summaryrefslogtreecommitdiff
path: root/SecurityPkg
AgeCommit message (Collapse)Author
2012-08-03Fix physical presence request failure for ↵gdong1
PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE, PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE and PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE. Signed-off-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13590 6f19259b-4bc3-4df7-8a09-765794883524
2012-08-02Measure ExitBootServices failure caseczhang46
Signed-off-by: Chao Zhang<chao.b.zhang@intel.com> Reviewed-by: Dong Guo<guo.dong@intel.com> Reviewed-by: Gao Liming<liming.gao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13580 6f19259b-4bc3-4df7-8a09-765794883524
2012-07-26Fix a failure in TCG HashAll interface.gdong1
signed-off by Tao Hengyan <hengyan.tao@intel.com> reviewed by Dong Guo <guo.dong@intel.com> reviewed by Long Qin <qin.long@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13556 6f19259b-4bc3-4df7-8a09-765794883524
2012-07-26Enhance TCG driver to provide TPM physical presence lifetime lock capability.gdong1
Signed-off-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13555 6f19259b-4bc3-4df7-8a09-765794883524
2012-07-25Use RsaGetPublicKeyFromX509() to validate the given X.509 certificate for ↵sfu5
PK/KEK/db/dbx database. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13553 6f19259b-4bc3-4df7-8a09-765794883524
2012-07-23Update the secure boot configuration UI to accept *.crt certificate file.sfu5
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13546 6f19259b-4bc3-4df7-8a09-765794883524
2012-07-20Adjust library instances used in SecurityPkg by proper module type.tye1
Signed-off-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Fu, Siyuan <Siyuan.fu@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13544 6f19259b-4bc3-4df7-8a09-765794883524
2012-07-171. Remove extra attribute for SetupMode, SignatureSupport and SecureBoot ↵sfu5
variable. 2. Allow the PK owner to update db/dbx variable directly. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13536 6f19259b-4bc3-4df7-8a09-765794883524
2012-07-17Return EFI_UNSUPPORTED if READY_TO_BOOT function is invoked at SMM runtime.sfu5
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13535 6f19259b-4bc3-4df7-8a09-765794883524
2012-07-13Verify the provided PKpub is signed with its private key when enrolling a ↵sfu5
new PK variable in setup mode. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13531 6f19259b-4bc3-4df7-8a09-765794883524
2012-07-12Fix a bug in DxeImageVerificationLib which will pass incorrect trust cert ↵sfu5
size to AuthenticodeVerify() function. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13526 6f19259b-4bc3-4df7-8a09-765794883524
2012-07-12Update the secure boot configuration UI to accept *.der certificate file as ↵sfu5
the Platform Key. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13525 6f19259b-4bc3-4df7-8a09-765794883524
2012-07-09Reset the platform when user choose to enroll/delete the PK variable. sfu5
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13515 6f19259b-4bc3-4df7-8a09-765794883524
2012-07-09Add SMRAM range check to variable SMM SMI handler.czhang46
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13514 6f19259b-4bc3-4df7-8a09-765794883524
2012-07-09Defer TCG table publish after LASA/LAML in the table got updated.gdong1
signed-off by Tao Hengyan <hengyan.tao@intel.com> reviewed by Dong Guo <guo.dong@intel.com> reviewed by Hot Tian <hot.tian@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13513 6f19259b-4bc3-4df7-8a09-765794883524
2012-07-09Include read data buffer in CommBufferSize when calculate the buffer size.ydong10
Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13512 6f19259b-4bc3-4df7-8a09-765794883524
2012-07-051. Reset system when user changes secure boot state in secure boot ↵sfu5
configuration form. 2. Update the method to detect secure boot state in DxeImageVerificationLib and secure boot configuration driver. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13505 6f19259b-4bc3-4df7-8a09-765794883524
2012-07-04Fix a buffer overflow bug in VariableSmm driver.sfu5
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Zhang Chao <chao.b.zhang@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13486 6f19259b-4bc3-4df7-8a09-765794883524
