tyler.durden/audk - audk - Gitea: Git with a cup of tea

Commit Graph

Author	SHA1	Message	Date
sfu5	0ba17ade47	Fix a bug that “SecureBoot” varaible will be updated to NV+AT attribute incorrectly. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ni Ruiyu <ruiyu.ni@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14375 6f19259b-4bc3-4df7-8a09-765794883524	2013-05-17 08:05:01 +00:00
lzeng14	5e5bb2a9ba	1. Fix TOCTOU issue in VariableSmm, FtwSmm, FpdtSmm, SmmCorePerformance SMM handler. For VariableSmm, pre-allocate a mVariableBufferPayload buffer with mVariableBufferPayloadSize(match with mVariableBufferPayloadSize in VariableSmmRuntimeDxe) to hold communicate buffer payload to avoid TOCTOU issue. 2. Add check to ensure CommBufferPayloadSize not exceed mVariableBufferPayloadSize or is enough to hold function structure in VariableSmm and FtwSmm. 3. Align FtwGetLastWrite() in FaultTolerantWriteSmmDxe.c to FtwGetLastWrite() in FaultTolerantWrite.c. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14325 6f19259b-4bc3-4df7-8a09-765794883524	2013-05-07 05:38:32 +00:00
czhang46	732d199d8f	Fix memory overflow & VariableSize check issue for SetVariable append write. Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by : Fu Siyuan <siyuan.fu@intel.com> Reviewed-by : Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14323 6f19259b-4bc3-4df7-8a09-765794883524	2013-05-02 01:42:39 +00:00
lzeng14	9d00d20ed4	1. Use the check IsAddressValid() to prevent SMM communication buffer overflow in SmmVariable, FtwSmm, FpdtSmm, SmmCorePerformance and SmmBaseHelper, and add check to prevent InfoSize overflows in SmmVariableHandler. 2. Refine the debug message. 3. Add check to make sure the input VariableName is A Null-terminated string. 4. Use local variable to hold StrSize (VariableName) to avoid duplicated StrSize calculation. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14317 6f19259b-4bc3-4df7-8a09-765794883524	2013-04-25 10:49:45 +00:00
czhang46	56251c669f	Fix potential overflow for SetVariable interface Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by : Guo Dong <dong.guo@intel.com> Reviewed-by : Siyuan Fu <siyuan.fu@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14305 6f19259b-4bc3-4df7-8a09-765794883524	2013-04-22 08:52:58 +00:00
czhang46	d17c4eac56	Fix a potential SMM memory dump issue. If pass communication buffer with DataBuffer to SMM SetVariable which is big enough to cover SMM range. Then GetVariable can dump SMM memory contents. Add more range check for SetVariable Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by : Dong Guo <guo.dong@intel.com> Reviewed-by : Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14292 6f19259b-4bc3-4df7-8a09-765794883524	2013-04-19 01:35:02 +00:00
czhang46	3a146f2a7d	Fix SMM Variable driver stack GetVariable return INVALID_PARAMETER when DataSize is bigger than SMM communication buffer. Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by : Dong Guo <guo.dong@intel.com> Reviewed-by : Fu Siyuan <siyuan.fu@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14276 6f19259b-4bc3-4df7-8a09-765794883524	2013-04-15 01:56:31 +00:00
czhang46	0c55190f40	Update SMM variable DXE driver GetNextVariable interface to comply with UEFI spec VariableNameSize is the returned buffer size. GetNextVariable should behavior correct if it is bigger than SMM communication buffer or less than string size of VariableName. Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by : Dong Guo <guo.dong@intel.com> Reviewed-by : Fu Siyuan <siyuan.fu@intel.com> Reviewed-by : Zeng Star <star.zeng@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14258 6f19259b-4bc3-4df7-8a09-765794883524	2013-04-12 05:59:11 +00:00
lzeng14	3588bb3529	If DataSize or VariableNameSize is near MAX_ADDRESS, this can cause the computed PayLoadSize to overflow to a small value and pass the check in InitCommunicateBuffer(). To protect against this vulnerability, check DataSize and VariableNameSize to make sure PayloadSize doesn't overflow. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14252 6f19259b-4bc3-4df7-8a09-765794883524	2013-04-08 06:56:08 +00:00
