summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* SecurityPkg: SecureBootConfigDxe: Change KEY_TRANS_SECURE_BOOT_MODE valueChao Zhang2016-01-151-2/+2
| | | | | | | | | | | Change KEY_TRANS_SECURE_BOOT_MODE value, as it conflicts with OPTION_DEL_KEK_QUESTION_ID. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Qin Long <qin.long@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19644 6f19259b-4bc3-4df7-8a09-765794883524
* NetworkPkg: Remove DNS QType and QClass definitionJiaxin Wu2016-01-141-14/+1
| | | | | | | | | | | | | | | | This patch is used to remove DNS QType and QClass definition in DnsImpl.h since it will be exposed in NetLib.h. Cc: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com> Cc: Ye Ting <ting.ye@intel.com> Cc: Fu Siyuan <siyuan.fu@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com> Reviewed-by: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19643 6f19259b-4bc3-4df7-8a09-765794883524
* MdeModulePkg: Add DNS QType and QClass values definitionJiaxin Wu2016-01-141-1/+28
| | | | | | | | | | | | | | | | This patch is used to add DNS QType and QClass values definition in NetLib.h Cc: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com> Cc: Ye Ting <ting.ye@intel.com> Cc: Fu Siyuan <siyuan.fu@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com> Reviewed-by: Hegde Nagaraj P <nagaraj-p.hegde@hpe.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19642 6f19259b-4bc3-4df7-8a09-765794883524
* NetworkPkg: Fix some typos in Http boot driver.Paulo Alcantara2016-01-124-11/+11
| | | | | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Paulo Alcantara <paulo.alc.cavalcanti@hp.com> Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19640 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg: TcgDxe,Tcg2Dxe,TrEEDxe: New PCD for TCG event log and TCG2 ↵Chao Zhang2016-01-128-29/+44
| | | | | | | | | | | | | | | | final event log area TCG event log and TCG2 final event log area length can be configurable to meet platform event log requirement. PcdTcgLogAreaMinLen : 0x10000 based on minimum requirement in TCG ACPI Spec 00.37 PcdTcg2FinalLogAreaLen : 0x8000 based on experience value Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> Reviewed-by: Qin Long <qin.long@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19639 6f19259b-4bc3-4df7-8a09-765794883524
* BaseTools AARCH64: build XIP modules with strict alignmentArd Biesheuvel2016-01-111-1/+8
| | | | | | | | | | | | | | | | | | GCC for AARCH64 recognizes byte swapping load and store sequences and may replace them with wider loads or stores combined with rev instructions. In some cases (i.e., with GCC version 5 and later) this may result in unaligned accesses, which are not allowed before we turn the MMU on. So build any modules or static libraries that may execute with the MMU off with -mstrict-align. Other modules don't need this switch, so we can remove it from the CLANG35/AARCH64 common CC flags. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19638 6f19259b-4bc3-4df7-8a09-765794883524
* BaseTools AARCH64: add separate GCC build rule for XIP objectsArd Biesheuvel2016-01-111-0/+13
| | | | | | | | | | | | | This introduces a special .c to .obj build rule for GCC/AARCH64 that takes into account additional compiler flags that have been specified via *_*_*_CC_XIPFLAGS. These will be passed after (and in addition to) the ordinary CC_FLAGS. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19637 6f19259b-4bc3-4df7-8a09-765794883524
* BaseTools/VfrCompile: honor CC if it is setMichael Thomas2016-01-111-1/+1
| | | | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Michael Thomas <malinka@entropy-development.com> Reviewed-by: Yonghong Zhu <yonghong.zhu@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19636 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg: Clear AuthSession content after use.Yao, Jiewen2016-01-116-122/+333
| | | | | | | | | | | | | Some commands in Tpm2CommandLib accept AuthSession as input parameter and copy to local command buffer. After use, this AuthSession content should be zeroed, because there might be some secrete there. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com> Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19635 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg: Add Tpm2Startup return code check.Yao, Jiewen2016-01-111-4/+25
