Date   

[PATCH 1/2] MdeModulePkg/GraphicsConsoleDxe: Check status to make sure no error

Guomin Jiang
 

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2668

SetMode will fail in some case. for example, without XServer.
Should handle these case when SetMode fail.

If we don't handle it, it will Segmentation fault.

Cc: Jian J Wang <jian.j.wang@...>
Cc: Liming Gao <gaoliming@...>
Cc: Zhichao Gao <zhichao.gao@...>
Cc: Ray Ni <ray.ni@...>
Signed-off-by: Guomin Jiang <guomin.jiang@...>
---
.../Console/GraphicsConsoleDxe/GraphicsConsole.c | 15 ++-------------
1 file changed, 2 insertions(+), 13 deletions(-)

diff --git a/MdeModulePkg/Universal/Console/GraphicsConsoleDxe/GraphicsConsole.c b/MdeModulePkg/Universal/Console/GraphicsConsoleDxe/GraphicsConsole.c
index 1bdd1b8a6732..07436cbd15bf 100644
--- a/MdeModulePkg/Universal/Console/GraphicsConsoleDxe/GraphicsConsole.c
+++ b/MdeModulePkg/Universal/Console/GraphicsConsoleDxe/GraphicsConsole.c
@@ -1,7 +1,7 @@
/** @file
This is the main routine for initializing the Graphics Console support routines.

-Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2006 - 2022, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent

**/
@@ -518,7 +518,7 @@ GraphicsConsoleControllerDriverStart (
}
}

- if (ModeNumber != Private->GraphicsOutput->Mode->Mode) {
+ if (EFI_ERROR (Status) || (ModeNumber != Private->GraphicsOutput->Mode->Mode)) {
//
// Current graphics mode is not set or is not set to the mode which we have found,
// set the new graphic mode.
@@ -531,17 +531,6 @@ GraphicsConsoleControllerDriverStart (
goto Error;
}
}
-
- //
- // Double confirm SetMode can success
- //
- Status = Private->GraphicsOutput->SetMode (Private->GraphicsOutput, ModeNumber);
- if (EFI_ERROR (Status)) {
- //
- // The mode set operation failed
- //
- goto Error;
- }
} else if (FeaturePcdGet (PcdUgaConsumeSupport)) {
//
// At first try to set user-defined resolution
--
2.35.1.windows.2


[PATCH 0/2] Avoid Emulator Segmentation fault

Guomin Jiang
 

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2668

Correct the logic to handle the case that XServer not present to avoid
Segmentation fault

Guomin Jiang (2):
MdeModulePkg/GraphicsConsoleDxe: Check status to make sure no error
EmulatorPkg/EmuGopDxe: Set ModeInfo after Open successfully

EmulatorPkg/EmuGopDxe/GopScreen.c | 9 +++++----
.../Console/GraphicsConsoleDxe/GraphicsConsole.c | 15 ++-------------
2 files changed, 7 insertions(+), 17 deletions(-)

--
2.35.1.windows.2


[PATCH] ArmPkg: Invalidate Instruction Cache On MMU Enable

Ashish Singhal
 

Even with MMU turned off, instruction cache can speculate
and fetch instructions. This can cause a crash if region
being executed has been modified recently. With this patch,
we ensure that instruction cache is invalidated right after
MMU has been enabled and any potentially stale instruction
fetched earlier has been discarded.

This is specially helpful when the memory attributes of a
region in MMU are being changed and some instructions
operating on the region are prefetched in the instruction
cache.

Signed-off-by: Ashish Singhal <ashishsingha@...>
---
ArmPkg/Library/ArmLib/AArch64/AArch64Support.S | 4 +++-
ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibReplaceEntry.S | 2 ++
2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/ArmPkg/Library/ArmLib/AArch64/AArch64Support.S b/ArmPkg/Library/ArmLib/AArch64/AArch64Support.S
index d3cc1e8671..9648245182 100644
--- a/ArmPkg/Library/ArmLib/AArch64/AArch64Support.S
+++ b/ArmPkg/Library/ArmLib/AArch64/AArch64Support.S
@@ -89,7 +89,9 @@ ASM_FUNC(ArmEnableMmu)
dsb nsh
isb
msr sctlr_el3, x0 // Write back
-4: isb
+4: ic iallu
+ dsb sy
+ isb
ret


diff --git a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibReplaceEntry.S b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibReplaceEntry.S
index 66ebca571e..56cc2dd73f 100644
--- a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibReplaceEntry.S
+++ b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibReplaceEntry.S
@@ -37,6 +37,8 @@

// re-enable the MMU
msr sctlr_el\el, x8
+ ic iallu
+ dsb sy
isb
.endm

--
2.17.1


Event: TianoCore Bug Triage - APAC / NAMO - 02/22/2022 #cal-reminder

devel@edk2.groups.io Calendar <noreply@...>
 

Reminder: TianoCore Bug Triage - APAC / NAMO

When:
02/22/2022
6:30pm to 7:30pm
(UTC-08:00) America/Los Angeles

Where:
https://teams.microsoft.com/l/meetup-join/19%3ameeting_OTUyZTg2NjgtNDhlNS00ODVlLTllYTUtYzg1OTNjNjdiZjFh%40thread.v2/0?context=%7b%22Tid%22%3a%2246c98d88-e344-4ed4-8496-4ed7712e255d%22%2c%22Oid%22%3a%22b286b53a-1218-4db3-bfc9-3d4c5aa7669e%22%7d

Organizer: Liming Gao gaoliming@...

View Event

Description:

TianoCore Bug Triage - APAC / NAMO

Hosted by Liming Gao

 

________________________________________________________________________________

Microsoft Teams meeting

Join on your computer or mobile app

Click here to join the meeting

Join with a video conferencing device

teams@...

Video Conference ID: 116 062 094 0

Alternate VTC dialing instructions

Or call in (audio only)

+1 916-245-6934,,77463821#   United States, Sacramento

Phone Conference ID: 774 638 21#

Find a local number | Reset PIN

Learn More | Meeting options


回复: [edk2-devel] MdeModulePkg fails to build with latest clang 14

gaoliming
 

Ross:
Do you use which tool chain? CLANG38 or CLANGPDB? I think the solution should disable this warning in tool chain configuration.

Thanks
Liming

-----邮件原件-----
发件人: devel@edk2.groups.io <devel@edk2.groups.io> 代表 Ross Burton
发送时间: 2022年2月22日 0:28
收件人: devel@edk2.groups.io
主题: [edk2-devel] MdeModulePkg fails to build with latest clang 14

When building edk2 202111 with clang 14 I get the following errors:

edk2/MdeModulePkg/Include/Guid/ExtendedFirmwarePerformance.h:78:47:
error: field Guid within 'FPDT_GUID_EVENT_RECORD' is less aligned than
'EFI_GUID' (aka 'GUID') and is usually due to 'FPDT_GUID_EVENT_RECORD'
being packed, which can lead to unaligned accesses
[-Werror,-Wunaligned-access]
EFI_GUID Guid;
^
edk2/MdeModulePkg/Include/Guid/ExtendedFirmwarePerformance.h:173:4
7: error: field Guid within 'FPDT_GUID_QWORD_EVENT_RECORD' is less
aligned than 'EFI_GUID' (aka 'GUID') and is usually due to
'FPDT_GUID_QWORD_EVENT_RECORD' being packed, which can lead to
unaligned accesses [-Werror,-Wunaligned-access]
EFI_GUID Guid;
^
edk2/MdeModulePkg/Include/Guid/ExtendedFirmwarePerformance.h:105:4
7: error: field Guid within 'FPDT_DYNAMIC_STRING_EVENT_RECORD' is less
aligned than 'EFI_GUID' (aka 'GUID') and is usually due to
'FPDT_DYNAMIC_STRING_EVENT_RECORD' being packed, which can lead to
unaligned accesses [-Werror,-Wunaligned-access]
EFI_GUID Guid;
^

Has this been fixed in master?

Ross




MdeModulePkg fails to build with latest clang 14

Ross Burton <ross@...>
 

When building edk2 202111 with clang 14 I get the following errors:

edk2/MdeModulePkg/Include/Guid/ExtendedFirmwarePerformance.h:78:47: error: field Guid within 'FPDT_GUID_EVENT_RECORD' is less aligned than 'EFI_GUID' (aka 'GUID') and is usually due to 'FPDT_GUID_EVENT_RECORD' being packed, which can lead to unaligned accesses [-Werror,-Wunaligned-access]
EFI_GUID Guid;
^
edk2/MdeModulePkg/Include/Guid/ExtendedFirmwarePerformance.h:173:47: error: field Guid within 'FPDT_GUID_QWORD_EVENT_RECORD' is less aligned than 'EFI_GUID' (aka 'GUID') and is usually due to 'FPDT_GUID_QWORD_EVENT_RECORD' being packed, which can lead to unaligned accesses [-Werror,-Wunaligned-access]
EFI_GUID Guid;
^
edk2/MdeModulePkg/Include/Guid/ExtendedFirmwarePerformance.h:105:47: error: field Guid within 'FPDT_DYNAMIC_STRING_EVENT_RECORD' is less aligned than 'EFI_GUID' (aka 'GUID') and is usually due to 'FPDT_DYNAMIC_STRING_EVENT_RECORD' being packed, which can lead to unaligned accesses [-Werror,-Wunaligned-access]
EFI_GUID Guid;
^

Has this been fixed in master?

Ross


Re: [PATCH] NetworkPkg: Fix incorrect unicode string of the AKM/Cipher Suite

Maciej Rabeda
 

Hi Heng,

Thanks for the patch.
Reviewed-by: Maciej Rabeda <maciej.rabeda@...>

W dniu 26-Jan-22 o 06:12, Heng Luo pisze:
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3813

The size of buffer should be 3 CHAR16 for Null-terminated Unicode string.
The first char is the AKM/Cipher Suite number, the second char is ' ',
the third char is '\0'.

