11 Nov 22:54

github-actions

35c0ad8

v10.0.0 Latest

Latest

What's Changed

Update mainline to QEMU v10 for Windows environment @kuqin12 (#1269)
Change Details
## Description
QEMU for Linux environment has been updated through the container refresh in mu_devops.

As Chocolatey starts to host v10, this change updates the external dependency to v10 to bring parity to both environments.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested

Booted QEMU Q35 to UEFI shell.

Integration Instructions

N/A

Submodule Updates @Raymond-MS (#1244)
Change Details
## Description
Updated submodules to point to the latest release or main branches.

MU_BASECORE updated to v2025020002.0.3
https://github.com/microsoft/mu_basecore/releases/tag/v2025020002.0.3

MU_TIANO updated to v2025020005.0.0
https://github.com/microsoft/mu_tiano_plus/releases/tag/v2025020005.0.0

MU_SILICON_ARM_TIANO updated to v2025020002.0.0
https://github.com/microsoft/mu_silicon_arm_tiano/releases/tag/v2025020002.0.0

FEATURE_FFA updated to v0.1.2
https://github.com/microsoft/mu_feature_ffa/releases/tag/v0.1.2

MM_SUPV update to v19.0.2
https://github.com/microsoft/mu_feature_mm_supv/releases/tag/v19.0.2
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested

Built and ran using QEMU SBSA and Q35

Integration Instructions

N/A

Adding spin\_lock usage to ensure no time related MP issues @kuqin12 (#1258)
Change Details
## Description
Current code has used a global variable to store the next instruction after the system returned from its initial SMI.

This is not being guarded by any atomic locks, which could cause the system to hang if the other APs come to change that first.

For details on how to complete these options and their meaning refer to CONTRIBUTING.md.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested

This change fixed the hanging issue on pipeline.

Integration Instructions

N/A
```
  </blockquote>
  <hr>
</details>
```

Onboarding 64bit PEI for Q35 platform @kuqin12 (#1243)
Change Details
## Description
This change adds support for (and default to) 64 bit PEI for QEMU Q35 platform.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested

This change does not touch x86 platform. X64 platform is tested by booting to Windows desktop.

Integration Instructions

If you are using 64 bit PEI, no change needed, otherwise one needs to specify -a IA32,X64.

Add key interrupt so that it will reset the console mode @kuqin12 (#1242)
Change Details
## Description
If QEMU is interrupted with Ctrl + C, the QEMU will leave the odd console mode enabled.

There used to be some logic handling the console mode restoration, but that did not work with key interrupt case.

This change is updated to fix that case.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested

Verified that QEMU interrupted by keyboard no longer has odd console mode after the change.

Integration Instructions

N/A

Update Submodules to latest tags (release tags) @apop5 (#1223)
Change Details
## Description
MU_BASECORE to v2025020002.0.0
MU_TIANO_PLUS to v2025020004.0.0
MU_FEATURE_CONFIG to v6.0.2
MU_FEATURE_DEBUGGER to v0.2.7
MU_FEATURE_MM_SUPV v19.0.0
MU_FEATURE_DFCI to v4.0.9
MU_PLUS to v2025020003.0.0
MU_OEM_SAMPLE to v2025020001.0.0
MU_SILICON_ARM_TIANO to v2025020001.0.0
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested

Local Build and Boot.

Integration Instructions

No integration necessary.

Adding MP management test application for SBSA @kuqin12 (#1218)
Change Details
## Description
The existing QEMU SBSA has certain issues in the TF-A side that would prevent the system to launch multiple cores with proper MP support. Specifically due to the following flow:
- The setup places BL1, BL2, BL31, STMM code, and UEFI variables in secure flash to emulate physical platform behavior.
- During POR, TFA BL1 powers on all cores but boots only the primary core. The secondary APs enter an idle loop, polling the mailbox command.
  Note: The secondary APs execute in XIP mode from flash where BL1 resides.
- Once the primary core transitions to STMM, the UEFI flash driver attempts to write to the flash device, using this logic
- This write operation switches the flash to program mode, which inadvertently wakes the secondary cores from WFE.
- Since the flash is no longer in read mode, the secondary cores encounter data abort faults when trying to fetch instructions.
This change in TFA patch will move the AP cores to be held in BL31 context. The wfi routine inside is created to prevent the BSP to be waken up too easily.

The rest of the change is to integrate the MP management driver and test to be run on CI pipeline.

For details on how to complete these options and their meaning refer to CONTRIBUTING.md.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested

This was tested on QEMU SBSA and passed the test application.