| | | | | | | | | | | | Tpm2Startup does not check TPM device return code. It might cause problem, that error is not detected in Tcg2Peim, for example, S3 resume case. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com> Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19634 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg: MOR drivers use Tcg2Protocol instead of TrEE.Yao, Jiewen2016-01-112-2/+2
| | | | | | | | | | | | The official TCG standard uses Tcg2Protocol, instead of TrEE. We should update TCG driver to use Tcg2Protocol, too. TrEE should be used only for old TrEE implementation. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com> Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19633 6f19259b-4bc3-4df7-8a09-765794883524
* MdeModulePkg/NvmExpressDxe: Fix MS toolchain /Od 32bit build failureFeng Tian2016-01-113-19/+10
| | | | | | | | | | | | Note NVME_ACQ & NVME_ASQ internal data structure are changed to make build pass. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Feng Tian <feng.tian@intel.com> Reviewed-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19632 6f19259b-4bc3-4df7-8a09-765794883524
* MdeModulePkg/UfsBlockIoPei: Fix MS toolchain /Od 32bit build failureFeng Tian2016-01-111-2/+2
| | | | | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Feng Tian <feng.tian@intel.com> Reviewed-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19631 6f19259b-4bc3-4df7-8a09-765794883524
* MdeModulePkg: Fix GraphicsConsole driver resolution out of sync issueRuiyu Ni2016-01-111-3/+5
| | | | | | | | | | | | | | | When the GOP doesn't support the resolution specified by PcdVideoHorizontalResolution and PcdVideoVerticalResolution, the code tries to set the resolution to 800x600 but uses the resolution equals to the PCD when calculating the text print position. The patch fixes the bug by updating the resolution to 800x600 for this case. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Jeff Fan <jeff.fan@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19630 6f19259b-4bc3-4df7-8a09-765794883524
* PcAtChipsetPkg SerialIoLib: Fix VS2010 build errorHao Wu2016-01-111-11/+3
| | | | | | | | | | | | | | When overriding compiler options '/GL' with '/GL-', VS2010 will report warning C4701 potentially uninitialized local variable for 'LcrParity' and 'LcrStop' in function SerialPortSetAttributes(). This commit fixes this build issue. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19629 6f19259b-4bc3-4df7-8a09-765794883524
* MdeModulePkg BaseSerialPortLib: Fix VS2010 build errorHao Wu2016-01-111-9/+3
| | | | | | | | | | | | | | When overriding compiler options '/GL' with '/GL-', VS2010 will report warning C4701 potentially uninitialized local variable for 'LcrParity' and 'LcrStop' in function SerialPortSetAttributes(). This commit fixes this build issue. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19628 6f19259b-4bc3-4df7-8a09-765794883524
* StdLib: Fix compilation errors caused by previous commit of daConsole.cDaryl McDaniel2016-01-101-93/+95
| | | | | | | | | | | | | | | Move functions da_ConFlush and da_ConClose to just before da_ConPoll so that they are defined after any calls to them. Replace da_ConFlush with the actual final implementation instead of the initial version which was committed. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Daryl McDaniel <edk2-lists@mc2research.org> Reviewed-by: Michael Zimmermann <sigmaepsilon92@gmail.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19627 6f19259b-4bc3-4df7-8a09-765794883524
* MdeModulePkg: DeleteLoadOptionVariable() removes Boot####Ruiyu Ni2016-01-081-25/+21
| | | | | | | | | | | | | | | | Change EfiBootManagerDeleteLoadOptionVariable() to not just remove #### from BootOrder but also remove Boot#### variable. The old behavior tries to do less for performance but it leaves unreferenced Boot#### which cannot be reclaimed in variable reclaim operation though the Boot#### will be eventually be overwritten by EfiBootManagerAddLoadOptionVariable(). Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19626 6f19259b-4bc3-4df7-8a09-765794883524
