Commit Graph

22563 Commits

Author SHA1 Message Date
Jiaxin Wu ad1484c3c4 MdeModulePkg/Ip4Dxe: Trigger Ip4Config2 to retrieve the default address.
According the UEFI spec 2.7 A:
In section 28.3.2 for the IpConfigData.UseDefaultAddress, "While set to
TRUE, Configure() will trigger the EFI_IP4_CONFIG2_PROTOCOL to retrieve
the default IPv4 address if it is not available yet."
In section 28.5 for the Ip4Config2PolicyDhcp, "...All of these configurations
are retrieved from DHCP server or other auto-configuration mechanism."

This patch is to align with the above description. When the default IPv4
address is not available and IpConfigData.UseDefaultAddress is set to TRUE,
Ip4Config2 protocol will be called to retrieve the default address by setting
the policy to Ip4Config2PolicyDhcp.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2017-10-26 16:22:14 +08:00
Jiaxin Wu 4c19e1d2e1 NetworkPkg/TlsAuthConfigDxe: Remove the extra FreePool
Cc: Long Qin <qin.long@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2017-10-26 16:21:57 +08:00
Jiaxin Wu 6b08dd6eb8 NetworkPkg/IScsiDxe: Add IPv6 support condition check.
Base on the request of https://bugzilla.tianocore.org/show_bug.cgi?id=710,
we provide this patch to IPv6 condition check by leveraging AIP Protocol.

Cc: Karunakar P <karunakarp@amiindia.co.in>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Karunakar P <karunakarp@amiindia.co.in>
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Karunakar p <karunakarp@amiindia.co.in>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
2017-10-26 16:21:16 +08:00
Jiaxin Wu ed247d86c2 NetworkPkg/HttpBootDxe: Add IPv6 support condition check.
v2:
* Fix the potential ASSERT issue.

Base on the request of https://bugzilla.tianocore.org/show_bug.cgi?id=710,
we provide this patch to IPv6 condition check by leveraging AIP Protocol.

Cc: Karunakar P <karunakarp@amiindia.co.in>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Karunakar P <karunakarp@amiindia.co.in>
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Karunakar p <karunakarp@amiindia.co.in>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
2017-10-26 16:21:03 +08:00
Jiaxin Wu e350dc8057 NetworkPkg/IScsiDxe: Display InitiatorInfo in attempt page even DHCP enabled.
Cc: Karunakar P <karunakarp@amiindia.co.in>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Karunakar p <karunakarp@amiindia.co.in>
2017-10-26 16:20:11 +08:00
Jiaxin Wu b90741053d NetworkPkg/IScsiDxe: Clean the previous ConfigData when switching the IP mode.
Cc: Karunakar P <karunakarp@amiindia.co.in>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Karunakar p <karunakarp@amiindia.co.in>
2017-10-26 16:19:58 +08:00
Jiaxin Wu 067ca83822 NetworkPkg/IScsiDxe: Fix the incorrect/needless DHCP process.
The existing attempt should not trigger the DHCP process if it
doesn't associates with the current NIC. That's incorrect when
displaying the initiator info in attempt page.

Cc: Karunakar P <karunakarp@amiindia.co.in>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Karunakar p <karunakarp@amiindia.co.in>
2017-10-26 16:19:45 +08:00
Ruiyu Ni 452676ffd8 Shellpkg/editor: Fix a bug that may modifies Line[-1]
The original code as below intend to set the character
before last column to CHAR_NULL.
  Line[(LastCol % (ARRAY_SIZE (Line) - 1)) - 1] = CHAR_NULL;

But when LastCol % (ARRAY_SIZE (Line) - 1)) equals to 0,
Line[-1] is modified.

We should change to code as below:
  Line[(LastCol - 1) % (ARRAY_SIZE (Line) - 1)] = CHAR_NULL;

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>
Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
2017-10-26 13:04:15 +08:00
Laszlo Ersek 704b71d7e1 MdeModulePkg/Variable/RuntimeDxe: delete & lock MOR in the absence of SMM
VariableRuntimeDxe deletes and locks the MorLock variable in
MorLockInit(), with the argument that any protection provided by MorLock
can be circumvented if MorLock can be overwritten by unprivileged code
(i.e., outside of SMM).

