Skip to content

v0.1.0

Choose a tag to compare

View all tags
@github-actions github-actions released this 17 Sep 19:58
· 60 commits to refs/heads/main since this release
v0.1.0
33e335e
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

What's Changed

  • Build rust secure partitions when releases are made @kuqin12 (#46)
    Change Details
      ## Description

    This change brings the pipeline building of rust secure partitions to be tied to releases of this repo.

    Instead of relying on the secure partitions to be built as part of the build process of platform, this change took the approach of releasing binary files to be consumed by platforms.

    For details on how to complete these options and their meaning refer to CONTRIBUTING.md.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    This was tested on pipeline build and ensure the binaries are properly generated.

    Integration Instructions

    One should ingest the artifacts associated with a particular release if the secure partition is to be integrated in the platform level.

      </blockquote>
  <hr>
</details>
  • FfaFeaturePkg/SecurePartitionEntryPoint: Add gHobList @makubacki (#45)
    Change Details
      ## Description

    The MsSecurePartition.inf module is of type MM_CORE_STANDALONE.

    Although it does not directly depend on HobLib, libraries attached
    to it could. The MM_CORE_STANDALONE instance of HobLib in
    StandaloneMmPkg depends on the symbol gHobList to be defined in
    the core. Add this symbol to SecurePartitionEntryPoint which is
    equivalent to where the symbol is defined for the Arm Standalone
    MM Core:

    ArmPkg/Library/ArmStandaloneMmCoreEntryPoint

    This change adds that symbol so HOB the library instance can
    successfully be linked.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    • FfaFeaturePkg build
    • Integration of MsSecurePartition into a platform

    Integration Instructions

    • The platform should ensure a MM_CORE_STANDALONE instance of HobLib is defined in the platform DSC.

  • LICENSE.txt: Delete file (keep License.txt) @makubacki (#37)
    Change Details
      ## Description

    Right now, duplicate copies of the file exist with different case as the file was originally named LICENSE.txt in the repo but is being synced as License.txt.

    image
    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    N/A

    Integration Instructions

    N/A



  • Fixing FFA notification unit test @kuqin12 (#33)
    Change Details
      ## Description

    The current test application does not really check whether the notification set command is issued from test services.

    This change adds a global boolean variable to be cleared from the interrupt handler.

    For details on how to complete these options and their meaning refer to CONTRIBUTING.md.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    The test still passes after the change.

    Integration Instructions

    N/A

      </blockquote>
  <hr>
</details>
  • Update FFA test application to work with UnitTestLib @kuqin12 (#27)
    Change Details
      ## Description

    This change updated the test app to work with standard UEFI unit test framework and will produce properly parsable test results for pipeline to report.

    For details on how to complete these options and their meaning refer to CONTRIBUTING.md.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    This change is tested by running the test application on QEMU SBSA platform and passed in UEFI shell environment.

    Integration Instructions

    N/A

      </blockquote>
  <hr>
</details>
  • Update GUID to UUID function to match ArmFfaLib @kuqin12 (#19)
    Change Details
      ## Description

    This change is created to match the UUID to GUID function.

    For details on how to complete these options and their meaning refer to CONTRIBUTING.md.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    This was tested on QEMU SBSA platform and verified with TPM service functional.

    Integration Instructions

    N/A

      </blockquote>
  <hr>
</details>
  • Properly enable repo pipeline @kuqin12 (#18)
    Change Details
      ## Description

    The pipeline in this repo was not properly enabled. This change is the first change after enablement to ensure the incoming changes can pass pipeline as expected.

    For details on how to complete these options and their meaning refer to CONTRIBUTING.md.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    Pipeline job passed.

    Integration Instructions

    N/A

      </blockquote>
  <hr>
</details>
  • [FF-A][TPM] TPM Service Updates for Open/Close Locality + More @Raymond-MS (#14)
    Change Details
      # Preface

    Please ensure you have read the contribution docs prior
    to submitting the pull request. In particular,
    pull request guidelines.

    Description

    Updated the TPM service to include support for Open/Close locality states. TPM service now properly defaults the internal CRB command/response address and size registers. Cleaned up the translation library to no longer set the external CRB command/response address and size registers. Removed the response header code as it is not necessary, we can copy the entire CRB region for both command and response. Added tests to the FfaPartitionTestApp to test open/close locality. Fixed a bug where the error code wouldn't be returned if an invalid locality was passed in.