* Refine error handle code, avoid assert when load this module twice.Eric Dong2016-01-082-15/+25
| | | | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19625 6f19259b-4bc3-4df7-8a09-765794883524
* MdeModulePkg: Update MNP driver to recycle TX buffer asynchronously.Fu Siyuan2016-01-085-113/+348
| | | | | | | | | | | | This patch updates the MNP driver to recycle TX buffer asynchronously, instead of using a while loop wait after each transmit command. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19624 6f19259b-4bc3-4df7-8a09-765794883524
* MdeModulePkg: update SNP.GetStatus to handle multiple recycled TX buffer.Fu Siyuan2016-01-083-18/+89
| | | | | | | | | | | | | | | This patch fixes a bug in SNP.GetStatus() interface. The UNDI driver may return multiple transmitted buffers in a single GetStatus command, while SNP.GetStatus could only return one pointer each time, the rest of them are lost. This patch fixes this issue by store these recycled pointer in a temporary buffer in SNP driver. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19623 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg : Tpm2DeviceLibDTpm : Rename TisTpmCommand to avoid name collisionSamer El-Haj-Mahmoud2016-01-081-3/+3
| | | | | | | | | | Change TisTpmCommand to Tpm2TisTpmCommand. Makes function name more clear. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Samer El-Haj-Mahmoud <samer.el-haj-mahmoud@hpe.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19622 6f19259b-4bc3-4df7-8a09-765794883524
* QuarkPlatformPkg/PlatformSecureLib: Remove redundant GPIO expander configMichael Kinney2016-01-071-66/+5
| | | | | | | | | | | | | | Remove GPIO expander configuration actions that are now performed in PEI Phase in PlatformInit module. In order to detect physical presence only the state of the Reset Button needs to be read. Cc: Kelly Steele <kelly.steele@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Michael Kinney <michael.d.kinney@intel.com> Reviewed-by: Kelly Steele <kelly.steele@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19621 6f19259b-4bc3-4df7-8a09-765794883524
* QuarkPlatformPkg/PlatformEarlyInit: Configure GPIO expanderMichael Kinney2016-01-073-3/+217
| | | | | | | | | | | | | | Configure GPIO expander in PEI phase 1) Configure all GPIO expander pins connected to Reset Button as inputs 2) Configure multiplexer for I2C to route I2C bus to Arduino Header Cc: Kelly Steele <kelly.steele@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Michael Kinney <michael.d.kinney@intel.com> Reviewed-by: Kelly Steele <kelly.steele@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19620 6f19259b-4bc3-4df7-8a09-765794883524
* QuarkPlatformPkg/PlatformHelperLib: Move PCAL functions for PEI useMichael Kinney2016-01-072-250/+253
| | | | | | | | | | | | | | | The functions used to manage the PCAL GPIO I2C expander are located in a DXE specific source file. Move these functions to a source file that is common to both the PEI and DXE versions of this library so these GPIO pins can be managed from PEIMs. Cc: Kelly Steele <kelly.steele@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Michael Kinney <michael.d.kinney@intel.com> Reviewed-by: Kelly Steele <kelly.steele@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19619 6f19259b-4bc3-4df7-8a09-765794883524
* QuarkPlatformPkg/PlatformInit: Adjust memory bin size to avoid rebootMichael Kinney2016-01-071-5/+5
| | | | | | | | | | | | | | | Update memory bin sizes in Memory Type Information on first boot after FLASH update to avoid reboot when memory bins are too small when all features are enabled. Cc: Kelly Steele <kelly.steele@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Michael Kinney <michael.d.kinney@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Kelly Steele <kelly.steele@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19618 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg/Tcg: Fix debug messagesMichael Kinney2016-01-073-18/+18
