summaryrefslogtreecommitdiffstats
path: root/SecurityPkg
Commit message (Collapse)AuthorAgeFilesLines
* Fix a buffer overflow bug in VariableSmm driver.sfu52012-07-041-1/+1
| | | | | | | | Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Zhang Chao <chao.b.zhang@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13486 6f19259b-4bc3-4df7-8a09-765794883524
* Add comment for modules which have external input.jyao12012-06-1217-9/+289
| | | | | | | | | | | | signed-off-by: jiewen.yao@intel.com reviewed-by: guo.dong@intel.com reviewed-by: ting.ye@intel.com reviewed-by: liming.gao@intel.com reviewed-by: elvin.li@intel.com git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13446 6f19259b-4bc3-4df7-8a09-765794883524
* Fix compatibility issue when using IPF image with PE32 magic value in the ↵sfu52012-06-083-4/+59
| | | | | | | | | | OptionalHeader. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13433 6f19259b-4bc3-4df7-8a09-765794883524
* Enhance GPT measurement to be able to handle different partition entry size.gdong12012-06-011-6/+6
| | | | | | | | | | Signed-off-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13422 6f19259b-4bc3-4df7-8a09-765794883524
* Fix TCG PPI request EnableActivateClear failure.gdong12012-06-011-3/+10
| | | | | | | | Signed-off-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Ouyang Qian <qian.ouyang@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13421 6f19259b-4bc3-4df7-8a09-765794883524
* Fixed build failed.ydong102012-05-314-12/+12
| | | | | | Signed-off-by: Eric Dong <eric.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13406 6f19259b-4bc3-4df7-8a09-765794883524
* Add new interface GetVariable2 and GetEfiGlobalVariable2 to return more ↵ydong102012-05-304-14/+19
| | | | | | | | | info. Also replace old interface with new one. Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13375 6f19259b-4bc3-4df7-8a09-765794883524
* According to UEFI spec 2.3.1a. hardware error record variable should use the ↵lzeng142012-05-304-4/+61
| | | | | | | | | | EFI_HARDWARE_ERROR_VARIABLE VendorGuid and have the L"HwErrRec####" name convention, #### is a printed hex value and no 0x or h is included in the hex value. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Guo Dong <guo.dong@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13373 6f19259b-4bc3-4df7-8a09-765794883524
* Return EFI_WRITE_PROTECTED when setting HwErrRecSupport Global Variable at ↵lzeng142012-05-301-1/+11
| | | | | | | | | runtime. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Guo Dong <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13372 6f19259b-4bc3-4df7-8a09-765794883524
* Fix a bug in DxeImageVerificationLib to use the correct certificate length ↵sfu52012-05-281-1/+1
| | | | | | | | | | when verifying a signed EFI image. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13364 6f19259b-4bc3-4df7-8a09-765794883524
* Update auth-variable and secure boot UI driver to support only time-based ↵sfu52012-05-143-405/+217
| | | | | | | | | | PK, KEK and Signature Database variable variable according to UEFI Spec requirement. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13310 6f19259b-4bc3-4df7-8a09-765794883524
* Enhance TcgSmm driver to handle potential SetVariable failure case.gdong12012-05-114-97/+138
| | | | | | | | | | | Signed-off-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> Reviewed-by: Ouyang Qian <qian.ouyang@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13309 6f19259b-4bc3-4df7-8a09-765794883524
* Fixes buffer read overflow bugs in authenticated variable driver.sfu52012-05-091-2/+5
| | | | | | | | Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13298 6f19259b-4bc3-4df7-8a09-765794883524
* Fix always reboot issue for an invalid physical presence operation request.gdong12012-05-091-3/+20
| | | | | | | | Signed-off by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Ouyang, Qian <qian.ouyang@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13297 6f19259b-4bc3-4df7-8a09-765794883524
* Removes redundant code and adds data size check for certificate data in ↵tye12012-05-081-15/+24
| | | | | | | | | | DxeImageVerificationLib. Signed-off by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Eric <yong.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13291 6f19259b-4bc3-4df7-8a09-765794883524
* Enhances PE image hash algorithm in DxeImageVerificationLib and ↵tye12012-04-282-180/+264
| | | | | | | | | | | | DxeTpmMeasureBootLib. Signed-off-by: Ye Ting<ting.ye@intel.com> Reviewed by: Dong, Eric <yong.dong@intel.com> Reviewed by: Dong, Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13228 6f19259b-4bc3-4df7-8a09-765794883524
* Patch include:ydong102012-04-262-4/+4
| | | | | | | | | | | 1.Change function name to avoid name conflict. 2.Refine check for Pe Image. Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13220 6f19259b-4bc3-4df7-8a09-765794883524
* Update copyright formathhtian2012-04-241-3/+1
| | | | | | Signed-off-by: Hot Tian <hot.tian@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13213 6f19259b-4bc3-4df7-8a09-765794883524
* Validate some fields in PE image to make sure not access violation for later ↵ydong102012-04-244-1/+105
| | | | | | | | | code. Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13211 6f19259b-4bc3-4df7-8a09-765794883524
* Fix common AuthVariable protection issue.tye12012-04-231-3/+3
| | | | | | | | | Signed-off-by: Ye Ting<ting.ye@intel.com> Reviewed by: Fu, Siyuan <siyuan.fu@intel.com> Reviewed by: Dong, Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13204 6f19259b-4bc3-4df7-8a09-765794883524
* Update comments for NULL PlatformSecureLib instance.sfu52012-04-182-2/+8
| | | | | | | Signed-off-by: Fu, Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong, Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13202 6f19259b-4bc3-4df7-8a09-765794883524
* Update the default return value of UserPhysicalPresent to TRUE.sfu52012-04-121-1/+1
| | | | | | | Signed-off-by: Fu, Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong, Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13191 6f19259b-4bc3-4df7-8a09-765794883524
* EDK II Packages: Add Contributions.txt and License.txt filesjljusten2012-04-112-0/+215
| | | | | | | | | | | | | Contributions.txt documents the contribution process for all tianocore projects. The conents of Contributions.txt should match in all cases. License.txt is a per-project document showing the license terms used by that project. Signed-off-by: Jordan Justen <jordan.l.justen@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13187 6f19259b-4bc3-4df7-8a09-765794883524
* Add pointer check for NULL before dereference it.sfu52012-04-051-0/+7
| | | | | | | Signed-off-by: Fu, Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong, Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13162 6f19259b-4bc3-4df7-8a09-765794883524
* Update common authenticated variable (non PK/KEK/DB/DBX) support to comply ↵tye12012-03-316-26/+661
| | | | | | | | | | | with latest UEFI spec. Signed-off by: tye1 Reviewed-by: geekboy15a Reviewed-by: sfu5 Reviewed-by: gdong1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13157 6f19259b-4bc3-4df7-8a09-765794883524
* If setting variable in Runtime and there has been a same GUID and name ↵lzeng142012-03-302-14/+17
| | | | | | | | | variable existed in system without RT attribute, return EFI_WRITE_PROTECTED. Signed-off-by: lzeng14 Reviewed-by: tye git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13156 6f19259b-4bc3-4df7-8a09-765794883524
* 1. Fix UNIXGCC IPF build failure in SecurityPkg.sfu52012-03-291-2/+2
| | | | | | | Signed-off-by: sfu5 Reviewed-by: gdong1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13152 6f19259b-4bc3-4df7-8a09-765794883524
* 1. Fix GCC build failure in SecurityPkg.sfu52012-03-281-2/+2
| | | | | | | | Signed-off-by: sfu5 Reviewed-by: gdong1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13146 6f19259b-4bc3-4df7-8a09-765794883524
* 1. Remove “Force clear PK” feature in AuthVarialbe driver.sfu52012-03-2719-245/+6757
| | | | | | | | | | | | 2. Update API ForceClearPK() to UserPhysicalPresent() in PlatformSecureLib. 2. Update SecureBootConfigDxe driver and AuthVariable driver to support Custom Secure Boot Mode feature. 3. Fix some bugs in AuthVariable driver. Signed-off-by: sfu5 Reviewed-by: tye Reviewed-by: gdong1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13144 6f19259b-4bc3-4df7-8a09-765794883524
* 1. Update AuthVarialbe driver to avoid integer overflow when using ↵sfu52012-03-261-3/+3
| | | | | | | | | | EFI_VARIABLE_AUTHENTICATION_2 descriptor. Signed-off-by: sfu5 Reviewed-by: tye Reviewed-by: gdong1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13120 6f19259b-4bc3-4df7-8a09-765794883524
* 1. Add more error handling code to DxeImageVerificationLib and BaseCryptLib.sfu52012-03-192-2/+11
| | | | | | | | Signed-off-by: sfu5 Reviewed-by: qianouyang Reviewed-by: gdong1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13109 6f19259b-4bc3-4df7-8a09-765794883524
* Fix system reboot automatically if changing the value of [TPM operation]gdong12012-03-092-19/+14
| | | | | | | | Signed-off-by: gdong1 Reviewed-by: tye1 Reviewed-by: qianouyang git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13089 6f19259b-4bc3-4df7-8a09-765794883524
* Remove ASSERT to let DXE core return gracefully when loading an invalid image.gdong12012-02-271-3/+1
| | | | | | | | Signed-off-by: gdong1 Reviewed-by: jyao1 Reviewed-by: CZhang46 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13035 6f19259b-4bc3-4df7-8a09-765794883524
* Add Missing invocations to VA_END() for VA_START().rsun32012-02-011-5/+7
| | | | | | | Signed-off-by: rsun3 Reviewed-by: lgao4 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12979 6f19259b-4bc3-4df7-8a09-765794883524
* Remove illegal TPL usage.gdong12012-01-051-5/+1
| | | | | | | | Signed-off-by: gdong1 Reviewed-by: niruiyu Reviewed-by: tye1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12908 6f19259b-4bc3-4df7-8a09-765794883524
