tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
14,623 Commits 9 Branches 0 Tags 317 MiB
Commit Graph

235 Commits

Author SHA1 Message Date
Star Zeng fddbbc661e SecurityPkg Variable: Remove mStorageData buffer allocation and use Scratch buffer instead to reduce SMRAM consumption. 
It can reduce MAX (PcdGet32 (PcdMaxVariableSize), PcdGet32 (PcdMaxHardwareErrorVariableSize)) size of SMRAM consumption.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Guo Dong <guo.dong@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14855 6f19259b-4bc3-4df7-8a09-765794883524
 2013-11-18 02:56:04 +00:00
Star Zeng 128ef095b0 MdeModulePkg and SecurityPkg Variable: Optimize the code to reduce some SMRAM consumption during variable reclaiming. 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14832 6f19259b-4bc3-4df7-8a09-765794883524
 2013-11-12 13:31:43 +00:00
Star Zeng 7baf3c69c5 MdeModulePkg and SecurityPkg Variable: Enhance code to use the new variable data instead of old variable data when variable reclaim. 
It can fix the potential failure to return EFI_OUT_OF_RESOURCES of the second variable set of large variable.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14822 6f19259b-4bc3-4df7-8a09-765794883524
 2013-11-04 03:13:54 +00:00
jyao1 9318b08eb5 Add TPM1.2 SaveState API. 
Signed off by: Yao, Jiewen <Jiewen.yao@intel.com>
Reviewed by: Dong Guo <Gui.dong@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14791 6f19259b-4bc3-4df7-8a09-765794883524
 2013-10-21 05:56:07 +00:00
Star Zeng c79351059e 1. Enable use-cases in PEI using SecurityPPI co-equal to the use-cases in DXE using the Security Arch Protocol 
2. Add support to find section by instance rather than only 0 at PEI phase.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14763 6f19259b-4bc3-4df7-8a09-765794883524
 2013-10-11 03:54:13 +00:00
Fu Siyuan 5ecc20b553 Fix coding style issue. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14755 6f19259b-4bc3-4df7-8a09-765794883524
 2013-10-09 03:46:46 +00:00
jyao1 22f89647b0 TrEEPhysicalPresenceLib|Include/Library/TrEEPhysicalPresenceLib.h 
Correct LIBRARY_CLASS definition and declaration.

signed off by : jiewen, yao jiewen.yao@intel.com
reviewed by : liming, gao liming.gao@intel.com


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14754 6f19259b-4bc3-4df7-8a09-765794883524
 2013-10-09 02:52:51 +00:00
Fu Siyuan 44446d10b0 Fix a bug about the “VendorKey” variable update logic. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14746 6f19259b-4bc3-4df7-8a09-765794883524
 2013-10-08 05:31:28 +00:00
gdong1 15d73df950 Add missing comments for function parameters. 
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14694 6f19259b-4bc3-4df7-8a09-765794883524
 2013-09-23 02:00:24 +00:00
jyao1 c1d932429e Add TPM2 implementation. 
signed off by: jiewen.yao@intel.com
reviewed by: guo.dong@intel.com

