Re: [edk2-devel] [PATCH 3/3] OvmfPkg/PlatformPei: Mark TPM MMIO range as unencrypted for SEV

On 04/21/21 01:13, Lendacky, Thomas wrote: > On 4/20/21 5:54 PM, Lendacky, Thomas via groups.io wrote: >> From: Tom Lendacky >> >> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3345 >> >> The TPM support in OVMF performs MMIO accesses during the PEI phase. At >> this point, MMIO ranges have n

[edk2-devel] [PATCH v2] BaseTools: Add support for version 3 of FMP Image Header structure

Add support for the ImageCapsuleSupport field, introduced in version 3 of the EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER structure. This structure member is used to indicate if the corresponding payload has support for authentication and dependency. Signed-off-by: Sughosh Ganu --- Changes sinc

Re: [edk2-devel] [PATCH 3/3] OvmfPkg/PlatformPei: Mark TPM MMIO range as unencrypted for SEV

On 04/22/21 09:34, Laszlo Ersek wrote: > Anyway: I think the TPM (MMIO) access you see comes from this PEIM: > > OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf > > The driver uses the following library instance: > > SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf > > This library instanc

Re: [edk2-devel] [PATCH 3/3] OvmfPkg/PlatformPei: Mark TPM MMIO range as unencrypted for SEV

On 04/22/21 09:34, Laszlo Ersek wrote: > The new InternalTpmDecryptAddressRange() function should be called > from Tcg2ConfigPeimEntryPoint(), before the latter calls > InternalTpm12Detect(). Regarding error checking... if > InternalTpmDecryptAddressRange() fails, I think we can log an error > mes

Re: [edk2-devel] RFC: Adding support for ARM (RNDR etc.) to RngDxe

Hi Rebecca, I have been working on the following modules (See slide 11 in “EDKII - Proposed update to RNG implementation.pdf”): 1. TrngLib|FwTrnglib (Arm Firmware TRNG) 2.

Re: [edk2-devel] [PATCH v1 01/12] ArmPkg: Fix Ecc error 8003

Hi Pierre, Thank you for this patch. Reviewed-by: Sami Mujawar Regards, Sami Mujawar From: pierre.gond...@arm.com Date: Wednesday, 21 April 2021 at 13:21 To: devel@edk2.groups.io , Sami Mujawar , l...@nuviainc.com , ardb+tianoc...@kernel.org , sean.bro...@microsoft.com , bret.barke...@mi

Re: [edk2-devel] [PATCH v1 02/12] ArmPkg: Fix Ecc error 3002 in StandaloneMmMmuLib

Hi Pierre, Thank you for this patch. Reviewed-by: Sami Mujawar Regards, Sami Mujawar From: pierre.gond...@arm.com Date: Wednesday, 21 April 2021 at 13:21 To: devel@edk2.groups.io , Sami Mujawar , l...@nuviainc.com , ardb+tianoc...@kernel.org , sean.bro...@microsoft.com , bret.barke...@mic

Re: [edk2-devel] [PATCH v1 03/12] ArmPkg: Add missing library headers to ArmPkg.dec

Hi Pierre, Thank you for this patch. Reviewed-by: Sami Mujawar Regards, Sami Mujawar From: pierre.gond...@arm.com Date: Wednesday, 21 April 2021 at 13:21 To: devel@edk2.groups.io , Sami Mujawar , l...@nuviainc.com , ardb+tianoc...@kernel.org , sean.bro...@microsoft.com , bret.barke...@mi

Re: [edk2-devel] [PATCH v1 04/12] ArmPkg: Add OemMiscLibNull library to ArmPkg.dsc

Hi Pierre, Thank you for this patch. Reviewed-by: Sami Mujawar Regards, Sami Mujawar From: pierre.gond...@arm.com Date: Wednesday, 21 April 2021 at 13:21 To: devel@edk2.groups.io , Sami Mujawar , l...@nuviainc.com , ardb+tianoc...@kernel.org , sean.bro...@microsoft.com , bret.barke...@mi

Re: [edk2-devel] [PATCH v1 05/12] ArmPkg: Correct small typos

Hi Pierre, This patch looks good to me. Reviewed-by: Sami Mujawar Regards, Sami Mujawar From: pierre.gond...@arm.com Date: Wednesday, 21 April 2021 at 13:21 To: devel@edk2.groups.io , Sami Mujawar , l...@nuviainc.com , ardb+tianoc...@kernel.org , sean.bro...@microsoft.com , bret.barke..

