Releases: microsoft/mu_tiano_platforms
v9.0.0
What's Changed
⚠️ Breaking Changes
-
Drop S3 and Lock Box Support [Rebase \& FF] @makubacki (#1042)
Change Details
## Description
Contains the following changes:
QemuQ35Pkg: Drop S3 and Lock Box support
-
Drop SmmLockBox from build and flash image
This is a Traditional SMM module that cannot be dispached with
the Standalone MM model currently supported in QemuQ35Pkg. -
Drop PEI and DXE S3 and Lock Box related modules from the
QemuQ35Pkg build and flash image.gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiS3Enable
isFALSE
which
disables S3 support. Code is also currently not being written to
support S3 boot script replay and S3 is not tested. Modern physical
platforms rarely support S3 and S3 presents its own security
related concerns and maintenance overhead.Since S3 is not needed, the lock box code which is currently only
used to store the S3 boot script is not needed.As a consequence, the following S3, boot script, and lock box
related PEI and DXE modules are removed from QemuQ35Pkg:BootScriptExecutorDxe
CpuS3DataDxe
S3Resume2Pei
S3SaveStateDxe
-
Drop S3 and lock box related library instances from QemuQ35Pkg
build.The following library instances also do not need to be build given
S3 is not supported and are removed from the QemuQ35Pkg build:MdeModulePkg/Library/PiDxeS3BootScriptLib/DxeS3BootScriptLib.inf
MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxDxeLib.inf
MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxPeiLib.inf
MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxSmmLib.inf
MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxStandaloneMmLib.inf
QemuPkg/Library/LockBoxLib/LockBoxBaseLib.inf
QemuQ35Pkg/Library/QemuFwCfgS3Lib/PeiQemuFwCfgS3LibFwCfg.inf
QemuQ35Pkg: Remove S3 and Lock Box related code
Removes libraries and modules that support S3 and Lock Box since S3
is not supported by QemuQ35Pkg.QemuQ35Pkg/Sec: Drop S3 and Lock Box support
Always follow the non-S3 flow to decompress the main FV and load
the PEI core from it during SEC startup.QemuQ35Pkg/PlatformPei: Drop S3 and Lock Box support
Removes platform initialization logic for S3 and the lock box.
Notably, the number of MMRAM regions is reduced from two to one since
the first MMRAM range was previously a 4KB page used to hold S3
resume structures.The amount of ACPI NVS reservation is reduced substantially since
areas like the following do not need to be preserved for S3 resume:- CPU AP stack buffers
- Temp RAM stack and heap
- GUIDed section extraction handlers
- Reset vector initial page tables
The lock box storage buffer is also not allocated at all. Previously,
it was allocated as boot services data (not ACPI NVS) since S3 was
never enabled. In any case, that space is no longer allocated.Asserts are added in places through key control flow to alert a
developer if S3 is detected as enabled when it should not be.QemuQ35Pkg/AcpiPlatformDxe: Drop S3 and Lock Box support
Removes S3 boot script related code since S3 is no longer supported.
QemuQ35Pkg/SmmControl2Dxe: Drop S3 and Lock Box support
Removes S3 and boot script related code to focus the module on simply
installingTrigger()
andClear()
functionality for the SMM
Control protocol.QemuQ35Pkg/SmmAccess: Drop S3 and Lock Box support
Main change is to compensate for the single MMRAM range used now that
the S3 resume area is removed from MMRAM. A single range is now used
to cover all of TSEG.QemuQ35Pkg.fdf: Remove assignment of Lock Box PCDs
Removes the following PCDs since the lock box is no longer supported.
