Commit Graph

17122 Commits

Author SHA1 Message Date
Qin Long 45419de6ca CryptoPkg: Add one new API (Pkcs7GetCertificatesList) for certs retrieving.
Adding one new API (Pkcs7GetCertificatesList) to retrieve and sort all
embedded certificates from Pkcs7 signedData. This new API will provide
the support for UEFI 2.5 Secure-Boot AuditMode feature.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.long@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Ting Ye <ting.ye@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18729 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-05 08:50:39 +00:00
Cinnamon Shia a06795c6a6 ShellPkg/UefiDpLib: Support dumping cumulative data
Add a new option -c to dump cumulative data.
For example:
shell> dp -c
==[ Cumulative ]========
(Times in microsec.)     Cumulative   Average     Shortest    Longest
   Name          Count    Duration    Duration    Duration    Duration
LoadImage:         200     1000000        7000           0      100000
StartImage:        200    20000000       90000           0     7000000
  DB:Start:        200    20000000      100000           0     9000000
DB:Support:     200000      100000           0           0        7000

shell> dp -c DXE
==[ Cumulative ]========
(Times in microsec.)     Cumulative   Average     Shortest    Longest
   Name          Count    Duration    Duration    Duration    Duration
LoadImage:         200     1000000        7000           0      100000
StartImage:        200    20000000       90000           0     7000000
  DB:Start:        200    20000000      100000           0     9000000
DB:Support:     200000      100000           0           0        7000
        DXE          1    30000000    30000000           0    30000000

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Cinnamon Shia <cinnamon.shia@hpe.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>
Reviewed-by: El-Haj-Mahmoud Samer <samer.el-haj-mahmoud@hpe.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18728 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-05 01:59:24 +00:00
Cinnamon Shia 303ec9bc9f ShellPkg/UefiDpLib: Fix a DP cumulative data issue
The value of PERF_CUM_DATA.Count and PERF_CUM_DATA.Duration field
keep cumulating on every execution of dp.
Initialize the CumData at dp's entry point.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Cinnamon Shia <cinnamon.shia@hpe.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18727 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-05 01:03:14 +00:00
Michael Kinney c2e5e70a85 UefiCpuPkg: PiSmmCpuDxeSmm: Remove Framework compatibility
The PiSmmCpuDxeSmm module is using PcdFrameworkCompatibilitySupport to
provide compatibility with the SMM support in the IntelFrameworkPkg.
This change removes the Framework compatibility and requires all SMM
modules that provide SMI handlers to follow the PI Specification.

Cc: Jeff Fan <jeff.fan@intel.com>

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Michael Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18726 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-05 00:01:45 +00:00
Star Zeng b9ffeab7b0 ShellPkg UefiDpLib: Use correct string length for the input UnicodeBuffer
Same as the beginning of function to use DP_GAUGE_STRING_LENGTH, but not
DXE_PERFORMANCE_STRING_LENGTH.

Cc: Jaben Carsey <jaben.carsey@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18725 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-04 01:56:29 +00:00
Daryl McDaniel e5cffcad87 AppPkg: Replace all occurrences of ` within comments with '.
Within the Ia32 and X64 pyconfig.h files, there are 178 occurrences
of an accent character, `, being used instead of a regular single quote, ',
within comments.

Example:
    OLD:  `foobar'
    NEW: 'foobar'

The same changes are applied to both
AppPkg/Applications/Python/Ia32/pyconfig.h and
AppPkg/Applications/Python/X64/pyconfig.h.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Daryl McDaniel <edk2-lists@mc2research.org>
Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>
Reviewed-by: Erik Bjorge <erik.c.bjorge@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18724 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-03 18:58:06 +00:00
Jeremy Linton efcc052bdf ArmPlatformPkg: Juno - add correct SPI interrupt numbers for MSI
The JunoR1 has a GICv2m which is a GICv2 with a little piece of hardware
that has some memory mapped locations that can trigger traditional SPI
interrupts. This allows some basic PCIe MSI capabilities.

Setup the SPI range that is mapped by the MSI window. This range is
described in the JunoR1 SoC TRM, table 3-3. Under Interrupt ID 244-351 is
described as "GICv2m PCI Express MSI". In the future when these tables
are generated programmatically the information may be found in the
MSI_TYPER register as well.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jeremy Linton <jeremy.linton@arm.com>
Reviewed-by: Ryan Harkin <ryan.harkin@linaro.org>
Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18723 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-03 11:11:22 +00:00
Sunny Wang fad21b7c57 MdeModulePkg: Fix memory leak issues
Fix memory leak issues

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Sunny Wang <sunnywang@hpe.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18722 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-03 02:58:30 +00:00
Cinnamon Shia e7e346962b MdeModulePkg/RegularExpressionDxe: Add missing PrintLib
AsciiVSPrint is used in RegularExpressionDxe/Oniguruma/OnigurumaUefiPort.c.
But PrintLib is missing in RegularExpressionDxe.inf.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Cinnamon Shia <cinnamon.shia@hpe.com>
Reviewed-by: Samer El-Haj-Mahmoud <elhaj@hpe.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18721 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-03 02:44:48 +00:00
Cinnamon Shia 0af8e57c74 MdeModulePkg/RegularExpressionDxe: Correct copyright
Correct copyrights in RegularExpressionDxe

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Cinnamon Shia <cinnamon.shia@hpe.com>
Reviewed-by: Samer El-Haj-Mahmoud <elhaj@hpe.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18720 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-03 02:43:03 +00:00
Ruiyu Ni c7e7613e09 MdeModulePkg: Fix a PciBusDxe hot plug bug
For a hot plug bridge with device attached, PciBusDxe driver reserves
the resources which equal to the total amount of padding resource
returned from HotPlug->GetResourcePadding() and the actual occupied
resource by the attached device. The behavior is incorrect.
Correct behavior is to reserve the bigger one between the padding
resource and the actual occupied resource.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Feng Tian <feng.tian@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18719 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-03 02:34:21 +00:00
Ruiyu Ni f67bd32dda MdeModulePkg: Fix a PCI resource dumping bug in PciBusDxe driver
The resource dumping logic contains a bug which cannot dump the
resource for hot plug controller correctly. The patch fixes this
bug.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Feng Tian <feng.tian@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18718 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-03 02:33:41 +00:00
Ruiyu Ni b3800cfd10 Revert "MdeModulePkg: Fix a PciBusDxe hot plug bug"
Leif suggested to split the big patch to smaller ones.

This reverts commit 73b7f115c653c807b9d0be97bf516871d8aff7ba.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Feng Tian <feng.tian@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18717 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-03 02:33:05 +00:00
Michael Kinney 229fd9e7aa MdeModulePkg: PiSmmCore: Remove confusing CopyMem() of SMM_ENTRY_CONTEXT
A subset of fields in the EFI_SMM_SYSTEM_TABLE2 structure are identical
to the fields in the SMM_ENTRY_CONTEXT structure.  CopyMem() is used to
transfer the contents of the SMM_ENTRY_CONTEXT structure into the
EFI_SMM_SYSTEM_TABLE2.  This is confusing because SMM_ENTRY_CONTEXT is
not used in the declaration of EFI_SMM_SYSTEM_TABLE2 and field contents
are transferred without any reference to individual field names (e.g.
CurrentlyExecutingCpu).  In order to make the code easier to maintain
and understand, the CopyMem() is replaced with statements that transfer
each field of SMM_ENTRY_CONTEXT into EFI_SMM_SYSTEM_TABLE2.

Reported-by: Laszlo Ersek <lersek@redhat.com>
Link: http://article.gmane.org/gmane.comp.bios.edk2.devel/3567

Cc: Feng Tian <feng.tian@intel.com>
Cc: Jeff Fan <jeff.fan@intel.com>

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Michael Kinney <michael.d.kinney@intel.com>
Reviewed-by: Feng Tian <feng.tian@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18716 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-03 02:06:57 +00:00
Jeff Fan f6b0cb17b1 UefiCpuPkg/PiSmmCpuDxeSmm: Shouldn't use gSmst->CurrentlyExecutingCpu
In ConfigSmmCodeAccessCheck(), we used gSmst->CurrentlyExecutingCpu to get the
current SMM BSP. But ConfigSmmCodeAccessCheck() maybe invoked before executing
SmmCoreEntry() and gSmst->CurrentlyExecutingCpu hasn't been updated to the
latest value. The code flow is as below:

  BSPHandler()
    gSmmCpuPrivate->SmmCoreEntryContext.CurrentlyExecutingCpu = CpuIndex;
    //
    // when mRestoreSmmConfigurationInS3 is set:
    //
    ConfigSmmCodeAccessCheck()
      //
      // reads gSmst->CurrentlyExecutingCpu to early
      //
    gSmmCpuPrivate->SmmCoreEntry (&gSmmCpuPrivate->SmmCoreEntryContext)
      //
      // sets gSmst->CurrentlyExecutingCpu with CopyMem() too late
      //
      CopyMem (&gSmmCoreSmst.SmmStartupThisAp,
        SmmEntryContext, sizeof (EFI_SMM_ENTRY_CONTEXT));

Instead, we should use
gSmmCpuPrivate->SmmCoreEntryContext.CurrentlyExecutingCpu directly.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jeff Fan <jeff.fan@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18715 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-02 03:04:19 +00:00
Samer El-Haj-Mahmoud 32c8c88df5 MdeModulePkg: Add DEBUG statement when reaching max perf log entries
Add a DEBUG statement when the number of PEI perf log entries
exceeds PcdMaxPeiPerformanceLogEntries

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Samer El-Haj-Mahmoud <samer.el-haj-mahmoud@hpe.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18714 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-02 02:38:24 +00:00
Star Zeng 8aa6ebe83f MdeModulePkg SmbiosMeasurementDxe: NULL check to String from GetSmbiosStringById
When StringId is not 0, String returned from GetSmbiosStringById is expected to non-NULL.
Add ASSERT (String != NULL); to ensure this.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Shumin Qiu <shumin.qiu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Shumin Qiu <shumin.qiu@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18713 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-02 01:42:51 +00:00
Michael Kinney df60fb4cc2 SourceLevelDebugPkg: DebugAgent: Set Local APIC SoftwareEnable
Update DebugAgent to make sure the Local APIC SoftwareEnable bit is set
before using the Local APIC Timer.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Michael Kinney <michael.d.kinney@intel.com>
Reviewed-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18712 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-30 17:53:53 +00:00
Michael Kinney 14e4ca25c6 UefiCpuPkg: LocalApicLib: Add API to set SoftwareEnable bit
The LocalApicLib does not provide a function to manage the state of the
Local APIC SoftwareEnable bit in the Spurious Vector register.  There
are cases where this bit needs to be managed without side effects to.
other Local APIC registers.  One use case is in the DebugAgent in the
SourceLevelDebugPkg.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Michael Kinney <michael.d.kinney@intel.com>
Reviewed-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18711 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-30 17:53:31 +00:00
Michael Kinney 0d4c1db81a UefiCpuPkg: CpuDxe: Update GDT to be consistent with DxeIplPeim
The PiSmmCpuDxeSmm module makes some assumptions about GDT selectors
that are based on the GDT layout from the DxeIplPeim.  For example,
the protected mode entry code and (where appropriate) the long mode
entry code in the UefiCpuPkg/PiSmmCpuDxeSmm/*/MpFuncs.* assembly
files, which are used during S3 resume, open-code segment selector
values that depend on DxeIplPeim's GDT layout.

