Michael Kinney [Thu, 14 Aug 2014 20:08:17 +0000 (20:08 +0000)]
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Michael Kinney <michael.d.kinney@intel.com> Reviewed-by: lhauch <larry.hauch@intel.com>
Fix the behavior of the –version flag in the Rsa2048Sha256 tools and update logic for showing program name, version, usage, and copyright information to match other BaseTools.
Gao, Liming [Thu, 14 Aug 2014 14:30:32 +0000 (14:30 +0000)]
PcAtChipsetPkg: new AcpiTimerLib libraries.
Two library instances are added to support BASE type and DXE type. Those libraries provides basic timer support using the ACPI timer hardware. The performance counter features are provided by the processors time stamp counter.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Gao, Liming <liming.gao@intel.com> Reviewed-by: Kinney, Michael D <michael.d.kinney@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15803 6f19259b-4bc3-4df7-8a09-765794883524
Long, Qin [Thu, 14 Aug 2014 10:16:57 +0000 (10:16 +0000)]
OpenSSL 0.9.8zb was released at 06-Aug-2014, including bug and security fixes.
This patch is to catch the latest OpenSSL release.
NOTE: The content of EDKII_openssl-0.9.8zb.patch is same with the old EDKII_openssl-0.9.8za.patch, and the extra changes
are only name / directory modifications.
Michael Kinney [Thu, 14 Aug 2014 06:31:34 +0000 (06:31 +0000)]
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Michael Kinney <michael.d.kinney@intel.com> Reviewed-by: Dong, Guo <guo.dong@intel.com>
Add support for RSA 2048 SHA 256 signing and verification encoded in a PI FFS GUIDED Encapsulation Section. The primary use case of this feature is in support of signing and verification of encapsulated FVs for Recovery and Capsule Update, but can potentially be used for signing and verification of any content that can be stored in a PI conformant FFS file. Signing operations are performed from python scripts that wrap OpenSsl command line utilities. Verification operations are performed using the OpenSsl libraries in the CryptoPkg.
The guided encapsulation sections uses the UEFI 2.4 Specification defined GUID called EFI_CERT_TYPE_RSA2048_SHA256_GUID. The data layout for the encapsulation section starts with the UEFI 2.4 Specification defined structure called EFI_CERT_BLOCK_RSA_2048_SHA256 followed immediately by the data. The signing tool included in these patches performs encode/decode operations using this data layout. HashType is set to the UEFI 2.4 Specification defined GUID called EFI_HASH_ALGORITHM_SHA256_GUID.
The verification operations require the use of public key(s). A new PCD called gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer is added to the SecurityPkg that supports one or more SHA 256 hashes of the public keys. A SHA 256 hash is performed to minimize the FLASH overhead of storing the public keys. When a verification operation is performed, a SHA 256 hash is performed on EFI_CERT_BLOCK_RSA_2048_SHA256.PublicKey and a check is made to see if that hash matches any of the hashes in the new PCD. It is recommended that this PCD always be configured in the DSC file as storage type of [PcdsDynamixExVpd], so the public keys are stored in a protected read-only region.
While working on this feature, I noticed that the CRC32 signing and verification feature was incomplete. It only supported CRC32 based verification in the DXE Phase, so the attached patches also provide support for CRC32 based verification in the PEI Phase.
I also noticed that the most common method for incorporating guided section extraction libraries was to directly link them to the DXE Core, which is not very flexible. The attached patches also add a generic section extraction PEIM and a generic section extraction DXE driver that can each be linked against one or more section extraction libraries. This provides a platform developer with the option of providing section extraction services with the DXE Core or providing section extraction services with these generic PEIM/DXE Drivers.
Patch Summary
==============
1) BaseTools - Rsa2049Sha256Sign python script that can perform test signing or custom signing of PI FFS file GUIDed sections
a. Wrapper for a set of OpenSsl command line utility operations
b. OpenSsl command line tool must be installed in location that is in standard OS path or in path specified by OS environment variable called OPENSSL_PATH
c. Provides standard EDK II command line arguments for a tool that encodes/decodes guided encapsulation section
Rsa2048Sha256Sign - Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.
usage: Rsa2048Sha256Sign -e|-d [options] <input_file>
positional arguments:
input_file specify the input filename
optional arguments:
-e encode file
-d decode file
-o filename, --output filename
specify the output filename
--private-key PRIVATEKEYFILE
specify the private key filename. If not specified, a
test signing key is used.
-v, --verbose increase output messages
-q, --quiet reduce output messages
--debug [0-9] set debug level
--version display the program version and exit
-h, --help display this help text
2) BaseTools - Rsa2049Sha256GenerateKeys python script that can generate new private/public key and PCD value that is SHA 256 hash of public key using OpenSsl command line utilities.
a. Wrapper for a set of OpenSsl command line utility operations
b. OpenSsl command line tool must be installed in location that is in standard path or in path specified by OS environment variable called OPENSSL_PATH
Rsa2048Sha256GenerateKeys - Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.
usage: Rsa2048Sha256GenerateKeys [options]
optional arguments:
-o [filename [filename ...]], --output [filename [filename ...]]
specify the output private key filename in PEM format
-i [filename [filename ...]], --input [filename [filename ...]]
specify the input private key filename in PEM format
--public-key-hash PUBLICKEYHASHFILE
specify the public key hash filename that is SHA 256
hash of 2048 bit RSA public key in binary format
--public-key-hash-c PUBLICKEYHASHCFILE
specify the public key hash filename that is SHA 256
hash of 2048 bit RSA public key in C structure format
-v, --verbose increase output messages
-q, --quiet reduce output messages
--debug [0-9] set debug level
--version display the program version and exit
-h, --help display this help text
3) BaseTools\Conf\tools_def.template
a. Define GUID/Tool to perform RSA 2048 SHA 256 test signing and instructions on how to use alternate private/public key
b. GUID is EFI_CERT_TYPE_RSA2048_SHA256_GUID
c. Tool is Rsa2049Sha256Sign
4) MdeModulePkg\Library\PeiCrc32GuidedSectionExtractionLib
a. Add peer for DxeCrc32GuidedSectionExtractionLib so both PEI and DXE phases can perform basic integrity checks of PEI and DXE components
5) MdeModulePkg\Universal\SectionExtractionPei
a. Generic PEIM that can link against one or more NULL section extraction library instances to provided one or more GUIDED Section Extraction PPIs
6) MdeModulePkg\Universal\SectionExtractionDxe
a. Generic DXE Driver that can link against one or more NULL section extraction library instances to provide one or more GUIDED Section Extraction Protocols.
7) SecurityPkg\Library\PeiRsa2048Sha256GuidedSectionExtractLib
a. NULL library instances that performs PEI phase RSA 2048 SHA 256 signature verification using OpenSsl libraries from CryptoPkg.
b. Based on algorithms from SecurityPkg Authenticated Variable services
c. Uses public key from gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer.
8) SecurityPkg\Library\DxeRsa2048Sha256GuidedSectionExtractLib
a. NULL library instances that performs DXE phase RSA 2048 SHA 256 signature verification using OpenSsl libraries from CryptoPkg.
b. Based on algorithms from SecurityPkg Authenticated Variable services
c. Uses public key from gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer.
Michael Kinney [Thu, 14 Aug 2014 06:30:10 +0000 (06:30 +0000)]
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Michael Kinney <michael.d.kinney@intel.com> Reviewed-by: Yingke Liu <yingke.d.liu@intel.com>
Add support for RSA 2048 SHA 256 signing and verification encoded in a PI FFS GUIDED Encapsulation Section. The primary use case of this feature is in support of signing and verification of encapsulated FVs for Recovery and Capsule Update, but can potentially be used for signing and verification of any content that can be stored in a PI conformant FFS file. Signing operations are performed from python scripts that wrap OpenSsl command line utilities. Verification operations are performed using the OpenSsl libraries in the CryptoPkg.
The guided encapsulation sections uses the UEFI 2.4 Specification defined GUID called EFI_CERT_TYPE_RSA2048_SHA256_GUID. The data layout for the encapsulation section starts with the UEFI 2.4 Specification defined structure called EFI_CERT_BLOCK_RSA_2048_SHA256 followed immediately by the data. The signing tool included in these patches performs encode/decode operations using this data layout. HashType is set to the UEFI 2.4 Specification defined GUID called EFI_HASH_ALGORITHM_SHA256_GUID.
The verification operations require the use of public key(s). A new PCD called gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer is added to the SecurityPkg that supports one or more SHA 256 hashes of the public keys. A SHA 256 hash is performed to minimize the FLASH overhead of storing the public keys. When a verification operation is performed, a SHA 256 hash is performed on EFI_CERT_BLOCK_RSA_2048_SHA256.PublicKey and a check is made to see if that hash matches any of the hashes in the new PCD. It is recommended that this PCD always be configured in the DSC file as storage type of [PcdsDynamixExVpd], so the public keys are stored in a protected read-only region.
While working on this feature, I noticed that the CRC32 signing and verification feature was incomplete. It only supported CRC32 based verification in the DXE Phase, so the attached patches also provide support for CRC32 based verification in the PEI Phase.
I also noticed that the most common method for incorporating guided section extraction libraries was to directly link them to the DXE Core, which is not very flexible. The attached patches also add a generic section extraction PEIM and a generic section extraction DXE driver that can each be linked against one or more section extraction libraries. This provides a platform developer with the option of providing section extraction services with the DXE Core or providing section extraction services with these generic PEIM/DXE Drivers.
Patch Summary
==============
1) BaseTools - Rsa2049Sha256Sign python script that can perform test signing or custom signing of PI FFS file GUIDed sections
a. Wrapper for a set of OpenSsl command line utility operations
b. OpenSsl command line tool must be installed in location that is in standard OS path or in path specified by OS environment variable called OPENSSL_PATH
c. Provides standard EDK II command line arguments for a tool that encodes/decodes guided encapsulation section
Rsa2048Sha256Sign - Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.
usage: Rsa2048Sha256Sign -e|-d [options] <input_file>
positional arguments:
input_file specify the input filename
optional arguments:
-e encode file
-d decode file
-o filename, --output filename
specify the output filename
--private-key PRIVATEKEYFILE
specify the private key filename. If not specified, a
test signing key is used.
-v, --verbose increase output messages
-q, --quiet reduce output messages
--debug [0-9] set debug level
--version display the program version and exit
-h, --help display this help text
2) BaseTools - Rsa2049Sha256GenerateKeys python script that can generate new private/public key and PCD value that is SHA 256 hash of public key using OpenSsl command line utilities.
a. Wrapper for a set of OpenSsl command line utility operations
b. OpenSsl command line tool must be installed in location that is in standard path or in path specified by OS environment variable called OPENSSL_PATH
Rsa2048Sha256GenerateKeys - Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.
usage: Rsa2048Sha256GenerateKeys [options]
optional arguments:
-o [filename [filename ...]], --output [filename [filename ...]]
specify the output private key filename in PEM format
-i [filename [filename ...]], --input [filename [filename ...]]
specify the input private key filename in PEM format
--public-key-hash PUBLICKEYHASHFILE
specify the public key hash filename that is SHA 256
hash of 2048 bit RSA public key in binary format
--public-key-hash-c PUBLICKEYHASHCFILE
specify the public key hash filename that is SHA 256
hash of 2048 bit RSA public key in C structure format
-v, --verbose increase output messages
-q, --quiet reduce output messages
--debug [0-9] set debug level
--version display the program version and exit
-h, --help display this help text
3) BaseTools\Conf\tools_def.template
a. Define GUID/Tool to perform RSA 2048 SHA 256 test signing and instructions on how to use alternate private/public key
b. GUID is EFI_CERT_TYPE_RSA2048_SHA256_GUID
c. Tool is Rsa2049Sha256Sign
4) MdeModulePkg\Library\PeiCrc32GuidedSectionExtractionLib
a. Add peer for DxeCrc32GuidedSectionExtractionLib so both PEI and DXE phases can perform basic integrity checks of PEI and DXE components
5) MdeModulePkg\Universal\SectionExtractionPei
a. Generic PEIM that can link against one or more NULL section extraction library instances to provided one or more GUIDED Section Extraction PPIs
6) MdeModulePkg\Universal\SectionExtractionDxe
a. Generic DXE Driver that can link against one or more NULL section extraction library instances to provide one or more GUIDED Section Extraction Protocols.
7) SecurityPkg\Library\PeiRsa2048Sha256GuidedSectionExtractLib
a. NULL library instances that performs PEI phase RSA 2048 SHA 256 signature verification using OpenSsl libraries from CryptoPkg.
b. Based on algorithms from SecurityPkg Authenticated Variable services
c. Uses public key from gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer.
8) SecurityPkg\Library\DxeRsa2048Sha256GuidedSectionExtractLib
a. NULL library instances that performs DXE phase RSA 2048 SHA 256 signature verification using OpenSsl libraries from CryptoPkg.
b. Based on algorithms from SecurityPkg Authenticated Variable services
c. Uses public key from gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer.
Michael Kinney [Thu, 14 Aug 2014 06:29:07 +0000 (06:29 +0000)]
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Michael Kinney <michael.d.kinney@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com>
Add support for RSA 2048 SHA 256 signing and verification encoded in a PI FFS GUIDED Encapsulation Section. The primary use case of this feature is in support of signing and verification of encapsulated FVs for Recovery and Capsule Update, but can potentially be used for signing and verification of any content that can be stored in a PI conformant FFS file. Signing operations are performed from python scripts that wrap OpenSsl command line utilities. Verification operations are performed using the OpenSsl libraries in the CryptoPkg.
The guided encapsulation sections uses the UEFI 2.4 Specification defined GUID called EFI_CERT_TYPE_RSA2048_SHA256_GUID. The data layout for the encapsulation section starts with the UEFI 2.4 Specification defined structure called EFI_CERT_BLOCK_RSA_2048_SHA256 followed immediately by the data. The signing tool included in these patches performs encode/decode operations using this data layout. HashType is set to the UEFI 2.4 Specification defined GUID called EFI_HASH_ALGORITHM_SHA256_GUID.
The verification operations require the use of public key(s). A new PCD called gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer is added to the SecurityPkg that supports one or more SHA 256 hashes of the public keys. A SHA 256 hash is performed to minimize the FLASH overhead of storing the public keys. When a verification operation is performed, a SHA 256 hash is performed on EFI_CERT_BLOCK_RSA_2048_SHA256.PublicKey and a check is made to see if that hash matches any of the hashes in the new PCD. It is recommended that this PCD always be configured in the DSC file as storage type of [PcdsDynamixExVpd], so the public keys are stored in a protected read-only region.
While working on this feature, I noticed that the CRC32 signing and verification feature was incomplete. It only supported CRC32 based verification in the DXE Phase, so the attached patches also provide support for CRC32 based verification in the PEI Phase.
I also noticed that the most common method for incorporating guided section extraction libraries was to directly link them to the DXE Core, which is not very flexible. The attached patches also add a generic section extraction PEIM and a generic section extraction DXE driver that can each be linked against one or more section extraction libraries. This provides a platform developer with the option of providing section extraction services with the DXE Core or providing section extraction services with these generic PEIM/DXE Drivers.
Patch Summary
==============
1) BaseTools - Rsa2049Sha256Sign python script that can perform test signing or custom signing of PI FFS file GUIDed sections
a. Wrapper for a set of OpenSsl command line utility operations
b. OpenSsl command line tool must be installed in location that is in standard OS path or in path specified by OS environment variable called OPENSSL_PATH
c. Provides standard EDK II command line arguments for a tool that encodes/decodes guided encapsulation section
Rsa2048Sha256Sign - Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.
usage: Rsa2048Sha256Sign -e|-d [options] <input_file>
positional arguments:
input_file specify the input filename
optional arguments:
-e encode file
-d decode file
-o filename, --output filename
specify the output filename
--private-key PRIVATEKEYFILE
specify the private key filename. If not specified, a
test signing key is used.
-v, --verbose increase output messages
-q, --quiet reduce output messages
--debug [0-9] set debug level
--version display the program version and exit
-h, --help display this help text
2) BaseTools - Rsa2049Sha256GenerateKeys python script that can generate new private/public key and PCD value that is SHA 256 hash of public key using OpenSsl command line utilities.
a. Wrapper for a set of OpenSsl command line utility operations
b. OpenSsl command line tool must be installed in location that is in standard path or in path specified by OS environment variable called OPENSSL_PATH
Rsa2048Sha256GenerateKeys - Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.
usage: Rsa2048Sha256GenerateKeys [options]
optional arguments:
-o [filename [filename ...]], --output [filename [filename ...]]
specify the output private key filename in PEM format
-i [filename [filename ...]], --input [filename [filename ...]]
specify the input private key filename in PEM format
--public-key-hash PUBLICKEYHASHFILE
specify the public key hash filename that is SHA 256
hash of 2048 bit RSA public key in binary format
--public-key-hash-c PUBLICKEYHASHCFILE
specify the public key hash filename that is SHA 256
hash of 2048 bit RSA public key in C structure format
-v, --verbose increase output messages
-q, --quiet reduce output messages
--debug [0-9] set debug level
--version display the program version and exit
-h, --help display this help text
3) BaseTools\Conf\tools_def.template
a. Define GUID/Tool to perform RSA 2048 SHA 256 test signing and instructions on how to use alternate private/public key
b. GUID is EFI_CERT_TYPE_RSA2048_SHA256_GUID
c. Tool is Rsa2049Sha256Sign
4) MdeModulePkg\Library\PeiCrc32GuidedSectionExtractionLib
a. Add peer for DxeCrc32GuidedSectionExtractionLib so both PEI and DXE phases can perform basic integrity checks of PEI and DXE components
5) MdeModulePkg\Universal\SectionExtractionPei
a. Generic PEIM that can link against one or more NULL section extraction library instances to provided one or more GUIDED Section Extraction PPIs
6) MdeModulePkg\Universal\SectionExtractionDxe
a. Generic DXE Driver that can link against one or more NULL section extraction library instances to provide one or more GUIDED Section Extraction Protocols.
7) SecurityPkg\Library\PeiRsa2048Sha256GuidedSectionExtractLib
a. NULL library instances that performs PEI phase RSA 2048 SHA 256 signature verification using OpenSsl libraries from CryptoPkg.
b. Based on algorithms from SecurityPkg Authenticated Variable services
c. Uses public key from gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer.
8) SecurityPkg\Library\DxeRsa2048Sha256GuidedSectionExtractLib
a. NULL library instances that performs DXE phase RSA 2048 SHA 256 signature verification using OpenSsl libraries from CryptoPkg.
b. Based on algorithms from SecurityPkg Authenticated Variable services
c. Uses public key from gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer.
Laszlo Ersek [Tue, 12 Aug 2014 07:29:17 +0000 (07:29 +0000)]
AppPkg: introduce OrderedCollectionTest
In this patch a small application is added to AppPkg, with the following
two goals:
- demonstrate how to use OrderedCollectionLib,
- allow users to test and "fuzz" BaseOrderedCollectionRedBlackTreeLib in
particular, entering API "commands" interactively, or providing them
from a script file.
A shell script is included that generates such an API command script.
Speaking about BaseOrderedCollectionRedBlackTreeLib specifically,
OrderedCollectionTest validates the internal red-black properties of the
tree after each read-write operation by setting the
PcdValidateOrderedCollection feature flag to TRUE.
The OrderedCollectionTest application's debugging environment is strictly
specified in the DSC file, because OrderedCollectionTest is entirely
useless for unit testing without full ASSERT() enablement.
The OrderedCollectionTest application deliberately doesn't follow the edk2
coding style in the following:
- const vs. CONST,
- void vs. VOID,
- assert() vs. ASSERT(),
- calloc() and free() vs. AllocateZeroPool() and FreePool(),
- integer types.
This is because OrderedCollectionTest is a standard C application, not a
UEFI application per se. In particular it relies on stdio. INTN, EFIAPI
and CONST VOID are used only in two places, where we provide the
comparator callbacks to OrderedCollectionLib. Proper range checking is
ensured for integers.
The application takes command input from stdin or a file (if the user
requests it), sends command output to stdout or a file (if the user
requests it), prints debug output to the console (as other AppPkg
applications do when debugging is enabled for them), and prints
diagnostics to stderr (like well behaved standard C programs should).
Input/output selection is implemented manually because the old shell
doesn't support input redirection at all, and because the new shell's
input redirection does not co-operate with fgets() for the time being.
edk2 should have a fast and easy-to-use associative array (a dictionary)
type.
Red-black trees have O(log(n)) worst case time complexity for lookup,
insertion, and deletion (where n is the number of nodes in the tree). They
support minimum and maximum lookup with the same time complexity, hence
red-black trees double as priority queues as well.
Given an iterator to a red-black tree node, getting the next or previous
node (which corresponds to the ordered successor or the predecessor,
respectively, according to the user-defined ordering) is O(log(n)) as
well.
The code reflects the Binary Search Trees and Red-Black Trees chapters of
Introduction to Algorithms, by Cormen, Leiserson, Rivest. One point where
the implementation diverges is the first phase of the Delete() operation.
During that phase, the book's algorithm copies the key and other business
*contents* of the successor node (in case the successor node is affected),
and releases the successor node (instead of the node that the user
requested to delete).
While semantically correct, this would break the above iterator validity
guarantee. This implementation replaces the copying of business contents
between nodes with suitable relinking of nodes, so that all iterators
(except the one whose deletion is being requested) remain valid.
I had written this code originally in approx. 2002. I personally own the
copyright of that version and am hereby relicensing it to Red Hat, under
the BSDL. I had used the original code in a few personal projects since,
for example in the lbzip2-0.x parallel (de)compressor, and now I've ported
the library to edk2. Both during the original implementation and now
during the porting I verified all the cases and their proofs as rigorously
as I could, on paper. (NB, I couldn't find any errors in the 2002 code
now.)
During the porting to edk2, I documented all those cases in code comments
as well (at least half of the source is documentation). These comments are
not blind copies of diagrams from the Algorithms book, nor are they copies
from my original code -- I've done them all fresh now, and I've only
matched the results against the book. Reviewers are invited to sit down
with a pen, some paper, the book, and the code.
The Validate() function verifies the internal red-black properties of the
tree. This function helps with unit testing, and is only invoked when
requested with the PcdValidateOrderedCollection feature flag.
A note about diagrams: edges represented by backslash (\) characters are
often written as "\_", ie. with a following underscore. This is because
line-trailing backslashes are processed very early in compilation (in
translation phase 2), "splicing physical source lines to form logical
source lines". Since the edk2 coding style requires "//" comments for such
documentation, a trailing backslash would splice the next physical line
into the "scope" of the comment. To prevent this, trailing backslashes are
defanged by appending underscores, which should be visually bearable.
MdePkg: introduce OrderedCollectionLib library class
This library class provides a set of APIs to manage an ordered collection
of items:
- Init(),
- UnInit(),
- Insert(),
- Delete(),
- IsEmpty(),
- Next(),
- Prev(),
- Min(),
- Max(),
- Find(),
- UserStruct().
There are many ways to implement an ordered collection. Depending on the
frequency of the different actions, different internal implementations may
have different performance, memory overhead, or code size.
Developers can select the library instance for a platform or module in
their DSC files that meets the needs of that platform or module.
Laszlo Ersek [Mon, 11 Aug 2014 22:00:01 +0000 (22:00 +0000)]
StdLib/LibC/Stdio: fix "missing braces around initializer"
The member "fext._ub" is a structure (of type "struct __sbuf"), and the
current initializer triggers
StdLib/LibC/Stdio/vswscanf.c: In function 'vswscanf':
StdLib/LibC/Stdio/vswscanf.c:75:10: error: missing braces around
initializer [-Werror=missing-braces]
StdLib/LibC/Stdio/vswscanf.c:75:10: error: (near initialization for
'fext._ub') [-Werror=missing-braces]
cc1: all warnings being treated as errors
Laszlo Ersek [Mon, 11 Aug 2014 21:59:53 +0000 (21:59 +0000)]
StdLib/LibC/gdtoa: fix "missing braces around initializer"
The member "u.L" is an array, and the current initializer triggers
StdLib/LibC/gdtoa/strtof.c: In function '_strtof':
StdLib/LibC/gdtoa/strtof.c:53:9: error: missing braces around
initializer [-Werror=missing-braces]
StdLib/LibC/gdtoa/strtof.c:53:9: error: (near initialization for
'u.L') [-Werror=missing-braces]
cc1: all warnings being treated as errors
Gao, Liming [Mon, 11 Aug 2014 06:23:51 +0000 (06:23 +0000)]
MdeModulePkg: new PlatformHookLib library with depex of SerialPortPpi.
This library has one depex of SerialPortPpi. Then, the PEIM linked it has this depex so that it is dispatched after SerialPortPpi is installed. SerialPortPpi notifies the platform initialization done, then serial port will work.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Gao, Liming <liming.gao@intel.com> Reviewed-by: Kinney, Michael D <michael.d.kinney@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15782 6f19259b-4bc3-4df7-8a09-765794883524
Gao, Liming [Mon, 11 Aug 2014 05:40:40 +0000 (05:40 +0000)]
MdeModulePkg: DxeCore
If GUIDED section has AUTH attribute only, DxeCore may wrongly set its AuthenticationStatus to 0 when its matched GUIDED extraction handler is not installed and Auth data is not verified. For this case, the return AuthenticationStatus should be EFI_AUTH_STATUS_NOT_TESTED.
Andrew Fish [Fri, 8 Aug 2014 00:57:50 +0000 (00:57 +0000)]
clang warns on guard macro not matching in .h file.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Andrew Fish <afish@apple.com> Reviewed-by: Jeff Fan <jeff.fan@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15774 6f19259b-4bc3-4df7-8a09-765794883524
Jaben Carsey [Thu, 7 Aug 2014 20:02:40 +0000 (20:02 +0000)]
ShellPkg: Refactor string manipulation in cp command
This patch replaces StrCpy with StrnCpy or refactors out the usage of StrCpy through some other means.
This patch replaces StrCat with StrnCat or refactors out the usage of StrCat through some other means.
Eugene Cohen [Thu, 7 Aug 2014 07:44:37 +0000 (07:44 +0000)]
Fix OpensslLib build issue for ARM. The changes are:
The changes are:
1. Add RVCT ARM build target
2. Add suppression of warnings to get openssl building (1295,550,1293,111,68,177,223,144,513,188)
3. Remove architectures that RVCT cannot build for (IA32, X64, and IPF)
4. Add the -DOPENSSL_NO_MD2 flag to prevent link errors from MD2 references; the comments in the .inf assumes that this flag exists but it wasn’t actually set
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eugene Cohen <eugene@hp.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Long Qin <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15767 6f19259b-4bc3-4df7-8a09-765794883524
The memory allocation tests will also fail, sometimes leaving all available memory consumed.
The correct output in the above example is:
Maximum exponent = 128
Maximum number = 3.40282347e+38
Overflow doesn't seem to generate a trap
The root cause is that all operations on values of Long or ULong type, within the gdtoa library, must be 32-bit operations. A previous change replaced the Long and ULong definitions with INTN and UINTN, respectively. While this is correct for a lot of Linux and NetBSD code, it was not correct for this library.
This fix reverts the definitions of ULong and Long back to 32-bit types.
A descriptive comment has also been added to the U union.
Additional white-space has been added to tidy up the definitions of the word0 and word1 macros.
Verified with Enquire.efi and the ISO/IEC C Library compliance Validation Suite.
Jaben Carsey [Tue, 5 Aug 2014 17:52:18 +0000 (17:52 +0000)]
This adds the new APIs for UEFI Shell 2.1 and makes a new structure for shell implementations that are conformant to this new spec. It does not affect existing implementations.
Olivier Martin [Mon, 4 Aug 2014 14:18:13 +0000 (14:18 +0000)]
ArmPkg/ArmSmcLib: Fixed SMC helper functions
The SMC helper functions were buggy as they were assuming that
the values in x1-x7 registers were preserved across an SMC call,
which is not the case. This patch fixes this issue.
It also simplifies the code by providing only 1 version of the SMC
helper function. We used to have 4 versions depending on the number
of arguments. The problem with this approach was that the number of
arguments also dictated the number of return values, which is
completely unrelated. E.g. you can have an SMC call that takes
1 argument but returns 4 values.
Harry Liebel [Mon, 4 Aug 2014 01:26:57 +0000 (01:26 +0000)]
The pointer argument should be set to NULL if not used not FALSE.
FALSE evaluates to 0. This was flagged by LLVM compiler as a
warning:
"expression which evaluates to zero treated as a null pointer
constant of type 'EFI_MTFTP4_OVERRIDE_DATA *'
[-Wnon-literal-null-conversion]"
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Harry Liebel <Harry.Liebel@arm.com> Reviewed-By: Olivier Martin <olivier.martin@arm.com> Reviewed-By: Fu, Siyuan <siyuan.fu@intel.com> Reviewed-By: Ye, Ting (ting.ye@intel.com)
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15741 6f19259b-4bc3-4df7-8a09-765794883524
Qiu Shumin [Mon, 4 Aug 2014 01:06:19 +0000 (01:06 +0000)]
Update the en-US definition in 'UefiShellInstall1CommandsLib.uni', 'UefiShellLevel1CommandsLib.uni', 'UefiShellLevel3CommandsLib.uni' and 'UefiShellNetwork1CommandsLib.uni' to make them consistent.
lhauch [Fri, 1 Aug 2014 18:11:32 +0000 (18:11 +0000)]
CodeModule: BaseTools - tools_def.txt VS2010, VS2010x86, VS2012 and VS2012x86 update locations for rc.exe tool
This change will point to the correct location of the rc.exe tool.
RC.exe is used for building UEFI compliant drivers that must have a UEFI_HII_RESOURCE_SECTION generated as part of the .efi image file.
Elvin Li [Fri, 1 Aug 2014 05:08:40 +0000 (05:08 +0000)]
MdeModulePkg: Fix wrong check for SetAttribute in Consplitter
Original code check if Attribute > 0x7FFFFFFF, this is wrong and fail to check valid case per UEFI spec.
ShellPkg: UpdateStdInStdOutStdErr(): append BOM to new unicode file
The >> operator redirects stdout to a file, using append mode and unicode
encoding. Write the BOM when redirection happens to a new file (which
starts out empty).
This makes the >> operator behave similarly to the > operator, when the
redirection target doesn't exist originally:
OutUnicode && OutAppend && FileSize == 0 // >> to new unicode file
vs.
OutUnicode && !OutAppend // > to any unicode file
(Note that (FileSize == 0) is equivalent to "new file" in this context,
due to the earlier "Check that filetypes (Unicode/Ascii) do not change
during an append".)
Add VS2013 tool chain in BaseTools\Conf\tools_def.template. Also, two issues came up related to vs2013 build and caused the build to fail.
Vs2013 issue #1: warning message about uninitialized variables or pointers like this:
s:\incbld\ia32\intelframeworkmodulepkg\bus\isa\isabusdxe\isabus.c(395) : warning C4701: potentially uninitialized local variable 'DevicePathData' used
s:\incbld\ia32\intelframeworkmodulepkg\bus\isa\isabusdxe\isabus.c(395) : warning C4703: potentially uninitialized local pointer variable 'DevicePathData' used
LINK : fatal error LNK1257: code generation failed
The following online messages shows discussions related to this vs2013 issue and how Microsoft engineer responded. They suggest a work around by adding the initialization for the variables.
https://connect.microsoft.com/VisualStudio/feedback/details/816730/bogus-warning-from-vs-2013
Vs2013 issue #2:
C:\Program Files\Windows Kits\8.1\include\um\winnt.h(5105) : error C2220: warning treated as error - no 'object' file generated
C:\Program Files\Windows Kits\8.1\include\um\winnt.h(5105) : warning C4005: 'InterlockedCompareExchange64' : macro redefinition
This happened for Nt32Pkg.
Elvin Li [Thu, 31 Jul 2014 03:21:39 +0000 (03:21 +0000)]
MdeModulePkg: Removed valid text mode check in SetAttribute interface in GraphicsConsole.
UEFI spec mentioned that the color mask can be set even when the device is in an invalid text mode. But the current code add text mode check. Removed the check now.
Ronald Cron [Tue, 29 Jul 2014 14:19:57 +0000 (14:19 +0000)]
ArmPlatformPkg/Bds: Added boot options reordering
Added the reordering of the boot options feature to the boot manager.
The BootMenuSelectBootOption() has been split into
DisplayBootOptions() that only displays the boot options and
SelectBootOptions() that asks to select one.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ronald Cron <ronald.cron@arm.com> Reviewed-By: Olivier Martin <olivier.martin@arm.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15718 6f19259b-4bc3-4df7-8a09-765794883524
Ronald Cron [Tue, 29 Jul 2014 14:15:15 +0000 (14:15 +0000)]
ArmPlatformPkg/Bds: Got rid of RequestBootType argument
Removed "RequestBootType" argument of the "*CreateDevicePathNode()" and
"*UpdateDevicePathNode()" functions. A boolean field "Request
BootType" has been added to the BDS_LOAD_OPTION_SUPPORT structure and
is used by the "BootMenuAddBootOption()" and "BootMenuUpdateBootOption()"
functions instead.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ronald Cron <ronald.cron@arm.com> Reviewed-By: Olivier Martin <olivier.martin@arm.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15713 6f19259b-4bc3-4df7-8a09-765794883524
Olivier Martin [Tue, 29 Jul 2014 14:07:30 +0000 (14:07 +0000)]
ArmPkg/ArmPkg.dec: Added the interrupt numbers for the Hypervisor and Virtual Timers
These numbers are mainly to reduce hardcoded numbers into the ACPI GTDT table.
And also to match with the use of PcdArmArchTimerSecIntrNum and PcdArmArchTimerIntrNum
into the GTDT ACPI Table.
Signed off by: Ravi Rangarajan <ravi.p.rangarajan@intel.com>
Reviewed by: Maurice Ma <maurice.ma@intel.com>
Reviewed by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed by: Giri Mudusuru <giri.p.mudusuru@intel.com>
Reviewed by: Liming Gao <liming.gao@intel.com>