Avoid any confusion,add the keyword "Ui",
user can understand the use of the library clearly.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19662 6f19259b-4bc3-4df7-8a09-765794883524
This patch updated final event log calculation based on
TCG EFI PROTOCOL rev9, 7.1.2 "All options implementation".
The previous logic is to save event to final event log
once GetEventLog() is called. 7.1.1 shows that we should
save event log to both normal even log area and final event
log area after GetEventLog() is called.
And there is no need to record TCG12 format log to final
event log area, and normal event log area can be BootServices
memory because OS will not access it directly.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com>
Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19661 6f19259b-4bc3-4df7-8a09-765794883524
Previously, NumberOfPCRBanks is calculated based on TPM
capability. However, there might be a case that TPM hardware
support 1 algorithm, but BIOS does not support and BIOS
mask it via PCD. This causes the conflict between
HashAlgorithmBitmap and NumberOfPCRBanks.
So we move the NumberOfPCRBanks calculation based on
HashAlgorithmBitmap to make sure the data is consistent.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com>
Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19660 6f19259b-4bc3-4df7-8a09-765794883524
This driver links to PciHostBridgeLib provided by platform/silicon to
produce PciRootBridgeIo and PciHostBridgeResourceAllocation protocol.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Feng Tian <feng.tian@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19658 6f19259b-4bc3-4df7-8a09-765794883524
PciHostBridgeDxe driver needs PciHostBridgeLib implemented by platform
to provide the root bridge related information and may call into
PciHostBridgeLib when resource conflicts happen.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Feng Tian <feng.tian@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19655 6f19259b-4bc3-4df7-8a09-765794883524
UEFI2.1B corrects the guid value of gEfiManagedNetworkProtocolGuid.
ECP package updates its value in ManagedNetwork.h, but miss the one
in EdkIIGlueLib.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Liming Gao <liming.gao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19654 6f19259b-4bc3-4df7-8a09-765794883524
The current implementation doesn't handle the relationship
between SPD and SAD well, which may introduce some security
and connection issue after SPD updated.
For SPD entry edit policy, if one SPD entry is edited/updated,
the original SAs list should be discard. Current IPSecConfig
tool does not dealt properly with those rules.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19653 6f19259b-4bc3-4df7-8a09-765794883524
The current implementation doesn't handle the relationship between
SPD and SAD well, which may introduce some security and connection
issue after SPD updated.
For SPD SetData policy:
A) When delete the existed SPD entry, its related SAs also should be
removed from its Sas list(SadEntry->BySpd). If the SA entry is
established by IKE, we can remove it from global SAD list(SadEntry->List)
and then free it directly since its SpdEntry will be freed later.
B) SPD SetData operation should do some setting date validity-check.
For example, whether the SaId specified by setting Data is valid. If
the setting date is invalid, EFI_INVALID_PARAMETER should be returned.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19652 6f19259b-4bc3-4df7-8a09-765794883524
Base on build spec update, ASCII strings(“string”), will be byte aligned,
Unicode strings(L”string”) will be two-byte aligned, Byte arrays,
{0x00, 0x01} will be 8-byte aligned.
This patch is going to update VPD Tool to allocate VOID* PCDs to an offset
value that is aligned based in syntax of the PCD value.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Yonghong Zhu <yonghong.zhu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19651 6f19259b-4bc3-4df7-8a09-765794883524
Base on build spec update, ASCII strings(“string”), will be byte aligned,
Unicode strings(L”string”) will be two-byte aligned, Byte arrays,
{0x00, 0x01} will be 8-byte aligned.
This patch is going to halt with an error message if a VOID* PCD has an
offset value that is not aligned based on the syntax of the PCD value.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Yonghong Zhu <yonghong.zhu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19650 6f19259b-4bc3-4df7-8a09-765794883524
The Regular Expression parsing of lines in MAP files does not currently
support the use of '-' in the column for the filename the symbol is
sources from, it cause a build break from the GenPatchPcdTable.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Yonghong Zhu <yonghong.zhu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19649 6f19259b-4bc3-4df7-8a09-765794883524
'dh' command shows Supported EFI Specification Version value as DriverVersion. Changing it to 'SupportedEfiSpecVersion' to provide more accurate information.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Tapan Shah <tapandshah@hpe.com>
Reviewed-by: Samer El-Haj-Mahmoud <elhaj@hpe.com>
Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19648 6f19259b-4bc3-4df7-8a09-765794883524
The MenuOption insert to gMenuOption allocate memory every time,but not free.
