Date   

[PATCH v2 0/2] ArmPkg: remove obsolete ARM_PROCESSOR_TABLE

Ard Biesheuvel
 

Remove the obsolete ARM_PROCESSOR_TABLE definition, and all the pieces
that are related to it.

Cc: Rebecca Cran <rebecca@...>
Cc: Leif Lindholm <leif@...>
Cc: Sami Mujawar <sami.mujawar@...>

Ard Biesheuvel (2):
ArmPkg/MpInitLib: avoid ARM_PROCESSOR_TABLE
ArmPkg/CpuDxe: drop ARM_PROCESSOR_TABLE pseudo-ACPI table

ArmPkg/Drivers/CpuDxe/CpuDxe.inf | 1 -
ArmPkg/Drivers/CpuDxe/CpuDxe.h | 15 ---
ArmPkg/Include/Guid/ArmMpCoreInfo.h | 27 ------
ArmPkg/Include/Library/MpInitLib.h | 2 +-
ArmPkg/Drivers/CpuDxe/CpuDxe.c | 6 --
ArmPkg/Drivers/CpuDxe/CpuMpCore.c | 98 --------------------
ArmPkg/Drivers/CpuDxe/CpuMpInit.c | 10 +-
ArmPkg/Library/MpInitLib/DxeMpLib.c | 6 +-
8 files changed, 8 insertions(+), 157 deletions(-)
delete mode 100644 ArmPkg/Drivers/CpuDxe/CpuMpCore.c

--=20
2.30.2


Re: [PATCH v3] OvmfPkg: Call PlatformInitializeConsole for GPU passthrough case

Ard Biesheuvel
 

On Fri, 17 Dec 2021 at 20:21, Shivanshu Goyal <shivanshu3@...> wrote:

Hi,

I'm asking on behalf of Arch Linux maintainers: are you planning on creating a new release with this patch, or should we apply this patch ourselves until a new version is released?
Tianocore doesn't do releases, there are only periodic 'stable tags'
in the repo, and one such tag was created just a week ago.

So if Arch Linux needs this change, it's better to carry it locally
for the time being.



On Fri, Dec 17, 2021, 9:37 AM Ard Biesheuvel <ardb@...> wrote:

On Fri, 17 Dec 2021 at 06:52, Gerd Hoffmann <kraxel@...> wrote:

On Thu, Dec 16, 2021 at 09:41:40PM -0500, Stefan Berger wrote:
For GPU passthrough support we have to initialize the console after
EfiBootManagerDispatchDeferredImages() has loaded ROMs, so call it after
this. This was the calling order before the TCG physical presence support
had to be moved and the console initialized earlier so user interaction
could be supported before processing TCG physical presence opcodes.

Fixes: b8675deaa819631db2667df63f89799fe65fc906
Fixes: https://bugzilla.tianocore.org/show_bug.cgi?id=3771
Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Jordan Justen <jordan.l.justen@...>
Cc: Gerd Hoffmann <kraxel@...>
Signed-off-by: Stefan Berger <stefanb@...>
Tested-by: Shivanshu Goyal <shivanshu3@...>
+ //
+ // GPU passthrough only allows Console enablement after ROM image load
+ //
+ PlatformInitializeConsole (gPlatformConsole);
Ah, fixed already.

Acked-by: Gerd Hoffmann <kraxel@...>

take care,
Gerd
Merged as #2325

Thanks all,


Re: [PATCH v3] OvmfPkg: Call PlatformInitializeConsole for GPU passthrough case

Shivanshu Goyal <shivanshu3@...>
 

Hi,

I'm asking on behalf of Arch Linux maintainers: are you planning on creating a new release with this patch, or should we apply this patch ourselves until a new version is released?

Thank you,
Shivanshu Goyal


On Fri, Dec 17, 2021, 9:37 AM Ard Biesheuvel <ardb@...> wrote:
On Fri, 17 Dec 2021 at 06:52, Gerd Hoffmann <kraxel@...> wrote:
>
> On Thu, Dec 16, 2021 at 09:41:40PM -0500, Stefan Berger wrote:
> > For GPU passthrough support we have to initialize the console after
> > EfiBootManagerDispatchDeferredImages() has loaded ROMs, so call it after
> > this. This was the calling order before the TCG physical presence support
> > had to be moved and the console initialized earlier so user interaction
> > could be supported before processing TCG physical presence opcodes.
> >
> > Fixes: b8675deaa819631db2667df63f89799fe65fc906
> > Fixes: https://bugzilla.tianocore.org/show_bug.cgi?id=3771
> > Cc: Ard Biesheuvel <ardb+tianocore@...>
> > Cc: Jiewen Yao <jiewen.yao@...>
> > Cc: Jordan Justen <jordan.l.justen@...>
> > Cc: Gerd Hoffmann <kraxel@...>
> > Signed-off-by: Stefan Berger <stefanb@...>
> > Tested-by: Shivanshu Goyal <shivanshu3@...>
>
> > +  //
> > +  // GPU passthrough only allows Console enablement after ROM image load
> > +  //
> > +  PlatformInitializeConsole (gPlatformConsole);
>
> Ah, fixed already.
>
> Acked-by: Gerd Hoffmann <kraxel@...>
>
> take care,
>   Gerd
>

Merged as #2325

Thanks all,


Re: [PATCH v3 0/4] ArmPkg,ArmVirtPkg: Add support EFI_MP_SERVICES_PROTOCOL on AARCH64

Rebecca Cran <rebecca@...>
 

On 12/17/21 11:08 AM, Ard Biesheuvel wrote:
OK, this looks good to me in principe, and I am quite happy with the
implementation of the MpInitLib and the new ability to dispatch
execution to other cores.

However, looking at ArmPkg/Include/Guid/ArmMpCoreInfo.h, I was
seriously shocked at how much cruft has accumulated there:
- headers under Guid/ shouldn't carry that many vaguely related
definitions anyway
- the mailbox stuff is obsolete
- the pseudo-ACPI table (ACPI style header but published as a EFI
config table) is highly dubious as well, and should really just be
removed.

I don't want to derail this series further, so I''ll have a stab at
cleaning this up on top, unless there are any reasons for keeping this
stuff?
Thanks. I'm not familiar enough with it to know if it should be kept or not. But similarly, I have a task on my list to clean up ArmPlatformPkg - PrePeiCore, PrePi etc. since they have obsolete code to handle secondary cores from before TF-A.


--
Rebecca Cran


Re: [PATCH v3 0/4] ArmPkg,ArmVirtPkg: Add support EFI_MP_SERVICES_PROTOCOL on AARCH64

Ard Biesheuvel
 

On Thu, 16 Dec 2021 at 04:46, Rebecca Cran <rebecca@...> wrote:

Patch 1/4 is the start of addressing the issue that the Aff0 field of
the MPIDR is no longer guaranteed to be the core, and should be referred
to in a more generic way: for example it could be the thread, with Aff1
being the core and Aff2 the cluster. Clearly much more work is needed
to fully remove that assumption.

Patch 2/4 implements the EFI_MP_SERVICES_PROTOCOL for DXE in Library/MpInitLib.
Patch 4/4 updates CpuDxe to initialize MP support: as a result, it gains
a dependency on MpInitLib.
Patch 3/4 updates ArmVirt.dsc.inc to add the new MpInitLib library.

Cores are powered on and turned off using PSCI.

Note that minimal CPU setup is done: for example the MMU and caches are
left disabled.

--------

Changes from v2:

o Split patches up.
o Wrapped overly long lines.
o Fixed code formatting issues (Uncrustify).
o Fixed other formatting issues (ECC tool).

--------

Testing:

o Ran CI: https://github.com/tianocore/edk2/pull/2312
o Built packages in ArmVirtPkg at each revision for both ARM and AARCH64.

Rebecca Cran (4):
ArmPkg: Replace CoreId and ClusterId with Mpidr in ARM_CORE_INFO
struct
ArmPkg: Add Library/MpInitLib to support EFI_MP_SERVICES_PROTOCOL
ArmVirtPkg: Add MpInitLib, which is dependency for CpuDxe consumers
ArmPkg: Update Drivers/CpuDxe to initialize MpInitLib
OK, this looks good to me in principe, and I am quite happy with the
implementation of the MpInitLib and the new ability to dispatch
execution to other cores.

However, looking at ArmPkg/Include/Guid/ArmMpCoreInfo.h, I was
seriously shocked at how much cruft has accumulated there:
- headers under Guid/ shouldn't carry that many vaguely related
definitions anyway
- the mailbox stuff is obsolete
- the pseudo-ACPI table (ACPI style header but published as a EFI
config table) is highly dubious as well, and should really just be
removed.

I don't want to derail this series further, so I''ll have a stab at
cleaning this up on top, unless there are any reasons for keeping this
stuff?


Re: [PATCH] Maintainers.txt: Replace Pete with Jeremy as RPi reviewer

Pete Batard
 

Thanks Jeremy!

