Compare commits
10 Commits
2c36bf7de4
...
634804e1ab
Author | SHA1 | Date |
---|---|---|
David Abdurachmanov | 634804e1ab | |
Gerd Hoffmann | 9a94e6f906 | |
Gerd Hoffmann | 9cf97d0705 | |
Gerd Hoffmann | 6614f291c6 | |
Gerd Hoffmann | 0279a8196d | |
Gerd Hoffmann | 222487dd93 | |
Gerd Hoffmann | 34231a5eb6 | |
Gerd Hoffmann | a8b54e7c53 | |
Gerd Hoffmann | fae250a1be | |
Gerd Hoffmann | 8fd9ce42f3 |
|
@ -0,0 +1,235 @@
|
||||||
|
From bf2f6173802c709a84c36d43f414c815ad6aa2f6 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Ard Biesheuvel <ardb@kernel.org>
|
||||||
|
Date: Thu, 20 Jul 2023 15:45:57 +0200
|
||||||
|
Subject: [PATCH 17/20] OvmfPkg/IoMmuDxe: don't rely on TPLs to manage
|
||||||
|
concurrency
|
||||||
|
|
||||||
|
Instead of relying on raising the TPL to protect the critical sections
|
||||||
|
that manipulate the global bitmask that keeps track of bounce buffer
|
||||||
|
allocations, use compare-and-exchange to manage the global variable, and
|
||||||
|
tweak the logic to line up with that.
|
||||||
|
|
||||||
|
Given that IoMmuDxe implements a singleton protocol that is shared
|
||||||
|
between multiple drivers, and considering the elaborate and confusing
|
||||||
|
requirements in the UEFP spec regarding TPL levels at which protocol
|
||||||
|
methods may be invoked, not relying on TPL levels at all is a more
|
||||||
|
robust approach in this case.
|
||||||
|
|
||||||
|
Link: https://bugzilla.redhat.com/show_bug.cgi?id=2211060
|
||||||
|
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
|
||||||
|
Acked-by: Pedro Falcato <pedro.falcato@gmail.com>
|
||||||
|
(cherry picked from commit dfb941d32a2f38c9177729e39c6a6515abbbad48)
|
||||||
|
---
|
||||||
|
OvmfPkg/IoMmuDxe/IoMmuDxe.inf | 1 +
|
||||||
|
OvmfPkg/IoMmuDxe/IoMmuBuffer.c | 100 +++++++++++++++++++--------------
|
||||||
|
2 files changed, 60 insertions(+), 41 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/IoMmuDxe/IoMmuDxe.inf b/OvmfPkg/IoMmuDxe/IoMmuDxe.inf
|
||||||
|
index 17fca5285692..d08f7e59e2b6 100644
|
||||||
|
--- a/OvmfPkg/IoMmuDxe/IoMmuDxe.inf
|
||||||
|
+++ b/OvmfPkg/IoMmuDxe/IoMmuDxe.inf
|
||||||
|
@@ -35,6 +35,7 @@ [LibraryClasses]
|
||||||
|
MemEncryptSevLib
|
||||||
|
MemEncryptTdxLib
|
||||||
|
MemoryAllocationLib
|
||||||
|
+ SynchronizationLib
|
||||||
|
UefiBootServicesTableLib
|
||||||
|
UefiDriverEntryPoint
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/IoMmuDxe/IoMmuBuffer.c b/OvmfPkg/IoMmuDxe/IoMmuBuffer.c
|
||||||
|
index 103003cae376..f8dcd5b7ec92 100644
|
||||||
|
--- a/OvmfPkg/IoMmuDxe/IoMmuBuffer.c
|
||||||
|
+++ b/OvmfPkg/IoMmuDxe/IoMmuBuffer.c
|
||||||
|
@@ -12,6 +12,7 @@
|
||||||
|
#include <Library/MemEncryptSevLib.h>
|
||||||
|
#include <Library/MemEncryptTdxLib.h>
|
||||||
|
#include <Library/PcdLib.h>
|
||||||
|
+#include <Library/SynchronizationLib.h>
|
||||||
|
#include <Library/UefiBootServicesTableLib.h>
|
||||||
|
#include "IoMmuInternal.h"
|
||||||
|
|
||||||
|
@@ -268,16 +269,17 @@ InternalAllocateBuffer (
|
||||||
|
IN EFI_ALLOCATE_TYPE Type,
|
||||||
|
IN EFI_MEMORY_TYPE MemoryType,
|
||||||
|
IN UINTN Pages,
|
||||||
|
- IN OUT UINT32 *ReservedMemBitmap,
|
||||||
|
+ OUT UINT32 *ReservedMemBit,
|
||||||
|
IN OUT EFI_PHYSICAL_ADDRESS *PhysicalAddress
|
||||||
|
)
|
||||||
|
{
|
||||||
|
UINT32 MemBitmap;
|
||||||
|
+ UINT32 ReservedMemBitmap;
|
||||||
|
UINT8 Index;
|
||||||
|
IOMMU_RESERVED_MEM_RANGE *MemRange;
|
||||||
|
UINTN PagesOfLastMemRange;
|
||||||
|
|
||||||
|
- *ReservedMemBitmap = 0;
|
||||||
|
+ *ReservedMemBit = 0;
|
||||||
|
|
||||||
|
if (Pages == 0) {
|
||||||
|
ASSERT (FALSE);
|
||||||
|
@@ -309,23 +311,31 @@ InternalAllocateBuffer (
|
||||||
|
|
||||||
|
MemRange = &mReservedMemRanges[Index];
|
||||||
|
|
||||||
|
- if ((mReservedMemBitmap & MemRange->BitmapMask) == MemRange->BitmapMask) {
|
||||||
|
- // The reserved memory is exausted. Turn to legacy allocate.
|
||||||
|
- goto LegacyAllocateBuffer;
|
||||||
|
- }
|
||||||
|
+ do {
|
||||||
|
+ ReservedMemBitmap = mReservedMemBitmap;
|
||||||
|
|
||||||
|
- MemBitmap = (mReservedMemBitmap & MemRange->BitmapMask) >> MemRange->Shift;
|
||||||
|
+ if ((ReservedMemBitmap & MemRange->BitmapMask) == MemRange->BitmapMask) {
|
||||||
|
+ // The reserved memory is exhausted. Turn to legacy allocate.