Now add the code to free it.And for Date/Time,it will create 3 menus,but previously
the Description point to the same address,so when free the Description,it will cause
issue,now reset the Description pointer.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19647 6f19259b-4bc3-4df7-8a09-765794883524
ExtractConfig is called many times, so it's not efficient to update Secure Boot STR_SECURE_BOOT_STATE_CONTENT, STR_CUR_SECURE_BOOT_MODE_CONTENT string in ExtractConfig.
As these 2 strings are displayed on one form, always update them when opening the form.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19645 6f19259b-4bc3-4df7-8a09-765794883524
This patch is used to remove DNS QType and QClass definition in
DnsImpl.h since it will be exposed in NetLib.h.
Cc: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19643 6f19259b-4bc3-4df7-8a09-765794883524
This patch is used to add DNS QType and QClass values definition
in NetLib.h
Cc: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19642 6f19259b-4bc3-4df7-8a09-765794883524
TCG event log and TCG2 final event log area length can be configurable to meet platform event log
requirement.
PcdTcgLogAreaMinLen : 0x10000 based on minimum requirement in TCG ACPI Spec 00.37
PcdTcg2FinalLogAreaLen : 0x8000 based on experience value
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
Reviewed-by: Qin Long <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19639 6f19259b-4bc3-4df7-8a09-765794883524
GCC for AARCH64 recognizes byte swapping load and store sequences
and may replace them with wider loads or stores combined with rev
instructions. In some cases (i.e., with GCC version 5 and later)
this may result in unaligned accesses, which are not allowed before
we turn the MMU on.
So build any modules or static libraries that may execute with the MMU
off with -mstrict-align. Other modules don't need this switch, so we
can remove it from the CLANG35/AARCH64 common CC flags.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Liming Gao <liming.gao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19638 6f19259b-4bc3-4df7-8a09-765794883524
This introduces a special .c to .obj build rule for GCC/AARCH64 that
takes into account additional compiler flags that have been specified
via *_*_*_CC_XIPFLAGS. These will be passed after (and in addition to)
the ordinary CC_FLAGS.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Liming Gao <liming.gao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19637 6f19259b-4bc3-4df7-8a09-765794883524
Some commands in Tpm2CommandLib accept AuthSession
as input parameter and copy to local command buffer.
After use, this AuthSession content should be zeroed,
because there might be some secrete there.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com>
Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19635 6f19259b-4bc3-4df7-8a09-765794883524
Tpm2Startup does not check TPM device return code.
It might cause problem, that error is not detected
in Tcg2Peim, for example, S3 resume case.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com>
Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19634 6f19259b-4bc3-4df7-8a09-765794883524
The official TCG standard uses Tcg2Protocol, instead of TrEE.
We should update TCG driver to use Tcg2Protocol, too.
TrEE should be used only for old TrEE implementation.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com>
Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19633 6f19259b-4bc3-4df7-8a09-765794883524
When the GOP doesn't support the resolution specified by
PcdVideoHorizontalResolution and PcdVideoVerticalResolution,
the code tries to set the resolution to 800x600 but uses the resolution
equals to the PCD when calculating the text print position.
The patch fixes the bug by updating the resolution to 800x600 for
this case.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19630 6f19259b-4bc3-4df7-8a09-765794883524
When overriding compiler options '/GL' with '/GL-', VS2010 will report
warning C4701 potentially uninitialized local variable for 'LcrParity'
and 'LcrStop' in function SerialPortSetAttributes().
This commit fixes this build issue.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19629 6f19259b-4bc3-4df7-8a09-765794883524
When overriding compiler options '/GL' with '/GL-', VS2010 will report
warning C4701 potentially uninitialized local variable for 'LcrParity'
and 'LcrStop' in function SerialPortSetAttributes().
This commit fixes this build issue.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19628 6f19259b-4bc3-4df7-8a09-765794883524
Move functions da_ConFlush and da_ConClose to just before da_ConPoll so that
they are defined after any calls to them.
