summaryrefslogtreecommitdiffstats
path: root/SecurityPkg
Commit message (Collapse)AuthorAgeFilesLines
* SecurityPkg: Tcg2Smm: Enable TPM2.0 interrupt supportZhang, Chao B2018-01-295-21/+388
| | | | | | | | | | | 1. Expose _CRS, _SRS, _PRS control method to support TPM interrupt 2. Provide 2 PCDs to configure _CRS and _PRS returned data Cc: Yao Jiewen <jiewen.yao@intel.com> Cc: Ronald Aigner <Ronald.Aigner@microsoft.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
* SecurityPkg:Tpm2DeviceLibDTpm: Support TPM command cancelZhang, Chao B2018-01-252-7/+47
| | | | | | | | | | | Support TPM Command cancel if executing command timeouts. Cancel could happen in long running command case Cc: Yao Jiewen <jiewen.yao@intel.com> Cc: Chinnusamy Rajkumar K <rajkumar.k.chinnusamy@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
* SecurityPkg: Update package version to 0.98Zhang, Chao B2018-01-232-4/+4
| | | | | | | | | Update package version of SecurityPkg to 0.98. Cc: Qin Long <qin.long@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Qin Long <qin.long@intel.com>
* SecurityPkg/PhysicalPresenceLib: Reject illegal PCR bank allocationZhang, Chao B2018-01-151-0/+12
| | | | | | | | | | | | | According to TCG PP1.3 spec, error PCR bank allocation input should be rejected by Physical Presence. Firmware has to ensure that at least one PCR banks is active. Cc: Long Qin <qin.long@intel.com> Cc: Yao Jiewen <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Long Qin <qin.long@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
* SecurityPkg: Convert source file to DOS formatLiming Gao2017-12-282-87/+87
| | | | | | | Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Liming Gao <liming.gao@intel.com> Cc: Qin Long <qin.long@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg: Remove RngTest Application from SecurityPkgLong Qin2017-12-275-337/+0
| | | | | | | | | | | BZ#: https://bugzilla.tianocore.org/show_bug.cgi?id=820 Remove the RngTest application from SecurityPkg, which was only for unit test. Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Long Qin <qin.long@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg TcgMor: Remove wrong commentsStar Zeng2017-12-191-5/+2
| | | | | | | | | | and free the HandleBuffer after used. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
* SecurityPkg:Tcg2Smm: Update Interrupt resource nameZhang, Chao B2017-12-121-7/+7
| | | | | | | | | | | Update TPM interrupt resource descriptor name for better compatibility to old ASL compiler. Cc: Long Qin <qin.long@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Long Qin <qin.long@intel.com>
* SecurityPkg:Tcg2Smm: Add MSFT copyrightZhang, Chao B2017-12-121-0/+1
| | | | | | | | | | Add MSFT copyright for TPM SIRQ feature. Cc: Long Qin <qin.long@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Long Qin <qin.long@intel.com>
* SecurityPkg:Tcg2Smm:Enabling TPM SIRQ interrupt supportZhang, Chao B2017-12-091-8/+104
| | | | | | | | | | | | | | | 1. Report TPM SIRQ interrupt resource through _CRS 2. Expose _SRS to update interrupt resource & FIFO/TIS interrupt related registers defined in TCG PC Client Platform TPM Profile (PTP) Specification spec https://trustedcomputinggroup.org/wp-content/uploads/PC-Client-Specific-Platform-TPM-Profile-for-TPM-2-0-v43-150126.pdf Note: IHV/OEM need to carefully verify this feature with OS TPM driver to make sure there is no impact to system/HW Cc: Long Qin <qin.long@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Long Qin <qin.long@intel.com>
* SecurityPkg/SecureBootConfigDxe: Fix deleting signature data issue.chenc22017-11-271-7/+13
| | | | | | | | | | | | Replace "(UINT8 *)NewVariableData" with (UINT8 *)NewVariableData + Offset" to avoid the header of EFI_SIGNATURE_LIST being copied to the front of NewVariableData every time and update ListWalker when handling the current EFI_SIGNATURE_LIST finishes. Cc: Zhang Chao <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: chenc2 <chen.a.chen@intel.com> Reviewed-by: Zhang Chao <chao.b.zhang@intel.com>
* SecurityPkg/AuthVariableLib: Use EFI_CERT_DATA to parse certificatechenc22017-11-071-4/+8
