sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
29,915 Commits 13 Branches 33 Tags
c63905aba7fda2f16bc6a68cba13b167a47e868c
Commit Graph

29915 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Gao, Zhichao
4ecb1ba5ef NetworkPkg/Defines: Make iSCSI disable as default 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3003

iSCSI is using the deprecated function MD5. It is
better to make the default setting secure. If the platforms
want to use the iSCSI, they should enable it in the platforms'
dsc file and be aware they are using an function with weak
cryptography.

Enable iSCSI in NetworkPkg.dsc for build.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Kelly Steele <kelly.steele@intel.com>
Cc: Zailiang Sun <zailiang.sun@intel.com>
Cc: Yi Qian <yi.qian@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
Message-Id: <20201112055558.2348-13-zhichao.gao@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Siyuan Fu <siyuan.fu@intel.com>
Reviewed-by: Maciej Rabeda <maciej.rabeda@linux.intel.com>
 2020-11-17 19:26:50 +00:00
Gao, Zhichao
c8b94334ca OvmfPkg/BhyveX64.dsc: Enable MD5 while enable iSCSI 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3003

There is a plan to make MD5 disable as default.
The new MACRO ENABLE_MD5_DEPRECATED_INTERFACES
would be introduced to enable MD5. Make the
definition ahead of the change to avoid build
error after the MACRO changed.

Enable iSCSI.

Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Message-Id: <20201112055558.2348-12-zhichao.gao@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Build-tested-by: Laszlo Ersek <lersek@redhat.com>
 2020-11-17 19:26:50 +00:00
Gao, Zhichao
4e56034b5e OvmfPkg/OvmfXen.dsc: Enable MD5 while enable iSCSI 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3003

There is a plan to make MD5 disable as default.
The new MACRO ENABLE_MD5_DEPRECATED_INTERFACES
would be introduced to enable MD5. Make the
definition ahead of the change to avoid build
error after the MACRO changed.

Enable iSCSI.

Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Message-Id: <20201112055558.2348-11-zhichao.gao@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Build-tested-by: Laszlo Ersek <lersek@redhat.com>
 2020-11-17 19:26:50 +00:00
Gao, Zhichao
0cbf1b772b OvmfPkg/OvmfPkgX64.dsc: Enable MD5 while enable iSCSI 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3003

There is a plan to make MD5 disable as default.
The new MACRO ENABLE_MD5_DEPRECATED_INTERFACES
would be introduced to enable MD5. Make the
definition ahead of the change to avoid build
error after the MACRO changed.

Enable iSCSI.

Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Message-Id: <20201112055558.2348-10-zhichao.gao@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Build-tested-by: Laszlo Ersek <lersek@redhat.com>
 2020-11-17 19:26:50 +00:00
Gao, Zhichao
397f1f4138 OvmfPkg/OvmfPkgIa32X64.dsc: Enable MD5 while enable iSCSI 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3003

There is a plan to make MD5 disable as default.
The new MACRO ENABLE_MD5_DEPRECATED_INTERFACES
would be introduced to enable MD5. Make the
definition ahead of the change to avoid build
error after the MACRO changed.

Enable iSCSI.

Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Message-Id: <20201112055558.2348-9-zhichao.gao@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Build-tested-by: Laszlo Ersek <lersek@redhat.com>
 2020-11-17 19:26:50 +00:00
Gao, Zhichao
a2dd544f85 OvmfPkg/OvmfPkgIa32.dsc: Enable MD5 while enable iSCSI 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3003

There is a plan to make MD5 disable as default.
The new MACRO ENABLE_MD5_DEPRECATED_INTERFACES
would be introduced to enable MD5. Make the
definition ahead of the change to avoid build
error after the MACRO changed.

Enable iSCSI.

Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Message-Id: <20201112055558.2348-8-zhichao.gao@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Build-tested-by: Laszlo Ersek <lersek@redhat.com>
 2020-11-17 19:26:50 +00:00
Gao, Zhichao
99e5cf5574 ArmVirtPkg/ArmVirtQemuKernel.dsc: Enable MD5 while enable iSCSI 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3003

There is a plan to make MD5 disable as default.
The new MACRO ENABLE_MD5_DEPRECATED_INTERFACES
would be introduced to enable MD5. Make the
definition ahead of the change to avoid build
error after the MACRO changed.

Enable iSCSI.

Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Message-Id: <20201112055558.2348-7-zhichao.gao@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
 2020-11-17 19:26:50 +00:00
Gao, Zhichao
be7dc48727 ArmVirtPkg/ArmVirtQemu.dsc: Enable MD5 while enable iSCSI 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3003

There is a plan to make MD5 disable as default.
The new MACRO ENABLE_MD5_DEPRECATED_INTERFACES
would be introduced to enable MD5. Make the
definition ahead of the change to avoid build
error after the MACRO changed.

Enable iSCSI.

Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Message-Id: <20201112055558.2348-6-zhichao.gao@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Build-tested-by: Laszlo Ersek <lersek@redhat.com>
 2020-11-17 19:26:50 +00:00
Gao, Zhichao
1aa2cf0521 NetworkPkg: Enable MD5 while enable iSCSI 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3003

There is a plan to make MD5 disable as default.
The new MACRO ENABLE_MD5_DEPRECATED_INTERFACES
would be introduced to enable MD5. Make the
definition ahead of the change to avoid build
error after the MACRO changed.
1. Add the NetworkBuildOptions.dsc.inc to define
the MACRO for build (support: GCC, INTEL, MSFT and
RVCT)
2. Add the BuildOption file to Network.dsc.inc

Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
Message-Id: <20201112055558.2348-5-zhichao.gao@intel.com>
[lersek@redhat.com: clean up comments in "NetworkBuildOptions.dsc.inc"]
[lersek@redhat.com: hoist "BuildOptions" above "Components" in
 "Network.dsc.inc" for bug compat with edk2-platforms]
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Siyuan Fu <siyuan.fu@intel.com>
 2020-11-17 19:26:50 +00:00
Gao, Zhichao
d3d560e0f0 CryptoPkg/dsc: Enable MD5 when CRYPTO_SERVICES enable MD5 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3021

CRYPTO_SERVICES PACKAGES and ALL config would enable MD5
function. So explicitly enable MD5 while CRYPTO_SERVICES
are set PACKAGES and ALL.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
Message-Id: <20201112055558.2348-4-zhichao.gao@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
 2020-11-17 19:26:50 +00:00
Gao, Zhichao
fedd32d82f SecurityPkg/Hash2DxeCrypto: Remove SHA1 support 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3027

Remove the deprecated SHA1 support of Hash2DxeCrypto
driver.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Message-Id: <20201112055558.2348-3-zhichao.gao@intel.com>
 2020-11-17 19:26:50 +00:00
Gao, Zhichao
0a1b6d0be3 SecurityPkg/Hash2DxeCrypto: Remove MD5 support 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3027

Remove the deprecated MD5 support of Hash2DxeCrypto
driver.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Message-Id: <20201112055558.2348-2-zhichao.gao@intel.com>
 2020-11-17 19:26:50 +00:00
Michael D Kinney
29d59baa39 MdePkg/IndustryStandard: Fix CXL 1.1 structure layout issues 
https://bugzilla.tianocore.org/show_bug.cgi?id=3074

* Fix offset of LinkLayerControlAndStatus in the
  CXL_1_1_LINK_CAPABILITY_STRUCTURE structure
* Fix offset of LinkLayerAckTimerControl in the
  CXL_1_1_LINK_CAPABILITY_STRUCTURE structure
* Fix offset of LinkLayerDefeature in
  the CXL_1_1_LINK_CAPABILITY_STRUCTURE structure
* Add CXL_11_SIZE_ASSERT() macro to verify the size of
  a register layout structure at compile time and use
  it to verify the sizes of the CXL 1.1 register structures.
* Add CXL_11_OFFSET_ASSERT() macro to verify the offset of
  fields in a register layout structure at compiler time and
  use it to verify the offset of fields in CXL 1.1
  register structures.

Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: Ashraf Javeed <ashraf.javeed@intel.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Zhiguang Liu <zhiguang.liu@intel.com>
Reviewed-by: Ashraf Javeed <ashraf.javeed@intel.com>
 2020-11-17 01:57:22 +00:00
Bret Barkelew
124b3f9289 MdeModulePkg: Drop VarLock from RuntimeDxe variable driver 
https://bugzilla.tianocore.org/show_bug.cgi?id=2522

Now that everything should be moved to
VariablePolicy, drop support for the
deprecated VarLock SMI interface and
associated functions from variable RuntimeDxe.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Bret Barkelew <brbarkel@microsoft.com>
Signed-off-by: Bret Barkelew <brbarkel@microsoft.com>
Reviewed-by: Dandan Bi <dandan.bi@intel.com>
Acked-by: Jian J Wang <jian.j.wang@intel.com>
 2020-11-17 01:03:43 +00:00
Bret Barkelew
98ee0c68a2 MdeModulePkg: Change TCG MOR variables to use VariablePolicy 
https://bugzilla.tianocore.org/show_bug.cgi?id=2522

These were previously using VarLock, which is
being deprecated.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Bret Barkelew <brbarkel@microsoft.com>
Signed-off-by: Bret Barkelew <brbarkel@microsoft.com>
Reviewed-by: Dandan Bi <dandan.bi@intel.com>
Acked-by: Jian J Wang <jian.j.wang@intel.com>
 2020-11-17 01:03:43 +00:00
Bret Barkelew
28f4616fde SecurityPkg: Allow VariablePolicy state to delete authenticated variables 
https://bugzilla.tianocore.org/show_bug.cgi?id=2522

Causes AuthService to check
IsVariablePolicyEnabled() before enforcing
write protections to allow variable deletion
when policy engine is disabled.

Only allows deletion, not modification.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Bret Barkelew <brbarkel@microsoft.com>
Signed-off-by: Bret Barkelew <brbarkel@microsoft.com>
Reviewed-by: Dandan Bi <dandan.bi@intel.com>
Acked-by: Jian J Wang <jian.j.wang@intel.com>
 2020-11-17 01:03:43 +00:00
Bret Barkelew
e176bafc9d MdeModulePkg: Allow VariablePolicy state to delete protected variables 
https://bugzilla.tianocore.org/show_bug.cgi?id=2522

TcgMorLockSmm provides special protections for
the TCG MOR variables. This will check
IsVariablePolicyEnabled() before enforcing
them to allow variable deletion when policy
engine is disabled.

Only allows deletion, not modification.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Bret Barkelew <brbarkel@microsoft.com>
Signed-off-by: Bret Barkelew <brbarkel@microsoft.com>
Reviewed-by: Dandan Bi <dandan.bi@intel.com>
Acked-by: Jian J Wang <jian.j.wang@intel.com>
 2020-11-17 01:03:43 +00:00
Bret Barkelew
b6490426e3 MdeModulePkg: Connect VariablePolicy business logic to VariableServices 
https://bugzilla.tianocore.org/show_bug.cgi?id=2522

VariablePolicy is an updated interface to
replace VarLock and VarCheckProtocol.

Add connective code to publish the VariablePolicy protocol
and wire it to either the SMM communication interface
or directly into the VariablePolicyLib business logic.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Bret Barkelew <brbarkel@microsoft.com>
Signed-off-by: Bret Barkelew <brbarkel@microsoft.com>
Reviewed-by: Dandan Bi <dandan.bi@intel.com>
Acked-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
 2020-11-17 01:03:43 +00:00
Bret Barkelew
d49fe0ca20 UefiPayloadPkg: Add VariablePolicy engine to UefiPayloadPkg platform 
https://bugzilla.tianocore.org/show_bug.cgi?id=2522

