Date   

Re: [edk2-devel] EDK II Stable Tag release edk2-stable202002 completed

Laszlo Ersek
 

Hi Liming,

On 03/04/20 10:03, Liming Gao wrote:

If you have ideas for features in the next stable tag, please enter a
Bugzilla for evaluation. Please let me know if there are existing
open Bugzilla entries that should be targeted at this next stable
tag.
Apologies for responding for the third time in a day, to the same call
from you :) It's not easy to keep all the sudden virtualization-related
feature request BZs :)

So please include the following three RFEs too, from Ard:
- https://bugzilla.tianocore.org/show_bug.cgi?id=2560
- https://bugzilla.tianocore.org/show_bug.cgi?id=2564
- https://bugzilla.tianocore.org/show_bug.cgi?id=2566

(So in total we have 6 ArmVirt / OVMF BZs planned, at this moment, for
the next stable tag: 2560, 2564, 2566 from Ard; 2390 and 2567 from Liran
and Nikita at Oracle; and 1512 from yours truly.)

Thank you!
Laszlo


Re: [edk2-devel] EDK II Stable Tag release edk2-stable202002 completed

Laszlo Ersek
 

Hi Liming,

On 03/04/20 10:03, Liming Gao wrote:

If you have ideas for features in the next stable tag, please enter a Bugzilla for evaluation. Please let me know if there are existing open Bugzilla entries that should be targeted at this next stable tag.
Can you please include (in the plan for edk2-stable202005):
- https://bugzilla.tianocore.org/show_bug.cgi?id=2390
- https://bugzilla.tianocore.org/show_bug.cgi?id=2567

Thanks!
Laszlo


Re: EDK II Stable Tag release edk2-stable202002 completed

Laszlo Ersek
 

On 03/04/20 10:03, Gao, Liming wrote:
Hi, all

The tag edk2-stable202002 has been created. https://github.com/tianocore/edk2/releases/tag/edk2-stable202002
git clone -b edk2-stable202002 https://github.com/tianocore/edk2.git

The tag edk2-stable202002 has been added into the main EDK II Wiki page.
https://github.com/tianocore/tianocore.github.io/wiki/EDK-II

The quiet period has now ended. Thank you for your cooperation and patience. Normal commits can now be resumed.

Next edk2 stable tag (edk2-stable202005) planning has been added into wiki page.
https://github.com/tianocore/tianocore.github.io/wiki/EDK-II-Release-Planning.

If you have ideas for features in the next stable tag, please enter a Bugzilla for evaluation. Please let me know if there are existing open Bugzilla entries that should be targeted at this next stable tag.
I've included <https://bugzilla.tianocore.org/show_bug.cgi?id=1512> (for
which I've just merged the patches).

Thanks
Laszlo


EDK II Stable Tag release edk2-stable202002 completed

Liming Gao
 

Hi, all

The tag edk2-stable202002 has been created. https://github.com/tianocore/edk2/releases/tag/edk2-stable202002
git clone -b edk2-stable202002 https://github.com/tianocore/edk2.git

The tag edk2-stable202002 has been added into the main EDK II Wiki page.
https://github.com/tianocore/tianocore.github.io/wiki/EDK-II

The quiet period has now ended. Thank you for your cooperation and patience. Normal commits can now be resumed.

Next edk2 stable tag (edk2-stable202005) planning has been added into wiki page.
https://github.com/tianocore/tianocore.github.io/wiki/EDK-II-Release-Planning.

If you have ideas for features in the next stable tag, please enter a Bugzilla for evaluation. Please let me know if there are existing open Bugzilla entries that should be targeted at this next stable tag.

Thanks
Liming


EDK II Stable Tag edk2-stable202002 will be created based on commit 4c0f6e349d32cf27a7104ddd3e729d6ebc88ea70

Liming Gao
 

Hi, all
edk2-stable202002 tag will be created on Mar 4th (UTC-8 00:00:00). It will base on current edk2 trunk (the latest commit https://github.com/tianocore/edk2/commit/4c0f6e349d32cf27a7104ddd3e729d6ebc88ea70 UefiCpuPkg/MpInitLib: Skip reading PlatformId on AMD processors). If you have any comments, please reply the mail. If no concern or objection, I will create tag and send another announce mail that edk2-stable202002 is completed and normal commit is resumed.

Thanks
Liming


Re: Extend Hard Feature Freeze by a few days for edk2-stable202002

Liming Gao
 

Hi, all
Thanks for your patience. Based on the discussion https://edk2.groups.io/g/devel/message/55092, edk2-stable202002 tag will be created on Mar 4th (UTC ? 8 00:00:00). Once the tag is created, I will send the announcement.

