The commit also adds an explicit UINT32 type cast for 'Blt->Width' to
avoid possible overflow in the int range for:
Blt->Width * Blt->Height
Since both Blt->Width and Blt->Height are of type UINT16. They will be
promoted to int (signed) first, and then perform the multiplication
operation. If the result of multiplication between Blt->Width and
Blt->Height exceeds the range of type int, a potential incorrect size will
be passed into function AllocateZeroPool().
Hao Wu [Wed, 22 Mar 2017 02:08:55 +0000 (10:08 +0800)]
MdeModulePkg/DxeCore: Add ASSERT to ensure no subtract underflow
For function SplitRecord() in file PropertiesTable.c, there is a
potential subtract underflow case for line:
return TotalNewRecordCount - 1;
However, such case will not happen since the logic in function
SplitTable() ensure that when calling SplitRecord(), the variable
'TotalNewRecordCount' will not be zero when performing the subtraction.
It will be handled in the previous if statement:
MdeModulePkg BrotliLib: Fix the regression logic issue in loop
In V2, change logic to avoid use mtf[-1] style to get value.
Roll back to previous logic, and use point + offset to get byte value.
Cc: Bell Song <binx.song@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Bell Song <binx.song@intel.com>
ArmPkg: copy/paste fixes in ARM ArmHvcLib/ArmSmcLib
ARM ArmHvcLib looks like it was created from copy of ArmSmcLib which
looks like it was created from a copy of the AArch64 version.
Both of these files include AsmMacroIoLibV8.h instead of
AsmMacroIoLib.h, although since they only use macros that are identical
between the two, there was no functional issue caused by this.
Leo Duran [Wed, 12 Apr 2017 14:55:23 +0000 (22:55 +0800)]
MdePkg: BaseIoLibIntrinsic (IoLib class) library
This patch adds an SEV-specific .INF and corresponding assembly
files, to unroll REP INSx/OUTSx on IoRead/WriteFifo#() routines
when the SEV feature is enabled under a hypervisor environment.
The new .INF only supports the IA32 and X64 architectures.
Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Signed-off-by: Leo Duran <leo.duran@amd.com> Reviewed-by: Liming Gao <liming.gao@intel.com>
IntelFrameworkModulePkg/IdeBusDxe: Fix undefined behavior in signed left shift
In function AtapiReadCapacity(), the following expression:
IdeDev->BlkIo.Media->LastBlock = (Data.LastLba3 << 24) |
(Data.LastLba2 << 16) |
(Data.LastLba1 << 8) |
Data.LastLba0;
(There is also a similar case in this function.)
will involve undefined behavior in signed left shift operations.
Since Data.LastLbaX is of type UINT8, and
IdeDev->BlkIo.Media->LastBlock is of type UINT64. Therefore,
Data.LastLbaX will be promoted to int (32 bits, signed) first,
and then perform the left shift operation.
According to the C11 spec, Section 6.5.7:
4 The result of E1 << E2 is E1 left-shifted E2 bit positions; vacated
bits are filled with zeros. If E1 has an unsigned type, the value
of the result is E1 * 2^E2 , reduced modulo one more than the
maximum value representable in the result type. If E1 has a signed
type and nonnegative value, and E1 * 2^E2 is representable in the
result type, then that is the resulting value; otherwise, the
behavior is undefined.
So if bit 7 of Data.LastLba3 is 1, (Data.LastLba3 << 24) will be out of
the range within int type. The undefined behavior of the signed left shift
will lead to a potential of setting the high 32 bits of
IdeDev->BlkIo.Media->LastBlock to 1 during the cast from type int to type
UINT64.
This commit will add an explicit UINT32 type cast for Data.LastLba3 to
resolve this issue.
MdeModulePkg/UsbBotPei: Fix undefined behavior in signed left shift
In function PeiUsbReadCapacity(), the following expression:
LastBlock = (Data.LastLba3 << 24) |
(Data.LastLba2 << 16) |
(Data.LastLba1 << 8) |
Data.LastLba0;
(There is also a similar case in function PeiUsbReadFormattedCapacity().)
will involve undefined behavior in signed left shift operations.
