summaryrefslogtreecommitdiff
path: root/SecurityPkg/VariableAuthenticated/Pei/Variable.c
AgeCommit message (Collapse)Author
2015-07-01SecurityPkg: Delete Auth Variable driverStar Zeng
1. Delete TpmMeasurementLib LibraryClass from SecurityPkg after it moved to MdeModulePkg. 2. Update DxeTpmMeasurementLib.inf to include MdeModulePkg.dec. 3. Delete authenticated variable definition from AuthenticatedVariableFormat.h after them moved to VariableFormat.h. 4. Replace VARIABLE_HEADER with AUTHENTICATED_VARIABLE_HEADER in EsalVariableDxeSal. 5. Delete VariableInfo from SecurityPkg after it merged to VariableInfo in MdeModulePkg. 6. Delete VariablePei from SecurityPkg after it merged to VariablePei in MdeModulePkg. 7. Delete Auth Variable driver from SecurityPkg after it merged to Variable driver in MdeModulePkg. 8. Also update PACKAGE_GUID and PACKAGE_VERSION in SecurityPkg.dec after the deletion of authenticated variable definition, VariableInfo, VariablePei and Auth Variable driver from SecurityPkg; update PLATFORM_VERSION in SecurityPkg.dsc. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Jaben Carsey <jaben.carsey@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17772 6f19259b-4bc3-4df7-8a09-765794883524
2014-11-19MdeModulePkg/SecurityPkg VariablePei: Fix VS2013 build failure.Star Zeng
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16406 6f19259b-4bc3-4df7-8a09-765794883524
2014-10-31MdeModulePkg/SecurityPkg Variable: Add boundary check for while ↵Star Zeng
(IsValidVariableHeader (Variable)). Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16280 6f19259b-4bc3-4df7-8a09-765794883524
2013-07-03SecurityPkg: Variable drivers robustly handle crashes during Reclaim().Star Zeng
PEI variable implementation checks only the variable header signature for validity. This does not seem robust if system crash occurred during previous Reclaim() operation. If the crash occurred while FTW was rewriting the variable FV, the signature could be valid even though the rest of the FV isn't valid. Solution: PEI variable and early phase(before FTW protocol ready) of DXE variable can check the FTW last write status provided by FaultTolerantWritePei and determine if all or partial variable data has been backed up in spare block, and then use the backed up data. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14455 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-25Variables with state VAR_ADDED&VAR_IN_DELETED_TRANSITION should be ↵lzeng14
considered as valid variables if there is no duplicated ones with VAR_ADDED state. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14085 6f19259b-4bc3-4df7-8a09-765794883524
2011-12-13SecurityPkg/VariableAuthenticated: Check if there is a NV Variable Storage ↵oliviermartin
header prior to use its attributes The Variable PEI and RuntimeDxe drivers were using the attribute 'HeaderLength' of EFI_FIRMWARE_VOLUME_HEADER without checking if a Firmware Volume Header was existing at the base address. In case the Firmware Volume Header does not exist or is corrupted, the attribute 'HeaderLength' is a non valid value that can lead to a non valid physical address when accessing produces an access error. Signed-off-by: oliviermartin Reviewed-by: rsun3 Reviewed-by: niruiyu git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12845 6f19259b-4bc3-4df7-8a09-765794883524
2011-10-28SecurityPkg: Update VariableAuthenticated driver with following changes:xdu2
1. Remove memory allocation code in runtime. 2. Exclude NULL terminator in VariableName for serialization data in time-based variable authentication. 3. Add support for enroll PK with WRITE_ACCESS attribute. 4. Initialize SetupMode variable with correct NV attribute. 5. Add support for APPEND_WRITE attribute for non-existing Variable. 6. Clear KEK, DB and DBX as well as PK when user request to clear platform keys. 7. Check duplicated EFI_SIGNATURE_DATA for Variable formatted as EFI_SIGNATURE_LIST when APPEND_WRITE attribute is set. 8. Not change SecureBoot Variable in runtime, only update it in boot time since this Variable indicates firmware operating mode. 9. Save time stamp of PK when PK is set with TIME_BASED_WRITE_ACCESS attribute in setup mode. 10. Update to use PcdMaxVariableSize instead of PcdMaxAppendVariableSize for append operation. Signed-off-by: xdu2 Reviewed-by: tye git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12599 6f19259b-4bc3-4df7-8a09-765794883524
2011-10-19Support Variable driver ↵niruiyu
(VariableAuthenticatedPei/VariableAuthenticatedRuntimeDxe) to support the default variable data stored in HOB. Signed-off-by: niruiyu Reviewed-by: lgao4 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12554 6f19259b-4bc3-4df7-8a09-765794883524
2011-09-07Sync the fix for recovery mode from MdeModulePkg.gdong1
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12290 6f19259b-4bc3-4df7-8a09-765794883524
2011-09-02Add security package to repository.gdong1
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12261 6f19259b-4bc3-4df7-8a09-765794883524
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-15 19:58:40 +0000