support?
My understanding to OVMF is it's a firmware which can be used in a guest VM
environment to boot OS.
Multiple root bridges requirement currently mainly comes from high-end
servers.
Do you mean that the VM guest needs to be like a high-end server?
This may help me to think about the possible solution to your problem.


Hi Ray,

Laszlo's explanation is very good, this is not exactly about high-end VMs,
we need the extra root bridges to match assigned devices to their corresponding 
NUMA node.

Regarding the OVMF issue, the main problem is that the extra root bridges are 
created dynamically
for the VMs (command line parameter) and their resources are computed on the 
fly.

Not directly related to the above, the optimal way to allocate resources for 
PCI root bridges
sharing the same PCI domain is to sort devices MEM/IO ranges from the biggest 
to smallest
and use this order during allocation.

After the resources allocation is finished we can build the CRS for each PCI 
root bridge
and pass it back to firmware/OS.

While for "real" machines we can hard-code the root bridge resources in some 
ROM and have it
extracted early in the boot process, for the VM world this would not be 
possible. Also
any effort to divide the resources range before the resource allocation would 
be odd and far from optimal.

Regarding a possible solution, I first need to understand why the resource 
allocation is done
per PCI root bridge and not per PCI domain. The CRS allows a PCI root bridge to 
have several MEM/IO ranges
so there is really no need to impose a per PCI root bridge logic.

I am new to the edk2 project so I might get things wrong, but I think we need a 
way to specify if
the PCI root bridges will supply their resources or if an external allocator 
will do the job.
Laszlo proposed solution looks like a way to implement such a policy, I am 
personally OK with it.

I really think the generic PciHostBridgeDxe driver is the right way to go also 
for OVMF, we just need
a way to deal with this issue.

Thanks,
Marcel



Regards,
Ray


-Original Message-
From: Laszlo Ersek [mailto:ler...@redhat.com]
Sent: Tuesday, January 26, 2016 11:10 AM
To: Ni, Ruiyu 
Cc: edk2-de...@ml01.01.org; Tian, Feng ; Fan, Jeff 
; Justen, Jordan L ; Marcel Apfelbaum 

Subject: Re: [edk2] [Patch V4 4/4] MdeModulePkg: Add generic PciHostBridgeDxe 
driver.

On 01/26/16 03:42, Ni, Ruiyu wrote:

Laszlo,
Thanks for the detailed explanation and I agrees with your idea that a generic
driver should consider the case that part of the IO/MMIO resource may be
already added by platform, no matter by PEI or by DXE.

So I think we may not need the flag you proposed here. To achieve the maximum
flexibility, we can use gDS.GetMemorySpaceMap/GetIoSpaceMap to retrieve all
the current MMIO/IO space map and only add those ranges that are not added.

And to be more robust, we can check that the range specified to the root bridge
should not be allocated by anyone (CAN be added by someone).

What's your opinion?


Very good, but painful questions. :)

Until now, OVMF has relied upon PlatformPei producing the HOBs in
question (where the base of the 32-bit PCI MMIO window varies in the
HOB, based on guest RAM size), *and* OVMF's PCI host bridge driver has
never even tried to match the root bridges' 32-bit MMIO apertures to
anything at all. All of those apertures are set as [2GB, 4GB).

The idea being, the gDS->AllocateMemorySpace() calls can be satisfied
from whatever room is left from the range that the HOB identified.
Especially in the case of multiple root bridges, I wouldn't know *how*
to divide up the MMIO address space between them. (Dividing up the bus
range was hard enough.)

Same for IO ports -- all root bridges share the same [0xC000, 0x]
port range.

Therefore your idea above would immediately break OVMF, functionally :)

(I suspect that OVMF is kinda broken already, in this aspect, but it
happens to work.)

I know precious little about PCI resource allocation. This is one of the
areas we intend to look into seriously in the future, with Marcel
(CC'd). Thus, if porting OVMF to the generic PciHostBridgeDxe driver
requires incompatible changes at once, then I think we should postpone
the port until Marcel returns from his vacation.

To reiterate, my current problem is ultimately the lack of an algorithm
for dynamically dividing up the IO and MMIO space between root bridges.
Do you have an idea for that? (The algorithm, if there is one, could
very well be specific to QEMU -- which too is where we'll need Marcel's
input.)