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14687 6f19259b-4bc3-4df7-8a09-765794883524
 2013-09-18 05:31:18 +00:00
Star Zeng e84f07b5fc Create PCDs in MdeModulePkg for ACPI table OEM_ID/OEM_TABLE_ID/OEM_REVISION/CREATOR_ID/CREATOR_REVISION customization. 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14672 6f19259b-4bc3-4df7-8a09-765794883524
 2013-09-16 02:20:52 +00:00
Fu Siyuan 3a186b06f1 Return EFI_WRITE_PROTECTED when setting KEKDefault, PKDefault, dbDefault, dbxDefault and dbtDefault variable. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14662 6f19259b-4bc3-4df7-8a09-765794883524
 2013-09-12 05:31:26 +00:00
Fu Siyuan 74b5fd7a11 Update the chaining requirements with regards to the Platform Key. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14661 6f19259b-4bc3-4df7-8a09-765794883524
 2013-09-12 05:26:15 +00:00
Fu Siyuan a555940b2d Add “VendorKeys” variable for indicating out of band key modification. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14660 6f19259b-4bc3-4df7-8a09-765794883524
 2013-09-12 05:23:28 +00:00
Dong Guo ed094569d6 Enhance TPM driver to protect TPM physical presence flags. 
Signed-off-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
Reviewed-by: Ouyang, Qian <qian.ouyang@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14619 6f19259b-4bc3-4df7-8a09-765794883524
 2013-09-03 07:39:26 +00:00
Fu Siyuan db44ea6c4e 1. Change default PCD in SecurityPkg to 4 (DENY_EXECUTE) in DEC file. 
2. ASSERT if PCD value is set to 5 (QUERY_USER_ON_SECURITY_VIOLATION).
3. Update override PCD setting from 5 to 4 in platform DSC file.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ni Ruiyu <ruiyu.ni@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14607 6f19259b-4bc3-4df7-8a09-765794883524
 2013-08-28 09:06:40 +00:00
Fu Siyuan a365eed476 Fix a bug in secure boot configuration driver: Enroll DB/KEK will disable Attempt Secure Boot option. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14590 6f19259b-4bc3-4df7-8a09-765794883524
 2013-08-22 09:46:03 +00:00
Star Zeng 6675a21f14 MdePkg/MdeModulePkg/SecurityPkg Variable: Forbid creation of non-spec variables in EFI_GLOBAL_VARIABLE namespace. 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14560 6f19259b-4bc3-4df7-8a09-765794883524
 2013-08-19 05:16:45 +00:00
Star Zeng 6e67fec07f MdeModulePkg/SecurityPkg Variable: If a preexisting variable is rewritten with different attributes, SetVariable() shall not modify the variable and shall return EFI_INVALID_PARAMETER. 
Two exceptions to this rule:
1. No access attributes specified
2. The only attribute differing is EFI_VARIABLE_APPEND_WRITE

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14552 6f19259b-4bc3-4df7-8a09-765794883524
 2013-08-16 03:19:45 +00:00
Shumin Qiu 301c867b27 Change EFI_TCG_EVENT_HOB_GUID value to avoid the duplicated GUID value with EFI_LEGACY_BIOS_GUID. 
Signed-off-by: Shumin Qiu <shumin.qiu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14536 6f19259b-4bc3-4df7-8a09-765794883524
 2013-08-09 05:23:22 +00:00
Gary Ching-Pang Lin fd64f84f23 Checks the length of the file name to avoid illegal access. 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Ching-Pang Lin <glin@suse.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Guo Dong <guo.dong@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14531 6f19259b-4bc3-4df7-8a09-765794883524
 2013-08-08 02:41:37 +00:00
Ruiyu Ni 863986b3c8 Update all the code to consume the ConvertDevicePathToText, ConvertDevicePathNodeToText, ConvertTextToDevicePath and ConvertTextToDeviceNode APIs in DevicePathLib. 
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Feng Tian <feng.tian@intel.com>
Reviewed-by: Elvin Li <elvin.li@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>
Reviewed-by: Guo Dong <guo.dong@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14505 6f19259b-4bc3-4df7-8a09-765794883524
 2013-07-26 03:14:08 +00:00
Star Zeng 41982ebbc5 SecurityPkg Variable: Add the check for PcdFlashNvStorageVariableSize <= PcdFlashNvStorageFtwSpareSize. 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14464 6f19259b-4bc3-4df7-8a09-765794883524
 2013-07-11 08:18:56 +00:00
Star Zeng 039a40aa3b SecurityPkg: Variable drivers robustly handle crashes during Reclaim(). 
PEI variable implementation checks only the variable header signature for validity. This does not seem robust if system crash occurred during previous Reclaim() operation. If the crash occurred while FTW was rewriting the variable FV, the signature could be valid even though the rest of the FV isn't valid.
Solution: PEI variable and early phase(before FTW protocol ready) of DXE variable can check the FTW last write status provided by FaultTolerantWritePei and determine if all or partial variable data has been backed up in spare block, and then use the backed up data.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14455 6f19259b-4bc3-4df7-8a09-765794883524
 2013-07-03 09:09:42 +00:00
Laszlo Ersek 328e5d8c19 The list of locked variables is traversed at runtime, hence we must 
convert the list when transferring from physical to virtual mode.

