summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2014-08-14Contributed-under: TianoCore Contribution Agreement 1.0Michael Kinney
Signed-off-by: Michael Kinney <michael.d.kinney@intel.com> Reviewed-by: Yingke Liu <yingke.d.liu@intel.com> Add support for RSA 2048 SHA 256 signing and verification encoded in a PI FFS GUIDED Encapsulation Section. The primary use case of this feature is in support of signing and verification of encapsulated FVs for Recovery and Capsule Update, but can potentially be used for signing and verification of any content that can be stored in a PI conformant FFS file. Signing operations are performed from python scripts that wrap OpenSsl command line utilities. Verification operations are performed using the OpenSsl libraries in the CryptoPkg. The guided encapsulation sections uses the UEFI 2.4 Specification defined GUID called EFI_CERT_TYPE_RSA2048_SHA256_GUID. The data layout for the encapsulation section starts with the UEFI 2.4 Specification defined structure called EFI_CERT_BLOCK_RSA_2048_SHA256 followed immediately by the data. The signing tool included in these patches performs encode/decode operations using this data layout. HashType is set to the UEFI 2.4 Specification defined GUID called EFI_HASH_ALGORITHM_SHA256_GUID. MdePkg/Include/Guid/WinCertificate.h ================================= // // WIN_CERTIFICATE_UEFI_GUID.CertType // #define EFI_CERT_TYPE_RSA2048_SHA256_GUID \ {0xa7717414, 0xc616, 0x4977, {0x94, 0x20, 0x84, 0x47, 0x12, 0xa7, 0x35, 0xbf } } /// /// WIN_CERTIFICATE_UEFI_GUID.CertData /// typedef struct { EFI_GUID HashType; UINT8 PublicKey[256]; UINT8 Signature[256]; } EFI_CERT_BLOCK_RSA_2048_SHA256; MdePkg/Include/Protocol/Hash.h ================================= #define EFI_HASH_ALGORITHM_SHA256_GUID \ { \ 0x51aa59de, 0xfdf2, 0x4ea3, {0xbc, 0x63, 0x87, 0x5f, 0xb7, 0x84, 0x2e, 0xe9 } \ } The verification operations require the use of public key(s). A new PCD called gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer is added to the SecurityPkg that supports one or more SHA 256 hashes of the public keys. A SHA 256 hash is performed to minimize the FLASH overhead of storing the public keys. When a verification operation is performed, a SHA 256 hash is performed on EFI_CERT_BLOCK_RSA_2048_SHA256.PublicKey and a check is made to see if that hash matches any of the hashes in the new PCD. It is recommended that this PCD always be configured in the DSC file as storage type of [PcdsDynamixExVpd], so the public keys are stored in a protected read-only region. While working on this feature, I noticed that the CRC32 signing and verification feature was incomplete. It only supported CRC32 based verification in the DXE Phase, so the attached patches also provide support for CRC32 based verification in the PEI Phase. I also noticed that the most common method for incorporating guided section extraction libraries was to directly link them to the DXE Core, which is not very flexible. The attached patches also add a generic section extraction PEIM and a generic section extraction DXE driver that can each be linked against one or more section extraction libraries. This provides a platform developer with the option of providing section extraction services with the DXE Core or providing section extraction services with these generic PEIM/DXE Drivers. Patch Summary ============== 1) BaseTools - Rsa2049Sha256Sign python script that can perform test signing or custom signing of PI FFS file GUIDed sections a. Wrapper for a set of OpenSsl command line utility operations b. OpenSsl command line tool must be installed in location that is in standard OS path or in path specified by OS environment variable called OPENSSL_PATH c. Provides standard EDK II command line arguments for a tool that encodes/decodes guided encapsulation section Rsa2048Sha256Sign - Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved. usage: Rsa2048Sha256Sign -e|-d [options] <input_file> positional arguments: input_file specify the input filename optional arguments: -e encode file -d decode file -o filename, --output filename specify the output filename --private-key PRIVATEKEYFILE specify the private key filename. If not specified, a test signing key is used. -v, --verbose increase output messages -q, --quiet reduce output messages --debug [0-9] set debug level --version display the program version and exit -h, --help display this help text 2) BaseTools - Rsa2049Sha256GenerateKeys python script that can generate new private/public key and PCD value that is SHA 256 hash of public key using OpenSsl command line utilities. a. Wrapper for a set of OpenSsl command line utility operations b. OpenSsl