Since Data.LastLbaX is of type UINT8, they will be promoted to int (32
bits, signed) first, and then perform the left shift operation.
According to the C11 spec, Section 6.5.7:
4 The result of E1 << E2 is E1 left-shifted E2 bit positions; vacated
bits are filled with zeros. If E1 has an unsigned type, the value
of the result is E1 * 2^E2 , reduced modulo one more than the
maximum value representable in the result type. If E1 has a signed
type and nonnegative value, and E1 * 2^E2 is representable in the
result type, then that is the resulting value; otherwise, the
behavior is undefined.
So if bit 7 of Data.LastLba3 is 1, (Data.LastLba3 << 24) will be out of
the range within int type. The undefined behavior of the signed left shift
might incur potential issues.
This commit will add an explicit UINT32 type cast for Data.LastLba3 to
refine the codes.
MdeModulePkg/UfsBlkIoPei: Fix undefined behavior in signed left shift
In function UfsBlockIoPeimGetMediaInfo(), the following expression:
Private->Media[DeviceIndex].LastBlock = (Capacity16.LastLba3 << 24) |
(Capacity16.LastLba2 << 16) |
(Capacity16.LastLba1 << 8) |
Capacity16.LastLba0;
(There is also a similar case in this function.)
will involve undefined behavior in signed left shift operations.
Since Capacity16.LastLbaX is of type UINT8, and
Private->Media[DeviceIndex].LastBlock is of type UINT64. Therefore,
Capacity16.LastLbaX will be promoted to int (32 bits, signed) first, and
then perform the left shift operation.
According to the C11 spec, Section 6.5.7:
4 The result of E1 << E2 is E1 left-shifted E2 bit positions; vacated
bits are filled with zeros. If E1 has an unsigned type, the value
of the result is E1 * 2^E2 , reduced modulo one more than the
maximum value representable in the result type. If E1 has a signed
type and nonnegative value, and E1 * 2^E2 is representable in the
result type, then that is the resulting value; otherwise, the
behavior is undefined.
So if bit 7 of Capacity16.LastLba3 is 1, (Capacity16.LastLba3 << 24) will
be out of the range within int type. The undefined behavior of the signed
left shift will lead to a potential of setting the high 32 bits of
Private->Media[DeviceIndex].LastBlock to 1 during the cast from type int
to type UINT64.
This commit will add an explicit UINT32 type cast for Capacity16.LastLba3
to resolve this issue.
MdeModulePkg/IdeBusPei: Fix undefined behavior in signed left shift
In function ReadCapacity(), the following expression:
MediaInfo->LastBlock = (Data.LastLba3 << 24) |
(Data.LastLba2 << 16) |
(Data.LastLba1 << 8) |
Data.LastLba0;
(There is also a similar case in this function.)
will involve undefined behavior in signed left shift operations.
Since Data.LastLbaX is of type UINT8, and MediaInfo->LastBlock is of type
UINTN. Therefore, Data.LastLbaX will be promoted to int (32 bits, signed)
first, and then perform the left shift operation.
According to the C11 spec, Section 6.5.7:
4 The result of E1 << E2 is E1 left-shifted E2 bit positions; vacated
bits are filled with zeros. If E1 has an unsigned type, the value
of the result is E1 * 2^E2 , reduced modulo one more than the
maximum value representable in the result type. If E1 has a signed
type and nonnegative value, and E1 * 2^E2 is representable in the
result type, then that is the resulting value; otherwise, the
behavior is undefined.
So if bit 7 of Data.LastLba3 is 1, (Data.LastLba3 << 24) will be out of
the range within int type. The undefined behavior of the signed left shift
will lead to a potential of setting the high 32 bits of
MediaInfo->LastBlock to 1 during the cast from type int to type UINT64
for X64 builds.
This commit will add an explicit UINT32 type cast for Data.LastLba3 to
resolve this issue.
