REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1169
PCI spec:
They are also required to always implement function 0 in the device.
Implementing other functions is optional and may be assigned in any
order (i.e., a two-function device must respond to function 0 but
can choose any of the other possible function numbers (1-7) for the
second function).
This patch updates ScanPciBus() to not scan other functions if
function 0 is not implemented.
Test done:
Added debug code below in the second loop of ScanPciBus(),
compared the debug logs with and without this patch, many
non-0 unimplemented functions are skipped correctly.
DEBUG ((
DEBUG_INFO,
"%a() B%02xD%02xF%02x VendorId: %04x DeviceId: %04x\n",
__FUNCTION__,
Bus,
Device,
Function,
VendorID,
DeviceID
));
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Rangasai V Chaganty <rangasai.v.chaganty@intel.com>
Cc: Tomson Chang <tomson.chang@intel.com>
Cc: Jenny Huang <jenny.huang@intel.com>
Cc: Amy Chan <amy.chan@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
(cherry picked from commit e69d7e99e7)
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=415
When SetVariable() to a time based auth variable with APPEND_WRITE
attribute, and if the EFI_VARIABLE_AUTHENTICATION_2.TimeStamp in
the input Data is earlier than current value, it will cause timestamp
zeroing.
This issue may bring time based auth variable downgrade problem.
For example:
A vendor released three certs at 2014, 2015, and 2016, and system
integrated the 2016 cert. User can SetVariable() with 2015 cert and
APPEND_WRITE attribute to cause timestamp zeroing first, then
SetVariable() with 2014 cert to downgrade the cert.
This patch fixes this issue.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
(cherry picked from commit b7dc8888f3)
Commit f6b139b added return status handling to PciIo->Mem.Write.
However, the second status handling will override EFI_DEVICE_ERROR
returned in this branch:
//
// Check the NVMe cmd execution result
//
if (Status != EFI_TIMEOUT) {
if ((Cq->Sct == 0) && (Cq->Sc == 0)) {
Status = EFI_SUCCESS;
} else {
Status = EFI_DEVICE_ERROR;
^^^^^^^^^^^^^^^^
Since PciIo->Mem.Write will probably return SUCCESS, it causes
NvmExpressPassThru to return SUCCESS even when DEVICE_ERROR occurs.
Callers of NvmExpressPassThru will then continue executing which may
cause further unexpected results, e.g. DiscoverAllNamespaces couldn't
break out the loop.
So we save previous status before calling PciIo->Mem.Write and restore
the previous one if it already contains error.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Heyi Guo <heyi.guo@linaro.org>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
(cherry picked from commit 9a77210b43)
Current code not check the CommunicationBuffer size before use it. Attacker can
read beyond the end of the (untrusted) commbuffer into controlled memory. Attacker
can get access outside of valid SMM memory regions. This patch add check before
use it.
bugz: https://bugzilla.tianocore.org/show_bug.cgi?id=198
Cc: Yao Jiewen <jiewen.yao@intel.com>
Cc: Wu Hao <hao.a.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
1) UefiCpuPkg/PiSmmCpu: Check for untested memory in GCD
It treats GCD untested memory as invalid SMM
communication buffer.
2) UefiCpuPkg/PiSmmCpu: Check EFI_RUNTIME_RO in UEFI mem attrib table.
It treats the UEFI runtime page with EFI_MEMORY_RO attribute as
invalid SMM communication buffer.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
We want to provide precise info in MemAttribTable
to both OS and SMM, and SMM only gets the info at EndOfDxe.
So we do not update RtCode entry in EndOfDxe.
The impact is that if 3rd part OPROM is runtime, it cannot be executed
at UEFI runtime phase.
Currently, we do not see compatibility issue, because the only runtime
OPROM we found before in UNDI, and UEFI OS will not use UNDI interface
in OS.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
So that the SMM can consume it to set page protection for
the UEFI runtime page with EFI_MEMORY_RO attribute.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
It treats the UEFI runtime page with EFI_MEMORY_RO attribute as
invalid SMM communication buffer.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
It treats GCD untested memory as invalid SMM
communication buffer.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
d69d9227d0 caused system firmware update
failure. It is because FindMatchingFmpHandles() is expected to return
handles matched, but the function returns all handles found.
This patch is to fix the issue.
This patch also assigns mSystemFmpPrivate->Handle for "case 1:" path
in case the Handle is needed by other place in future.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
(cherry picked from commit 665bfd41ac)
https://bugzilla.tianocore.org/show_bug.cgi?id=928
Uninstall all System FMP Protocols for the current FW device.
