Bot releases are visible (Hide)
Published by github-actions[bot] 9 months ago
AdvLoggerPkg: 64-bit SEC & PEI C Code changes
C code changes for building the code as 64-bit.
AdvLoggerPkg/SecDebugAgent: Update for 64-bit
Allows the module to be built for 64-bit SEC.
N/A - Appropriate code will be built based on module architecture.
Note: In draft while testing is in progress.
Full Changelog: https://github.com/microsoft/mu_plus/compare/v2023020006.0.2...v2023020006.1.0
Published by github-actions[bot] 9 months ago
Tested with CI
N/A
Full Changelog: https://github.com/microsoft/mu_plus/compare/v2023020006.0.1...v2023020006.0.2
Published by github-actions[bot] 9 months ago
The advanced logging at runtime is lack of usage. However, this becomes increasingly important for server platforms, where the system could potentially stay up for months, or even years. This will make the advanced logger fill up the buffer during runtime/MM logging well ahead of a reset event, making the buffer content stale when being reviewed.
This change added a feature PCD guarded feature that, when enabled, will automatically wrap the LogCurrent cursor to the beginning and continue to log. This will effectively create a circular buffer as the stale content will remain in place. The tooling update is still under development.
This was tested on QEMU Q35 along with the UEFI shell based test app to verify that the entry after wrapping is correct and is multi-threading safe.
Platforms can enable this feature by setting gAdvLoggerPkgTokenSpaceGuid.PcdAdvancedLoggerAutoClearEnable|TRUE
Adds commits that only applied Uncrustify formatting or converted
line endings to a .git-blame-ignore-revs file so they are ignored
by git blame. This is supported by GitHub:
https://github.blog/changelog/2022-03-24-ignore-commits-in-the-blame-view-beta/
This helps clean up git blame by filtering out these changes.
Note: This file needs to be updated on rebase branches. Processes
like filter-branch can automatically update relevant SHAs.
git blame
N/A
https://github.com/microsoft/mu_plus/commit/267e27f6a64a80fe82e5ea9adef25edc71776ba3 change introduced a build error on certain platforms, due to a local variable being used uninitialized. This change will set the variable to 0 before usage.
This change is tested with LineParserTestApp on QEMU Q35 platform.
N/A
https://github.com/microsoft/mu_plus/commit/267e27f6a64a80fe82e5ea9adef25edc71776ba3 change introduced a build error on certain platforms, due to a local variable being used uninitialized. This change will set the variable to 0 before usage.
This change is tested with LineParserTestApp on QEMU Q35 platform.
N/A
Full Changelog: https://github.com/microsoft/mu_plus/compare/v2023020006.0.0...v2023020006.0.1
Published by github-actions[bot] 9 months ago
Please ensure you have read the contribution docs prior
to submitting the pull request. In particular,
pull request guidelines.
This change introduces a new message entry structure, which contains extra information of log producer and can be used to differentiate the different boot phases, i.e. PEI, DXE, SMM, etc. Platforms that have multiple firmware entities can leverage this extra information to distinguish coalesced memory logging regions.
The updated applications (UEFI shell app and host OS Python script) are also updated to support new message entry structure while maintaining the backwards compatibility.
Resolves https://github.com/microsoft/mu_plus/issues/375.
For each item, place an "x" in between [
and ]
if true. Example: [x]
.
(you can also check items in the GitHub UI)
This change was tested on QEMU Q35 and verified that prefix are properly injected for DXE phase prints.
The log parsers are updated, thus platforms use the existing parser should pick up the latest tool from mu_plus. For platforms that carry their own implementation, they should add the proper support in their own implementation before picking up this change from mu_plus.
Full Changelog: https://github.com/microsoft/mu_plus/compare/v2023020005.0.0...v2023020006.0.0
Published by github-actions[bot] 9 months ago
mu_plus commit f535499 creates DXE and SMM instances of MemoryProtectionTestApp, and updates the naming of the support driver for the SMM test app. This split is to support testing for platforms which do not use SMM.
