Commit Graph

177 Commits

Author SHA1 Message Date
gdong1 15d73df950 Add missing comments for function parameters.
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14694 6f19259b-4bc3-4df7-8a09-765794883524
2013-09-23 02:00:24 +00:00
jyao1 c1d932429e Add TPM2 implementation.
signed off by: jiewen.yao@intel.com
reviewed by: guo.dong@intel.com

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14687 6f19259b-4bc3-4df7-8a09-765794883524
2013-09-18 05:31:18 +00:00
Star Zeng e84f07b5fc Create PCDs in MdeModulePkg for ACPI table OEM_ID/OEM_TABLE_ID/OEM_REVISION/CREATOR_ID/CREATOR_REVISION customization.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14672 6f19259b-4bc3-4df7-8a09-765794883524
2013-09-16 02:20:52 +00:00
Fu Siyuan 3a186b06f1 Return EFI_WRITE_PROTECTED when setting KEKDefault, PKDefault, dbDefault, dbxDefault and dbtDefault variable.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14662 6f19259b-4bc3-4df7-8a09-765794883524
2013-09-12 05:31:26 +00:00
Fu Siyuan 74b5fd7a11 Update the chaining requirements with regards to the Platform Key.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14661 6f19259b-4bc3-4df7-8a09-765794883524
2013-09-12 05:26:15 +00:00
Fu Siyuan a555940b2d Add “VendorKeys” variable for indicating out of band key modification.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14660 6f19259b-4bc3-4df7-8a09-765794883524
2013-09-12 05:23:28 +00:00
Dong Guo ed094569d6 Enhance TPM driver to protect TPM physical presence flags.
Signed-off-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
Reviewed-by: Ouyang, Qian <qian.ouyang@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14619 6f19259b-4bc3-4df7-8a09-765794883524
2013-09-03 07:39:26 +00:00
Fu Siyuan db44ea6c4e 1. Change default PCD in SecurityPkg to 4 (DENY_EXECUTE) in DEC file.
2. ASSERT if PCD value is set to 5 (QUERY_USER_ON_SECURITY_VIOLATION).
3. Update override PCD setting from 5 to 4 in platform DSC file.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ni Ruiyu <ruiyu.ni@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14607 6f19259b-4bc3-4df7-8a09-765794883524
2013-08-28 09:06:40 +00:00
Fu Siyuan a365eed476 Fix a bug in secure boot configuration driver: Enroll DB/KEK will disable Attempt Secure Boot option.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14590 6f19259b-4bc3-4df7-8a09-765794883524
2013-08-22 09:46:03 +00:00
Star Zeng 6675a21f14 MdePkg/MdeModulePkg/SecurityPkg Variable: Forbid creation of non-spec variables in EFI_GLOBAL_VARIABLE namespace.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14560 6f19259b-4bc3-4df7-8a09-765794883524
2013-08-19 05:16:45 +00:00
Star Zeng 6e67fec07f MdeModulePkg/SecurityPkg Variable: If a preexisting variable is rewritten with different attributes, SetVariable() shall not modify the variable and shall return EFI_INVALID_PARAMETER.
Two exceptions to this rule:
1. No access attributes specified
2. The only attribute differing is EFI_VARIABLE_APPEND_WRITE

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14552 6f19259b-4bc3-4df7-8a09-765794883524
2013-08-16 03:19:45 +00:00
Shumin Qiu 301c867b27 Change EFI_TCG_EVENT_HOB_GUID value to avoid the duplicated GUID value with EFI_LEGACY_BIOS_GUID.
Signed-off-by: Shumin Qiu <shumin.qiu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14536 6f19259b-4bc3-4df7-8a09-765794883524
2013-08-09 05:23:22 +00:00
Gary Ching-Pang Lin fd64f84f23 Checks the length of the file name to avoid illegal access.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Ching-Pang Lin <glin@suse.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Guo Dong <guo.dong@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14531 6f19259b-4bc3-4df7-8a09-765794883524
2013-08-08 02:41:37 +00:00
Ruiyu Ni 863986b3c8 Update all the code to consume the ConvertDevicePathToText, ConvertDevicePathNodeToText, ConvertTextToDevicePath and ConvertTextToDeviceNode APIs in DevicePathLib.
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Feng Tian <feng.tian@intel.com>
Reviewed-by: Elvin Li <elvin.li@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>
Reviewed-by: Guo Dong <guo.dong@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14505 6f19259b-4bc3-4df7-8a09-765794883524
2013-07-26 03:14:08 +00:00
Star Zeng 41982ebbc5 SecurityPkg Variable: Add the check for PcdFlashNvStorageVariableSize <= PcdFlashNvStorageFtwSpareSize.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14464 6f19259b-4bc3-4df7-8a09-765794883524
2013-07-11 08:18:56 +00:00
Star Zeng 039a40aa3b SecurityPkg: Variable drivers robustly handle crashes during Reclaim().
PEI variable implementation checks only the variable header signature for validity. This does not seem robust if system crash occurred during previous Reclaim() operation. If the crash occurred while FTW was rewriting the variable FV, the signature could be valid even though the rest of the FV isn't valid.
Solution: PEI variable and early phase(before FTW protocol ready) of DXE variable can check the FTW last write status provided by FaultTolerantWritePei and determine if all or partial variable data has been backed up in spare block, and then use the backed up data.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14455 6f19259b-4bc3-4df7-8a09-765794883524
2013-07-03 09:09:42 +00:00
Laszlo Ersek 328e5d8c19 The list of locked variables is traversed at runtime, hence we must
convert the list when transferring from physical to virtual mode.