Cc: Maurice Ma <maurice.ma@intel.com>
Cc: Guo Dong <guo.dong@intel.com>
Cc: Benjamin You <benjamin.you@intel.com>
Cc: Bret Barkelew <brbarkel@microsoft.com>
Signed-off-by: Bret Barkelew <brbarkel@microsoft.com>
Reviewed-by: Maurice Ma <maurice.ma@intel.com>
 2020-11-17 01:03:43 +00:00
Bret Barkelew
e691d80e37 ArmVirtPkg: Add VariablePolicy engine to ArmVirtPkg platform 
https://bugzilla.tianocore.org/show_bug.cgi?id=2522

Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Bret Barkelew <brbarkel@microsoft.com>
Signed-off-by: Bret Barkelew <brbarkel@microsoft.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
 2020-11-17 01:03:43 +00:00
Bret Barkelew
61a85646eb EmulatorPkg: Add VariablePolicy engine to EmulatorPkg platform 
https://bugzilla.tianocore.org/show_bug.cgi?id=2522

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Andrew Fish <afish@apple.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Bret Barkelew <brbarkel@microsoft.com>
Signed-off-by: Bret Barkelew <brbarkel@microsoft.com>
Reviewed-by: Ray Ni <ray.ni@intel.com>
 2020-11-17 01:03:43 +00:00
Bret Barkelew
435a05aff5 OvmfPkg: Add VariablePolicy engine to OvmfPkg platform 
https://bugzilla.tianocore.org/show_bug.cgi?id=2522

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Bret Barkelew <brbarkel@microsoft.com>
Signed-off-by: Bret Barkelew <brbarkel@microsoft.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
 2020-11-17 01:03:43 +00:00
Bret Barkelew
483449c9da MdeModulePkg: Define the VarCheckPolicyLib and SMM interface 
https://bugzilla.tianocore.org/show_bug.cgi?id=2522

VariablePolicy is an updated interface to
replace VarLock and VarCheckProtocol.

This is an instance of a VarCheckLib that is backed by the
VariablePolicyLib business logic. It also publishes the SMM
calling interface for messages from the DXE protocol.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Bret Barkelew <brbarkel@microsoft.com>
Signed-off-by: Bret Barkelew <brbarkel@microsoft.com>
Reviewed-by: Dandan Bi <dandan.bi@intel.com>
Acked-by: Jian J Wang <jian.j.wang@intel.com>
 2020-11-17 01:03:43 +00:00
Bret Barkelew
b6104becb9 MdeModulePkg: Define the VariablePolicyHelperLib 
https://bugzilla.tianocore.org/show_bug.cgi?id=2522

VariablePolicy is an updated interface to
replace VarLock and VarCheckProtocol.

Add the VariablePolicyHelperLib library, containing
several functions to help with the repetitive process
of creating a correctly structured and packed
VariablePolicy entry.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Bret Barkelew <brbarkel@microsoft.com>
Signed-off-by: Bret Barkelew <brbarkel@microsoft.com>
Reviewed-by: Dandan Bi <dandan.bi@intel.com>
Acked-by: Jian J Wang <jian.j.wang@intel.com>
 2020-11-17 01:03:43 +00:00
Bret Barkelew
355b181f74 MdeModulePkg: Define the VariablePolicyLib 
https://bugzilla.tianocore.org/show_bug.cgi?id=2522

VariablePolicy is an updated interface to
replace VarLock and VarCheckProtocol.

Add the VariablePolicyLib library that implements
the portable business logic for the VariablePolicy
engine.

Also add host-based CI test cases for the lib.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Bret Barkelew <brbarkel@microsoft.com>
Signed-off-by: Bret Barkelew <brbarkel@microsoft.com>
Reviewed-by: Dandan Bi <dandan.bi@intel.com>
Acked-by: Jian J Wang <jian.j.wang@intel.com>
 2020-11-17 01:03:43 +00:00
Bret Barkelew
d11e235976 MdeModulePkg: Define the VariablePolicy protocol interface 
https://bugzilla.tianocore.org/show_bug.cgi?id=2522

VariablePolicy is an updated interface to
replace VarLock and VarCheckProtocol.