Integration Instructions

N/A
```
  </blockquote>
  <hr>
</details>
```

Update all submodules to latest @makubacki (#1219)
Change Details
## Description
Major incoming changes:
- Update to shared crypto v1.1.1
- Set CLANGPDB X64 file alignment to 512 to support current goblin expectations
- Allow up to 32 delayed dispatch entries in PEI
- PiSmmIpl: Prevent freeing from uninitialized pointers
- UefiCpuPkg/MpLib: Spinlock RestoreVolatileRegisters
- XhciDxe: Fix USB reset issues
- Various Arm FFA changes
- UefiCPuPkg/PiSmmCpuDxeSmm: Safe handling of IDT register on SMM entry
- Tpm2HelpLib addition
- OnScreenKeyboardDriver: Add null check for SCT compliance
- Add SEC support to BaseArm instance of AdvancedLoggerLib
- OemPkg: MuUefiVersionLib - fix ClangDwarf compile
- Adds support to query the TPM for supported hash algorithms
- MM Supervisor version updated to "19"
- MM Supervisor: BaseLibSysCall - support the GCC build family
- MM Supervisor: CVE 2025-3770 integration
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
- Q35 build and boot to EFI shell
- SBSA build and boot to EFI shell
Integration Instructions
- N/A

Remove rust content from repo @apop5 (#1216)
Change Details
## Description
Remove building rust infs from Q35 and Sbsa.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested

CI

Integration Instructions

No integration necessary.

Cleanup ArmPlatformLib usage for QEMU SBSA @kuqin12 (#1213)

Change Details

## Description
The current state of platform is using NULL instance of ArmPlatformLib for the SEC phase and the real QEMU SBSA instance for PEI phase. This will cause the incorrect hobs to be created and consumed by later components.

This change moves the h...

Contributors

makubacki, os-d, and 3 other contributors

Assets 4

06 Jun 22:03

github-actions

v9.1.1

8c00682

v9.1.1

What's Changed

Update to Q35/SBSA to 202502 Dev Branches. [Merge \& FF] @apop5 (#1142)
Change Details
## Description
Update submodules to 202502 dev branches.
mu_basecore to dev-v2025020000.0.6
mu_plus to dev-v2025020000.1.1
mu_oem_sample to dev-2025020000.0.0
mu_tiano_plus to dev-v2025020000.0.0

mu_feature_config to v6.0.0
mu_feature_debugger to v0.2.4
mu_feature_dfci to v4.0.9
mu_feature_mm_supv to v17.0.0
mu_silicon_arm_tiano to dev-v2025020000.0.0

TFA to v2.13.0-rc
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested

Local CI (Unit Tests, Build Tests, etc)
Booted Windows 11 Image for Q35
Booted Windows Image for Sbsa.

Integration Instructions

No integration necessary.

Full Changelog: v9.1.0...v9.1.1

Contributors

apop5

Assets 4

06 Jun 20:35

github-actions

v9.1.0

fb306a2

v9.1.0

What's Changed

Update QEMU in Linux environment to use v10 @kuqin12 (#1144)
Change Details
## Description
This change picks up the v10.0.0 version of QEMU for Linux environment, because we need a timer feature from this version to support hafnium.

Windows version is left out because Chocolatey is not updated to produce this version yet.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested

This change is tested locally and booted to Windows.

Integration Instructions

N/A

[REBASE\&FF] Re-enable Rust CI @Javagedes (#1118)
Change Details
## Description
Closes #1113

Adds a new command line argument to all Build Files (QemuQ35Pkg/PlatformBuild.py, QemuSbsaPkg/PlatformBuild.py, .pytool/CISettings.py), --rust, which adds the rust-ci scope and adds in rust components to the platform.

Additionally updates the CI system to add two new runners to test:
- Linux, Debug, QemuQ35Pkg + Rust
- Linux, Debug, QemuSbsaPkg + Rust
Finally, re-enables rust in all CI builds (stuart_ci_build) by adding the --rust flag.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested

All Platforms continue to build and pass, both with rust and non-rust builds. rust CI is ran with stuart_ci_build when the --rust flag is added, including on CI Runners

Integration Instructions

N/A

Enable LineParserTestApp Again @makubacki (#1120)
Change Details
## Description
Was broken for a while due to some earlier adv logger changes. Temporarily exempted to unblock Mu Plus updates in: 7970218

Issues fixed in:
microsoft/mu_plus@4ac6d20

Enabled again here with that submodule update.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
- Run LineParserTestApp in EFI shell
Integration Instructions
- N/A

Cargo: Update dependencies @Javagedes (#1117)
Change Details
## Description
RustAdvancedLoggerDxe has a dependency on mu_uefi_boot_services, but microsoft/mu_rust_helpers#50 removed the crate from the repository. Following the integration instructions in the PR, we now pull in the crate from crates.io.

This re-enables the ability to build rust with BLD_*_BUILD_RUST_CODE=TRUE
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested

Confirmed build with BLD_*_BUILD_RUST_CODE=TRUE

Integration Instructions

<Describe how these changes should be integrated. Use N/A if nothing is required.>
```
  </blockquote>
  <hr>
</details>
```

Move default to dev branches and non-Rust build [Rebase \& FF] @makubacki (#1112)
Change Details
## Description
Moves to dev branches as the default to allow new features and code to be tested.

Move the Rust modules behind build flag to prevent Rust from being enabled by default.

This is to immediately simplify and update the build to latest. Further changes will be made to both changes.
1. Enhance separation of the Rust build.
2. Consider testing release branches in addition to the default use of dev branches in CI.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
- Build without specifying BLD_*_BUILD_RUST_CODE=TRUE
- Boot to EFI shell
Integration Instructions

Currently, BLD_*_BUILD_RUST_CODE=TRUE must be specified to build the modules that contain Rust code. The rust-ci scope will be added back when building Rust code is active in a future change.

devcontainer.json: Use Ubuntu 24.04 @makubacki (#1110)
Change Details
## Description
Updates the dev container to use the ubuntu-24-dev image.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
- Set up devcontainer locally in VS Code.
Integration Instructions
- N/A

Use hidparser crate from crates.io @makubacki (#1100)
Change Details
## Description
Swap the dependency out to the published crate since that will be the official release moving forward.

https://crates.io/crates/hidparser
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
- Local build and CI
Integration Instructions
- N/A

Fix memory leak and also detect failed memory allocation @vincent-j-zimmer (#1084)
Change Details
## Description
Fixes #632

This change is responsive to #632. It fixes a memory leak and also defends against a failed memory allocation.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested

Build test and boot to shell using QEMU

Integration Instructions

N/A

Updating Secure Boot Binaries to v1.1.3 @Flickdm (#1074)
Change Details
## Description
Updating to the latest secure boot binaries.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested

Booted to Windows on physical platform

Integration Instructions

N/A

Bugfix: Do not enable SERIAL\_PORT by default in SBSA @eeshanl (#1057)
Change Details
## Description
Bug fix for SERIAL_PORT being enabled by default in QemuRunner.py for SBSA.
On SBSA, the serial port should not be set by default, as it will prevent writing to stdout, making it hard to tell progress.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested

Tested locally in mu_tiano_platforms

Integration Instructions

N/A
```
  </blockquote>
  <hr>
</details>
```

Enable Debugger By Default in Q35/SBSA @os-d (#1036)
Change Details
## Description
This PR turns mu_feature_debugger on by default in Q35/SBSA. It sets no initial breakpoint, but will break in on an exception. As part of this, QemuRunner defaults to having SERIAL_PORT=50001 if this is not overridden, so that on a regular boot of Q35 the debugger can easily be used. On SBSA, the serial port is not added by default, as it will prevent writing to stdout, making it hard to tell progress.

An additional command line flag is added BLD_*_DXE_DBG_BRK to control whether the initial breakpoint is set. Passing BLD_*_DXE_DBG_BRK=TRUE on the commandline will set an unlimited initial breakpoint on DxeCore entrance.

The other caveat in SBSA is that with a single serial port, debugger polling is disabled, otherwise the debugger can eat user keystrokes at the shell.

Once supervised StMM support is added to mu_feature_debugger (microsoft/mu_feature_debugger#59), it will be added here with a corresponding flag to force breaking in to the MM debugger.
- Impacts function...

Contributors

eeshanl, Flickdm, and 6 other contributors

Assets 4

24 Sep 14:01

github-actions

v8.0.1

ed05914

v8.0.1

What's Changed

QemuQ35Pkg.dsc: Apply XenHypercallLib to valid archs @makubacki (#1041)
Change Details
## Description
The XenHypercallLib instance in QemuQ35Pkg has the following LIBRARY_CLASS value in its [DEFINES] section:
```
  [Defines.IA32, Defines.X64]
    LIBRARY_CLASS                  = XenHypercallLib|...

  [Defines.ARM, Defines.AARCH64]
    LIBRARY_CLASS                  = XenHypercallLib
```
However, the library instance is specified in QemuQ35Pkg.dsc against the "Common" architecture as it is placed in the [LibraryClasses] section.

This raises the following warning during build:
```
  INFO - QemuQ35Pkg.dsc(...): warning:
    Platforms\QemuQ35Pkg\Library\XenHypercallLib\XenHypercallLib.inf
    does not support LIBRARY_CLASS XenHypercallLib
```
This is printed from the _ValidateLibraryClass() function in BaseTools/Source/Python/Workspace/DscBuildData.py because the library class is bound by architecture in the INF file so it does not support the "Common" architecture.

This change maps the library instance to the XenHypercallLib class per the defined architectures (IA32 and X64) in QemuQ35Pkg.dsc.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
- QemuQ35Pkg before and after the change
Integration Instructions
- N/A

Update basecore and supervisor submodules @kuqin12 (#1025)
Change Details
## Description
Update mu_basecore to top of release/202405 and supervisor repo to pair up with the updated override tags.

For details on how to complete to complete these options and their meaning refer to CONTRIBUTING.md.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested

Tested on QEMU Q35 and booted to shell.

Integration Instructions

N/A

Set workspace resolver to version 2 @antklein (#1024)
Change Details
## Description
Add an explicit set for resolver to use version 2. This is required for virtual workspaces as the rust edition cannot be inferred by the compiler.

For details on how to complete to complete these options and their meaning refer to CONTRIBUTING.md.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested

I validated that cargo make build, test, and coverage did not change.

