summaryrefslogtreecommitdiff
path: root/SecurityPkg
AgeCommit message (Collapse)Author
2014-08-28SecurityPkg: INF/DEC file updates to EDK II packagesDong, Guo
2. Add MODULE_UNI_FILE file that contains the localized Abstract and Description of a module. a. Addresses an information gap between INF files and the UEFI Distribution Packaging Specification XML schema b. There will be an associated update to UPT in BaseTools to consume MODULE_UNI_FILE and associated UNI file during UDP creation that performs the INF -> XML conversion. c. There will be an associated update to UPT in BaseTools to produce MODULE_UNI_FILE and associated UNI file during UDP installation that performs the XML -> INF conversion. 3. Add Module Extra UNI file that provides the localized Name of a module. a. [UserExtensions.TianoCore."ExtraFiles"] provides an easy method for a module to specify extra files not listed in [Sources] or [Binaries] sections to be added to a UDP without having to list the files in the UPT package information data file. b. There will be an associated update to UPT in BaseTools to package up files listed in [UserExtensions.TianoCore."ExtraFiles"] during UDP creation. c. UNI file contains localized name of a module to go along with the localized Abstract and Description from the MODULE_UNI_FILE. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dong, Guo <guo.dong@intel.com> Reviewed-by: Gao, Liming <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15959 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-28SecurityPkg: INF/DEC file updates to EDK II packagesDong, Guo
5. Add PACKAGE_UNI_FILE UNI file that contains the localized Abstract and Description of a package and localized strings associated with PCDs. a. Addresses an information gap between DEC files and the UEFI Distribution Packaging Specification XML schema b. There will be an associated update to UPT in BaseTools to consume PACKAGE_UNI_FILE and associated UNI file during UDP creation that performs the DEC -> XML conversion. c. There will be an associated update to UPT in BaseTools to produce PACKAGE_UNI_FILE and associated UNI file during UDP installation that performs the XML -> DEC conversion. 6. Add Package Extra UNI file that provides the localized Name of a package. a. [UserExtensions.TianoCore."ExtraFiles"] provides an easy method for a package to specify extra files to be added to a UDP without having to list the files in the UPT package information data file. b. There will be an associated update to UPT in BaseTools to package up files listed in [UserExtensions.TianoCore."ExtraFiles"] during UDP creation. c. UNI file contains localized name of a package to go along with the localized Abstract and Description from the PACKAGE_UNI_FILE. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dong, Guo <guo.dong@intel.com> Reviewed-by: Gao, Liming <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15953 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-28SecurityPkg: INF/DEC file updates to EDK II packagesDong, Guo
4. PCD information in DEC file comment blocks are either incomplete or incorrect. This includes detailed description, @Prompt, @ValidRange, @ValidList, @Expression, and [Error.<TokenSpaceGuid>] validation error messages. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dong, Guo <guo.dong@intel.com> Reviewed-by: Gao, Liming <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15952 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-28SecurityPkg: INF/DEC file updates to EDK II packagesDong, Guo
2. Add MODULE_UNI_FILE file that contains the localized Abstract and Description of a module. a. Addresses an information gap between INF files and the UEFI Distribution Packaging Specification XML schema b. There will be an associated update to UPT in BaseTools to consume MODULE_UNI_FILE and associated UNI file during UDP creation that performs the INF -> XML conversion. c. There will be an associated update to UPT in BaseTools to produce MODULE_UNI_FILE and associated UNI file during UDP installation that performs the XML -> INF conversion. 3. Add Module Extra UNI file that provides the localized Name of a module. a. [UserExtensions.TianoCore."ExtraFiles"] provides an easy method for a module to specify extra files not listed in [Sources] or [Binaries] sections to be added to a UDP without having to list the files in the UPT package information data file. b. There will be an associated update to UPT in BaseTools to package up files listed in [UserExtensions.TianoCore."ExtraFiles"] during UDP creation. c. UNI file contains localized name of a module to go along with the localized Abstract and Description from the MODULE_UNI_FILE. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dong, Guo <guo.dong@intel.com> Reviewed-by: Gao, Liming <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15951 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-28SecurityPkg: INF/DEC file updates to EDK II packagesDong, Guo