command line tool must be installed in location that is in standard path or in path specified by OS environment variable called OPENSSL_PATH Rsa2048Sha256GenerateKeys - Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved. usage: Rsa2048Sha256GenerateKeys [options] optional arguments: -o [filename [filename ...]], --output [filename [filename ...]] specify the output private key filename in PEM format -i [filename [filename ...]], --input [filename [filename ...]] specify the input private key filename in PEM format --public-key-hash PUBLICKEYHASHFILE specify the public key hash filename that is SHA 256 hash of 2048 bit RSA public key in binary format --public-key-hash-c PUBLICKEYHASHCFILE specify the public key hash filename that is SHA 256 hash of 2048 bit RSA public key in C structure format -v, --verbose increase output messages -q, --quiet reduce output messages --debug [0-9] set debug level --version display the program version and exit -h, --help display this help text 3) BaseTools\Conf\tools_def.template a. Define GUID/Tool to perform RSA 2048 SHA 256 test signing and instructions on how to use alternate private/public key b. GUID is EFI_CERT_TYPE_RSA2048_SHA256_GUID c. Tool is Rsa2049Sha256Sign 4) MdeModulePkg\Library\PeiCrc32GuidedSectionExtractionLib a. Add peer for DxeCrc32GuidedSectionExtractionLib so both PEI and DXE phases can perform basic integrity checks of PEI and DXE components 5) MdeModulePkg\Universal\SectionExtractionPei a. Generic PEIM that can link against one or more NULL section extraction library instances to provided one or more GUIDED Section Extraction PPIs 6) MdeModulePkg\Universal\SectionExtractionDxe a. Generic DXE Driver that can link against one or more NULL section extraction library instances to provide one or more GUIDED Section Extraction Protocols. 7) SecurityPkg\Library\PeiRsa2048Sha256GuidedSectionExtractLib a. NULL library instances that performs PEI phase RSA 2048 SHA 256 signature verification using OpenSsl libraries from CryptoPkg. b. Based on algorithms from SecurityPkg Authenticated Variable services c. Uses public key from gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer. 8) SecurityPkg\Library\DxeRsa2048Sha256GuidedSectionExtractLib a. NULL library instances that performs DXE phase RSA 2048 SHA 256 signature verification using OpenSsl libraries from CryptoPkg. b. Based on algorithms from SecurityPkg Authenticated Variable services c. Uses public key from gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer. git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15800 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-14Contributed-under: TianoCore Contribution Agreement 1.0Michael Kinney
Signed-off-by: Michael Kinney <michael.d.kinney@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> Add support for RSA 2048 SHA 256 signing and verification encoded in a PI FFS GUIDED Encapsulation Section. The primary use case of this feature is in support of signing and verification of encapsulated FVs for Recovery and Capsule Update, but can potentially be used for signing and verification of any content that can be stored in a PI conformant FFS file. Signing operations are performed from python scripts that wrap OpenSsl command line utilities. Verification operations are performed using the OpenSsl libraries in the CryptoPkg. The guided encapsulation sections uses the UEFI 2.4 Specification defined GUID called EFI_CERT_TYPE_RSA2048_SHA256_GUID. The data layout for the encapsulation section starts with the UEFI 2.4 Specification defined structure called EFI_CERT_BLOCK_RSA_2048_SHA256 followed immediately by the data. The signing tool included in these patches performs encode/decode operations using this data layout. HashType is set to the UEFI 2.4 Specification defined GUID called EFI_HASH_ALGORITHM_SHA256_GUID. MdePkg/Include/Guid/WinCertificate.h ================================= // // WIN_CERTIFICATE_UEFI_GUID.CertType // #define EFI_CERT_TYPE_RSA2048_SHA256_GUID \ {0xa7717414, 0xc616, 0x4977, {0x94, 0x20, 0x84, 0x47, 0x12, 0xa7, 0x35, 0xbf } } /// /// WIN_CERTIFICATE_UEFI_GUID.CertData /// typedef struct { EFI_GUID HashType; UINT8 PublicKey[256]; UINT8 Signature[256]; } EFI_CERT_BLOCK_RSA_2048_SHA256; MdePkg/Include/Protocol/Hash.h ================================= #define EFI_HASH_ALGORITHM_SHA256_GUID \ { \ 0x51aa59de, 0xfdf2, 0x4ea3, {0xbc, 0x63, 0x87, 0x5f, 0xb7, 0x84, 0x2e, 0xe9 } \ } The verification operations require the use of public key(s). A new PCD called gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer is added to the SecurityPkg that supports one or more SHA 256 hashes of the public keys. A SHA 256 hash is performed to