|
||||||
|
+ goto LegacyAllocateBuffer;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ MemBitmap = (ReservedMemBitmap & MemRange->BitmapMask) >> MemRange->Shift;
|
||||||
|
|
||||||
|
- for (Index = 0; Index < MemRange->Slots; Index++) {
|
||||||
|
- if ((MemBitmap & (UINT8)(1<<Index)) == 0) {
|
||||||
|
- break;
|
||||||
|
+ for (Index = 0; Index < MemRange->Slots; Index++) {
|
||||||
|
+ if ((MemBitmap & (UINT8)(1<<Index)) == 0) {
|
||||||
|
+ break;
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
- }
|
||||||
|
|
||||||
|
- ASSERT (Index != MemRange->Slots);
|
||||||
|
+ ASSERT (Index != MemRange->Slots);
|
||||||
|
|
||||||
|
- *PhysicalAddress = MemRange->StartAddressOfMemRange + Index * SIZE_OF_MEM_RANGE (MemRange) + MemRange->HeaderSize;
|
||||||
|
- *ReservedMemBitmap = (UINT32)(1 << (Index + MemRange->Shift));
|
||||||
|
+ *PhysicalAddress = MemRange->StartAddressOfMemRange + Index * SIZE_OF_MEM_RANGE (MemRange) + MemRange->HeaderSize;
|
||||||
|
+ *ReservedMemBit = (UINT32)(1 << (Index + MemRange->Shift));
|
||||||
|
+ } while (ReservedMemBitmap != InterlockedCompareExchange32 (
|
||||||
|
+ &mReservedMemBitmap,
|
||||||
|
+ ReservedMemBitmap,
|
||||||
|
+ ReservedMemBitmap | *ReservedMemBit
|
||||||
|
+ ));
|
||||||
|
|
||||||
|
DEBUG ((
|
||||||
|
DEBUG_VERBOSE,
|
||||||
|
@@ -334,16 +344,16 @@ InternalAllocateBuffer (
|
||||||
|
MemRange->DataSize,
|
||||||
|
*PhysicalAddress,
|
||||||
|
Pages,
|
||||||
|
- *ReservedMemBitmap,
|
||||||
|
- mReservedMemBitmap,
|
||||||
|
- mReservedMemBitmap | *ReservedMemBitmap
|
||||||
|
+ *ReservedMemBit,
|
||||||
|
+ ReservedMemBitmap,
|
||||||
|
+ ReservedMemBitmap | *ReservedMemBit
|
||||||
|
));
|
||||||
|
|
||||||
|
return EFI_SUCCESS;
|
||||||
|
|
||||||
|
LegacyAllocateBuffer:
|
||||||
|
|
||||||
|
- *ReservedMemBitmap = 0;
|
||||||
|
+ *ReservedMemBit = 0;
|
||||||
|
return gBS->AllocatePages (Type, MemoryType, Pages, PhysicalAddress);
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -366,27 +376,41 @@ IoMmuAllocateBounceBuffer (
|
||||||
|
)
|
||||||
|
{
|
||||||
|
EFI_STATUS Status;
|
||||||
|
- UINT32 ReservedMemBitmap;
|
||||||
|
- EFI_TPL OldTpl;
|
||||||
|
-
|
||||||
|
- OldTpl = gBS->RaiseTPL (TPL_NOTIFY);
|
||||||
|
- ReservedMemBitmap = 0;
|
||||||
|
- Status = InternalAllocateBuffer (
|
||||||
|
- Type,
|
||||||
|
- MemoryType,
|
||||||
|
- MapInfo->NumberOfPages,
|
||||||
|
- &ReservedMemBitmap,
|
||||||
|
- &MapInfo->PlainTextAddress
|
||||||
|
- );
|
||||||
|
- MapInfo->ReservedMemBitmap = ReservedMemBitmap;
|
||||||
|
- mReservedMemBitmap |= ReservedMemBitmap;
|
||||||
|
- gBS->RestoreTPL (OldTpl);
|
||||||
|
|
||||||
|
+ Status = InternalAllocateBuffer (
|
||||||
|
+ Type,
|
||||||
|
+ MemoryType,
|
||||||
|
+ MapInfo->NumberOfPages,
|
||||||
|
+ &MapInfo->ReservedMemBitmap,
|
||||||
|
+ &MapInfo->PlainTextAddress
|
||||||
|
+ );
|
||||||
|
ASSERT (Status == EFI_SUCCESS);
|
||||||
|
|
||||||
|
return Status;
|
||||||
|
}
|
||||||
|
|
||||||
|
+/**
|
||||||
|
+ * Clear a bit in the reserved memory bitmap in a thread safe manner
|
||||||
|
+ *
|
||||||
|
+ * @param ReservedMemBit The bit to clear
|
||||||
|
+ */
|
||||||
|
+STATIC
|
||||||
|
+VOID
|
||||||
|
+ClearReservedMemBit (
|
||||||
|
+ IN UINT32 ReservedMemBit
|
||||||
|
+ )
|
||||||
|
+{
|
||||||
|
+ UINT32 ReservedMemBitmap;
|
||||||
|
+
|
||||||
|
+ do {
|
||||||
|
+ ReservedMemBitmap = mReservedMemBitmap;
|
||||||
|
+ } while (ReservedMemBitmap != InterlockedCompareExchange32 (
|
||||||
|
+ &mReservedMemBitmap,
|
||||||
|
+ ReservedMemBitmap,
|
||||||
|
+ ReservedMemBitmap & ~ReservedMemBit
|
||||||
|
+ ));
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
/**
|
||||||
|
* Free the bounce buffer allocated in IoMmuAllocateBounceBuffer.
|
||||||
|
*
|
||||||
|
@@ -398,8 +422,6 @@ IoMmuFreeBounceBuffer (
|
||||||
|
IN OUT MAP_INFO *MapInfo
|
||||||
|
)
|
||||||
|
{
|
||||||
|
- EFI_TPL OldTpl;
|
||||||
|
-
|
||||||
|
if (MapInfo->ReservedMemBitmap == 0) {
|
||||||
|
gBS->FreePages (MapInfo->PlainTextAddress, MapInfo->NumberOfPages);
|
||||||
|
} else {
|
||||||
|
@@ -412,11 +434,9 @@ IoMmuFreeBounceBuffer (
|
||||||
|
mReservedMemBitmap,
|
||||||
|
mReservedMemBitmap & ((UINT32)(~MapInfo->ReservedMemBitmap))
|
||||||
|
));
|
||||||
|
- OldTpl = gBS->RaiseTPL (TPL_NOTIFY);
|
||||||
|
+ ClearReservedMemBit (MapInfo->ReservedMemBitmap);
|
||||||
|
MapInfo->PlainTextAddress = 0;
|
||||||
|
- mReservedMemBitmap &= (UINT32)(~MapInfo->ReservedMemBitmap);
|
||||||
|
MapInfo->ReservedMemBitmap = 0;
|
||||||
|
- gBS->RestoreTPL (OldTpl);
|
||||||
|
}
|
||||||
|
|
||||||
|
return EFI_SUCCESS;
|
||||||
|
@@ -452,8 +472,6 @@ IoMmuAllocateCommonBuffer (
|
||||||
|
);
|
||||||
|
ASSERT (Status == EFI_SUCCESS);
|
||||||
|
|
||||||
|
- mReservedMemBitmap |= *ReservedMemBitmap;
|
||||||
|
-
|
||||||
|
if (*ReservedMemBitmap != 0) {
|
||||||
|
*PhysicalAddress -= SIZE_4KB;
|
||||||
|
}
|
||||||
|
@@ -494,7 +512,7 @@ IoMmuFreeCommonBuffer (
|
||||||
|
mReservedMemBitmap & ((UINT32)(~CommonBufferHeader->ReservedMemBitmap))
|
||||||
|
));
|
||||||
|
|
||||||
|
- mReservedMemBitmap &= (UINT32)(~CommonBufferHeader->ReservedMemBitmap);
|
||||||
|
+ ClearReservedMemBit (CommonBufferHeader->ReservedMemBitmap);
|
||||||
|
return EFI_SUCCESS;
|
||||||
|
|
||||||
|
LegacyFreeCommonBuffer:
|
||||||
|
--
|
||||||
|
2.41.0
|
||||||
|
|
|
@ -0,0 +1,84 @@
|
||||||
|
From 2dd5afb5f43f645041b91c8fa6f797121a384061 Mon Sep 17 00:00:00 2001
|
||||||
|
From: YuanhaoXie <yuanhao.xie@intel.com>
|
||||||
|
Date: Tue, 22 Aug 2023 09:52:14 +0800
|
||||||
|
Subject: [PATCH 18/20] OvmfPkg: Disable PcdFirstTimeWakeUpAPsBySipi
|
||||||
|
|
||||||
|
Disable PcdFirstTimeWakeUpAPsBySipi for IntelTdx, Microvm, and Xen to
|
||||||
|
preserve the original execution of INIT-SIPI-SIPI.