Extend the argument and the logic to the MOR variable, which is supposed
to be protected by MorLock. Pass Attributes=0 when deleting MorLock and
MOR both.

This change was suggested by Star; it is inspired by earlier VariableSmm
commit fda8f631ed ("MdeModulePkg/Variable/RuntimeDxe: delete and lock
OS-created MOR variable", 2017-10-03).

Cc: Eric Dong <eric.dong@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Suggested-by: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
2017-10-25 14:06:15 +02:00
Ruiyu Ni 6161123be2 ShellPkg/HandleParsingLib: Remove unnecessary CatSPrint call
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>
2017-10-25 10:19:31 +08:00
Eric Dong 0594ec417c UefiCpuPkg/MpInitLib: Enhance waiting for AP initialization logic.
Current logic always waiting for a specific value to collect all APs
count. This logic may caused some platforms cost too much time to
wait for time out.
This patch add new logic to collect APs count. It adds new variable
NumApsExecuting to detect whether all APs have finished initialization.
Each AP let NumApsExecuting++ when begin to initialize itself and let
NumApsExecuting-- when it finish the initialization. BSP base on whether
NumApsExecuting == 0  to finished the collect AP process.

Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Jeff Fan <vanjeff_919@hotmail.com>
2017-10-24 16:05:37 +08:00
Eric Dong 37676b9f82 UefiCpuPkg/MpInitLib: Change AP Index variable name.
Original AP index variable name not well express the meaning
of the variable. Also this name is better used in later patch.
So change the variable name for better understanding.

Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Jeff Fan <vanjeff_919@hotmail.com>
2017-10-24 16:05:36 +08:00
Peter Jones b5a985ca92 CryptoPkg/BaseCryptLib: remove some duplicate initializations.
clang-analyzer noticed this:

Pk/CryptPkcs7Verify.c:600:5: warning: Value stored to 'OldSize' is never read
    OldSize    = BufferSize;
    ^            ~~~~~~~~~~
Pk/CryptPkcs7Verify.c:644:5: warning: Value stored to 'OldSize' is never read
    OldSize    = BufferSize;
    ^            ~~~~~~~~~~
2 warnings generated.

These are each immediately followed by a loop that initializes them (to
the same values) a second time, and are otherwise only referenced inside
that loop, so there's just no point to these assignments at all.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Long Qin <qin.long@intel.com>
2017-10-24 15:20:22 +08:00
Meenakshi Aggarwal 34cd44d4de TFTP : tftp fix for full volume case
Issue :
When storage media is full, tftp was resulting in ASSERT
MdeModulePkg/Core/Dxe/Mem/Page.c, because number of pages
was zero.

Reason:
While doing tftp, function call ShellWriteFile was modifying
FileSize variable. In case of full disk it was coming out to be
Zero.

Fix:
Storage the original filesize in local variable, and use this
variable while freeing the pages.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Udit Kumar <udit.kumar@nxp.com>
Signed-off-by: Meenakshi Aggarwal <meenakshi.aggarwal@nxp.com>
Signed-off-by: Vabhav Sharma <vabhav.sharma@nxp.com>
Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
2017-10-24 13:48:48 +08:00
Jiewen Yao c13cb4aebf IntelSiliconPkg/VtdInfoSample: Fix IGD RMRR memory.
Fix a calculation problem in IGD RMRR memory.

Cc: Zeng Star <zeng.star@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Zeng Star <zeng.star@intel.com>
2017-10-24 10:45:54 +08:00
Dandan Bi f6194f5a64 UefiCpuPkg/MtrrLib: Make comments align with function
Cc: Eric Dong <eric.dong@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
2017-10-24 09:14:17 +08:00
Dandan Bi 382aeac2c8 MdeModulePkg/DxeIplPeim: Refine coding style in function comments
Make the comments align with the function.
And add some missing function comments.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
2017-10-24 09:14:17 +08:00
Dandan Bi 71d047b483 IntelFrameworkModule/LegacyBios: Avoid explicit comparison for BOOLEAN
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
2017-10-24 09:14:17 +08:00
Dandan Bi 2f909679b0 IntelFrameworkModulePkg/Csm: Refine coding style in comments
Make the comments follow Edk2 coding style:
1. Make the comments starts with /** and end with **/.
2. Make the comments descrition end with '.'