Cc: Maciej Rabeda <maciej.rabeda@...>
Cc: Fu Siyuan <siyuan.fu@...>
Cc: Wu Jiaxin <jiaxin.wu@...>
Signed-off-by: Heng Luo <heng.luo@...>
---
NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrHiiConfigAccess.c | 16 ++++++++++++----
  1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrHiiConfigAccess.c b/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrHiiConfigAccess.c
index b49825bcb7..7cb2bfc281 100644
---
a/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrHiiConfigAccess.c
+++ b/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrHiiConfigAccess.c
@@ -280,12 +280,16 @@ WifiMgrGetStrAKMList (
      //
      // Current AKM Suite is between 1-9
      //
-    AKMListDisplay = (CHAR16 *)AllocateZeroPool (sizeof (CHAR16) * AKMSuiteCount * 2);
+    AKMListDisplay = (CHAR16 *)AllocateZeroPool (sizeof (CHAR16) * (AKMSuiteCount * 2 + 1));
      if (AKMListDisplay != NULL) {
        for (Index = 0; Index < AKMSuiteCount; Index++) {
+        //
+        // The size of buffer should be 3 CHAR16 for Null-terminated Unicode string.
+        // The first char is the AKM Suite number, the second char is ' ', the third char is '\0'.
+        //
          UnicodeSPrint (
            AKMListDisplay + (Index * 2),
-          sizeof (CHAR16) * 2,
+          sizeof (CHAR16) * 3,
            L"%d ",
Profile->Network.AKMSuite->AKMSuiteList[Index].SuiteType
            );
@@ -333,12 +337,16 @@ WifiMgrGetStrCipherList (
      //
      // Current Cipher Suite is between 1-9
      //
-    CipherListDisplay = (CHAR16 *)AllocateZeroPool (sizeof (CHAR16) * CipherSuiteCount * 2);
+    CipherListDisplay = (CHAR16 *)AllocateZeroPool (sizeof (CHAR16) * (CipherSuiteCount * 2 + 1));
      if (CipherListDisplay != NULL) {
        for (Index = 0; Index < CipherSuiteCount; Index++) {
+        //
+        // The size of buffer should be 3 CHAR16 for Null-terminated Unicode string.
+        // The first char is the Cipher Suite number, the second char is ' ', the third char is '\0'.
+        //
          UnicodeSPrint (
            CipherListDisplay + (Index * 2),
-          sizeof (CHAR16) * 2,
+          sizeof (CHAR16) * 3,
            L"%d ",
Profile->Network.CipherSuite->CipherSuiteList[Index].SuiteType
            );




LoadImage in EFI_BOOT_SERVICES returning Access Denied

Gabriel Carvalho de Faria
 

Greetings!

We implemented a driver that runs an EFI application on the system using the LoadImage and StartImage functions present in the EFI_BOOT_SERVICES (gBS) structure.
The source code of the main function that performs the load and start of the EFI application is presented below:

/*
 * EFI Application
 */
EFI_STATUS
StartEfiApplication(VOID)
{
  EFI_STATUS Status = EFI_SUCCESS;
  EFI_HANDLE InMemoryImageHandle = NULL;
  
  if(AppData == NULL || AppSize == 0) {
    Status = EFI_NOT_READY;
    goto FINISH;
  }

  // Access Denied error occurs after this call
  Status = gBS->LoadImage(FALSE, gImageHandle, NULL,
                                              AppData, AppSize, &InMemoryImageHandle);
  if(EFI_ERROR(Status)) {
    goto FINISH;
  }

  Status = gBS->StartImage(InMemoryImageHandle, NULL, NULL);


FINISH:
  return Status;
}
When we tested this driver, loading it in the EFI Shell, several systems were able to execute the EFI application after loading the driver, however, on a specific system, the LoadImage function returns the status of Access Denied.
After an investigation we found that this scenario might be related to Secure Boot, but we are testing with it disabled and the behavior is the same.

Would you have any other suggestions for solving this scenario?

Best regards!
Gabriel


Re: 回复: [edk2-devel] [PATCH 1/1] OvmfPkg/AmdSev: reserve snp pages

Brijesh Singh
 

Hi Liming,

The said PCD is applicable for the SNP. SNP is supported on x86 64-bit only, and most of the development is focused around Qemu/OVMF. In other words, the Bhyve, Xen, and CloudHV do not support the SNP yet. We can revisit it when those HV starts supporting the SNP.

thanks
Brijesh

On 2/16/22 23:13, gaoliming wrote:
Gerd and Brijesh:
I see six FDF files include AmdSevDxe. But, only CloudHvX64 and OvmfPkgX64 adds reserve snp pages. So, I want to confirm whether others require reserve snp pages.
AmdSev\AmdSevX64.fdf
Bhyve\BhyveX64.fdf
CloudHv\CloudHvX64.fdf
OvmfPkgIa32X64.fdf
OvmfPkgX64.fdf
OvmfXen.fdf
Thanks
Liming
-----邮件原件-----
发件人: devel@edk2.groups.io <devel@edk2.groups.io> 代表 Brijesh Singh
via groups.io
发送时间: 2022年2月17日 0:28
收件人: Gerd Hoffmann <kraxel@...>; devel@edk2.groups.io
抄送: brijesh.singh@...; Jordan Justen <jordan.l.justen@...>;
James Bottomley <jejb@...>; Pawel Polawski
<ppolawsk@...>; Erdem Aktas <erdemaktas@...>; Ard
Biesheuvel <ardb+tianocore@...>; Tom Lendacky
<thomas.lendacky@...>; Min Xu <min.m.xu@...>; Jiewen Yao
<jiewen.yao@...>
主题: Re: [edk2-devel] [PATCH 1/1] OvmfPkg/AmdSev: reserve snp pages



On 2/16/22 01:00, Gerd Hoffmann wrote:
The SNP patch series updated the OvmfPkgX64 build but forgot the AmdSev
variant, resulting in a broken OvmfSevMetadata table.

Fixes: cca9cd3dd6bf ("OvmfPkg: reserve CPUID page")
Fixes: 707c71a01b9d ("OvmfPkg: reserve SNP secrets page")
Signed-off-by: Gerd Hoffmann <kraxel@...>
Thanks Gerd

Reviewed-by: Brijesh Singh <brijesh.singh@...>




There is a low probability that the XhciDxe will ASSERT

lurenjianullptr
 

Hi all,

Please check the Xhci log below. There's a low probability that the Xhci module will assert during a machine startup.

[20220210_16:41:22:796]        UsbHcGetHostAddrForPciAddr-forloop: Block->Buf = 0xF8B4C000, Block->BufLen = 0x10000
[20220210_16:41:22:796]UsbHcGetHostAddrForPciAddr: Enters with Mem = 0xF8B4FFD0, Size = 0x10
[20220210_16:41:22:807]        UsbHcGetHostAddrForPciAddr-forloop: Block->Buf = 0xF8B4C000, Block->BufLen = 0x10000
[20220210_16:41:22:807]UsbHcGetHostAddrForPciAddr: Enters with Mem = 0xF8B4FFE0, Size = 0x10
[20220210_16:41:22:816]        UsbHcGetHostAddrForPciAddr-forloop: Block->Buf = 0xF8B4C000, Block->BufLen = 0x10000
[20220210_16:41:22:848]UsbHcGetHostAddrForPciAddr: Enters with Mem = 0xF8B4FFF0, Size = 0x10
[20220210_16:41:22:849]        UsbHcGetHostAddrForPciAddr-forloop: Block->Buf = 0xF8B4C000, Block->BufLen = 0x10000
[20220210_16:41:23:314]Stop Slot = 1,Dci = 1
[20220210_16:41:23:314]XhcStopEndpoint: Slot = 0x1, Dci = 0x1
[20220210_16:41:23:322]UsbHcGetHostAddrForPciAddr: Enters with Mem = 0xF8B40000, Size = 0x10
[20220210_16:41:23:322]        UsbHcGetHostAddrForPciAddr-forloop: Block->Buf = 0xF8B4C000, Block->BufLen = 0x10000
[20220210_16:41:23:359]ASSERT [XhciDxe] /home/MdeModulePkg/Bus/Pci/XhciDxe/UsbHcMem.c(306): (Block != ((void *) 0))

An expert think the issue is that one/more allocated transfer ring for a endpoint crosses the 64K-byte boundary.

When the TRB consumption in the transfer ring is about to cross the 64K-byte boundary (address 0xF8B4FFF0), the timeout happens.
And the expected subsequent TRB consumption should be address 0xF8B50000, but instead address 0xF8B40000 is returned from the Event Ring.

Since in the XHCI spec, it mentions in Section 4.9 that:
TRB Rings may be larger than a Page, however they shall not cross a 64K byte boundary. Refer to section 4.11.5.1 for more information on TRB Rings and page boundaries.

The expert’s suggestion is that somebody can help to add logic (maybe in UsbHcAllocateMem()) to ensure that the allocated memory for TRB Rings will not cross 64K-byte boundary. 

I'm not familiar with XHCI Spec and don't know how to solve it. 

I want to report the issue first and hope somebody can help me.



[PATCH v2 2/2] OvmfPkg/BaseMemEncryptLib: use the SEV_STATUS MSR value from workarea

Brijesh Singh
 

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3582

Improve the MemEncryptSev{Es,Snp}IsEnabled() to use the SEV_STATUS MSR
value saved in the workarea. Since workarea is valid until the PEI phase,
so, for the Dxe phase use the PcdConfidentialComputingGuestAttr to
determine which SEV technology is enabled.

Cc: Min Xu <min.m.xu@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Cc: Jordan Justen <jordan.l.justen@...>
Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Erdem Aktas <erdemaktas@...>
Cc: Gerd Hoffmann <kraxel@...>
Acked-by: Gerd Hoffmann <kraxel@...>
Signed-off-by: Brijesh Singh <brijesh.singh@...>
---
.../DxeMemEncryptSevLib.inf | 1 +
.../PeiMemEncryptSevLib.inf | 1 +
.../SecMemEncryptSevLib.inf | 1 +
.../DxeMemEncryptSevLibInternal.c | 145 ++++++++----------
.../PeiMemEncryptSevLibInternal.c | 139 ++++++-----------
.../SecMemEncryptSevLibInternal.c | 80 +++++-----
6 files changed, 155 insertions(+), 212 deletions(-)

diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf
index f613bb314f5f..35b7d519d938 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf
@@ -58,3 +58,4 @@ [FeaturePcd]

[Pcd]
gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask
+ gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf
index 50c83859d7e7..714da3323765 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf
@@ -58,6 +58,7 @@ [FeaturePcd]

[FixedPcd]
gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase
+ gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaBase
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfPeiMemFvBase
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesBase
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecValidatedEnd
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf
index 939af0a91ea4..284e5acc1177 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf
@@ -52,3 +52,4 @@ [LibraryClasses]

[FixedPcd]
gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase
+ gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaBase
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c
index 15fcd5529587..4aba0075b9e2 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c
@@ -16,83 +16,84 @@
#include <Register/Amd/Msr.h>
#include <Register/Cpuid.h>
#include <Uefi/UefiBaseType.h>
+#include <ConfidentialComputingGuestAttr.h>

-STATIC BOOLEAN mSevStatus = FALSE;
-STATIC BOOLEAN mSevEsStatus = FALSE;
-STATIC BOOLEAN mSevSnpStatus = FALSE;
-STATIC BOOLEAN mSevStatusChecked = FALSE;
-
+STATIC UINT64 mCurrentAttr = 0;
+STATIC BOOLEAN mCurrentAttrRead = FALSE;
STATIC UINT64 mSevEncryptionMask = 0;
STATIC BOOLEAN mSevEncryptionMaskSaved = FALSE;

/**
- Reads and sets the status of SEV features.
+ The function check if the specified Attr is set.