Hao Wu [Mon, 20 Mar 2017 07:17:36 +0000 (15:17 +0800)]
MdeModulePkg/ScsiDiskDxe: Fix undefined behavior in signed left shift
In function GetMediaInfo(), the following expression:
ScsiDiskDevice->BlkIo.Media->LastBlock = (Capacity10->LastLba3 << 24) |
(Capacity10->LastLba2 << 16) |
(Capacity10->LastLba1 << 8) |
Capacity10->LastLba0;
will involve undefined behavior in signed left shift operations.
Since Capacity10->LastLbaX is of type UINT8, and
ScsiDiskDevice->BlkIo.Media->LastBlock is of type UINT64. Therefore,
Capacity10->LastLbaX will be promoted to int (32 bits, signed) first,
and then perform the left shift operation.
According to the C11 spec, Section 6.5.7:
4 The result of E1 << E2 is E1 left-shifted E2 bit positions; vacated
bits are filled with zeros. If E1 has an unsigned type, the value
of the result is E1 * 2^E2 , reduced modulo one more than the
maximum value representable in the result type. If E1 has a signed
type and nonnegative value, and E1 * 2^E2 is representable in the
result type, then that is the resulting value; otherwise, the
behavior is undefined.
So if bit 7 of Capacity10->LastLba3 is 1, (Capacity10->LastLba3 << 24)
will be out of the range within int type. The undefined behavior of the
signed left shift will lead to a potential of setting the high 32 bits
of ScsiDiskDevice->BlkIo.Media->LastBlock to 1 during the cast from type
int to type UINT64.
This commit will add an explicit UINT32 type cast for
Capacity10->LastLba3 to resolve this issue.
Hao Wu [Mon, 20 Mar 2017 08:24:09 +0000 (16:24 +0800)]
MdeModulePkg/Dxe/Image: Restore mCurrentImage on all paths
This commit makes sure that in function CoreStartImage(), module
variable 'mCurrentImage' is restored to the current start image context
on all code paths.
This patch updates the PcdPkcs7CertBuffer PCD to use the new
generated test certificate data for PKCS7 verification. This
was used as sample trusted certificate in the verification of
Signed Capsule Update.
(The updated value is still only for test purpose.)
Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Eric Dong <eric.dong@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Long Qin <qin.long@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
Long Qin [Tue, 11 Apr 2017 07:36:54 +0000 (15:36 +0800)]
BaseTools/Pkcs7Sign: Update the test certificates & Readme.md
The old TestRoot certificate used for Pkcs7Sign is not compliant to
Root CA certificate requirement with incorrect basic constraints and
key usage setting.
When OpenSSL in CryptoPkg was updated from 1.0.2xx to the latest
1.1.0xx, the CA certificate checking was enforced for more extension
validations, which will raise the verification failure when stilling
using the old sample certificates.
This patch re-generated one set of test certificates used in
Pkcs7Sign demo, and updated the corresponding Readme.md to describe
how to set the options in openssl configuration file.
Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Eric Dong <eric.dong@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Long Qin <qin.long@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Jeff Fan [Mon, 10 Apr 2017 06:01:47 +0000 (14:01 +0800)]
SecurityPkg: Error Level is not used correctly
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan <jeff.fan@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Ard Biesheuvel [Wed, 29 Mar 2017 12:58:42 +0000 (13:58 +0100)]
ArmPlatformPkg/ArmVExpressDxe: remove FDT handling from ArmFvpDxe
Replace the elaborate but awkward handling of FDT images using device
paths and string PCDs initialized to 128 spaces with a simple scheme
involving a set of builtin DTBs and a bit of runtime logic to select
between them.
This is sufficient for ordinary use, which makes it more suitable as
reference code. Note that overriding the DTB presented to the OS can
easily be done with a UEFI application that simply installs a new DTB
image under the existing FDT configuration table GUID.
For this module, this simply involves removing all code that is involved
in deciding which platform we are running on, and for reasoning about
FDT device paths.
ArmPlatformPkg/EblCmdLib: remove dependency on deprecated ARM BdsLib
The EBL alternative shell depends indirectly on the deprecated ARM
BdsLib via EblCmdLib, which only uses a single helper function that
can easily be cloned. So clone it, and remove the dependency.