This updates the CpuDxe module to use the same GDT layout as the
DxeIplPeim.  This enables modules that are dispatched after
CpuDxe to find, and potentially save and restore, a GDT layout that
matches that of DxeIplPeim.  The DxeIplPeim has a 2 GDT entries for
data selectors that are identical.  These are LINEAR_SEL (GDT Offset
0x08)and LINEAR_DATA64_SEL (GDT offset 0x30).  LINEAL_SEL is used for
for IA32 DXE and the LINEAR_DATA64_SEL is used for X64 DXE. This
duplicate data selector was added to the CpuDxe module to keep the
GDT and all selectors consistent.

Using a consistent GDT also improves debug experience.

Reported-by: Laszlo Ersek <lersek@redhat.com>
Analyzed-by: Laszlo Ersek <lersek@redhat.com>
Link: http://article.gmane.org/gmane.comp.bios.edk2.devel/3568
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Michael Kinney <michael.d.kinney@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18710 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-30 17:32:27 +00:00
Nagaraj Hegde cdf8c32ec1 NetworkPkg: HttpDxe sometimes free a pointer twice
In EfiHttpRequest, HostName was getting freed twice whenever
HttpTransmitTcp4 failed. Moved FreePool (HostName) after
HttpTransmitTcp4 call to avoid a double free.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Nagaraj Hegde <nagaraj-p.hegde@hpe.com>
Reviewed-by: Samer El-Haj-Mahmoud <elhaj@hpe.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18709 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-30 06:47:54 +00:00
David Woodhouse 843f8ca01b CryptoPkg/OpensslLib: Move OPENSSL_NO_xxx defines into opensslconf.h
Putting these on the command line as we do at the moment means that they
are *only* visible when actually building the OpenSSL code itself. When
building other things like BaseCryptLib, they were missing. Which could
lead to discrepancies in structures defined by the header files, between
the OpenSSL code and the EDK II code which calls it.

Move the definitions into opensslconf.h where they would normally live
in a standard build of OpenSSL.

Note: Do *not* set OPENSSL_NO_LHASH or OPENSSL_NO_OCSP since those weren't
effectively disabled before; the directories was still being included in
the build. If we actually disable then, the build breaks. We can hopefully
fix at least OCSP upstream later, but one thing at a time...

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Reviewed-by: Qin Long <qin.long@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18708 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-29 14:17:31 +00:00
David Woodhouse 97468ab902 CryptoPkg/OpensslLib: Eliminate GETPID_IS_MEANINGLESS definition
OpenSSL ought to work this out for itself when OPENSSL_SYS_UEFI is set.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Reviewed-by: Qin Long <qin.long@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18707 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-29 14:17:23 +00:00
David Woodhouse 3b21958bf2 CryptoPkg: Fix OpenSSL BN wordsize and OPENSSL_SYS_UEFI handling
We were manually setting -DSIXTY_FOUR_BIT_LONG or -DTHIRTY_TWO_BIT on
the compiler command line when building OpensslLib itself, but not when
building BaseCryptLib.

But when building BaseCryptLib, we weren't setting OPENSSL_SYS_UEFI
*either*. This meant that *that* build was picking up the definition
from <openssl/opensslconf.h>, and was thus *different* to the version
the library was built with, in some cases.

So set OPENSSL_SYS_UEFI consistently in OpensslSupport.h and *also*
define either SIXTY_FOUR_BIT or THIRTY_TWO_BIT there too.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Qin Long <qin.long@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18706 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-29 14:17:15 +00:00
David Woodhouse 5121a76461 CryptoPkg/OpensslLib: Undefine NO_BUILTIN_VA_FUNCS to fix varargs breakage
Instead of patching OpenSSL to add EFIAPI to the one varargs function we
actually *noticed* breakage in, let's fix the problem in a more coherent
way by undefining NO_BUILTIN_VA_FUNCS.

