Commit Graph

164 Commits

Author SHA1 Message Date
Ruiyu Ni 863986b3c8 Update all the code to consume the ConvertDevicePathToText, ConvertDevicePathNodeToText, ConvertTextToDevicePath and ConvertTextToDeviceNode APIs in DevicePathLib.
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Feng Tian <feng.tian@intel.com>
Reviewed-by: Elvin Li <elvin.li@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>
Reviewed-by: Guo Dong <guo.dong@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14505 6f19259b-4bc3-4df7-8a09-765794883524
2013-07-26 03:14:08 +00:00
Star Zeng 41982ebbc5 SecurityPkg Variable: Add the check for PcdFlashNvStorageVariableSize <= PcdFlashNvStorageFtwSpareSize.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14464 6f19259b-4bc3-4df7-8a09-765794883524
2013-07-11 08:18:56 +00:00
Star Zeng 039a40aa3b SecurityPkg: Variable drivers robustly handle crashes during Reclaim().
PEI variable implementation checks only the variable header signature for validity. This does not seem robust if system crash occurred during previous Reclaim() operation. If the crash occurred while FTW was rewriting the variable FV, the signature could be valid even though the rest of the FV isn't valid.
Solution: PEI variable and early phase(before FTW protocol ready) of DXE variable can check the FTW last write status provided by FaultTolerantWritePei and determine if all or partial variable data has been backed up in spare block, and then use the backed up data.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14455 6f19259b-4bc3-4df7-8a09-765794883524
2013-07-03 09:09:42 +00:00
Laszlo Ersek 328e5d8c19 The list of locked variables is traversed at runtime, hence we must
convert the list when transferring from physical to virtual mode.

Contributed-under: TianoCore Contribution Agreement 1.0

Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14425 6f19259b-4bc3-4df7-8a09-765794883524
2013-06-17 02:30:42 +00:00
Ruiyu Ni e4b7e2c94f Revert the changes made in 14403 because it incorrectly changed the EOL.
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14424 6f19259b-4bc3-4df7-8a09-765794883524
2013-06-17 02:18:58 +00:00
Laszlo Ersek 9199cb9c02 The list of locked variables is traversed at runtime, hence we must
convert the list when transferring from physical to virtual mode.

Contributed-under: TianoCore Contribution Agreement 1.0

Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14403 6f19259b-4bc3-4df7-8a09-765794883524
2013-06-14 01:55:12 +00:00
Chao Zhang 443bd74473 Fix overflow issue in TcgProtocol
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by  : Yao Jiewen <jiewen.yao@intel.com>
Reviewed-by  : Dong Guo   <guo.dong@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14396 6f19259b-4bc3-4df7-8a09-765794883524
2013-06-06 00:39:41 +00:00
lzeng14 164a9b6752 Fix the TOCTOU issue of CommBufferSize itself for SMM communicate handler input.
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14379 6f19259b-4bc3-4df7-8a09-765794883524
2013-05-21 02:22:02 +00:00
niruiyu 6ab9f44138 Add the EDKII_VARIABLE_LOCK_PROTOCOL implementation in SecurityPkg variable drivers.
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14378 6f19259b-4bc3-4df7-8a09-765794883524
2013-05-20 07:10:10 +00:00
sfu5 0ba17ade47 Fix a bug that “SecureBoot” varaible will be updated to NV+AT attribute incorrectly.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ni Ruiyu <ruiyu.ni@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14375 6f19259b-4bc3-4df7-8a09-765794883524
2013-05-17 08:05:01 +00:00
sfu5 ee79ac8d0e Pop up error message when user tries to enroll an invalid certificate file into KEK/DB/DBX.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14373 6f19259b-4bc3-4df7-8a09-765794883524
2013-05-17 07:03:49 +00:00
lgao4 cbcccd2c9d Update Code to pass EBC compiler.
Signed-off-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14352 6f19259b-4bc3-4df7-8a09-765794883524
2013-05-13 02:36:09 +00:00
lzeng14 5e5bb2a9ba 1. Fix TOCTOU issue in VariableSmm, FtwSmm, FpdtSmm, SmmCorePerformance SMM handler. For VariableSmm, pre-allocate a mVariableBufferPayload buffer with mVariableBufferPayloadSize(match with mVariableBufferPayloadSize in VariableSmmRuntimeDxe) to hold communicate buffer payload to avoid TOCTOU issue.
2. Add check to ensure CommBufferPayloadSize not exceed mVariableBufferPayloadSize or is enough to hold function structure in VariableSmm and FtwSmm.
3. Align FtwGetLastWrite() in FaultTolerantWriteSmmDxe.c to FtwGetLastWrite() in FaultTolerantWrite.c.

Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14325 6f19259b-4bc3-4df7-8a09-765794883524
2013-05-07 05:38:32 +00:00
czhang46 732d199d8f Fix memory overflow & VariableSize check issue for SetVariable append write.
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by  : Fu Siyuan  <siyuan.fu@intel.com>
Reviewed-by  : Dong Guo   <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14323 6f19259b-4bc3-4df7-8a09-765794883524
2013-05-02 01:42:39 +00:00
lzeng14 9d00d20ed4 1. Use the check IsAddressValid() to prevent SMM communication buffer overflow in SmmVariable, FtwSmm, FpdtSmm, SmmCorePerformance and SmmBaseHelper, and add check to prevent InfoSize overflows in SmmVariableHandler.
2. Refine the debug message.
3. Add check to make sure the input VariableName is A Null-terminated string.
4. Use local variable to hold StrSize (VariableName) to avoid duplicated StrSize calculation.

Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14317 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-25 10:49:45 +00:00
sfu5 968e143192 Check for NULL pointer before free it.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14316 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-25 01:38:06 +00:00
czhang46 56251c669f Fix potential overflow for SetVariable interface
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by  : Guo Dong   <dong.guo@intel.com>
Reviewed-by  : Siyuan Fu  <siyuan.fu@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14305 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-22 08:52:58 +00:00
czhang46 d17c4eac56 Fix a potential SMM memory dump issue. If pass communication buffer with DataBuffer to SMM SetVariable which is big enough to cover SMM range. Then GetVariable can dump SMM memory contents. Add more range check for SetVariable
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by  : Dong Guo   <guo.dong@intel.com>
Reviewed-by  : Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14292 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-19 01:35:02 +00:00
gdong1 772b601158 Update code not to block application/driver load when event log is full.
Signed-off-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>



git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14283 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-18 01:47:34 +00:00
czhang46 3a146f2a7d Fix SMM Variable driver stack GetVariable return INVALID_PARAMETER when DataSize is bigger than SMM communication buffer.
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by  : Dong Guo   <guo.dong@intel.com>
Reviewed-by  : Fu Siyuan  <siyuan.fu@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14276 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-15 01:56:31 +00:00
czhang46 0c55190f40 Update SMM variable DXE driver GetNextVariable interface to comply with UEFI spec
VariableNameSize is the returned buffer size. GetNextVariable should behavior correct if it is bigger than SMM communication buffer or less than string size of VariableName. 

Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by  : Dong Guo   <guo.dong@intel.com>
Reviewed-by  : Fu Siyuan  <siyuan.fu@intel.com>
Reviewed-by  : Zeng Star  <star.zeng@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14258 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-12 05:59:11 +00:00
sfu5 a2f2c258d4 Update secure boot UI driver to handle “reset to default” hot key.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14257 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-12 01:44:54 +00:00
lzeng14 3588bb3529 If DataSize or VariableNameSize is near MAX_ADDRESS, this can cause the computed PayLoadSize to overflow to a small value and pass the check in InitCommunicateBuffer(). To protect against this vulnerability, check DataSize and VariableNameSize to make sure PayloadSize doesn't overflow.
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14252 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-08 06:56:08 +00:00
sfu5 7403ff5b9f Fix a bug that IsSignatureFoundInDatabase() incorrectly computes CertCount.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14165 6f19259b-4bc3-4df7-8a09-765794883524
2013-03-06 01:42:04 +00:00
sfu5 6de4c35f99 Update the DxeImageVerificationLib to support for Authenticode-signed UEFI images with multiple signatures.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14141 6f19259b-4bc3-4df7-8a09-765794883524
2013-02-21 05:00:21 +00:00
sfu5 ca5a7d87e3 Add error handling code to prevent variable store corruption in release build.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14139 6f19259b-4bc3-4df7-8a09-765794883524
2013-02-21 01:35:22 +00:00
sfu5 5767f22fca Check the input VaraibleName for db/dbx when appending variables with formatted as EFI_SIGNATURE_LIST.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14087 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-25 07:14:43 +00:00
sfu5 12cbe23257 Check for NULL pointer before dereference it.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14086 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-25 07:12:25 +00:00
lzeng14 932e0f6628 Variables with state VAR_ADDED&VAR_IN_DELETED_TRANSITION should be considered as valid variables if there is no duplicated ones with VAR_ADDED state.
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14085 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-25 06:17:43 +00:00
lzeng14 0cc565deac Add NULL pointer check.
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14084 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-25 04:48:41 +00:00
sfu5 b7d269eae1 Fix infinite loop bug in secure boot UI driver.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14082 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-25 02:01:47 +00:00
gdong1 03ecb5769b Fix TPM may be locked twice issue in normal boot.
Signed-off-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14079 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-24 07:14:28 +00:00
lzeng14 23b0693579 1. Update the logic of UpdateVariable() for updating variable from:
set old variable to IN_DELETED_TRANSITION -> check if reclaim is needed(If yes, do reclaim) -> add new variable -> set old variable to DELETED if no reclaim happened.
to:
set old variable to IN_DELETED_TRANSITION -> check if reclaim is needed(If yes, do reclaim) -> add new variable -> set old variable to DELETED.
2. Update UpdateVariable() to correctly handle the case "both ADDED and IN_DELETED_TRANSITION variable are present", and delete both old ADDED and IN_DELETED_TRANSITION variable when deleting or updating variable.
3. Update VariableServiceGetNextVariableName() to return the valid IN_DELETED_TRANSITION variable if only IN_DELETED_TRANSITION variable is present.

Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14065 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-18 01:12:32 +00:00
lzeng14 aab9212fa9 Fix the issue that RuntimeServiceQueryVariableInfo() in VariableSmmRuntimeDxe always return EFI_SUCCESS.
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14050 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-15 06:43:24 +00:00
sfu5 f71ed839e1 1. Set the secure boot state to Standard Mode when user leaving secure boot setup page.
2. Add “Current SecureBoot State” field to reflect current secure boot status of the platform.

Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14042 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-09 05:19:43 +00:00
sfu5 83758cdc84 Fix a bug that the invalid public key will never be removed from public key database.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14041 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-09 05:09:39 +00:00
lzeng14 6ed1ec5946 Add the TPL raise/restore code for VariableSmmRuntimeDxe to avoid variable services reentry.
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14038 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-08 02:07:14 +00:00
lzeng14 335e268133 1. Don't assume that flush the HOB variable to flash must be successful.
2. When no DELETED variable found, no variable space could be reclaimed, so just give some debug info and return EFI_SUCCESS.

Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14029 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-04 12:21:59 +00:00
lzeng14 3f5c168fa8 Use SMM_VARIABLE_COMMUNICATE_HEADER_SIZE instead of OFFSET_OF (SMM_VARIABLE_COMMUNICATE_HEADER, Data).
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Ting Ye <ting.ye@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13993 6f19259b-4bc3-4df7-8a09-765794883524
2012-12-12 14:12:49 +00:00
sfu5 b3d4217001 Add a NULL string to the Image Execution Information Table if the Name is NULL in function AddImageExeInfo().
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13990 6f19259b-4bc3-4df7-8a09-765794883524
2012-12-12 03:03:07 +00:00
czhang46 bcb7667258 Fix Gcc build error
Signed-off-by: Chao Zhang<chao.b.zhang@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13978 6f19259b-4bc3-4df7-8a09-765794883524
2012-11-29 02:12:32 +00:00
czhang46 f3ac87a7f5 Fix coding style issue
Signed-off-by : Chao Zhang <chao.b.zhang@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13976 6f19259b-4bc3-4df7-8a09-765794883524
2012-11-28 08:49:21 +00:00
sfu5 c11d47b80b Move the declaration of gEfiCertDbGuid to the package's Include folder.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13975 6f19259b-4bc3-4df7-8a09-765794883524
2012-11-28 06:59:13 +00:00
czhang46 b25380e3ed Measure Processor location as system identity to PCR[1] according to Tcg server spec
Signed-off-by : Chao Zhang<chao.b.zhang@intel.com>
Reviewed-by   : Dong Guo<guo.dong@intel.com>
Reviewed-by   : Yao Jiewen<jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13971 6f19259b-4bc3-4df7-8a09-765794883524
2012-11-28 01:32:51 +00:00
czhang46 a332cfd308 1.Measure ACPI table data comes from flash event type EV_POST_CODE ACPI DATA to PCR[0]
2.Re-measure ACPI table after fix up with event type EV_EFI_HANDOFF_TABLES to PCR[1]

Signed-off-by : Chao Zhang<chao.b.zhang@intel.com>
Reviewed-by   : Dong Guo<guo.dong@intel.com>
Reviewed-by   : Yao Jiewen<jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13964 6f19259b-4bc3-4df7-8a09-765794883524
2012-11-27 05:16:15 +00:00
sfu5 275beb2b53 1. Correct the counter-based hash algorithm according to UEFI spec.
2. Check the reserverd bit in variable attribute.
3. Return EFI_OUT_OF_RESOURCE instead of EFI_SECURITY_VIOLATION if there is not enough speace to store the public key.
4. Fix a bug when deleting a non-existent time-based auth variable, we store the certificate into cert DB incorrectly.
5. Fix a bug that time-based auth variable can't been updated again after append operation.

Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13957 6f19259b-4bc3-4df7-8a09-765794883524
2012-11-21 08:06:02 +00:00
czhang46 8c3883b68d Fix ECC issue
Signed-off-by : chao zhang<chao.b.zhang@intel.com>
Reviewed-by  :  fan  jeff <jeff.fan@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13926 6f19259b-4bc3-4df7-8a09-765794883524
2012-11-05 02:52:13 +00:00
czhang46 482114024e Add Physical Presence request UI detection logic. Refine UIConfirm ReadKey logic
Signed-off-by : chao zhang  <chao.b.zhang@intel.com>
Reviewed-by   : dong guo    <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13908 6f19259b-4bc3-4df7-8a09-765794883524
2012-11-01 04:46:26 +00:00
czhang46 6f6c7857c2 Remove TPM selftest on S3 boot path to save time
Signed-off-by : Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by   : Dong Guo   <guo.dong@intel.com>
Reviewed-by   : Yao Jiewen <jieweng.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13873 6f19259b-4bc3-4df7-8a09-765794883524
2012-10-22 04:35:59 +00:00
tye1 64470c17df Remove useless MD5 OID ASN.1 value from DxeImageVerificationLib.
Signed-off-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13854 6f19259b-4bc3-4df7-8a09-765794883524
2012-10-17 02:26:11 +00:00