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
2017-10-24 09:14:16 +08:00
Ard Biesheuvel d8e36289ce EmbeddedPkg: add driver to set graphical/serial console preference
Linux on ARM/arm64 will infer from the presence of a /chosen/stdout-path
DT property or of a SPCR ACPI table that the primary console is the serial
port, even if a graphical console is available as well.

So let's introduce a driver that allows the user to set a preference
between graphical and serial if both are available. If the preference
is set to 'Graphical', and any GOP protocol instances have been installed
by the time the ReadyToBoot event is signalled, remove the DT property
and/or the SPCR table entirely.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
2017-10-23 12:14:00 +01:00
Ruiyu Ni 6e32874427 MdeModulePkg/PciBus: Fix bug that PCI BUS claims too much resource
The bug was caused by 728d74973c
"MdeModulePkg/PciBus: Count multiple hotplug resource paddings".

The patch firstly updated the Bridge->Alignment to the maximum
alignment of all devices under the bridge, then aligned the
Bridge->Length to Bridge->Alignment.
It caused too much resources were claimed.

The new patch firstly aligns Bridge->Length to Bridge->Alignment,
then updates the Bridge->Alignment to the maximum alignment of all
devices under the bridge.
Because the step to update the Bridge->Alignment is to make sure
the resource allocated to the bus under the Bridge meets all
devices alignment. But the Bridge->Length doesn't have to align
to the maximum alignment.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
2017-10-23 15:50:55 +08:00
Ruiyu Ni e00e0dd722 UefiCpuPkg/MtrrLib: Use SetMem instead of SetMem64 to fix hang
ClearMasks and OrMasks are not 8-byte aligned.
But SetMem64 requires the input address is 8-byte aligned.
If the input is not 8-byte aligned, assertion is hit.
Use SetMem instead.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
2017-10-23 15:49:04 +08:00
Ruiyu Ni 1a421c2c17 ShellPkg/editor: Fix system hang when console max column > 200
EditorClearLine() assumes the console max column is less than 200.
When the max column is bigger than 200, the code incorrectly
modifies the content out side of Line buffer.
It may cause system hang or reset.

The patch changes the function to print several times when
the max column is bigger than 200.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>
2017-10-23 15:04:18 +08:00
Fu Siyuan b9e5df4336 NetworkPkg: Remove ping6 and ifconfig shell application.
Edk2 has duplicated ping6/ifconfig6 implementation in NetworkPkg and ShellPkg.
The usage and parameter format of these 2 versions are exactly same. These two
commands have been added to Shell specification so the copy under
  ShellPkg\Library\UefiShellNetwork2CommandsLib\
will be actively maintained in future.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
2017-10-23 09:01:57 +08:00
Huajing Li 5ce99ab99e ShellPkg/alias: Fix flag parsing logic
Existing logic to parse the flags isn't complete and cannot detect
some invalid combinations of flags.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>
2017-10-20 12:54:36 +08:00
Ruiyu Ni f545256641 MdeModulePkg/PciHostBridge: Set SpecificFlag to 0 for Mem32/Mem64
Existing code forgot to set Descriptor->SpecificFlag to 0 when
the resource type is non-prefetchable MMIO.
The patch adds the missing assignment.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
2017-10-20 12:52:08 +08:00
Ruiyu Ni 86cabbcfa0 UefiCpuPkg/MtrrLib: Fix bug that may incorrectly set <1MB attribute
MtrrLibSetBelow1MBMemoryAttribute() may be called multiple times.
It's possible that in a 2nd call, Modified[0] is set to TRUE in
1st call but ClearMasks[0] and OrMasks[0] is uninitialized in
2nd call. It causes FixedSettings->Mtrr[0] be set to random
data.

