summaryrefslogtreecommitdiffstats
path: root/SecurityPkg/Library
Commit message (Collapse)AuthorAgeFilesLines
* SecurityPkg: DxeImageVerificationLib: Update PCR[7] measure logicZhang, Chao B2017-01-221-3/+7
| | | | | | | | | | | | | | Update PCR[7] measure logic according to TCG PC Client PFP 00.37. Only entries in DB that is used for image authentication need to be measured. http://www.trustedcomputinggroup.org/wp-content/uploads/PC-ClientSpecific_Platform_Profile_for_TPM_2p0_Systems_v21.pdf Cc: Star Zeng <star.zeng@intel.com> Cc: Yao Jiewen <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
* SecurityPkg/FmpAuthenticationLib: Refine to compare with same typeHao Wu2017-01-122-4/+4
| | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
* SecurityPkg: Tcg2PhysicalPresence: Define TCG2 PP Flags Initial PcdZhang, Chao B2016-12-292-2/+6
| | | | | | | | | | | Define PcdTcg2PhysicalPresenceFlags to initialize TCG2 PP Flags setting. Cc: Yao Jiewen <jiewen.yao@intel.com> Cc: Star Zeng <star.zeng@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com>
* SecurityPkg: Tcg2Smm: TPM2 Vendor specific HIDZhang, Chao B2016-12-291-2/+2
| | | | | | | | | | | Update TPM2 HID using vendor ManufacturerID & FirmwareVersion1. Cc: Yao Jiewen <jiewen.yao@intel.com> Cc: Star Zeng <star.zeng@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com>
* SecurityPkg/FmpAuthLib: Add PublicKeyDataLength checkJiewen Yao2016-12-231-0/+5
| | | | | | | | | | | Add PublicKeyDataLength check to be multiple SHA256_DIGEST_SIZE to avoid caller make mistake, or platform mis-configuration. Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Qin Long <qin.long@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Qin Long <qin.long@intel.com>
* SecurityPkg/FmpAuthenticationLib: Fix Guid format issuesDandan Bi2016-12-202-3/+3
| | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dandan Bi <dandan.bi@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
* SecurityPkg/FmpAuthenticationLibRsa2048Sha256: Fix Guid/pcd format issuesDandan Bi2016-12-141-3/+3
| | | | | | | | Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dandan Bi <dandan.bi@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
* SecurityPkg/FmpAuthenticationLibPkcs7: Fix incorrect Guid formatDandan Bi2016-12-141-1/+1
| | | | | | | | Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dandan Bi <dandan.bi@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
* SecurityPkg Tcg2PPLib: Support BlockSID related actionsStar Zeng2016-11-283-76/+210
| | | | | | | | | | | | | | Then Tcg2PhysicalPresenceLib can support TCG2 PP TPM2, storage management and vendor specific requests according to Physical Presence Interface Specification. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Eric Dong <eric.dong@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com>
* SecurityPkg DxeTcg2PPLib: Lock Tcg2PhysicalPresenceFlags variable on S4Star Zeng2016-11-231-17/+17
| | | | | | | | | | | The code updates Tcg2PhysicalPresenceLibProcessRequest() to also lock Tcg2PhysicalPresenceFlags variable on S4. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* Revert old "Enable BlockSid related PP actions" patch series.Eric Dong2016-11-2318-2037/+14
| | | | | | | | | | | New solution for this issue will be provided. This reverts commits from d1947ce509d745f32db6b7fecc03dc9c778b9350 to bda034c34deea6eb43edcef28018a9ace8f04637. Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com>
* SecurityPkg TcgStorageCoreLib: ASSERT to ensure 'ByteSeq' is not NULLHao Wu2016-11-221-0/+2
| | | | | | | | | | | Add ASSERT to make sure 'ByteSeq' is not NULL before comsumed by CopyMem(). Cc: Eric Dong <eric.dong@intel.com> Cc: Feng Tian <feng.tian@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
* SecurityPkg SmmTcg2PhysicalPresenceLib: Enable Storage actions.Eric Dong2016-11-212-8/+34
| | | | | | | | | | | After enable storage related actions in the TcgPhysicalPresenceStorageLib, use this library to support storage related actions in this library. Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com>
* SecurityPkg DxeTcgPhysicalPresenceLib: Enable Storage actions.Eric Dong2016-11-212-2/+18
