Taylor Beebe [Tue, 27 Aug 2024 21:34:35 +0000 (14:34 -0700)]
MdePkg: Create Stack Check Lib
StackCheckLib contains the required functionality for initializing
the stack cookie value, checking the value, and triggering an interrupt
when a mismatch occurs. The stack cookie is a random value placed on the
stack between the stack variables and the return address so that
continuously writing past the stack variables will cause the stack cookie
to be overwritten. Before the function returns, the stack cookie value
will be checked and if there is a mismatch then StackCheckLib handles the
failure.
Because UEFI doesn't use the C runtime libraries provided by MSVC, the
stack check code is written in assembly within this library. GCC and
Clang compilers have built-in support for stack cookie checking, so this
library only handles failures.
Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
Taylor Beebe [Tue, 27 Aug 2024 21:31:48 +0000 (14:31 -0700)]
MdePkg: Create Stack Check Null Libs
Add Null libs for Stack Check and Stack Check Failure Hook Lib that
allow a platform to opt out of stack checks and the stack check failure
hook lib.
StackCheckLib allows implementation (or in this case null implementation)
of stack checks on binaries. There is a Host Application specific version
of this null lib because MSVC host applications must not be linked against
our lib (so the file here is a no-op but that doesn't cause the build
system to fail the build for not building a file for MSVC) as it links
against the MSVC C runtime lib that provides the stack cookie definitions.
GCC host applications do not link against such a C runtime lib and must
be linked against our version.
StackCheckFailureHookLib lets a platform do custom functionality when a
stack check failure occurs (such as log it to a platform defined
mechanism). The null lib simply returns.
Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
This patch adds a PCD allowing a platform to specify
the interrupt vector to trigger on a stack check
failure. On x86, this is an offset into the IDT.
On ARM/AARCH64, this triggers a software interrupt
that can be decoded to indicate this was a stack
check failure.
Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
Bret Barkelew [Thu, 28 Jan 2021 03:33:13 +0000 (03:33 +0000)]
UnitTestFrameworkPkg: Move common includes to their own file
Previously, the UnitTestFrameworkPkgHost.dsc.inc included the entire
UnitTestFrameworkPkgTarget.dsc.inc file. This is unnecessary for
most configurations, so copy the relevant common components to a
separate file.
This is required for stack cookies so that we can have stack
cookies on target based test apps but not on host base test apps.
Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
NetworkPkg: PxeBcDhcp6GoogleTest: Fix Stack Smashing Unit Test
PxeBcDhcp6GoogleTest's MultipleDnsEntries test started to fail
with stack cookies added for host applications. Debugging this
showed that the test was attempting to copy two UINT16s to a
UINT8 Data[1] array allocated on the stack. This was moved to
a heap based allocation for a UINT32 to accommodate the proper
size. After this fix, the unit test passed with stack cookies
enabled.
Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
Cache maintenance operations by set/way are not broadcast, and operate
on individual architected caches, making them suitable only for
en/disabling cache levels, which is the job of secure firmware, to be
carried out while the CPU in question is not taking part in the
cache coherency protocol.
Managing the clean/dirty state of a memory range can only be done using
cache maintenance by virtual address.
So drop the set/way handling from ArmLib for ARM and AARCH64, as there
is no context where it can be used correctly from EDK2.
MdePkg/ArmLib: Drop routines that maintain the entire D-cache
Cache maintenance on the D-cache hierarchy as a whole is not supported
by the ARM architecture, so drop the routines from ArmLib that pretend
to implement it.
7f17a15 (2024/02/22)
"OvmfPkg: Shell*.inc: allow building without network support"
breaks building OVMF with `-D NETWORK_ENABLE=0`.
Before this commit we could build OVMF e.g. with the following
command in the OvmfPkg directory:
./build.sh -D NETWORK_ENABLE=0
After the commit the same command fails early with:
/home/user/OpenSource/edk2/OvmfPkg/OvmfPkgX64.dsc(15):
error F001: Pcd (gEfiNetworkPkgTokenSpaceGuid.PcdAllowHttpConnections)
defined in DSC is not declared in DEC files referenced in INF files in
FDF. Arch: ['X64']
This problem also applies in the ArmVirtPkg
platforms which are modified here, but is currently
masked by another issue, namely that these platforms
incorrectly still include some network packages when
most are disabled. (A fix for this was previously applied,
for OvmfPkg Intel platforms only, by d933ec1 followed by 7f17a15 .)
This commit was created at the same time as the
commits resolving this issue in NetworkPkg and
OvmfPkg. It makes conditional the Pcd references
in ArmVirtPkg platforms which will become references to
undefined Pcds as and when the other issue mentioned
above is fixed.
