summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-07-07MdeModulePkg: Replace UnicodeStrToAsciiStr/AsciiStrToUnicodeStrStar Zeng
It is the follow up of 3ab41b7a325ca11a12b42f5ad1661c4b6791cb49 to replace UnicodeStrToAsciiStr/AsciiStrToUnicodeStr with UnicodeStrToAsciiStrS/AsciiStrToUnicodeStrS. (We integrate the change for FrontPageCustomizedUiSupport.c in commit b68ccac17c7e6340ab7b3654ea51c86ad6b4201d on master to FrontPage.c on UDK2015 branch) (We integrate the change for BmBootDescription.c in commit b68ccac17c7e6340ab7b3654ea51c86ad6b4201d on master to BmBoot.c on UDK2015 branch) Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Liming Gao <liming.gao@intel.com> Cc: Eric Dong <eric.dong@intel.com> Cc: Feng Tian <feng.tian@intel.com> Cc: Ruiyu Ni <ruiyu.ni@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jaben Carsey <jaben.carsey@intel.com> (cherry picked from commit b68ccac17c7e6340ab7b3654ea51c86ad6b4201d)
2016-07-07MdePkg: Replace UnicodeStrToAsciiStr() with UnicodeStrToAsciiStrS()Star Zeng
It is the follow up of 3ab41b7a325ca11a12b42f5ad1661c4b6791cb49 to replace UnicodeStrToAsciiStr/AsciiStrToUnicodeStr with UnicodeStrToAsciiStrS/AsciiStrToUnicodeStrS. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Liming Gao <liming.gao@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jaben Carsey <jaben.carsey@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com> (cherry picked from commit ca2ac9d521b595e969dbe65f1a19fd96d499fa61)
2016-07-07NetworkPkg: Fix unspecified address use case in IpsecConfigJiaxin Wu
This patch is used to fix unspecified address use case in ConstructSpdIndexer() function. Indexer->Name for ConstructSpdIndexer is unspecified, that will be a problem for UnicodeStrToAsciiStr. This patch also refine the code by removing ASSERT and user error handling. Cc: Fu Siyuan <siyuan.fu@intel.com> Cc: Ye Ting <ting.ye@intel.com> Cc: Zeng Star <star.zeng@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com> Reviewed-by: Zeng Star <star.zeng@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> (cherry picked from commit ca9b4d22f437ccd2d7ad9ce262760097788bafcc)
2016-07-07SecurityPkg OpalPasswordDxe: gray out menu instead of suppress it.Eric Dong
For current implementation, if the device is pyrite type, driver will suppress the "keep user data" option. Base on the feedback from user, they prefer to keep the menu but gray out it. Now base on this feedback to update the driver. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit 0efc3be0af3dafffb99e29c569a2c230910678de)
2016-07-07SecurityPkg: Tcg2Smm: Fix type casting issueZhang, Chao B
Fix type casting issue introduced by cd64301398876d0b3700f882b3eea12657510a70 Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Gao Liming <liming.gao@intel.com> (cherry picked from commit 0c687d02c76592832de73850e1dc81115311318a)
2016-07-07SecurityPkg: SecurityPkg.uni: Update info string for ↵Zhang, Chao B
PcdTcgPhysicalPresenceInterfaceVer Update Pcd info string for new added PcdTcgPhysicalPresenceInterfaceVer Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Dandan Bi <dandan.bi@intel.com> (cherry picked from commit ed3faea45ab85739d48c0612fcde265764b5e3d0)
2016-07-07SecurityPkg: Tcg2Smm: Enhance TIS interface detectionZhang, Chao B
TCG PC Client PTP spec defines that if InterfaceType is defined as TIS1.3. All the other fields of the FIFO Interface Identifier Register are skipped. http://www.trustedcomputinggroup.org/pc-client-specific-platform-tpm-profile-for-tpm-2-0-v43-150126/ Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> Reviewed-by: Long Qin <qin.long@intel.com> (cherry picked from commit 3b5624b01454ed0ce1ae2089cc5b091a9cd07ed2)
