Skip to content

Releases: microsoft/mu_basecore

v2025110002.0.1

08 Jun 21:49
@mu-automation mu-automation
v2025110002.0.1
b2c598f

Choose a tag to compare

View all tags
v2025110002.0.1 Latest
Latest

What's Changed

  • [CHERRY-PICK] MdeModulePkg/Library: introduce ArmFfaConsoleDebugLib @kuqin12 (#1816)
    Change Details
      ## Description

    This patch adds ArmFfaConsoleDebugLib. A debug library that utilizes FF-A Console Log API to print debug messages to the console.

    This is useful in context of running the StandaloneMm payload as a S-EL0 SP on top of SPMC where StandaloneMm isn't allowed to access console device or no console device (e.x) Hafnium.

    NOTE:
    FFA_CONSOLE_LOG* could be used by secure partition only.

    (cherry picked from commit ddc7ed1)

    For details on how to complete these options and their meaning refer to CONTRIBUTING.md.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    This was tested on QEMU AArch64 platform and verified ports are routed through Hafnium.

    Integration Instructions

    N/A

      </blockquote>
  <hr>
</details>
  • [REBASE \& FF] Cherry-Pick Recent BaseTools Changes and Untangle GenStm Interaction @os-d (#1811)
    Change Details
      ## Description

    This series of commits attempts to untangle some mu_changes in BaseTools for GenStm with the upstream in order to pull down the change to clean BaseTools before building them. This could have been deferred to the next integration, but folks have wanted the basetools clean and this work had to be done at some point; likely would have been forgotten at the next integration, so I did it now. It can certainly be deferred.

    This PR does the following:

    • Revert a commit centralizing a STATIC_ASSERT definition in BaseTools for use by GenStm - should be merged into original GenStm commit
    • Revert a commit adding CPU_INFORMATION_HEADER to GenStm - should be merged into the original GenStm commit
    • Revert the original GenStm commit - this did a partial BaseTools clean that can be removed now we are doing a full clean
    • Cherry-pick clang build support for BaseTools. This makes a cleaner diff for the next cherry-pick.
    • Cherry-pick BaseTools clean
    • Cherry-pick original GenStm commit, dropping redundant BaseTools partial clean
    • Squash the CPU_INFORMATION_HEADER and STATIC_ASSERT commits into the original GenStm commit. No reason to carry those separately and they complicate the story of maintaining an override for GenStm.

    The final situation is only Edk2ToolsBuild.py is changed.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    BaseTools build. A GenStm test would be appreciated.

    Integration Instructions

    N/A.



  • [Cherry-Pick] MdeModulePkg: StatusCodeHandler Stmm remove assert @apop5 (#1814)
    Change Details
     

    Description

    In StandaloneMM mode, IsStatusCodeUsingSerialPort is expecting to find gMmStatusCodeUseSerialHobGuid, and will assert if it is not found.

    Change the logic so that if the Guided Hob is not found, to let the function return FALSE and progress to proceed.

    (cherry picked from commit 4743d8d)

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    Assert prior to change, no assert after the change.

    Integration Instructions

    No integration necessary.



Full Changelog: v2025110002.0.0...v2025110002.0.1

Contributors

os-d, kuqin12, and apop5
Assets 4
Loading

v2025110001.0.12

02 Jun 21:20
@mu-automation mu-automation
v2025110001.0.12
d210225

Choose a tag to compare

View all tags
v2025110001.0.12

What's Changed

  • [REBASE \& FF] Add PEI Memory Bins @os-d (#1759)
    Change Details
      ## Description

    Due to the slow speed of review in edk2 and the platform need for this feature now, tianocore/edk2#12086 is being brought to Mu first.

    This also reverts a Mu change around memory bins that was rejected upstream in favor of a different approach brought in with the PEI bins.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    Physical and virtual platforms with a variety of scenarios, detailed in edk2 PR.

    Integration Instructions

    To opt into PEI memory bins a platform must, in any order:

    • Set gEfiMdeModulePkgTokenSpaceGuid.PcdPeiMemoryBinsEnable to TRUE in their DSC.
    • Produce the Memory Type Information HOB in SEC or pre-mem PEI.
    • Optionally produce the Resource Descriptor HOB owned by gEfiMemoryTypeInformationGuid in SEC or pre-mem PEI. This must
      not be produced post-mem or DXE will ignore the PEI memory bins because of conflicting Resource Descriptor HOBs.