gQemuPkgTokenSpaceGuid.PcdOvmfLockBoxStorageBase
gQemuPkgTokenSpaceGuid.PcdOvmfLockBoxStorageSize
QemuSbsaPkg: Use LockBoxLib null instance
The QemuPkg
LockBoxLib
is being removed. Used the null instance here
for libraries (likePerformanceLib
) that link against aLockBoxLib
instance.QemuPkg: Remove LockBoxLib
Not needed since S3 support is not used requiring the Lock Box.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
- Boot to EFI shell and perform cold and warm reset
- Verify Standalone MM drivers are dispatched and execute successfully
Integration Instructions
- N/A - Affects platform firmware operation
-
🚀 Features & ✨ Enhancements
-
Drop S3 and Lock Box Support [Rebase \& FF] @makubacki (#1042)
Change Details
## Description
Contains the following changes:
QemuQ35Pkg: Drop S3 and Lock Box support
-
Drop SmmLockBox from build and flash image
This is a Traditional SMM module that cannot be dispached with
the Standalone MM model currently supported in QemuQ35Pkg. -
Drop PEI and DXE S3 and Lock Box related modules from the
QemuQ35Pkg build and flash image.gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiS3Enable
isFALSE
which
disables S3 support. Code is also currently not being written to
support S3 boot script replay and S3 is not tested. Modern physical
platforms rarely support S3 and S3 presents its own security
related concerns and maintenance overhead.Since S3 is not needed, the lock box code which is currently only
used to store the S3 boot script is not needed.As a consequence, the following S3, boot script, and lock box
related PEI and DXE modules are removed from QemuQ35Pkg:BootScriptExecutorDxe
CpuS3DataDxe
S3Resume2Pei
S3SaveStateDxe
-
Drop S3 and lock box related library instances from QemuQ35Pkg
build.The following library instances also do not need to be build given
S3 is not supported and are removed from the QemuQ35Pkg build:MdeModulePkg/Library/PiDxeS3BootScriptLib/DxeS3BootScriptLib.inf
MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxDxeLib.inf
MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxPeiLib.inf
MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxSmmLib.inf
MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxStandaloneMmLib.inf
QemuPkg/Library/LockBoxLib/LockBoxBaseLib.inf
QemuQ35Pkg/Library/QemuFwCfgS3Lib/PeiQemuFwCfgS3LibFwCfg.inf
QemuQ35Pkg: Remove S3 and Lock Box related code
Removes libraries and modules that support S3 and Lock Box since S3
is not supported by QemuQ35Pkg.QemuQ35Pkg/Sec: Drop S3 and Lock Box support
Always follow the non-S3 flow to decompress the main FV and load
the PEI core from it during SEC startup.QemuQ35Pkg/PlatformPei: Drop S3 and Lock Box support
Removes platform initialization logic for S3 and the lock box.
Notably, the number of MMRAM regions is reduced from two to one since
the first MMRAM range was previously a 4KB page used to hold S3
resume structures.The amount of ACPI NVS reservation is reduced substantially since
areas like the following do not need to be preserved for S3 resume:- CPU AP stack buffers
- Temp RAM stack and heap
- GUIDed section extraction handlers
- Reset vector initial page tables
The lock box storage buffer is also not allocated at all. Previously,
it was allocated as boot services data (not ACPI NVS) since S3 was
never enabled. In any case, that space is no longer allocated.Asserts are added in places through key control flow to alert a
developer if S3 is detected as enabled when it should not be.QemuQ35Pkg/AcpiPlatformDxe: Drop S3 and Lock Box support
Removes S3 boot script related code since S3 is no longer supported.
QemuQ35Pkg/SmmControl2Dxe: Drop S3 and Lock Box support
Removes S3 and boot script related code to focus the module on simply
installingTrigger()
andClear()
functionality for the SMM
Control protocol.QemuQ35Pkg/SmmAccess: Drop S3 and Lock Box support
Main change is to compensate for the single MMRAM range used now that
the S3 resume area is removed from MMRAM. A single range is now used
to cover all of TSEG.QemuQ35Pkg.fdf: Remove assignment of Lock Box PCDs
Removes the following PCDs since the lock box is no longer supported.
gQemuPkgTokenSpaceGuid.PcdOvmfLockBoxStorageBase
gQemuPkgTokenSpaceGuid.PcdOvmfLockBoxStorageSize
QemuSbsaPkg: Use LockBoxLib null instance
The QemuPkg
LockBoxLib
is being removed. Used the null instance here
for libraries (likePerformanceLib
) that link against aLockBoxLib
instance.QemuPkg: Remove LockBoxLib
Not needed since S3 support is not used requiring the Lock Box.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
- Boot to EFI shell and perform cold and warm reset
- Verify Standalone MM drivers are dispatched and execute successfully
Integration Instructions
- N/A - Affects platform firmware operation
-
Full Changelog: v8.0.1...v9.0.0
v8.0.1
What's Changed
-
QemuQ35Pkg.dsc: Apply XenHypercallLib to valid archs @makubacki (#1041)
Change Details
## Description
The XenHypercallLib instance in QemuQ35Pkg has the following LIBRARY_CLASS value in its [DEFINES] section:
[Defines.IA32, Defines.X64] LIBRARY_CLASS = XenHypercallLib|... [Defines.ARM, Defines.AARCH64] LIBRARY_CLASS = XenHypercallLib
However, the library instance is specified in QemuQ35Pkg.dsc against the "Common" architecture as it is placed in the
[LibraryClasses]
section.This raises the following warning during build:
INFO - QemuQ35Pkg.dsc(...): warning: Platforms\QemuQ35Pkg\Library\XenHypercallLib\XenHypercallLib.inf does not support LIBRARY_CLASS XenHypercallLib
This is printed from the
_ValidateLibraryClass()
function inBaseTools/Source/Python/Workspace/DscBuildData.py
because the library class is bound by architecture in the INF file so it does not support the "Common" architecture.This change maps the library instance to the XenHypercallLib class per the defined architectures (
IA32
andX64
) in QemuQ35Pkg.dsc.- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
QemuQ35Pkg
before and after the change
Integration Instructions
- N/A
-
Update basecore and supervisor submodules @kuqin12 (#1025)
Change Details
## Description
Update mu_basecore to top of release/202405 and supervisor repo to pair up with the updated override tags.
