Commit Graph

14426 Commits

Author SHA1 Message Date
Laszlo Ersek da03183cd0 MdePkg: library INF files should reference feature PCDs under [FeaturePcd]
This patch updates users of PcdVerifyNodeInList and
PcdValidateOrderedCollection.

Suggested-by: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15814 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-16 16:19:11 +00:00
Laszlo Ersek 6a650d1fd1 MdePkg: BaseOrderedCollectionRedBlackTreeLib: silence invalid VS2005 warnings
VS2005 reports the following build failure:

  BaseOrderedCollectionRedBlackTreeLib.c(151) : warning C4244:
    'return' : conversion from 'int' to 'BOOLEAN', possible loss of data
  BaseOrderedCollectionRedBlackTreeLib.c(840) : warning C4244:
    'return' : conversion from 'int' to 'BOOLEAN', possible loss of data

This is incorrect. The ISO C standard guarantees that the expressions in
question can only return values 0 and 1, both of which can be represented
by BOOLEAN (== UINT8, == unsigned char).

Silence the incorrect warnings with explicit casts to BOOLEAN.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15813 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-16 16:18:59 +00:00
Laszlo Ersek 75955444cb MdePkg: BaseOrderedCollectionRedBlackTreeLib: silence invalid gcc warning
Gcc-4.4 reports the following build failure:

  BaseOrderedCollectionRedBlackTreeLib.c:
    In function 'OrderedCollectionInsert':
  BaseOrderedCollectionRedBlackTreeLib.c:586:
    error: 'Result' may be used uninitialized in this function

This is incorrect. There are two areas of use of Result to consider:

- In the very first while loop. The warning is likely not about this code
  area, because Result is assigned directly before use.

- The last use of Result in the function. The build warning / error is
  incorrect. For Result to be uninitialized at that point, the very first
  while loop must not have been entered at all (because that loop assigns
  a value to Result). However, if that loop is never entered, then Parent
  is still NULL. And Parent==NULL implies that the use of Result is never
  reached, because we jump to the Done label just before it.

Assign an irrelevant value of 0 to Result at the beginning of the function
in order to silence the incorrect warning.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15812 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-16 16:18:53 +00:00
Dong, Guo 4ccef56102 1) Update code to use PcdFixedUsbCredentialProviderTokenFileName and PcdMaxVariableSize as patchable PCD instead of FixedAtBuild PCD.
2)      Correct a typo in file comments of Tpm12Ownership.c

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dong, Guo <guo.dong@intel.com>
Reviewed-by: Gao, Liming <liming.gao@intel.com>
Reviewed-by: Yao, Jiewen <jiewen.yao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15811 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-15 08:10:55 +00:00
Fu, Siyuan a4faf336ea Use string pointer instead string buffer to avoid string copy operation.
Use CopyMem() to guarantee the NULL terminal will always be appended to the destination string.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu, Siyuan <siyuan.fu@intel.com>
Reviewed-by: Yao, Jiewen <jiewen.yao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15810 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-15 05:33:34 +00:00
Hess Chen 1be2ed90a2 There is a limitation on WINDOWS OS for the length of entire file path can’t be larger than 255. There is an OS API provided by Microsoft to add “\\?\” before the path header to support the long file path. Enable this feature on basetools.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hess Chen <hesheng.chen@intel.com>
Reviewed-by: Yingke Liu <yingke.d.liu@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15809 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-15 03:06:48 +00:00
Chris Phillips b8a13d7369 ShellPkg: Fix EFI_SHELL_DYNAMIC_COMMAND_PROTOCOL_GUID to match UEFI Shell 2.1 spec
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chris Phillips <chrisp@hp.com>
Reviewed-By: Jaben Carsey <jaben.carsey@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15808 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-14 20:42:40 +00:00
lhauch 281b6b928d Roll-back from an accidental commit.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: lhauch <larry.hauch@intel.com>



git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15807 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-14 20:22:33 +00:00
lhauch ea64888716 Change svn:mime-type property on all Unicode files (extension .uni) in edk2
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: lhauch <larry.hauch@intel.com>
Reviewed-by: Samer El-Haj-Mahmoud <samer.el-haj-mahmoud@hp.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15806 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-14 20:20:37 +00:00
Michael Kinney c9df168fa0 Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Michael Kinney  <michael.d.kinney@intel.com>
Reviewed-by: lhauch <larry.hauch@intel.com>

Fix the behavior of the –version flag in the Rsa2048Sha256 tools and update logic for showing program name, version, usage, and copyright information to match other BaseTools.




git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15805 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-14 20:08:17 +00:00
Jaben Carsey e8a57ade2a ShellPkg add size cast to bit operations
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jaben Carsey <jaben.carsey@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15804 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-14 17:58:16 +00:00
Gao, Liming 83d1ffb92f PcAtChipsetPkg: new AcpiTimerLib libraries.
Two library instances are added to support BASE type and DXE type. Those libraries provides basic timer support using the ACPI timer hardware.  The performance  counter features are provided by the processors time stamp counter.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gao, Liming <liming.gao@intel.com>
Reviewed-by: Kinney, Michael D <michael.d.kinney@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15803 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-14 14:30:32 +00:00
Long, Qin f61d69cc44 OpenSSL 0.9.8zb was released at 06-Aug-2014, including bug and security fixes.
This patch is to catch the latest OpenSSL release.
NOTE: The content of EDKII_openssl-0.9.8zb.patch is same with the old EDKII_openssl-0.9.8za.patch, and the extra changes 
      are only name / directory modifications. 