| | | | | | | | | | | After enable storage related actions in the TcgPhysicalPresenceStorageLib, use this library to support storage related actions in this library. Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com>
* SecurityPkg DxeTcg2PhysicalPresenceLib: Enable Storage actions.Eric Dong2016-11-212-4/+22
| | | | | | | | | | | After enable storage related actions in the TcgPhysicalPresenceStorageLib, use this library to support storage related actions in this library. Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com>
* SecurityPkg: Add SmmTcgPhysicalPresenceStorageLib.Eric Dong2016-11-213-0/+245
| | | | | | | | | | | Tcg Physical Presence spec defined some actions used for storage device. Add Smm version library to handles these actions. Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com>
* SecurityPkg: Add DxeTcgPhysicalPresenceStorageLib.Eric Dong2016-11-219-0/+1718
| | | | | | | | | | | Tcg Physical Presence spec defined some actions used for storage device. Add Dxe version library to handles these actions. Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com>
* SecurityPkg TPM2: Update desc for param Buffer of GetDigestListSize()Star Zeng2016-11-211-1/+1
| | | | | | | | | | | | | To make the description more clear, update the description for parameter Buffer of GetDigestListSize() to "Buffer to hold copied TPML_DIGEST_VALUES compact binary.". Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by : Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
* SecurityPkg TPM2: Add GetHashMaskFromAlgo() into Tpm2CommandLibStar Zeng2016-11-211-5/+29
| | | | | | | | | | | Add GetHashMaskFromAlgo() into Tpm2CommandLib for coming consumer. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by : Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
* SecurityPkg TPM2: Make IsHashAlgSupportedInHashAlgorithmMask externalStar Zeng2016-11-211-0/+1
| | | | | | | | | | | | Current IsHashAlgSupportedInHashAlgorithmMask is only an internal function, this patch makes it external for coming consumer. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by : Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg TPM2: Assign real copied count in CopyDigestListToBuffer()Star Zeng2016-11-211-1/+6
| | | | | | | | | | | In CopyDigestListToBuffer() of Tpm2CommandLib, the count in returned Buffer should be real copied DigestList count. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
* SecurityPkg: Fix typos in commentsZhang, Chao B2016-11-155-7/+7
| | | | | | | | | | | | | | | | This patch fixes the following typos: - intialized -> initialized - TURE -> TRUE - successull -> successfully - hanlder -> handler - funciton -> function - Seperator -> Separator - Sumbit -> Submit Also convert EFI_D_ERROR to DEBUG_ERROR for some debug messages. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Gary Lin <glin@suse.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg/FmpAuthenticationLibRsa2048Sha256: Add RSA2048 instance.Jiewen Yao2016-11-083-0/+434
| | | | | | | | | | | | | | | It provides Rsa2048Sha256 based FMP authentication. Cc: Feng Tian <feng.tian@intel.com> Cc: Star Zeng <star.zeng@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Liming Gao <liming.gao@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Michael Kinney <michael.d.kinney@intel.com> Tested-by: Michael Kinney <michael.d.kinney@intel.com>
* SecurityPkg/FmpAuthenticationLibPkcs7: Add PKCS7 instance for FMP.Jiewen Yao2016-11-083-0/+297
| | | | | | | | | | | | | | | It provides PKCS7 based FMP authentication. Cc: Feng Tian <feng.tian@intel.com> Cc: Star Zeng <star.zeng@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Liming Gao <liming.gao@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Michael Kinney <michael.d.kinney@intel.com> Tested-by: Michael Kinney <michael.d.kinney@intel.com>
* SecurityPkg/AuthVariableLib: rebase to ARRAY_SIZE()Laszlo Ersek2016-10-271-2/+2
| | | | | | | | | Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Star Zeng <star.zeng@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com>
* SecurityPkg: SmmTcg2PhysicalPresenceLib: Fix coding style issueZhang, Chao B2016-10-211-2/+2
| | | | | | | | | Fix coding style issue for function descriptor. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Long Qin <qin.long@intel.com> Reviewed-by: Bi Dandan <dandan.bi@intel.com>
