Pointer subtraction is not performed by pointers to elements of the same
array object. Such behavior is undefined by C11 standard and might lead to
potential issues, Refine pointer subtraction by first casting each pointer
to UINTN.
Cc: Hao Wu <hao.a.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Hao Wu <hao.a.wu@intel.com>
(cherry picked from commit 28fd7b090d)
Today's implementation only assumes SandyBridge CPU supports
Extended On-Demand Clock Modulation Duty Cycle.
Actually it is supported when CPUID.06h.EAX[5] == 1.
When platform requests 50% throttling, it causes value 1000b
set to the low-4 bits of IA32_CLOCK_MODULATION.
But the wrong code sets 1000b to bits[1-3] which causes assertion.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Jeff Fan <vanjeff_919@hotmail.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
(cherry picked from commit 0c8b880223)
> v2:
> Reduce the number of page to update/restore from 3 to 2 because DF
> has no effect in this issue.
The infinite loop is caused by the memory instruction, such as
"rep mov", operating on memory block crossing boundary of NON-PRESENT
pages. Because the address triggering page fault set in CR2 will be in
the first page, SmmProfilePFHandler() will only change the first page
into PRESENT. The page following will be still in NON-PRESENT status.
Since SmmProfilePFHandler() will setup single-step trap for the
instruction causing #PF, when the handler returns back to the
instruction and re-execute it, both #DB and #PF will be triggered
because the instruction wants to access both first and second page
but only first page is PRESENT.
Normally #DB exception will be handled first and its handler will
change first page back to NON-PRESENT status. Then #PF is handled
and its handler will change first page to PRESENT status again and
setup another single-step for the instruction triggering #PF. Then
the whole system falls into an infinite loop and the memory operation
will never move on.
This patch fix above situation by always changing 2 pages to PRESENT
status instead of just 1 page. Those 2 pages include the page causing
#PF and the page after it.
Cc: Eric Dong <eric.dong@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
(cherry picked from commit 890d9ee554)
The Heap Guard feature wrapped SmmInternalFreePagesEx with
SmmInternalFreePagesExWithGuard but didn't add necessary
parameter check. This patch fixes this situation.
Cc: Star Zeng <star.zeng@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
(cherry picked from commit 7823611cda)
Initialize local variable to suppress warning C4703:
potentially uninitialized local pointer variable.
Both reads (dereferences) of "PciRootBridgeIo" in
PciBusDriverBindingStart() are only reached if
"gFullEnumeration" is TRUE on entry *and* we successfully
open the EfiPciRootBridgeIoProtocol interface.
Cc: Star Zeng <star.zeng@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit a012bf6e3e)
Currently, the FV image size is not enough for the modules after
we enable some flags defined in Nt32Pkg.dsc, e.g:
DEFINE SECURE_BOOT_ENABLE = TRUE
DEFINE TLS_ENABLE = TRUE
DEFINE NETWORK_IP6_ENABLE = TRUE
This patch is to increase the size of FLASH Device to meet the requirement.
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Hao Wu <hao.a.wu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Hao Wu <hao.a.wu@intel.com>
(cherry picked from commit c60d751b73)
Install IOMMU PPI for pre-memory phase and return
EFI_NOT_AVAILABLE_YET to indicate that DMA protection has been enabled,
but DMA buffer are not available to be allocated yet.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
(cherry picked from commit 940dbd071e)
Install IOMMU PPI for pre-memory phase and return
EFI_NOT_AVAILABLE_YET to indicate that DMA protection has been enabled,
but DMA buffer are not available to be allocated yet.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
(cherry picked from commit 20b58eb850)
Then the consumer of IoMmu PPI has opportunity to get granted DMA
buffer (by callback) to replace old buffer before it is forbidden
by enabling PMR.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
(cherry picked from commit ed0e52fc9a)
The below code reads additional one CHAR16 when copying
content from Specific to NewSpecific.
