Commit Graph

117 Commits

Author SHA1 Message Date
gdong1 568e7b2777 Fix always reboot issue for an invalid physical presence operation request.
Signed-off by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Ouyang, Qian <qian.ouyang@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13297 6f19259b-4bc3-4df7-8a09-765794883524
2012-05-09 08:24:29 +00:00
tye1 badd40f9d4 Removes redundant code and adds data size check for certificate data in DxeImageVerificationLib.
Signed-off by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Dong Eric <yong.dong@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13291 6f19259b-4bc3-4df7-8a09-765794883524
2012-05-08 02:53:49 +00:00
tye1 551d808116 Enhances PE image hash algorithm in DxeImageVerificationLib and DxeTpmMeasureBootLib.
Signed-off-by: Ye Ting<ting.ye@intel.com>
Reviewed by: Dong, Eric <yong.dong@intel.com>
Reviewed by: Dong, Guo <guo.dong@intel.com>



git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13228 6f19259b-4bc3-4df7-8a09-765794883524
2012-04-28 07:48:15 +00:00
ydong10 e0192326ae Patch include:
1.Change function name to avoid name conflict.
2.Refine check for Pe Image.

Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13220 6f19259b-4bc3-4df7-8a09-765794883524
2012-04-26 01:50:34 +00:00
ydong10 28186d4566 Validate some fields in PE image to make sure not access violation for later code.
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13211 6f19259b-4bc3-4df7-8a09-765794883524
2012-04-24 03:00:32 +00:00
sfu5 a7450323c2 Update comments for NULL PlatformSecureLib instance.
Signed-off-by: Fu, Siyuan <siyuan.fu@intel.com>
Reviewed-by: Dong, Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13202 6f19259b-4bc3-4df7-8a09-765794883524
2012-04-18 02:02:38 +00:00
sfu5 3c48e853eb Update the default return value of UserPhysicalPresent to TRUE.
Signed-off-by: Fu, Siyuan <siyuan.fu@intel.com>
Reviewed-by: Dong, Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13191 6f19259b-4bc3-4df7-8a09-765794883524
2012-04-12 07:19:46 +00:00
sfu5 ecc722ad41 1. Remove “Force clear PK” feature in AuthVarialbe driver.
2. Update API ForceClearPK() to UserPhysicalPresent() in PlatformSecureLib.
2. Update SecureBootConfigDxe driver and AuthVariable driver to support Custom Secure Boot Mode feature.
3. Fix some bugs in AuthVariable driver.

Signed-off-by: sfu5
Reviewed-by: tye
Reviewed-by: gdong1

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13144 6f19259b-4bc3-4df7-8a09-765794883524
2012-03-27 08:17:23 +00:00
sfu5 bd0de3963b 1. Add more error handling code to DxeImageVerificationLib and BaseCryptLib.
Signed-off-by: sfu5
Reviewed-by: qianouyang
Reviewed-by: gdong1

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13109 6f19259b-4bc3-4df7-8a09-765794883524
2012-03-19 05:10:46 +00:00
gdong1 65cc57fc41 Remove ASSERT to let DXE core return gracefully when loading an invalid image.
Signed-off-by: gdong1
Reviewed-by: jyao1
Reviewed-by: CZhang46

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13035 6f19259b-4bc3-4df7-8a09-765794883524
2012-02-27 02:33:20 +00:00
xdu2 45bf2c4789 SecurityPkg: Update DxeImageVerificationLib with following changes:
1. Update to check image digest against dbx before execute it.
2. Update to support revoke certificate.
3. Update to support enroll unsigned PE image's Hash to allowed database (db). (Note: Unsigned Image's Hash is calculated in the same way with authenticode, the algorithm is assumed to be SHA256.)

Signed-off-by: xdu2
Reviewed-by: tye
Reviewed-by: gdong1

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12598 6f19259b-4bc3-4df7-8a09-765794883524
2011-10-28 09:54:08 +00:00
qianouyang beda2356f5 Enable/Disable Secured Boot by 'Secure Boot Configuration' Page which is under Setup browser.
Signed-off-by: qianouyang
Reviewed-by: gdong1

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12586 6f19259b-4bc3-4df7-8a09-765794883524
2011-10-28 03:46:20 +00:00
gdong1 6f0b864812 Update UID drivers to align with latest UEFI spec 2.3.1.
Directly use ImageHandle instead of &ImageHandle for wrong usage in TCG physical presence library.

Signed-off-by: gdong1
Reviewed-by: xdu2
Reviewed-by: lgao4


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12530 6f19259b-4bc3-4df7-8a09-765794883524
2011-10-12 03:38:19 +00:00
gdong1 607599bf3d Implement Tcg physical presence as a library instead of DXE driver in order that TPM can be locked as early as possible.
Signed-off-by: gdong1
Reviewed-by: hhtian
Reviewed-by: niruiyu
Reviewed-by: xdu2


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12447 6f19259b-4bc3-4df7-8a09-765794883524
2011-09-27 08:44:33 +00:00
hhuan13 570b3d1a72 1. Enhance DxeImageVerificationLib to avoid some corrupted input.
Signed-off-by: hhuan13
Reviewed-by: qlong


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12399 6f19259b-4bc3-4df7-8a09-765794883524
2011-09-21 05:23:55 +00:00
ydong10 0f7f6d23ea Change related:
1. Refine comments to remove the unrecognized code.
2. Add code to avoid potential data type change.
3. In inf file, add module type to the library class list.

Signed-off-by: ydong10

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12284 6f19259b-4bc3-4df7-8a09-765794883524
2011-09-06 08:45:42 +00:00
gdong1 0c18794ea4 Add security package to repository.
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12261 6f19259b-4bc3-4df7-8a09-765794883524
2011-09-02 07:49:32 +00:00