Thanks!
Laszlo




Regards,
Ray


-Original Message-
From: Laszlo Ersek [mailto:ler...@redhat.com]
Sent: Tuesday, January 26, 2016 10:20 AM
To: Ni, Ruiyu 
Cc: 

[edk2] [PATCH 2/4] BeagleBoardPkg: Rectify file modes

[evan . lloyd]

From: Evan Lloyd 

Problems have been encountered because some of the source files have
execute permission set.  This can cause git to report them as changed
when they are checked out onto a file system with inherited permissions.
This has been seen using Cygwin, MinGW and PowerShell Git.

This patch makes no change to source file content, and only aims to
correct the file modes/permissions.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Evan Lloyd 

diff --git a/BeagleBoardPkg/Debugger_scripts/rvi_dummy.axf 
b/BeagleBoardPkg/Debugger_scripts/rvi_dummy.axf
old mode 100755
new mode 100644
diff --git a/BeagleBoardPkg/Debugger_scripts/rvi_symbols_macros.inc 
b/BeagleBoardPkg/Debugger_scripts/rvi_symbols_macros.inc
old mode 100755
new mode 100644
diff --git a/BeagleBoardPkg/Debugger_scripts/rvi_unload_symbols.inc 
b/BeagleBoardPkg/Debugger_scripts/rvi_unload_symbols.inc
old mode 100755
new mode 100644
diff --git a/BeagleBoardPkg/Include/BeagleBoard.h 
b/BeagleBoardPkg/Include/BeagleBoard.h
old mode 100755
new mode 100644
diff --git a/BeagleBoardPkg/Library/BeagleBoardLib/BeagleBoard.c 
b/BeagleBoardPkg/Library/BeagleBoardLib/BeagleBoard.c
old mode 100755
new mode 100644
diff --git a/BeagleBoardPkg/Library/BeagleBoardLib/BeagleBoardLib.inf 
b/BeagleBoardPkg/Library/BeagleBoardLib/BeagleBoardLib.inf
old mode 100755
new mode 100644
diff --git a/BeagleBoardPkg/Library/BeagleBoardLib/BeagleBoardMem.c 
b/BeagleBoardPkg/Library/BeagleBoardLib/BeagleBoardMem.c
old mode 100755
new mode 100644
diff --git a/BeagleBoardPkg/Library/BeagleBoardLib/Clock.c 
b/BeagleBoardPkg/Library/BeagleBoardLib/Clock.c
old mode 100755
new mode 100644
diff --git a/BeagleBoardPkg/Library/BeagleBoardLib/PadConfiguration.c 
b/BeagleBoardPkg/Library/BeagleBoardLib/PadConfiguration.c
old mode 100755
new mode 100644
diff --git a/BeagleBoardPkg/License.txt b/BeagleBoardPkg/License.txt
old mode 100755
new mode 100644
diff --git a/BeagleBoardPkg/Tools/makefile b/BeagleBoardPkg/Tools/makefile
old mode 100755
new mode 100644
-- 
2.7.0

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 3/4] EmbeddedPkg: Rectify file modes

[evan . lloyd]

From: Evan Lloyd 

Problems have been encountered because some of the source files have
execute permission set.  This can cause git to report them as changed
when they are checked out onto a file system with inherited permissions.
This has been seen using Cygwin, MinGW and PowerShell Git.

This patch makes no change to source file content, and only aims to
correct the file modes/permissions.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Evan Lloyd 

