summaryrefslogtreecommitdiffstats
path: root/SecurityPkg/Library
Commit message (Collapse)AuthorAgeFilesLines
* SecurityPkg/OpalPWSupportLib: [CVE-2017-5753] Fix bounds check bypassUDK2015Hao Wu2018-11-211-1/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1194 Speculative execution is used by processor to avoid having to wait for data to arrive from memory, or for previous operations to finish, the processor may speculate as to what will be executed. If the speculation is incorrect, the speculatively executed instructions might leave hints such as which memory locations have been brought into cache. Malicious actors can use the bounds check bypass method (code gadgets with controlled external inputs) to infer data values that have been used in speculative operations to reveal secrets which should not otherwise be accessed. This commit will focus on the SMI handler(s) registered within the OpalPasswordSupportLib and insert AsmLfence API to mitigate the bounds check bypass issue. For SMI handler SmmOpalPasswordHandler(): Under "case SMM_FUNCTION_SET_OPAL_PASSWORD:", '&DeviceBuffer->OpalDevicePath' can points to a potential cross boundary access of the 'CommBuffer' (controlled external inputs) during speculative execution. This cross boundary access pointer is later passed as parameter 'DevicePath' into function OpalSavePasswordToSmm(). Within function OpalSavePasswordToSmm(), 'DevicePathLen' is an access to the content in 'DevicePath' and can be inferred by code: "CompareMem (&List->OpalDevicePath, DevicePath, DevicePathLen)". One can observe which part of the content within either '&List->OpalDevicePath' or 'DevicePath' was brought into cache to possibly reveal the value of 'DevicePathLen'. Hence, this commit adds a AsmLfence() after the boundary/range checks of 'CommBuffer' to prevent the speculative execution. A more detailed explanation of the purpose of commit is under the 'Bounds check bypass mitigation' section of the below link: https://software.intel.com/security-software-guidance/insights/host-firmware-speculative-execution-side-channel-mitigation And the document at: https://software.intel.com/security-software-guidance/api-app/sites/default/files/337879-analyzing-potential-bounds-Check-bypass-vulnerabilities.pdf Cc: Star Zeng <star.zeng@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com>
* SecurityPkg OpalPasswordSupportLib: Add check to avoid potential buffer ↵Eric Dong2018-08-012-18/+39
| | | | | | | | | | | | | | | | | | overflow. Current code not check the CommunicationBuffer size before use it. Attacker can read beyond the end of the (untrusted) commbuffer into controlled memory. Attacker can get access outside of valid SMM memory regions. This patch add check before use it. bugz: https://bugzilla.tianocore.org/show_bug.cgi?id=198 Cc: Yao Jiewen <jiewen.yao@intel.com> Cc: Wu Hao <hao.a.wu@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> (cherry picked from commit 87acb6e298e718250dd8b741b6888a3a54c7cb5a)
* SecurityPkg Tpm2CommandLib: Fix TPM2.0 response memory overflowZhang, Chao B2018-04-097-9/+111
| | | | | | | | | | | | | | TPM2.0 command lib always assumes TPM device and transmission channel can respond correctly. But it is not true when communication channel is exploited and wrong data is spoofed. Add more logic to prohibit memory overflow attack. Cc: Long Qin <qin.long@intel.com> Cc: Yao Jiewen <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Long Qin <qin.long@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> (cherry picked from commit dd577319e83d13a7ab46ffdccb6635281d2ca9e5)
* SecurityPkg: Tcg2Smm: TPM2 Vendor specific HIDZhang, Chao B2017-03-061-2/+2
| | | | | | | | | | | Update TPM2 HID using vendor ManufacturerID & FirmwareVersion1. Cc: Yao Jiewen <jiewen.yao@intel.com> Cc: Star Zeng <star.zeng@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com>
* SecurityPkg: Tcg2PhysicalPresence: Define TCG2 PP Flags Initial PcdZhang, Chao B2017-03-022-2/+6
| | | | | | | | | | | | | | Define PcdTcg2PhysicalPresenceFlags to initialize TCG2 PP Flags setting. Cc: Yao Jiewen <jiewen.yao@intel.com> Cc: Star Zeng <star.zeng@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com> Conflicts: SecurityPkg/SecurityPkg.dec