sfu5	ca5a7d87e3	Add error handling code to prevent variable store corruption in release build. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14139 6f19259b-4bc3-4df7-8a09-765794883524	2013-02-21 01:35:22 +00:00
sfu5	5767f22fca	Check the input VaraibleName for db/dbx when appending variables with formatted as EFI_SIGNATURE_LIST. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14087 6f19259b-4bc3-4df7-8a09-765794883524	2013-01-25 07:14:43 +00:00
sfu5	12cbe23257	Check for NULL pointer before dereference it. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14086 6f19259b-4bc3-4df7-8a09-765794883524	2013-01-25 07:12:25 +00:00
lzeng14	0cc565deac	Add NULL pointer check. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14084 6f19259b-4bc3-4df7-8a09-765794883524	2013-01-25 04:48:41 +00:00
lzeng14	23b0693579	1. Update the logic of UpdateVariable() for updating variable from: set old variable to IN_DELETED_TRANSITION -> check if reclaim is needed(If yes, do reclaim) -> add new variable -> set old variable to DELETED if no reclaim happened. to: set old variable to IN_DELETED_TRANSITION -> check if reclaim is needed(If yes, do reclaim) -> add new variable -> set old variable to DELETED. 2. Update UpdateVariable() to correctly handle the case "both ADDED and IN_DELETED_TRANSITION variable are present", and delete both old ADDED and IN_DELETED_TRANSITION variable when deleting or updating variable. 3. Update VariableServiceGetNextVariableName() to return the valid IN_DELETED_TRANSITION variable if only IN_DELETED_TRANSITION variable is present. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14065 6f19259b-4bc3-4df7-8a09-765794883524	2013-01-18 01:12:32 +00:00
lzeng14	aab9212fa9	Fix the issue that RuntimeServiceQueryVariableInfo() in VariableSmmRuntimeDxe always return EFI_SUCCESS. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14050 6f19259b-4bc3-4df7-8a09-765794883524	2013-01-15 06:43:24 +00:00
sfu5	f71ed839e1	1. Set the secure boot state to Standard Mode when user leaving secure boot setup page. 2. Add “Current SecureBoot State” field to reflect current secure boot status of the platform. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14042 6f19259b-4bc3-4df7-8a09-765794883524	2013-01-09 05:19:43 +00:00
sfu5	83758cdc84	Fix a bug that the invalid public key will never be removed from public key database. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14041 6f19259b-4bc3-4df7-8a09-765794883524	2013-01-09 05:09:39 +00:00
lzeng14	6ed1ec5946	Add the TPL raise/restore code for VariableSmmRuntimeDxe to avoid variable services reentry. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14038 6f19259b-4bc3-4df7-8a09-765794883524	2013-01-08 02:07:14 +00:00
lzeng14	335e268133	1. Don't assume that flush the HOB variable to flash must be successful. 2. When no DELETED variable found, no variable space could be reclaimed, so just give some debug info and return EFI_SUCCESS. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14029 6f19259b-4bc3-4df7-8a09-765794883524	2013-01-04 12:21:59 +00:00
lzeng14	3f5c168fa8	Use SMM_VARIABLE_COMMUNICATE_HEADER_SIZE instead of OFFSET_OF (SMM_VARIABLE_COMMUNICATE_HEADER, Data). Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Ting Ye <ting.ye@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13993 6f19259b-4bc3-4df7-8a09-765794883524	2012-12-12 14:12:49 +00:00
sfu5	c11d47b80b	Move the declaration of gEfiCertDbGuid to the package's Include folder. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13975 6f19259b-4bc3-4df7-8a09-765794883524	2012-11-28 06:59:13 +00:00
sfu5	275beb2b53	1. Correct the counter-based hash algorithm according to UEFI spec. 2. Check the reserverd bit in variable attribute. 3. Return EFI_OUT_OF_RESOURCE instead of EFI_SECURITY_VIOLATION if there is not enough speace to store the public key. 4. Fix a bug when deleting a non-existent time-based auth variable, we store the certificate into cert DB incorrectly. 5. Fix a bug that time-based auth variable can't been updated again after append operation. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13957 6f19259b-4bc3-4df7-8a09-765794883524	2012-11-21 08:06:02 +00:00
gdong1	89be2b037f	Fix time-based and count-based authenticated variable can be updated by each other without verification. Signed-off-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13848 6f19259b-4bc3-4df7-8a09-765794883524	2012-10-15 06:08:22 +00:00
