Releases: microsoft/mu_feature_mm_supv
v11.0.0
What's Changed
⚠️ Breaking Changes
-
Integrate image record changes from MU\_BASECORE @kuqin12 (#279)
Change Details
# Preface
Please ensure you have read the contribution docs prior
to submitting the pull request. In particular,
pull request guidelines.Description
This change integrates 4 commits from MU_BASECORE to use the common library implementation for image record creation and resolve the corresponding override validation failures.
For each item, place an "x" in between
[and]if true. Example:[x].
(you can also check items in the GitHub UI)- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
This change was tested on QEMU Q35 and booted to UEFI shell.
Integration Instructions
Platform needs to include
ImagePropertiesRecordLibin their platform dsc file to pick up this change.</blockquote> <hr> </details> - Impacts functionality?
Full Changelog: v10.0.0...v11.0.0
Contributors
Assets 2
v10.0.0
What's Changed
⚠️ Breaking Changes
-
BaseLib override update @kuqin12 (#265)
Change Details
# Preface
Please ensure you have read the contribution docs prior
to submitting the pull request. In particular,
pull request guidelines.Description
The BaseLib is updated with new support of CRC16-CCITT-FALSE implementation. This change added the change and updated the override hash.
For each item, place an "x" in between
[and]if true. Example:[x].
(you can also check items in the GitHub UI)- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
This change is tested on QEMU Q35 and booted to UEFI shell.
Integration Instructions
N/A
</blockquote> <hr> </details> - Impacts functionality?
Full Changelog: v9.0.1...v10.0.0
Contributors
Assets 2
v9.0.1
What's Changed
-
Fix exception handling errors for supervisor @kuqin12 (#261)
Change Details
# Preface
Please ensure you have read the contribution docs prior
to submitting the pull request. In particular,
pull request guidelines.Description
The current exception handling routine has 2 issues:
- When it comes to page fault, the miscellaneous exception handler will print the exception context and then hand off to the specific page fault handler, which will make the log appear as the system double fault.
- When the page fault exception occurs, the existing setup will switch the system to use a separate stack, which is hardcoded to be 4KB from the top of supervisor stack. This size is insufficient after switching to PageTableLib based page table attribute manipulations.
This change should fix both issues.
For each item, place an "x" in between
[and]if true. Example:[x].
(you can also check items in the GitHub UI)- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
This change is tested on QEMU Q35 and verified bootable into UEFI shell.
Integration Instructions
N/A
</blockquote> <hr> </details>
-
Add SmmCpuSyncLib to the mm supervisor core @kenlautner (#257)
Change Details
## Description
Integrated the following commits from MU_BASECORE into the supervisor core (which themselves were taken from edk2):
microsoft/mu_basecore@fba09d0
microsoft/mu_basecore@f5417b8
microsoft/mu_basecore@d421e2b
microsoft/mu_basecore@bb71205Additionally updated the override of UefiCpuPkg in the supervisor cores inf.
- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
Tested on physical platforms with the latest MU 202311 branches. No issues observed.
Integration Instructions
N/A
- Impacts functionality?
-
Remove basetools dependencies @kuqin12 (#251)
Change Details
# Preface
Please ensure you have read the contribution docs prior
to submitting the pull request. In particular,
pull request guidelines.Description
It does not seem that the edk2-basetools are not being used. This change will remove it.
For each item, place an "x" in between
[and]if true. Example:[x].
(you can also check items in the GitHub UI)- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
Pipeline change, no firmware function changes.
Integration Instructions
N/A.
</blockquote> <hr> </details> - Impacts functionality?
-
Add StackCheckLib Instances to Platform DSC Files @TaylorBeebe (#237)
Change Details
## Description
An instance of StackCheckLib must be in each DSC to accommodate -fstack-protector and /GS flags.
- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
Tested in pipelines
Integration Instructions
N/A
</blockquote> <hr> </details> - Impacts functionality?
Full Changelog: v9.0.0...v9.0.1
Contributors
Assets 2
v9.0.0
What's Changed
-
Bump version value to v9 to match the release version @kuqin12 (#224)
Change Details
## Description
This change updated the release version to v9 to reflect the new value from release template.
- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
N/A
Integration Instructions
N/A
- Impacts functionality?
⚠️ Breaking Changes
-
[Rebase \& FF] Integrate 202311 Overrides @kuqin12 (#209)
Change Details
## Description
This change integrates the edk2 upstream changes into applicable overridden modules.