That way, the VA_START and similar macros will actually do the right
thing for non-EFIAPI functions, which is to use the GCC builtins.

It's still fairly broken elsewhere in the tree, with the VA_START macro
being used from both EFIAPI and non-EFIAPI functions — and being broken
in the latter case. We probably ought to make EFIAPI a no-op everywhere
and add -mabi=ms to the GCC builds. But that's a project for another day.
For now, just fix the OpenSSL build in a cleaner fashion.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Qin Long <qin.long@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18705 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-29 14:17:02 +00:00
David Woodhouse de0408be72 CryptoPkg/BaseCryptLib: Use X509_V_FLAG_NO_CHECK_TIME
OpenSSL HEAD is in the process of adding this flag to disable the validity
time checking. Backport it to 1.0.2 and use it too, for consistency.

https://rt.openssl.org/Ticket/Display.html?id=3951&user=guest&pass=guest

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Reviewed-by: Qin Long <qin.long@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18704 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-29 14:16:54 +00:00
David Woodhouse 68547181f3 CryptoPkg/BaseCryptLib: Use X509_V_FLAG_PARTIAL_CHAIN
Since OpenSSL 1.0.2 we can set this flag on the X509_STORE to instruct
OpenSSL to accept non-self-signed certificates as trusted. So we don't
need two entirely identical copies of a verify_cb() function which makes
it ignore the resulting errors.

We also *didn't* use that verify_cb() function for X509VerifyCert(), but
probably should have done. So that can get X509_V_FLAG_PARTIAL_CHAIN for
consistency, too.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Reviewed-by: Qin Long <qin.long@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18703 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-29 14:16:45 +00:00
David Woodhouse e6eaada468 CryptoPkg/BaseCryptLib: Clean up checking of PKCS#7 contents type
Use the new OBJ_get0_data() accessor to compare the data, and actually
check the length of the object too.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Qin Long <qin.long@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18702 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-29 14:16:37 +00:00
David Woodhouse 338bfd970a CryptoPkg/BaseCryptLib: Use accessor functions for ASN1_OBJECT
OpenSSL 1.1 introduces new OBJ_get0_data() and OBJ_length() accessor
functions and makes ASN1_OBJECT an opaque type.

Unlike the accessors in previous commits which *did* actually exist
already but just weren't mandatory, these don't exist in older versions
of OpenSSL. So introduce macros which do the right thing, for
compatibility.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Qin Long <qin.long@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18701 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-29 14:16:30 +00:00
David Woodhouse 4ffe0facbe CryptoPkg/BaseCryptLib: Use accessor functions for X509_ATTRIBUTE
In OpenSSL 1.1, the X509_ATTRIBUTE becomes an opaque structure and we will
no longer get away with accessing its members directly. Use the accessor
functions X509_ATTRIBUTE_get0_object0() and X509_ATTRIBUTE_get0_type()
instead.

Also be slightly more defensive about unlikely failure modes.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Qin Long <qin.long@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18700 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-29 14:16:22 +00:00
David Woodhouse eeb8928a26 CryptoPkg/BaseCryptLib: Use i2d_X509_NAME() instead of abusing X509_NAME
In OpenSSL 1.1, the X509_NAME becomes an opaque structure and we will no
longer get away with accessing its members directly. Use i2d_X509_NAME()
instead.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Qin Long <qin.long@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18699 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-29 14:16:15 +00:00
David Woodhouse 1cae0c83bb CryptoPkg/BaseCryptLib: Add missing OpenSSL includes
OpenSSL 1.1 has cleaned up its include files a little, and it will now
be necessary to directly include things like <openssl/bn.h> if we want
to use them, rather than assuming they are included indirectly from
other headers.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Qin Long <qin.long@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18698 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-29 14:15:53 +00:00
Thomas Palmer 50c6a4d2d4 EmbeddedPkg: Add EFIAPI to several Ebl functions
The EFIAPI function declaration is missing for several functions in the
EmbeddedPkg/Ebl directory. A few function pointer struct members expect
EFIAPI though and GCC46/X64 will fail to compile the directory without
them.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer <thomas.palmer@hpe.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18697 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-29 12:59:06 +00:00
Ruiyu Ni 419a271d2e MdeModulePkg: Do not dump NULL padding resource descriptor
Add a check for ResourcePaddingDescriptors being a valid pointer in
DumpPpbPaddingResource() to prevent looping on memory not owned by
PciBusDxe.  The ResourcePaddingDescriptors is initialized to NULL
when the PCI_IO_DEVICE structure is allocated and remains NULL if
no PCI hot plug controllers are present.  This issue is only
observed when DEBUG_CODE() macros are enabled and was introduced
by the following patch:

  [edk2] [Patch] MdeModulePkg: Fix a PciBusDxe hot plug bug
  SVN revsion 18658

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Feng Tian <feng.tian@intel.com>
Reviewed-by: Kinney Michael <michael.d.kinney@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18696 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-29 03:26:00 +00:00
Star Zeng 35a19d4840 MdeModulePkg SmbiosMeasurementDxe: Correct the comments
1. Correct the return comments of entrypoint function.
2. Add parameters' comments for MeasureSmbiosTable().
3. Correct the Protocols and Guids usage comments in SmbiosMeasurementDxe.inf.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18695 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-29 01:13:59 +00:00
Star Zeng 14c218b398 MdeModulePkg SmbiosMeasurementDxe: Remove the tailing whitespace
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18694 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-29 01:13:32 +00:00
Star Zeng e293bc24ed MdeModulePkg SmbiosMeasurementDxe: Use EFI_D_VERBOSE for internal dump functions
Use EFI_D_VERBOSE instead of EFI_D_INFO in InternalDumpData() and InternalDumpHex().
And also add DEBUG_CODE wrapper to InternalDumpHex() call.
It is to avoid the bother from the internal verbose debug information.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18693 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-29 01:13:07 +00:00
Star Zeng 8c1d873522 MdeModulePkg SmbiosMeasurementDxe: Add (VOID **) typecast for GCC build failure
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18692 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-29 01:12:43 +00:00
Star Zeng 3c394a6775 MdeModulePkg SmbiosMeasurementDxe: Use SMBIOS table and GUID correctly
1. Smbios3Table used as SmbiosTable wrongly after SmbiosTable got from configuration table.
2. Use correct VendorGuid and VendorTable to measure.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18691 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-29 01:10:18 +00:00
Michael Kinney d26a7a3fa2 UefiCpuPkg: SmmCpuFeaturesLib: Add MSR_SMM_FEATURE_CONTROL support
Add support for the reading and writing MSR_SMM_FEATURE_CONTROL
through the SmmCpuFeaturesIsSmmRegisterSupported(),
SmmCpuFeaturesGetSmmRegister(), and SmmCpuFeaturesSetSmmRegister()
functions.  This MSR is supported if the Family/Model is 06_3C,
06_45, or 06_46.

Cc: "Yao, Jiewen" <jiewen.yao@intel.com>
Cc: Jeff Fan <jeff.fan@intel.com>

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Michael Kinney <michael.d.kinney@intel.com>
Reviewed-by: "Yao, Jiewen" <jiewen.yao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18690 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-28 07:16:38 +00:00
Qiu Shumin c617380446 ShellPkg: Refine code by initializing local variable and adding ASSERT statement.
Add ASSERT statement and initialize local variable to make code more readable.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qiu Shumin <shumin.qiu@intel.com>
Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18689 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-28 01:14:34 +00:00
Star Zeng ae658d9163 MdeModulePkg Variable: Move CacheVariable->InDeletedTransitionPtr NULL pointer check
This change is triggered by R18654 "Enhance variable performance by reading from existed memory cache"
that changed the code to use CacheVariable to improve performance.
So the CacheVariable->InDeletedTransitionPtr NULL pointer check needs to be moved to the place before
it is been used.