For details on how to complete to complete these options and their meaning refer to CONTRIBUTING.md.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
Tested on QEMU Q35 and booted to shell.
Integration Instructions
N/A
-
Set workspace resolver to version 2 @antklein (#1024)
Change Details
## Description
Add an explicit set for resolver to use version 2. This is required for virtual workspaces as the rust edition cannot be inferred by the compiler.
For details on how to complete to complete these options and their meaning refer to CONTRIBUTING.md.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
I validated that cargo make build, test, and coverage did not change.
Integration Instructions
N/A
🛠️ Submodule Updates
-
Bump Common/MU\_TIANO from 2024050000.0.0 to 2024050000.0.1 @ProjectMuBot (#1033)
Change Details
Bumps Common/MU_TIANO from `2024050000.0.0` to `2024050000.0.1`
Introduces 8 new commits in Common/MU_TIANO.
Commits
- 60690b Revert "FmpDevicePkg: Assert on PcdFmpDeviceImageTypeIdGuid Size Mismatch"
- 8e813d [CHERRY-PICK] FmpDevicePkg: Assert on PcdFmpDeviceImageTypeIdGuid Size Mismatch
- d60d41 Revert "EmbeddedPkg: Mark DMA Memory Allocations XP By Default"
- 622dc7 [CHERRY-PICK] EmbeddedPkg: Mark DMA Memory Allocations XP By Default
- c454e6 Revert "PrmPkg: Don"t Set Access Attributes of Runtime MMIO Ranges (#51)"
- 432fdb [CHERRY-PICK] PrmPkg: Don"t Set Access Attributes of Runtime MMIO Ranges
- 67e042 [CHERRY-PICK] EmbeddedPkg: NonCoherentDmaLib: Set EFI_MEMORY_XP Capability on DMA Buffer
- ef21d6 pip: bump edk2-pytool-extensions from 0.27.11 to 0.27.12 (#329)
Signed-off-by: Project Mu Bot mubot@microsoft.com
-
Bump Features/CONFIG from 2.0.13 to 3.0.0 @ProjectMuBot (#1035)
Change Details
Bumps Features/CONFIG from `2.0.13` to `3.0.0`
Introduces 22 new commits in Features/CONFIG.
Commits
- fb0659 SetupDataPkg/ConfApp: Fix incorrect type used in a GUID print (#381)
- ab3555 pip: bump edk2-pytool-extensions from 0.27.9 to 0.27.10 (#382)
- 7eb698 Removing script that would create windows executable from a python file. (#380)
- 07d1b6 pip: bump pytest from 8.2.2 to 8.3.1 (#384)
- 84061c pip: bump pyopenssl from 24.1.0 to 24.2.1 (#383)
- 473977 pip: bump regex from 2024.5.15 to 2024.7.24 (#387)
- a9ead4 pip: bump xmlschema from 3.3.1 to 3.3.2 (#386)
- e6856b pip: bump pytest from 8.3.1 to 8.3.2 (#385)
- 2c08cd pip: bump edk2-pytool-library from 0.21.8 to 0.21.9 (#388)
- c4ffcc pip: bump flake8 from 7.1.0 to 7.1.1 (#391)
- 5552ed pip: bump antlr4-python3-runtime from 4.13.1 to 4.13.2 (#390)
- 377d98 Switch to use edk2-pytool-library UefiVariableSupportLib. (#362)
- bd44e7 pip: bump edk2-pytool-library from 0.21.9 to 0.21.10 (#389)
- 7d4a54 Repo File Sync: synced file(s) with microsoft/mu_devops (#392)
- f7a1e7 pip: bump edk2-pytool-extensions from 0.27.10 to 0.27.11 (
v8.0.0
What's Changed
-
pip: bump edk2-pytool-extensions and edk2-pytool-library @apop5 (#1021)
Change Details
## Description
edk2-pytool-extensions from 0.27.10 to 0.27.11
edk2-pytool-library from 0.21.9 to 0.21.10- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
N/A
Integration Instructions
N/A
-
Add back memory map test app @kuqin12 (#1018)
Change Details
## Description
This change re-enables the memory map test app fix by picking up the latest MU_PLUS and MU_SILICON_ARM.
Resolves #1017.
For details on how to complete to complete these options and their meaning refer to CONTRIBUTING.md.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
This change is tested on QEMU Q35.