| | | | | | | | | | | | | The function Pkcs7GetSigners return certificate stack as binary buffer. Use EFI_CERT_DATA to parsing certificate stack more clearly, and access certificate by the field of EFI_CERT_DATA structure. Cc: Long Qin <qin.long@intel.com> Cc: Zhang Chao <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: chenc2 <chen.a.chen@intel.com> Reviewed-by: Long Qin <qin.long@intel.com> Reviewed-by: Zhang Chao <chao.b.zhang@intel.com>
* SecurityPkg: Remove Counter Based AuthVariable supportZhang, Chao B2017-11-016-628/+37
| | | | | | | | | | | Remove counter based auth variable support. also modify several function descriptors to accommodate the change Cc: Long Qin <qin.long@intel.com> Cc: Star Zeng <star.zeng@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Long Qin <qin.long@intel.com>
* SecurityPkg/SecureBootConfigDxe: Handle lack of STR_SIGNATURE_* tokenschenc22017-10-191-37/+76
| | | | | | | | | | | | | | Add check to avoid NULL ptr dereference. The function HiiGetString will return NULL pointer when the platform does not install the appropriate string or call HiiGetString fail.(For example, HII not support specified language.) Cc: Zhang Chao <chao.b.zhang@intel.com> Cc: Wu Hao <hao.a.wu@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: chenc2 <chen.a.chen@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Wu Hao <hao.a.wu@intel.com>
* SecurityPkg/Pkcs7Verify: Add the comments to address security problemLong Qin2017-10-181-0/+8
| | | | | | | | | | | | | | | | | | | | Add the comments to address security problems in the Pkcs7Verify Protocol per UEFI 2.7 updates. The Pkcs7Verifier function VerifySignature() has problematic use cases where it might be used to unwittingly bypass security checks. The specific problem is that if the supplied hash is a different algorithm from the blacklist hash, the hash will be approved even if it should have been denied. The added comments place a strong warning about the problem. It is possible to use the protocol reliably, either by agreeing a hash to use for all time (like sha256) or by looping over all supported hashes when using the protocol. Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: James Bottomley <James.Bottomley@HansenPartnership.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Qin Long <qin.long@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg/AuthVariableLib: fix GCC build errorLaszlo Ersek2017-10-171-2/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Commit 53c6ff180327 ("SecurityPkg:AuthVariableLib:Implement ECR1707 for Private Auth Variable", 2017-09-12) introduced the following build failure under several GCC toolchain versions: > SecurityPkg/Library/AuthVariableLib/AuthService.c: In function > 'CalculatePrivAuthVarSignChainSHA256Digest': > SecurityPkg/Library/AuthVariableLib/AuthService.c:1567:58: error: > pointer targets in passing argument 3 of 'X509GetCommonName' differ in > signedness [-Werror=pointer-sign] > Status = X509GetCommonName(SignerCert, SignerCertSize, CertCommonName, &CertCommonNameSize); > ^~~~~~~~~~~~~~ > In file included from > SecurityPkg/Library/AuthVariableLib/AuthServiceInternal.h:34:0, > from > SecurityPkg/Library/AuthVariableLib/AuthService.c:32: > CryptoPkg/Include/Library/BaseCryptLib.h:2202:1: note: expected 'CHAR8 * > {aka char *}' but argument is of type 'UINT8 * {aka unsigned char *}' > X509GetCommonName ( > ^~~~~~~~~~~~~~~~~ > cc1: all warnings being treated as errors Fix it by changing the type of "CertCommonName" to array-of-CHAR8. Locations where "CertCommonName" is used in the CalculatePrivAuthVarSignChainSHA256Digest() function: - it is taken the size of -- not impacted by this patch; - passed to X509GetCommonName() as an argument -- the patch fixes the build error; - passed to Sha256Update() as argument for "IN CONST VOID *Data" -- not impacted by the patch; - passed to AsciiStrLen() as argument -- drop the now-superfluous explicit cast. Since we are touching the Sha256Update() function call, fix the coding style too: - the line is overlong, so break each argument to its own line; - insert a space between "AsciiStrLen" and the opening paren "(". Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Gary Lin <glin@suse.com> Cc: Leif Lindholm <leif.lindholm@linaro.org> Cc: Long Qin <qin.long@intel.com> Reported-by: Gary Lin <glin@suse.com> Suggested-by: Gary Lin <glin@suse.com> Suggested-by: Long Qin <qin.long@intel.com> Fixes: 53c6ff18032737fabb644a9e0c781d91a6830248 Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
