summaryrefslogtreecommitdiff
path: root/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c
AgeCommit message (Collapse)Author
2016-03-24SecurityPkg/SecureBootConfigDxe: Declare EFIAPI for the ChooseFile handlersGary Lin
The SecureBootConfig now uses ChooseFile() from FileExplorerLib to select the certificates to be enrolled into PK, KEK, DB, DBX, or DBT, and the corresponding handlers to get the content of the file. Per the definition of CHOOSE_HANDLER, the handler must use EFIAPI as the calling convention. However, the calling convention was not specified the following handlers: UpdatePKFromFile(), UpdateKEKFromFile(), UpdateDBFromFile(), UpdateDBXFromFile(), and UpdateDBTFromFile(). When compiling the firmware with gcc, the default calling convention is not compatible with EFIAPI, so the handlers interpreted the argument the wrong way and passed the wrong device path to UpdatePage(), and the system crashed when the user tried to enroll a certificate into the key database. This commit specifies the calling convention for those functions so that gcc can generate the right code. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Gary Lin <glin@suse.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Dandan Bi <dandan.bi@intel.com>
2016-03-04SecurityPkg/SecureBootConfigDxe: Handle allocation failure gracefullyDandan Bi
The function AllocateCopyPool may return NULL, so need to do check after calling it. This patch is to enhance the related logic. Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Qiu Shumin <shumin.qiu@intel.com> Cc: Eric Dong <eric.dong@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dandan Bi <dandan.bi@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com>
2016-02-26SecurityPkg: Use FileExplorerLib in SecureBootConfigDxeDandan Bi
Using existing library FileExplorerLib to replace the same logic in SecureBootConfigDxe to make the code clear. After using FileExplorerLib, the UI behavior for enroll PK will change, previously when select one PK file, commit/discard changes will return to Device Manager,press ESC will return to FileExplorer. Now using FileExplorerLib the behavior will keep same with enroll KEK/DB/..., commit/discard changes will return to Custom Secure Boot Options form and ESC will return to PK options form. Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Eric Dong <eric.dong@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dandan Bi <dandan.bi@intel.com> Acked-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
2015-07-08SecurityPkg:Replace unsafe string functions.Zhang Lubo
Replace unsafe string functions with new added safe string functions. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Zhang Lubo <lubo.zhang@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Qiu Shumin <shumin.qiu@intel.com> Reviewed-by: Jaben Carsey <jaben.carsey@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17882 6f19259b-4bc3-4df7-8a09-765794883524
2015-05-07SecurityPkg: remove unused variablesArd Biesheuvel
This removes various unused variables from SecurityPkg whose presence is causing failed builds. Contributed-under: TianoCore Contribution Agreement 1.0 Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Olivier Martin <olivier.martin@arm.com> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17354 6f19259b-4bc3-4df7-8a09-765794883524
2014-11-14UEFI 2.4 X509 Certificate Hash and RFC3161 Timestamp Verification support ↵Qin Long
for Secure Boot Main ChangeLogs includes: 1. Introduce the new GUID and structure definitions for certificate hash and timestamp support; 2. Update Image Verification Library to support DBT signature checking; 3. Update the related SecureBoot Configuration Pages; Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Qin Long <qin.long@intel.com> Reviewed-by: Guo Dong <guo.dong@intel.com> Reviewed-by: Siyuan Fu <siyuan.fu@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16380 6f19259b-4bc3-4df7-8a09-765794883524
2014-01-09Return to BMM page if parse the file info failed.Eric Dong
Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Siyuan Fu <siyuan.fu@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15067 6f19259b-4bc3-4df7-8a09-765794883524
2014-01-08Rollback the patch 15054.Eric Dong
Signed-off-by: Eric Dong <eric.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15059 6f19259b-4bc3-4df7-8a09-765794883524
2014-01-07Not update the status until parse the file info success.Eric Dong
Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15054 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-25Check for NULL pointer before free it.sfu5
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14316 6f19259b-4bc3-4df7-8a09-765794883524
2012-03-271. Remove “Force clear PK” feature in AuthVarialbe driver.sfu5
2. Update API ForceClearPK() to UserPhysicalPresent() in PlatformSecureLib. 2. Update SecureBootConfigDxe driver and AuthVariable driver to support Custom Secure Boot Mode feature. 3. Fix some bugs in AuthVariable driver. Signed-off-by: sfu5 Reviewed-by: tye Reviewed-by: gdong1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13144 6f19259b-4bc3-4df7-8a09-765794883524
generated by cgit v1.2.3 (git 2.25.1) at 2025-03-30 04:58:44 +0000