summaryrefslogtreecommitdiffstats
path: root/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe
Commit message (Collapse)AuthorAgeFilesLines
* SecurityPkg: Convert source file to DOS formatLiming Gao2017-12-281-13/+13
| | | | | | | Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Liming Gao <liming.gao@intel.com> Cc: Qin Long <qin.long@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg/SecureBootConfigDxe: Fix deleting signature data issue.chenc22017-11-271-7/+13
| | | | | | | | | | | | Replace "(UINT8 *)NewVariableData" with (UINT8 *)NewVariableData + Offset" to avoid the header of EFI_SIGNATURE_LIST being copied to the front of NewVariableData every time and update ListWalker when handling the current EFI_SIGNATURE_LIST finishes. Cc: Zhang Chao <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: chenc2 <chen.a.chen@intel.com> Reviewed-by: Zhang Chao <chao.b.zhang@intel.com>
* SecurityPkg/SecureBootConfigDxe: Handle lack of STR_SIGNATURE_* tokenschenc22017-10-191-37/+76
| | | | | | | | | | | | | | Add check to avoid NULL ptr dereference. The function HiiGetString will return NULL pointer when the platform does not install the appropriate string or call HiiGetString fail.(For example, HII not support specified language.) Cc: Zhang Chao <chao.b.zhang@intel.com> Cc: Wu Hao <hao.a.wu@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: chenc2 <chen.a.chen@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Wu Hao <hao.a.wu@intel.com>
* SecurityPkg/SecureBootConfigDxe: Change the declaring of buffer.chenc22017-10-172-92/+29
| | | | | | | | | | | | | The change doesn't impact the functionality. To avoid magic code is helpful for maintaining the codes. Use stack variable for known max length variable is more clear and safe than heap buffer. Cc: Zhang Chao B <chao.b.zhang@intel.com> Cc: Wu Hao A <hao.a.wu@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: chenc2 <chen.a.chen@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg/SecureBootConfigDxe: Fix coding style issuechenc22017-10-172-22/+22
| | | | | | | | | | | The change doesn't impact the functionality. Cc: Bi Dandan <dandan.bi@intel.com> Cc: Zhang Chao <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: chenc2 <chen.a.chen@intel.com> Reviewed-by: Bi Dandan <dandan.bi@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg/SecureBootConfigImpl.c: Secure Boot DBX UI Enhancementchenc22017-09-285-31/+1150
| | | | | | | | | | | | | Use 2-level format to display signature list and signature data. Support batch delete operation to delete signature list or signature data. Display more useful information for each signature data. Contributed-under: TianoCore Contribution Agreement 1.0 Cc: Zhang Chao B <chao.b.zhang@intel.com> Cc: Long Qin <qin.long@intel.com> Signed-off-by: Chen A Chen <chen.a.chen@intel.com> Reviewed-by: Long Qin <qin.long@intel.com> Reviewed-by: Zhang Chao B <chao.b.zhang@intel.com>
* SecurityPkg: SecureBootConfigDxe: Update CloseEnrolledFile commentZhang, Chao B2017-04-061-6/+2
| | | | | | | | | Update function CloseEnrolledFile comment introduced in 4de754e15fec9c94ce7677904efd0022c211721b Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Bi Dandan <dandan.bi@intel.com>
* SecurityPkg: SecureBootConfigDxe: Support AUTH_2 enrollment to DBXZhang, Chao B2017-04-065-84/+338
| | | | | | | | | | | Update SecureBootConfigDxe to support AUTH_2 format data enrollment to DBX. Free opened file handle resource after exit PK/KEK/DB/DBX/DBT enrollment page. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Long Qin <qin.long@intel.com>
* SecurityPkg: Refine type cast for pointer subtractionHao Wu2017-03-061-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For pointer subtraction, the result is of type "ptrdiff_t". According to the C11 standard (Committee Draft - April 12, 2011): "When two pointers are subtracted, both shall point to elements of the same array object, or one past the last element of the array object; the result is the difference of the subscripts of the two array elements. The size of the result is implementation-defined, and its type (a signed integer type) is ptrdiff_t defined in the <stddef.h> header. If the result is not representable in an object of that type, the behavior is undefined." In our codes, there are cases that the pointer subtraction is not performed by pointers to elements of the same array object. This might lead to potential issues, since the behavior is undefined according to C11 standard. Also, since the size of type "ptrdiff_t" is implementation-defined. Some static code checkers may warn that the pointer subtraction might underflow first and then being cast to a bigger size. For example: UINT8 *Ptr1, *Ptr2; UINTN PtrDiff; ... PtrDiff = (UINTN) (Ptr1 - Ptr2); The commit will refine the pointer subtraction expressions by casting each pointer to UINTN first and then perform the subtraction: PtrDiff = (UINTN) Ptr1 - (UINTN) Ptr2; Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Acked-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg: Fix potential bug in Security Boot dxe.Zhang Lubo2017-03-012-11/+11
| | | | | | | | | | | | | | | | | v2: update hash value in SecureBootConfig.vfr to keep them consistent with macro definition in SecureBootConfigImpl.h since we removed the sha-1 definition in Hash table and related macro, but the macro definition HashAlg index may be value 4 which is exceed the range of the Hash table array. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Zhang Lubo <lubo.zhang@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Long Qin <qin.long@intel.com> Cc: Yao Jiewen <jiewen.yao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg/SecureBootConfigDxe: Use StrToGuid in BaseLibRuiyu Ni2017-02-283-166/+5
| | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
* SecurityPkg: enhance secure boot Config Dxe & Time Based AuthVariable.Zhang Lubo2017-02-202-16/+6
| | | | | | | | | | | | | | | | V3: code clean up prohibit Image SHA-1 hash option in SecureBootConfigDxe. Timebased Auth Variable driver should ensure AuthAlgorithm is SHA256 before further verification Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Zhang Lubo <lubo.zhang@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Long Qin <qin.long@intel.com> Cc: Yao Jiewen <jiewen.yao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Long Qin <qin.long@intel.com>
* SecurityPkg SecureBootConfigDxe: Add check for the external PE/COFF image.Liming Gao2016-07-143-0/+72
| | | | | | | | | | | | Use BasePeCoffLib PeCoffLoaderGetImageInfo() to check the PE/COFF image. In V2, add specific ImageRead() to make sure the PE/COFF image content read is within the image buffer. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg: SecureBootConfigDxe: Add NULL pointer checkZhang, Chao B2016-05-111-1/+1
| | | | | | | | | Add SecureBoot NULL pointer check before reference it. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Samer El-Haj-Mahmoud <elhaj@hpe.com> Reviewed-by: Qiu Shumin <shumin.qiu@intel.com>
* SecurityPkg: Cleanup unused structure definitionJiaxin Wu2016-05-091-37/+0
| | | | | | | | | | | | | | This patch is used to cleanup unused structure definition. Cc: Zhang Chao B <chao.b.zhang@intel.com> Cc: Ye Ting <ting.ye@intel.com> Cc: Fu Siyuan <siyuan.fu@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg: SecureBootConfigDxe: Disable SecureBoot Enable/Disable in some caseZhang, Chao B2016-05-051-1/+1
| | | | | | | | | Disable SecureBoot Enable/Disable feature when PhysicalPresence is not available, Since SecureBootEnable is protected with PhysicalPresence. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
* SecurityPkg: SecureBootConfigDxe: Remove SecureBoot UI change for Customized ↵Zhang, Chao B2016-05-044-417/+32
| | | | | | | | | | | | | | | Secure Boot Remove SecureBoot UI support for Customized SecureBoot Mode transition according to Mantis 1263. The feature has been moved to https://github.com/tianocore/edk2-staging/tree/Customized-Secure-Boot Previous check-in hash is SHA-1: 96832eefea1025c130979dec9b7da069f77bcd96 Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: El-Haj-Mahmoud Samer <samer.el-haj-mahmoud@hpe.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
* SecurityPkg: AuthVariableLib & SecureBootConfigDxe: Fix SecureBootEnable & ↵Zhang, Chao B2016-04-191-22/+25
| | | | | | | | | | | | PK inconsistency issue Revert previous fix in AuthVariable driver init which breaks SecureBootEnable original behavior. Add more error handling logic in SecureBootConfigDxe to prevent wrong display info when SecureBootEnable & PK inconsistency happens. Commit hash for the reverted patch in AuthVariable driver is SHA-1: a6811666b0bef18871fa62b6c5abf18fb076fd0d Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
* SecurityPkg/SecureBootConfigDxe: Remove type casting from the ChooseFile ↵Gary Lin2016-03-241-5/+5
| | | | | | | | | | | | handlers The type casting in the ChooseFile is not necessary and it actually hid the incompatible handlers from the compiler. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Gary Lin <glin@suse.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Dandan Bi <dandan.bi@intel.com>
* SecurityPkg/SecureBootConfigDxe: Declare EFIAPI for the ChooseFile handlersGary Lin2016-03-242-0/+10
| | | | | | | | | | | | | | | | | | | | | | | The SecureBootConfig now uses ChooseFile() from FileExplorerLib to select the certificates to be enrolled into PK, KEK, DB, DBX, or DBT, and the corresponding handlers to get the content of the file. Per the definition of CHOOSE_HANDLER, the handler must use EFIAPI as the calling convention. However, the calling convention was not specified the following handlers: UpdatePKFromFile(), UpdateKEKFromFile(), UpdateDBFromFile(), UpdateDBXFromFile(), and UpdateDBTFromFile(). When compiling the firmware with gcc, the default calling convention is not compatible with EFIAPI, so the handlers interpreted the argument the wrong way and passed the wrong device path to UpdatePage(), and the system crashed when the user tried to enroll a certificate into the key database. This commit specifies the calling convention for those functions so that gcc can generate the right code. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Gary Lin <glin@suse.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Dandan Bi <dandan.bi@intel.com>
* SecurityPkg: SecureBootConfigDxe: Update coding styleZhang, Chao B2016-03-111-1/+2
| | | | | | | | Update code to follow EDK2 coding style. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang<chao.b.zhang@intel.com> Reviewed-by: Qiu Shumin <shumin.qiu@intel.com>
* SecurityPkg/SecureBootConfigDxe: Handle allocation failure gracefullyDandan Bi2016-03-041-9/+21
| | | | | | | | | | | | | The function AllocateCopyPool may return NULL, so need to do check after calling it. This patch is to enhance the related logic. Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Qiu Shumin <shumin.qiu@intel.com> Cc: Eric Dong <eric.dong@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dandan Bi <dandan.bi@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com>
* SecurityPkg: Use FileExplorerLib in SecureBootConfigDxeDandan Bi2016-02-266-1225/+333
| | | | | | | | | | | | | | | | | | | | Using existing library FileExplorerLib to replace the same logic in SecureBootConfigDxe to make the code clear. After using FileExplorerLib, the UI behavior for enroll PK will change, previously when select one PK file, commit/discard changes will return to Device Manager,press ESC will return to FileExplorer. Now using FileExplorerLib the behavior will keep same with enroll KEK/DB/..., commit/discard changes will return to Custom Secure Boot Options form and ESC will return to PK options form. Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Eric Dong <eric.dong@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dandan Bi <dandan.bi@intel.com> Acked-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg: SecureBootConfigDxe: Fix potential NULL pointer dereferenceChao Zhang2016-01-271-4/+5
| | | | | | | | | | Fix SecureBoot potential NULL pointer dereference. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Qiu Shumin <shumin.qiu@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19751 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg: SecureBootConfigDxe: Fix string typoChao Zhang2016-01-152-5/+5
| | | | | | | | | | | Fix secure boot mode transition string typo. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Qin Long <qin.long@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19646 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg: SecureBootConfigDxe: Enhance secure boot string update logicChao Zhang2016-01-151-42/+57
| | | | | | | | | | | | ExtractConfig is called many times, so it's not efficient to update Secure Boot STR_SECURE_BOOT_STATE_CONTENT, STR_CUR_SECURE_BOOT_MODE_CONTENT string in ExtractConfig. As these 2 strings are displayed on one form, always update them when opening the form. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19645 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg: SecureBootConfigDxe: Change KEY_TRANS_SECURE_BOOT_MODE valueChao Zhang2016-01-151-2/+2
| | | | | | | | | | | Change KEY_TRANS_SECURE_BOOT_MODE value, as it conflicts with OPTION_DEL_KEK_QUESTION_ID. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Qin Long <qin.long@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19644 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg: SecureBootConfigDxe: Remove useless code in VFRChao Zhang2015-12-221-61/+11
| | | | | | | | | | | Remove suppressif TRUE, disableif TRUE code in VFR. They are useless. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Tapan Shah <tapandshah@hpe.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19429 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg: Convert all .uni files to utf-8Jordan Justen2015-12-153-0/+0