diff --git a/EmbeddedPkg/Include/Library/DebugAgentTimerLib.h 
b/EmbeddedPkg/Include/Library/DebugAgentTimerLib.h
old mode 100755
new mode 100644
diff --git a/EmbeddedPkg/Include/Library/DmaLib.h 
b/EmbeddedPkg/Include/Library/DmaLib.h
old mode 100755
new mode 100644
diff --git a/EmbeddedPkg/Library/DebugAgentTimerLibNull/DebugAgentTimerLib.c 
b/EmbeddedPkg/Library/DebugAgentTimerLibNull/DebugAgentTimerLib.c
old mode 100755
new mode 100644
diff --git 
a/EmbeddedPkg/Library/DebugAgentTimerLibNull/DebugAgentTimerLibNull.inf 
b/EmbeddedPkg/Library/DebugAgentTimerLibNull/DebugAgentTimerLibNull.inf
old mode 100755
new mode 100644
diff --git a/EmbeddedPkg/Library/FdtLib/README.txt 
b/EmbeddedPkg/Library/FdtLib/README.txt
old mode 100755
new mode 100644
diff --git a/EmbeddedPkg/Library/GdbDebugAgent/Arm/ExceptionSupport.ARMv6.S 
b/EmbeddedPkg/Library/GdbDebugAgent/Arm/ExceptionSupport.ARMv6.S
old mode 100755
new mode 100644
diff --git a/EmbeddedPkg/Library/GdbDebugAgent/Arm/ExceptionSupport.ARMv6.asm 
b/EmbeddedPkg/Library/GdbDebugAgent/Arm/ExceptionSupport.ARMv6.asm
old mode 100755
new mode 100644
diff --git a/EmbeddedPkg/Library/GdbDebugAgent/Arm/Processor.c 
b/EmbeddedPkg/Library/GdbDebugAgent/Arm/Processor.c
old mode 100755
new mode 100644
diff --git a/EmbeddedPkg/Library/GdbDebugAgent/GdbDebugAgent.c 
b/EmbeddedPkg/Library/GdbDebugAgent/GdbDebugAgent.c
old mode 100755
new mode 100644
diff --git a/EmbeddedPkg/Library/GdbDebugAgent/GdbDebugAgent.h 
b/EmbeddedPkg/Library/GdbDebugAgent/GdbDebugAgent.h
old mode 100755
new mode 100644
diff --git a/EmbeddedPkg/Library/GdbDebugAgent/GdbDebugAgent.inf 
b/EmbeddedPkg/Library/GdbDebugAgent/GdbDebugAgent.inf
old mode 100755
new mode 100644
diff --git a/EmbeddedPkg/Library/GdbDebugAgent/Ia32/Processor.c 
b/EmbeddedPkg/Library/GdbDebugAgent/Ia32/Processor.c
old mode 100755
new mode 100644
diff --git a/EmbeddedPkg/Library/GdbDebugAgent/X64/Processor.c 
b/EmbeddedPkg/Library/GdbDebugAgent/X64/Processor.c
old mode 100755
new mode 100644
diff --git a/EmbeddedPkg/Library/GdbDebugAgent/gdbnotes.txt 
b/EmbeddedPkg/Library/GdbDebugAgent/gdbnotes.txt
old mode 100755
new mode 100644
diff --git a/EmbeddedPkg/Library/NullDmaLib/NullDmaLib.c 
b/EmbeddedPkg/Library/NullDmaLib/NullDmaLib.c
old mode 100755
new mode 100644
diff --git a/EmbeddedPkg/Library/NullDmaLib/NullDmaLib.inf 
b/EmbeddedPkg/Library/NullDmaLib/NullDmaLib.inf
old mode 100755
new mode 100644
diff --git a/EmbeddedPkg/License.txt b/EmbeddedPkg/License.txt
old mode 100755
new mode 100644
diff --git a/EmbeddedPkg/Scripts/LauterbachT32/EFI.CMM 
b/EmbeddedPkg/Scripts/LauterbachT32/EFI.CMM
old mode 100755
new mode 100644
diff --git a/EmbeddedPkg/Scripts/LauterbachT32/EfiLoadDxe.cmm 
b/EmbeddedPkg/Scripts/LauterbachT32/EfiLoadDxe.cmm
old mode 100755
new mode 100644
diff --git a/EmbeddedPkg/Scripts/LauterbachT32/EfiLoadFv.cmm 
b/EmbeddedPkg/Scripts/LauterbachT32/EfiLoadFv.cmm
old mode 100755
new mode 100644
diff --git a/EmbeddedPkg/Scripts/LauterbachT32/EfiProcessPeImage.cmm 
b/EmbeddedPkg/Scripts/LauterbachT32/EfiProcessPeImage.cmm
old mode 100755
new mode 100644
diff --git a/EmbeddedPkg/Scripts/LauterbachT32/EfiProcessTeImage.cmm 
b/EmbeddedPkg/Scripts/LauterbachT32/EfiProcessTeImage.cmm
old mode 100755
new mode 100644
diff --git a/EmbeddedPkg/Scripts/LauterbachT32/README.txt 
b/EmbeddedPkg/Scripts/LauterbachT32/README.txt
old mode 100755
new mode 100644
diff --git a/EmbeddedPkg/Scripts/LauterbachT32/T32.CMM 
b/EmbeddedPkg/Scripts/LauterbachT32/T32.CMM
old mode 100755
new mode 100644
-- 
2.7.0

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 4/4] Omap35xxPkg: Rectify file modes

[evan . lloyd]

From: Evan Lloyd 

Problems have been encountered because some of the source files have
execute permission set.  This can cause git to report them as changed
when they are checked out onto a file system with inherited permissions.
This has been seen using Cygwin, MinGW and PowerShell Git.