Integration Instructions

N/A

🛠️ Submodule Updates

Bump Common/MU\_TIANO from 2024050000.0.0 to 2024050000.0.1 @ProjectMuBot (#1033)
Change Details
Bumps Common/MU_TIANO from `2024050000.0.0` to `2024050000.0.1`
Introduces 8 new commits in Common/MU_TIANO.
Commits
- 60690b Revert "FmpDevicePkg: Assert on PcdFmpDeviceImageTypeIdGuid Size Mismatch"
- 8e813d [CHERRY-PICK] FmpDevicePkg: Assert on PcdFmpDeviceImageTypeIdGuid Size Mismatch
- d60d41 Revert "EmbeddedPkg: Mark DMA Memory Allocations XP By Default"
- 622dc7 [CHERRY-PICK] EmbeddedPkg: Mark DMA Memory Allocations XP By Default
- c454e6 Revert "PrmPkg: Don"t Set Access Attributes of Runtime MMIO Ranges (#51)"
- 432fdb [CHERRY-PICK] PrmPkg: Don"t Set Access Attributes of Runtime MMIO Ranges
- 67e042 [CHERRY-PICK] EmbeddedPkg: NonCoherentDmaLib: Set EFI_MEMORY_XP Capability on DMA Buffer
- ef21d6 pip: bump edk2-pytool-extensions from 0.27.11 to 0.27.12 (#329)
Signed-off-by: Project Mu Bot [email protected]

Bump Features/CONFIG from 2.0.13 to 3.0.0 @ProjectMuBot (#1035)
Change Details
Bumps Features/CONFIG from `2.0.13` to `3.0.0`
Introduces 22 new commits in Features/CONFIG.
Commits
- fb0659 SetupDataPkg/ConfApp: Fix incorrect type used in a GUID print (#381)
- ab3555 pip: bump edk2-pytool-extensions from 0.27.9 to 0.27.10 (#382)
- 7eb698 Removing script that would create windows executable from a python file. (#380)
- 07d1b6 pip: bump pytest from 8.2.2 to 8.3.1 (#384)
- 84061c pip: bump pyopenssl from 24.1.0 to 24.2.1 (#383)
- 473977 pip: bump regex from 2024.5.15 to 2024.7.24 (#387)
- a9ead4 pip: bump xmlschema from 3.3.1 to 3.3.2 (#386)
- e6856b pip: bump pytest from 8.3.1 to 8.3.2 (#385)
- 2c08cd pip: bump edk2-pytool-library from 0.21.8 to 0.21.9 (#388)
- c4ffcc pip: bump flake8 from 7.1.0 to 7.1.1 (#391)
- 5552ed pip: bump antlr4-python3-runtime from 4.13.1 to 4.13.2 (#390)
- 377d98 Switch to use edk2-pytool-library UefiVariableSupportLib. (#362)
- bd44e7 pip: bump edk2-pytool-library from 0.21.9 to 0.21.10 (#389)
- 7d4a54 Repo File Sync: synced file(s) with microsoft/mu_devops (#392)
- f7a1e7 pip: bump edk2-pytool-extensions from 0.27.10 to 0.27.11 (

Contributors

makubacki, dependabot, and 3 other contributors

Assets 4

19 Aug 20:54

github-actions

v8.0.0

25b8264

v8.0.0

What's Changed

pip: bump edk2-pytool-extensions and edk2-pytool-library @apop5 (#1021)
Change Details
## Description
edk2-pytool-extensions from 0.27.10 to 0.27.11
edk2-pytool-library from 0.21.9 to 0.21.10
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested

N/A

Integration Instructions

N/A

Add back memory map test app @kuqin12 (#1018)
Change Details
## Description
This change re-enables the memory map test app fix by picking up the latest MU_PLUS and MU_SILICON_ARM.

Resolves #1017.

For details on how to complete to complete these options and their meaning refer to CONTRIBUTING.md.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested

This change is tested on QEMU Q35.

Integration Instructions

N/A
```
  </blockquote>
  <hr>
</details>
```

Integrate PEI RNG Shared Crypto @makubacki (#1007)
Change Details
## Description
Produces an RNG PPI that is used by shared crypto to abstract platform RNG support.
- Updates Mu Basecore to v2023110010.0.1
- Updates Mu Tiano Plus to v2023110001.1.0
- Updates Mu MM Supervisor to v12.0.1 (for overrides)
- Updates pytools for compat with Mu Basecore Rust plugin
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
- CI
- Verified RngPei is launched
- Verified RNG PPI is installed
- Verified Shared Crypto can use RNG PPI as expected
- EFI Shell Boot
Integration Instructions
- N/A

Remove DxePagingAuditTestApp Exemption From Q35 and SBSA @os-d (#1001)
Change Details
## Description
The DxePagingAuditTestApp was failing on all architectures because of a misimplementation. That was fixed in
microsoft/mu_plus#528. This patch pulls in the newer mu_plus to get that change and drops the exemption from Q35 and SBSA.
- Impacts functionality?
  - Functionality - Does the change ultimately impact how firmware functions?
  - Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
  - Security - Does the change have a direct security impact on an application,
    flow, or firmware?
  - Examples: Crypto algorithm change, buffer overflow fix, parameter
    validation improvement, ...
- Breaking change?
  - Breaking change - Will anyone consuming this change experience a break
    in build or boot behavior?
  - Examples: Add a new library class, move a module to a different repo, call
    a function in a new library class in a pre-existing module, ...
- Includes tests?
  - Tests - Does the change include any explicit test code?
  - Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
  - Documentation - Does the change contain explicit documentation additions
    outside direct code modifications (and comments)?
  - Examples: Update readme file, add feature readme file, link to documentation
    on an a separate Web page, ...
How This Was Tested

Ran paging audit test and it succeeds.

