Clear fix httpboot #461
Open
Clear fix httpboot #461
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The ArmGicAcknowledgeInterrupt () returns the value returned by the Interrupt Acknowledge Register and the InterruptID separately in an out parameter. The function documents the following: 'InterruptId is returned separately from the register value because in the GICv2 the register value contains the CpuId and InterruptId while in the GICv3 the register value is only the InterruptId.' This function skips setting the InterruptId in the out parameter for GICv3. Although the return value from the function is the InterruptId for GICv3, this breaks the function usage model as the caller expects the InterruptId in the out parameter for the function. e.g. The caller may end up using the InterruptID which could potentially be an uninitialised variable value. Therefore, set the InterruptID in the function out parameter for GICv3 as well. Signed-off-by: Sami Mujawar <sami.mujawar@arm.com> Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
When a UEFI_DRIVER attempts to open a protocol interface with BY_DRIVER attribute that it already has open with BY_DRIVER attribute, OpenProtocol() returns EFI_ALREADY_STARTED. This is not an error. The UEFI-2.7 spec currently says, > EFI_ALREADY_STARTED -- Attributes is BY_DRIVER and there is an item on > the open list with an attribute of BY_DRIVER > whose agent handle is the same as AgentHandle. Downgrade the log mask for this one condition to DEBUG_INFO, in SataControllerStart(). This will match the log mask of the other two informative messages in this function. (ported from commit 5dfba97) Signed-off-by: Pedro Falcato <pedro.falcato@gmail.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
ASSERT (Private != NULL) already covers this check. See commit 81310a6. Signed-off-by: Pedro Falcato <pedro.falcato@gmail.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
ASSERT (Private != NULL) (where Private = CR(...)) is ineffective as CR(Ptr, Type, Member, Sig) either returns Ptr - offsetof(Type, Member), or ASSERTS on the signature, so it's unlikely to ever return NULL (must be passed a pointer = member's offset, or in this case, 0x4). ASSERT on This != NULL instead. Signed-off-by: Pedro Falcato <pedro.falcato@gmail.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
Replace the OVMF-specific SataControllerDxe (to be later removed) with
the generic, MdeModulePkg one, for OvmfPkg{Ia32, X64, Ia32X64} platforms.
Tested-by: Gerd Hoffmann <kraxel@redhat.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Pedro Falcato <pedro.falcato@gmail.com>
Acked-by: Ard Biesheuvel <ardb@kernel.org>
Replace the OVMF-specific SataControllerDxe (to be later removed) with the generic, MdeModulePkg one, for the Microvm platform. Signed-off-by: Pedro Falcato <pedro.falcato@gmail.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Acked-by: Ard Biesheuvel <ardb@kernel.org> Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Replace the OVMF-specific SataControllerDxe (to be later removed) with the generic, MdeModulePkg one, for the Bhyve platform. Signed-off-by: Pedro Falcato <pedro.falcato@gmail.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Ard Biesheuvel <ardb@kernel.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Acked-by: Peter Grehan <grehan@freebsd.org> Acked-by: Corvin Köhne <corvink@FreeBSD.org>
Replace the OVMF-specific SataControllerDxe (to be later removed) with the generic, MdeModulePkg one, for the CloudHv platform. Signed-off-by: Pedro Falcato <pedro.falcato@gmail.com> Acked-by: Ard Biesheuvel <ardb@kernel.org> Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Replace the OVMF-specific SataControllerDxe (to be later removed) with the generic, MdeModulePkg one, for the IntelTdx platform. Signed-off-by: Pedro Falcato <pedro.falcato@gmail.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Ard Biesheuvel <ardb@kernel.org>
Replace the OVMF-specific SataControllerDxe (to be later removed) with the generic, MdeModulePkg one, for the AmdSev platform. Signed-off-by: Pedro Falcato <pedro.falcato@gmail.com> Acked-by: Ard Biesheuvel <ardb@kernel.org> Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Replace the OVMF-specific SataControllerDxe (to be later removed) with the generic, MdeModulePkg one, for the OvmfXen platform. Signed-off-by: Pedro Falcato <pedro.falcato@gmail.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Ard Biesheuvel <ardb@kernel.org> Acked-by: Anthony PERARD <anthony.perard@citrix.com>
Now that OvmfPkg/SataControllerDxe and its MdeModulePkg counterpart have been unified, and no in-tree uses of the OVMF variant remain, let's delete it. Tested-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Pedro Falcato <pedro.falcato@gmail.com> Acked-by: Ard Biesheuvel <ardb@kernel.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