Integration Instructions
N/A
</blockquote> <hr> </details>
-
Integrate PEI RNG Shared Crypto @makubacki (#1007)
Change Details
## Description
Produces an RNG PPI that is used by shared crypto to abstract platform RNG support.
-
Updates Mu Basecore to v2023110010.0.1
-
Updates Mu Tiano Plus to v2023110001.1.0
-
Updates Mu MM Supervisor to v12.0.1 (for overrides)
-
Updates pytools for compat with Mu Basecore Rust plugin
-
Impacts functionality?
-
Impacts security?
-
Breaking change?
-
Includes tests?
-
Includes documentation?
How This Was Tested
- CI
- Verified RngPei is launched
- Verified RNG PPI is installed
- Verified Shared Crypto can use RNG PPI as expected
- EFI Shell Boot
Integration Instructions
- N/A
-
-
Remove DxePagingAuditTestApp Exemption From Q35 and SBSA @os-d (#1001)
Change Details
## Description
The DxePagingAuditTestApp was failing on all architectures because of a misimplementation. That was fixed in
microsoft/mu_plus#528. This patch pulls in the newer mu_plus to get that change and drops the exemption from Q35 and SBSA.- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
Ran paging audit test and it succeeds.
Integration Instructions
N/A.
</blockquote> <hr> </details>
- Impacts functionality?
-
PlatformBuild.py: Extend DxePagingAudit exception for 3 months @makubacki (#1000)
Change Details
## Description
Pipelines are currently failing since the exception has expired.
- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
- CI
Integration Instructions
- N/A
- Impacts functionality?
-
Support CLANGPDB to build ARM SBSA @kuqin12 (#944)
Change Details
# Preface
Please ensure you have read the contribution docs prior
to submitting the pull request. In particular,
pull request guidelines.Description
This change is created to support building SBSA using CLANGPDB.
For each item, place an "x" in between
[
and]
if true. Example:[x]
.
(you can also check items in the GitHub UI)- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
This was tested locally using QEMU SBSA platform and booted to UEFI shell.
Integration Instructions
N/A
</blockquote> <hr> </details>
- Impacts functionality?
-
Update Platform CI for -a flag removal @makubacki (#968)
Change Details
## Description
Passes the architecture for platform builds through the build flags.
For compatibility with the v10.0.0 Mu DevOps release: https://github.com/microsoft/mu_devops/releases/tag/v10.0.0
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
- Pipeline build
Integration Instructions
- N/A
-
Update QEMU binary to v7.0.1 @kuqin12 (#951)
Change Details
## Description
This change picks up the v7.0.1 release of QEMU binaries with the fix of QEMU ARM64 missing a VGA binary._
- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Do...
- Impacts functionality?
v7.0.1
What's Changed
-
Add `bochs` VGA binary to QEMU release @kuqin12 (#950)
Change Details
## Description
This change added an extra binary from QEMU builds to support QEMU-SBSA platform graphic operations.
- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
This was tested locally by running QEMU-SBSA with the platform release UEFI binaries and booted to UEFI shell properly.
Integration Instructions
N/A
- Impacts functionality?
-
Add Advanced Logger PRM to Q35 @os-d (#935)
Change Details
## Description
The Advanced Logger PRM was added to Advanced Logger. This PR gives an example of integrating it and using it.
- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
Tested by booting Q35 to Windows and fetching the log via the variable interface and the PRM interface and confirming the log is the same.
Integration Instructions
Follow this example to integrate into another platform.
- Impacts functionality?
-
Add NETWORK\_ENABLE option @makubacki (#940)
Change Details
## Description
Simplifies network enabling by using a dedicated flag for enabling.
Preserves existing behavior where networking is disabled by default.
Networking was hardcoded to off in the QemuSbsaPkg runner, that is
not modified in this change.- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
- Run without flag set and verify networking is disabled.
- Run with flag and verify networking is enabled.
Integration Instructions
N/A
- Impacts functionality?
-
Use MdeModulePkg BaseRngLibTimerLib instance @makubacki (#939)
Change Details
## Description
The BaseRngLibTimerLib instance was moved to MdeModulePkg as noted in
https://bugzilla.tianocore.org/show_bug.cgi?id=4504.That move was made because some algorithm GUIDs were added to the
GetRngGuid() interface that were not in the UEFI Specification.tianocore/edk2@e934684
adds a deprecation message to the older MdePkg instance.This change updates all paths in this repo to use the MdeModulePkg
instance.- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
- QemuQ35Pkg and QemuSbsaPkg built and boot to EFI shell
Integration Instructions
N/A
-
Update QEMU external dependency @kuqin12 (#926)
Change Details
## Description
The latest QEMU v9.0.0 is updated in the platform release v7.0.0. This change is to pick it up.
- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
This change is tested on QEMU Q35 as well as SBSA and booted to UEFI shell.
Integration Instructions
N/A
- Impacts functionality?
🐛 Bug Fixes
-
Added exception handling when `GetConsoleMode` API fails @kuqin12 (#929)
Change Details
## Description
This change fixes a pipeline break after moving to QEMU v9.0.0 by adding a try-except routine to handle the case on the server builds.
- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
This change was tested locally and on the pipeline build.
Integ...
- Impacts functionality?
v7.0.0
What's Changed
-
Upgrade default QEMU to v9.0.0 @kuqin12 (#901)
Change Details
## Description
v9.0.0 fixed a few known issues blocking us from upgrading to QEMU of later than v7.2.0.
This change is made to upgrade the default QEMU to v9.0.0 to intake the latest release.
- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
This change is tested locally on Windows and WSL environment.
Integration Instructions
Existing clones will need to perform
PlatformBuild.py --update
to download the latest version of QEMU.
- Impacts functionality?
-
Integrate TF-A v2.10 @kuqin12 (#920)
Change Details
# Preface
Please ensure you have read the contribution docs prior
to submitting the pull request. In particular,
pull request guidelines.Description
The TF-A v2.10 updated the footprint of images drastically and supported extra CPU models, causing the existing flash map not able to suit the BL1.
This change updated the flash map and improved the patching routine in post-build to fail the build next time.
For each item, place an "x" in between
[
and]
if true. Example:[x]
.
(you can also check items in the GitHub UI)- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
This is tested functional on QEMU SBSA with max CPU model.
Integration Instructions
N/A
</blockquote> <hr> </details>
- Impacts functionality?
-
Refresh Paging Audit Test App CI Exemption @TaylorBeebe (#919)
Change Details
## Description
The DXE paging audit test app was updated to check for Enhanced Memory
Protection compliance. Project Mu is currently being updated to pass to
pass the remaining two checks (RP on free memory and RP on GCD
nonexistent regions). This PR updates the exemption date for
SBSA and Q35 so test failures don't block CI gates.- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
Tested in CI pipelines
Integration Instructions
N/A
- Impacts functionality?
-
qemu\_extdep: Remove the linux extdep @Javagedes (#915)
Change Details
## Description
Removes the qemu external dependency for linux and instead uses the qemu that is directly installed on the system.
Note: I've opted to keep the github action that produces the linux external dependency in-case we opt to switch back to using it, or as an example to anyone that needs to build it locally.
- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
N/A
Integration Instructions
N/A
</blockquote> <hr> </details>
- Impacts functionality?
-
Enable MU Debugger Package for Q35 \& SBSA @cfernald (#910)
Change Details
## Description
Ingests the MU_FEATURE_DEBUGGER repo and enabled the software debugger for both Q35 and SBSA through the build flag
BLD_*_DEBUGGER_ENABLED=TRUE
to debug over the serial port specified by the runtime flagSERIAL_PORT=####
.Creates a debug transport for Q35 that wraps the IO port serial port lib implementation but swaps the UART port address before calling to allow the debugger to run on a separate port then the debug output.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
Locally tested on both SBSA and Q35.
Integration Instructions
N/A
</blockquote> <hr> </details>
⚠️ Breaking Changes
-
Update MU\_BASECORE to v2023110004.0.0, MM\_SUPV to v11.0.1 and MU\_PLUS to v2023110000.0.5 @kuqin12 (#911)
Change Details
## Description
This change updates the MU_BASECORE, MM_SUPV and MU_PLUS submodules and fixes integration errors:
Submodule Version MU_BASECORE v2023110004.0.0 MM_SUPV v11.0.1 MU_PLUS v2023110000.0.5 - Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- **Break...
- Impacts functionality?
v6.0.0
What's Changed
-
Add HTTP and acpiview commands to UEFI shell @kuqin12 (#902)
Change Details
# Preface
Please ensure you have read the contribution docs prior
to submitting the pull request. In particular,
pull request guidelines.Description
Current QEMU platforms do not support needed cmdlets for system status inspection.
This change added a few command options to the UEFI shell to further support necessary tests in the future.
For each item, place an "x" in between
[
and]
if true. Example:[x]
.
(you can also check items in the GitHub UI)- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
This was tested on QEMU Q35 and SBSA in UEFI shell environments.
Integration Instructions
N/A
</blockquote> <hr> </details>
- Impacts functionality?
-
Fix console after returning from QEMU @kuqin12 (#900)
Change Details
# Preface
Please ensure you have read the contribution docs prior
to submitting the pull request. In particular,
pull request guidelines.Description
The fix is enlightened by the original QEMU thread here: https://gitlab.com/qemu-project/qemu/-/issues/1674.
The change fixed the garbled command prompt after returning from QEMU v8+ on Windows platforms.