This patch makes no change to source file content, and only aims to
correct the file modes/permissions.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Evan Lloyd 

diff --git a/Omap35xxPkg/Include/Library/OmapDmaLib.h 
b/Omap35xxPkg/Include/Library/OmapDmaLib.h
old mode 100755
new mode 100644
diff --git a/Omap35xxPkg/Include/Omap3530/Omap3530Dma.h 
b/Omap35xxPkg/Include/Omap3530/Omap3530Dma.h
old mode 100755
new mode 100644
diff --git a/Omap35xxPkg/Library/DebugAgentTimerLib/DebugAgentTimerLib.c 
b/Omap35xxPkg/Library/DebugAgentTimerLib/DebugAgentTimerLib.c
old mode 100755
new mode 100644
diff --git a/Omap35xxPkg/Library/DebugAgentTimerLib/DebugAgentTimerLib.inf 
b/Omap35xxPkg/Library/DebugAgentTimerLib/DebugAgentTimerLib.inf
old mode 100755
new mode 100644
diff --git a/Omap35xxPkg/Library/OmapDmaLib/OmapDmaLib.c 
b/Omap35xxPkg/Library/OmapDmaLib/OmapDmaLib.c
old mode 100755
new mode 100644
diff --git a/Omap35xxPkg/Library/OmapDmaLib/OmapDmaLib.inf 
b/Omap35xxPkg/Library/OmapDmaLib/OmapDmaLib.inf
old mode 100755
new mode 100644
diff --git a/Omap35xxPkg/Library/RealTimeClockLib/RealTimeClockLib.c 
b/Omap35xxPkg/Library/RealTimeClockLib/RealTimeClockLib.c
old mode 100755
new mode 100644
diff --git a/Omap35xxPkg/Library/RealTimeClockLib/RealTimeClockLib.inf 
b/Omap35xxPkg/Library/RealTimeClockLib/RealTimeClockLib.inf
old mode 100755
new mode 100644
diff --git a/Omap35xxPkg/License.txt b/Omap35xxPkg/License.txt
old mode 100755
new mode 100644
diff --git a/Omap35xxPkg/MmcHostDxe/MmcHostDxe.c 
b/Omap35xxPkg/MmcHostDxe/MmcHostDxe.c
old mode 100755
new mode 100644
diff --git a/Omap35xxPkg/MmcHostDxe/MmcHostDxe.h 
b/Omap35xxPkg/MmcHostDxe/MmcHostDxe.h
old mode 100755
new mode 100644
diff --git a/Omap35xxPkg/MmcHostDxe/MmcHostDxe.inf 
b/Omap35xxPkg/MmcHostDxe/MmcHostDxe.inf
old mode 100755
new mode 100644
-- 
2.7.0

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 1/4] ArmPlatformPkg: Rectify file modes

[evan . lloyd]

From: Evan Lloyd 

Problems have been encountered because some of the source files have
execute permission set.  This can cause git to report them as changed
when they are checked out onto a file system with inherited permissions.
This has been seen using Cygwin, MinGW and PowerShell Git.

This patch makes no change to source file content, and only aims to
correct the file modes/permissions.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Evan Lloyd 