- **/
+ @param[in] CurrentAttr The current attribute.
+ @param[in] Attr The attribute to check.
+
+ @retval TRUE The specified Attr is set.
+ @retval FALSE The specified Attr is not set.
+
+**/
+STATIC
+BOOLEAN
+AmdMemEncryptionAttrCheck (
+ IN UINT64 CurrentAttr,
+ IN CONFIDENTIAL_COMPUTING_GUEST_ATTR Attr
+ )
+{
+ switch (Attr) {
+ case CCAttrAmdSev:
+ //
+ // SEV is automatically enabled if SEV-ES or SEV-SNP is active.
+ //
+ return CurrentAttr >= CCAttrAmdSev;
+ case CCAttrAmdSevEs:
+ //
+ // SEV-ES is automatically enabled if SEV-SNP is active.
+ //
+ return CurrentAttr >= CCAttrAmdSevEs;
+ case CCAttrAmdSevSnp:
+ return CurrentAttr == CCAttrAmdSevSnp;
+ default:
+ return FALSE;
+ }
+}
+
+/**
+ Check if the specified confidential computing attribute is active.
+
+ @param[in] Attr The attribute to check.
+
+ @retval TRUE The specified Attr is active.
+ @retval FALSE The specified Attr is not active.
+
+**/
STATIC
-VOID
+BOOLEAN
EFIAPI
-InternalMemEncryptSevStatus (
- VOID
+ConfidentialComputingGuestHas (
+ IN CONFIDENTIAL_COMPUTING_GUEST_ATTR Attr
)
{
- UINT32 RegEax;
- MSR_SEV_STATUS_REGISTER Msr;
- CPUID_MEMORY_ENCRYPTION_INFO_EAX Eax;
- BOOLEAN ReadSevMsr;
- UINT64 EncryptionMask;
-
- ReadSevMsr = FALSE;
-
- EncryptionMask = PcdGet64 (PcdPteMemoryEncryptionAddressOrMask);
- if (EncryptionMask != 0) {
- //
- // The MSR has been read before, so it is safe to read it again and avoid
- // having to validate the CPUID information.
- //
- ReadSevMsr = TRUE;
- } else {
- //
- // Check if memory encryption leaf exist
- //
- AsmCpuid (CPUID_EXTENDED_FUNCTION, &RegEax, NULL, NULL, NULL);
- if (RegEax >= CPUID_MEMORY_ENCRYPTION_INFO) {
- //
- // CPUID Fn8000_001F[EAX] Bit 1 (Sev supported)
- //
- AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, &Eax.Uint32, NULL, NULL, NULL);
-
- if (Eax.Bits.SevBit) {
- ReadSevMsr = TRUE;
- }
- }
+ //
+ // Get the current CC attribute.
+ //
+ // We avoid reading the PCD on every check because this routine could be indirectly
+ // called during the virtual pointer conversion. And its not safe to access the
+ // PCDs during the virtual pointer conversion.
+ //
+ if (!mCurrentAttrRead) {
+ mCurrentAttr = PcdGet64 (PcdConfidentialComputingGuestAttr);
+ mCurrentAttrRead = TRUE;
}

- if (ReadSevMsr) {
- //
- // Check MSR_0xC0010131 Bit 0 (Sev Enabled)
- //
- Msr.Uint32 = AsmReadMsr32 (MSR_SEV_STATUS);
- if (Msr.Bits.SevBit) {
- mSevStatus = TRUE;
- }
-
- //
- // Check MSR_0xC0010131 Bit 1 (Sev-Es Enabled)
- //
- if (Msr.Bits.SevEsBit) {
- mSevEsStatus = TRUE;
- }
-
- //
- // Check MSR_0xC0010131 Bit 2 (Sev-Snp Enabled)
- //
- if (Msr.Bits.SevSnpBit) {
- mSevSnpStatus = TRUE;
- }
+ //
+ // If attr is for the AMD group then call AMD specific checks.
+ //
+ if (((RShiftU64 (mCurrentAttr, 8)) & 0xff) == 1) {
+ return AmdMemEncryptionAttrCheck (mCurrentAttr, Attr);
}

- mSevStatusChecked = TRUE;
+ return (mCurrentAttr == Attr);
}

/**
@@ -107,11 +108,7 @@ MemEncryptSevSnpIsEnabled (
VOID
)
{
- if (!mSevStatusChecked) {
- InternalMemEncryptSevStatus ();
- }
-
- return mSevSnpStatus;
+ return ConfidentialComputingGuestHas (CCAttrAmdSevSnp);
}

/**
@@ -126,11 +123,7 @@ MemEncryptSevEsIsEnabled (
VOID
)
{
- if (!mSevStatusChecked) {
- InternalMemEncryptSevStatus ();
- }
-
- return mSevEsStatus;
+ return ConfidentialComputingGuestHas (CCAttrAmdSevEs);
}

/**
@@ -145,11 +138,7 @@ MemEncryptSevIsEnabled (
VOID
)
{
- if (!mSevStatusChecked) {
- InternalMemEncryptSevStatus ();
- }
-
- return mSevStatus;
+ return ConfidentialComputingGuestHas (CCAttrAmdSev);
}

/**
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c
index d68ff08c3ea6..3f8f91a5da12 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c
@@ -17,82 +17,51 @@
#include <Register/Cpuid.h>
#include <Uefi/UefiBaseType.h>

-STATIC BOOLEAN mSevStatus = FALSE;
-STATIC BOOLEAN mSevEsStatus = FALSE;
-STATIC BOOLEAN mSevSnpStatus = FALSE;
-STATIC BOOLEAN mSevStatusChecked = FALSE;
+/**
+ Read the workarea to determine whether SEV is enabled. If enabled,
+ then return the SevEsWorkArea pointer.
+
+ **/
+STATIC
+SEC_SEV_ES_WORK_AREA *
+EFIAPI
+GetSevEsWorkArea (
+ VOID
+ )
+{
+ OVMF_WORK_AREA *WorkArea;
+
+ WorkArea = (OVMF_WORK_AREA *)FixedPcdGet32 (PcdOvmfWorkAreaBase);
+
+ //
+ // If its not SEV guest then SevEsWorkArea is not valid.
+ //
+ if ((WorkArea == NULL) || (WorkArea->Header.GuestType != GUEST_TYPE_AMD_SEV)) {
+ return NULL;
+ }

-STATIC UINT64 mSevEncryptionMask = 0;
-STATIC BOOLEAN mSevEncryptionMaskSaved = FALSE;
+ return (SEC_SEV_ES_WORK_AREA *)FixedPcdGet32 (PcdSevEsWorkAreaBase);
+}

/**
- Reads and sets the status of SEV features.
+ Read the SEV Status MSR value from the workarea

**/
STATIC
-VOID
+UINT32
EFIAPI
InternalMemEncryptSevStatus (
VOID
)
{
- UINT32 RegEax;
- MSR_SEV_STATUS_REGISTER Msr;
- CPUID_MEMORY_ENCRYPTION_INFO_EAX Eax;
- BOOLEAN ReadSevMsr;
- SEC_SEV_ES_WORK_AREA *SevEsWorkArea;
+ SEC_SEV_ES_WORK_AREA *SevEsWorkArea;

- ReadSevMsr = FALSE;
-
- SevEsWorkArea = (SEC_SEV_ES_WORK_AREA *)FixedPcdGet32 (PcdSevEsWorkAreaBase);
- if ((SevEsWorkArea != NULL) && (SevEsWorkArea->EncryptionMask != 0)) {
- //
- // The MSR has been read before, so it is safe to read it again and avoid
- // having to validate the CPUID information.
- //
- ReadSevMsr = TRUE;
- } else {
- //
- // Check if memory encryption leaf exist
- //
- AsmCpuid (CPUID_EXTENDED_FUNCTION, &RegEax, NULL, NULL, NULL);
- if (RegEax >= CPUID_MEMORY_ENCRYPTION_INFO) {
- //
- // CPUID Fn8000_001F[EAX] Bit 1 (Sev supported)
- //
- AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, &Eax.Uint32, NULL, NULL, NULL);
-
- if (Eax.Bits.SevBit) {
- ReadSevMsr = TRUE;
- }
- }
- }
-
- if (ReadSevMsr) {
- //
- // Check MSR_0xC0010131 Bit 0 (Sev Enabled)
- //
- Msr.Uint32 = AsmReadMsr32 (MSR_SEV_STATUS);
- if (Msr.Bits.SevBit) {
- mSevStatus = TRUE;
- }
-
- //
- // Check MSR_0xC0010131 Bit 1 (Sev-Es Enabled)
- //
- if (Msr.Bits.SevEsBit) {
- mSevEsStatus = TRUE;
- }
-
- //
- // Check MSR_0xC0010131 Bit 2 (Sev-Snp Enabled)
- //
- if (Msr.Bits.SevSnpBit) {
- mSevSnpStatus = TRUE;
- }
+ SevEsWorkArea = GetSevEsWorkArea ();
+ if (SevEsWorkArea == NULL) {
+ return 0;
}

- mSevStatusChecked = TRUE;
+ return (UINT32)(UINTN)SevEsWorkArea->SevStatusMsrValue;
}

/**
@@ -107,11 +76,11 @@ MemEncryptSevSnpIsEnabled (
VOID
)
{
- if (!mSevStatusChecked) {
- InternalMemEncryptSevStatus ();
- }
+ MSR_SEV_STATUS_REGISTER Msr;

- return mSevSnpStatus;
+ Msr.Uint32 = InternalMemEncryptSevStatus ();
+
+ return Msr.Bits.SevSnpBit ? TRUE : FALSE;
}

/**
@@ -126,11 +95,11 @@ MemEncryptSevEsIsEnabled (
VOID
)
{
- if (!mSevStatusChecked) {
- InternalMemEncryptSevStatus ();
- }
+ MSR_SEV_STATUS_REGISTER Msr;

- return mSevEsStatus;
+ Msr.Uint32 = InternalMemEncryptSevStatus ();
+
+ return Msr.Bits.SevEsBit ? TRUE : FALSE;
}