7f17a15 (2024/02/22)
"OvmfPkg: Shell*.inc: allow building without network support"
breaks building OVMF with `-D NETWORK_ENABLE=0`.
Before this commit we could build OVMF e.g. with the following
command in the OvmfPkg directory:
./build.sh -D NETWORK_ENABLE=0
After the commit the same command fails early with:
/home/user/OpenSource/edk2/OvmfPkg/OvmfPkgX64.dsc(15):
error F001: Pcd (gEfiNetworkPkgTokenSpaceGuid.PcdAllowHttpConnections)
defined in DSC is not declared in DEC files referenced in INF files in
FDF. Arch: ['X64']
The problem applies in Intel OvmfPkg platforms.
Additionally, it applies in various other OvmfPkg
platforms, but is masked buy another issue; namely
that these platforms incorrectly still include some
network packages when most are disabled.
(A fix for that issue has previously been
made, in OvmfPkg Intel platforms only, by d933ec1 followed by 7f17a15 .)
This commit conditionally removes the undefined Pcd references
in all OvmfPkg platforms which are now affected by this
issue, and in all those which would be affected as and
when the other issue mentioned above is fixed.
7f17a15 (2024/02/22)
"OvmfPkg: Shell*.inc: allow building without network support"
breaks building OVMF with `-D NETWORK_ENABLE=0`.
Before this commit we could build OVMF e.g. with the following
command in the OvmfPkg directory:
./build.sh -D NETWORK_ENABLE=0
After the commit the same command fails early with:
/home/user/OpenSource/edk2/OvmfPkg/OvmfPkgX64.dsc(15):
error F001: Pcd (gEfiNetworkPkgTokenSpaceGuid.PcdAllowHttpConnections)
defined in DSC is not declared in DEC files referenced in INF files in
FDF. Arch: ['X64']
This commit conditionally removes the undefined Pcd reference in
NetworkPkg which is part of this issue.
Similar changes are needed in separate commits for
OvmfPkg (and for ArmVirtPkg, since the issue also
exists there, although masked by another issue).
As per the emailed RFC in
https://edk2.groups.io/g/devel/topic/rfc_move/107675828,
this patch moves CompilerIntrinsicsLib from ArmPkg to
MdePkg as this library provides compiler intrinsics, which
are industry standard.
This aligns with the goal of integrating ArmPkg into existing
packages: https://bugzilla.tianocore.org/show_bug.cgi?id=4121.
The newly placed CompilerIntrinsicsLib is added to MdeLibs.dsc.inc
as every DSC that builds ARM/AARCH64 needs this library added. The
old location is removed from every DSC in edk2 in this commit also
to not break bisectability with minimal hoop jumping.
AsmMacroIoLib.h and AsmMacroIoLibV8.h are used by the
CompilerIntrinsicsLib, which is moving to MdePkg. These
functions provide standard definitions for ARM/AARCH64
assembly code, respectively, and so are moved to the arch
directories in MdePkg to avoid MdePkg having a
dependency on ArmPkg.
Now that the files are in Arm/ and AArch64/ directories,
the filenames are changed to AsmMacroLib.h as we can
distinguish the architecture from the path.
ArmPkg: CompilerIntrinsicsLib: Use AsmMacroIoLibV8.h for AARCH64 ASM
AArch64/ashlti3.S was using AsmMacroIoLib.h which is the ARM version
of these definitions. AsmMacroIoLibV8.h is the AARCH64 version of
these defintions. This patch moves that file to use the proper arch
file.
Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
After the loongarch flash block size is changed from 128K to 256K,
qemu requires that the UEFI firmware size be aligned with the flash block size(256K).
Otherwise, the firmware cannot be loaded,
Use the following code to resolve the old firmware loading problem:
mv QEMU_EFI.fd QEMU_EFI.fd-bak
cat QEMU_EFI.fd-bak /dev/zero | head -c 16m > ./QEMU_EFI.fd
mv QEMU_VARS.fd QEMU_VARS.fd-bak
cat QEMU_VARS.fd-bak /dev/zero | head -c 16m > ./QEMU_VARS.fd
For the new firmware, we refer to other architecture UEFI and
set the UEFI firmware size to align with the flash block size(256K).
So for this patch, we set the UEFI firmware size to 256K alignment.
Cc: Bibo Mao <maobibo@loongson.cn> Cc: Chao Li <lichao@loongson.cn> Signed-off-by: Xianglai Li <lixianglai@loongson.cn>
Ken Lautner [Sat, 24 Aug 2024 00:41:49 +0000 (17:41 -0700)]
MdeModulePkg: Enable Data Terminal at end of serial
When a Serial device resets, the Modem Control Register Data Terminal
Ready and Request to Send need to be cleared also. Otherwise the
registers will be left in their previous state, and the connected device
will not be able to transmit data.