The patch fixes this issue by introducing a local Modified[]
array and only updates FixedSettings->Mtrr[] when LocalModified[i]
is TRUE.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
2017-10-20 12:52:08 +08:00
Eric Dong 1e3f7a3782 UefiCpuPkg/MpInitLib: Avoid call PcdGet* in Ap & Bsp.
MicrocodeDetect function will run by every threads, and it will
use PcdGet to get PcdCpuMicrocodePatchAddress and
PcdCpuMicrocodePatchRegionSize, if change both PCD default to dynamic,
system will in non-deterministic behavior.

By design, UEFI/PI services are single threaded and not re-entrant
so Multi processor code should not use UEFI/PI services. Here, Pcd
protocol/PPI is used to access dynamic PCDs so it would result in
non-deterministic behavior.

This code get PCD value in BSP and save them in CPU_MP_DATA for Ap.

https://bugzilla.tianocore.org/show_bug.cgi?id=726

Cc: Crystal Lee <CrystalLee@ami.com.tw>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
2017-10-20 10:30:46 +08:00
chenc2 3539e850eb SecurityPkg/SecureBootConfigDxe: Handle lack of STR_SIGNATURE_* tokens
Add check to avoid NULL ptr dereference. The function HiiGetString
will return NULL pointer when the platform does not install the
appropriate string or call HiiGetString fail.(For example, HII not
support specified language.)

Cc: Zhang Chao <chao.b.zhang@intel.com>
Cc: Wu Hao <hao.a.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: chenc2 <chen.a.chen@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Wu Hao <hao.a.wu@intel.com>
2017-10-19 22:22:30 +08:00
Laszlo Ersek 1958124a6c OvmfPkg: fix dynamic default for oprom verification policy PCD without SB
I missed the following, both while reviewing and while testing commit
6041ac65ae ("OvmfPkg/PlatformPei: DENY_EXECUTE_ON_SECURITY_VIOLATION
when SEV is active", 2017-10-05):

If "-D SECURE_BOOT_ENABLE" is not passed on the "build" command line, then
OVMF has no dynamic default at all for
"PcdOptionRomImageVerificationPolicy". This means that the PcdSet32S()
call added in the subject commit doesn't even compile:

> OvmfPkg/PlatformPei/AmdSev.c: In function 'AmdSevInitialize':
> OvmfPkg/PlatformPei/AmdSev.c:67:3: error: implicit declaration of
> function '_PCD_SET_MODE_32_S_PcdOptionRomImageVerificationPolicy'
> [-Werror=implicit-function-declaration]
>    PcdStatus = PcdSet32S (PcdOptionRomImageVerificationPolicy, 0x4);
>    ^
> cc1: all warnings being treated as errors

Make the current, SB-only, 0x00 dynamic default unconditional.

This is the simplest approach, and it reflects the intent of original
commit 1fea9ddb4e ("OvmfPkg: execute option ROM images regardless of
Secure Boot", 2016-01-07). Without SECURE_BOOT_ENABLE,
"SecurityPkg/Library/DxeImageVerificationLib" is not used anyway, so the
PCD is never read.

This issue was first caught and reported by Gerd Hoffmann
<kraxel@redhat.com>'s Jenkins CI. Later it was also reported in
<https://bugzilla.tianocore.org/show_bug.cgi?id=737>.

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Fixes: 6041ac65ae
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
[lersek@redhat.com: trim commit message as suggested by Jordan]
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
[lersek@redhat.com: add reference to TianoCore BZ#737]
2017-10-19 10:41:09 +02:00
Long Qin 6ded19558a SecurityPkg/Pkcs7Verify: Add the comments to address security problem
Add the comments to address security problems in the Pkcs7Verify Protocol
per UEFI 2.7 updates.

The Pkcs7Verifier function VerifySignature() has problematic use cases
where it might be used to unwittingly bypass security checks.  The specific
problem is that if the supplied hash is a different algorithm from the
blacklist hash, the hash will be approved even if it should have been
denied. The added comments place a strong warning about the problem.
It is possible to use the protocol reliably, either by agreeing a hash to
use for all time (like sha256) or by looping over all supported hashes when
using the protocol.

Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: James Bottomley <James.Bottomley@HansenPartnership.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.long@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
2017-10-18 23:03:38 +08:00
Laszlo Ersek 4bbf39632c BaseTools/BuildEnv: override "set -C" (noclobber) in sourcing shell env
The BuildEnv utility is sourced (executed by the user's interactive shell)
when the user sets up the build session. Some users like to set -C
(noclobber) for some additional safety in their shells, which trips up
BuildEnv. Update the redirection operator so that it overrides noclobber.

Cc: Liming Gao <liming.gao@intel.com>
Cc: Thomas Huth <thuth@redhat.com>
Cc: Yonghong Zhu <yonghong.zhu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
2017-10-18 11:34:03 +02:00
Laszlo Ersek 11b74aa472 SecurityPkg/AuthVariableLib: fix GCC build error
Commit 53c6ff1803 ("SecurityPkg:AuthVariableLib:Implement ECR1707 for
Private Auth Variable", 2017-09-12) introduced the following build
failure under several GCC toolchain versions:

> SecurityPkg/Library/AuthVariableLib/AuthService.c: In function
> 'CalculatePrivAuthVarSignChainSHA256Digest':
> SecurityPkg/Library/AuthVariableLib/AuthService.c:1567:58: error:
> pointer targets in passing argument 3 of 'X509GetCommonName' differ in
> signedness [-Werror=pointer-sign]
>    Status = X509GetCommonName(SignerCert, SignerCertSize, CertCommonName, &CertCommonNameSize);
>                                                           ^~~~~~~~~~~~~~
> In file included from
> SecurityPkg/Library/AuthVariableLib/AuthServiceInternal.h:34:0,
>                  from
>                  SecurityPkg/Library/AuthVariableLib/AuthService.c:32:
> CryptoPkg/Include/Library/BaseCryptLib.h:2202:1: note: expected 'CHAR8 *
> {aka char *}' but argument is of type 'UINT8 * {aka unsigned char *}'
>  X509GetCommonName (
>  ^~~~~~~~~~~~~~~~~
> cc1: all warnings being treated as errors

Fix it by changing the type of "CertCommonName" to array-of-CHAR8.

Locations where "CertCommonName" is used in the
CalculatePrivAuthVarSignChainSHA256Digest() function:

- it is taken the size of -- not impacted by this patch;

- passed to X509GetCommonName() as an argument -- the patch fixes the
  build error;

- passed to Sha256Update() as argument for "IN CONST VOID  *Data" -- not
  impacted by the patch;

- passed to AsciiStrLen() as argument -- drop the now-superfluous explicit
  cast.

Since we are touching the Sha256Update() function call, fix the coding
style too:

- the line is overlong, so break each argument to its own line;

- insert a space between "AsciiStrLen" and the opening paren "(".

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Gary Lin <glin@suse.com>
Cc: Leif Lindholm <leif.lindholm@linaro.org>
Cc: Long Qin <qin.long@intel.com>
Reported-by: Gary Lin <glin@suse.com>
Suggested-by: Gary Lin <glin@suse.com>
Suggested-by: Long Qin <qin.long@intel.com>
Fixes: 53c6ff1803
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
2017-10-17 21:46:21 +02:00
Brijesh Singh 6041ac65ae OvmfPkg/PlatformPei: DENY_EXECUTE_ON_SECURITY_VIOLATION when SEV is active
The following commit:

1fea9ddb4e OvmfPkg: execute option ROM images regardless of Secure Boot

sets the OptionRomImageVerificationPolicy to ALWAYS_EXECUTE the expansion
ROMs attached to the emulated PCI devices. A expansion ROM constitute
another channel through which a cloud provider (i.e hypervisor) can
inject a code in guest boot flow to compromise it.

When SEV is enabled, the bios code has been verified by the guest owner
via the SEV guest launch sequence before its executed. When secure boot,
is enabled, lets make sure that we do not allow guest bios to execute a
code which is not signed by the guest owner.