* SecurityPkg Tcg2PPLib: Support BlockSID related actionsStar Zeng2016-11-283-82/+225
| | | | | | | | | | | | | | | Then Tcg2PhysicalPresenceLib can support TCG2 PP TPM2, storage management and vendor specific requests according to Physical Presence Interface Specification. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Eric Dong <eric.dong@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> (cherry picked from commit e92ddda2b547f0b952935abaf44fd72e97dbf755)
* SecurityPkg DxeTcg2PPLib: Lock Tcg2PhysicalPresenceFlags variable on S4Star Zeng2016-11-231-17/+17
| | | | | | | | | | | | The code updates Tcg2PhysicalPresenceLibProcessRequest() to also lock Tcg2PhysicalPresenceFlags variable on S4. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> (cherry picked from commit 7b9b576c71c71ed134f50497fd58f862109dd80b)
* SecurityPkg: AuthVariableLib: Revert UserPhysicalPresent feature from ↵Zhang, Chao B2016-07-223-12/+4
| | | | | | | | | | | | | AuthVariableLib Physical Presence state reporting is constrained by physical presence caching in variable driver. For example, reporting must be prior to Physical Presence caching. Physical Presence state becomes constant rather than instant after caching. Therefore, PlatformSecureLib is responsible for reporting Physical Presence state in expected way. This reverts commit 90fa53213ec458b5c4f8851c09aeb3de977531e5. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> (cherry picked from commit 76bfc7e3ea136412808ad4cf54471c651bdec464)
* SecurityPkg DxeTpmMeasureBootLib: Add comments in TcgMeasurePeImage()Liming Gao2016-07-151-1/+4
| | | | | | | | | | | | The input PeImage in TcgMeasurePeImage() has been checked. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> (cherry picked from commit e39d0569a67f2cac31ad79f8d16f059c27ed82e2)
* SecurityPkg DxeImageVerificationLib: Add comments in HashPeImage()Liming Gao2016-07-151-1/+4
| | | | | | | | | | The input PeImage in HashPeImage() has been checked. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> (cherry picked from commit 89fb5aef411587661c9a1c00645d46adf76b2fb2)
* SecurityPkg: AuthVariableLib: Cache UserPhysicalPresent in AuthVariableLibZhang, Chao B2016-07-073-4/+12
| | | | | | | | | | AuthVariableLib is updated to cache the UserPhysicalPresent state to global variable. This avoids calling PlatformSecureLib during runtime and makes PhysicalPresent state consistent during one boot. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com> (cherry picked from commit 90fa53213ec458b5c4f8851c09aeb3de977531e5)
* SecurityPkg TcgStorageOpalLib: Check the capability before use.Dong, Eric2016-07-061-22/+28
| | | | | | | | | | | For Pyrite SSC device, it may not supports Active Key, So add check logic before enable it. Cc: Feng Tian <feng.tian@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit 6e7423c3c2ff56c9256b92a845b3e0c959ab0d74)
* SecurityPkg TcgStorageOpalLib: Check BlockSid capability.Eric Dong2016-07-061-0/+6
| | | | | | | | | | Check the BlockSid feature capability through check BlockSid header in the DiscoveryHeader. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit b20e0d29fa99d7e6126930e133afada55ad1bc66)
* SecurityPkg TcgStorageOpalLib: Update ComId for Block SID command.Eric Dong2016-07-061-1/+1
| | | | | | | | | | | | The ComId for Block SID authentication command is 0x0005 according to "TCG Storage Feature Set: Block SID Authentication Specification Version 1.0.0". Update code to follow this spec requirement. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit 81c1b6df92184f07446b6cf197b18c61ad8b73f0)
* SecuritPkg: DxeImageVerificationLib: Fix wrong verification logic in DBX & DBTZhang, Chao B2016-07-061-2/+9
| | | | | | | | | | In image verification, if image verified pass in DBT, still need to verify if it is blocked by any other cert/cert hash from DBX. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Long Qin <qin.long@intel.com> Reviewed-by: Dick Wilkins <dick_wilkins@phoenix.com> (cherry picked from commit 91422384d5915a6f14523b3cec557d730c940c6a)