minimize the FLASH overhead of storing the public keys. When a verification operation is performed, a SHA 256 hash is performed on EFI_CERT_BLOCK_RSA_2048_SHA256.PublicKey and a check is made to see if that hash matches any of the hashes in the new PCD. It is recommended that this PCD always be configured in the DSC file as storage type of [PcdsDynamixExVpd], so the public keys are stored in a protected read-only region. While working on this feature, I noticed that the CRC32 signing and verification feature was incomplete. It only supported CRC32 based verification in the DXE Phase, so the attached patches also provide support for CRC32 based verification in the PEI Phase. I also noticed that the most common method for incorporating guided section extraction libraries was to directly link them to the DXE Core, which is not very flexible. The attached patches also add a generic section extraction PEIM and a generic section extraction DXE driver that can each be linked against one or more section extraction libraries. This provides a platform developer with the option of providing section extraction services with the DXE Core or providing section extraction services with these generic PEIM/DXE Drivers. Patch Summary ============== 1) BaseTools - Rsa2049Sha256Sign python script that can perform test signing or custom signing of PI FFS file GUIDed sections a. Wrapper for a set of OpenSsl command line utility operations b. OpenSsl command line tool must be installed in location that is in standard OS path or in path specified by OS environment variable called OPENSSL_PATH c. Provides standard EDK II command line arguments for a tool that encodes/decodes guided encapsulation section Rsa2048Sha256Sign - Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved. usage: Rsa2048Sha256Sign -e|-d [options] <input_file> positional arguments: input_file specify the input filename optional arguments: -e encode file -d decode file -o filename, --output filename specify the output filename --private-key PRIVATEKEYFILE specify the private key filename. If not specified, a test signing key is used. -v, --verbose increase output messages -q, --quiet reduce output messages --debug [0-9] set debug level --version display the program version and exit -h, --help display this help text 2) BaseTools - Rsa2049Sha256GenerateKeys python script that can generate new private/public key and PCD value that is SHA 256 hash of public key using OpenSsl command line utilities. a. Wrapper for a set of OpenSsl command line utility operations b. OpenSsl command line tool must be installed in location that is in standard path or in path specified by OS environment variable called OPENSSL_PATH Rsa2048Sha256GenerateKeys - Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved. usage: Rsa2048Sha256GenerateKeys [options] optional arguments: -o [filename [filename ...]], --output [filename [filename ...]] specify the output private key filename in PEM format -i [filename [filename ...]], --input [filename [filename ...]] specify the input private key filename in PEM format --public-key-hash PUBLICKEYHASHFILE specify the public key hash filename that is SHA 256 hash of 2048 bit RSA public key in binary format --public-key-hash-c PUBLICKEYHASHCFILE specify the public key hash filename that is SHA 256 hash of 2048 bit RSA public key in C structure format -v, --verbose increase output messages -q, --quiet reduce output messages --debug [0-9] set debug level --version display the program version and exit -h, --help display this help text 3) BaseTools\Conf\tools_def.template a. Define GUID/Tool to perform RSA 2048 SHA 256 test signing and instructions on how to use alternate private/public key b. GUID is EFI_CERT_TYPE_RSA2048_SHA256_GUID c. Tool is Rsa2049Sha256Sign 4) MdeModulePkg\Library\PeiCrc32GuidedSectionExtractionLib a. Add peer for DxeCrc32GuidedSectionExtractionLib so both PEI and DXE phases can perform basic integrity checks of PEI and DXE components 5) MdeModulePkg\Universal\SectionExtractionPei a. Generic PEIM that can link against one or more NULL section extraction library instances to provided one or more GUIDED Section Extraction PPIs 6) MdeModulePkg\Universal\SectionExtractionDxe a. Generic DXE Driver that can link against one or more NULL section extraction library instances to provide one or more GUIDED Section Extraction Protocols. 7) SecurityPkg\Library\PeiRsa2048Sha256GuidedSectionExtractLib a. NULL library instances that performs PEI phase RSA 2048 SHA 256 signature verification using OpenSsl libraries from CryptoPkg. b. Based on algorithms from SecurityPkg Authenticated Variable services c. Uses public key from gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer. 8) SecurityPkg\Library\DxeRsa2048Sha256GuidedSectionExtractLib a. NULL library instances that performs DXE phase RSA 2048 SHA 256 signature verification using OpenSsl libraries from CryptoPkg. b. Based on algorithms from SecurityPkg Authenticated Variable services c. Uses public key from gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer. git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15799 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-14MdeModulePkg/IntelFrameworkModulePkg: Update PeiCore, SmbiosDxe and ↵Zeng, Star