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Long, Qin  <qin.long@intel.com>
Reviewed-by: Ye, Ting <ting.ye@intel.com>
Reviewed-by: Fu, Siyuan <siyuan.fu@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15802 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-14 10:16:57 +00:00
Michael Kinney 1a53a034ec Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Michael Kinney  <michael.d.kinney@intel.com>
Reviewed-by: Dong, Guo <guo.dong@intel.com>

Add support for RSA 2048 SHA 256 signing and verification encoded in a PI FFS GUIDED Encapsulation Section.  The primary use case of this feature is in support of signing and verification of encapsulated FVs for Recovery and Capsule Update, but can potentially be used for signing and verification of any content that can be stored in a PI conformant FFS file.  Signing operations are performed from python scripts that wrap OpenSsl command line utilities.  Verification operations are performed using the OpenSsl libraries in the CryptoPkg.

The guided encapsulation sections uses the UEFI 2.4 Specification defined GUID called EFI_CERT_TYPE_RSA2048_SHA256_GUID.  The data layout for the encapsulation section starts with the UEFI 2.4 Specification defined structure called EFI_CERT_BLOCK_RSA_2048_SHA256 followed immediately by the data.  The signing tool included in these patches performs encode/decode operations using this data layout.  HashType is set to the UEFI 2.4 Specification defined GUID called EFI_HASH_ALGORITHM_SHA256_GUID.

MdePkg/Include/Guid/WinCertificate.h
================================= 
//
// WIN_CERTIFICATE_UEFI_GUID.CertType
// 
#define EFI_CERT_TYPE_RSA2048_SHA256_GUID \
  {0xa7717414, 0xc616, 0x4977, {0x94, 0x20, 0x84, 0x47, 0x12, 0xa7, 0x35, 0xbf } }

///
/// WIN_CERTIFICATE_UEFI_GUID.CertData
/// 
typedef struct {
  EFI_GUID  HashType;
  UINT8     PublicKey[256];
  UINT8     Signature[256];
} EFI_CERT_BLOCK_RSA_2048_SHA256;

MdePkg/Include/Protocol/Hash.h
================================= 
#define EFI_HASH_ALGORITHM_SHA256_GUID \
  { \
    0x51aa59de, 0xfdf2, 0x4ea3, {0xbc, 0x63, 0x87, 0x5f, 0xb7, 0x84, 0x2e, 0xe9 } \
  }

The verification operations require the use of public key(s).  A new PCD called gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer is added to the SecurityPkg that supports one or more SHA 256 hashes of the public keys.  A SHA 256 hash is performed to minimize the FLASH overhead of storing the public keys.  When a verification operation is performed, a SHA 256 hash is performed on EFI_CERT_BLOCK_RSA_2048_SHA256.PublicKey and a check is made to see if that hash matches any of the hashes in the new PCD.  It is recommended that this PCD always be configured in the DSC file as storage type of [PcdsDynamixExVpd], so the public keys are stored in a protected read-only region.

While working on this feature, I noticed that the CRC32 signing and verification feature was incomplete.  It only supported CRC32 based verification in the DXE Phase, so the attached patches also provide support for CRC32 based verification in the PEI Phase.

I also noticed that the most common method for incorporating guided section extraction libraries was to directly link them to the DXE Core, which is not very flexible.  The attached patches also add a generic section extraction PEIM and a generic section extraction DXE driver that can each be linked against one or more section extraction libraries.  This provides a platform developer with the option of providing section extraction services with the DXE Core or providing section extraction services with these generic PEIM/DXE Drivers.

Patch Summary
==============
1)	BaseTools - Rsa2049Sha256Sign python script that can perform test signing or custom signing of PI FFS file GUIDed sections
  a.	Wrapper for a set of OpenSsl command line utility operations
  b.	OpenSsl command line tool must be installed in location that is in standard OS path or in path specified by OS environment variable called OPENSSL_PATH
  c.	Provides standard EDK II command line arguments for a tool that encodes/decodes guided encapsulation section 

Rsa2048Sha256Sign - Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.
usage: Rsa2048Sha256Sign -e|-d [options] <input_file>

positional arguments:
  input_file            specify the input filename

optional arguments:
  -e                    encode file
  -d                    decode file
  -o filename, --output filename
                        specify the output filename
  --private-key PRIVATEKEYFILE
                        specify the private key filename. If not specified, a
                        test signing key is used.
  -v, --verbose         increase output messages
  -q, --quiet           reduce output messages
  --debug [0-9]         set debug level
  --version             display the program version and exit
  -h, --help            display this help text

2)	BaseTools - Rsa2049Sha256GenerateKeys python script that can generate new private/public key and PCD value that is SHA 256 hash of public key using OpenSsl command line utilities.
  a.	Wrapper for a set of OpenSsl command line utility operations
  b.	OpenSsl command line tool must be installed in location that is in standard path or in path specified by OS environment variable called OPENSSL_PATH