Instances of the following will need to be DELETED
UefiTestingPkg/FunctionalSystemTests/MemoryProtectionTest/App/MemoryProtectionTestApp.inf
UefiTestingPkg/FunctionalSystemTests/MemoryProtectionTest/Smm/MemoryProtectionTestSmm.inf
The following will need to be ADDED for unit test builds
โUefiTestingPkg/FunctionalSystemTests/MemoryProtectionTest/App/DxeMemoryProtectionTestApp.inf
If the platform uses SMM, add this to the platform DSC
UefiTestingPkg/FunctionalSystemTests/MemoryProtectionTest/App/SmmMemoryProtectionTestApp.inf
And this to both the platform DSC and FDF files
โUefiTestingPkg/FunctionalSystemTests/MemoryProtectionTest/Driver/SmmMemoryProtectionTestDriver.inf
https://github.com/microsoft/mu_plus/commit/f5354997aee1fb5caee28d92e232fe638ebf965b split the MemoryProtectionTestApp into DXE and SMM instances but did not delete the old files to give consumers time to update their platform DSC files. This PR is the breaking change which removes the old files.
N/A
N/A
Full Changelog: https://github.com/microsoft/mu_plus/compare/v2023020004.1.2...v2023020005.0.0
Published by github-actions[bot] 9 months ago
The MemoryInfoDatabase.dat file contains information about the content of memory regions. If an entry in the database file is invalid, it will break the generation of the paging audit. Before adding the stack info to the database file, check that the stack size is greater than zero.
Tested on Q35 by generating the paging audit
N/A
This change set was primarily created to improve the accuracy of the DXE paging audit shell test. The problem was two-fold:
Patch breakdown:
This was tested on Q35 and an ARM platform. Some changes in test caused the UnallocatedMemoryIsRP() test to erroneously fail due to reason 1 above which has been fixed with this patch set. Additionally, this patch set was checked by comparing the shell test output to the full HTML paging audit to verify that errant regions are exact and consistent.
N/A
DxePagingAuditTestApp: When checking an image section characteristics, a bitmasking is done which incorrectly includes a logical OR instead of a bitwise OR.
FlatPageTableLib: The AARCH64 IsPageReadable() routine correctly checks for the no access, r/w case (0b00) but not the r/w, r/w case (0b01) because both 0b11 and 0b01 would pass the latter check.
Tested on a Surface ARM platform and SBSA
N/A
Full Changelog: https://github.com/microsoft/mu_plus/compare/v2023020004.1.1...v2023020004.1.2
Published by github-actions[bot] 10 months ago
This was discovered in a platform that uses AdvancedLogger Starting in Pei, but without permanent memory until after MRC runs.
(i.e. AdvancedLoggerLib PeiCore instance allocates CAR heap for the log buffer)
The platform makes uses of EFI_PEI_TEMPORARY_RAM_DONE_PPI, where is tears down all variable range MTRRs.
When PeiCore is reentered after memory has become available, it will relocate Hobs to system memory, then it will go through the Hobs and fix up the memory allocation pointers to point to the system memory addresses instead of the Heap addresses.
During this transition, the PlatformBlob pointer will become invalid, after CAR is torn down.
During the PeiCore's PeiServicesInstallPpi (&mMemoryDiscoveredPpi);
, a debug message will attempt to be output about the Install PPI:
of the Memory Discovered Ppi, and the current logic will attempt to use the PlatformBlob, which results in a memory exception (the pointer is all Fs).
This PR updates the logic in AdvancedLoggerGetLoggerInfo
to verify the PlatformBlob pointer contains the correct signature before returning it, and if that fails, it then will go through Memory Allocation Hobs to try to find a memory allocation that corresponds to the AdvancedLogger buffer. If it fails, it will fall through to the existing functionality of creating a new allocation hob.
For each item, place an "x" in between [
and ]
if true. Example: [x]
.
(you can also check items in the GitHub UI)
Verified that the system that was triggering an exception was able to function correctly after this change was incorporated.
N/A
</blockquote>
<hr>
</details>
Full Changelog: https://github.com/microsoft/mu_plus/compare/v2023020004.1.0...v2023020004.1.1
Published by github-actions[bot] 10 months ago
This PR introduces a "v2" implementation of UefiHidDxe that has significant refactoring to support unit tests and architectural improvements.
The long term plan is to eventually remove the original UefiHidDxe in favor of this implementation.
Tested under QEMU using simulated USB keyboard and mouse.
UefiHidDxeV2 is a drop-in replacement for UefiHidDxe; platforms that wish to move to the new implementation can do so by pulling in the new UefiHidDxeV2 and adding the necessary mockall crate to their workspace Cargo.toml.
This PR introduces a "v2" implementation of UefiHidDxe that has significant refactoring to support unit tests and architectural improvements.
The long term plan is to eventually remove the original UefiHidDxe in favor of this implementation.
Tested under QEMU using simulated USB keyboard and mouse.
UefiHidDxeV2 is a drop-in replacement for UefiHidDxe; platforms that wish to move to the new implementation can do so by pulling in the new UefiHidDxeV2 and adding the necessary mockall crate to their workspace Cargo.toml.
Full Changelog: https://github.com/microsoft/mu_plus/compare/v2023020004.0.5...v2023020004.1.0
Published by github-actions[bot] 10 months ago
Add header guards missing in some files
Some header files, such as those which define structures,
cannot be included more than once within a translation unit, as doing
so would cause a redefinition error. Such headers must be guarded to
prevent ill-effects from multiple inclusion. Similarly, if header
files include other header files, and this inclusion graph contains
a cycle, then at least one file within the cycle must contain header
guards in order to break the cycle. Because of cases like these, all
headers should be guarded as a matter of good practice, even if they
do not strictly need to be.
Furthermore, most modern compilers contain optimizations which are
triggered by header guards. If the header guard strictly conforms
to the pattern that compilers expect, then inclusions of that
header other than the first have absolutely no effect: the file
isn't re-read from disk, nor is it re-tokenised or re-preprocessed.
This can result in a noticeable, albeit minor, improvement to
compilation time.
MsWheaPkg/MsWheaEarlyStorageLib: Remove unused static function
Removes MsWheaCMOSStoreClearAll()
which is scoped to the file and
not used. Improves code readability and maintenance.
MsWheaPkg/MsWheaEarlyStorageLib: Remove unsigned comparisons to zero
Removes an unnecessary condition since unsigned values are always
greater than or equal to 0.
Build and CI.
N/A
Checks the index is within expected bounds before accessing the array.
CodeQL and package compilation.
N/A
Full Changelog: https://github.com/microsoft/mu_plus/compare/v2023020004.0.4...v2023020004.0.5
Published by github-actions[bot] 10 months ago
Please ensure you have read the contribution docs prior
to submitting the pull request. In particular,
pull request guidelines.
This change added support for enablement/disablement of advanced file logger through policy services. Platforms intending to support this functionality should produce policy prior to the driver load. The default configuration is set to file logger enabled.
For each item, place an "x" in between [
and ]
if true. Example: [x]
.
(you can also check items in the GitHub UI)
This is tested on QEMU Q35 and verified that not creating policy will remain producing log files, and disabling the policy will prevent the driver from logging any files to ESP.
In platform code, use SetPolicy
with gAdvancedFileLoggerPolicyGuid
to produce a policy entry for file logger driver to consume.
Full Changelog: https://github.com/microsoft/mu_plus/compare/v2023020004.0.3...v2023020004.0.4
Published by github-actions[bot] 11 months ago
This change updated some print levels and added the PDB name for images being looked at.
Tested on proprietary virtual ARM platform and verified updated prints works as expected.
N/A
MemoryOutsideEfiMemoryMapIsInaccessible checks if memory not present in the EFI memory map has the EFI_MEMORY_RP attribute. The previous version of this test assumed that the memory range spanned by the EFI memory map was contiguous which is sometimes not the case on platforms. This update changes the flow of the test to look at interstitial gaps in the memory map and not just those on the flanks.
The EFI memory map returned through the boot services table is sometimes out of order. This update sorts the memory map and memory space map whenever they're populated for a test.
The X64 MemoryOutsideEfiMemoryMapIsInaccessible HTML test had a typo which is fixed in this update.
Tested on Q35 and ARM
N/A
Full Changelog: https://github.com/microsoft/mu_plus/compare/v2023020004.0.2...v2023020004.0.3
Published by github-actions[bot] 11 months ago
MemoryProtectionTestApp was written before Project Mu supported an ARM platform and Standalone MM. The test app generates the test cases for both the SMM and DXE environments. The SMM tests will report failure for Arm platforms and platforms using Standalone MM, so this update separates the test app into SMM and DXE versions.
The SMM version will still require a driver to handle the SMI calls. To reduce confusing naming, MemoryProtectionTestSmm (the driver supporting SMM memory protection testing) has been renamed to SmmMemoryProtectionTestDriver.
NOTE: Removing the old test app will be delayed for a couple of weeks to give consumers a chance to switch references in their DSC files.
SMM test was checked on a physical x86 platform. The DXE test was checked on Q35 and SBSA
Instances of
UefiTestingPkg/FunctionalSystemTests/MemoryProtectionTest/App/MemoryProtectionTestApp.inf
will need to be updated to
UefiTestingPkg/FunctionalSystemTests/MemoryProtectionTest/App/SmmMemoryProtectionTestApp.inf UefiTestingPkg/FunctionalSystemTests/MemoryProtectionTest/App/DxeMemoryProtectionTestApp.inf
And instances of
UefiTestingPkg/FunctionalSystemTests/MemoryProtectionTest/Smm/MemoryProtectionTestSmm.inf
will need to be updated to
UefiTestingPkg/FunctionalSystemTests/MemoryProtectionTest/Driver/SmmMemoryProtectionTestDriver.inf
Full Changelog: https://github.com/microsoft/mu_plus/compare/v2023020004.0.1...v2023020004.0.2
Published by github-actions[bot] 11 months ago
The reset test method is not supported on ARM platforms currently (support will be added later, but it's not high priority because this test method often takes 40+ minutes). This PR separates the initialization of this testing method to architecture specific logic so the test method is not attempted on ARM platforms.
This also fixes a build error on ARM platforms caused by DefaultExceptionHandlerLib being included (which does not support UEFI_APPLICATION without a MU override).
Running the updated test app on Q35 and SBSA
N/A
Adds SecureBootKeyStoreLib which provides secureboot key store options by consuming fixed at build PCDs that represent the Pk, Db, 3PDb, Kek, and Dbx.
Verified secureboot is properly enabled on Qemu35Pkg for Microsoft and Microsoft 3rd party.
Generate the following PCDs for your platform DSC:
It is highly suggested, but not required, that each pcd is generated by running BaseTools BinToPcd
over the binary blobs created in secureboot_objects, then including them in the platform's DSC file.
Full Changelog: https://github.com/microsoft/mu_plus/compare/v2023020004.0.0...v2023020004.0.1
Published by github-actions[bot] 11 months ago
Splitting inf's for PEI and DXE FrameBufferMemDrawLib to support building for 64bit PEIM.
Verified platform packages consuming the library can build fine and FrameBufferDraw works as expected for PEI and DXE graphics.
Update dsc file to remove the old inf path and include separate PEI and DXE infs.
Full Changelog: https://github.com/microsoft/mu_plus/compare/v2023020003.4.0...v2023020004.0.0
Published by github-actions[bot] 11 months ago
Adds several enhancements to the TpmReplay
feature script.
Add crypto agile log format support
Allows TCG event logs with the "crypto agile format" to be decoded
similar to those generated for TPM Replay by the script.
This includes the log produced by Windows (usually present in the
C:\Windows\Logs\MeasuredBoot directory).
The log is passed with the existing log input parameter "-e".
Example:
TpmReplay.py -e WindowsLog.log -o YamlLog.yaml -l TxtLog.txt -v
Add UEFI variable decode support
Adds the capability to recognize UEFI variable data in UEFI variable
events (e.g. EV_EFI_VARIABLE_DRIVER_CONFIG) and output that to the
YAML file and text log.
This makes inspecting and configuring UEFI variables more user
friendly.
tcg_platform.py: Add SHA1 support
Add support for accepting SHA1 hashes. Updates the JSON schema to
accept 160-bit values for SHA1 hashes.
Use a local logger
Uses a local logger instance to avoid using the root logger to avoid
picking up log output from external libraries.