|
||||||
|
|
||||||
|
Cc: Eric Dong <eric.dong@intel.com>
|
||||||
|
Cc: Ray Ni <ray.ni@intel.com>
|
||||||
|
Cc: Rahul Kumar <rahul1.kumar@intel.com>
|
||||||
|
Cc: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
|
||||||
|
Cc: Jiewen Yao <jiewen.yao@intel.com>
|
||||||
|
Cc: Jordan Justen <jordan.l.justen@intel.com>
|
||||||
|
Signed-off-by: Yuanhao Xie <yuanhao.xie@intel.com>
|
||||||
|
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
(cherry picked from commit 020cc9e2e7053bb62247b0babbbe80cb855592e5)
|
||||||
|
---
|
||||||
|
OvmfPkg/IntelTdx/IntelTdxX64.dsc | 8 ++++++++
|
||||||
|
OvmfPkg/Microvm/MicrovmX64.dsc | 8 ++++++++
|
||||||
|
OvmfPkg/OvmfXen.dsc | 8 ++++++++
|
||||||
|
3 files changed, 24 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.dsc b/OvmfPkg/IntelTdx/IntelTdxX64.dsc
|
||||||
|
index bfcd486976cf..cfd5e8516ea4 100644
|
||||||
|
--- a/OvmfPkg/IntelTdx/IntelTdxX64.dsc
|
||||||
|
+++ b/OvmfPkg/IntelTdx/IntelTdxX64.dsc
|
||||||
|
@@ -463,6 +463,14 @@ [PcdsFixedAtBuild]
|
||||||
|
# Point to the MdeModulePkg/Application/UiApp/UiApp.inf
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdBootManagerMenuFile|{ 0x21, 0xaa, 0x2c, 0x46, 0x14, 0x76, 0x03, 0x45, 0x83, 0x6e, 0x8a, 0xb6, 0xf4, 0x66, 0x23, 0x31 }
|
||||||
|
|
||||||
|
+ #
|
||||||
|
+ # PcdFirstTimeWakeUpAPsBySipi determines whether to employ
|
||||||
|
+ # SIPI instead of the INIT-SIPI-SIPI sequence during APs
|
||||||
|
+ # initialization. Deactivate this parameter to preserve
|
||||||
|
+ # the original execution of INIT-SIPI-SIPI.
|
||||||
|
+ #
|
||||||
|
+ gUefiCpuPkgTokenSpaceGuid.PcdFirstTimeWakeUpAPsBySipi|FALSE
|
||||||
|
+
|
||||||
|
################################################################################
|
||||||
|
#
|
||||||
|
# Pcd Dynamic Section - list of all EDK II PCD Entries defined by this Platform
|
||||||
|
diff --git a/OvmfPkg/Microvm/MicrovmX64.dsc b/OvmfPkg/Microvm/MicrovmX64.dsc
|
||||||
|
index 023b7b0fe959..3cb2b6ddc490 100644
|
||||||
|
--- a/OvmfPkg/Microvm/MicrovmX64.dsc
|
||||||
|
+++ b/OvmfPkg/Microvm/MicrovmX64.dsc
|
||||||
|
@@ -566,6 +566,14 @@ [PcdsFixedAtBuild]
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdSerialPciDeviceInfo|{0xFF}
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdSerialRegisterBase|0x3f8
|
||||||
|
|
||||||
|
+ #
|
||||||
|
+ # PcdFirstTimeWakeUpAPsBySipi determines whether to employ
|
||||||
|
+ # SIPI instead of the INIT-SIPI-SIPI sequence during APs
|
||||||
|
+ # initialization. Deactivate this parameter to preserve
|
||||||
|
+ # the original execution of INIT-SIPI-SIPI.
|
||||||
|
+ #
|
||||||
|
+ gUefiCpuPkgTokenSpaceGuid.PcdFirstTimeWakeUpAPsBySipi|FALSE
|
||||||
|
+
|
||||||
|
################################################################################
|
||||||
|
#
|
||||||
|
# Pcd Dynamic Section - list of all EDK II PCD Entries defined by this Platform
|
||||||
|
diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc
|
||||||
|
index 210578c1d74d..dcb99d1f0bce 100644
|
||||||
|
--- a/OvmfPkg/OvmfXen.dsc
|
||||||
|
+++ b/OvmfPkg/OvmfXen.dsc
|
||||||
|
@@ -458,6 +458,14 @@ [PcdsFixedAtBuild]
|
||||||
|
# We populate DXE IPL tables with 1G pages preferably on Xen
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdUse1GPageTable|TRUE
|
||||||
|
|
||||||
|
+ #
|
||||||
|
+ # PcdFirstTimeWakeUpAPsBySipi determines whether to employ
|
||||||
|
+ # SIPI instead of the INIT-SIPI-SIPI sequence during APs
|
||||||
|
+ # initialization. Deactivate this parameter to preserve
|
||||||
|
+ # the original execution of INIT-SIPI-SIPI.