1. Usage information in INF file comment blocks are either incomplete or incorrect. This includes usage information for Protocols/PPIs/GUIDs/PCDs/HOBs/Events/BootModes. The syntax for usage information in comment blocks is defined in the EDK II Module Information (INF) Specification Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dong, Guo <guo.dong@intel.com> Reviewed-by: Gao, Liming <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15950 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-25EDK II Contributions.txt: Note acceptable contribution licensesJordan Justen
We strongly prefer that contribtions be offered using the same license as the project/module. But, we should document other acceptable licenses for contributions. This will allow package owners to more easily know if they can accept a contribution under a different source license. NOTE: This does not modify the wording of the "TianoCore Contribution Agreement 1.0" section Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jordan Justen <jordan.l.justen@intel.com> Reviewed-by: Mark Doran <mark.doran@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15892 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-22Update TcgPei and TrEEPei driver to make ↵Dong, Guo
gEfiMdeModulePkgTokenSpaceGuid.PcdPeiCoreMaxFvSupported to be used as patchable PCD instead of Fixed PCD. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dong, Guo <guo.dong@intel.com> Reviewed-by: Gao, Liming <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15879 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-20Update TcgPei and TrEEPei driver to make ↵Dong, Guo
gEfiMdeModulePkgTokenSpaceGuid.PcdPeiCoreMaxFvSupported to be used as patchable PCD instead of Fixed PCD. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dong, Guo <guo.dong@intel.com> Reviewed-by: Gao, Liming <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15848 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-151) Update code to use PcdFixedUsbCredentialProviderTokenFileName and ↵Dong, Guo
PcdMaxVariableSize as patchable PCD instead of FixedAtBuild PCD. 2) Correct a typo in file comments of Tpm12Ownership.c Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dong, Guo <guo.dong@intel.com> Reviewed-by: Gao, Liming <liming.gao@intel.com> Reviewed-by: Yao, Jiewen <jiewen.yao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15811 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-14Contributed-under: TianoCore Contribution Agreement 1.0Michael Kinney
Signed-off-by: Michael Kinney <michael.d.kinney@intel.com> Reviewed-by: Dong, Guo <guo.dong@intel.com> Add support for RSA 2048 SHA 256 signing and verification encoded in a PI FFS GUIDED Encapsulation Section. The primary use case of this feature is in support of signing and verification of encapsulated FVs for Recovery and Capsule Update, but can potentially be used for signing and verification of any content that can be stored in a PI conformant FFS file. Signing operations are performed from python scripts that wrap OpenSsl command line utilities. Verification operations are performed using the OpenSsl libraries in the CryptoPkg. The guided encapsulation sections uses the UEFI 2.4 Specification defined GUID called EFI_CERT_TYPE_RSA2048_SHA256_GUID. The data layout for the encapsulation section starts with the UEFI 2.4 Specification defined structure called EFI_CERT_BLOCK_RSA_2048_SHA256 followed immediately by the data. The signing tool included in these patches performs encode/decode operations using this data layout. HashType is set to the UEFI 2.4 Specification defined GUID called EFI_HASH_ALGORITHM_SHA256_GUID. MdePkg/Include/Guid/WinCertificate.h ================================= // // WIN_CERTIFICATE_UEFI_GUID.CertType // #define EFI_CERT_TYPE_RSA2048_SHA256_GUID \ {0xa7717414, 0xc616, 0x4977, {0x94, 0x20, 0x84, 0x47, 0x12, 0xa7, 0x35, 0xbf } } /// /// WIN_CERTIFICATE_UEFI_GUID.CertData /// typedef struct { EFI_GUID HashType; UINT8 PublicKey[256]; UINT8 Signature[256]; } EFI_CERT_BLOCK_RSA_2048_SHA256; MdePkg/Include/Protocol/Hash.h ================================= #define EFI_HASH_ALGORITHM_SHA256_GUID \ { \ 0x51aa59de, 0xfdf2, 0x4ea3, {0xbc, 0x63, 0x87, 0x5f, 0xb7, 0x84, 0x2e, 0xe9 } \ } The verification operations require the use of public key(s). A new PCD called gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer is added to the SecurityPkg that supports one or more SHA 256 hashes of the public keys. A SHA 256 hash is performed to minimize the FLASH overhead of storing the public keys. When a verification operation is performed, a SHA 256 hash is performed on EFI_CERT_BLOCK_RSA_2048_SHA256.PublicKey and a check is made to see if that hash matches any of the hashes in the new PCD. It is recommended that this PCD always be configured in the DSC file as storage type of [PcdsDynamixExVpd], so the public keys are stored in a protected read-only region. While working on this feature, I noticed that the CRC32 signing and verification feature was incomplete. It only supported CRC32 based verification in the DXE Phase, so the attached patches also provide support