NewSpecific = AllocateCopyPool(
StrSize(Specific) + sizeof(CHAR16), Specific
);
The patch fixes this issue.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
(cherry picked from commit 4887443e4f)
Today's implementation of [Ascii]StrnCpyS/[Ascii]StrnCatS calls
StrnLenS () to get the length of source string but supplies the
destination buffer size as max size.
It's a bug that may cause out-of-bound memory access.
For example:
StrnCpyS (Dest[10], 10, "hello", 6)
-> StrnLenS ("hello", 10) //< cause out-of bound memory access
In a pool guard enabled environment, when using shell to edit an
existing file which contains empty line, the page fault is met.
The patch fixes the four library functions to avoid such
out-of-bound memory access.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
(cherry picked from commit 56658c22a6)
When "FOR %a %a IN A B C" is executed,
CurrentScriptFile->CurrentCommand->Data is NULL.
But the code assumes it's not NULL and tries to
deference it.
The patch fixes this issue.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>
(cherry picked from commit 7162fdb037)
0 40 f0 100
+---WT--+--UC--+--WT--+-----WB----+----UC----+
When calculating the shortest path from 0 to 100, the
MtrrLibCalculateLeastMtrrs() is called to update the
Vertices.Previous.
When calculating the shortest path from 0 to 40,
MtrrLibCalculateLeastMtrrs() is called recursively to update the
Vertices.Previous.
The second call corrupt the Previous value that will be used
later.
The patch removes the code that corrupts Previous.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
(cherry picked from commit 0e8a782922)
80 A8 B0 B8 C0
+----------WB--------+-UC-+-WT-+-WB-+
For above memory settings, current code caused the final MTRR
settings miss [A8, B0, UC] when default memory type is UC.
The root cause is the code only checks the mandatory weight
between A8 to B0, but skips to check the optional weight.
The patch fixes this issue.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
(cherry picked from commit 579510336e)
The patch only change the comments and variable name so
doesn't impact the functionality.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
(cherry picked from commit 3143144ba5)
*SetMemoryAttribute*() API cannot handle the setting request that
looks like <0, MAX_ADDRESS, Type>. The buggy parameter checking
logic returns Unsupported for this case.
The patch fixes the checking logic to handle such case.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
(cherry picked from commit cee85c48e9)
Code forgot to initialize the optional weight between adjacent
vertices. It caused wrong MTRR result was calculated for some
memory settings.
The logic was incorrectly removed when converting from POC
code. The patch adds back the initialization.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
(cherry picked from commit ffb4c72d7b)
MtrrSetMemoryAttributesInMtrrSettings() missed the debug messages
of memory attribute request and status. The patch moves all debug
messages from MtrrSetMemoryAttributeInMtrrSettings() to
MtrrSetMemoryAttributesInMtrrSettings() and refines the debug message
to carry more information.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
(cherry picked from commit 5a6c5af64a)
Add a check for DatumType format, eg: VOID *, original Tool will crash
but no detail error message which cause confusion to user.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Yonghong Zhu <yonghong.zhu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
(cherry picked from commit e0db09cd1c)
HOST_ARCH has been moved into the common header.makefile
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Liming Gao <liming.gao@intel.com>
(cherry picked from commit d16e777ac5)
With this change, enter single tool directory, make can pass.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Yonghong Zhu <yonghong.zhu@intel.com>
(cherry picked from commit 1eac82c878)
Original VOID* type support L"string" and "string" format, now we also
add support for single quote string that without null terminator.
Type VOID* support L'a' and 'a', the value transfer to c style value.
L'a' --> {0x61, 0x00}
L'ab' --> {0x61, 0x00, 0x62, 0x00}
'a' --> {0x61}
'ab' --> {0x61, 0x62}
when the value is L'' or '' that not include any character, tool will
report error.