Integration Instructions

N/A.
```
  </blockquote>
  <hr>
</details>
```

PlatformBuild.py: Extend DxePagingAudit exception for 3 months @makubacki (#1000)
Change Details
## Description
Pipelines are currently failing since the exception has expired.
- Impacts functionality?
  - Functionality - Does the change ultimately impact how firmware functions?
  - Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
  - Security - Does the change have a direct security impact on an application,
    flow, or firmware?
  - Examples: Crypto algorithm change, buffer overflow fix, parameter
    validation improvement, ...
- Breaking change?
  - Breaking change - Will anyone consuming this change experience a break
    in build or boot behavior?
  - Examples: Add a new library class, move a module to a different repo, call
    a function in a new library class in a pre-existing module, ...
- Includes tests?
  - Tests - Does the change include any explicit test code?
  - Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
  - Documentation - Does the change contain explicit documentation additions
    outside direct code modifications (and comments)?
  - Examples: Update readme file, add feature readme file, link to documentation
    on an a separate Web page, ...
How This Was Tested
- CI
Integration Instructions
- N/A

Support CLANGPDB to build ARM SBSA @kuqin12 (#944)
Change Details
# Preface
Please ensure you have read the contribution docs prior
to submitting the pull request. In particular,
pull request guidelines.

Description

This change is created to support building SBSA using CLANGPDB.

For each item, place an "x" in between [ and ] if true. Example: [x].
(you can also check items in the GitHub UI)
- Impacts functionality?
  - Functionality - Does the change ultimately impact how firmware functions?
  - Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
  - Security - Does the change have a direct security impact on an application,
    flow, or firmware?
  - Examples: Crypto algorithm change, buffer overflow fix, parameter
    validation improvement, ...
- Breaking change?
  - Breaking change - Will anyone consuming this change experience a break
    in build or boot behavior?
  - Examples: Add a new library class, move a module to a different repo, call
    a function in a new library class in a pre-existing module, ...
- Includes tests?
  - Tests - Does the change include any explicit test code?
  - Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
  - Documentation - Does the change contain explicit documentation additions
    outside direct code modifications (and comments)?
  - Examples: Update readme file, add feature readme file, link to documentation
    on an a separate Web page, ...
How This Was Tested

This was tested locally using QEMU SBSA platform and booted to UEFI shell.

Integration Instructions

N/A
```
  </blockquote>
  <hr>
</details>
```

Update Platform CI for -a flag removal @makubacki (#968)
Change Details
## Description
Passes the architecture for platform builds through the build flags.

For compatibility with the v10.0.0 Mu DevOps release: https://github.com/microsoft/mu_devops/releases/tag/v10.0.0
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested
- Pipeline build
Integration Instructions
- N/A

Update QEMU binary to v7.0.1 @kuqin12 (#951)
Change Details
## Description
This change picks up the v7.0.1 release of QEMU binaries with the fix of QEMU ARM64 missing a VGA binary._
- Impacts functionality?
  - Functionality - Does the change ultimately impact how firmware functions?
  - Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
  - Security - Does the change have a direct security impact on an application,
    flow, or firmware?
  - Examples: Crypto algorithm change, buffer overflow fix, parameter
    validation improvement, ...
- Breaking change?
  - Breaking change - Will anyone consuming this change experience a break
    in build or boot behavior?
  - Examples: Add a new library class, move a module to a different repo, call
    a function in a new library class in a pre-existing module, ...
- Includes tests?
  - Tests - Do...

Contributors

makubacki, Javagedes, and 5 other contributors

Assets 9

24 Apr 18:00

github-actions

v7.0.0

2ec326c

v7.0.0

What's Changed

Upgrade default QEMU to v9.0.0 @kuqin12 (#901)
Change Details
## Description
v9.0.0 fixed a few known issues blocking us from upgrading to QEMU of later than v7.2.0.

This change is made to upgrade the default QEMU to v9.0.0 to intake the latest release.
- Impacts functionality?
  - Functionality - Does the change ultimately impact how firmware functions?
  - Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
  - Security - Does the change have a direct security impact on an application,
    flow, or firmware?
  - Examples: Crypto algorithm change, buffer overflow fix, parameter
    validation improvement, ...
- Breaking change?
  - Breaking change - Will anyone consuming this change experience a break
    in build or boot behavior?
  - Examples: Add a new library class, move a module to a different repo, call
    a function in a new library class in a pre-existing module, ...
- Includes tests?
  - Tests - Does the change include any explicit test code?
  - Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
  - Documentation - Does the change contain explicit documentation additions
    outside direct code modifications (and comments)?
  - Examples: Update readme file, add feature readme file, link to documentation
    on an a separate Web page, ...
How This Was Tested

This change is tested locally on Windows and WSL environment.

Integration Instructions

Existing clones will need to perform PlatformBuild.py --update to download the latest version of QEMU.

Integrate TF-A v2.10 @kuqin12 (#920)
Change Details
# Preface
Please ensure you have read the contribution docs prior
to submitting the pull request. In particular,
pull request guidelines.

Description

The TF-A v2.10 updated the footprint of images drastically and supported extra CPU models, causing the existing flash map not able to suit the BL1.

This change updated the flash map and improved the patching routine in post-build to fail the build next time.