|
||||||
|
+ #
|
||||||
|
+ gUefiCpuPkgTokenSpaceGuid.PcdFirstTimeWakeUpAPsBySipi|FALSE
|
||||||
|
+
|
||||||
|
################################################################################
|
||||||
|
#
|
||||||
|
# Pcd Dynamic Section - list of all EDK II PCD Entries defined by this Platform
|
||||||
|
--
|
||||||
|
2.41.0
|
||||||
|
|
|
@ -0,0 +1,46 @@
|
||||||
|
From cb435f3097b28e7470a7653def7d5ab06855f6ee Mon Sep 17 00:00:00 2001
|
||||||
|
From: Michael Roth <michael.roth@amd.com>
|
||||||
|
Date: Wed, 16 Aug 2023 15:11:46 -0500
|
||||||
|
Subject: [PATCH 19/20] OvmfPkg/AmdSev: Disable PcdFirstTimeWakeUpAPsBySipi
|
||||||
|
|
||||||
|
PcdFirstTimeWakeUpAPsBySipi was recently introduced to indicate when the
|
||||||
|
full INIT-SIPI-SIPI sequence can be skipped for AP bringup. It is true
|
||||||
|
by default, but needs to be disabled for QEMU/OVMF where early INIT is
|
||||||
|
not simulated. Commit 1d76560146 ("OvmfPkg: Disable
|
||||||
|
PcdFirstTimeWakeUpAPsBySipi.") added changes to disable it by default
|
||||||
|
for OvmfPkg, but a similar change was not made for the AmdSev package.
|
||||||
|
This breaks booting of SEV and SNP guests.
|
||||||
|
|
||||||
|
Fix this defaulting PcdFirstTimeWakeUpAPsBySipi to false for AmdSev
|
||||||
|
package, as was previously done for OvmfPkg variants.
|
||||||
|
|
||||||
|
Fixes: eaffa1d7ff ("UefiCpuPkg:Wake up APs after power-up or RESET through SIPI.")
|
||||||
|
Signed-off-by: Michael Roth <michael.roth@amd.com>
|
||||||
|
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
(cherry picked from commit 8b66f9df1bb0fd5ebb743944d41cb33178cf2fdd)
|
||||||
|
---
|
||||||
|
OvmfPkg/AmdSev/AmdSevX64.dsc | 8 ++++++++
|
||||||
|
1 file changed, 8 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
index 865d150a2871..7f808126675f 100644
|
||||||
|
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
@@ -468,6 +468,14 @@ [PcdsFixedAtBuild]
|
||||||
|
gEfiMdeModulePkgTokenSpaceGuid.PcdConInConnectOnDemand|TRUE
|
||||||
|
gUefiOvmfPkgTokenSpaceGuid.PcdBootRestrictToFirmware|TRUE
|
||||||
|
|
||||||
|
+ #
|
||||||
|
+ # INIT is now triggered before BIOS by ucode/hardware. In the OVMF
|
||||||
|
+ # environment, QEMU lacks a simulation for the INIT process.
|
||||||
|
+ # To address this, PcdFirstTimeWakeUpAPsBySipi set to FALSE to
|
||||||
|
+ # broadcast INIT-SIPI-SIPI for the first time.
|
||||||
|
+ #
|
||||||
|
+ gUefiCpuPkgTokenSpaceGuid.PcdFirstTimeWakeUpAPsBySipi|FALSE
|
||||||
|
+
|
||||||
|
################################################################################
|
||||||
|
#
|
||||||
|
# Pcd Dynamic Section - list of all EDK II PCD Entries defined by this Platform
|
||||||
|
--
|
||||||
|
2.41.0
|
||||||
|
|
|
@ -0,0 +1,72 @@
|
||||||
|
From 6580637b33ef9b55b6dcfa8517e5933fb87b02d1 Mon Sep 17 00:00:00 2001
|
||||||
|
From: "Roth, Michael via groups.io" <Michael.Roth=amd.com@groups.io>
|
||||||
|
Date: Wed, 16 Aug 2023 15:11:45 -0500
|
||||||
|
Subject: [PATCH 20/20] OvmfPkg/AmdSev: fix BdsPlatform.c assertion failure
|
||||||
|
during boot
|
||||||
|
|
||||||
|
Booting an SEV guest with AmdSev OVMF package currently triggers the
|
||||||
|
following assertion with QEMU:
|
||||||
|
|
||||||
|
InstallQemuFwCfgTables: installed 7 tables
|
||||||
|
PcRtc: Write 0x20 to CMOS location 0x32
|
||||||
|
[Variable]END_OF_DXE is signaled
|
||||||
|
Initialize variable error flag (FF)
|
||||||
|
|
||||||
|
ASSERT_EFI_ERROR (Status = Not Found)
|
||||||
|
ASSERT [BdsDxe] /home/VT_BUILD/ovmf/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c(1711): !(((INTN)(RETURN_STATUS)(Status)) < 0)
|
||||||
|
|
||||||
|
This seems to be due to commit 81dc0d8b4c, which switched to using
|
||||||
|
PlatformBootManagerLib instead of PlatformBootManagerLibGrub. That pulls
|
||||||
|
in a dependency on gEfiS3SaveStateProtocolGuid provider being available
|
||||||
|
(which is asserted for in
|
||||||
|
BdsPlatform.c:PlatformBootManagerBeforeConsole()/SaveS3BootScript()),
|
||||||
|
but the libraries that provide it aren't currently included in the
|
||||||
|
build. Add them similarly to what's done for OvmfPkg.
|
||||||
|
|
||||||
|
Fixes: 81dc0d8b4c ("OvmfPkg/AmdSev: stop using PlatformBootManagerLibGrub")
|
||||||
|
Signed-off-by: Michael Roth <michael.roth@amd.com>
|
||||||
|
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
|
||||||
|
(cherry picked from commit f008890ae55929f7f17e7d2f8aff929255007d33)
|
||||||
|
---
|
||||||
|
OvmfPkg/AmdSev/AmdSevX64.dsc | 3 +++
|
||||||
|
OvmfPkg/AmdSev/AmdSevX64.fdf | 2 ++
|
||||||
|
2 files changed, 5 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
index 7f808126675f..49f6be3a079c 100644
|
||||||
|
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
||||||
|
@@ -200,6 +200,7 @@ [LibraryClasses]
|
||||||
|
|
||||||
|
SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf
|
||||||
|
OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf
|
||||||
|
+ S3BootScriptLib|MdeModulePkg/Library/PiDxeS3BootScriptLib/DxeS3BootScriptLib.inf
|
||||||
|
|
||||||
|
!include OvmfPkg/Include/Dsc/OvmfTpmLibs.dsc.inc
|
||||||
|
|
||||||
|
@@ -727,6 +728,8 @@ [Components]
|
||||||
|
#
|
||||||
|
MdeModulePkg/Universal/Acpi/AcpiTableDxe/AcpiTableDxe.inf
|
||||||
|
OvmfPkg/AcpiPlatformDxe/AcpiPlatformDxe.inf
|
||||||
|
+ MdeModulePkg/Universal/Acpi/S3SaveStateDxe/S3SaveStateDxe.inf
|
||||||
|
+ MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
|
||||||
|
MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf
|
||||||
|
|
||||||
|
#
|
||||||
|
diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf
|
||||||
|
index 463bd3e9ef15..b2ab0c777320 100644
|
||||||
|
--- a/OvmfPkg/AmdSev/AmdSevX64.fdf
|
||||||
|
+++ b/OvmfPkg/AmdSev/AmdSevX64.fdf
|
||||||
|
@@ -270,6 +270,8 @@ [FV.DXEFV]
|
||||||
|
|
||||||
|
INF MdeModulePkg/Universal/Acpi/AcpiTableDxe/AcpiTableDxe.inf
|
||||||
|
INF OvmfPkg/AcpiPlatformDxe/AcpiPlatformDxe.inf
|
||||||
|
+INF MdeModulePkg/Universal/Acpi/S3SaveStateDxe/S3SaveStateDxe.inf
|
||||||
|
+INF MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
|
||||||
|
INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf
|
||||||
|
|
||||||
|
INF FatPkg/EnhancedFatDxe/Fat.inf
|
||||||
|
--
|
||||||
|
2.41.0
|
||||||
|
|
|
@ -0,0 +1,32 @@
|
||||||
|
{
|
||||||
|
"description": "UEFI firmware for RISC-V virtual machines",
|
||||||
|
"interface-types": [
|
||||||
|
"uefi"
|
||||||
|
],
|
||||||
|
"mapping": {
|
||||||
|
"device": "flash",
|
||||||
|
"mode" : "split",
|
||||||
|
"executable": {
|
||||||
|
"filename": "/usr/share/edk2/riscv/RISCV_VIRT_CODE.qcow2",
|
||||||
|
"format": "qcow2"
|
||||||
|
},
|
||||||
|
"nvram-template": {
|
||||||
|
"filename": "/usr/share/edk2/riscv/RISCV_VIRT_VARS.qcow2",
|
||||||
|
"format": "qcow2"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"targets": [
|
||||||
|
{
|
||||||
|
"architecture": "riscv64",
|
||||||
|
"machines": [
|
||||||
|
"virt-*"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"features": [
|
||||||
|
|
||||||
|
],
|
||||||
|
"tags": [
|
||||||
|
|
||||||
|
]
|
||||||
|
}
|
|
@ -0,0 +1,35 @@
|
||||||
|
|
||||||
|
experimental edk2 builds
|
||||||
|
------------------------
|
||||||
|
|
||||||
|
OVMF.stateless.fd
|
||||||
|
OVMF.stateless.secboot.fd
|
||||||
|
OVMF.stateless.secboot.pcr
|
||||||
|
|
||||||
|
Stateless (== no persistent uefi variables) ovmf build. Has secure
|
||||||
|
boot support, the 'secboot' variant has secure boot enabled. Does
|
||||||
|
not require SMM support.
|
||||||
|
|
||||||
|
OVMF_CODE.4m.secboot.strictnx.fd
|
||||||
|
|
||||||
|
OVMF build with strict NX configuration (using r-x for code, rw- for
|
||||||
|
data). Known to not work with some grub and linux kernel versions
|
||||||
|
because they use the wrong memory type for allocations and run into
|
||||||
|
NX faults. Useful for bootloader development and CI.
|
||||||
|
|
||||||
|
QEMU_EFI.strictnx.fd
|
||||||
|
QEMU_EFI-strictnx-pflash.raw
|
||||||
|
|
||||||
|
ArmVirt build with strict NX configuration (see above for details).
|
||||||
|
|
||||||
|
QEMU_EFI.secboot.testonly.fd
|
||||||
|
QEMU_EFI-secboot-testonly-pflash.raw
|
||||||
|
vars-template-secboot-testonly-pflash.raw
|
||||||
|
|
||||||
|
ArmVirt build with secure boot support.
|
||||||
|
|
||||||
|
Exposes the secure boot APIs, so they can be used for development /
|
||||||
|
testing / CI.
|
||||||
|
|
||||||
|
The EFI variable store is NOT protected, therefore the build is NOT
|
||||||
|
suitable for production use.
|
|
@ -37,6 +37,9 @@ DEBUG_PRINT_ERROR_LEVEL = 0x8040004F
|
||||||
[opts.armvirt.silent]
|
[opts.armvirt.silent]
|
||||||
DEBUG_PRINT_ERROR_LEVEL = 0x80000000
|
DEBUG_PRINT_ERROR_LEVEL = 0x80000000
|
||||||
|
|
||||||
|
[opts.armvirt.sb.testonly]
|
||||||
|
SECURE_BOOT_ENABLE = TRUE
|
||||||
|
|
||||||
[opts.armvirt.kernel]
|
[opts.armvirt.kernel]
|
||||||
TPM2_ENABLE = FALSE
|
TPM2_ENABLE = FALSE
|
||||||
TPM2_CONFIG_ENABLE = FALSE
|
TPM2_CONFIG_ENABLE = FALSE
|
||||||
|
@ -285,3 +288,17 @@ dest = Fedora/experimental
|
||||||
cpy1 = FV/QEMU_EFI.fd QEMU_EFI.strictnx.fd
|
cpy1 = FV/QEMU_EFI.fd QEMU_EFI.strictnx.fd
|
||||||
cpy3 = FV/QEMU_EFI.fd QEMU_EFI-strictnx-pflash.raw
|
cpy3 = FV/QEMU_EFI.fd QEMU_EFI-strictnx-pflash.raw
|
||||||
pad3 = QEMU_EFI-strictnx-pflash.raw 64m
|
pad3 = QEMU_EFI-strictnx-pflash.raw 64m
|
||||||
|
|
||||||
|
[build.armvirt.aa64.secboot.testonly]
|
||||||
|
desc = ArmVirt build for qemu, 64-bit (arm v8), secure boot
|
||||||
|
conf = ArmVirtPkg/ArmVirtQemu.dsc
|
||||||
|
arch = AARCH64
|
||||||
|
opts = ovmf.common
|
||||||
|
armvirt.verbose
|
||||||
|
armvirt.sb.testonly
|
||||||
|
pcds = nx.strict
|
||||||
|
plat = ArmVirtQemu-AARCH64
|
||||||
|
dest = Fedora/experimental
|
||||||
|
cpy1 = FV/QEMU_EFI.fd QEMU_EFI.secboot.testonly.fd
|
||||||
|
cpy3 = FV/QEMU_EFI.fd QEMU_EFI-secboot-testonly-pflash.raw
|
||||||
|
pad3 = QEMU_EFI-secboot-testonly-pflash.raw 64m
|
||||||
|
|
|
@ -337,7 +337,8 @@ def main():
|
||||||
parser.add_argument('-j', '--jobs', dest = 'jobs', type = str,
|
parser.add_argument('-j', '--jobs', dest = 'jobs', type = str,
|
||||||
help = 'allow up to JOBS parallel build jobs',
|
help = 'allow up to JOBS parallel build jobs',
|
||||||
metavar = 'JOBS')
|
metavar = 'JOBS')
|
||||||
parser.add_argument('-m', '--match', dest = 'match', type = str,
|
parser.add_argument('-m', '--match', dest = 'match',
|
||||||
|
type = str, action = 'append',
|
||||||
help = 'only run builds matching INCLUDE (substring)',
|
help = 'only run builds matching INCLUDE (substring)',
|
||||||
metavar = 'INCLUDE')
|
metavar = 'INCLUDE')
|
||||||
parser.add_argument('-x', '--exclude', dest = 'exclude',
|
parser.add_argument('-x', '--exclude', dest = 'exclude',
|
||||||
|
@ -408,9 +409,14 @@ def main():
|
||||||
for build in cfg.sections():
|
for build in cfg.sections():
|
||||||
if not build.startswith('build.'):
|
if not build.startswith('build.'):
|
||||||
continue
|
continue
|
||||||
if options.match and options.match not in build:
|
if options.match:
|
||||||
print(f'# skipping "{build}" (not matching "{options.match}")')
|
matching = False
|
||||||
continue
|
for item in options.match:
|
||||||
|
if item in build:
|
||||||
|
matching = True
|
||||||
|
if not matching:
|
||||||
|
print(f'# skipping "{build}" (not matching "{"|".join(options.match)}")')
|
||||||
|
continue
|
||||||
if options.exclude:
|
if options.exclude:
|
||||||
exclude = False
|
exclude = False
|
||||||
for item in options.exclude:
|
for item in options.exclude:
|
||||||
|
|
64
edk2.spec
64
edk2.spec
|
@ -6,7 +6,7 @@
|
||||||
# in theory should build everywhere without much trouble, but
|
# in theory should build everywhere without much trouble, but
|
||||||
# in practice the edk2 build system barfs on archs it doesn't know
|
# in practice the edk2 build system barfs on archs it doesn't know
|
||||||
# (such as ppc), so lets limit things to the known-good ones.
|
# (such as ppc), so lets limit things to the known-good ones.
|
||||||
ExclusiveArch: x86_64 aarch64
|
ExclusiveArch: x86_64 aarch64 riscv64
|
||||||
|
|
||||||
# edk2-stable202308
|
# edk2-stable202308
|
||||||
%define GITDATE 20230825
|
%define GITDATE 20230825
|
||||||
|
@ -43,9 +43,9 @@ ExclusiveArch: x86_64 aarch64
|
||||||
|
|
||||||
Name: edk2
|
Name: edk2
|
||||||
Version: %{GITDATE}
|
Version: %{GITDATE}
|
||||||
Release: %autorelease
|
Release: %autorelease -e 0.riscv64
|
||||||
Summary: UEFI firmware for 64-bit virtual machines
|
Summary: UEFI firmware for 64-bit virtual machines
|
||||||
License: BSD-2-Clause-Patent and OpenSSL and MIT
|
License: BSD-2-Clause-Patent and Apache-2.0 and MIT
|
||||||
URL: http://www.tianocore.org
|
URL: http://www.tianocore.org
|
||||||
|
|
||||||
# The source tarball is created using following commands:
|
# The source tarball is created using following commands:
|
||||||
|
@ -58,6 +58,7 @@ Source2: openssl-rhel-%{OPENSSL_COMMIT}.tar.xz
|
||||||
Source3: softfloat-%{softfloat_version}.tar.xz
|
Source3: softfloat-%{softfloat_version}.tar.xz
|
||||||
Source4: edk2-platforms-%{PLATFORMS_COMMIT}.tar.xz
|
Source4: edk2-platforms-%{PLATFORMS_COMMIT}.tar.xz
|
||||||
Source5: jansson-2.13.1.tar.bz2
|
Source5: jansson-2.13.1.tar.bz2
|
||||||
|
Source6: README.experimental
|
||||||
|
|
||||||
# json description files
|
# json description files
|
||||||
Source10: 50-edk2-aarch64-qcow2.json
|
Source10: 50-edk2-aarch64-qcow2.json
|
||||||
|
@ -81,6 +82,8 @@ Source46: 51-edk2-ovmf-2m-raw-x64-nosb.json
|
||||||
Source47: 60-edk2-ovmf-x64-amdsev.json
|
Source47: 60-edk2-ovmf-x64-amdsev.json
|
||||||
Source48: 60-edk2-ovmf-x64-inteltdx.json
|
Source48: 60-edk2-ovmf-x64-inteltdx.json
|
||||||
|
|
||||||
|
Source50: 50-edk2-riscv-qcow2.json
|
||||||
|
|
||||||
# https://gitlab.com/kraxel/edk2-build-config
|
# https://gitlab.com/kraxel/edk2-build-config
|
||||||
Source80: edk2-build.py
|
Source80: edk2-build.py
|
||||||
Source81: edk2-build.fedora
|
Source81: edk2-build.fedora
|
||||||
|
@ -106,6 +109,10 @@ Patch0013: 0013-UefiCpuPkg-MpInitLib-fix-apic-mode-for-cpu-hotplug.patch