Thanks
Liming

-----Original Message-----
From: announce@edk2.groups.io <announce@edk2.groups.io> On Behalf Of Liming Gao
Sent: 2020年2月28日 16:23
To: announce@edk2.groups.io; devel@edk2.groups.io
Cc: Guptha, Soumya K <soumya.k.guptha@...>; Kinney, Michael D <michael.d.kinney@...>; afish@...; Laszlo Ersek <lersek@...>; leif@...
Subject: [edk2-announce] Extend Hard Feature Freeze by a few days for edk2-stable202002

Hi, all
Yesterday, one critical issue was reported. Its fix required more time to be reviewed and verified. Here is the discussion https://edk2.groups.io/g/devel/message/55047. So, two stewards suggested to extend Hard Feature Freeze by a few days. Now, we are still in Hard Feature Freeze phase until edk2-stable202002 tag is created. Once the release date is decided, I will send the announcement. Please keep patience, normal commits will come soon.

Thanks
Liming


Extend Hard Feature Freeze by a few days for edk2-stable202002

Liming Gao
 

Hi, all
Yesterday, one critical issue was reported. Its fix required more time to be reviewed and verified. Here is the discussion https://edk2.groups.io/g/devel/message/55047. So, two stewards suggested to extend Hard Feature Freeze by a few days. Now, we are still in Hard Feature Freeze phase until edk2-stable202002 tag is created. Once the release date is decided, I will send the announcement. Please keep patience, normal commits will come soon.

Thanks
Liming


TianoCore Community Design Meeting Minutes - Feb 21, 2020

Ni, Ray
 

OPEN:
Today's meeting is using Zoom because of the long latency using BlueJeans.
The URL to join meeting is changed. Make sure to check https://edk2.groups.io/g/devel/calendar for details.
We will try Zoom for next meeting as well. If everything is good, we will continue to use Zoom.

1. Platform Libraries for Supporting UEFI Variable Resiliency (HPE)
Presenter: Sunny Wang
Slides: https://edk2.groups.io/g/devel/files/Designs/2020/0221/Platform%20Libraries%20for%20Supporting%20UEFI%20Variable%20Resiliency.pdf

Problem: Support UEFI variable resiliency to compliant to security related guidelines and requirements. #page 2

Locking BootOrder causes issues in OSes which is not acceptable.
EDKII is lack of interfaces for adding platform variable protection.
Today's presentation is to propose a solution.
Basic rule of how variable resiliency manages BootOrder changes: #5-#6
- Put down untrusted changes
- Keep trusted changes

@Mike: Where is the reference data stored?
@Sunny: In BMC.

<Can variable policy protocol help?>
@Mike: Would like to see a small enhancement in variable policy protocol proposed by Microsoft to meet your case.
@Sunny: I checked the variable policy proposal by Microsoft. Using that might be complicated.
@Sean: We (Microsoft) have looked this. Variable hook in DXE phase not in SMM is a security hole. Don't like the way of managing BootOrder by allowing OS to change BootOrder and reverting. Boot#### may contain critical data for OS and reverting that may cause troubles.
@Sunny: I cannot think of solutions for OS runtime change.

<Problem discussion>
@Mike: I would break the big problem to 3 smaller ones:
1. variable data corruption
It requires a way to detect corruption and recovery.
2. critical platform variables
It usually requires a lock mechanism and variable policy proposal is more general for this protection.
3. UEFI variables with multiple producers
How to protect them could be a topic for USWG.
@Sean: The scope of the problem discussed in this presentation is huge. Can a platform module run at a different point of time to manage the variable storage instead of using hook way?
@Sunny: BootOrder is just one of the variables that need protection.

<Can using a separate platform module instead of hooking help?>
@Mike: Using a separate platform module might be better because it will also check the variables not changed by firmware.
@Sean: PEI modules may access the wrong data modified by untrusted entity.
@Ray: Is the protection based on not just the variable GUID/name, but also who requests the change?
@Sunny: Yes. Following sides (#page 10+) will talk about protection from non-trusted entity.
@Ray: Let's move to email discussion first. Identify the scope of the problem first.

Thanks,
Ray


Hard Feature Freeze starts now for edk2-stable202002

Liming Gao
 

Hi, all
Today, we enter into Hard Feature Freeze phase until edk2-stable202002 tag is created at 2020-02-28. In this phase, there is no feature to be pushed. The critical bug fix is still allowed.

If the patch is sent after Hard Feature Freeze, and plans to catch this stable tag, please add edk2-stable202002 key words in the patch title and BZ, and also cc to Tianocore Stewards, then Stewards can give the comments.

Below is edk2-stable202002 tag planning.
Date (00:00:00 UTC-8) Description
2019-12-02 Beginning of development
2020-02-07 Feature Planning Freeze
2020-02-14 Soft Feature Freeze
2020-02-21 Hard Feature Freeze
2020-02-28 Release
Thanks
Liming


Re: Soft Feature Freeze starts now for edk2-stable202002

Laszlo Ersek
 

On 02/17/20 06:49, tim.lewis@... wrote:
Liming --

Thanks for the pointer.

The reason I ask is that many users of open source projects such as EDKII
scan the releases for CVE numbers in order to make sure that critical
components get updated. This is due to the fact that CVEs often need to be
reported to downstream users. The Bugzilla list is a little hidden, since
these CVE fixes are not called out directly in the wiki page. It would be
much easier if the BZ items that are related to security fixes are promoted
directly to the wiki page, not just available through a BZ query.
* Any commit that fixes a CVE is supposed to carry the CVE ID in its
subject, in the git history. So if you do

$ git log --oneline --reverse edk2-stable201911..master | grep CVE

that should give you the list.