For each item, place an "x" in between [ and ] if true. Example: [x].
(you can also check items in the GitHub UI)
- Impacts functionality?
  - Functionality - Does the change ultimately impact how firmware functions?
  - Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
  - Security - Does the change have a direct security impact on an application,
    flow, or firmware?
  - Examples: Crypto algorithm change, buffer overflow fix, parameter
    validation improvement, ...
- Breaking change?
  - Breaking change - Will anyone consuming this change experience a break
    in build or boot behavior?
  - Examples: Add a new library class, move a module to a different repo, call
    a function in a new library class in a pre-existing module, ...
- Includes tests?
  - Tests - Does the change include any explicit test code?
  - Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
  - Documentation - Does the change contain explicit documentation additions
    outside direct code modifications (and comments)?
  - Examples: Update readme file, add feature readme file, link to documentation
    on an a separate Web page, ...
How This Was Tested

This is tested functional on QEMU SBSA with max CPU model.

Integration Instructions

N/A
```
  </blockquote>
  <hr>
</details>
```

Refresh Paging Audit Test App CI Exemption @TaylorBeebe (#919)
Change Details
## Description
The DXE paging audit test app was updated to check for Enhanced Memory
Protection compliance. Project Mu is currently being updated to pass to
pass the remaining two checks (RP on free memory and RP on GCD
nonexistent regions). This PR updates the exemption date for
SBSA and Q35 so test failures don't block CI gates.
- Impacts functionality?
  - Functionality - Does the change ultimately impact how firmware functions?
  - Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
  - Security - Does the change have a direct security impact on an application,
    flow, or firmware?
  - Examples: Crypto algorithm change, buffer overflow fix, parameter
    validation improvement, ...
- Breaking change?
  - Breaking change - Will anyone consuming this change experience a break
    in build or boot behavior?
  - Examples: Add a new library class, move a module to a different repo, call
    a function in a new library class in a pre-existing module, ...
- Includes tests?
  - Tests - Does the change include any explicit test code?
  - Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
  - Documentation - Does the change contain explicit documentation additions
    outside direct code modifications (and comments)?
  - Examples: Update readme file, add feature readme file, link to documentation
    on an a separate Web page, ...
How This Was Tested

Tested in CI pipelines

Integration Instructions

N/A

qemu\_extdep: Remove the linux extdep @Javagedes (#915)
Change Details
## Description
Removes the qemu external dependency for linux and instead uses the qemu that is directly installed on the system.

Note: I've opted to keep the github action that produces the linux external dependency in-case we opt to switch back to using it, or as an example to anyone that needs to build it locally.
- Impacts functionality?
  - Functionality - Does the change ultimately impact how firmware functions?
  - Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
  - Security - Does the change have a direct security impact on an application,
    flow, or firmware?
  - Examples: Crypto algorithm change, buffer overflow fix, parameter
    validation improvement, ...
- Breaking change?
  - Breaking change - Will anyone consuming this change experience a break
    in build or boot behavior?
  - Examples: Add a new library class, move a module to a different repo, call
    a function in a new library class in a pre-existing module, ...
- Includes tests?
  - Tests - Does the change include any explicit test code?
  - Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
  - Documentation - Does the change contain explicit documentation additions
    outside direct code modifications (and comments)?
  - Examples: Update readme file, add feature readme file, link to documentation
    on an a separate Web page, ...
How This Was Tested

N/A

Integration Instructions

N/A
```
  </blockquote>
  <hr>
</details>
```

Enable MU Debugger Package for Q35 \& SBSA @cfernald (#910)
Change Details
## Description
Ingests the MU_FEATURE_DEBUGGER repo and enabled the software debugger for both Q35 and SBSA through the build flag BLD_*_DEBUGGER_ENABLED=TRUE to debug over the serial port specified by the runtime flag SERIAL_PORT=####.

Creates a debug transport for Q35 that wraps the IO port serial port lib implementation but swaps the UART port address before calling to allow the debugger to run on a separate port then the debug output.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested

Locally tested on both SBSA and Q35.

Integration Instructions

N/A
```
  </blockquote>
  <hr>
</details>
```

⚠️ Breaking Changes

Update MU\_BASECORE to v2023110004.0.0, MM\_SUPV to v11.0.1 and MU\_PLUS to v2023110000.0.5 @kuqin12 (#911)
Change Details
## Description
This change updates the MU_BASECORE, MM_SUPV and MU_PLUS submodules and fixes integration errors:

Submodule Version

MU_BASECORE v2023110004.0.0

MM_SUPV v11.0.1

MU_PLUS v2023110000.0.5
- Impacts functionality?
  - Functionality - Does the change ultimately impact how firmware functions?
  - Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
  - Security - Does the change have a direct security impact on an application,
    flow, or firmware?
  - Examples: Crypto algorithm change, buffer overflow fix, parameter
    validation improvement, ...
- Breaking change?
  - **Break...

Submodule	Version
MU_BASECORE	v2023110004.0.0
MM_SUPV	v11.0.1
MU_PLUS	v2023110000.0.5

Contributors

cfernald, Javagedes, and 4 other contributors

Assets 9

11 Apr 23:12

github-actions

v6.0.0

271185d

v6.0.0

What's Changed

Add HTTP and acpiview commands to UEFI shell @kuqin12 (#902)
Change Details
# Preface
Please ensure you have read the contribution docs prior
to submitting the pull request. In particular,
pull request guidelines.

