Ease security analysis by excluding libssl functionality from the
OpensslLib instance we use with TLS_ENABLE=FALSE.
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Tomas Hoger <thoger@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
v3:
* Correct the commits grammar
v2:
* Rename the flag.
This flag is to overwrite the value of PcdAllowHttpConnections,
then the platform can make a decision whether to allow HTTP
connections or not.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Kinney Michael D <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Gary Lin <glin@suse.com>
TLS feature highly depends on the OpenSSL building. To avoid
the default Nt32 platform build failure, we should change the
default value of TLS_ENABLE to FALSE.
The notes are also provided for Secure Boot and TLS features.
Cc: Ni Ruiyu <ruiyu.ni@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Long Qin <qin.long@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
v2:
* Rename flag: HTTPS_BOOT_ENABLE -> TLS_ENABLE
This path is used to enable HTTPS boot feature for Nt32 platform.
Cc: Long Qin <qin.long@intel.com>
Cc: Ni Ruiyu <ruiyu.ni@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Zhang Lubo <lubo.zhang@intel.com>
Cc: Thomas Palmer <thomas.palmer@hpe.com>
Cc: Yao Jiewen <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Qin Long <qin.long@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
This patch is used to remove the 'SECURE_BOOT_ENABLE' flag for OpensslLib
and BaseCryptLib modules.
Cc: Long Qin <qin.long@intel.com>
Cc: Ni Ruiyu <ruiyu.ni@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Zhang Lubo <lubo.zhang@intel.com>
Cc: Thomas Palmer <thomas.palmer@hpe.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Qin Long <qin.long@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Enable BootManagerMenuApp application for Nt32 platform.
Also enable F7 hotkey to select this boot option.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
After add LoadFileOnFv2, PlatformBootManagerLib doesn't need to find Shell
application from FV.
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Now that FatPkg is open source (and therefore can be included in the
EDK II tree) we build and use it directly.
Note: Not build tested
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@Intel.com>
Switch the DebugLibReportStatusCode from IntelFrameworkPkg to MdeModulePkg.
The functionality and the code between them are almost the same.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Cinnamon Shia <cinnamon.shia@hpe.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Add NOOPT to NT32 build target. With it, all modules of NT32 are
built with optimization disabled.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Cinnamon Shia <cinnamon.shia@hpe.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19753 6f19259b-4bc3-4df7-8a09-765794883524
Rename the Ui libraries,so need to update the Nt32Pkg.dsc file.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19669 6f19259b-4bc3-4df7-8a09-765794883524
Use new created libraries(Boot Manager,Device Manager,Boot Maintenance
Manager) in UiApp.So remove and refine relative code in UiApp.And update
the Nt32Pkg.dsc and MdeModulePkg.dsc.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18924 6f19259b-4bc3-4df7-8a09-765794883524
Since Variable driver has been updated to consume the separated VarCheckLib.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18280 6f19259b-4bc3-4df7-8a09-765794883524
This patch is used to add HttpUtilitiesDxe module.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Samer El-Haj-Mahmoud <samer.el-haj-mahmoud@hp.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18261 6f19259b-4bc3-4df7-8a09-765794883524
This patch add the HTTP boot related drivers to NT32 platform.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17900 6f19259b-4bc3-4df7-8a09-765794883524
AuthVariableLib and TpmMeasurementLib library classes are now linked with
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
to optionally support secure variables.
For Nt32Pkg,
link AuthVariableLib and DxeTpmMeasurementLib in SecurityPkg
when SECURE_BOOT_ENABLE = TRUE,
and link AuthVariableLibNull and TpmMeasurementLibNull in MdeModulePkg
when SECURE_BOOT_ENABLE = FALSE.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17759 6f19259b-4bc3-4df7-8a09-765794883524
Root cause: The CryptoPkg\Library\IntrinsicLib needs override MSFT build option to remove /Oi and /GL,
but it doesn’t work because of the build option override in Nt32Pkg.dsc.
Solution: Remove /X in BaseTools/Conf/tools_def.template
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Cinnamon Shia <cinnamon.shia@hp.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17069 6f19259b-4bc3-4df7-8a09-765794883524
It has no obviously benefit to reduce size by PcdPcdInfoGeneration, so remove this PCD.
And PCD_INFO_GENERATION flag can be used to enable/disable PCD info feature, a sample is added in Nt32Pkg to show how to use this flag.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14870 6f19259b-4bc3-4df7-8a09-765794883524
It has no obviously benefit to reduce size by PcdPcdInfoGeneration, so remove this PCD.
And PCD_INFO_GENERATION flag can be used to enable/disable PCD info feature, a sample is added in Nt32Pkg to show how to use this flag.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14869 6f19259b-4bc3-4df7-8a09-765794883524
2. ASSERT if PCD value is set to 5 (QUERY_USER_ON_SECURITY_VIOLATION).
3. Update override PCD setting from 5 to 4 in platform DSC file.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ni Ruiyu <ruiyu.ni@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14607 6f19259b-4bc3-4df7-8a09-765794883524
1. The signature of working block header needs to be updated to gEdkiiWorkingBlockSignatureGuid because FTW write header and record has be updated and exposed to support crossing archs.
2. PEI variable has been updated to depend on FaultTolerantWritePei to robustly handle crashes during Reclaim(), so add FaultTolerantWritePei.inf in *.dsc and *.fdf.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14456 6f19259b-4bc3-4df7-8a09-765794883524
If –D SECURE_BOOT_ENABLE is specified with the build command, Secure Boot support is enabled including custom mode setup.
This allows Secure Boot to be configured through setup allowing Nt32Pkg to be a fully functional Secure Boot reference platforms.
Signed-off-by: lee.g.rosenbaum@intel.com
Reviewed-by: jiewen.yao@intel.com
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13186 6f19259b-4bc3-4df7-8a09-765794883524