Add variable data hex view to log
Updates the string formatting for UEFI variable data to return a
hexadecimal string followed by a decoded ASCII representation to
make the data easier to view.
This can be seen in a file specified using the -l
parameter in
combination with -v
to output verbose text to the file.
Readme.md: Add new log and variable details
Describes crytpo agile event log and UEFI variable decode support.
Note: There are some general improvements that can be made to the overall design of
the code. That would require a bit of a refactor that I don't have time for at
the moment. Such as using inheritance in a few places that could benefit from it
and reorganizing some of the code structure.
N/A - Details captured in readme. No backward incompatible changes.
This PR implements 3 enhancements for the RustAdvancedLoggerDxe driver:
function!()
macro that returns the current function name as a static string.std
feture that maps debug!()
and by extension debugln!()
macros to std::println;Unit tests pass, new features validated in both unit test environment (std
feature active and mapping to std::print) and qemu UEFI boot (std
feature not active, using AdvLogger protocol).
N/A - existing code should function as-is.
[dev-dependencies]
RustAdvancedLoggerDxe = {workspace=true, features=["std"]}
New code that wants to take advantage of std
can activate it for tests by specifying it as a feature for RustAdvLoggerDxe in dev-dependencies as shown above.
Full Changelog: https://github.com/microsoft/mu_plus/compare/v2023020003.3.1...v2023020003.4.0
Published by github-actions[bot] 11 months ago
EDK2 added EfiUnacceptedMemoryType to the memory type list. This update adds this memory type to the memory protection test app and skips it because it is not allocatable.
Running the test on Q35
N/A
Update one DSC file to use the new stack cookie library, and MdePkg/MdeLibs.dsc.inc contains the definitions for the new stack cookie libraries for the remaining DSC files.
Tested on Q35 GCC and MSVC builds
N/A
Full Changelog: https://github.com/microsoft/mu_plus/compare/v2023020003.3.0...v2023020003.3.1
Published by github-actions[bot] 11 months ago
Fix an issue where rust boot services allocator implementation could deadlock if memory allocations were attempted at different TPLs. Deadlock occurs in following scenario:
Deadlock occurs because the higher TPL task cannot acquire the lock because it is held by the lower TPL task, and the lower TPL task cannot make forward progress because it has been interrupted by the higher TPL task.
To resolve this, this PR updates the allocation implementation to remove the spinlock. An AtomicPtr is used to give well-ordered access to the bootservices pointer used as the basis for the allocation implementation. Other aspects of the implementation (i.e. creation of the allocation tracker) are already thread-safe or are the responsibility of the boot services implementation.
PR also contains some minor style cleanup.
Verified boot on QEMU.
N/A
USB HID specification 1.11 (https://www.usb.org/document-library/device-class-definition-hid-111) section 7.2.6 states:
When initialized, all devices default to report protocol. However the host should
not make any assumptions about the deviceโs state and should set the desired
protocol whenever initializing a device.
In testing actual devices, it has been observed that some actual endpoint HID devices come up in "boot protocol" rather than "report protocol." This PR implements the recommendation that the host (in this case, the UsbHidDxe driver) not make any assumptions about device state, and explicitly sets report protocol for devices that implement the "boot" interface subclass.
The PR also makes a minor adjustment to debug verbosity.
Verified with QEMU that command is sent; verified with hardware that has this issue that SetProtocol resolves it.
N/A
This PR resolves an issue where invocation of the debugln!() macro could result in deadlock due to contention between two different TPL levels. The deadlock occurs in the following scenario:
In this scenario, the higher TPL task cannot make forward progress because it cannot acquire the lock held by the lower TPL task, and the lower TPL task is not executing because it was interrupted by the higher TPL task.
This resolves the issue by changing the "lock" to a "try_lock" - in the scenario above, this allows the higher TPL task to make forward progress. This has the downside of dropping the message from the higher TPL task; so this is only intended as an interim fix.
Reproduced the issue using QEMU emulator; with this change the above flow no longer deadlocks.