* SecurityPkg-Opal(1): Use fixed SMM communication buffer in OPAL password lib.Eric Dong2016-07-063-4/+34
| | | | | | | | | | | | | | | | | | | This patch enhance OPAL password lib SMM communication by using fixed SMM communication buffer. Update OPAL password lib to consume EDKII_PI_SMM_COMMUNICATION_REGION_TABLE as fixed communication buffer for SMM communication. This is designed to meet Microsoft WSMT table definition on FIXED_COMM_BUFFERS requirement. Cc: Eric Dong <eric.dong@intel.com> Cc: Feng Tian <feng.tian@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit 83681c74f07978adbb621a467fe391ae901e2515)
* SecurityPkg: AuthVariableLib & SecureBootConfigDxe: Fix SecureBootEnable & ↵Hao Wu2016-07-061-13/+1
| | | | | | | | | | | | | | | | | | | | PK inconsistency issue Revert previous fix in AuthVariable driver init which breaks SecureBootEnable original behavior. Add more error handling logic in SecureBootConfigDxe to prevent wrong display info when SecureBootEnable & PK inconsistency happens. Commit hash for the reverted patch in AuthVariable driver is SHA-1: a6811666b0bef18871fa62b6c5abf18fb076fd0d (We integrate the change for AuthService.c in commit 126f3b1de02c71fde8e28abc35a46ac5f135b527 on master to AuthVariableLib.c on UDK2015 branch) Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> (cherry picked from commit 126f3b1de02c71fde8e28abc35a46ac5f135b527)
* SecurityPkg TcgStorageOpalLib: Fix wrong condition judgment.Eric Dong2016-07-041-1/+1
| | | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit 1e6844dbe4a3475a10c6ef4019ecff8261eee1f2)
* SecurityPkg OpalPasswordSupportLib: Add comments for the used protocol in ↵Eric Dong2016-07-041-1/+1
| | | | | | | | | inf file. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit 89b553bbbf7da04d633bd644aa192bbbf6506c3d)
* SecurityPkg OpalPasswordSupportLib: Remove the hard code debug build option.Eric Dong2016-07-041-3/+0
| | | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit cffc006c197a15625aca738e54b6bd4c68f2e2e2)
* SecurityPkg OpalPasswordSupportLib: Fixed gcc build failure.Eric Dong2016-07-041-0/+1
| | | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit 56a44df26b9eb56370312e105ab24c59849b2834)
* SecurityPkg TcgStorageOpalLib: Fixed gcc build failure.Eric Dong2016-07-042-4/+5
| | | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit 59ed6433dd84798da6a17366700b057218c04a3a)
* SecurityPkg TcgStorageOpalLib: Remove the hard code debug build option.Eric Dong2016-07-041-3/+0
| | | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit 3626c583e5223927faa8d33de5ce956f399d52a3)
* SecurityPkg: OpalPasswordSupportLib: Add Opal password support library.Eric Dong2016-07-043-0/+864
| | | | | | | | | APIs used to support opal password solution to trig opal command. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit 1cf00fbdb36fd2f350d92530007483b8831d4340)
* SecurityPkg: TcgStorageOpalLib: Add TCG storage opal library.Eric Dong2016-07-043-0/+2616
| | | | | | | | | Library APIs used to create commands defined by TCG storage opal spec. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit 9dd05ddec35a4c6d010dcd122d9a715d40d88d9c)
* SecurityPkg: TcgStorageCoreLib: Add TCG storage core library.Eric Dong2016-07-043-0/+2595
| | | | | | | | | APIs used to create commands defined by TCG storage core spec. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit 085dcf01f7f4ed84a0ecc58e46ad5122b26539f9)
* SecurityPkg: Revert 277a82548ac1a6d72be2c869cbd4a2b365f8d7c3Jeff Fan2016-05-195-1912/+268
| | | | | | | | | | | | | | | SecurityPkg: AuthVariableLib: Customized SecureBoot Mode transition. Implement Customized SecureBoot Mode transition logic according to Mantis 1263, including AuditMode/DeployedMode/PK update management. Also implement image verification logic in AuditMode. Image Certificate & Hash are recorded to EFI Image Execution Table. https://mantis.uefi.org/mantis/view.php?id=1263 (Sync patch r19133 from main trunk.) Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Zeng Star <star.zeng@intel.com> Reviewed-by: Long Qin <qin.long@intel.com>