Specifically, this change integrates the following commits:
- tianocore/edk2@f1d31a6
- tianocore/edk2@b17a3a1
- tianocore/edk2@321240b
- tianocore/edk2@68e37f4
- tianocore/edk2@7b82da7
- tianocore/edk2@e4ff852
- tianocore/edk2@0c136bb
- tianocore/edk2@8c99839
- tianocore/edk2@85c6c14
- tianocore/edk2@ec07fd0
- tianocore/edk2@2e71876
- tianocore/edk2@4f441d0
- tianocore/edk2@5405176
- tianocore/edk2@0da3df7
- tianocore/edk2@ad6c854
- tianocore/edk2@a87f5fd
- tianocore/edk2@2d21208
- tianocore/edk2@6585ced
- tianocore/edk2@f519672
- tianocore/edk2@7b6e7d0
- tianocore/edk2@d706d9c
- tianocore/edk2@701b579
- tianocore/edk2@b4dde1a
- tianocore/edk2@7132df9
- tianocore/edk2@4ceefd6
- tianocore/edk2@f5c987f
- tianocore/edk2@fbb6f18
- tianocore/edk2@589f2e4
The following commits are determined not relevant to this package:
- tianocore/edk2@550f196
- tianocore/edk2@5bd2e5d
- tianocore/edk2@e504b39
- tianocore/edk2@c4c7fb2
- tianocore/edk2@eb20c21
- tianocore/edk2@ded0b48
- tianocore/edk2@7178047
- tianocore/edk2@6ceaef4
- tianocore/edk2@b294633
- tianocore/edk2@6ceaef4
- tianocore/edk2@56f65e4
- tianocore/edk2@cb4820b
- tianocore/edk2@c204081
- tianocore/edk2@a1386bb
- tianocore/edk2@089013a
- tianocore/edk2@5bb7bfb
- tianocore/edk2@9f12d6b
- tianocore/edk2@ef64ae0
- tianocore/edk2@b4394cc
- tianocore/edk2@1fadd18
- tianocore/edk2@cf82c09
- tianocore/edk2@2ce5ae4
- tianocore/edk2@ea628f2
- tianocore/edk2@cbf0e4f
- tianocore/edk2@80bbea1
- tianocore/edk2@ae79efb
- tianocore/edk2@2b27053
- tianocore/edk2@1a66bd5
- tianocore/edk2@1497c4b
- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
This change is tested on QEMU Q35 and SBSA virtual platform and booted to UEFI shell as well as host OS. This change is also verified bootable on proprietary hardware platform.
Integration Instructions
An update of 202311 based mu submodules are required to consume this change.
🐛 Bug Fixes
-
CVE-2022-36765 - StandaloneMmHobLibSysCall: Prevent integer overflow in CreateHob() [Rebase \& FF] @makubacki (#222)
Change Details
## Description
Contains the primary commit for the HOB calculation overflow and
a separate commit to build with the tip of mu_basecore release/202302.
CVE-2022-36765 - StandaloneMmHobLibSysCall: Prevent integer overflow in CreateHob()
Based on commit
9a75b030cf27d2530444e9a2f9f11867f79bf679in edk2.Fix integer overflow in various CreateHob instances.
Fixes: CVE-2022-36765The CreateHob() function aligns the requested size to 8
performing the following operation:HobLength = (UINT16)((HobLength + 0x7) & (~0x7));No checks are performed to ensure this value doesn't
overflow, and could lead to CreateHob() returning a smaller
HOB than requested, which could lead to OOB HOB accesses.
MmSupervisorPkg/BaseLibSysCall/BaseLib: Update override
The change that occurred in MdePkg/Library/BaseLib only affected
AARCH64 which does not exist in the instance in MmSupervisorPkg.So, this change simply updates the override hash...
Contributors
Assets 2
v8.1.8
What's Changed
-
MmSupervisorPkg/Core: Remove optimization for depex evaluation @makubacki (#220)
Change Details
## Description
- Derived from edk2 commit: 2ddae5df31789853040f4c5261bb85e2f010c4a7
- Override hash updated to reflect change in mu_basecore
The current dependency evaluator violates the memory access permission
when patching depex grammar directly in the read-only depex memory area.Laszlo pointed out the optimization issue in the thread (1) "Memory
Attribute for depex section" and provided suggested patch to remove the
perf optimization.In my testing, removing the optimization does not make significant perf
reduction. That makes sense that StandaloneMM dispatcher only searches
in MM protocol database and does not depend on UEFI/DXE protocol
database. Also, we don't have many protocols in StandaloneMM like
UEFI/DXE.From Laszlo,
"The patch removes the EFI_DEP_REPLACE_TRUE handling altogether, plus it
CONST-ifies the Iterator pointer (which points into the DEPEX section),
so that the compiler catch any possible accesses at build time that
would write to the write-protected DEPEX memory area."(1) https://edk2.groups.io/g/devel/message/113531
Signed-off-by: Nhi Pham nhi@os.amperecomputing.com
Tested-by: levi.yun yeoreum.yun@arm.com
Reviewed-by: levi.yun yeoreum.yun@arm.com
Reviewed-by: Ray Ni ray.ni@intel.com(cherry picked from commit 2ddae5df31789853040f4c5261bb85e2f010c4a7)
- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
- CI and
StandaloneMmPkgboot with change present.