* SecurityPkg: make PcdOptionRomImageVerificationPolicy dynamicBrijesh Singh2017-10-171-12/+12
| | | | | | | | | | | | | | | | | | | | | | | | By default the image verification policy for option ROM images is 0x4 (DENY_EXECUTE_ON_SECURITY_VIOLATION) but the following OvmfPkg commit: 1fea9ddb4e3f OvmfPkg: execute option ROM images regardless of Secure Boot set it to 0x0 (ALWAYS_EXECUTE). This is fine because typically option ROMs comes from host-side and most of the time cloud provider (i.e hypervisor) have full access over a guest anyway. But when secure boot is enabled, we would like to deny the execution of option ROM when SEV is active. Having dynamic Pcd will give us flexibility to set the security policy at the runtime. Fixes: https://bugzilla.tianocore.org/show_bug.cgi?id=728 Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Long Qin <qin.long@intel.com>
* SecurityPkg/SecureBootConfigDxe: Change the declaring of buffer.chenc22017-10-172-92/+29
| | | | | | | | | | | | | The change doesn't impact the functionality. To avoid magic code is helpful for maintaining the codes. Use stack variable for known max length variable is more clear and safe than heap buffer. Cc: Zhang Chao B <chao.b.zhang@intel.com> Cc: Wu Hao A <hao.a.wu@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: chenc2 <chen.a.chen@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg/SecureBootConfigDxe: Fix coding style issuechenc22017-10-172-22/+22
| | | | | | | | | | | The change doesn't impact the functionality. Cc: Bi Dandan <dandan.bi@intel.com> Cc: Zhang Chao <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: chenc2 <chen.a.chen@intel.com> Reviewed-by: Bi Dandan <dandan.bi@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* Security/OpalHii.c: Handle NULL Request or Request with no elementsDandan Bi2017-10-171-1/+45
| | | | | | | | | | | | | | | | | According to UEFI spec, for the ExtractConfig function in EFI_HII_CONFIG_ACCESS_PROTOCOL,If a NULL is passed in for the Request field or if a ConfigHdr is passed in with no request elements, all of the settings being abstracted by this function will be returned in the Results field. The implementation of ExtractConfig function in OpalHii.c misses to handle above cases.This patch is to do the enhancements. Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Eric Dong <eric.dong@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Dandan Bi <dandan.bi@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com>
* SecurityPkg\Tcg2Pei: FV measure performance enhancementZhang, Chao B2017-10-154-74/+254
| | | | | | | | | | | | | | 1. Leverage Pre-Hashed FV PPI to reduce duplicated hash 2. Only measure BFV at the beginning. Other FVs are measured in FVinfo callback with nested FV check. https://bugzilla.tianocore.org/show_bug.cgi?id=662 Cc: Long Qin <qin.long@intel.com> Cc: Yao Jiewen <jiewen.yao@intel.com> Cc: Sean Brogan <sean.brogan@microsoft.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Long Qin <qin.long@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
* SecurityPkg:AuthVariableLib:Implement ECR1707 for Private Auth VariableZhang, Chao B2017-10-141-37/+171
| | | | | | | | | | | | | | ECR1707 for UEFI2.7 clarified certificate management rule for private time-based AuthVariable.Trusted cert rule changed from whole signer's certificate stack to top-level issuer cert tbscertificate + SignerCert CN for better management compatibility. Hash is used to reduce storage overhead. Cc: Long Qin <qin.long@intel.com> Cc: Chen Chen <chen.a.chen@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>' Reviewed-by: Long Qin <qin.long@intel.com> Reviewed-by: Chen Chen <chen.a.chen@intel.com>
* SecurityPkg: Update Guid usage in INF file to match source code logicLiming Gao2017-10-102-4/+4
| | | | | | | Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Liming Gao <liming.gao@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg/SecureBootConfigImpl.c: Secure Boot DBX UI Enhancementchenc22017-09-285-31/+1150
