sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
15,993 Commits 13 Branches 33 Tags
35bc88dddc79103e6ab8d87932b4e877582a2bc5
Commit Graph

49 Commits

Author SHA1 Message Date
Star Zeng
13af4ab065 SecurityPkg Variable: Support the new introduced PcdMaxAuthVariableSize. 
1. If PcdMaxAuthVariableSize is set to 0, keep current behavior as is and
PcdMaxVariableSize used.
2. If PcdMaxAuthVariableSize is set to non 0, it will work on
authenticated variables.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17610 6f19259b-4bc3-4df7-8a09-765794883524
 2015-06-10 07:52:12 +00:00
Chao Zhang
98e9d30f78 SecurityPkg Variable: Make PK & SecureBootMode consistent 
PK can be cleared in runtime. However SecureBootMode variable is not updated accordingly.  Add code in variable init to make them consistent.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17401 6f19259b-4bc3-4df7-8a09-765794883524
 2015-05-11 05:49:31 +00:00
Ard Biesheuvel
4ba30eded8 SecurityPkg: remove unused variables 
This removes various unused variables from SecurityPkg whose presence
is causing failed builds.

Contributed-under: TianoCore Contribution Agreement 1.0
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Olivier Martin <olivier.martin@arm.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>



git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17354 6f19259b-4bc3-4df7-8a09-765794883524
 2015-05-07 15:16:23 +00:00
Star Zeng
ba9d087b8f SecurityPkg Variable: Reuse scratch data area(at the end of volatile variable store) 
as serialization runtime buffer to reduce SMRAM consumption for SMM variable driver.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Guo Dong <guo.dong@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17059 6f19259b-4bc3-4df7-8a09-765794883524
 2015-03-17 06:41:40 +00:00
Star Zeng
856236cad7 SecurityPkg Variable: Update code in ProcessVariable () to 
check IsDeleteAuthVariable () first and then check
UserPhysicalPresent () to avoid the case below.

PcdSetXX (a DynamicHii PCD) -> gRT->SetVariable ()
-> UserPhysicalPresent () -> PcdGetXX () 

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17058 6f19259b-4bc3-4df7-8a09-765794883524
 2015-03-17 03:25:16 +00:00
Star Zeng
aef8cea9e4 SecurityPkg Variable: Initialize Status in ProcessVariable(). 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17048 6f19259b-4bc3-4df7-8a09-765794883524
 2015-03-13 08:49:09 +00:00
Star Zeng
f6c5031926 SecurityPkg Variable: Allow the delete operation of common auth variable at user physical presence. 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17042 6f19259b-4bc3-4df7-8a09-765794883524
 2015-03-13 01:24:16 +00:00
Qin Long
20333c6d56 UEFI 2.4 X509 Certificate Hash and RFC3161 Timestamp Verification support for Secure Boot 
Main ChangeLogs includes:
1. Introduce the new GUID and structure definitions for certificate hash and timestamp support;
2. Update Image Verification Library to support DBT signature checking;
3. Update the related SecureBoot Configuration Pages;

Contributed-under: TianoCore Contribution Agreement 1.0

Signed-off-by: Qin Long <qin.long@intel.com> 
Reviewed-by: Guo Dong <guo.dong@intel.com>
Reviewed-by: Siyuan Fu <siyuan.fu@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16380 6f19259b-4bc3-4df7-8a09-765794883524
 2014-11-14 08:41:12 +00:00
Chao, Zhang
36bdec3cd9 Add comments to clarify mPubKeyStore buffer MemCopy. There is no memory overflow issue. 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao, Zhang <chao.b.zhang@intel.com>
Reviewed-by: Yao, Jiewen <jiewen.yao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16227 6f19259b-4bc3-4df7-8a09-765794883524
 2014-10-22 07:30:22 +00:00
Chao, Zhang
8c83d0c0b9 Add PubKey index check before touching PubKey cache. Internal PubKey Variable PubkeyIndex is always 0, causing Index – 1 overflow. Update corresponding comments. 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao, Zhang <chao.b.zhang@intel.com>
Reviewed-by: Dong, Guo <guo.dong@intel.com>
Reviewed-by: Fu, Siyuan <siyuan.fu@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16220 6f19259b-4bc3-4df7-8a09-765794883524
 2014-10-21 00:35:49 +00:00
Dong, Guo
4ccef56102 1) Update code to use PcdFixedUsbCredentialProviderTokenFileName and PcdMaxVariableSize as patchable PCD instead of FixedAtBuild PCD. 
2)      Correct a typo in file comments of Tpm12Ownership.c