for CRC32 based verification in the PEI Phase. I also noticed that the most common method for incorporating guided section extraction libraries was to directly link them to the DXE Core, which is not very flexible. The attached patches also add a generic section extraction PEIM and a generic section extraction DXE driver that can each be linked against one or more section extraction libraries. This provides a platform developer with the option of providing section extraction services with the DXE Core or providing section extraction services with these generic PEIM/DXE Drivers. Patch Summary ============== 1) BaseTools - Rsa2049Sha256Sign python script that can perform test signing or custom signing of PI FFS file GUIDed sections a. Wrapper for a set of OpenSsl command line utility operations b. OpenSsl command line tool must be installed in location that is in standard OS path or in path specified by OS environment variable called OPENSSL_PATH c. Provides standard EDK II command line arguments for a tool that encodes/decodes guided encapsulation section Rsa2048Sha256Sign - Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved. usage: Rsa2048Sha256Sign -e|-d [options] <input_file> positional arguments: input_file specify the input filename optional arguments: -e encode file -d decode file -o filename, --output filename specify the output filename --private-key PRIVATEKEYFILE specify the private key filename. If not specified, a test signing key is used. -v, --verbose increase output messages -q, --quiet reduce output messages --debug [0-9] set debug level --version display the program version and exit -h, --help display this help text 2) BaseTools - Rsa2049Sha256GenerateKeys python script that can generate new private/public key and PCD value that is SHA 256 hash of public key using OpenSsl command line utilities. a. Wrapper for a set of OpenSsl command line utility operations b. OpenSsl command line tool must be installed in location that is in standard path or in path specified by OS environment variable called OPENSSL_PATH Rsa2048Sha256GenerateKeys - Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved. usage: Rsa2048Sha256GenerateKeys [options] optional arguments: -o [filename [filename ...]], --output [filename [filename ...]] specify the output private key filename in PEM format -i [filename [filename ...]], --input [filename [filename ...]] specify the input private key filename in PEM format --public-key-hash PUBLICKEYHASHFILE specify the public key hash filename that is SHA 256 hash of 2048 bit RSA public key in binary format --public-key-hash-c PUBLICKEYHASHCFILE specify the public key hash filename that is SHA 256 hash of 2048 bit RSA public key in C structure format -v, --verbose increase output messages -q, --quiet reduce output messages --debug [0-9] set debug level --version display the program version and exit -h, --help display this help text 3) BaseTools\Conf\tools_def.template a. Define GUID/Tool to perform RSA 2048 SHA 256 test signing and instructions on how to use alternate private/public key b. GUID is EFI_CERT_TYPE_RSA2048_SHA256_GUID c. Tool is Rsa2049Sha256Sign 4) MdeModulePkg\Library\PeiCrc32GuidedSectionExtractionLib a. Add peer for DxeCrc32GuidedSectionExtractionLib so both PEI and DXE phases can perform basic integrity checks of PEI and DXE components 5) MdeModulePkg\Universal\SectionExtractionPei a. Generic PEIM that can link against one or more NULL section extraction library instances to provided one or more GUIDED Section Extraction PPIs 6) MdeModulePkg\Universal\SectionExtractionDxe a. Generic DXE Driver that can link against one or more NULL section extraction library instances to provide one or more GUIDED Section Extraction Protocols. 7) SecurityPkg\Library\PeiRsa2048Sha256GuidedSectionExtractLib a. NULL library instances that performs PEI phase RSA 2048 SHA 256 signature verification using OpenSsl libraries from CryptoPkg. b. Based on algorithms from SecurityPkg Authenticated Variable services c. Uses public key from gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer. 8) SecurityPkg\Library\DxeRsa2048Sha256GuidedSectionExtractLib a. NULL library instances that performs DXE phase RSA 2048 SHA 256 signature verification using OpenSsl libraries from CryptoPkg. b. Based on algorithms from SecurityPkg Authenticated Variable services c. Uses public key from gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer. git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15801 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-12Correct StrnCat length calculation.jyao1
Contributed-under: TianoCore Contribution Agreement 1.0 Signed off by: Jiewen Yao <jiewen.yao@intel.com> Reviewed by: Guo Dong <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15788 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-07Clean up code.jyao1
Contributed-under: TianoCore Contribution Agreement 1.0 Signed off by: Jiewen Yao <jiewen.yao@intel.com> Reviewed by: Eric Dong <eric.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15766 6f19259b-4bc3-4df7-8a09-765794883524
