summaryrefslogtreecommitdiff
path: root/SecurityPkg/VariableAuthenticated/RuntimeDxe
AgeCommit message (Collapse)Author
2012-03-31Update common authenticated variable (non PK/KEK/DB/DBX) support to comply ↵tye1
with latest UEFI spec. Signed-off by: tye1 Reviewed-by: geekboy15a Reviewed-by: sfu5 Reviewed-by: gdong1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13157 6f19259b-4bc3-4df7-8a09-765794883524
2012-03-30If setting variable in Runtime and there has been a same GUID and name ↵lzeng14
variable existed in system without RT attribute, return EFI_WRITE_PROTECTED. Signed-off-by: lzeng14 Reviewed-by: tye git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13156 6f19259b-4bc3-4df7-8a09-765794883524
2012-03-271. Remove “Force clear PK” feature in AuthVarialbe driver.sfu5
2. Update API ForceClearPK() to UserPhysicalPresent() in PlatformSecureLib. 2. Update SecureBootConfigDxe driver and AuthVariable driver to support Custom Secure Boot Mode feature. 3. Fix some bugs in AuthVariable driver. Signed-off-by: sfu5 Reviewed-by: tye Reviewed-by: gdong1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13144 6f19259b-4bc3-4df7-8a09-765794883524
2012-03-261. Update AuthVarialbe driver to avoid integer overflow when using ↵sfu5
EFI_VARIABLE_AUTHENTICATION_2 descriptor. Signed-off-by: sfu5 Reviewed-by: tye Reviewed-by: gdong1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13120 6f19259b-4bc3-4df7-8a09-765794883524
2011-12-13SecurityPkg/VariableAuthenticated: Check if there is a NV Variable Storage ↵oliviermartin
header prior to use its attributes The Variable PEI and RuntimeDxe drivers were using the attribute 'HeaderLength' of EFI_FIRMWARE_VOLUME_HEADER without checking if a Firmware Volume Header was existing at the base address. In case the Firmware Volume Header does not exist or is corrupted, the attribute 'HeaderLength' is a non valid value that can lead to a non valid physical address when accessing produces an access error. Signed-off-by: oliviermartin Reviewed-by: rsun3 Reviewed-by: niruiyu git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12845 6f19259b-4bc3-4df7-8a09-765794883524
2011-12-13Update SignatureSupport variable to reflect firmware capability.gdong1
Signed-off-by: gdong1 Reviewed-by: tye Reviewed-by: sfu5 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12843 6f19259b-4bc3-4df7-8a09-765794883524
2011-12-091. Fix a bug when verify the CertType GUID in authentication variable data ↵sfu5
payload. Signed-off-by: sfu5 Reviewed-by: tye1 Reviewed-by: gdong1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12831 6f19259b-4bc3-4df7-8a09-765794883524
2011-12-02Update a return status for UEFI spec compliance.gdong1
Signed-off-by: gdong1 Reviewed-by: tye git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12813 6f19259b-4bc3-4df7-8a09-765794883524
2011-11-231. Check input PK/KEK variable data to make sure it is a valid ↵sfu5
EFI_SIGNATURE_LIST. Signed-off-by: sfu5 Reviewed-by: gdong1 Reviewed-by : czhan46 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12765 6f19259b-4bc3-4df7-8a09-765794883524
2011-11-04Add debug information for secure boot test convenient.gdong1
Signed-off-by: gdong1 Reviewed-by: tye Reviewed-by: xdu2 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12660 6f19259b-4bc3-4df7-8a09-765794883524
2011-10-28SecurityPkg: Update VariableAuthenticated driver with following changes:xdu2
1. Remove memory allocation code in runtime. 2. Exclude NULL terminator in VariableName for serialization data in time-based variable authentication. 3. Add support for enroll PK with WRITE_ACCESS attribute. 4. Initialize SetupMode variable with correct NV attribute. 5. Add support for APPEND_WRITE attribute for non-existing Variable. 6. Clear KEK, DB and DBX as well as PK when user request to clear platform keys. 7. Check duplicated EFI_SIGNATURE_DATA for Variable formatted as EFI_SIGNATURE_LIST when APPEND_WRITE attribute is set. 8. Not change SecureBoot Variable in runtime, only update it in boot time since this Variable indicates firmware operating mode. 9. Save time stamp of PK when PK is set with TIME_BASED_WRITE_ACCESS attribute in setup mode. 10. Update to use PcdMaxVariableSize instead of PcdMaxAppendVariableSize for append operation. Signed-off-by: xdu2 Reviewed-by: tye git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12599 6f19259b-4bc3-4df7-8a09-765794883524
2011-10-28Enable/Disable Secured Boot by 'Secure Boot Configuration' Page which is ↵qianouyang
under Setup browser. Signed-off-by: qianouyang Reviewed-by: gdong1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12586 6f19259b-4bc3-4df7-8a09-765794883524
2011-10-19Support Variable driver ↵niruiyu
(VariableAuthenticatedPei/VariableAuthenticatedRuntimeDxe) to support the default variable data stored in HOB. Signed-off-by: niruiyu Reviewed-by: lgao4 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12554 6f19259b-4bc3-4df7-8a09-765794883524
2011-10-14Add pointer check for NULL before dereference it.sfu5
Signed-off-by: sfu5 Reviewed-by: tye git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12537 6f19259b-4bc3-4df7-8a09-765794883524
2011-09-211. Enhance AuthVar driver to avoid process corrupted certificate input.hhuan13
Signed-off-by: hhuan13 Reviewed-by: ftian git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12398 6f19259b-4bc3-4df7-8a09-765794883524
2011-09-02Add security package to repository.gdong1
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12261 6f19259b-4bc3-4df7-8a09-765794883524