Right now, it gives me:

- CVE-2019-14563
- CVE-2019-14586
- CVE-2019-14558

* For CVE patches pending review, the mailing list can be searched
similarly. (E.g. "posted after a certain date, plus has both "CVE" and
"PATCH" in subject.)

The pending fixes seem to be for:

- CVE-2019-14575
- CVE-2019-14587
- CVE-2019-14559


(Your question is precisely why I've always asked for CVE IDs in patch
subjects.)

Thanks
Laszlo


Re: Soft Feature Freeze starts now for edk2-stable202002

Tim Lewis
 

Liming --

Thanks for the pointer.

The reason I ask is that many users of open source projects such as EDKII
scan the releases for CVE numbers in order to make sure that critical
components get updated. This is due to the fact that CVEs often need to be
reported to downstream users. The Bugzilla list is a little hidden, since
these CVE fixes are not called out directly in the wiki page. It would be
much easier if the BZ items that are related to security fixes are promoted
directly to the wiki page, not just available through a BZ query.

Thanks

Tim

-----Original Message-----
From: Gao, Liming <liming.gao@...>
Sent: Sunday, February 16, 2020 9:20 PM
To: Tim Lewis <tim.lewis@...>; devel@edk2.groups.io;
announce@edk2.groups.io
Cc: Guptha, Soumya K <soumya.k.guptha@...>; Kinney, Michael D
<michael.d.kinney@...>; 'Laszlo Ersek' <lersek@...>;
afish@...; leif.lindholm@...
Subject: RE: [edk2-announce] Soft Feature Freeze starts now for
edk2-stable202002

Tim:
There is no special list for the security fixes. All bug fixes will be
found in Bugzilla List in stable tag wiki, such as
https://github.com/tianocore/edk2/releases/tag/edk2-stable201911
Boot Guard is as the feature. So, it is listed in the feature planning.

Thanks
Liming
-----Original Message-----
From: announce@edk2.groups.io <announce@edk2.groups.io> On Behalf Of
Tim Lewis
Sent: Saturday, February 15, 2020 2:53 AM
To: Gao, Liming <liming.gao@...>; devel@edk2.groups.io;
announce@edk2.groups.io
Cc: Guptha, Soumya K <soumya.k.guptha@...>; Kinney, Michael D
<michael.d.kinney@...>; 'Laszlo Ersek'
<lersek@...>; afish@...; leif.lindholm@...
Subject: Re: [edk2-announce] Soft Feature Freeze starts now for
edk2-stable202002

Liming --

Is there any plan to list all of the security fixes related CVEs that
are being checked in to the list of official features for this stable
tag? We have listed the Boot Guard one.

Thanks,
Tim Lewis
CTO, Insyde Software
www.insyde.com

-----Original Message-----
From: announce@edk2.groups.io <announce@edk2.groups.io> On Behalf Of
Liming Gao
Sent: Friday, February 14, 2020 12:19 AM
To: devel@edk2.groups.io; announce@edk2.groups.io
Cc: Guptha, Soumya K <soumya.k.guptha@...>; Kinney, Michael D
<michael.d.kinney@...>; Laszlo Ersek <lersek@...>;
afish@...; leif.lindholm@...
Subject: [edk2-announce] Soft Feature Freeze starts now for
edk2-stable202002

Hi, all
We will enter into Soft Feature Freeze phase. In this phase, the
feature under review will not be allowed to be pushed. The patch
review can continue without break in edk2 community.

If the patch is sent before Soft Feature Freeze, and plans to catch
this stable tag, the patch contributor need reply to his patch and
notify edk2 community.
If the patch is sent after Soft Feature Freeze, and plans to catch
this stable tag, please add edk2-stable202002 key words in the patch
title and BZ, so the community know this patch target and give the
feedback.

Below is edk2-stable202002 tag planning
https://github.com/tianocore/tianocore.github.io/wiki/EDK-II-Release-P
lannin
g
Proposed Schedule
Date (00:00:00 UTC-8) Description
2019-12-02 Beginning of development
2020-02-07 Feature Planning Freeze
2020-02-14 Soft Feature Freeze
2020-02-21 Hard Feature Freeze
2020-02-28 Release

Thanks
Liming






Re: Soft Feature Freeze starts now for edk2-stable202002

Liming Gao
 

Tim:
There is no special list for the security fixes. All bug fixes will be found in Bugzilla List in stable tag wiki, such as https://github.com/tianocore/edk2/releases/tag/edk2-stable201911
Boot Guard is as the feature. So, it is listed in the feature planning.

Thanks
Liming

-----Original Message-----
From: announce@edk2.groups.io <announce@edk2.groups.io> On Behalf Of Tim Lewis
Sent: Saturday, February 15, 2020 2:53 AM
To: Gao, Liming <liming.gao@...>; devel@edk2.groups.io; announce@edk2.groups.io
Cc: Guptha, Soumya K <soumya.k.guptha@...>; Kinney, Michael D <michael.d.kinney@...>; 'Laszlo Ersek'
<lersek@...>; afish@...; leif.lindholm@...
Subject: Re: [edk2-announce] Soft Feature Freeze starts now for edk2-stable202002

Liming --

Is there any plan to list all of the security fixes related CVEs that are
being checked in to the list of official features for this stable tag? We
have listed the Boot Guard one.