Fixes: https://bugzilla.tianocore.org/show_bug.cgi?id=728
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2017-10-17 21:28:27 +02:00
Brijesh Singh 071f1d19dd SecurityPkg: make PcdOptionRomImageVerificationPolicy dynamic
By default the image verification policy for option ROM images is 0x4
(DENY_EXECUTE_ON_SECURITY_VIOLATION) but the following OvmfPkg commit:

1fea9ddb4e OvmfPkg: execute option ROM images regardless of Secure Boot

set it to 0x0 (ALWAYS_EXECUTE). This is fine because typically option
ROMs comes from host-side and most of the time cloud provider (i.e
hypervisor) have full access over a guest anyway. But when secure boot
is enabled, we would like to deny the execution of option ROM when
SEV is active. Having dynamic Pcd will give us flexibility to set the
security policy at the runtime.

Fixes: https://bugzilla.tianocore.org/show_bug.cgi?id=728
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
2017-10-17 21:28:26 +02:00
chenc2 65c77f0210 SecurityPkg/SecureBootConfigDxe: Change the declaring of buffer.
The change doesn't impact the functionality.
To avoid magic code is helpful for maintaining the codes.
Use stack variable for known max length variable is more
clear and safe than heap buffer.

Cc: Zhang Chao B <chao.b.zhang@intel.com>
Cc: Wu Hao A <hao.a.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: chenc2 <chen.a.chen@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
2017-10-17 22:03:42 +08:00
chenc2 0085d619dd SecurityPkg/SecureBootConfigDxe: Fix coding style issue
The change doesn't impact the functionality.

Cc: Bi Dandan <dandan.bi@intel.com>
Cc: Zhang Chao <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: chenc2 <chen.a.chen@intel.com>
Reviewed-by: Bi Dandan <dandan.bi@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
2017-10-17 16:47:45 +08:00
Dandan Bi 5f2b325e4d Security/OpalHii.c: Handle NULL Request or Request with no elements
According to UEFI spec, for the ExtractConfig function in
EFI_HII_CONFIG_ACCESS_PROTOCOL,If a NULL is passed in for the Request
field or if a ConfigHdr is passed in with no request elements, all of
the settings being abstracted by this function will be returned in the
Results field.

The implementation of ExtractConfig function in OpalHii.c misses to
handle above cases.This patch is to do the enhancements.

Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
2017-10-17 13:23:06 +08:00
Ruiyu Ni 1c29d03869 UefiCpuPkg/MtrrLib: Fix MtrrDebugPrintAllMtrrsWorker to avoid hang
ARRAY_SIZE(Mtrrs->Variables.Mtrr) was used in
MtrrDebugPrintAllMtrrsWorker() to parse the MTRR registers.
Instead, the actual variable MTRR count should be used.
Otherwise, the uninitialized random data in MtrrSetting may cause
MtrrLibSetMemoryType() hang.

Steven Shi found this bug in QEMU when using Q35 chip.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Steven Shi <steven.shi@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
2017-10-17 10:05:36 +08:00
Ruiyu Ni e2ac374f85 ShellPkg/UefiShellLib: Use a more bright blue/green color
Some developers/QAs complain the color of directory or executable
files is hard to see and suggest to use a more bright color.
I agree with this suggestion so make this patch.
The look and feel is much better now.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>
2017-10-17 09:59:50 +08:00
Yonghong Zhu 9705814429 BaseTools: Fix a bug Build directory should relative to WORKSPACE
The bug is for build output files it still use mws.join function, it
cause maybe we will get the build output files in the PACKAGES_PATH
because mws.join will try WORKSPACE first, if the file doesn't exist
then try PACKAGES_PATH. But for build output, we expected it should
relative to WORKSPACE.

Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Yonghong Zhu <yonghong.zhu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
2017-10-16 16:41:40 +08:00
Ruiyu Ni 9c8c4478cf UefiCpuPkg/MtrrLib: Skip Base MSR access when the pair is invalid
The patch optimized the MTRR access code to skip the Base MSR
access when the Mask MSR indicates the pair is invalid.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
2017-10-16 13:09:46 +08:00
Ruiyu Ni 2bbd7e2fbd UefiCpuPkg/MtrrLib: Update algorithm to calculate optimal settings
The new algorithm converts the problem calculating optimal
MTRR settings (using least MTRR registers) to the problem finding
the shortest path in a graph.
The memory required in extreme but rare case can be up to 256KB,
so using local stack buffer is impossible considering current
DxeIpl only allocates 128KB stack.