The natural aligmenent seems to be failed on some cases. So, this patch
intends to add the pack(1) to ensure the structure aligned with a
one-byte boundary.
Ashraf Ali [Fri, 6 Sep 2024 15:12:42 +0000 (20:42 +0530)]
Refactor SetMemWrapper to reduce binary size
Moved SetMemN API to a separate file to eliminate unnecessary inclusion
of InternalMemSetMem64 and InternalMemSetMem32 APIs in driver binary.
When the compiler linking the Object files it may not remove all the
unused from NASM OBJs. This change is to reorganize the C files to
minimize the impact of the NASM behavior resulting is code size
reduction.
Signed-off-by: Ashraf Ali <ashraf.ali.s@intel.com>
Jason1 Lin [Wed, 28 Aug 2024 09:36:11 +0000 (17:36 +0800)]
MdeModulePkg/DxeCapsuleLibFmp: Check BootService Status to Use ESRT Cache
- In c36414b131dfd0a1ca51f10f87a18955bc110ff2 change, it was introduced
the ReadyToBoot event check to prevent the boot service got called
in runtime to cause the issue.
- In this patch introduced the ExitBootService event to replace it.
It would be better to base on the BootService status to decide
the source of ESRT table.
- Based on the BootService availability to decide,
- Exit : Use cache ESRT table in IF-condition
- Not Exit: Use boot service to locate protocol in ELSE-condition
Co-authored-by: Dakota Chiang <dakota.chiang@intel.com> Signed-off-by: Jason1 Lin <jason1.lin@intel.com>
[1] Add the event of system resource table installed callback.
- Register the event in DxeRuntimeCapsuleLibConstructor ()
- Unregister the event in DxeRuntimeCapsuleLibDestructor ()
[2] Migrate the event to update the module variable to cache ESRT table
from ReadyToBoot to system resource table installed.
[3] Add the condition to free the pool of buffer when the "mEsrtTable"
is not NULL.
Co-authored-by: Dakota Chiang <dakota.chiang@intel.com> Signed-off-by: Jason1 Lin <jason1.lin@intel.com>
Report PXE error status via Status Code, with this design,
it will be flexible to register a status code handler
via gEfiRscHandlerProtocolGuid to output the customized error code
to other telemetry service.
Zhiguang Liu [Tue, 18 Jun 2024 08:13:12 +0000 (16:13 +0800)]
IntelFsp2Pkg: Support FSP API to save and restore page table
A potential issue may happen when FSP creates/changes page table while
bootloader doesn't expect page table being changed in FSP.
Current, FSP API support to save/restore stack, IDT and general purpose
registers. Following the same pattern, add save/restore page table
support to solve this issue.
Note that this feature only impacts FSP API mode, and is controlled
by PCD PcdFspSaveRestorePageTableEnable. For compatibility, the PCD
default value is set as FALSE.
Signed-off-by: Zhiguang Liu <zhiguang.liu@intel.com>
.pytool/EccCheck: Trim leading path to modified directory
The code changes in the patch is for trimming the leading path
to the modified directory in the .pytool/EccCheck script.
This is necessary when running Ecc on other repositories,
such as edk2-platforms, where the platform package is located
in a subfolder, like Platform/AMD/AmdPlatformPkg.
The EccCheck script checks for modified directories and expects them to start with the package name.
#
# Skip directory names that do not start with the package being scanned.
#
if file_dir.split('/')[0] != pkg:
continue
However, if the package name is in a subfolder,
the "git diff" command gives a relative path,
like Platform/AMD, which causes the condition to be false.
"M Platform/AMD/AmdPlatformPkg/Universal/LogoDxe/Logo.c"
As a result, EccCheck does not happen on modified files.
To fix this issue, the leading path needs to be trimmed
so that it starts from the directory name.
This change will not affect the existing check for the edk2 repository,
where all package names are at the first level directory.
Cc: Sean Brogan <sean.brogan@microsoft.com> Cc: Joey Vagedes <joey.vagedes@gmail.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Liming Gao <gaoliming@byosoft.com.cn> Signed-off-by: Abdul Lateef Attar <AbdulLateef.Attar@amd.com>
If we search the codebase for &gEdkiiVariablePolicyProtocolGuid
we can find two drivers which install this policy:
VariableRuntimeDxe (installed in VariableDxe.c) and
VariableSmmRuntimeDxe (installed in VariablePolicySmmDxe.c).