| | | | | | | | | | | | | | | | | Debug messages are using a format strings with %s for a Unicode string, but the strings being printed are ASCII strings and this results in corrupted debug messages. Change the the format string to use %a instead of %s. Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Michael Kinney <michael.d.kinney@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19617 6f19259b-4bc3-4df7-8a09-765794883524
* ShellPkg: Clean-up 'map' command error message handlingTapan Shah2016-01-071-41/+40
| | | | | | | | | | Refactor 'map' command error handling code and add standard error message Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Tapan Shah <tapandshah@hpe.com> Reviewed-by: Jaben Carsey <jaben.carsey@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19616 6f19259b-4bc3-4df7-8a09-765794883524
* QuarkSocPkg: Remove X64 from SUPPORTED_ARCHITECTURESMichael Kinney2016-01-071-4/+4
| | | | | | | | | | | | | QuarkSocPkg is only for IA32. Remove X64 from SUPPORTED_ARCCHITECTURES in DSC file. Cc: Kelly Steele <kelly.steele@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Michael Kinney <michael.d.kinney@intel.com> Reviewed-by: Kelly Steele <kelly.steele@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19615 6f19259b-4bc3-4df7-8a09-765794883524
* OvmfPkg: execute option ROM images regardless of Secure BootLaszlo Ersek2016-01-073-0/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Change the image verification policy for option ROM images to 0x00 (ALWAYS_EXECUTE). While this may not be a good idea for physical platforms (see e.g. <https://trmm.net/Thunderstrike>), on the QEMU platform the benefits seem to outweigh the drawbacks: - For QEMU's virtual PCI devices, and for some assigned PCI devices, the option ROMs come from host-side files, which can never be rewritten from within the guest. Since the host admin has full control over a guest anyway, executing option ROMs that originate from host-side files presents no additional threat to the guest. - For assigned physical PCI devices with option ROMs, the argument is not so clear-cut. In theory a setup could exist where: - the host-side UEFI firmware (with DENY_EXECUTE_ON_SECURITY_VIOLATION) rejects the option ROM of a malicious physical PCI device, but - when the device is assigned to the guest, OVMF executes the option ROM in the guest, - the option ROM breaks out of the guest (using an assumed QEMU vulnerability) and gains QEMU user privileges on the host. However, in order to escalate as far as it would happen on the bare metal with ALWAYS_EXECUTE (i.e., in order to gain firmware-level access on the host), the malicious option ROM would have to break through (1) QEMU, (2) traditional UID and GID based privilege separation on the host, (3) sVirt (SELinux) on the host, (4) the host OS - host firmware boundary. This is not impossible, but not likely enough to discourage the use cases below. - This patch makes it possible to use unsigned iPXE network drivers that QEMU presents in the option ROMs of virtual NICs and assigned SR-IOV VFs, even if Secure Boot is in User Mode or Deployed Mode. - The change also makes it possible to execute unsigned, outdated (revoked), or downright malicious option ROMs of assigned physical devices in guests, for corporate, entertainment, academia, or security research purposes. Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19614 6f19259b-4bc3-4df7-8a09-765794883524
* OvmfPkg: inherit Image Verification Policy defaults from SecurityPkgLaszlo Ersek2016-01-073-21/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Secure Boot support was originally addded to OvmfPkg on 2012-Mar-09, in SVN r13093 (git 8cee3de7e9f4), titled OvmfPkg: Enable secure-boot support when SECURE_BOOT_ENABLE==TRUE At that time the image verification policies in SecurityPkg/SecurityPkg.dec were: - option ROM image: 0x00 (ALWAYS_EXECUTE) - removable media image: 0x05 (QUERY_USER_ON_SECURITY_VIOLATION) - fixed media image: 0x05 (QUERY_USER_ON_SECURITY_VIOLATION) The author of SVN r13093 apparently didn't want to depend on the SecurityPkg defaults for the latter two image origins, plus the ALWAYS_EXECUTE policy for option ROM images must have been deemed too lax. For this reason SVN r13093 immediately spelled out 0x05 (QUERY_USER_ON_SECURITY_VIOLATION) within OvmfPkg for all three image origins. Fast forward to 2013-Aug-28: policy 0x05 (QUERY_USER_ON_SECURITY_VIOLATION) had been forbidden in the UEFI spec, and SVN r14607 (git db44ea6c4e09) reflected this in the source code: - The policies for the latter two image origins were switched from 0x05 to 0x04 (DENY_EXECUTE_ON_SECURITY_VIOLATION) in SecurityPkg, - the patch changed the default policy for option ROM images too, from 0x00 (ALWAYS_EXECUTE) to 0x04 (DENY_EXECUTE_ON_SECURITY_VIOLATION), - any other client DSC files, including OvmfPkg's, underwent a whole-sale 0x05 (QUERY_USER_ON_SECURITY_VIOLATION) -> 0x04 (DENY_EXECUTE_ON_SECURITY_VIOLATION) replacement too. The practical result of that patch for OvmfPkg was that the explicit 0x04 settings would equal the strict SecurityPkg defaults exactly. And that's what we have today: the "override the default values from SecurityPkg" comments in OvmfPkg's DSC files are stale, in practice. It is extremely unlikely that SecurityPkg would change the defaults from 0x04 (DENY_EXECUTE_ON_SECURITY_VIOLATION) any time in the future, so let's just inherit those in OvmfPkg. Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Fu Siyuan <siyuan.fu@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19613 6f19259b-4bc3-4df7-8a09-765794883524
* MdeModulePkg/ScsiDisk: Increase the value of SCSI_DISK_TIMEOUT to 30sFeng Tian2016-01-071-1/+5
| | | | | | | | | | | | | | | | As ScsiDisk and ScsiBus driver are used to manage SCSI or ATAPI devices, the timeout value is updated to 30s to follow ATA/ATAPI spec in which the device may take up to 30s to respond command. The change is used to solve device compatibility issue found with a TEAC DV-W28S-WZ3 slim DVD plus a SONY AccuCORE DVD-R media in which the DVD spends 8s to response READ_CAPACITY cmd after resetting the host machine. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Feng Tian <feng.tian@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19612 6f19259b-4bc3-4df7-8a09-765794883524
* MdeModulePkg/Ide: return correct status when DRQ is not ready for ATAPIFeng Tian2016-01-071-1/+1
| | | | | | | | | | | | When executing ATAPI cmd at IDE mode, EFI_SUCCESS may be returned wrongly with old logic but in fact DRQ is not ready and the transaction doesn't get executed correctly at this time. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Feng Tian <feng.tian@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19611 6f19259b-4bc3-4df7-8a09-765794883524
* Revert "ShellPkg : Add UEFI_APPLICATION module type to ↵Laszlo Ersek2016-01-061-2/+1
| | | | | | | | | | | | | | | | | | | | | | UefiShellInstall1CommandsLib.inf" SVN r19585 broke the OVMF build: > ShellPkg/Library/UefiShellInstall1CommandsLib/UefiShellInstall1CommandsLib.inf(20): > error 3001: MODULE_TYPE UEFI_DRIVER UEFI_APPLICATION is not supported > for EDK II, valid values are: > BASE SEC PEI_CORE PEIM DXE_CORE DXE_DRIVER DXE_RUNTIME_DRIVER > DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_DRIVER UEFI_APPLICATION USER_DEFINED > SMM_CORE Revert the patch. Reported-by: Laszlo Ersek <lersek@redhat.com> Suggested-by: "El-Haj-Mahmoud, Samer" <samer.el-haj-mahmoud@hpe.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19610 6f19259b-4bc3-4df7-8a09-765794883524
* NetworkPkg: DnsDxe: fix return type of DnsFillinQNameForQueryIp()Laszlo Ersek2016-01-062-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Change the return type of DnsFillinQNameForQueryIp() from (UINT8*) to (CHAR*). This brings the function in sync with both its internal variables and all of its call sites, fixing the following gcc build breakage: > NetworkPkg/DnsDxe/DnsImpl.c: In function 'DnsFillinQNameForQueryIp': > NetworkPkg/DnsDxe/DnsImpl.c:1068:3: error: pointer targets in return > differ in signedness > [-Werror=pointer-sign] > return QueryName; > ^ The code was added in git commit fcae1a99 (SVN r19579). Cc: Subramanian Sriram <sriram-s@hpe.com> Cc: El-Haj-Mahmoud Samer <samer.el-haj-mahmoud@hpe.com> Cc: Ye Ting <ting.ye@intel.com> Cc: Fu Siyuan <siyuan.fu@intel.com> Cc: Jiaxin Wu <jiaxin.wu@intel.com> Cc: Ye Ting <ting.ye@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19609 6f19259b-4bc3-4df7-8a09-765794883524