If an FMP Protocol for the current FW device is already present,
then install the new System FMP protocol onto the same handle as
the FMP Protocol. Otherwise, install the FMP protocol onto a
new handle.
This supports use cases where multiple capsules for the
same system firmware device are processed on the same
boot of the platform. It guarantees there is at most one
FMP protocol for each system firmware device.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
(cherry picked from commit d69d9227d0)
Update package format info in _PRS to TcgNvs after memory is allocated.
Change-Id: Icfadb350e60d3ed2df332e92c257ce13309c0018
Contributed-under: TianoCore Contribution Agreement 1.1
Cc: Yao Jiewen <jiewen.yao@intel.com>
Cc: Long Qin <qin.long@intel.com>
Signed-off-by: Zhang, Chao B <chao.b.zhang@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
(cherry picked from commit 1ea08a3dcd)
(cherry picked from commit fb8254478f7259d22d8433f6729307e001b81bdd)
UEFI Spec uses UnRegisterResetNotify in protocol structure
definition but uses UnregisterResetNotify in the function
prototype definition.
By searching the entire spec, Unregister* is used for
SIMPLE_TEXT_INPUT_EX_PROTOCOL.UnregisterKeyNotify(). So choose
to use UnregisterResetNotify for consistency.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
(cherry picked from commit fcccba378b)
The PeriodicSmiDispatchFunction() in SmmPeriodicSmiLib may assert
with "Bad CR signature".
Currently, the SetActivePeriodicSmiLibraryHandler() function
(invoked at the beginning of the PeriodicSmiDispatchFunction()
function) attempts to locate the PERIODIC_SMI_LIBRARY_HANDLER_CONTEXT
structure pointer for the current periodic SMI from a given
EFI_SMM_PERIODIC_TIMER_REGISTER_CONTEXT (RegiserContext) structure
pointer (using the CR macro).
The RegisterContext structure pointer passed to the
PeriodicSmiDispatchFunction() is assumed to point to the same
RegisterContext structure address given to the
SmmPeriodicTimerDispatch2 protocol Register() API in
PeriodicSmiEnable().
However, certain SmmPeriodicTimerDispatch2 implementation may copy
the RegisterContext to a local buffer and pass that address as the
context to PeriodicSmiDispatchFunction() in which case usage of the
CR macro to find the parent structure base fails.
The patch uses the LookupPeriodicSmiLibraryHandler() function to
find the PERIODIC_SMI_LIBRARY_HANDLER_CONTEXT structure pointer.
This works even in this scenario since the DispatchHandle returned
from the SmmPeriodicTimerDispatch2 Register() function uniquely
identifies that registration.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
(cherry picked from commit 1e35fcc9ee)
When source level debug is enabled, but debug cable is not connected,
XhcResetHC() in XhciReg.c will reset the host controller, the debug
capability registers will be also reset. After the code in
InitializeUsbDebugHardware() sets DCE bit and LSE bit to "1" in DCCTRL,
there will be DMA on 0 (the value of some debug capability registers
for data transfer is 0) address buffer, fault info like below will
appear when IOMMU based on VTd is enabled.
VER_REG - 0x00000010
CAP_REG - 0x00D2008C40660462
ECAP_REG - 0x0000000000F050DA
GSTS_REG - 0xC0000000
RTADDR_REG - 0x0000000086512000
CCMD_REG - 0x2800000000000000
FSTS_REG - 0x00000002
FECTL_REG - 0xC0000000
FEDATA_REG - 0x00000000
FEADDR_REG - 0x00000000
FEUADDR_REG - 0x00000000
FRCD_REG[0] - 0xC0000006000000A0 0000000000000000
Fault Info - 0x0000000000000000
Source - B00 D14 F00
Type - 1 (read)
Reason - 6
IVA_REG - 0x0000000000000000
IOTLB_REG - 0x1200000000000000
This patch is to return error for the case.
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Hao Wu <hao.a.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Hao Wu <hao.a.wu@intel.com>
(cherry picked from commit df67a480eb)
de8373fa07 could not handle two cases.
1. For the case that the USB3 debug port instance and DMA buffers are
from PEI HOB with IOMMU enabled, it was to reallocate the DMA buffers
by AllocateAddress with the memory type accessible by SMM environment.
But reallocating the DMA buffers by AllocateAddress may fail.
2. At S3 resume, after the code is transferred to PiSmmCpuDxeSmm from
S3Resume2Pei, HOB is still needed to be used for DMA operation, but
PiSmmCpuDxeSmm has no way to get the HOB at S3 resume.