Thanks,
Tim Lewis
CTO, Insyde Software
www.insyde.com

-----Original Message-----
From: announce@edk2.groups.io <announce@edk2.groups.io> On Behalf Of Liming
Gao
Sent: Friday, February 14, 2020 12:19 AM
To: devel@edk2.groups.io; announce@edk2.groups.io
Cc: Guptha, Soumya K <soumya.k.guptha@...>; Kinney, Michael D
<michael.d.kinney@...>; Laszlo Ersek <lersek@...>;
afish@...; leif.lindholm@...
Subject: [edk2-announce] Soft Feature Freeze starts now for
edk2-stable202002

Hi, all
We will enter into Soft Feature Freeze phase. In this phase, the feature
under review will not be allowed to be pushed. The patch review can continue
without break in edk2 community.

If the patch is sent before Soft Feature Freeze, and plans to catch this
stable tag, the patch contributor need reply to his patch and notify edk2
community.
If the patch is sent after Soft Feature Freeze, and plans to catch this
stable tag, please add edk2-stable202002 key words in the patch title and
BZ, so the community know this patch target and give the feedback.

Below is edk2-stable202002 tag planning
https://github.com/tianocore/tianocore.github.io/wiki/EDK-II-Release-Plannin
g
Proposed Schedule
Date (00:00:00 UTC-8) Description
2019-12-02 Beginning of development
2020-02-07 Feature Planning Freeze
2020-02-14 Soft Feature Freeze
2020-02-21 Hard Feature Freeze
2020-02-28 Release

Thanks
Liming






Re: Soft Feature Freeze starts now for edk2-stable202002

Tim Lewis
 

Liming --

Is there any plan to list all of the security fixes related CVEs that are
being checked in to the list of official features for this stable tag? We
have listed the Boot Guard one.

Thanks,
Tim Lewis
CTO, Insyde Software
www.insyde.com

-----Original Message-----
From: announce@edk2.groups.io <announce@edk2.groups.io> On Behalf Of Liming
Gao
Sent: Friday, February 14, 2020 12:19 AM
To: devel@edk2.groups.io; announce@edk2.groups.io
Cc: Guptha, Soumya K <soumya.k.guptha@...>; Kinney, Michael D
<michael.d.kinney@...>; Laszlo Ersek <lersek@...>;
afish@...; leif.lindholm@...
Subject: [edk2-announce] Soft Feature Freeze starts now for
edk2-stable202002

Hi, all
We will enter into Soft Feature Freeze phase. In this phase, the feature
under review will not be allowed to be pushed. The patch review can continue
without break in edk2 community.

If the patch is sent before Soft Feature Freeze, and plans to catch this
stable tag, the patch contributor need reply to his patch and notify edk2
community.
If the patch is sent after Soft Feature Freeze, and plans to catch this
stable tag, please add edk2-stable202002 key words in the patch title and
BZ, so the community know this patch target and give the feedback.

Below is edk2-stable202002 tag planning
https://github.com/tianocore/tianocore.github.io/wiki/EDK-II-Release-Plannin
g
Proposed Schedule
Date (00:00:00 UTC-8) Description
2019-12-02 Beginning of development
2020-02-07 Feature Planning Freeze
2020-02-14 Soft Feature Freeze
2020-02-21 Hard Feature Freeze
2020-02-28 Release

Thanks
Liming


Soft Feature Freeze starts now for edk2-stable202002

Liming Gao
 

Hi, all
We will enter into Soft Feature Freeze phase. In this phase, the feature under review will not be allowed to be pushed. The patch review can continue without break in edk2 community.

If the patch is sent before Soft Feature Freeze, and plans to catch this stable tag, the patch contributor need reply to his patch and notify edk2 community.
If the patch is sent after Soft Feature Freeze, and plans to catch this stable tag, please add edk2-stable202002 key words in the patch title and BZ, so the community know this patch target and give the feedback.

Below is edk2-stable202002 tag planning https://github.com/tianocore/tianocore.github.io/wiki/EDK-II-Release-Planning
Proposed Schedule
Date (00:00:00 UTC-8) Description
2019-12-02 Beginning of development
2020-02-07 Feature Planning Freeze
2020-02-14 Soft Feature Freeze
2020-02-21 Hard Feature Freeze
2020-02-28 Release

Thanks
Liming


TianoCore Community Meeting Minutes - Feb 6

Soumya Guptha
 

Community Meeting Minutes: 2-6-20

Agenda:
Thanks to Stephano Cetola for an excellent job driving TianoCore community. Stephano has transitioned to a new role outside Intel.
Soumya Guptha from Intel is the new Community Manager and will drive the TianoCore Community activities.