IsaSerialDxe to use PcdGetxx() instead of FixedPcdGetxx(). It changes some of the PCD declarations to add more supported PCD storage types and the change in the PCD access methods is associated with that. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Zeng, Star <star.zeng@intel.com> Reviewed-by: Kinney, Michael D <michael.d.kinney@intel.com> Reviewed-by: Gao, Liming <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15798 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-14Use StrnCat instead of StrCat to avoid target buffer overflow.Jeff Fan
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan <jeff.fan@intel.com> Reviewed-by: Eric Dong <Eric.Dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15797 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-13Add the missing parameter comments for BaseSerialPortLib16550 lib. MdePkg: ↵Gao, Liming
Fix Clang build failure Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Gao, Liming <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15796 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-13Fix VS2013 build failure.Ruiyu Ni
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15795 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-13Fix VS2013 build failure.Ruiyu Ni
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15794 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-13Add UINT64 type cast when AND/OR with UINT64 Supports.Ruiyu Ni
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15793 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-12AppPkg: introduce OrderedCollectionTestLaszlo Ersek
In this patch a small application is added to AppPkg, with the following two goals: - demonstrate how to use OrderedCollectionLib, - allow users to test and "fuzz" BaseOrderedCollectionRedBlackTreeLib in particular, entering API "commands" interactively, or providing them from a script file. A shell script is included that generates such an API command script. Speaking about BaseOrderedCollectionRedBlackTreeLib specifically, OrderedCollectionTest validates the internal red-black properties of the tree after each read-write operation by setting the PcdValidateOrderedCollection feature flag to TRUE. The OrderedCollectionTest application's debugging environment is strictly specified in the DSC file, because OrderedCollectionTest is entirely useless for unit testing without full ASSERT() enablement. The OrderedCollectionTest application deliberately doesn't follow the edk2 coding style in the following: - const vs. CONST, - void vs. VOID, - assert() vs. ASSERT(), - calloc() and free() vs. AllocateZeroPool() and FreePool(), - integer types. This is because OrderedCollectionTest is a standard C application, not a UEFI application per se. In particular it relies on stdio. INTN, EFIAPI and CONST VOID are used only in two places, where we provide the comparator callbacks to OrderedCollectionLib. Proper range checking is ensured for integers. The application takes command input from stdin or a file (if the user requests it), sends command output to stdout or a file (if the user requests it), prints debug output to the console (as other AppPkg applications do when debugging is enabled for them), and prints diagnostics to stderr (like well behaved standard C programs should). Input/output selection is implemented manually because the old shell doesn't support input redirection at all, and because the new shell's input redirection does not co-operate with fgets() for the time being. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Michael Kinney <michael.d.kinney@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15792 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-12MdePkg: introduce BaseOrderedCollectionRedBlackTreeLib library instanceLaszlo Ersek