Rsa2048Sha256GenerateKeys - Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.
usage: Rsa2048Sha256GenerateKeys [options]

optional arguments:
  -o [filename [filename ...]], --output [filename [filename ...]]
                        specify the output private key filename in PEM format
  -i [filename [filename ...]], --input [filename [filename ...]]
                        specify the input private key filename in PEM format
  --public-key-hash PUBLICKEYHASHFILE
                        specify the public key hash filename that is SHA 256
                        hash of 2048 bit RSA public key in binary format
  --public-key-hash-c PUBLICKEYHASHCFILE
                        specify the public key hash filename that is SHA 256
                        hash of 2048 bit RSA public key in C structure format
  -v, --verbose         increase output messages
  -q, --quiet           reduce output messages
  --debug [0-9]         set debug level
  --version             display the program version and exit
  -h, --help            display this help text

3)	BaseTools\Conf\tools_def.template
  a.	Define GUID/Tool to perform RSA 2048 SHA 256 test signing and instructions on how to use alternate private/public key
b.	GUID is EFI_CERT_TYPE_RSA2048_SHA256_GUID
  c.	Tool is Rsa2049Sha256Sign
4)	MdeModulePkg\Library\PeiCrc32GuidedSectionExtractionLib
  a.	Add peer for DxeCrc32GuidedSectionExtractionLib so both PEI and DXE phases can perform basic integrity checks of PEI and DXE components
5)	MdeModulePkg\Universal\SectionExtractionPei
  a.	Generic PEIM that can link against one or more NULL section extraction library instances to provided one or more GUIDED Section Extraction PPIs
6)	MdeModulePkg\Universal\SectionExtractionDxe
  a.	Generic DXE Driver that can link against one or more NULL section extraction library instances to provide one or more GUIDED Section Extraction Protocols.
7)	SecurityPkg\Library\PeiRsa2048Sha256GuidedSectionExtractLib
  a.	NULL library instances that performs PEI phase RSA 2048 SHA 256 signature verification using OpenSsl libraries from CryptoPkg.
  b.	Based on algorithms from SecurityPkg Authenticated Variable services
  c.	Uses public key from gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer.
8)	SecurityPkg\Library\DxeRsa2048Sha256GuidedSectionExtractLib
  a.	NULL library instances that performs DXE phase RSA 2048 SHA 256 signature verification using OpenSsl libraries from CryptoPkg.
  b.	Based on algorithms from SecurityPkg Authenticated Variable services
  c.	Uses public key from gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer.




git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15801 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-14 06:31:34 +00:00
Michael Kinney 65ce860e49 Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Michael Kinney  <michael.d.kinney@intel.com>
Reviewed-by: Yingke Liu <yingke.d.liu@intel.com>

Add support for RSA 2048 SHA 256 signing and verification encoded in a PI FFS GUIDED Encapsulation Section.  The primary use case of this feature is in support of signing and verification of encapsulated FVs for Recovery and Capsule Update, but can potentially be used for signing and verification of any content that can be stored in a PI conformant FFS file.  Signing operations are performed from python scripts that wrap OpenSsl command line utilities.  Verification operations are performed using the OpenSsl libraries in the CryptoPkg.

The guided encapsulation sections uses the UEFI 2.4 Specification defined GUID called EFI_CERT_TYPE_RSA2048_SHA256_GUID.  The data layout for the encapsulation section starts with the UEFI 2.4 Specification defined structure called EFI_CERT_BLOCK_RSA_2048_SHA256 followed immediately by the data.  The signing tool included in these patches performs encode/decode operations using this data layout.  HashType is set to the UEFI 2.4 Specification defined GUID called EFI_HASH_ALGORITHM_SHA256_GUID.

MdePkg/Include/Guid/WinCertificate.h
================================= 
//
// WIN_CERTIFICATE_UEFI_GUID.CertType
// 
#define EFI_CERT_TYPE_RSA2048_SHA256_GUID \
  {0xa7717414, 0xc616, 0x4977, {0x94, 0x20, 0x84, 0x47, 0x12, 0xa7, 0x35, 0xbf } }

///
/// WIN_CERTIFICATE_UEFI_GUID.CertData
/// 
typedef struct {
  EFI_GUID  HashType;
  UINT8     PublicKey[256];
  UINT8     Signature[256];
} EFI_CERT_BLOCK_RSA_2048_SHA256;

MdePkg/Include/Protocol/Hash.h
================================= 
#define EFI_HASH_ALGORITHM_SHA256_GUID \
  { \
    0x51aa59de, 0xfdf2, 0x4ea3, {0xbc, 0x63, 0x87, 0x5f, 0xb7, 0x84, 0x2e, 0xe9 } \
  }

The verification operations require the use of public key(s).  A new PCD called gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer is added to the SecurityPkg that supports one or more SHA 256 hashes of the public keys.  A SHA 256 hash is performed to minimize the FLASH overhead of storing the public keys.  When a verification operation is performed, a SHA 256 hash is performed on EFI_CERT_BLOCK_RSA_2048_SHA256.PublicKey and a check is made to see if that hash matches any of the hashes in the new PCD.  It is recommended that this PCD always be configured in the DSC file as storage type of [PcdsDynamixExVpd], so the public keys are stored in a protected read-only region.

While working on this feature, I noticed that the CRC32 signing and verification feature was incomplete.  It only supported CRC32 based verification in the DXE Phase, so the attached patches also provide support for CRC32 based verification in the PEI Phase.