On 2021.12.17 17:52, Jeremy Linton wrote:
First a huge thank you to Pete Batard for all the hard work
landing the RPi code here, and keeping everyone in line.
But, he has lots of commitments, and its time to give him
a breather. As such, I will take over as a platform reviewer.
Cc: Pete Batard <pete@...>
Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Leif Lindholm <leif@...>
Cc: Andrei Warkentin <awarkentin@...>
Cc: Samer El-Haj-Mahmoud <Samer.El-Haj-Mahmoud@...>
Signed-off-by: Jeremy Linton <jeremy.linton@...>
---
Maintainers.txt | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Maintainers.txt b/Maintainers.txt
index 2cad0a597d..a6ce4eee0f 100644
--- a/Maintainers.txt
+++ b/Maintainers.txt
@@ -346,7 +346,7 @@ F: Platform/RaspberryPi/
F: Silicon/Broadcom/
M: Ard Biesheuvel <ardb+tianocore@...>
M: Leif Lindholm <leif@...>
-R: Pete Batard <pete@...>
+R: Jeremy Linton <jeremy.linton@...>
RPMB driver for OP-TEE
F: Drivers/OpTee/OpteeRpmbPkg/
Reviewed-by: Pete Batard <pete@...>


Re: [PATCH v3] OvmfPkg: Call PlatformInitializeConsole for GPU passthrough case

Ard Biesheuvel
 

On Fri, 17 Dec 2021 at 06:52, Gerd Hoffmann <kraxel@...> wrote:

On Thu, Dec 16, 2021 at 09:41:40PM -0500, Stefan Berger wrote:
For GPU passthrough support we have to initialize the console after
EfiBootManagerDispatchDeferredImages() has loaded ROMs, so call it after
this. This was the calling order before the TCG physical presence support
had to be moved and the console initialized earlier so user interaction
could be supported before processing TCG physical presence opcodes.

Fixes: b8675deaa819631db2667df63f89799fe65fc906
Fixes: https://bugzilla.tianocore.org/show_bug.cgi?id=3771
Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Jordan Justen <jordan.l.justen@...>
Cc: Gerd Hoffmann <kraxel@...>
Signed-off-by: Stefan Berger <stefanb@...>
Tested-by: Shivanshu Goyal <shivanshu3@...>
+ //
+ // GPU passthrough only allows Console enablement after ROM image load
+ //
+ PlatformInitializeConsole (gPlatformConsole);
Ah, fixed already.

Acked-by: Gerd Hoffmann <kraxel@...>

take care,
Gerd
Merged as #2325

Thanks all,


Re: [PATCH 1/1] Bhyve: fix tls-enabled build

Ard Biesheuvel
 

On Fri, 17 Dec 2021 at 13:39, Gerd Hoffmann <kraxel@...> wrote:

Path doesn't exist below OvmfPkg/Bhyve, use the OvmfPkg version
instead. Fixes build with -D NETWORK_TLS_ENABLE.

Signed-off-by: Gerd Hoffmann <kraxel@...>
---
OvmfPkg/Bhyve/BhyveX64.dsc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/OvmfPkg/Bhyve/BhyveX64.dsc b/OvmfPkg/Bhyve/BhyveX64.dsc
index 40c5b7b1610e..5fa08bebd73c 100644
--- a/OvmfPkg/Bhyve/BhyveX64.dsc
+++ b/OvmfPkg/Bhyve/BhyveX64.dsc
@@ -733,7 +733,7 @@ [Components]
!if $(NETWORK_TLS_ENABLE) == TRUE
NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf {
<LibraryClasses>
- NULL|OvmfPkg/Bhyve/Library/TlsAuthConfigLib/TlsAuthConfigLib.inf
+ NULL|OvmfPkg/Library/TlsAuthConfigLib/TlsAuthConfigLib.inf
}
!endif
OvmfPkg/VirtioNetDxe/VirtioNet.inf
--
2.33.1
Merged as #2324

Thanks,


Re: [PATCH] Maintainers.txt: Replace Pete with Jeremy as RPi reviewer

Ard Biesheuvel
 

On Fri, 17 Dec 2021 at 17:52, Jeremy Linton <jeremy.linton@...> wrote:

First a huge thank you to Pete Batard for all the hard work
landing the RPi code here, and keeping everyone in line.

But, he has lots of commitments, and its time to give him
a breather. As such, I will take over as a platform reviewer.

Cc: Pete Batard <pete@...>
Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Leif Lindholm <leif@...>
Cc: Andrei Warkentin <awarkentin@...>
Cc: Samer El-Haj-Mahmoud <Samer.El-Haj-Mahmoud@...>
Signed-off-by: Jeremy Linton <jeremy.linton@...>
Many thanks to you both for the excellent work on the RPi platforms.

Acked-by: Ard Biesheuvel <ardb@...>


---
Maintainers.txt | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Maintainers.txt b/Maintainers.txt
index 2cad0a597d..a6ce4eee0f 100644
--- a/Maintainers.txt
+++ b/Maintainers.txt
@@ -346,7 +346,7 @@ F: Platform/RaspberryPi/
F: Silicon/Broadcom/
M: Ard Biesheuvel <ardb+tianocore@...>
M: Leif Lindholm <leif@...>
-R: Pete Batard <pete@...>
+R: Jeremy Linton <jeremy.linton@...>

RPMB driver for OP-TEE
F: Drivers/OpTee/OpteeRpmbPkg/
--
2.13.7



------------
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#85079): https://edk2.groups.io/g/devel/message/85079
Mute This Topic: https://groups.io/mt/87792984/1131722
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [ardb@...]
------------


[PATCH] Maintainers.txt: Replace Pete with Jeremy as RPi reviewer

Jeremy Linton
 

First a huge thank you to Pete Batard for all the hard work
landing the RPi code here, and keeping everyone in line.

But, he has lots of commitments, and its time to give him
a breather. As such, I will take over as a platform reviewer.

Cc: Pete Batard <pete@...>
Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Leif Lindholm <leif@...>
Cc: Andrei Warkentin <awarkentin@...>
Cc: Samer El-Haj-Mahmoud <Samer.El-Haj-Mahmoud@...>
Signed-off-by: Jeremy Linton <jeremy.linton@...>
---
Maintainers.txt | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Maintainers.txt b/Maintainers.txt
index 2cad0a597d..a6ce4eee0f 100644
--- a/Maintainers.txt
+++ b/Maintainers.txt
@@ -346,7 +346,7 @@ F: Platform/RaspberryPi/
F: Silicon/Broadcom/
M: Ard Biesheuvel <ardb+tianocore@...>
M: Leif Lindholm <leif@...>
-R: Pete Batard <pete@...>
+R: Jeremy Linton <jeremy.linton@...>

RPMB driver for OP-TEE
F: Drivers/OpTee/OpteeRpmbPkg/
--
2.13.7


Re: [PATCH edk2-platforms v1 03/10] Platform/ARM: Modify duplicated GUID in ArmVExpressLibSec

Sami Mujawar
 

Hi Ard,


On 17/12/2021, 16:34, "Ard Biesheuvel" <ardb@...> wrote:

On Fri, 17 Dec 2021 at 17:30, Sami Mujawar <sami.mujawar@...> wrote:
>
> Hi Leif, Ard, Wenyi,
>
> Is it possible to review and provde feedback for this change, please?
>

I agree that this should be resolved, and I don't think it matters
which one we change. The INF GUIDs of libraries are never used anyway,
as far as I know.
In that case I will update this patch to modify the ArmVExpressLibRTSM version.

Regards,

Sami Mujawar

>
>
> On 17/12/2021 02:15 PM, Pierre Gondois wrote:
> > Hi Sami,
> >
> > You are correct, as stated in Silicon/Hisilicon/Library/ArmPlatformLibHisilicon/ArmPlatformLibSec.inf:
> >
> > "Based on the files under ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibRTSM/"
> >
> > Thanks for updating the commit,
> >
> > Regards,
> >
> > Pierre
> >
> >
> >
> > On 12/17/21 2:59 PM, Sami Mujawar wrote:
> >> Hi Pierre,
> >>
> >> Please find my response inline marked [SAMI].
> >>
> >> Regards,
> >>
> >> Sami Mujawar
> >>
> >>
> >> On 24/11/2021 04:23 PM, Pierre.Gondois@... wrote:
> >>> From: Pierre Gondois <Pierre.Gondois@...>
> >>>
> >>> The two following modules have the same GUID:
> >>> - Platform/ARM/VExpressPkg/Library/
> >>> ArmVExpressLibRTSM/ArmVExpressLibSec.inf
> >>> - Silicon/Hisilicon/Library/
> >>> ArmPlatformLibHisilicon/ArmPlatformLibSec.inf
> >>>
> >>> The inf file in the Platform/ARM/ folder is based
> >>> on the one in Silicon/Hisilicon/. Modify the one
> >> [SAMI] I believe you want to say the inf file in Silicon/Hisilicon/is based on the one in Platform/ARM and therefore you are modifying the inf file in Silicon/Hisilicon.
> >> Please let me know if this is correct, and I will update this in the commit message before merging the change.
> >> [/SAMI]
> >>> in the Silicon/Hisilicon/.
> >>>
> >>> Signed-off-by: Pierre Gondois <Pierre.Gondois@...>
> >>> ---
> >>> .../Library/ArmPlatformLibHisilicon/ArmPlatformLibSec.inf | 2 +-
> >>> 1 file changed, 1 insertion(+), 1 deletion(-)
> >>>
> >>> diff --git a/Silicon/Hisilicon/Library/ArmPlatformLibHisilicon/ArmPlatformLibSec.inf b/Silicon/Hisilicon/Library/ArmPlatformLibHisilicon/ArmPlatformLibSec.inf
> >>> index ac587deedfd8..7fd7b5183e5b 100644
> >>> --- a/Silicon/Hisilicon/Library/ArmPlatformLibHisilicon/ArmPlatformLibSec.inf
> >>> +++ b/Silicon/Hisilicon/Library/ArmPlatformLibHisilicon/ArmPlatformLibSec.inf
> >>> @@ -12,7 +12,7 @@
> >>> [Defines]
> >>> INF_VERSION = 0x00010005
> >>> BASE_NAME = ArmPlatformLibSec
> >>> - FILE_GUID = a79eed97-4b98-4974-9690-37b32d6a5b56
> >>> + FILE_GUID = ABF3B82B-892F-438F-901F-F148C2DF89E6
> >>> MODULE_TYPE = BASE
> >>> VERSION_STRING = 1.0
> >>> LIBRARY_CLASS = ArmPlatformLib
> >>> --
> >>> 2.25.1
>
> IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
>
>
>
>
>