edk2 should have a fast and easy-to-use associative array (a dictionary) type. Red-black trees have O(log(n)) worst case time complexity for lookup, insertion, and deletion (where n is the number of nodes in the tree). They support minimum and maximum lookup with the same time complexity, hence red-black trees double as priority queues as well. Given an iterator to a red-black tree node, getting the next or previous node (which corresponds to the ordered successor or the predecessor, respectively, according to the user-defined ordering) is O(log(n)) as well. The code reflects the Binary Search Trees and Red-Black Trees chapters of Introduction to Algorithms, by Cormen, Leiserson, Rivest. One point where the implementation diverges is the first phase of the Delete() operation. During that phase, the book's algorithm copies the key and other business *contents* of the successor node (in case the successor node is affected), and releases the successor node (instead of the node that the user requested to delete). While semantically correct, this would break the above iterator validity guarantee. This implementation replaces the copying of business contents between nodes with suitable relinking of nodes, so that all iterators (except the one whose deletion is being requested) remain valid. I had written this code originally in approx. 2002. I personally own the copyright of that version and am hereby relicensing it to Red Hat, under the BSDL. I had used the original code in a few personal projects since, for example in the lbzip2-0.x parallel (de)compressor, and now I've ported the library to edk2. Both during the original implementation and now during the porting I verified all the cases and their proofs as rigorously as I could, on paper. (NB, I couldn't find any errors in the 2002 code now.) During the porting to edk2, I documented all those cases in code comments as well (at least half of the source is documentation). These comments are not blind copies of diagrams from the Algorithms book, nor are they copies from my original code -- I've done them all fresh now, and I've only matched the results against the book. Reviewers are invited to sit down with a pen, some paper, the book, and the code. The Validate() function verifies the internal red-black properties of the tree. This function helps with unit testing, and is only invoked when requested with the PcdValidateOrderedCollection feature flag. A note about diagrams: edges represented by backslash (\) characters are often written as "\_", ie. with a following underscore. This is because line-trailing backslashes are processed very early in compilation (in translation phase 2), "splicing physical source lines to form logical source lines". Since the edk2 coding style requires "//" comments for such documentation, a trailing backslash would splice the next physical line into the "scope" of the comment. To prevent this, trailing backslashes are defanged by appending underscores, which should be visually bearable. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Michael Kinney <michael.d.kinney@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15791 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-12MdePkg: introduce OrderedCollectionLib library classKinney, Michael D
This library class provides a set of APIs to manage an ordered collection of items: - Init(), - UnInit(), - Insert(), - Delete(), - IsEmpty(), - Next(), - Prev(), - Min(), - Max(), - Find(), - UserStruct(). There are many ways to implement an ordered collection. Depending on the frequency of the different actions, different internal implementations may have different performance, memory overhead, or code size. Developers can select the library instance for a platform or module in their DSC files that meets the needs of that platform or module. Commit-message-from: "Kinney, Michael D" <michael.d.kinney@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Michael Kinney <michael.d.kinney@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15790 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-12Fixed a bug in LegacyBiosDxe to allocate correct ranges of memory.Elvin Li
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Elvin Li <elvin.li@intel.com> Reviewed-by: Jeff Fan <jeff.fan@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15789 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-12Correct StrnCat length calculation.jyao1
Contributed-under: TianoCore Contribution Agreement 1.0 Signed off by: Jiewen Yao <jiewen.yao@intel.com> Reviewed by: Guo Dong <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15788 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-12MdeModulePkg PeiCore: The DEBUG message (for HeapOffset and StackOffset) ↵Star Zeng
should be placed after HeapOffset is got. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15787 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-11StdLib/LibC/Stdio: fix "missing braces around initializer"Laszlo Ersek