I also noticed that the most common method for incorporating guided section extraction libraries was to directly link them to the DXE Core, which is not very flexible.  The attached patches also add a generic section extraction PEIM and a generic section extraction DXE driver that can each be linked against one or more section extraction libraries.  This provides a platform developer with the option of providing section extraction services with the DXE Core or providing section extraction services with these generic PEIM/DXE Drivers.

Patch Summary
==============
1)	BaseTools - Rsa2049Sha256Sign python script that can perform test signing or custom signing of PI FFS file GUIDed sections
  a.	Wrapper for a set of OpenSsl command line utility operations
  b.	OpenSsl command line tool must be installed in location that is in standard OS path or in path specified by OS environment variable called OPENSSL_PATH
  c.	Provides standard EDK II command line arguments for a tool that encodes/decodes guided encapsulation section 

Rsa2048Sha256Sign - Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.
usage: Rsa2048Sha256Sign -e|-d [options] <input_file>

positional arguments:
  input_file            specify the input filename

optional arguments:
  -e                    encode file
  -d                    decode file
  -o filename, --output filename
                        specify the output filename
  --private-key PRIVATEKEYFILE
                        specify the private key filename. If not specified, a
                        test signing key is used.
  -v, --verbose         increase output messages
  -q, --quiet           reduce output messages
  --debug [0-9]         set debug level
  --version             display the program version and exit
  -h, --help            display this help text

2)	BaseTools - Rsa2049Sha256GenerateKeys python script that can generate new private/public key and PCD value that is SHA 256 hash of public key using OpenSsl command line utilities.
  a.	Wrapper for a set of OpenSsl command line utility operations
  b.	OpenSsl command line tool must be installed in location that is in standard path or in path specified by OS environment variable called OPENSSL_PATH

Rsa2048Sha256GenerateKeys - Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.
usage: Rsa2048Sha256GenerateKeys [options]

optional arguments:
  -o [filename [filename ...]], --output [filename [filename ...]]
                        specify the output private key filename in PEM format
  -i [filename [filename ...]], --input [filename [filename ...]]
                        specify the input private key filename in PEM format
  --public-key-hash PUBLICKEYHASHFILE
                        specify the public key hash filename that is SHA 256
                        hash of 2048 bit RSA public key in binary format
  --public-key-hash-c PUBLICKEYHASHCFILE
                        specify the public key hash filename that is SHA 256
                        hash of 2048 bit RSA public key in C structure format
  -v, --verbose         increase output messages
  -q, --quiet           reduce output messages
  --debug [0-9]         set debug level
  --version             display the program version and exit
  -h, --help            display this help text

3)	BaseTools\Conf\tools_def.template
  a.	Define GUID/Tool to perform RSA 2048 SHA 256 test signing and instructions on how to use alternate private/public key
b.	GUID is EFI_CERT_TYPE_RSA2048_SHA256_GUID
  c.	Tool is Rsa2049Sha256Sign
4)	MdeModulePkg\Library\PeiCrc32GuidedSectionExtractionLib
  a.	Add peer for DxeCrc32GuidedSectionExtractionLib so both PEI and DXE phases can perform basic integrity checks of PEI and DXE components
5)	MdeModulePkg\Universal\SectionExtractionPei
  a.	Generic PEIM that can link against one or more NULL section extraction library instances to provided one or more GUIDED Section Extraction PPIs
6)	MdeModulePkg\Universal\SectionExtractionDxe
  a.	Generic DXE Driver that can link against one or more NULL section extraction library instances to provide one or more GUIDED Section Extraction Protocols.
7)	SecurityPkg\Library\PeiRsa2048Sha256GuidedSectionExtractLib
  a.	NULL library instances that performs PEI phase RSA 2048 SHA 256 signature verification using OpenSsl libraries from CryptoPkg.
  b.	Based on algorithms from SecurityPkg Authenticated Variable services
  c.	Uses public key from gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer.
8)	SecurityPkg\Library\DxeRsa2048Sha256GuidedSectionExtractLib
  a.	NULL library instances that performs DXE phase RSA 2048 SHA 256 signature verification using OpenSsl libraries from CryptoPkg.
  b.	Based on algorithms from SecurityPkg Authenticated Variable services
  c.	Uses public key from gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer.




git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15800 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-14 06:30:10 +00:00
Michael Kinney a402e12924 Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Michael Kinney  <michael.d.kinney@intel.com>
Reviewed-by: Feng Tian <feng.tian@intel.com>

Add support for RSA 2048 SHA 256 signing and verification encoded in a PI FFS GUIDED Encapsulation Section.  The primary use case of this feature is in support of signing and verification of encapsulated FVs for Recovery and Capsule Update, but can potentially be used for signing and verification of any content that can be stored in a PI conformant FFS file.  Signing operations are performed from python scripts that wrap OpenSsl command line utilities.  Verification operations are performed using the OpenSsl libraries in the CryptoPkg.

The guided encapsulation sections uses the UEFI 2.4 Specification defined GUID called EFI_CERT_TYPE_RSA2048_SHA256_GUID.  The data layout for the encapsulation section starts with the UEFI 2.4 Specification defined structure called EFI_CERT_BLOCK_RSA_2048_SHA256 followed immediately by the data.  The signing tool included in these patches performs encode/decode operations using this data layout.  HashType is set to the UEFI 2.4 Specification defined GUID called EFI_HASH_ALGORITHM_SHA256_GUID.