  • [release/202511] Update BaseTools ext dep to v2025110001.0.11 @[mu-automation[bot]](https://github.com/apps/mu-automation) (#1806)
    Change Details
      This PR updates the BaseTools external dependency to version v2025110001.0.11.
  • [REBASE \& FF] Revert Mu Commits in Favor of edk2 Commits @os-d (#1810)
    Change Details
      ## Description

    This reverts the Mu version of the MmCommunicationDxe Comm Buffer Init fix and cherry-picks the edk2 version as well as cherry-picking the VA_LIST ABI change.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    N/A.

    Integration Instructions

    N/A.



  • [CHERRY-PICK] MdeModulePkg: Add platform limit for size in Resizable BAR @Gowtham-Manikandan (#1808)
    Change Details
      ## Description

    Added PcdPcieResizableBarMaxSize to avoid build issues in latest BKC integration.

    Resizable BAR driver selects max available BAR size to configure for use. It may happen that some PCIe device declare support for size that exceeds processor address width. Platform needs a way to define the max size it can accept. This change introduce PCD called PcdPcieResizableBarMaxSize. It is dynamic PCD where platform can provide its limit for BAR size. Such PCD can be also controlled with a configuration knob.

    (cherry picked from commit 24eddc6)

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    Tested by local build of OKS Platform

    Integration Instructions

    N/A



  • [CHERRY-PICK] MdePkg/BaseLib: Add AsmReadFsBase and AsmWriteFsBase for X86-64 @Gowtham-Manikandan (#1804)
    Change Details
      ## Description

    The commit that adds Asm(Read|Write)FsBase to BaseLib for x86-64.
    (cherry picked from commit e2b0e20)

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    Call AsmWriteFsBase() and use AsmReadFsBase() to check if the value is written to FSBASE.

    Integration Instructions

    N/A



Full Changelog: v2025110001.0.11...v2025110001.0.12

Contributors

os-d and Gowtham-Manikandan
Loading

v2025110002.0.0

02 Jun 21:56
@mu-automation mu-automation
v2025110002.0.0
614b366

Choose a tag to compare

View all tags
v2025110002.0.0

What's Changed

⚠️ Breaking Changes

  • [2511] MdeModulePkg/Variable: Remove Mu RT cache buffer allocation changes [Rebase \& FF] @makubacki (#1781)
    Change Details
      ## Description

    Project Mu had changes to move UEFI variable runtime cache allocation to DXE instead of PEI. The Project Mu MM model allows the runtime buffer allocations to be unblocked for MM access in DXE and allocating in DXE did not cause RT buffer fragmentation in the memory map to better accommodate hibernate resume.

    With PEI memory buckets being added in #1759 to Project Mu beginning with the 2511 branch, the upstream flow to allocate the RT cache buffer in PEI can be restored

    This PR reverts commits that added DXE runtime cache buffer allocation support individually, so it is clear exactly what is reverted and these changes can be skipped on future Mu release branches.

    1. Revert "[CHERRY-PICK] MdeModulePkg/VariableSmmRuntimeDxe: Fix EFI_UNSUPPORTED leak (#1668)"
    2. Revert "MdeModulePkg/Variable: Add PCD to control RT cache allocation (#1588)"
    3. Revert "MdeModulePkg/VariableSmmRuntimeDxe: Disable var RT cache on alloc failure"
    4. Revert "MdeModulePkg/Variable: Move RT cache buffer allocation to DXE"
    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    • Boot on QEMU Q35 and a physical Intel platform with the change (and PEI memory buckets present)
    • Compared resulting files with edk2 variable code taking into account other unrelated Mu changes

    Integration Instructions

    • gEfiMdeModulePkgTokenSpaceGuid.PcdMigrateVariableRuntimeCacheBufferAllocation is removed from MdeModulePkg.dec so delete any references in that in platform code.
    • It is recommended to ensure the PEI memory buckets PR referenced in this PR's description is included in the Mu Basecore code used by the platform so PEI memory buckets can be used to reduce runtime memory fragmentation.

Full Changelog: v2025110001.0.12...v2025110002.0.0

Contributors

makubacki
Loading

v2025110001.0.11

20 May 17:43
@mu-automation mu-automation
v2025110001.0.11
1800e61

Choose a tag to compare

View all tags
v2025110001.0.11

What's Changed

  • ArmPkg: MmCommunicationDxe: Fix Comm Buffer Init @os-d (#1803)
    Change Details
      ## Description

    Currently, MmCommunicationDxe expects the MM comm buffer to either be not added by the platform or added and allocated by the platform. However, not all platforms follow this pattern.