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dong, Guo <guo.dong@intel.com>
Reviewed-by: Gao, Liming <liming.gao@intel.com>
Reviewed-by: Yao, Jiewen <jiewen.yao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15811 6f19259b-4bc3-4df7-8a09-765794883524
 2014-08-15 08:10:55 +00:00
Eric Dong
d4193108b5 Update code to support VS2013 tool chain. 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15694 6f19259b-4bc3-4df7-8a09-765794883524
 2014-07-28 07:45:49 +00:00
Dong Guo
e3ff137e36 Add missing parameter comment in AddPubKeyInStore() 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Dong, Eric <eric.dong@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15426 6f19259b-4bc3-4df7-8a09-765794883524
 2014-04-01 06:02:10 +00:00
Dong Guo
9a12e5825a Calculate enough space for 2 variables (public key and variable data) instead of directly setting them 1 by 1. 
Fixed a bug in public key reclaim().

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
Reviewed-by: Zeng, Star <star.zeng@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15404 6f19259b-4bc3-4df7-8a09-765794883524
 2014-03-27 10:54:23 +00:00
Dong Guo
25da08c8b2 Fix the return value bug when updating public key database variable failure. 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15339 6f19259b-4bc3-4df7-8a09-765794883524
 2014-03-19 03:12:57 +00:00
Star Zeng
fddbbc661e SecurityPkg Variable: Remove mStorageData buffer allocation and use Scratch buffer instead to reduce SMRAM consumption. 
It can reduce MAX (PcdGet32 (PcdMaxVariableSize), PcdGet32 (PcdMaxHardwareErrorVariableSize)) size of SMRAM consumption.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Guo Dong <guo.dong@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14855 6f19259b-4bc3-4df7-8a09-765794883524
 2013-11-18 02:56:04 +00:00
Star Zeng
7baf3c69c5 MdeModulePkg and SecurityPkg Variable: Enhance code to use the new variable data instead of old variable data when variable reclaim. 
It can fix the potential failure to return EFI_OUT_OF_RESOURCES of the second variable set of large variable.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14822 6f19259b-4bc3-4df7-8a09-765794883524
 2013-11-04 03:13:54 +00:00
Fu Siyuan
5ecc20b553 Fix coding style issue. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14755 6f19259b-4bc3-4df7-8a09-765794883524
 2013-10-09 03:46:46 +00:00
Fu Siyuan
44446d10b0 Fix a bug about the “VendorKey” variable update logic. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14746 6f19259b-4bc3-4df7-8a09-765794883524
 2013-10-08 05:31:28 +00:00
Fu Siyuan
74b5fd7a11 Update the chaining requirements with regards to the Platform Key. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14661 6f19259b-4bc3-4df7-8a09-765794883524
 2013-09-12 05:26:15 +00:00
Fu Siyuan
a555940b2d Add “VendorKeys” variable for indicating out of band key modification. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14660 6f19259b-4bc3-4df7-8a09-765794883524
 2013-09-12 05:23:28 +00:00
sfu5
0ba17ade47 Fix a bug that “SecureBoot” varaible will be updated to NV+AT attribute incorrectly. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ni Ruiyu <ruiyu.ni@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14375 6f19259b-4bc3-4df7-8a09-765794883524
 2013-05-17 08:05:01 +00:00
czhang46
732d199d8f Fix memory overflow & VariableSize check issue for SetVariable append write. 
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by  : Fu Siyuan  <siyuan.fu@intel.com>
Reviewed-by  : Dong Guo   <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14323 6f19259b-4bc3-4df7-8a09-765794883524
 2013-05-02 01:42:39 +00:00
sfu5
ca5a7d87e3 Add error handling code to prevent variable store corruption in release build. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14139 6f19259b-4bc3-4df7-8a09-765794883524
 2013-02-21 01:35:22 +00:00
sfu5
f71ed839e1 1. Set the secure boot state to Standard Mode when user leaving secure boot setup page. 
2. Add “Current SecureBoot State” field to reflect current secure boot status of the platform.

Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14042 6f19259b-4bc3-4df7-8a09-765794883524
 2013-01-09 05:19:43 +00:00
sfu5
83758cdc84 Fix a bug that the invalid public key will never be removed from public key database. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14041 6f19259b-4bc3-4df7-8a09-765794883524
 2013-01-09 05:09:39 +00:00
sfu5
275beb2b53 1. Correct the counter-based hash algorithm according to UEFI spec. 
2. Check the reserverd bit in variable attribute.
3. Return EFI_OUT_OF_RESOURCE instead of EFI_SECURITY_VIOLATION if there is not enough speace to store the public key.
4. Fix a bug when deleting a non-existent time-based auth variable, we store the certificate into cert DB incorrectly.
5. Fix a bug that time-based auth variable can't been updated again after append operation.

Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13957 6f19259b-4bc3-4df7-8a09-765794883524
 2012-11-21 08:06:02 +00:00
gdong1
89be2b037f Fix time-based and count-based authenticated variable can be updated by each other without verification. 
Signed-off-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>



git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13848 6f19259b-4bc3-4df7-8a09-765794883524
 2012-10-15 06:08:22 +00:00
sfu5
42ed76042a 1. Fix a bug when comparing two timestamp in auth-variable driver. 
2. Remove the TimeCompare function in Bds since it's not used anymore.

Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13731 6f19259b-4bc3-4df7-8a09-765794883524
 2012-09-14 02:59:35 +00:00
sfu5
f6e233534e 1. Initialize certdb variable with correct value of list size. 
2. Use gloable database array instead of calling AllocateZeroPool in SetVariable.

Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13671 6f19259b-4bc3-4df7-8a09-765794883524
 2012-08-23 06:53:51 +00:00
sfu5
e77f9ef656 Use RsaGetPublicKeyFromX509() to validate the given X.509 certificate for PK/KEK/db/dbx database. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13553 6f19259b-4bc3-4df7-8a09-765794883524
 2012-07-25 02:01:58 +00:00
sfu5
05a643f91d 1. Remove extra attribute for SetupMode, SignatureSupport and SecureBoot variable. 
2. Allow the PK owner to update db/dbx variable directly.

Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13536 6f19259b-4bc3-4df7-8a09-765794883524
 2012-07-17 08:38:58 +00:00
sfu5
785d84ead0 Verify the provided PKpub is signed with its private key when enrolling a new PK variable in setup mode. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13531 6f19259b-4bc3-4df7-8a09-765794883524
 2012-07-13 06:12:58 +00:00
sfu5
8f8ca22e59 1. Reset system when user changes secure boot state in secure boot configuration form. 
2. Update the method to detect secure boot state in DxeImageVerificationLib and secure boot configuration driver.

Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13505 6f19259b-4bc3-4df7-8a09-765794883524
 2012-07-05 08:08:12 +00:00
jyao1
dc204d5a0f Add comment for modules which have external input. 
signed-off-by: jiewen.yao@intel.com
reviewed-by: guo.dong@intel.com
reviewed-by: ting.ye@intel.com
reviewed-by: liming.gao@intel.com
reviewed-by: elvin.li@intel.com



git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13446 6f19259b-4bc3-4df7-8a09-765794883524
 2012-06-12 08:28:43 +00:00
sfu5
8c1babfd28 Update auth-variable and secure boot UI driver to support only time-based PK, KEK and Signature Database variable variable according to UEFI Spec requirement. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13310 6f19259b-4bc3-4df7-8a09-765794883524
 2012-05-14 07:36:20 +00:00
sfu5
4e33001c6e Fixes buffer read overflow bugs in authenticated variable driver. 
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13298 6f19259b-4bc3-4df7-8a09-765794883524
 2012-05-09 10:45:09 +00:00
tye1
389c8779e8 Fix common AuthVariable protection issue. 
Signed-off-by: Ye Ting<ting.ye@intel.com>
Reviewed by: Fu, Siyuan <siyuan.fu@intel.com>
Reviewed by: Dong, Guo <guo.dong@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13204 6f19259b-4bc3-4df7-8a09-765794883524
 2012-04-23 06:17:17 +00:00
tye1
ed47ae0274 Update common authenticated variable (non PK/KEK/DB/DBX) support to comply with latest UEFI spec. 
Signed-off by: tye1
Reviewed-by: geekboy15a
Reviewed-by: sfu5
Reviewed-by: gdong1

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13157 6f19259b-4bc3-4df7-8a09-765794883524
 2012-03-31 04:42:20 +00:00
sfu5
ecc722ad41 1. Remove “Force clear PK” feature in AuthVarialbe driver. 
2. Update API ForceClearPK() to UserPhysicalPresent() in PlatformSecureLib.
2. Update SecureBootConfigDxe driver and AuthVariable driver to support Custom Secure Boot Mode feature.
3. Fix some bugs in AuthVariable driver.