2012-06-12Add comment for modules which have external input.jyao1
signed-off-by: jiewen.yao@intel.com reviewed-by: guo.dong@intel.com reviewed-by: ting.ye@intel.com reviewed-by: liming.gao@intel.com reviewed-by: elvin.li@intel.com git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13446 6f19259b-4bc3-4df7-8a09-765794883524
2012-06-08Fix compatibility issue when using IPF image with PE32 magic value in the ↵sfu5
OptionalHeader. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13433 6f19259b-4bc3-4df7-8a09-765794883524
2012-06-01Enhance GPT measurement to be able to handle different partition entry size.gdong1
Signed-off-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13422 6f19259b-4bc3-4df7-8a09-765794883524
2012-06-01Fix TCG PPI request EnableActivateClear failure.gdong1
Signed-off-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Ouyang Qian <qian.ouyang@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13421 6f19259b-4bc3-4df7-8a09-765794883524
2012-05-31Fixed build failed.ydong10
Signed-off-by: Eric Dong <eric.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13406 6f19259b-4bc3-4df7-8a09-765794883524
2012-05-30Add new interface GetVariable2 and GetEfiGlobalVariable2 to return more ↵ydong10
info. Also replace old interface with new one. Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13375 6f19259b-4bc3-4df7-8a09-765794883524
2012-05-30According to UEFI spec 2.3.1a. hardware error record variable should use the ↵lzeng14
EFI_HARDWARE_ERROR_VARIABLE VendorGuid and have the L"HwErrRec####" name convention, #### is a printed hex value and no 0x or h is included in the hex value. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Guo Dong <guo.dong@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13373 6f19259b-4bc3-4df7-8a09-765794883524
2012-05-30Return EFI_WRITE_PROTECTED when setting HwErrRecSupport Global Variable at ↵lzeng14
runtime. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Guo Dong <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13372 6f19259b-4bc3-4df7-8a09-765794883524
2012-05-28Fix a bug in DxeImageVerificationLib to use the correct certificate length ↵sfu5
when verifying a signed EFI image. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13364 6f19259b-4bc3-4df7-8a09-765794883524
2012-05-14Update auth-variable and secure boot UI driver to support only time-based ↵sfu5
PK, KEK and Signature Database variable variable according to UEFI Spec requirement. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13310 6f19259b-4bc3-4df7-8a09-765794883524
2012-05-11Enhance TcgSmm driver to handle potential SetVariable failure case.gdong1
Signed-off-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> Reviewed-by: Ouyang Qian <qian.ouyang@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13309 6f19259b-4bc3-4df7-8a09-765794883524
2012-05-09Fixes buffer read overflow bugs in authenticated variable driver.sfu5
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13298 6f19259b-4bc3-4df7-8a09-765794883524
2012-05-09Fix always reboot issue for an invalid physical presence operation request.gdong1
Signed-off by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Ouyang, Qian <qian.ouyang@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13297 6f19259b-4bc3-4df7-8a09-765794883524
2012-05-08Removes redundant code and adds data size check for certificate data in ↵tye1
DxeImageVerificationLib. Signed-off by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Eric <yong.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13291 6f19259b-4bc3-4df7-8a09-765794883524
2012-04-28 Enhances PE image hash algorithm in DxeImageVerificationLib and ↵tye1
DxeTpmMeasureBootLib. Signed-off-by: Ye Ting<ting.ye@intel.com> Reviewed by: Dong, Eric <yong.dong@intel.com> Reviewed by: Dong, Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13228 6f19259b-4bc3-4df7-8a09-765794883524
2012-04-26Patch include:ydong10
1.Change function name to avoid name conflict. 2.Refine check for Pe Image. Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13220 6f19259b-4bc3-4df7-8a09-765794883524
2012-04-24Update copyright formathhtian