Re: [PATCH edk2-platforms v1 0/3] Fix build breaks for SynQuacerEvalBoard

Ard Biesheuvel
 

On Fri, 17 Dec 2021 at 14:46, Sami Mujawar <sami.mujawar@...> wrote:

This patch series fixes the build breaks in SynQuacerEvalBoard.
Note: I have only tested that the build is fixed. I don't have
a board to test the functionality.

The changes can be seen at:
https://github.com/samimujawar/edk2-platforms/tree/2015_fix_arm_plat_build_break_v1

Sami Mujawar (3):
Platform/Socionext: Fix build break for SynQuacerEvalBoard
Platform/Socionext/SynQuacerEvalBoard: Add missing ArmSoftFloatLib
Platform/Socionext/SynQuacerEvalBoard: Disable EbcDxe for AArch32
builds
Thanks for fixing this.

Pushed as d57f763b4cbd..818e8b7beb51


Re: [PATCH edk2-platforms v1 03/10] Platform/ARM: Modify duplicated GUID in ArmVExpressLibSec

Ard Biesheuvel
 

On Fri, 17 Dec 2021 at 17:30, Sami Mujawar <sami.mujawar@...> wrote:

Hi Leif, Ard, Wenyi,

Is it possible to review and provde feedback for this change, please?
I agree that this should be resolved, and I don't think it matters
which one we change. The INF GUIDs of libraries are never used anyway,
as far as I know.




On 17/12/2021 02:15 PM, Pierre Gondois wrote:
Hi Sami,

You are correct, as stated in Silicon/Hisilicon/Library/ArmPlatformLibHisilicon/ArmPlatformLibSec.inf:

"Based on the files under ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibRTSM/"

Thanks for updating the commit,

Regards,

Pierre



On 12/17/21 2:59 PM, Sami Mujawar wrote:
Hi Pierre,

Please find my response inline marked [SAMI].

Regards,

Sami Mujawar


On 24/11/2021 04:23 PM, Pierre.Gondois@... wrote:
From: Pierre Gondois <Pierre.Gondois@...>

The two following modules have the same GUID:
- Platform/ARM/VExpressPkg/Library/
ArmVExpressLibRTSM/ArmVExpressLibSec.inf
- Silicon/Hisilicon/Library/
ArmPlatformLibHisilicon/ArmPlatformLibSec.inf

The inf file in the Platform/ARM/ folder is based
on the one in Silicon/Hisilicon/. Modify the one
[SAMI] I believe you want to say the inf file in Silicon/Hisilicon/is based on the one in Platform/ARM and therefore you are modifying the inf file in Silicon/Hisilicon.
Please let me know if this is correct, and I will update this in the commit message before merging the change.
[/SAMI]
in the Silicon/Hisilicon/.

Signed-off-by: Pierre Gondois <Pierre.Gondois@...>
---
.../Library/ArmPlatformLibHisilicon/ArmPlatformLibSec.inf | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Silicon/Hisilicon/Library/ArmPlatformLibHisilicon/ArmPlatformLibSec.inf b/Silicon/Hisilicon/Library/ArmPlatformLibHisilicon/ArmPlatformLibSec.inf
index ac587deedfd8..7fd7b5183e5b 100644
--- a/Silicon/Hisilicon/Library/ArmPlatformLibHisilicon/ArmPlatformLibSec.inf
+++ b/Silicon/Hisilicon/Library/ArmPlatformLibHisilicon/ArmPlatformLibSec.inf
@@ -12,7 +12,7 @@
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = ArmPlatformLibSec
- FILE_GUID = a79eed97-4b98-4974-9690-37b32d6a5b56
+ FILE_GUID = ABF3B82B-892F-438F-901F-F148C2DF89E6
MODULE_TYPE = BASE
VERSION_STRING = 1.0
LIBRARY_CLASS = ArmPlatformLib
--
2.25.1
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.





Re: [PATCH edk2-platforms v1 03/10] Platform/ARM: Modify duplicated GUID in ArmVExpressLibSec

Sami Mujawar
 

Hi Leif, Ard, Wenyi,

Is it possible to review and provde feedback for this change, please?

Regards,

Sami Mujawar


On 17/12/2021 02:15 PM, Pierre Gondois wrote:
Hi Sami,

You are correct, as stated in Silicon/Hisilicon/Library/ArmPlatformLibHisilicon/ArmPlatformLibSec.inf:

"Based on the files under ArmPlatformPkg/ArmVExpressPkg/Library/ArmVExpressLibRTSM/"

Thanks for updating the commit,

Regards,

Pierre



On 12/17/21 2:59 PM, Sami Mujawar wrote:
Hi Pierre,

Please find my response inline marked [SAMI].

Regards,

Sami Mujawar


On 24/11/2021 04:23 PM, Pierre.Gondois@... wrote:
From: Pierre Gondois <Pierre.Gondois@...>

The two following modules have the same GUID:
- Platform/ARM/VExpressPkg/Library/
ArmVExpressLibRTSM/ArmVExpressLibSec.inf
- Silicon/Hisilicon/Library/
ArmPlatformLibHisilicon/ArmPlatformLibSec.inf

The inf file in the Platform/ARM/ folder is based
on the one in Silicon/Hisilicon/. Modify the one
[SAMI] I believe you want to say the inf file in Silicon/Hisilicon/is based on the one in Platform/ARM and therefore you are modifying the inf file in Silicon/Hisilicon.
Please let me know if this is correct, and I will update this in the commit message before merging the change.
[/SAMI]
in the Silicon/Hisilicon/.

Signed-off-by: Pierre Gondois <Pierre.Gondois@...>
---
.../Library/ArmPlatformLibHisilicon/ArmPlatformLibSec.inf | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Silicon/Hisilicon/Library/ArmPlatformLibHisilicon/ArmPlatformLibSec.inf b/Silicon/Hisilicon/Library/ArmPlatformLibHisilicon/ArmPlatformLibSec.inf
index ac587deedfd8..7fd7b5183e5b 100644
--- a/Silicon/Hisilicon/Library/ArmPlatformLibHisilicon/ArmPlatformLibSec.inf
+++ b/Silicon/Hisilicon/Library/ArmPlatformLibHisilicon/ArmPlatformLibSec.inf
@@ -12,7 +12,7 @@
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = ArmPlatformLibSec
- FILE_GUID = a79eed97-4b98-4974-9690-37b32d6a5b56
+ FILE_GUID = ABF3B82B-892F-438F-901F-F148C2DF89E6
MODULE_TYPE = BASE
VERSION_STRING = 1.0
LIBRARY_CLASS = ArmPlatformLib
--
2.25.1
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.


Re: [PATCH v2 1/1] EmbeddedPkg/AcpiLib: Add more helper functions

Leif Lindholm
 

Hi Nhi,

I have now pushed this patch as c63a10ecb7d6, and will get back to the
rest of the Altra port.

/
Leif

On Thu, Sep 09, 2021 at 00:02:36 +0700, Nhi Pham wrote:
Thanks Abner.

I will correct the description for the function AcpiLocateTableBySignature
in the v3.

Best regards,
Nhi

On 08/09/2021 11:53, Chang, Abner (HPS SW/FW Technologist) wrote:
After below comments are addressed,

Reviewed-by: Abner Chang <abner.chang@...>

-----Original Message-----
From: devel@edk2.groups.io [mailto:devel@edk2.groups.io] On Behalf Of
Nhi Pham via groups.io
Sent: Friday, September 3, 2021 11:44 PM
To: devel@edk2.groups.io
Cc: patches@...; Nhi Pham
<nhi@...>; Leif Lindholm <leif@...>; Ard
Biesheuvel <ardb+tianocore@...>; Chang, Abner (HPS SW/FW
Technologist) <abner.chang@...>; Schaefer, Daniel
<daniel.schaefer@...>
Subject: [edk2-devel] [PATCH v2 1/1] EmbeddedPkg/AcpiLib: Add more
helper functions

This adds more helper functions that assist in calculating the checksum,
locating an ACPI table by signature, and updating an AML integer object.