The patch is to re-support IOMMU.
For PEI, allocate granted DMA buffer from IOMMU PPI, register IOMMU PPI
notification to reinitialize hardware with granted DMA buffer if IOMMU
PPI is not present yet.
For DXE, map DMA buffer by PciIo in PciIo notification for early DXE,
and register DxeSmmReadyToLock notification to reinitialize hardware
with granted DXE DMA buffer accessible by SMM environment for late DXE.
DebugAgentLib has been managing the instance as Handle in
HOB/SystemTable. The Handle(instance) from DebugAgentLib can be used
directly in DebugCommunicationLibUsb3. Then DebugCommunicationLibUsb3
could get consistent Handle(instance) from DebugAgentLib.
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Hao Wu <hao.a.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Hao Wu <hao.a.wu@intel.com>
(cherry picked from commit 75787f6580)
Fix GCC build failures below.
variable 'EvtTrb' set but not used [-Werror=unused-but-set-variable]
variable 'Index' set but not used [-Werror=unused-but-set-variable]
The build failure could only be caught with -D SOURCE_DEBUG_USE_USB3
build flag.
ad6040ec9b needs to be also reverted
when reverting IOMMU support patches, otherwise there will be conflict.
This patch is to re-do ad6040ec9b.
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Hao Wu <hao.a.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Hao Wu <hao.a.wu@intel.com>
(cherry picked from commit 3ecca00330)
Fix GCC build failures below.
variable 'EvtTrb' set but not used [-Werror=unused-but-set-variable]
variable 'Index' set but not used [-Werror=unused-but-set-variable]
The build failure could only be caught with -D SOURCE_DEBUG_USE_USB3
build flag.
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Hao Wu <hao.a.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Hao Wu <hao.a.wu@intel.com>
(cherry picked from commit ad6040ec9b)
PI 1.6 has supported pre permanent memory page allocation,
to make sure the allocated memory is physical memory for DMA,
the patch is to check memory discovered PPI installed or not first
before calling AllocatePages.
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Hao Wu <hao.a.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Hao Wu <hao.a.wu@intel.com>
(cherry picked from commit 364f63c065)
If IOMMU is enabled, the legacy BIOS need allow the legacy memory
access by the legacy device.
The legacy memory is below 1M memory and HighPmm memory.
Cc: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
(cherry picked from commit 60794ee6b0)
This information is to record which device requested which DMA buffer.
It can be used for DMA buffer analysis.
Cc: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
(cherry picked from commit 6d2d2e6e5b)
Add PcdVTdPeiDmaBufferSize(S3) to replace the hard coded value
TOTAL_DMA_BUFFER_SIZE and TOTAL_DMA_BUFFER_SIZE_S3 in IntelVTdPmrPei.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
(cherry picked from commit 339cb0af96)
NULL is returned to Mapping when Operation is BusMasterCommonBuffer or
BusMasterCommonBuffer64 in PeiIoMmuMap().
So Mapping == NULL is valid when calling PeiIoMmuUnmap().
940dbd071e wrongly changed EFI_SUCCESS
to EFI_INVALID_PARAMETER when Mapping == NULL in PeiIoMmuUnmap().
This patch is to correct it.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
(cherry picked from commit abe63fa7dc)
Install IOMMU PPI for pre-memory phase and return
EFI_NOT_AVAILABLE_YET to indicate that DMA protection has been enabled,
but DMA buffer are not available to be allocated yet.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
(cherry picked from commit 940dbd071e)
Then the consumer of IoMmu PPI has opportunity to get granted DMA
buffer (by callback) to replace old buffer before it is forbidden
by enabling PMR.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
(cherry picked from commit ed0e52fc9a)
The patch fixes flush cache issue in
CreateSecondLevelPagingEntryTable().
We found some video cards still not work even they have
been added to the exception list.
In CreateSecondLevelPagingEntryTable(), the check
"(BaseAddress >= MemoryLimit)" may be TRUE and "goto Done"
will be executed, then the FlushPageTableMemory operations
at the end of the function will be skipped.
Instead of "goto Done", this patch uses "break" to break
the for loops, then the FlushPageTableMemory operations
at the end of the function could have opportunity to be
executed.
The patch also fixes a miscalculation for Lvl3End.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
(cherry picked from commit bac7f02365)
Fix DMA does not work issue when system memory is not
greater than 4G.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
(cherry picked from commit 1d4c17a6ef)
Get high top by host address width instead of resource HOB.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
(cherry picked from commit b2725f57c7)
