summaryrefslogtreecommitdiff
path: root/SecurityPkg
AgeCommit message (Collapse)Author
2013-08-19MdePkg/MdeModulePkg/SecurityPkg Variable: Forbid creation of non-spec ↵Star Zeng
variables in EFI_GLOBAL_VARIABLE namespace. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14560 6f19259b-4bc3-4df7-8a09-765794883524
2013-08-16MdeModulePkg/SecurityPkg Variable: If a preexisting variable is rewritten ↵Star Zeng
with different attributes, SetVariable() shall not modify the variable and shall return EFI_INVALID_PARAMETER. Two exceptions to this rule: 1. No access attributes specified 2. The only attribute differing is EFI_VARIABLE_APPEND_WRITE Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14552 6f19259b-4bc3-4df7-8a09-765794883524
2013-08-09Change EFI_TCG_EVENT_HOB_GUID value to avoid the duplicated GUID value with ↵Shumin Qiu
EFI_LEGACY_BIOS_GUID. Signed-off-by: Shumin Qiu <shumin.qiu@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14536 6f19259b-4bc3-4df7-8a09-765794883524
2013-08-08Checks the length of the file name to avoid illegal access.Gary Ching-Pang Lin
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Gary Ching-Pang Lin <glin@suse.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com> Reviewed-by: Guo Dong <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14531 6f19259b-4bc3-4df7-8a09-765794883524
2013-07-26Update all the code to consume the ConvertDevicePathToText, ↵Ruiyu Ni
ConvertDevicePathNodeToText, ConvertTextToDevicePath and ConvertTextToDeviceNode APIs in DevicePathLib. Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> Reviewed-by: Elvin Li <elvin.li@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jaben Carsey <jaben.carsey@intel.com> Reviewed-by: Guo Dong <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14505 6f19259b-4bc3-4df7-8a09-765794883524
2013-07-11SecurityPkg Variable: Add the check for PcdFlashNvStorageVariableSize <= ↵Star Zeng
PcdFlashNvStorageFtwSpareSize. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14464 6f19259b-4bc3-4df7-8a09-765794883524
2013-07-03SecurityPkg: Variable drivers robustly handle crashes during Reclaim().Star Zeng
PEI variable implementation checks only the variable header signature for validity. This does not seem robust if system crash occurred during previous Reclaim() operation. If the crash occurred while FTW was rewriting the variable FV, the signature could be valid even though the rest of the FV isn't valid. Solution: PEI variable and early phase(before FTW protocol ready) of DXE variable can check the FTW last write status provided by FaultTolerantWritePei and determine if all or partial variable data has been backed up in spare block, and then use the backed up data. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14455 6f19259b-4bc3-4df7-8a09-765794883524
2013-06-17The list of locked variables is traversed at runtime, hence we mustLaszlo Ersek
convert the list when transferring from physical to virtual mode. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14425 6f19259b-4bc3-4df7-8a09-765794883524
2013-06-17Revert the changes made in 14403 because it incorrectly changed the EOL.Ruiyu Ni
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14424 6f19259b-4bc3-4df7-8a09-765794883524
2013-06-14The list of locked variables is traversed at runtime, hence we mustLaszlo Ersek
convert the list when transferring from physical to virtual mode. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14403 6f19259b-4bc3-4df7-8a09-765794883524
2013-06-06Fix overflow issue in TcgProtocolChao Zhang
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by : Yao Jiewen <jiewen.yao@intel.com> Reviewed-by : Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14396 6f19259b-4bc3-4df7-8a09-765794883524
2013-05-21Fix the TOCTOU issue of CommBufferSize itself for SMM communicate handler input.lzeng14
Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14379 6f19259b-4bc3-4df7-8a09-765794883524
2013-05-20Add the EDKII_VARIABLE_LOCK_PROTOCOL implementation in SecurityPkg variable ↵niruiyu
drivers. Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14378 6f19259b-4bc3-4df7-8a09-765794883524
2013-05-17Fix a bug that “SecureBoot” varaible will be updated to NV+AT attribute ↵sfu5
incorrectly. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ni Ruiyu <ruiyu.ni@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14375 6f19259b-4bc3-4df7-8a09-765794883524
2013-05-17Pop up error message when user tries to enroll an invalid certificate file ↵sfu5
into KEK/DB/DBX. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14373 6f19259b-4bc3-4df7-8a09-765794883524
2013-05-13Update Code to pass EBC compiler.lgao4
Signed-off-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14352 6f19259b-4bc3-4df7-8a09-765794883524
2013-05-071. Fix TOCTOU issue in VariableSmm, FtwSmm, FpdtSmm, SmmCorePerformance SMM ↵lzeng14