    This commit makes the handling more generic by checking to see if a GCD descriptor exists that covers this range. If it does, the capabilities are updated as needed. If only a partial desc exists for this range, the driver will fail as that is a platform misconfiguration.

    If the descriptor does not exist, the driver will add the buffer.

    Then, for all successful cases, the attributes are updated on the buffer to what the driver expects them to be.

    This will be taken to edk2 in parallel.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    Tested on an aarch64 platform that was producing the HOB but not having it allocated. This fixed it.

    Integration Instructions

    Platforms must either not produce a resource descriptor HOB for the MM Communicate Buffer or must produce a HOB fully covering the region.



  • [release/202511] Update BaseTools ext dep to v2025110001.0.9 @[mu-automation[bot]](https://github.com/apps/mu-automation) (#1800)
    Change Details
      This PR updates the BaseTools external dependency to version v2025110001.0.9.

Full Changelog: v2025110001.0.10...v2025110001.0.11

Contributors

os-d
Loading

v2025110001.0.10

18 May 16:54
@mu-automation mu-automation
v2025110001.0.10
a7fa5a4

Choose a tag to compare

View all tags
v2025110001.0.10

What's Changed

  • Revert the previous TPM table revert.. @kuqin12 (#1798)
    Change Details
      ## Description

    The TPM over FFA table revert was not necessary. Bringing back the bug fix to the mainline.

    For details on how to complete these options and their meaning refer to CONTRIBUTING.md.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    This is a one-to-one reversion.

    Integration Instructions

    N/A

      </blockquote>
  <hr>
</details>

🐛 Bug Fixes

  • [SQUASH ON REBASE] ArmPlatformPkg: MemoryInitPeiLib: Fix V2 HOB Attribute @os-d (#1801)
    Change Details
      ## Description

    Commit 5e381f8 updated the V2 resc desc HOB parsing in MemoryInitPeiLib, but if splitting the system memory HOB to accommodate the FD HOB, the attribute chosen for the leftover system memory HOB was the resource attributes, not the memory attributes.

    This fixes this by preserving the memory attribute correctly.

    This should be squashed with b8960d8, 5e381f8, and
    fb5e75c on rebase.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    Tested on a physical platform where the Patina readiness tool was failing because invalid attributes were set in a HOB field. After this change it passes.

    Integration Instructions

    N/A.

      </blockquote>
  <hr>
</details>

Full Changelog: v2025110001.0.9...v2025110001.0.10

Contributors

os-d and kuqin12
Loading

v2025110001.0.9

14 May 17:13
@mu-automation mu-automation
v2025110001.0.9
1575012

Choose a tag to compare

View all tags
v2025110001.0.9

What's Changed

  • [TPM] Revert TPM over FFA revision changes @kuqin12 (#1797)
    Change Details
      ## Description

    Some OS versions used in special environments are not ready for this change. Thus we need to revert the breaking change.

    For details on how to complete these options and their meaning refer to CONTRIBUTING.md.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    This change is being tested.

    Integration Instructions

    Change the PcdTpm2AcpiTableRev back to 4.

      </blockquote>
  <hr>
</details>

Full Changelog: v2025110001.0.8...v2025110001.0.9

Contributors

kuqin12
Loading

v2025110001.0.8

13 May 23:42
@mu-automation mu-automation
v2025110001.0.8
e973ac8

Choose a tag to compare

View all tags
v2025110001.0.8

What's Changed

  • Fix: BaseCryptLibOnOneCrypto @Flickdm (#1787)
    Change Details
      ## Description

    This PR should be rebased and merged to keep the commit history because it also has a fewer other smaller but nice to have changes that should go in with this.

    This is a workaround to not use VA_LIST in X509ConstructCertificateStackV - which goes against the UEFI specification and is broken today when using a CLANGPDB compiled binary vs a GCC5 DxeCore. This change will unblock our partner teams but the long term fix is to deprecate the (now unused) function X509ConstructCertificateStackV.

    This pull request refactors and improves the implementation of the X509ConstructCertificateStack functions in the OneCrypto library, making them more robust and better tested. The main changes include replacing a macro-based implementation with an explicit function, adding comprehensive unit tests for various input scenarios, and fixing a logic bug in the error handling macro. These changes enhance the reliability and maintainability of the certificate stack construction logic.