Signed-off-by: Hot Tian <hot.tian@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13213 6f19259b-4bc3-4df7-8a09-765794883524
2012-04-24Validate some fields in PE image to make sure not access violation for later ↵ydong10
code. Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13211 6f19259b-4bc3-4df7-8a09-765794883524
2012-04-23Fix common AuthVariable protection issue.tye1
Signed-off-by: Ye Ting<ting.ye@intel.com> Reviewed by: Fu, Siyuan <siyuan.fu@intel.com> Reviewed by: Dong, Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13204 6f19259b-4bc3-4df7-8a09-765794883524
2012-04-18Update comments for NULL PlatformSecureLib instance.sfu5
Signed-off-by: Fu, Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong, Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13202 6f19259b-4bc3-4df7-8a09-765794883524
2012-04-12Update the default return value of UserPhysicalPresent to TRUE.sfu5
Signed-off-by: Fu, Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong, Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13191 6f19259b-4bc3-4df7-8a09-765794883524
2012-04-11EDK II Packages: Add Contributions.txt and License.txt filesjljusten
Contributions.txt documents the contribution process for all tianocore projects. The conents of Contributions.txt should match in all cases. License.txt is a per-project document showing the license terms used by that project. Signed-off-by: Jordan Justen <jordan.l.justen@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13187 6f19259b-4bc3-4df7-8a09-765794883524
2012-04-05Add pointer check for NULL before dereference it.sfu5
Signed-off-by: Fu, Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong, Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13162 6f19259b-4bc3-4df7-8a09-765794883524
2012-03-31Update common authenticated variable (non PK/KEK/DB/DBX) support to comply ↵tye1
with latest UEFI spec. Signed-off by: tye1 Reviewed-by: geekboy15a Reviewed-by: sfu5 Reviewed-by: gdong1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13157 6f19259b-4bc3-4df7-8a09-765794883524
2012-03-30If setting variable in Runtime and there has been a same GUID and name ↵lzeng14
variable existed in system without RT attribute, return EFI_WRITE_PROTECTED. Signed-off-by: lzeng14 Reviewed-by: tye git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13156 6f19259b-4bc3-4df7-8a09-765794883524
2012-03-291. Fix UNIXGCC IPF build failure in SecurityPkg.sfu5
Signed-off-by: sfu5 Reviewed-by: gdong1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13152 6f19259b-4bc3-4df7-8a09-765794883524
2012-03-281. Fix GCC build failure in SecurityPkg.sfu5
Signed-off-by: sfu5 Reviewed-by: gdong1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13146 6f19259b-4bc3-4df7-8a09-765794883524
2012-03-271. Remove “Force clear PK” feature in AuthVarialbe driver.sfu5
2. Update API ForceClearPK() to UserPhysicalPresent() in PlatformSecureLib. 2. Update SecureBootConfigDxe driver and AuthVariable driver to support Custom Secure Boot Mode feature. 3. Fix some bugs in AuthVariable driver. Signed-off-by: sfu5 Reviewed-by: tye Reviewed-by: gdong1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13144 6f19259b-4bc3-4df7-8a09-765794883524
2012-03-261. Update AuthVarialbe driver to avoid integer overflow when using ↵sfu5
EFI_VARIABLE_AUTHENTICATION_2 descriptor. Signed-off-by: sfu5 Reviewed-by: tye Reviewed-by: gdong1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13120 6f19259b-4bc3-4df7-8a09-765794883524
2012-03-191. Add more error handling code to DxeImageVerificationLib and BaseCryptLib.sfu5
Signed-off-by: sfu5 Reviewed-by: qianouyang Reviewed-by: gdong1 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13109 6f19259b-4bc3-4df7-8a09-765794883524
2012-03-09Fix system reboot automatically if changing the value of [TPM operation]gdong1
Signed-off-by: gdong1 Reviewed-by: tye1 Reviewed-by: qianouyang git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13089 6f19259b-4bc3-4df7-8a09-765794883524
2012-02-27Remove ASSERT to let DXE core return gracefully when loading an invalid image.gdong1
Signed-off-by: gdong1 Reviewed-by: jyao1 Reviewed-by: CZhang46 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13035 6f19259b-4bc3-4df7-8a09-765794883524
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-05 17:05:23 +0000