…view. As per the SMBIOS spec, in smbios type0 table, if the Bios size is greater than 16MB, extended bios size is used to update size information and bios size is set to 0xff. when this data is printed by smbiosview, both bios size and extended bios size is printed if the smbios version is beyond 3.1, which is incorrect as Bios size is set to 0xff when rom size is more than 16MB. To fix this bug, added a condition to print bios size only when it is not set to 0xff or if the smbios version is older than 3.1. Signed-off-by: Thejaswani Putta <tputta@nvidia.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Zhichao Gao <zhichao.gao@intel.com> Reviewed-by: Zhichao Gao <zhichao.gao@intel.com>
In case ShellConvertStringToUint64() fails the Handles are left uninitialized. That can for example happen for Handle2 and Handle3 in case only one parameter was specified on the command line. Which can trigger the ASSERT() in line 185. Reproducer: boot ovmf to efi shell in qemu, using q35 machine type, then try disconnect the sata controller in efi shell. Fix that by explicitly setting them to NULL in that case. While being at it also simplify the logic and avoid pointlessly calling ShellConvertStringToUint64() in case ParamN is NULL. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Zhichao Gao <zhichao.gao@intel.com>
Uncrustify checks are too rigid, making them counter-productive: - it leads to code that is arguably harder to parse visually (e.g., the changes to ArmPkg/Include/Chipset/AArch64Mmu.h in commit 429309e) - it forces indentation-only changes to code in the vicinity of actual changes, making the code history more bloated than necessary (see commit 7f19832 for an example) - finding out from the web UI what exactly Uncrustify objected to is not straight-forward. So let's enable AuditMode for ArmPkg, so that interested parties can see the uncrustify recommendations if desired, but without preventing the changes from being merged. This leaves it at the discretion of the ArmPkg maintainers to decide which level of conformance is required. Cc: Leif Lindholm <quic_llindhol@quicinc.com> Cc: "Kinney, Michael D" <michael.d.kinney@intel.com> Cc: Michael Kubacki <mikuback@linux.microsoft.com> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Reviewed-by: Leif Lindholm <quic_llindhol@quicinc.com>
They are useful for those platforms where SMC SiP calls exist. Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org> Reviewed-by: Leif Lindholm <quic_llindhol@quicinc.com>
The RISC-V version of the DXE IPL does not implement setting the stack NX, so before switching to an implementation that will ASSERT() on the missing support, drop the PCD setting that enables it. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Reviewed-by: Sunil V L <sunilvl@ventanamicro.com>
Edk2 was failing, rather than creating more PML4 entries, when they weren't present in the initial memory acceptance flow. Because of that VMs with more than 512G memory were crashing. This code fixes that. This change affects only SEV-SNP VMs. The code was tested by successfully booting a 512G SEV-SNP VM. Signed-off-by: Mikolaj Lisik <lisik@google.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Tom Lendacky <thomas.lendacky@amd.com>
Xen and bhyve are placing ACPI tables into system memory. So, they can share the same code. Therefore, create a new library which searches and installs ACPI tables from system memory. Signed-off-by: Corvin Köhne <corvink@FreeBSD.org> Reviewed-by: Anthony PERARD <anthony.perard@citrix.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com>
This makes the function reuseable by bhyve. Signed-off-by: Corvin Köhne <corvink@FreeBSD.org> Reviewed-by: Anthony PERARD <anthony.perard@citrix.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com>
It's much easier to create configuration dependent ACPI tables for bhyve than for OVMF. For this reason, don't use the statically created ACPI tables provided by OVMF. Instead, prefer the dynamically created ACPI tables of bhyve. If bhyve provides no ACPI tables or we are unable to detect those, fall back to OVMF tables. Ideally, we use the qemu fwcfg interface to pass the ACPI tables from bhyve to OVMF. bhyve will support this in the future. However, current bhyve executables don't support passing ACPI tables by the qemu fwcfg interface. They just copy the ACPI into main memory. For that reason, pick up the ACPI tables from main memory. Signed-off-by: Corvin Köhne <corvink@FreeBSD.org> Reviewed-by: Rebecca Cran <rebecca@bsdio.com> Acked-by: Peter Grehan <grehan@freebsd.org> Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Currently, CharEncodingCheckPlugin prints a message for every file that passes the test, which for some platforms can cause most of the CI build log to be filled with this print. It does not add any value, so this patch removes the noisy print and only prints if the encoding check fails. Cc: Sean Brogan <sean.brogan@microsoft.com> Cc: Michael Kubacki <mikuback@linux.microsoft.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Liming Gao <gaoliming@byosoft.com.cn> Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Michael Kubacki <michael.kubacki@microsoft.com> Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4474 ACPI_Spec_6_5_Aug29 Table 5.19 page 128 that MADT Revision field is 6. Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Liming Gao <gaoliming@byosoft.com.cn> Cc: Zhiguang Liu <zhiguang.liu@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Aryeh Chen <aryeh.chen@intel.com> Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn> Tested-by: Aryeh Chen <aryeh.chen@intel.com>