Cc: Liming Gao <liming.gao@intel.com>
Cc: Yonghong Zhu <yonghong.zhu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Yunhua Feng <yunhuax.feng@intel.com>
Reviewed-by: Yonghong Zhu <yonghong.zhu@intel.com>
(cherry picked from commit 0e6b86731e)
Current PXE driver uses zero GUID if failed to get the system GUID from smbios
table, and some OS PXE boot may fail in such case. This patch is to add a warning
message to inform user that smbios table is missed on the platform.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
Current PXE driver uses zero GUID if failed to get the system GUID from smbios
table, and some OS PXE boot may fail in such case. This patch is to add a warning
message to inform user that smbios table is missed on the platform.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
SmiHandlerUnRegister() validates the DispatchHandle by checking
whether the first 32bit matches to a certain signature
(SMI_HANDLER_SIGNATURE).
But if a caller calls *UnRegister() twice and the memory freed by
first call still contains the signature, the second call may hang.
The patch fixes this issue by locating the DispatchHandle
in all SMI handlers, instead of checking the signature.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
(cherry picked from commit 8a641d2b73)
Current Pcd value support flexible format, this patch add support for
BPDG Tool to support L'' and '' format.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Yonghong Zhu <yonghong.zhu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
(cherry picked from commit d5988a8ac9)
Spec required for VOID* VPD Pcd, Ascii string use byte alignment, byte
array use 8-byte alignment, unicode string use 2-byte alignment.
while when the VPD pcd offset use *, the offset generated in the .map
file not follow this rule.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Yonghong Zhu <yonghong.zhu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
(cherry picked from commit 86737681af)
Refine the debug messages during the verification of microcode to make
them more clear.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
(cherry picked from commit 2ad34f65af)
Considering following scenario (both NX memory protection and heap guard
are enabled):
1. Allocate 3 pages. The attributes of adjacent memory pages will be
|NOT-PRESENT| present | present | present |NOT-PRESENT|
2. Free the middle page. The attributes of adjacent memory pages should be
|NOT-PRESENT| present |NOT-PRESENT| present |NOT-PRESENT|
But the NX feature will overwrite the attributes of middle page. So it
looks still like below, which is wrong.
|NOT-PRESENT| present | PRESENT | present |NOT-PRESENT|
The solution is checking the first and/or last page of a memory block to be
marked as NX, and skipping them if they are Guard pages.
Cc: Star Zeng <star.zeng@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
(cherry picked from commit a6a0a59756)
If enabled, NX memory protection feature will mark all free memory as
NX (non-executable), including page 0. This will overwrite the attributes
of page 0 if NULL pointer detection feature is also enabled and then
compromise the functionality of it. The solution is skipping the NX
attributes setting to page 0 if NULL pointer detection feature is enabled.
Cc: Star Zeng <star.zeng@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
(cherry picked from commit 9b17c6511d)
This issue is a regression one caused by a patch at
425d25699b
That fix didn't take the 0 page to free into account, which still
needs to call UnsetGuardPage() even no memory needs to free.
The fix is just moving the calling of UnsetGuardPage() to the place
right after calling AdjustMemoryF().
Cc: Star Zeng <star.zeng@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
(cherry picked from commit 1263ecf2ff)
Today's implementation only return key state when there is a key.
But when user doesn't press any key, the key state cannot be
returned.
The patch changes the ReadKeyStrokeEx() to always return the
key state even there is no key pressed.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
(cherry picked from commit 821807bcef)
Today's implementation only return key state when there is a key.
But when user doesn't press any key, the key state cannot be
returned.
The patch changes the ReadKeyStrokeEx() to always return the
key state even there is no key pressed.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
(cherry picked from commit 896ae6fc24)
Today's implementation only return key state when there is key.
But when user doesn't press any key, the key state cannot be
returned.
The patch changes the ReadKeyStrokeEx() to always return the
key state even there is no key pressed.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
(cherry picked from commit c9e6803cf4)
Today's implementation only return key state when there is key.
But when user doesn't press any key, the key state cannot be
returned.
The patch changes the ReadKeyStrokeEx() to always return the
key state even there is no key pressed.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
(cherry picked from commit c095341cc4)
