Stanislaw Grams replaces Min Xu as the reviewer for patches to
OvmfPkg/Confidential Computing
Signed-off-by: Stanislaw Grams <stanislaw.grams@intel.com>
With firmware context APIs removed, store HobList pointer directly in the
scratch register for Peiless booting.
Signed-off-by: Tuan Phan <tphan@ventanamicro.com>
Encapsulate IA32 and X64 code under preprocessor directives to enable
module compatibility with other architectures.
Signed-off-by: Tuan Phan <tphan@ventanamicro.com>
Eliminate the APIs using the scratch register as PI 1.9 specifies
it for the PEI service table pointer.
Signed-off-by: Tuan Phan <tphan@ventanamicro.com>
GICv5 uses a different ID scheme for interrupt numbers to previous GICs; the
top bits indicate the type of interrupt (PPI/SPI/LPI). Update TimerDxe to use
the new ID scheme for GICv5. As the timer PPIs are architected for GICv5 they
should be the same on all GICv5 platforms.
Signed-off-by: Sarah Walker <Sarah.Walker2@arm.com>
Add initial driver support for GICv5. This initial driver supports Private
Peripheral Interrupts (PPIs) and Shared Peripheral Interrupts (SPIs).
Signed-off-by: Sarah Walker <Sarah.Walker2@arm.com>
[ardb: Merge v5 support into GicV3Dxe]
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Before extending the GicV3Dxe driver with support for GICv5, make the
driver AArch64-only to avoid the need for adding support to the 32-bit
build, which would be rather pointless.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Some of code for handling Rx/Tx buffer is duplicate.
This patch commonize some of duplication routine used in
Rx/Tx buffer related functions.
Signed-off-by: Yeoreum Yun <yeoreum.yun@arm.com>
To use Arm-FFA intereface in PeilessSec, implments
ArmFfaSecLib used by PeilessSec.
For example, communicate with TPM service using CRB over ARM-FFA
(via Tpm2DeviceLibFfa), PeilessSec need to use Arm-FFA interface.
Signed-off-by: Yeoreum Yun <yeoreum.yun@arm.com>
The PcdFfaTxRxPageCount can never be changed dynamically
and is configured at build time to specify the size of
the Rx/Tx buffers.
Therefore, make PcdFfaTxRxPageCount a PcdsFixedAtBuild PCD.
Signed-off-by: Yeoreum Yun <yeoreum.yun@arm.com>
The commit e15fe06603
("MdeModulePkg/Library: make ArmFfaPeiLib available early PEIM stage")
uses ArmFfaPeiLib in the early PEIM stage.
However, the Rx/Tx buffer allocated in the early PEIM stage uses
temporary memory. This results in a memory leak when the temporary
memory's heap is relocated to permanent memory.
For example, if the Rx/Tx buffer memory is allocated at 0x20006000
in temporary memory, and if offset between temporary memory and
permanent is 0x40000000, then:
- Once permanent memory installed the temporary memory at 0x20006000
is migrated to 0x60006000.
- However, ArmFfaPeiLib allocates new Rx/Tx buffer without freeing
the migrated Rx/Tx buffers, i.e. the buffers at 0x60006000.
This results in a memory leak as the migrated Rx/Tx buffer area is
lost.
To address this memory leak, use the MemoryAllocationHob's name, so
that the migrated memory area will be reused as Rx/Tx buffer.
This patch also includes rename ArmFfaRxTxStmm.c to
ArmFfaStandaloneMmRxTxMap.c to keep the file name convention in
ArmFfaLib with ArmFfa{Phase}{...}.c
Fixes: e15fe06603 ("MdeModulePkg/Library: ...")
Signed-off-by: Yeoreum Yun <yeoreum.yun@arm.com>
Continuous-integration-options: PatchCheck.ignore-multi-package
This commit adds additional dumping logic to Tpm2DeviceLibDTpm,
print at DEBUG_SECURITY to aid in TPM debugging.
Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
Co-authored-by: Bret Barkelew <brbarkel@microsoft.com>
The TPM code is currently very noisy (e.g. in a sample platform,
4,000 of the 5,700 lines printed to the serial port at DEBUG_INFO
level were from the TPM code). For TPM debugging, this is very
critical information, but for most builds it simply spams the logs
and slows down the build.
This commit moves the event log and PCR dumping to log at
DEBUG_SECURITY level.
Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
The TCG code is very noisy when a TPM is connected. This
commit downgrades some prints to verbose and removes some
others that do not have value (such as function enter and
exit prints).
Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
Tcg2Dxe and its libraries are currently the noisiest modules in
edk2. For a sample platform printing at INFO level, Tcg2Dxe
printed 4,000 lines out of 5,700 total lines printed.
This commit defines a DEBUG_SECURITY bit to control the debug output
of Tcg2Dxe and other security related components. Most of the output is
not useful except for deep debugging of TPM transactions, so it is
appropriate to only print when the DEBUG_SECURITY bit is present.
Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
Implements the _aulldiv() intrinsic function necessary to compile CryptoPkg
using the CLANGPDB toolchain. The existing MASM assembly implementation of
this function has been converted to NASM to enable it to be used with both
the Visual Studio and Clang compilers.
Signed-off-by: Nate DeSimone <nathaniel.l.desimone@intel.com>
During USB device enumeration, issuing a hot reset on a port is skipped if
there is a reset change status already detected on the port. This can
happen when enumerating devices after a host controller soft reset (which
drives a hot reset down the ports).
However, in certain cases an attached device may not be responsive even if
the reset change and connection status bits are set. For e.g., according
to xHCI spec section 4.19.5.1 the port reset change bits can be set when
a hot reset driven on the port transitions to a warm reset and completes
with errors. For such instances it is worthwhile to force a hot reset
during enumeration to try and recover unresponsive devices.