In addition to the QXL, Cirrus, etc. VGA adapters, Qemu also implements
a basic version of VMWare's SVGA display device. Drivers for this
device exist for some guest OSes which do not support Qemu's other
display adapters, so supporting it in OVMF is useful in conjunction
with those OSes.
This change adds support for the SVGA device's framebuffer to
QemuVideoDxe's graphics output protocol implementation, based on
VMWare's documentation. The most basic initialisation, framebuffer
layout query, and mode setting operations are implemented.
The device relies on port-based 32-bit I/O, unfortunately on misaligned
addresses. This limits the driver's support to the x86 family of
platforms.
Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Phil Dennis-Jordan <phil@philjordan.eu> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
OvmfPkg/QemuVideoDxe: Helper functions for unaligned port I/O.
The VMWare SVGA display device implemented by Qemu (-vga vmware) uses
an I/O-type BAR which is laid out such that some register offsets are
not aligned to the read/write width with which they are expected to be
accessed. (The register value port has an offset of 1 and requires
32 bit wide read/write access.)
The EFI_PCI_IO_PROTOCOL's Io.Read/Io.Write functions do not support
such unaligned I/O.
Before a driver for this device can be added to QemuVideoDxe, helper
functions for unaligned I/O are therefore required. This adds the
functions UnalignedIoWrite32 and UnalignedIoRead32, based on IoLib's
IoWrite32 and IoRead32, for the Ia32 and X64 architectures. Port I/O
requires inline assembly, so implementations are provided for the GCC,
ICC, and Microsoft compiler families. Such I/O is not possible on other
architectures, a dummy (ASSERT()ing) implementation is therefore
provided to satisfy the linker.
Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Suggested-by: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Phil Dennis-Jordan <phil@philjordan.eu> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
This adds a header file defining symbolic constants for the VMWare SVGA
virtual display device in preparation for supporting it in
QemuVideoDxe.
It is mostly an extract of the file lib/vmware/svga_reg.h from commit 329dd537456f93a806841ec8a8213aed11395def of VMWare's vmware-svga
repository at git://git.code.sf.net/p/vmware-svga/git (See also
http://vmware-svga.sourceforge.net/ )
Only the bare essentials necessary for initialisation, modesetting and
framebuffer access have been kept from the original file; macro names
have been prefixed with VMWARE_SVGA_ instead of SVGA2_, and the enum
definition has been adapted to comply with EDK2 naming conventions.
The original file was released by VMWare under the MIT license, this
has been retained.
Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Phil Dennis-Jordan <phil@philjordan.eu> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Ruiyu Ni [Fri, 7 Apr 2017 03:02:47 +0000 (11:02 +0800)]
ShellPkg: Fix Shell to not return without startup.nsh after timeout
When user doesn't press key to exit the timeout waiting in Shell,
and there is no startup.nsh, Shell exits with failure status. aaf51f08ee104447207bba571649556095befc93 introduced this bug.
The patch fixes this issue.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Chen A Chen <chen.a.chen@intel.com>
Old implementation only finds first matched full device path for a
given short-form device path.
The patch adds internal function BmGetNextLoadOptionBuffer() to finds
all matched full device path for a given short-form device path.
There are 6 kinds of device paths. Some of them match to multiple
load options, some of them don't.
1. Media device path:
Returns multiple load options: The media device path may point
to a physical BlockIo which contains multiple logic partitions,
each logic partitions contains \EFI\BOOT\BOOT${ARCH}.EFI.
2. Short-form hard-drive device path:
Returns one load option because the partition signature is unique.
3. Short-form file-path device path:
Returns multiple load options: There are multiple SimpleFileSystem
instances and each contains the same file.
4. Short-form URI device path:
Returns multiple load options: There are multiple LoadFile
instances and each can boot.
5. Short-form USB device path:
Returns multiple load options: There are multiple UsbIo instances
and each contains the boot-able file.