N/A
This PR resolves an issue where invocation of the debugln!() macro could result in deadlock due to contention between two different TPL levels. The deadlock occurs in the following scenario:
In this scenario, the higher TPL task cannot make forward progress because it cannot acquire the lock held by the lower TPL task, and the lower TPL task is not executing because it was interrupted by the higher TPL task.
This resolves the issue by changing the "lock" to a "try_lock" - in the scenario above, this allows the higher TPL task to make forward progress. This has the downside of dropping the message from the higher TPL task; so this is only intended as an interim fix.
Reproduced the issue using QEMU emulator; with this change the above flow no longer deadlocks.
N/A
Full Changelog: https://github.com/microsoft/mu_plus/compare/v2023020003.2.2...v2023020003.3.0
Published by github-actions[bot] 11 months ago
This change adds an inspection of mLoggerInfo
variable before reading from GetTime() runtime service. As the advanced logger design expects the mLoggerInfo
to be set to NULL, we should always check the pointer before usage, otherwise page fault could occur under certain edge cases.
This was tested on QEMU Q35 platform.
N/A
Full Changelog: https://github.com/microsoft/mu_plus/compare/v2023020003.2.1...v2023020003.2.2
Published by github-actions[bot] 11 months ago
When using advanced logger starting from DxeCore, the library constructor will allocate space for the advanced logger buffer.
When this allocation takes place, the associated global variable mMaxAddress
will be created to specify the last address for the log buffer.
In the DxeCore case, the calculation for mMaxAddress
did not take into account the size of the ADVANCED_LOGGER_INFO
structure that is at the start of the buffer, resulting in an inconsistent address between mMaxAddress
and LoggerInfo->LogBuffer + LoggerInfo->LogBufferSize
All other instances of this code use LoggerInfo->LogBuffer + LoggerInfo->LogBufferSize
, so change DxeCore library instance to use the same logic as other library instances.
For each item, place an "x" in between [
and ]
if true. Example: [x]
.
(you can also check items in the GitHub UI)
Found by setting debug messages to such a high level that the end of the buffer was reached, resulting in incorrect checks of mMaxAddress
overwriting the end of the buffer.
Incorrect logic was tripped up in ValidateInfoBlock()
where mMaxAddress
would cause a return of false
, which in turn would result in NULL being returned from an arbitrary call to AdvancedLoggerGetLoggerInfo
.
n/a
Log retrieval information is not as accessible as it could be. Adding some blurbs to make the information more accessible at the top level.
Ran CI locally.
N/A
Full Changelog: https://github.com/microsoft/mu_plus/compare/v2023020003.2.0...v2023020003.2.1
Published by github-actions[bot] 12 months ago
Adds an instance of PanicLib that outputs through advanced logger
using AdvancedLoggerLib.
This allows platforms already using advanced logger to use this
library instance which can decrease the size impact as opposed to
linking to output stacks like serial that might be redundant when
advanced logger is active.
Example of a test PANIC()
placed in ResetSystemPei
through this library
instance:
PANIC [ResetSystemPei] d:\src\ws\MU_BASECORE\MdeModulePkg\Universal\ResetSystemPei\ResetSystem.c(110): Test panic
Use this library instance if routing panic messages through advanced logger
is preferred.
Adds HID keyboard support to UefiHidDxe input driver.
Tested with USB keyboard support in QEMU. Early iterations also tested in hardware.
Platforms will need to add HiiKeyboardLayout = {path = "HidPkg/Crates/HiiKeyboardLayout"}
to the [workspace.dependencies]
in their cargo.toml if not already present.
Adds an instance of PanicLib that outputs through advanced logger
using AdvancedLoggerLib.
This allows platforms already using advanced logger to use this
library instance which can decrease the size impact as opposed to
linking to output stacks like serial that might be redundant when
advanced logger is active.
Example of a test PANIC()
placed in ResetSystemPei
through this library
instance:
PANIC [ResetSystemPei] d:\src\ws\MU_BASECORE\MdeModulePkg\Universal\ResetSystemPei\ResetSystem.c(110): Test panic
Use this library instance if routing panic messages through advanced logger
is preferred.
Full Changelog: https://github.com/microsoft/mu_plus/compare/v2023020003.1.0...v2023020003.2.0