summaryrefslogtreecommitdiffstats
path: root/SecurityPkg/Include
Commit message (Collapse)AuthorAgeFilesLines
...
* SecurityPkg/TPM2: Update function header of GetDigestFromDigestList()Star Zeng2016-09-211-6/+6
| | | | | | | | | | | | Update the return status description and use OUT identifier instead of IN for Digest parameter, no functionality change. Cc: Chao B Zhang <chao.b.zhang@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg/TPM2: Move GetDigestFromDigestList() to Tpm2CommandLibJiewen Yao2016-09-211-0/+18
| | | | | | | | | | | This patch just moves function Tpm2GetDigestFromDigestList() from drivers to library as GetDigestFromDigestList() and no functionality change. Cc: Chao B Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg/TPM2: Move Tpm2PcrAllocateBanks() to Tpm2CommandLibJiewen Yao2016-09-211-1/+18
| | | | | | | | | | | | This patch just moves function Tpm2CommandAllocPcr() from DxeTcg2PhysicalPresenceLib.c to Tpm2CommandLib as Tpm2PcrAllocateBanks() and no functionality change. Cc: Chao B Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg TcgStorageOpalLib: Check BlockSid capability.Eric Dong2016-05-051-0/+6
| | | | | | | | | Check the BlockSid feature capability through check BlockSid header in the DiscoveryHeader. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com>
* SecurityPkg: Remove gEdkiiSecureBootModeGuid definitionZhang, Chao B2016-05-041-2/+1
| | | | | | | | | | | | | | Remove gEdkiiSecureBootModeGuid definition for Customized Secure Boot feature defined in UEFI2.5 Mantis 1263. It is a private variable GUID. The feature has been moved to https://github.com/tianocore/edk2-staging/tree/Customized-Secure-Boot Previous check-in hash is SHA-1: af9af05bec5b1880f8e4f9142ecc0044fd0acb33 Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: El-Haj-Mahmoud Samer <samer.el-haj-mahmoud@hpe.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
* SecurityPkg: OpalPasswordSupportLib: Add Opal password support library.Eric Dong2016-03-292-0/+316
| | | | | | | | APIs used to support opal password solution to trig opal command. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com>
* SecurityPkg: TcgStorageOpalLib: Add TCG storage opal library.Eric Dong2016-03-291-0/+831
| | | | | | | | Library APIs used to create commands defined by TCG storage opal spec. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com>
* SecurityPkg: TcgStorageCoreLib: Add TCG storage core library.Eric Dong2016-03-291-0/+1310
| | | | | | | | APIs used to create commands defined by TCG storage core spec. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com>
* SecurityPkg/Tpm12CommandLib.h: Add TPM 1.2 commands used by TCG modulesMichael Kinney2016-01-211-1/+85
| | | | | | | | | | | | | | | | | | Add the following APIs that are required by TcgPei and/or TcgDxe: Tpm12Extend() Tpm12PhysicalPresence() Tpm12ContinueSelfTest() Tpm12GetCapabilityFlagPermanent() Tpm12GetCapabilityFlagVolatile() Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Michael Kinney <michael.d.kinney@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19726 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg: Add gEdkiiSecureBootModeGuid definitionChao Zhang2015-12-071-0/+1
| | | | | | | | | | | | | Add gEdkiiSecureBootModeGuid definition for Enable Secure Boot feature defined in UEFI2.5 Mantis 1263. It is a private variable GUID. https://mantis.uefi.org/mantis/view.php?id=1263 Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Zeng Star <star.zeng@intel.com> Reviewed-by: Long Qin <qin.long@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19132 6f19259b-4bc3-4df7-8a09-765794883524
* Add TPM2 support defined in trusted computing group.Yao, Jiewen2015-08-135-1/+369
| | | | | | | | | | | | | | | | | | TCG EFI Protocol Specification for TPM Family 2.0 Revision 1.0 Version 9 at http://www.trustedcomputinggroup.org/resources/tcg_efi_protocol_specification TCG Physical Presence Interface Specification Version 1.30, Revision 00.52 at http://www.trustedcomputinggroup.org/resources/tcg_physical_presence_interface_specification Add Tcg2XXX, similar file/directory as TrEEXXX. Old TrEE driver/library can be deprecated. 1) Add Tcg2Pei/Dxe/Smm driver to log event and provide services. 2) Add Dxe/Pei/SmmTcg2PhysicalPresenceLib to support TCG PP. 3) Update Tpm2 library to use TCG2 protocol instead of TrEE protocol. Test Win8/Win10 with SecureBoot enabled, PCR7 shows bound. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: "Yao, Jiewen" <Jiewen.Yao@intel.com> Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18219 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg: Delete Auth Variable driverStar Zeng2015-07-012-222/+23