For each item, place an "x" in between
[
and]
if true. Example:[x]
.
(you can also check items in the GitHub UI)- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
This was tested on QEMU v9.0.0-rc1 on Windows and confirmed it fixes the command prompt after returning from QEMU runner.
Integration Instructions
N/A
</blockquote> <hr> </details>
- Impacts functionality?
-
Remove UEFI Ext as it has moved to mu\_feature\_debugger @cfernald (#894)
Change Details
## Description
the UEFI windbg Extension has moved to https://github.com/microsoft/mu_feature_debugger.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
N/A
Integration Instructions
N/A
</blockquote> <hr> </details>
-
Create Memory Allocation HOB Entry for QEMU FDT Blob @TaylorBeebe (#876)
Change Details
## Description
The flattened device tree blob is placed in memory at the address specified by PcdDeviceTreeInitialBaseAddress. This PR creates a memory allocation HOB entry for the pages spanning the start and end of the FDT so it cannot be allocated during boot.
- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
Tested by running SBSA and reviewing the memory allocation HOBs
Integration Instructions
N/A
</blockquote> <hr> </details>
- Impacts functionality?
-
Update Virtual Drive Manager File Collection and mu\_plus Subrepo @TaylorBeebe (#886)
Change Details
## Description
The PDE.dat file is no longer produced by the paging audit, so the get_file call will fail.
- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
Tested by running the paging audit on Q35 and SBSA
Integration Instructions
N/A
- Impacts functionality?
-
Add SSE4.1 Instructions to Q35 @os-d (#882)
Change Details
## Description
Windows requires both the SSE4.1 and SSE4.2 instructions to boot. Add these to the Q35 QEMU cmdline so that the VM has these available.
For each item, place an "x" in between
[
and]
if true. Example:[x]
.
(you can also check items in the GitHub UI)- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in...
- Breaking change - Will anyone consuming this change experience a break
- Impacts functionality?
v5.1.2
What's Changed
-
.github/workflows/publish-qemu-bin.yml: reliability updates @Javagedes (#880)
Change Details
## Description
Updates release pipeline for the qemu binary to release qemu v7.2.0 as a external dependency and to also provide the following roms:
-
efi-e1000e.rom
-
efi-virtio.rom
-
Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
-
Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
-
Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
-
Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
-
Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
Verified Terminal was not in an invalid state after exiting qemu, and that the above roms were successfully found at runtime.
Integration Instructions
Perform a release and update the qemu external dependency inside mu_tiano_platforms
</blockquote> <hr> </details>
-
Full Changelog: v5.1.1...v5.1.2
v5.1.1
What's Changed
-
Add E1000 rom to QEMU ext dep @cfernald (#874)
Change Details
## Description
The e1000 NIC is useful for OS debugging and general "real hardware"-like network access.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
N/A
Integration Instructions
N/A
</blockquote> <hr> </details>
-
Add SSE4.2 to q35 QEMU runner CPU features @cfernald (#873)
Change Details
## Description
The Instruction Set Extension, specifically SSE4.2, is standard and used by Windows. This adds it to the default QEMU configuration for Q35.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
Tested local Windows boot.
Integration Instructions
N/A
</blockquote> <hr> </details>
-
Set PcdFixedDebugPrintErrorLevel in QemuSbsaPkg to Improve Boot Time @TaylorBeebe (#871)
Change Details
## Description
There's a large slowdown during GCD sync when the syncing logic debug dumps the GCD map thousands of times. I updated the syncing logic to skip the dump process if the GCD debug verbosity level is not set. Checking the verbosity is done via a call to DebugPrintLevelEnabled() in DebugLib which checks the fixed debug print PCD.
This PR sets the FixedAtBuild PCD to be the same as the PatchableInModule PCD so the map dump function is skipped.
- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
Tested by booting SBSA and observing the improved boot time.
Integration Instructions
N/A
</blockquote> <hr> </details>
- Impacts functionality?
-
Use qemu external dependency @Javagedes (#851)
Change Details
## Description
Use an external dependency for qemu rather than relying on it being installed by the user.
- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
Ensured Boot to shell and Boot to windows using the Windows and Linux qemu external dependencies. Verified TPM Replay functionality continued to work as expected.
Integration Instructions
N/A
</blockquote> <hr> </details>
- Impacts functionality?
🔐 Security Impacting
-
Update Subrepos to Sync Stack Cookie Changes @TaylorBeebe (#870)
Change Details
## Description
The StackCheckLib instances have been updated in all subrepos. Thi PR updates all subrepos and the StackCheckLib instances for SBSA and Q35.
- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
Tested in pipelines
Integration Instructions
N/A
</blockquote> <hr> </details>
- Impacts functionality?