Cc: Leif Lindholm <leif@...>
Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Abner Chang <abner.chang@...>
Cc: Daniel Schaefer <daniel.schaefer@...>
Signed-off-by: Nhi Pham <nhi@...>
---
Changes since v1:
+ Add copyright [Abner]
+ Improve the AcpiLocateTableBySignature function to remove the caution
for the usage of SSDT table. [Abner]
+ AcpiAmlObjectUpdateInteger: Use the AcpiSdtProtocol->SetOption to
update
the value of data object. [Abner]

EmbeddedPkg/Library/AcpiLib/AcpiLib.inf | 3 +
EmbeddedPkg/Include/Library/AcpiLib.h | 69 +++++++
EmbeddedPkg/Library/AcpiLib/AcpiLib.c | 214 ++++++++++++++++++++
3 files changed, 286 insertions(+)

diff --git a/EmbeddedPkg/Library/AcpiLib/AcpiLib.inf
b/EmbeddedPkg/Library/AcpiLib/AcpiLib.inf
index 538fe09cca29..01b12c9423a9 100644
--- a/EmbeddedPkg/Library/AcpiLib/AcpiLib.inf
+++ b/EmbeddedPkg/Library/AcpiLib/AcpiLib.inf
@@ -1,6 +1,7 @@
#/** @file
#
# Copyright (c) 2014, ARM Ltd. All rights reserved.
+# Copyright (c) 2021, Ampere Computing LLC. All rights reserved.
#
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
@@ -23,6 +24,8 @@ [Packages]
EmbeddedPkg/EmbeddedPkg.dec

[LibraryClasses]
+ BaseLib
+ BaseMemoryLib
DebugLib
UefiBootServicesTableLib

diff --git a/EmbeddedPkg/Include/Library/AcpiLib.h
b/EmbeddedPkg/Include/Library/AcpiLib.h
index c142446d9d59..933582b7f607 100644
--- a/EmbeddedPkg/Include/Library/AcpiLib.h
+++ b/EmbeddedPkg/Include/Library/AcpiLib.h
@@ -2,6 +2,7 @@
Helper Library for ACPI

Copyright (c) 2014-2016, ARM Ltd. All rights reserved.
+ Copyright (c) 2021, Ampere Computing LLC. All rights reserved.

SPDX-License-Identifier: BSD-2-Clause-Patent

@@ -13,6 +14,7 @@
#include <Uefi.h>

#include <IndustryStandard/Acpi10.h>
+#include <Protocol/AcpiSystemDescriptionTable.h>

//
// Macros for the Generic Address Space
@@ -128,4 +130,71 @@ LocateAndInstallAcpiFromFv (
IN CONST EFI_GUID* AcpiFile
);

+/**
+ This function calculates and updates a UINT8 checksum
+ in an ACPI description table header.
+
+ @param Buffer Pointer to buffer to checksum
+ @param Size Number of bytes to checksum
+
+ @retval EFI_SUCCESS The function completed successfully.
+ @retval EFI_INVALID_PARAMETER Invalid parameter.
+
+**/
+EFI_STATUS
+EFIAPI
+AcpiUpdateChecksum (
+ IN OUT UINT8 *Buffer,
+ IN UINTN Size
+ );
+
+/**
+ This function uses the ACPI SDT protocol to locate an ACPI table
+ with a given signature that only have a single instance.
+
+ @param AcpiTableSdtProtocol Pointer to ACPI SDT protocol.
+ @param TableSignature ACPI table signature.
+ @param Index The zero-based index of the table where to
search the table.
+ @param Table Pointer to the table.
+ @param TableKey Pointer to the table key.
+
+ @return EFI_SUCCESS The function completed successfully.
+ @return EFI_INVALID_PARAMETER At least one of parameters is invalid.
+ @retval EFI_NOT_FOUND The requested index is too large and a
table was not found.
+
+**/
+EFI_STATUS
+EFIAPI
+AcpiLocateTableBySignature (
+ IN EFI_ACPI_SDT_PROTOCOL *AcpiSdtProtocol,
+ IN UINT32 TableSignature,
+ IN OUT UINTN *Index,
+ OUT EFI_ACPI_DESCRIPTION_HEADER **Table,
+ OUT UINTN *TableKey
+ );
+
+/**
+ This function updates the integer value of an AML Object.
+
+ @param AcpiTableSdtProtocol Pointer to ACPI SDT protocol.
+ @param TableHandle Points to the table representing the starting
point
+ for the object path search.
+ @param AsciiObjectPath Pointer to the ACPI path of the object being
updated.
+ @param Value New value to write to the object.
+
+ @return EFI_SUCCESS The function completed successfully.
+ @return EFI_INVALID_PARAMETER At least one of parameters is invalid
or the data type
+ of the ACPI object is not an integer value.
+ @retval EFI_NOT_FOUND The object is not found with the given path.
+
+**/
+EFI_STATUS
+EFIAPI
+AcpiAmlObjectUpdateInteger (
+ IN EFI_ACPI_SDT_PROTOCOL *AcpiSdtProtocol,
+ IN EFI_ACPI_HANDLE TableHandle,
+ IN CHAR8 *AsciiObjectPath,
+ IN UINTN Value
+ );
+
#endif // __ACPI_LIB_H__
diff --git a/EmbeddedPkg/Library/AcpiLib/AcpiLib.c
b/EmbeddedPkg/Library/AcpiLib/AcpiLib.c
index ff7d678433d5..393133f54381 100644
--- a/EmbeddedPkg/Library/AcpiLib/AcpiLib.c
+++ b/EmbeddedPkg/Library/AcpiLib/AcpiLib.c
@@ -1,6 +1,7 @@
/** @file
*
* Copyright (c) 2014-2015, ARM Limited. All rights reserved.
+* Copyright (c) 2021, Ampere Computing LLC. All rights reserved.
*
* SPDX-License-Identifier: BSD-2-Clause-Patent
*
@@ -9,9 +10,12 @@
#include <Uefi.h>

#include <Library/AcpiLib.h>
+#include <Library/BaseLib.h>
+#include <Library/BaseMemoryLib.h>
#include <Library/DebugLib.h>
#include <Library/UefiBootServicesTableLib.h>

+#include <Protocol/AcpiSystemDescriptionTable.h>
#include <Protocol/AcpiTable.h>
#include <Protocol/FirmwareVolume2.h>

@@ -170,3 +174,213 @@ LocateAndInstallAcpiFromFv (
{
return LocateAndInstallAcpiFromFvConditional (AcpiFile, NULL);
}
+
+/**
+ This function calculates and updates a UINT8 checksum
+ in an ACPI description table header.
+
+ @param Buffer Pointer to buffer to checksum
+ @param Size Number of bytes to checksum
+
+ @retval EFI_SUCCESS The function completed successfully.
+ @retval EFI_INVALID_PARAMETER Invalid parameter.
+
+**/
+EFI_STATUS
+EFIAPI
+AcpiUpdateChecksum (
+ IN OUT UINT8 *Buffer,
+ IN UINTN Size
+ )
+{
+ UINTN ChecksumOffset;
+
+ if (Buffer == NULL || Size == 0) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ ChecksumOffset = OFFSET_OF (EFI_ACPI_DESCRIPTION_HEADER,
Checksum);
+
+ //
+ // Set checksum to 0 first
+ //
+ Buffer[ChecksumOffset] = 0;
+
+ //
+ // Update checksum value
+ //
+ Buffer[ChecksumOffset] = CalculateCheckSum8 (Buffer, Size);
+
+ return EFI_SUCCESS;
+}
+
+/**
+ This function uses the ACPI SDT protocol to locate an ACPI table
+ with a given signature that only have a single instance.
Is the description correct? I think this function can be used to search
the given signature which could have multiple instances, right?

+
+ @param AcpiTableSdtProtocol Pointer to ACPI SDT protocol.
+ @param TableSignature ACPI table signature.
+ @param Index The zero-based index of the table where to
search the table.
Could you please mention that the index will be updated to the next instance
if the table is found with the matched TableSignature?