    X509 Certificate Stack Construction Refactor and Bug Fixes

    Implementation improvements:

    • Replaced the macro-based implementation of X509ConstructCertificateStackV with an explicit function that iterates through the variadic arguments, validates certificate sizes, and appends certificates to the stack, improving clarity and error handling. (CryptoPkg/Library/BaseCryptLibOnOneCrypto/OneCryptoLib.c)
    • Updated X509ConstructCertificateStack to call the new X509ConstructCertificateStackV function and return its result, ensuring consistent logic and error propagation. (CryptoPkg/Library/BaseCryptLibOnOneCrypto/OneCryptoLib.c)

    Bug fixes:

    • Fixed a logic bug in the CryptoServiceNotAvailable macro: changed the condition from && to || to correctly handle cases where the protocol pointer is NULL, preventing possible null pointer dereference. (CryptoPkg/Library/BaseCryptLibOnOneCrypto/OneCryptoLib.c)
      Testing improvements:
    • Added a comprehensive suite of unit tests for X509ConstructCertificateStack, covering scenarios such as null input, single and multiple certificates, appending certificates, invalid certificates, zero-size certificates, empty lists, and direct variadic calls. (CryptoPkg/Test/UnitTest/Library/BaseCryptLib/X509Tests.c)

    Metadata update:

    • Added the "id": "onecrypto-bin" field to the OneCrypto_ext_dep.json file, improving package identification. (CryptoPkg/Binaries/OneCrypto_ext_dep.json)

    For details on how to complete these options and their meaning refer to CONTRIBUTING.md.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    QemuSbsaPkg && Platform Testing

    Integration Instructions

    <Describe how these changes should be integrated. Use N/A if nothing is required.>

      </blockquote>
  <hr>
</details>
  • [CHERRY-PICK] StandaloneMmPkg: StandaloneMmIplPei: Guard S3 hob with PcdAcpiS3Enable @kuqin12 (#1795)
    Change Details
      ## Description

    The current module checks the value of gEfiAcpiVariableGuid hobs and could assert if there is no such hob available.

    However, these hobs are only available if a platform elects to support S3. Thus this change moves the hob copy logic behind a PCD check to prevent unnecessary asserts.

    (cherry picked from commit 1fe2504)

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    This was tested on QEMU Q35 and booted to Windows desktop.

    Integration Instructions

    N/A



  • [Rebase \& FF] .pytool: Image Validation Plugin: Drop Zero ImageBase Requirement @vineelko (#1793)
    Change Details
      ## Description
    • Zero ImageBase requirement is dropped from Image validation plugin as it is not enforced by most PE loaders in UEFI.
    • Patina in particular dropped support for producing .efi files with zero ImageBase
    • This also improves the debugging experience when using WinDbg
    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    Q35

    Integration Instructions

    NA



Full Changelog: v2025110001.0.7...v2025110001.0.8

Contributors

Flickdm, kuqin12, and vineelko
Loading

v2025110001.0.7

12 May 04:07
@mu-automation mu-automation
v2025110001.0.7
6f6a7c6
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v2025110001.0.7

What's Changed

  • [release/202511] Update BaseTools ext dep to v2025110001.0.6 @[mu-automation[bot]](https://github.com/apps/mu-automation) (#1789)
    Change Details
      This PR updates the BaseTools external dependency to version v2025110001.0.6.
  • [CHERRY-PICK] MdePkg: Add PCIe capability structures for DPC and DLF @AnirudhSrinivasula (#1791)
    Change Details
      Add definitions for Downstream Port Containment (DPC) Extended Capability. Add definitions for Data Link Feature (DLF). Update existing definitions for Process Address Space ID (PASID).

    (cherry picked from commit b65f976)

    Description

    Cherry-pick the Pci30.h, PciExpress21.h, PciExpress31.h, PciExpress40.h for latest Intel Server Release

    For details on how to complete these options and their meaning refer to CONTRIBUTING.md.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    Tested in latest Intel Server platforms

    Integration Instructions

    None

      </blockquote>
  <hr>
</details>

🐛 Bug Fixes

  • MdeModulePkg: DxeIplPeim Move Decompress to MsCorePkg/Core/GuidedSectionExtractPeim @apop5 (#1792)
    Change Details
      ## Description

    There are scenarios where PEIMs contained in compressed FVs are needed to complete
    the PEI stage (such as DxeIpl being in a compressed FV). GuidedSectionExtractPeim
    makes decompression available after memory is discovered instead of needing to
    wait for dxeipl to be given control. The functionality being remove here is entirely
    in GuidedSectionExtractPeimDisables, and requires platforms to include the PEIM
    out of hte MsCorePkg when they require decompression of Fvs.

