sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
22,534 Commits 13 Branches 33 Tags
1958124a6cb0b48a3b6e78726fbbac95e77f2408
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Laszlo Ersek 1958124a6c OvmfPkg: fix dynamic default for oprom verification policy PCD without SB 
I missed the following, both while reviewing and while testing commit
6041ac65ae ("OvmfPkg/PlatformPei: DENY_EXECUTE_ON_SECURITY_VIOLATION
when SEV is active", 2017-10-05):

If "-D SECURE_BOOT_ENABLE" is not passed on the "build" command line, then
OVMF has no dynamic default at all for
"PcdOptionRomImageVerificationPolicy". This means that the PcdSet32S()
call added in the subject commit doesn't even compile:

> OvmfPkg/PlatformPei/AmdSev.c: In function 'AmdSevInitialize':
> OvmfPkg/PlatformPei/AmdSev.c:67:3: error: implicit declaration of
> function '_PCD_SET_MODE_32_S_PcdOptionRomImageVerificationPolicy'
> [-Werror=implicit-function-declaration]
>    PcdStatus = PcdSet32S (PcdOptionRomImageVerificationPolicy, 0x4);
>    ^
> cc1: all warnings being treated as errors

Make the current, SB-only, 0x00 dynamic default unconditional.

This is the simplest approach, and it reflects the intent of original
commit 1fea9ddb4e ("OvmfPkg: execute option ROM images regardless of
Secure Boot", 2016-01-07). Without SECURE_BOOT_ENABLE,
"SecurityPkg/Library/DxeImageVerificationLib" is not used anyway, so the
PCD is never read.

This issue was first caught and reported by Gerd Hoffmann
<kraxel@redhat.com>'s Jenkins CI. Later it was also reported in
<https://bugzilla.tianocore.org/show_bug.cgi?id=737>.

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Fixes: 6041ac65ae
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
[lersek@redhat.com: trim commit message as suggested by Jordan]
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
[lersek@redhat.com: add reference to TianoCore BZ#737]
2017-10-19 10:41:09 +02:00
AppPkg
AppPkg/WebServer: Fix build failure.
2017-09-14 08:55:09 +08:00
ArmPkg
ArmPkg/ArmSvcLib: Add ArmSvcLib implementation.
2017-10-06 22:35:41 +01:00
ArmPlatformPkg
ArmPlatformPkg: Store initial timer value
2017-10-10 17:30:39 +01:00
ArmVirtPkg
ArmVirtPkg ArmVirtDxeHobLib: Implement BuildFv3Hob
2017-10-10 20:54:48 +08:00
BaseTools
BaseTools/BuildEnv: override "set -C" (noclobber) in sourcing shell env
2017-10-18 11:34:03 +02:00
BeagleBoardPkg
BeagleBoardPkg: switch to generic non-coherent DmaLib
2017-08-30 14:13:58 +01:00
Conf
EDK II: Add .gitignore
2014-10-14 16:08:15 +00:00
CorebootModulePkg
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
CorebootPayloadPkg
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
CryptoPkg
CryptoPkg: Add new API to retrieve commonName of X.509 certificate
2017-09-25 00:06:41 +08:00
DuetPkg
DuetPkg: Fix Xcode 9 Beta treating 32-bit left shift as undefined
2017-08-11 08:44:54 +08:00
EdkCompatibilityPkg
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
EdkShellBinPkg
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
EdkShellPkg
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
EmbeddedPkg
EmbeddedPkg PrePiHobLib: Implement BuildFv3Hob
2017-10-10 20:54:47 +08:00
EmulatorPkg
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
FatBinPkg
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
FatPkg
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
IntelFrameworkModulePkg
IntelFrameworkModulePkg/LegacyBiosDxe: Fix GCC5 build warning
2017-10-12 10:14:58 +08:00
IntelFrameworkPkg
IntelFrameworkPkg PeiHobLibFramework: Implement BuildFv3Hob
2017-10-10 20:54:37 +08:00
IntelFsp2Pkg
IntelFsp2Pkg: Update Section Name in INF files
2017-10-10 18:10:23 +08:00
IntelFsp2WrapperPkg
IntelFsp2WrapperPkg: Update Protocol/Guid usage in INF files
2017-10-10 18:10:24 +08:00
IntelFspPkg
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
IntelFspWrapperPkg
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
IntelSiliconPkg
IntelSiliconPkg/VTdPmrPei: Add EndOfPei callback for S3
2017-09-23 16:14:30 +08:00
MdeModulePkg
MdeModulePkg: Update RuntimeDxe Crc32 to check the input parameter
2017-10-16 11:23:07 +08:00
MdePkg
SecurityPkg/Pkcs7Verify: Add the comments to address security problem
2017-10-18 23:03:38 +08:00
NetworkPkg
NetworkPkg: Update Protocol/Guid usage in INF file to match source code logic
2017-10-10 18:10:21 +08:00
Nt32Pkg
Nt32Pkg: Enable UDF file system support
2017-09-08 20:43:05 +02:00
Omap35xxPkg
Omap35xxPkg: switch to EmbeddedPkg's NonCoherentDmaLib
2017-08-30 14:13:47 +01:00
OptionRomPkg
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
OvmfPkg
OvmfPkg: fix dynamic default for oprom verification policy PCD without SB
2017-10-19 10:41:09 +02:00
PcAtChipsetPkg
PcAtChipsetPkg: Update GUID usage in PcRtc INF to match the source code
2017-10-10 18:10:18 +08:00
PerformancePkg
PerformancePkg DP: Init CustomCumulativeData.MinDur
2017-08-14 16:55:44 +08:00
QuarkPlatformPkg
QuarkPlatformPkg/Readme.md: Bring Readme.md up to date
2017-08-10 09:44:24 -07:00
QuarkSocPkg
QuarkSocPkg/QNCSmmDispatcher: Fix use after free issue #2
2017-08-16 19:42:17 -07:00
SecurityPkg
SecurityPkg/Pkcs7Verify: Add the comments to address security problem
2017-10-18 23:03:38 +08:00
ShellBinPkg
ShellBinPkg: AARCH64/ARM Shell binary update.
2017-08-31 15:41:59 +01:00
ShellPkg
ShellPkg/UefiShellLib: Use a more bright blue/green color
2017-10-17 09:59:50 +08:00
SignedCapsulePkg
SignedCapsulePkg: Update Guid usage in INF file to match source code logic
2017-10-10 18:10:21 +08:00
SourceLevelDebugPkg
SourceLevelDebugPkg: Update SmmDebugAgentLib to restore APIC timer
2017-10-16 11:23:16 +08:00
StdLib
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
StdLibPrivateInternalFiles
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
UefiCpuPkg
UefiCpuPkg/MtrrLib: Fix MtrrDebugPrintAllMtrrsWorker to avoid hang
2017-10-17 10:05:36 +08:00
UnixPkg
UnixPkg: Remove UnixPkg files (It is replaced by EmulatorPkg)
2013-07-29 21:09:55 +00:00
Vlv2DeviceRefCodePkg
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
Vlv2TbltDevicePkg
Vlv2TbltDevicePkg: Remove reference deprecated macro.
2017-08-07 15:28:13 +08:00
.gitignore
edk2: Add .DS_Store to .gitignore for macOS
2017-05-19 15:14:34 -07:00
BuildNotes2.txt
BaseTools: Updated BuildNotes URLs
2016-03-25 09:46:44 +08:00
Contributions.txt
edk2: Fix typo in Contributions.txt
2017-08-16 17:50:44 +08:00
Edk2Setup.bat
Edk2Setup.bat: Fix build errors from VS tools PREFIX ENV missing
2016-11-05 09:10:58 +08:00
edksetup.bat
BaseTools: suppress usage instructions with rebuild options
2017-07-04 10:16:13 +08:00
edksetup.sh
BaseTools/edksetup.sh: fix invalid test for current working directory
2017-08-10 12:54:58 +08:00
License.txt
edk2: Move License.txt file to root
2017-08-03 11:02:17 -07:00
Maintainers.txt
Maintainers.txt: add Xen reviewer for ArmVirtPkg
2017-09-26 23:23:50 +01:00
Readme.md
edk2: Add Readme.md to root of edk2 repository
2017-08-03 11:02:25 -07:00

Readme.md

EDK II Project

A modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications from www.uefi.org.

Contributions to the EDK II open source project are covered by the TianoCore Contribution Agreement 1.1

The majority of the content in the EDK II open source project uses a BSD 2-Clause License. The EDK II open source project contains the following components that are covered by additional licenses:

The EDK II Project is composed of packages. The maintainers for each package are listed in Maintainers.txt.

Resources

Description
Personal fork of https://github.com/system76/edk2
Readme 313 MiB
Languages
C 82.2%
Python 10.3%
Assembly 3.4%
Rich Text Format 1.8%
C++ 0.7%
Other 1.2%