The member "fext._ub" is a structure (of type "struct __sbuf"), and the current initializer triggers StdLib/LibC/Stdio/vswscanf.c: In function 'vswscanf': StdLib/LibC/Stdio/vswscanf.c:75:10: error: missing braces around initializer [-Werror=missing-braces] StdLib/LibC/Stdio/vswscanf.c:75:10: error: (near initialization for 'fext._ub') [-Werror=missing-braces] cc1: all warnings being treated as errors Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15786 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-11StdLib/LibC/gdtoa: fix "missing braces around initializer"Laszlo Ersek
The member "u.L" is an array, and the current initializer triggers StdLib/LibC/gdtoa/strtof.c: In function '_strtof': StdLib/LibC/gdtoa/strtof.c:53:9: error: missing braces around initializer [-Werror=missing-braces] StdLib/LibC/gdtoa/strtof.c:53:9: error: (near initialization for 'u.L') [-Werror=missing-braces] cc1: all warnings being treated as errors Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15785 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-11MdePkg: Fix Clang build failureGao, Liming
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Gao, Liming <liming.gao@intel.com> Reviewed-by: Andrew Fish <afish@apple.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15784 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-11MdeModulePkg: BaseSerialPortLib16550 library to support PCI UART device.Gao, Liming
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Gao, Liming <liming.gao@intel.com> Reviewed-by: Kinney, Michael D <michael.d.kinney@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15783 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-11MdeModulePkg: new PlatformHookLib library with depex of SerialPortPpi.Gao, Liming
This library has one depex of SerialPortPpi. Then, the PEIM linked it has this depex so that it is dispatched after SerialPortPpi is installed. SerialPortPpi notifies the platform initialization done, then serial port will work. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Gao, Liming <liming.gao@intel.com> Reviewed-by: Kinney, Michael D <michael.d.kinney@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15782 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-11MdeModulePkg: DxeCoreGao, Liming
If GUIDED section has AUTH attribute only, DxeCore may wrongly set its AuthenticationStatus to 0 when its matched GUIDED extraction handler is not installed and Auth data is not verified. For this case, the return AuthenticationStatus should be EFI_AUTH_STATUS_NOT_TESTED. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Gao, Liming <liming.gao@intel.com> Reviewed-by: Kinney, Michael D <michael.d.kinney@intel.com> Reviewed-by: Yao, Jiewen <jiewen.yao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15781 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-08Added SMBIOS 2.8.0 updates.Elvin Li
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Elvin Li <elvin.li@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15780 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-08SourceLevelDebugPkg/DebugAgent: fix trivial typo.Chen Fan
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com> Reviewed-by: Jeff Fan <jeff.fan@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15779 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-08Add type cast on variable before operation.Jeff Fan
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan <jeff.fan@intel.com> Reviewed-by: Eric Dong <Eric.Dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15778 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-08Add type cast on variable before operation.Jeff Fan
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan <jeff.fan@intel.com> Reviewed-by: Eric Dong <Eric.Dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15777 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-08Clean the useless code.Eric Dong
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15776 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-08Rollback file GUID change, because it is VTF file and GUID is predefined.jyao1
Contributed-under: TianoCore Contribution Agreement 1.0 Signed off by: Jiewen Yao <jiewen.yao@intel.com> Reviewed by: Chris Li <chris.li@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15775 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-08clang warns on guard macro not matching in .h file.Andrew Fish
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Andrew Fish <afish@apple.com> Reviewed-by: Jeff Fan <jeff.fan@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15774 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-08Update network stack code to use StrnCpy instead of StrCpy.Fu, Siyuan