Integration Instructions
N/A
-
Update pip-requirements.txt @Javagedes (#218)
Change Details
## Description
Updates edk2-pytool-extensions and edk2-pytool-library to work with the latest commit of MU_BASECORE
For each item, place an "x" in between
[and]if true. Example:[x].
(you can also check items in the GitHub UI)- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
N/A
Integration Instructions
N/A
- Impacts functionality?
-
.git-blame-ignore-revs: Ignore Line Ending only commits @makubacki (#212)
Change Details
## Description
Adds commits that only converted line endings to a
.git-blame-ignore-revs file so they are ignored by git blame. This is
supported by GitHub:
https://github.blog/changelog/2022-03-24-ignore-commits-in-the-blame-view-beta/This helps clean up git blame by filtering out these changes.
Note: This file needs to be updated on rebase branches. Processes
like filter-branch can automatically update relevant SHAs.- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
git blame
Integration Instructions
N/A
- Impacts functionality?
🐛 Bug Fixes
-
MmIplPei: Add missing libs to INF @makubacki (#210)
Change Details
## Description
These libraries need to be linked against MmIplPei. Since they are
missing, linker failures can result depending on platform integration
of library instances against the module.- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
CI build.
Integration Instructions
N/A
- Impacts functionality?
Full Changelog: v8.1.7...v8.1.8
Contributors
Assets 2
v8.1.7
What's Changed
🔐 Security Impacting
-
Use New Stack Cookie Library @TaylorBeebe (#195)
Change Details
## Description
This series transitions the core to use the new stack cookie libraries.
The stack cookie value no longer needs to be initialized before
image execution and can instead be initialized in the library
constructor.- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
Tested on Q35
Integration Instructions
N/A
- Impacts functionality?
Full Changelog: v8.1.6...v8.1.7
Contributors
Assets 2
v8.1.6
What's Changed
🐛 Bug Fixes
-
MmSupervisorPkg/Core: Remove redundant null check (CodeQL) @makubacki (#183)
Change Details
## Description
Fixes #182
The main change is to remove a NULL check for the CommBufferSize
parameter value in the MM_SUPERVISOR_REQUEST_FETCH_POLICY switch
case since it triggers a CodeQL alert as a redundant NULL check
operation. The actual parameter value is checked for NULL at the
beginning of the function and not modified until that line of code.However, the function API and implementation is confusing so that's
cleaned up as well.- The Context parameter is not used at all. Since it is marked
optional, it is left so the function prototype can remain
consistent in case the parameter is needed in the future. - The CommBuffer and CommBufferSize parameters are also marked
optional, but they're not. The function immediately returns
EFI_INVALID_PARAMETER if they are not provided (null).
For (2), the optional modifier is simply removed from the arguments
to indicate the function expects valid pointers are passed.- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
- MmSupervisorPkg build and CI checks
Integration Instructions
N/A
- The Context parameter is not used at all. Since it is marked
Full Changelog: v8.1.5...v8.1.6
Contributors
Assets 2
v8.1.5
What's Changed
-
MmSupervisorPkg: Integrate UefiCpuLib breaking change @makubacki (#164)
Change Details
## Description
Updates the repo for a change that merged UefiCpuLib with CpuLib.
UefiCpuLib will be removed entirely soon so all references are updated to CpuLib.
- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
- MmSupervisorPkg CI build
- Feature integration build (in QemuQ35Pkg)
Integration Instructions
N/A
- Impacts functionality?
Full Changelog: v8.1.4...v8.1.5
Contributors
Assets 2
v8.1.4
What's Changed
-
MmSupervisorPkg.dec: Use 16 pages for user mode comm buffer by default @makubacki (#157)
Change Details
## Description
PcdUserCommBufferPagesis currently set to4. This buffer is
used for UEFI variable transactions where includes larger data like Intel
memory training and Secure Boot related UEFI variables.16 pages provides 64KB by default which allows these common scenarios
to succeed in most cases without platform intervention.- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
Verified on Qemu Q35 and a physical Intel platform.
Integration Instructions
If the default value was previously unmodified on a platform, expect that the
user mode communicate buffer will now be 48KB larger. If that's an issue, set
gMmSupervisorPkgTokenSpaceGuid.PcdUserCommBufferPagesto4in the platform
DSC file to restore previous behavior.
- Impacts functionality?
Full Changelog: v8.1.3...v8.1.4
Contributors
Assets 2
v8.1.3
What's Changed
-
Adding extra step of ownership inspcetion for buffer validity check @kuqin12 (#156)
Change Details
## Description
Current implementation of
MmIsBufferOutsideMmValidfor the user instance will only check to see if the requested space is unblocked from the perspective of MM supervisor, which could result in the issue that the region is only unblocked at the supervisor level is still not accessible from user space. If this is the case,FALSEshould be returned.- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
This change is tested on Q35 platform and booted to UEFI shell.
Integration Instructions
N/A
</blockquote> <hr> </details> - Impacts functionality?
Full Changelog: v8.1.2...v8.1.3