* Update the process of some question from EFI_BROWSER_ACTION_CHANGED to ↵ydong102011-12-191-54/+53
| | | | | | | | | EFI_BROWSER_ACTION_CHANGING. Signed-off-by: ydong10 Reviewed-by: gdong1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12885 6f19259b-4bc3-4df7-8a09-765794883524
* Update for SecurityPkg.ydong102011-12-157-58/+150
| | | | | | | | | | | Per UEFI spec, on CallBack action EFI_BROWSER_ACTION_CHANGING, the return value of ActionRequest will be ignored, but on CallBack action EFI_BROWSER_ACTION_CHANGED, the return value of ActionRequest will be used. But, EDKII browser still processes the got ActionRequest. And, all HII drivers in EDKII project also returns their expected ActionRequest value on action EFI_BROWSER_ACTION_CHANGING. Now update the browser to follow the spec, and update all core Hii drivers to keep old working modal. Signed-off-by: ydong10 Reviewed-by: lgao4 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12868 6f19259b-4bc3-4df7-8a09-765794883524
* Update SecurityPkg package versions from 0.91 to 0.92.gdong12011-12-142-2/+2
| | | | | | | | Signed-off-by: gdong1 Reviewed-by: hhtian Reviewed-by: tye git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12850 6f19259b-4bc3-4df7-8a09-765794883524
* SecurityPkg/VariableAuthenticated: Check if there is a NV Variable Storage ↵oliviermartin2011-12-137-1/+26
| | | | | | | | | | | | | | | | | | | header prior to use its attributes The Variable PEI and RuntimeDxe drivers were using the attribute 'HeaderLength' of EFI_FIRMWARE_VOLUME_HEADER without checking if a Firmware Volume Header was existing at the base address. In case the Firmware Volume Header does not exist or is corrupted, the attribute 'HeaderLength' is a non valid value that can lead to a non valid physical address when accessing produces an access error. Signed-off-by: oliviermartin Reviewed-by: rsun3 Reviewed-by: niruiyu git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12845 6f19259b-4bc3-4df7-8a09-765794883524
* Update SignatureSupport variable to reflect firmware capability.gdong12011-12-132-7/+2
| | | | | | | | Signed-off-by: gdong1 Reviewed-by: tye Reviewed-by: sfu5 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12843 6f19259b-4bc3-4df7-8a09-765794883524
* 1. Fix a bug when verify the CertType GUID in authentication variable data ↵sfu52011-12-093-5/+5
| | | | | | | | | | payload. Signed-off-by: sfu5 Reviewed-by: tye1 Reviewed-by: gdong1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12831 6f19259b-4bc3-4df7-8a09-765794883524
* Update a return status for UEFI spec compliance.gdong12011-12-021-1/+1
| | | | | | | Signed-off-by: gdong1 Reviewed-by: tye git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12813 6f19259b-4bc3-4df7-8a09-765794883524
* Remove duplicated AML code definitions as they have been added to common header.lzeng142011-12-011-8/+1
| | | | | | | Signed-off-by: lzeng14 Reviewed-by: jyao1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12807 6f19259b-4bc3-4df7-8a09-765794883524
* Update code to follow coding style. Mainly change about:ydong102011-11-231-1/+0
| | | | | | | | | | | | 1. Remove duplicate lib 2. Refine the name for enum member. Signed-off-by: ydong10 Reviewed-by: lgao4 Reviewed-by: gdong1 Reviewed-by: vanjeff git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12767 6f19259b-4bc3-4df7-8a09-765794883524
* 1. Check input PK/KEK variable data to make sure it is a valid ↵sfu52011-11-232-0/+161
| | | | | | | | | | | EFI_SIGNATURE_LIST. Signed-off-by: sfu5 Reviewed-by: gdong1 Reviewed-by : czhan46 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12765 6f19259b-4bc3-4df7-8a09-765794883524
* Initialize the variable before use it to avoid SCT test failed.ydong102011-11-211-0/+1
| | | | | | | Signed-off-by: ydong10 Reviewed-by: lgao4 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12744 6f19259b-4bc3-4df7-8a09-765794883524
* Change IPF version AuthVariable driver to support multiple-platform feature.niruiyu2011-11-174-0/+64
| | | | | | | Signed-off-by: rni2 Reviewed-by: erictian git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12730 6f19259b-4bc3-4df7-8a09-765794883524
* Make comments to be consistent with the parameter.gdong12011-11-161-2/+2
| | | | | | Signed-off-by: gdong1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12718 6f19259b-4bc3-4df7-8a09-765794883524
* Update ConfigAcess Protocol which is produced by SecureBootConfigDxe to ↵qianouyang2011-11-152-35/+74
| | | | | | | | | | | | follow the UEFI SPEC (Handle the Request parameter is NULL in ExtractConfig interface). Signed-off-by: qianouyang Reviewed-by: ydong10 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12707 6f19259b-4bc3-4df7-8a09-765794883524
* Add debug information for secure boot test convenient.gdong12011-11-041-7/+16
| | | | | | | | Signed-off-by: gdong1 Reviewed-by: tye Reviewed-by: xdu2 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12660 6f19259b-4bc3-4df7-8a09-765794883524
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-25 05:00:20 +0000