AArd BiesheuvelSecurityPkg/RngDxe: fix warning about uninitialized variable
| 文件 | 最后提交记录 | 最后更新时间 |
|---|---|---|
SecurityPkg: Update libspdm This patch updates libspdm to pull in various bug fixes, but primarily commit ca4854be3325bd8fc7f2c714574d17aac2d4e13b which updates libspdm's MbedTLS submodule to v3.6.2, fixing CVE https://nvd.nist.gov/vuln/detail/CVE-2023-37920 there. This CVE does not affect libspdm or edk2, but automatic CVE scanning tools see the bad version of the certifi pip module in the edk2/libspdm code trees and flag these projects as failing. libspdm has been updated to pull in the newer MbedTLS that fixes this issue and this patch updates edk2 to pull in the newer libspdm. Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com> | 1 年前 | |
SecurityPkg: Secure Boot Drivers: Added common header files REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3910 This change added common header files to consumer drivers to unblock pipeline builds. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Min Xu <min.m.xu@intel.com> Signed-off-by: Kun Qin <kun.qin@microsoft.com> Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com> Acked-by: Michael Kubacki <michael.kubacki@microsoft.com> | 3 年前 | |
SecurityPkg: Optimization by moving PeiServicesLocatePpi outside loop This update refactors the code by moving the LocatePpi function call outside of the for loop where it was previously called repeatedly. By relocating the LocatePpi invocation outside of the loop, we improve the efficiency of the code by avoiding redundant lookups. Signed-off-by: Ashraf Ali <ashraf.ali.s@intel.com> | 1 年前 | |
SecurityPkg: Apply uncrustify changes REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3737 Apply uncrustify changes to .c/.h files in the SecurityPkg package Cc: Andrew Fish <afish@apple.com> Cc: Leif Lindholm <leif@nuviainc.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com> Reviewed-by: Jian J Wang <jian.j.wang@intel.com> | 4 年前 | |
Securitypkg/hddpassword: Update HddPasswordDxeInit to use Variable Policy REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4408 Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Maggie Chu <maggie.chu@intel.com> Cc: Kumar Rahul <rahul.r.kumar@intel.com> Signed-off-by: Linus Liu <linus.liu@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> | 3 年前 | |
SecurityPkg/Ppi: Add gEdkiiCcPpi for CC Measurement in PEI phase gEdkiiCcPpi is designed to support CC measurement in PEI phase. Cc: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com> Signed-off-by: Ceping Sun <cepingx.sun@intel.com> | 1 年前 | |
SecurityPkg/PeiTpmMeasurementLib: Support CC Measurement PeiTpmMeasurementLib is updated to support both TCG measurement and CC Measurement. gEfiPeiMasterBootModePpiGuid is removed from [Depex] because it is not needed for the library. Cc: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com> Signed-off-by: Ceping Sun <cepingx.sun@intel.com> | 1 年前 | |
SecurityPkg: Apply uncrustify changes REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3737 Apply uncrustify changes to .c/.h files in the SecurityPkg package Cc: Andrew Fish <afish@apple.com> Cc: Leif Lindholm <leif@nuviainc.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com> Reviewed-by: Jian J Wang <jian.j.wang@intel.com> | 4 年前 | |
SecurityPkg/RngDxe: fix warning about uninitialized variable ArmTrng.c: In function 'GenerateEntropy': ArmTrng.c:40:15: error: 'Status' may be used uninitialized in this function [-Werror=maybe-uninitialized] EFI_STATUS Status; ^~~~~~ cc1: all warnings being treated as errors Signed-off-by: Mike Maslenkin <mike.maslenkin@gmail.com> | 1 年前 | |
SecurityPkg/OpalPassword: fix HiiOpCodeHandle leak on error path Signed-off-by: Mike Maslenkin <mike.maslenkin@gmail.com> | 1 年前 | |
SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4117 - CVE 2022-36763 This commit contains the patch files and tests for DxeTpmMeasureBootLib CVE 2022-36763. Cc: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> | 2 年前 | |
SecurityPkg/SecureBootConfigDxe: Enhance help in Delete Signature page Currently "Delete Signature" Setup page lists enrolled signatures and each signature is shown with signature GUID (prompt) and type (help). It is possible for some signatures to be shown with same signature GUID and type. In this case, it is difficult to identify the target signature to delete. The update enhances help information to distinguish signatures. Signed-off-by: Phil Noh <Phil.Noh@amd.com> | 1 年前 | |
SecurityPkg: : Updating SecurityFixes.yaml after symbol rename Adding the new commit titles for the symbol renames Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Rahul Kumar <rahul1.kumar@intel.com> Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com> Message-Id: <5e0e851e97459e183420178888d4fcdadc2f1ae1.1705529990.git.doug.edk2@gmail.com> Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com> | 2 年前 | |
SecurityPkg/SecurityPkg.ci.yaml: Add PrEval CI config Adds an entry to the package's CI configuration file that enable policy 5 for stuart_pr_eval. With this Policy, all INFs used by the package are extracted from the provided DSC file and compared against the list of changed *.inf (INF) files in the PR. If there is a match, stuart_pr_eval will specify that this package is affected by the PR and needs to be tested. Signed-off-by: Joey Vagedes <joey.vagedes@gmail.com> | 1 年前 | |
SecurityPkg/Ppi: Add gEdkiiCcPpi for CC Measurement in PEI phase gEdkiiCcPpi is designed to support CC measurement in PEI phase. Cc: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com> Signed-off-by: Ceping Sun <cepingx.sun@intel.com> | 1 年前 | |
BaseTools: Add VS2022 XIPFLAGS BaseTools has a limitation that modules in FVs that are force rebased must have the same file and section alignment. This is intended for XIP modules. VS2019 and previous VS toolchains did not set 4k section alignment, but VS2022 does, in order for memory protections to be applied to images. This causes issues when building SEC and PEI modules on VS2022 as the file alignment is 0x20 but the section alignment is 0x1000, so BaseTools will fail to generate the FV. One option is to set the file alignment to 0x1000 for all of these files, but that is a large waste of space and is not feasible on some platforms that have limited flash space. The other option is to selectively set 0x20 as the section alignment for SEC and PEI modules, which is the approach GCC ARM/AARCH64 took. This is only an issue for building 64-bit PEI on x86 currently, as other architectures are not supported by VS2022 in edk2 yet. For IA32, the section alignment is set to 0x20 and so it matches the file alignment, however x64 PEI uses the X64 DLINK flags which have 0x1000 set. For other architectures that don't have the PEI/DXE architecture split, this is also an issue. This commit is required to use VS2022 as the default CI in edk2, as OvmfPkgX64.dsc will fail to build. Any platform with 64-bit PEI also requires this. This commit also updates CryptoPkg.dsc and SecurityPkg.dsc as they are setting custom section alignments. Continuous-integration-options: PatchCheck.ignore-multi-package Signed-off-by: Oliver Smith-Denny <osde@microsoft.com> | 1 年前 | |
SecurityPkg: SubClassTpm: Updated default value REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3966 This change updated the default value of TPM device subclass PCD to 0x010E0000 in order to match the definition of EFI_PERIPHERAL_TPM from PI specification v1.8. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Qi Zhang <qi1.zhang@intel.com> Cc: Rahul Kumar <rahul1.kumar@intel.com> Signed-off-by: Kun Qin <kuqin12@gmail.com> Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com> Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn> Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com> | 2 年前 | |
SecurityPkg: Replace BSD License with BSD+Patent License https://bugzilla.tianocore.org/show_bug.cgi?id=1373 Replace BSD 2-Clause License with BSD+Patent License. This change is based on the following emails: https://lists.01.org/pipermail/edk2-devel/2019-February/036260.html https://lists.01.org/pipermail/edk2-devel/2018-October/030385.html RFCs with detailed process for the license change: V3: https://lists.01.org/pipermail/edk2-devel/2019-March/038116.html V2: https://lists.01.org/pipermail/edk2-devel/2019-March/037669.html V1: https://lists.01.org/pipermail/edk2-devel/2019-March/037500.html Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com> Reviewed-by: Jian J Wang <jian.j.wang@intel.com> | 7 年前 |