The .inf file for VariableRuntimeDxe incorrectly lists the protocol
as CONSUMES in the comment, so change this to PRODUCES.
BaseTools was moved out to a separate repo and consumed as a pip
module by edk2 CI. This process has not led to the desired goals
of doing so, so this patch removes the pip based BaseTools from
edk2 CI.
The original goal of moving BaseTools to a pip module was
primarily to speed up the development process, as the old edk2
mailing list was slow. However, with edk2 moving to PRs, it now
actually slows the BaseTools development process to have to do
a PR in another repo, publish the module, and then make a PR
in edk2 to consume the new BaseTools. It also holds up using
the features in a new BaseTools in other PRs.
There were other goals of moving, such as allowing projects to
use the BaseTools outside of edk2. This can still be accomplished
outside of this PR, this PR simply stops edk2 CI from using the
pip module.
Mike Beaton [Sun, 8 Sep 2024 10:33:43 +0000 (11:33 +0100)]
NetworkPkg/DxeNetLib: Update misleading comment
Commit 6862b9d538d96363635677198899e1669e591259 makes
more explicit the previous logic of the code anyway, which is that
it is (and was) only a fatal error if all secure algorithms fail.
However the comment updated by this commit seems somewhat
incompatible with that change, and even with the previous code
(which operated as now, just logging different error messages).
This updates the comment to be more compatible with how the
code operates.
Ceping Sun [Fri, 30 Aug 2024 01:21:48 +0000 (21:21 -0400)]
MdePkg/BaseLib: Add NULL version Tdx functions for other architectures
Currently, the NULL version Tdx functions are only built for Ia32.
In BaseLib, the others architectures also need such NULL version
Tdx functions.
Cc: Liming Gao <gaoliming@byosoft.com.cn> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Zhiguang Liu <zhiguang.liu@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Min Xu <min.m.xu@intel.com> Signed-off-by: Ceping Sun <cepingx.sun@intel.com>
UefiCpuPkg/PiSmmCpuDxeSmm: Remove RestrictedMemoryAccess check for MM CPU
The PcdCpuSmmRestrictedMemoryAccess is declared as either a dynamic or fixed
PCD. It is not recommended for use in the MM CPU driver.
Furthermore, IsRestrictedMemoryAccess() is only needed for SMM. Therefor,
there is no need for MM to consume the PcdCpuSmmRestrictedMemoryAccess.
So, this patch is to add the SMM specific file for its own functions, with
the change, the dependency of the MM CPU driver on
PcdCpuSmmRestrictedMemoryAccess can be removed.
Currently, mCpuSmmRestrictedMemoryAccess is only used by the
IsRestrictedMemoryAccess(). And IsRestrictedMemoryAccess() can
consume the PcdCpuSmmRestrictedMemoryAccess directly. Therefore,
mCpuSmmRestrictedMemoryAccess can be cleaned to simply the code
logic.
After the 9f29fbd3, full mapping SMM page table is always created
regardless the value of the PcdCpuSmmRestrictedMemoryAccess. If so,
SMM PageTable Attributes can be set to ready-only since there is no
need to update it. So, this patch is to remove restricted memory
access check when setting the SMM PageTable attributes.
SetPageTableAttributes() will use the IfReadOnlyPageTableNeeded() to
determine whether it is necessary to set the page table itself to
read-only. And IfReadOnlyPageTableNeeded() has already token into
account the status of IsRestrictedMemoryAccess(). Therefore, there
is no need for an additional call to IsRestrictedMemoryAccess()
before calling the SetPageTableAttributes().
UefiCpuPkg/PiSmmCpuDxeSmm: Always save and restore CR2
Following the commit 9f29fbd3, full mapping SMM page table is always
created regardless the value of the PcdCpuSmmRestrictedMemoryAccess.
Consequently, a page fault (#PF) that triggers an update to the page
table occurs only when SmiProfile is enabled. Therefore, it is
necessary to save and restore the CR2 register when SmiProfile is
configured to be enabled.
And the operation of saving and restoring CR2 is considered to be
not heavy operation compared to the saving and restoring of CR3.
As a result, the condition check for SmiProfile has been removed,
and CR2 is now saved and restored unconditionally, without the need
for additional condition checks.
SmiPFHandler depends on the IsSmmCommBufferForbiddenAddress() to do
the forbidden address check:
For SMM, verifying whether an address is forbidden is necessary only
when RestrictedMemoryAccess is enabled.
For MM, all accessible address is recorded in the ResourceDescriptor
HOB, so no need check the RestrictedMemoryAccess is enabled or not.