+ @param Table Pointer to the table.
+ @param TableKey Pointer to the table key.
+
+ @return EFI_SUCCESS The function completed successfully.
+ @return EFI_INVALID_PARAMETER At least one of parameters is invalid.
+ @retval EFI_NOT_FOUND The requested index is too large and a
table was not found.
+
+**/
+EFI_STATUS
+EFIAPI
+AcpiLocateTableBySignature (
+ IN EFI_ACPI_SDT_PROTOCOL *AcpiSdtProtocol,
+ IN UINT32 TableSignature,
+ IN OUT UINTN *Index,
+ OUT EFI_ACPI_DESCRIPTION_HEADER **Table,
+ OUT UINTN *TableKey
+ )
+{
+ EFI_STATUS Status;
+ EFI_ACPI_SDT_HEADER *TempTable;
+ EFI_ACPI_TABLE_VERSION TableVersion;
+ UINTN TableIndex;
+
+ if (AcpiSdtProtocol == NULL
+ || Table == NULL
+ || TableKey == NULL) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ Status = EFI_SUCCESS;
+
+ //
+ // Search for ACPI Table with matching signature
+ //
+ TableVersion = 0;
+ TableIndex = *Index;
+ while (!EFI_ERROR (Status)) {
+ Status = AcpiSdtProtocol->GetAcpiTable (
+ TableIndex,
+ &TempTable,
+ &TableVersion,
+ TableKey
+ );
+ if (!EFI_ERROR (Status)) {
+ TableIndex++;
+
+ if (((EFI_ACPI_DESCRIPTION_HEADER *)TempTable)->Signature ==
TableSignature) {
+ *Table = (EFI_ACPI_DESCRIPTION_HEADER *)TempTable;
+ *Index = TableIndex;
+ break;
+ }
+ }
+ }
+
+ return Status;
+}
+
+/**
+ This function updates the integer value of an AML Object.
+
+ @param AcpiTableSdtProtocol Pointer to ACPI SDT protocol.
+ @param TableHandle Points to the table representing the starting
point
+ for the object path search.
+ @param AsciiObjectPath Pointer to the ACPI path of the object being
updated.
+ @param Value New value to write to the object.
+
+ @return EFI_SUCCESS The function completed successfully.
+ @return EFI_INVALID_PARAMETER At least one of parameters is invalid
or the data type
+ of the ACPI object is not an integer value.
+ @retval EFI_NOT_FOUND The object is not found with the given path.
+
+**/
+EFI_STATUS
+EFIAPI
+AcpiAmlObjectUpdateInteger (
+ IN EFI_ACPI_SDT_PROTOCOL *AcpiSdtProtocol,
+ IN EFI_ACPI_HANDLE TableHandle,
+ IN CHAR8 *AsciiObjectPath,
+ IN UINTN Value
+ )
+{
+ EFI_STATUS Status;
+ EFI_ACPI_HANDLE ObjectHandle;
+ EFI_ACPI_HANDLE DataHandle;
+ EFI_ACPI_DATA_TYPE DataType;
+ UINT8 *Buffer;
+ UINTN BufferSize;
+ UINTN DataSize;
+
+ if (AcpiSdtProtocol == NULL || AsciiObjectPath == NULL) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ ObjectHandle = NULL;
+ Status = AcpiSdtProtocol->FindPath (TableHandle, AsciiObjectPath,
&ObjectHandle);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ Status = AcpiSdtProtocol->GetOption (ObjectHandle, 0, &DataType, (VOID
*)&Buffer, &BufferSize);
+ if (EFI_ERROR (Status)) {
+ Status = EFI_NOT_FOUND;
+ goto Exit;
+ }
+ ASSERT (DataType == EFI_ACPI_DATA_TYPE_OPCODE);
+ ASSERT (Buffer != NULL);
+
+ if (Buffer[0] != AML_NAME_OP) {
+ Status = EFI_NOT_FOUND;
+ goto Exit;
+ }
+
+ //
+ // Get handle of data object
+ //
+ DataHandle = NULL;
+ Status = AcpiSdtProtocol->GetChild (ObjectHandle, &DataHandle);
+ ASSERT_EFI_ERROR (Status);
+
+ Status = AcpiSdtProtocol->GetOption (DataHandle, 0, &DataType, (VOID
Ok, that is fine to use 0 as you mentioned AML_OP_PARSE_INDEX_GET_OPCODE was defined privately. The better way
is to define this in EmbeddedPkg/Library/AcpiLib.h. Sorry I don't have chance to reply your last mail.

Abner

*)&Buffer, &BufferSize);
+ ASSERT (DataType == EFI_ACPI_DATA_TYPE_OPCODE);
+ ASSERT (Buffer != NULL);
+
+ if (Buffer[0] == AML_ZERO_OP || Buffer[0] == AML_ONE_OP) {
+ Status = AcpiSdtProtocol->SetOption (DataHandle, 0, (VOID *)&Value,
sizeof (UINT8));
+ ASSERT_EFI_ERROR (Status);
+ } else {
+ //
+ // Check the size of data object
+ //
+ switch (Buffer[0]) {
+ case AML_BYTE_PREFIX:
+ DataSize = sizeof (UINT8);
+ break;
+
+ case AML_WORD_PREFIX:
+ DataSize = sizeof (UINT16);
+ break;
+
+ case AML_DWORD_PREFIX:
+ DataSize = sizeof (UINT32);
+ break;
+
+ case AML_QWORD_PREFIX:
+ DataSize = sizeof (UINT64);
+ break;
+
+ default:
+ // The data type of the ACPI object is not an integer
+ Status = EFI_INVALID_PARAMETER;
+ goto Exit;
+ }
+
+ Status = AcpiSdtProtocol->SetOption (DataHandle, 1, (VOID *)&Value,
DataSize);
+ ASSERT_EFI_ERROR (Status);
+ }
+
+Exit:
+ AcpiSdtProtocol->Close (DataHandle);
+ AcpiSdtProtocol->Close (ObjectHandle);
+
+ return Status;
+}
--
2.17.1





Re: [PATCH] SecurityPkg: TPM must go to Idle state on CRB command completion

Yao, Jiewen
 

Pushed ab5ab2f60348138a4b7b1c95ad6f5d0954fb96f1

-----Original Message-----
From: Gonzalez Del Cueto, Rodrigo <rodrigo.gonzalez.del.cueto@...>
Sent: Friday, December 17, 2021 10:48 AM
To: devel@edk2.groups.io
Cc: Gonzalez Del Cueto, Rodrigo <rodrigo.gonzalez.del.cueto@...>;
Wang, Jian J <jian.j.wang@...>; Yao, Jiewen <jiewen.yao@...>
Subject: [PATCH] SecurityPkg: TPM must go to Idle state on CRB command
completion

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3463

In V2: Fixed patch format and uncrustify cleanup

In V1: To follow the TCG CRB protocol specification, on every CRB TPM
command completion the TPM should return to Idle state, regardless of
the CRB Idle Bypass capability reported by the TPM device.

See: TCG PC Client Device Driver Design Principles for TPM 2.0,
Version 1.0, Rev 0.27

Signed-off-by: Rodrigo Gonzalez del Cueto
<rodrigo.gonzalez.del.cueto@...>
Cc: Jian J Wang <jian.j.wang@...>
Cc: Jiewen Yao <jiewen.yao@...>
---
SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c | 14 ++------------
1 file changed, 2 insertions(+), 12 deletions(-)

diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c
b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c
index 40ab998004..1d99beaa10 100644
--- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c
+++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c
@@ -1,7 +1,7 @@
/** @file
PTP (Platform TPM Profile) CRB (Command Response Buffer) interface used by
dTPM2.0 library.

-Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2015 - 2021, Intel Corporation. All rights reserved.<BR>
Copyright (c), Microsoft Corporation.
SPDX-License-Identifier: BSD-2-Clause-Patent

@@ -320,7 +320,7 @@ PtpCrbTpmCommand (
// Command completed, but buffer is not enough
//
Status = EFI_BUFFER_TOO_SMALL;
- goto GoReady_Exit;
+ goto GoIdle_Exit;
}

*SizeOut = TpmOutSize;
@@ -340,16 +340,6 @@ PtpCrbTpmCommand (
DEBUG ((DEBUG_VERBOSE, "\n"));
DEBUG_CODE_END ();

-GoReady_Exit:
- //
- // Goto Ready State if command is completed successfully and TPM support
IdleBypass
- // If not supported. flow down to GoIdle
- //
- if (GetCachedIdleByPass () == 1) {
- MmioWrite32 ((UINTN)&CrbReg->CrbControlRequest,
PTP_CRB_CONTROL_AREA_REQUEST_COMMAND_READY);
- return Status;
- }
-
//
// Do not wait for state transition for TIMEOUT_C
// This function will try to wait 2 TIMEOUT_C at the beginning in next call.
--
2.26.2.windows.1


Re: [PATCH] SecurityPkg: Reallocate TPM Active PCRs based on platform support

Yao, Jiewen
 

Pushed 195f0119731dbc4b93b4d485998dac3bbf8629a3

-----Original Message-----
From: Gonzalez Del Cueto, Rodrigo <rodrigo.gonzalez.del.cueto@...>
Sent: Friday, December 17, 2021 10:48 AM
To: devel@edk2.groups.io
Cc: Gonzalez Del Cueto, Rodrigo <rodrigo.gonzalez.del.cueto@...>;
Wang, Jian J <jian.j.wang@...>; Yao, Jiewen <jiewen.yao@...>
Subject: [PATCH] SecurityPkg: Reallocate TPM Active PCRs based on platform
support

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3515

In V4: Fixed patch format and uncrustify cleanup

In V3: Cleaned up comments, debug prints and updated patch to use the
new debug ENUM definitions.

- Replaced EFI_D_INFO with DEBUG_INFO.
- Replaced EFI_D_VERBOSE with DEBUG_VERBOSE.