| | | | | | | | | | | | | | | | | | | | | | | 1. Delete TpmMeasurementLib LibraryClass from SecurityPkg after it moved to MdeModulePkg. 2. Update DxeTpmMeasurementLib.inf to include MdeModulePkg.dec. 3. Delete authenticated variable definition from AuthenticatedVariableFormat.h after them moved to VariableFormat.h. 4. Replace VARIABLE_HEADER with AUTHENTICATED_VARIABLE_HEADER in EsalVariableDxeSal. 5. Delete VariableInfo from SecurityPkg after it merged to VariableInfo in MdeModulePkg. 6. Delete VariablePei from SecurityPkg after it merged to VariablePei in MdeModulePkg. 7. Delete Auth Variable driver from SecurityPkg after it merged to Variable driver in MdeModulePkg. 8. Also update PACKAGE_GUID and PACKAGE_VERSION in SecurityPkg.dec after the deletion of authenticated variable definition, VariableInfo, VariablePei and Auth Variable driver from SecurityPkg; update PLATFORM_VERSION in SecurityPkg.dsc. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Jaben Carsey <jaben.carsey@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17772 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg: Implement AuthVariableLib library instanceStar Zeng2015-07-011-0/+17
| | | | | | | | | | | | | | | | | | | | | What to do: 1. Implement AuthVariableLib library instance. 2. Temporarily add VARIABLE_ENTRY_CONSISTENCY and variable attribute combinations definitions to AuthenticatedVariableFormat.h for git bisect. Why to do: 1. Share code. Separate auth variable service from Auth Variable driver in SecurityPkg to AuthVariableLib. Then the AuthVariableLib could benefit and be used by different implementation of Auth Variable drivers. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17758 6f19259b-4bc3-4df7-8a09-765794883524
* Add TpmInitializationDonePpi to TPM PEI module.Yao, Jiewen2015-01-221-1/+11
| | | | | | | | | | | | | | This PPI will always be installed to notify other drivers that TPM initialization action is done. TPM initialization may success or fail, or even not present. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com> Reviewed-by: "Dong, Guo" <guo.dong@intel.com> Reviewed-by: "Chiu, Chasel" <chasel.chiu@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16638 6f19259b-4bc3-4df7-8a09-765794883524
* Handle TPM device error and avoid deadloop in BDS.Yao, Jiewen2015-01-121-1/+11
| | | | | | | | | | | | | | If TPM error happens, set TPM flag to NOT present, so that trusted boot patch is disabled. Also report status code for failure, so that platform may register handler to apply policy like force system reset, or disable TPM permanently. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com> Reviewed-by: "Dong, Guo" <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16598 6f19259b-4bc3-4df7-8a09-765794883524
* Add TPM Physical Presence >=128 operation value support.Yao, Jiewen2015-01-124-2/+333
| | | | | | | | | | | | | | | The Tcg/TrEE PhysicalPresence library will depend on Tcg/TrEE PpVendor library. The default NULL library instance is provided in this package. OEM can create OemPpVendorLib as override to handle >=128 operation value. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com> Reviewed-by: "Dong, Guo" <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16597 6f19259b-4bc3-4df7-8a09-765794883524
* Add TPM12 NV related function.Yao, Jiewen2015-01-081-1/+84
| | | | | | | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com> Reviewed-by: "Dong, Guo" <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16590 6f19259b-4bc3-4df7-8a09-765794883524
* Add TPM2 commands which might be used in provision.Yao, Jiewen2014-12-231-0/+19
| | | | | | | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com> Reviewed-by: "Dong, Guo" <guo.dong@intel.com> Reviewed-by: "Long, Qin" <qin.long@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16548 6f19259b-4bc3-4df7-8a09-765794883524
* Add TPM2 commands which might be used in field upgrade.Yao, Jiewen2014-12-121-1/+132
| | | | | | | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com> Reviewed-by: "Dong, Guo" <guo.dong@intel.com> Reviewed-by: "Long, Qin" <qin.long@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16505 6f19259b-4bc3-4df7-8a09-765794883524
* Fix PCD help information format and a typo.Dong Guo2014-01-231-2/+2
| | | | | | | | | | Signed-off-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Gao, Liming <liming.gao@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15171 6f19259b-4bc3-4df7-8a09-765794883524
* Add TPM1.2 SaveState API.jyao12013-10-211-0/+12
| | | | | | | | Signed off by: Yao, Jiewen <Jiewen.yao@intel.com> Reviewed by: Dong Guo <Gui.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14791 6f19259b-4bc3-4df7-8a09-765794883524
* Add TPM2 implementation.jyao12013-09-1810-0/+1421
| | | | | | | signed off by: jiewen.yao@intel.com reviewed by: guo.dong@intel.com git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14687 6f19259b-4bc3-4df7-8a09-765794883524
* Add “VendorKeys” variable for indicating out of band key modification.Fu Siyuan2013-09-121-1/+12
| | | | | | | | Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14660 6f19259b-4bc3-4df7-8a09-765794883524
* Enhance TPM driver to protect TPM physical presence flags.Dong Guo2013-09-031-10/+15
| | | | | | | | | Signed-off-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> Reviewed-by: Ouyang, Qian <qian.ouyang@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14619 6f19259b-4bc3-4df7-8a09-765794883524