This patch is to move RestrictedMemoryAccess check into SMM
IsSmmCommBufferForbiddenAddress to align with above behavior. With
the change, SmiPFHandler doesn't need to check the
RestrictedMemoryAccess enable or not.
Nhi Pham [Fri, 30 Aug 2024 08:06:47 +0000 (15:06 +0700)]
MdePkg/IndustryStandard: Add definitions for IPMI Boot Progress Code
This adds constants and structure definitions for Send/Get Boot Progress
Code through IPMI, according to Server Base Manageability Requirements
(SBMR) [1], Appendix F.
Ashraf Ali [Sun, 1 Sep 2024 17:07:11 +0000 (22:37 +0530)]
BaseTools: Disable MSVC volatileMetadata for VS2019 and VS2022 for X64
Starting with Visual Studio 2019 version 16.10, the /volatileMetadata
option is enabled by default when generating x64 code.
This patch disables the /volatileMetadata option for x64 builds in both
VS2019 and VS2022.
We observed a slight increase in used space for the Firmware volumes in
VS2019. Upon investigation, we found that VS2019 version 16.10 enabled
this feature by default. Disabling /volatileMetadata helps reduce the
used space by approximately 3.5KB by considering the 2 Firmware volumes
(2KB uncompressed FV and 1.5KB of compressed FV)
Signed-off-by: Ashraf Ali <ashraf.ali.s@intel.com>
EmbeddedPkg/PrePiHobLib: Align Doxygen comment between code and header
The Doxygen comment for SetBootMode and GetBootMode in PrePiHobLib/Hob.c
does not match declaration in PrePiLib.h. The C file has it wrong. Align
the text to match the header.
In BmFindBootOptionInVariable() we prevent passing a NULL pointer to
EfiBootManagerFindLoadOption(). However, it can accept a NULL pointer as
the second argument as long as count is zero. This change updates the
assert condtion to only assert if the pointer is NULL and the count is
non-zero.
Mike Maslenkin [Fri, 9 Aug 2024 10:16:52 +0000 (13:16 +0300)]
RedfishPkg: PlatformHostInterfaceBmcUsbNicLib: use credential protocol
This patch replaces call of IpmiSubmitCommand() issued
REDFISH_IPMI_BOOTSTRAP_CREDENTIAL_ENABLE IPMI command to check
whether bootstrap credential support enabled or not.
The problem is that in accordance with IPMI spec while handling
such command BMC creates bootstrap account. The credentials of this account
is returned as a response. Obviously in this code the response is not used.
From the other side there is an implementation
of EDKII_REDFISH_CREDENTIAL_PROTOCOL exists and used by
RedfishPlatformCredentialIpmiLib.
By design RedfishPlatformCredentialIpmiLib keeps returned bootstrap
credentials and uses it later. So all services using
EDKII_REDFISH_CREDENTIAL_PROTOCOL instance operates with a same
credentials.
Current design of PlatformHostInterfaceBmcUsbNicLib leads to creation
of two bootstrap accounts on BMC side. This is on nesseccary and one
account is not used at all.
Using EDKII_REDFISH_CREDENTIAL_PROTOCOL prevents from creating useless
bootstrap account on BMC side.
Signed-off-by: Mike Maslenkin <mike.maslenkin@gmail.com>
PlatformHostInterfaceBmcUsbNicLib.c: In function 'CheckBmcUsbNic':
PlatformHostInterfaceBmcUsbNicLib.c:1253:14: error: error: 'HandleBuffer'
may be used uninitialized in this function [-Werror=maybe-uninitialized]
Status =
CheckBmcUsbNicOnHandles (BufferSize/sizeof (EFI_HANDLE), HandleBuffer);
cc1: all warnings being treated as errors
Signed-off-by: Mike Maslenkin <mike.maslenkin@gmail.com>
Move all BaseCryptLib resolutions for 32-bit ARM to MbedTls, which does
not require a softfloat library, which can therefore be dropped from
EDK2 entirely going forward.
Note that this implies no TLS networking for 32-bit ARM, as this code
has a direct dependency on OpenSSL, so move the TlsLib resolution to a
AARCH64-only section to force the build to fail early when attempting to
build 32-bit ARM targets with NETWORK_TLS_ENABLE set.
John Strange [Thu, 4 Jul 2024 15:48:12 +0000 (08:48 -0700)]
SecurityPkg: Tcg2Acpi: Remove _DSM Memory Clear and _PTS
This patch removes the _DSM Memory Clear and MOR
auto-detect functionality via _PTS, as
_DSM Memory Clear was deprecated in TCG PC Client
Reset Attack Mitigation Spec Version 1.10 revision 17
Family "2.0" and _PTS is deemed security deficient.
Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
Ken Lautner [Fri, 23 Aug 2024 22:39:53 +0000 (15:39 -0700)]
MdeModulePkg: Fix redundant call to RestoreTpl()
Comments out a redundant call to RestoreTpl(). While this does not
technically violate spec on raise/restore TPL, TPL should already be at
the specified level. This extra call introduces an asymmetry between
RaiseTpl and RestoreTpl calls, which makes analysis of TPL correctness
more difficult and hampers certain non-standard TPL usages that some
platforms require. Additionally, the two TPL variables were renamed to
provide context for each of them.
Ken Lautner [Fri, 23 Aug 2024 22:33:55 +0000 (15:33 -0700)]
MdeModulePkg: Add extra RestoreTpl() call in DiskIo
Adds a call to RestoreTpl() in DiskIo2ReadWriteDisk(). While the current
implementation does not technically violate spec on raise/restore TPL,
this extra call ensures symmetry between RaiseTpl and RestoreTpl calls,
which makes analysis of TPL correctness simpler and permits certain
non-standard TPL usages that some platforms require.
ArmVirtPkg: Resolve RngLib via RngDxe for TRNG support
Gerd reports that ArmVirtQemu running under KVM lost network boot
support on systems that do not implement the RNDR/RNDRRS system
registers, which provide an architectural, CPU-based source of random
numbers. Under KVM, the TRNG SMCCC is available as a fallback, which is
exposed via RngDxe but not via the base RngLib library. This means that
direct users of RngLib, such as OpensslLib, have no access to the TRNG
based entropy source.
Let's fix this by resolving RngLib dependencies for UEFI_DRIVER type
drivers via DxeRngLib, which uses the protocol exposed by RngDxe
internally.
- This PR aims to prevent a buffer overrun issue found in FtwGetLastWriteHeader
function.As per the current code, when there is a malformed blocks (with all bytes as 0s)
then `Offset += FTW_WRITE_TOTAL_SIZE (FtwHeader->NumberOfWrites,
FtwHeader->PrivateDataSize)` would access beyond FtwWorkSpaceSize.
- Also added the signature check to validate work space
Parth [Tue, 6 Aug 2024 16:49:09 +0000 (11:49 -0500)]
MdePkg:Update Return Error Macro in Base.h
Fixing RETURN_ERROR macro.
It is causing problem in Coverity Static analysis tool as we are directly converting the UINT value to INTN
Changing value from UINT to INTN might cause problem. Here we know that the values would not be in loss of data.
To increase the code quality and increase the static tool analysis score we have to change it
Ceping Sun [Wed, 28 Aug 2024 05:16:34 +0000 (01:16 -0400)]
OvmfPkg: Use TdHob instead of e820tables to get memory info in TDVF
Currently, TDVF gets LowMemory and FistNonAddress from the e820tables
via fw_cfg, while TD-Hob can also provide the memory info of LowMemory
and FistNonAddress.
In current stage e820tables are not measured but TD-Hob is measured in
early phase by TDVF.
So, from the security perspective we'd better use the information from
TD-Hob instead of e820tables.
Cc: Erdem Aktas <erdemaktas@google.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Min Xu <min.m.xu@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Elena Reshetova <elena.reshetova@intel.com> Signed-off-by: Ceping Sun <cepingx.sun@intel.com>
Jason Zhao [Mon, 2 Sep 2024 12:41:42 +0000 (20:41 +0800)]
MdePkg/SmBios.h: Add new Processor Upgrade definition for SMBIOS Type4
The patch adds ProcessorUpgradeInvalid(0xFF) definition in Processor
Upgrade(Type 4, Offset 19h) for SMBIOS Type4 based on SMBIOS v3.8.0.
Processor Upgrade should be 0xFF when no other valid enumeration is
available.
Ashraf Ali [Wed, 14 Aug 2024 17:46:29 +0000 (23:16 +0530)]
SecurityPkg: Optimization by moving PeiServicesLocatePpi outside loop
This update refactors the code by moving the LocatePpi function call
outside of the for loop where it was previously called repeatedly.
By relocating the LocatePpi invocation outside of the loop,
we improve the efficiency of the code by avoiding redundant lookups.
Signed-off-by: Ashraf Ali <ashraf.ali.s@intel.com>
John Baldwin [Mon, 3 Oct 2022 22:47:08 +0000 (15:47 -0700)]
MdePkg: Fix a buffer overread.