1. FOSDEM Conference
* Presentations from our community members:

i. Capsule update by Brian Richardson

ii. Code first concept by Leif

iii. 35-40 attendees and they were well received

* We will share more details on the presentations during the next community meeting.



1. Code first RFC stewards meeting update - Mike Kinney
* Leif has shared on the mailing list
* We will do EDKII staging repository, inside the staging branch in that repository.
ECR updates need to be done. We need to fully integrate & validate

* Code First RFC

https://edk2.groups.io/g/rfc/message/231

* Code First comments

https://edk2.groups.io/g/rfc/message/232

https://edk2.groups.io/g/rfc/message/235

Community Action: Read the RFC and provide feedback if you have any opinions from your engineering teams by next week
Discussion from the community (Felix): As soon as spec is ready, post the links to the spec in the UEFI forum.
Open: we need to identify the sponsor who can take it to the UEFI forum. Suggestion is to review the spec and propose this in the forum



1. Q1 Stable tag update - Soumya/Mike covered updates from Liming Gao

* Soft freeze for Q2 is scheduled for Feb 14th.
* One of the Q1 Stable tag features - boot guard is moving to Q2
* All features are listed in https://github.com/tianocore/tianocore.github.io/wiki/EDK-II-Release-Planning.
* The first feature BootGuard TOCTOU vulnerability (CVE-2019-11098) (https://bugzilla.tianocore.org/show_bug.cgi?id=1614). Its solution is changed. This feature is moving to Q2 Stable tag.
* Other features have been fixed except for New BaseCryptLib instances to compile independently from callers<https://bugzilla.tianocore.org/show_bug.cgi?id=2420>. Its patch is under review.



1. Ideas for Q2 stable tag from Stewards meeting - Mike Kinney

RISCV

* Line ending conversion in Q2 stable tag

* Developer github changes may need to occur. Changes around first 2-4wks of Q2
* Once the fork is available (by end of Feb), we need community to review, provide feedback if there is any impact.

* Submodule conversion in Q2 stable tag

* There a few places in EDK2 repository carrying copies. Plan is to modularize and its easier for bug fixes.
* Ex: compression and decompression code - we will do a review of this
* Targeted during Q2. We will have RFCs and Bugzilla entries.

* Wanting RISCV into Q2 stable tag after the above two.

* We have several patches around RISCV. Plan is to integrate these as part of Q2 release

* Community Action:

* We are planning for Stable Tag for Q2 - Everyone start thinking and send your thoughts to Liming Gao
* We need the community to be engaged and suggest features for Q2, Q3, Q4. If you like to see any features added, create a Bugzilla entry and work with Liming Gao (intel) for adding those features and to discuss further.

* Open: In the next design meeting - when we have a new UEFI spec, request from the community to ask the community for new features and create a long-term roadmap. Soumya to pass this feedback to Ray.



1. EDKII Open Source Unit test framework - Mike Kinney

* Collaborative effort from Intel & Microsoft
* Background:
Microsoft contributed framework to run tests from UEFI shell
Intel contributed HBFA (Host Based Firmware Analysis)
These two frameworks were combined and simplified to make it simple for developers to write unit tests

* This is for a low-level API testing
* Supports Host Environments for CI agent testing
* Supports Target Environments (PEI, DXE, SMM, UEFI Shell)
* Focused on testing interfaces, libraries, and modules
* Includes cmocka to support mocked interfaces

Community action:

* Stewards would like the community to start writing Unit tests for open source FW and start adding test results on the releases.
* Please look at the details. If you are developing new content or maintaining existing content, please consolidate and write the unit tests in this framework, so we can standardize the unit test process.



1. Upcoming events:

* UEFI Plugfest - Most of the stewards and few other Intel folks plan on attending (Brian, Soumya, Mike Kinney etc..)



1. Opens from the Community Attendees:
* Opens from Felix:

1. Product releases that other companies have may not be aligned with stable tags.
* Add a tag - whether it's a feature, bug fix - get an email discussion going (Felix)
2. Different email clients have challenges to extract patches. Ex: Due to company policy, some of them need to use outlook, how do we extract those patches?

* Felix to start an email conversation on this. We can discuss in the mailing list to understand what other companies are doing or if we need to change something in our development process.

* Open from Phillippe

* Today we submit patches to the mailing list. The maintainers send a response to the mailing list.
* Requesting a change - to get an email notification to the submitter and the list in the same list when the maintainers commit to the patch.
* Phillippe to enter the request in Bugzilla for further discussion.

* Opens from Sean (Microsoft)

i. Autoformatting C code

* Mike K suggests to look at a style - https://edk2.groups.io/g/devel/message/8974

ii. Variable policy - a new advanced feature to apply policies

* Get this into Q2 stable tag.
* Sean to open a Bugzilla as a feature request

iii. Lot of bugs sitting in.

* We need to have more frequent bug scrubs to recover from the backlog.
* Liming to look into getting more number of bug scrubs or do longer bug scrub meetings.

iv. Need more code contribution and a smoother process on code reviews.


Regards,
Soumya Guptha


Soumya Guptha
Open Source Program Manager, SFP/IAGS


Re: TianoCore Community Design Meeting Minutes - Jan 10, 2020

Jeremiah Cox
 

Thank you Ray and TianoCore attendees for taking the time to review and discuss Pytools Build components and examples.