2016-07-07SecurityPkg: Tcg2Smm: Make TCG2 PP version configurableZhang, Chao B
Make TCG2 PP version configurable to meet different request. Current default version is 1.3. http://www.trustedcomputinggroup.org/physical-presence-interface_1-30_0-52/ Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> (cherry picked from commit cd64301398876d0b3700f882b3eea12657510a70)
2016-07-07UefiCpuPkg/Cpuid.h: Display Intel SGX Resource Enumeration LeavesJeff Fan
Cc: Michael Kinney <michael.d.kinney@intel.com> Cc: Feng Tian <feng.tian@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan <jeff.fan@intel.com> Reviewed-by: Michael Kinney <michael.d.kinney@intel.com> (cherry picked from commit f5a2d6f012fff6073017f814da6dd19530cc6046)
2016-07-07UefiCpuPkg/Cpuid.h: Add CPUID defines and structures for Intel SGXJeff Fan
Add Intel SGX Resource Enumeration Leaves as described by Section 37.7 in Intel(R) 64 and IA-32 Architectures Software Developer's Manual, Volume 3D, December 2015. Cc: Michael Kinney <michael.d.kinney@intel.com> Cc: Feng Tian <feng.tian@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan <jeff.fan@intel.com> Reviewed-by: Michael Kinney <michael.d.kinney@intel.com> (cherry picked from commit c606a9a5b7611f54a4ae731827e7edd8a980dca3)
2016-07-06MdeModulePkg PiDxeS3BootScriptLib: Use a specific name for mSmstStar Zeng
When a driver also uses a same name, there will be a link error: one or more multiply defined symbols found. Use a specific name for mSmst to avoid the link error. Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> (cherry picked from commit a7636346cb59538c70be301c60c0cb0a320abb95)
2016-07-06MdeModulePkg DxeS3BootScriptLib: Check (mSmst != NULL) before freeing SMRAMStar Zeng
There is static scan tool reports BootScriptSave.c:628:'mSmst' is explicitly dereferenced. The patch is to check (mSmst != NULL) before freeing SMRAM at BootScriptSave.c:628. Cc: Shumin Qiu <shumin.qiu@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Shumin Qiu <shumin.qiu@intel.com> (cherry picked from commit d6f38e374ece00f1f8176007c9d3e8eff1f2308f)
2016-07-06MdeModulePkg DxeS3BootScriptLib: Add DESTRUCTOR S3BootScriptLibDeinitializeStar Zeng
PiDxeS3BootScriptLib has a constructor S3BootScriptLibInitialize() that registers ready-to-lock callback S3BootScriptSmmEventCallBack() and several more. The library is linked to SMM modules. If the module entry-point function returns error (because of lack of resources, unsupported, whatever), the module will be unloaded and the notify callback pointers will point to undefined memory. On ready-to-lock exception occurs when calling S3BootScriptSmmEventCallBack(), and probably all the other callbacks registered by the constructor would also cause exception. This patch is to implement library Destructor to free the resources allocated by S3BootScriptLibInitialize() and unregister callbacks. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Tested-by: Laszlo Ersek <lersek@redhat.com> (cherry picked from commit cfd79783d603bb2db98ffa0a370bea572724d51c)
2016-07-06MdeModulePkg SmmLockBoxSmmLib: Add DESTRUCTOR SmmLockBoxSmmDestructorStar Zeng
SmmLockBoxSmmLib is linked to SMM modules. If the module entry-point function returns error, the module will be unloaded and the global variables will point to undefined memory. This patch is to add DESTRUCTOR SmmLockBoxSmmDestructor to uninstall SmmLockBoxCommunication configuration table if it has been installed in Constructor. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Tested-by: Laszlo Ersek <lersek@redhat.com> (cherry picked from commit 738df706c1192a546bd88f017dc00d263f2bc1c2)
2016-07-06MdeModulePkg SmmLockBoxSmmLib: Fix typo in SmmLockBoxSmmConstructuorStar Zeng
SmmLockBoxSmmConstructuor should be SmmLockBoxSmmConstructor. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Tested-by: Laszlo Ersek <lersek@redhat.com> (cherry picked from commit da9d39c28ee24dde172616fe05ce3c252223b01c)
2016-07-06MdePkg/BaseLib: Add 2 more safe string functions.Jiewen Yao
Add UnicodeStrToAsciiStrS() and AsciiStrToUnicodeStrS() API. These 2 safe version APIs are used to replace UnicodeStrToAsciiStr() and AsciiStrToUnicodeStr() API. The safe version string convert APIs use similar check as StrCpyS(). Cc: Liming Gao <Liming.Gao@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiewen Yao <Jiewen.Yao@intel.com> Reviewed-by: Liming Gao <Liming.Gao@intel.com> Reviewed-by: Jaben Carsey <jaben.carsey@intel.com> (cherry picked from commit 3ab41b7a325ca11a12b42f5ad1661c4b6791cb49)
2016-07-06MdePkg/Hsti: Fix a memory allocation check issue.Jiewen Yao
Cc: Liming Gao <Liming.Gao@intel.com> Cc: Amy Chan <Amy.Chan@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiewen Yao <Jiewen.Yao@intel.com> Reviewed-by: Liming Gao <Liming.Gao@intel.com> Reviewed-by: Amy Chan <Amy.Chan@intel.com> (cherry picked from commit d3858e1006f3b88cb510f7c71452a53ff6f75c05)
2016-07-06SecurityPkg EsalVariableDxeSal: Use input Global to make code more clearStar Zeng
SecurityPkg\VariableAuthenticated\EsalVariableDxeSal\Variable.c AutoUpdateLangVariable() Global->PlatformLangCodes[VirtualMode] = AllocateRuntimeCopyPool (DataSize, Data); ASSERT (mVariableModuleGlobal->PlatformLangCodes[VirtualMode] != NULL); The patch is to use Global instead of mVariableModuleGlobal in the ASSERT (XXX) to make code more clear although mVariableModuleGlobal is equal to Global actually. Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Amy Chan <amy.chan@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Amy Chan <amy.chan@intel.com> Reviewed-by: Giri P Mudusuru <giri.p.mudusuru@intel.com> (cherry picked from commit 5b03f1b5145dd7e4b3ac7bcdd05f03597b461989)
2016-07-06MdeModulePkg/SetupBrowser: Correct the incorrect variable nameDandan Bi
Cc: Eric Dong <eric.dong@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dandan Bi <dandan.bi@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> (cherry picked from commit bef778c1fe67ceddc03a3ac34c8cef9157e01c91)
2016-07-06UefiCpuPkg/PiSmmCpuDxeSmm: Using MSRs semaphores in aligned bufferJeff Fan
Update MSRs semaphores to the ones in allocated aligned semaphores buffer. If MSRs semaphores is not enough, allocate one page more. Cc: Michael Kinney <michael.d.kinney@intel.com> Cc: Feng Tian <feng.tian@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan <jeff.fan@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> Reviewed-by: Michael Kinney <michael.d.kinney@intel.com> Regression-tested-by: Laszlo Ersek <lersek@redhat.com> (cherry picked from commit dc99315b8732b6e3032d01319d3f534d440b43d0)
2016-07-06UefiCpuPkg/PiSmmCpuDxeSmm: Allocate buffer for MSRs semaphoresJeff Fan
Allocate MSRs semaphores in allocated aligned semaphores buffer. And add it into semaphores structure. Cc: Michael Kinney <michael.d.kinney@intel.com> Cc: Feng Tian <feng.tian@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan <jeff.fan@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> Reviewed-by: Michael Kinney <michael.d.kinney@intel.com> Regression-tested-by: Laszlo Ersek <lersek@redhat.com> (cherry picked from commit 695e62d1419cf3a8ab65a96c86c9cf58d4206d61)
2016-07-06UefiCpuPkg/PiSmmCpuDxeSmm: Using CPU semaphores in aligned bufferJeff Fan