2014-07-28Update code to support VS2013 tool chain.Eric Dong
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15694 6f19259b-4bc3-4df7-8a09-765794883524
2014-07-02SecurityPkg HashLibBaseCryptoRouterDxe/Tpm2DeviceLibRouterPei: Fixed GCC ↵Star Zeng
build failure after -Wno-missing-braces option in GCC removed. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15613 6f19259b-4bc3-4df7-8a09-765794883524
2014-06-25Refine code to make it more safely.Eric Dong
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Guo Dong <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15590 6f19259b-4bc3-4df7-8a09-765794883524
2014-06-25Update code to always publish EFI_IMAGE_EXECUTION_INFO_TABLE.Dong, Guo
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dong, Guo <guo.dong@intel.com> Reviewed-by: Fu, Siyuan <siyuan.fu@intel.com> Reviewed-by: Gao, Liming <liming.gao@intel.com> Reviewed-by: Zhang, Chao B <chao.b.zhang@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15585 6f19259b-4bc3-4df7-8a09-765794883524
2014-06-16Fix build issues with Xcode in CryptoPkg and SecurityPkg.Andrew Fish
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Andrew Fish <afish@apple.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Long Qin <qin.long@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15561 6f19259b-4bc3-4df7-8a09-765794883524
2014-04-28Config Access Protocol return value not follow spec, update code to follow it.Eric Dong
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Gao, Liming <liming,gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15490 6f19259b-4bc3-4df7-8a09-765794883524
2014-04-15MdeModulePkg/SecurityPkg: Update TreePei to handle FvInfo2 and update FwVol ↵Star Zeng
of PeiCore to always install both FvInfo and FvInfo2. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15467 6f19259b-4bc3-4df7-8a09-765794883524
2014-04-01Add missing parameter comment in AddPubKeyInStore()Dong Guo
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Dong, Eric <eric.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15426 6f19259b-4bc3-4df7-8a09-765794883524
2014-03-31Remove unused [PcdsDynamic, PcdsDynamicEx] section.Dong Guo
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Fan, Jeff <jeff.fan@intel.com> Reviewed-by: Ni, Ruiyu <ruiyu.ni@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15416 6f19259b-4bc3-4df7-8a09-765794883524
2014-03-28Check the input file pointer before use it.Eric Dong
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Guo, Dong <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15412 6f19259b-4bc3-4df7-8a09-765794883524
2014-03-28SecurityPkg Variable: Add NULL pointer check.Star Zeng
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Guo Dong <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15409 6f19259b-4bc3-4df7-8a09-765794883524
2014-03-27Remove hide TPM support.Dong Guo
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> Reviewed-by: Ni, Ruiyu <ruiyu.ni@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15405 6f19259b-4bc3-4df7-8a09-765794883524
2014-03-27Calculate enough space for 2 variables (public key and variable data) ↵Dong Guo
instead of directly setting them 1 by 1. Fixed a bug in public key reclaim(). Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> Reviewed-by: Zeng, Star <star.zeng@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15404 6f19259b-4bc3-4df7-8a09-765794883524
2014-03-25MdeModulePkg/SecurityPkg Variable: Calculate enough space for PlatformLang ↵Star Zeng
and Lang variables and use PcdUefiVariableDefaultLangDeprecate to turn off auto update between PlatformLang and Lang variables. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Guo Dong <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15388 6f19259b-4bc3-4df7-8a09-765794883524
2014-03-23Comment PwdCredential driver.Dong Guo
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15376 6f19259b-4bc3-4df7-8a09-765794883524
2014-03-21Fix current TPM device string missing. Use efivarstore instead of varstor, ↵Jiewen Yao
remove TPM disable. Signed-off-by: Jiewen Yao <Jiewen.yao@intel.com> Reviewed-by: Guo Dong <Guo.Dong@intel.com> Reviewed-by: Liming Gao <Liming.Gao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15360 6f19259b-4bc3-4df7-8a09-765794883524
2014-03-21Force UID modules build error to warn user that currently it is just a sample.Dong Guo
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15356 6f19259b-4bc3-4df7-8a09-765794883524
2014-03-20MdeModulePkg/SecurityPkg Variable: Return error status to avoid ↵Star Zeng
inconsistency between PlatformLang and Lang. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15340 6f19259b-4bc3-4df7-8a09-765794883524
2014-03-19Fix the return value bug when updating public key database variable failure.Dong Guo
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15339 6f19259b-4bc3-4df7-8a09-765794883524
2014-03-17Add comments for PcdHideTpmSupport.Dong Guo
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15334 6f19259b-4bc3-4df7-8a09-765794883524