    For each item, place an "x" in between [ and ] if true. Example: [x].
    (you can also check items in the GitHub UI)

    • Impacts functionality?
      • Functionality - Does the change ultimately impact how firmware functions?
      • Examples: Add a new library, publish a new PPI, update an algorithm, ...
    • Impacts security?
      • Security - Does the change have a direct security impact on an application,
        flow, or firmware?
      • Examples: Crypto algorithm change, buffer overflow fix, parameter
        validation improvement, ...
    • Breaking change?
      • Breaking change - Will anyone consuming this change experience a break
        in build or boot behavior?
      • Examples: Add a new library class, move a module to a different repo, call
        a function in a new library class in a pre-existing module, ...
    • Includes tests?
      • Tests - Does the change include any explicit test code?
      • Examples: Unit tests, integration tests, robot tests, ...
    • Includes documentation?
      • Documentation - Does the change contain explicit documentation additions
        outside direct code modifications (and comments)?
      • Examples: Update readme file, add feature readme file, link to documentation
        on an a separate Web page, ...

    How This Was Tested

    Verified changes using the FfaPartitionTestApp with TPM enabled in QEMU SBSA.

    Integration Instructions

    N/A

      </blockquote>
  <hr>
</details>
  • [FF-A] TPM Service DRTM Updates @Raymond-MS (#11)
    Change Details
      # Preface

    Please ensure you have read the contribution docs prior
    to submitting the pull request. In particular,
    pull request guidelines.

    Description

    Added Relinquish support to the TPM service. Added TPM state information for Open/Closed localities.

    For each item, place an "x" in between [ and ] if true. Example: [x].
    (you can also check items in the GitHub UI)

    • Impacts functionality?
      • Functionality - Does the change ultimately impact how firmware functions?
      • Examples: Add a new library, publish a new PPI, update an algorithm, ...
    • Impacts security?
      • Security - Does the change have a direct security impact on an application,
        flow, or firmware?
      • Examples: Crypto algorithm change, buffer overflow fix, parameter
        validation improvement, ...
    • Breaking change?
      • Breaking change - Will anyone consuming this change experience a break
        in build or boot behavior?
      • Examples: Add a new library class, move a module to a different repo, call
        a function in a new library class in a pre-existing module, ...
    • Includes tests?
      • Tests - Does the change include any explicit test code?
      • Examples: Unit tests, integration tests, robot tests, ...
    • Includes documentation?
      • Documentation - Does the change contain explicit documentation additions
        outside direct code modifications (and comments)?
      • Examples: Update readme file, add feature readme file, link to documentation
        on an a separate Web page, ...

    How This Was Tested

    Verified TPM works through the FfaPartitionTestApp and enabling TPM support in the QEMU SBSA build.

    Integration Instructions

    N/A

      </blockquote>
  <hr>
</details>
  • [FF-A] Notification Service Updates @Raymond-MS (#10)
    Change Details
      # Preface

    Please ensure you have read the contribution docs prior
    to submitting the pull request. In particular,
    pull request guidelines.

    Description

    Cleanup of the Notification Service to adhere to coding standards as well as resolving a bug where duplicate IDs could be added.

    For each item, place an "x" in between [ and ] if true. Example: [x].
    (you can also check items in the GitHub UI)

    • Impacts functionality?
      • Functionality - Does the change ultimately impact how firmware functions?
      • Examples: Add a new library, publish a new PPI, update an algorithm, ...
    • Impacts security?
      • Security - Does the change have a direct security impact on an application,
        flow, or firmware?
      • Examples: Crypto algorithm change, buffer overflow fix, parameter
        validation improvement, ...
    • Breaking change?
      • Breaking change - Will anyone consuming this change experience a break
        in build or boot behavior?
      • Examples: Add a new library class, move a module to a different repo, call
        a function in a new library class in a pre-existing module, ...
    • Includes tests?
      • Tests - Does the change include any explicit test code?
      • Examples: Unit tests, integration tests, robot tests, ...
    • Includes documentation?
      • Documentation - Does the change contain explicit documentation additions
        outside direct code modifications (and comments)?
      • Examples: Update readme file, add feature readme file, link to documentation
        on an a separate Web page, ...

    How This Was Tested

    Verified using the FfaPartitionTestApp.

    Integration Instructions

    N/A

      </blockquote>
  <hr>
</details>

⚠️ Breaking Changes

  • [Rebase \& FF] Adding 2 services to Rust based secure partition using ODP framework @kuqin12 (#35)
    Change Details
      ## Description

    This change adds the foundation work for Rust based secure partition.

    It currently supports Test service and notify service from haf-ec-service crate.