MdePkg/Include/Guid/WinCertificate.h
================================= 
//
// WIN_CERTIFICATE_UEFI_GUID.CertType
// 
#define EFI_CERT_TYPE_RSA2048_SHA256_GUID \
  {0xa7717414, 0xc616, 0x4977, {0x94, 0x20, 0x84, 0x47, 0x12, 0xa7, 0x35, 0xbf } }

///
/// WIN_CERTIFICATE_UEFI_GUID.CertData
/// 
typedef struct {
  EFI_GUID  HashType;
  UINT8     PublicKey[256];
  UINT8     Signature[256];
} EFI_CERT_BLOCK_RSA_2048_SHA256;

MdePkg/Include/Protocol/Hash.h
================================= 
#define EFI_HASH_ALGORITHM_SHA256_GUID \
  { \
    0x51aa59de, 0xfdf2, 0x4ea3, {0xbc, 0x63, 0x87, 0x5f, 0xb7, 0x84, 0x2e, 0xe9 } \
  }

The verification operations require the use of public key(s).  A new PCD called gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer is added to the SecurityPkg that supports one or more SHA 256 hashes of the public keys.  A SHA 256 hash is performed to minimize the FLASH overhead of storing the public keys.  When a verification operation is performed, a SHA 256 hash is performed on EFI_CERT_BLOCK_RSA_2048_SHA256.PublicKey and a check is made to see if that hash matches any of the hashes in the new PCD.  It is recommended that this PCD always be configured in the DSC file as storage type of [PcdsDynamixExVpd], so the public keys are stored in a protected read-only region.

While working on this feature, I noticed that the CRC32 signing and verification feature was incomplete.  It only supported CRC32 based verification in the DXE Phase, so the attached patches also provide support for CRC32 based verification in the PEI Phase.

I also noticed that the most common method for incorporating guided section extraction libraries was to directly link them to the DXE Core, which is not very flexible.  The attached patches also add a generic section extraction PEIM and a generic section extraction DXE driver that can each be linked against one or more section extraction libraries.  This provides a platform developer with the option of providing section extraction services with the DXE Core or providing section extraction services with these generic PEIM/DXE Drivers.

Patch Summary
==============
1)	BaseTools - Rsa2049Sha256Sign python script that can perform test signing or custom signing of PI FFS file GUIDed sections
  a.	Wrapper for a set of OpenSsl command line utility operations
  b.	OpenSsl command line tool must be installed in location that is in standard OS path or in path specified by OS environment variable called OPENSSL_PATH
  c.	Provides standard EDK II command line arguments for a tool that encodes/decodes guided encapsulation section 

Rsa2048Sha256Sign - Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.
usage: Rsa2048Sha256Sign -e|-d [options] <input_file>

positional arguments:
  input_file            specify the input filename

optional arguments:
  -e                    encode file
  -d                    decode file
  -o filename, --output filename
                        specify the output filename
  --private-key PRIVATEKEYFILE
                        specify the private key filename. If not specified, a
                        test signing key is used.
  -v, --verbose         increase output messages
  -q, --quiet           reduce output messages
  --debug [0-9]         set debug level
  --version             display the program version and exit
  -h, --help            display this help text

2)	BaseTools - Rsa2049Sha256GenerateKeys python script that can generate new private/public key and PCD value that is SHA 256 hash of public key using OpenSsl command line utilities.
  a.	Wrapper for a set of OpenSsl command line utility operations
  b.	OpenSsl command line tool must be installed in location that is in standard path or in path specified by OS environment variable called OPENSSL_PATH

Rsa2048Sha256GenerateKeys - Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.
usage: Rsa2048Sha256GenerateKeys [options]

optional arguments:
  -o [filename [filename ...]], --output [filename [filename ...]]
                        specify the output private key filename in PEM format
  -i [filename [filename ...]], --input [filename [filename ...]]
                        specify the input private key filename in PEM format
  --public-key-hash PUBLICKEYHASHFILE
                        specify the public key hash filename that is SHA 256
                        hash of 2048 bit RSA public key in binary format
  --public-key-hash-c PUBLICKEYHASHCFILE
                        specify the public key hash filename that is SHA 256
                        hash of 2048 bit RSA public key in C structure format
  -v, --verbose         increase output messages
  -q, --quiet           reduce output messages
  --debug [0-9]         set debug level
  --version             display the program version and exit
  -h, --help            display this help text

3)	BaseTools\Conf\tools_def.template
  a.	Define GUID/Tool to perform RSA 2048 SHA 256 test signing and instructions on how to use alternate private/public key
b.	GUID is EFI_CERT_TYPE_RSA2048_SHA256_GUID
  c.	Tool is Rsa2049Sha256Sign
4)	MdeModulePkg\Library\PeiCrc32GuidedSectionExtractionLib
  a.	Add peer for DxeCrc32GuidedSectionExtractionLib so both PEI and DXE phases can perform basic integrity checks of PEI and DXE components
5)	MdeModulePkg\Universal\SectionExtractionPei
  a.	Generic PEIM that can link against one or more NULL section extraction library instances to provided one or more GUIDED Section Extraction PPIs
6)	MdeModulePkg\Universal\SectionExtractionDxe
  a.	Generic DXE Driver that can link against one or more NULL section extraction library instances to provide one or more GUIDED Section Extraction Protocols.
7)	SecurityPkg\Library\PeiRsa2048Sha256GuidedSectionExtractLib
  a.	NULL library instances that performs PEI phase RSA 2048 SHA 256 signature verification using OpenSsl libraries from CryptoPkg.
  b.	Based on algorithms from SecurityPkg Authenticated Variable services
  c.	Uses public key from gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer.
8)	SecurityPkg\Library\DxeRsa2048Sha256GuidedSectionExtractLib
  a.	NULL library instances that performs DXE phase RSA 2048 SHA 256 signature verification using OpenSsl libraries from CryptoPkg.
  b.	Based on algorithms from SecurityPkg Authenticated Variable services
  c.	Uses public key from gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer.