/**
@@ -145,11 +114,11 @@ MemEncryptSevIsEnabled (
VOID
)
{
- if (!mSevStatusChecked) {
- InternalMemEncryptSevStatus ();
- }
+ MSR_SEV_STATUS_REGISTER Msr;

- return mSevStatus;
+ Msr.Uint32 = InternalMemEncryptSevStatus ();
+
+ return Msr.Bits.SevBit ? TRUE : FALSE;
}

/**
@@ -163,24 +132,12 @@ MemEncryptSevGetEncryptionMask (
VOID
)
{
- if (!mSevEncryptionMaskSaved) {
- SEC_SEV_ES_WORK_AREA *SevEsWorkArea;
+ SEC_SEV_ES_WORK_AREA *SevEsWorkArea;

- SevEsWorkArea = (SEC_SEV_ES_WORK_AREA *)FixedPcdGet32 (PcdSevEsWorkAreaBase);
- if (SevEsWorkArea != NULL) {
- mSevEncryptionMask = SevEsWorkArea->EncryptionMask;
- } else {
- CPUID_MEMORY_ENCRYPTION_INFO_EBX Ebx;
-
- //
- // CPUID Fn8000_001F[EBX] Bit 0:5 (memory encryption bit position)
- //
- AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, NULL, &Ebx.Uint32, NULL, NULL);
- mSevEncryptionMask = LShiftU64 (1, Ebx.Bits.PtePosBits);
- }
-
- mSevEncryptionMaskSaved = TRUE;
+ SevEsWorkArea = GetSevEsWorkArea ();
+ if (SevEsWorkArea == NULL) {
+ return 0;
}

- return mSevEncryptionMask;
+ return SevEsWorkArea->EncryptionMask;
}
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
index 5d912b2a4a5e..80aceba01bcf 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
@@ -18,7 +18,33 @@
#include <Uefi/UefiBaseType.h>

/**
- Reads and sets the status of SEV features.
+ Read the workarea to determine whether SEV is enabled. If enabled,
+ then return the SevEsWorkArea pointer.
+
+ **/
+STATIC
+SEC_SEV_ES_WORK_AREA *
+EFIAPI
+GetSevEsWorkArea (
+ VOID
+ )
+{
+ OVMF_WORK_AREA *WorkArea;
+
+ WorkArea = (OVMF_WORK_AREA *)FixedPcdGet32 (PcdOvmfWorkAreaBase);
+
+ //
+ // If its not SEV guest then SevEsWorkArea is not valid.
+ //
+ if ((WorkArea == NULL) || (WorkArea->Header.GuestType != GUEST_TYPE_AMD_SEV)) {
+ return NULL;
+ }
+
+ return (SEC_SEV_ES_WORK_AREA *)FixedPcdGet32 (PcdSevEsWorkAreaBase);
+}
+
+/**
+ Read the SEV Status MSR value from the workarea

**/
STATIC
@@ -28,38 +54,14 @@ InternalMemEncryptSevStatus (
VOID
)
{
- UINT32 RegEax;
- CPUID_MEMORY_ENCRYPTION_INFO_EAX Eax;
- BOOLEAN ReadSevMsr;
- SEC_SEV_ES_WORK_AREA *SevEsWorkArea;
+ SEC_SEV_ES_WORK_AREA *SevEsWorkArea;

- ReadSevMsr = FALSE;
-
- SevEsWorkArea = (SEC_SEV_ES_WORK_AREA *)FixedPcdGet32 (PcdSevEsWorkAreaBase);
- if ((SevEsWorkArea != NULL) && (SevEsWorkArea->EncryptionMask != 0)) {
- //
- // The MSR has been read before, so it is safe to read it again and avoid
- // having to validate the CPUID information.
- //
- ReadSevMsr = TRUE;
- } else {
- //
- // Check if memory encryption leaf exist
- //
- AsmCpuid (CPUID_EXTENDED_FUNCTION, &RegEax, NULL, NULL, NULL);
- if (RegEax >= CPUID_MEMORY_ENCRYPTION_INFO) {
- //
- // CPUID Fn8000_001F[EAX] Bit 1 (Sev supported)
- //
- AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, &Eax.Uint32, NULL, NULL, NULL);
-
- if (Eax.Bits.SevBit) {
- ReadSevMsr = TRUE;
- }
- }
+ SevEsWorkArea = GetSevEsWorkArea ();
+ if (SevEsWorkArea == NULL) {
+ return 0;
}

- return ReadSevMsr ? AsmReadMsr32 (MSR_SEV_STATUS) : 0;
+ return (UINT32)(UINTN)SevEsWorkArea->SevStatusMsrValue;
}

/**
@@ -130,22 +132,14 @@ MemEncryptSevGetEncryptionMask (
VOID
)
{
- CPUID_MEMORY_ENCRYPTION_INFO_EBX Ebx;
- SEC_SEV_ES_WORK_AREA *SevEsWorkArea;
- UINT64 EncryptionMask;
+ SEC_SEV_ES_WORK_AREA *SevEsWorkArea;

- SevEsWorkArea = (SEC_SEV_ES_WORK_AREA *)FixedPcdGet32 (PcdSevEsWorkAreaBase);
- if (SevEsWorkArea != NULL) {
- EncryptionMask = SevEsWorkArea->EncryptionMask;
- } else {
- //
- // CPUID Fn8000_001F[EBX] Bit 0:5 (memory encryption bit position)
- //
- AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, NULL, &Ebx.Uint32, NULL, NULL);
- EncryptionMask = LShiftU64 (1, Ebx.Bits.PtePosBits);
+ SevEsWorkArea = GetSevEsWorkArea ();
+ if (SevEsWorkArea == NULL) {
+ return 0;
}

- return EncryptionMask;
+ return SevEsWorkArea->EncryptionMask;
}

/**
--
2.25.1


[PATCH v2 1/2] OvmfPkg/ResetVector: cache the SEV status MSR value in workarea

Brijesh Singh
 

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3582

In order to probe the SEV feature the BaseMemEncryptLib and Reset vector
reads the SEV_STATUS MSR. Cache the value on the first read in the
workarea. In the next patches the value saved in the workarea will
be used by the BaseMemEncryptLib. This not only eliminates the extra
MSR reads it also helps cleaning up the code in BaseMemEncryptLib.

Cc: Min Xu <min.m.xu@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Cc: Jordan Justen <jordan.l.justen@...>
Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Erdem Aktas <erdemaktas@...>
Cc: Gerd Hoffmann <kraxel@...>
Acked-by: Gerd Hoffmann <kraxel@...>
Signed-off-by: Brijesh Singh <brijesh.singh@...>
---
OvmfPkg/Include/WorkArea.h | 12 +++++--
OvmfPkg/Sec/AmdSev.c | 2 +-
OvmfPkg/ResetVector/Ia32/AmdSev.asm | 38 +++++++++++++--------
OvmfPkg/ResetVector/Ia32/Flat32ToFlat64.asm | 3 +-
OvmfPkg/ResetVector/ResetVector.nasmb | 3 ++
5 files changed, 39 insertions(+), 19 deletions(-)

diff --git a/OvmfPkg/Include/WorkArea.h b/OvmfPkg/Include/WorkArea.h
index ce60d97aa886..d982e026def7 100644
--- a/OvmfPkg/Include/WorkArea.h
+++ b/OvmfPkg/Include/WorkArea.h
@@ -46,12 +46,20 @@ typedef struct _CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER {
// any changes must stay in sync with its usage.
//
typedef struct _SEC_SEV_ES_WORK_AREA {
- UINT8 SevEsEnabled;
- UINT8 Reserved1[7];
+ //
+ // Hold the SevStatus MSR value read by OvmfPkg/ResetVector/Ia32/AmdSev.c
+ //
+ UINT64 SevStatusMsrValue;

UINT64 RandomData;

UINT64 EncryptionMask;
+
+ //
+ // Indicator that the VC handler is called. It is used during the SevFeature
+ // detection in OvmfPkg/ResetVector/Ia32/AmdSev.c
+ //
+ UINT8 ReceivedVc;
} SEC_SEV_ES_WORK_AREA;

//
diff --git a/OvmfPkg/Sec/AmdSev.c b/OvmfPkg/Sec/AmdSev.c
index 499d0c27d8fa..d8fd35650d7d 100644
--- a/OvmfPkg/Sec/AmdSev.c
+++ b/OvmfPkg/Sec/AmdSev.c
@@ -278,7 +278,7 @@ SevEsIsEnabled (

SevEsWorkArea = (SEC_SEV_ES_WORK_AREA *)FixedPcdGet32 (PcdSevEsWorkAreaBase);

- return (SevEsWorkArea->SevEsEnabled != 0);
+ return ((SevEsWorkArea->SevStatusMsrValue & BIT1) != 0);
}

/**
diff --git a/OvmfPkg/ResetVector/Ia32/AmdSev.asm b/OvmfPkg/ResetVector/Ia32/AmdSev.asm
index 1f827da3b929..864d68385342 100644
--- a/OvmfPkg/ResetVector/Ia32/AmdSev.asm
+++ b/OvmfPkg/ResetVector/Ia32/AmdSev.asm
@@ -157,8 +157,9 @@ SevClearPageEncMaskForGhcbPage:
jnz SevClearPageEncMaskForGhcbPageExit

; Check if SEV-ES is enabled
- cmp byte[SEV_ES_WORK_AREA], 1
- jnz SevClearPageEncMaskForGhcbPageExit
+ mov ecx, 1
+ bt [SEV_ES_WORK_AREA_STATUS_MSR], ecx
+ jnc SevClearPageEncMaskForGhcbPageExit

;
; The initial GHCB will live at GHCB_BASE and needs to be un-encrypted.
@@ -219,12 +220,16 @@ GetSevCBitMaskAbove31Exit:
; If SEV is disabled then EAX will be zero.
;
CheckSevFeatures:
- ; Set the first byte of the workarea to zero to communicate to the SEC
- ; phase that SEV-ES is not enabled. If SEV-ES is enabled, the CPUID
- ; instruction will trigger a #VC exception where the first byte of the
- ; workarea will be set to one or, if CPUID is not being intercepted,
- ; the MSR check below will set the first byte of the workarea to one.
- mov byte[SEV_ES_WORK_AREA], 0
+ ;
+ ; Clear the workarea, if SEV is enabled then later part of routine
+ ; will populate the workarea fields.
+ ;
+ mov ecx, SEV_ES_WORK_AREA_SIZE
+ mov eax, SEV_ES_WORK_AREA
+ClearSevEsWorkArea:
+ mov byte [eax], 0
+ inc eax
+ loop ClearSevEsWorkArea