* SecurityPkg: Revert e8bff743847970c1b5a74bfc891f97223e5e0263.Jeff Fan2016-05-191-17/+17
| | | | | | | | | | SecurityPkg: AuthVariableLib: Fix GCC compile error (Sync patch r19140 from main trunk.) Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg: Clear LocalAuthSession content after use.Jiewen Yao2016-03-111-2/+6
| | | | | | | | | | | | | Some commands in DxeTcg2PhysicalPresenceLib accept AuthSession as input parameter and copy to local command buffer. After use, this AuthSession content should be zeroed, because there might be some secrete there. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com> Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com> (cherry picked from commit c31313da22176002010abbcfcf5d5c5200d182ec)
* SecurityPkg: Add Tpm2 prefix to lib to avoid conflict.Jiewen Yao2016-03-111-9/+9
| | | | | | | | | | | | | Tpm2Ptp.c is library, but it miss Tpm2 prefix for IsPtpPresence() and GetPtpInterface(). There might be risk as name symbol conflict. This patch adds Tpm2 prefix for them. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: "Yao, Jiewen" <Jiewen.Yao@intel.com> Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com> Tested-by: "Wu, Hao A" <hao.a.wu@intel.com> (cherry picked from commit 0e47ac1535a5fff47b088c30a72d1abe7c817d37)
* SecurityPkg: Fix Tcg2 SubmitRequestToPreOSFunction() fail in second times.Jiewen Yao2016-03-112-4/+6
| | | | | | | | | | | | | Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction() has check if current request is same as previous. But it forget check RequestParameter, which causes second request fail to process, if RequestParameter is different. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: "Yao, Jiewen" <Jiewen.Yao@intel.com> Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com> (cherry picked from commit 6d7c4a25b7b019cc2080d5cf1a6fd11347465d65)
* SecurityPkg: Use PcdSet##S to instead of PcdSet##Star Zeng2016-03-032-2/+6
| | | | | | | | | | | | | | | | | | PcdSet## has no error status returned, then the caller has no idea about whether the set operation is successful or not. PcdSet##S were added to return error status and PcdSet## APIs were put in ifndef DISABLE_NEW_DEPRECATED_INTERFACES condition. To adopt PcdSet##S and further code development with DISABLE_NEW_DEPRECATED_INTERFACES defined, we need to Replace PcdSet## usage with PcdSet##S. Normally, DynamicDefault PCD set is expected to be success, but DynamicHii PCD set failure is a legal case. PcdTpmInitializationPolicy/PcdTcg2HashAlgorithmBitmap/PcdTpm2HashMask/PcdTpmInstanceGuid all have set operation in PEI phase, PEI phase does not allow DynamicHii PCD set, so DynamicDefault is expected for them and use PcdSet##S to instead of PcdSet## and assert when set failure. Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18614 6f19259b-4bc3-4df7-8a09-765794883524 (cherry picked from commit fe3ca12d06a534e5f10587a52730f5fd43dab831)
* SecurityPkg: Correct data copy in Tpm2NvReadPublic.Yao, Jiewen2016-02-241-2/+2
| | | | | | | | | | | | | | | | | | 1) NvPublic.dataSize data should be got from original receive buffer, instead of returned NvPublic. 2) NvNameSize means the size of NvName without size field. The original code treats it to be size of NvName with size field, so the last 2 bytes are missing. This patch fixed problem. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com> Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19756 6f19259b-4bc3-4df7-8a09-765794883524 (cherry picked from commit b1b1d6469964b61e710b08f25cbf01a7156d2ea5)
* SecurityPkg: Add TPM PTP detection in TPM12 device lib.Yao, Jiewen2016-02-241-159/+122
| | | | | | | | | | | | | | | | | | | | | | The TPM RequestUseTpm API can only set register to use the hardware, but it can not be used to distinguish TPM12 or TPM2 device. TPM PTP defines same address with TIS, so we need detect the TPM device is PTP or TIS in RequestUseTpm. Also, Tcg2Config driver call RequestUseTpm to detect TPM hardware device. So we have to add check here. There is no need to support PTP CRB style SubmitCommand(), because TPM2 device can not accept TPM12 style command. This patch also uses TpmTis.h instead of duplicate definition. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com> Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19742 6f19259b-4bc3-4df7-8a09-765794883524 (cherry picked from commit 8e997ab8d32ea9c4882912ad514e6a20901cf54e)