|
||||||
Patch0014: 0014-ArmPkg-Add-Pcd-to-disable-EFI_MEMORY_ATTRIBUTE_PROTO.patch
|
Patch0014: 0014-ArmPkg-Add-Pcd-to-disable-EFI_MEMORY_ATTRIBUTE_PROTO.patch
|
||||||
Patch0015: 0015-CryptoPkg-CrtLib-add-stat.h.patch
|
Patch0015: 0015-CryptoPkg-CrtLib-add-stat.h.patch
|
||||||
Patch0016: 0016-CryptoPkg-CrtLib-add-access-open-read-write-close-sy.patch
|
Patch0016: 0016-CryptoPkg-CrtLib-add-access-open-read-write-close-sy.patch
|
||||||
|
Patch0017: 0017-OvmfPkg-IoMmuDxe-don-t-rely-on-TPLs-to-manage-concur.patch
|
||||||
|
Patch0018: 0018-OvmfPkg-Disable-PcdFirstTimeWakeUpAPsBySipi.patch
|
||||||
|
Patch0019: 0019-OvmfPkg-AmdSev-Disable-PcdFirstTimeWakeUpAPsBySipi.patch
|
||||||
|
Patch0020: 0020-OvmfPkg-AmdSev-fix-BdsPlatform.c-assertion-failure-d.patch
|
||||||
|
|
||||||
|
|
||||||
# python3-devel and libuuid-devel are required for building tools.
|
# python3-devel and libuuid-devel are required for building tools.
|
||||||
|
@ -117,6 +124,13 @@ BuildRequires: /usr/bin/iasl
|
||||||
BuildRequires: binutils gcc git gcc-c++ make
|
BuildRequires: binutils gcc git gcc-c++ make
|
||||||
BuildRequires: qemu-img
|
BuildRequires: qemu-img
|
||||||
|
|
||||||
|
# openssl configure
|
||||||
|
BuildRequires: perl(FindBin)
|
||||||
|
BuildRequires: perl(IPC::Cmd)
|
||||||
|
BuildRequires: perl(File::Compare)
|
||||||
|
BuildRequires: perl(File::Copy)
|
||||||
|
BuildRequires: perl(JSON)
|
||||||
|
|
||||||
%if %{build_ovmf}
|
%if %{build_ovmf}
|
||||||
# Only OVMF includes 80x86 assembly files (*.nasm*).
|
# Only OVMF includes 80x86 assembly files (*.nasm*).
|
||||||
BuildRequires: nasm
|
BuildRequires: nasm
|
||||||
|
@ -152,7 +166,7 @@ Obsoletes: OVMF < 20180508-100.gitee3198e672e2.el7
|
||||||
# OVMF includes the Secure Boot and IPv6 features; it has a builtin OpenSSL
|
# OVMF includes the Secure Boot and IPv6 features; it has a builtin OpenSSL
|
||||||
# library.
|
# library.
|
||||||
Provides: bundled(openssl) = %{OPENSSL_VER}
|
Provides: bundled(openssl) = %{OPENSSL_VER}
|
||||||
License: BSD-2-Clause-Patent and OpenSSL
|
License: BSD-2-Clause-Patent and Apache-2.0
|
||||||
|
|
||||||
# URL taken from the Maintainers.txt file.
|
# URL taken from the Maintainers.txt file.
|
||||||
URL: http://www.tianocore.org/ovmf/
|
URL: http://www.tianocore.org/ovmf/
|
||||||
|
@ -174,7 +188,7 @@ Conflicts: libvirt-daemon-driver-qemu < 9.2.0
|
||||||
|
|
||||||
# No Secure Boot for AAVMF yet, but we include OpenSSL for the IPv6 stack.
|
# No Secure Boot for AAVMF yet, but we include OpenSSL for the IPv6 stack.
|
||||||
Provides: bundled(openssl) = %{OPENSSL_VER}
|
Provides: bundled(openssl) = %{OPENSSL_VER}
|
||||||
License: BSD-2-Clause-Patent and OpenSSL
|
License: BSD-2-Clause-Patent and Apache-2.0
|
||||||
|
|
||||||
# URL taken from the Maintainers.txt file.
|
# URL taken from the Maintainers.txt file.
|
||||||
URL: https://github.com/tianocore/tianocore.github.io/wiki/ArmVirtPkg
|
URL: https://github.com/tianocore/tianocore.github.io/wiki/ArmVirtPkg
|
||||||
|
@ -211,7 +225,7 @@ environment for the UEFI and PI specifications. This package contains sample
|
||||||
%if %{defined fedora}
|
%if %{defined fedora}
|
||||||
%package ovmf-ia32
|
%package ovmf-ia32
|
||||||
Summary: Open Virtual Machine Firmware
|
Summary: Open Virtual Machine Firmware
|
||||||
License: BSD-2-Clause-Patent and OpenSSL
|
License: BSD-2-Clause-Patent and Apache-2.0
|
||||||
Provides: bundled(openssl)
|
Provides: bundled(openssl)
|
||||||
BuildArch: noarch
|
BuildArch: noarch
|
||||||
%description ovmf-ia32
|
%description ovmf-ia32
|
||||||
|
@ -220,26 +234,27 @@ Open Virtual Machine Firmware (ia32)
|
||||||
|
|
||||||
%package ovmf-xen
|
%package ovmf-xen
|
||||||
Summary: Open Virtual Machine Firmware, Xen build
|
Summary: Open Virtual Machine Firmware, Xen build
|
||||||
License: BSD-2-Clause-Patent and OpenSSL
|
License: BSD-2-Clause-Patent and Apache-2.0
|
||||||
Provides: bundled(openssl)
|
Provides: bundled(openssl)
|
||||||
BuildArch: noarch
|
BuildArch: noarch
|
||||||
%description ovmf-xen
|
%description ovmf-xen
|
||||||
EFI Development Kit II
|
EFI Development Kit II
|
||||||
Open Virtual Machine Firmware (Xen build)
|
Open Virtual Machine Firmware (Xen build)
|
||||||
|
|
||||||
%package ovmf-experimental
|
%package experimental
|
||||||
Summary: Open Virtual Machine Firmware, experimental builds
|
Summary: Open Virtual Machine Firmware, experimental builds
|
||||||
License: BSD-2-Clause-Patent and OpenSSL
|
License: BSD-2-Clause-Patent and Apache-2.0
|
||||||
Provides: bundled(openssl)
|
Provides: bundled(openssl)
|
||||||
|
Obsoletes: edk2-ovmf-experimental < 20230825
|
||||||
BuildArch: noarch
|
BuildArch: noarch
|
||||||
%description ovmf-experimental
|
%description experimental
|
||||||
EFI Development Kit II
|
EFI Development Kit II
|
||||||
Open Virtual Machine Firmware (experimental builds)
|
Open Virtual Machine Firmware (experimental builds)
|
||||||
|
|
||||||
%package arm
|
%package arm
|
||||||
Summary: ARM Virtual Machine Firmware
|
Summary: ARM Virtual Machine Firmware
|
||||||
BuildArch: noarch
|
BuildArch: noarch
|
||||||
License: BSD-2-Clause-Patent and OpenSSL
|
License: BSD-2-Clause-Patent and Apache-2.0
|
||||||
%description arm
|
%description arm
|
||||||
EFI Development Kit II
|
EFI Development Kit II
|
||||||
ARMv7 UEFI Firmware
|
ARMv7 UEFI Firmware
|
||||||
|
@ -247,14 +262,14 @@ ARMv7 UEFI Firmware
|
||||||
%package riscv64
|
%package riscv64
|
||||||
Summary: RISC-V Virtual Machine Firmware
|
Summary: RISC-V Virtual Machine Firmware
|
||||||
BuildArch: noarch
|
BuildArch: noarch
|
||||||
License: BSD-2-Clause-Patent and OpenSSL
|
License: BSD-2-Clause-Patent and Apache-2.0
|
||||||
%description riscv64
|
%description riscv64
|
||||||
EFI Development Kit II
|
EFI Development Kit II
|
||||||
RISC-V UEFI Firmware
|
RISC-V UEFI Firmware
|
||||||
|
|
||||||
%package ext4
|
%package ext4
|
||||||
Summary: Ext4 filesystem driver
|
Summary: Ext4 filesystem driver
|
||||||
License: BSD-2-Clause-Patent and OpenSSL
|
License: BSD-2-Clause-Patent and Apache-2.0
|
||||||
BuildArch: noarch
|
BuildArch: noarch
|
||||||
%description ext4
|
%description ext4
|
||||||
EFI Development Kit II
|
EFI Development Kit II
|
||||||
|
@ -298,11 +313,13 @@ mkdir -p MdePkg/Library/MipiSysTLib/mipisyst/library/include
|
||||||
chmod -Rf a+rX,u+w,g-w,o-w .