Update each CPU semaphores to the ones in allocated aligned semaphores buffer. Cc: Michael Kinney <michael.d.kinney@intel.com> Cc: Feng Tian <feng.tian@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan <jeff.fan@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> Reviewed-by: Michael Kinney <michael.d.kinney@intel.com> Regression-tested-by: Laszlo Ersek <lersek@redhat.com> (cherry picked from commit ed3d5ecb342dd6cca299ac72b30d4855a8b804a4)
2016-07-06UefiCpuPkg/PiSmmCpuDxeSmm: Allocate buffer for each CPU semaphoresJeff Fan
Allocate each CPU semaphores in allocated aligned semaphores buffer. And add it into semaphores structure. Cc: Michael Kinney <michael.d.kinney@intel.com> Cc: Feng Tian <feng.tian@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan <jeff.fan@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> Reviewed-by: Michael Kinney <michael.d.kinney@intel.com> Regression-tested-by: Laszlo Ersek <lersek@redhat.com> (cherry picked from commit 4e920581133766a31410f9d5b091446a3bc19d8c)
2016-07-06UefiCpuPkg/PiSmmCpuDxeSmm: Using global semaphores in aligned bufferJeff Fan
Update all global semaphores to the ones in allocated aligned semaphores buffer. Cc: Michael Kinney <michael.d.kinney@intel.com> Cc: Feng Tian <feng.tian@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan <jeff.fan@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> Reviewed-by: Michael Kinney <michael.d.kinney@intel.com> Regression-tested-by: Laszlo Ersek <lersek@redhat.com> (cherry picked from commit fe3a75bc41545125f76c28238016658f48833ba2)
2016-07-06UefiCpuPkg/PiSmmCpuDxeSmm: Move forward MP sync data initializationJeff Fan
Move MP sync data initialization in front of the place that initialize page table, because the page fault spin lock is allocated in InitializeMpSyncData() while it is initialized in SmmInitPageTable(). Cc: Michael Kinney <michael.d.kinney@intel.com> Cc: Feng Tian <feng.tian@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan <jeff.fan@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> Reviewed-by: Michael Kinney <michael.d.kinney@intel.com> Regression-tested-by: Laszlo Ersek <lersek@redhat.com> (cherry picked from commit d67b73cc381219f16f5d120e733efb7ffaa814f0)
2016-07-06UefiCpuPkg/PiSmmCpuDxeSmm: Allocate buffer for global semaphoresJeff Fan
Get semaphores alignment/size requirement and allocate aligned buffer for all global spin lock and semaphores. Cc: Michael Kinney <michael.d.kinney@intel.com> Cc: Feng Tian <feng.tian@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan <jeff.fan@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> Reviewed-by: Michael Kinney <michael.d.kinney@intel.com> Regression-tested-by: Laszlo Ersek <lersek@redhat.com> (cherry picked from commit 1d64853193602f1100b835a4824da14c4258e5da)
2016-07-06MdePkg/WSMT.h: update header comment to use official URL link.Jiewen Yao
Update WSMT table link to official MSDN URL. Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Liming Gao <liming.gao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Samer El-Haj-Mahmoud <elhaj@hpe.com> (cherry picked from commit e6877b56b2e6d781fe0ce808318c779eb703657c)
2016-07-06SecurityPkg TcgStorageOpalLib: Check the capability before use.Dong, Eric
For Pyrite SSC device, it may not supports Active Key, So add check logic before enable it. Cc: Feng Tian <feng.tian@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit 6e7423c3c2ff56c9256b92a845b3e0c959ab0d74)
2016-07-06SecurityPkg OpalPasswordSmm: Always execute BlockSid command.Eric Dong