It was requested that we summarize the value proposition of PyTools build compared with the classic EDK2 build systems. Here are some thoughts:

PyTools extend the EDK2 build system, building on top of it with a goal of enabling larger-scale development and maintenance of families of platforms across architectures & generations.

Goals:
* Modular build plug-ins to share common build operations across applicable platforms
* Custom, modular pre-build and post-build operations
* Workspaces with multiple, independently-owned Git repositories (via Git submodules)
* Download of external binary dependencies from NuGet and the web
* Minimized environment assumptions, for example path & workspace layout, delegating that to a platform configuration file and the modules that it includes
* No hardcoded paths to plug-ins and dependencies (for workspace agility as platforms appear and evolve)
* Independent of build platform, shell (cmd, bash, psh, ...), & shell environment, easing build reproducibility and CI
* Consistent logging throughout the extensions

Most EDK2-based platforms, including OVMF and EmulatorPkg, include scripts, bash or cmd, and/or README's that provide pre and post build steps, beyond EDK2 build, that are needed to complete building and deployment of the platform. PyTools build strive to include these abilities in a platform's one (1 singular) UefiBuilder Python module (which can be leveraged for build/deployment across build platforms, environments, and devices). If your day-to-day job is modifications to core EDK2 and BaseTools, PyTools build components may have less to offer you, but we believe Pytools CI and libraries have a lot to offer (topics for further discussions).

Thanks for the opportunity to present, and we look forward to more discussions on these topics!

Jeremiah Cox
Core UEFI and Project Mu
Microsoft

-----Original Message-----
From: announce@edk2.groups.io <announce@edk2.groups.io> On Behalf Of Ni, Ray via Groups.Io
Sent: Friday, January 10, 2020 00:55
To: announce@edk2.groups.io
Cc: announce@edk2.groups.io
Subject: [EXTERNAL] [edk2-announce] TianoCore Community Design Meeting Minutes - Jan 10, 2020

1. EDK2 Pytools "Stuart": Platform Creation (Microsoft)
Presenter: Jeremiah Cox
Slides: https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fedk2.groups.io%2Fg%2Fdevel%2Ffiles%2FDesigns%2F2020%2F0110%2FEnablingPytools-Edk2PlatformsAndOvmf.pdf&;data=02%7C01%7Cjerecox%40microsoft.com%7Cf9ba7574e02c458eecac08d795aada32%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637142434090340667&amp;sdata=KpJBnuhgPPM9og4TBPtlyn4rvlevNbnATo7ofxgA6LM%3D&amp;reserved=0

What's "Stuart": page #2, #3
EDK2 Pytools = EDK2 Pytool Library + EDK2 Pytool Extensions (including "Stuart")
"Stuart" facilitates building EDK2-based platforms and CI testing of EDK2 packages.
This topic only covers how "Stuart" builds EDK2-based platforms.

Stuart's CLI tools: page #4
stuart_setup: update source code
stuart_update: update external tool dependencies
stuart_build: perform EDK2 build

@Liming: What are the differences between stuart_setup and stuart_update?
@Sean: stuart_setup is using git focusing on source code. stuart_update is focusing on external dependencies like iasl.
@Liming: What is the order between the two?
@Sean: stuart_setup, then stuart_update.
@Sean: Stuart works on 1-repo-N-submodule usage while EdkRepo tool works on N-repo usage.

Enabling Stuart Build to a Platform: page #5 (abstract), page #10 ~ #13 (details)
Subclass Stuart classes in platform specific python file
SetupSettingsManager: declare submodules for stuart_setup
UpdateSettingsManager: declare external dep scopes for stuart_update
BuildSettingsManager & UefiBuilder: consumed by stuart_build
refer to https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Ftianocore%2Fedk2-pytool-extensions%2Fblob%2Fmaster%2Fdocs%2Fusability%2Fusing_settings_manager.md&;data=02%7C01%7Cjerecox%40microsoft.com%7Cf9ba7574e02c458eecac08d795aada32%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637142434090340667&amp;sdata=i9LNkBwwjkVmyECUQ5JtZjMmYXlNM0dTClb5Fu7csf4%3D&amp;reserved=0

Building OVMF with EDK2 Pytools: page #6 ~ #9
refer to https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fout0xb2%2Fedk2%2Fblob%2Ffeature%2FpytoolsForOvmf%2FOvmfPkg%2FREADME-pytools.md&;data=02%7C01%7Cjerecox%40microsoft.com%7Cf9ba7574e02c458eecac08d795aada32%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637142434090340667&amp;sdata=3zgXYz5aHeMfTeEisV4wJuz0qKV%2BnzZgeG%2B5l66Ulc4%3D&amp;reserved=0
EDK2 build defines are passed through parameters "BLD_*_<define>" when calling stuart_build. e.g.:
stuart_build -c OvmfPkg/PlatformBuild.py BLD_*_E1000_ENABLE=1
@Ray: Why is "BLD_*_<macro> but not "BLD_<macro>"?
@Sean: "*" can be the name of different build targets like "DEBUG", "RELEASE".
@Liming: EDK2 build defines are global and cannot be associated with individual build targets.
@Mike: Need a clear understanding of namespace defined by Stuart.