Description

Current QEMU platforms do not support needed cmdlets for system status inspection.

This change added a few command options to the UEFI shell to further support necessary tests in the future.

For each item, place an "x" in between [ and ] if true. Example: [x].
(you can also check items in the GitHub UI)
- Impacts functionality?
  - Functionality - Does the change ultimately impact how firmware functions?
  - Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
  - Security - Does the change have a direct security impact on an application,
    flow, or firmware?
  - Examples: Crypto algorithm change, buffer overflow fix, parameter
    validation improvement, ...
- Breaking change?
  - Breaking change - Will anyone consuming this change experience a break
    in build or boot behavior?
  - Examples: Add a new library class, move a module to a different repo, call
    a function in a new library class in a pre-existing module, ...
- Includes tests?
  - Tests - Does the change include any explicit test code?
  - Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
  - Documentation - Does the change contain explicit documentation additions
    outside direct code modifications (and comments)?
  - Examples: Update readme file, add feature readme file, link to documentation
    on an a separate Web page, ...
How This Was Tested

This was tested on QEMU Q35 and SBSA in UEFI shell environments.

Integration Instructions

N/A
```
  </blockquote>
  <hr>
</details>
```

Fix console after returning from QEMU @kuqin12 (#900)
Change Details
# Preface
Please ensure you have read the contribution docs prior
to submitting the pull request. In particular,
pull request guidelines.

Description

The fix is enlightened by the original QEMU thread here: https://gitlab.com/qemu-project/qemu/-/issues/1674.

The change fixed the garbled command prompt after returning from QEMU v8+ on Windows platforms.

For each item, place an "x" in between [ and ] if true. Example: [x].
(you can also check items in the GitHub UI)
- Impacts functionality?
  - Functionality - Does the change ultimately impact how firmware functions?
  - Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
  - Security - Does the change have a direct security impact on an application,
    flow, or firmware?
  - Examples: Crypto algorithm change, buffer overflow fix, parameter
    validation improvement, ...
- Breaking change?
  - Breaking change - Will anyone consuming this change experience a break
    in build or boot behavior?
  - Examples: Add a new library class, move a module to a different repo, call
    a function in a new library class in a pre-existing module, ...
- Includes tests?
  - Tests - Does the change include any explicit test code?
  - Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
  - Documentation - Does the change contain explicit documentation additions
    outside direct code modifications (and comments)?
  - Examples: Update readme file, add feature readme file, link to documentation
    on an a separate Web page, ...
How This Was Tested

This was tested on QEMU v9.0.0-rc1 on Windows and confirmed it fixes the command prompt after returning from QEMU runner.

Integration Instructions

N/A
```
  </blockquote>
  <hr>
</details>
```

Remove UEFI Ext as it has moved to mu\_feature\_debugger @cfernald (#894)
Change Details
## Description
the UEFI windbg Extension has moved to https://github.com/microsoft/mu_feature_debugger.
- Impacts functionality?
- Impacts security?
- Breaking change?
- Includes tests?
- Includes documentation?
How This Was Tested

N/A

Integration Instructions

N/A
```
  </blockquote>
  <hr>
</details>
```

Create Memory Allocation HOB Entry for QEMU FDT Blob @TaylorBeebe (#876)
Change Details
## Description
The flattened device tree blob is placed in memory at the address specified by PcdDeviceTreeInitialBaseAddress. This PR creates a memory allocation HOB entry for the pages spanning the start and end of the FDT so it cannot be allocated during boot.
- Impacts functionality?
  - Functionality - Does the change ultimately impact how firmware functions?
  - Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
  - Security - Does the change have a direct security impact on an application,
    flow, or firmware?
  - Examples: Crypto algorithm change, buffer overflow fix, parameter
    validation improvement, ...
- Breaking change?
  - Breaking change - Will anyone consuming this change experience a break
    in build or boot behavior?
  - Examples: Add a new library class, move a module to a different repo, call
    a function in a new library class in a pre-existing module, ...
- Includes tests?
  - Tests - Does the change include any explicit test code?
  - Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
  - Documentation - Does the change contain explicit documentation additions
    outside direct code modifications (and comments)?
  - Examples: Update readme file, add feature readme file, link to documentation
    on an a separate Web page, ...
How This Was Tested

Tested by running SBSA and reviewing the memory allocation HOBs

Integration Instructions

N/A
```
  </blockquote>
  <hr>
</details>
```

Update Virtual Drive Manager File Collection and mu\_plus Subrepo @TaylorBeebe (#886)
Change Details
## Description
The PDE.dat file is no longer produced by the paging audit, so the get_file call will fail.
- Impacts functionality?
  - Functionality - Does the change ultimately impact how firmware functions?
  - Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
  - Security - Does the change have a direct security impact on an application,
    flow, or firmware?
  - Examples: Crypto algorithm change, buffer overflow fix, parameter
    validation improvement, ...
- Breaking change?
  - Breaking change - Will anyone consuming this change experience a break
    in build or boot behavior?
  - Examples: Add a new library class, move a module to a different repo, call
    a function in a new library class in a pre-existing module, ...
- Includes tests?
  - Tests - Does the change include any explicit test code?
  - Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
  - Documentation - Does the change contain explicit documentation additions
    outside direct code modifications (and comments)?
  - Examples: Update readme file, add feature readme file, link to documentation
    on an a separate Web page, ...
How This Was Tested

Tested by running the paging audit on Q35 and SBSA

Integration Instructions

N/A

Add SSE4.1 Instructions to Q35 @os-d (#882)
Change Details
## Description
Windows requires both the SSE4.1 and SSE4.2 instructions to boot. Add these to the Q35 QEMU cmdline so that the VM has these available.