Add the VariablePolicy protocol interface
header and add to the MdeModulePkg.dec file.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Bret Barkelew <brbarkel@microsoft.com>
Signed-off-by: Bret Barkelew <brbarkel@microsoft.com>
Reviewed-by: Dandan Bi <dandan.bi@intel.com>
Acked-by: Jian J Wang <jian.j.wang@intel.com>
 2020-11-17 01:03:43 +00:00
Maurice Ma
d448574e73 IntelFsp2Pkg: Fix FSP binary rebasing issue for PE32+ image 
Current FSP rebasing script SplitFspBin.py has support for both
PE32 and PE32+ image formats. However, while updating the ImageBase
field in the image header, it always assumed the ImageBase field is
32bit long. Since PE32+ image format defined ImageBase as 64bit,
the current script will only update the lower 32bit value and leave
the upper 32bit untouched. It does not work well for PE32+ image
that requires update in the upper 32bit ImageBase field. The
expected behavior is to update the full 64bit field. This patch
implemented this fix.

Signed-off-by: Maurice Ma <maurice.ma@intel.com>

Cc: Chasel Chiu <chasel.chiu@intel.com>
Cc: Nate DeSimone <nathaniel.l.desimone@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Reviewed-by: Chasel Chiu <chasel.chiu@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Nate DeSimone <nathaniel.l.desimone@intel.com>
 2020-11-15 00:17:18 +00:00
Rebecca Cran
5e9a8a6dfb OvmfPkg/Bhyve: fix build breakage after SEV-ES changes 
Consume the SEV-ES-independent reset vector restored in the previous
patch. Use the Null instance of VmgExitLib.

Signed-off-by: Rebecca Cran <rebecca@bsdio.com>
Message-Id: <20201112053153.22038-3-rebecca@bsdio.com>
Acked-by: Peter Grehan <grehan@freebsd.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
 2020-11-13 23:16:39 +00:00
Rebecca Cran
cabd0de9f6 OvmfPkg/Bhyve: detach ResetVector from before the SEV-ES changes 
Commits 6995a1b79b, 8a2732186a and 30937f2f98 modified all four
regular files under "OvmfPkg/ResetVector" with SEV-ES dependencies.
These are not relevant for Bhyve. Detach the pre-SEV-ES version of
ResetVector for Bhyve.

Signed-off-by: Rebecca Cran <rebecca@bsdio.com>
Message-Id: <20201112053153.22038-2-rebecca@bsdio.com>
Acked-by: Peter Grehan <grehan@freebsd.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
 2020-11-13 23:16:39 +00:00
Yunhua Feng
662b42db76 BaseTools: Fix BrotliCompress tool issue 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2946

This is the regression issue in BaseTools BrotliCompress after Brotli
is changed to submodule. BrotliCompress should store the source size
and scratch buffer size into the header of the compressed binary data.
But now, BrotliCompress doesn't store them. So, BrotliDecompress
can't work.

To fix this issue, BrotliCompress tool main() function should be provided.
It needs to support the options of -e, -d, -o file, -g gap, -q level.

Cc: Bob Feng <bob.c.feng@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Yuwei Chen <yuwei.chen@intel.com>
Signed-off-by: Yunhua Feng <fengyunhua@byosoft.com.cn>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
 2020-11-13 06:23:56 +00:00
Pete Batard
4eea8f0136 MdePkg/BaseRngLibDxe: Add DXE_RUNTIME_DRIVER class to RngLib 
The Raspberry Pi platform with Secure Boot enabled currently fails to build
with error:

  Module type [DXE_RUNTIME_DRIVER] is not supported by library instance
  [/home/appveyor/projects/rpi4/edk2/MdePkg/Library/DxeRngLib/DxeRngLib.inf]

Add the missing class to fix this issue.