6. FV device path, device path pointing to SimpleFileSystem, device
path pointing to LoadFile
Returns one load option.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com> Cc: Eric Dong <eric.dong@intel.com> Cc: Jeff Fan <jeff.fan@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Michael Kinney <michael.d.kinney@intel.com> Cc: Feng Tian <feng.tian@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan <jeff.fan@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Jeff Fan [Sat, 1 Apr 2017 11:39:22 +0000 (19:39 +0800)]
UefiCpuPkg/PiSmmCpuDxeSmm: Consume new APIs
Consuming PeCoffSerachImageBase() from PeCoffGetEntrypointLib and consuming
DumpCpuContext() from CpuExceptionHandlerLib to replace its own implementation.
Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Michael Kinney <michael.d.kinney@intel.com> Cc: Feng Tian <feng.tian@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan <jeff.fan@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Export DumpCpuCotext() to display CPU Context. We will invoke
PeCoffGetEntrypointLib's PeCoffSerachImageBase() to get PE/COFF image base.
Display exception data bit value for page fault exception.
Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Michael Kinney <michael.d.kinney@intel.com> Cc: Feng Tian <feng.tian@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan <jeff.fan@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
This API is used to display exception type and all processor context for debug
purpose.
Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Michael Kinney <michael.d.kinney@intel.com> Cc: Feng Tian <feng.tian@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan <jeff.fan@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
This new API only works on DEBUG build. It will search the PE/COFF image base
forward the input address in this PE/COFF image and returns it.
Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Michael Kinney <michael.d.kinney@intel.com> Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan <jeff.fan@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
ArmPlatformPkg/PL111LcdArmVExpressLib: use write-combine mapping for VRAM
Replace the uncached memory mapping of the framebuffer with a write-
combining one. This improves performance, and avoids issues with
unaligned accesses and DC ZVA instructions performed by the accelerated
memcpy/memset routines.
Instead of manipulating the memory attributes directly, use the
SetMemorySpaceAttributes() DXE services, which validates the attributes
against the capabilities of the region before making the actual change.
ArmPlatformPkg/HdLcdArmVExpressLib: use write-combine mapping for VRAM
Replace the uncached memory mapping of the framebuffer with a write-
combining one. This improves performance, and avoids issues with
unaligned accesses and DC ZVA instructions performed by the accelerated
memcpy/memset routines.
Instead of manipulating the memory attributes directly, use the
SetMemorySpaceAttributes() DXE services, which validates the attributes
against the capabilities of the region before making the actual change.
When we fail to modify the memory attributes for the VRAM allocation,
the allocation - which was made using AllocatePages() - is freed using
FreePool(). This is incorrect by itself, but it masks a second bug, i.e.,
that the address of the allocation is not in VramBaseAddress but in
*VramBaseAddress. So fix both issues.
When we fail to modify the memory attributes for the VRAM allocation,
the allocation - which was made using AllocatePages() - is freed using
FreePool(). This is incorrect by itself, but it masks a second bug, i.e.,
that the address of the allocation is not in VramBaseAddress but in
*VramBaseAddress. So fix both issues.
ArmPlatformPkg/FVP: map motherboard VRAM as uncached memory
The VRAM of the PL111 on the FVP Base/Foundation models is described as
device memory rather than uncached memory, which is not an accurate
description of the nature of the region (i.e., a framebuffer), and may
result in problems when using accelerated string routines to access the
region, since this may legally involve unaligned accesses or DC ZVA
instructions, which are not allowed on device mappings.
So split of the 8 MB VRAM region into a separate region, and map it using
memory attributes.
Qin Long [Fri, 31 Mar 2017 14:12:45 +0000 (22:12 +0800)]
CryptoPkg/BaseCryptLib: Adding NULL checking in time() wrapper.
There are some explicit time(NULL) calls in openssl-1.1.0xx source,
but the dummy time() wrapper in ConstantTimeClock.c (used by PEI
and SMM module) has no any checks on NULL parameter. This is one bug
and will cause the memory access issue.
This patch adds the NULL parameter checking in time() wrapper.
Cc: Ting Ye <ting.ye@intel.com> Cc: Eric Dong <eric.dong@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Qin Long <qin.long@intel.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Qin Long [Sat, 1 Apr 2017 03:30:55 +0000 (11:30 +0800)]
CryptoPkg: Fix possible unresolved external symbol issue.