    This change was split off the commit:
    7a38833

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    Physical platform encountered where multiple installations of Extract Guided section
    PPIs triggered errors.

    Integration Instructions

    If a break is encountered, verify that the MsCorePkg's GuidedSectionExtractPeim is included
    in the platforms DSC/FDF.



Full Changelog: v2025110001.0.6...v2025110001.0.7

Contributors

apop5 and AnirudhSrinivasula
Loading

v2025110001.0.6

06 May 20:05
@mu-automation mu-automation
v2025110001.0.6
5adc5a4

Choose a tag to compare

View all tags
v2025110001.0.6

What's Changed

  • [CHERRY-PICK] Adding TPM over FFA ACPI table revision fix @kuqin12 (#1786)
    Change Details
      ## Description

    This change updates the TPM2 table when using TPM over FFA to support the functionality.

    For details on how to complete these options and their meaning refer to CONTRIBUTING.md.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    This was tested on the latest Windows OS and booted to desktop with expected event log entries.

    Integration Instructions

    • To use this revision, the platforms have to update the table revision to 5 through gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|5.

    • The Windows OS has to be updated to the latest to support this new revision. Otherwise, the event logs will not be recorded.

      </blockquote>
<hr>
  • [REBASE \& FF] Support IORT revision 6 @kuqin12 (#1707)
    Change Details
      ## Description

    This change reverts the original Project MU changes as the edk2 upstreaming efforts are complete.

    For details on how to complete these options and their meaning refer to CONTRIBUTING.md.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    This is being tested on physical hardware.

    Integration Instructions

    N/A

      </blockquote>
  <hr>
</details>
  • [CHERRY-PICK] SecurityPkg: AuthVariableLib: Handle empty signature lists @kuqin12 (#1785)
    Change Details
      ## Description

    The current implementation fails to set authenticated variables when the signature list is empty. This can legitimately occur for dbx when no signatures are revoked after a certificate rotation.

    Update the logic to explicitly handle empty signature lists, avoiding an implicit dependency on the variable being absent from variable storage.

    (cherry picked from commit b980aa0)

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    This was tested on physical ARM64 platforms and booted to OS desktop and can set empty siglist variable from powershell.

    Integration Instructions

    N/A



  • [CHERRY-PICK] [REBASE \& FF] Revert MU\_CHANGE in Favor of edk2 Commits @os-d (#1784)
    Change Details
      ## Description

    This reverts a MU_CHANGE and pulls in the two relevant edk2 commits replacing it.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    N/A.

    Integration Instructions

    N/A.



  • CryptoPkg: Correct MockBaseCryptLib interface @PaddyDeng-v (#1777)
    Change Details
      ## Description

    MU_BASECORE has a override (TCBZ3925) in BaseCryptLib.h. So the mock library should align to the change in override.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    Enable the current disabled Host Unit Test for CryptoPkg (PaddyDeng-v@c24c879). Make sure MockBaseCryptLib is built and the CI build process passed.

    Integration Instructions

    N/A



  • TlsLib Unit Tests @Flickdm (#1747)
    Change Details
      Included in: [MU_CRYPTO_RELEASE Milestone 1](https://github.com/microsoft/mu_crypto_release/milestone/1)

    Description

    Add unit tests for the TlsLib library class. The test suite validates TLS functionality through the TlsLib API surface. Today there are no unit tests.

    The goal with this is to catch regressions as we move through faster crypto changes. Importantly this prints which TLS algorithms are being used to catch regressions against DFCI or other features.