;
; Set up exception handlers to check for SEV-ES
@@ -265,6 +270,10 @@ CheckSevFeatures:
; Set the work area header to indicate that the SEV is enabled
mov byte[WORK_AREA_GUEST_TYPE], 1

+ ; Save the SevStatus MSR value in the workarea
+ mov [SEV_ES_WORK_AREA_STATUS_MSR], eax
+ mov [SEV_ES_WORK_AREA_STATUS_MSR + 4], edx
+
; Check for SEV-ES memory encryption feature:
; CPUID Fn8000_001F[EAX] - Bit 3
; CPUID raises a #VC exception if running as an SEV-ES guest
@@ -280,10 +289,6 @@ CheckSevFeatures:
bt eax, 1
jnc GetSevEncBit

- ; Set the first byte of the workarea to one to communicate to the SEC
- ; phase that SEV-ES is enabled.
- mov byte[SEV_ES_WORK_AREA], 1
-
GetSevEncBit:
; Get pte bit position to enable memory encryption
; CPUID Fn8000_001F[EBX] - Bits 5:0
@@ -313,7 +318,10 @@ NoSev:
;
; Perform an SEV-ES sanity check by seeing if a #VC exception occurred.
;
- cmp byte[SEV_ES_WORK_AREA], 0
+ ; If SEV-ES is enabled, the CPUID instruction will trigger a #VC exception
+ ; where the RECEIVED_VC offset in the workarea will be set to one.
+ ;
+ cmp byte[SEV_ES_WORK_AREA_RECEIVED_VC], 0
jz NoSevPass

;
@@ -407,9 +415,9 @@ SevEsIdtVmmComm:
; If we're here, then we are an SEV-ES guest and this
; was triggered by a CPUID instruction
;
- ; Set the first byte of the workarea to one to communicate that
+ ; Set the recievedVc field in the workarea to communicate that
; a #VC was taken.
- mov byte[SEV_ES_WORK_AREA], 1
+ mov byte[SEV_ES_WORK_AREA_RECEIVED_VC], 1

pop ecx ; Error code
cmp ecx, 0x72 ; Be sure it was CPUID
diff --git a/OvmfPkg/ResetVector/Ia32/Flat32ToFlat64.asm b/OvmfPkg/ResetVector/Ia32/Flat32ToFlat64.asm
index eb3546668ef8..c5c683ebed3e 100644
--- a/OvmfPkg/ResetVector/Ia32/Flat32ToFlat64.asm
+++ b/OvmfPkg/ResetVector/Ia32/Flat32ToFlat64.asm
@@ -42,7 +42,8 @@ Transition32FlatTo64Flat:
;
xor ebx, ebx

- cmp byte[SEV_ES_WORK_AREA], 0
+ mov ecx, 1
+ bt [SEV_ES_WORK_AREA_STATUS_MSR], ecx
jz EnablePaging

;
diff --git a/OvmfPkg/ResetVector/ResetVector.nasmb b/OvmfPkg/ResetVector/ResetVector.nasmb
index cc364748b592..9421f4818907 100644
--- a/OvmfPkg/ResetVector/ResetVector.nasmb
+++ b/OvmfPkg/ResetVector/ResetVector.nasmb
@@ -100,8 +100,11 @@
%define GHCB_BASE (FixedPcdGet32 (PcdOvmfSecGhcbBase))
%define GHCB_SIZE (FixedPcdGet32 (PcdOvmfSecGhcbSize))
%define SEV_ES_WORK_AREA (FixedPcdGet32 (PcdSevEsWorkAreaBase))
+ %define SEV_ES_WORK_AREA_SIZE 25
+ %define SEV_ES_WORK_AREA_STATUS_MSR (FixedPcdGet32 (PcdSevEsWorkAreaBase))
%define SEV_ES_WORK_AREA_RDRAND (FixedPcdGet32 (PcdSevEsWorkAreaBase) + 8)
%define SEV_ES_WORK_AREA_ENC_MASK (FixedPcdGet32 (PcdSevEsWorkAreaBase) + 16)
+ %define SEV_ES_WORK_AREA_RECEIVED_VC (FixedPcdGet32 (PcdSevEsWorkAreaBase) + 24)
%define SEV_ES_VC_TOP_OF_STACK (FixedPcdGet32 (PcdOvmfSecPeiTempRamBase) + FixedPcdGet32 (PcdOvmfSecPeiTempRamSize))
%define SEV_SNP_SECRETS_BASE (FixedPcdGet32 (PcdOvmfSnpSecretsBase))
%define SEV_SNP_SECRETS_SIZE (FixedPcdGet32 (PcdOvmfSnpSecretsSize))
--
2.25.1


[PATCH v2 0/2] SEV BaseMemEncryptLib cleanup

Brijesh Singh
 

This is the first of cleanup for SEV MemEncryptLib. The library uses
the CPUID followed by the MSR read to determine whether SEV is enabled.

Now that we have a workarea concept, the logic can be simplified to
store the msr status in workarea and use that to build PCDs and then
later simply use the PCDs instead of going through the CPUID and RDMSR.

The complete branch is available at
https://github.com/codomania/edk2/tree/sev-workarea-cleanup

The series also fixes one of the issue raised in the bug
https://bugzilla.tianocore.org/show_bug.cgi?id=3582

Changes since v1:
* Cache the PCD reads so that we can avoid reading PCD while performing the
virtual pointer conversion.

Brijesh Singh (2):
OvmfPkg/ResetVector: cache the SEV status MSR value in workarea
OvmfPkg/BaseMemEncryptLib: use the SEV_STATUS MSR value from workarea

.../DxeMemEncryptSevLib.inf | 1 +
.../PeiMemEncryptSevLib.inf | 1 +
.../SecMemEncryptSevLib.inf | 1 +
OvmfPkg/Include/WorkArea.h | 12 +-
.../DxeMemEncryptSevLibInternal.c | 145 ++++++++----------
.../PeiMemEncryptSevLibInternal.c | 139 ++++++-----------
.../SecMemEncryptSevLibInternal.c | 80 +++++-----
OvmfPkg/Sec/AmdSev.c | 2 +-
OvmfPkg/ResetVector/Ia32/AmdSev.asm | 38 +++--
OvmfPkg/ResetVector/Ia32/Flat32ToFlat64.asm | 3 +-
OvmfPkg/ResetVector/ResetVector.nasmb | 3 +
11 files changed, 194 insertions(+), 231 deletions(-)

--
2.25.1


Re: [PATCH] NetworkPkg: Fix incorrect unicode string of the AKM/Cipher Suite

Maciej Rabeda
 

Hi Heng,

Thanks for the patch.
Reviewed-by: Maciej Rabeda <maciej.rabeda@...>

W dniu 26-Jan-22 o 06:12, Heng Luo pisze:

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3813

The size of buffer should be 3 CHAR16 for Null-terminated Unicode string.
The first char is the AKM/Cipher Suite number, the second char is ' ',
the third char is '\0'.

Cc: Maciej Rabeda <maciej.rabeda@...>
Cc: Fu Siyuan <siyuan.fu@...>
Cc: Wu Jiaxin <jiaxin.wu@...>
Signed-off-by: Heng Luo <heng.luo@...>
---
NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrHiiConfigAccess.c | 16 ++++++++++++----
1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrHiiConfigAccess.c b/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrHiiConfigAccess.c
index b49825bcb7..7cb2bfc281 100644
--- a/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrHiiConfigAccess.c
+++ b/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrHiiConfigAccess.c
@@ -280,12 +280,16 @@ WifiMgrGetStrAKMList (
//
// Current AKM Suite is between 1-9
//
- AKMListDisplay = (CHAR16 *)AllocateZeroPool (sizeof (CHAR16) * AKMSuiteCount * 2);
+ AKMListDisplay = (CHAR16 *)AllocateZeroPool (sizeof (CHAR16) * (AKMSuiteCount * 2 + 1));
if (AKMListDisplay != NULL) {
for (Index = 0; Index < AKMSuiteCount; Index++) {
+ //
+ // The size of buffer should be 3 CHAR16 for Null-terminated Unicode string.
+ // The first char is the AKM Suite number, the second char is ' ', the third char is '\0'.
+ //
UnicodeSPrint (
AKMListDisplay + (Index * 2),
- sizeof (CHAR16) * 2,
+ sizeof (CHAR16) * 3,
L"%d ",
Profile->Network.AKMSuite->AKMSuiteList[Index].SuiteType
);
@@ -333,12 +337,16 @@ WifiMgrGetStrCipherList (
//
// Current Cipher Suite is between 1-9
//
- CipherListDisplay = (CHAR16 *)AllocateZeroPool (sizeof (CHAR16) * CipherSuiteCount * 2);
+ CipherListDisplay = (CHAR16 *)AllocateZeroPool (sizeof (CHAR16) * (CipherSuiteCount * 2 + 1));
if (CipherListDisplay != NULL) {
for (Index = 0; Index < CipherSuiteCount; Index++) {
+ //
+ // The size of buffer should be 3 CHAR16 for Null-terminated Unicode string.
+ // The first char is the Cipher Suite number, the second char is ' ', the third char is '\0'.
+ //
UnicodeSPrint (
CipherListDisplay + (Index * 2),
- sizeof (CHAR16) * 2,
+ sizeof (CHAR16) * 3,
L"%d ",
Profile->Network.CipherSuite->CipherSuiteList[Index].SuiteType
);


[PATCH] UefiPayloadPkg: Use Boot Splash

Sean Rhodes
 

Build with BootLogo using default image by default.

Cc: Guo Dong <guo.dong@...>
Cc: Ray Ni <ray.ni@...>
Cc: Maurice Ma <maurice.ma@...>
Cc: Benjamin You <benjamin.you@...>

Signed-off-by: Sean Rhodes <sean@...>
---
.../Library/PlatformBootManagerLib/PlatformBootManager.c | 3 +++
.../Library/PlatformBootManagerLib/PlatformBootManagerLib.inf | 2 ++
UefiPayloadPkg/UefiPayloadPkg.dsc | 2 ++
UefiPayloadPkg/UefiPayloadPkg.fdf | 1 +
4 files changed, 8 insertions(+)

diff --git a/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootMana=
ger.c b/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManager.c
index a8ead775ea..4dad595a3b 100644
--- a/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManager.c
+++ b/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManager.c
@@ -243,6 +243,9 @@ PlatformBootManagerAfterConsole (
Black.Blue =3D Black.Green =3D Black.Red =3D Black.Reserved =3D 0;=0D
White.Blue =3D White.Green =3D White.Red =3D White.Reserved =3D 0xFF;=0D
=0D
+ gST->ConOut->ClearScreen (gST->ConOut);=0D
+ BootLogoEnableLogo ();=0D
+=0D
EfiBootManagerConnectAll ();=0D
EfiBootManagerRefreshAllBootOption ();=0D
=0D
diff --git a/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootMana=
gerLib.inf b/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootMana=
gerLib.inf
index 9c4a9da943..306bd33b7a 100644
--- a/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.=
inf
+++ b/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.=
inf
@@ -39,6 +39,7 @@
UefiRuntimeServicesTableLib=0D
UefiLib=0D
UefiBootManagerLib=0D
+ BootLogoLib=0D
PcdLib=0D
DxeServicesLib=0D
MemoryAllocationLib=0D
@@ -73,3 +74,4 @@
gEfiMdePkgTokenSpaceGuid.PcdUartDefaultParity=0D
gEfiMdePkgTokenSpaceGuid.PcdUartDefaultStopBits=0D
gEfiMdeModulePkgTokenSpaceGuid.PcdBootManagerMenuFile=0D
+ gUefiPayloadPkgTokenSpaceGuid.PcdBootSplashImage=0D
diff --git a/UefiPayloadPkg/UefiPayloadPkg.dsc b/UefiPayloadPkg/UefiPayload=
Pkg.dsc
index 1ce96a51c1..1f602fb386 100644
--- a/UefiPayloadPkg/UefiPayloadPkg.dsc
+++ b/UefiPayloadPkg/UefiPayloadPkg.dsc
@@ -209,6 +209,7 @@
CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf=
=0D
SecurityManagementLib|MdeModulePkg/Library/DxeSecurityManagementLib/DxeS=
ecurityManagementLib.inf=0D
UefiBootManagerLib|MdeModulePkg/Library/UefiBootManagerLib/UefiBootManag=
erLib.inf=0D
+ BootLogoLib|MdeModulePkg/Library/BootLogoLib/BootLogoLib.inf=0D
CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/Customize=
dDisplayLib.inf=0D
FrameBufferBltLib|MdeModulePkg/Library/FrameBufferBltLib/FrameBufferBltL=
ib.inf=0D
=0D
@@ -545,6 +546,7 @@
!endif=0D
UefiCpuPkg/CpuDxe/CpuDxe.inf=0D
MdeModulePkg/Universal/BdsDxe/BdsDxe.inf=0D
+ MdeModulePkg/Logo/LogoDxe.inf=0D
MdeModulePkg/Application/UiApp/UiApp.inf {=0D
<LibraryClasses>=0D
NULL|MdeModulePkg/Library/DeviceManagerUiLib/DeviceManagerUiLib.inf=
=0D
diff --git a/UefiPayloadPkg/UefiPayloadPkg.fdf b/UefiPayloadPkg/UefiPayload=
Pkg.fdf
index c7b04978ad..2c75f51f7a 100644
--- a/UefiPayloadPkg/UefiPayloadPkg.fdf
+++ b/UefiPayloadPkg/UefiPayloadPkg.fdf
@@ -158,6 +158,7 @@ INF MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
INF UefiPayloadPkg/BlSupportDxe/BlSupportDxe.inf=0D
=0D
INF MdeModulePkg/Universal/SmbiosDxe/SmbiosDxe.inf=0D
+INF MdeModulePkg/Logo/LogoDxe.inf=0D
#=0D
# PCI Support=0D
#=0D
--=20
2.32.0


Re: [PATCH] UefiPayloadPkg: Make Boot Manager Key configurable

Sean Rhodes
 

We would prefer to keep PCD, as Esc can conflict with Grub on normal (not Chromebook) devices

Thank you

On Mon, 21 Feb 2022 at 05:26, Ni, Ray <ray.ni@...> wrote:
Can you just map both ESC and F2 to the UI? So that PCD is not needed.

Thanks,
Ray

-----Original Message-----
From: Sean Rhodes <sean@...>
Sent: Monday, February 21, 2022 5:39 AM
To: devel@edk2.groups.io
Cc: Dong, Guo <guo.dong@...>; Rhodes, Sean <sean@...>; Ni, Ray <ray.ni@...>; Ma, Maurice <maurice.ma@...>; You, Benjamin <benjamin.you@...>
Subject: [PATCH] UefiPayloadPkg: Make Boot Manager Key configurable

Provide a build option to use [Esc] instead of [F2] for devices
such as Chromebooks that don't have F-keys.

Cc: Guo Dong <guo.dong@...>
Cc: Ray Ni <ray.ni@...>
Cc: Maurice Ma <maurice.ma@...>
Cc: Benjamin You <benjamin.you@...>
Signed-off-by: Sean Rhodes <sean@...>
---
 .../Library/BrotliCustomDecompressLib/brotli  |  2 +-
 .../PlatformBootManager.c                     | 44 +++++++++++++------
 .../PlatformBootManagerLib.inf                |  1 +
 UefiPayloadPkg/UefiPayloadPkg.dec             |  3 ++
 UefiPayloadPkg/UefiPayloadPkg.dsc             |  3 ++
 5 files changed, 39 insertions(+), 14 deletions(-)

diff --git a/MdeModulePkg/Library/BrotliCustomDecompressLib/brotli b/MdeModulePkg/Library/BrotliCustomDecompressLib/brotli
index f4153a09f8..666c3280cc 160000
--- a/MdeModulePkg/Library/BrotliCustomDecompressLib/brotli
+++ b/MdeModulePkg/Library/BrotliCustomDecompressLib/brotli
@@ -1 +1 @@
-Subproject commit f4153a09f87cbb9c826d8fc12c74642bb2d879ea
+Subproject commit 666c3280cc11dc433c303d79a83d4ffbdd12cc8d
diff --git a/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManager.c b/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManager.c
index a8ead775ea..0eb577313a 100644
--- a/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManager.c
+++ b/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManager.c
@@ -164,7 +164,7 @@ PlatformBootManagerBeforeConsole (
   )

 {

   EFI_INPUT_KEY                 Enter;

-  EFI_INPUT_KEY                 F2;

+  EFI_INPUT_KEY                 CustomKey;

   EFI_INPUT_KEY                 Down;

   EFI_BOOT_MANAGER_LOAD_OPTION  BootOption;

   EFI_STATUS                    Status;

@@ -186,13 +186,22 @@ PlatformBootManagerBeforeConsole (
   Enter.UnicodeChar = CHAR_CARRIAGE_RETURN;

   EfiBootManagerRegisterContinueKeyOption (0, &Enter, NULL);



-  //

-  // Map F2 to Boot Manager Menu

-  //

-  F2.ScanCode    = SCAN_F2;

-  F2.UnicodeChar = CHAR_NULL;

+  if (FixedPcdGetBool (PcdBootManagerEscape)) {

+    //

+    // Map Esc to Boot Manager Menu

+    //

+    CustomKey.ScanCode    = SCAN_ESC;

+    CustomKey.UnicodeChar = CHAR_NULL;

+  } else {

+    //

+    // Map Esc to Boot Manager Menu

+    //

+    CustomKey.ScanCode    = SCAN_F2;

+    CustomKey.UnicodeChar = CHAR_NULL;

+  }

+

   EfiBootManagerGetBootManagerMenu (&BootOption);

-  EfiBootManagerAddKeyOptionVariable (NULL, (UINT16)BootOption.OptionNumber, 0, &F2, NULL);

+  EfiBootManagerAddKeyOptionVariable (NULL, (UINT16)BootOption.OptionNumber, 0, &CustomKey, NULL);



   //

   // Also add Down key to Boot Manager Menu since some serial terminals don't support F2 key.

@@ -251,12 +260,21 @@ PlatformBootManagerAfterConsole (
   //

   PlatformRegisterFvBootOption (PcdGetPtr (PcdShellFile), L"UEFI Shell", LOAD_OPTION_ACTIVE);



-  Print (

-    L"\n"

-    L"F2 or Down      to enter Boot Manager Menu.\n"

-    L"ENTER           to boot directly.\n"

-    L"\n"

-    );

+  if (FixedPcdGetBool (PcdBootManagerEscape)) {

+    Print (

+      L"\n"

+      L"Esc or Down      to enter Boot Manager Menu.\n"

+      L"ENTER           to boot directly.\n"

+      L"\n"

+      );

+  } else {

+    Print (

+      L"\n"

+      L"F2 or Down      to enter Boot Manager Menu.\n"

+      L"ENTER           to boot directly.\n"

+      L"\n"

+      );

+  }

 }



 /**

diff --git a/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf b/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
index 9c4a9da943..80390e0d98 100644
--- a/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
+++ b/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
@@ -73,3 +73,4 @@
   gEfiMdePkgTokenSpaceGuid.PcdUartDefaultParity

   gEfiMdePkgTokenSpaceGuid.PcdUartDefaultStopBits

   gEfiMdeModulePkgTokenSpaceGuid.PcdBootManagerMenuFile

+  gUefiPayloadPkgTokenSpaceGuid.PcdBootManagerEscape

diff --git a/UefiPayloadPkg/UefiPayloadPkg.dec b/UefiPayloadPkg/UefiPayloadPkg.dec
index 551f0a4915..f2fcdf6a74 100644
--- a/UefiPayloadPkg/UefiPayloadPkg.dec
+++ b/UefiPayloadPkg/UefiPayloadPkg.dec
@@ -83,6 +83,9 @@ gUefiPayloadPkgTokenSpaceGuid.PcdSystemMemoryUefiRegionSize|0x04000000|UINT32|0x


 gUefiPayloadPkgTokenSpaceGuid.PcdPcdDriverFile|{ 0x57, 0x72, 0xcf, 0x80, 0xab, 0x87, 0xf9, 0x47, 0xa3, 0xfe, 0xD5, 0x0B, 0x76, 0xd8, 0x95, 0x41 }|VOID*|0x00000018



+# Boot Manager Key

+gUefiPayloadPkgTokenSpaceGuid.PcdBootManagerEscape|FALSE|BOOLEAN|0x00000020

+

 ## FFS filename to find the default variable initial data file.

 # @Prompt FFS Name of variable initial data file

  gUefiPayloadPkgTokenSpaceGuid.PcdNvsDataFile |{ 0x1a, 0xf1, 0xb1, 0xae, 0x42, 0xcc, 0xcf, 0x4e, 0xac, 0x60, 0xdb, 0xab, 0xf6, 0xca, 0x69, 0xe6 }|VOID*|0x00000025

diff --git a/UefiPayloadPkg/UefiPayloadPkg.dsc b/UefiPayloadPkg/UefiPayloadPkg.dsc
index 1ce96a51c1..ee9680a2b7 100644
--- a/UefiPayloadPkg/UefiPayloadPkg.dsc
+++ b/UefiPayloadPkg/UefiPayloadPkg.dsc
@@ -33,6 +33,7 @@
   DEFINE UNIVERSAL_PAYLOAD            = FALSE