🛠️ Submodule Updates
-
Bump MU\_BASECORE from 2023110001.0.2 to 2023110001.1.0 @ProjectMuBot (#865)
Change Details
Bumps MU_BASECORE from `2023110001.0.2` to `2023110001.1.0`
Introduces 5 new commits in MU_BASECORE.
Commits
Signed-off-by: Project Mu Bot mubot@microsoft.com
-
[Rebase \&\& FF] Bump MU\_BASECORE from 2023110001.0.1 to 2023110001.0.2 @ProjectMuBot (#858)
Change Details
Bumps MU_BASECORE from `2023110001.0.1` to `2023110001.0.2`
Introduces 1 new commits in MU_BASECORE.
Signed-off-by: Project Mu Bot mubot@microsoft.com
-
Bump Common/MU\_TIANO from 2023110000.0.2 to 2023110000.0.3 @ProjectMuBot (#862)
Change Details
Bumps Common/MU_TIANO from `2023...
v5.1.0
What's Changed
-
Add qemu binary release workflow: @Javagedes (#852)
Change Details
## Description
Add a new workflow that will build and prepare qemu binaries for both Windows and Linux. This workflow has three triggers:
-
A pull request to the main branch, which will only trigger when either the workflow itself, or the qemu version file is updated. This workflow will upload the binaries as an artifact to the workflow.
-
A release, which will upload the binaries as an artifact to the associated release
-
A manual trigger, which allows for testing the workflow on a custom branch. This will upload the binaries as an artifact to the workflow.
- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
A release was performed using this github action on a personal branch (v0.1.9), and was used as an external dependency on a mu_tiano_platforms Draft PR, which is passing, and will be merged once this PR has been merged and a release has been executed.
Integration Instructions
N/A
</blockquote> <hr> </details>
-
-
Install the Hash 2 Service Binding Protocol @makubacki (#857)
Change Details
## Description
Links the non-NULL instance of DxeHash2CryptoLib to QemuQ35Pkg and
QemuSbsaPkg so the Hash 2 Service Binding protocol is installed.This can be used as a dynamic hashing interface by other modules.
- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
Verified Hash 2 Service Binding protocol is installed by MuCryptoDxe.
Integration Instructions
N/A
- Impacts functionality?
🚀 Features & ✨ Enhancements
-
Add RT DXE Shared Crypto @makubacki (#855)
Change Details
## Description
- Updates QemuQ35Pkg to use the RT DXE shared crypto driver and use
the RuntimeDxeCryptLib instance for RT DXE drivers. - Removes a binary VariableRuntimeDxe EFI image checked in (with
crypto statically linked) that was an intermediate solution while
RT DXE shared crypto was developed. - Updates paths that refer to shared crypto use the build variable
SHARED_CRYPTO_PATH
that is set by the ext dep. This allows the
path to resolve to the ext dep regardless of where it is placed
in the code tree. - 960ebde updated QemuQ35Pkg to resolve DSC parser warnings for a
suspicious expression comparison warning. This change also fixes
the warning for QemuSbsaPkg.
Updates some Mu submodules to their latest releases. The MU_BASECORE
update is required for these changes.- MU_BASECORE: v2023110001.0.1 (76b62eb)
- CryptoPkg/RuntimeDxeCryptLib: Make globals static
- BaseTools/GenFds: Resolve absolute workspace INF paths
- MU_BASECORE: v2023110001.0.0 (0dd0d48)
- CryptoPkg/Driver: Remove directory
- .pytool/Plugin/DscCompleteCheck: Allow git ignore syntax
- pip: update edk2-pytool-library requirement from ~=0.21.2 to ~=0.21.3
- CryptoPkg: Add RT DXE shared crypto library instance
- Remove static initialization of gMmst for MM Core Lib
- Repo File Sync: Improve inline documentation in CodeQL workflow
- pip: update edk2-pytool-library requirement from ~=0.20.0 to ~=0.21.2
- Repo File Sync: synced file(s) with microsoft/mu_devops
- Common/MU: v2023110000.0.1 (c3b9b01)
- pip: bump edk2-pytool-library from 0.21.2 to 0.21.3
- remove edk2-basetools
- Remove AdvancedLogger MmCoreArm dependence on global variables.
- Switch MmCoreArm advanced logger to use updated MMU functions
- Repo File Sync: Improve inline documentation in CodeQL workflow
- pip: bump edk2-pytool-library from 0.20.0 to 0.21.2
- Repo File Sync: synced file(s) with microsoft/mu_devops
- Common/MU_TIANO: v2023110000.0.2 (f7e2628)
- pip: bump edk2-pytool-library from 0.21.2 to 0.21.3
- remove edk2-basetools
- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
- QemuQ35Pkg SMM and SMM_DISABLED build and boot to EFI shell and Windows OS
- QemuSbsaPkg boot to EFI shell
Integration Instructions
N/A - Affects crypto used in this repo.