DevPathToTextUsbWWID allocates a separate copy of the SerialNumber
string to append a null terminator if the original string is not null
terminated. However, by using AllocateCopyPool, it tries to copy
'Length + 1' words from the existing string containing 'Length'
characters into the target string. Split the copy out to only copy
'Length' characters instead.
This was reported by GCC's -Wstringop-overread when compiling a copy
of this routine included in a library on FreeBSD.
Rebecca Cran [Wed, 7 Aug 2024 12:57:28 +0000 (06:57 -0600)]
pip-requirements.txt: Bump versions of several packages and fix URL
edk2-basetools was depending on old versions of several packages. That
was fixed in version 0.1.53. Update pip-requirements.txt to use that
version, and bump the versions and dependency expressions of other
packages to use or allow use of newer versions.
Also, update the URL to the requirements file format since it's
moved.
Nhi Pham [Wed, 14 Aug 2024 11:06:22 +0000 (18:06 +0700)]
FatPkg/EnhancedFatDxe: Downgrade debug level for no media found
It is normal for a disk to not have FAT file system (known as No Media),
therefore, it should not produce a "failed" entry in the boot console.
This aims to lower the debug level to verbose.
Joey Vagedes [Mon, 19 Aug 2024 15:36:21 +0000 (08:36 -0700)]
UefiPayloadPkg/UefiPayloadPkg.ci.yaml: Add PrEval CI config
Adds an entry to the package's CI configuration file that enable policy
5 for stuart_pr_eval. With this Policy, all INFs used by the package are
extracted from the provided DSC file and compared against the list of
changed *.inf (INF) files in the PR. If there is a match, stuart_pr_eval
will specify that this package is affected by the PR and needs to be
tested.
Joey Vagedes [Mon, 19 Aug 2024 15:36:03 +0000 (08:36 -0700)]
UefiCpuPkg/UefiCpuPkg.ci.yaml: Add PrEval CI config
Adds an entry to the package's CI configuration file that enable policy
5 for stuart_pr_eval. With this Policy, all INFs used by the package are
extracted from the provided DSC file and compared against the list of
changed *.inf (INF) files in the PR. If there is a match, stuart_pr_eval
will specify that this package is affected by the PR and needs to be
tested.
Joey Vagedes [Mon, 19 Aug 2024 15:35:43 +0000 (08:35 -0700)]
StandaloneMmPkg/StandaloneMmPkg.ci.yaml: Add PrEval CI config
Adds an entry to the package's CI configuration file that enable policy
5 for stuart_pr_eval. With this Policy, all INFs used by the package are
extracted from the provided DSC file and compared against the list of
changed *.inf (INF) files in the PR. If there is a match, stuart_pr_eval
will specify that this package is affected by the PR and needs to be
tested.
Joey Vagedes [Mon, 19 Aug 2024 15:35:23 +0000 (08:35 -0700)]
SourceLevelDebugPkg/SourceLevelDebugPkg.ci.yaml: Add PrEval CI config
Adds an entry to the package's CI configuration file that enable policy
5 for stuart_pr_eval. With this Policy, all INFs used by the package are
extracted from the provided DSC file and compared against the list of
changed *.inf (INF) files in the PR. If there is a match, stuart_pr_eval
will specify that this package is affected by the PR and needs to be
tested.
Joey Vagedes [Mon, 19 Aug 2024 15:34:56 +0000 (08:34 -0700)]
SignedCapsulePkg/SignedCapsulePkg.ci.yaml: Add PrEval CI config
Adds an entry to the package's CI configuration file that enable policy
5 for stuart_pr_eval. With this Policy, all INFs used by the package are
extracted from the provided DSC file and compared against the list of
changed *.inf (INF) files in the PR. If there is a match, stuart_pr_eval
will specify that this package is affected by the PR and needs to be
tested.
Joey Vagedes [Mon, 19 Aug 2024 15:34:36 +0000 (08:34 -0700)]
ShellPkg/ShellPkg.ci.yaml: Add PrEval CI config
Adds an entry to the package's CI configuration file that enable policy
5 for stuart_pr_eval. With this Policy, all INFs used by the package are
extracted from the provided DSC file and compared against the list of
changed *.inf (INF) files in the PR. If there is a match, stuart_pr_eval
will specify that this package is affected by the PR and needs to be
tested.
Joey Vagedes [Mon, 19 Aug 2024 15:34:21 +0000 (08:34 -0700)]
SecurityPkg/SecurityPkg.ci.yaml: Add PrEval CI config
Adds an entry to the package's CI configuration file that enable policy
5 for stuart_pr_eval. With this Policy, all INFs used by the package are
extracted from the provided DSC file and compared against the list of
changed *.inf (INF) files in the PR. If there is a match, stuart_pr_eval
will specify that this package is affected by the PR and needs to be
tested.