Contributed-under: TianoCore Contribution Agreement 1.0

Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14425 6f19259b-4bc3-4df7-8a09-765794883524
2013-06-17 02:30:42 +00:00
Ruiyu Ni e4b7e2c94f Revert the changes made in 14403 because it incorrectly changed the EOL.
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14424 6f19259b-4bc3-4df7-8a09-765794883524
2013-06-17 02:18:58 +00:00
Laszlo Ersek 9199cb9c02 The list of locked variables is traversed at runtime, hence we must
convert the list when transferring from physical to virtual mode.

Contributed-under: TianoCore Contribution Agreement 1.0

Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14403 6f19259b-4bc3-4df7-8a09-765794883524
2013-06-14 01:55:12 +00:00
Chao Zhang 443bd74473 Fix overflow issue in TcgProtocol
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by  : Yao Jiewen <jiewen.yao@intel.com>
Reviewed-by  : Dong Guo   <guo.dong@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14396 6f19259b-4bc3-4df7-8a09-765794883524
2013-06-06 00:39:41 +00:00
lzeng14 164a9b6752 Fix the TOCTOU issue of CommBufferSize itself for SMM communicate handler input.
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14379 6f19259b-4bc3-4df7-8a09-765794883524
2013-05-21 02:22:02 +00:00
niruiyu 6ab9f44138 Add the EDKII_VARIABLE_LOCK_PROTOCOL implementation in SecurityPkg variable drivers.
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14378 6f19259b-4bc3-4df7-8a09-765794883524
2013-05-20 07:10:10 +00:00
sfu5 0ba17ade47 Fix a bug that “SecureBoot” varaible will be updated to NV+AT attribute incorrectly.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ni Ruiyu <ruiyu.ni@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14375 6f19259b-4bc3-4df7-8a09-765794883524
2013-05-17 08:05:01 +00:00
sfu5 ee79ac8d0e Pop up error message when user tries to enroll an invalid certificate file into KEK/DB/DBX.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14373 6f19259b-4bc3-4df7-8a09-765794883524
2013-05-17 07:03:49 +00:00
lgao4 cbcccd2c9d Update Code to pass EBC compiler.
Signed-off-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14352 6f19259b-4bc3-4df7-8a09-765794883524
2013-05-13 02:36:09 +00:00
lzeng14 5e5bb2a9ba 1. Fix TOCTOU issue in VariableSmm, FtwSmm, FpdtSmm, SmmCorePerformance SMM handler. For VariableSmm, pre-allocate a mVariableBufferPayload buffer with mVariableBufferPayloadSize(match with mVariableBufferPayloadSize in VariableSmmRuntimeDxe) to hold communicate buffer payload to avoid TOCTOU issue.
2. Add check to ensure CommBufferPayloadSize not exceed mVariableBufferPayloadSize or is enough to hold function structure in VariableSmm and FtwSmm.
3. Align FtwGetLastWrite() in FaultTolerantWriteSmmDxe.c to FtwGetLastWrite() in FaultTolerantWrite.c.

Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14325 6f19259b-4bc3-4df7-8a09-765794883524
2013-05-07 05:38:32 +00:00
czhang46 732d199d8f Fix memory overflow & VariableSize check issue for SetVariable append write.
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by  : Fu Siyuan  <siyuan.fu@intel.com>
Reviewed-by  : Dong Guo   <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14323 6f19259b-4bc3-4df7-8a09-765794883524
2013-05-02 01:42:39 +00:00
lzeng14 9d00d20ed4 1. Use the check IsAddressValid() to prevent SMM communication buffer overflow in SmmVariable, FtwSmm, FpdtSmm, SmmCorePerformance and SmmBaseHelper, and add check to prevent InfoSize overflows in SmmVariableHandler.
2. Refine the debug message.
3. Add check to make sure the input VariableName is A Null-terminated string.
4. Use local variable to hold StrSize (VariableName) to avoid duplicated StrSize calculation.

Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14317 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-25 10:49:45 +00:00
sfu5 968e143192 Check for NULL pointer before free it.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14316 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-25 01:38:06 +00:00
czhang46 56251c669f Fix potential overflow for SetVariable interface
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by  : Guo Dong   <dong.guo@intel.com>
Reviewed-by  : Siyuan Fu  <siyuan.fu@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14305 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-22 08:52:58 +00:00
czhang46 d17c4eac56 Fix a potential SMM memory dump issue. If pass communication buffer with DataBuffer to SMM SetVariable which is big enough to cover SMM range. Then GetVariable can dump SMM memory contents. Add more range check for SetVariable
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by  : Dong Guo   <guo.dong@intel.com>
Reviewed-by  : Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14292 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-19 01:35:02 +00:00
gdong1 772b601158 Update code not to block application/driver load when event log is full.
Signed-off-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>



git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14283 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-18 01:47:34 +00:00
czhang46 3a146f2a7d Fix SMM Variable driver stack GetVariable return INVALID_PARAMETER when DataSize is bigger than SMM communication buffer.
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by  : Dong Guo   <guo.dong@intel.com>
Reviewed-by  : Fu Siyuan  <siyuan.fu@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14276 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-15 01:56:31 +00:00
czhang46 0c55190f40 Update SMM variable DXE driver GetNextVariable interface to comply with UEFI spec
VariableNameSize is the returned buffer size. GetNextVariable should behavior correct if it is bigger than SMM communication buffer or less than string size of VariableName. 

Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by  : Dong Guo   <guo.dong@intel.com>
Reviewed-by  : Fu Siyuan  <siyuan.fu@intel.com>
Reviewed-by  : Zeng Star  <star.zeng@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14258 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-12 05:59:11 +00:00
sfu5 a2f2c258d4 Update secure boot UI driver to handle “reset to default” hot key.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14257 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-12 01:44:54 +00:00
lzeng14 3588bb3529 If DataSize or VariableNameSize is near MAX_ADDRESS, this can cause the computed PayLoadSize to overflow to a small value and pass the check in InitCommunicateBuffer(). To protect against this vulnerability, check DataSize and VariableNameSize to make sure PayloadSize doesn't overflow.
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14252 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-08 06:56:08 +00:00
sfu5 7403ff5b9f Fix a bug that IsSignatureFoundInDatabase() incorrectly computes CertCount.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14165 6f19259b-4bc3-4df7-8a09-765794883524
2013-03-06 01:42:04 +00:00
sfu5 6de4c35f99 Update the DxeImageVerificationLib to support for Authenticode-signed UEFI images with multiple signatures.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14141 6f19259b-4bc3-4df7-8a09-765794883524
2013-02-21 05:00:21 +00:00
sfu5 ca5a7d87e3 Add error handling code to prevent variable store corruption in release build.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14139 6f19259b-4bc3-4df7-8a09-765794883524
2013-02-21 01:35:22 +00:00
sfu5 5767f22fca Check the input VaraibleName for db/dbx when appending variables with formatted as EFI_SIGNATURE_LIST.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14087 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-25 07:14:43 +00:00
sfu5 12cbe23257 Check for NULL pointer before dereference it.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14086 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-25 07:12:25 +00:00
lzeng14 932e0f6628 Variables with state VAR_ADDED&VAR_IN_DELETED_TRANSITION should be considered as valid variables if there is no duplicated ones with VAR_ADDED state.
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14085 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-25 06:17:43 +00:00
lzeng14 0cc565deac Add NULL pointer check.
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14084 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-25 04:48:41 +00:00
sfu5 b7d269eae1 Fix infinite loop bug in secure boot UI driver.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14082 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-25 02:01:47 +00:00
gdong1 03ecb5769b Fix TPM may be locked twice issue in normal boot.
Signed-off-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14079 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-24 07:14:28 +00:00
lzeng14 23b0693579 1. Update the logic of UpdateVariable() for updating variable from:
set old variable to IN_DELETED_TRANSITION -> check if reclaim is needed(If yes, do reclaim) -> add new variable -> set old variable to DELETED if no reclaim happened.
to:
set old variable to IN_DELETED_TRANSITION -> check if reclaim is needed(If yes, do reclaim) -> add new variable -> set old variable to DELETED.
2. Update UpdateVariable() to correctly handle the case "both ADDED and IN_DELETED_TRANSITION variable are present", and delete both old ADDED and IN_DELETED_TRANSITION variable when deleting or updating variable.
3. Update VariableServiceGetNextVariableName() to return the valid IN_DELETED_TRANSITION variable if only IN_DELETED_TRANSITION variable is present.

Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14065 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-18 01:12:32 +00:00
lzeng14 aab9212fa9 Fix the issue that RuntimeServiceQueryVariableInfo() in VariableSmmRuntimeDxe always return EFI_SUCCESS.
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14050 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-15 06:43:24 +00:00
sfu5 f71ed839e1 1. Set the secure boot state to Standard Mode when user leaving secure boot setup page.
2. Add “Current SecureBoot State” field to reflect current secure boot status of the platform.

Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14042 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-09 05:19:43 +00:00
sfu5 83758cdc84 Fix a bug that the invalid public key will never be removed from public key database.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14041 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-09 05:09:39 +00:00
lzeng14 6ed1ec5946 Add the TPL raise/restore code for VariableSmmRuntimeDxe to avoid variable services reentry.
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14038 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-08 02:07:14 +00:00