In V2: Add case to RegisterHashInterfaceLib logic

RegisterHashInterfaceLib needs to correctly handle registering the HashLib
instance supported algorithm bitmap when PcdTpm2HashMask is set to zero.

The current implementation of SyncPcrAllocationsAndPcrMask() triggers
PCR bank reallocation only based on the intersection between
TpmActivePcrBanks and PcdTpm2HashMask.

When the software HashLibBaseCryptoRouter solution is used, no PCR bank
reallocation is occurring based on the supported hashing algorithms
registered by the HashLib instances.

Need to have an additional check for the intersection between the
TpmActivePcrBanks and the PcdTcg2HashAlgorithmBitmap populated by the
HashLib instances present on the platform's BIOS.

Signed-off-by: Rodrigo Gonzalez del Cueto
<rodrigo.gonzalez.del.cueto@...>
Cc: Jian J Wang <jian.j.wang@...>
Cc: Jiewen Yao <jiewen.yao@...>
---
SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.c
| 11 ++++++++---
SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.c |
11 ++++++++---
SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c | 43
+++++++++++++++++++++++++++++++------------
SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf | 1 +
4 files changed, 48 insertions(+), 18 deletions(-)

diff --git
a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.
c
b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.
c
index 59639d0538..ee8fe6e06e 100644
---
a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.
c
+++
b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.
c
@@ -3,7 +3,7 @@
hash handler registered, such as SHA1, SHA256.
Platform can use PcdTpm2HashMask to mask some hash engines.

-Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. <BR>
+Copyright (c) 2013 - 2021, Intel Corporation. All rights reserved. <BR>
SPDX-License-Identifier: BSD-2-Clause-Patent

**/
@@ -234,13 +234,18 @@ RegisterHashInterfaceLib (
{
UINTN Index;
UINT32 HashMask;
+ UINT32 Tpm2HashMask;
EFI_STATUS Status;

//
// Check allow
//
- HashMask = Tpm2GetHashMaskFromAlgo (&HashInterface->HashGuid);
- if ((HashMask & PcdGet32 (PcdTpm2HashMask)) == 0) {
+ HashMask = Tpm2GetHashMaskFromAlgo (&HashInterface->HashGuid);
+ Tpm2HashMask = PcdGet32 (PcdTpm2HashMask);
+
+ if ((Tpm2HashMask != 0) &&
+ ((HashMask & Tpm2HashMask) == 0))
+ {
return EFI_UNSUPPORTED;
}

diff --git
a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.c
b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.c
index e21103d371..eeb424b6c3 100644
---
a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.c
+++
b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.c
@@ -3,7 +3,7 @@
hash handler registered, such as SHA1, SHA256.
Platform can use PcdTpm2HashMask to mask some hash engines.

-Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. <BR>
+Copyright (c) 2013 - 2021, Intel Corporation. All rights reserved. <BR>
SPDX-License-Identifier: BSD-2-Clause-Patent

**/
@@ -330,13 +330,18 @@ RegisterHashInterfaceLib (
UINTN Index;
HASH_INTERFACE_HOB *HashInterfaceHob;
UINT32 HashMask;
+ UINT32 Tpm2HashMask;
EFI_STATUS Status;

//
// Check allow
//
- HashMask = Tpm2GetHashMaskFromAlgo (&HashInterface->HashGuid);
- if ((HashMask & PcdGet32 (PcdTpm2HashMask)) == 0) {
+ HashMask = Tpm2GetHashMaskFromAlgo (&HashInterface->HashGuid);
+ Tpm2HashMask = PcdGet32 (PcdTpm2HashMask);
+
+ if ((Tpm2HashMask != 0) &&
+ ((HashMask & Tpm2HashMask) == 0))
+ {
return EFI_UNSUPPORTED;
}

diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c
b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c
index a97a4e7f2d..0da89b795e 100644
--- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c
+++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c
@@ -1,7 +1,7 @@
/** @file
Initialize TPM2 device and measure FVs before handing off control to DXE.

-Copyright (c) 2015 - 2020, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2015 - 2021, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2017, Microsoft Corporation. All rights reserved. <BR>
SPDX-License-Identifier: BSD-2-Clause-Patent

@@ -252,7 +252,7 @@ EndofPeiSignalNotifyCallBack (

/**
Make sure that the current PCR allocations, the TPM supported PCRs,
- and the PcdTpm2HashMask are all in agreement.
+ PcdTcg2HashAlgorithmBitmap and the PcdTpm2HashMask are all in
agreement.
**/
VOID
SyncPcrAllocationsAndPcrMask (
@@ -261,6 +261,7 @@ SyncPcrAllocationsAndPcrMask (
{
EFI_STATUS Status;
EFI_TCG2_EVENT_ALGORITHM_BITMAP TpmHashAlgorithmBitmap;
+ EFI_TCG2_EVENT_ALGORITHM_BITMAP BiosHashAlgorithmBitmap;
UINT32 TpmActivePcrBanks;
UINT32 NewTpmActivePcrBanks;
UINT32 Tpm2PcrMask;
@@ -274,33 +275,50 @@ SyncPcrAllocationsAndPcrMask (
Status = Tpm2GetCapabilitySupportedAndActivePcrs
(&TpmHashAlgorithmBitmap, &TpmActivePcrBanks);
ASSERT_EFI_ERROR (Status);

+ DEBUG ((DEBUG_INFO, "Tpm2GetCapabilitySupportedAndActivePcrs -
TpmHashAlgorithmBitmap: 0x%08x\n", TpmHashAlgorithmBitmap));
+ DEBUG ((DEBUG_INFO, "Tpm2GetCapabilitySupportedAndActivePcrs -
TpmActivePcrBanks 0x%08x\n", TpmActivePcrBanks));
+
Tpm2PcrMask = PcdGet32 (PcdTpm2HashMask);
if (Tpm2PcrMask == 0) {
//
- // if PcdTPm2HashMask is zero, use ActivePcr setting
+ // If PcdTpm2HashMask is zero, use ActivePcr setting.
+ // Only when PcdTpm2HashMask is initialized to 0, will it be updated to
current Active Pcrs.
//
PcdSet32S (PcdTpm2HashMask, TpmActivePcrBanks);
Tpm2PcrMask = TpmActivePcrBanks;
}

- //
- // Find the intersection of Pcd support and TPM support.
- // If banks are missing from the TPM support that are in the PCD, update the
PCD.
- // If banks are missing from the PCD that are active in the TPM, reallocate the
banks and reboot.
- //
+ DEBUG ((DEBUG_INFO, "Tpm2PcrMask 0x%08x\n", Tpm2PcrMask));

//
- // If there are active PCR banks that are not supported by the Platform mask,
- // update the TPM allocations and reboot the machine.
+ // The Active PCRs in the TPM need to be a strict subset of the hashing
algorithms supported by BIOS.
//
- if ((TpmActivePcrBanks & Tpm2PcrMask) != TpmActivePcrBanks) {
- NewTpmActivePcrBanks = TpmActivePcrBanks & Tpm2PcrMask;
+ // * Find the intersection of Pcd support and TPM active PCRs. If banks are
missing from the TPM support
+ // that are in the PCD, update the PCD.
+ // * Find intersection of TPM Active PCRs and BIOS supported algorithms. If
there are active PCR banks
+ // that are not supported by the platform, update the TPM allocations and
reboot.
+ // Note: When the HashLibBaseCryptoRouter solution is used, the hash
algorithm support from BIOS is reported
+ // by Tcg2HashAlgorithmBitmap, which is populated by HashLib instances
at runtime.
+ BiosHashAlgorithmBitmap = PcdGet32 (PcdTcg2HashAlgorithmBitmap);
+ DEBUG ((DEBUG_INFO, "Tcg2HashAlgorithmBitmap: 0x%08x\n",
BiosHashAlgorithmBitmap));
+
+ if (((TpmActivePcrBanks & Tpm2PcrMask) != TpmActivePcrBanks) ||
+ ((TpmActivePcrBanks & BiosHashAlgorithmBitmap) != TpmActivePcrBanks))
+ {
+ DEBUG ((DEBUG_INFO, "TpmActivePcrBanks & Tpm2PcrMask = 0x%08x\n",
(TpmActivePcrBanks & Tpm2PcrMask)));
+ DEBUG ((DEBUG_INFO, "TpmActivePcrBanks & BiosHashAlgorithmBitmap =
0x%08x\n", (TpmActivePcrBanks & BiosHashAlgorithmBitmap)));
+ NewTpmActivePcrBanks = TpmActivePcrBanks;
+ NewTpmActivePcrBanks &= Tpm2PcrMask;
+ NewTpmActivePcrBanks &= BiosHashAlgorithmBitmap;
+ DEBUG ((DEBUG_INFO, "NewTpmActivePcrBanks 0x%08x\n",
NewTpmActivePcrBanks));