The compiler (visual studio) may optimize some explicit strcmp call
in openssl source to use the intrinsic memcmp call.
In CrtLibSupport.h, we just use #define to mapping memcmp to
CompareMem API. So in Link phase, this kind of intrinsic optimization
will cause the "unresolved external symbol" error. For example:
OpensslLib.lib(v3_utl.obj) : error LNK2001:
unresolved external symbol _memcmp
This patch will keep the memcmp mapping, and provide extra Intrinsic
memcmp wrapper to satisfy the symbol link.
Qin Long [Fri, 31 Mar 2017 11:31:23 +0000 (19:31 +0800)]
CryptoPkg/OpensslLib: Suppress extra build warnings in openssl source
(Need further follow-ups as described in
https://bugzilla.tianocore.org/show_bug.cgi?id=455)
This patch added some extra build options to suppress possible warnings
when building openssl source under GCC48 and VS2010. Including:
Adding "-Wno-error=maybe-uninitialized" to suppress the following GCC48
build warning:
OpensslLib/openssl/ssl/statem/statem_clnt.c:2543:9: error: "len" may
be used uninitialized in this function [-Werror=maybe-uninitialized]
len += pskhdrlen;
^
And adding "/wd4306" to suppress the following VS2010 build warning:
openssl\crypto\asn1\tasn_dec.c(795) : warning C4306: 'type cast' :
conversion from 'int' to 'ASN1_VALUE *' of greater size
Long Qin [Thu, 6 Apr 2017 05:53:06 +0000 (13:53 +0800)]
CryptoPkg: Move openssl and CRT headers to private include section
Moving the header files for openssl and CRT wrappers to the private
include section, since these files should be referenced by CryptoPkg
internally. This update was supported by new [Includes.Common.Private]
setting in Package DEC file.
The external consumer modules should only use the interfaces defined
in BaseCryptLib.h to access crypto functions. This change will be
helpful to immediately detect any illegal direct reference to internal
openssl headers.
The Perl script "process_files.pl" was also updated to reflect the new
private include path.
Cc: Gao Liming <liming.gao@intel.com> Cc: Ting Ye <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Qin Long <qin.long@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com>
BaseTools: Update tools_def.template to add -fno-builtin in GCC tool chain
Now, -fno-builtin option is added for the specific GCC tool chain.
It is a generic option. It can be moved to common GCC option to keep
the consistent compiler option.
Zhang, Chao B [Tue, 28 Feb 2017 02:23:19 +0000 (10:23 +0800)]
SecurityPkg: SecureBootConfigDxe: Support AUTH_2 enrollment to DBX
Update SecureBootConfigDxe to support AUTH_2 format data enrollment
to DBX.
Free opened file handle resource after exit PK/KEK/DB/DBX/DBT
enrollment page.
Dandan Bi [Wed, 5 Apr 2017 14:32:16 +0000 (22:32 +0800)]
UefiCpuPkg: Fix typos in UefiCpuPkg.dec
Cc: Jeff Fan <jeff.fan@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dandan Bi <dandan.bi@intel.com> Reviewed-by: Jeff Fan <jeff.fan@intel.com>
MdeModulePkg: move PlatformHasAcpiGuid from EmbeddedPkg
Given the agreement on the edk2-devel regarding the fact that the
notion whether or not a 'platform has ACPI' is a universal one, move
the PlatformHasAcpi GUID to MdeModulePkg.
Having a three way conditional with callbacks would make sense if the
callbacks weren't (a) identical and (b) didn't return TRUE all the
time. So get rid of the kludge.
We are switching the Juno platform to the generic host bridge driver,
which involves implementing PciHostBridgeLib for this platform, and
plugging it into MdeModulePkg's PciHostBridgeDxe.inf.
Since the platform descriptions no longer live in upstream EDK2, the
PciHostBridgeLib implementation (which reuses some of the code removed
here) will live there as well. But this PciHostBridgeDxe driver is no
longer used, so remove it.