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15799 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-14 06:29:07 +00:00
Zeng, Star fe7819402c MdeModulePkg/IntelFrameworkModulePkg: Update PeiCore, SmbiosDxe and IsaSerialDxe to use PcdGetxx() instead of FixedPcdGetxx().
It changes some of the PCD declarations to add more supported PCD storage types and
the change in the PCD access methods is associated with that.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zeng, Star <star.zeng@intel.com>
Reviewed-by: Kinney, Michael D <michael.d.kinney@intel.com>
Reviewed-by: Gao, Liming <liming.gao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15798 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-14 05:55:08 +00:00
Jeff Fan a1360fa3de Use StrnCat instead of StrCat to avoid target buffer overflow.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jeff Fan <jeff.fan@intel.com>
Reviewed-by: Eric Dong <Eric.Dong@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15797 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-14 02:00:11 +00:00
Gao, Liming 74a6d86079 Add the missing parameter comments for BaseSerialPortLib16550 lib. MdePkg: Fix Clang build failure
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gao, Liming <liming.gao@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15796 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-13 08:39:54 +00:00
Ruiyu Ni ea5396f31a Fix VS2013 build failure.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15795 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-13 06:31:08 +00:00
Ruiyu Ni c687b1464b Fix VS2013 build failure.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15794 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-13 06:18:06 +00:00
Ruiyu Ni df6bd1b65c Add UINT64 type cast when AND/OR with UINT64 Supports.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15793 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-13 03:28:35 +00:00
Laszlo Ersek 424d84556d AppPkg: introduce OrderedCollectionTest
In this patch a small application is added to AppPkg, with the following
two goals:
- demonstrate how to use OrderedCollectionLib,
- allow users to test and "fuzz" BaseOrderedCollectionRedBlackTreeLib in
  particular, entering API "commands" interactively, or providing them
  from a script file.

A shell script is included that generates such an API command script.

Speaking about BaseOrderedCollectionRedBlackTreeLib specifically,
OrderedCollectionTest validates the internal red-black properties of the
tree after each read-write operation by setting the
PcdValidateOrderedCollection feature flag to TRUE.

The OrderedCollectionTest application's debugging environment is strictly
specified in the DSC file, because OrderedCollectionTest is entirely
useless for unit testing without full ASSERT() enablement.

The OrderedCollectionTest application deliberately doesn't follow the edk2
coding style in the following:
- const vs. CONST,
- void vs. VOID,
- assert() vs. ASSERT(),
- calloc() and free() vs. AllocateZeroPool() and FreePool(),
- integer types.

This is because OrderedCollectionTest is a standard C application, not a
UEFI application per se. In particular it relies on stdio. INTN, EFIAPI
and CONST VOID are used only in two places, where we provide the
comparator callbacks to OrderedCollectionLib. Proper range checking is
ensured for integers.

The application takes command input from stdin or a file (if the user
requests it), sends command output to stdout or a file (if the user
requests it), prints debug output to the console (as other AppPkg
applications do when debugging is enabled for them), and prints
diagnostics to stderr (like well behaved standard C programs should).

Input/output selection is implemented manually because the old shell
doesn't support input redirection at all, and because the new shell's
input redirection does not co-operate with fgets() for the time being.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Michael Kinney <michael.d.kinney@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15792 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-12 07:29:17 +00:00
Laszlo Ersek cf556c6a58 MdePkg: introduce BaseOrderedCollectionRedBlackTreeLib library instance
edk2 should have a fast and easy-to-use associative array (a dictionary)
type.

Red-black trees have O(log(n)) worst case time complexity for lookup,
insertion, and deletion (where n is the number of nodes in the tree). They
support minimum and maximum lookup with the same time complexity, hence
red-black trees double as priority queues as well.

Given an iterator to a red-black tree node, getting the next or previous
node (which corresponds to the ordered successor or the predecessor,
respectively, according to the user-defined ordering) is O(log(n)) as
well.

The code reflects the Binary Search Trees and Red-Black Trees chapters of
Introduction to Algorithms, by Cormen, Leiserson, Rivest. One point where
the implementation diverges is the first phase of the Delete() operation.
During that phase, the book's algorithm copies the key and other business
*contents* of the successor node (in case the successor node is affected),
and releases the successor node (instead of the node that the user
requested to delete).

While semantically correct, this would break the above iterator validity
guarantee. This implementation replaces the copying of business contents
between nodes with suitable relinking of nodes, so that all iterators
(except the one whose deletion is being requested) remain valid.