Building Kabylake Open Board with EDK2 Pytools: page #14 ~ #17
refer to https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fout0xb2%2Fedk2-platforms%2Fblob%2Ffeature%2Fpy_platforms%2FPlatform%2FIntel%2FKabylakeOpenBoardPkg%2FKabylakeRvp3%2FREADME-Pytools.md&;data=02%7C01%7Cjerecox%40microsoft.com%7Cf9ba7574e02c458eecac08d795aada32%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637142434090340667&amp;sdata=oZekZ1DV4NGhQN2El3KXzpFLRukAzdKZe2zccwuLqyY%3D&amp;reserved=0

Answer how Pytools helps on Surface development: page #19 ~ #21

@Mike: Advantages and disadvantages of today's bulid style and MS' stuart build style.
@Jeremiah: Will summarize and reply to the meeting minutes.

Thanks,
Ray


TianoCore Community Design Meeting Minutes - Jan 10, 2020

Ni, Ray
 

1. EDK2 Pytools "Stuart": Platform Creation (Microsoft)
Presenter: Jeremiah Cox
Slides: https://edk2.groups.io/g/devel/files/Designs/2020/0110/EnablingPytools-Edk2PlatformsAndOvmf.pdf

What's "Stuart": page #2, #3
EDK2 Pytools = EDK2 Pytool Library + EDK2 Pytool Extensions (including "Stuart")
"Stuart" facilitates building EDK2-based platforms and CI testing of EDK2 packages.
This topic only covers how "Stuart" builds EDK2-based platforms.

Stuart's CLI tools: page #4
stuart_setup: update source code
stuart_update: update external tool dependencies
stuart_build: perform EDK2 build

@Liming: What are the differences between stuart_setup and stuart_update?
@Sean: stuart_setup is using git focusing on source code. stuart_update is focusing on external dependencies like iasl.
@Liming: What is the order between the two?
@Sean: stuart_setup, then stuart_update.
@Sean: Stuart works on 1-repo-N-submodule usage while EdkRepo tool works on N-repo usage.

Enabling Stuart Build to a Platform: page #5 (abstract), page #10 ~ #13 (details)
Subclass Stuart classes in platform specific python file
SetupSettingsManager: declare submodules for stuart_setup
UpdateSettingsManager: declare external dep scopes for stuart_update
BuildSettingsManager & UefiBuilder: consumed by stuart_build
refer to https://github.com/tianocore/edk2-pytool-extensions/blob/master/docs/usability/using_settings_manager.md

Building OVMF with EDK2 Pytools: page #6 ~ #9
refer to https://github.com/out0xb2/edk2/blob/feature/pytoolsForOvmf/OvmfPkg/README-pytools.md
EDK2 build defines are passed through parameters "BLD_*_<define>" when calling stuart_build. e.g.:
stuart_build -c OvmfPkg/PlatformBuild.py BLD_*_E1000_ENABLE=1
@Ray: Why is "BLD_*_<macro> but not "BLD_<macro>"?
@Sean: "*" can be the name of different build targets like "DEBUG", "RELEASE".
@Liming: EDK2 build defines are global and cannot be associated with individual build targets.
@Mike: Need a clear understanding of namespace defined by Stuart.

Building Kabylake Open Board with EDK2 Pytools: page #14 ~ #17
refer to https://github.com/out0xb2/edk2-platforms/blob/feature/py_platforms/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/README-Pytools.md

Answer how Pytools helps on Surface development: page #19 ~ #21

@Mike: Advantages and disadvantages of today's bulid style and MS' stuart build style.
@Jeremiah: Will summarize and reply to the meeting minutes.

Thanks,
Ray


TianoCore Community Design Meeting Minutes - Dec 13

Ni, Ray
 

1. Extending secure encrypted virtualization with SEV-ES (AMD)
Presenter: Tom Lendacky
Slides: https://edk2.groups.io/g/devel/files/Designs/2019/1212/AMD_SEV-ES_Overview.pdf

What's SEV (page #3~#5)
SEV = Secure Encrypted Virtualization. A way of encryption of guest memory.
Number of keys is increased from 15 to several hundred in latest silicon.
Enabled in EDKII in 2018

What's SEV-ES (page #6~)
SEV-ES = Secure Encrypted Virtualization - Encrypted State. A way of encryption of guest register state.
GHCB (Guest-Hypervisor Communication Block) is used for register sharing between hypervisor and guest.
VMEXIT types consist of Automatic Exit (AE) + Non-Automatic Exit (NAE).
NAE generates an exception #VC (VMM Communication Exception, vector # = 29)
#VC handler shares the registers in GHCB and uses VMGEXIT to enter to hypervisor.
#VC handler updates the register state when hypervisor returns.
Page #11 shows a picture about how GHCB is setup and SEV-ES works through GHCB.

@Mike: Is there any runtime (in OS) impact?
@Tom: Probably no. Will think more about that.