| | | | | | | | | | | | | To convert these files I ran: $ python3 BaseTools/Scripts/ConvertUni.py SecurityPkg Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jordan Justen <jordan.l.justen@intel.com> Reviewed-by: Michael Kinney <michael.d.kinney@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19262 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg: SecureBootConfigDxe: SecureBoot UI for Customized SecureBoot ModeChao Zhang2015-12-074-56/+464
| | | | | | | | | | | | Add SecureBoot UI support for Customized SecureBoot Mode transition according to Mantis 1263. User can do secure boot mode transition through UI. https://mantis.uefi.org/mantis/view.php?id=1263 Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Zeng Star <star.zeng@intel.com> Reviewed-by: Long Qin <qin.long@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19134 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg: put missing empty lines at the end of some header filesArd Biesheuvel2015-12-032-2/+2
| | | | | | | | | | | Some compilers (like RVCT) reject input files that do not end in a newline. So add missing newlines to some SecurityPkg header files. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19107 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg:Replace unsafe string functions.Zhang Lubo2015-07-082-14/+17
| | | | | | | | | | | | Replace unsafe string functions with new added safe string functions. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Zhang Lubo <lubo.zhang@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Qiu Shumin <shumin.qiu@intel.com> Reviewed-by: Jaben Carsey <jaben.carsey@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17882 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg: Update SecureBootConfigDxe to support ARM imageArd Biesheuvel2015-05-111-3/+5
| | | | | | | | | | | Update SecureBootConfigDxe component to allow the enrollment of the digests of EFI executable that are built for ARM or AARCH64. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17406 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg: remove unused variablesArd Biesheuvel2015-05-071-2/+0
| | | | | | | | | | | | | | This removes various unused variables from SecurityPkg whose presence is causing failed builds. Contributed-under: TianoCore Contribution Agreement 1.0 Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Olivier Martin <olivier.martin@arm.com> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17354 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg: Fix typo.Shumin Qiu2015-03-131-2/+2
| | | | | | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Shumin Qiu <shumin.qiu@intel.com> Reviewed-by: Guo Dong <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17047 6f19259b-4bc3-4df7-8a09-765794883524
* Correct the Hash Calculation for Revoked X.509 Certificate to align with ↵Long, Qin2014-12-251-1/+10
| | | | | | | | | | | | | RFC3280 and UEFI 2.4 Spec. This patch added one new X509GetTBSCert() interface in BaseCryptLib to retrieve the TBSCertificate, and also corrected the hash calculation for revoked certificate to aligned the RFC3280 and UEFI 2.4 spec. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: "Long, Qin" <qin.long@intel.com> Reviewed-by: "Dong, Guo" <guo.dong@initel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16559 6f19259b-4bc3-4df7-8a09-765794883524
* UEFI 2.4 X509 Certificate Hash and RFC3161 Timestamp Verification support ↵Qin Long2014-11-147-372/+1246
| | | | | | | | | | | | | | | | | for Secure Boot Main ChangeLogs includes: 1. Introduce the new GUID and structure definitions for certificate hash and timestamp support; 2. Update Image Verification Library to support DBT signature checking; 3. Update the related SecureBoot Configuration Pages; Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Qin Long <qin.long@intel.com> Reviewed-by: Guo Dong <guo.dong@intel.com> Reviewed-by: Siyuan Fu <siyuan.fu@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16380 6f19259b-4bc3-4df7-8a09-765794883524
* Fix execution status & DEBUG message level mismatch. EFI_D_ERROR is used ↵Chao Zhang2014-11-101-2/+2
| | | | | | | | | | only when failure/case can’t be resolved by code. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16320 6f19259b-4bc3-4df7-8a09-765794883524
* Clean up the code. Action statement should not have text two opcode.Eric Dong2014-10-211-2/+0
| | | | | | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16221 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg: Convert non DOS format files to DOS formatGao, Liming2014-09-031-0/+0
| | | | | | | | | Module UNI and Package UNI files are not DOS format. Convert them to DOS format. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Gao, Liming <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16050 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg: INF/DEC file updates to EDK II packagesDong, Guo2014-08-282-0/+0
| | | | | | | | | | | | | | | | | | 2. Add MODULE_UNI_FILE file that contains the localized Abstract and Description of a module. a. Addresses an information gap between INF files and the UEFI Distribution Packaging Specification XML schema b. There will be an associated update to UPT in BaseTools to consume MODULE_UNI_FILE and associated UNI file during UDP creation that performs the INF -> XML conversion. c. There will be an associated update to UPT in BaseTools to produce MODULE_UNI_FILE and associated UNI file during UDP installation that performs the XML -> INF conversion. 3. Add Module Extra UNI file that provides the localized Name of a module. a. [UserExtensions.TianoCore."ExtraFiles"] provides an easy method for a module to specify extra files not listed in [Sources] or [Binaries] sections to be added to a UDP without having to list the files in the UPT package information data file. b. There will be an associated update to UPT in BaseTools to package up files listed in [UserExtensions.TianoCore."ExtraFiles"] during UDP creation. c. UNI file contains localized name of a module to go along with the localized Abstract and Description from the MODULE_UNI_FILE. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dong, Guo <guo.dong@intel.com> Reviewed-by: Gao, Liming <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15951 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg: INF/DEC file updates to EDK II packagesDong, Guo2014-08-281-18/+53
| | | | | | | | | | | | 1. Usage information in INF file comment blocks are either incomplete or incorrect. This includes usage information for Protocols/PPIs/GUIDs/PCDs/HOBs/Events/BootModes. The syntax for usage information in comment blocks is defined in the EDK II Module Information (INF) Specification Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dong, Guo <guo.dong@intel.com> Reviewed-by: Gao, Liming <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15950 6f19259b-4bc3-4df7-8a09-765794883524
* Return to BMM page if parse the file info failed.Eric Dong2014-01-093-8/+15
| | | | | | | | Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Siyuan Fu <siyuan.fu@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15067 6f19259b-4bc3-4df7-8a09-765794883524
* Rollback the patch 15054.Eric Dong2014-01-081-2/+6
| | | | | | Signed-off-by: Eric Dong <eric.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15059 6f19259b-4bc3-4df7-8a09-765794883524
* Not update the status until parse the file info success.Eric Dong2014-01-071-6/+2
| | | | | | | | Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15054 6f19259b-4bc3-4df7-8a09-765794883524
* Refine the Secure Boot UI driver to input the GUID and varstroe name when ↵Fu Siyuan2013-11-251-2/+2
| | | | | | | | | | | using HiiSetBrowserData/HiiGetBrowserData. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong, Eric <eric.dong@intel.com> Reviewed-by: Dong, Guo <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14897 6f19259b-4bc3-4df7-8a09-765794883524
* Fix a bug in secure boot configuration driver: Enroll DB/KEK will disable ↵Fu Siyuan2013-08-222-22/+48
| | | | | | | | | | Attempt Secure Boot option. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14590 6f19259b-4bc3-4df7-8a09-765794883524
* Checks the length of the file name to avoid illegal access.Gary Ching-Pang Lin2013-08-081-3/+18
| | | | | | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Gary Ching-Pang Lin <glin@suse.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com> Reviewed-by: Guo Dong <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14531 6f19259b-4bc3-4df7-8a09-765794883524
* Update all the code to consume the ConvertDevicePathToText, ↵Ruiyu Ni2013-07-263-1524/+9
| | | | | | | | | | | | | | ConvertDevicePathNodeToText, ConvertTextToDevicePath and ConvertTextToDeviceNode APIs in DevicePathLib. Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> Reviewed-by: Elvin Li <elvin.li@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jaben Carsey <jaben.carsey@intel.com> Reviewed-by: Guo Dong <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14505 6f19259b-4bc3-4df7-8a09-765794883524
* Pop up error message when user tries to enroll an invalid certificate file ↵sfu52013-05-171-6/+33
| | | | | | | | | | | into KEK/DB/DBX. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14373 6f19259b-4bc3-4df7-8a09-765794883524
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-28 11:17:15 +0000