The PeCoffLoaderGetImageInfo() function may return various error codes,
such as RETURN_INVALID_PARAMETER and RETURN_UNSUPPORTED.
Such error values should not be assigned to our "Status" variable in the
DxeImageVerificationHandler() function, because "Status" generally stands
for the main exit value of the function. And
SECURITY2_FILE_AUTHENTICATION_HANDLER functions are expected to return one
of EFI_SUCCESS, EFI_SECURITY_VIOLATION, and EFI_ACCESS_DENIED only.
Introduce the "PeCoffStatus" helper variable for keeping the return value
of PeCoffLoaderGetImageInfo() internal to the function. If
PeCoffLoaderGetImageInfo() fails, we'll jump to the "Done" label with
"Status" being EFI_ACCESS_DENIED, inherited from the top of the function.
Note that this is consistent with the subsequent PE/COFF Signature check,
where we jump to the "Done" label with "Status" having been re-set to
EFI_ACCESS_DENIED.
As a consequence, we can at once remove the
Status = EFI_ACCESS_DENIED;
assignment right after the "PeCoffStatus" check.
This patch does not change the control flow in the function, it only
changes the "Status" outcome from API-incompatible error codes to
EFI_ACCESS_DENIED, under some circumstances.
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2129
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20200116190705.18816-4-lersek@redhat.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
[lersek@redhat.com: push with Mike's R-b due to Chinese New Year
Holiday: <https://edk2.groups.io/g/devel/message/53429>; msgid
<d3fbb76dabed4e1987c512c328c82810@intel.com>]
Add MM_STANDALONE to the list of module types that are permitted to
link to this library. Also, since the constructor prototype is
different between MM_STANDALONE and DXE_DRIVER type libraries,
convert the library into BASE type.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
AuthVariableLib library can be used by MM_STANDALONE drivers as well.
So add MM_STANDALONE to the list of module types this library supports.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
After admin password reach the TryLimit value, code logic will direct return
error password result no matter which password been inputted. So even correct
user password will return TryLimit error.
Now update code logic to also check user password. Only when both user/admin
password reach the TryLimit count, code will return exceed TryLimit error.
Change-Id: I17fbd1425b77150eb933a5002a1f87a0f0032e9b
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Hao Wu <hao.a.wu@intel.com>
Add SHA384, 512 Hash lib support. Now only CryptoPkg support PEI/DXE
version.
Cc: Long Qin <qin.long@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Zhang Chao B <chao.b.zhang@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
Caller need to known this error to handle specially, but current
error status not has specified value for this type. In order to
keep compatibility, here use TcgResultFailureInvalidType as an
replacement.
Cc: Hao Wu <hao.a.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Hao Wu <hao.a.wu@intel.com>
Removing rules for Ipf sources file:
* Remove the source file which path with "ipf" and also listed in
[Sources.IPF] section of INF file.
* Remove the source file which listed in [Components.IPF] section
of DSC file and not listed in any other [Components] section.
* Remove the embedded Ipf code for MDE_CPU_IPF.
Removing rules for Inf file:
* Remove IPF from VALID_ARCHITECTURES comments.
* Remove DXE_SAL_DRIVER from LIBRARY_CLASS in [Defines] section.
* Remove the INF which only listed in [Components.IPF] section in DSC.
* Remove statements from [BuildOptions] that provide IPF specific flags.
* Remove any IPF sepcific sections.
Removing rules for Dec file:
* Remove [Includes.IPF] section from Dec.
Removing rules for Dsc file:
* Remove IPF from SUPPORTED_ARCHITECTURES in [Defines] section of DSC.
* Remove any IPF specific sections.
* Remove statements from [BuildOptions] that provide IPF specific flags.
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Chen A Chen <chen.a.chen@intel.com>
Reviewed-by: Chao B Zhang <chao.b.zhang@intel.com>
1. Do not use tab characters
2. No trailing white space in one line
3. All files must end with CRLF
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Liming Gao <liming.gao@intel.com>
Function definition different with function implementation
caused this build failure. Change code to make them
consistent to pass the build.
Done Unit Test:
1. Pass GCC build.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Hao Wu <hao.a.wu@intel.com>
PcdRsa2048Sha256PublicKeyBuffer is referenced but not used in the
library, that makes me a little confusing.
Actually, the PublicKeyData should be from the caller of
AuthenticateFmpImage() as input parameter, for example
EdkiiSystemCapsuleLib.
This patch is to remove the PCD reference in this library instance
to be aligned with FmpAuthenticationLibPkcs7 that does not reference
PcdPkcs7CertBuffer.
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
TPM2.0 command lib always assumes TPM device and transmission channel can
respond correctly. But it is not true when communication channel is exploited
and wrong data is spoofed. Add more logic to prohibit memory overflow attack.
Cc: Long Qin <qin.long@intel.com>
Cc: Yao Jiewen <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
Boolean values do not need to use explicit comparisons
to TRUE or FALSE.
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
Reviewed-by:Chao Zhang <chao.b.zhang@intel.com>
According to TCG PP1.3 spec, error PCR bank allocation input should be
rejected by Physical Presence. Firmware has to ensure that at least one
PCR banks is active.
Cc: Long Qin <qin.long@intel.com>
Cc: Yao Jiewen <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
The function Pkcs7GetSigners return certificate stack as binary buffer.
Use EFI_CERT_DATA to parsing certificate stack more clearly, and access
certificate by the field of EFI_CERT_DATA structure.
Cc: Long Qin <qin.long@intel.com>
Cc: Zhang Chao <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: chenc2 <chen.a.chen@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
Reviewed-by: Zhang Chao <chao.b.zhang@intel.com>
Remove counter based auth variable support. also modify several function
descriptors to accommodate the change
Cc: Long Qin <qin.long@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
