v8.0.1
What's Changed
-
Update paging to 1.0.2 @joschock (#262)
Change Details
## Description
Update paging crate to 1.0.2
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
Verified on AARCH64 platform with local build.
Integration Instructions
N/A
</blockquote> <hr> </details>
-
Handle device path for DB\_END cases @berlin-with0ut-return (#244)
Change Details
## Description In the case of a driver-binding-related performance end measurement, we want the device path in addition to the module name. This handles that case.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
I generated an FPDT from this PR and it generates a module name and device path string as follows:
Integration Instructions
N/A
-
Update cspell config @makubacki (#261)
Change Details
## Description
A lot of words we're using are in some other language dictionaries, especially the
cppdictionary, so use those to reduce false positives. The words that we added to thewordslist already in those dictionaries are removed from ourwordslist to simplify the file and reduce maintenance.In some rare cases, hexadecimal digits are being interpreted as words so exclude those in
ignoreRegExpList.- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
- Run cspell locally and in CI
Integration Instructions
- N/A
-
Fix DXE Core Loaded Image Protocol @os-d (#260)
Change Details
## Description
DXE Core's loaded image protocol today is constructed using PrivateImageData::new(). However, this function expects that we are about to load this image, so it allocates an image buffer for the image to be loaded into and sets some fields with these assumptions.
DXE Core is unique in creating a loaded image protocol as it is already loaded, so PrivateImageData::new() allocates a large chunk of wasted memory for a buffer that never gets used and incorrectly lists where DXE core is located.
This also creates a problem in PrmLoaderDxe when it searches through loaded image protocols looking for PRM modules and crashes trying to read the invalid DXE core base address in the loaded image protocol.
With this change, that crash is fixed and the wasted memory is not allocated.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
Discovered during self map changes. Tested on Q35 and observed this fixing the aforementioned crash in PrmLoaderDxe.
Integration Instructions
N/A.
</blockquote> <hr> </details>
-
Only notify BeforeExitBootServices once and don't lock memory until after @cfernald (#258)
Change Details
## Description
The recent Advanced Logger fix exposed another issue. During the BeforeExitBootServices callback, the C based Advanced Logger File Logger will flush the logs a final time during this callback. Because of the existing early GCD lock this causes an assertion failure. However, there is not strong alternative for such a scenario so this change will only lock the GCD after calling BeforeExitBootServices.
Additionaly this change makes BeforeExitBootServices only be invoked once which is the behavior specified in the UEFI Specification. This provides the additional benefit of prevent events that do not register themselves from hitting the assert on a subsequent call from BeforeExitBootServices.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
Tested boot to Windows on Q35
Integration Instructions
N/A
</blockquote> <hr> </details>
-
Poll debugger for interrupt during timer tick @cfernald (#257)
Change Details
## Description
Add a call to poll the debugger on timer ticks. This allows for the debugger to break in on a running system. requires OpenDevicePartnership/uefi-core#73.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
Tested on Q35.
Integration Instructions
N/A
</blockquote> <hr> </details>
-
Create integration test for advanced logger @cfernald (#255)
Change Details
## Description
Creates a simple integration test for advanced logger to check that messages logged through the log crate and the protocol both end up in the memory log.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
Tested on Q35.
Integration Instructions
N/A
</blockquote> <hr> </details>
-
ReleaseWorkflow.yml: --no-tag flag on dry-run @Javagedes (#256)
Change Details
## Description
Add the --no-tag flag on the dry run of publishing, similar to the regular release attempt.
Not having this flag will cause the dry-run step to fail if the tag already exists.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
N/A
Integration Instructions
N/A
</blockquote> <hr> </details>
-
spin\_locked\_gcd: Move paging allocator init outside GcdMemLock @makubacki (#248)
Change Details
## Description
Intel physical platforms currently fail during the
Vec::with_capacity()call inPagingAllocator::new():INFO - Initializing paging for the GCD ERROR - panicked at C:\src\uefi-dxe-core\dxe_core\src\tpl_lock.rs:76:43: Re-entrant locks for "GcdMemLock" not permitted.The lock is reacquired on entry to
allocate_memory_space().This sets up the vector outside the second GCD lock so the vector is already set up with capacity for the
page_poolvector before initializing the GCD.- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
- Build and tests
- Boot on QEMU Q35
- Boot on Intel physical platform
Integration Instructions
- N/A
-
Update GCD Init - Set system memory regions to RP, and correctly handle PHIT free-memory region. @joschock (#247)
Change Details
## Description
This change updates the initialization of the GCD to set System Memory regions to RP by default (to ensure that all "free" memory is consistently RP) and resolves some inconsistencies with the treatment of the special "Free Memory" range that is reported by the PHIT hob for initial GCD construction.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
Boots AARCH64 platform with paging enabled. Previously these inconsistencies in the memory map were causing errors that prevented boot.