I had written this code originally in approx. 2002. I personally own the
copyright of that version and am hereby relicensing it to Red Hat, under
the BSDL. I had used the original code in a few personal projects since,
for example in the lbzip2-0.x parallel (de)compressor, and now I've ported
the library to edk2. Both during the original implementation and now
during the porting I verified all the cases and their proofs as rigorously
as I could, on paper. (NB, I couldn't find any errors in the 2002 code
now.)

During the porting to edk2, I documented all those cases in code comments
as well (at least half of the source is documentation). These comments are
not blind copies of diagrams from the Algorithms book, nor are they copies
from my original code -- I've done them all fresh now, and I've only
matched the results against the book. Reviewers are invited to sit down
with a pen, some paper, the book, and the code.

The Validate() function verifies the internal red-black properties of the
tree. This function helps with unit testing, and is only invoked when
requested with the PcdValidateOrderedCollection feature flag.

A note about diagrams: edges represented by backslash (\) characters are
often written as "\_", ie. with a following underscore. This is because
line-trailing backslashes are processed very early in compilation (in
translation phase 2), "splicing physical source lines to form logical
source lines". Since the edk2 coding style requires "//" comments for such
documentation, a trailing backslash would splice the next physical line
into the "scope" of the comment. To prevent this, trailing backslashes are
defanged by appending underscores, which should be visually bearable.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Michael Kinney <michael.d.kinney@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15791 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-12 07:29:04 +00:00
Kinney, Michael D 250e4b0db1 MdePkg: introduce OrderedCollectionLib library class
This library class provides a set of APIs to manage an ordered collection
of items:
- Init(),
- UnInit(),
- Insert(),
- Delete(),
- IsEmpty(),
- Next(),
- Prev(),
- Min(),
- Max(),
- Find(),
- UserStruct().

There are many ways to implement an ordered collection. Depending on the
frequency of the different actions, different internal implementations may
have different performance, memory overhead, or code size.

Developers can select the library instance for a platform or module in
their DSC files that meets the needs of that platform or module.

Commit-message-from: "Kinney, Michael D" <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Michael Kinney <michael.d.kinney@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15790 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-12 07:28:52 +00:00
Elvin Li 79966a6f35 Fixed a bug in LegacyBiosDxe to allocate correct ranges of memory.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Elvin Li <elvin.li@intel.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15789 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-12 05:19:34 +00:00
jyao1 4e684d3ca4 Correct StrnCat length calculation.
Contributed-under: TianoCore Contribution Agreement 1.0

Signed off by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed by: Guo Dong <guo.dong@intel.com>




git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15788 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-12 03:31:47 +00:00
Star Zeng 6c8cfb0751 MdeModulePkg PeiCore: The DEBUG message (for HeapOffset and StackOffset) should be placed after HeapOffset is got.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15787 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-12 01:41:25 +00:00
Laszlo Ersek 6f347d0f0a StdLib/LibC/Stdio: fix "missing braces around initializer"
The member "fext._ub" is a structure (of type "struct __sbuf"), and the
current initializer triggers

  StdLib/LibC/Stdio/vswscanf.c: In function 'vswscanf':
  StdLib/LibC/Stdio/vswscanf.c:75:10: error: missing braces around
                                      initializer [-Werror=missing-braces]
  StdLib/LibC/Stdio/vswscanf.c:75:10: error: (near initialization for
                                      'fext._ub') [-Werror=missing-braces]
  cc1: all warnings being treated as errors

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15786 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-11 22:00:01 +00:00
Laszlo Ersek 599aa11f87 StdLib/LibC/gdtoa: fix "missing braces around initializer"
The member "u.L" is an array, and the current initializer triggers

  StdLib/LibC/gdtoa/strtof.c: In function '_strtof':
  StdLib/LibC/gdtoa/strtof.c:53:9: error: missing braces around
                                   initializer [-Werror=missing-braces]
  StdLib/LibC/gdtoa/strtof.c:53:9: error: (near initialization for
                                   'u.L') [-Werror=missing-braces]
  cc1: all warnings being treated as errors

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15785 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-11 21:59:53 +00:00
Gao, Liming 1be8039054 MdePkg: Fix Clang build failure
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gao, Liming <liming.gao@intel.com>
Reviewed-by: Andrew Fish <afish@apple.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15784 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-11 07:05:49 +00:00
Gao, Liming 31122d8c9a MdeModulePkg: BaseSerialPortLib16550 library to support PCI UART device.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gao, Liming <liming.gao@intel.com>
Reviewed-by: Kinney, Michael D <michael.d.kinney@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15783 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-11 06:38:28 +00:00
Gao, Liming 883e23d0d3 MdeModulePkg: new PlatformHookLib library with depex of SerialPortPpi.
This library has one depex of SerialPortPpi. Then, the PEIM linked it has this depex so that it is dispatched after SerialPortPpi is installed. SerialPortPpi notifies the platform initialization done, then serial port will work. 
 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gao, Liming <liming.gao@intel.com>
Reviewed-by: Kinney, Michael D <michael.d.kinney@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15782 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-11 06:23:51 +00:00
Gao, Liming 9bc250419d MdeModulePkg: DxeCore
If GUIDED section has AUTH attribute only, DxeCore may wrongly set its AuthenticationStatus to 0 when its matched GUIDED extraction handler is not installed and Auth data is not verified. For this case, the return AuthenticationStatus should be EFI_AUTH_STATUS_NOT_TESTED. 