Re: [edk2-devel] [PATCH v1 06/12] ArmPkg: Add ArmPkg.ci.yaml

Hi Pierre, I have a few minor comments marked inline as [SAMI]. With those changed. Reviewed-by: Sami Mujawar Regards, Sami Mujawar From: pierre.gond...@arm.com Date: Wednesday, 21 April 2021 at 13:21 To: devel@edk2.groups.io , Sami Mujawar , l...@nuviainc.com , ardb+tianoc...@kernel.org

Re: [edk2-devel] [PATCH v1 07/12] ArmPlatformPkg: Add ArmPlatformPkg.ci.yaml

Hi Pierre, I have a minor comment marked inline as [SAMI]. With that changed. Reviewed-by: Sami Mujawar mailto:sami.muja...@arm.com>> Regards, Sami Mujawar From: pierre.gond...@arm.com Date: Wednesday, 21 April 2021 at 13:21 To: devel@edk2.groups.io , Sami Mujawar , l...@nuviainc.com , ard

Re: [edk2-devel] [PATCH v1 08/12] .pytool: Enable CI for ArmPkg

Hi Pierre, This patch looks good to me. Reviewed-by: Sami Mujawar mailto:sami.muja...@arm.com>> Regards, Sami Mujawar From: pierre.gond...@arm.com Date: Wednesday, 21 April 2021 at 13:21 To: devel@edk2.groups.io , Sami Mujawar , l...@nuviainc.com , ardb+tianoc...@kernel.org , sean.bro...@m

Re: [edk2-devel] [PATCH v1 09/12] .pytool: Enable CI for ArmPlatformPkg

Hi Pierre, This patch looks good to me. Reviewed-by: Sami Mujawar mailto:sami.muja...@arm.com>> Regards, Sami Mujawar From: pierre.gond...@arm.com Date: Wednesday, 21 April 2021 at 13:21 To: devel@edk2.groups.io , Sami Mujawar , l...@nuviainc.com , ardb+tianoc...@kernel.org , sean.bro...

Re: [edk2-devel] [PATCH v1 10/12] .pytool: Document LicenseCheck and EccCheck

Hi Pierre, Thank you for this patch. Reviewed-by: Sami Mujawar mailto:sami.muja...@arm.com>> Regards, Sami Mujawar From: pierre.gond...@arm.com Date: Wednesday, 21 April 2021 at 13:21 To: devel@edk2.groups.io , Sami Mujawar , l...@nuviainc.com , ardb+tianoc...@kernel.org , sean.bro...@micr

Re: [edk2-devel] [PATCH v1 11/12] AzurePipelines: Add support for ArmPkg

Hi Pierre, Thank you for this patch. Reviewed-by: Sami Mujawar mailto:sami.muja...@arm.com>> Regards, Sami Mujawar From: pierre.gond...@arm.com Date: Wednesday, 21 April 2021 at 13:21 To: devel@edk2.groups.io , Sami Mujawar , l...@nuviainc.com , ardb+tianoc...@kernel.org , sean.bro...@micr

Re: [edk2-devel] [PATCH v1 12/12] AzurePipelines: Add support for ArmPlatformPkg

Hi Pierre, Thank you for this patch. Reviewed-by: Sami Mujawar mailto:sami.muja...@arm.com>> Regards, Sami Mujawar From: pierre.gond...@arm.com Date: Wednesday, 21 April 2021 at 13:21 To: devel@edk2.groups.io , Sami Mujawar , l...@nuviainc.com , ardb+tianoc...@kernel.org , sean.bro...@m

Re: [edk2-devel] [PATCH 1/3] OvfmPkg/VmgExitLib: Properly decode MMIO MOVZX and MOVSX opcodes

On 4/22/21 12:28 AM, Laszlo Ersek wrote: > On 04/21/21 00:54, Lendacky, Thomas wrote: >> From: Tom Lendacky >> >> BZ: >> https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D3345&data=04%7C01%7Cthomas.lendacky%40amd.com%7C22bf3a3ae9cb4421e