   DEFINE SECURITY_STUB_ENABLE         = TRUE

   DEFINE SMM_SUPPORT                  = FALSE

+  DEFINE BOOT_MANAGER_ESCAPE          = FALSE

   #

   # SBL:      UEFI payload for Slim Bootloader

   # COREBOOT: UEFI payload for coreboot

@@ -399,6 +400,8 @@
   gEfiMdePkgTokenSpaceGuid.PcdPerformanceLibraryPropertyMask       | 0x1

 !endif



+  gUefiPayloadPkgTokenSpaceGuid.PcdBootManagerEscape|$(BOOT_MANAGER_ESCAPE)

+

 [PcdsPatchableInModule.X64]

   gPcAtChipsetPkgTokenSpaceGuid.PcdRtcIndexRegister|$(RTC_INDEX_REGISTER)

   gPcAtChipsetPkgTokenSpaceGuid.PcdRtcTargetRegister|$(RTC_TARGET_REGISTER)

--
2.32.0


Re: [PATCH v5 0/2] ShellPkg/AcpiView: Adds ACPI_PARSER bitfield parser

Gao, Zhichao
 

Patchset Reviewed-by: Zhichao Gao <zhichao.gao@...>

Thanks,
Zhichao

-----Original Message-----
From: Abdul Lateef Attar <abdattar@...>
Sent: Wednesday, February 16, 2022 7:14 PM
To: devel@edk2.groups.io
Cc: Ni, Ray <ray.ni@...>; Gao, Zhichao <zhichao.gao@...>; Sami
Mujawar <sami.mujawar@...>
Subject: [PATCH v5 0/2] ShellPkg/AcpiView: Adds ACPI_PARSER bitfield
parser

Hi,
Sorry for the delayed reply.
I had updated the patch according to the review comments.
Please review the updated patch.

REF: https://github.com/abdattar/edk2/tree/FadtFlagsParserV5


Cc: Ray Ni <ray.ni@...>
Cc: Zhichao Gao <zhichao.gao@...>
Cc: Sami Mujawar <sami.mujawar@...>

Abdul Lateef Attar (2):
ShellPkg/AcpiView: Adds ACPI_PARSER bitfield parser
ShellPkg/AcpiView: PrintFormatter for FADT Flags field

ShellPkg/Library/UefiShellAcpiViewCommandLib/AcpiParser.h | 48
+++++
ShellPkg/Library/UefiShellAcpiViewCommandLib/AcpiParser.c | 188
++++++++++++++++++++
ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Fadt/FadtParser.c
| 167 +++++++++++------
3 files changed, 348 insertions(+), 55 deletions(-)

--
2.25.1


[PATCH v3 1/1] UefiPayloadPkg/PayloadLoaderPeim: Use INT64 as input parameter

Guomin Jiang
 

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3818

It will have some potential issue when memory larger than 2G because
the high memory address will be fill with 0xFFFFFFFF when do the
operation of INTN + INT64 but it is 32 bit normal data in fact.

Should use same data type INT64 + INT64.

V3:
1. Use INT64 as input parameter because all date type is 64 bit
V2:
1. Force the data type to UINTN to avoid high dword be filled with
0xFFFFFFFF
2. Keep INTN because the offset may postive or negative.

Cc: Guo Dong <guo.dong@...>
Cc: Ray Ni <ray.ni@...>
Cc: Maurice Ma <maurice.ma@...>
Cc: Benjamin You <benjamin.you@...>
Signed-off-by: Guomin Jiang <guomin.jiang@...>
---
UefiPayloadPkg/PayloadLoaderPeim/ElfLib/Elf64Lib.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/UefiPayloadPkg/PayloadLoaderPeim/ElfLib/Elf64Lib.c b/UefiPayloadPkg/PayloadLoaderPeim/ElfLib/Elf64Lib.c
index dc47a05c6e4a..c8dbb887340b 100644
--- a/UefiPayloadPkg/PayloadLoaderPeim/ElfLib/Elf64Lib.c
+++ b/UefiPayloadPkg/PayloadLoaderPeim/ElfLib/Elf64Lib.c
@@ -108,7 +108,7 @@ ProcessRelocation64 (
IN UINT64 RelaSize,
IN UINT64 RelaEntrySize,
IN UINT64 RelaType,
- IN INTN Delta,
+ IN INT64 Delta,
IN BOOLEAN DynamicLinking
)
{
--
2.35.1.windows.2


Re: [PATCH] UefiPayloadPkg: Make Boot Manager Key configurable

Ni, Ray
 

Can you just map both ESC and F2 to the UI? So that PCD is not needed.

Thanks,
Ray

-----Original Message-----
From: Sean Rhodes <sean@...>
Sent: Monday, February 21, 2022 5:39 AM
To: devel@edk2.groups.io
Cc: Dong, Guo <guo.dong@...>; Rhodes, Sean <sean@...>; Ni, Ray <ray.ni@...>; Ma, Maurice <maurice.ma@...>; You, Benjamin <benjamin.you@...>
Subject: [PATCH] UefiPayloadPkg: Make Boot Manager Key configurable

Provide a build option to use [Esc] instead of [F2] for devices
such as Chromebooks that don't have F-keys.

Cc: Guo Dong <guo.dong@...>
Cc: Ray Ni <ray.ni@...>
Cc: Maurice Ma <maurice.ma@...>
Cc: Benjamin You <benjamin.you@...>
Signed-off-by: Sean Rhodes <sean@...>
---
.../Library/BrotliCustomDecompressLib/brotli | 2 +-
.../PlatformBootManager.c | 44 +++++++++++++------
.../PlatformBootManagerLib.inf | 1 +
UefiPayloadPkg/UefiPayloadPkg.dec | 3 ++
UefiPayloadPkg/UefiPayloadPkg.dsc | 3 ++
5 files changed, 39 insertions(+), 14 deletions(-)

diff --git a/MdeModulePkg/Library/BrotliCustomDecompressLib/brotli b/MdeModulePkg/Library/BrotliCustomDecompressLib/brotli
index f4153a09f8..666c3280cc 160000
--- a/MdeModulePkg/Library/BrotliCustomDecompressLib/brotli
+++ b/MdeModulePkg/Library/BrotliCustomDecompressLib/brotli
@@ -1 +1 @@
-Subproject commit f4153a09f87cbb9c826d8fc12c74642bb2d879ea
+Subproject commit 666c3280cc11dc433c303d79a83d4ffbdd12cc8d
diff --git a/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManager.c b/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManager.c
index a8ead775ea..0eb577313a 100644
--- a/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManager.c
+++ b/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManager.c
@@ -164,7 +164,7 @@ PlatformBootManagerBeforeConsole (
)

{

EFI_INPUT_KEY Enter;

- EFI_INPUT_KEY F2;

+ EFI_INPUT_KEY CustomKey;

EFI_INPUT_KEY Down;

EFI_BOOT_MANAGER_LOAD_OPTION BootOption;

EFI_STATUS Status;

@@ -186,13 +186,22 @@ PlatformBootManagerBeforeConsole (
Enter.UnicodeChar = CHAR_CARRIAGE_RETURN;

EfiBootManagerRegisterContinueKeyOption (0, &Enter, NULL);



- //

- // Map F2 to Boot Manager Menu

- //

- F2.ScanCode = SCAN_F2;

- F2.UnicodeChar = CHAR_NULL;

+ if (FixedPcdGetBool (PcdBootManagerEscape)) {

+ //

+ // Map Esc to Boot Manager Menu

+ //

+ CustomKey.ScanCode = SCAN_ESC;

+ CustomKey.UnicodeChar = CHAR_NULL;

+ } else {

+ //

+ // Map Esc to Boot Manager Menu

+ //

+ CustomKey.ScanCode = SCAN_F2;

+ CustomKey.UnicodeChar = CHAR_NULL;

+ }

+

EfiBootManagerGetBootManagerMenu (&BootOption);

- EfiBootManagerAddKeyOptionVariable (NULL, (UINT16)BootOption.OptionNumber, 0, &F2, NULL);

+ EfiBootManagerAddKeyOptionVariable (NULL, (UINT16)BootOption.OptionNumber, 0, &CustomKey, NULL);



//

// Also add Down key to Boot Manager Menu since some serial terminals don't support F2 key.

@@ -251,12 +260,21 @@ PlatformBootManagerAfterConsole (
//

PlatformRegisterFvBootOption (PcdGetPtr (PcdShellFile), L"UEFI Shell", LOAD_OPTION_ACTIVE);



- Print (

- L"\n"

- L"F2 or Down to enter Boot Manager Menu.\n"

- L"ENTER to boot directly.\n"

- L"\n"

- );

+ if (FixedPcdGetBool (PcdBootManagerEscape)) {

+ Print (

+ L"\n"

+ L"Esc or Down to enter Boot Manager Menu.\n"

+ L"ENTER to boot directly.\n"

+ L"\n"

+ );

+ } else {

+ Print (

+ L"\n"

+ L"F2 or Down to enter Boot Manager Menu.\n"

+ L"ENTER to boot directly.\n"

+ L"\n"

+ );

+ }

}



/**

diff --git a/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf b/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
index 9c4a9da943..80390e0d98 100644
--- a/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
+++ b/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
@@ -73,3 +73,4 @@
gEfiMdePkgTokenSpaceGuid.PcdUartDefaultParity

gEfiMdePkgTokenSpaceGuid.PcdUartDefaultStopBits

gEfiMdeModulePkgTokenSpaceGuid.PcdBootManagerMenuFile

+ gUefiPayloadPkgTokenSpaceGuid.PcdBootManagerEscape

diff --git a/UefiPayloadPkg/UefiPayloadPkg.dec b/UefiPayloadPkg/UefiPayloadPkg.dec
index 551f0a4915..f2fcdf6a74 100644
--- a/UefiPayloadPkg/UefiPayloadPkg.dec
+++ b/UefiPayloadPkg/UefiPayloadPkg.dec
@@ -83,6 +83,9 @@ gUefiPayloadPkgTokenSpaceGuid.PcdSystemMemoryUefiRegionSize|0x04000000|UINT32|0x


gUefiPayloadPkgTokenSpaceGuid.PcdPcdDriverFile|{ 0x57, 0x72, 0xcf, 0x80, 0xab, 0x87, 0xf9, 0x47, 0xa3, 0xfe, 0xD5, 0x0B, 0x76, 0xd8, 0x95, 0x41 }|VOID*|0x00000018