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gao, Liming <liming.gao@intel.com>
Reviewed-by: Kinney, Michael D <michael.d.kinney@intel.com>
Reviewed-by: Yao, Jiewen <jiewen.yao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15781 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-11 05:40:40 +00:00
Elvin Li 4a228334f0 Added SMBIOS 2.8.0 updates.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Elvin Li <elvin.li@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15780 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-08 09:10:57 +00:00
Chen Fan ff8ad584f3 SourceLevelDebugPkg/DebugAgent: fix trivial typo.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15779 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-08 07:50:21 +00:00
Jeff Fan 1a45b15eae Add type cast on variable before operation.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jeff Fan <jeff.fan@intel.com>
Reviewed-by: Eric Dong <Eric.Dong@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15778 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-08 05:52:01 +00:00
Jeff Fan 31fc7b4d6a Add type cast on variable before operation.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jeff Fan <jeff.fan@intel.com>
Reviewed-by: Eric Dong <Eric.Dong@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15777 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-08 05:51:21 +00:00
Eric Dong 2ca7b36631 Clean the useless code.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15776 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-08 03:20:29 +00:00
jyao1 954894f270 Rollback file GUID change, because it is VTF file and GUID is predefined.
Contributed-under: TianoCore Contribution Agreement 1.0

Signed off by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed by: Chris Li <chris.li@intel.com>



git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15775 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-08 02:15:41 +00:00
Andrew Fish 1d1f4c621d clang warns on guard macro not matching in .h file.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Andrew Fish <afish@apple.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15774 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-08 00:57:50 +00:00
Fu, Siyuan 2922e29ad8 Update network stack code to use StrnCpy instead of StrCpy.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu, Siyuan <siyuan.fu@intel.com>
Reviewed-By: Dong, Eric <eric.dong@intel.com>
Reviewed-by: Wu, Jiaxin <jiaxin.wu@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15773 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-08 00:41:14 +00:00
jyao1 8f9bafeea6 Correct AsciiStrnCpy.
Contributed-under: TianoCore Contribution Agreement 1.0

Signed off by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed by: Eric Dong <eric.dong@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15772 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-08 00:21:18 +00:00
Jaben Carsey e1044f8074 ShellPkg: Refactor string manipulation in cp command
This patch replaces StrCpy with StrnCpy or refactors out the usage of StrCpy through some other means.
This patch replaces StrCat with StrnCat or refactors out the usage of StrCat through some other means.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jaben Carsey <jaben.carsey@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15771 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-07 20:02:40 +00:00
Feng Tian 6e1e540554 1) Add type cast for better coding style.
2) replace StrCpy() usage in Variable driver with StrnCpy().

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Feng Tian <feng.tian@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15770 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-07 08:54:34 +00:00
Qiu Shumin e935092fa7 Add type cast for better coding style.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qiu Shumin <shumin.qiu@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15769 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-07 08:32:54 +00:00
qlong 0e24145420 Clean up code.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed off by: Long Qin <qin.long@intel.com>
Reviewed by: Eric Dong <eric.dong@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15768 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-07 07:56:31 +00:00
Eugene Cohen 86110f65ab Fix OpensslLib build issue for ARM. The changes are:
The changes are:
  1. Add RVCT ARM build target
  2. Add suppression of warnings to get openssl building (1295,550,1293,111,68,177,223,144,513,188)
  3. Remove architectures that RVCT cannot build for (IA32, X64, and IPF)
  4. Add the -DOPENSSL_NO_MD2 flag to prevent link errors from MD2 references; the comments in the .inf assumes that this flag exists but it wasn’t actually set

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Eugene Cohen <eugene@hp.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15767 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-07 07:44:37 +00:00
jyao1 58dbfc3c0f Clean up code.
Contributed-under: TianoCore Contribution Agreement 1.0

Signed off by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed by: Eric Dong <eric.dong@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15766 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-07 05:03:10 +00:00
Daryl McDaniel b04aba1773 StdLib: The formatting for double float values, within the gdtoa library, is improper.
When running Enquire.efi, several errors similar to the following are produced:
Maximum exponent = 128
Maximum number = 3.40282347e+38

*** WARNING: Possibly bad output from printf above
    expected value around 3.40282347e38, bit pattern:
    11111111 11111111 01111111 01111111
    sscanf gave           -inf, bit pattern:
    00000000 00000000 10000000 11111111
    difference= inf

Overflow doesn’t seem to generate a trap

The memory allocation tests will also fail, sometimes leaving all available memory consumed.

The correct output in the above example is:
Maximum exponent = 128
Maximum number = 3.40282347e+38
Overflow doesn't seem to generate a trap

The root cause is that all operations on values of Long or ULong type, within the gdtoa library, must be 32-bit operations.  A previous change replaced the Long and ULong definitions with INTN and UINTN, respectively.  While this is correct for a lot of Linux and NetBSD code, it was not correct for this library.

This fix reverts the definitions of ULong and Long back to 32-bit types.
A descriptive comment has also been added to the U union.
Additional white-space has been added to tidy up the definitions of the word0 and word1 macros.

Verified with Enquire.efi and the ISO/IEC C Library compliance Validation Suite.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Daryl McDaniel <daryl.mcdaniel@intel.com>
Reviewed-by: Jaben Carsey <Jaben.carsey@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15765 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-06 18:29:02 +00:00