Re: [edk2-devel] [PATCH v1 1/4] ArmVirtPkg: Library: Memory initialization for Cloud Hypervisor

Hi Jianyong, On 04/22/21 10:24, Jianyong Wu wrote: > Cloud Hypervisor is kvm based VMM implemented in rust. > > This library populates the system memory map for the > Cloud Hypervisor virtual platform. > > Cc: Laszlo Ersek > Cc: Ard Biesheuvel > Cc: Leif Lindholm > Signed-off-by: Jianyong Wu

Re: [edk2-devel] [PATCH v1 1/4] ArmVirtPkg: Library: Memory initialization for Cloud Hypervisor

Hi Jianyong, You need to check if you're subscribed to the EDK II development mailing list. Otherwise, your patch email will get rejected. You can subscribe here: https://edk2.groups.io/g/devel. Make sure that you reply to the email with subscription confirmation sent from nore...@groups.io

Re: [edk2-devel] [PATCH 2/3] OvmfPkg/VmgExitLib: Add support for new MMIO MOV opcodes

On 4/22/21 12:50 AM, Laszlo Ersek via groups.io wrote: > On 04/21/21 00:54, Lendacky, Thomas wrote: >> From: Tom Lendacky >> >> BZ: >> https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D3345&data=04%7C01%7Cthomas.lendacky%40amd.com%7C19a

Re: [edk2-devel] [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Add RSA PSS verify support

Hi Jiewen, Thanks for sharing these references. We are currently using Salt Length of digest length. I will add the test for new API in the unit test framework in the next version of the patch. In reference to adding support for RsaPssSign() API : This maybe due to my ignorance, but I am unawa

Re: [edk2-devel] separate OVMF binary for TDX? [was: OvmfPkg: Reserve the Secrets and Cpuid page for the SEV-SNP guest]

On 04/21/21 19:07, Erdem Aktas wrote: > Hi Laszlo, > > I am sorry to hear that it sounded like we are dictating a certain > approach. Although I can see why it sounded that way, it certainly was not > my intention. > We want to work with the EDK2 community to have a solution that is > beneficial f

Re: [edk2-devel] [PATCH 3/3] OvmfPkg/PlatformPei: Mark TPM MMIO range as unencrypted for SEV

On 4/22/21 2:34 AM, Laszlo Ersek wrote: > On 04/21/21 01:13, Lendacky, Thomas wrote: >> On 4/20/21 5:54 PM, Lendacky, Thomas via groups.io wrote: >>> From: Tom Lendacky >>> >>> BZ: >>> https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D3

[edk2-devel] [PATCH] Maintainers.txt: Add 'Erdem Aktas' to Confidential Computing reviewers

Add 'Erdem Aktas' as a reviewer for OvmfPkg/Confidential Computing. Signed-off-by: Erdem Aktas --- Maintainers.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/Maintainers.txt b/Maintainers.txt index fda3df5de2..cafe6b1ab8 100644 --- a/Maintainers.txt +++ b/Maintainers.txt @@ -458,6 +458,

Re: [edk2-devel] [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Add RSA PSS verify support

I think we have some EDKII tool will use the Signing capability, but it is not needed during BIOS boot. That is why Signing function is in Ext.c, while verify function in in Basic.c Please also add crypto unit test for both API - https://github.com/tianocore/edk2/tree/master/CryptoPkg/Test Tha

Re: [edk2-devel] [PATCH 2/3] OvmfPkg/VmgExitLib: Add support for new MMIO MOV opcodes

On 4/22/21 9:15 AM, Tom Lendacky wrote: > On 4/22/21 12:50 AM, Laszlo Ersek via groups.io wrote: >> On 04/21/21 00:54, Lendacky, Thomas wrote: >>> From: Tom Lendacky >>> >>> BZ: >>> https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D3345

Re: [edk2-devel] [PATCH] Maintainers.txt: Add 'Erdem Aktas' to Confidential Computing reviewers

Acked-by: jiewen@intel.com thank you! Yao, Jiewen > 在 2021年4月22日，下午11:05，Erdem Aktas via groups.io > 写道： > > Add 'Erdem Aktas' as a reviewer for OvmfPkg/Confidential Computing. > > Signed-off-by: Erdem Aktas > --- > Maintainers.txt | 1 + > 1 file changed, 1 insertion(+) > > diff --git

