summaryrefslogtreecommitdiffstats
path: root/SecurityPkg/VariableAuthenticated
Commit message (Collapse)AuthorAgeFilesLines
...
* Fix a bug about the “VendorKey” variable update logic.Fu Siyuan2013-10-081-1/+1
| | | | | | | | | Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14746 6f19259b-4bc3-4df7-8a09-765794883524
* Add TPM2 implementation.jyao12013-09-186-0/+323
| | | | | | | signed off by: jiewen.yao@intel.com reviewed by: guo.dong@intel.com git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14687 6f19259b-4bc3-4df7-8a09-765794883524
* Return EFI_WRITE_PROTECTED when setting KEKDefault, PKDefault, dbDefault, ↵Fu Siyuan2013-09-121-1/+6
| | | | | | | | | | dbxDefault and dbtDefault variable. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14662 6f19259b-4bc3-4df7-8a09-765794883524
* Update the chaining requirements with regards to the Platform Key.Fu Siyuan2013-09-121-7/+26
| | | | | | | | Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14661 6f19259b-4bc3-4df7-8a09-765794883524
* Add “VendorKeys” variable for indicating out of band key modification.Fu Siyuan2013-09-124-4/+121
| | | | | | | | Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14660 6f19259b-4bc3-4df7-8a09-765794883524
* Fix a bug in secure boot configuration driver: Enroll DB/KEK will disable ↵Fu Siyuan2013-08-222-22/+48
| | | | | | | | | | Attempt Secure Boot option. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14590 6f19259b-4bc3-4df7-8a09-765794883524
* MdePkg/MdeModulePkg/SecurityPkg Variable: Forbid creation of non-spec ↵Star Zeng2013-08-192-13/+128
| | | | | | | | | | variables in EFI_GLOBAL_VARIABLE namespace. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14560 6f19259b-4bc3-4df7-8a09-765794883524
* MdeModulePkg/SecurityPkg Variable: If a preexisting variable is rewritten ↵Star Zeng2013-08-161-0/+10
| | | | | | | | | | | | | | with different attributes, SetVariable() shall not modify the variable and shall return EFI_INVALID_PARAMETER. Two exceptions to this rule: 1. No access attributes specified 2. The only attribute differing is EFI_VARIABLE_APPEND_WRITE Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14552 6f19259b-4bc3-4df7-8a09-765794883524
* Checks the length of the file name to avoid illegal access.Gary Ching-Pang Lin2013-08-081-3/+18
| | | | | | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Gary Ching-Pang Lin <glin@suse.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com> Reviewed-by: Guo Dong <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14531 6f19259b-4bc3-4df7-8a09-765794883524
* Update all the code to consume the ConvertDevicePathToText, ↵Ruiyu Ni2013-07-263-1524/+9
| | | | | | | | | | | | | | ConvertDevicePathNodeToText, ConvertTextToDevicePath and ConvertTextToDeviceNode APIs in DevicePathLib. Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> Reviewed-by: Elvin Li <elvin.li@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jaben Carsey <jaben.carsey@intel.com> Reviewed-by: Guo Dong <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14505 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg Variable: Add the check for PcdFlashNvStorageVariableSize <= ↵Star Zeng2013-07-112-1/+13
| | | | | | | | | | | PcdFlashNvStorageFtwSpareSize. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14464 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg: Variable drivers robustly handle crashes during Reclaim().Star Zeng2013-07-037-199/+515
| | | | | | | | | | | PEI variable implementation checks only the variable header signature for validity. This does not seem robust if system crash occurred during previous Reclaim() operation. If the crash occurred while FTW was rewriting the variable FV, the signature could be valid even though the rest of the FV isn't valid. Solution: PEI variable and early phase(before FTW protocol ready) of DXE variable can check the FTW last write status provided by FaultTolerantWritePei and determine if all or partial variable data has been backed up in spare block, and then use the backed up data. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14455 6f19259b-4bc3-4df7-8a09-765794883524
* The list of locked variables is traversed at runtime, hence we mustLaszlo Ersek2013-06-171-0/+23
| | | | | | | | | | | convert the list when transferring from physical to virtual mode. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14425 6f19259b-4bc3-4df7-8a09-765794883524
* Revert the changes made in 14403 because it incorrectly changed the EOL.Ruiyu Ni2013-06-171-504/+481
| | | | | | Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14424 6f19259b-4bc3-4df7-8a09-765794883524
* The list of locked variables is traversed at runtime, hence we mustLaszlo Ersek2013-06-141-481/+504
| | | | | | | | | | | convert the list when transferring from physical to virtual mode. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14403 6f19259b-4bc3-4df7-8a09-765794883524
* Fix the TOCTOU issue of CommBufferSize itself for SMM communicate handler input.lzeng142013-05-211-4/+7
| | | | | | | Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14379 6f19259b-4bc3-4df7-8a09-765794883524
* Add the EDKII_VARIABLE_LOCK_PROTOCOL implementation in SecurityPkg variable ↵niruiyu2013-05-208-22/+356
| | | | | | | | | drivers. Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14378 6f19259b-4bc3-4df7-8a09-765794883524
* Fix a bug that “SecureBoot” varaible will be updated to NV+AT attribute ↵sfu52013-05-171-3/+1
| | | | | | | | | | incorrectly. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ni Ruiyu <ruiyu.ni@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14375 6f19259b-4bc3-4df7-8a09-765794883524
* Pop up error message when user tries to enroll an invalid certificate file ↵sfu52013-05-171-6/+33
| | | | | | | | | | | into KEK/DB/DBX. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14373 6f19259b-4bc3-4df7-8a09-765794883524
* 1. Fix TOCTOU issue in VariableSmm, FtwSmm, FpdtSmm, SmmCorePerformance SMM ↵lzeng142013-05-072-58/+86
| | | | | | | | | | | | handler. For VariableSmm, pre-allocate a mVariableBufferPayload buffer with mVariableBufferPayloadSize(match with mVariableBufferPayloadSize in VariableSmmRuntimeDxe) to hold communicate buffer payload to avoid TOCTOU issue. 2. Add check to ensure CommBufferPayloadSize not exceed mVariableBufferPayloadSize or is enough to hold function structure in VariableSmm and FtwSmm. 3. Align FtwGetLastWrite() in FaultTolerantWriteSmmDxe.c to FtwGetLastWrite() in FaultTolerantWrite.c. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14325 6f19259b-4bc3-4df7-8a09-765794883524
* Fix memory overflow & VariableSize check issue for SetVariable append write.czhang462013-05-023-30/+73
| | | | | | | | Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by : Fu Siyuan <siyuan.fu@intel.com> Reviewed-by : Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14323 6f19259b-4bc3-4df7-8a09-765794883524
* 1. Use the check IsAddressValid() to prevent SMM communication buffer ↵lzeng142013-04-252-18/+110
| | | | | | | | | | | | | | overflow in SmmVariable, FtwSmm, FpdtSmm, SmmCorePerformance and SmmBaseHelper, and add check to prevent InfoSize overflows in SmmVariableHandler. 2. Refine the debug message. 3. Add check to make sure the input VariableName is A Null-terminated string. 4. Use local variable to hold StrSize (VariableName) to avoid duplicated StrSize calculation. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14317 6f19259b-4bc3-4df7-8a09-765794883524
* Check for NULL pointer before free it.sfu52013-04-251-3/+5
| | | | | | | | Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14316 6f19259b-4bc3-4df7-8a09-765794883524
* Fix potential overflow for SetVariable interfaceczhang462013-04-223-10/+28
| | | | | | | | Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by : Guo Dong <dong.guo@intel.com> Reviewed-by : Siyuan Fu <siyuan.fu@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14305 6f19259b-4bc3-4df7-8a09-765794883524
* Fix a potential SMM memory dump issue. If pass communication buffer with ↵czhang462013-04-191-0/+13
| | | | | | | | | | DataBuffer to SMM SetVariable which is big enough to cover SMM range. Then GetVariable can dump SMM memory contents. Add more range check for SetVariable Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by : Dong Guo <guo.dong@intel.com> Reviewed-by : Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14292 6f19259b-4bc3-4df7-8a09-765794883524
* Fix SMM Variable driver stack GetVariable return INVALID_PARAMETER when ↵czhang462013-04-151-10/+28
| | | | | | | | | | DataSize is bigger than SMM communication buffer. Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by : Dong Guo <guo.dong@intel.com> Reviewed-by : Fu Siyuan <siyuan.fu@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14276 6f19259b-4bc3-4df7-8a09-765794883524
* Update SMM variable DXE driver GetNextVariable interface to comply with UEFI ↵czhang462013-04-121-9/+29
| | | | | | | | | | | | | spec VariableNameSize is the returned buffer size. GetNextVariable should behavior correct if it is bigger than SMM communication buffer or less than string size of VariableName. Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by : Dong Guo <guo.dong@intel.com> Reviewed-by : Fu Siyuan <siyuan.fu@intel.com> Reviewed-by : Zeng Star <star.zeng@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14258 6f19259b-4bc3-4df7-8a09-765794883524
* Update secure boot UI driver to handle “reset to default” hot key.sfu52013-04-123-1/+46
| | | | | | | | | Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14257 6f19259b-4bc3-4df7-8a09-765794883524
* If DataSize or VariableNameSize is near MAX_ADDRESS, this can cause the ↵lzeng142013-04-082-0/+35
| | | | | | | | | computed PayLoadSize to overflow to a small value and pass the check in InitCommunicateBuffer(). To protect against this vulnerability, check DataSize and VariableNameSize to make sure PayloadSize doesn't overflow. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14252 6f19259b-4bc3-4df7-8a09-765794883524
* Add error handling code to prevent variable store corruption in release build.sfu52013-02-213-28/+43
| | | | | | | | Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14139 6f19259b-4bc3-4df7-8a09-765794883524
* Check the input VaraibleName for db/dbx when appending variables with ↵sfu52013-01-251-4/+4
| | | | | | | | | | formatted as EFI_SIGNATURE_LIST. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14087 6f19259b-4bc3-4df7-8a09-765794883524
* Check for NULL pointer before dereference it.sfu52013-01-251-0/+1
| | | | | | | | Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14086 6f19259b-4bc3-4df7-8a09-765794883524
* Variables with state VAR_ADDED&VAR_IN_DELETED_TRANSITION should be ↵lzeng142013-01-251-10/+49
| | | | | | | | | considered as valid variables if there is no duplicated ones with VAR_ADDED state. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14085 6f19259b-4bc3-4df7-8a09-765794883524
* Add NULL pointer check.lzeng142013-01-251-0/+2
| | | | | | | Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14084 6f19259b-4bc3-4df7-8a09-765794883524
* Fix infinite loop bug in secure boot UI driver.sfu52013-01-251-0/+2
| | | | | | | | Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14082 6f19259b-4bc3-4df7-8a09-765794883524
* 1. Update the logic of UpdateVariable() for updating variable from:lzeng142013-01-182-18/+116
| | | | | | | | | | | | | set old variable to IN_DELETED_TRANSITION -> check if reclaim is needed(If yes, do reclaim) -> add new variable -> set old variable to DELETED if no reclaim happened. to: set old variable to IN_DELETED_TRANSITION -> check if reclaim is needed(If yes, do reclaim) -> add new variable -> set old variable to DELETED. 2. Update UpdateVariable() to correctly handle the case "both ADDED and IN_DELETED_TRANSITION variable are present", and delete both old ADDED and IN_DELETED_TRANSITION variable when deleting or updating variable. 3. Update VariableServiceGetNextVariableName() to return the valid IN_DELETED_TRANSITION variable if only IN_DELETED_TRANSITION variable is present. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14065 6f19259b-4bc3-4df7-8a09-765794883524
* Fix the issue that RuntimeServiceQueryVariableInfo() in ↵lzeng142013-01-151-2/+2
| | | | | | | | | VariableSmmRuntimeDxe always return EFI_SUCCESS. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14050 6f19259b-4bc3-4df7-8a09-765794883524
* 1. Set the secure boot state to Standard Mode when user leaving secure boot ↵sfu52013-01-095-50/+167
| | | | | | | | | | | | setup page. 2. Add “Current SecureBoot State” field to reflect current secure boot status of the platform. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14042 6f19259b-4bc3-4df7-8a09-765794883524
* Fix a bug that the invalid public key will never be removed from public key ↵sfu52013-01-093-97/+391
| | | | | | | | | | database. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14041 6f19259b-4bc3-4df7-8a09-765794883524
* Add the TPL raise/restore code for VariableSmmRuntimeDxe to avoid variable ↵lzeng142013-01-081-15/+77
| | | | | | | | | services reentry. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14038 6f19259b-4bc3-4df7-8a09-765794883524
* 1. Don't assume that flush the HOB variable to flash must be successful.lzeng142013-01-042-36/+130
| | | | | | | | | 2. When no DELETED variable found, no variable space could be reclaimed, so just give some debug info and return EFI_SUCCESS. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14029 6f19259b-4bc3-4df7-8a09-765794883524
* Use SMM_VARIABLE_COMMUNICATE_HEADER_SIZE instead of OFFSET_OF ↵lzeng142012-12-121-5/+5
| | | | | | | | | (SMM_VARIABLE_COMMUNICATE_HEADER, Data). Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Ting Ye <ting.ye@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13993 6f19259b-4bc3-4df7-8a09-765794883524
* Move the declaration of gEfiCertDbGuid to the package's Include folder.sfu52012-11-281-2/+0
| | | | | | | | Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13975 6f19259b-4bc3-4df7-8a09-765794883524
* 1. Correct the counter-based hash algorithm according to UEFI spec.sfu52012-11-213-5/+29
| | | | | | | | | | | | | 2. Check the reserverd bit in variable attribute. 3. Return EFI_OUT_OF_RESOURCE instead of EFI_SECURITY_VIOLATION if there is not enough speace to store the public key. 4. Fix a bug when deleting a non-existent time-based auth variable, we store the certificate into cert DB incorrectly. 5. Fix a bug that time-based auth variable can't been updated again after append operation. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13957 6f19259b-4bc3-4df7-8a09-765794883524
* Fix time-based and count-based authenticated variable can be updated by each ↵gdong12012-10-151-0/+16
| | | | | | | | | | | | other without verification. Signed-off-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13848 6f19259b-4bc3-4df7-8a09-765794883524
* Add a dialog box with help message when user changes the state of "Attempt ↵sfu52012-09-141-0/+7
| | | | | | | | | | Secure Boot" check box. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13733 6f19259b-4bc3-4df7-8a09-765794883524
* 1. Fix a bug when comparing two timestamp in auth-variable driver.sfu52012-09-141-1/+1
| | | | | | | | | | 2. Remove the TimeCompare function in Bds since it's not used anymore. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13731 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg/VariableSmm: Fix a VariableSmm bug when reading variable with ↵erictian2012-09-121-1/+1
| | | | | | | | | size 0. Signed-off-by: Tian, Feng <feng.tian@intel.com> Reviewed-by: Zhang, Chao <chao.b.zhang@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13726 6f19259b-4bc3-4df7-8a09-765794883524
* 1. Initialize certdb variable with correct value of list size.sfu52012-08-232-13/+20
| | | | | | | | | | 2. Use gloable database array instead of calling AllocateZeroPool in SetVariable. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13671 6f19259b-4bc3-4df7-8a09-765794883524
* LastVariableOffset is wrongly set to 0 when FtwVariableSpace() fails. ↵lzeng142012-08-061-14/+27
| | | | | | | | | Recalculate the HwErrVariableTotalSize, HwErrVariableTotalSize and LastVariableOffset when FtwVariableSpace() fails. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Guo Dong <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13593 6f19259b-4bc3-4df7-8a09-765794883524
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-15 20:51:00 +0000