Contributed-under: TianoCore Contribution Agreement 1.0

Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14425 6f19259b-4bc3-4df7-8a09-765794883524
 2013-06-17 02:30:42 +00:00
Ruiyu Ni e4b7e2c94f Revert the changes made in 14403 because it incorrectly changed the EOL. 
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14424 6f19259b-4bc3-4df7-8a09-765794883524
 2013-06-17 02:18:58 +00:00
Laszlo Ersek 9199cb9c02 The list of locked variables is traversed at runtime, hence we must 
convert the list when transferring from physical to virtual mode.

Contributed-under: TianoCore Contribution Agreement 1.0

Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14403 6f19259b-4bc3-4df7-8a09-765794883524
 2013-06-14 01:55:12 +00:00
Chao Zhang 443bd74473 Fix overflow issue in TcgProtocol 
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by  : Yao Jiewen <jiewen.yao@intel.com>
Reviewed-by  : Dong Guo   <guo.dong@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14396 6f19259b-4bc3-4df7-8a09-765794883524
 2013-06-06 00:39:41 +00:00
lzeng14 164a9b6752 Fix the TOCTOU issue of CommBufferSize itself for SMM communicate handler input. 
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14379 6f19259b-4bc3-4df7-8a09-765794883524
 2013-05-21 02:22:02 +00:00
niruiyu 6ab9f44138 Add the EDKII_VARIABLE_LOCK_PROTOCOL implementation in SecurityPkg variable drivers. 
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14378 6f19259b-4bc3-4df7-8a09-765794883524
 2013-05-20 07:10:10 +00:00
sfu5 0ba17ade47 Fix a bug that “SecureBoot” varaible will be updated to NV+AT attribute incorrectly. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ni Ruiyu <ruiyu.ni@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14375 6f19259b-4bc3-4df7-8a09-765794883524
 2013-05-17 08:05:01 +00:00
sfu5 ee79ac8d0e Pop up error message when user tries to enroll an invalid certificate file into KEK/DB/DBX. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14373 6f19259b-4bc3-4df7-8a09-765794883524
 2013-05-17 07:03:49 +00:00
lgao4 cbcccd2c9d Update Code to pass EBC compiler. 
Signed-off-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14352 6f19259b-4bc3-4df7-8a09-765794883524
 2013-05-13 02:36:09 +00:00
lzeng14 5e5bb2a9ba 1. Fix TOCTOU issue in VariableSmm, FtwSmm, FpdtSmm, SmmCorePerformance SMM handler. For VariableSmm, pre-allocate a mVariableBufferPayload buffer with mVariableBufferPayloadSize(match with mVariableBufferPayloadSize in VariableSmmRuntimeDxe) to hold communicate buffer payload to avoid TOCTOU issue. 
2. Add check to ensure CommBufferPayloadSize not exceed mVariableBufferPayloadSize or is enough to hold function structure in VariableSmm and FtwSmm.
3. Align FtwGetLastWrite() in FaultTolerantWriteSmmDxe.c to FtwGetLastWrite() in FaultTolerantWrite.c.

Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14325 6f19259b-4bc3-4df7-8a09-765794883524
 2013-05-07 05:38:32 +00:00
czhang46 732d199d8f Fix memory overflow & VariableSize check issue for SetVariable append write. 
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by  : Fu Siyuan  <siyuan.fu@intel.com>
Reviewed-by  : Dong Guo   <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14323 6f19259b-4bc3-4df7-8a09-765794883524
 2013-05-02 01:42:39 +00:00
lzeng14 9d00d20ed4 1. Use the check IsAddressValid() to prevent SMM communication buffer overflow in SmmVariable, FtwSmm, FpdtSmm, SmmCorePerformance and SmmBaseHelper, and add check to prevent InfoSize overflows in SmmVariableHandler. 
2. Refine the debug message.
3. Add check to make sure the input VariableName is A Null-terminated string.
4. Use local variable to hold StrSize (VariableName) to avoid duplicated StrSize calculation.

Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14317 6f19259b-4bc3-4df7-8a09-765794883524
 2013-04-25 10:49:45 +00:00
sfu5 968e143192 Check for NULL pointer before free it. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14316 6f19259b-4bc3-4df7-8a09-765794883524
 2013-04-25 01:38:06 +00:00
czhang46 56251c669f Fix potential overflow for SetVariable interface 
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by  : Guo Dong   <dong.guo@intel.com>
Reviewed-by  : Siyuan Fu  <siyuan.fu@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14305 6f19259b-4bc3-4df7-8a09-765794883524
 2013-04-22 08:52:58 +00:00
czhang46 d17c4eac56 Fix a potential SMM memory dump issue. If pass communication buffer with DataBuffer to SMM SetVariable which is big enough to cover SMM range. Then GetVariable can dump SMM memory contents. Add more range check for SetVariable 
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by  : Dong Guo   <guo.dong@intel.com>
Reviewed-by  : Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14292 6f19259b-4bc3-4df7-8a09-765794883524
 2013-04-19 01:35:02 +00:00
gdong1 772b601158 Update code not to block application/driver load when event log is full. 
Signed-off-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>



git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14283 6f19259b-4bc3-4df7-8a09-765794883524
 2013-04-18 01:47:34 +00:00
czhang46 3a146f2a7d Fix SMM Variable driver stack GetVariable return INVALID_PARAMETER when DataSize is bigger than SMM communication buffer. 
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by  : Dong Guo   <guo.dong@intel.com>
Reviewed-by  : Fu Siyuan  <siyuan.fu@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14276 6f19259b-4bc3-4df7-8a09-765794883524
 2013-04-15 01:56:31 +00:00
czhang46 0c55190f40 Update SMM variable DXE driver GetNextVariable interface to comply with UEFI spec 
VariableNameSize is the returned buffer size. GetNextVariable should behavior correct if it is bigger than SMM communication buffer or less than string size of VariableName. 

Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by  : Dong Guo   <guo.dong@intel.com>
Reviewed-by  : Fu Siyuan  <siyuan.fu@intel.com>
Reviewed-by  : Zeng Star  <star.zeng@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14258 6f19259b-4bc3-4df7-8a09-765794883524
 2013-04-12 05:59:11 +00:00
sfu5 a2f2c258d4 Update secure boot UI driver to handle “reset to default” hot key. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14257 6f19259b-4bc3-4df7-8a09-765794883524
 2013-04-12 01:44:54 +00:00
lzeng14 3588bb3529 If DataSize or VariableNameSize is near MAX_ADDRESS, this can cause the computed PayLoadSize to overflow to a small value and pass the check in InitCommunicateBuffer(). To protect against this vulnerability, check DataSize and VariableNameSize to make sure PayloadSize doesn't overflow. 
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14252 6f19259b-4bc3-4df7-8a09-765794883524
 2013-04-08 06:56:08 +00:00
sfu5 7403ff5b9f Fix a bug that IsSignatureFoundInDatabase() incorrectly computes CertCount. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14165 6f19259b-4bc3-4df7-8a09-765794883524
 2013-03-06 01:42:04 +00:00
sfu5 6de4c35f99 Update the DxeImageVerificationLib to support for Authenticode-signed UEFI images with multiple signatures. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14141 6f19259b-4bc3-4df7-8a09-765794883524
 2013-02-21 05:00:21 +00:00
sfu5 ca5a7d87e3 Add error handling code to prevent variable store corruption in release build. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14139 6f19259b-4bc3-4df7-8a09-765794883524
 2013-02-21 01:35:22 +00:00
sfu5 5767f22fca Check the input VaraibleName for db/dbx when appending variables with formatted as EFI_SIGNATURE_LIST. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14087 6f19259b-4bc3-4df7-8a09-765794883524
 2013-01-25 07:14:43 +00:00
sfu5 12cbe23257 Check for NULL pointer before dereference it. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14086 6f19259b-4bc3-4df7-8a09-765794883524
 2013-01-25 07:12:25 +00:00
lzeng14 932e0f6628 Variables with state VAR_ADDED&VAR_IN_DELETED_TRANSITION should be considered as valid variables if there is no duplicated ones with VAR_ADDED state. 
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14085 6f19259b-4bc3-4df7-8a09-765794883524
 2013-01-25 06:17:43 +00:00
lzeng14 0cc565deac Add NULL pointer check. 
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14084 6f19259b-4bc3-4df7-8a09-765794883524
 2013-01-25 04:48:41 +00:00
sfu5 b7d269eae1 Fix infinite loop bug in secure boot UI driver. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14082 6f19259b-4bc3-4df7-8a09-765794883524
 2013-01-25 02:01:47 +00:00
gdong1 03ecb5769b Fix TPM may be locked twice issue in normal boot. 
Signed-off-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14079 6f19259b-4bc3-4df7-8a09-765794883524
 2013-01-24 07:14:28 +00:00
lzeng14 23b0693579 1. Update the logic of UpdateVariable() for updating variable from: 
set old variable to IN_DELETED_TRANSITION -> check if reclaim is needed(If yes, do reclaim) -> add new variable -> set old variable to DELETED if no reclaim happened.
to:
set old variable to IN_DELETED_TRANSITION -> check if reclaim is needed(If yes, do reclaim) -> add new variable -> set old variable to DELETED.
2. Update UpdateVariable() to correctly handle the case "both ADDED and IN_DELETED_TRANSITION variable are present", and delete both old ADDED and IN_DELETED_TRANSITION variable when deleting or updating variable.
3. Update VariableServiceGetNextVariableName() to return the valid IN_DELETED_TRANSITION variable if only IN_DELETED_TRANSITION variable is present.

Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14065 6f19259b-4bc3-4df7-8a09-765794883524
 2013-01-18 01:12:32 +00:00
lzeng14 aab9212fa9 Fix the issue that RuntimeServiceQueryVariableInfo() in VariableSmmRuntimeDxe always return EFI_SUCCESS. 
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14050 6f19259b-4bc3-4df7-8a09-765794883524
 2013-01-15 06:43:24 +00:00
sfu5 f71ed839e1 1. Set the secure boot state to Standard Mode when user leaving secure boot setup page. 
2. Add “Current SecureBoot State” field to reflect current secure boot status of the platform.

Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14042 6f19259b-4bc3-4df7-8a09-765794883524
 2013-01-09 05:19:43 +00:00
sfu5 83758cdc84 Fix a bug that the invalid public key will never be removed from public key database. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14041 6f19259b-4bc3-4df7-8a09-765794883524
 2013-01-09 05:09:39 +00:00
lzeng14 6ed1ec5946 Add the TPL raise/restore code for VariableSmmRuntimeDxe to avoid variable services reentry. 
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14038 6f19259b-4bc3-4df7-8a09-765794883524
 2013-01-08 02:07:14 +00:00
lzeng14 335e268133 1. Don't assume that flush the HOB variable to flash must be successful. 
2. When no DELETED variable found, no variable space could be reclaimed, so just give some debug info and return EFI_SUCCESS.

Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14029 6f19259b-4bc3-4df7-8a09-765794883524
 2013-01-04 12:21:59 +00:00
lzeng14 3f5c168fa8 Use SMM_VARIABLE_COMMUNICATE_HEADER_SIZE instead of OFFSET_OF (SMM_VARIABLE_COMMUNICATE_HEADER, Data). 
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Ting Ye <ting.ye@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13993 6f19259b-4bc3-4df7-8a09-765794883524
 2012-12-12 14:12:49 +00:00
sfu5 b3d4217001 Add a NULL string to the Image Execution Information Table if the Name is NULL in function AddImageExeInfo(). 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13990 6f19259b-4bc3-4df7-8a09-765794883524
 2012-12-12 03:03:07 +00:00
czhang46 bcb7667258 Fix Gcc build error 
Signed-off-by: Chao Zhang<chao.b.zhang@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13978 6f19259b-4bc3-4df7-8a09-765794883524
 2012-11-29 02:12:32 +00:00
czhang46 f3ac87a7f5 Fix coding style issue 
Signed-off-by : Chao Zhang <chao.b.zhang@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13976 6f19259b-4bc3-4df7-8a09-765794883524
 2012-11-28 08:49:21 +00:00
sfu5 c11d47b80b Move the declaration of gEfiCertDbGuid to the package's Include folder. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13975 6f19259b-4bc3-4df7-8a09-765794883524
 2012-11-28 06:59:13 +00:00
czhang46 b25380e3ed Measure Processor location as system identity to PCR[1] according to Tcg server spec 
Signed-off-by : Chao Zhang<chao.b.zhang@intel.com>
Reviewed-by   : Dong Guo<guo.dong@intel.com>
Reviewed-by   : Yao Jiewen<jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13971 6f19259b-4bc3-4df7-8a09-765794883524
 2012-11-28 01:32:51 +00:00
czhang46 a332cfd308 1.Measure ACPI table data comes from flash event type EV_POST_CODE ACPI DATA to PCR[0] 
2.Re-measure ACPI table after fix up with event type EV_EFI_HANDOFF_TABLES to PCR[1]

Signed-off-by : Chao Zhang<chao.b.zhang@intel.com>
Reviewed-by   : Dong Guo<guo.dong@intel.com>
Reviewed-by   : Yao Jiewen<jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13964 6f19259b-4bc3-4df7-8a09-765794883524
 2012-11-27 05:16:15 +00:00
sfu5 275beb2b53 1. Correct the counter-based hash algorithm according to UEFI spec. 
2. Check the reserverd bit in variable attribute.
3. Return EFI_OUT_OF_RESOURCE instead of EFI_SECURITY_VIOLATION if there is not enough speace to store the public key.
4. Fix a bug when deleting a non-existent time-based auth variable, we store the certificate into cert DB incorrectly.
5. Fix a bug that time-based auth variable can't been updated again after append operation.

Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13957 6f19259b-4bc3-4df7-8a09-765794883524
 2012-11-21 08:06:02 +00:00
czhang46 8c3883b68d Fix ECC issue 
Signed-off-by : chao zhang<chao.b.zhang@intel.com>
Reviewed-by  :  fan  jeff <jeff.fan@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13926 6f19259b-4bc3-4df7-8a09-765794883524
 2012-11-05 02:52:13 +00:00
czhang46 482114024e Add Physical Presence request UI detection logic. Refine UIConfirm ReadKey logic 
Signed-off-by : chao zhang  <chao.b.zhang@intel.com>
Reviewed-by   : dong guo    <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13908 6f19259b-4bc3-4df7-8a09-765794883524
 2012-11-01 04:46:26 +00:00
czhang46 6f6c7857c2 Remove TPM selftest on S3 boot path to save time 
Signed-off-by : Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by   : Dong Guo   <guo.dong@intel.com>
Reviewed-by   : Yao Jiewen <jieweng.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13873 6f19259b-4bc3-4df7-8a09-765794883524
 2012-10-22 04:35:59 +00:00
tye1 64470c17df Remove useless MD5 OID ASN.1 value from DxeImageVerificationLib. 
Signed-off-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13854 6f19259b-4bc3-4df7-8a09-765794883524
 2012-10-17 02:26:11 +00:00
czhang46 f941becdd8 Change TPM ACCESS_X.activeLocality test timeout to TIMEOUT_A 
Signed-off-by : chao zhang<chao.b.zhang@intel.com>
Reviewed-by   : dong guo  <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13849 6f19259b-4bc3-4df7-8a09-765794883524
 2012-10-16 02:58:08 +00:00
gdong1 89be2b037f Fix time-based and count-based authenticated variable can be updated by each other without verification. 
Signed-off-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>



git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13848 6f19259b-4bc3-4df7-8a09-765794883524
 2012-10-15 06:08:22 +00:00
czhang46 0758c830f7 Rename Trusted Hob to Measured FV hob and add Guided Hob layout structure 
Signed-off-by : Chao Zhang<chao.b.zhang@intel.com>
Reviewed-by   : Dong Guo  <guo.dong@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13762 6f19259b-4bc3-4df7-8a09-765794883524
 2012-09-28 00:57:02 +00:00
sfu5 0357efe3f5 Add a dialog box with help message when user changes the state of "Attempt Secure Boot" check box. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13733 6f19259b-4bc3-4df7-8a09-765794883524
 2012-09-14 07:28:37 +00:00
sfu5 42ed76042a 1. Fix a bug when comparing two timestamp in auth-variable driver. 
2. Remove the TimeCompare function in Bds since it's not used anymore.

Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13731 6f19259b-4bc3-4df7-8a09-765794883524
 2012-09-14 02:59:35 +00:00
czhang46 89799ec954 Fix coding style issue 
Signed-off-by : Chao Zhang<chao.b.zhang@intel.com>
Reviewed-by   : Guo Dong<guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13730 6f19259b-4bc3-4df7-8a09-765794883524
 2012-09-13 11:28:27 +00:00
czhang46 d0043e49ff Add ImageAuthenticationStatusLib to SAP to check Authentication Status returned from 
Section Extraction Protocol

Signed-off-by: Chao Zhang<chao.b.zhang@intel.com>
Reviewed-by  : Gao Liming<liming.gao@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13729 6f19259b-4bc3-4df7-8a09-765794883524
 2012-09-13 08:34:32 +00:00
qianouyang 504dfa9dbb Add Tper Reset Logic by using MOR bit. 
Signed-off-by: Ouyang, Qian <Qian.Ouyang@intel.com>
Reviewed-by: Tian, Feng <feng.tian@intel.com>
             Dong, Guo <Guo.dong@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13728 6f19259b-4bc3-4df7-8a09-765794883524
 2012-09-12 10:20:34 +00:00
erictian ad84df72c7 SecurityPkg/VariableSmm: Fix a VariableSmm bug when reading variable with size 0. 
Signed-off-by: Tian, Feng <feng.tian@intel.com>
Reviewed-by: Zhang, Chao <chao.b.zhang@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13726 6f19259b-4bc3-4df7-8a09-765794883524
 2012-09-12 08:25:25 +00:00
czhang46 6dbdb1914d Fix compile error 
Signed-off-by : Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by   : Eric Dong  <Eric.Dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13717 6f19259b-4bc3-4df7-8a09-765794883524
 2012-09-12 01:23:04 +00:00
czhang46 2aadc9205b Enable TPM measurement lib to measure all PE image from a FV unmeasured by TcgPei 
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by  : Dong, Guo  <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13714 6f19259b-4bc3-4df7-8a09-765794883524
 2012-09-11 02:26:50 +00:00
czhang46 59f968ccc8 TcgPei is a generic module, so move PcdFirmwareVersionString to generic Pcd list 
Signed-off-by : Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by   : Guo Dong   <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13702 6f19259b-4bc3-4df7-8a09-765794883524
 2012-09-06 02:46:07 +00:00
sfu5 84bce75b08 Check the value of Hdr.dwLength for signed EFI image before image validation. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13701 6f19259b-4bc3-4df7-8a09-765794883524
 2012-09-06 02:15:59 +00:00
czhang46 8cc068142f fix compile error in TcgPei 
signed-off-by: Zhang Chao <chao.b.zhang@intel.com>
reviewed-by  : Dong Guo   <guo.dong@inte.com> 