Signed-off-by: Pete Batard <pete@akeo.ie>
Reviewed-by: Samer El-Haj-Mahmoud <Samer.El-Haj-Mahmoud@arm.com>
Reviewed-by: Andrei Warkentin <awarkentin@vmware.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
 2020-11-13 03:39:41 +00:00
gechao
544cb0132d MdeModulePkg DisplayEngineDxe: Correct the local variable name. 
Signed-off-by: gechao <gechao@greatwall.com.cn>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
 2020-11-12 14:32:44 +00:00
Abner Chang
b470520d75 RedfishPkg: Use DSC include file 
- Include Redfish.dsc.inc in RedfishPkg.dsc. which
  consolidates the necessary components in Redfish.dsc.inc.
- Remove unnecessary library instances from RedfishPkg.dsc.
- Add build option in RedfishPkg.yaml.

Signed-off-by: Abner Chang <abner.chang@hpe.com>
Cc: Nickle Wang <nickle.wang@hpe.com>
Cc: Peter O'Hanley <peter.ohanley@hpe.com>
Reviewed-by: Nickle Wang <nickle.wang@hpe.com>
 2020-11-12 07:23:21 +00:00
Abner Chang
1c48866e04 RedfishPkg: DSC and FDF include files for enabling EFI Redfish support 
Provide the DSC/FDF include files of edk2 Redfish related
modules and definitions which can be included in platform's
DSC/FDF.

Signed-off-by: Abner Chang <abner.chang@hpe.com>

Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Fan Wang <fan.wang@intel.com>
Cc: Nickle Wang <nickle.wang@hpe.com>
Cc: Peter O'Hanley <peter.ohanley@hpe.com>
Reviewed-by: Nickle Wang <nickle.wang@hpe.com>
 2020-11-11 07:48:51 +00:00
Abner Chang
a4d2ddb947 RedfishPkg: Add PCD definition to RedfishPkg 
This PCD is the UEFI device path which is used as the Redfish
host interface.

Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Signed-off-by: Ting Ye <ting.ye@intel.com>
Signed-off-by: Siyuan Fu <siyuan.fu@intel.com>
Signed-off-by: Fan Wang <fan.wang@intel.com>
Signed-off-by: Abner Chang <abner.chang@hpe.com>

Cc: Nickle Wang <nickle.wang@hpe.com>
Cc: Peter O'Hanley <peter.ohanley@hpe.com>
Reviewed-by: Nickle Wang <nickle.wang@hpe.com>
 2020-11-11 07:25:16 +00:00
Albecki, Mateusz
91d95113d0 MdeModulePkg/AtaAtapiPassThru: Trace ATA packets 
This simplify ATA driver debugging all ATA packets will be printed to
debug port on DEBUG_VERBOSE level along with the packet execution
status. Additionally failed packets and the failed packet execution
status will be printed on DEBUG_ERROR level.

Signed-off-by: Mateusz Albecki <mateusz.albecki@intel.com>
Reviewed-by: Hao A Wu <hao.a.wu@intel.com>

Cc: Ray Ni <ray.ni@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
 2020-11-11 02:27:59 +00:00
Albecki, Mateusz
64e25d4b06 MdeModulePkg/AtaAtapiPassThru: Restart failed packets 
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3026

This commit adds code to restart the ATA packets that failed due to the
CRC error or other link condition. For sync transfers the code will try
to get the command working for up to 5 times. For async transfers, the
command will be retried until the timeout value timeout specified by the
requester is reached. For sync case the count of 5 retries has been
chosen arbitrarily and if needed can be increased or decreased.

Signed-off-by: Mateusz Albecki <mateusz.albecki@intel.com>
Reviewed-by: Hao A Wu <hao.a.wu@intel.com>

Cc: Ray Ni <ray.ni@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
 2020-11-11 02:27:59 +00:00
Albecki, Mateusz
b465a81100 MdeModulePkg/AtaAtapiPassThru: Add SATA error recovery flow 
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3025

This commit adds error recovery flow on SATA port when the error
condition is reported. Commit only implements SATA port reset flow which
is executed when PxTFD indicates BSY or DRQ. Commit does not implement
HBA level reset.