diff --git a/ArmPlatformPkg/Documentation/ARM-EDK2-Overview.png 
b/ArmPlatformPkg/Documentation/ARM-EDK2-Overview.png
old mode 100755
new mode 100644
diff --git a/ArmPlatformPkg/Documentation/ArmPlatformLib-2nd-Stage.png 
b/ArmPlatformPkg/Documentation/ArmPlatformLib-2nd-Stage.png
old mode 100755
new mode 100644
diff --git a/ArmPlatformPkg/Documentation/ArmPlatformLib-Full-Boot.png 
b/ArmPlatformPkg/Documentation/ArmPlatformLib-Full-Boot.png
old mode 100755
new mode 100644
diff --git a/ArmPlatformPkg/Drivers/PL180MciDxe/PL180MciDxe.inf 
b/ArmPlatformPkg/Drivers/PL180MciDxe/PL180MciDxe.inf
old mode 100755
new mode 100644
diff --git a/ArmPlatformPkg/Drivers/PL301Axi/PL301Axi.inf 
b/ArmPlatformPkg/Drivers/PL301Axi/PL301Axi.inf
old mode 100755
new mode 100644
diff --git a/ArmPlatformPkg/Drivers/PL310L2Cache/PL310L2CacheSec.inf 
b/ArmPlatformPkg/Drivers/PL310L2Cache/PL310L2CacheSec.inf
old mode 100755
new mode 100644
diff --git a/ArmPlatformPkg/Drivers/PL34xDmc/PL341Dmc.inf 
b/ArmPlatformPkg/Drivers/PL34xDmc/PL341Dmc.inf
old mode 100755
new mode 100644
diff --git a/ArmPlatformPkg/Drivers/PL35xSmc/InitializeSMC.S 
b/ArmPlatformPkg/Drivers/PL35xSmc/InitializeSMC.S
old mode 100755
new mode 100644
diff --git a/ArmPlatformPkg/Drivers/PL35xSmc/InitializeSMC.asm 
b/ArmPlatformPkg/Drivers/PL35xSmc/InitializeSMC.asm
old mode 100755
new mode 100644
diff --git a/ArmPlatformPkg/Drivers/PL35xSmc/PL35xSmc.inf 
b/ArmPlatformPkg/Drivers/PL35xSmc/PL35xSmc.inf
old mode 100755
new mode 100644
diff --git 
a/ArmPlatformPkg/Library/DebugSecExtraActionLib/DebugSecExtraActionLib.c 
b/ArmPlatformPkg/Library/DebugSecExtraActionLib/DebugSecExtraActionLib.c
old mode 100755
new mode 100644
diff --git 
a/ArmPlatformPkg/Library/DebugSecExtraActionLib/DebugSecExtraActionLib.inf 
b/ArmPlatformPkg/Library/DebugSecExtraActionLib/DebugSecExtraActionLib.inf
old mode 100755
new mode 100644
diff --git a/ArmPlatformPkg/Library/L2X0CacheLibNull/L2X0CacheLibNull.inf 
b/ArmPlatformPkg/Library/L2X0CacheLibNull/L2X0CacheLibNull.inf
old mode 100755
new mode 100644
diff --git 
a/ArmPlatformPkg/Library/PrePiHobListPointerLib/PrePiHobListPointer.c 
b/ArmPlatformPkg/Library/PrePiHobListPointerLib/PrePiHobListPointer.c
old mode 100755
new mode 100644
diff --git 
a/ArmPlatformPkg/Library/PrePiHobListPointerLib/PrePiHobListPointerLib.inf 
b/ArmPlatformPkg/Library/PrePiHobListPointerLib/PrePiHobListPointerLib.inf
old mode 100755
new mode 100644
diff --git a/ArmPlatformPkg/License.txt b/ArmPlatformPkg/License.txt
old mode 100755
new mode 100644
diff --git a/ArmPlatformPkg/MemoryInitPei/MemoryInitPeiLib.c 
b/ArmPlatformPkg/MemoryInitPei/MemoryInitPeiLib.c
old mode 100755
new mode 100644
diff --git a/ArmPlatformPkg/MemoryInitPei/MemoryInitPeiLib.inf 
b/ArmPlatformPkg/MemoryInitPei/MemoryInitPeiLib.inf
old mode 100755
new mode 100644
diff --git a/ArmPlatformPkg/MemoryInitPei/MemoryInitPeim.c 
b/ArmPlatformPkg/MemoryInitPei/MemoryInitPeim.c
old mode 100755
new mode 100644
diff --git a/ArmPlatformPkg/MemoryInitPei/MemoryInitPeim.inf 
b/ArmPlatformPkg/MemoryInitPei/MemoryInitPeim.inf
old mode 100755
new mode 100644
diff --git a/ArmPlatformPkg/PlatformPei/PlatformPeiLib.c 
b/ArmPlatformPkg/PlatformPei/PlatformPeiLib.c
old mode 100755
new mode 100644
diff --git a/ArmPlatformPkg/PlatformPei/PlatformPeiLib.inf 
b/ArmPlatformPkg/PlatformPei/PlatformPeiLib.inf
old mode 100755
new mode 100644
diff --git a/ArmPlatformPkg/PlatformPei/PlatformPeim.c 
b/ArmPlatformPkg/PlatformPei/PlatformPeim.c
old mode 100755
new mode 100644
diff --git a/ArmPlatformPkg/PlatformPei/PlatformPeim.inf 
b/ArmPlatformPkg/PlatformPei/PlatformPeim.inf
old mode 100755
new mode 100644
diff --git a/ArmPlatformPkg/PrePi/PeiMPCore.inf 
b/ArmPlatformPkg/PrePi/PeiMPCore.inf
old mode 100755
new mode 100644
diff --git a/ArmPlatformPkg/PrePi/PeiUniCore.inf 
b/ArmPlatformPkg/PrePi/PeiUniCore.inf
old mode 100755
new mode 100644
diff --git a/ArmPlatformPkg/PrePi/PrePi.c b/ArmPlatformPkg/PrePi/PrePi.c
old mode 100755
new mode 100644
-- 
2.7.0

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel