diff options
| author | Liming Gao <liming.gao@intel.com> | 2018-06-27 21:13:09 +0800 |
|---|---|---|
| committer | Liming Gao <liming.gao@intel.com> | 2018-06-28 11:19:50 +0800 |
| commit | b3548d32ddb553a9e95503457c66d11462622d16 (patch) | |
| tree | 58d9148d8298dcc8ea64e5515ada87c433f6be2a /SecurityPkg/Library | |
| parent | 5a702acd3df099307d9bae0725f97b52b4895382 (diff) | |
| download | edk2-b3548d32ddb553a9e95503457c66d11462622d16.tar.gz edk2-b3548d32ddb553a9e95503457c66d11462622d16.tar.bz2 edk2-b3548d32ddb553a9e95503457c66d11462622d16.zip | |
SecurityPkg: Clean up source files
1. Do not use tab characters
2. No trailing white space in one line
3. All files must end with CRLF
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Liming Gao <liming.gao@intel.com>
Diffstat (limited to 'SecurityPkg/Library')
83 files changed, 819 insertions, 819 deletions
diff --git a/SecurityPkg/Library/AuthVariableLib/AuthService.c b/SecurityPkg/Library/AuthVariableLib/AuthService.c index 213a524f27..05d75a1ee3 100644 --- a/SecurityPkg/Library/AuthVariableLib/AuthService.c +++ b/SecurityPkg/Library/AuthVariableLib/AuthService.c @@ -18,7 +18,7 @@ They will do basic validation for authentication data structure, then call crypto library
to verify the signature.
-Copyright (c) 2009 - 2017, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -1303,7 +1303,7 @@ GetCertsFromDb ( return EFI_INVALID_PARAMETER;
}
-
+
if ((Attributes & EFI_VARIABLE_NON_VOLATILE) != 0) {
//
// Get variable "certdb".
@@ -1355,7 +1355,7 @@ GetCertsFromDb ( /**
Delete matching signer's certificates when deleting common authenticated
- variable by corresponding VariableName and VendorGuid from "certdb" or
+ variable by corresponding VariableName and VendorGuid from "certdb" or
"certdbv" according to authenticated variable attributes.
@param[in] VariableName Name of authenticated Variable.
@@ -1904,13 +1904,13 @@ VerifyTimeBasedPayload ( // digestAlgorithms DigestAlgorithmIdentifiers,
// contentInfo ContentInfo,
// .... }
- // The DigestAlgorithmIdentifiers can be used to determine the hash algorithm
+ // The DigestAlgorithmIdentifiers can be used to determine the hash algorithm
// in VARIABLE_AUTHENTICATION_2 descriptor.
// This field has the fixed offset (+13) and be calculated based on two bytes of length encoding.
//
if ((Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) != 0) {
if (SigDataSize >= (13 + sizeof (mSha256OidValue))) {
- if (((*(SigData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE) ||
+ if (((*(SigData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE) ||
(CompareMem (SigData + 13, &mSha256OidValue, sizeof (mSha256OidValue)) != 0)) {
return EFI_SECURITY_VIOLATION;
}
diff --git a/SecurityPkg/Library/AuthVariableLib/AuthServiceInternal.h b/SecurityPkg/Library/AuthVariableLib/AuthServiceInternal.h index 2886260925..1d495b08a3 100644 --- a/SecurityPkg/Library/AuthVariableLib/AuthServiceInternal.h +++ b/SecurityPkg/Library/AuthVariableLib/AuthServiceInternal.h @@ -12,7 +12,7 @@ may not be modified without authorization. If platform fails to protect these resources,
the authentication service provided in this driver will be broken, and the behavior is undefined.
-Copyright (c) 2009 - 2017, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -142,7 +142,7 @@ VerifyTimeBasedPayloadAndUpdate ( /**
Delete matching signer's certificates when deleting common authenticated
- variable by corresponding VariableName and VendorGuid from "certdb" or
+ variable by corresponding VariableName and VendorGuid from "certdb" or
"certdbv" according to authenticated variable attributes.
@param[in] VariableName Name of authenticated Variable.
@@ -166,9 +166,9 @@ DeleteCertsFromDb ( Clean up signer's certificates for common authenticated variable
by corresponding VariableName and VendorGuid from "certdb".
Sytem may break down during Timebased Variable update & certdb update,
- make them inconsistent, this function is called in AuthVariable Init to ensure
+ make them inconsistent, this function is called in AuthVariable Init to ensure
consistency
-
+
@retval EFI_NOT_FOUND Fail to find matching certs.
@retval EFI_SUCCESS Find matching certs and output parameters.
diff --git a/SecurityPkg/Library/DxeDeferImageLoadLib/DxeDeferImageLoadLib.c b/SecurityPkg/Library/DxeDeferImageLoadLib/DxeDeferImageLoadLib.c index 02a87f9077..41ad52563e 100644 --- a/SecurityPkg/Library/DxeDeferImageLoadLib/DxeDeferImageLoadLib.c +++ b/SecurityPkg/Library/DxeDeferImageLoadLib/DxeDeferImageLoadLib.c @@ -1,13 +1,13 @@ /** @file
Implement defer image load services for user identification in UEFI2.2.
-Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
+Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -33,9 +33,9 @@ EFI_DEFERRED_IMAGE_LOAD_PROTOCOL gDeferredImageLoad = { Get the image type.
@param[in] File This is a pointer to the device path of the file
- that is being dispatched.
+ that is being dispatched.
- @return UINT32 Image Type
+ @return UINT32 Image Type
**/
UINT32
@@ -44,7 +44,7 @@ GetFileType ( )
{
EFI_STATUS Status;
- EFI_HANDLE DeviceHandle;
+ EFI_HANDLE DeviceHandle;
EFI_DEVICE_PATH_PROTOCOL *TempDevicePath;
EFI_BLOCK_IO_PROTOCOL *BlockIo;
@@ -110,7 +110,7 @@ GetFileType ( }
//
- // File is not in a Firmware Volume or on a Block I/O device, so check to see if
+ // File is not in a Firmware Volume or on a Block I/O device, so check to see if
// the device path supports the Simple File System Protocol.
//
DeviceHandle = NULL;
@@ -129,12 +129,12 @@ GetFileType ( //
// File is not from an FV, Block I/O or Simple File System, so the only options
- // left are a PCI Option ROM and a Load File Protocol such as a PXE Boot from a NIC.
+ // left are a PCI Option ROM and a Load File Protocol such as a PXE Boot from a NIC.
//
TempDevicePath = (EFI_DEVICE_PATH_PROTOCOL *)File;
while (!IsDevicePathEndType (TempDevicePath)) {
switch (DevicePathType (TempDevicePath)) {
-
+
case MEDIA_DEVICE_PATH:
if (DevicePathSubType (TempDevicePath) == MEDIA_RELATIVE_OFFSET_RANGE_DP) {
return IMAGE_FROM_OPTION_ROM;
@@ -144,7 +144,7 @@ GetFileType ( case MESSAGING_DEVICE_PATH:
if (DevicePathSubType(TempDevicePath) == MSG_MAC_ADDR_DP) {
return IMAGE_FROM_REMOVABLE_MEDIA;
- }
+ }
break;
default:
@@ -152,7 +152,7 @@ GetFileType ( }
TempDevicePath = NextDevicePathNode (TempDevicePath);
}
- return IMAGE_UNKNOWN;
+ return IMAGE_UNKNOWN;
}
@@ -191,7 +191,7 @@ GetAccessControl ( if (EFI_ERROR (Status)) {
return EFI_NOT_FOUND;
}
-
+
//
// Get current user access information.
//
@@ -234,12 +234,12 @@ GetAccessControl ( if (EFI_ERROR (Status)) {
break;
}
-
+
ASSERT (Info != NULL);
if (Info->InfoType != EFI_USER_INFO_ACCESS_POLICY_RECORD) {
continue;
}
-
+
//
// Get specified access information.
//
@@ -256,7 +256,7 @@ GetAccessControl ( CheckLen += Access->Size;
}
}
-
+
if (Info != NULL) {
FreePool (Info);
}
@@ -266,17 +266,17 @@ GetAccessControl ( /**
Get file name from device path.
- The file name may contain one or more device path node. Save the file name in a
- buffer if file name is found. The caller is responsible to free the buffer.
-
+ The file name may contain one or more device path node. Save the file name in a
+ buffer if file name is found. The caller is responsible to free the buffer.
+
@param[in] DevicePath A pointer to a device path.
@param[out] FileName The callee allocated buffer to save the file name if file name is found.
@param[out] FileNameOffset The offset of file name in device path if file name is found.
-
+
@retval UINTN The file name length. 0 means file name is not found.
**/
-UINTN
+UINTN
GetFileName (
IN CONST EFI_DEVICE_PATH_PROTOCOL *DevicePath,
OUT UINT8 **FileName,
@@ -342,26 +342,26 @@ GetFileName ( FirstNodeChar = (CHAR16) ReadUnaligned16 ((UINT16 *)((UINT8 *)TmpDevicePath + sizeof (EFI_DEVICE_PATH_PROTOCOL)));
NodeStr = (CHAR8 *)TmpDevicePath + sizeof (EFI_DEVICE_PATH_PROTOCOL);
NodeStrLength = DevicePathNodeLength (TmpDevicePath) - sizeof (EFI_DEVICE_PATH_PROTOCOL) - sizeof(CHAR16);
-
+
if ((FirstNodeChar == '\\') && (LastNodeChar == '\\')) {
//
// Skip separator "\" when there are two separators.
//
NodeStr += sizeof (CHAR16);
- NodeStrLength -= sizeof (CHAR16);
+ NodeStrLength -= sizeof (CHAR16);
} else if ((FirstNodeChar != '\\') && (LastNodeChar != '\\')) {
//
// Add separator "\" when there is no separator.
//
WriteUnaligned16 ((UINT16 *)(*FileName + Length), '\\');
Length += sizeof (CHAR16);
- }
+ }
CopyMem (*FileName + Length, NodeStr, NodeStrLength);
Length += NodeStrLength;
-
+
LastNodeChar = (CHAR16) ReadUnaligned16 ((UINT16 *) (NodeStr + NodeStrLength - sizeof(CHAR16)));
TmpDevicePath = NextDevicePathNode (TmpDevicePath);
- }
+ }
return Length;
}
@@ -373,16 +373,16 @@ GetFileName ( If DevicePath2 is identical with DevicePath1, or with DevicePath1's child device
path, then TRUE returned. Otherwise, FALSE is returned.
-
+
If DevicePath1 is NULL, then ASSERT().
If DevicePath2 is NULL, then ASSERT().
@param[in] DevicePath1 A pointer to a device path.
@param[in] DevicePath2 A pointer to a device path.
- @retval TRUE Two device paths are identical , or DevicePath2 is
+ @retval TRUE Two device paths are identical , or DevicePath2 is
DevicePath1's child device path.
- @retval FALSE Two device paths are not identical, and DevicePath2
+ @retval FALSE Two device paths are not identical, and DevicePath2
is not DevicePath1's child device path.
**/
@@ -410,9 +410,9 @@ CheckDevicePath ( if (IsDevicePathEnd (DevicePath1)) {
return FALSE;
}
-
+
//
- // The file name may contain one or more device path node.
+ // The file name may contain one or more device path node.
// To compare the file name, copy file name to a buffer and compare the buffer.
//
FileNameSize1 = GetFileName (DevicePath1, &FileName1, &FileNameOffset1);
@@ -422,7 +422,7 @@ CheckDevicePath ( DevicePathEqual = FALSE;
goto Done;
}
- if (CompareMem (DevicePath1, DevicePath2, FileNameOffset1) != 0) {
+ if (CompareMem (DevicePath1, DevicePath2, FileNameOffset1) != 0) {
DevicePathEqual = FALSE;
goto Done;
}
@@ -430,7 +430,7 @@ CheckDevicePath ( DevicePathEqual = FALSE;
goto Done;
}
- if (CompareMem (FileName1, FileName2, FileNameSize1) != 0) {
+ if (CompareMem (FileName1, FileName2, FileNameSize1) != 0) {
DevicePathEqual = FALSE;
goto Done;
}
@@ -449,9 +449,9 @@ CheckDevicePath ( DevicePathSize -= sizeof (EFI_DEVICE_PATH_PROTOCOL);
if (CompareMem (DevicePath1, DevicePath2, DevicePathSize) != 0) {
DevicePathEqual = FALSE;
- }
-
-Done:
+ }
+
+Done:
if (FileName1 != NULL) {
FreePool (FileName1);
}
@@ -463,12 +463,12 @@ Done: /**
- Check whether the image pointed to by DevicePath is in the device path list
- specified by AccessType.
+ Check whether the image pointed to by DevicePath is in the device path list
+ specified by AccessType.
@param[in] DevicePath Points to device path.
@param[in] AccessType The type of user access control.
-
+
@retval TRUE The DevicePath is in the specified List.
@retval FALSE The DevicePath is not in the specified List.
@@ -482,36 +482,36 @@ IsDevicePathInList ( EFI_STATUS Status;
EFI_USER_INFO_ACCESS_CONTROL *Access;
EFI_DEVICE_PATH_PROTOCOL *Path;
- UINTN OffSet;
+ UINTN OffSet;
Status = GetAccessControl (&Access, AccessType);
if (EFI_ERROR (Status)) {
return FALSE;
- }
+ }
OffSet = 0;
while (OffSet < Access->Size - sizeof (EFI_USER_INFO_ACCESS_CONTROL)) {
- Path = (EFI_DEVICE_PATH_PROTOCOL*)((UINT8*)(Access + 1) + OffSet);
+ Path = (EFI_DEVICE_PATH_PROTOCOL*)((UINT8*)(Access + 1) + OffSet);
if (CheckDevicePath (Path, DevicePath)) {
//
// The device path is found in list.
//
FreePool (Access);
return TRUE;
- }
+ }
OffSet += GetDevicePathSize (Path);
}
-
+
FreePool (Access);
- return FALSE;
+ return FALSE;
}
/**
- Check whether the image pointed to by DevicePath is permitted to load.
+ Check whether the image pointed to by DevicePath is permitted to load.
@param[in] DevicePath Points to device path
-
+
@retval TRUE The image pointed by DevicePath is permitted to load.
@retval FALSE The image pointed by DevicePath is forbidden to load.
@@ -523,28 +523,28 @@ VerifyDevicePath ( {
if (IsDevicePathInList (DevicePath, EFI_USER_INFO_ACCESS_PERMIT_LOAD)) {
//
- // This access control overrides any restrictions put in place by the
+ // This access control overrides any restrictions put in place by the
// EFI_USER_INFO_ACCESS_FORBID_LOAD record.
//
return TRUE;
}
-
+
if (IsDevicePathInList (DevicePath, EFI_USER_INFO_ACCESS_FORBID_LOAD)) {
//
// The device path is found in the forbidden list.
//
return FALSE;
}
-
- return TRUE;
+
+ return TRUE;
}
/**
- Check the image pointed by DevicePath is a boot option or not.
+ Check the image pointed by DevicePath is a boot option or not.
@param[in] DevicePath Points to device path.
-
+
@retval TRUE The image pointed by DevicePath is a boot option.
@retval FALSE The image pointed by DevicePath is not a boot option.
@@ -562,31 +562,31 @@ IsBootOption ( UINT8 *OptionBuffer;
UINT8 *OptionPtr;
EFI_DEVICE_PATH_PROTOCOL *OptionDevicePath;
-
+
//
// Get BootOrder
//
BootOrderListSize = 0;
- BootOrderList = NULL;
+ BootOrderList = NULL;
Status = gRT->GetVariable (
- L"BootOrder",
- &gEfiGlobalVariableGuid,
- NULL,
- &BootOrderListSize,
+ L"BootOrder",
+ &gEfiGlobalVariableGuid,
+ NULL,
+ &BootOrderListSize,
NULL
);
if (Status == EFI_BUFFER_TOO_SMALL) {
BootOrderList = AllocateZeroPool (BootOrderListSize);
ASSERT (BootOrderList != NULL);
Status = gRT->GetVariable (
- L"BootOrder",
- &gEfiGlobalVariableGuid,
- NULL,
- &BootOrderListSize,
+ L"BootOrder",
+ &gEfiGlobalVariableGuid,
+ NULL,
+ &BootOrderListSize,
BootOrderList
);
}
-
+
if (EFI_ERROR (Status)) {
//
// No Boot option
@@ -608,7 +608,7 @@ IsBootOption ( //
// Check whether the image is forbidden.
//
-
+
OptionPtr = OptionBuffer;
//
// Skip attribute.
@@ -624,7 +624,7 @@ IsBootOption ( // Skip descript string
//
OptionPtr += StrSize ((UINT16 *) OptionPtr);
-
+
//
// Now OptionPtr points to Device Path.
//
@@ -650,11 +650,11 @@ IsBootOption ( /**
Add the image info to a deferred image list.
- @param[in] ImageDevicePath A pointer to the device path of a image.
- @param[in] Image Points to the first byte of the image, or NULL if the
+ @param[in] ImageDevicePath A pointer to the device path of a image.
+ @param[in] Image Points to the first byte of the image, or NULL if the
image is not available.
@param[in] ImageSize The size of the image, or 0 if the image is not available.
-
+
**/
VOID
PutDefferedImageInfo (
@@ -675,9 +675,9 @@ PutDefferedImageInfo ( } else {
CurImageInfo = AllocatePool ((mDeferredImage.Count + 1) * sizeof (DEFERRED_IMAGE_INFO));
ASSERT (CurImageInfo != NULL);
-
+
CopyMem (
- CurImageInfo,
+ CurImageInfo,
mDeferredImage.ImageInfo,
mDeferredImage.Count * sizeof (DEFERRED_IMAGE_INFO)
);
@@ -685,7 +685,7 @@ PutDefferedImageInfo ( mDeferredImage.ImageInfo = CurImageInfo;
}
mDeferredImage.Count++;
-
+
//
// Save the deferred image information.
//
@@ -704,29 +704,29 @@ PutDefferedImageInfo ( /**
Returns information about a deferred image.
- This function returns information about a single deferred image. The deferred images are
- numbered consecutively, starting with 0. If there is no image which corresponds to
- ImageIndex, then EFI_NOT_FOUND is returned. All deferred images may be returned by
+ This function returns information about a single deferred image. The deferred images are
+ numbered consecutively, starting with 0. If there is no image which corresponds to
+ ImageIndex, then EFI_NOT_FOUND is returned. All deferred images may be returned by
iteratively calling this function until EFI_NOT_FOUND is returned.
- Image may be NULL and ImageSize set to 0 if the decision to defer execution was made
- because of the location of the executable image, rather than its actual contents.
+ Image may be NULL and ImageSize set to 0 if the decision to defer execution was made
+ because of the location of the executable image, rather than its actual contents.
@param[in] This Points to this instance of the EFI_DEFERRED_IMAGE_LOAD_PROTOCOL.
@param[in] ImageIndex Zero-based index of the deferred index.
- @param[out] ImageDevicePath On return, points to a pointer to the device path of the image.
- The device path should not be freed by the caller.
- @param[out] Image On return, points to the first byte of the image or NULL if the
+ @param[out] ImageDevicePath On return, points to a pointer to the device path of the image.
+ The device path should not be freed by the caller.
+ @param[out] Image On return, points to the first byte of the image or NULL if the
image is not available. The image should not be freed by the caller
- unless LoadImage() has been successfully called.
+ unless LoadImage() has been successfully called.
@param[out] ImageSize On return, the size of the image, or 0 if the image is not available.
- @param[out] BootOption On return, points to TRUE if the image was intended as a boot option
- or FALSE if it was not intended as a boot option.
-
+ @param[out] BootOption On return, points to TRUE if the image was intended as a boot option
+ or FALSE if it was not intended as a boot option.
+
@retval EFI_SUCCESS Image information returned successfully.
@retval EFI_NOT_FOUND ImageIndex does not refer to a valid image.
- @retval EFI_INVALID_PARAMETER ImageDevicePath is NULL or Image is NULL or ImageSize is NULL or
+ @retval EFI_INVALID_PARAMETER ImageDevicePath is NULL or Image is NULL or ImageSize is NULL or
BootOption is NULL.
-
+
**/
EFI_STATUS
EFIAPI
@@ -748,7 +748,7 @@ GetDefferedImageInfo ( if ((This == NULL) || (ImageSize == NULL) || (Image == NULL)) {
return EFI_INVALID_PARAMETER;
}
-
+
if ((ImageDevicePath == NULL) || (BootOption == NULL)) {
return EFI_INVALID_PARAMETER;
}
@@ -756,17 +756,17 @@ GetDefferedImageInfo ( if (ImageIndex >= mDeferredImage.Count) {
return EFI_NOT_FOUND;
}
-
+
//
// Get the request deferred image.
- //
+ //
ReqImageInfo = &mDeferredImage.ImageInfo[ImageIndex];
-
+
*ImageDevicePath = ReqImageInfo->ImageDevicePath;
*Image = ReqImageInfo->Image;
*ImageSize = ReqImageInfo->ImageSize;
*BootOption = ReqImageInfo->BootOption;
-
+
return EFI_SUCCESS;
}
@@ -775,7 +775,7 @@ GetDefferedImageInfo ( Provides the service of deferring image load based on platform policy control,
and installs Deferred Image Load Protocol.
- @param[in] AuthenticationStatus This is the authentication status returned from the
+ @param[in] AuthenticationStatus This is the authentication status returned from the
security measurement services for the input file.
@param[in] File This is a pointer to the device path of the file that
is being dispatched. This will optionally be used for
@@ -824,7 +824,7 @@ DxeDeferImageLoadHandler ( //
// Check whether user has a logon.
- //
+ //
CurrentUser = NULL;
if (mUserManager != NULL) {
mUserManager->Current (mUserManager, &CurrentUser);
@@ -839,7 +839,7 @@ DxeDeferImageLoadHandler ( return EFI_SUCCESS;
}
}
-
+
//
// Still no user logon.
// Check the file type and get policy setting.
@@ -852,7 +852,7 @@ DxeDeferImageLoadHandler ( //
return EFI_SUCCESS;
}
-
+
DEBUG ((EFI_D_INFO, "[Security] No user identified, the image is deferred to load!\n"));
PutDefferedImageInfo (File, FileBuffer, FileSize);
@@ -874,10 +874,10 @@ DxeDeferImageLoadHandler ( }
/**
- Locate user manager protocol when user manager is installed.
+ Locate user manager protocol when user manager is installed.
@param[in] Event The Event that is being processed, not used.
- @param[in] Context Event Context, not used.
+ @param[in] Context Event Context, not used.
**/
VOID
@@ -892,7 +892,7 @@ FindUserManagerProtocol ( NULL,
(VOID **) &mUserManager
);
-
+
}
@@ -912,22 +912,22 @@ DxeDeferImageLoadLibConstructor ( )
{
VOID *Registration;
-
+
//
// Register user manager notification function.
//
EfiCreateProtocolNotifyEvent (
- &gEfiUserManagerProtocolGuid,
+ &gEfiUserManagerProtocolGuid,
TPL_CALLBACK,
FindUserManagerProtocol,
NULL,
&Registration
);
-
+
return RegisterSecurity2Handler (
DxeDeferImageLoadHandler,
- EFI_AUTH_OPERATION_DEFER_IMAGE_LOAD
- );
+ EFI_AUTH_OPERATION_DEFER_IMAGE_LOAD
+ );
}
diff --git a/SecurityPkg/Library/DxeDeferImageLoadLib/DxeDeferImageLoadLib.h b/SecurityPkg/Library/DxeDeferImageLoadLib/DxeDeferImageLoadLib.h index fd750be512..1390974a84 100644 --- a/SecurityPkg/Library/DxeDeferImageLoadLib/DxeDeferImageLoadLib.h +++ b/SecurityPkg/Library/DxeDeferImageLoadLib/DxeDeferImageLoadLib.h @@ -2,13 +2,13 @@ The internal header file includes the common header files, defines
internal structure and functions used by DeferImageLoadLib.
-Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
+Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -67,29 +67,29 @@ typedef struct { /**
Returns information about a deferred image.
- This function returns information about a single deferred image. The deferred images are
- numbered consecutively, starting with 0. If there is no image which corresponds to
- ImageIndex, then EFI_NOT_FOUND is returned. All deferred images may be returned by
+ This function returns information about a single deferred image. The deferred images are
+ numbered consecutively, starting with 0. If there is no image which corresponds to
+ ImageIndex, then EFI_NOT_FOUND is returned. All deferred images may be returned by
iteratively calling this function until EFI_NOT_FOUND is returned.
- Image may be NULL and ImageSize set to 0 if the decision to defer execution was made
- because of the location of the executable image, rather than its actual contents.
+ Image may be NULL and ImageSize set to 0 if the decision to defer execution was made
+ because of the location of the executable image, rather than its actual contents.
@param[in] This Points to this instance of the EFI_DEFERRED_IMAGE_LOAD_PROTOCOL.
@param[in] ImageIndex Zero-based index of the deferred index.
- @param[out] ImageDevicePath On return, points to a pointer to the device path of the image.
- The device path should not be freed by the caller.
- @param[out] Image On return, points to the first byte of the image or NULL if the
+ @param[out] ImageDevicePath On return, points to a pointer to the device path of the image.
+ The device path should not be freed by the caller.
+ @param[out] Image On return, points to the first byte of the image or NULL if the
image is not available. The image should not be freed by the caller
- unless LoadImage() has been called successfully.
+ unless LoadImage() has been called successfully.
@param[out] ImageSize On return, the size of the image, or 0 if the image is not available.
- @param[out] BootOption On return, points to TRUE if the image was intended as a boot option
- or FALSE if it was not intended as a boot option.
-
+ @param[out] BootOption On return, points to TRUE if the image was intended as a boot option
+ or FALSE if it was not intended as a boot option.
+
@retval EFI_SUCCESS Image information returned successfully.
@retval EFI_NOT_FOUND ImageIndex does not refer to a valid image.
- @retval EFI_INVALID_PARAMETER ImageDevicePath is NULL or Image is NULL or ImageSize is NULL or
+ @retval EFI_INVALID_PARAMETER ImageDevicePath is NULL or Image is NULL or ImageSize is NULL or
BootOption is NULL.
-
+
**/
EFI_STATUS
EFIAPI
@@ -101,5 +101,5 @@ GetDefferedImageInfo ( OUT UINTN *ImageSize,
OUT BOOLEAN *BootOption
);
-
+
#endif
diff --git a/SecurityPkg/Library/DxeDeferImageLoadLib/DxeDeferImageLoadLib.inf b/SecurityPkg/Library/DxeDeferImageLoadLib/DxeDeferImageLoadLib.inf index 8297230bed..3399d7a3bd 100644 --- a/SecurityPkg/Library/DxeDeferImageLoadLib/DxeDeferImageLoadLib.inf +++ b/SecurityPkg/Library/DxeDeferImageLoadLib/DxeDeferImageLoadLib.inf @@ -1,11 +1,11 @@ ## @file
# Provides security service of deferred image load
#
-# The platform may need to defer the execution of an image because of security
-# considerations. These deferred images will be recorded and then reported by
+# The platform may need to defer the execution of an image because of security
+# considerations. These deferred images will be recorded and then reported by
# installing an instance of the EFI_DEFERRED_IMAGE_LOAD_PROTOCOL.
#
-# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -48,9 +48,9 @@ DevicePathLib
BaseMemoryLib
PrintLib
- DebugLib
+ DebugLib
UefiLib
- PcdLib
+ PcdLib
[Protocols]
gEfiFirmwareVolume2ProtocolGuid ## SOMETIMES_CONSUMES
@@ -60,9 +60,9 @@ ## SOMETIMES_CONSUMES
## NOTIFY
gEfiUserManagerProtocolGuid
-
+
[Guids]
gEfiGlobalVariableGuid ## SOMETIMES_CONSUMES ## Variable:L"BootOrder"
-
+
[Pcd]
gEfiSecurityPkgTokenSpaceGuid.PcdDeferImageLoadPolicy ## SOMETIMES_CONSUMES
diff --git a/SecurityPkg/Library/DxeImageAuthenticationStatusLib/DxeImageAuthenticationStatusLib.c b/SecurityPkg/Library/DxeImageAuthenticationStatusLib/DxeImageAuthenticationStatusLib.c index bc1acd1fed..f0d41b8b9c 100644 --- a/SecurityPkg/Library/DxeImageAuthenticationStatusLib/DxeImageAuthenticationStatusLib.c +++ b/SecurityPkg/Library/DxeImageAuthenticationStatusLib/DxeImageAuthenticationStatusLib.c @@ -1,7 +1,7 @@ /** @file
Implement image authentication status check in UEFI2.3.1.
-Copyright (c) 2012, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -18,8 +18,8 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. /**
Check image authentication status returned from Section Extraction Protocol
-
- @param[in] AuthenticationStatus This is the authentication status returned from
+
+ @param[in] AuthenticationStatus This is the authentication status returned from
the Section Extraction Protocol when reading the input file.
@param[in] File This is a pointer to the device path of the file that is
being dispatched. This will optionally be used for logging.
diff --git a/SecurityPkg/Library/DxeImageAuthenticationStatusLib/DxeImageAuthenticationStatusLib.inf b/SecurityPkg/Library/DxeImageAuthenticationStatusLib/DxeImageAuthenticationStatusLib.inf index 62fcdaacc6..6c826a9cbf 100644 --- a/SecurityPkg/Library/DxeImageAuthenticationStatusLib/DxeImageAuthenticationStatusLib.inf +++ b/SecurityPkg/Library/DxeImageAuthenticationStatusLib/DxeImageAuthenticationStatusLib.inf @@ -3,7 +3,7 @@ #
# Authentication Status Library module supports UEFI2.3.1
#
-# Copyright (c) 2012 - 2014, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -20,7 +20,7 @@ FILE_GUID = EB92D1DE-7C36-4680-BB88-A67E96049F72
MODULE_TYPE = DXE_DRIVER
VERSION_STRING = 1.0
- LIBRARY_CLASS = NULL|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
+ LIBRARY_CLASS = NULL|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
CONSTRUCTOR = DxeImageAuthenticationStatusLibConstructor
#
diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c index 588072c6a1..0f795c0af1 100644 --- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c +++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c @@ -12,7 +12,7 @@ DxeImageVerificationHandler(), HashPeImageByType(), HashPeImage() function will accept
untrusted PE/COFF image and validate its data structure within this image buffer before use.
-Copyright (c) 2009 - 2017, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
(C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
@@ -275,12 +275,12 @@ GetImageType ( /**
Calculate hash of Pe/Coff image based on the authenticode image hashing in
PE/COFF Specification 8.0 Appendix A
-
+
Caution: This function may receive untrusted input.
PE/COFF image is external input, so this function will validate its data structure
within this image buffer before use.
- Notes: PE/COFF image has been checked by BasePeCoffLib PeCoffLoaderGetImageInfo() in
+ Notes: PE/COFF image has been checked by BasePeCoffLib PeCoffLoaderGetImageInfo() in
its caller function DxeImageVerificationHandler().
@param[in] HashAlg Hash algorithm type.
@@ -1109,14 +1109,14 @@ IsTimeZero ( }
/**
- Check whether the timestamp signature is valid and the signing time is also earlier than
+ Check whether the timestamp signature is valid and the signing time is also earlier than
the revocation time.
@param[in] AuthData Pointer to the Authenticode signature retrieved from signed image.
@param[in] AuthDataSize Size of the Authenticode signature in bytes.
@param[in] RevocationTime The time that the certificate was revoked.
- @retval TRUE Timestamp signature is valid and signing time is no later than the
+ @retval TRUE Timestamp signature is valid and signing time is no later than the
revocation time.
@retval FALSE Timestamp signature is not valid or the signing time is later than the
revocation time.
@@ -1226,9 +1226,9 @@ Done: **/
BOOLEAN
-IsForbiddenByDbx (
+IsForbiddenByDbx (
IN UINT8 *AuthData,
- IN UINTN AuthDataSize
+ IN UINTN AuthDataSize
)
{
EFI_STATUS Status;
diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.uni b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.uni index 6575e1c4b9..75994a2453 100644 --- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.uni +++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.uni @@ -2,13 +2,13 @@ // Provides security service of image verification
//
// This library hooks LoadImage() API to verify every image by the verification policy.
-//
+//
// Caution: This module requires additional review when modified.
// This library will have external input - PE/COFF image.
// This external input must be validated carefully to avoid security issues such as
// buffer overflow or integer overflow.
//
-// Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
+// Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
//
// This program and the accompanying materials
// are licensed and made available under the terms and conditions of the BSD License
diff --git a/SecurityPkg/Library/DxeImageVerificationLib/Measurement.c b/SecurityPkg/Library/DxeImageVerificationLib/Measurement.c index 6b98747d4a..3f0d4f25eb 100644 --- a/SecurityPkg/Library/DxeImageVerificationLib/Measurement.c +++ b/SecurityPkg/Library/DxeImageVerificationLib/Measurement.c @@ -1,7 +1,7 @@ /** @file
Measure TCG required variable.
-Copyright (c) 2013 - 2017, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -97,9 +97,9 @@ AssignVendorGuid ( @param[in] VarName A Null-terminated string that is the name of the vendor's variable.
@param[in] VendorGuid A unique identifier for the vendor.
- @param[in] VarData The content of the variable data.
- @param[in] VarSize The size of the variable data.
-
+ @param[in] VarData The content of the variable data.
+ @param[in] VarSize The size of the variable data.
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_OUT_OF_RESOURCES Out of memory.
**/
@@ -151,8 +151,8 @@ AddDataMeasured ( @param[in] VarName A Null-terminated string that is the name of the vendor's variable.
@param[in] VendorGuid A unique identifier for the vendor.
- @param[in] VarData The content of the variable data.
- @param[in] VarSize The size of the variable data.
+ @param[in] VarData The content of the variable data.
+ @param[in] VarSize The size of the variable data.
@retval TRUE The data is already measured.
@retval FALSE The data is not measured yet.
@@ -197,7 +197,7 @@ IsSecureAuthorityVariable ( UINTN Index;
for (Index = 0; Index < sizeof(mVariableType)/sizeof(mVariableType[0]); Index++) {
- if ((StrCmp (VariableName, mVariableType[Index].VariableName) == 0) &&
+ if ((StrCmp (VariableName, mVariableType[Index].VariableName) == 0) &&
(CompareGuid (VendorGuid, mVariableType[Index].VendorGuid))) {
return TRUE;
}
@@ -210,9 +210,9 @@ IsSecureAuthorityVariable ( @param[in] VarName A Null-terminated string that is the name of the vendor's variable.
@param[in] VendorGuid A unique identifier for the vendor.
- @param[in] VarData The content of the variable data.
- @param[in] VarSize The size of the variable data.
-
+ @param[in] VarData The content of the variable data.
+ @param[in] VarSize The size of the variable data.
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_OUT_OF_RESOURCES Out of memory.
@retval EFI_DEVICE_ERROR The operation was unsuccessful.
diff --git a/SecurityPkg/Library/DxeRsa2048Sha256GuidedSectionExtractLib/DxeRsa2048Sha256GuidedSectionExtractLib.c b/SecurityPkg/Library/DxeRsa2048Sha256GuidedSectionExtractLib/DxeRsa2048Sha256GuidedSectionExtractLib.c index d6f4207a50..8421545c11 100644 --- a/SecurityPkg/Library/DxeRsa2048Sha256GuidedSectionExtractLib/DxeRsa2048Sha256GuidedSectionExtractLib.c +++ b/SecurityPkg/Library/DxeRsa2048Sha256GuidedSectionExtractLib/DxeRsa2048Sha256GuidedSectionExtractLib.c @@ -1,17 +1,17 @@ /** @file
- This library registers RSA 2048 SHA 256 guided section handler
+ This library registers RSA 2048 SHA 256 guided section handler
to parse RSA 2048 SHA 256 encapsulation section and extract raw data.
It uses the BaseCrypyLib based on OpenSSL to authenticate the signature.
-Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -50,7 +50,7 @@ CONST UINT8 mRsaE[] = { 0x01, 0x00, 0x01 }; /**
GetInfo gets raw data size and attribute of the input guided section.
- It first checks whether the input guid section is supported.
+ It first checks whether the input guid section is supported.
If not, EFI_INVALID_PARAMETER will return.
@param InputSection Buffer containing the input GUIDed section to be processed.
@@ -58,7 +58,7 @@ CONST UINT8 mRsaE[] = { 0x01, 0x00, 0x01 }; @param ScratchBufferSize The size of ScratchBuffer.
@param SectionAttribute The attribute of the input guided section.
- @retval EFI_SUCCESS The size of destination buffer, the size of scratch buffer and
+ @retval EFI_SUCCESS The size of destination buffer, the size of scratch buffer and
the attribute of the input section are successfully retrieved.
@retval EFI_INVALID_PARAMETER The GUID in InputSection does not match this instance guid.
@@ -111,7 +111,7 @@ Rsa2048Sha256GuidedSectionGetInfo ( Extraction handler tries to extract raw data from the input guided section.
It also does authentication check for RSA 2048 SHA 256 signature in the input guided section.
- It first checks whether the input guid section is supported.
+ It first checks whether the input guid section is supported.
If not, EFI_INVALID_PARAMETER will return.
@param InputSection Buffer containing the input GUIDed section to be processed.
@@ -143,10 +143,10 @@ Rsa2048Sha256GuidedSectionHandler ( UINTN PublicKeyBufferSize;
VOID *HashContext;
VOID *Rsa;
-
+
HashContext = NULL;
Rsa = NULL;
-
+
if (IS_SECTION2 (InputSection)) {
//
// Check whether the input guid section is recognized.
@@ -156,7 +156,7 @@ Rsa2048Sha256GuidedSectionHandler ( &(((EFI_GUID_DEFINED_SECTION2 *)InputSection)->SectionDefinitionGuid))) {
return EFI_INVALID_PARAMETER;
}
-
+
//
// Get the RSA 2048 SHA 256 information.
//
@@ -184,7 +184,7 @@ Rsa2048Sha256GuidedSectionHandler ( &(((EFI_GUID_DEFINED_SECTION *)InputSection)->SectionDefinitionGuid))) {
return EFI_INVALID_PARAMETER;
}
-
+
//
// Get the RSA 2048 SHA 256 information.
//
@@ -214,7 +214,7 @@ Rsa2048Sha256GuidedSectionHandler ( // If SecurityPolicy Protocol exist, AUTH platform override bit is set.
//
*AuthenticationStatus |= EFI_AUTH_STATUS_PLATFORM_OVERRIDE;
-
+
return EFI_SUCCESS;
}
@@ -222,7 +222,7 @@ Rsa2048Sha256GuidedSectionHandler ( // All paths from here return EFI_SUCESS and result is returned in AuthenticationStatus
//
Status = EFI_SUCCESS;
-
+
//
// Fail if the HashType is not SHA 256
//
@@ -264,7 +264,7 @@ Rsa2048Sha256GuidedSectionHandler ( *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
goto Done;
}
-
+
//
// Fail if the PublicKey is not one of the public keys in PcdRsa2048Sha256PublicKeyBuffer
//
@@ -299,8 +299,8 @@ Rsa2048Sha256GuidedSectionHandler ( *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
goto Done;
}
-
- //
+
+ //
// Set RSA Key Components.
// NOTE: Only N and E are needed to be set as RSA public key for signature verification.
//
@@ -347,10 +347,10 @@ Rsa2048Sha256GuidedSectionHandler ( //
PERF_INMODULE_BEGIN ("DxeRsaVerify");
CryptoStatus = RsaPkcs1Verify (
- Rsa,
- Digest,
- SHA256_DIGEST_SIZE,
- CertBlockRsa2048Sha256->Signature,
+ Rsa,
+ Digest,
+ SHA256_DIGEST_SIZE,
+ CertBlockRsa2048Sha256->Signature,
sizeof (CertBlockRsa2048Sha256->Signature)
);
PERF_INMODULE_END ("DxeRsaVerify");
diff --git a/SecurityPkg/Library/DxeRsa2048Sha256GuidedSectionExtractLib/DxeRsa2048Sha256GuidedSectionExtractLib.inf b/SecurityPkg/Library/DxeRsa2048Sha256GuidedSectionExtractLib/DxeRsa2048Sha256GuidedSectionExtractLib.inf index 4681f08643..cbb553c0bf 100644 --- a/SecurityPkg/Library/DxeRsa2048Sha256GuidedSectionExtractLib/DxeRsa2048Sha256GuidedSectionExtractLib.inf +++ b/SecurityPkg/Library/DxeRsa2048Sha256GuidedSectionExtractLib/DxeRsa2048Sha256GuidedSectionExtractLib.inf @@ -1,11 +1,11 @@ ## @file
-# This library doesn't produce any library class. The constructor function uses
+# This library doesn't produce any library class. The constructor function uses
# ExtractGuidedSectionLib service to register an RSA 2048 SHA 256 guided section handler
# that parses RSA 2048 SHA 256 encapsulation section and extracts raw data.
#
# It uses the BaseCrypyLib based on OpenSSL to authenticate the signature.
#
-# Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
#
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
@@ -39,7 +39,7 @@ MdePkg/MdePkg.dec
CryptoPkg/CryptoPkg.dec
SecurityPkg/SecurityPkg.dec
-
+
[LibraryClasses]
ExtractGuidedSectionLib
UefiBootServicesTableLib
@@ -50,13 +50,13 @@ PcdLib
PerformanceLib
-[Pcd]
+[Pcd]
gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer ## SOMETIMES_CONSUMES
[Protocols]
gEfiSecurityPolicyProtocolGuid ## SOMETIMES_CONSUMES (Set platform override AUTH status if exist)
-
+
[Guids]
gEfiCertTypeRsa2048Sha256Guid ## PRODUCES ## UNDEFINED # Specifies RSA 2048 SHA 256 authentication algorithm.
gEfiHashAlgorithmSha256Guid ## SOMETIMES_CONSUMES ## UNDEFINED
-
\ No newline at end of file +
diff --git a/SecurityPkg/Library/DxeRsa2048Sha256GuidedSectionExtractLib/DxeRsa2048Sha256GuidedSectionExtractLib.uni b/SecurityPkg/Library/DxeRsa2048Sha256GuidedSectionExtractLib/DxeRsa2048Sha256GuidedSectionExtractLib.uni index 5a043efbb2..19131a71ab 100644 --- a/SecurityPkg/Library/DxeRsa2048Sha256GuidedSectionExtractLib/DxeRsa2048Sha256GuidedSectionExtractLib.uni +++ b/SecurityPkg/Library/DxeRsa2048Sha256GuidedSectionExtractLib/DxeRsa2048Sha256GuidedSectionExtractLib.uni @@ -3,10 +3,10 @@ //
// ExtractGuidedSectionLib service to register an RSA 2048 SHA 256 guided section handler
// that parses RSA 2048 SHA 256 encapsulation section and extracts raw data.
-//
+//
// It uses the BaseCrypyLib based on OpenSSL to authenticate the signature.
//
-// Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
+// Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
//
// This program and the accompanying materials
// are licensed and made available under the terms and conditions of the BSD License
diff --git a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c index 5ece8e513a..a271c81388 100644 --- a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c +++ b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c @@ -7,13 +7,13 @@ Tpm2ExecutePendingTpmRequest() will receive untrusted input and do validation.
-Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
+Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -109,7 +109,7 @@ Done: Change EPS.
@param[in] PlatformAuth platform auth value. NULL means no platform auth change.
-
+
@retval EFI_SUCCESS Operation completed successfully.
**/
EFI_STATUS
@@ -145,9 +145,9 @@ Tpm2CommandChangeEps ( @param[in] CommandCode Physical presence operation value.
@param[in] CommandParameter Physical presence operation parameter.
@param[in, out] PpiFlags The physical presence interface flags.
-
+
@retval TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE Unknown physical presence operation.
- @retval TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE Error occurred during sending command to TPM or
+ @retval TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE Error occurred during sending command to TPM or
receiving response from TPM.
@retval Others Return code from the TPM device after command execution.
**/
@@ -274,8 +274,8 @@ Tcg2ReadUserKey ( EFI_STATUS Status;
EFI_INPUT_KEY Key;
UINT16 InputKey;
-
- InputKey = 0;
+
+ InputKey = 0;
do {
Status = gBS->CheckEvent (gST->ConIn->WaitForKey);
if (!EFI_ERROR (Status)) {
@@ -289,13 +289,13 @@ Tcg2ReadUserKey ( if ((Key.ScanCode == SCAN_F12) && CautionKey) {
InputKey = Key.ScanCode;
}
- }
+ }
} while (InputKey == 0);
if (InputKey != SCAN_ESC) {
return TRUE;
}
-
+
return FALSE;
}
@@ -364,7 +364,7 @@ Tcg2UserConfirm ( {
CHAR16 *ConfirmText;
CHAR16 *TmpStr1;
- CHAR16 *TmpStr2;
+ CHAR16 *TmpStr2;
UINTN BufSize;
BOOLEAN CautionKey;
BOOLEAN NoPpiInfo;
@@ -376,7 +376,7 @@ Tcg2UserConfirm ( EFI_TCG2_BOOT_SERVICE_CAPABILITY ProtocolCapability;
UINT32 CurrentPCRBanks;
EFI_STATUS Status;
-
+
TmpStr2 = NULL;
CautionKey = FALSE;
NoPpiInfo = FALSE;
@@ -403,7 +403,7 @@ Tcg2UserConfirm ( TmpStr1 = Tcg2PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR));
StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), L" \n\n", (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
- FreePool (TmpStr1);
+ FreePool (TmpStr1);
break;
@@ -423,7 +423,7 @@ Tcg2UserConfirm ( TmpStr1 = Tcg2PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR));
StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), L" \n\n", (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
- FreePool (TmpStr1);
+ FreePool (TmpStr1);
break;
@@ -453,11 +453,11 @@ Tcg2UserConfirm ( TmpStr1 = Tcg2PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_SET_PCR_BANKS_1));
StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
- FreePool (TmpStr1);
+ FreePool (TmpStr1);
TmpStr1 = Tcg2PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_SET_PCR_BANKS_2));
StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
- FreePool (TmpStr1);
+ FreePool (TmpStr1);
Tcg2FillBufferWithBootHashAlg (TempBuffer, sizeof(TempBuffer), TpmPpCommandParameter);
Tcg2FillBufferWithBootHashAlg (TempBuffer2, sizeof(TempBuffer2), CurrentPCRBanks);
@@ -468,7 +468,7 @@ Tcg2UserConfirm ( StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), L" \n", (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
- FreePool (TmpStr1);
+ FreePool (TmpStr1);
break;
@@ -482,11 +482,11 @@ Tcg2UserConfirm ( TmpStr1 = Tcg2PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CHANGE_EPS_1));
StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
- FreePool (TmpStr1);
-
+ FreePool (TmpStr1);
+
TmpStr1 = Tcg2PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CHANGE_EPS_2));
StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
- FreePool (TmpStr1);
+ FreePool (TmpStr1);
break;
@@ -571,10 +571,10 @@ Tcg2UserConfirm ( DstStr[80] = L'\0';
for (Index = 0; Index < StrLen (ConfirmText); Index += 80) {
- StrnCpyS (DstStr, sizeof (DstStr) / sizeof (CHAR16), ConfirmText + Index, sizeof (DstStr) / sizeof (CHAR16) - 1);
- Print (DstStr);
+ StrnCpyS (DstStr, sizeof (DstStr) / sizeof (CHAR16), ConfirmText + Index, sizeof (DstStr) / sizeof (CHAR16) - 1);
+ Print (DstStr);
}
-
+
FreePool (TmpStr1);
FreePool (TmpStr2);
FreePool (ConfirmText);
@@ -584,17 +584,17 @@ Tcg2UserConfirm ( return TRUE;
}
- return FALSE;
+ return FALSE;
}
/**
- Check if there is a valid physical presence command request. Also updates parameter value
+ Check if there is a valid physical presence command request. Also updates parameter value
to whether the requested physical presence command already confirmed by user
-
- @param[in] TcgPpData EFI Tcg2 Physical Presence request data.
+
+ @param[in] TcgPpData EFI Tcg2 Physical Presence request data.
@param[in] Flags The physical presence interface flags.
@param[out] RequestConfirmed If the physical presence operation command required user confirm from UI.
- True, it indicates the command doesn't require user confirm, or already confirmed
+ True, it indicates the command doesn't require user confirm, or already confirmed
in last boot cycle by user.
False, it indicates the command need user confirm from UI.
@@ -657,7 +657,7 @@ Tcg2HaveValidTpmRequest ( *RequestConfirmed = TRUE;
}
break;
-
+
case TCG2_PHYSICAL_PRESENCE_LOG_ALL_DIGESTS:
*RequestConfirmed = TRUE;
break;
@@ -778,7 +778,7 @@ Tcg2ExecutePendingTpmRequest ( } else {
if (!RequestConfirmed) {
//
- // Print confirm text and wait for approval.
+ // Print confirm text and wait for approval.
//
RequestConfirmed = Tcg2UserConfirm (TcgPpData->PPRequest, TcgPpData->PPRequestParameter);
}
@@ -791,8 +791,8 @@ Tcg2ExecutePendingTpmRequest ( if (RequestConfirmed) {
TcgPpData->PPResponse = Tcg2ExecutePhysicalPresence (
PlatformAuth,
- TcgPpData->PPRequest,
- TcgPpData->PPRequestParameter,
+ TcgPpData->PPRequest,
+ TcgPpData->PPRequestParameter,
&NewFlags
);
}
@@ -809,7 +809,7 @@ Tcg2ExecutePendingTpmRequest ( EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
sizeof (EFI_TCG2_PHYSICAL_PRESENCE_FLAGS),
&NewFlags
- );
+ );
}
//
@@ -817,7 +817,7 @@ Tcg2ExecutePendingTpmRequest ( //
if ((NewFlags.PPFlags & TCG2_LIB_PP_FLAG_RESET_TRACK) == 0) {
TcgPpData->LastPPRequest = TcgPpData->PPRequest;
- TcgPpData->PPRequest = TCG2_PHYSICAL_PRESENCE_NO_ACTION;
+ TcgPpData->PPRequest = TCG2_PHYSICAL_PRESENCE_NO_ACTION;
TcgPpData->PPRequestParameter = 0;
}
@@ -879,19 +879,19 @@ Tcg2ExecutePendingTpmRequest ( Print (L"Rebooting system to make TPM2 settings in effect\n");
gRT->ResetSystem (EfiResetCold, EFI_SUCCESS, 0, NULL);
- ASSERT (FALSE);
+ ASSERT (FALSE);
}
/**
Check and execute the pending TPM request.
- The TPM request may come from OS or BIOS. This API will display request information and wait
+ The TPM request may come from OS or BIOS. This API will display request information and wait
for user confirmation if TPM request exists. The TPM request will be sent to TPM device after
- the TPM request is confirmed, and one or more reset may be required to make TPM request to
+ the TPM request is confirmed, and one or more reset may be required to make TPM request to
take effect.
-
+
This API should be invoked after console in and console out are all ready as they are required
- to display request information and get user input to confirm the request.
+ to display request information and get user input to confirm the request.
@param[in] PlatformAuth platform auth value. NULL means no platform auth change.
**/
@@ -908,7 +908,7 @@ Tcg2PhysicalPresenceLibProcessRequest ( EFI_TCG2_PHYSICAL_PRESENCE_FLAGS PpiFlags;
//
- // This flags variable controls whether physical presence is required for TPM command.
+ // This flags variable controls whether physical presence is required for TPM command.
// It should be protected from malicious software. We set it as read-only variable here.
//
Status = gBS->LocateProtocol (&gEdkiiVariableLockProtocolGuid, NULL, (VOID **)&VariableLockProtocol);
@@ -923,7 +923,7 @@ Tcg2PhysicalPresenceLibProcessRequest ( ASSERT_EFI_ERROR (Status);
}
}
-
+
//
// Check S4 resume
//
@@ -958,7 +958,7 @@ Tcg2PhysicalPresenceLibProcessRequest ( }
DEBUG((DEBUG_INFO, "[TPM2] Initial physical presence flags value is 0x%x\n", PpiFlags.PPFlags));
}
-
+
//
// Initialize physical presence variable.
//
@@ -990,7 +990,7 @@ Tcg2PhysicalPresenceLibProcessRequest ( //
// Execute pending TPM request.
- //
+ //
Tcg2ExecutePendingTpmRequest (PlatformAuth, &TcgPpData, &PpiFlags);
DEBUG ((EFI_D_INFO, "[TPM2] PPResponse = %x (LastPPRequest=%x, Flags=%x)\n", TcgPpData.PPResponse, TcgPpData.LastPPRequest, PpiFlags.PPFlags));
@@ -1001,7 +1001,7 @@ Tcg2PhysicalPresenceLibProcessRequest ( The TPM request may come from OS. This API will check if TPM request exists and need user
input to confirmation.
-
+
@retval TRUE TPM needs input to confirm user physical presence.
@retval FALSE TPM doesn't need input to confirm user physical presence.
@@ -1052,7 +1052,7 @@ Tcg2PhysicalPresenceLibNeedUserConfirm( if (EFI_ERROR (Status)) {
return FALSE;
}
-
+
if (TcgPpData.PPRequest == TCG2_PHYSICAL_PRESENCE_NO_ACTION) {
//
// No operation request
@@ -1097,7 +1097,7 @@ Tcg2PhysicalPresenceLibReturnOperationResponseToOsFunction ( EFI_STATUS Status;
UINTN DataSize;
EFI_TCG2_PHYSICAL_PRESENCE PpData;
-
+
DEBUG ((EFI_D_INFO, "[TPM2] ReturnOperationResponseToOsFunction\n"));
//
@@ -1117,7 +1117,7 @@ Tcg2PhysicalPresenceLibReturnOperationResponseToOsFunction ( DEBUG ((EFI_D_ERROR, "[TPM2] Get PP variable failure! Status = %r\n", Status));
return TCG_PP_RETURN_TPM_OPERATION_RESPONSE_FAILURE;
}
-
+
*MostRecentRequest = PpData.LastPPRequest;
*Response = PpData.PPResponse;
@@ -1130,7 +1130,7 @@ Tcg2PhysicalPresenceLibReturnOperationResponseToOsFunction ( Submit TPM Operation Request to Pre-OS Environment 2.
Caution: This function may receive untrusted input.
-
+
@param[in] OperationRequest TPM physical presence operation request.
@param[in] RequestParameter TPM physical presence operation request parameter.
@@ -1148,9 +1148,9 @@ Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction ( UINTN DataSize;
EFI_TCG2_PHYSICAL_PRESENCE PpData;
EFI_TCG2_PHYSICAL_PRESENCE_FLAGS Flags;
-
+
DEBUG ((EFI_D_INFO, "[TPM2] SubmitRequestToPreOSFunction, Request = %x, %x\n", OperationRequest, RequestParameter));
-
+
//
// Get the Physical Presence variable
//
@@ -1184,7 +1184,7 @@ Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction ( DataSize,
&PpData
);
- if (EFI_ERROR (Status)) {
+ if (EFI_ERROR (Status)) {
DEBUG ((EFI_D_ERROR, "[TPM2] Set PP variable failure! Status = %r\n", Status));
return TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE;
}
diff --git a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf index fc10129989..d74f000203 100644 --- a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf +++ b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf @@ -8,7 +8,7 @@ # This driver will have external input - variable.
# This external input must be validated carefully to avoid security issue.
#
-# Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -25,7 +25,7 @@ FILE_GUID = 7E507A86-DE8B-4AD3-BC4C-0498389098D3
MODULE_TYPE = DXE_DRIVER
VERSION_STRING = 1.0
- LIBRARY_CLASS = Tcg2PhysicalPresenceLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER UEFI_APPLICATION UEFI_DRIVER
+ LIBRARY_CLASS = Tcg2PhysicalPresenceLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER UEFI_APPLICATION UEFI_DRIVER
#
# The following information is for reference only and not required by the build tools.
diff --git a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.uni b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.uni index 7cb7072c17..472b9d9e51 100644 --- a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.uni +++ b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.uni @@ -3,12 +3,12 @@ //
// This library will check and execute TPM 2.0 request from OS or BIOS. The request may
// ask for user confirmation before execution.
-//
+//
// Caution: This module requires additional review when modified.
// This driver will have external input - variable.
// This external input must be validated carefully to avoid security issue.
//
-// Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
+// Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
//
// This program and the accompanying materials
// are licensed and made available under the terms and conditions of the BSD License
diff --git a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/PhysicalPresenceStrings.uni b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/PhysicalPresenceStrings.uni index 0271b890e0..50f53e6511 100644 --- a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/PhysicalPresenceStrings.uni +++ b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/PhysicalPresenceStrings.uni @@ -1,13 +1,13 @@ /** @file
String definitions for TPM 2.0 physical presence confirm text.
-Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
+Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -17,8 +17,8 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #string TPM_HEAD_STR #language en-US "A configuration change was requested to %s this computer's TPM (Trusted Platform Module)\n\n"
#string TPM_PPI_HEAD_STR #language en-US "A configuration change was requested to allow the Operating System to %s the computer's TPM (Trusted Platform Module) without asking for user confirmation in the future.\n\n"
-#string TPM_ACCEPT_KEY #language en-US "Press F10 "
-#string TPM_CAUTION_KEY #language en-US "Press F12 "
+#string TPM_ACCEPT_KEY #language en-US "Press F10 "
+#string TPM_CAUTION_KEY #language en-US "Press F12 "
#string TPM_REJECT_KEY #language en-US "to %s the TPM \nPress ESC to reject this change request and continue\n"
#string TPM_ENABLE #language en-US "enable"
@@ -48,8 +48,8 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #string TCG_STORAGE_HEAD_STR #language en-US "A configuration change was requested to %s on subsequent boots\n\n"
#string TCG_STORAGE_PPI_HEAD_STR #language en-US "A configuration change was requested to allow the Operating System to %s without asking for user confirmation in the future.\n\n"
-#string TCG_STORAGE_ACCEPT_KEY #language en-US "Press F10 "
-#string TCG_STORAGE_CAUTION_KEY #language en-US "Press F12 "
+#string TCG_STORAGE_ACCEPT_KEY #language en-US "Press F10 "
+#string TCG_STORAGE_CAUTION_KEY #language en-US "Press F12 "
#string TCG_STORAGE_REJECT_KEY #language en-US "to %s\nPress ESC to reject this change request and continue\n"
#string TCG_STORAGE_NO_PPI_INFO #language en-US "to approve future Operating System requests "
diff --git a/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.c b/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.c index 4f35be80bb..32e0700096 100644 --- a/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.c +++ b/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.c @@ -8,13 +8,13 @@ ExecutePendingTpmRequest() will receive untrusted input and do validation.
-Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
+Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -60,10 +60,10 @@ PhysicalPresenceGetStringById ( /**
Get TPM physical presence permanent flags.
- @param[in] TcgProtocol EFI TCG Protocol instance.
- @param[out] LifetimeLock physicalPresenceLifetimeLock permanent flag.
+ @param[in] TcgProtocol EFI TCG Protocol instance.
+ @param[out] LifetimeLock physicalPresenceLifetimeLock permanent flag.
@param[out] CmdEnable physicalPresenceCMDEnable permanent flag.
-
+
@retval EFI_SUCCESS Flags were returns successfully.
@retval other Failed to locate EFI TCG Protocol.
@@ -82,13 +82,13 @@ GetTpmCapability ( UINT8 SendBuffer[sizeof (*TpmRqu) + sizeof (UINT32) * 3];
TPM_PERMANENT_FLAGS *TpmPermanentFlags;
UINT8 RecvBuffer[40];
-
+
//
// Fill request header
//
TpmRsp = (TPM_RSP_COMMAND_HDR*)RecvBuffer;
TpmRqu = (TPM_RQU_COMMAND_HDR*)SendBuffer;
-
+
TpmRqu->tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);
TpmRqu->paramSize = SwapBytes32 (sizeof (SendBuffer));
TpmRqu->ordinal = SwapBytes32 (TPM_ORD_GetCapability);
@@ -99,8 +99,8 @@ GetTpmCapability ( SendBufPtr = (UINT32*)(TpmRqu + 1);
WriteUnaligned32 (SendBufPtr++, SwapBytes32 (TPM_CAP_FLAG));
WriteUnaligned32 (SendBufPtr++, SwapBytes32 (sizeof (TPM_CAP_FLAG_PERMANENT)));
- WriteUnaligned32 (SendBufPtr, SwapBytes32 (TPM_CAP_FLAG_PERMANENT));
-
+ WriteUnaligned32 (SendBufPtr, SwapBytes32 (TPM_CAP_FLAG_PERMANENT));
+
Status = TcgProtocol->PassThroughToTpm (
TcgProtocol,
sizeof (SendBuffer),
@@ -111,9 +111,9 @@ GetTpmCapability ( ASSERT_EFI_ERROR (Status);
ASSERT (TpmRsp->tag == SwapBytes16 (TPM_TAG_RSP_COMMAND));
ASSERT (TpmRsp->returnCode == 0);
-
+
TpmPermanentFlags = (TPM_PERMANENT_FLAGS *)&RecvBuffer[sizeof (TPM_RSP_COMMAND_HDR) + sizeof (UINT32)];
-
+
if (LifetimeLock != NULL) {
*LifetimeLock = TpmPermanentFlags->physicalPresenceLifetimeLock;
}
@@ -128,9 +128,9 @@ GetTpmCapability ( /**
Issue TSC_PhysicalPresence command to TPM.
- @param[in] TcgProtocol EFI TCG Protocol instance.
- @param[in] PhysicalPresence The state to set the TPM's Physical Presence flags.
-
+ @param[in] TcgProtocol EFI TCG Protocol instance.
+ @param[in] PhysicalPresence The state to set the TPM's Physical Presence flags.
+
@retval EFI_SUCCESS TPM executed the command successfully.
@retval EFI_SECURITY_VIOLATION TPM returned error when executing the command.
@retval other Failed to locate EFI TCG Protocol.
@@ -154,7 +154,7 @@ TpmPhysicalPresence ( TpmRqu->tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);
TpmRqu->paramSize = SwapBytes32 (sizeof (Buffer));
TpmRqu->ordinal = SwapBytes32 (TSC_ORD_PhysicalPresence);
- WriteUnaligned16 (TpmPp, (TPM_PHYSICAL_PRESENCE) SwapBytes16 (PhysicalPresence));
+ WriteUnaligned16 (TpmPp, (TPM_PHYSICAL_PRESENCE) SwapBytes16 (PhysicalPresence));
Status = TcgProtocol->PassThroughToTpm (
TcgProtocol,
@@ -171,19 +171,19 @@ TpmPhysicalPresence ( //
return EFI_SECURITY_VIOLATION;
}
-
+
return Status;
}
/**
Issue a TPM command for which no additional output data will be returned.
- @param[in] TcgProtocol EFI TCG Protocol instance.
- @param[in] Ordinal TPM command code.
- @param[in] AdditionalParameterSize Additional parameter size.
- @param[in] AdditionalParameters Pointer to the Additional paramaters.
-
- @retval TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE Error occurred during sending command to TPM or
+ @param[in] TcgProtocol EFI TCG Protocol instance.
+ @param[in] Ordinal TPM command code.
+ @param[in] AdditionalParameterSize Additional parameter size.
+ @param[in] AdditionalParameters Pointer to the Additional paramaters.
+
+ @retval TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE Error occurred during sending command to TPM or
receiving response from TPM.
@retval Others Return code from the TPM device after command execution.
@@ -232,9 +232,9 @@ TpmCommandNoReturnData ( @param[in] TcgProtocol EFI TCG Protocol instance.
@param[in] CommandCode Physical presence operation value.
@param[in, out] PpiFlags The physical presence interface flags.
-
+
@retval TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE Unknown physical presence operation.
- @retval TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE Error occurred during sending command to TPM or
+ @retval TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE Error occurred during sending command to TPM or
receiving response from TPM.
@retval Others Return code from the TPM device after command execution.
@@ -397,7 +397,7 @@ ExecutePhysicalPresence ( case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE:
PpiFlags->PPFlags |= TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_MAINTENANCE;
return 0;
-
+
case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:
//
// PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_CLEAR
@@ -423,7 +423,7 @@ ExecutePhysicalPresence ( } else {
TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE, PpiFlags);
PpiFlags->PPFlags &= ~TCG_VENDOR_LIB_FLAG_RESET_TRACK;
- }
+ }
return TpmResponse;
default:
@@ -453,7 +453,7 @@ ReadUserKey ( UINT16 InputKey;
UINTN Index;
- InputKey = 0;
+ InputKey = 0;
do {
Status = gST->ConIn->ReadKeyStroke (gST->ConIn, &Key);
if (Status == EFI_NOT_READY) {
@@ -479,18 +479,18 @@ ReadUserKey ( if (InputKey != SCAN_ESC) {
return TRUE;
}
-
+
return FALSE;
}
/**
The constructor function register UNI strings into imageHandle.
-
- It will ASSERT() if that operation fails and it will always return EFI_SUCCESS.
+
+ It will ASSERT() if that operation fails and it will always return EFI_SUCCESS.
@param ImageHandle The firmware allocated handle for the EFI image.
@param SystemTable A pointer to the EFI System Table.
-
+
@retval EFI_SUCCESS The constructor successfully added string package.
@retval Other value The constructor can't add string package.
@@ -523,12 +523,12 @@ UserConfirm ( {
CHAR16 *ConfirmText;
CHAR16 *TmpStr1;
- CHAR16 *TmpStr2;
+ CHAR16 *TmpStr2;
UINTN BufSize;
BOOLEAN CautionKey;
UINT16 Index;
CHAR16 DstStr[81];
-
+
TmpStr2 = NULL;
CautionKey = FALSE;
BufSize = CONFIRM_BUFFER_SIZE;
@@ -538,7 +538,7 @@ UserConfirm ( switch (TpmPpCommand) {
case PHYSICAL_PRESENCE_ENABLE:
TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE));
-
+
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
@@ -550,7 +550,7 @@ UserConfirm ( case PHYSICAL_PRESENCE_DISABLE:
TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DISABLE));
-
+
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
@@ -563,10 +563,10 @@ UserConfirm ( StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
FreePool (TmpStr1);
break;
-
+
case PHYSICAL_PRESENCE_ACTIVATE:
TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACTIVATE));
-
+
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
@@ -589,7 +589,7 @@ UserConfirm ( TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));
StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
- FreePool (TmpStr1);
+ FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_CLEAR:
@@ -603,7 +603,7 @@ UserConfirm ( TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR));
StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), L" \n\n", (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
- FreePool (TmpStr1);
+ FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));
StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
@@ -628,15 +628,15 @@ UserConfirm ( case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE:
TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DEACTIVATE_DISABLE));
-
- TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
+
+ TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_OFF));
StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
FreePool (TmpStr1);
-
+
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));
StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
FreePool (TmpStr1);
@@ -648,8 +648,8 @@ UserConfirm ( case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE:
TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ALLOW_TAKE_OWNERSHIP));
-
- TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
+
+ TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
@@ -660,8 +660,8 @@ UserConfirm ( case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE:
TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DISALLOW_TAKE_OWNERSHIP));
-
- TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
+
+ TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
@@ -688,15 +688,15 @@ UserConfirm ( case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE:
TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_TURN_OFF));
-
- TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
+
+ TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_OFF));
StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
FreePool (TmpStr1);
-
+
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));
StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
FreePool (TmpStr1);
@@ -709,11 +709,11 @@ UserConfirm ( case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:
CautionKey = TRUE;
TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_UNOWNED_FIELD_UPGRADE));
-
- TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_UPGRADE_HEAD_STR));
+
+ TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_UPGRADE_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
-
+
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_MAINTAIN));
StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
FreePool (TmpStr1);
@@ -787,7 +787,7 @@ UserConfirm ( TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR));
StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), L" \n\n", (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
- FreePool (TmpStr1);
+ FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));
StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
@@ -877,10 +877,10 @@ UserConfirm ( DstStr[80] = L'\0';
for (Index = 0; Index < StrLen (ConfirmText); Index += 80) {
- StrnCpyS(DstStr, sizeof (DstStr) / sizeof (CHAR16), ConfirmText + Index, sizeof (DstStr) / sizeof (CHAR16) - 1);
- Print (DstStr);
+ StrnCpyS(DstStr, sizeof (DstStr) / sizeof (CHAR16), ConfirmText + Index, sizeof (DstStr) / sizeof (CHAR16) - 1);
+ Print (DstStr);
}
-
+
FreePool (TmpStr1);
FreePool (TmpStr2);
FreePool (ConfirmText);
@@ -889,17 +889,17 @@ UserConfirm ( return TRUE;
}
- return FALSE;
+ return FALSE;
}
/**
- Check if there is a valid physical presence command request. Also updates parameter value
+ Check if there is a valid physical presence command request. Also updates parameter value
to whether the requested physical presence command already confirmed by user
-
+
@param[in] TcgPpData EFI TCG Physical Presence request data.
- @param[in] Flags The physical presence interface flags.
+ @param[in] Flags The physical presence interface flags.
@param[out] RequestConfirmed If the physical presence operation command required user confirm from UI.
- True, it indicates the command doesn't require user confirm, or already confirmed
+ True, it indicates the command doesn't require user confirm, or already confirmed
in last boot cycle by user.
False, it indicates the command need user confirm from UI.
@@ -1006,7 +1006,7 @@ HaveValidTpmRequest ( TcgPpData variable is external input, so this function will validate
its data structure to be valid value.
- @param[in] TcgProtocol EFI TCG Protocol instance.
+ @param[in] TcgProtocol EFI TCG Protocol instance.
@param[in] TcgPpData Point to the physical presence NV variable.
@param[in] Flags The physical presence interface flags.
@@ -1052,7 +1052,7 @@ ExecutePendingTpmRequest ( } else {
if (!RequestConfirmed) {
//
- // Print confirm text and wait for approval.
+ // Print confirm text and wait for approval.
//
RequestConfirmed = UserConfirm (TcgPpData->PPRequest);
}
@@ -1077,18 +1077,18 @@ ExecutePendingTpmRequest ( EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
sizeof (EFI_PHYSICAL_PRESENCE_FLAGS),
&NewFlags
- );
+ );
if (EFI_ERROR (Status)) {
return;
}
}
-
+
//
// Clear request
//
if ((NewFlags.PPFlags & TCG_VENDOR_LIB_FLAG_RESET_TRACK) == 0) {
TcgPpData->LastPPRequest = TcgPpData->PPRequest;
- TcgPpData->PPRequest = PHYSICAL_PRESENCE_NO_ACTION;
+ TcgPpData->PPRequest = PHYSICAL_PRESENCE_NO_ACTION;
}
//
@@ -1124,7 +1124,7 @@ ExecutePendingTpmRequest ( case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:
case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE:
case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:
- case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:
+ case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:
break;
default:
if (TcgPpData->LastPPRequest >= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
@@ -1142,21 +1142,21 @@ ExecutePendingTpmRequest ( Print (L"Rebooting system to make TPM settings in effect\n");
gRT->ResetSystem (EfiResetCold, EFI_SUCCESS, 0, NULL);
- ASSERT (FALSE);
+ ASSERT (FALSE);
}
/**
Check and execute the pending TPM request and Lock TPM.
- The TPM request may come from OS or BIOS. This API will display request information and wait
+ The TPM request may come from OS or BIOS. This API will display request information and wait
for user confirmation if TPM request exists. The TPM request will be sent to TPM device after
- the TPM request is confirmed, and one or more reset may be required to make TPM request to
+ the TPM request is confirmed, and one or more reset may be required to make TPM request to
take effect. At last, it will lock TPM to prevent TPM state change by malware.
-
+
This API should be invoked after console in and console out are all ready as they are required
- to display request information and get user input to confirm the request. This API should also
+ to display request information and get user input to confirm the request. This API should also
be invoked as early as possible as TPM is locked in this function.
-
+
**/
VOID
EFIAPI
@@ -1172,7 +1172,7 @@ TcgPhysicalPresenceLibProcessRequest ( EFI_TCG_PROTOCOL *TcgProtocol;
EDKII_VARIABLE_LOCK_PROTOCOL *VariableLockProtocol;
EFI_PHYSICAL_PRESENCE_FLAGS PpiFlags;
-
+
Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **)&TcgProtocol);
if (EFI_ERROR (Status)) {
return ;
@@ -1206,7 +1206,7 @@ TcgPhysicalPresenceLibProcessRequest ( DEBUG ((EFI_D_INFO, "[TPM] PpiFlags = %x\n", PpiFlags.PPFlags));
//
- // This flags variable controls whether physical presence is required for TPM command.
+ // This flags variable controls whether physical presence is required for TPM command.
// It should be protected from malicious software. We set it as read-only variable here.
//
Status = gBS->LocateProtocol (&gEdkiiVariableLockProtocolGuid, NULL, (VOID **)&VariableLockProtocol);
@@ -1221,7 +1221,7 @@ TcgPhysicalPresenceLibProcessRequest ( ASSERT_EFI_ERROR (Status);
}
}
-
+
//
// Initialize physical presence variable.
//
@@ -1262,7 +1262,7 @@ TcgPhysicalPresenceLibProcessRequest ( if (EFI_ERROR (Status)) {
return ;
}
-
+
if (!CmdEnable) {
if (LifetimeLock) {
//
@@ -1275,7 +1275,7 @@ TcgPhysicalPresenceLibProcessRequest ( return ;
}
}
-
+
//
// Set operator physical presence flags
//
@@ -1283,7 +1283,7 @@ TcgPhysicalPresenceLibProcessRequest ( //
// Execute pending TPM request.
- //
+ //
ExecutePendingTpmRequest (TcgProtocol, &TcgPpData, PpiFlags);
DEBUG ((EFI_D_INFO, "[TPM] PPResponse = %x\n", TcgPpData.PPResponse));
@@ -1298,7 +1298,7 @@ TcgPhysicalPresenceLibProcessRequest ( The TPM request may come from OS. This API will check if TPM request exists and need user
input to confirmation.
-
+
@retval TRUE TPM needs input to confirm user physical presence.
@retval FALSE TPM doesn't need input to confirm user physical presence.
@@ -1317,7 +1317,7 @@ TcgPhysicalPresenceLibNeedUserConfirm( BOOLEAN CmdEnable;
EFI_TCG_PROTOCOL *TcgProtocol;
EFI_PHYSICAL_PRESENCE_FLAGS PpiFlags;
-
+
Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **)&TcgProtocol);
if (EFI_ERROR (Status)) {
return FALSE;
@@ -1349,7 +1349,7 @@ TcgPhysicalPresenceLibNeedUserConfirm( if (EFI_ERROR (Status)) {
return FALSE;
}
-
+
if (TcgPpData.PPRequest == PHYSICAL_PRESENCE_NO_ACTION) {
//
// No operation request
diff --git a/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.inf b/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.inf index 3aacba5c2b..bf7e16ccb7 100644 --- a/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.inf +++ b/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.inf @@ -2,14 +2,14 @@ # Executes pending TPM 1.2 requests from OS or BIOS and Locks TPM
#
# This library will check and execute TPM 1.2 request from OS or BIOS. The request may
-# ask for user confirmation before execution. This Library will also lock TPM physical
+# ask for user confirmation before execution. This Library will also lock TPM physical
# presence at last.
#
# Caution: This module requires additional review when modified.
# This driver will have external input - variable.
# This external input must be validated carefully to avoid security issue.
#
-# Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -26,9 +26,9 @@ FILE_GUID = EBC43A46-34AC-4F07-A7F5-A5394619361C
MODULE_TYPE = DXE_DRIVER
VERSION_STRING = 1.0
- LIBRARY_CLASS = TcgPhysicalPresenceLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER UEFI_APPLICATION UEFI_DRIVER
+ LIBRARY_CLASS = TcgPhysicalPresenceLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER UEFI_APPLICATION UEFI_DRIVER
CONSTRUCTOR = TcgPhysicalPresenceLibConstructor
-
+
#
# The following information is for reference only and not required by the build tools.
#
diff --git a/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.uni b/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.uni index 26f8dd3e99..1d238918b1 100644 --- a/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.uni +++ b/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.uni @@ -4,12 +4,12 @@ // This library will check and execute TPM 1.2 request from OS or BIOS. The request may
// ask for user confirmation before execution. This Library will also lock TPM physical
// presence at last.
-//
+//
// Caution: This module requires additional review when modified.
// This driver will have external input - variable.
// This external input must be validated carefully to avoid security issue.
//
-// Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
+// Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
//
// This program and the accompanying materials
// are licensed and made available under the terms and conditions of the BSD License
diff --git a/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/PhysicalPresenceStrings.uni b/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/PhysicalPresenceStrings.uni index 065cd63be1..91995f85ef 100644 --- a/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/PhysicalPresenceStrings.uni +++ b/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/PhysicalPresenceStrings.uni @@ -1,14 +1,14 @@ /** @file
String definitions for TPM 1.2 physical presence confirm text.
-Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
(C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -19,8 +19,8 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #string TPM_PPI_HEAD_STR #language en-US "A configuration change was requested to allow the Operating System to %s the computer's TPM (Trusted Platform Module) without asking for user confirmation in the future.\n\n"
#string TPM_UPGRADE_HEAD_STR #language en-US "A configuration change was requested to %s to the TPM's (Trusted Platform Module) firmware.\n\n"
-#string TPM_ACCEPT_KEY #language en-US "Press F10 "
-#string TPM_CAUTION_KEY #language en-US "Press F12 "
+#string TPM_ACCEPT_KEY #language en-US "Press F10 "
+#string TPM_CAUTION_KEY #language en-US "Press F12 "
#string TPM_REJECT_KEY #language en-US "to %s the TPM \nPress ESC to reject this change request and continue\n"
#string TPM_ENABLE #language en-US "enable"
diff --git a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c index aacafa83b3..96f905aaad 100644 --- a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c +++ b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c @@ -15,14 +15,14 @@ Tcg2MeasureGptTable() function will receive untrusted GPT partition table, and parse
partition data carefully.
-Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
(C) Copyright 2015 Hewlett Packard Enterprise Development LP<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -70,11 +70,11 @@ MEASURED_HOB_DATA *mTcg2MeasuredHobData = NULL; @param FileHandle Pointer to the file handle to read the PE/COFF image.
@param FileOffset Offset into the PE/COFF image to begin the read operation.
- @param ReadSize On input, the size in bytes of the requested read operation.
+ @param ReadSize On input, the size in bytes of the requested read operation.
On output, the number of bytes actually read.
@param Buffer Output buffer that contains the data read from the PE/COFF image.
-
- @retval EFI_SUCCESS The specified portion of the PE/COFF image was read and the size
+
+ @retval EFI_SUCCESS The specified portion of the PE/COFF image was read and the size
**/
EFI_STATUS
EFIAPI
@@ -157,11 +157,11 @@ Tcg2MeasureGptTable ( }
//
// Read the EFI Partition Table Header
- //
+ //
PrimaryHeader = (EFI_PARTITION_TABLE_HEADER *) AllocatePool (BlockIo->Media->BlockSize);
if (PrimaryHeader == NULL) {
return EFI_OUT_OF_RESOURCES;
- }
+ }
Status = DiskIo->ReadDisk (
DiskIo,
BlockIo->Media->MediaId,
@@ -173,7 +173,7 @@ Tcg2MeasureGptTable ( DEBUG ((EFI_D_ERROR, "Failed to Read Partition Table Header!\n"));
FreePool (PrimaryHeader);
return EFI_DEVICE_ERROR;
- }
+ }
//
// Read the partition entry.
//
@@ -194,7 +194,7 @@ Tcg2MeasureGptTable ( FreePool (EntryPtr);
return EFI_DEVICE_ERROR;
}
-
+
//
// Count the valid partition
//
@@ -202,15 +202,15 @@ Tcg2MeasureGptTable ( NumberOfPartition = 0;
for (Index = 0; Index < PrimaryHeader->NumberOfPartitionEntries; Index++) {
if (!IsZeroGuid (&PartitionEntry->PartitionTypeGUID)) {
- NumberOfPartition++;
+ NumberOfPartition++;
}
PartitionEntry = (EFI_PARTITION_ENTRY *)((UINT8 *)PartitionEntry + PrimaryHeader->SizeOfPartitionEntry);
}
//
// Prepare Data for Measurement
- //
- EventSize = (UINT32)(sizeof (EFI_GPT_DATA) - sizeof (GptData->Partitions)
+ //
+ EventSize = (UINT32)(sizeof (EFI_GPT_DATA) - sizeof (GptData->Partitions)
+ NumberOfPartition * PrimaryHeader->SizeOfPartitionEntry);
Tcg2Event = (EFI_TCG2_EVENT *) AllocateZeroPool (EventSize + sizeof (EFI_TCG2_EVENT) - sizeof(Tcg2Event->Event));
if (Tcg2Event == NULL) {
@@ -224,11 +224,11 @@ Tcg2MeasureGptTable ( Tcg2Event->Header.HeaderVersion = EFI_TCG2_EVENT_HEADER_VERSION;
Tcg2Event->Header.PCRIndex = 5;
Tcg2Event->Header.EventType = EV_EFI_GPT_EVENT;
- GptData = (EFI_GPT_DATA *) Tcg2Event->Event;
+ GptData = (EFI_GPT_DATA *) Tcg2Event->Event;
//
// Copy the EFI_PARTITION_TABLE_HEADER and NumberOfPartition
- //
+ //
CopyMem ((UINT8 *)GptData, (UINT8*)PrimaryHeader, sizeof (EFI_PARTITION_TABLE_HEADER));
GptData->NumberOfPartitions = NumberOfPartition;
//
@@ -286,7 +286,7 @@ Tcg2MeasureGptTable ( @retval EFI_SUCCESS Successfully measure image.
@retval EFI_OUT_OF_RESOURCES No enough resource to measure image.
- @retval EFI_UNSUPPORTED ImageType is unsupported or PE image is mal-format.
+ @retval EFI_UNSUPPORTED ImageType is unsupported or PE image is mal-format.
@retval other error value
**/
@@ -381,27 +381,27 @@ Finish: }
/**
- The security handler is used to abstract platform-specific policy
- from the DXE core response to an attempt to use a file that returns a
- given status for the authentication check from the section extraction protocol.
+ The security handler is used to abstract platform-specific policy
+ from the DXE core response to an attempt to use a file that returns a
+ given status for the authentication check from the section extraction protocol.
- The possible responses in a given SAP implementation may include locking
- flash upon failure to authenticate, attestation logging for all signed drivers,
- and other exception operations. The File parameter allows for possible logging
+ The possible responses in a given SAP implementation may include locking
+ flash upon failure to authenticate, attestation logging for all signed drivers,
+ and other exception operations. The File parameter allows for possible logging
within the SAP of the driver.
If File is NULL, then EFI_INVALID_PARAMETER is returned.
- If the file specified by File with an authentication status specified by
+ If the file specified by File with an authentication status specified by
AuthenticationStatus is safe for the DXE Core to use, then EFI_SUCCESS is returned.
- If the file specified by File with an authentication status specified by
- AuthenticationStatus is not safe for the DXE Core to use under any circumstances,
+ If the file specified by File with an authentication status specified by
+ AuthenticationStatus is not safe for the DXE Core to use under any circumstances,
then EFI_ACCESS_DENIED is returned.
- If the file specified by File with an authentication status specified by
- AuthenticationStatus is not safe for the DXE Core to use right now, but it
- might be possible to use it at a future time, then EFI_SECURITY_VIOLATION is
+ If the file specified by File with an authentication status specified by
+ AuthenticationStatus is not safe for the DXE Core to use right now, but it
+ might be possible to use it at a future time, then EFI_SECURITY_VIOLATION is
returned.
@param[in] AuthenticationStatus This is the authentication status returned
@@ -453,7 +453,7 @@ DxeTpm2MeasureBootHandler ( ProtocolCapability.Size = (UINT8) sizeof (ProtocolCapability);
Status = Tcg2Protocol->GetCapability (
- Tcg2Protocol,
+ Tcg2Protocol,
&ProtocolCapability
);
if (EFI_ERROR (Status) || (!ProtocolCapability.TPMPresentFlag)) {
@@ -468,7 +468,7 @@ DxeTpm2MeasureBootHandler ( // Copy File Device Path
//
OrigDevicePathNode = DuplicateDevicePath (File);
-
+
//
// 1. Check whether this device path support BlockIo protocol.
// Is so, this device path may be a GPT device path.
@@ -489,8 +489,8 @@ DxeTpm2MeasureBootHandler ( DevicePathSubType (DevicePathNode) == MEDIA_HARDDRIVE_DP) {
//
// Check whether it is a gpt partition or not
- //
- if (((HARDDRIVE_DEVICE_PATH *) DevicePathNode)->MBRType == MBR_TYPE_EFI_PARTITION_TABLE_HEADER &&
+ //
+ if (((HARDDRIVE_DEVICE_PATH *) DevicePathNode)->MBRType == MBR_TYPE_EFI_PARTITION_TABLE_HEADER &&
((HARDDRIVE_DEVICE_PATH *) DevicePathNode)->SignatureType == SIGNATURE_TYPE_GUID) {
//
@@ -526,7 +526,7 @@ DxeTpm2MeasureBootHandler ( DevicePathNode = NextDevicePathNode (DevicePathNode);
}
}
-
+
//
// 2. Measure PE image.
//
@@ -560,7 +560,7 @@ DxeTpm2MeasureBootHandler ( TempHandle = Handle;
do {
Status = gBS->HandleProtocol(
- TempHandle,
+ TempHandle,
&gEfiFirmwareVolumeBlockProtocolGuid,
(VOID**)&FvbProtocol
);
@@ -619,16 +619,16 @@ DxeTpm2MeasureBootHandler ( //
goto Finish;
}
-
+
//
// Measure only application if Application flag is set
// Measure drivers and applications if Application flag is not set
//
- if ((!ApplicationRequired) ||
- (ApplicationRequired && ImageContext.ImageType == EFI_IMAGE_SUBSYSTEM_EFI_APPLICATION)) {
+ if ((!ApplicationRequired) ||
+ (ApplicationRequired && ImageContext.ImageType == EFI_IMAGE_SUBSYSTEM_EFI_APPLICATION)) {
//
// Print the image path to be measured.
- //
+ //
DEBUG_CODE_BEGIN ();
CHAR16 *ToText;
ToText = ConvertDevicePathToText (
@@ -647,10 +647,10 @@ DxeTpm2MeasureBootHandler ( //
Status = Tcg2MeasurePeImage (
Tcg2Protocol,
- (EFI_PHYSICAL_ADDRESS) (UINTN) FileBuffer,
- FileSize,
- (UINTN) ImageContext.ImageAddress,
- ImageContext.ImageType,
+ (EFI_PHYSICAL_ADDRESS) (UINTN) FileBuffer,
+ FileSize,
+ (UINTN) ImageContext.ImageAddress,
+ ImageContext.ImageType,
DevicePathNode
);
DEBUG ((EFI_D_INFO, "DxeTpm2MeasureBootHandler - Tcg2MeasurePeImage - %r\n", Status));
diff --git a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf index 939f6fb19b..e5aaba2407 100644 --- a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf +++ b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf @@ -4,15 +4,15 @@ # Spec Compliance Info:
# "TCG PC Client Platform Firmware Profile Specification for TPM Family 2.0 Level 00 Revision 00.21"
#
-# This library instance hooks LoadImage() API to measure every image that
+# This library instance hooks LoadImage() API to measure every image that
# is not measured in PEI phase. And, it will also measure GPT partition.
#
# Caution: This module requires additional review when modified.
# This library will have external input - PE/COFF image and GPT partition.
-# This external input must be validated carefully to avoid security issues such
+# This external input must be validated carefully to avoid security issues such
# as buffer overflow or integer overflow.
#
-# Copyright (c) 2013 - 2017, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -29,7 +29,7 @@ FILE_GUID = 778CE4F4-36BD-4ae7-B8F0-10B420B0D174
MODULE_TYPE = DXE_DRIVER
VERSION_STRING = 1.0
- LIBRARY_CLASS = NULL|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
+ LIBRARY_CLASS = NULL|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
CONSTRUCTOR = DxeTpm2MeasureBootLibConstructor
#
diff --git a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.uni b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.uni index 260dd04481..20f7453098 100644 --- a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.uni +++ b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.uni @@ -3,13 +3,13 @@ //
// This library instance hooks LoadImage() API to measure every image that
// is not measured in PEI phase. And, it will also measure GPT partition.
-//
+//
// Caution: This module requires additional review when modified.
// This library will have external input - PE/COFF image and GPT partition.
// This external input must be validated carefully to avoid security issues such
// as buffer overflow or integer overflow.
//
-// Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
+// Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
//
// This program and the accompanying materials
// are licensed and made available under the terms and conditions of the BSD License
diff --git a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c index 8167a21929..c54ab62e27 100644 --- a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c +++ b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c @@ -1,5 +1,5 @@ /** @file
- The library instance provides security service of TPM measure boot.
+ The library instance provides security service of TPM measure boot.
Caution: This file requires additional review when modified.
This library will have external input - PE/COFF image and GPT partition.
@@ -15,13 +15,13 @@ TcgMeasureGptTable() function will receive untrusted GPT partition table, and parse
partition data carefully.
-Copyright (c) 2009 - 2017, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
+Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -68,11 +68,11 @@ MEASURED_HOB_DATA *mMeasuredHobData = NULL; @param FileHandle Pointer to the file handle to read the PE/COFF image.
@param FileOffset Offset into the PE/COFF image to begin the read operation.
- @param ReadSize On input, the size in bytes of the requested read operation.
+ @param ReadSize On input, the size in bytes of the requested read operation.
On output, the number of bytes actually read.
@param Buffer Output buffer that contains the data read from the PE/COFF image.
-
- @retval EFI_SUCCESS The specified portion of the PE/COFF image was read and the size
+
+ @retval EFI_SUCCESS The specified portion of the PE/COFF image was read and the size
**/
EFI_STATUS
EFIAPI
@@ -157,11 +157,11 @@ TcgMeasureGptTable ( }
//
// Read the EFI Partition Table Header
- //
+ //
PrimaryHeader = (EFI_PARTITION_TABLE_HEADER *) AllocatePool (BlockIo->Media->BlockSize);
if (PrimaryHeader == NULL) {
return EFI_OUT_OF_RESOURCES;
- }
+ }
Status = DiskIo->ReadDisk (
DiskIo,
BlockIo->Media->MediaId,
@@ -173,7 +173,7 @@ TcgMeasureGptTable ( DEBUG ((EFI_D_ERROR, "Failed to Read Partition Table Header!\n"));
FreePool (PrimaryHeader);
return EFI_DEVICE_ERROR;
- }
+ }
//
// Read the partition entry.
//
@@ -194,7 +194,7 @@ TcgMeasureGptTable ( FreePool (EntryPtr);
return EFI_DEVICE_ERROR;
}
-
+
//
// Count the valid partition
//
@@ -202,15 +202,15 @@ TcgMeasureGptTable ( NumberOfPartition = 0;
for (Index = 0; Index < PrimaryHeader->NumberOfPartitionEntries; Index++) {
if (!IsZeroGuid (&PartitionEntry->PartitionTypeGUID)) {
- NumberOfPartition++;
+ NumberOfPartition++;
}
PartitionEntry = (EFI_PARTITION_ENTRY *)((UINT8 *)PartitionEntry + PrimaryHeader->SizeOfPartitionEntry);
}
//
// Prepare Data for Measurement
- //
- EventSize = (UINT32)(sizeof (EFI_GPT_DATA) - sizeof (GptData->Partitions)
+ //
+ EventSize = (UINT32)(sizeof (EFI_GPT_DATA) - sizeof (GptData->Partitions)
+ NumberOfPartition * PrimaryHeader->SizeOfPartitionEntry);
TcgEvent = (TCG_PCR_EVENT *) AllocateZeroPool (EventSize + sizeof (TCG_PCR_EVENT_HDR));
if (TcgEvent == NULL) {
@@ -222,11 +222,11 @@ TcgMeasureGptTable ( TcgEvent->PCRIndex = 5;
TcgEvent->EventType = EV_EFI_GPT_EVENT;
TcgEvent->EventSize = EventSize;
- GptData = (EFI_GPT_DATA *) TcgEvent->Event;
+ GptData = (EFI_GPT_DATA *) TcgEvent->Event;
//
// Copy the EFI_PARTITION_TABLE_HEADER and NumberOfPartition
- //
+ //
CopyMem ((UINT8 *)GptData, (UINT8*)PrimaryHeader, sizeof (EFI_PARTITION_TABLE_HEADER));
GptData->NumberOfPartitions = NumberOfPartition;
//
@@ -278,7 +278,7 @@ TcgMeasureGptTable ( PE/COFF image is external input, so this function will validate its data structure
within this image buffer before use.
- Notes: PE/COFF image has been checked by BasePeCoffLib PeCoffLoaderGetImageInfo() in
+ Notes: PE/COFF image has been checked by BasePeCoffLib PeCoffLoaderGetImageInfo() in
its caller function DxeTpmMeasureBootHandler().
@param[in] TcgProtocol Pointer to the located TCG protocol instance.
@@ -290,7 +290,7 @@ TcgMeasureGptTable ( @retval EFI_SUCCESS Successfully measure image.
@retval EFI_OUT_OF_RESOURCES No enough resource to measure image.
- @retval EFI_UNSUPPORTED ImageType is unsupported or PE image is mal-format.
+ @retval EFI_UNSUPPORTED ImageType is unsupported or PE image is mal-format.
@retval other error value
**/
@@ -420,8 +420,8 @@ TcgMeasurePeImage ( //
if (Hdr.Pe32->FileHeader.Machine == IMAGE_FILE_MACHINE_IA64 && Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
- // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value
- // in the PE/COFF Header. If the MachineType is Itanium(IA64) and the
+ // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value
+ // in the PE/COFF Header. If the MachineType is Itanium(IA64) and the
// Magic value in the OptionalHeader is EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC
// then override the magic value to EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC
//
@@ -432,7 +432,7 @@ TcgMeasurePeImage ( //
Magic = Hdr.Pe32->OptionalHeader.Magic;
}
-
+
//
// 3. Calculate the distance from the base of the image header to the image checksum address.
// 4. Hash the image header from its base to beginning of the image checksum.
@@ -455,7 +455,7 @@ TcgMeasurePeImage ( HashStatus = Sha1Update (Sha1Ctx, HashBase, HashSize);
if (!HashStatus) {
goto Finish;
- }
+ }
//
// 5. Skip over the image checksum (it occupies a single ULONG).
@@ -484,7 +484,7 @@ TcgMeasurePeImage ( if (!HashStatus) {
goto Finish;
}
- }
+ }
} else {
//
// 7. Hash everything from the end of the checksum to the start of the Cert Directory.
@@ -498,7 +498,7 @@ TcgMeasurePeImage ( } else {
//
// Use PE32+ offset
- //
+ //
HashBase = (UINT8 *) &Hdr.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);
HashSize = (UINTN) (&Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - (UINTN) HashBase;
}
@@ -527,7 +527,7 @@ TcgMeasurePeImage ( HashBase = (UINT8 *) &Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];
HashSize = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - ImageAddress);
}
-
+
if (HashSize != 0) {
HashStatus = Sha1Update (Sha1Ctx, HashBase, HashSize);
if (!HashStatus) {
@@ -690,27 +690,27 @@ Finish: }
/**
- The security handler is used to abstract platform-specific policy
- from the DXE core response to an attempt to use a file that returns a
- given status for the authentication check from the section extraction protocol.
+ The security handler is used to abstract platform-specific policy
+ from the DXE core response to an attempt to use a file that returns a
+ given status for the authentication check from the section extraction protocol.
- The possible responses in a given SAP implementation may include locking
- flash upon failure to authenticate, attestation logging for all signed drivers,
- and other exception operations. The File parameter allows for possible logging
+ The possible responses in a given SAP implementation may include locking
+ flash upon failure to authenticate, attestation logging for all signed drivers,
+ and other exception operations. The File parameter allows for possible logging
within the SAP of the driver.
If File is NULL, then EFI_INVALID_PARAMETER is returned.
- If the file specified by File with an authentication status specified by
+ If the file specified by File with an authentication status specified by
AuthenticationStatus is safe for the DXE Core to use, then EFI_SUCCESS is returned.
- If the file specified by File with an authentication status specified by
- AuthenticationStatus is not safe for the DXE Core to use under any circumstances,
+ If the file specified by File with an authentication status specified by
+ AuthenticationStatus is not safe for the DXE Core to use under any circumstances,
then EFI_ACCESS_DENIED is returned.
- If the file specified by File with an authentication status specified by
- AuthenticationStatus is not safe for the DXE Core to use right now, but it
- might be possible to use it at a future time, then EFI_SECURITY_VIOLATION is
+ If the file specified by File with an authentication status specified by
+ AuthenticationStatus is not safe for the DXE Core to use right now, but it
+ might be possible to use it at a future time, then EFI_SECURITY_VIOLATION is
returned.
@param[in] AuthenticationStatus This is the authentication status returned
@@ -764,7 +764,7 @@ DxeTpmMeasureBootHandler ( ProtocolCapability.Size = (UINT8) sizeof (ProtocolCapability);
Status = TcgProtocol->StatusCheck (
- TcgProtocol,
+ TcgProtocol,
&ProtocolCapability,
&TCGFeatureFlags,
&EventLogLocation,
@@ -781,7 +781,7 @@ DxeTpmMeasureBootHandler ( // Copy File Device Path
//
OrigDevicePathNode = DuplicateDevicePath (File);
-
+
//
// 1. Check whether this device path support BlockIo protocol.
// Is so, this device path may be a GPT device path.
@@ -802,8 +802,8 @@ DxeTpmMeasureBootHandler ( DevicePathSubType (DevicePathNode) == MEDIA_HARDDRIVE_DP) {
//
// Check whether it is a gpt partition or not
- //
- if (((HARDDRIVE_DEVICE_PATH *) DevicePathNode)->MBRType == MBR_TYPE_EFI_PARTITION_TABLE_HEADER &&
+ //
+ if (((HARDDRIVE_DEVICE_PATH *) DevicePathNode)->MBRType == MBR_TYPE_EFI_PARTITION_TABLE_HEADER &&
((HARDDRIVE_DEVICE_PATH *) DevicePathNode)->SignatureType == SIGNATURE_TYPE_GUID) {
//
@@ -838,7 +838,7 @@ DxeTpmMeasureBootHandler ( DevicePathNode = NextDevicePathNode (DevicePathNode);
}
}
-
+
//
// 2. Measure PE image.
//
@@ -872,7 +872,7 @@ DxeTpmMeasureBootHandler ( TempHandle = Handle;
do {
Status = gBS->HandleProtocol(
- TempHandle,
+ TempHandle,
&gEfiFirmwareVolumeBlockProtocolGuid,
(VOID**)&FvbProtocol
);
@@ -931,16 +931,16 @@ DxeTpmMeasureBootHandler ( //
goto Finish;
}
-
+
//
// Measure only application if Application flag is set
// Measure drivers and applications if Application flag is not set
//
- if ((!ApplicationRequired) ||
- (ApplicationRequired && ImageContext.ImageType == EFI_IMAGE_SUBSYSTEM_EFI_APPLICATION)) {
+ if ((!ApplicationRequired) ||
+ (ApplicationRequired && ImageContext.ImageType == EFI_IMAGE_SUBSYSTEM_EFI_APPLICATION)) {
//
// Print the image path to be measured.
- //
+ //
DEBUG_CODE_BEGIN ();
CHAR16 *ToText;
ToText = ConvertDevicePathToText (
@@ -959,10 +959,10 @@ DxeTpmMeasureBootHandler ( //
Status = TcgMeasurePeImage (
TcgProtocol,
- (EFI_PHYSICAL_ADDRESS) (UINTN) FileBuffer,
- FileSize,
- (UINTN) ImageContext.ImageAddress,
- ImageContext.ImageType,
+ (EFI_PHYSICAL_ADDRESS) (UINTN) FileBuffer,
+ FileSize,
+ (UINTN) ImageContext.ImageAddress,
+ ImageContext.ImageType,
DevicePathNode
);
}
diff --git a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf index 553e68321e..a2c5847747 100644 --- a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf +++ b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf @@ -1,15 +1,15 @@ ## @file
# Provides security service for TPM 1.2 measured boot
#
-# This library instance hooks LoadImage() API to measure every image that
+# This library instance hooks LoadImage() API to measure every image that
# is not measured in PEI phase. And, it will also measure GPT partition.
#
# Caution: This module requires additional review when modified.
# This library will have external input - PE/COFF image and GPT partition.
-# This external input must be validated carefully to avoid security issues such
+# This external input must be validated carefully to avoid security issues such
# as buffer overflow or integer overflow.
#
-# Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -26,7 +26,7 @@ FILE_GUID = 6C60C7D0-922A-4b7c-87D7-E503EDD73BBF
MODULE_TYPE = DXE_DRIVER
VERSION_STRING = 1.0
- LIBRARY_CLASS = NULL|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
+ LIBRARY_CLASS = NULL|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
CONSTRUCTOR = DxeTpmMeasureBootLibConstructor
#
diff --git a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.uni b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.uni index 74d6e76d52..f3f64395f1 100644 --- a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.uni +++ b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.uni @@ -3,13 +3,13 @@ //
// This library instance hooks LoadImage() API to measure every image that
// is not measured in PEI phase. And, it will also measure GPT partition.
-//
+//
// Caution: This module requires additional review when modified.
// This library will have external input - PE/COFF image and GPT partition.
// This external input must be validated carefully to avoid security issues such
// as buffer overflow or integer overflow.
//
-// Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
+// Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
//
// This program and the accompanying materials
// are licensed and made available under the terms and conditions of the BSD License
diff --git a/SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.c b/SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.c index 7a2ec7f221..8c56a713d8 100644 --- a/SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.c +++ b/SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.c @@ -1,7 +1,7 @@ /** @file
This library is used by other modules to measure data to TPM.
-Copyright (c) 2012 - 2015, Intel Corporation. All rights reserved. <BR>
+Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved. <BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -171,7 +171,7 @@ Tpm20MeasureAndLogData ( @retval EFI_DEVICE_ERROR The operation was unsuccessful.
**/
EFI_STATUS
-EFIAPI
+EFIAPI
TpmMeasureAndLogData (
IN UINT32 PcrIndex,
IN UINT32 EventType,
diff --git a/SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf b/SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf index 410eb788db..17527ba025 100644 --- a/SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf +++ b/SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf @@ -1,10 +1,10 @@ ## @file
# Provides TPM measurement functions for TPM1.2 and TPM 2.0
-#
-# This library provides TpmMeasureAndLogData() to measure and log data, and
+#
+# This library provides TpmMeasureAndLogData() to measure and log data, and
# extend the measurement result into a specific PCR.
#
-# Copyright (c) 2012 - 2015, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -20,7 +20,7 @@ FILE_GUID = 30930D10-AF5B-4abf-80E6-EB4FFC0AE9D1
MODULE_TYPE = UEFI_DRIVER
VERSION_STRING = 1.0
- LIBRARY_CLASS = TpmMeasurementLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
+ LIBRARY_CLASS = TpmMeasurementLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
MODULE_UNI_FILE = DxeTpmMeasurementLib.uni
#
diff --git a/SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.c b/SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.c index 6dc3508be0..d09b68c8b1 100644 --- a/SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.c +++ b/SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.c @@ -2,7 +2,7 @@ This library is BaseCrypto SHA1 hash instance.
It can be registered to BaseCrypto router, to serve as hash engine.
-Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved. <BR>
+Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. <BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -118,7 +118,7 @@ Sha1HashFinal ( Sha1Final (Sha1Ctx, Digest);
FreePool (Sha1Ctx);
-
+
Tpm2SetSha1ToDigestList (DigestList, Digest);
return EFI_SUCCESS;
@@ -133,7 +133,7 @@ HASH_INTERFACE mSha1InternalHashInstance = { /**
The function register SHA1 instance.
-
+
@retval EFI_SUCCESS SHA1 instance is registered, or system dose not surpport registr SHA1 instance
**/
EFI_STATUS
@@ -152,4 +152,4 @@ HashInstanceLibSha1Constructor ( return EFI_SUCCESS;
}
return Status;
-}
\ No newline at end of file +}
diff --git a/SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.c b/SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.c index 32e03120be..44dc77928e 100644 --- a/SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.c +++ b/SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.c @@ -2,7 +2,7 @@ This library is BaseCrypto SHA256 hash instance.
It can be registered to BaseCrypto router, to serve as hash engine.
-Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved. <BR>
+Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. <BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -118,7 +118,7 @@ Sha256HashFinal ( Sha256Final (Sha256Ctx, Digest);
FreePool (Sha256Ctx);
-
+
Tpm2SetSha256ToDigestList (DigestList, Digest);
return EFI_SUCCESS;
@@ -133,7 +133,7 @@ HASH_INTERFACE mSha256InternalHashInstance = { /**
The function register SHA256 instance.
-
+
@retval EFI_SUCCESS SHA256 instance is registered, or system dose not surpport registr SHA256 instance
**/
EFI_STATUS
@@ -152,4 +152,4 @@ HashInstanceLibSha256Constructor ( return EFI_SUCCESS;
}
return Status;
-}
\ No newline at end of file +}
diff --git a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.c b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.c index 7bb5087550..73a616a0df 100644 --- a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.c +++ b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.c @@ -3,7 +3,7 @@ hash handler registerd, such as SHA1, SHA256.
Platform can use PcdTpm2HashMask to mask some hash engines.
-Copyright (c) 2013 - 2017, Intel Corporation. All rights reserved. <BR>
+Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. <BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -269,16 +269,16 @@ RegisterHashInterfaceLib ( CopyMem (&mHashInterface[mHashInterfaceCount], HashInterface, sizeof(*HashInterface));
mHashInterfaceCount ++;
-
+
return EFI_SUCCESS;
}
/**
The constructor function of HashLibBaseCryptoRouterDxe.
-
+
@param ImageHandle The firmware allocated handle for the EFI image.
@param SystemTable A pointer to the EFI System Table.
-
+
@retval EFI_SUCCESS The constructor executed correctly.
**/
diff --git a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf index 6e660d4f14..4e9ce56c69 100644 --- a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf +++ b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf @@ -2,10 +2,10 @@ # Provides hash service by registered hash handler
#
# This library is BaseCrypto router. It will redirect hash request to each individual
-# hash handler registered, such as SHA1, SHA256. Platform can use PcdTpm2HashMask to
+# hash handler registered, such as SHA1, SHA256. Platform can use PcdTpm2HashMask to
# mask some hash engines.
#
-# Copyright (c) 2013 - 2017, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -22,7 +22,7 @@ FILE_GUID = 158DC712-F15A-44dc-93BB-1675045BE066
MODULE_TYPE = DXE_DRIVER
VERSION_STRING = 1.0
- LIBRARY_CLASS = HashLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
+ LIBRARY_CLASS = HashLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
CONSTRUCTOR = HashLibBaseCryptoRouterDxeConstructor
#
diff --git a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.c b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.c index bf6e1336ee..b9868e6b9d 100644 --- a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.c +++ b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.c @@ -3,7 +3,7 @@ hash handler registerd, such as SHA1, SHA256.
Platform can use PcdTpm2HashMask to mask some hash engines.
-Copyright (c) 2013 - 2017, Intel Corporation. All rights reserved. <BR>
+Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. <BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -374,7 +374,7 @@ RegisterHashInterfaceLib ( CopyMem (&HashInterfaceHob->HashInterface[HashInterfaceHob->HashInterfaceCount], HashInterface, sizeof(*HashInterface));
HashInterfaceHob->HashInterfaceCount ++;
-
+
return EFI_SUCCESS;
}
diff --git a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf index 018090b8fa..20824ce75e 100644 --- a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf +++ b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf @@ -2,10 +2,10 @@ # Provides hash service by registered hash handler
#
# This library is BaseCrypto router. It will redirect hash request to each individual
-# hash handler registered, such as SHA1, SHA256. Platform can use PcdTpm2HashMask to
+# hash handler registered, such as SHA1, SHA256. Platform can use PcdTpm2HashMask to
# mask some hash engines.
#
-# Copyright (c) 2013 - 2017, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
diff --git a/SecurityPkg/Library/HashLibTpm2/HashLibTpm2.c b/SecurityPkg/Library/HashLibTpm2/HashLibTpm2.c index cd5dde5be3..fac27eef11 100644 --- a/SecurityPkg/Library/HashLibTpm2/HashLibTpm2.c +++ b/SecurityPkg/Library/HashLibTpm2/HashLibTpm2.c @@ -1,7 +1,7 @@ /** @file
This library uses TPM2 device to calculation hash.
-Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved. <BR>
+Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. <BR>
(C) Copyright 2015 Hewlett Packard Enterprise Development LP<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
@@ -339,4 +339,4 @@ RegisterHashInterfaceLib ( )
{
return EFI_UNSUPPORTED;
-}
\ No newline at end of file +}
diff --git a/SecurityPkg/Library/HashLibTpm2/HashLibTpm2.inf b/SecurityPkg/Library/HashLibTpm2/HashLibTpm2.inf index f807cc7f3d..db97d4547d 100644 --- a/SecurityPkg/Library/HashLibTpm2/HashLibTpm2.inf +++ b/SecurityPkg/Library/HashLibTpm2/HashLibTpm2.inf @@ -1,10 +1,10 @@ ## @file
# Provides hash service using TPM2 device
#
-# This library uses TPM2 device to calculate hash. Platform can use PcdTpm2HashMask to
+# This library uses TPM2 device to calculate hash. Platform can use PcdTpm2HashMask to
# mask some hash calculation.
#
-# Copyright (c) 2014, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2014 - 2018, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
diff --git a/SecurityPkg/Library/PeiRsa2048Sha256GuidedSectionExtractLib/PeiRsa2048Sha256GuidedSectionExtractLib.c b/SecurityPkg/Library/PeiRsa2048Sha256GuidedSectionExtractLib/PeiRsa2048Sha256GuidedSectionExtractLib.c index 2272308ddc..e059f64c9b 100644 --- a/SecurityPkg/Library/PeiRsa2048Sha256GuidedSectionExtractLib/PeiRsa2048Sha256GuidedSectionExtractLib.c +++ b/SecurityPkg/Library/PeiRsa2048Sha256GuidedSectionExtractLib/PeiRsa2048Sha256GuidedSectionExtractLib.c @@ -1,17 +1,17 @@ /** @file
- This library registers RSA 2048 SHA 256 guided section handler
+ This library registers RSA 2048 SHA 256 guided section handler
to parse RSA 2048 SHA 256 encapsulation section and extract raw data.
It uses the BaseCrypyLib based on OpenSSL to authenticate the signature.
-Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -48,7 +48,7 @@ CONST UINT8 mRsaE[] = { 0x01, 0x00, 0x01 }; /**
GetInfo gets raw data size and attribute of the input guided section.
- It first checks whether the input guid section is supported.
+ It first checks whether the input guid section is supported.
If not, EFI_INVALID_PARAMETER will return.
@param InputSection Buffer containing the input GUIDed section to be processed.
@@ -56,7 +56,7 @@ CONST UINT8 mRsaE[] = { 0x01, 0x00, 0x01 }; @param ScratchBufferSize The size of ScratchBuffer.
@param SectionAttribute The attribute of the input guided section.
- @retval EFI_SUCCESS The size of destination buffer, the size of scratch buffer and
+ @retval EFI_SUCCESS The size of destination buffer, the size of scratch buffer and
the attribute of the input section are successfully retrieved.
@retval EFI_INVALID_PARAMETER The GUID in InputSection does not match this instance guid.
@@ -109,7 +109,7 @@ Rsa2048Sha256GuidedSectionGetInfo ( Extraction handler tries to extract raw data from the input guided section.
It also does authentication check for RSA 2048 SHA 256 signature in the input guided section.
- It first checks whether the input guid section is supported.
+ It first checks whether the input guid section is supported.
If not, EFI_INVALID_PARAMETER will return.
@param InputSection Buffer containing the input GUIDed section to be processed.
@@ -140,10 +140,10 @@ Rsa2048Sha256GuidedSectionHandler ( UINTN PublicKeyBufferSize;
VOID *HashContext;
VOID *Rsa;
-
+
HashContext = NULL;
Rsa = NULL;
-
+
if (IS_SECTION2 (InputSection)) {
//
// Check whether the input guid section is recognized.
@@ -153,7 +153,7 @@ Rsa2048Sha256GuidedSectionHandler ( &(((EFI_GUID_DEFINED_SECTION2 *)InputSection)->SectionDefinitionGuid))) {
return EFI_INVALID_PARAMETER;
}
-
+
//
// Get the RSA 2048 SHA 256 information.
//
@@ -181,7 +181,7 @@ Rsa2048Sha256GuidedSectionHandler ( &(((EFI_GUID_DEFINED_SECTION *)InputSection)->SectionDefinitionGuid))) {
return EFI_INVALID_PARAMETER;
}
-
+
//
// Get the RSA 2048 SHA 256 information.
//
@@ -206,7 +206,7 @@ Rsa2048Sha256GuidedSectionHandler ( // All paths from here return EFI_SUCESS and result is returned in AuthenticationStatus
//
Status = EFI_SUCCESS;
-
+
//
// Fail if the HashType is not SHA 256
//
@@ -248,7 +248,7 @@ Rsa2048Sha256GuidedSectionHandler ( *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
goto Done;
}
-
+
//
// Fail if the PublicKey is not one of the public keys in PcdRsa2048Sha256PublicKeyBuffer
//
@@ -283,8 +283,8 @@ Rsa2048Sha256GuidedSectionHandler ( *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
goto Done;
}
-
- //
+
+ //
// Set RSA Key Components.
// NOTE: Only N and E are needed to be set as RSA public key for signature verification.
//
@@ -331,10 +331,10 @@ Rsa2048Sha256GuidedSectionHandler ( //
PERF_INMODULE_BEGIN ("PeiRsaVerify");
CryptoStatus = RsaPkcs1Verify (
- Rsa,
- Digest,
- SHA256_DIGEST_SIZE,
- CertBlockRsa2048Sha256->Signature,
+ Rsa,
+ Digest,
+ SHA256_DIGEST_SIZE,
+ CertBlockRsa2048Sha256->Signature,
sizeof (CertBlockRsa2048Sha256->Signature)
);
PERF_INMODULE_END ("PeiRsaVerify");
diff --git a/SecurityPkg/Library/PeiRsa2048Sha256GuidedSectionExtractLib/PeiRsa2048Sha256GuidedSectionExtractLib.inf b/SecurityPkg/Library/PeiRsa2048Sha256GuidedSectionExtractLib/PeiRsa2048Sha256GuidedSectionExtractLib.inf index 3b781c71c7..d11d7309f9 100644 --- a/SecurityPkg/Library/PeiRsa2048Sha256GuidedSectionExtractLib/PeiRsa2048Sha256GuidedSectionExtractLib.inf +++ b/SecurityPkg/Library/PeiRsa2048Sha256GuidedSectionExtractLib/PeiRsa2048Sha256GuidedSectionExtractLib.inf @@ -1,11 +1,11 @@ ## @file
-# This library doesn't produce any library class. The constructor function uses
+# This library doesn't produce any library class. The constructor function uses
# ExtractGuidedSectionLib service to register an RSA 2048 SHA 256 guided section handler
# that parses RSA 2048 SHA 256 encapsulation section and extracts raw data.
#
# It uses the BaseCrypyLib based on OpenSSL to authenticate the signature.
#
-# Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
#
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
@@ -49,10 +49,10 @@ PcdLib
PerformanceLib
-[Pcd]
+[Pcd]
gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer ## SOMETIMES_CONSUMES
-
+
[Guids]
gEfiCertTypeRsa2048Sha256Guid ## PRODUCES ## UNDEFINED # Specifies RSA 2048 SHA 256 authentication algorithm.
gEfiHashAlgorithmSha256Guid ## SOMETIMES_CONSUMES ## UNDEFINED
-
\ No newline at end of file +
diff --git a/SecurityPkg/Library/PeiRsa2048Sha256GuidedSectionExtractLib/PeiRsa2048Sha256GuidedSectionExtractLib.uni b/SecurityPkg/Library/PeiRsa2048Sha256GuidedSectionExtractLib/PeiRsa2048Sha256GuidedSectionExtractLib.uni index 5a043efbb2..19131a71ab 100644 --- a/SecurityPkg/Library/PeiRsa2048Sha256GuidedSectionExtractLib/PeiRsa2048Sha256GuidedSectionExtractLib.uni +++ b/SecurityPkg/Library/PeiRsa2048Sha256GuidedSectionExtractLib/PeiRsa2048Sha256GuidedSectionExtractLib.uni @@ -3,10 +3,10 @@ //
// ExtractGuidedSectionLib service to register an RSA 2048 SHA 256 guided section handler
// that parses RSA 2048 SHA 256 encapsulation section and extracts raw data.
-//
+//
// It uses the BaseCrypyLib based on OpenSSL to authenticate the signature.
//
-// Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
+// Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
//
// This program and the accompanying materials
// are licensed and made available under the terms and conditions of the BSD License
diff --git a/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.c b/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.c index e190718907..a4c3cb8aeb 100644 --- a/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.c +++ b/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.c @@ -1,15 +1,15 @@ /** @file
Get TPM 2.0 physical presence information.
-
+
This library will get TPM 2.0 physical presence information.
-Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
+Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -39,7 +39,7 @@ Tcg2PhysicalPresenceLibGetManagementFlags ( EFI_PEI_READ_ONLY_VARIABLE2_PPI *VariablePpi;
EFI_TCG2_PHYSICAL_PRESENCE_FLAGS PpiFlags;
UINTN DataSize;
-
+
Status = PeiServicesLocatePpi (&gEfiPeiReadOnlyVariable2PpiGuid, 0, NULL, (VOID **) &VariablePpi);
ASSERT_EFI_ERROR (Status);
diff --git a/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.inf b/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.inf index 6d0b7a00cb..adcbceedb3 100644 --- a/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.inf +++ b/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.inf @@ -3,7 +3,7 @@ #
# This library will get TPM 2.0 physical presence information.
#
-# Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -40,7 +40,7 @@ DebugLib
PeiServicesLib
PeiServicesTablePointerLib
-
+
[Guids]
## SOMETIMES_CONSUMES ## Variable:L"PhysicalPresenceFlags"
gEfiTcg2PhysicalPresenceGuid
@@ -49,4 +49,4 @@ gEfiPeiReadOnlyVariable2PpiGuid ## CONSUMES
[Depex]
- gEfiPeiReadOnlyVariable2PpiGuid
\ No newline at end of file + gEfiPeiReadOnlyVariable2PpiGuid
diff --git a/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.uni b/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.uni index b562ca223c..e41cbcbba4 100644 --- a/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.uni +++ b/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.uni @@ -2,8 +2,8 @@ // Get TPM 2.0 physical presence information.
//
// This library will get TPM 2.0 physical presence information.
-//
-// Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
+//
+// Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
//
// This program and the accompanying materials
// are licensed and made available under the terms and conditions of the BSD License
diff --git a/SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.c b/SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.c index 8dc07ec74a..0c6ded22f3 100644 --- a/SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.c +++ b/SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.c @@ -1,16 +1,16 @@ /** @file
- NULL PlatformSecureLib instance does NOT really detect whether a physical present
+ NULL PlatformSecureLib instance does NOT really detect whether a physical present
user exists but return TRUE directly. This instance can be used to verify security
related features during platform enabling and development. It should be replaced
by a platform-specific method(e.g. Button pressed) in a real platform for product.
-Copyright (c) 2011 - 2016, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
+Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -20,7 +20,7 @@ BOOLEAN mUserPhysicalPresence = FALSE; /**
This function provides a platform-specific method to detect whether the platform
- is operating by a physically present user.
+ is operating by a physically present user.
Programmatic changing of platform security policy (such as disable Secure Boot,
or switch between Standard/Custom Secure Boot mode) MUST NOT be possible during
@@ -29,7 +29,7 @@ BOOLEAN mUserPhysicalPresence = FALSE; NOTE THAT: This function cannot depend on any EFI Variable Service since they are
not available when this function is called in AuthenticateVariable driver.
-
+
@retval TRUE The platform is operated by a physically present user.
@retval FALSE The platform is NOT operated by a physically present user.
@@ -40,7 +40,7 @@ UserPhysicalPresent ( VOID
)
{
- return mUserPhysicalPresence;
+ return mUserPhysicalPresence;
}
diff --git a/SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.inf b/SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.inf index be415f4166..2f2ea4fc25 100644 --- a/SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.inf +++ b/SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.inf @@ -1,12 +1,12 @@ ## @file
# NULL platform secure library instance that alway returns TRUE for a user physical present
#
-# NULL PlatformSecureLib instance does NOT really detect whether a physical present
+# NULL PlatformSecureLib instance does NOT really detect whether a physical present
# user exists but returns TRUE directly. This instance can be used to verify security
# related features during platform enabling and development. It should be replaced
# by a platform-specific method(e.g. Button pressed) in a real platform for product.
#
-# Copyright (c) 2011 - 2016, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
diff --git a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.c b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.c index 6a4dce9198..ddd223f4d9 100644 --- a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.c +++ b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.c @@ -1,6 +1,6 @@ /** @file
Handle TPM 2.0 physical presence requests from OS.
-
+
This library will handle TPM 2.0 physical presence request from OS.
Caution: This module requires additional review when modified.
@@ -11,12 +11,12 @@ will receive untrusted input and do validation.
Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -151,7 +151,7 @@ Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunctionEx ( DataSize,
&PpData
);
- if (EFI_ERROR (Status)) {
+ if (EFI_ERROR (Status)) {
DEBUG ((EFI_D_ERROR, "[TPM2] Set PP variable failure! Status = %r\n", Status));
ReturnCode = TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE;
goto EXIT;
@@ -203,7 +203,7 @@ EXIT: This API should be invoked in OS runtime phase to interface with ACPI method.
Caution: This function may receive untrusted input.
-
+
@param[in] OperationRequest TPM physical presence operation request.
@param[in] RequestParameter TPM physical presence operation request parameter.
@@ -233,7 +233,7 @@ Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction ( This API should be invoked in OS runtime phase to interface with ACPI method.
Caution: This function may receive untrusted input.
-
+
@param[in] OperationRequest TPM physical presence operation request.
@return Return Code for Get User Confirmation Status for Operation.
@@ -249,7 +249,7 @@ Tcg2PhysicalPresenceLibGetUserConfirmationStatusFunction ( EFI_TCG2_PHYSICAL_PRESENCE PpData;
EFI_TCG2_PHYSICAL_PRESENCE_FLAGS Flags;
BOOLEAN RequestConfirmed;
-
+
DEBUG ((EFI_D_INFO, "[TPM2] GetUserConfirmationStatusFunction, Request = %x\n", OperationRequest));
//
@@ -314,7 +314,7 @@ Tcg2PhysicalPresenceLibGetUserConfirmationStatusFunction ( RequestConfirmed = TRUE;
}
break;
-
+
case TCG2_PHYSICAL_PRESENCE_LOG_ALL_DIGESTS:
RequestConfirmed = TRUE;
break;
@@ -369,17 +369,17 @@ Tcg2PhysicalPresenceLibGetUserConfirmationStatusFunction ( return TCG_PP_GET_USER_CONFIRMATION_ALLOWED_AND_PPUSER_NOT_REQUIRED;
} else {
return TCG_PP_GET_USER_CONFIRMATION_ALLOWED_AND_PPUSER_REQUIRED;
- }
+ }
}
/**
The constructor function locates SmmVariable protocol.
-
- It will ASSERT() if that operation fails and it will always return EFI_SUCCESS.
+
+ It will ASSERT() if that operation fails and it will always return EFI_SUCCESS.
@param ImageHandle The firmware allocated handle for the EFI image.
@param SystemTable A pointer to the EFI System Table.
-
+
@retval EFI_SUCCESS The constructor successfully added string package.
@retval Other value The constructor can't add string package.
**/
diff --git a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf index 83670971c9..dd46e0ec21 100644 --- a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf +++ b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf @@ -57,4 +57,4 @@ gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer ## CONSUMES
[Depex]
- gEfiSmmVariableProtocolGuid
\ No newline at end of file + gEfiSmmVariableProtocolGuid
diff --git a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.uni b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.uni index 268db455d9..e252a82ed7 100644 --- a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.uni +++ b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.uni @@ -2,12 +2,12 @@ // Handle TPM 2.0 physical presence requests from OS.
//
// This library will handle TPM 2.0 physical presence request from OS.
-//
+//
// Caution: This module requires additional review when modified.
// This driver will have external input - variable.
// This external input must be validated carefully to avoid security issue.
//
-// Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
+// Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
//
// This program and the accompanying materials
// are licensed and made available under the terms and conditions of the BSD License
diff --git a/SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.c b/SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.c index 93cb312d90..a1ec9e71c5 100644 --- a/SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.c +++ b/SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.c @@ -1,13 +1,13 @@ /** @file
NULL Tcg2 PP Vendor library instance that does not support any vendor specific PPI.
-Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
+Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -19,9 +19,9 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. Check and execute the requested physical presence command.
This API should be invoked in BIOS boot phase to process pending request.
-
+
Caution: This function may receive untrusted input.
-
+
If OperationRequest < 128, then ASSERT().
@param[in] PlatformAuth platform auth value. NULL means no platform auth change.
@@ -50,7 +50,7 @@ Tcg2PpVendorLibExecutePendingRequest ( Check if there is a valid physical presence command request.
This API should be invoked in BIOS boot phase to process pending request.
-
+
Caution: This function may receive untrusted input.
If OperationRequest < 128, then ASSERT().
@@ -84,7 +84,7 @@ Tcg2PpVendorLibHasValidRequest ( This API should be invoked in OS runtime phase to interface with ACPI method.
Caution: This function may receive untrusted input.
-
+
If OperationRequest < 128, then ASSERT().
@param[in] OperationRequest TPM physical presence operation request.
@@ -113,7 +113,7 @@ Tcg2PpVendorLibSubmitRequestToPreOSFunction ( This API should be invoked in OS runtime phase to interface with ACPI method.
Caution: This function may receive untrusted input.
-
+
If OperationRequest < 128, then ASSERT().
@param[in] OperationRequest TPM physical presence operation request.
diff --git a/SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf b/SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf index f953fe95a7..0a1588a908 100644 --- a/SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf +++ b/SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf @@ -1,7 +1,7 @@ ## @file
# NULL Tcg PP Vendor library instance that does not support any vendor specific PPI
#
-# Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -32,6 +32,6 @@ [Packages]
MdePkg/MdePkg.dec
SecurityPkg/SecurityPkg.dec
-
+
[LibraryClasses]
- DebugLib
\ No newline at end of file + DebugLib
diff --git a/SecurityPkg/Library/TcgPpVendorLibNull/TcgPpVendorLibNull.c b/SecurityPkg/Library/TcgPpVendorLibNull/TcgPpVendorLibNull.c index ddd6d727cc..000f2be97e 100644 --- a/SecurityPkg/Library/TcgPpVendorLibNull/TcgPpVendorLibNull.c +++ b/SecurityPkg/Library/TcgPpVendorLibNull/TcgPpVendorLibNull.c @@ -1,13 +1,13 @@ /** @file
NULL TCG PP Vendor library instance that does not support any vendor specific PPI.
-Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
+Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -19,9 +19,9 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. Check and execute the requested physical presence command.
This API should be invoked in BIOS boot phase to process pending request.
-
+
Caution: This function may receive untrusted input.
-
+
If OperationRequest < 128, then ASSERT().
@param[in] OperationRequest TPM physical presence operation request.
@@ -48,7 +48,7 @@ TcgPpVendorLibExecutePendingRequest ( Check if there is a valid physical presence command request.
This API should be invoked in BIOS boot phase to process pending request.
-
+
Caution: This function may receive untrusted input.
If OperationRequest < 128, then ASSERT().
@@ -82,7 +82,7 @@ TcgPpVendorLibHasValidRequest ( This API should be invoked in OS runtime phase to interface with ACPI method.
Caution: This function may receive untrusted input.
-
+
If OperationRequest < 128, then ASSERT().
@param[in] OperationRequest TPM physical presence operation request.
@@ -109,7 +109,7 @@ TcgPpVendorLibSubmitRequestToPreOSFunction ( This API should be invoked in OS runtime phase to interface with ACPI method.
Caution: This function may receive untrusted input.
-
+
If OperationRequest < 128, then ASSERT().
@param[in] OperationRequest TPM physical presence operation request.
diff --git a/SecurityPkg/Library/TcgPpVendorLibNull/TcgPpVendorLibNull.inf b/SecurityPkg/Library/TcgPpVendorLibNull/TcgPpVendorLibNull.inf index 9674386abd..db1abb4c53 100644 --- a/SecurityPkg/Library/TcgPpVendorLibNull/TcgPpVendorLibNull.inf +++ b/SecurityPkg/Library/TcgPpVendorLibNull/TcgPpVendorLibNull.inf @@ -1,7 +1,7 @@ ## @file
# NULL TCG PP Vendor library instance that does not support any vendor specific PPI
#
-# Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -32,6 +32,6 @@ [Packages]
MdePkg/MdePkg.dec
SecurityPkg/SecurityPkg.dec
-
+
[LibraryClasses]
- DebugLib
\ No newline at end of file + DebugLib
diff --git a/SecurityPkg/Library/TcgStorageOpalLib/TcgStorageOpalCore.c b/SecurityPkg/Library/TcgStorageOpalLib/TcgStorageOpalCore.c index cf37cad004..4947f4ff27 100644 --- a/SecurityPkg/Library/TcgStorageOpalLib/TcgStorageOpalCore.c +++ b/SecurityPkg/Library/TcgStorageOpalLib/TcgStorageOpalCore.c @@ -1143,7 +1143,7 @@ OpalSetLockingSpAuthorityEnabledAndPin( ERROR_CHECK(OpalPerformMethod(LockingSpSession, Size, Buf, sizeof(Buf), &ParseStruct, MethodStatus, 0));
//
- // For Pyrite type SSC, it not supports Active Key.
+ // For Pyrite type SSC, it not supports Active Key.
// So here add check logic before enable it.
//
Ret = OpalParseRetrieveGlobalLockingRangeActiveKey(&ParseStruct, &ActiveKey);
diff --git a/SecurityPkg/Library/Tpm12CommandLib/Tpm12NvStorage.c b/SecurityPkg/Library/Tpm12CommandLib/Tpm12NvStorage.c index e176b00f6b..40bc2c3711 100644 --- a/SecurityPkg/Library/Tpm12CommandLib/Tpm12NvStorage.c +++ b/SecurityPkg/Library/Tpm12CommandLib/Tpm12NvStorage.c @@ -1,7 +1,7 @@ /** @file
Implement TPM1.2 NV storage related command.
-Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved. <BR>
+Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved. <BR>
(C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
@@ -58,7 +58,7 @@ typedef struct { /**
Send NV DefineSpace command to TPM1.2.
-
+
@param PubInfo The public parameters of the NV area.
@param EncAuth The encrypted AuthData, only valid if the attributes require subsequent authorization.
@@ -180,7 +180,7 @@ Tpm12NvReadValue ( /**
Send NV WriteValue command to TPM1.2.
-
+
@param NvIndex The index of the area to set.
@param Offset The offset into the NV Area.
@param DataSize The size of the data parameter.
diff --git a/SecurityPkg/Library/Tpm12CommandLib/Tpm12Ownership.c b/SecurityPkg/Library/Tpm12CommandLib/Tpm12Ownership.c index 0b1bf5c536..c4bad5ba1b 100644 --- a/SecurityPkg/Library/Tpm12CommandLib/Tpm12Ownership.c +++ b/SecurityPkg/Library/Tpm12CommandLib/Tpm12Ownership.c @@ -1,7 +1,7 @@ /** @file
Implement TPM1.2 Ownership related command.
-Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved. <BR>
+Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. <BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -52,4 +52,4 @@ Tpm12ForceClear ( default:
return EFI_DEVICE_ERROR;
}
-}
\ No newline at end of file +}
diff --git a/SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf b/SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf index 30b399499e..949493cae8 100644 --- a/SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf +++ b/SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf @@ -1,11 +1,11 @@ ## @file
# Provides TPM 1.2 TIS functions
-#
-# This library implements TIS (TPM Interface Specification) functions which is
-# used for every TPM 1.2 command. Choosing this library means platform uses and
+#
+# This library implements TIS (TPM Interface Specification) functions which is
+# used for every TPM 1.2 command. Choosing this library means platform uses and
# only uses TPM 1.2 device.
#
-# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -45,4 +45,4 @@ DebugLib
[Pcd]
- gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress ## CONSUMES
\ No newline at end of file + gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress ## CONSUMES
diff --git a/SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12Tis.c b/SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12Tis.c index c392b4b215..72802f44cc 100644 --- a/SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12Tis.c +++ b/SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12Tis.c @@ -1,14 +1,14 @@ /** @file
TIS (TPM Interface Specification) functions used by TPM1.2.
-
-Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved.<BR>
+
+Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
(C) Copyright 2015 Hewlett Packard Enterprise Development LP<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -52,7 +52,7 @@ Tpm12TisPcPresenceCheck ( )
{
UINT8 RegRead;
-
+
RegRead = MmioRead8 ((UINTN)&TisReg->Access);
return (BOOLEAN)(RegRead != (UINT8)-1);
}
@@ -127,7 +127,7 @@ Tpm12TisPcWaitRegisterBits ( }
/**
- Get BurstCount by reading the burstCount field of a TIS regiger
+ Get BurstCount by reading the burstCount field of a TIS regiger
in the time of default TIS_TIMEOUT_D.
@param[in] TisReg Pointer to TIS register.
@@ -171,7 +171,7 @@ Tpm12TisPcReadBurstCount ( }
/**
- Set TPM chip to ready state by sending ready command TIS_PC_STS_READY
+ Set TPM chip to ready state by sending ready command TIS_PC_STS_READY
to Status Register in time.
@param[in] TisReg Pointer to TIS register.
@@ -202,7 +202,7 @@ Tpm12TisPcPrepareCommand ( }
/**
- Get the control of TPM chip by sending requestUse command TIS_PC_ACC_RQUUSE
+ Get the control of TPM chip by sending requestUse command TIS_PC_ACC_RQUUSE
to ACCESS Register in the time of default TIS_TIMEOUT_A.
@param[in] TisReg Pointer to TIS register.
@@ -218,11 +218,11 @@ Tpm12TisPcRequestUseTpm ( )
{
EFI_STATUS Status;
-
+
if (TisReg == NULL) {
return EFI_INVALID_PARAMETER;
}
-
+
if (!Tpm12TisPcPresenceCheck (TisReg)) {
return EFI_NOT_FOUND;
}
@@ -240,12 +240,12 @@ Tpm12TisPcRequestUseTpm ( /**
Send a command to TPM for execution and return response data.
- @param[in] TisReg TPM register space base address.
- @param[in] BufferIn Buffer for command data.
- @param[in] SizeIn Size of command data.
- @param[in, out] BufferOut Buffer for response data.
- @param[in, out] SizeOut Size of response data.
-
+ @param[in] TisReg TPM register space base address.
+ @param[in] BufferIn Buffer for command data.
+ @param[in] SizeIn Size of command data.
+ @param[in, out] BufferOut Buffer for response data.
+ @param[in, out] SizeOut Size of response data.
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_BUFFER_TOO_SMALL Response data buffer is too small.
@retval EFI_DEVICE_ERROR Unexpected device behavior.
@@ -422,7 +422,7 @@ Exit: @retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received.
@retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device.
- @retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
+ @retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
**/
EFI_STATUS
EFIAPI
diff --git a/SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.c b/SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.c index 126ec06cbd..e119f86320 100644 --- a/SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.c +++ b/SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.c @@ -1,7 +1,7 @@ /** @file
This library is TPM12 TCG protocol lib.
-Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved. <BR>
+Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. <BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -21,7 +21,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #include <Protocol/TcgService.h>
#include <IndustryStandard/Tpm12.h>
-EFI_TCG_PROTOCOL *mTcgProtocol = NULL;
+EFI_TCG_PROTOCOL *mTcgProtocol = NULL;
/**
This service enables the sending of commands to the TPM12.
@@ -33,7 +33,7 @@ EFI_TCG_PROTOCOL *mTcgProtocol = NULL; @retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received.
@retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device.
- @retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
+ @retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
**/
EFI_STATUS
EFIAPI
diff --git a/SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf b/SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf index 76ea4924a4..25b7260f72 100644 --- a/SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf +++ b/SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf @@ -4,7 +4,7 @@ # This library helps to use TPM 1.2 device in library function API
# based on TCG protocol.
#
-# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -21,7 +21,7 @@ FILE_GUID = 4D8B77D9-E923-48f8-B070-4053D78B7E56
MODULE_TYPE = BASE
VERSION_STRING = 1.0
- LIBRARY_CLASS = Tpm12DeviceLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER UEFI_APPLICATION UEFI_DRIVER
+ LIBRARY_CLASS = Tpm12DeviceLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER UEFI_APPLICATION UEFI_DRIVER
#
# The following information is for reference only and not required by the build tools.
diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Capability.c b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Capability.c index b11a8ac3e2..734cea7c1f 100644 --- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Capability.c +++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Capability.c @@ -48,25 +48,25 @@ typedef struct { /**
This command returns various information regarding the TPM and its current state.
- The capability parameter determines the category of data returned. The property parameter
- selects the first value of the selected category to be returned. If there is no property
+ The capability parameter determines the category of data returned. The property parameter
+ selects the first value of the selected category to be returned. If there is no property
that corresponds to the value of property, the next higher value is returned, if it exists.
- The moreData parameter will have a value of YES if there are more values of the requested
+ The moreData parameter will have a value of YES if there are more values of the requested
type that were not returned.
- If no next capability exists, the TPM will return a zero-length list and moreData will have
+ If no next capability exists, the TPM will return a zero-length list and moreData will have
a value of NO.
- NOTE:
- To simplify this function, leave returned CapabilityData for caller to unpack since there are
+ NOTE:
+ To simplify this function, leave returned CapabilityData for caller to unpack since there are
many capability categories and only few categories will be used in firmware. It means the caller
need swap the byte order for the feilds in CapabilityData.
@param[in] Capability Group selection; determines the format of the response.
- @param[in] Property Further definition of information.
+ @param[in] Property Further definition of information.
@param[in] PropertyCount Number of properties of the indicated type to return.
@param[out] MoreData Flag to indicate if there are more values of this type.
@param[out] CapabilityData The capability data.
-
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
**/
@@ -95,10 +95,10 @@ Tpm2GetCapability ( SendBuffer.Capability = SwapBytes32 (Capability);
SendBuffer.Property = SwapBytes32 (Property);
SendBuffer.PropertyCount = SwapBytes32 (PropertyCount);
-
+
SendBufferSize = (UINT32) sizeof (SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
-
+
//
// send Tpm command
//
@@ -128,7 +128,7 @@ Tpm2GetCapability ( // Does not unpack all possiable property here, the caller should unpack it and note the byte order.
//
CopyMem (CapabilityData, &RecvBuffer.CapabilityData, RecvBufferSize - sizeof (TPM2_RESPONSE_HEADER) - sizeof (UINT8));
-
+
return EFI_SUCCESS;
}
@@ -138,7 +138,7 @@ Tpm2GetCapability ( This function parse the value got from TPM2_GetCapability and return the Family.
@param[out] Family The Family of TPM. (a 4-octet character string)
-
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
**/
@@ -150,13 +150,13 @@ Tpm2GetCapabilityFamily ( {
TPMS_CAPABILITY_DATA TpmCap;
TPMI_YES_NO MoreData;
- EFI_STATUS Status;
+ EFI_STATUS Status;
Status = Tpm2GetCapability (
- TPM_CAP_TPM_PROPERTIES,
- TPM_PT_FAMILY_INDICATOR,
- 1,
- &MoreData,
+ TPM_CAP_TPM_PROPERTIES,
+ TPM_PT_FAMILY_INDICATOR,
+ 1,
+ &MoreData,
&TpmCap
);
if (EFI_ERROR (Status)) {
@@ -173,7 +173,7 @@ Tpm2GetCapabilityFamily ( This function parse the value got from TPM2_GetCapability and return the TPM manufacture ID.
@param[out] ManufactureId The manufacture ID of TPM.
-
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
**/
@@ -185,13 +185,13 @@ Tpm2GetCapabilityManufactureID ( {
TPMS_CAPABILITY_DATA TpmCap;
TPMI_YES_NO MoreData;
- EFI_STATUS Status;
+ EFI_STATUS Status;
Status = Tpm2GetCapability (
- TPM_CAP_TPM_PROPERTIES,
- TPM_PT_MANUFACTURER,
- 1,
- &MoreData,
+ TPM_CAP_TPM_PROPERTIES,
+ TPM_PT_MANUFACTURER,
+ 1,
+ &MoreData,
&TpmCap
);
if (EFI_ERROR (Status)) {
@@ -209,7 +209,7 @@ Tpm2GetCapabilityManufactureID ( @param[out] FirmwareVersion1 The FirmwareVersion1.
@param[out] FirmwareVersion2 The FirmwareVersion2.
-
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
**/
@@ -222,13 +222,13 @@ Tpm2GetCapabilityFirmwareVersion ( {
TPMS_CAPABILITY_DATA TpmCap;
TPMI_YES_NO MoreData;
- EFI_STATUS Status;
+ EFI_STATUS Status;
Status = Tpm2GetCapability (
- TPM_CAP_TPM_PROPERTIES,
- TPM_PT_FIRMWARE_VERSION_1,
- 1,
- &MoreData,
+ TPM_CAP_TPM_PROPERTIES,
+ TPM_PT_FIRMWARE_VERSION_1,
+ 1,
+ &MoreData,
&TpmCap
);
if (EFI_ERROR (Status)) {
@@ -237,10 +237,10 @@ Tpm2GetCapabilityFirmwareVersion ( *FirmwareVersion1 = SwapBytes32 (TpmCap.data.tpmProperties.tpmProperty->value);
Status = Tpm2GetCapability (
- TPM_CAP_TPM_PROPERTIES,
- TPM_PT_FIRMWARE_VERSION_2,
- 1,
- &MoreData,
+ TPM_CAP_TPM_PROPERTIES,
+ TPM_PT_FIRMWARE_VERSION_2,
+ 1,
+ &MoreData,
&TpmCap
);
if (EFI_ERROR (Status)) {
@@ -258,7 +258,7 @@ Tpm2GetCapabilityFirmwareVersion ( @param[out] MaxCommandSize The maximum value for commandSize in a command.
@param[out] MaxResponseSize The maximum value for responseSize in a command.
-
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
**/
@@ -274,10 +274,10 @@ Tpm2GetCapabilityMaxCommandResponseSize ( EFI_STATUS Status;
Status = Tpm2GetCapability (
- TPM_CAP_TPM_PROPERTIES,
- TPM_PT_MAX_COMMAND_SIZE,
- 1,
- &MoreData,
+ TPM_CAP_TPM_PROPERTIES,
+ TPM_PT_MAX_COMMAND_SIZE,
+ 1,
+ &MoreData,
&TpmCap
);
if (EFI_ERROR (Status)) {
@@ -287,10 +287,10 @@ Tpm2GetCapabilityMaxCommandResponseSize ( *MaxCommandSize = SwapBytes32 (TpmCap.data.tpmProperties.tpmProperty->value);
Status = Tpm2GetCapability (
- TPM_CAP_TPM_PROPERTIES,
- TPM_PT_MAX_RESPONSE_SIZE,
- 1,
- &MoreData,
+ TPM_CAP_TPM_PROPERTIES,
+ TPM_PT_MAX_RESPONSE_SIZE,
+ 1,
+ &MoreData,
&TpmCap
);
if (EFI_ERROR (Status)) {
@@ -298,17 +298,17 @@ Tpm2GetCapabilityMaxCommandResponseSize ( }
*MaxResponseSize = SwapBytes32 (TpmCap.data.tpmProperties.tpmProperty->value);
- return EFI_SUCCESS;
+ return EFI_SUCCESS;
}
/**
This command returns Returns a list of TPMS_ALG_PROPERTIES. Each entry is an
- algorithm ID and a set of properties of the algorithm.
+ algorithm ID and a set of properties of the algorithm.
This function parse the value got from TPM2_GetCapability and return the list.
@param[out] AlgList List of algorithm.
-
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
**/
@@ -322,24 +322,24 @@ Tpm2GetCapabilitySupportedAlg ( TPMI_YES_NO MoreData;
UINTN Index;
EFI_STATUS Status;
-
+
Status = Tpm2GetCapability (
- TPM_CAP_ALGS,
- 1,
- MAX_CAP_ALGS,
- &MoreData,
+ TPM_CAP_ALGS,
+ 1,
+ MAX_CAP_ALGS,
+ &MoreData,
&TpmCap
);
if (EFI_ERROR (Status)) {
return Status;
}
-
+
CopyMem (AlgList, &TpmCap.data.algorithms, sizeof (TPML_ALG_PROPERTY));
AlgList->count = SwapBytes32 (AlgList->count);
if (AlgList->count > MAX_CAP_ALGS) {
DEBUG ((DEBUG_ERROR, "Tpm2GetCapabilitySupportedAlg - AlgList->count error %x\n", AlgList->count));
- return EFI_DEVICE_ERROR;
+ return EFI_DEVICE_ERROR;
}
for (Index = 0; Index < AlgList->count; Index++) {
@@ -356,7 +356,7 @@ Tpm2GetCapabilitySupportedAlg ( This function parse the value got from TPM2_GetCapability and return the LockoutCounter.
@param[out] LockoutCounter The LockoutCounter of TPM.
-
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
**/
@@ -368,13 +368,13 @@ Tpm2GetCapabilityLockoutCounter ( {
TPMS_CAPABILITY_DATA TpmCap;
TPMI_YES_NO MoreData;
- EFI_STATUS Status;
+ EFI_STATUS Status;
Status = Tpm2GetCapability (
- TPM_CAP_TPM_PROPERTIES,
- TPM_PT_LOCKOUT_COUNTER,
- 1,
- &MoreData,
+ TPM_CAP_TPM_PROPERTIES,
+ TPM_PT_LOCKOUT_COUNTER,
+ 1,
+ &MoreData,
&TpmCap
);
if (EFI_ERROR (Status)) {
@@ -391,7 +391,7 @@ Tpm2GetCapabilityLockoutCounter ( This function parse the value got from TPM2_GetCapability and return the LockoutInterval.
@param[out] LockoutInterval The LockoutInterval of TPM.
-
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
**/
@@ -403,13 +403,13 @@ Tpm2GetCapabilityLockoutInterval ( {
TPMS_CAPABILITY_DATA TpmCap;
TPMI_YES_NO MoreData;
- EFI_STATUS Status;
+ EFI_STATUS Status;
Status = Tpm2GetCapability (
- TPM_CAP_TPM_PROPERTIES,
- TPM_PT_LOCKOUT_INTERVAL,
- 1,
- &MoreData,
+ TPM_CAP_TPM_PROPERTIES,
+ TPM_PT_LOCKOUT_INTERVAL,
+ 1,
+ &MoreData,
&TpmCap
);
if (EFI_ERROR (Status)) {
@@ -427,7 +427,7 @@ Tpm2GetCapabilityLockoutInterval ( @param[out] InputBufferSize The InputBufferSize of TPM.
the maximum size of a parameter (typically, a TPM2B_MAX_BUFFER)
-
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
**/
@@ -439,13 +439,13 @@ Tpm2GetCapabilityInputBufferSize ( {
TPMS_CAPABILITY_DATA TpmCap;
TPMI_YES_NO MoreData;
- EFI_STATUS Status;
+ EFI_STATUS Status;
Status = Tpm2GetCapability (
- TPM_CAP_TPM_PROPERTIES,
- TPM_PT_INPUT_BUFFER,
- 1,
- &MoreData,
+ TPM_CAP_TPM_PROPERTIES,
+ TPM_PT_INPUT_BUFFER,
+ 1,
+ &MoreData,
&TpmCap
);
if (EFI_ERROR (Status)) {
@@ -462,7 +462,7 @@ Tpm2GetCapabilityInputBufferSize ( This function parse the value got from TPM2_GetCapability and return the PcrSelection.
@param[out] Pcrs The Pcr Selection
-
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
**/
@@ -478,10 +478,10 @@ Tpm2GetCapabilityPcrs ( UINTN Index;
Status = Tpm2GetCapability (
- TPM_CAP_PCRS,
- 0,
- 1,
- &MoreData,
+ TPM_CAP_PCRS,
+ 0,
+ 1,
+ &MoreData,
&TpmCap
);
if (EFI_ERROR (Status)) {
@@ -605,7 +605,7 @@ Tpm2GetCapabilitySupportedAndActivePcrs ( This function parse the value got from TPM2_GetCapability and return the AlgorithmSet.
@param[out] AlgorithmSet The AlgorithmSet of TPM.
-
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
**/
@@ -617,13 +617,13 @@ Tpm2GetCapabilityAlgorithmSet ( {
TPMS_CAPABILITY_DATA TpmCap;
TPMI_YES_NO MoreData;
- EFI_STATUS Status;
+ EFI_STATUS Status;
Status = Tpm2GetCapability (
- TPM_CAP_TPM_PROPERTIES,
- TPM_PT_ALGORITHM_SET,
- 1,
- &MoreData,
+ TPM_CAP_TPM_PROPERTIES,
+ TPM_PT_ALGORITHM_SET,
+ 1,
+ &MoreData,
&TpmCap
);
if (EFI_ERROR (Status)) {
diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Context.c b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Context.c index 02a250127a..b9c86d76a0 100644 --- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Context.c +++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Context.c @@ -1,7 +1,7 @@ /** @file
Implement TPM2 Context related command.
-Copyright (c) 2014, Intel Corporation. All rights reserved. <BR>
+Copyright (c) 2014 - 2018, Intel Corporation. All rights reserved. <BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -36,7 +36,7 @@ typedef struct { This command causes all context associated with a loaded object or session to be removed from TPM memory.
@param[in] FlushHandle The handle of the item to flush.
-
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
**/
@@ -59,7 +59,7 @@ Tpm2FlushContext ( SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_FlushContext);
SendBuffer.FlushHandle = SwapBytes32 (FlushHandle);
-
+
SendBufferSize = (UINT32) sizeof (SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2EnhancedAuthorization.c b/SecurityPkg/Library/Tpm2CommandLib/Tpm2EnhancedAuthorization.c index a7a7bf2c65..9bf24da7a7 100644 --- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2EnhancedAuthorization.c +++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2EnhancedAuthorization.c @@ -87,7 +87,7 @@ typedef struct { @param[in] Expiration Time when authorization will expire, measured in seconds from the time that nonceTPM was generated.
@param[out] Timeout Time value used to indicate to the TPM when the ticket expires.
@param[out] PolicyTicket A ticket that includes a value indicating when the authorization expires.
-
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
**/
@@ -120,7 +120,7 @@ Tpm2PolicySecret ( SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_PolicySecret);
SendBuffer.AuthHandle = SwapBytes32 (AuthHandle);
SendBuffer.PolicySession = SwapBytes32 (PolicySession);
-
+
//
// Add in Auth session
//
@@ -148,7 +148,7 @@ Tpm2PolicySecret ( Buffer += sizeof(UINT16);
CopyMem (Buffer, PolicyRef->buffer, PolicyRef->size);
Buffer += PolicyRef->size;
-
+
WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32((UINT32)Expiration));
Buffer += sizeof(UINT32);
@@ -220,7 +220,7 @@ Done: @param[in] PolicySession Handle for the policy session being extended.
@param[in] HashList the list of hashes to check for a match.
-
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
**/
@@ -285,7 +285,7 @@ Tpm2PolicyOR ( @param[in] PolicySession Handle for the policy session being extended.
@param[in] Code The allowed commandCode.
-
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
**/
@@ -341,7 +341,7 @@ Tpm2PolicyCommandCode ( @param[in] PolicySession Handle for the policy session.
@param[out] PolicyHash the current value of the policyHash of policySession.
-
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
**/
diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Help.c b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Help.c index cc77785de1..6b2b6b4008 100644 --- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Help.c +++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Help.c @@ -97,7 +97,7 @@ CopyAuthSessionCommand ( UINT8 *Buffer;
Buffer = (UINT8 *)AuthSessionOut;
-
+
//
// Add in Auth session
//
diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Hierarchy.c b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Hierarchy.c index 9bfbdad394..27fc6e2965 100644 --- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Hierarchy.c +++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Hierarchy.c @@ -1,7 +1,7 @@ /** @file
Implement TPM2 Hierarchy related command.
-Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved. <BR>
+Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. <BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -214,7 +214,7 @@ Done: @param[in] AuthHandle TPM_RH_LOCKOUT or TPM_RH_PLATFORM+{PP}
@param[in] AuthSession Auth Session context
-
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR Unexpected device behavior.
**/
@@ -455,8 +455,8 @@ Tpm2HierarchyChangeAuth ( // Call the TPM
//
Status = Tpm2SubmitCommand (
- CmdSize,
- (UINT8 *)&Cmd,
+ CmdSize,
+ (UINT8 *)&Cmd,
&ResultBufSize,
ResultBuf
);
@@ -553,8 +553,8 @@ Tpm2ChangeEPS ( // Call the TPM
//
Status = Tpm2SubmitCommand (
- CmdSize,
- (UINT8 *)&Cmd,
+ CmdSize,
+ (UINT8 *)&Cmd,
&ResultBufSize,
ResultBuf
);
@@ -651,8 +651,8 @@ Tpm2ChangePPS ( // Call the TPM
//
Status = Tpm2SubmitCommand (
- CmdSize,
- (UINT8 *)&Cmd,
+ CmdSize,
+ (UINT8 *)&Cmd,
&ResultBufSize,
ResultBuf
);
@@ -759,8 +759,8 @@ Tpm2HierarchyControl ( // Call the TPM
//
Status = Tpm2SubmitCommand (
- CmdSize,
- (UINT8 *)&Cmd,
+ CmdSize,
+ (UINT8 *)&Cmd,
&ResultBufSize,
ResultBuf
);
diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c index af52322c27..741fe031a9 100644 --- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c +++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c @@ -120,16 +120,16 @@ Tpm2PcrExtend ( // Add in Auth session
//
Buffer = (UINT8 *)&Cmd.AuthSessionPcr;
-
+
// sessionInfoSize
SessionInfoSize = CopyAuthSessionCommand (NULL, Buffer);
Buffer += SessionInfoSize;
Cmd.AuthorizationSize = SwapBytes32(SessionInfoSize);
-
+
//Digest Count
WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32(Digests->count));
Buffer += sizeof(UINT32);
-
+
//Digest
for (Index = 0; Index < Digests->count; Index++) {
WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16(Digests->digests[Index].hashAlg));
@@ -241,7 +241,7 @@ Tpm2PcrEvent ( CopyMem (Buffer, EventData->buffer, EventData->size);
Buffer += EventData->size;
-
+
CmdSize = (UINT32)((UINTN)Buffer - (UINTN)&Cmd);
Cmd.Header.paramSize = SwapBytes32(CmdSize);
@@ -311,7 +311,7 @@ Tpm2PcrEvent ( @param[out] PcrUpdateCounter The current value of the PCR update counter.
@param[out] PcrSelectionOut The PCR in the returned list.
@param[out] PcrValues The contents of the PCR indicated in pcrSelect.
-
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
**/
@@ -338,7 +338,7 @@ Tpm2PcrRead ( //
SendBuffer.Header.tag = SwapBytes16(TPM_ST_NO_SESSIONS);
SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_PCR_Read);
-
+
SendBuffer.PcrSelectionIn.count = SwapBytes32(PcrSelectionIn->count);
for (Index = 0; Index < PcrSelectionIn->count; Index++) {
SendBuffer.PcrSelectionIn.pcrSelections[Index].hash = SwapBytes16(PcrSelectionIn->pcrSelections[Index].hash);
@@ -442,7 +442,7 @@ Tpm2PcrRead ( @param[out] MaxPCR maximum number of PCR that may be in a bank
@param[out] SizeNeeded number of octets required to satisfy the request
@param[out] SizeAvailable Number of octets available. Computed before the allocation
-
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
**/
@@ -509,8 +509,8 @@ Tpm2PcrAllocate ( // Call the TPM
//
Status = Tpm2SubmitCommand (
- CmdSize,
- (UINT8 *)&Cmd,
+ CmdSize,
+ (UINT8 *)&Cmd,
&ResultBufSize,
ResultBuf
);
@@ -566,7 +566,7 @@ Done: @param[in] PlatformAuth platform auth value. NULL means no platform auth change.
@param[in] SupportedPCRBanks Supported PCR banks
@param[in] PCRBanks PCR banks
-
+
@retval EFI_SUCCESS Operation completed successfully.
**/
EFI_STATUS
@@ -692,4 +692,4 @@ Tpm2PcrAllocateBanks ( Done:
ZeroMem(&LocalAuthSession.hmac, sizeof(LocalAuthSession.hmac));
return Status;
-}
\ No newline at end of file +}
diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2NVStorage.c b/SecurityPkg/Library/Tpm2CommandLib/Tpm2NVStorage.c index 14b1095241..ed30407185 100644 --- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2NVStorage.c +++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2NVStorage.c @@ -162,7 +162,7 @@ typedef struct { @param[in] NvIndex The NV Index.
@param[out] NvPublic The public area of the index.
@param[out] NvName The Name of the nvIndex.
-
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
@retval EFI_NOT_FOUND The command was returned successfully, but NvIndex is not found.
@@ -192,7 +192,7 @@ Tpm2NvReadPublic ( SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_NV_ReadPublic);
SendBuffer.NvIndex = SwapBytes32 (NvIndex);
-
+
SendBufferSize = (UINT32) sizeof (SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
@@ -265,7 +265,7 @@ Tpm2NvReadPublic ( CopyMem (NvName->name, (UINT8 *)&RecvBuffer + sizeof(TPM2_RESPONSE_HEADER) + sizeof(UINT16) + NvPublicSize + sizeof(UINT16), NvNameSize);
NvName->size = NvNameSize;
-
+
return EFI_SUCCESS;
}
@@ -278,7 +278,7 @@ Tpm2NvReadPublic ( @param[in] AuthSession Auth Session context
@param[in] Auth The authorization data.
@param[in] NvPublic The public area of the index.
-
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
@retval EFI_ALREADY_STARTED The command was returned successfully, but NvIndex is already defined.
@@ -414,7 +414,7 @@ Done: @param[in] AuthHandle TPM_RH_OWNER or TPM_RH_PLATFORM+{PP}.
@param[in] NvIndex The NV Index.
@param[in] AuthSession Auth Session context
-
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
@retval EFI_NOT_FOUND The command was returned successfully, but NvIndex is not found.
@@ -521,7 +521,7 @@ Done: @param[in] Size Number of bytes to read.
@param[in] Offset Byte offset into the area.
@param[in,out] OutData The data read.
-
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
@retval EFI_NOT_FOUND The command was returned successfully, but NvIndex is not found.
@@ -648,7 +648,7 @@ Tpm2NvRead ( }
CopyMem (OutData->buffer, &RecvBuffer.Data.buffer, OutData->size);
-
+
Done:
//
// Clear AuthSession Content
@@ -666,7 +666,7 @@ Done: @param[in] AuthSession Auth Session context
@param[in] InData The data to write.
@param[in] Offset The offset into the NV Area.
-
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
@retval EFI_NOT_FOUND The command was returned successfully, but NvIndex is not found.
diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Sequences.c b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Sequences.c index 90877768d3..3322548f6f 100644 --- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Sequences.c +++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Sequences.c @@ -90,7 +90,7 @@ typedef struct { @param[in] HashAlg The hash algorithm to use for the hash sequence
An Event sequence starts if this is TPM_ALG_NULL.
@param[out] SequenceHandle A handle to reference the sequence
-
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR Unexpected device behavior.
**/
@@ -178,7 +178,7 @@ Tpm2HashSequenceStart ( @param[in] SequenceHandle Handle for the sequence object
@param[in] Buffer Data to be added to hash
-
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR Unexpected device behavior.
**/
@@ -277,7 +277,7 @@ Tpm2SequenceUpdate ( @param[in] SequenceHandle Authorization for the sequence
@param[in] Buffer Data to be added to the Event
@param[out] Results List of digests computed for the PCR
-
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR Unexpected device behavior.
**/
@@ -408,7 +408,7 @@ Tpm2EventSequenceComplete ( @param[in] SequenceHandle Authorization for the sequence
@param[in] Buffer Data to be added to the hash/HMAC
@param[out] Result The returned HMAC or digest in a sized buffer
-
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR Unexpected device behavior.
**/
diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Session.c b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Session.c index 35ad86a17a..65b15cb23c 100644 --- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Session.c +++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Session.c @@ -53,7 +53,7 @@ typedef struct { @param[in] AuthHash Hash algorithm to use for the session.
@param[out] SessionHandle Handle for the newly created session.
@param[out] NonceTPM The initial nonce from the TPM, used in the computation of the sessionKey.
-
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
**/
@@ -136,7 +136,7 @@ Tpm2StartAuthSession ( WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (AuthHash));
Buffer += sizeof(UINT16);
-
+
SendBufferSize = (UINT32) ((UINTN)Buffer - (UINTN)&SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.c b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.c index e9dad4a3b0..815a149c3d 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.c +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.c @@ -53,7 +53,7 @@ Tpm2GetIdleByPass ( @retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received.
@retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device.
- @retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
+ @retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
**/
EFI_STATUS
EFIAPI
@@ -87,7 +87,7 @@ DTpm2RequestUseTpm ( @retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received.
@retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device.
- @retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
+ @retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
**/
EFI_STATUS
EFIAPI
@@ -142,7 +142,7 @@ Tpm2RegisterTpm2DeviceLib ( /**
The function caches current active TPM interface type.
-
+
@retval EFI_SUCCESS DTPM2.0 instance is registered, or system dose not surpport registr DTPM2.0 instance
**/
EFI_STATUS
diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf index 2e54a78cc0..b41c6cbd2d 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf @@ -55,4 +55,4 @@ [Pcd]
gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress ## CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdActiveTpmInterfaceType ## PRODUCES
- gEfiSecurityPkgTokenSpaceGuid.PcdCRBIdleByPass ## PRODUCES
\ No newline at end of file + gEfiSecurityPkgTokenSpaceGuid.PcdCRBIdleByPass ## PRODUCES
diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.c b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.c index 5f6e163c0f..9bcf7a8a06 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.c +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.c @@ -66,7 +66,7 @@ DumpPtpInfo ( @retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received.
@retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device.
- @retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
+ @retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
**/
EFI_STATUS
EFIAPI
@@ -98,7 +98,7 @@ TPM2_DEVICE_INTERFACE mDTpm2InternalTpm2Device = { /**
The function register DTPM2.0 instance and caches current active TPM interface type.
-
+
@retval EFI_SUCCESS DTPM2.0 instance is registered, or system dose not surpport registr DTPM2.0 instance
**/
EFI_STATUS
diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf index 24e4c35d55..b418e7380b 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf @@ -51,4 +51,4 @@ [Pcd]
gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress ## CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdActiveTpmInterfaceType ## PRODUCES
- gEfiSecurityPkgTokenSpaceGuid.PcdCRBIdleByPass ## PRODUCES
\ No newline at end of file + gEfiSecurityPkgTokenSpaceGuid.PcdCRBIdleByPass ## PRODUCES
diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Tis.c b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Tis.c index 0889162592..6f390bf5c9 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Tis.c +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Tis.c @@ -1,14 +1,14 @@ /** @file
TIS (TPM Interface Specification) functions used by dTPM2.0 library.
-
+
Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
(C) Copyright 2015 Hewlett Packard Enterprise Development LP<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -46,7 +46,7 @@ TisPcPresenceCheck ( )
{
UINT8 RegRead;
-
+
RegRead = MmioRead8 ((UINTN)&TisReg->Access);
return (BOOLEAN)(RegRead != (UINT8)-1);
}
@@ -83,7 +83,7 @@ TisPcWaitRegisterBits ( }
/**
- Get BurstCount by reading the burstCount field of a TIS regiger
+ Get BurstCount by reading the burstCount field of a TIS regiger
in the time of default TIS_TIMEOUT_D.
@param[in] TisReg Pointer to TIS register.
@@ -127,7 +127,7 @@ TisPcReadBurstCount ( }
/**
- Set TPM chip to ready state by sending ready command TIS_PC_STS_READY
+ Set TPM chip to ready state by sending ready command TIS_PC_STS_READY
to Status Register in time.
@param[in] TisReg Pointer to TIS register.
@@ -158,7 +158,7 @@ TisPcPrepareCommand ( }
/**
- Get the control of TPM chip by sending requestUse command TIS_PC_ACC_RQUUSE
+ Get the control of TPM chip by sending requestUse command TIS_PC_ACC_RQUUSE
to ACCESS Register in the time of default TIS_TIMEOUT_A.
@param[in] TisReg Pointer to TIS register.
@@ -174,11 +174,11 @@ TisPcRequestUseTpm ( )
{
EFI_STATUS Status;
-
+
if (TisReg == NULL) {
return EFI_INVALID_PARAMETER;
}
-
+
if (!TisPcPresenceCheck (TisReg)) {
return EFI_NOT_FOUND;
}
@@ -196,12 +196,12 @@ TisPcRequestUseTpm ( /**
Send a command to TPM for execution and return response data.
- @param[in] TisReg TPM register space base address.
- @param[in] BufferIn Buffer for command data.
- @param[in] SizeIn Size of command data.
- @param[in, out] BufferOut Buffer for response data.
- @param[in, out] SizeOut Size of response data.
-
+ @param[in] TisReg TPM register space base address.
+ @param[in] BufferIn Buffer for command data.
+ @param[in] SizeIn Size of command data.
+ @param[in, out] BufferOut Buffer for response data.
+ @param[in, out] SizeOut Size of response data.
+
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_BUFFER_TOO_SMALL Response data buffer is too small.
@retval EFI_DEVICE_ERROR Unexpected device behavior.
@@ -403,7 +403,7 @@ Exit: @retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received.
@retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device.
- @retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
+ @retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
**/
EFI_STATUS
EFIAPI
diff --git a/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.c b/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.c index eedc439228..d8d391cba1 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.c +++ b/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.c @@ -3,7 +3,7 @@ via PcdTpmInstanceGuid. Platform need make choice that which one will be final one.
At most one TPM2 instance can be finally registered, and other will return unsupported.
-Copyright (c) 2013 - 2017, Intel Corporation. All rights reserved. <BR>
+Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. <BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -32,7 +32,7 @@ TPM2_DEVICE_INTERFACE mInternalTpm2DeviceInterface; @retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received.
@retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device.
- @retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
+ @retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
**/
EFI_STATUS
EFIAPI
diff --git a/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf b/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf index 28f381c7be..26684f9864 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf +++ b/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf @@ -5,7 +5,7 @@ # it via PcdTpmInstanceGuid. Platform need make choice that which one will be final one.
# At most one TPM 2.0 instance can be finally registered, and other will return unsupported.
#
-# Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -22,7 +22,7 @@ FILE_GUID = C3D69D87-5200-4aab-A6DB-2569BA1A92FC
MODULE_TYPE = DXE_DRIVER
VERSION_STRING = 1.0
- LIBRARY_CLASS = Tpm2DeviceLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
+ LIBRARY_CLASS = Tpm2DeviceLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
#
# The following information is for reference only and not required by the build tools.
diff --git a/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterPei.c b/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterPei.c index 7470fe347d..980a2a0550 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterPei.c +++ b/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterPei.c @@ -3,7 +3,7 @@ via PcdTpmInstanceGuid. Platform need make choice that which one will be final one.
At most one TPM2 instance can be finally registered, and other will return unsupported.
-Copyright (c) 2013 - 2017, Intel Corporation. All rights reserved. <BR>
+Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. <BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -54,7 +54,7 @@ InternalGetTpm2DeviceInterface ( @retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received.
@retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device.
- @retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
+ @retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
**/
EFI_STATUS
EFIAPI
diff --git a/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterPei.inf b/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterPei.inf index 2eca146dd2..877cf95bc1 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterPei.inf +++ b/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterPei.inf @@ -5,7 +5,7 @@ # it via PcdTpmInstanceGuid. Platform need make choice that which one will be final one.
# At most one TPM 2.0 instance can be finally registered, and other will return unsupported.
#
-# Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -46,4 +46,4 @@ [Pcd]
gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid ## CONSUMES
-
\ No newline at end of file +
diff --git a/SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.c b/SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.c index 1d59050a0b..ca40a2324d 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.c +++ b/SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.c @@ -1,7 +1,7 @@ /** @file
This library is TPM2 TCG2 protocol lib.
-Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved. <BR>
+Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. <BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -20,7 +20,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #include <Protocol/Tcg2Protocol.h>
#include <IndustryStandard/Tpm20.h>
-EFI_TCG2_PROTOCOL *mTcg2Protocol = NULL;
+EFI_TCG2_PROTOCOL *mTcg2Protocol = NULL;
/**
This service enables the sending of commands to the TPM2.
@@ -32,7 +32,7 @@ EFI_TCG2_PROTOCOL *mTcg2Protocol = NULL; @retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received.
@retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device.
- @retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
+ @retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
**/
EFI_STATUS
EFIAPI
diff --git a/SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf b/SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf index 6d95ebdd50..cffc4afb4d 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf +++ b/SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf @@ -4,7 +4,7 @@ # This library helps to use TPM 2.0 device in library function API
# based on TPM2 protocol.
#
-# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -21,7 +21,7 @@ FILE_GUID = A1B0B230-67DC-431E-A94A-A96AF1EBE637
MODULE_TYPE = DXE_DRIVER
VERSION_STRING = 1.0
- LIBRARY_CLASS = Tpm2DeviceLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
+ LIBRARY_CLASS = Tpm2DeviceLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
#
# The following information is for reference only and not required by the build tools.
diff --git a/SecurityPkg/Library/TpmCommLib/CommonHeader.h b/SecurityPkg/Library/TpmCommLib/CommonHeader.h index b8496c7276..10839c95b2 100644 --- a/SecurityPkg/Library/TpmCommLib/CommonHeader.h +++ b/SecurityPkg/Library/TpmCommLib/CommonHeader.h @@ -1,13 +1,13 @@ /** @file
The intenal header file for TpmCommLib.
-Copyright (c) 2006 - 2010, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
+Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
diff --git a/SecurityPkg/Library/TpmCommLib/TisPc.c b/SecurityPkg/Library/TpmCommLib/TisPc.c index c157d41b72..77bf70c246 100644 --- a/SecurityPkg/Library/TpmCommLib/TisPc.c +++ b/SecurityPkg/Library/TpmCommLib/TisPc.c @@ -1,13 +1,13 @@ /** @file
Basic TIS (TPM Interface Specification) functions.
-Copyright (c) 2005 - 2012, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
+Copyright (c) 2005 - 2018, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -28,7 +28,7 @@ TisPcPresenceCheck ( )
{
UINT8 RegRead;
-
+
RegRead = MmioRead8 ((UINTN)&TisReg->Access);
return (BOOLEAN)(RegRead != (UINT8)-1);
}
@@ -66,7 +66,7 @@ TisPcWaitRegisterBits ( }
/**
- Get BurstCount by reading the burstCount field of a TIS regiger
+ Get BurstCount by reading the burstCount field of a TIS regiger
in the time of default TIS_TIMEOUT_D.
@param[in] TisReg Pointer to TIS register.
@@ -111,7 +111,7 @@ TisPcReadBurstCount ( }
/**
- Set TPM chip to ready state by sending ready command TIS_PC_STS_READY
+ Set TPM chip to ready state by sending ready command TIS_PC_STS_READY
to Status Register in time.
@param[in] TisReg Pointer to TIS register.
@@ -143,7 +143,7 @@ TisPcPrepareCommand ( }
/**
- Get the control of TPM chip by sending requestUse command TIS_PC_ACC_RQUUSE
+ Get the control of TPM chip by sending requestUse command TIS_PC_ACC_RQUUSE
to ACCESS Register in the time of default TIS_TIMEOUT_A.
@param[in] TisReg Pointer to TIS register.
@@ -160,11 +160,11 @@ TisPcRequestUseTpm ( )
{
EFI_STATUS Status;
-
+
if (TisReg == NULL) {
return EFI_INVALID_PARAMETER;
}
-
+
if (!TisPcPresenceCheck (TisReg)) {
return EFI_NOT_FOUND;
}
diff --git a/SecurityPkg/Library/TpmCommLib/TpmComm.c b/SecurityPkg/Library/TpmCommLib/TpmComm.c index 3197f96a99..69f5f5c05b 100644 --- a/SecurityPkg/Library/TpmCommLib/TpmComm.c +++ b/SecurityPkg/Library/TpmCommLib/TpmComm.c @@ -1,13 +1,13 @@ /** @file
Basic TPM command functions.
-Copyright (c) 2005 - 2010, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
+Copyright (c) 2005 - 2018, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -21,7 +21,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. @param[in] Data Raw data to be digested.
@param[in] DataLen Size of the raw data.
@param[out] Digest Pointer to a buffer that stores the final digest.
-
+
@retval EFI_SUCCESS Always successfully calculate the final digest.
**/
EFI_STATUS
diff --git a/SecurityPkg/Library/TpmCommLib/TpmCommLib.inf b/SecurityPkg/Library/TpmCommLib/TpmCommLib.inf index 7f05f59711..9ca66d1805 100644 --- a/SecurityPkg/Library/TpmCommLib/TpmCommLib.inf +++ b/SecurityPkg/Library/TpmCommLib/TpmCommLib.inf @@ -1,10 +1,10 @@ ## @file
# Provides some common functions for the TCG feature
#
-# This instance provides basic TPM Interface Specification (TIS) functions
+# This instance provides basic TPM Interface Specification (TIS) functions
# and TPM hashall function.
#
-# Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
|