- Updates QemuQ35Pkg to use the RT DXE shared crypto driver and use
🔐 Security Impacting
-
Add RT DXE Shared Crypto @makubacki (#855)
Change Details
## Description
- Updates QemuQ35Pkg to use the RT DXE shared crypto driver and use
the RuntimeDxeCryptLib instance for RT DXE drivers. - Removes a binary VariableRuntimeDxe EFI image checked in (with
crypto statically linked) that was an intermediate solution while
RT DXE shared crypto was developed. - Updates paths that refer to shared crypto use the build variable
SHARED_CRYPTO_PATH
that is set by the ext dep. This allows the
path to resolve to the ext dep regardless of where it is placed
in the code tree. - 960ebde updated QemuQ35Pkg to resolve DSC parser warnings for a
suspicious expression comparison warning. This change also fixes
the warning for QemuSbsaPkg.
Updates some Mu submodules to their latest releases. The MU_BASECORE
update is required for these changes.- MU_BASECORE: v2023110001.0.1 (76b62eb)
- CryptoPkg/RuntimeDxeCryptLib: Make globals static
- BaseTools/GenFds: Resolve absolute workspace INF paths
- **...
- Updates QemuQ35Pkg to use the RT DXE shared crypto driver and use
v5.0.0
What's Changed
📢 This release moves to Mu 202311 branches.
-
QemuQ35Pkg: Define SMM\_CRYPTO\_ARCH @Javagedes (#840)
Change Details
## Description
defines SMM_CRYPTO_ARCH in QemuQ35Pkg.dsc to resolve parser warnings regarding suspicious expressions that occur because $(SMM_CRYPTO_ARCH) is not replaced with a value (because a value is not defined).
Prints multiple of the following parser warning:
INFO - Parser... INFO - c:\src\mu_tiano_platforms\MU_BASECORE\CryptoPkg\Driver\Bin\Crypto.pcd.TINY_SHA.inc.dsc(112): warning: Suspicious expression: == Comparison between Operand of string type and Boolean/Number Type always return False. INFO - !if $(SMM_CRYPTO_ARCH) == X64
- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
Built with and without SMM_CRYPTO_ARCH being defined, and verified the parser warning was removed when it was defined.
Integration Instructions
N/A
- Impacts functionality?
-
Update pytool dependency @Javagedes (#827)
Change Details
## Description
Updates edk2-pytool-extensions to v0.27.0 and edk2-pytool-library to v0.20.0, which moves Edk2DB away from using sqlite3 directly, instead using a ORM to manage the database schema and querying functionlity. Applies the necessary changes to convert Edk2DB querying from raw SQL queries to sqlalchemy (ORM) queries.
- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
PlatformTest for QemuQ35Pkg and QemuSbsaPkg continues to work, and produces the same information.
Integration Instructions
N/A
- Impacts functionality?
-
Refresh Paging Audit Test App CI Exemption @TaylorBeebe (#821)
Change Details
## Description
The DXE paging audit test app was updated to check for Enhanced Memory Protection compliance. Project Mu is currently being updated to pass to the currently failing checks. This PR updates the exemption date for SBSA and Q35 so test failures don't block CI gates.
- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
Tested in pipelines
Integration Instructions
N/A
- Impacts functionality?
-
.git-blame-ignore-revs: Ignore Line Ending and Uncrustify only commits @makubacki (#819)
Change Details
## Description
Adds commits that only applied Uncrustify formatting or converted
line endings to a .git-blame-ignore-revs file so they are ignored
by git blame. This is supported by GitHub:
https://github.blog/changelog/2022-03-24-ignore-commits-in-the-blame-view-beta/This helps clean up git blame by filtering out these changes.
Note: This file needs to be updated on rebase branches. Processes
like filter-branch can automatically update relevant SHAs.
Commits cover
OvmfPkg
. Although the package no longer exists, it is still in
the history of many files in derived packages.- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
git blame
Integration Instructions
N/A
- Impacts functionality?
⚠️ Breaking Changes
-
Integrate 202311 release branches @kuqin12 (#809)
Change Details
## Description
This change updates all submodules to point to 202311 based MU submodules.
Code change specifically applicable to QEMU Q35:
tianocore/edk2@dea6002
tianocore/edk2@24e6daa
tianocore/edk2@12d3d60Specifically, the submodules are updated to:
Submodule Version MU_BASECORE v2023110000.0.1 MU_PLUS v2023110000.0.0 MU_OEM_SAMPLE v2023110000.0.0 MU_TIANO_PLUS v2023110000.0.0 MM_SUPV v9.0.0 MU_SILICON_ARM v2023110000.0.0 - Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change...
- Impacts functionality?