The BlockSid feature is not depend on lock status, so move the send BlockSid command out of unlock process. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit 3f250a944d691d2169fa3834c89eed7235b735ae)
2016-07-06SecurityPkg OpalPasswordSmm: Enhance BlockSid Logic.Eric Dong
BlockSid feature can be retrieve from the header info. Update the logic, check BlockSid capability before use it. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit 69cd129471c3507d6be0b9e993a020ddef38692e)
2016-07-06SecurityPkg OpalPasswordDxe: Check BlockSid capability before send command.Eric Dong
Not all opal device support BlockSid feature. So Add code logic to check the capability before send BlockSid command. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit be08755355ef16bf86ebed01762c6c9cb319b48a)
2016-07-06SecurityPkg OpalPasswordDxe: Change BlockSid position.Eric Dong
The BlockSid feature is a global level feature instead of device level feature. So move the menu from device page to the main page. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit 8d3d84508f06d1b7c8269deb16f234646b0a4585)
2016-07-06SecurityPkg TcgStorageOpalLib: Check BlockSid capability.Eric Dong
Check the BlockSid feature capability through check BlockSid header in the DiscoveryHeader. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit b20e0d29fa99d7e6126930e133afada55ad1bc66)
2016-07-06MdePkg: Add TCG_BLOCK_SID_FEATURE_DESCRIPTOR definition.Eric Dong
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit 19d539af756429815310ebaffb443409e94da809)
2016-07-06SecurityPkg TcgStorageOpalLib: Update ComId for Block SID command.Eric Dong
The ComId for Block SID authentication command is 0x0005 according to "TCG Storage Feature Set: Block SID Authentication Specification Version 1.0.0". Update code to follow this spec requirement. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit 81c1b6df92184f07446b6cf197b18c61ad8b73f0)
2016-07-06SecurityPkg: SecureBootConfigDxe: Disable SecureBoot Enable/Disable in some caseZhang, Chao B
Disable SecureBoot Enable/Disable feature when PhysicalPresence is not available, Since SecureBootEnable is protected with PhysicalPresence. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> (cherry picked from commit e8903bb7bf3f975ce8d1986bdbbaaf05c29c0e2b)
2016-07-06SecurityPkg OpalPasswordDxe: Install menu without device dependency.Eric Dong
Change design to always install opal menu. Current implementation only install menu when device connect. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit f14307489f7a50415239211d76a4a4190db22deb)
2016-07-06SecuritPkg: DxeImageVerificationLib: Fix wrong verification logic in DBX & DBTZhang, Chao B
In image verification, if image verified pass in DBT, still need to verify if it is blocked by any other cert/cert hash from DBX. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Long Qin <qin.long@intel.com> Reviewed-by: Dick Wilkins <dick_wilkins@phoenix.com> (cherry picked from commit 91422384d5915a6f14523b3cec557d730c940c6a)
2016-07-06MdePkg-SmmMemLib: Enhance SmmIsBufferOutsideSmmValid() check for fixed comm ↵Jiewen Yao
buffer. This patch adds more check in SmmIsBufferOutsideSmmValid(), to make sure that SMM communication buffer is only EfiReservedMemoryType/EfiRuntimeServicesCode/ EfiRuntimeServicesData/EfiACPIMemoryNVS. So that the communication buffer will not touch any OS memory. The assumption is that a platform reports valid SMM communication buffer at EndOfDxe, because EndOfDxe is last hook point that SMM code can call-out to get memory map information. A platform MUST finish SMM communication buffer allocation before EndOfDxe. If a DXE or OS driver need do communication after EndOfDxe, it can either allocate SMM communication buffer before EndOfDxe and save it, or consume EDKII_PI_SMM_COMMUNICATION_REGION_TABLE table to get general fixed comm buffer. This is designed to meet Microsoft WSMT table definition on FIXED_COMM_BUFFERS requirement. Cc: Liming Gao <liming.gao@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> Regression-tested-by: Laszlo Ersek <lersek@redhat.com> (cherry picked from commit 91f51fcc84d9ce3b801fdd895e514cd5525975c7)
