summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2014-08-19MdeModulePkg/PartitionDxe: Simplify the error handling of ↵Sergey Isakov1-5/+2
DriverBindingSupported(). Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Sergey Isakov <isakov-sl@bk.ru> Reviewed-by: Feng Tian <feng.tian@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15828 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-19Refine the comments for the function header.Eric Dong2-6/+137
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15827 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-18UefiCpuPkg: Add ResetVector/FixupVtfJordan Justen2-0/+92
This implements the older VTF ResetVector code often used on EDK II IA32 & X64 platforms. This VTF requires build time fixups in order to find the SEC entry point. The BaseTools GenFv tool has code that patches the jump target of the reset vector code to match the entry point of the SEC image in the PEI Firmware Volume. v2: * Rename from OldVtf to FixupVtf * Use EDK II extension of .nasmb rather than .nasmbin Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jordan Justen <jordan.l.justen@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15826 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-18OvmfPkg/ResetVector: Remove pre-built binariesJordan Justen4-113/+0
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jordan Justen <jordan.l.justen@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15825 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-18OvmfPkg: Build OVMF ResetVector during EDK II build processJordan Justen7-9/+16
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jordan Justen <jordan.l.justen@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15824 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-18OvmfPkg: Support building OVMF's ResetVector during the EDK II buildJordan Justen2-0/+103
Using NASM we build OVMF's ResetVector as part of the EDK II build process. v2: * Use EDK II extension of .nasmb rather than .nasmbin Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jordan Justen <jordan.l.justen@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15823 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-18UefiCpuPkg VTF0 X64: Build page tables in NASM codeJordan Justen5-97/+108
Previously, we would build the page tables in Tools/FixupForRawSection.py. In order to let NASM build VTF0 from source during the EDK II build process, we need to move this into the VTF0 NASM code. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jordan Justen <jordan.l.justen@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15822 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-18UefiCpuPkg: Support building VTF0 ResetVector during the EDK II buildJordan Justen3-5/+50
Using NASM we build VTF0 as part of the EDK II build process. v2: * Use EDK II extension of .nasmb rather than .nasmbin Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jordan Justen <jordan.l.justen@intel.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15821 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-18BaseTools: Add rules to build NASM source file into a binaryJordan Justen2-0/+31
v2: * Use EDK II tool name of NASMB rather than NASMBIN * Use EDK II extension of .nasmb rather than .nasmbin v3: * Create listing file * Don't change into source directory * Add ENV(NASM_PREFIX) before nasm for NASM_PATH Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jordan Justen <jordan.l.justen@intel.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15820 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-18AppPkg/Applications/Python: Explicitly initialize variables before use to ↵Daryl McDaniel5-16/+18
keep newer compilers happy. Explicitly initialize variables before any potential use. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Daryl McDaniel <daryl.mcdaniel@intel.com> Reviewed-by: Jaben Carsey <Jaben.carsey@intel.com> Reviewed-by: Erik Bjorge <erik.c.bjorge@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15819 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-18ShellPkg: Fix EFI_SHELL_PROTOCOL to contain new members from UEFI Shell 2.1 specChris Phillips4-60/+40
- Removes EFI_SHELL_PROTOCOL21 - Adds RegisterGuidName, GetGuidName, GetGuidFromName, and GetEnvEx to EFI_SHELL_PROTOCOL Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chris Phillips <chrisp@hp.com> Reviewed-by: Jaben Carsey <jaben.carsey@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15818 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-18Update PeiCore to follow PI spec to retrieve GUIDED section data when ↵Gao, Liming2-5/+30
ExtractionPpi is not found. Enhance PeiCore Security Policy to check AuthenticationStatus when SecurityPpi is not found. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Gao, Liming <liming.gao@intel.com> Reviewed-by: Zeng, Star <star.zeng@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15817 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-18This patch is going to retire the top level makefile on BaseTools for ↵Hess Chen3-115/+190
supporting a pure binary build without any complier. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Hess Chen <hesheng.chen@intel.com> Reviewed-by: Yingke Liu <yingke.d.liu@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15816 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-18ShellPkg: Fix comments. Refine code style. Qiu Shumin5-12/+16
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Qiu Shumin <shumin.qiu@intel.com> Reviewed-by: Jaben Carsey <jaben.carsey@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15815 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-16MdePkg: library INF files should reference feature PCDs under [FeaturePcd]Laszlo Ersek2-2/+4