* SecurityPkg: Fix typo 'Ihis' with 'This' in codesHao Wu2016-10-1822-45/+45
| | | | | | | | Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
* SecurityPkg: SmmTcg2PhysicalPresenceLib: Fix GCC build failureZhang, Chao B2016-10-102-2/+3
| | | | | | | | | GCC is case sensitive. Also add BaseMemoryLib in INF. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Gao Liming <liming.gao@intel.com> Reviewed-by: Long Qin <qin.long@intel.com>
* SecurityPkg: Tcg2: Fix TCG2 PP issuesZhang, Chao B2016-09-291-22/+77
| | | | | | | | | | | | | Several issues exist in TCG2 PP 1. TCG2 PP use NVS PPRQ/PPRM as PP parameter as well as current PP state cache. But it doesn't handle PP set failure case 2. TCG2 PP Submit TPM Operation Request to Pre-OS Environment forgets to clean PPRM 3. Potential alignment issue Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Qin Long <qin.long@intel.com>
* SecurityPkg/TPM2: Extract GetSupportedAndActivePcrs to Tpm2CommandLibJiewen Yao2016-09-212-12/+97
| | | | | | | | | | | | | | This patch extracts function Tpm2GetCapabilitySupportedAndActivePcrs() from drivers and also update Tcg2ExecutePhysicalPresence() to call Tpm2GetCapabilitySupportedAndActivePcrs() instead of Tcg2Protocol->GetCapability to query the TPM to determine which hashing algorithms are supported. Cc: Chao B Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg/TPM2: Move CopyDigestListToBuffer() to Tpm2CommandLibJiewen Yao2016-09-211-0/+83
| | | | | | | | | | | | | | | This patch just moves function CopyDigestListToBuffer() from drivers to library with HashAlgorithmMask parameter added to make the interface more applicable. The related function IsHashAlgSupportedInHashAlgorithmMask() is also moved from drivers to library as internal function. Cc: Chao B Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg/TPM2: Move GetDigestListSize() to Tpm2CommandLibJiewen Yao2016-09-211-0/+26
| | | | | | | | | | | This patch just moves function GetDigestListSize() from drivers to library and no functionality change. Cc: Chao B Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg/TPM2: Update function header of GetDigestFromDigestList()Star Zeng2016-09-211-7/+7
| | | | | | | | | | | | Update the return status description and use OUT identifier instead of IN for Digest parameter, no functionality change. Cc: Chao B Zhang <chao.b.zhang@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg/TPM2: Move GetDigestFromDigestList() to Tpm2CommandLibJiewen Yao2016-09-211-1/+37
| | | | | | | | | | | This patch just moves function Tpm2GetDigestFromDigestList() from drivers to library as GetDigestFromDigestList() and no functionality change. Cc: Chao B Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg/TPM2: Move Tpm2PcrAllocateBanks() to Tpm2CommandLibJiewen Yao2016-09-212-135/+136
| | | | | | | | | | | | This patch just moves function Tpm2CommandAllocPcr() from DxeTcg2PhysicalPresenceLib.c to Tpm2CommandLib as Tpm2PcrAllocateBanks() and no functionality change. Cc: Chao B Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg: TPM12CommandLib: Add Response returnCode CheckZhang, Chao B2016-09-012-1/+18
| | | | | | | | | | Check response return code before return from Tpm12Extend and Tpm12PhysicalPresence. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> Reviewed-by: Long Qin <qin.long@intel.com>
* SecurityPkg: Use IsZeroGuid API for zero GUID checkingHao Wu2016-08-314-11/+7
| | | | | | | | | | Instead of comparing a GUID with gZeroGuid via the CompareGuid API, the commit uses the IsZeroGuid API to check if the given GUID is a zero GUID. Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg: AuthVariableLib: Fix inconsistent CertDB caseZhang, Chao B2016-08-171-1/+1
| | | | | | | | | | | | | | | | | | | 2 steps are used to create/delete a time based variable. For create step 1: Insert Signer Cert to CertDB. Step 2: Insert Payload to Variable. For delete step 1: Delete Variable. Step 2: Delete Cert from CertDB. System may breaks between step 1 & step 2, so CertDB may contains useless Cert in the next reboot. AuthVariableLib choose to sync consistent state between CertDB & Time Auth Variable on initialization. However, it doesn't apply Time Auth attribute check. Now add it. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Zeng Star <star.zeng@intel.com>