Re: [edk2-devel] [PATCH 3/3] OvmfPkg/PlatformPei: Mark TPM MMIO range as unencrypted for SEV

On 4/22/21 9:51 AM, Tom Lendacky wrote: > On 4/22/21 2:34 AM, Laszlo Ersek wrote: >> On 04/21/21 01:13, Lendacky, Thomas wrote: >>> On 4/20/21 5:54 PM, Lendacky, Thomas via groups.io wrote: From: Tom Lendacky BZ: https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%

Re: [edk2-devel] [PATCH 3/3] OvmfPkg/PlatformPei: Mark TPM MMIO range as unencrypted for SEV

On 4/22/21 3:39 AM, Laszlo Ersek wrote: > On 04/22/21 09:34, Laszlo Ersek wrote: > >> The new InternalTpmDecryptAddressRange() function should be called >> from Tcg2ConfigPeimEntryPoint(), before the latter calls >> InternalTpm12Detect(). Regarding error checking... if >> InternalTpmDecryptAddress

Re: [edk2-devel] [PATCH] Maintainers.txt: Add 'Erdem Aktas' to Confidential Computing reviewers

Acked-by: min.m...@intel.com Thanks! Xu, Min > -Original Message- > From: devel@edk2.groups.io On Behalf Of Erdem > Aktas via groups.io > Sent: Thursday, April 22, 2021 11:05 PM > To: devel@edk2.groups.io; Laszlo Ersek > Cc: y...@google.com; Yao, Jiewen ; Paolo Bonzini > ; jejb @ linux

[edk2-devel] 回复: [PATCH] * MdePkg/SmBios.h: Updated newly added socket info from smbios 3.4.

Reviewed-by: Liming Gao > -邮件原件- > 发件人: Chaganty, Rangasai V > 发送时间: 2021年4月21日 14:53 > 收件人: Bhargava, Avinash ; > devel@edk2.groups.io > 抄送: Ni, Ray ; Liming Gao ; > Kumar, Chandana C > 主题: RE: [PATCH] * MdePkg/SmBios.h: Updated newly added socket info > from smbios 3.4. > > Please al

[edk2-devel] 回复: [PATCH v1 1/2] MdePkg:Update IndustryStandard/Nvme.h with Nvme amdin controller data

Cheng Zhou: Please update the commit message to highlight this change based on NVME1.3 spec. With this update, Reviewed-by: Liming Gao Thanks Liming > -邮件原件- > 发件人: zhoucheng > 发送时间: 2021年4月22日 10:11 > 收件人: devel@edk2.groups.io > 抄送: Michael D Kinney ; Liming Gao > > 主题: [PATCH v1

Re: [edk2-devel] [PATCH] SecurityPkg: Add constraints on PK strength

This patch is good to me. Reviewed-by: Min Xu > -Original Message- > From: Gao, Jiaqi > Sent: Monday, April 19, 2021 9:31 AM > To: Xu, Min M ; devel@edk2.groups.io > Cc: Yao, Jiewen > Subject: RE: [PATCH] SecurityPkg: Add constraints on PK strength > > Hi, > > The patch has been built

Re: [edk2-devel] 回复: [PATCH v1 1/2] MdePkg:Update IndustryStandard/Nvme.h with Nvme amdin controller data

> -Original Message- > From: devel@edk2.groups.io On Behalf Of > gaoliming > Sent: Friday, April 23, 2021 8:53 AM > To: 'zhoucheng' ; devel@edk2.groups.io > Cc: Kinney, Michael D > Subject: [edk2-devel] 回复: [PATCH v1 1/2] MdePkg:Update > IndustryStandard/Nvme.h with Nvme amdin controller

Re: [edk2-devel] [PATCH] SecurityPkg: Add constraints on PK strength

Acked-by: Jiewen Yao > -Original Message- > From: Xu, Min M > Sent: Friday, April 23, 2021 9:36 AM > To: Gao, Jiaqi ; devel@edk2.groups.io > Cc: Yao, Jiewen > Subject: RE: [PATCH] SecurityPkg: Add constraints on PK strength > > This patch is good to me. > Reviewed-by: Min Xu > > > --