Fast forward UEFI with latest from closed source#45
Merged
maheeraeron merged 4 commits intomicrosoft:mainfrom Jan 29, 2026
Merged
Fast forward UEFI with latest from closed source#45maheeraeron merged 4 commits intomicrosoft:mainfrom
maheeraeron merged 4 commits intomicrosoft:mainfrom
Conversation
This PR simply adds HttpLib and TlsLib for ARM64 ---- #### AI description (iteration 2) #### PR Classification New feature addition to enable HTTP support for ARM64. #### PR Summary This pull request integrates HTTP-related libraries and configuration updates into the ARM64 package, enhancing networking capabilities. - Updated `MsvmPkg/MsvmPkgAARCH64.dsc` to add INF entries for DNS, HTTP, HTTP Utilities, TLS, and include `HttpLib`, along with enabling the HTTP connections token. - Modified `MsvmPkg/MsvmPkgAARCH64.fdf` to incorporate the corresponding INF files for DNS, HTTP, HTTP Utilities, and TLS. <!-- GitOpsUserAgent=GitOps.Apps.Server.pullrequestcopilot --> Related work items: #60149538
…eport them on failure This change prevents our DxeImageVerificationLib logic from prematurely sending Secure Boot Failure event logs to the host when checking signatures for an image. We only report this if we hit an actual failure eventually. Despite this, we will still log the immediate issues we see. ---- #### AI description (iteration 3) #### PR Classification Bug fix that delays secure boot error reporting until an actual failure occurs. #### PR Summary This PR defers the immediate reporting of secure boot status codes by caching them during image verification and only reporting the error at the designated failure point, ensuring that transient errors do not lead to premature notifications. - `MsvmPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c`: Introduces a new variable (CachedVerificationFailure) to store error codes instead of reporting them immediately. - `MsvmPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c`: Modifies multiple error handling paths to cache status codes and adds debug logs, with final conditional reporting in the failure block. <!-- GitOpsUserAgent=GitOps.Apps.Server.pullrequestcopilot --> Related work items: #60542614
…ile Variables `VariableServiceQueryVariableInfo` did not initialize `*RemainingVariableStorageSize` before decrementing it in the loop that calculates space used by existing volatile variables. This results in garbage values being returned when the API was called for volatile variables. The fix is to Initialize` *RemainingVariableStorageSize = STORE_MAIN_SIZE` before the loop, matching how the NVRAM path handles this via NvramQueryInfo(). NOTE: All existing callers of QueryVariableInfo pass EFI_VARIABLE_NON_VOLATILE in the attributes, which takes an early return to NvramQueryInfo(). The buggy volatile variable code path was never exercised in practice. ---- #### AI description (iteration 1) #### PR Classification Bug fix addressing the improper initialization of RemainingVariableStorageSize for volatile variables in Hyper-V UEFI. #### PR Summary This pull request resolves an issue where RemainingVariableStorageSize was not initialized correctly by assigning it the maximum variable storage size. - `MsvmPkg/VariableDxe/VariableDxe.c`: Added code to initialize *RemainingVariableStorageSize to STORE_MAIN_SIZE with accompanying comments, directly addressing the linked work item. <!-- GitOpsUserAgent=GitOps.Apps.Server.pullrequestcopilot --> Related work items: #59991958
…ery on ARM64 This change adds a new ACPI device (MSFT1003) that allows ARM64 guests to discover a PPI interrupt to use for a hypervisor SINT (synthetic interrupt). The intended use case of this is Linux L1VH, which needs to configure a SINT for L2 intercepts. In Windows that is a hardcoded SGI, but this approach is not upstreameable for Linux they require PPIs discoverable via ACPI. The device is gated behind a new HvSintEnabled flag in the UEFI config blob and is opt-in. Testing (on an Ubuntu VM): * Validated that the device is visible in ACPI without the PCD config changes; * Shared the MSVM.fd file with the Linux team and they confirmed they can configure the PPI; * Validated that it is **not** visible with the PCD changes by default; ---- #### AI description (iteration 1) #### PR Classification This pull request implements a new feature that exposes an opt-in ACPI device for hypervisor intercept SINTs on ARM64. #### PR Summary The changes integrate support for Linux L1VH SINT discovery by adding a new ACPI device configuration and associated control flags across the firmware and platform configuration files. - **`AcpiTables/Dsdt.asl`**: Inserts an AML block (under `_DSDT_ARM_`) that defines a SINT device with its resource template and status method. - **`MsvmPkgAARCH64.dsc`, `MsvmPkg.dec`, and `AcpiTables.inf`**: Introduces new PCD tokens (e.g., `PcdInterceptSintVector` and `PcdHvSintEnabled`) to support the SINT functionality. - **`Include/BiosInterface.h` and `AcpiPlatformDxe/Dsdt.c`**: Updates the UEFI configuration structures and data initialization routines to include the new `HvSintEnabled` flag. - **`PlatformPei/Config.c` and `PlatformPei/PlatformPei.inf`**: Adjusts the platform configuration logic to set and propagate the new SINT-related PCD flag. <!-- GitOpsUserAgent=GitOps.Apps.Server.pullrequestcopilot --> Related work items: #60730240
chris-oo
approved these changes
Jan 29, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fast forwards UEFI with the following changes: