tyler.durden/audk
1
0
Fork 0
mirror of https://github.com/acidanthera/audk.git synced 2025-07-29 00:24:07 +02:00
Code Issues Packages Projects Releases Wiki Activity
22,474 Commits 10 Branches 0 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Laszlo Ersek 7516532f9c MdeModulePkg/Variable/RuntimeDxe: delay MorLock creation until EndOfDxe 
The "MemoryOverwriteRequestControl" (a.k.a. MOR) variable comes from the
"TCG Platform Reset Attack Mitigation Specification":

https://www.trustedcomputinggroup.org/wp-content/uploads/Platform-Reset-Attack-Mitigation-Specification.pdf

The "MemoryOverwriteRequestControlLock" variable (a.k.a. MORL) is a
Microsoft extension, called "Secure MOR implementation":

https://docs.microsoft.com/en-us/windows-hardware/drivers/bringup/device-guard-requirements

Currently the VariableSmm driver creates MORL without regard to MOR. This
can lead to a situation where a platform does not support MOR from the
prerequisite spec (because it does not include the
"SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf" driver), but appears
to support MORL from the dependent Microsoft spec.

"winload.efi" notices this inconsistency, and disables the Device Guard
Virtualization Based Security in Windows Server 2016 and Windows 10 64-bit
Enterprise.