2016-07-06SecurityPkg-Opal(2): Enhance AHCI Bar MMIO region check.Eric Dong
This patch enhance OPAL password SMM driver to check SMM bar is valid MMIO besides outside of SMRAM. This is designed to meet Microsoft WSMT table definition on FIXED_COMM_BUFFERS requirement. Cc: Eric Dong <eric.dong@intel.com> Cc: Feng Tian <feng.tian@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit 009264f5cf0fa0009ff96f307eaac88860a998a8)
2016-07-06SecurityPkg-Opal(1): Use fixed SMM communication buffer in OPAL password lib.Eric Dong
This patch enhance OPAL password lib SMM communication by using fixed SMM communication buffer. Update OPAL password lib to consume EDKII_PI_SMM_COMMUNICATION_REGION_TABLE as fixed communication buffer for SMM communication. This is designed to meet Microsoft WSMT table definition on FIXED_COMM_BUFFERS requirement. Cc: Eric Dong <eric.dong@intel.com> Cc: Feng Tian <feng.tian@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit 83681c74f07978adbb621a467fe391ae901e2515)
2016-07-06MdeModulePkg-FPDT(4): Use fixed buffer for SMM_PERF_COMMUNICATE in PerfLib.Liming Gao
This patch enhance performance data SMM communication by using fixed SMM communication buffer. Update PerformanceLib to use fixed SMM communication buffer to get performance data by SMM_PERF_COMMUNICATE API. This is designed to meet Microsoft WSMT table definition on FIXED_COMM_BUFFERS requirement. Cc: Liming Gao <liming.gao@intel.com> Cc: Feng Tian <feng.tian@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit de2459d66d87eb526e3a21f1e6682fac8e1926c5)
2016-07-06MdeModulePkg-FPDT(3): Use SMM_FPDT_FUNCTION_GET_BOOT_RECORD_DATA_BY_OFFSET ↵Liming Gao
in FpdtDxe. This patch enhance performance data SMM communication by using fixed SMM communication buffer. Update FpdtDxe to use fixed SMM communication buffer to get performance data by SMM_FPDT_FUNCTION_GET_BOOT_RECORD_DATA_BY_OFFSET API. This is designed to meet Microsoft WSMT table definition on FIXED_COMM_BUFFERS requirement. Cc: Liming Gao <liming.gao@intel.com> Cc: Feng Tian <feng.tian@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit d158ba675b95c9f07455d77d0ef68ce22e7f65d0)
2016-07-06MdeModulePkg-FPDT(2): Add SMM_FPDT_FUNCTION_GET_BOOT_RECORD_DATA_BY_OFFSET ↵Liming Gao
in FpdtSmm Handler. This patch enhance performance data SMM communication by using fixed SMM communication buffer. Update FpdtSmm to handle SMM_FPDT_FUNCTION_GET_BOOT_RECORD_DATA_BY_OFFSET request. This is designed to meet Microsoft WSMT table definition on FIXED_COMM_BUFFERS requirement. Cc: Liming Gao <liming.gao@intel.com> Cc: Feng Tian <feng.tian@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit 77a6e6c4f966bd618196ba7196964515228a84e1)
2016-07-06MdeModulePkg-FPDT(1): Add SMM_FPDT_FUNCTION_GET_BOOT_RECORD_DATA_BY_OFFSET ↵Liming Gao
definition. This patch enhance performance data SMM communication by using fixed SMM communication buffer. A new command SMM_FPDT_FUNCTION_GET_BOOT_RECORD_DATA_BY_OFFSET is added, because we need to support get partial PerformanceData to fixed SMM communication buffer. If performance data is bigger than fixed SMM communication buffer, the DXE agent need to call SMM_FPDT_FUNCTION_GET_BOOT_RECORD_DATA_BY_OFFSET multiple times to get all data out. This is designed to meet Microsoft WSMT table definition on FIXED_COMM_BUFFERS requirement. Cc: Liming Gao <liming.gao@intel.com> Cc: Feng Tian <feng.tian@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit 7110e306faaf713ca644719685a7cb21f3c17d8b)