+# Boot Manager Key

+gUefiPayloadPkgTokenSpaceGuid.PcdBootManagerEscape|FALSE|BOOLEAN|0x00000020

+

## FFS filename to find the default variable initial data file.

# @Prompt FFS Name of variable initial data file

gUefiPayloadPkgTokenSpaceGuid.PcdNvsDataFile |{ 0x1a, 0xf1, 0xb1, 0xae, 0x42, 0xcc, 0xcf, 0x4e, 0xac, 0x60, 0xdb, 0xab, 0xf6, 0xca, 0x69, 0xe6 }|VOID*|0x00000025

diff --git a/UefiPayloadPkg/UefiPayloadPkg.dsc b/UefiPayloadPkg/UefiPayloadPkg.dsc
index 1ce96a51c1..ee9680a2b7 100644
--- a/UefiPayloadPkg/UefiPayloadPkg.dsc
+++ b/UefiPayloadPkg/UefiPayloadPkg.dsc
@@ -33,6 +33,7 @@
DEFINE UNIVERSAL_PAYLOAD = FALSE

DEFINE SECURITY_STUB_ENABLE = TRUE

DEFINE SMM_SUPPORT = FALSE

+ DEFINE BOOT_MANAGER_ESCAPE = FALSE

#

# SBL: UEFI payload for Slim Bootloader

# COREBOOT: UEFI payload for coreboot

@@ -399,6 +400,8 @@
gEfiMdePkgTokenSpaceGuid.PcdPerformanceLibraryPropertyMask | 0x1

!endif



+ gUefiPayloadPkgTokenSpaceGuid.PcdBootManagerEscape|$(BOOT_MANAGER_ESCAPE)

+

[PcdsPatchableInModule.X64]

gPcAtChipsetPkgTokenSpaceGuid.PcdRtcIndexRegister|$(RTC_INDEX_REGISTER)

gPcAtChipsetPkgTokenSpaceGuid.PcdRtcTargetRegister|$(RTC_TARGET_REGISTER)

--
2.32.0


Re: [PATCH] UefiPayloadPkg: Provide option to use Boot Splash

Ni, Ray
 

Can you avoid introducing the PCD by always including BootLogo driver?

By the way, you changed brotli version. Is that expected?

-----Original Message-----
From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Sean Rhodes
Sent: Monday, February 21, 2022 5:34 AM
To: devel@edk2.groups.io
Cc: Dong, Guo <guo.dong@...>; Rhodes, Sean <sean@...>; Ni, Ray <ray.ni@...>; Ma, Maurice <maurice.ma@...>; You, Benjamin <benjamin.you@...>
Subject: [edk2-devel] [PATCH] UefiPayloadPkg: Provide option to use Boot Splash

Provide a build option to use a Boot Splash logo.

Cc: Guo Dong <guo.dong@...>
Cc: Ray Ni <ray.ni@...>
Cc: Maurice Ma <maurice.ma@...>
Cc: Benjamin You <benjamin.you@...>
Signed-off-by: Sean Rhodes <sean@...>
---
MdeModulePkg/Library/BrotliCustomDecompressLib/brotli | 2 +-
.../Library/PlatformBootManagerLib/PlatformBootManager.c | 5 +++++
.../PlatformBootManagerLib/PlatformBootManagerLib.inf | 2 ++
UefiPayloadPkg/UefiPayloadPkg.dec | 3 +++
UefiPayloadPkg/UefiPayloadPkg.dsc | 7 +++++++
UefiPayloadPkg/UefiPayloadPkg.fdf | 3 +++
6 files changed, 21 insertions(+), 1 deletion(-)

diff --git a/MdeModulePkg/Library/BrotliCustomDecompressLib/brotli b/MdeModulePkg/Library/BrotliCustomDecompressLib/brotli
index f4153a09f8..666c3280cc 160000
--- a/MdeModulePkg/Library/BrotliCustomDecompressLib/brotli
+++ b/MdeModulePkg/Library/BrotliCustomDecompressLib/brotli
@@ -1 +1 @@
-Subproject commit f4153a09f87cbb9c826d8fc12c74642bb2d879ea
+Subproject commit 666c3280cc11dc433c303d79a83d4ffbdd12cc8d
diff --git a/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManager.c b/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManager.c
index a8ead775ea..3bded489ef 100644
--- a/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManager.c
+++ b/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManager.c
@@ -243,6 +243,11 @@ PlatformBootManagerAfterConsole (
Black.Blue = Black.Green = Black.Red = Black.Reserved = 0;

White.Blue = White.Green = White.Red = White.Reserved = 0xFF;



+ if (FixedPcdGetBool (PcdBootSplashImage)) {

+ gST->ConOut->ClearScreen (gST->ConOut);

+ BootLogoEnableLogo ();

+ }

+

EfiBootManagerConnectAll ();

EfiBootManagerRefreshAllBootOption ();



diff --git a/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf b/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
index 9c4a9da943..306bd33b7a 100644
--- a/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
+++ b/UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
@@ -39,6 +39,7 @@
UefiRuntimeServicesTableLib

UefiLib

UefiBootManagerLib

+ BootLogoLib

PcdLib

DxeServicesLib

MemoryAllocationLib

@@ -73,3 +74,4 @@
gEfiMdePkgTokenSpaceGuid.PcdUartDefaultParity

gEfiMdePkgTokenSpaceGuid.PcdUartDefaultStopBits

gEfiMdeModulePkgTokenSpaceGuid.PcdBootManagerMenuFile

+ gUefiPayloadPkgTokenSpaceGuid.PcdBootSplashImage

diff --git a/UefiPayloadPkg/UefiPayloadPkg.dec b/UefiPayloadPkg/UefiPayloadPkg.dec
index 551f0a4915..4f5756d575 100644
--- a/UefiPayloadPkg/UefiPayloadPkg.dec
+++ b/UefiPayloadPkg/UefiPayloadPkg.dec
@@ -83,6 +83,9 @@ gUefiPayloadPkgTokenSpaceGuid.PcdSystemMemoryUefiRegionSize|0x04000000|UINT32|0x


gUefiPayloadPkgTokenSpaceGuid.PcdPcdDriverFile|{ 0x57, 0x72, 0xcf, 0x80, 0xab, 0x87, 0xf9, 0x47, 0xa3, 0xfe, 0xD5, 0x0B, 0x76, 0xd8, 0x95, 0x41 }|VOID*|0x00000018



+# BootSplash Image

+gUefiPayloadPkgTokenSpaceGuid.PcdBootSplashImage|TRUE|BOOLEAN|0x00000021

+

## FFS filename to find the default variable initial data file.

# @Prompt FFS Name of variable initial data file

gUefiPayloadPkgTokenSpaceGuid.PcdNvsDataFile |{ 0x1a, 0xf1, 0xb1, 0xae, 0x42, 0xcc, 0xcf, 0x4e, 0xac, 0x60, 0xdb, 0xab, 0xf6, 0xca, 0x69, 0xe6 }|VOID*|0x00000025

diff --git a/UefiPayloadPkg/UefiPayloadPkg.dsc b/UefiPayloadPkg/UefiPayloadPkg.dsc
index 1ce96a51c1..64e9e67d62 100644
--- a/UefiPayloadPkg/UefiPayloadPkg.dsc
+++ b/UefiPayloadPkg/UefiPayloadPkg.dsc
@@ -33,6 +33,7 @@
DEFINE UNIVERSAL_PAYLOAD = FALSE

DEFINE SECURITY_STUB_ENABLE = TRUE

DEFINE SMM_SUPPORT = FALSE

+ DEFINE BOOTSPLASH_IMAGE = FALSE

#

# SBL: UEFI payload for Slim Bootloader

# COREBOOT: UEFI payload for coreboot

@@ -209,6 +210,7 @@
CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf

SecurityManagementLib|MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.inf

UefiBootManagerLib|MdeModulePkg/Library/UefiBootManagerLib/UefiBootManagerLib.inf

+ BootLogoLib|MdeModulePkg/Library/BootLogoLib/BootLogoLib.inf

CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/CustomizedDisplayLib.inf

FrameBufferBltLib|MdeModulePkg/Library/FrameBufferBltLib/FrameBufferBltLib.inf



@@ -399,6 +401,8 @@
gEfiMdePkgTokenSpaceGuid.PcdPerformanceLibraryPropertyMask | 0x1

!endif



+ gUefiPayloadPkgTokenSpaceGuid.PcdBootSplashImage|$(BOOTSPLASH_IMAGE)

+

[PcdsPatchableInModule.X64]

gPcAtChipsetPkgTokenSpaceGuid.PcdRtcIndexRegister|$(RTC_INDEX_REGISTER)

gPcAtChipsetPkgTokenSpaceGuid.PcdRtcTargetRegister|$(RTC_TARGET_REGISTER)

@@ -545,6 +549,9 @@
!endif

UefiCpuPkg/CpuDxe/CpuDxe.inf

MdeModulePkg/Universal/BdsDxe/BdsDxe.inf

+!if $(BOOTSPLASH_IMAGE) == TRUE

+ MdeModulePkg/Logo/LogoDxe.inf

+!endif

MdeModulePkg/Application/UiApp/UiApp.inf {

<LibraryClasses>

NULL|MdeModulePkg/Library/DeviceManagerUiLib/DeviceManagerUiLib.inf

diff --git a/UefiPayloadPkg/UefiPayloadPkg.fdf b/UefiPayloadPkg/UefiPayloadPkg.fdf
index c7b04978ad..a71d655687 100644
--- a/UefiPayloadPkg/UefiPayloadPkg.fdf
+++ b/UefiPayloadPkg/UefiPayloadPkg.fdf
@@ -158,6 +158,9 @@ INF MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
INF UefiPayloadPkg/BlSupportDxe/BlSupportDxe.inf



INF MdeModulePkg/Universal/SmbiosDxe/SmbiosDxe.inf

+!if $(BOOTSPLASH_IMAGE) == TRUE

+INF MdeModulePkg/Logo/LogoDxe.inf

+!endif

#

# PCI Support

#

--
2.32.0



-=-=-=-=-=-=
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#86816): https://edk2.groups.io/g/devel/message/86816
Mute This Topic: https://groups.io/mt/89281295/1712937
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [ray.ni@...]
-=-=-=-=-=-=

4221 - 4240 of 90974