If the platform includes
"SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf", then MOR will exist
by the time EndOfDxe is reached, and VariableSmm can safely create MORL.
Otherwise, do not create MORL (delete it if it exists), and also prevent
other modules from creating it.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Ladi Prosek <lprosek@redhat.com>
Cc: Star Zeng <star.zeng@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=727
Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1496170
Reported-by: Ladi Prosek <lprosek@redhat.com>
Suggested-by: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Tested-by: Ladi Prosek <lprosek@redhat.com>
2017-10-10 11:25:26 +02:00
AppPkg
AppPkg/WebServer: Fix build failure.
2017-09-14 08:55:09 +08:00
ArmPkg
ArmPkg/ArmSvcLib: Add ArmSvcLib implementation.
2017-10-06 22:35:41 +01:00
ArmPlatformPkg
ArmPlatformPkg: Add PCD for SBSA Watchdog Count
2017-10-06 15:15:22 +01:00
ArmVirtPkg
ArmVirtPkg/ArmVirtQemu: include UsbMassStorageDxe
2017-09-12 13:09:44 +02:00
BaseTools
BaseTools: Fix a bug to use module's Name attribute as compare
2017-10-10 10:32:07 +08:00
BeagleBoardPkg
BeagleBoardPkg: switch to generic non-coherent DmaLib
2017-08-30 14:13:58 +01:00
Conf
EDK II: Add .gitignore
2014-10-14 16:08:15 +00:00
CorebootModulePkg
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
CorebootPayloadPkg
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
CryptoPkg
CryptoPkg: Add new API to retrieve commonName of X.509 certificate
2017-09-25 00:06:41 +08:00
DuetPkg
DuetPkg: Fix Xcode 9 Beta treating 32-bit left shift as undefined
2017-08-11 08:44:54 +08:00
EdkCompatibilityPkg
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
EdkShellBinPkg
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
EdkShellPkg
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
EmbeddedPkg
EmbeddedPkg: Introduce HardwareInterrupt2 protocol
2017-10-05 21:23:34 +01:00
EmulatorPkg
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
FatBinPkg
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
FatPkg
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
IntelFrameworkModulePkg
IntelFrameworkModulePkg FwVolDxe: Support FFS_ATTRIB_DATA_ALIGNMENT_2
2017-09-26 18:01:11 +08:00
IntelFrameworkPkg
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
IntelFsp2Pkg
IntelFsp2Pkg: Fix build error with WHOLEARCHIVE option
2017-08-25 14:32:50 +08:00
IntelFsp2WrapperPkg
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
IntelFspPkg
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
IntelFspWrapperPkg
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
IntelSiliconPkg
IntelSiliconPkg/VTdPmrPei: Add EndOfPei callback for S3
2017-09-23 16:14:30 +08:00
MdeModulePkg
MdeModulePkg/Variable/RuntimeDxe: delay MorLock creation until EndOfDxe
2017-10-10 11:25:26 +02:00
MdePkg
MdePkg: Correct EfiGcdMemoryTypePersistent name to follow PI spec
2017-10-10 14:19:12 +08:00
NetworkPkg
NetworkPkg/HttpDxe: Clarify the usage of HttpConfigData in HTTP protocol
2017-09-29 09:02:08 +08:00
Nt32Pkg
Nt32Pkg: Enable UDF file system support
2017-09-08 20:43:05 +02:00
Omap35xxPkg
Omap35xxPkg: switch to EmbeddedPkg's NonCoherentDmaLib
2017-08-30 14:13:47 +01:00
OptionRomPkg
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
OvmfPkg
OvmfPkg/PciHotPlugInitDxe: translate QEMU's resource reservation hints
2017-10-03 16:07:39 +02:00
PcAtChipsetPkg
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
PerformancePkg
PerformancePkg DP: Init CustomCumulativeData.MinDur
2017-08-14 16:55:44 +08:00
QuarkPlatformPkg
QuarkPlatformPkg/Readme.md: Bring Readme.md up to date
2017-08-10 09:44:24 -07:00
QuarkSocPkg
QuarkSocPkg/QNCSmmDispatcher: Fix use after free issue #2
2017-08-16 19:42:17 -07:00
SecurityPkg
SecurityPkg/SecureBootConfigImpl.c: Secure Boot DBX UI Enhancement
2017-09-28 15:02:00 +08:00
ShellBinPkg
ShellBinPkg: AARCH64/ARM Shell binary update.
2017-08-31 15:41:59 +01:00
ShellPkg
ShellPkg/disconnect: '-r' is not optional when disconnecting all
2017-09-29 15:19:10 +08:00
SignedCapsulePkg
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
SourceLevelDebugPkg
SourceLevelDebugPkg/DebugCommLibUsb3: Remove IntelFrameworkPkg.dec
2017-09-04 10:37:56 +08:00
StdLib
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
StdLibPrivateInternalFiles
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
UefiCpuPkg
UefiCpuPkg/PiSmmCpuDxeSmm: Add check to void use null pointer.
2017-10-09 14:52:46 +08:00
UnixPkg
UnixPkg: Remove UnixPkg files (It is replaced by EmulatorPkg)
2013-07-29 21:09:55 +00:00
Vlv2DeviceRefCodePkg
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
Vlv2TbltDevicePkg
Vlv2TbltDevicePkg: Remove reference deprecated macro.
2017-08-07 15:28:13 +08:00
.gitignore
edk2: Add .DS_Store to .gitignore for macOS
2017-05-19 15:14:34 -07:00
BuildNotes2.txt
BaseTools: Updated BuildNotes URLs
2016-03-25 09:46:44 +08:00
Contributions.txt
edk2: Fix typo in Contributions.txt
2017-08-16 17:50:44 +08:00
Edk2Setup.bat
Edk2Setup.bat: Fix build errors from VS tools PREFIX ENV missing
2016-11-05 09:10:58 +08:00
edksetup.bat
BaseTools: suppress usage instructions with rebuild options
2017-07-04 10:16:13 +08:00
edksetup.sh
BaseTools/edksetup.sh: fix invalid test for current working directory
2017-08-10 12:54:58 +08:00
License.txt
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
Maintainers.txt
Maintainers.txt: add Xen reviewer for ArmVirtPkg
2017-09-26 23:23:50 +01:00
Readme.md
edk2: Add Readme.md to root of edk2 repository
2017-08-03 11:02:25 -07:00

Readme.md

EDK II Project

A modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications from www.uefi.org.

Contributions to the EDK II open source project are covered by the TianoCore Contribution Agreement 1.1

The majority of the content in the EDK II open source project uses a BSD 2-Clause License. The EDK II open source project contains the following components that are covered by additional licenses:

The EDK II Project is composed of packages. The maintainers for each package are listed in Maintainers.txt.

Resources

Description
Acidanthera UEFI Development Kit based on EDK II edk2-stable202405
Readme 330 MiB
Languages
C 71.6%
Assembly 16.4%
Python 8.5%
Rich Text Format 1.3%
C++ 0.8%
Other 1%