This patch updates users of PcdVerifyNodeInList and PcdValidateOrderedCollection. Suggested-by: Liming Gao <liming.gao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15814 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-16MdePkg: BaseOrderedCollectionRedBlackTreeLib: silence invalid VS2005 warningsLaszlo Ersek1-2/+2
VS2005 reports the following build failure: BaseOrderedCollectionRedBlackTreeLib.c(151) : warning C4244: 'return' : conversion from 'int' to 'BOOLEAN', possible loss of data BaseOrderedCollectionRedBlackTreeLib.c(840) : warning C4244: 'return' : conversion from 'int' to 'BOOLEAN', possible loss of data This is incorrect. The ISO C standard guarantees that the expressions in question can only return values 0 and 1, both of which can be represented by BOOLEAN (== UINT8, == unsigned char). Silence the incorrect warnings with explicit casts to BOOLEAN. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15813 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-16MdePkg: BaseOrderedCollectionRedBlackTreeLib: silence invalid gcc warningLaszlo Ersek1-0/+1
Gcc-4.4 reports the following build failure: BaseOrderedCollectionRedBlackTreeLib.c: In function 'OrderedCollectionInsert': BaseOrderedCollectionRedBlackTreeLib.c:586: error: 'Result' may be used uninitialized in this function This is incorrect. There are two areas of use of Result to consider: - In the very first while loop. The warning is likely not about this code area, because Result is assigned directly before use. - The last use of Result in the function. The build warning / error is incorrect. For Result to be uninitialized at that point, the very first while loop must not have been entered at all (because that loop assigns a value to Result). However, if that loop is never entered, then Parent is still NULL. And Parent==NULL implies that the use of Result is never reached, because we jump to the Done label just before it. Assign an irrelevant value of 0 to Result at the beginning of the function in order to silence the incorrect warning. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15812 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-151) Update code to use PcdFixedUsbCredentialProviderTokenFileName and ↵Dong, Guo6-21/+41
PcdMaxVariableSize as patchable PCD instead of FixedAtBuild PCD. 2) Correct a typo in file comments of Tpm12Ownership.c Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dong, Guo <guo.dong@intel.com> Reviewed-by: Gao, Liming <liming.gao@intel.com> Reviewed-by: Yao, Jiewen <jiewen.yao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15811 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-15Use string pointer instead string buffer to avoid string copy operation.Fu, Siyuan3-9/+14
Use CopyMem() to guarantee the NULL terminal will always be appended to the destination string. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Fu, Siyuan <siyuan.fu@intel.com> Reviewed-by: Yao, Jiewen <jiewen.yao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15810 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-15There is a limitation on WINDOWS OS for the length of entire file path ↵Hess Chen109-332/+702
can’t be larger than 255. There is an OS API provided by Microsoft to add “\\?\” before the path header to support the long file path. Enable this feature on basetools. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Hess Chen <hesheng.chen@intel.com> Reviewed-by: Yingke Liu <yingke.d.liu@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15809 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-14ShellPkg: Fix EFI_SHELL_DYNAMIC_COMMAND_PROTOCOL_GUID to match UEFI Shell ↵Chris Phillips2-5/+5
2.1 spec Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chris Phillips <chrisp@hp.com> Reviewed-By: Jaben Carsey <jaben.carsey@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15808 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-14Roll-back from an accidental commit.lhauch1-1/+0
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: lhauch <larry.hauch@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15807 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-14Change svn:mime-type property on all Unicode files (extension .uni) in edk2lhauch1-0/+1
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: lhauch <larry.hauch@intel.com> Reviewed-by: Samer El-Haj-Mahmoud <samer.el-haj-mahmoud@hp.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15806 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-14Contributed-under: TianoCore Contribution Agreement 1.0Michael Kinney2-26/+21
Signed-off-by: Michael Kinney <michael.d.kinney@intel.com> Reviewed-by: lhauch <larry.hauch@intel.com> Fix the behavior of the –version flag in the Rsa2048Sha256 tools and update logic for showing program name, version, usage, and copyright information to match other BaseTools. git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15805 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-14ShellPkg add size cast to bit operationsJaben Carsey1-4/+4
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jaben Carsey <jaben.carsey@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15804 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-14PcAtChipsetPkg: new AcpiTimerLib libraries. Gao, Liming8-1/+569
Two library instances are added to support BASE type and DXE type. Those libraries provides basic timer support using the ACPI timer hardware. The performance counter features are provided by the processors time stamp counter. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Gao, Liming <liming.gao@intel.com> Reviewed-by: Kinney, Michael D <michael.d.kinney@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15803 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-14OpenSSL 0.9.8zb was released at 06-Aug-2014, including bug and security fixes. Long, Qin5-16/+16