* SecurityPkg: AuthVariableLib: Revert UserPhysicalPresent feature from ↵Zhang, Chao B2016-07-223-12/+4
| | | | | | | | | | | | AuthVariableLib Physical Presence state reporting is constrained by physical presence caching in variable driver. For example, reporting must be prior to Physical Presence caching. Physical Presence state becomes constant rather than instant after caching. Therefore, PlatformSecureLib is responsible for reporting Physical Presence state in expected way. This reverts commit 90fa53213ec458b5c4f8851c09aeb3de977531e5. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
* SecurityPkg DxeTpmMeasureBootLib: Add comments in TcgMeasurePeImage()Liming Gao2016-07-141-1/+4
| | | | | | | | | | | The input PeImage in TcgMeasurePeImage() has been checked. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg DxeImageVerificationLib: Add comments in HashPeImage()Liming Gao2016-07-141-1/+4
| | | | | | | | | The input PeImage in HashPeImage() has been checked. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg: Update PlatformSecureLibNull with PCD to get physical presence.Liming Gao2016-06-292-4/+34
| | | | | | | | | | | | | | This is an incompatible change. It uses PcdUserPhysicalPresence value instead of hard code TRUE. Because PcdUserPhysicalPresence default value is FALSE, this patch changes UserPhysicalPresent() return value from TRUE to FALSE. From Security point, it is not safe to always return TRUE. If user wants this behavior, he can still configure PcdUserPhysicalPresence value to TRUE in the platform DSC file. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Giri P Mudusuru <giri.p.mudusuru@intel.com>
* SecurityPkg: AuthVariableLib: Cache UserPhysicalPresent in AuthVariableLibZhang, Chao B2016-06-283-4/+12
| | | | | | | | | AuthVariableLib is updated to cache the UserPhysicalPresent state to global variable. This avoids calling PlatformSecureLib during runtime and makes PhysicalPresent state consistent during one boot. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com>
* SecurityPkg/TcgStorageOpalLib: Avoid using special word in commentsEric Dong2016-06-161-1/+1
| | | | | | | Cc: Shumin Qiu <shumin.qiu@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Qiu Shumin <shumin.qiu@intel.com>
* SecurityPkg : Tpm12DeviceLibDTpm: Fix TPM12 wrong Response Tag checkZhang, Chao B2016-06-081-3/+5
| | | | | | | | TcgDxePassThroughToTpm should be able to handle all TPM12 Command & Response correctly. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Long Qin <qin.long@intel.com>
* SecurityPkg/DxeImageVerificationLib: Add DEBUG messages for image ↵Cinnamon Shia2016-05-191-1/+18
| | | | | | | | | | | verification failures Add DEBUG messages in DxeImageerificationLib to help debug Secure Boot image verification failures Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Cinnamon Shia <cinnamon.shia@hpe.com> Reviewed-by: Samer EL-Haj-Mahmoud <elhaj@hpe.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg: Remove non-ASCII character from TPM warning stringsZhang, Chao B2016-05-161-1/+2
| | | | | | | | | Remove a non-ASCII apostrophe character from TPM_WARNING_MAINTAIN message Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Samer El-Haj-Mahmoud <elhaj@hpe.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg TcgStorageOpalLib: Check the capability before use.Dong, Eric2016-05-091-22/+28
| | | | | | | | | | For Pyrite SSC device, it may not supports Active Key, So add check logic before enable it. Cc: Feng Tian <feng.tian@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com>
* SecurityPkg TcgStorageOpalLib: Check BlockSid capability.Eric Dong2016-05-051-0/+6
| | | | | | | | | Check the BlockSid feature capability through check BlockSid header in the DiscoveryHeader. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com>
* SecurityPkg TcgStorageOpalLib: Update ComId for Block SID command.Eric Dong2016-05-051-1/+1
| | | | | | | | | | | The ComId for Block SID authentication command is 0x0005 according to "TCG Storage Feature Set: Block SID Authentication Specification Version 1.0.0". Update code to follow this spec requirement. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com>
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-11 21:54:58 +0000