Replace da_ConFlush with the actual final implementation instead of the
initial version which was committed.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Daryl McDaniel <edk2-lists@mc2research.org>
Reviewed-by: Michael Zimmermann <sigmaepsilon92@gmail.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19627 6f19259b-4bc3-4df7-8a09-765794883524
Change EfiBootManagerDeleteLoadOptionVariable() to not just
remove #### from BootOrder but also remove Boot#### variable.
The old behavior tries to do less for performance but it leaves
unreferenced Boot#### which cannot be reclaimed in variable
reclaim operation though the Boot#### will be eventually be overwritten
by EfiBootManagerAddLoadOptionVariable().
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19626 6f19259b-4bc3-4df7-8a09-765794883524
This patch updates the MNP driver to recycle TX buffer asynchronously, instead
of using a while loop wait after each transmit command.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19624 6f19259b-4bc3-4df7-8a09-765794883524
This patch fixes a bug in SNP.GetStatus() interface. The UNDI driver may return
multiple transmitted buffers in a single GetStatus command, while SNP.GetStatus
could only return one pointer each time, the rest of them are lost. This patch
fixes this issue by store these recycled pointer in a temporary buffer in SNP
driver.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19623 6f19259b-4bc3-4df7-8a09-765794883524
Change TisTpmCommand to Tpm2TisTpmCommand. Makes function name more clear.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Samer El-Haj-Mahmoud <samer.el-haj-mahmoud@hpe.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19622 6f19259b-4bc3-4df7-8a09-765794883524
Remove GPIO expander configuration actions that are now performed in
PEI Phase in PlatformInit module. In order to detect physical presence
only the state of the Reset Button needs to be read.
Cc: Kelly Steele <kelly.steele@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Michael Kinney <michael.d.kinney@intel.com>
Reviewed-by: Kelly Steele <kelly.steele@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19621 6f19259b-4bc3-4df7-8a09-765794883524
Configure GPIO expander in PEI phase
1) Configure all GPIO expander pins connected to Reset Button as inputs
2) Configure multiplexer for I2C to route I2C bus to Arduino Header
Cc: Kelly Steele <kelly.steele@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Michael Kinney <michael.d.kinney@intel.com>
Reviewed-by: Kelly Steele <kelly.steele@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19620 6f19259b-4bc3-4df7-8a09-765794883524
The functions used to manage the PCAL GPIO I2C expander are located
in a DXE specific source file. Move these functions to a source
file that is common to both the PEI and DXE versions of this library
so these GPIO pins can be managed from PEIMs.
Cc: Kelly Steele <kelly.steele@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Michael Kinney <michael.d.kinney@intel.com>
Reviewed-by: Kelly Steele <kelly.steele@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19619 6f19259b-4bc3-4df7-8a09-765794883524
Update memory bin sizes in Memory Type Information on first boot after
FLASH update to avoid reboot when memory bins are too small when all
features are enabled.
Cc: Kelly Steele <kelly.steele@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Michael Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Kelly Steele <kelly.steele@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19618 6f19259b-4bc3-4df7-8a09-765794883524
Debug messages are using a format strings with %s for
a Unicode string, but the strings being printed are
ASCII strings and this results in corrupted debug
messages. Change the the format string to use %a
instead of %s.
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Michael Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19617 6f19259b-4bc3-4df7-8a09-765794883524
QuarkSocPkg is only for IA32. Remove X64 from SUPPORTED_ARCCHITECTURES in
DSC file.
Cc: Kelly Steele <kelly.steele@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Michael Kinney <michael.d.kinney@intel.com>
Reviewed-by: Kelly Steele <kelly.steele@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19615 6f19259b-4bc3-4df7-8a09-765794883524
Change the image verification policy for option ROM images to 0x00
(ALWAYS_EXECUTE).
While this may not be a good idea for physical platforms (see e.g.
<https://trmm.net/Thunderstrike>), on the QEMU platform the benefits seem
to outweigh the drawbacks:
- For QEMU's virtual PCI devices, and for some assigned PCI devices, the
option ROMs come from host-side files, which can never be rewritten from
within the guest. Since the host admin has full control over a guest
anyway, executing option ROMs that originate from host-side files
presents no additional threat to the guest.