* ShellPkg: Make 'alias' can display a single alias name.Qiu Shumin2016-01-061-3/+16
| | | | | | | | | | When we run command "alias cat" Shell print out "alias: Too few arguments". This patch makes value of single alias name can be displayed. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Qiu Shumin <shumin.qiu@intel.com> Reviewed-by: Jaben Carsey <jaben.carsey@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19608 6f19259b-4bc3-4df7-8a09-765794883524
* ShellPkg: Fix Shell assert when mv a file to a NULL target.Qiu Shumin2016-01-061-2/+2
| | | | | | | | | | When run command 'mv file ' the Shell assert. The patch refined the length of the buffer to fix this bug. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Qiu Shumin <shumin.qiu@intel.com> Reviewed-by: Jaben Carsey <jaben.carsey@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19607 6f19259b-4bc3-4df7-8a09-765794883524
* Rollback the commit because it has potential issue.Dandan Bi2016-01-061-34/+0
| | | | | | | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dandan Bi <dandan.bi@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19606 6f19259b-4bc3-4df7-8a09-765794883524
* MdeModulePkg: Add error DEBUG statements in ATA passthru driverSamer El-Haj-Mahmoud2016-01-061-0/+3
| | | | | | | | | | DEBUG errors for COMRESET and Port phy not ready. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Samer El-Haj-Mahmoud <elhaj@hpe.com> Reviewed-by: Feng Tian <feng.tian@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19605 6f19259b-4bc3-4df7-8a09-765794883524
* BaseTools: Fix 'caculate' typosHao Wu2016-01-062-3/+3
| | | | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19604 6f19259b-4bc3-4df7-8a09-765794883524
* MdeModulePkg: Fix 'accroding' typos in MdeModulePkg.dec/.uniHao Wu2016-01-062-8/+8
| | | | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19603 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg Tcg2Pei: Fix a typo in function descriptionHao Wu2016-01-061-1/+1
| | | | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19602 6f19259b-4bc3-4df7-8a09-765794883524
* NetworkPkg IScsiDxe: Fix typos in function descriptionsHao Wu2016-01-062-2/+2
| | | | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19601 6f19259b-4bc3-4df7-8a09-765794883524
* NetworkPkg IpSecDxe: Fix a typo in function descriptionHao Wu2016-01-061-1/+1
| | | | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19600 6f19259b-4bc3-4df7-8a09-765794883524
* MdeModulePkg IScsiDxe: Fix a typo in function descriptionHao Wu2016-01-061-1/+1
| | | | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19599 6f19259b-4bc3-4df7-8a09-765794883524
* MdeModulePkg AcpiTableDxe: Fix a typo in function descriptionHao Wu2016-01-061-1/+1
| | | | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19598 6f19259b-4bc3-4df7-8a09-765794883524
* MdeModulePkg DxeHttpLib: Fix typos in function descriptionsHao Wu2016-01-061-3/+3
| | | | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19597 6f19259b-4bc3-4df7-8a09-765794883524
* MdeModulePkg Core/Dxe/Misc: Fix typos in function descriptionsHao Wu2016-01-061-2/+2
| | | | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19596 6f19259b-4bc3-4df7-8a09-765794883524
* MdeModulePkg UhciDxe: Fix a typo in function descriptionHao Wu2016-01-061-1/+1
| | | | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19595 6f19259b-4bc3-4df7-8a09-765794883524
* AppPkg/.../Python: Clean up and document how to escape the -# option.Daryl McDaniel2016-01-062-31/+79
| | | | | | | | | | | | | | | | | | | | Depending upon the version of Shell you are using, it may be necessary to escape the '#' character, when using the "-#" command-line option, so that the Shell doesn't interpret it as the start of a comment. The escape character is '^'. Example: python -^# -V * General updating. * Re-format so that no line is longer than 80 char. * Add note about escaping the "-#" command-line option. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Daryl McDaniel <edk2-lists@mc2research.org> Reviewed-by: Erik Bjorge <erik.c.bjorge@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19594 6f19259b-4bc3-4df7-8a09-765794883524
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-08 12:21:32 +0000