Cc: Shumin Qiu <shumin.qiu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Shumin Qiu <shumin.qiu@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18688 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-28 00:48:43 +00:00
Yao, Jiewen 5b5e5674ae Publish FspHob to PEI Hob by default.
because most platforms use such logic.
PcdDataBaseHobGuid GuidHob is excluded because PCD database in FSP is different with the one in PEI.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com>
Reviewed-by: "Ma, Maurice" <maurice.ma@intel.com>
Reviewed-by: "Rangarajan, Ravi P" <ravi.p.rangarajan@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18687 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-27 23:10:49 +00:00
Michael Kinney 9838b0161d UefiCpuPkg: PiSmmCpuDxeSmm: Replace PcdSet## with PcdSet##S
PcdSet## has no error status returned, then the caller has no idea about
whether the set operation is successful or not.  PcdSet##S were added to
return error status and PcdSet## APIs were put in ifndef
DISABLE_NEW_DEPRECATED_INTERFACES condition.  To adopt PcdSet##S and
further code development with DISABLE_NEW_DEPRECATED_INTERFACES defined,
we need to Replace PcdSet## usage with PcdSet##S.

Normally, DynamicDefault PCD set is expected to be success, but DynamicHii
PCD set failure is a legal case.  So for DynamicDefault, we add assert
when set failure. For DynamicHii, we add logic to handle it.

Cc: "Yao, Jiewen" <jiewen.yao@intel.com>
Cc: Jeff Fan <jeff.fan@intel.com>

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Michael Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18686 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-27 16:15:03 +00:00
Haojian Zhuang 7fe513896e MdePkg/BaseSynchronizationLib: fix AArch64 return values
Fix the wrong return value of both InternalSyncIncrement()
and InternalSyncDecrement(). The return value shouldn't
be the address of input parameter. It should be the updated
value of input parameter instead.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Haojian Zhuang <haojian.zhuang@linaro.org>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18685 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-27 11:56:57 +00:00
Dandan Bi 8a4582838b MdeModulePkg:Add new API HiiGetFormSetFromHiiHandle into UefiHiiLib
This function is mainly through the Hii handle to get the formset opcode.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18684 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-27 10:19:29 +00:00
Tim He 8b7a63e7e2 Vlv2TbltDevicePkg: Sync the branch changes to trunk.
update some smbios string and macro name for MinnowBoard 
Turbot board.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Tim He <tim.he@intel.com>
Reviewed-by: David Wei <david.wei@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18682 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-27 07:44:24 +00:00
Eric Dong b6f6125526 MdeModulePkg SetupBrowserDxe: Save global variable values before nest function called.
The SendForm function can be called nest in it. This function also uses some global variables. So we must save global variable values before it been called again.

Checked in the missing change for gBrowserFormSetList.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18681 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-27 07:37:56 +00:00
Yao, Jiewen c00a0c8761 Move Smbios measurement from TCG driver to Smbios driver.
This is patch to add smbios measurement.

The problem of current SMBIOS measurement is:
1) TCG drivers do not support SMBIOS3.0 table.
2) TCG drivers do not follow TCG platform spec on: "Platform configuration information that is automatically updated,
 such as clock registers, and system unique information, such as asset numbers or serial numbers,
 MUST NOT be measured into PCR [1], or any other PCR."

So we decide to move Smbios measurement from TCG drivers to Smbios driver.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com>
Reviewed-by: "Zeng, Star" <star.zeng@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18680 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-27 04:46:50 +00:00
Yao, Jiewen 03195ad324 Fix issue that calling GetS3MemoryInfo() with wrong order.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com>
Reviewed-by: "Ma, Maurice" <maurice.ma@intel.com>
Reviewed-by: "Rangarajan, Ravi P" <ravi.p.rangarajan@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18679 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-27 04:15:39 +00:00