|
chmod -Rf a+rX,u+w,g-w,o-w .
|
||||||
|
|
||||||
cp -a -- \
|
cp -a -- \
|
||||||
|
%{SOURCE6} \
|
||||||
%{SOURCE10} %{SOURCE11} %{SOURCE12} %{SOURCE13} \
|
%{SOURCE10} %{SOURCE11} %{SOURCE12} %{SOURCE13} \
|
||||||
%{SOURCE20} \
|
%{SOURCE20} \
|
||||||
%{SOURCE30} %{SOURCE31} %{SOURCE32} \
|
%{SOURCE30} %{SOURCE31} %{SOURCE32} \
|
||||||
%{SOURCE40} %{SOURCE41} %{SOURCE42} %{SOURCE43} %{SOURCE44} \
|
%{SOURCE40} %{SOURCE41} %{SOURCE42} %{SOURCE43} %{SOURCE44} \
|
||||||
%{SOURCE45} %{SOURCE46} %{SOURCE47} %{SOURCE48} \
|
%{SOURCE45} %{SOURCE46} %{SOURCE47} %{SOURCE48} \
|
||||||
|
%{SOURCE50} \
|
||||||
%{SOURCE80} %{SOURCE81} %{SOURCE82} %{SOURCE83} \
|
%{SOURCE80} %{SOURCE81} %{SOURCE82} %{SOURCE83} \
|
||||||
%{SOURCE90} %{SOURCE91} \
|
%{SOURCE90} %{SOURCE91} \
|
||||||
.
|
.
|
||||||
|
@ -389,7 +406,8 @@ done
|
||||||
virt-fw-vars --input Fedora/experimental/OVMF.stateless.fd \
|
virt-fw-vars --input Fedora/experimental/OVMF.stateless.fd \
|
||||||
--output Fedora/experimental/OVMF.stateless.secboot.fd \
|
--output Fedora/experimental/OVMF.stateless.secboot.fd \
|
||||||
--set-dbx DBXUpdate-%{DBXDATE}.x64.bin \
|
--set-dbx DBXUpdate-%{DBXDATE}.x64.bin \
|
||||||
--enroll-redhat --secure-boot
|
--enroll-redhat --secure-boot \
|
||||||
|
--set-fallback-no-reboot
|
||||||
|
|
||||||
for image in \
|
for image in \
|
||||||
Fedora/ovmf/OVMF_CODE.secboot.fd \
|
Fedora/ovmf/OVMF_CODE.secboot.fd \
|
||||||
|
@ -416,6 +434,9 @@ done
|
||||||
%else
|
%else
|
||||||
./edk2-build.py --config edk2-build.fedora --silent --release-date "$RELEASE_DATE" -m armvirt
|
./edk2-build.py --config edk2-build.fedora --silent --release-date "$RELEASE_DATE" -m armvirt
|
||||||
./edk2-build.py --config edk2-build.fedora.platforms --silent -m aa64
|
./edk2-build.py --config edk2-build.fedora.platforms --silent -m aa64
|
||||||
|
virt-fw-vars --input Fedora/aarch64/vars-template-pflash.raw \
|
||||||
|
--output Fedora/experimental/vars-template-secboot-testonly-pflash.raw \
|
||||||
|
--enroll-redhat --secure-boot
|
||||||
%endif
|
%endif
|
||||||
for raw in */aarch64/*.raw; do
|
for raw in */aarch64/*.raw; do
|
||||||
qcow2="${raw%.raw}.qcow2"
|
qcow2="${raw%.raw}.qcow2"
|
||||||
|
@ -436,7 +457,7 @@ done
|
||||||
%install
|
%install
|
||||||
|
|
||||||
cp -a OvmfPkg/License.txt License.OvmfPkg.txt
|
cp -a OvmfPkg/License.txt License.OvmfPkg.txt
|
||||||
cp -a CryptoPkg/Library/OpensslLib/openssl/LICENSE LICENSE.openssl
|
cp -a CryptoPkg/Library/OpensslLib/openssl/LICENSE.txt LICENSE.openssl
|
||||||
mkdir -p %{buildroot}%{_datadir}/qemu/firmware
|
mkdir -p %{buildroot}%{_datadir}/qemu/firmware
|
||||||
|
|
||||||
# install the tools
|
# install the tools
|
||||||
|
@ -529,6 +550,15 @@ install -m 0644 \
|
||||||
# endif build_aarch64
|
# endif build_aarch64
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
|
%if %{build_riscv64}
|
||||||
|
|
||||||
|
install -m 0644 \
|
||||||
|
50-edk2-riscv-qcow2.json \
|
||||||
|
%{buildroot}%{_datadir}/qemu/firmware
|
||||||
|
|
||||||
|
# endif build_riscv64
|
||||||
|
%endif
|
||||||
|
|
||||||
%if %{defined fedora}
|
%if %{defined fedora}
|
||||||
|
|
||||||
# edk2-tools-python install
|
# edk2-tools-python install
|
||||||
|
@ -666,8 +696,9 @@ done
|
||||||
%{_datadir}/qemu/firmware/40-edk2-ovmf-ia32-sb.json
|
%{_datadir}/qemu/firmware/40-edk2-ovmf-ia32-sb.json
|
||||||
%{_datadir}/qemu/firmware/50-edk2-ovmf-ia32-nosb.json
|
%{_datadir}/qemu/firmware/50-edk2-ovmf-ia32-nosb.json
|
||||||
|
|
||||||
%files ovmf-experimental
|
%files experimental
|
||||||
%common_files
|
%common_files
|
||||||
|
%doc README.experimental
|
||||||
%dir %{_datadir}/%{name}/experimental
|
%dir %{_datadir}/%{name}/experimental
|
||||||
%{_datadir}/%{name}/experimental/*.fd
|
%{_datadir}/%{name}/experimental/*.fd
|
||||||
%{_datadir}/%{name}/experimental/*.raw
|
%{_datadir}/%{name}/experimental/*.raw
|
||||||
|
@ -694,6 +725,7 @@ done
|
||||||
%common_files
|
%common_files
|
||||||
%{_datadir}/%{name}/riscv/*.fd
|
%{_datadir}/%{name}/riscv/*.fd
|
||||||
%{_datadir}/%{name}/riscv/*.qcow2
|
%{_datadir}/%{name}/riscv/*.qcow2
|
||||||
|
%{_datadir}/qemu/firmware/50-edk2-riscv-qcow2.json
|
||||||
|
|
||||||
%files ext4
|
%files ext4
|
||||||
%common_files
|
%common_files
|
||||||
|
|
Loading…
Reference in New Issue