@Mike: Does this SEV-ES work in firmware all phases: SEC/PEI/DXE/SMM?
@Tom: No support in SMM now. OVMF with SMM disabled.

@Ray: What will happen if SMI in VM invokes CPUID/MSR/MMIO access?
@Tom: No boot (hang) for such case.
@Nate: What will happen if ring0 fires SMI through port IO B2?
@Tom: Initialization of SMM environment will fail. Cannot go that far.

@Jiewen: How is #VC exception handler implemented?
@Tom: #VC handler is setup only when SEV-ES is detected and enabled in HW.

@Nate: Is #VC handler needed in SEC?
@Tom: Yes. Lots of port IO operations (caused by DEBUG macro) in SEC trigger lots of #VC.
@Jiewen: That means #VC handler cannot print debug message. Otherwise recursive #VC will happen.
@Tom: Yes.
@Jiewen: So, SEC needs the communication buffer (GHCB) setup very early?
@Tom: GHCB setup needs invoking CPUID. So, there is a side-channel CPUID protocol for SEV-ES that can be used for setup phase.

@Mike: Does this feature work in 64PEI?
@Tom: Yes. This feature works only in 64bit mode because the extra bits are provided by 64bit page table. Each AP has its own GHCB so lots of memory is needed for many-thread platform.

@Tom: The patches in open source mailing list consists of several parts: OVMF platform change, CpuExceptionLib change for #VC handler and MpInitLib change for waking up AP when SEV-ES is enabled. Is trying to alter the patches to avoid changing CPU_ARCH protocol or submit PI spec ECR for the CPU_ARCH protocol change.

@Mike: Community review will focus more on content landing part.
@Nate: Require having information in source files regarding which public documents/specs the code is referring to.
@Ray: Such information can be in the file header.

@Ray: The CpuExceptionLib change looks good to me. Will review the MpInitLib change in detail and may come to Tom for further questions.

Thanks,
Ray


Re: [edk2-devel] EDK II Stable Tag edk2-stable201911 will be created based on commit bd85bf54c268204c7a698a96f3ccd96cd77952cd

Liming Gao
 

Leif:

-----Original Message-----
From: devel@edk2.groups.io [mailto:devel@edk2.groups.io] On Behalf Of Leif
Lindholm
Sent: Friday, November 29, 2019 6:02 PM
To: Philippe Mathieu-Daudé <philmd@...>
Cc: devel@edk2.groups.io; Gao, Liming <liming.gao@...>;
announce@edk2.groups.io; Kinney, Michael D <michael.d.kinney@...>;
Laszlo Ersek (lersek@...) <lersek@...>; afish@...
Subject: Re: [edk2-devel] EDK II Stable Tag edk2-stable201911 will be created
based on commit bd85bf54c268204c7a698a96f3ccd96cd77952cd

On Fri, Nov 29, 2019 at 10:52:33 +0100, Philippe Mathieu-Daudé wrote:
On 11/29/19 9:22 AM, Liming Gao via Groups.Io wrote:
Hi, all

  Because edk2 project has applied Pull request and remove the write
access, I can’t push new Stable Tag edk2-stable201911 to GitHub edk2
repo. I will ask help for Michael Kinney as soon as possible.
This is unfortunate. Does that mean the CI system has to re-run and once
successful push the tag?
Not sure, that's why we need Mike :)
Doesn't need to run CI system. I need write access to push stable tag to github edk2 repo.
So, I request Mike grant write access to me.


Since bd85bf54c268204c7a698a96f3ccd96cd77952cd is already upstream,
we can anyway guarantee that no changes will happen and this will be
the commit tagged.

  Today, this stable tag edk2-stable201911 version is decided at
bd85bf54c268204c7a698a96f3ccd96cd77952cd. Stable tag will be created
before early of next week. Sorry for the late notice. Please be patient,
and enjoy Thanksgiving Day.
Thanks for announcing it that way, since this doesn't block other projects
pending of EDK2 releases!
In fact, feel free to create this tag locally and start working
against it. It won't conflict once the tag appears upstream.
I got the access. edk2-stable201911 has been created.

Thanks
Liming
/
Leif


EDK II Stable Tag release edk2-stable201911 completed

Liming Gao
 

Hi, all

The tag edk2-stable201911 has been created. https://github.com/tianocore/edk2/releases/tag/edk2-stable201911
git clone -b edk2-stable201911 https://github.com/tianocore/edk2.git

The tag edk2-stable201911 has been added into the main EDK II Wiki page.
https://github.com/tianocore/tianocore.github.io/wiki/EDK-II

The quiet period ends. Thank you for your cooperation and patience. Normal commits can now be resumed.

2020 edk2 stable tag planning has been added into wiki page. The detail planning will be discussed in edk2 mail list.
https://github.com/tianocore/tianocore.github.io/wiki/EDK-II-Release-Planning.

If you have ideas for features in the next stable tag, please enter a Bugzilla for evaluation. Please let me know if there are existing open Bugzilla entries that should be targeted at this next stable tag.

Thanks
Liming

181 - 200 of 297