The patch changes existing MtrrSetMemoryAttributeInMtrrSettings() and
MtrrSetMemoryAttribute() to use the 4-page stack buffer for
calculation. The two APIs return BUFFER_TOO_SMALL when the buffer
is too small for calculation.

The patch adds a new API MtrrSetMemoryAttribute*s*InMtrrSettings() to
set multiple-range attributes in one function call.
Since every call to MtrrSetMemoryAttributeInMtrrSettings (without-s)
or MtrrSetMemoryAttribute() requires to calculate the MTRRs for the
whole physical memory, combining multiple calls in one API can
significantly reduce the calculation time.
In theory, if N times of call to without-s API costs N seconds,
the new API only costs 1 second.
The new API uses the buffer supplied from caller to calculate
MTRRs and returns BUFFER_TOO_SMALL when the buffer is too small for
calculation.

Test performed:
1. Random test
 a. Generate random memory settings, use the new algorithm to
    calculate the MTRRs.
 b. Read back the MTRRs and check the memory settings match
    the desired memory settings.
 c. Repeat the above #1 and #2 100000 times.
2. OVMF 32PEI + 64DXE boot to shell.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
2017-10-16 13:09:46 +08:00
Ruiyu Ni 1416ecb4a9 UefiCpuPkg/MtrrLib: Optimize MtrrLibLeastAlignment()
The patch changes MtrrLibLeastAlignment() to
MtrrLibBiggestAlignment() and optimizes the implementation
to be more efficient.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
2017-10-16 13:09:45 +08:00
Ruiyu Ni 5fbb5adea8 UefiCpuPkg/MtrrLib: refine MtrrLibProgramFixedMtrr()
The patch replaces some if-checks with assertions because
they are impossible to happen.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
2017-10-16 13:09:45 +08:00
Liming Gao 222c49300d SourceLevelDebugPkg: Update SmmDebugAgentLib to restore APIC timer
In enter SMI, APIC timer may be initialized. After exit SMI, APIC timer
will be restore.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Liming Gao <liming.gao@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
2017-10-16 11:23:16 +08:00
Liming Gao 3372ab3cf2 MdeModulePkg: Update RuntimeDxe Crc32 to check the input parameter
This is the regression issue. After apply CalculateCrc32(), the parameter
check is missing.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Wu Hao A <hao.a.wu@intel.com>
2017-10-16 11:23:07 +08:00
Jian J Wang 79da2d2849 UefiCpuPkg/PiSmmCpuDxeSmm: Fix bitwise size issue
Cc: Eric Dong <eric.dong@intel.com>
Cc: Hao Wu <hao.a.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Hao Wu <hao.a.wu@intel.com>
2017-10-16 09:03:41 +08:00
Zhang, Chao B d7c054f985 SecurityPkg\Tcg2Pei: FV measure performance enhancement
1. Leverage Pre-Hashed FV PPI to reduce duplicated hash
2. Only measure BFV at the beginning. Other FVs are measured in FVinfo callback with nested
   FV check. https://bugzilla.tianocore.org/show_bug.cgi?id=662

Cc: Long Qin <qin.long@intel.com>
Cc: Yao Jiewen <jiewen.yao@intel.com>
Cc: Sean Brogan <sean.brogan@microsoft.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
2017-10-15 08:16:36 +08:00
Zhang, Chao B 53c6ff1803 SecurityPkg:AuthVariableLib:Implement ECR1707 for Private Auth Variable
ECR1707 for UEFI2.7 clarified certificate management rule for private time-based
AuthVariable.Trusted cert rule changed from whole signer's certificate stack to
top-level issuer cert tbscertificate + SignerCert CN for better management compatibility.
Hash is used to reduce storage overhead.

Cc: Long Qin <qin.long@intel.com>
Cc: Chen Chen <chen.a.chen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>'
Reviewed-by: Long Qin <qin.long@intel.com>
Reviewed-by: Chen Chen <chen.a.chen@intel.com>
2017-10-14 22:27:14 +08:00