    For details on how to complete these options and their meaning refer to CONTRIBUTING.md.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    This was tested with the same FFA functionality test and passed all unit tests.

    Integration Instructions

    N/A

      </blockquote>
  <hr>
</details>
  • Fixing TPM related modules @kuqin12 (#31)
    Change Details
      ## Description

    As BASECORE and SILICON ARM repo updates to follow the support from EDK2, this change is created to update the file paths to fix the pipeline builds.

    For details on how to complete these options and their meaning refer to CONTRIBUTING.md.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    This is tested on QEMU SBSA and booted to UEFI shell.

    Integration Instructions

    N/A

      </blockquote>
  <hr>
</details>
  • Change ARM libraries and header definitions to MdePkg and MdeModulePkg @kuqin12 (#30)
    Change Details
      ## Description

    This was a side effect when upstreaming some changes to EDK2.

    After microsoft/mu_basecore#1413 and microsoft/mu_silicon_arm_tiano#393, the move is needed for all consumers.

    For details on how to complete these options and their meaning refer to CONTRIBUTING.md.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    This was tested on QEMU SBSA and booted to UEFI shell.

    Integration Instructions

    Update to latest version of basecore and silicon arm tiano.

      </blockquote>
  <hr>
</details>
  • Updated FF-A notification definitions @kuqin12 (#29)
    Change Details
      ## Description

    This change updated the consumed macro definitions to match the macro names from ArmPkg.

    For details on how to complete these options and their meaning refer to CONTRIBUTING.md.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    This is tested on QEMU SBSA and booted to UEFI shell.

    Integration Instructions

    Must be integrated with the latest ArmPkg including this change: microsoft/mu_silicon_arm_tiano#392

      </blockquote>
  <hr>
</details>
  • [FF-A] Notification Service Refactor @Raymond-MS (#16)
    Change Details
      # Preface

    Please ensure you have read the contribution docs prior
    to submitting the pull request. In particular,
    pull request guidelines.

    Description

    Updated the Notification Service to match the spec provided by ARM. Fixed a few bugs that were found during the refactor. Updated the FfaPartitionTestApp to match refactor and to include more tests. Updated the FfaPartitionTestApp to use global GUIDs for services. Misc cleanup of services. Ran Uncrustify.

    For each item, place an "x" in between [ and ] if true. Example: [x].
    (you can also check items in the GitHub UI)

    • Impacts functionality?
      • Functionality - Does the change ultimately impact how firmware functions?
      • Examples: Add a new library, publish a new PPI, update an algorithm, ...
    • Impacts security?
      • Security - Does the change have a direct security impact on an application,
        flow, or firmware?
      • Examples: Crypto algorithm change, buffer overflow fix, parameter
        validation improvement, ...
    • Breaking change?
      • Breaking change - Will anyone consuming this change experience a break
        in build or boot behavior?
      • Examples: Add a new library class, move a module to a different repo, call
        a function in a new library class in a pre-existing module, ...
    • Includes tests?
      • Tests - Does the change include any explicit test code?
      • Examples: Unit tests, integration tests, robot tests, ...
    • Includes documentation?
      • Documentation - Does the change contain explicit documentation additions
        outside direct code modifications (and comments)?
      • Examples: Update readme file, add feature readme file, link to documentation
        on an a separate Web page, ...

    How This Was Tested

    Verified using the FfaPartitionTestApp w/ TPM enabled.

    Integration Instructions

    N/A

      </blockquote>
  <hr>
</details>

🐛 Bug Fixes

  • FfaPartitionTestApp: Remove unused variable [Rebase \& FF] @makubacki (#34)
    Change Details
      ## Description

    Remove unused Bitmap variable in FfaMiscRegisterNotifications() which causes a build failure with CLANGPDB.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    • Compile FfaPartitionTestApp with CLANGPDB

    Integration Instructions

    • N/A

🔐 Security Impacting

  • [Rebase \& FF] Adding 2 services to Rust based secure partition using ODP framework @kuqin12 (#35)
    Change Details
      ## Description

    This change adds the foundation work for Rust based secure partition.

    It currently supports Test service and notify service from haf-ec-service crate.

    For details on how to complete these options and their meaning refer to CONTRIBUTING.md.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    This was tested with the same FFA functionality test and passed all unit tests.

    Integration Instructions

    N/A

      </blockquote>
  <hr>
</details>

Full Changelog: ...v0.1.0

Contributors

makubacki, kuqin12, and Raymond-MS
Assets 4
Loading