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Fu, Siyuan <siyuan.fu@intel.com> Reviewed-By: Dong, Eric <eric.dong@intel.com> Reviewed-by: Wu, Jiaxin <jiaxin.wu@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15773 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-08Correct AsciiStrnCpy.jyao1
Contributed-under: TianoCore Contribution Agreement 1.0 Signed off by: Jiewen Yao <jiewen.yao@intel.com> Reviewed by: Eric Dong <eric.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15772 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-07ShellPkg: Refactor string manipulation in cp commandJaben Carsey
This patch replaces StrCpy with StrnCpy or refactors out the usage of StrCpy through some other means. This patch replaces StrCat with StrnCat or refactors out the usage of StrCat through some other means. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jaben Carsey <jaben.carsey@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15771 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-071) Add type cast for better coding style.Feng Tian
2) replace StrCpy() usage in Variable driver with StrnCpy(). Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Feng Tian <feng.tian@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15770 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-07Add type cast for better coding style.Qiu Shumin
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Qiu Shumin <shumin.qiu@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15769 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-07Clean up code.qlong
Contributed-under: TianoCore Contribution Agreement 1.0 Signed off by: Long Qin <qin.long@intel.com> Reviewed by: Eric Dong <eric.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15768 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-07Fix OpensslLib build issue for ARM. The changes are:Eugene Cohen
The changes are: 1. Add RVCT ARM build target 2. Add suppression of warnings to get openssl building (1295,550,1293,111,68,177,223,144,513,188) 3. Remove architectures that RVCT cannot build for (IA32, X64, and IPF) 4. Add the -DOPENSSL_NO_MD2 flag to prevent link errors from MD2 references; the comments in the .inf assumes that this flag exists but it wasn’t actually set Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eugene Cohen <eugene@hp.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Long Qin <qin.long@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15767 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-07Clean up code.jyao1
Contributed-under: TianoCore Contribution Agreement 1.0 Signed off by: Jiewen Yao <jiewen.yao@intel.com> Reviewed by: Eric Dong <eric.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15766 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-06StdLib: The formatting for double float values, within the gdtoa library, is ↵Daryl McDaniel
improper. When running Enquire.efi, several errors similar to the following are produced: Maximum exponent = 128 Maximum number = 3.40282347e+38 *** WARNING: Possibly bad output from printf above expected value around 3.40282347e38, bit pattern: 11111111 11111111 01111111 01111111 sscanf gave -inf, bit pattern: 00000000 00000000 10000000 11111111 difference= inf Overflow doesn’t seem to generate a trap The memory allocation tests will also fail, sometimes leaving all available memory consumed. The correct output in the above example is: Maximum exponent = 128 Maximum number = 3.40282347e+38 Overflow doesn't seem to generate a trap The root cause is that all operations on values of Long or ULong type, within the gdtoa library, must be 32-bit operations. A previous change replaced the Long and ULong definitions with INTN and UINTN, respectively. While this is correct for a lot of Linux and NetBSD code, it was not correct for this library. This fix reverts the definitions of ULong and Long back to 32-bit types. A descriptive comment has also been added to the U union. Additional white-space has been added to tidy up the definitions of the word0 and word1 macros. Verified with Enquire.efi and the ISO/IEC C Library compliance Validation Suite. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Daryl McDaniel <daryl.mcdaniel@intel.com> Reviewed-by: Jaben Carsey <Jaben.carsey@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15765 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-06Updates the UEFI Shell to produce the new protocol with additional 4 functions.Jaben Carsey