For each item, place an "x" in between [ and ] if true. Example: [x].
(you can also check items in the GitHub UI)
- Impacts functionality?
  - Functionality - Does the change ultimately impact how firmware functions?
  - Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
  - Security - Does the change have a direct security impact on an application,
    flow, or firmware?
  - Examples: Crypto algorithm change, buffer overflow fix, parameter
    validation improvement, ...
- Breaking change?
  - Breaking change - Will anyone consuming this change experience a break
    in build or boot behavior?
  - Examples: Add a new library class, move a module to a different repo, call
    a function in...

Contributors

cfernald, Javagedes, and 4 other contributors

Assets 9

14 Mar 00:19

github-actions

v5.1.2

eb3155b

v5.1.2

What's Changed

.github/workflows/publish-qemu-bin.yml: reliability updates @Javagedes (#880)
Change Details
## Description
Updates release pipeline for the qemu binary to release qemu v7.2.0 as a external dependency and to also provide the following roms:
- efi-e1000e.rom
- efi-virtio.rom
- Impacts functionality?
  - Functionality - Does the change ultimately impact how firmware functions?
  - Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
  - Security - Does the change have a direct security impact on an application,
    flow, or firmware?
  - Examples: Crypto algorithm change, buffer overflow fix, parameter
    validation improvement, ...
- Breaking change?
  - Breaking change - Will anyone consuming this change experience a break
    in build or boot behavior?
  - Examples: Add a new library class, move a module to a different repo, call
    a function in a new library class in a pre-existing module, ...
- Includes tests?
  - Tests - Does the change include any explicit test code?
  - Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
  - Documentation - Does the change contain explicit documentation additions
    outside direct code modifications (and comments)?
  - Examples: Update readme file, add feature readme file, link to documentation
    on an a separate Web page, ...
How This Was Tested

Verified Terminal was not in an invalid state after exiting qemu, and that the above roms were successfully found at runtime.

Integration Instructions

Perform a release and update the qemu external dependency inside mu_tiano_platforms
```
  </blockquote>
  <hr>
</details>
```

Full Changelog: v5.1.1...v5.1.2

Contributors

Javagedes

Assets 9

Releases: microsoft/mu_tiano_platforms

v10.0.0

What's Changed

How This Was Tested

Integration Instructions

How This Was Tested

Integration Instructions

How This Was Tested

Integration Instructions

How This Was Tested

Integration Instructions

How This Was Tested

Integration Instructions

How This Was Tested

Integration Instructions

How This Was Tested

Integration Instructions

How This Was Tested

Integration Instructions

How This Was Tested

Integration Instructions

Contributors

Uh oh!

v9.1.1

What's Changed

How This Was Tested

Integration Instructions

Contributors

Uh oh!

v9.1.0

What's Changed

How This Was Tested

Integration Instructions

How This Was Tested

Integration Instructions

How This Was Tested

Integration Instructions

How This Was Tested

Integration Instructions

How This Was Tested

Integration Instructions

How This Was Tested

Integration Instructions

How This Was Tested

Integration Instructions

How This Was Tested

Integration Instructions

How This Was Tested

Integration Instructions

How This Was Tested

Integration Instructions

Contributors

Uh oh!

v9.0.0

What's Changed

⚠️ Breaking Changes

QemuQ35Pkg: Drop S3 and Lock Box support

QemuQ35Pkg: Remove S3 and Lock Box related code

QemuQ35Pkg/Sec: Drop S3 and Lock Box support

QemuQ35Pkg/PlatformPei: Drop S3 and Lock Box support

QemuQ35Pkg/AcpiPlatformDxe: Drop S3 and Lock Box support

QemuQ35Pkg/SmmControl2Dxe: Drop S3 and Lock Box support

QemuQ35Pkg/SmmAccess: Drop S3 and Lock Box support

QemuQ35Pkg.fdf: Remove assignment of Lock Box PCDs

QemuSbsaPkg: Use LockBoxLib null instance

QemuPkg: Remove LockBoxLib

How This Was Tested

Integration Instructions

🚀 Features & ✨ Enhancements

QemuQ35Pkg: Drop S3 and Lock Box support

QemuQ35Pkg: Remove S3 and Lock Box related code

QemuQ35Pkg/Sec: Drop S3 and Lock Box support

QemuQ35Pkg/PlatformPei: Drop S3 and Lock Box support

QemuQ35Pkg/AcpiPlatformDxe: Drop S3 and Lock Box support

QemuQ35Pkg/SmmControl2Dxe: Drop S3 and Lock Box support

QemuQ35Pkg/SmmAccess: Drop S3 and Lock Box support

QemuQ35Pkg.fdf: Remove assignment of Lock Box PCDs

QemuSbsaPkg: Use LockBoxLib null instance

QemuPkg: Remove LockBoxLib

How This Was Tested