    What's included

    50 test cases across 6 test suites, with both host-based and UEFI Shell entry points:

    Suite Tests Coverage
    Function pointer validation 3 TlsInitialize, TlsCtxNew, TlsNew
    Context lifecycle 4 Create/free, client/server endpoint, version setting
    Cipher suite enumeration 8 14 TLS 1.2 ciphers, DFCI required ciphers (hard-fail), EC curves, TLS 1.3, PQC hybrid groups
    Configuration 13 Verify mode, hostname verification, SNI, session ID, signature algorithms, compression, security level, shutdown, handshake state
    Certificate management 10 CA cert set/get, host cert, private key, CRL
    Getter/query functions 12 Version, connection end, cipher, compression, verify, session ID, client/server random, key material

    Key features

    • DFCI/Intune cipher validation: Hard-fails if any of the 4 required ECDHE-RSA cipher suites are missing, catching regressions that would break Surface firmware cloud connectivity
    • Structured capability reports: Outputs machine-parseable SUPPORTED/UNSUPPORTED status for all probed algorithms, suitable for CI action consumption
    • PQC readiness probing: Documents ML-KEM hybrid key exchange group support status (X25519MLKEM768, SecP256r1MLKEM768, SecP384r1MLKEM1024)
    • Firmware policy assertions: Validates that server mode returns EFI_UNSUPPORTED (client-only policy) and TLS compression is disabled (CRIME attack mitigation)

    Code coverage

    File Line Coverage
    TlsConfig.c 74.3%
    TlsInit.c 72.6%
    TlsProcess.c 8.2% (handshake/IO functions need loopback test)
    Overall ~61%

    For details on how to complete these options and their meaning refer to CONTRIBUTING.md.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    This will be added as a automation for MU_CRYPTO_RELEASE on changes to the OpensslPkg and TlsLib

    Integration Instructions

    N/A



  • MdeModulePkg/NvmExpressDxe: Add NVMe namespace filtering PCD @eeshanl (#1754)
    Change Details
      ## Description

    Add PcdNvmeNamespaceFilterId to control NVMe namespace enumeration.
    When != 0, only the specified NSID is discovered and enumerated. When 0 (default), all namespaces are enumerated as before.

    This improves security on NVMe devices with multiple namespaces.
    Without filtering, UEFI enumerates all namespaces and an attacker could place malicious boot media in a secondary namespace. By restricting enumeration to only the first namespace, we ensure the system boots exclusively from the intended namespace and prevents exploitation of additional namespaces as an attack vector.

    Changes:

    • NvmExpress.c: Add FilteringEnabled parameter to DiscoverAllNamespaces, EnumerateNvmeDevNamespace with namespace ID check when filtering
    • NvmExpressDxe.inf: Add PcdNvmeNamespaceFilterId to [Pcd] section
    • MdeModulePkg.dec: Define PcdNvmeNamespaceFilterId (default 0)

    Ref: microsoft/mu_msvm@9337285

    For details on how to complete these options and their meaning refer to CONTRIBUTING.md.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    Tested on:

    • OpenVMM platform where namespace filtering is required and successfully booted to OS via DDA NVMe with Namespace filtering on & off.

    • Physical platform and booted to OS with physical NVMe with Namespace filtering on & off.

    • Qemu Q35 by booting to OS via NVMe with Namespace filtering on & off:

      Modified QemuCommandBuilder.py with the following:

      elif device == "ssd" and self._architecture == QemuArchitecture.Q35:
    # Create NVMe controller with 2 namespaces for testing namespace filtering
    # NS1: boot media, NS2: empty 1GB drive
    self._args.extend([
        "-drive",
        f"file={path},format={format},if=none,id=nvme_ns1",
        "-drive",
        "if=none,id=nvme_ns2,format=raw,file.driver=null-co,file.size=1G",
        "-device",
        "nvme,id=nvme0,serial=nvme-1",
        "-device",
        "nvme-ns,drive=...
Read more

Contributors

eeshanl, Flickdm, and 4 other contributors
Loading

v2025110001.0.5

24 Apr 22:35
@mu-automation mu-automation
v2025110001.0.5
dd00e17
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v2025110001.0.5

What's Changed

  • [SQUASH ON REBASE] Rename TpmTestApp to TpmShellApp @Raymond-MS (#1775)
    Change Details
      ## Description

    Renamed TpmTestApp to TpmShellApp. This removes the need for a TPM_TEST_APP_ENABLE gate due to the name being *TestApp. This was causing issues in CI where the TpmTestApp was being auto included as a unit test when it isn't set up as a unit test app.

    Commit to squash into:
    8cbf776 SecurityPkg: Introduce TpmTestApp

    For details on how to complete these options and their meaning refer to CONTRIBUTING.md.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    Build both QEMU SBSA and Q35 with the TpmShellApp enabled (TPM_ENABLE/TPM2_ENABLE == TRUE). Verified TpmShellApp functionality.

    Integration Instructions

    N/A

Full Changelog: v2025110001.0.4...v2025110001.0.5

Contributors

Raymond-MS
Loading