Signed-off-by: sfu5
Reviewed-by: tye
Reviewed-by: gdong1

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13144 6f19259b-4bc3-4df7-8a09-765794883524
 2012-03-27 08:17:23 +00:00
gdong1
ae09f9796c Update SignatureSupport variable to reflect firmware capability. 
Signed-off-by: gdong1
Reviewed-by: tye
Reviewed-by: sfu5

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12843 6f19259b-4bc3-4df7-8a09-765794883524
 2011-12-13 08:49:48 +00:00
sfu5
855609196d 1. Fix a bug when verify the CertType GUID in authentication variable data payload. 
Signed-off-by: sfu5
Reviewed-by: tye1
Reviewed-by: gdong1

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12831 6f19259b-4bc3-4df7-8a09-765794883524
 2011-12-09 07:22:59 +00:00
gdong1
2e24814ac9 Update a return status for UEFI spec compliance. 
Signed-off-by: gdong1
Reviewed-by: tye

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12813 6f19259b-4bc3-4df7-8a09-765794883524
 2011-12-02 07:51:23 +00:00
sfu5
d912bad783 1. Check input PK/KEK variable data to make sure it is a valid EFI_SIGNATURE_LIST. 
Signed-off-by: sfu5
Reviewed-by: gdong1
Reviewed-by : czhan46


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12765 6f19259b-4bc3-4df7-8a09-765794883524
 2011-11-23 05:10:40 +00:00
gdong1
7aaf2fd67c Add debug information for secure boot test convenient. 
Signed-off-by: gdong1
Reviewed-by: tye
Reviewed-by: xdu2

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12660 6f19259b-4bc3-4df7-8a09-765794883524
 2011-11-04 05:41:06 +00:00
xdu2
2d3fb91987 SecurityPkg: Update VariableAuthenticated driver with following changes: 
1. Remove memory allocation code in runtime.
2. Exclude NULL terminator in VariableName for serialization data in time-based variable authentication.
3. Add support for enroll PK with WRITE_ACCESS attribute.
4. Initialize SetupMode variable with correct NV attribute.
5. Add support for APPEND_WRITE attribute for non-existing Variable.
6. Clear KEK, DB and DBX as well as PK when user request to clear platform keys.
7. Check duplicated EFI_SIGNATURE_DATA for Variable formatted as EFI_SIGNATURE_LIST when APPEND_WRITE attribute is set.
8. Not change SecureBoot Variable in runtime, only update it in boot time since this Variable indicates firmware operating mode.
9. Save time stamp of PK when PK is set with TIME_BASED_WRITE_ACCESS attribute in setup mode.
10. Update to use PcdMaxVariableSize instead of PcdMaxAppendVariableSize for append operation.

Signed-off-by: xdu2
Reviewed-by: tye

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12599 6f19259b-4bc3-4df7-8a09-765794883524
 2011-10-28 09:55:09 +00:00
qianouyang
beda2356f5 Enable/Disable Secured Boot by 'Secure Boot Configuration' Page which is under Setup browser. 
Signed-off-by: qianouyang
Reviewed-by: gdong1

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12586 6f19259b-4bc3-4df7-8a09-765794883524
 2011-10-28 03:46:20 +00:00
hhuan13
648f98d15b 1. Enhance AuthVar driver to avoid process corrupted certificate input. 
Signed-off-by: hhuan13
Reviewed-by: ftian

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12398 6f19259b-4bc3-4df7-8a09-765794883524
 2011-09-21 05:17:50 +00:00
gdong1
0c18794ea4 Add security package to repository. 
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12261 6f19259b-4bc3-4df7-8a09-765794883524
 2011-09-02 07:49:32 +00:00