Signed-off-by: Mateusz Albecki <mateusz.albecki@intel.com>
Reviewed-by: Hao A Wu <hao.a.wu@intel.com>

Cc: Ray Ni <ray.ni@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
 2020-11-11 02:27:59 +00:00
Albecki, Mateusz
cc28ab7a1d MdeModulePkg/AtaAtapiPassThru: Check IS to check for command completion 
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3024

AHCI driver used to poll D2H register type to determine whether the FIS
has been received. This caused a problem of long timeouts when the link
got a CRC error and the FIS never arrives. To fix this this change
switches AHCI driver to poll the IS register which will signal both the
reception of FIS and the occurrence of error.

Signed-off-by: Mateusz Albecki <mateusz.albecki@intel.com>
Reviewed-by: Hao A Wu <hao.a.wu@intel.com>

Cc: Ray Ni <ray.ni@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
 2020-11-11 02:27:59 +00:00
Abner Chang
36c50bd5d5 MdeModulePkg/DriverSampleDxe: Add HII sample options 
Add x-uefi-ns keyword REST_STYLE HII option and non
x-uefi keyword REST_STYLE HII option.

Signed-off-by: Abner Chang <abner.chang@hpe.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Fan Wang <fan.wang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Nickle Wang <nickle.wang@hpe.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
 2020-11-11 00:53:00 +00:00
Abner Chang
2cfec1d840 MdeModulePkg/Library: Revise HiiLib to check REST_STYLE 
This change checks REST_STYLE flag.

Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Signed-off-by: Ting Ye <ting.ye@intel.com>
Signed-off-by: Siyuan Fu <siyuan.fu@intel.com>
Signed-off-by: Fan Wang <fan.wang@intel.com>
Signed-off-by: Abner Chang <abner.chang@hpe.com>
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Nickle Wang <nickle.wang@hpe.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
 2020-11-11 00:53:00 +00:00
Abner Chang
1b840718f7 BaseTools/VfrCompile: VFR compiler supports REST_STYLE in HII option 
Add REST_STYLE support on VFR language

BZ: 2916
https://bugzilla.tianocore.org/show_bug.cgi?id=2916

Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Signed-off-by: Ye Ting <ting.ye@intel.com>
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Signed-off-by: Wang Fan <fan.wang@intel.com>

Cc: Bob Feng <bob.c.feng@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Yuwei Chen <yuwei.chen@intel.com>
Cc: Nickle Wang <nickle.wang@hpe.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
 2020-11-11 00:53:00 +00:00
Abner Chang
5ec3033154 MdePkg: Add GUID for REST Style Formset 
BZ: 2916
https://bugzilla.tianocore.org/show_bug.cgi?id=2916

Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Signed-off-by: Ye Ting <ting.ye@intel.com>
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Signed-off-by: Wang Fan <fan.wang@intel.com>
Signed-off-by: Abner Chang <abner.chang@hpe.com>

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: Nickle Wang <nickle.wang@hpe.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
 2020-11-11 00:53:00 +00:00
Tom Lendacky
d150439b72 UefiCpuPkg/MpInitLib: For SEV-ES guest, set stack based on processor number 
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3008

Set the SEV-ES reset stack address for an AP based on the processor number
instead of the APIC ID in case the APIC IDs are not zero-based and densely
packed/enumerated. This will ensure an AP reset stack address does not get
set outside of the AP reset stack memory allocation.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Acked-by: Ray Ni <ray.ni@intel.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Message-Id: <24866de07d2a954dec71df70972f1851273020d8.1604685192.git.thomas.lendacky@amd.com>
 2020-11-10 19:07:55 +00:00
Tom Lendacky
1b0db1ec87 UefiCpuPkg, OvmfPkg: Disable interrupts when using the GHCB 
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3008

The QemuFlashPtrWrite() flash services runtime uses the GHCB and VmgExit()
directly to perform the flash write when running as an SEV-ES guest. If an
interrupt arrives between VmgInit() and VmgExit(), the Dr7 read in the
interrupt handler will generate a #VC, which can overwrite information in
the GHCB that QemuFlashPtrWrite() has set. This has been seen with the
timer interrupt firing and the CpuExceptionHandlerLib library code,
UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/
  Xcode5ExceptionHandlerAsm.nasm and
  ExceptionHandlerAsm.nasm
reading the Dr7 register while QemuFlashPtrWrite() is using the GHCB. In
general, it is necessary to protect the GHCB whenever it is used, not just
in QemuFlashPtrWrite().