* SecurityPkg: Add TPM PTP support in TPM2 device lib.Yao, Jiewen2016-02-247-174/+567
| | | | | | | | | | | | | | | | | | | | TPM2 hardware may support PTP FIFO/TIS interface or PTP CRB interface. The original lib only handles PTP FIFO/TIS interface. This patch adds PTP CRB interface support. The current logic is that lib will runtime detect TPM device interface (CRB or FIFO/TIS) and call proper function to access hardware. It is compatible for old TPM2 FIFO/TIS device and new TPM2 CRB device. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com> Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19740 6f19259b-4bc3-4df7-8a09-765794883524 (cherry picked from commit 79e748cf29f6d9a92f28d44d20eef8d6c24c4092)
* SecurityPkg : Tpm2DeviceLibDTpm : Rename TisTpmCommand to avoid name collisionSamer El-Haj-Mahmoud2016-02-241-3/+4
| | | | | | | | | | | Change TisTpmCommand to Tpm2TisTpmCommand. Makes function name more clear. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Samer El-Haj-Mahmoud <samer.el-haj-mahmoud@hpe.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19622 6f19259b-4bc3-4df7-8a09-765794883524 (cherry picked from commit c2967d35d84fce6caf6691d2d892d20e8c273601)
* SecurityPkg: Clear AuthSession content after use.Yao, Jiewen2016-02-236-122/+333
| | | | | | | | | | | | | Some commands in Tpm2CommandLib accept AuthSession as input parameter and copy to local command buffer. After use, this AuthSession content should be zeroed, because there might be some secrete there. (Sync patch r19635 from main trunk.) Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com> Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com>
* SecurityPkg: Add Tpm2Startup return code check.Yao, Jiewen2016-02-231-4/+25
| | | | | | | | | | | | Tpm2Startup does not check TPM device return code. It might cause problem, that error is not detected in Tcg2Peim, for example, S3 resume case. (Sync patch r19634 from main trunk.) Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com> Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com>
* DxeTpmMeasureBootLib: Change global variable name to avoid name conflict.Eric Dong2015-12-181-5/+5
| | | | | | | | | | (Sync patch r19334 from main trunk.) Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/branches/UDK2015@19366 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg: AuthVariableLib: Fix GCC compile errorArd Biesheuvel2015-12-101-17/+17
| | | | | | | | | | (Sync patch r19140 from main trunk.) Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/branches/UDK2015@19191 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg: AuthVariableLib: Customized SecureBoot Mode transition.Chao Zhang2015-12-105-268/+1912
| | | | | | | | | | | | | | | Implement Customized SecureBoot Mode transition logic according to Mantis 1263, including AuditMode/DeployedMode/PK update management. Also implement image verification logic in AuditMode. Image Certificate & Hash are recorded to EFI Image Execution Table. https://mantis.uefi.org/mantis/view.php?id=1263 (Sync patch r19133 from main trunk.) Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Zeng Star <star.zeng@intel.com> Reviewed-by: Long Qin <qin.long@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/branches/UDK2015@19189 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg: Remove temp return solution in PeiRsa2048Sha256 Section LibZhang Chao2015-11-181-6/+0
| | | | | | | | | | | | PeiCore supports EFI_PEI_SECURITY_PPI to handle section extraction failure. The wrong returning status is no longer needed. (Sync patch r18732 from main trunk.) Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Zhang Chao <chao.b.zhang@intel.com> Reviewed-by: Gao Liming <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/branches/UDK2015@18869 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg : Fix Rsa2048Sha256GuidedSectionExtractLib issueCohen, Eugene2015-11-162-4/+4