DEBUG ((DEBUG_INFO, "%a - Reallocating PCR banks from 0x%X to 0x%X.\n",
__FUNCTION__, TpmActivePcrBanks, NewTpmActivePcrBanks));
+
if (NewTpmActivePcrBanks == 0) {
DEBUG ((DEBUG_ERROR, "%a - No viable PCRs active! Please set a less
restrictive value for PcdTpm2HashMask!\n", __FUNCTION__));
ASSERT (FALSE);
} else {
+ DEBUG ((DEBUG_ERROR, "Tpm2PcrAllocateBanks
(TpmHashAlgorithmBitmap: 0x%08x, NewTpmActivePcrBanks: 0x%08x)\n",
TpmHashAlgorithmBitmap, NewTpmActivePcrBanks));
Status = Tpm2PcrAllocateBanks (NULL, (UINT32)TpmHashAlgorithmBitmap,
NewTpmActivePcrBanks);
if (EFI_ERROR (Status)) {
//
@@ -331,6 +349,7 @@ SyncPcrAllocationsAndPcrMask (
}

Status = PcdSet32S (PcdTpm2HashMask, NewTpm2PcrMask);
+ DEBUG ((DEBUG_ERROR, "Set PcdTpm2Hash Mask to 0x%08x\n",
NewTpm2PcrMask));
ASSERT_EFI_ERROR (Status);
}
}
diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
index 06c26a2904..17ad116126 100644
--- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
+++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
@@ -86,6 +86,7 @@
## SOMETIMES_CONSUMES
## SOMETIMES_PRODUCES
gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask
+ gEfiSecurityPkgTokenSpaceGuid.PcdTcg2HashAlgorithmBitmap ##
CONSUMES

[Depex]
gEfiPeiMasterBootModePpiGuid AND
--
2.26.2.windows.1


Re: [PATCH] SecurityPkg: Debug code to audit BIOS TPM extend operations

Yao, Jiewen
 

Pushed: 8ed8568922be9b5f7111fc1297317106aba7ab52

-----Original Message-----
From: Gonzalez Del Cueto, Rodrigo <rodrigo.gonzalez.del.cueto@...>
Sent: Friday, December 17, 2021 10:47 AM
To: devel@edk2.groups.io
Cc: Gonzalez Del Cueto, Rodrigo <rodrigo.gonzalez.del.cueto@...>; Yao,
Jiewen <jiewen.yao@...>; Wang, Jian J <jian.j.wang@...>
Subject: [PATCH] SecurityPkg: Debug code to audit BIOS TPM extend operations

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2858

In V2: Fixed patch format and uncrustify cleanup

In V1: Add debug functionality to examine TPM extend operations
performed by BIOS and inspect the PCR 00 value prior to
any BIOS measurements.

Signed-off-by: Rodrigo Gonzalez del Cueto
<rodrigo.gonzalez.del.cueto@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Jian J Wang <jian.j.wang@...>
---
SecurityPkg/Include/Library/Tpm2CommandLib.h | 33
+++++++++++++++++++++++++--------
SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c | 190
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c | 9 ++++++++-
3 files changed, 222 insertions(+), 10 deletions(-)

diff --git a/SecurityPkg/Include/Library/Tpm2CommandLib.h
b/SecurityPkg/Include/Library/Tpm2CommandLib.h
index 2e83a2f474..a2fb97f18d 100644
--- a/SecurityPkg/Include/Library/Tpm2CommandLib.h
+++ b/SecurityPkg/Include/Library/Tpm2CommandLib.h
@@ -1,7 +1,7 @@
/** @file
This library is used by other modules to send TPM2 command.

-Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. <BR>
+Copyright (c) 2013 - 2021, Intel Corporation. All rights reserved. <BR>
SPDX-License-Identifier: BSD-2-Clause-Patent

**/
@@ -503,9 +503,9 @@ Tpm2PcrExtend (
EFI_STATUS
EFIAPI
Tpm2PcrEvent (
- IN TPMI_DH_PCR PcrHandle,
- IN TPM2B_EVENT *EventData,
- OUT TPML_DIGEST_VALUES *Digests
+ IN TPMI_DH_PCR PcrHandle,
+ IN TPM2B_EVENT *EventData,
+ OUT TPML_DIGEST_VALUES *Digests
);

/**
@@ -522,10 +522,10 @@ Tpm2PcrEvent (
EFI_STATUS
EFIAPI
Tpm2PcrRead (
- IN TPML_PCR_SELECTION *PcrSelectionIn,
- OUT UINT32 *PcrUpdateCounter,
- OUT TPML_PCR_SELECTION *PcrSelectionOut,
- OUT TPML_DIGEST *PcrValues
+ IN TPML_PCR_SELECTION *PcrSelectionIn,
+ OUT UINT32 *PcrUpdateCounter,
+ OUT TPML_PCR_SELECTION *PcrSelectionOut,
+ OUT TPML_DIGEST *PcrValues
);

/**
@@ -1113,4 +1113,21 @@ GetDigestFromDigestList (
OUT VOID *Digest
);

+/**
+ This function will query the TPM to determine which hashing algorithms and
+ get the digests of all active and supported PCR banks of a specific PCR
register.
+
+ @param[in] PcrHandle The index of the PCR register to be read.
+ @param[out] HashList List of digests from PCR register being read.
+
+ @retval EFI_SUCCESS The Pcr was read successfully.
+ @retval EFI_DEVICE_ERROR The command was unsuccessful.
+**/
+EFI_STATUS
+EFIAPI
+Tpm2PcrReadForActiveBank (
+ IN TPMI_DH_PCR PcrHandle,
+ OUT TPML_DIGEST *HashList
+ );
+
#endif
diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c
b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c
index 8dde5f34a2..94e93b2642 100644
--- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c
+++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c
@@ -1,7 +1,7 @@
/** @file
Implement TPM2 Integrity related command.

-Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. <BR>
+Copyright (c) 2013 - 2021, Intel Corporation. All rights reserved. <BR>
SPDX-License-Identifier: BSD-2-Clause-Patent

**/
@@ -138,6 +138,23 @@ Tpm2PcrExtend (
&Digests->digests[Index].digest,
DigestSize
);
+
+ DEBUG_CODE_BEGIN ();
+ UINTN Index2;
+ DEBUG ((
+ DEBUG_VERBOSE,
+ "Tpm2PcrExtend - Hash = 0x%04x, Pcr[%02d], digest = ",
+ Digests->digests[Index].hashAlg,
+ (UINT8)PcrHandle
+ ));
+
+ for (Index2 = 0; Index2 < DigestSize; Index2++) {
+ DEBUG ((DEBUG_VERBOSE, "%02x ", Buffer[Index2]));
+ }
+
+ DEBUG ((DEBUG_VERBOSE, "\n"));
+ DEBUG_CODE_END ();
+
Buffer += DigestSize;
}