2016-07-06MdeModulePkg-MemoryProfile(3): Use ↵Star Zeng
SMRAM_PROFILE_COMMAND_GET_PROFILE_DATA_BY_OFFSET in MemoryProfileInfo. This patch enhance SMM memory profile SMM communication by using fixed SMM communication buffer. Update MemoryProfileInfo APP to use fixed SMM communication buffer to get profile data by SMRAM_PROFILE_COMMAND_GET_PROFILE_DATA_BY_OFFSET API. This is designed to meet Microsoft WSMT table definition on FIXED_COMM_BUFFERS requirement. Cc: Star Zeng <star.zeng@intel.com> Cc: Feng Tian <feng.tian@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit 2f7961c7d67faad52449ec8d5c71b2cd891bd7b6)
2016-07-06MdeModulePkg-MemoryProfile(2): Add ↵Star Zeng
SMRAM_PROFILE_COMMAND_GET_PROFILE_DATA_BY_OFFSET in PiSmmCore. This patch enhance SMM memory profile SMM communication by using fixed SMM communication buffer. Update PiSmmCore to handle SMRAM_PROFILE_COMMAND_GET_PROFILE_DATA_BY_OFFSET request. This is designed to meet Microsoft WSMT table definition on FIXED_COMM_BUFFERS requirement. Cc: Star Zeng <star.zeng@intel.com> Cc: Feng Tian <feng.tian@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> Regression-tested-by: Laszlo Ersek <lersek@redhat.com> (cherry picked from commit c3592c86ee39c3582f1d4c6b31cf91113e9d4c5f)
2016-07-06MdeModulePkg-MemoryProfile(1): Add ↵Star Zeng
SMRAM_PROFILE_COMMAND_GET_PROFILE_DATA_BY_OFFSET definition. This patch enhance SMM memory profile SMM communication by using fixed SMM communication buffer. A new command SMRAM_PROFILE_COMMAND_GET_PROFILE_DATA_BY_OFFSET is added, because we need to support get partial ProfileData to fixed SMM communication buffer. If profile data is bigger than fixed SMM communication buffer, the DXE agent need to call SMRAM_PROFILE_COMMAND_GET_PROFILE_DATA_BY_OFFSET multiple times to get all data out. This is designed to meet Microsoft WSMT table definition on FIXED_COMM_BUFFERS requirement. Cc: Star Zeng <star.zeng@intel.com> Cc: Feng Tian <feng.tian@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit 73e0de62826dffe8f9e32d6d0d18b54a8a5d3f38)
2016-07-06MdeModulePkg: Add new driver to publish EDKII_PI_SMM_COMMUNICATION_REGION_TABLE.Jiewen Yao
Add a driver to publish EDKII_PI_SMM_COMMUNICATION_REGION_TABLE, so that other DXE driver can consume this table directly. NOTE: This is sample driver. A platform may uses its own way to define default SMM communication buffer region and publish information in its own EDKII_PI_SMM_COMMUNICATION_REGION_TABLE. This is designed to meet Microsoft WSMT table definition on FIXED_COMM_BUFFERS requirement. Cc: Feng Tian <feng.tian@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Feng, Tian <feng.tian@intel.com> (cherry picked from commit 6e4e6ffda448b77a3b2f3549137aca5c1b62cb4a)
2016-07-06MdeModulePkg: Add EDKII_PI_SMM_COMMUNICATION_REGION_TABLE definition.Jiewen Yao
This configuration table is used to describe platform pre-allocated memory for SMM communication buffer. If DXE driver wants to communicate with SMM agent, it can use this memory as SMM communication buffer instead of allocate new memory region. This is designed to meet Microsoft WSMT table definition on FIXED_COMM_BUFFERS requirement. Cc: Feng Tian <feng.tian@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> (cherry picked from commit 1e01ea240e67aacd0e6b99012ac4ab3b68be8215)