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13699 6f19259b-4bc3-4df7-8a09-765794883524
 2012-09-05 00:32:12 +00:00
lgao4 4dbb98ab16 Add check for DevicePathNode. 
Signed-off-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13690 6f19259b-4bc3-4df7-8a09-765794883524
 2012-08-29 05:10:30 +00:00
czhang46 055c829c42 TcgPei need to measure anything to PCR in S3 bootpath, so skip shadow logic. 
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by  : Fu, Siyuan <siyuan.fu@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13685 6f19259b-4bc3-4df7-8a09-765794883524
 2012-08-28 03:16:10 +00:00
czhang46 333a53ee5b Use firmware version instead of hardcode string for S-CRTM version identifier 
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by  : Fu, Siyuan <siyuan.fu@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13677 6f19259b-4bc3-4df7-8a09-765794883524
 2012-08-27 00:52:18 +00:00
czhang46 db999bd39b Remove MOR check box feature. should not have a switch to turn off MOR. 
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by  : Dong, Guo  <guo.dong@intel.com>
Reviewed-by  : Mike, Wu   <mike.wu@intel.com>
Reviewed-by  : Erik C Bjorge <erick.c.bjorge@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13675 6f19259b-4bc3-4df7-8a09-765794883524
 2012-08-24 00:37:40 +00:00
sfu5 f6f9031f8e Update the DxeImageVerificationLib to handle the signed image which CertType is set to EFI_CERT_TYPE_PKCS7_GUID. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13672 6f19259b-4bc3-4df7-8a09-765794883524
 2012-08-23 07:55:35 +00:00
sfu5 f6e233534e 1. Initialize certdb variable with correct value of list size. 
2. Use gloable database array instead of calling AllocateZeroPool in SetVariable.

Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13671 6f19259b-4bc3-4df7-8a09-765794883524
 2012-08-23 06:53:51 +00:00
czhang46 15f2d73901 Add TcgDxeHashLogExtendEvent EventLogLastEntry parameter update logic 
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by  : Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13669 6f19259b-4bc3-4df7-8a09-765794883524
 2012-08-23 03:17:33 +00:00
lgao4 5db28a6753 Add PI1.2.1 SAP2 support and UEFI231B mantis 896 
1. Update three Security Handlers to depend on new SecurityManagementLib APIs to register Security service for SAP2

Signed-off-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Guo Dong <dong.guo@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13661 6f19259b-4bc3-4df7-8a09-765794883524
 2012-08-22 02:33:00 +00:00
czhang46 677e5c0b77 Fix TCG protocol TcgDxeHashLogExtendEvent and TcgDxeLogEvent SDL issue 
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by  : Fu, Siyuan <siyuan.fu@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13652 6f19259b-4bc3-4df7-8a09-765794883524
 2012-08-21 02:12:43 +00:00
czhang46 be02dcee3a Fix TCG protocol PassThroughToTpm() SDL issue 
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by  : Dong Guo <guo.dong@intel.com>
Reviewed-by  : Fu, Siyuan <siyuan.fu@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13646 6f19259b-4bc3-4df7-8a09-765794883524
 2012-08-17 07:59:51 +00:00
sfu5 50fe73a1aa 1. Remove the code path which use X509 cert in KEK to validate PKCS7 signed image. 
2. Remove the code path to validate UEFI image signed by RSA2048 key.
3. Disable the ALLOW_EXECUTE/DEFER_EXECUTE/QUERY_USER policy PCD.

Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13636 6f19259b-4bc3-4df7-8a09-765794883524
 2012-08-15 01:39:43 +00:00
lzeng14 8f3a9e5862 LastVariableOffset is wrongly set to 0 when FtwVariableSpace() fails. Recalculate the HwErrVariableTotalSize, HwErrVariableTotalSize and LastVariableOffset when FtwVariableSpace() fails. 
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Guo Dong <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13593 6f19259b-4bc3-4df7-8a09-765794883524
 2012-08-06 03:20:10 +00:00
gdong1 477be7c4cb Fix physical presence request failure for PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE, PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE and PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE. 
Signed-off-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13590 6f19259b-4bc3-4df7-8a09-765794883524
 2012-08-03 03:27:02 +00:00
czhang46 9e945f7852 Measure ExitBootServices failure case 
Signed-off-by: Chao Zhang<chao.b.zhang@intel.com>
Reviewed-by: Dong Guo<guo.dong@intel.com>
Reviewed-by: Gao Liming<liming.gao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13580 6f19259b-4bc3-4df7-8a09-765794883524
 2012-08-02 06:33:10 +00:00
gdong1 f5af77a80f Fix a failure in TCG HashAll interface. 
signed-off by Tao Hengyan <hengyan.tao@intel.com>
reviewed by Dong Guo <guo.dong@intel.com>
reviewed by Long Qin <qin.long@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13556 6f19259b-4bc3-4df7-8a09-765794883524
 2012-07-26 05:17:35 +00:00