@@ -172,6 +189,11 @@ Tpm2PcrExtend (
return EFI_DEVICE_ERROR;
}

+ DEBUG_CODE_BEGIN ();
+ DEBUG ((DEBUG_VERBOSE, "Tpm2PcrExtend: PCR read after extend...\n"));
+ Tpm2PcrReadForActiveBank (PcrHandle, NULL);
+ DEBUG_CODE_END ();
+
//
// Unmarshal the response
//
@@ -705,3 +727,169 @@ Done:
ZeroMem (&LocalAuthSession.hmac, sizeof (LocalAuthSession.hmac));
return Status;
}
+
+/**
+ This function will query the TPM to determine which hashing algorithms and
+ get the digests of all active and supported PCR banks of a specific PCR
register.
+
+ @param[in] PcrHandle The index of the PCR register to be read.
+ @param[out] HashList List of digests from PCR register being read.
+
+ @retval EFI_SUCCESS The Pcr was read successfully.
+ @retval EFI_DEVICE_ERROR The command was unsuccessful.
+**/
+EFI_STATUS
+EFIAPI
+Tpm2PcrReadForActiveBank (
+ IN TPMI_DH_PCR PcrHandle,
+ OUT TPML_DIGEST *HashList
+ )
+{
+ EFI_STATUS Status;
+ TPML_PCR_SELECTION Pcrs;
+ TPML_PCR_SELECTION PcrSelectionIn;
+ TPML_PCR_SELECTION PcrSelectionOut;
+ TPML_DIGEST PcrValues;
+ UINT32 PcrUpdateCounter;
+ UINT8 PcrIndex;
+ UINT32 TpmHashAlgorithmBitmap;
+ TPMI_ALG_HASH CurrentPcrBankHash;
+ UINT32 ActivePcrBanks;
+ UINT32 TcgRegistryHashAlg;
+ UINTN Index;
+ UINTN Index2;
+
+ PcrIndex = (UINT8)PcrHandle;
+
+ if ((PcrIndex < 0) ||
+ (PcrIndex >= IMPLEMENTATION_PCR))
+ {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ ZeroMem (&PcrSelectionIn, sizeof (PcrSelectionIn));
+ ZeroMem (&PcrUpdateCounter, sizeof (UINT32));
+ ZeroMem (&PcrSelectionOut, sizeof (PcrSelectionOut));
+ ZeroMem (&PcrValues, sizeof (PcrValues));
+ ZeroMem (&Pcrs, sizeof (TPML_PCR_SELECTION));
+
+ DEBUG ((DEBUG_INFO, "ReadPcr - %02d\n", PcrIndex));
+
+ //
+ // Read TPM capabilities
+ //
+ Status = Tpm2GetCapabilityPcrs (&Pcrs);
+
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "ReadPcr: Unable to read TPM capabilities\n"));
+ return EFI_DEVICE_ERROR;
+ }
+
+ //
+ // Get Active Pcrs
+ //
+ Status = Tpm2GetCapabilitySupportedAndActivePcrs (
+ &TpmHashAlgorithmBitmap,
+ &ActivePcrBanks
+ );
+
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "ReadPcr: Unable to read TPM capabilities and
active PCRs\n"));
+ return EFI_DEVICE_ERROR;
+ }
+
+ //
+ // Select from Active PCRs
+ //
+ for (Index = 0; Index < Pcrs.count; Index++) {
+ CurrentPcrBankHash = Pcrs.pcrSelections[Index].hash;
+
+ switch (CurrentPcrBankHash) {
+ case TPM_ALG_SHA1:
+ DEBUG ((DEBUG_VERBOSE, "HASH_ALG_SHA1 Present\n"));
+ TcgRegistryHashAlg = HASH_ALG_SHA1;
+ break;
+ case TPM_ALG_SHA256:
+ DEBUG ((DEBUG_VERBOSE, "HASH_ALG_SHA256 Present\n"));
+ TcgRegistryHashAlg = HASH_ALG_SHA256;
+ break;
+ case TPM_ALG_SHA384:
+ DEBUG ((DEBUG_VERBOSE, "HASH_ALG_SHA384 Present\n"));
+ TcgRegistryHashAlg = HASH_ALG_SHA384;
+ break;
+ case TPM_ALG_SHA512:
+ DEBUG ((DEBUG_VERBOSE, "HASH_ALG_SHA512 Present\n"));
+ TcgRegistryHashAlg = HASH_ALG_SHA512;
+ break;
+ case TPM_ALG_SM3_256:
+ DEBUG ((DEBUG_VERBOSE, "HASH_ALG_SM3 Present\n"));
+ TcgRegistryHashAlg = HASH_ALG_SM3_256;
+ break;
+ default:
+ //
+ // Unsupported algorithm
+ //
+ DEBUG ((DEBUG_VERBOSE, "Unknown algorithm present\n"));
+ TcgRegistryHashAlg = 0;
+ break;
+ }
+
+ //
+ // Skip unsupported and inactive PCR banks
+ //
+ if ((TcgRegistryHashAlg & ActivePcrBanks) == 0) {
+ DEBUG ((DEBUG_VERBOSE, "Skipping unsupported or inactive bank:
0x%04x\n", CurrentPcrBankHash));
+ continue;
+ }
+
+ //
+ // Select PCR from current active bank
+ //
+ PcrSelectionIn.pcrSelections[PcrSelectionIn.count].hash =
Pcrs.pcrSelections[Index].hash;
+ PcrSelectionIn.pcrSelections[PcrSelectionIn.count].sizeofSelect =
PCR_SELECT_MAX;
+ PcrSelectionIn.pcrSelections[PcrSelectionIn.count].pcrSelect[0] = (PcrIndex <
8) ? 1 << PcrIndex : 0;
+ PcrSelectionIn.pcrSelections[PcrSelectionIn.count].pcrSelect[1] = (PcrIndex >
7) && (PcrIndex < 16) ? 1 << (PcrIndex - 8) : 0;
+ PcrSelectionIn.pcrSelections[PcrSelectionIn.count].pcrSelect[2] = (PcrIndex >
15) ? 1 << (PcrIndex - 16) : 0;
+ PcrSelectionIn.count++;
+ }
+
+ //
+ // Read PCRs
+ //
+ Status = Tpm2PcrRead (
+ &PcrSelectionIn,
+ &PcrUpdateCounter,
+ &PcrSelectionOut,
+ &PcrValues
+ );
+
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "Tpm2PcrRead failed Status = %r \n", Status));
+ return EFI_DEVICE_ERROR;
+ }
+
+ for (Index = 0; Index < PcrValues.count; Index++) {
+ DEBUG ((
+ DEBUG_INFO,
+ "ReadPcr - HashAlg = 0x%04x, Pcr[%02d], digest = ",
+ PcrSelectionOut.pcrSelections[Index].hash,
+ PcrIndex
+ ));
+
+ for (Index2 = 0; Index2 < PcrValues.digests[Index].size; Index2++) {
+ DEBUG ((DEBUG_INFO, "%02x ", PcrValues.digests[Index].buffer[Index2]));
+ }
+
+ DEBUG ((DEBUG_INFO, "\n"));
+ }
+
+ if (HashList != NULL) {
+ CopyMem (
+ HashList,
+ &PcrValues,
+ sizeof (TPML_DIGEST)
+ );
+ }
+
+ return EFI_SUCCESS;
+}
diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c
b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c
index a97a4e7f2d..622989aff3 100644
--- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c
+++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c
@@ -1,7 +1,7 @@
/** @file
Initialize TPM2 device and measure FVs before handing off control to DXE.

-Copyright (c) 2015 - 2020, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2015 - 2021, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2017, Microsoft Corporation. All rights reserved. <BR>
SPDX-License-Identifier: BSD-2-Clause-Patent

@@ -1106,6 +1106,13 @@ PeimEntryMA (
}
}

+ DEBUG_CODE_BEGIN ();
+ //
+ // Peek into TPM PCR 00 before any BIOS measurement.
+ //
+ Tpm2PcrReadForActiveBank (00, NULL);
+ DEBUG_CODE_END ();
+
//
// Only install TpmInitializedPpi on success
//
--
2.26.2.windows.1


Re: [PATCH edk2-platforms v1 10/10] Platform/ARM: Fix Ecc error 5005

Sami Mujawar
 

Hi Pierre,

Thank you for this patch.

Reviewed-by: Sami Mujawar <sami.mujawar@...>

Regards,

Sami Mujawar


On 24/11/2021 04:23 PM, Pierre.Gondois@... wrote:
From: Pierre Gondois <Pierre.Gondois@...>

This patch fixes the following Ecc reported error:
The body of a function should be contained by open
and close braces that must be in the first column.

Signed-off-by: Pierre Gondois <Pierre.Gondois@...>
---
.../ARM/JunoPkg/Drivers/SataSiI3132Dxe/SiI3132AtaPassThru.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/Platform/ARM/JunoPkg/Drivers/SataSiI3132Dxe/SiI3132AtaPassThru.c b/Platform/ARM/JunoPkg/Drivers/SataSiI3132Dxe/SiI3132AtaPassThru.c
index 0ec53782835b..c54291220348 100644
--- a/Platform/ARM/JunoPkg/Drivers/SataSiI3132Dxe/SiI3132AtaPassThru.c
+++ b/Platform/ARM/JunoPkg/Drivers/SataSiI3132Dxe/SiI3132AtaPassThru.c
@@ -23,7 +23,8 @@ GetSataDevice (
IN SATA_SI3132_INSTANCE* SataInstance,
IN UINT16 Port,
IN UINT16 PortMultiplierPort
-) {
+ )
+{
LIST_ENTRY *List;
SATA_SI3132_PORT *SataPort;
SATA_SI3132_DEVICE *SataDevice;
--
2.25.1
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.


Re: [PATCH edk2-platforms v1 09/10] Platform/ARM: Fix Ecc error 9005

Sami Mujawar
 

Hi Pierre,

Thank you for this patch.

Reviewed-by: Sami Mujawar <sami.mujawar@...>

Regards,

Sami Mujawar


On 24/11/2021 04:23 PM, Pierre.Gondois@... wrote:
From: Pierre Gondois <Pierre.Gondois@...>

This patch fixes the following Ecc reported error:
Only Doxygen commands '@bug', '@todo', '@example',
'@file', '@attention', '@param', '@post', '@pre',
'@retval', '@return', '@sa', '@since', '@test',
'@note', '@par', '@endcode', '@code', '@{', '@}'
are allowed to mark the code

Signed-off-by: Pierre Gondois <Pierre.Gondois@...>
---
.../ArmVExpressPciHostBridgeLib/ArmVExpressPciHostBridgeLib.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Platform/ARM/VExpressPkg/Library/ArmVExpressPciHostBridgeLib/ArmVExpressPciHostBridgeLib.c b/Platform/ARM/VExpressPkg/Library/ArmVExpressPciHostBridgeLib/ArmVExpressPciHostBridgeLib.c
index 54add33b8912..4f6e0c5c44b8 100644
--- a/Platform/ARM/VExpressPkg/Library/ArmVExpressPciHostBridgeLib/ArmVExpressPciHostBridgeLib.c
+++ b/Platform/ARM/VExpressPkg/Library/ArmVExpressPciHostBridgeLib/ArmVExpressPciHostBridgeLib.c
@@ -106,7 +106,7 @@ STATIC CONST CHAR16 mAcpiAddrSpaceTypeStr[][4] = {

@param [out] Count Return the count of root bridge instances.

- @returns All the root bridge instances in an array.
+ @return All the root bridge instances in an array.
The array should be passed into PciHostBridgeFreeRootBridges()
when it's not used.
**/
--
2.25.1
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

5921 - 5940 of 90923