Disable interrupts around the usage of the GHCB by modifying the VmgInit()
and VmgDone() interfaces:
- VmgInit() will take an extra parameter that is a pointer to a BOOLEAN
  that will hold the interrupt state at the time of invocation. VmgInit()
  will get and save this interrupt state before updating the GHCB.
- VmgDone() will take an extra parameter that is used to indicate whether
  interrupts are to be (re)enabled. Before exiting, VmgDone() will enable
  interrupts if that is requested.

Fixes: 437eb3f7a8
Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Acked-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Message-Id: <c326a4fd78253f784b42eb317589176cf7d8592a.1604685192.git.thomas.lendacky@amd.com>
 2020-11-10 19:07:55 +00:00
Tom Lendacky
fdce11226c OvmfPkg/QemuFlashFvbServicesRuntimeDxe: Fix erase blocks for SEV-ES 
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3008

The original SEV-ES support missed updating the QemuFlashEraseBlock()
function to successfully erase blocks. Update QemuFlashEraseBlock() to
call the QemuFlashPtrWrite() to be able to successfully perform the
commands under SEV-ES.

Fixes: 437eb3f7a8
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Message-Id: <309c5317a3107bd0e650be20731842a2e1d4b59a.1604685192.git.thomas.lendacky@amd.com>
 2020-11-10 19:07:55 +00:00
Tom Lendacky
f714fd67f2 OvmfPkg/QemuFlashFvbServicesRuntimeDxe: Set the SwScratch valid bit 
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3008

All fields that are set in the GHCB should have their associated bit in
the GHCB ValidBitmap field set. Add support to set the bit for the scratch
area field (SwScratch).

Fixes: 437eb3f7a8
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Message-Id: <cc8c8449740d2be0b287e6c69d48bf6cb067c7d8.1604685192.git.thomas.lendacky@amd.com>
 2020-11-10 19:07:55 +00:00
Tom Lendacky
fb2a1a36a2 UefiCpuPkg/MpInitLib: Set the SW exit fields when performing VMGEXIT 
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3008

All fields that are set in the GHCB should have their associated bit in
the GHCB ValidBitmap field set. Add support to set the bits for the
software exit information fields when performing a VMGEXIT (SwExitCode,
SwExitInfo1, SwExitInfo2).

Fixes: 20da7ca42a
Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Acked-by: Ray Ni <ray.ni@intel.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Message-Id: <6e11dd7e161bddeacc3fb4817467cef24510c31c.1604685192.git.thomas.lendacky@amd.com>
 2020-11-10 19:07:55 +00:00
Tom Lendacky
12a0c11e81 OvmfPkg/VmgExitLib: Set the SwScratch valid bit for MMIO events 
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3008

All fields that are set in the GHCB should have their associated bit in
the GHCB ValidBitmap field set. Add support to set the bit for the scratch
area field (SwScratch).

Fixes: c45f678a1e
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Message-Id: <45ccb63c2dadd834e2c47bf10c9e59c6766d7eb6.1604685192.git.thomas.lendacky@amd.com>
 2020-11-10 19:07:55 +00:00
Tom Lendacky
8d9698ecf8 OvmfPkg/VmgExitLib: Set the SwScratch valid bit for IOIO events 
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3008

All fields that are set in the GHCB should have their associated bit in
the GHCB ValidBitmap field set. Add support to set the bit for the scratch
area field (SwScratch).

Fixes: 0020157a98
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Message-Id: <f817d034cea37fa78e00e86f61c3445f1208226d.1604685192.git.thomas.lendacky@amd.com>
 2020-11-10 19:07:55 +00:00