This patch is to catch the latest OpenSSL release. NOTE: The content of EDKII_openssl-0.9.8zb.patch is same with the old EDKII_openssl-0.9.8za.patch, and the extra changes are only name / directory modifications. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Long, Qin <qin.long@intel.com> Reviewed-by: Ye, Ting <ting.ye@intel.com> Reviewed-by: Fu, Siyuan <siyuan.fu@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15802 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-14Contributed-under: TianoCore Contribution Agreement 1.0Michael Kinney8-0/+925
Signed-off-by: Michael Kinney <michael.d.kinney@intel.com> Reviewed-by: Dong, Guo <guo.dong@intel.com> Add support for RSA 2048 SHA 256 signing and verification encoded in a PI FFS GUIDED Encapsulation Section. The primary use case of this feature is in support of signing and verification of encapsulated FVs for Recovery and Capsule Update, but can potentially be used for signing and verification of any content that can be stored in a PI conformant FFS file. Signing operations are performed from python scripts that wrap OpenSsl command line utilities. Verification operations are performed using the OpenSsl libraries in the CryptoPkg. The guided encapsulation sections uses the UEFI 2.4 Specification defined GUID called EFI_CERT_TYPE_RSA2048_SHA256_GUID. The data layout for the encapsulation section starts with the UEFI 2.4 Specification defined structure called EFI_CERT_BLOCK_RSA_2048_SHA256 followed immediately by the data. The signing tool included in these patches performs encode/decode operations using this data layout. HashType is set to the UEFI 2.4 Specification defined GUID called EFI_HASH_ALGORITHM_SHA256_GUID. MdePkg/Include/Guid/WinCertificate.h ================================= // // WIN_CERTIFICATE_UEFI_GUID.CertType // #define EFI_CERT_TYPE_RSA2048_SHA256_GUID \ {0xa7717414, 0xc616, 0x4977, {0x94, 0x20, 0x84, 0x47, 0x12, 0xa7, 0x35, 0xbf } } /// /// WIN_CERTIFICATE_UEFI_GUID.CertData /// typedef struct { EFI_GUID HashType; UINT8 PublicKey[256]; UINT8 Signature[256]; } EFI_CERT_BLOCK_RSA_2048_SHA256; MdePkg/Include/Protocol/Hash.h ================================= #define EFI_HASH_ALGORITHM_SHA256_GUID \ { \ 0x51aa59de, 0xfdf2, 0x4ea3, {0xbc, 0x63, 0x87, 0x5f, 0xb7, 0x84, 0x2e, 0xe9 } \ } The verification operations require the use of public key(s). A new PCD called gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer is added to the SecurityPkg that supports one or more SHA 256 hashes of the public keys. A SHA 256 hash is performed to minimize the FLASH overhead of storing the public keys. When a verification operation is performed, a SHA 256 hash is performed on EFI_CERT_BLOCK_RSA_2048_SHA256.PublicKey and a check is made to see if that hash matches any of the hashes in the new PCD. It is recommended that this PCD always be configured in the DSC file as storage type of [PcdsDynamixExVpd], so the public keys are stored in a protected read-only region. While working on this feature, I noticed that the CRC32 signing and verification feature was incomplete. It only supported CRC32 based verification in the DXE Phase, so the attached patches also provide support for CRC32 based verification in the PEI Phase. I also noticed that the most common method for incorporating guided section extraction libraries was to directly link them to the DXE Core, which is not very flexible. The attached patches also add a generic section extraction PEIM and a generic section extraction DXE driver that can each be linked against one or more section extraction libraries. This provides a platform developer with the option of providing section extraction services with the DXE Core or providing section extraction services with these generic PEIM/DXE Drivers. Patch Summary ============== 1) BaseTools - Rsa2049Sha256Sign python script that can perform test signing or custom signing of PI FFS file GUIDed sections a. Wrapper for a set of OpenSsl command line utility operations b. OpenSsl command line tool must be installed in location that is in standard OS path or in path specified by OS environment variable called OPENSSL_PATH c. Provides standard EDK II command line arguments for a tool that encodes/decodes guided encapsulation section Rsa2048Sha256Sign - Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved. usage: Rsa2048Sha256Sign -e|-d [options] <input_file> positional arguments: input_file specify the input filename optional arguments: -e encode file -d decode file -o filename, --output filename specify the output filename --private-key PRIVATEKEYFILE specify the private key filename. If not specified, a test signing key is used. -v, --verbose increase output messages -q, --quiet reduce output messages --debug [0-9] set debug level --version display the program version and exit -h, --help display this help text 2) BaseTools - Rsa2049Sha256GenerateKeys python script that can generate new private/public key and PCD value that is SHA 256 hash of public key using OpenSsl command line utilities. a. Wrapper for a set of OpenSsl command line utility operations b. OpenSsl command line tool must be installed in location that is in standard path or in path specified by OS environment variable called OPENSSL_PATH Rsa2048Sha256GenerateKeys - Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved. usage: Rsa2048Sha256GenerateKeys [options] optional arguments: -o [filename [filename ...]], --output [filename [filename ...]] specify the output private key filename in PEM format -i [filename [filename ...]], --input [filename [filename ...]] specify the input private key filename in PEM format --public-key-hash PUBLICKEYHASHFILE specify the