| | | | | | | | | | | | | Use 2-level format to display signature list and signature data. Support batch delete operation to delete signature list or signature data. Display more useful information for each signature data. Contributed-under: TianoCore Contribution Agreement 1.0 Cc: Zhang Chao B <chao.b.zhang@intel.com> Cc: Long Qin <qin.long@intel.com> Signed-off-by: Chen A Chen <chen.a.chen@intel.com> Reviewed-by: Long Qin <qin.long@intel.com> Reviewed-by: Zhang Chao B <chao.b.zhang@intel.com>
* SecurityPkg\SmmTcg2PhysicalPresenceLib.c Handle reserved or unimplemented PP ↵Zhang, Chao B2017-09-281-7/+7
| | | | | | | | | | | | | | | | Operation Several PP operations < 128(Vendor Specific) are reserved or unimplemented. Follow TCG PC Client Platform Physical Presence Interface Specification to return not implemented. https://trustedcomputinggroup.org/wp-content/uploads/Physical-Presence-Interface_1-30_0-52.pdf Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Star Zeng <star.zeng@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com>
* Pkcs7VerifyDxe: Don't allow Pkcs7Verify to install protocols twicePeter Jones2017-09-051-2/+11
| | | | | | | | | | | | | This patch makes Pkcs7VerifyDxe check that it has not already been installed before installing its protocols. This prevents the case where loading it as an external driver (either manually, through Driver#### variables, etc.) will refuse to add a second provider of the API. Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Peter Jones <pjones@redhat.com> Reviewed-by: Michael Kinney <michael.d.kinney@intel.com> Reviewed-by: Long Qin <qin.long@intel.com>
* SecurityPkg/Pkcs7Verify: Complete the Pkcs7VerifyDxe protocolLong Qin2017-09-051-3/+376
| | | | | | | | | | | | | VerifySignature can be implemented using a mirror of the AuthenticodeVerify function that's already in use in the ImageVerificationDXE environment, so this patch simply wires up VerifySignature using that code. <NOTE: Only Authenticode-signature verification was supported by this VerifySignature() implementation now.) Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com> Reviewed-by: Long Qin <qin.long@intel.com>
* SecurityPkg: Add ARM/AARCH64 arch to enable RngTest module build.Long Qin2017-08-302-2/+2
| | | | | | | | | | | | | | | Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=680 Adding ARM and AARCH64 to SUPPORTED_ARCHITECTURES in SecurityPkg.dsc to enable RngTest module build, since this is one platform-independent application. Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Qin Long <qin.long@intel.com> Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
* SecurityPkg/Tcg2Dxe: Properly shutdown TPM before resetRuiyu Ni2017-08-252-0/+69
| | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Chao B Zhang <chao.b.zhang@intel.com>
* edk2: Move License.txt file to rootMichael D Kinney2017-08-031-25/+0
| | | | | | | | | | | | | | | | | | | https://bugzilla.tianocore.org/show_bug.cgi?id=642 Add top level License.txt file with the BSD 2-Clause License that is used by the majority of the EKD II open source project content. Merge copyright statements from the BSD 2-Clause License files in each package directory and remove the duplication License.txt file from package directories. Cc: Leif Lindholm <leif.lindholm@linaro.org> Cc: Andrew Fish <afish@apple.com> Cc: Jordan Justen <jordan.l.justen@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com> Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
* edk2: Move TianoCore Contribution Agreement to rootMichael D Kinney2017-08-031-218/+0
| | | | | | | | | | | | | | | | | https://bugzilla.tianocore.org/show_bug.cgi?id=629 Move Contributions.txt that contains the TianoCore Contribution Agreement 1.0 to the root of the edk2 repository and remove the duplicate Contributions.txt files from all packages. Cc: Leif Lindholm <leif.lindholm@linaro.org> Cc: Andrew Fish <afish@apple.com> Cc: Jordan Justen <jordan.l.justen@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com> Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
* SecurityPkg OpalPasswordSupportLib: Remove include to UefiAcpiDataTable.hStar Zeng2017-07-271-2/+1
| | | | | | | | | | | Remove redundant include to UefiAcpiDataTable.h as SmmCommunication.h will help to include it. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Eric Dong <eric.dong@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
* SecurityPkg TcgDxe: Simplify debug msg when "TPM not working properly"Star Zeng2017-06-101-3/+1
| | | | | | | | | | | | | | | | | | | | Current code for case "TPM not working properly" uses the predefined macro __FILE__ in debug format string, but uses predefined macro __LINE__ as parameter, and it also uses multiple pairs of "" in debug format string. To be simple and clear, this patch is to update the code to just use "DriverEntry: TPM not working properly\n" as the debug message. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Amy Chan <amy.chan@intel.com> Cc: Chasel Chiu <chasel.chiu@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Chasel Chiu <chasel.chiu@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg: Add TCG Spec info to TCG related modulesZhang, Chao B2017-05-115-5/+31
| | | | | | | | | | | Add TCG Spec compliance info to TCG related module INFs. Cc: Qin Long <qin.long@intel.com> Cc: Yao Jiewen <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Qin Long <qin.long@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
* SecurityPkg/Pkcs7VerifyDxe: Add format check in DB list contentsLong Qin2017-05-051-6/+60
| | | | | | | | | | Add the size check for invalid format detection in AllowedDb, RevokedDb and TimeStampDb list contents. Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Qin Long <qin.long@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg: Update package version to 0.97Zhang, Chao B2017-05-052-2/+2
| | | | | | | | | Update package version of SecurityPkg to 0.97. Cc: Qin Long <qin.long@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Qin Long <qin.long@intel.com>
* SecurityPkg: Consume SmmIoLib.Eric Dong2017-05-041-0/+1
| | | | | | | | Update code to consume SmmIoLib to pass build. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
* SecurityPkg OpalPasswordSmm: Consume SmmIoLib.Eric Dong2017-05-044-83/+3
| | | | | | | | Update code to consume SmmIoLib to check Mmio validation. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
* SecurityPkg/SecurityPkg.dec: Update PcdPkcs7CertBuffer PCD.Long Qin2017-04-121-1/+1
| | | | | | | | | | | | | | | | This patch updates the PcdPkcs7CertBuffer PCD to use the new generated test certificate data for PKCS7 verification. This was used as sample trusted certificate in the verification of Signed Capsule Update. (The updated value is still only for test purpose.) Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Eric Dong <eric.dong@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Long Qin <qin.long@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg: Error Level is not used correctlyJeff Fan2017-04-126-11/+11
| | | | | | | Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan <jeff.fan@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
* SecurityPkg: SecureBootConfigDxe: Update CloseEnrolledFile commentZhang, Chao B2017-04-061-6/+2
| | | | | | | | | Update function CloseEnrolledFile comment introduced in 4de754e15fec9c94ce7677904efd0022c211721b Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Bi Dandan <dandan.bi@intel.com>
* SecurityPkg: SecureBootConfigDxe: Support AUTH_2 enrollment to DBXZhang, Chao B2017-04-065-84/+338
| | | | | | | | | | | Update SecureBootConfigDxe to support AUTH_2 format data enrollment to DBX. Free opened file handle resource after exit PK/KEK/DB/DBX/DBT enrollment page. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Long Qin <qin.long@intel.com>
* SecurityPkg/Opal: Refine casting expression result to bigger sizeHao Wu2017-03-061-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There are cases that the operands of an expression are all with rank less than UINT64/INT64 and the result of the expression is explicitly cast to UINT64/INT64 to fit the target size. An example will be: UINT32 a,b; // a and b can be any unsigned int type with rank less than UINT64, like // UINT8, UINT16, etc. UINT64 c; c = (UINT64) (a + b); Some static code checkers may warn that the expression result might overflow within the rank of "int" (integer promotions) and the result is then cast to a bigger size. The commit refines codes by the following rules: 1). When the expression is possible to overflow the range of unsigned int/ int: c = (UINT64)a + b; 2). When the expression will not overflow within the rank of "int", remove the explicit type casts: c = a + b; 3). When the expression will be cast to pointer of possible greater size: UINT32 a,b; VOID *c; c = (VOID *)(UINTN)(a + b); --> c = (VOID *)((UINTN)a + b); 4). When one side of a comparison expression contains only operands with rank less than UINT32: UINT8 a; UINT16 b; UINTN c; if ((UINTN)(a + b) > c) {...} --> if (((UINT32)a + b) > c) {...} For rule 4), if we remove the 'UINTN' type cast like: if (a + b > c) {...} The VS compiler will complain with warning C4018 (signed/unsigned mismatch, level 3 warning) due to promoting 'a + b' to type 'int'. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com>