* Change EFI_TCG_EVENT_HOB_GUID value to avoid the duplicated GUID value with ↵Shumin Qiu2013-08-091-2/+2
| | | | | | | | | EFI_LEGACY_BIOS_GUID. Signed-off-by: Shumin Qiu <shumin.qiu@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14536 6f19259b-4bc3-4df7-8a09-765794883524
* Fix coding style issueczhang462012-11-281-1/+0
| | | | | | Signed-off-by : Chao Zhang <chao.b.zhang@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13976 6f19259b-4bc3-4df7-8a09-765794883524
* Move the declaration of gEfiCertDbGuid to the package's Include folder.sfu52012-11-281-2/+2
| | | | | | | | Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13975 6f19259b-4bc3-4df7-8a09-765794883524
* 1.Measure ACPI table data comes from flash event type EV_POST_CODE ACPI DATA ↵czhang462012-11-271-0/+45
| | | | | | | | | | | | to PCR[0] 2.Re-measure ACPI table after fix up with event type EV_EFI_HANDOFF_TABLES to PCR[1] Signed-off-by : Chao Zhang<chao.b.zhang@intel.com> Reviewed-by : Dong Guo<guo.dong@intel.com> Reviewed-by : Yao Jiewen<jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13964 6f19259b-4bc3-4df7-8a09-765794883524
* Add Physical Presence request UI detection logic. Refine UIConfirm ReadKey logicczhang462012-11-011-1/+17
| | | | | | | Signed-off-by : chao zhang <chao.b.zhang@intel.com> Reviewed-by : dong guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13908 6f19259b-4bc3-4df7-8a09-765794883524
* Change TPM ACCESS_X.activeLocality test timeout to TIMEOUT_Aczhang462012-10-161-1/+2
| | | | | | | Signed-off-by : chao zhang<chao.b.zhang@intel.com> Reviewed-by : dong guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13849 6f19259b-4bc3-4df7-8a09-765794883524
* Rename Trusted Hob to Measured FV hob and add Guided Hob layout structureczhang462012-09-281-6/+13
| | | | | | | | Signed-off-by : Chao Zhang<chao.b.zhang@intel.com> Reviewed-by : Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13762 6f19259b-4bc3-4df7-8a09-765794883524
* Enable TPM measurement lib to measure all PE image from a FV unmeasured by ↵czhang462012-09-111-0/+29
| | | | | | | | | TcgPei Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by : Dong, Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13714 6f19259b-4bc3-4df7-8a09-765794883524
* 1. Initialize certdb variable with correct value of list size.sfu52012-08-231-9/+0
| | | | | | | | | | 2. Use gloable database array instead of calling AllocateZeroPool in SetVariable. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13671 6f19259b-4bc3-4df7-8a09-765794883524
* 1. Reset system when user changes secure boot state in secure boot ↵sfu52012-07-051-1/+3
| | | | | | | | | | | | | configuration form. 2. Update the method to detect secure boot state in DxeImageVerificationLib and secure boot configuration driver. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13505 6f19259b-4bc3-4df7-8a09-765794883524
* Update common authenticated variable (non PK/KEK/DB/DBX) support to comply ↵tye12012-03-311-0/+9
| | | | | | | | | | | with latest UEFI spec. Signed-off by: tye1 Reviewed-by: geekboy15a Reviewed-by: sfu5 Reviewed-by: gdong1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13157 6f19259b-4bc3-4df7-8a09-765794883524
* 1. Remove “Force clear PK” feature in AuthVarialbe driver.sfu52012-03-272-14/+28
| | | | | | | | | | | | 2. Update API ForceClearPK() to UserPhysicalPresent() in PlatformSecureLib. 2. Update SecureBootConfigDxe driver and AuthVariable driver to support Custom Secure Boot Mode feature. 3. Fix some bugs in AuthVariable driver. Signed-off-by: sfu5 Reviewed-by: tye Reviewed-by: gdong1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13144 6f19259b-4bc3-4df7-8a09-765794883524
* Enable/Disable Secured Boot by 'Secure Boot Configuration' Page which is ↵qianouyang2011-10-282-0/+38
| | | | | | | | | under Setup browser. Signed-off-by: qianouyang Reviewed-by: gdong1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12586 6f19259b-4bc3-4df7-8a09-765794883524
* Implement Tcg physical presence as a library instead of DXE driver in order ↵gdong12011-09-272-26/+61
| | | | | | | | | | | | that TPM can be locked as early as possible. Signed-off-by: gdong1 Reviewed-by: hhtian Reviewed-by: niruiyu Reviewed-by: xdu2 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12447 6f19259b-4bc3-4df7-8a09-765794883524
* Clean up the private GUID definition in module Level.lgao42011-09-185-0/+133
| | | | | | | | | | | | | 0. Remove the unused private GUID from module source files. 1. Use gEfiCallerIdGuid replace of the private module GUID. 2. Add the public header files to define HII FormSet and PackageList GUID used in every HII driver. Signed-off-by: lgao4 Reviewed-by: ydong10 gdong1 tye jfan12 wli12 rsun3 jyao1 ftian git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12375 6f19259b-4bc3-4df7-8a09-765794883524
* Add security package to repository.gdong12011-09-028-0/+723
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12261 6f19259b-4bc3-4df7-8a09-765794883524
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-01 23:43:09 +0000