public key hash filename that is SHA 256 hash of 2048 bit RSA public key in binary format --public-key-hash-c PUBLICKEYHASHCFILE specify the public key hash filename that is SHA 256 hash of 2048 bit RSA public key in C structure format -v, --verbose increase output messages -q, --quiet reduce output messages --debug [0-9] set debug level --version display the program version and exit -h, --help display this help text 3) BaseTools\Conf\tools_def.template a. Define GUID/Tool to perform RSA 2048 SHA 256 test signing and instructions on how to use alternate private/public key b. GUID is EFI_CERT_TYPE_RSA2048_SHA256_GUID c. Tool is Rsa2049Sha256Sign 4) MdeModulePkg\Library\PeiCrc32GuidedSectionExtractionLib a. Add peer for DxeCrc32GuidedSectionExtractionLib so both PEI and DXE phases can perform basic integrity checks of PEI and DXE components 5) MdeModulePkg\Universal\SectionExtractionPei a. Generic PEIM that can link against one or more NULL section extraction library instances to provided one or more GUIDED Section Extraction PPIs 6) MdeModulePkg\Universal\SectionExtractionDxe a. Generic DXE Driver that can link against one or more NULL section extraction library instances to provide one or more GUIDED Section Extraction Protocols. 7) SecurityPkg\Library\PeiRsa2048Sha256GuidedSectionExtractLib a. NULL library instances that performs PEI phase RSA 2048 SHA 256 signature verification using OpenSsl libraries from CryptoPkg. b. Based on algorithms from SecurityPkg Authenticated Variable services c. Uses public key from gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer. 8) SecurityPkg\Library\DxeRsa2048Sha256GuidedSectionExtractLib a. NULL library instances that performs DXE phase RSA 2048 SHA 256 signature verification using OpenSsl libraries from CryptoPkg. b. Based on algorithms from SecurityPkg Authenticated Variable services c. Uses public key from gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer. git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15801 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-14Contributed-under: TianoCore Contribution Agreement 1.0Michael Kinney7-2/+456
Signed-off-by: Michael Kinney <michael.d.kinney@intel.com> Reviewed-by: Yingke Liu <yingke.d.liu@intel.com> Add support for RSA 2048 SHA 256 signing and verification encoded in a PI FFS GUIDED Encapsulation Section. The primary use case of this feature is in support of signing and verification of encapsulated FVs for Recovery and Capsule Update, but can potentially be used for signing and verification of any content that can be stored in a PI conformant FFS file. Signing operations are performed from python scripts that wrap OpenSsl command line utilities. Verification operations are performed using the OpenSsl libraries in the CryptoPkg. The guided encapsulation sections uses the UEFI 2.4 Specification defined GUID called EFI_CERT_TYPE_RSA2048_SHA256_GUID. The data layout for the encapsulation section starts with the UEFI 2.4 Specification defined structure called EFI_CERT_BLOCK_RSA_2048_SHA256 followed immediately by the data. The signing tool included in these patches performs encode/decode operations using this data layout. HashType is set to the UEFI 2.4 Specification defined GUID called EFI_HASH_ALGORITHM_SHA256_GUID. MdePkg/Include/Guid/WinCertificate.h ================================= // // WIN_CERTIFICATE_UEFI_GUID.CertType // #define EFI_CERT_TYPE_RSA2048_SHA256_GUID \ {0xa7717414, 0xc616, 0x4977, {0x94, 0x20, 0x84, 0x47, 0x12, 0xa7, 0x35, 0xbf } } /// /// WIN_CERTIFICATE_UEFI_GUID.CertData /// typedef struct { EFI_GUID HashType; UINT8 PublicKey[256]; UINT8 Signature[256]; } EFI_CERT_BLOCK_RSA_2048_SHA256; MdePkg/Include/Protocol/Hash.h ================================= #define EFI_HASH_ALGORITHM_SHA256_GUID \ { \ 0x51aa59de, 0xfdf2, 0x4ea3, {0xbc, 0x63, 0x87, 0x5f, 0xb7, 0x84, 0x2e, 0xe9 } \ } The verification operations require the use of public key(s). A new PCD called gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer is added to the SecurityPkg that supports one or more SHA 256 hashes of the public keys. A SHA 256 hash is performed to minimize the FLASH overhead of storing the public keys. When a verification operation is performed, a SHA 256 hash is performed on EFI_CERT_BLOCK_RSA_2048_SHA256.PublicKey and a check is made to see if that hash matches any of the hashes in the new PCD. It is recommended that this PCD always be configured in the DSC file as storage type of [PcdsDynamixExVpd], so the public keys are stored in a protected read-only region. While working on this feature, I noticed that the CRC32 signing and verification feature was incomplete. It only supported CRC32 based verification in the DXE Phase, so the attached patches also provide support for CRC32 based verification in the PEI Phase. I also noticed that the most common method for incorporating guided section extraction libraries was to directly link them to the DXE Core, which is not very flexible. The attached patches also add a generic section extraction PEIM and a generic section extraction DXE driver that can each be linked against one or more section extraction libraries. This provides a platform developer with the option of providing section extraction services with the DXE Core or providing section extraction services with these generic PEIM/DXE Drivers. Patch Summary ============== 1) BaseTools - Rsa2049Sha256Sign python script that can perform test signing or custom signing of PI FFS file GUIDed sections a. Wrapper for a set of OpenSsl command line utility operations b. OpenSsl command line tool must be installed in location that is in standard OS path or in path specified by OS environment variable called OPENSSL_PATH c. Provides standard EDK II command line arguments for a tool that encodes/decodes guided encapsulation section Rsa2048Sha256Sign - Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved. usage: Rsa2048Sha256Sign -e|-d [options] <input_file> positional arguments: input_file specify the input filename optional arguments: -e encode file -d decode file -o filename, --output filename specify the output filename --private-key PRIVATEKEYFILE specify the private key filename. If not specified, a test signing key is used. -v, --verbose increase output messages -q, --quiet reduce output messages --debug [0-9] set debug level --version display the program version and exit -h, --help display this help text 2) BaseTools - Rsa2049Sha256GenerateKeys python script that can generate new private/public key and PCD value that is SHA 256 hash of public key using OpenSsl command line utilities. a. Wrapper for a set of OpenSsl command line utility operations b. OpenSsl command line tool must be installed in location that is in standard path or in path specified by OS environment variable called OPENSSL_PATH Rsa2048Sha256GenerateKeys - Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved. usage: Rsa2048Sha256GenerateKeys [options] optional arguments: -o [filename [filename ...]], --output [filename [filename ...]] specify the output private key filename in PEM format -i [filename [filename ...]], --input [filename [filename ...]] specify the input private key filename in PEM format --public-key-hash PUBLICKEYHASHFILE specify the public key hash filename that is SHA 256 hash of 2048 bit RSA public key in binary format --public-key-hash-c PUBLICKEYHASHCFILE specify the public key hash filename that is SHA 256 hash of 2048 bit RSA public key in C structure format -v, --verbose increase output messages -q, --quiet reduce output messages --debug [0-9] set debug level --version display the program version and exit -h, --help display this help text 3) BaseTools\Conf\tools_def.template a. Define GUID/Tool to perform RSA 2048 SHA 256 test signing and instructions on how to use alternate private/public key b. GUID is EFI_CERT_TYPE_RSA2048_SHA256_GUID c. Tool is Rsa2049Sha256Sign 4) MdeModulePkg\Library\PeiCrc32GuidedSectionExtractionLib a. Add peer for DxeCrc32GuidedSectionExtractionLib so both PEI and DXE phases can perform basic integrity checks of PEI and DXE components 5) MdeModulePkg\Universal\SectionExtractionPei a. Generic PEIM that can link against one or more NULL section extraction library instances to provided one or more GUIDED Section Extraction PPIs 6) MdeModulePkg\Universal\SectionExtractionDxe a. Generic DXE Driver that can link against one or more NULL section extraction library instances to provide one or more GUIDED Section Extraction Protocols. 7) SecurityPkg\Library\PeiRsa2048Sha256GuidedSectionExtractLib a. NULL library instances that performs PEI phase RSA 2048 SHA 256 signature verification using OpenSsl libraries from CryptoPkg. b. Based on algorithms from SecurityPkg Authenticated Variable services c. Uses public key from gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer. 8) SecurityPkg\Library\DxeRsa2048Sha256GuidedSectionExtractLib a. NULL library instances that performs DXE phase RSA 2048 SHA 256 signature verification using OpenSsl libraries from CryptoPkg. b. Based on algorithms from SecurityPkg Authenticated Variable services c. Uses public key from gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer. git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15800 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-14Contributed-under: TianoCore Contribution Agreement 1.0Michael Kinney12-1/+969
Signed-off-by: Michael Kinney <michael.d.kinney@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> Add support for RSA 2048 SHA 256 signing and verification encoded in a PI FFS GUIDED Encapsulation Section. The primary use case of this feature is in support of signing and verification of encapsulated FVs for Recovery and Capsule Update, but can potentially be used for signing and verification of any content that can be stored in a PI conformant FFS file. Signing operations are performed from python scripts that wrap OpenSsl command line utilities. Verification operations are performed using the OpenSsl libraries in the CryptoPkg. The guided encapsulation sections uses the UEFI 2.4 Specification defined GUID called EFI_CERT_TYPE_RSA2048_SHA256_GUID. The data layout for the encapsulation section starts with the UEFI 2.4 Specification defined structure called EFI_CERT_BLOCK_RSA_2048_SHA256 followed immediately by the data. The signing tool included in these patches performs encode/decode operations using this data layout. HashType is set to the UEFI 2.4 Specification defined GUID called EFI_HASH_ALGORITHM_SHA256_GUID. MdePkg/Include/Guid/WinCertificate.h ================================= // // WIN_CERTIFICATE_UEFI_GUID.CertType // #define EFI_CERT_TYPE_RSA2048_SHA256_GUID \ {0xa7717414, 0xc616, 0x4977, {0x94, 0x20, 0x84, 0x47, 0x12, 0xa7, 0x35, 0xbf } } /// /// WIN_CERTIFICATE_UEFI_GUID.CertData /// typedef struct { EFI_GUID HashType; UINT8 PublicKey[256]; UINT8 Signature[256]; } EFI_CERT_BLOCK_RSA_2048_SHA256; MdePkg/Include/Protocol/Hash.h ================================= #define EFI_HASH_ALGORITHM_SHA256_GUID \ { \ 0x51aa59de, 0xfdf2, 0x4ea3, {0xbc, 0x63, 0x87, 0x5f, 0xb7, 0x84, 0x2e, 0xe9 } \ } The verification operations require the use of public key(s). A new PCD called gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer is added to the SecurityPkg that supports one or more SHA 256 hashes of the public keys. A SHA 256 hash is performed to minimize the FLASH overhead of storing the public keys. When a verification operation is performed, a SHA 256 hash is performed on EFI_CERT_BLOCK_RSA_2048_SHA256.PublicKey and a check is made to see if that hash matches any of the hashes in the new PCD. It is recommended that this PCD always be configured in the DSC file as storage type of [PcdsDynamixExVpd], so the public keys are stored in a protected read-only region. While working on this feature, I noticed that the CRC32 signing and verification feature was incomplete. It only supported CRC32 based verification in the DXE Phase, so the attached patches also provide support for CRC32 based verification in the PEI Phase. I also noticed that the most common method for incorporating guided section extraction libraries was to directly link them to the DXE Core, which is not very flexible. The attached patches also add a generic section extraction PEIM and a generic section extraction DXE driver that can each be linked against one or more section extraction libraries. This provides a platform developer with the option of providing section extraction services with the DXE Core or providing section extraction services with these generic PEIM/DXE Drivers. Patch Summary ============== 1) BaseTools - Rsa2049Sha256Sign python script that can perform test signing or custom signing of PI FFS file GUIDed sections a. Wrapper for a set of OpenSsl command line utility operations b. OpenSsl command line tool must be installed in location that is in standard OS path or in path specified by OS environment variable called OPENSSL_PATH c. Provides standard EDK II command line arguments for a tool that encodes/decodes guided encapsulation section Rsa2048Sha256Sign - Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved. usage: Rsa2048Sha256Sign -e|-d [options] <input_file> positional arguments: input_file specify the input filename optional arguments: -e encode file -d decode file -o filename, --output filename specify the output filename --private-key PRIVATEKEYFILE specify the private key filename. If not specified, a test signing key is used. -v, --verbose increase output messages -q, --quiet reduce output messages --debug [0-9] set debug level --version display the program version and exit -h, --help display this help text 2) BaseTools - Rsa2049Sha256GenerateKeys python script that can generate new private/public key and PCD value that is SHA 256 hash of public key using OpenSsl command line utilities. a. Wrapper for a set of OpenSsl command line utility operations b. OpenSsl command line tool must be installed in location that is in standard path or in path specified by OS environment variable called OPENSSL_PATH Rsa2048Sha256GenerateKeys - Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved. usage: Rsa2048Sha256GenerateKeys [options] optional arguments: -o [filename [filename ...]], --output [filename [filename ...]] specify the output private key filename in PEM format -i [filename [filename ...]], --input [filename [filename ...]] specify the input private key filename in PEM format --public-key-hash PUBLICKEYHASHFILE specify the public key hash filename that is SHA 256 hash of 2048 bit RSA public key in binary format --public-key-hash-c PUBLICKEYHASHCFILE specify the public key hash filename that is SHA 256 hash of 2048 bit RSA public key in C structure format -v, --verbose increase output messages -q, --quiet reduce output messages --debug [0-9] set debug level --version display the program version and exit -h, --help display this help text 3) BaseTools\Conf\tools_def.template a. Define GUID/Tool to perform RSA 2048 SHA 256 test signing and instructions on how to use alternate private/public key b. GUID is EFI_CERT_TYPE_RSA2048_SHA256_GUID c. Tool is Rsa2049Sha256Sign 4) MdeModulePkg\Library\PeiCrc32GuidedSectionExtractionLib a. Add peer for DxeCrc32GuidedSectionExtractionLib so both PEI and DXE phases can perform basic integrity checks of PEI and DXE components 5) MdeModulePkg\Universal\SectionExtractionPei a. Generic PEIM that can link against one or more NULL section extraction library instances to provided one or more GUIDED Section Extraction PPIs 6) MdeModulePkg\Universal\SectionExtractionDxe a. Generic DXE Driver that can link against one or more NULL section extraction library instances to provide one or more GUIDED Section Extraction Protocols. 7) SecurityPkg\Library\PeiRsa2048Sha256GuidedSectionExtractLib a. NULL library instances that performs PEI phase RSA 2048 SHA 256 signature verification using OpenSsl libraries from CryptoPkg. b. Based on algorithms from SecurityPkg Authenticated Variable services c. Uses public key from gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer. 8) SecurityPkg\Library\DxeRsa2048Sha256GuidedSectionExtractLib a. NULL library instances that performs DXE phase RSA 2048 SHA 256 signature verification using OpenSsl libraries from CryptoPkg. b. Based on algorithms from SecurityPkg Authenticated Variable services c. Uses public key from gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer. git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15799 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-14MdeModulePkg/IntelFrameworkModulePkg: Update PeiCore, SmbiosDxe and ↵Zeng, Star11-75/+154
IsaSerialDxe to use PcdGetxx() instead of FixedPcdGetxx(). It changes some of the PCD declarations to add more supported PCD storage types and the change in the PCD access methods is associated with that. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Zeng, Star <star.zeng@intel.com> Reviewed-by: Kinney, Michael D <michael.d.kinney@intel.com> Reviewed-by: Gao, Liming <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15798 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-14Use StrnCat instead of StrCat to avoid target buffer overflow.Jeff Fan2-7/+12
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan <jeff.fan@intel.com> Reviewed-by: Eric Dong <Eric.Dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15797 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-13Add the missing parameter comments for BaseSerialPortLib16550 lib. MdePkg: ↵Gao, Liming2-3/+7
Fix Clang build failure Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Gao, Liming <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15796 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-13Fix VS2013 build failure.Ruiyu Ni3-5/+8
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15795 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-13Fix VS2013 build failure.Ruiyu Ni1-2/+3
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15794 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-13Add UINT64 type cast when AND/OR with UINT64 Supports.Ruiyu Ni1-3/+3
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15793 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-12AppPkg: introduce OrderedCollectionTestLaszlo Ersek5-0/+803
In this patch a small application is added to AppPkg, with the following two goals: - demonstrate how to use OrderedCollectionLib, - allow users to test and "fuzz" BaseOrderedCollectionRedBlackTreeLib in particular, entering API "commands" interactively, or providing them from a script file. A shell script is included that generates such an API command script. Speaking about BaseOrderedCollectionRedBlackTreeLib specifically, OrderedCollectionTest validates the internal red-black properties of the tree after each read-write operation by setting the PcdValidateOrderedCollection feature flag to TRUE. The OrderedCollectionTest application's debugging environment is strictly specified in the DSC file, because OrderedCollectionTest is entirely useless for unit testing without full ASSERT() enablement. The OrderedCollectionTest application deliberately doesn't follow the edk2 coding style in the following: - const vs. CONST, - void vs. VOID, - assert() vs. ASSERT(), - calloc() and free() vs. AllocateZeroPool() and FreePool(), - integer types. This is because OrderedCollectionTest is a standard C application, not a UEFI application per se. In particular it relies on stdio. INTN, EFIAPI and CONST VOID are used only in two places, where we provide the comparator callbacks to OrderedCollectionLib. Proper range checking is ensured for integers. The application takes command input from stdin or a file (if the user requests it), sends command output to stdout or a file (if the user requests it), prints debug output to the console (as other AppPkg applications do when debugging is enabled for them), and prints diagnostics to stderr (like well behaved standard C programs should). Input/output selection is implemented manually because the old shell doesn't support input redirection at all, and because the new shell's input redirection does not co-operate with fgets() for the time being. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Michael Kinney <michael.d.kinney@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15792 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-12MdePkg: introduce BaseOrderedCollectionRedBlackTreeLib library instanceLaszlo Ersek3-0/+1489
edk2 should have a fast and easy-to-use associative array (a dictionary) type. Red-black trees have O(log(n)) worst case time complexity for lookup, insertion, and deletion (where n is the number of nodes in the tree). They support minimum and maximum lookup with the same time complexity, hence red-black trees double as priority queues as well. Given an iterator to a red-black tree node, getting the next or previous node (which corresponds to the ordered successor or the predecessor, respectively, according to the user-defined ordering) is O(log(n)) as well. The code reflects the Binary Search Trees and Red-Black Trees chapters of Introduction to Algorithms, by Cormen, Leiserson, Rivest. One point where the implementation diverges is the first phase of the Delete() operation. During that phase, the book's algorithm copies the key and other business *contents* of the successor node (in case the successor node is affected), and releases the successor node (instead of the node that the user requested to delete). While semantically correct, this would break the above iterator validity guarantee. This implementation replaces the copying of business contents between nodes with suitable relinking of nodes, so that all iterators (except the one whose deletion is being requested) remain valid. I had written this code originally in approx. 2002. I personally own the copyright of that version and am hereby relicensing it to Red Hat, under the BSDL. I had used the original code in a few personal projects since, for example in the lbzip2-0.x parallel (de)compressor, and now I've ported the library to edk2. Both during the original implementation and now during the porting I verified all the cases and their proofs as rigorously as I could, on paper. (NB, I couldn't find any errors in the 2002 code now.) During the porting to edk2, I documented all those cases in code comments as well (at least half of the source is documentation). These comments are not blind copies of diagrams from the Algorithms book, nor are they copies from my original code -- I've done them all fresh now, and I've only matched the results against the book. Reviewers are invited to sit down with a pen, some paper, the book, and the code. The Validate() function verifies the internal red-black properties of the tree. This function helps with unit testing, and is only invoked when requested with the PcdValidateOrderedCollection feature flag. A note about diagrams: edges represented by backslash (\) characters are often written as "\_", ie. with a following underscore. This is because line-trailing backslashes are processed very early in compilation (in translation phase 2), "splicing physical source lines to form logical source lines". Since the edk2 coding style requires "//" comments for such documentation, a trailing backslash would splice the next physical line into the "scope" of the comment. To prevent this, trailing backslashes are defanged by appending underscores, which should be visually bearable. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Michael Kinney <michael.d.kinney@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15791 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-12MdePkg: introduce OrderedCollectionLib library classKinney, Michael D2-0/+434
This library class provides a set of APIs to manage an ordered collection of items: - Init(), - UnInit(), - Insert(), - Delete(), - IsEmpty(), - Next(), - Prev(), - Min(), - Max(), - Find(), - UserStruct(). There are many ways to implement an ordered collection. Depending on the frequency of the different actions, different internal implementations may have different performance, memory overhead, or code size. Developers can select the library instance for a platform or module in their DSC files that meets the needs of that platform or module. Commit-message-from: "Kinney, Michael D" <michael.d.kinney@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Michael Kinney <michael.d.kinney@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15790 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-12Fixed a bug in LegacyBiosDxe to allocate correct ranges of memory.Elvin Li1-2/+2
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Elvin Li <elvin.li@intel.com> Reviewed-by: Jeff Fan <jeff.fan@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15789 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-12Correct StrnCat length calculation.jyao12-52/+52
Contributed-under: TianoCore Contribution Agreement 1.0 Signed off by: Jiewen Yao <jiewen.yao@intel.com> Reviewed by: Guo Dong <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15788 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-12MdeModulePkg PeiCore: The DEBUG message (for HeapOffset and StackOffset) ↵Star Zeng1-3/+5
should be placed after HeapOffset is got. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15787 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-11StdLib/LibC/Stdio: fix "missing braces around initializer"Laszlo Ersek1-1/+1
The member "fext._ub" is a structure (of type "struct __sbuf"), and the current initializer triggers StdLib/LibC/Stdio/vswscanf.c: In function 'vswscanf': StdLib/LibC/Stdio/vswscanf.c:75:10: error: missing braces around initializer [-Werror=missing-braces] StdLib/LibC/Stdio/vswscanf.c:75:10: error: (near initialization for 'fext._ub') [-Werror=missing-braces] cc1: all warnings being treated as errors Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15786 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-11StdLib/LibC/gdtoa: fix "missing braces around initializer"Laszlo Ersek1-1/+1
The member "u.L" is an array, and the current initializer triggers StdLib/LibC/gdtoa/strtof.c: In function '_strtof': StdLib/LibC/gdtoa/strtof.c:53:9: error: missing braces around initializer [-Werror=missing-braces] StdLib/LibC/gdtoa/strtof.c:53:9: error: (near initialization for 'u.L') [-Werror=missing-braces] cc1: all warnings being treated as errors Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15785 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-11MdePkg: Fix Clang build failureGao, Liming13-14/+14
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Gao, Liming <liming.gao@intel.com> Reviewed-by: Andrew Fish <afish@apple.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15784 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-11MdeModulePkg: BaseSerialPortLib16550 library to support PCI UART device.Gao, Liming4-55/+441
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Gao, Liming <liming.gao@intel.com> Reviewed-by: Kinney, Michael D <michael.d.kinney@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15783 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-11MdeModulePkg: new PlatformHookLib library with depex of SerialPortPpi.Gao, Liming6-0/+104
This library has one depex of SerialPortPpi. Then, the PEIM linked it has this depex so that it is dispatched after SerialPortPpi is installed. SerialPortPpi notifies the platform initialization done, then serial port will work. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Gao, Liming <liming.gao@intel.com> Reviewed-by: Kinney, Michael D <michael.d.kinney@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15782 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-11MdeModulePkg: DxeCoreGao, Liming1-0/+4
If GUIDED section has AUTH attribute only, DxeCore may wrongly set its AuthenticationStatus to 0 when its matched GUIDED extraction handler is not installed and Auth data is not verified. For this case, the return AuthenticationStatus should be EFI_AUTH_STATUS_NOT_TESTED. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Gao, Liming <liming.gao@intel.com> Reviewed-by: Kinney, Michael D <michael.d.kinney@intel.com> Reviewed-by: Yao, Jiewen <jiewen.yao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15781 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-08Added SMBIOS 2.8.0 updates.Elvin Li2-10/+27
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Elvin Li <elvin.li@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15780 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-08SourceLevelDebugPkg/DebugAgent: fix trivial typo.Chen Fan1-1/+1
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com> Reviewed-by: Jeff Fan <jeff.fan@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15779 6f19259b-4bc3-4df7-8a09-765794883524