2014-03-17Remove unnecessary dependency in variable driver.Dong Guo
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Gao, Liming <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15332 6f19259b-4bc3-4df7-8a09-765794883524
2014-03-17Fix the return status when physical presence variable and ↵Dong Guo
MemoryOverwriteRequestControl variable are corrupt. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15329 6f19259b-4bc3-4df7-8a09-765794883524
2014-03-07Remove unused variable attribute flag.jyao1
Signed off by: Jiewen Yao <jiewen.yao@intel.com> Reviewed by: Jeff Fan <jeff.fan@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Contributed-under: TianoCore Contribution Agreement 1.0 git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15321 6f19259b-4bc3-4df7-8a09-765794883524
2014-01-28Add description information for the GUID and Library class defined in DEC fileDong Guo
Signed-off-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Gao, Liming <liming.gao@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15194 6f19259b-4bc3-4df7-8a09-765794883524
2014-01-24Update Module BaseName to avoid the same name. Gao, Liming
Signed-off-by: Gao, Liming <liming.gao@intel.com> Reviewed-by: Dong, Guo <guo.dong@intel.com> Reviewed-by: Fu, Siyuan <siyuan.fu@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15175 6f19259b-4bc3-4df7-8a09-765794883524
2014-01-23Fix PCD help information format and a typo.Dong Guo
Signed-off-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Gao, Liming <liming.gao@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15171 6f19259b-4bc3-4df7-8a09-765794883524
2014-01-13Fix typo in PCD description in SecurityPkg.jyao1
Signed-off by: jiewen yao <jiewen.yao@intel.com> Reviewed by: guo dong <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15105 6f19259b-4bc3-4df7-8a09-765794883524
2014-01-10Upgrade package version to 0.93Dong Guo
Signed-off-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Tian, Hot <hot.tian@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15081 6f19259b-4bc3-4df7-8a09-765794883524
2014-01-09Return to BMM page if parse the file info failed.Eric Dong
Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Siyuan Fu <siyuan.fu@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15067 6f19259b-4bc3-4df7-8a09-765794883524
2014-01-08Rollback the patch 15054.Eric Dong
Signed-off-by: Eric Dong <eric.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15059 6f19259b-4bc3-4df7-8a09-765794883524
2014-01-07Not update the status until parse the file info success.Eric Dong
Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15054 6f19259b-4bc3-4df7-8a09-765794883524
2013-12-11Correct INF file to make module pass ICC compiler.Liming Gao
Signed-off-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14961 6f19259b-4bc3-4df7-8a09-765794883524
2013-12-02Update DEC file and DxeImageVerificationLib to note user that ↵Fu Siyuan
ALLOW_EXECUTE_ON_SECURITY_VIOLATION is no longer supported. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong, Guo <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14923 6f19259b-4bc3-4df7-8a09-765794883524
2013-11-29Upgrade TPM SSDT version from ACPI version 1 (ACPI 1.0 compatible) to ↵Dong Guo
version 2 (ACPI 5.0 compatible). Signed-off-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Yao, Jiewen <jiewen.yao@intel.com> Reviewed-by: Fu, Siyuan <siyuan.fu@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14919 6f19259b-4bc3-4df7-8a09-765794883524
2013-11-27Makes DxeDeferImageLoadLib not depend on Dong Guo
Signed-off-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ni, Ruiyu <ruiyu.ni@intel.com> Reviewed-by: Ouyang, Qian <qian.ouyang@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14905 6f19259b-4bc3-4df7-8a09-765794883524
2013-11-25Refine the Secure Boot UI driver to input the GUID and varstroe name when ↵Fu Siyuan
using HiiSetBrowserData/HiiGetBrowserData. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong, Eric <eric.dong@intel.com> Reviewed-by: Dong, Guo <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14897 6f19259b-4bc3-4df7-8a09-765794883524
2013-11-21Fix coding style problem in RngDxe driver.Long, Qin
Signed-off-by: Long, Qin <qin.long@intel.com> Reviewed-by: Fu, Siyuan <siyuan.fu@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14878 6f19259b-4bc3-4df7-8a09-765794883524
2013-11-19Add UEFI RNG Protocol support. The driver will leverage Intel Secure Key ↵Long, Qin
technology to produce the Random Number Generator protocol, which is used to provide high-quality random numbers for use in applications, or entropy for seeding other random number generators. Refer to http://software.intel.com/en-us/articles/intel-digital-random-number-generator-drng-software-implementation-guide/ for more information about Intel Secure Key technology. Signed-off-by: Long, Qin <qin.long@intel.com> Reviewed-by: Fu, Siyuan <siyuan.fu@intel.com> Reviewed-by: Rosenbaum, Lee G <lee.g.rosenbaum@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14858 6f19259b-4bc3-4df7-8a09-765794883524