Joey Vagedes [Mon, 19 Aug 2024 15:33:56 +0000 (08:33 -0700)]
PcAtChipsetPkg/PcAtChipsetPkg.ci.yaml: Add PrEval CI config
Adds an entry to the package's CI configuration file that enable policy
5 for stuart_pr_eval. With this Policy, all INFs used by the package are
extracted from the provided DSC file and compared against the list of
changed *.inf (INF) files in the PR. If there is a match, stuart_pr_eval
will specify that this package is affected by the PR and needs to be
tested.
Joey Vagedes [Mon, 19 Aug 2024 15:33:36 +0000 (08:33 -0700)]
NetworkPkg/NetworkPkg.ci.yaml: Add PrEval CI config
Adds an entry to the package's CI configuration file that enable policy
5 for stuart_pr_eval. With this Policy, all INFs used by the package are
extracted from the provided DSC file and compared against the list of
changed *.inf (INF) files in the PR. If there is a match, stuart_pr_eval
will specify that this package is affected by the PR and needs to be
tested.
Joey Vagedes [Mon, 19 Aug 2024 15:33:13 +0000 (08:33 -0700)]
EmulatorPkg/EmulatorPkg.ci.yaml: Add PrEval CI config
Adds an entry to the package's CI configuration file that enable policy
5 for stuart_pr_eval. With this Policy, all INFs used by the package are
extracted from the provided DSC file and compared against the list of
changed *.inf (INF) files in the PR. If there is a match, stuart_pr_eval
will specify that this package is affected by the PR and needs to be
tested.
Joey Vagedes [Mon, 19 Aug 2024 15:32:50 +0000 (08:32 -0700)]
ArmPlatformPkg/ArmPlatformPkg.ci.yaml: Add PrEval CI config
Adds an entry to the package's CI configuration file that enable policy
5 for stuart_pr_eval. With this Policy, all INFs used by the package are
extracted from the provided DSC file and compared against the list of
changed *.inf (INF) files in the PR. If there is a match, stuart_pr_eval
will specify that this package is affected by the PR and needs to be
tested.
Joey Vagedes [Mon, 19 Aug 2024 15:22:02 +0000 (08:22 -0700)]
ArmPkg/ArmPkg.ci.yaml: Add PrEval CI config
Adds an entry to the package's CI configuration file that enable policy
5 for stuart_pr_eval. With this Policy, all INFs used by the package are
extracted from the provided DSC file and compared against the list of
changed *.inf (INF) files in the PR. If there is a match, stuart_pr_eval
will specify that this package is affected by the PR and needs to be
tested.
From SCT testing report, Reset() does not support the case when
ExtendedVerification is set to FALSE. So, we should return
EFI_INVALID_PARAMETER in this case. For details, please refer to
Bug 4729.
Ken Lautner [Wed, 28 Aug 2024 18:17:22 +0000 (11:17 -0700)]
NetworkPkg: DxeHttpLib: Use HTTP error 429
Include a mapping for HTTP error 429 to return the correct
status code. Additionally include a link to the official
HTTP status codes in the HttpMappingToStatusCode function header.
This library is designed for handling variable HII checks within the
Standalone MMm environment. It includes the functions
dedicated to registering handlers that process information received
from VarCheckHiiLibMmDependency.
Cc: Liming Gao <gaoliming@byosoft.com.cn> Cc: Rahul Kumar <rahul1.kumar@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Star Zeng <star.zeng@intel.com> Cc: Hongbin1 Zhang <hongbin1.zhang@intel.com> Cc: Wei6 Xu <wei6.xu@intel.com> Cc: Dun Tan <dun.tan@intel.com> Cc: Dandan Bi <dandan.bi@intel.com> Signed-off-by: Yuanhao Xie <yuanhao.xie@intel.com>
VarCheckHiiLibMmDependency retrieve data (mVarCheckHiiBin) at the end
of the DXE phase, and pass the acquired data to the
VarCheckHiiLibStandaloneMm through a communication protocol.
Cc: Liming Gao <gaoliming@byosoft.com.cn> Cc: Rahul Kumar <rahul1.kumar@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Star Zeng <star.zeng@intel.com> Cc: Hongbin1 Zhang <hongbin1.zhang@intel.com> Cc: Wei6 Xu <wei6.xu@intel.com> Cc: Dun Tan <dun.tan@intel.com> Cc: Dandan Bi <dandan.bi@intel.com> Signed-off-by: Yuanhao Xie <yuanhao.xie@intel.com>
projects / people / aperard / ovmf.git / log