During enumeration check whether querying port status returns
EFI_DEVICE_ERROR and try a port reset if there is a device attached to
the port.
Signed-off-by: Aaron Pop <aaronpop@microsoft.com>
If IASL_PREFIX is not already defined, then edksetup.bat should set it.
This unifies the behavior between Visual Studio and Mingw-w64.
Signed-off-by: Nate DeSimone <nathaniel.l.desimone@intel.com>
Update the CLANGPDB toolchain configuration to use MSVC ABI targets and
retain frame pointers in generated code. This improves compatibility with
the Microsoft Debug Interface Access (DIA) SDK and improves debuggability
with any debugger that uses the Microsoft PDB parser, for example the Visual
Studio debugger or windbg.
Without these changes, code generated by the Clang compiler will have a mix
of calling conventions. With the current configuration, any function declared
with EFIAPI will use the Microsoft x64 calling convention. However, the default
calling convention will be the SysV x64 calling convention. This mixing of
calling conventions prevents debuggers from decoding the call stack.
With these changes, only the Microsoft x64 calling convention will be used.
These modifications enable debuggers to properly parse and
display call stacks on binaries built with the CLANGPDB toolchain.
The changes include:
- Switch from GNU ABI target (*-unknown-windowsl-gnu) to MSVC ABI targets
(*-pc-windows-msvc) for both IA32 and X64 architectures.
- Remove -fseh-exceptions as not supported.
- Add -fno-omit-frame-pointer as required for call stack.
- Undefine the _MSC_VER macro, and define the __GNUC__ macro, so that
pre-processor conditionals will continue to function as expected.
Co-authored-by: Muhammad Mustafa <muhammad.mustafa@intel.com>
Signed-off-by: Nate DeSimone <nathaniel.l.desimone@intel.com>
A change was made to the following pytool releases to prevent a
platform from needing to include additional logic to consider
command-line build variable parameters for PR evaluation.
- edk2-pytool-library v0.23.4
- edk2-pytool-extensions v0.29.11
Commit 33e58db was added as a workaround, but that is no longer
needed after these pytool updates, so revert it.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Due to PEIM will do following MM notify event under API mode:
1.MM end of dxe notify Event
2.MM ready to lock notify Event
3.MM ready to boot notify Event
4.MM exit boot services notify Event
It will conflict with the notify event in MmCommunicationDxe.inf
on edk2 bootloader under API mode, so split following MmEvent to
MmCommunicationNotifyDxe.inf, and avoid run this driver under API
mode.
Signed-off-by: Hongbin1 Zhang <hongbin1.zhang@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Dun Tan <dun.tan@intel.com>
Cc: Khor Swee Aun <swee.aun.khor@intel.com>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
In the MpInitLib, pages are allocated for
the APs, and data is copied into them. Depending
on the allocation type, Nx needs to be removed
from the pages to allow the processors to execute.
Additionally, ReadOnly needs to be applied to the
pages after they have been filled with the
instructions that the APs need to execute.
Signed-off-by: Aaron Pop <aaronpop@microsoft.com>
Co-authored-by: Oliver Smith-Denny <osde@microsoft.com>
Update the comments for PcdDxeNxMemoryProtectionPolicy
which contained old information.
Signed-off-by: Aaron Pop <aaronpop@microsoft.com>
Co-authored-by: Oliver Smith-Denny <osde@microsoft.com>
Currently, if the DebugClearMemory bit is set in the
PcdDebugPropertyMask, CoreConvertPagesEx will attempt to write
a pattern to the pages being freed. However, it does not check
that the page is writeable, which will cause a page fault if not.
Furthermore, if NX protections are not enabled, the core does not
ensure that any freed pages are RW, which is the state expected
when they are allocated next. If they are not RW, the allocating
driver will crash trying to use them.
This patch updates the page freeing code to query the memory
attributes protocol, if present, for the attributes. If this call
fails or the attributes are not RW at a minimum, the core leaks
the memory (returning success to the caller). If the memory
attribute protocol is not present (either because a platform doesn't
produce it or it is before the protocol has been produced, the core
continues with freeing memory. This is either before the CPU Arch
protocol is available (so drivers can't change memory attributes) or
otherwise matches existing behavior. This was deemed the best
approach to let memory that can't be guaranteed to be RW leak
instead of letting a driver crash when allocating it. It was deemed
less brittle to simply leak the memory instead of attempting to
change the attributes.
Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
These libraries required dependency on EmbeddedPkg for the
FdtHob which has been moved to MdePkg. This dependency is not
needed anymore and can now be removed.
Signed-off-by: Akshay Behl <cap2k4@rivosinc.com>
Co-authored-by: Dhaval Sharma <dhaval@rivosinc.com>
There is GetPerformanceCounterProperties() that relies
on Device Tree to fetch timer frequency and removes the
dependency from the PCDs, use that instead.
Signed-off-by: Akshay Behl <cap2k4@rivosinc.com>
Co-authored-by: Dhaval Sharma <dhaval@rivosinc.com>
There is GetPerformanceCounterProperties() that relies
on Device Tree to fetch timer frequency and removes the
dependency from the PCDs, use that instead.
Signed-off-by: Akshay Behl <cap2k4@rivosinc.com>
Co-authored-by: Dhaval Sharma <dhaval@rivosinc.com>
MdePkg has a more refined implementation of Fdt as compared
to the EmbeddedPkg which was the initial implementation, hence
moving the Fdt Guid from EmbeddedPkg to MdePkg.
Continuous-integration-options: PatchCheck.ignore-multi-package
Signed-off-by: Akshay Behl <cap2k4@rivosinc.com>
Co-authored-by: Dhaval Sharma <dhaval@rivosinc.com>