Implement the SpeculationBarrier with implementations consisting of fence instruction which provides finer-grain memory orderings. Perform Data Barrier in RiscV: fence rw,rw Perform Instruction Barrier in RiscV: fence.i; fence r,r More detail is in Appendix A: RVWMO Explanatory Material in https://github.com/riscv/riscv-isa-manual This API is first introduced in the below commits for IA32 and x64 tianocore/edk2@d9f1cac tianocore/edk2@e83d841 and below the commit for ARM and AArch64 implementation tianocore/edk2@c0959b4 This commit is to add the RiscV64 implementation which will be used by variable service under Variable/RuntimeDxe Cc: Andrei Warkentin <andrei.warkentin@intel.com> Cc: Evan Chai <evan.chai@intel.com> Cc: Sunil V L <sunilvl@ventanamicro.com> Cc: Tuan Phan <tphan@ventanamicro.com> Signed-off-by: Yong Li <yong.li@intel.com> Reviewed-by: Sunil V L <sunilvl@ventanamicro.com>
If there is no port multiplier, PortMultiplierPort should be converted to 0 to follow AHCI spec. The same logic already applied in AtaAtapiPassThruDxe driver. Signed-off-by: Neo Hsueh <Hong-Chih.Hsueh@amd.com> Acked-by: Abner Chang <abner.chang@amd.com> Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
RedfishClientPkg is moved from edk2-staging repository to edk2-redfish-client repository. Update the link in Readme.md to new location. Signed-off-by: Nickle Wang <nicklew@nvidia.com> Cc: Abner Chang <abner.chang@amd.com> Cc: Igor Kulchytskyy <igork@ami.com> Reviewed-by: Abner Chang <abner.chang@amd.com>
Supreeth is no longer supreeth.venkatesh@arm.com. Therefore, remove the reviewer entry from StandaloneMmPkg. Signed-off-by: Sami Mujawar <sami.mujawar@arm.com>
Add Ray, remove Jiewen. Signed-off-by: Ray Ni <ray.ni@intel.com> Reviewed-by: Sami Mujawar <sami.mujawar@arm.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Currently, have two command for pre-build binary support
1. --BuildEntryOnly: build UPL Entry file
2. --PreBuildUplBinary: build UPL binary based on UPL
And these two commands should be exclusived, shouldn't
have chance run it in the meantime.
Case1: Build UPL entry with CLANGDWARF
python UefiPayloadPkg/UniversalPayloadBuild.py --BuildEntryOnly
Case2: Use pre-built UPL entry and build other fv by VS2019
python UefiPayloadPkg/UniversalPayloadBuild.py -t VS2019 \
--PreBuildUplBinary UniversalPayload.elf
Case3: Build UPL Entry with CLANGDWARF and build other fv by VS2019
python UefiPayloadPkg/UniversalPayloadBuild.py -t VS2019
Cc: Guo Dong <guo.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Sean Rhodes <sean@starlabs.systems>
Cc: James Lu <james.lu@intel.com>
Cc: Gua Guo <gua.guo@intel.com>
Signed-off-by: Gua Guo <gua.guo@intel.com>
Reviewed-by: James Lu <james.lu@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Yi Li <yi1.li@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
In Pkcs7 spec RFC2315: The IMPLICIT [0] tag in the authenticatedAttributes field is not part of the Attributes value. The Attributes value’s tag is SET OF, and the DER encoding of the SET OF tag, rather than of the IMPLICIT [0] tag, is to be digested along with the length and contents octets of the Attributes value. And this operation is same with Openssl code ``` alen = ASN1_item_i2d((ASN1_VALUE *)sk, &abuf, ASN1_ITEM_rptr(PKCS7_ATTR_VERIFY)); ``` in PKCS7_signatureVerify API. Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
The before TlsSetCaCertificate use local variable is wrong. Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Wenxing-hou
force-pushed
the
clear_fix_httpboot
branch
from
dc429a5
to
eb29e61
Compare
liyi77
reviewed
Jan 5, 2024
| mbedtls_ecp_group_id grp_id; | ||
| UINT16 *GroupList; | ||
|
|
||
| GroupList = AllocateZeroPool(sizeof(UINT16) * 2); |
There was a problem hiding this comment.
Where to free this pool? I am worried about potential memory leak.
There was a problem hiding this comment.
- conf and fd context not free after use too: TlsConn->fd;TlsConn->Conf
- if need to use pools, it is best to add them to Tls context.
liyi77
reviewed
Jan 5, 2024
| mbedtls_ssl_conf_ca_chain((mbedtls_ssl_config *)TlsConn->Ssl->conf, &Crt, NULL); | ||
| mbedtls_x509_crt_free(&Crt); | ||
| mbedtls_ssl_conf_ca_chain((mbedtls_ssl_config *)TlsConn->Ssl->conf, Crt, NULL); | ||
| mbedtls_ssl_conf_cert_profile((mbedtls_ssl_config *)TlsConn->Ssl->conf, &mbedtls_x509_crt_profile_default); |
There was a problem hiding this comment.
can we move mbedtls_ssl_conf_cert_profile() and mbedtls_ssl_conf_sig_algs() to init function?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Change
memcpytoCopyMemand changedmalloctoAllocateZeroPool.