handler. For VariableSmm, pre-allocate a mVariableBufferPayload buffer with mVariableBufferPayloadSize(match with mVariableBufferPayloadSize in VariableSmmRuntimeDxe) to hold communicate buffer payload to avoid TOCTOU issue. 2. Add check to ensure CommBufferPayloadSize not exceed mVariableBufferPayloadSize or is enough to hold function structure in VariableSmm and FtwSmm. 3. Align FtwGetLastWrite() in FaultTolerantWriteSmmDxe.c to FtwGetLastWrite() in FaultTolerantWrite.c. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14325 6f19259b-4bc3-4df7-8a09-765794883524
2013-05-02Fix memory overflow & VariableSize check issue for SetVariable append write.czhang46
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by : Fu Siyuan <siyuan.fu@intel.com> Reviewed-by : Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14323 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-251. Use the check IsAddressValid() to prevent SMM communication buffer ↵lzeng14
overflow in SmmVariable, FtwSmm, FpdtSmm, SmmCorePerformance and SmmBaseHelper, and add check to prevent InfoSize overflows in SmmVariableHandler. 2. Refine the debug message. 3. Add check to make sure the input VariableName is A Null-terminated string. 4. Use local variable to hold StrSize (VariableName) to avoid duplicated StrSize calculation. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14317 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-25Check for NULL pointer before free it.sfu5
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14316 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-22Fix potential overflow for SetVariable interfaceczhang46
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by : Guo Dong <dong.guo@intel.com> Reviewed-by : Siyuan Fu <siyuan.fu@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14305 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-19Fix a potential SMM memory dump issue. If pass communication buffer with ↵czhang46
DataBuffer to SMM SetVariable which is big enough to cover SMM range. Then GetVariable can dump SMM memory contents. Add more range check for SetVariable Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by : Dong Guo <guo.dong@intel.com> Reviewed-by : Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14292 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-18Update code not to block application/driver load when event log is full.gdong1
Signed-off-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14283 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-15Fix SMM Variable driver stack GetVariable return INVALID_PARAMETER when ↵czhang46
DataSize is bigger than SMM communication buffer. Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by : Dong Guo <guo.dong@intel.com> Reviewed-by : Fu Siyuan <siyuan.fu@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14276 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-12Update SMM variable DXE driver GetNextVariable interface to comply with UEFI ↵czhang46
spec VariableNameSize is the returned buffer size. GetNextVariable should behavior correct if it is bigger than SMM communication buffer or less than string size of VariableName. Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by : Dong Guo <guo.dong@intel.com> Reviewed-by : Fu Siyuan <siyuan.fu@intel.com> Reviewed-by : Zeng Star <star.zeng@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14258 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-12Update secure boot UI driver to handle “reset to default” hot key.sfu5
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14257 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-08If DataSize or VariableNameSize is near MAX_ADDRESS, this can cause the ↵lzeng14
computed PayLoadSize to overflow to a small value and pass the check in InitCommunicateBuffer(). To protect against this vulnerability, check DataSize and VariableNameSize to make sure PayloadSize doesn't overflow. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14252 6f19259b-4bc3-4df7-8a09-765794883524
2013-03-06Fix a bug that IsSignatureFoundInDatabase() incorrectly computes CertCount.sfu5
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14165 6f19259b-4bc3-4df7-8a09-765794883524
2013-02-21Update the DxeImageVerificationLib to support for Authenticode-signed UEFI ↵sfu5
images with multiple signatures. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14141 6f19259b-4bc3-4df7-8a09-765794883524
2013-02-21Add error handling code to prevent variable store corruption in release build.sfu5
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14139 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-25Check the input VaraibleName for db/dbx when appending variables with ↵sfu5
formatted as EFI_SIGNATURE_LIST. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14087 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-25Check for NULL pointer before dereference it.sfu5
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14086 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-25Variables with state VAR_ADDED&VAR_IN_DELETED_TRANSITION should be ↵lzeng14
considered as valid variables if there is no duplicated ones with VAR_ADDED state. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14085 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-25Add NULL pointer check.lzeng14
Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14084 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-25Fix infinite loop bug in secure boot UI driver.sfu5
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14082 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-24Fix TPM may be locked twice issue in normal boot.gdong1
Signed-off-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14079 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-181. Update the logic of UpdateVariable() for updating variable from:lzeng14
set old variable to IN_DELETED_TRANSITION -> check if reclaim is needed(If yes, do reclaim) -> add new variable -> set old variable to DELETED if no reclaim happened. to: set old variable to IN_DELETED_TRANSITION -> check if reclaim is needed(If yes, do reclaim) -> add new variable -> set old variable to DELETED. 2. Update UpdateVariable() to correctly handle the case "both ADDED and IN_DELETED_TRANSITION variable are present", and delete both old ADDED and IN_DELETED_TRANSITION variable when deleting or updating variable. 3. Update VariableServiceGetNextVariableName() to return the valid IN_DELETED_TRANSITION variable if only IN_DELETED_TRANSITION variable is present. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14065 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-15Fix the issue that RuntimeServiceQueryVariableInfo() in ↵lzeng14
VariableSmmRuntimeDxe always return EFI_SUCCESS. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14050 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-091. Set the secure boot state to Standard Mode when user leaving secure boot ↵sfu5
setup page. 2. Add “Current SecureBoot State” field to reflect current secure boot status of the platform. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14042 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-09Fix a bug that the invalid public key will never be removed from public key ↵sfu5
database. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14041 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-08Add the TPL raise/restore code for VariableSmmRuntimeDxe to avoid variable ↵lzeng14
services reentry. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14038 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-041. Don't assume that flush the HOB variable to flash must be successful.lzeng14
2. When no DELETED variable found, no variable space could be reclaimed, so just give some debug info and return EFI_SUCCESS. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14029 6f19259b-4bc3-4df7-8a09-765794883524
2012-12-12Use SMM_VARIABLE_COMMUNICATE_HEADER_SIZE instead of OFFSET_OF ↵lzeng14
(SMM_VARIABLE_COMMUNICATE_HEADER, Data). Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Ting Ye <ting.ye@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13993 6f19259b-4bc3-4df7-8a09-765794883524
2012-12-12Add a NULL string to the Image Execution Information Table if the Name is ↵sfu5
NULL in function AddImageExeInfo(). Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13990 6f19259b-4bc3-4df7-8a09-765794883524
2012-11-29Fix Gcc build errorczhang46
Signed-off-by: Chao Zhang<chao.b.zhang@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13978 6f19259b-4bc3-4df7-8a09-765794883524
2012-11-28Fix coding style issueczhang46
Signed-off-by : Chao Zhang <chao.b.zhang@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13976 6f19259b-4bc3-4df7-8a09-765794883524
2012-11-28Move the declaration of gEfiCertDbGuid to the package's Include folder.sfu5
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13975 6f19259b-4bc3-4df7-8a09-765794883524
2012-11-28Measure Processor location as system identity to PCR[1] according to Tcg ↵czhang46
server spec Signed-off-by : Chao Zhang<chao.b.zhang@intel.com> Reviewed-by : Dong Guo<guo.dong@intel.com> Reviewed-by : Yao Jiewen<jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13971 6f19259b-4bc3-4df7-8a09-765794883524
2012-11-271.Measure ACPI table data comes from flash event type EV_POST_CODE ACPI DATA ↵czhang46
to PCR[0] 2.Re-measure ACPI table after fix up with event type EV_EFI_HANDOFF_TABLES to PCR[1] Signed-off-by : Chao Zhang<chao.b.zhang@intel.com> Reviewed-by : Dong Guo<guo.dong@intel.com> Reviewed-by : Yao Jiewen<jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13964 6f19259b-4bc3-4df7-8a09-765794883524
2012-11-211. Correct the counter-based hash algorithm according to UEFI spec.sfu5
2. Check the reserverd bit in variable attribute. 3. Return EFI_OUT_OF_RESOURCE instead of EFI_SECURITY_VIOLATION if there is not enough speace to store the public key. 4. Fix a bug when deleting a non-existent time-based auth variable, we store the certificate into cert DB incorrectly. 5. Fix a bug that time-based auth variable can't been updated again after append operation. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13957 6f19259b-4bc3-4df7-8a09-765794883524
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-01 14:34:45 +0000