- For assigned physical PCI devices with option ROMs, the argument is not
so clear-cut. In theory a setup could exist where:
- the host-side UEFI firmware (with DENY_EXECUTE_ON_SECURITY_VIOLATION)
rejects the option ROM of a malicious physical PCI device, but
- when the device is assigned to the guest, OVMF executes the option ROM
in the guest,
- the option ROM breaks out of the guest (using an assumed QEMU
vulnerability) and gains QEMU user privileges on the host.
However, in order to escalate as far as it would happen on the bare
metal with ALWAYS_EXECUTE (i.e., in order to gain firmware-level access
on the host), the malicious option ROM would have to break through (1)
QEMU, (2) traditional UID and GID based privilege separation on the
host, (3) sVirt (SELinux) on the host, (4) the host OS - host firmware
boundary. This is not impossible, but not likely enough to discourage
the use cases below.
- This patch makes it possible to use unsigned iPXE network drivers that
QEMU presents in the option ROMs of virtual NICs and assigned SR-IOV
VFs, even if Secure Boot is in User Mode or Deployed Mode.
- The change also makes it possible to execute unsigned, outdated
(revoked), or downright malicious option ROMs of assigned physical
devices in guests, for corporate, entertainment, academia, or security
research purposes.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19614 6f19259b-4bc3-4df7-8a09-765794883524
Secure Boot support was originally addded to OvmfPkg on 2012-Mar-09, in
SVN r13093 (git 8cee3de7e9), titled
OvmfPkg: Enable secure-boot support when SECURE_BOOT_ENABLE==TRUE
At that time the image verification policies in
SecurityPkg/SecurityPkg.dec were:
- option ROM image: 0x00 (ALWAYS_EXECUTE)
- removable media image: 0x05 (QUERY_USER_ON_SECURITY_VIOLATION)
- fixed media image: 0x05 (QUERY_USER_ON_SECURITY_VIOLATION)
The author of SVN r13093 apparently didn't want to depend on the
SecurityPkg defaults for the latter two image origins, plus the
ALWAYS_EXECUTE policy for option ROM images must have been deemed too lax.
For this reason SVN r13093 immediately spelled out 0x05
(QUERY_USER_ON_SECURITY_VIOLATION) within OvmfPkg for all three image
origins.
Fast forward to 2013-Aug-28: policy 0x05
(QUERY_USER_ON_SECURITY_VIOLATION) had been forbidden in the UEFI spec,
and SVN r14607 (git db44ea6c4e) reflected this in the source code:
- The policies for the latter two image origins were switched from 0x05 to
0x04 (DENY_EXECUTE_ON_SECURITY_VIOLATION) in SecurityPkg,
- the patch changed the default policy for option ROM images too, from
0x00 (ALWAYS_EXECUTE) to 0x04 (DENY_EXECUTE_ON_SECURITY_VIOLATION),
- any other client DSC files, including OvmfPkg's, underwent a whole-sale
0x05 (QUERY_USER_ON_SECURITY_VIOLATION) -> 0x04
(DENY_EXECUTE_ON_SECURITY_VIOLATION) replacement too.
The practical result of that patch for OvmfPkg was that the explicit 0x04
settings would equal the strict SecurityPkg defaults exactly.
And that's what we have today: the "override the default values from
SecurityPkg" comments in OvmfPkg's DSC files are stale, in practice.
It is extremely unlikely that SecurityPkg would change the defaults from
0x04 (DENY_EXECUTE_ON_SECURITY_VIOLATION) any time in the future, so let's
just inherit those in OvmfPkg.
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19613 6f19259b-4bc3-4df7-8a09-765794883524
Dandan Bi
Yao, Jiewen
Ruiyu Ni
Liming Gao
Jiaxin Wu
Yonghong Zhu
Tapan Shah
Chao Zhang
Paulo Alcantara
Ard Biesheuvel
Michael Thomas
Feng Tian
Hao Wu
Daryl McDaniel
Eric Dong
Fu Siyuan
Samer El-Haj-Mahmoud
Michael Kinney
Laszlo Ersek