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jaben Carsey <jaben.carsey@intel.com> Reviewed-by: Erik Bjorge <erik.c.bjorge@intel.com> Reviewed by: Daryl McDaniel <daryl.mcdaniel@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15764 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-06ShellPkg: add size cast to bit operationsJaben Carsey
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jaben Carsey <jaben.carsey@intel.com> Reviewed-by: Erik Bjorge <erik.c.bjorge@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15763 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-06Eliminate duplicated file GUID.jyao1
Eliminate duplicate GUID definition. Do explicit data cast. Use StrnCpy instead of StrCpy. Update GCC assembly. Contributed-under: TianoCore Contribution Agreement 1.0 Signed off by: Jiewen Yao <jiewen.yao@intel.com> Reviewed by: Eric Dong <eric.dong@intel.com> Reviewed by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15762 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-05ShellPkg: Remove double typedef for same structJaben Carsey
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jaben Carsey <jaben.carsey@intel.com> Reviewed-by: Andrew Fish <afish@apple.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15761 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-05Updates the logic to allow devices to support SFO output modeJaben Carsey
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jaben Carsey <jaben.carsey@intel.com> Reviewed-by: Erik Bjorge <erik.c.bjorge@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15760 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-05Fix the use of ASSERT and other fixes to memory allocation failures (like ↵Jaben Carsey
free before return for errors) Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jaben Carsey <jaben.carsey@intel.com> Reviewed-by: Erik Bjorge <erik.c.bjorge@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15759 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-05Updates the total size logic and the SFO output per UEFI Shell 2.1 changesJaben Carsey
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jaben Carsey <jaben.carsey@intel.com> Reviewed-by: Erik Bjorge <erik.c.bjorge@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15758 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-05Updates the logic to allow DmpStore to specify a name independent of ↵Jaben Carsey
specifying a GUID. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jaben Carsey <jaben.carsey@intel.com> Reviewed-by: Erik Bjorge <erik.c.bjorge@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15757 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-05Updates the logic to allow help to ouput help information from a dynamic ↵Jaben Carsey
shell command Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jaben Carsey <jaben.carsey@intel.com> Reviewed-by: Lee Rosenbaum <lee.g.rosenbaum@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15756 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-05Updates the logic to allow RM and CP to have silent/quiet mode work ↵Jaben Carsey
successfully. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jaben Carsey <jaben.carsey@intel.com> Reviewed-by: Lee Rosenbaum <lee.g.rosenbaum@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15755 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-05This searches for handles that produce the dynamic command protocol after ↵Jaben Carsey
searching the commands compiled into the shell. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jaben Carsey <jaben.carsey@intel.com> Reviewed-by: Eugene Cohen <eugene@hp.com> Reviewed-by: Erik Bjorge <erik.c.bjorge@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15754 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-05ShellPkg: Add Dynamic GUID registration into the current GUID<->String ↵Jaben Carsey
conversion process Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jaben Carsey <jaben.carsey@intel.com> Reviewed-by: Erik Bjorge <erik.c.bjorge@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15753 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-05This adds the new APIs for UEFI Shell 2.1 and makes a new structure for ↵Jaben Carsey
shell implementations that are conformant to this new spec. It does not affect existing implementations. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jaben Carsey <jaben.carsey@intel.com> Reviewed-by: Erik Bjorge <erik.c.bjorge@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15752 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-05Eliminate duplicated file GUID.jyao1
Contributed-under: TianoCore Contribution Agreement 1.0 Signed off by: Jiewen Yao <jiewen.yao@intel.com> Reviewed by: Eric Dong <eric.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15751 6f19259b-4bc3-4df7-8a09-765794883524