sfu5	42ed76042a	1. Fix a bug when comparing two timestamp in auth-variable driver. 2. Remove the TimeCompare function in Bds since it's not used anymore. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13731 6f19259b-4bc3-4df7-8a09-765794883524	2012-09-14 02:59:35 +00:00
erictian	ad84df72c7	SecurityPkg/VariableSmm: Fix a VariableSmm bug when reading variable with size 0. Signed-off-by: Tian, Feng <feng.tian@intel.com> Reviewed-by: Zhang, Chao <chao.b.zhang@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13726 6f19259b-4bc3-4df7-8a09-765794883524	2012-09-12 08:25:25 +00:00
sfu5	f6e233534e	1. Initialize certdb variable with correct value of list size. 2. Use gloable database array instead of calling AllocateZeroPool in SetVariable. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13671 6f19259b-4bc3-4df7-8a09-765794883524	2012-08-23 06:53:51 +00:00
lzeng14	8f3a9e5862	LastVariableOffset is wrongly set to 0 when FtwVariableSpace() fails. Recalculate the HwErrVariableTotalSize, HwErrVariableTotalSize and LastVariableOffset when FtwVariableSpace() fails. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Guo Dong <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13593 6f19259b-4bc3-4df7-8a09-765794883524	2012-08-06 03:20:10 +00:00
sfu5	e77f9ef656	Use RsaGetPublicKeyFromX509() to validate the given X.509 certificate for PK/KEK/db/dbx database. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13553 6f19259b-4bc3-4df7-8a09-765794883524	2012-07-25 02:01:58 +00:00
sfu5	05a643f91d	1. Remove extra attribute for SetupMode, SignatureSupport and SecureBoot variable. 2. Allow the PK owner to update db/dbx variable directly. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13536 6f19259b-4bc3-4df7-8a09-765794883524	2012-07-17 08:38:58 +00:00
sfu5	876ac39540	Return EFI_UNSUPPORTED if READY_TO_BOOT function is invoked at SMM runtime. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13535 6f19259b-4bc3-4df7-8a09-765794883524	2012-07-17 08:21:42 +00:00
sfu5	785d84ead0	Verify the provided PKpub is signed with its private key when enrolling a new PK variable in setup mode. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13531 6f19259b-4bc3-4df7-8a09-765794883524	2012-07-13 06:12:58 +00:00
czhang46	25a4e71aa6	Add SMRAM range check to variable SMM SMI handler. git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13514 6f19259b-4bc3-4df7-8a09-765794883524	2012-07-09 08:26:35 +00:00
ydong10	96277f7402	Include read data buffer in CommBufferSize when calculate the buffer size. Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13512 6f19259b-4bc3-4df7-8a09-765794883524	2012-07-09 02:03:47 +00:00
sfu5	8f8ca22e59	1. Reset system when user changes secure boot state in secure boot configuration form. 2. Update the method to detect secure boot state in DxeImageVerificationLib and secure boot configuration driver. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13505 6f19259b-4bc3-4df7-8a09-765794883524	2012-07-05 08:08:12 +00:00
sfu5	12373f2cfe	Fix a buffer overflow bug in VariableSmm driver. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Zhang Chao <chao.b.zhang@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13486 6f19259b-4bc3-4df7-8a09-765794883524	2012-07-04 04:39:18 +00:00
jyao1	dc204d5a0f	Add comment for modules which have external input. signed-off-by: jiewen.yao@intel.com reviewed-by: guo.dong@intel.com reviewed-by: ting.ye@intel.com reviewed-by: liming.gao@intel.com reviewed-by: elvin.li@intel.com git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13446 6f19259b-4bc3-4df7-8a09-765794883524	2012-06-12 08:28:43 +00:00
lzeng14	a5f15e3025	According to UEFI spec 2.3.1a. hardware error record variable should use the EFI_HARDWARE_ERROR_VARIABLE VendorGuid and have the L"HwErrRec####" name convention, #### is a printed hex value and no 0x or h is included in the hex value. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Guo Dong <guo.dong@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13373 6f19259b-4bc3-4df7-8a09-765794883524	2012-05-30 02:53:10 +00:00