| | | | | | | | | | | | This issue causes section extraction overrun and possible hang due to bad output size calculation. (Sync patch r18625 from main trunk.) Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: "Cohen, Eugene" <eugene@hp.com> Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/branches/UDK2015@18801 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg AuthVariableLib: Add the missing gEfiAuthenticatedVariableGuidStar Zeng2015-11-161-0/+4
| | | | | | | | | | | | | | There is no real build failure, as AuthVariableLib always links to variable driver. But for code integrity, we should add it. (Sync patch r18613 from main trunk.) Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/branches/UDK2015@18798 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg: Use PcdGetSize to get the size of VOID* PCD value.Liming Gao2015-08-254-7/+7
| | | | | | | | | | | | PcdLib introduces generic API to get the size of VOID* PCD value. Update Pei and Dxe RsaGuidedLib to use generic PCD API instead of GetEx API. This change can remove PCD type limitation in these two libraries. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18277 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg: Update SignatureSize to comply UEFI specChao Zhang2015-08-171-1/+1
| | | | | | | | | | Update SignatureSize to include SignatureOwner GUID. This behavior is defined by UEFI spec Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Qin Long <qin.long@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18226 6f19259b-4bc3-4df7-8a09-765794883524
* Add TPM2 support defined in trusted computing group.Yao, Jiewen2015-08-1326-122/+2289
| | | | | | | | | | | | | | | | | | TCG EFI Protocol Specification for TPM Family 2.0 Revision 1.0 Version 9 at http://www.trustedcomputinggroup.org/resources/tcg_efi_protocol_specification TCG Physical Presence Interface Specification Version 1.30, Revision 00.52 at http://www.trustedcomputinggroup.org/resources/tcg_physical_presence_interface_specification Add Tcg2XXX, similar file/directory as TrEEXXX. Old TrEE driver/library can be deprecated. 1) Add Tcg2Pei/Dxe/Smm driver to log event and provide services. 2) Add Dxe/Pei/SmmTcg2PhysicalPresenceLib to support TCG PP. 3) Update Tpm2 library to use TCG2 protocol instead of TrEE protocol. Test Win8/Win10 with SecureBoot enabled, PCR7 shows bound. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: "Yao, Jiewen" <Jiewen.Yao@intel.com> Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18219 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg: Update coding styleChao Zhang2015-08-061-1/+2
| | | | | | | | | | Update to EDK2 coding style Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Qiu Shumin <shumin.qiu@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18171 6f19259b-4bc3-4df7-8a09-765794883524
* Downgrade one debug message level in DxeTpm2MeasureBootHandler from ↵Yao, Jiewen2015-07-281-1/+1
| | | | | | | | | | | | EFI_D_ERROR to EFI_D_INFO. No TPM2 is considered as valid case. For example, a platform may only have TPM1.2, without TPM2.0 So this is NOT an ERROR message, but more an INFO message. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: "Yao, Jiewen" <Jiewen.Yao@intel.com> Reviewed-by: "Chao Zhang" <chao.b.zhang@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18091 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg AuthVariableLib: Correct address pointers dataStar Zeng2015-07-261-6/+13
| | | | | | | | | | | | | | | Originally, the double pointer (VOID **) is not correct for convert address pointers, and also some address pointers were missing. Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <Jiewen.Yao@intel.com> [lersek@redhat.com: fix up gcc build failure -- add more (VOID **) casts] Tested-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Laszlo Ersek <lersek@redhat.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18055 6f19259b-4bc3-4df7-8a09-765794883524
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-02 20:37:26 +0000