* SecurityPkg: Refine type cast for pointer subtractionHao Wu2017-03-066-32/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For pointer subtraction, the result is of type "ptrdiff_t". According to the C11 standard (Committee Draft - April 12, 2011): "When two pointers are subtracted, both shall point to elements of the same array object, or one past the last element of the array object; the result is the difference of the subscripts of the two array elements. The size of the result is implementation-defined, and its type (a signed integer type) is ptrdiff_t defined in the <stddef.h> header. If the result is not representable in an object of that type, the behavior is undefined." In our codes, there are cases that the pointer subtraction is not performed by pointers to elements of the same array object. This might lead to potential issues, since the behavior is undefined according to C11 standard. Also, since the size of type "ptrdiff_t" is implementation-defined. Some static code checkers may warn that the pointer subtraction might underflow first and then being cast to a bigger size. For example: UINT8 *Ptr1, *Ptr2; UINTN PtrDiff; ... PtrDiff = (UINTN) (Ptr1 - Ptr2); The commit will refine the pointer subtraction expressions by casting each pointer to UINTN first and then perform the subtraction: PtrDiff = (UINTN) Ptr1 - (UINTN) Ptr2; Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Acked-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg: Tcg2Dxe: Measure DBT into PCR[7]Zhang, Chao B2017-03-061-1/+18
| | | | | | | | | | | | | | Measure DBT into PCR[7] in initial measurement phase if present and not empty by following TCG PC Client PFP 00.49. The previous patch according to 00.21 is removed 1404e3a1508473643efba89af34bd133ab082dd5 Cc: Star Zeng <star.zeng@intel.com> Cc: Yao Jiewen <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
* SecurityPkg: Tcg2Dxe: Measure BootOrder, Boot#### to PCR[1]Zhang, Chao B2017-03-061-2/+3
| | | | | | | | | | | | | Measure BootOrder, Boot#### to PCR[1] according to TCG PC-Client PFP Spec 00.21 Section 2.4.4.2 http://www.trustedcomputinggroup.org/wp-content/uploads/PC-ClientSpecific_Platform_Profile_for_TPM_2p0_Systems_v21.pdf Cc: Star Zeng <star.zeng@intel.com> Cc: Yao Jiewen <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
* SecurityPkg: Fix potential bug in Security Boot dxe.Zhang Lubo2017-03-012-11/+11
| | | | | | | | | | | | | | | | | v2: update hash value in SecureBootConfig.vfr to keep them consistent with macro definition in SecureBootConfigImpl.h since we removed the sha-1 definition in Hash table and related macro, but the macro definition HashAlg index may be value 4 which is exceed the range of the Hash table array. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Zhang Lubo <lubo.zhang@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Long Qin <qin.long@intel.com> Cc: Yao Jiewen <jiewen.yao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* SecurityPkg/SecureBootConfigDxe: Use StrToGuid in BaseLibRuiyu Ni2017-02-283-166/+5
| | | | | | Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
* SecurityPkg/TpmCommandLib: Add Tpm2ReadPublic.Jiewen Yao2017-02-213-2/+369
| | | | | | | | Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Long Qin <qin.long@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Yao Jiewen <jiewen.yao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
* Security Tcg2Smm: Add missing gEfiTcg2ProtocolGuid dependencyStar Zeng2017-02-211-1/+2
| | | | | | | | | | | | | REF: https://bugzilla.tianocore.org/show_bug.cgi?id=380 gEfiTcgProtocolGuid dependency was added in TcgSmm. But gEfiTcg2ProtocolGuid dependency is missing in Tcg2Smm. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-17 07:53:37 +0000