lzeng14	021a1af927	Return EFI_WRITE_PROTECTED when setting HwErrRecSupport Global Variable at runtime. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Guo Dong <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13372 6f19259b-4bc3-4df7-8a09-765794883524	2012-05-30 02:42:26 +00:00
sfu5	8c1babfd28	Update auth-variable and secure boot UI driver to support only time-based PK, KEK and Signature Database variable variable according to UEFI Spec requirement. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13310 6f19259b-4bc3-4df7-8a09-765794883524	2012-05-14 07:36:20 +00:00
sfu5	4e33001c6e	Fixes buffer read overflow bugs in authenticated variable driver. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13298 6f19259b-4bc3-4df7-8a09-765794883524	2012-05-09 10:45:09 +00:00
tye1	389c8779e8	Fix common AuthVariable protection issue. Signed-off-by: Ye Ting<ting.ye@intel.com> Reviewed by: Fu, Siyuan <siyuan.fu@intel.com> Reviewed by: Dong, Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13204 6f19259b-4bc3-4df7-8a09-765794883524	2012-04-23 06:17:17 +00:00
tye1	ed47ae0274	Update common authenticated variable (non PK/KEK/DB/DBX) support to comply with latest UEFI spec. Signed-off by: tye1 Reviewed-by: geekboy15a Reviewed-by: sfu5 Reviewed-by: gdong1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13157 6f19259b-4bc3-4df7-8a09-765794883524	2012-03-31 04:42:20 +00:00
lzeng14	9622df63df	If setting variable in Runtime and there has been a same GUID and name variable existed in system without RT attribute, return EFI_WRITE_PROTECTED. Signed-off-by: lzeng14 Reviewed-by: tye git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13156 6f19259b-4bc3-4df7-8a09-765794883524	2012-03-30 07:19:44 +00:00
sfu5	ecc722ad41	1. Remove “Force clear PK” feature in AuthVarialbe driver. 2. Update API ForceClearPK() to UserPhysicalPresent() in PlatformSecureLib. 2. Update SecureBootConfigDxe driver and AuthVariable driver to support Custom Secure Boot Mode feature. 3. Fix some bugs in AuthVariable driver. Signed-off-by: sfu5 Reviewed-by: tye Reviewed-by: gdong1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13144 6f19259b-4bc3-4df7-8a09-765794883524	2012-03-27 08:17:23 +00:00
sfu5	6bc4e19fec	1. Update AuthVarialbe driver to avoid integer overflow when using EFI_VARIABLE_AUTHENTICATION_2 descriptor. Signed-off-by: sfu5 Reviewed-by: tye Reviewed-by: gdong1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13120 6f19259b-4bc3-4df7-8a09-765794883524	2012-03-26 01:43:45 +00:00
oliviermartin	4d832aabbf	SecurityPkg/VariableAuthenticated: Check if there is a NV Variable Storage header prior to use its attributes The Variable PEI and RuntimeDxe drivers were using the attribute 'HeaderLength' of EFI_FIRMWARE_VOLUME_HEADER without checking if a Firmware Volume Header was existing at the base address. In case the Firmware Volume Header does not exist or is corrupted, the attribute 'HeaderLength' is a non valid value that can lead to a non valid physical address when accessing produces an access error. Signed-off-by: oliviermartin Reviewed-by: rsun3 Reviewed-by: niruiyu git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12845 6f19259b-4bc3-4df7-8a09-765794883524	2011-12-13 09:42:36 +00:00
gdong1	ae09f9796c	Update SignatureSupport variable to reflect firmware capability. Signed-off-by: gdong1 Reviewed-by: tye Reviewed-by: sfu5 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12843 6f19259b-4bc3-4df7-8a09-765794883524	2011-12-13 08:49:48 +00:00
sfu5	855609196d	1. Fix a bug when verify the CertType GUID in authentication variable data payload. Signed-off-by: sfu5 Reviewed-by: tye1 Reviewed-by: gdong1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12831 6f19259b-4bc3-4df7-8a09-765794883524	2011-12-09 07:22:59 +00:00
gdong1	2e24814ac9	Update a return status for UEFI spec compliance. Signed-off-by: gdong1 Reviewed-by: tye git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12813 6f19259b-4bc3-4df7-8a09-765794883524	2011-12-02 07:51:23 +00:00
sfu5	d912bad783	1. Check input PK/KEK variable data to make sure it is a valid EFI_SIGNATURE_LIST. Signed-off-by: sfu5 Reviewed-by: gdong1 Reviewed-by : czhan46 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12765 6f19259b-4bc3-4df7-8a09-765794883524	2011-11-23 05:10:40 +00:00

1 2

57 Commits