Integration Instructions
N/A
</blockquote> <hr> </details>
-
Add basic instrumentation and fix minor bugs in perf code @berlin-with0ut-return (#236)
Change Details
## Description - Adds instrumentation to measure new performance types - Fix memory layout issues by adding #repr(C) to FPDT records - Fix string issues with new FFI string conversion implementation
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
I generated a FPDT using this code and it gives expected results with a few caveats (also mentioned in the TODOs). Note that these results were generated with a previous build of uefi-dxe-core, before the perf changes.
Caveats:get_module_infostill needs to be debugged and fully implemented, so many of the entries have a 0 guid/no module name as of nowinit_dispatchershould be instrumented, but doesn't work with the currentBOOT_SERVICESinitialization order- we may need to instrument other repos like
uefi_sdk. further discussion on what data we actually want is probably warranted. - we need to take cross-module measurements from the C code to the Rust code (PEI->DXE and DXE->BDS)
- I have put all perf measurements behind a guard. This is to avoid any errors caused by
init_performance_libcurrently being commented out (all instrumentation will panic if boot services for perf is not initialized).
Integration Instructions
N/A.
</blockquote> <hr> </details>
-
chore: Release @Javagedes (#242)
Change Details
## Description
<Include a description of the change and why this change was made.>
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
<Describe the test(s) that were run to verify the changes.>
Integration Instructions
<Describe how these changes should be integrated. Use N/A if nothing is required.>
</blockquote> <hr> </details>
🐛 Bug Fixes
-
Fix advanced logger messages being optimized out @cfernald (#249)
Change Details
## Description
Because advanced logger entries were made without volatile access and a reference was returned, the compiler decided that it could optimize out the memory accesses. As a result, all the advanced logger entries after the rust core were empty, despite the header being updated.
Additionally, this fixes a structure issue and adds a static for debug purposes.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
Tested on Q35 & unit tests
Integration Instructions
N/A
</blockquote> <hr> </details>
-
Fix an issue where device path handle wasn't set for images not loaded from an FV. @joschock (#246)
Change Details
## Description
Images loaded from a file system (such as an OS loader application) did not have a correct device_handle in the loaded_image structure if a source buffer was provided to core_load_image (i.e. they are loaded from memory but have a non-memory file_path device path input). This was working prior to the changes from #240 because the simple implementation prior to that was always furnishing some device_handle.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
Verified that images loaded from disk with a source buffer now have a device_handle in the loaded_image.
Integration Instructions
N/A
</blockquote> <hr> </details>
-
Fix perf macros @berlin-with0ut-return (#243)
Change Details
## Description Because of the way macros are expanded, the previous way of using cfg! was incorrect. This PR fixes that bug.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
Enabling perf works correctly now.
Integration Instructions
N/A
🔐 Security Impacting
-
Align EFI\_MEMORY\_ATTRIBUTES\_PROTOCOL to UEFI Spec @os-d (#259)
Change Details
## Description
The memory attributes protocol implementation in uefi-dxe-core was taking some liberties with its implementation w.r.t. the UEFI spec, namely it was returning some error codes not supported by the spec and more importantly, it had a bug in that it relied on lower layers of code to split the request per GCD descriptor, but the protocol code took attributes from the first descriptor of the range and attempted to apply that to the entire range (as these APIs are different than the GCD APIs that are used under the hood and so need some massaging).
This commit rectifies the bug and aligns the protocol API to the spec.
This fixes a bug seen when bootmgr attempts to unload winload while attempting automatic recovery, leading to a crash due to inconsistent GCD attributes across a range described by one GCD descriptor.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
Tested during self map changes and discovered this bug. Windows boots successfully through recovery flow with this change.
Integration Instructions
N/A.
</blockquote> <hr> </details>
Full Changelog: v8.0.0...v8.0.1