ArmPlatformPkg/ArmJunoDxe: don't register OnEndOfDxe event on rev R0
The ArmJunoDxe driver code registers a callback for the EndOfDxe event,
at which time it does some manipulation of the PCI peripherals on the
board. Given that R0 has no working PCIe, instead of conditionally
performing these operations, omit the registration of the
callback altogether on that platform.
Ard Biesheuvel [Thu, 30 Mar 2017 09:31:44 +0000 (10:31 +0100)]
ArmPlatformPkg/ArmJunoDxe: use the generic non-discoverable device support
Replace the open coded reimplementation of 'PCI emulation' with a pair
of calls into NonDiscoverableDeviceRegistrationLib to register the OHCI
and EHCI controllers. These will be picked up by the generic driver instead.
Remove ArmShellCmdRunAxf's dependency on the deprecated BdsLib by
cloning the ShutdownUefiBootServices() routine into a local source
file; this is the only BdsLib feature 'runaxf' depends on.
Dandan Bi [Wed, 5 Apr 2017 01:00:01 +0000 (09:00 +0800)]
UefiCpuPkg/MtrrLib:Fix VS2012 build failure
Cc: Ruiyu Ni <ruiyu.ni@intel.com> Cc: Jeff Fan <jeff.fan@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dandan Bi <dandan.bi@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
V2: The pointer StringPtr points to a string returned
by ExtractConfig/ExportConfig, if it is NULL, function
InternalHiiIfrValueAction will return FALSE. So in
current usage model, the StringPtr can not be NULL before
using it, so we can add ASSERT here.
Cc: Eric Dong <eric.dong@intel.com> Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dandan Bi <dandan.bi@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com>
ArmVirtPkg/ArmVirtQemuKernel: increase slack space for DTB
The relocatable build of ArmVirtQemuKernel is designed to be executed
from RAM, and contains some scratch memory at the start of the image
to use as a stack very early on, and to preserve the DTB image received
from QEMU while it discovers and initializes memory.
It turns out that 8 KB is a bit on the small side here, especially when
executing with secure world emulation enabled, in which case there are
additional nodes present.
So increase the slack space to 32 KB.
While at it, remove a stale Xen reference that was copy/pasted when this
file was created.
In some cases, (e.g., when running QEMU with TrustZone emulation), the
DT may contain DT nodes whose status is set to 'secure'. Similarly, the
status may be set to 'disabled' if the consumer of the DT image is
expected to treat it as if it weren't there.
So check whether a 'status' property is present, and if so, ignore the
node if the status is not 'okay'.
In some cases, (e.g., when running QEMU with TrustZone emulation), the
DT may contain DT nodes whose status is set to 'secure'. Similarly, the
status may be set to 'disabled' if the consumer of the DT image is
expected to treat it as if it weren't there.
So check whether a 'status' property is present, and if so, ignore the
node if the status is not 'okay'.
In some cases, (e.g., when running QEMU with TrustZone emulation), the
DT may contain memory nodes whose status is set to 'secure'. Similarly,
the status may be set to 'disabled' if the consumer of the DT image is
expected to treat it as if it weren't there.
So check whether a 'status' property is present, and if so, ignore the
node if the status is not 'okay'.
Jeff Fan [Tue, 28 Mar 2017 06:01:24 +0000 (14:01 +0800)]
UefiCpuPkg/PiSmmCpuDxeSmm: Update saved SMM ranges check in SmmProfile
SmmProfile feature required to protect all SMM ranges by structure
mProtectionMemRangeTemplate. This update is to add additonal save SMM ranges
into mProtectionMemRangeTemplate besides the range specified by
mCpuHotPlugData.SmrrBase/mCpuHotPlugData.SmrrSiz.
Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Michael Kinney <michael.d.kinney@intel.com> Cc: Feng Tian <feng.tian@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan <jeff.fan@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Jeff Fan [Tue, 28 Mar 2017 05:51:52 +0000 (13:51 +0800)]
UefiCpuPkg/PiSmmCpuDxeSmm: Add IsInSmmRanges() to check SMM range
Internal function IsInSmmRanges() is added t check SMM range by saved SMM ranges
beside by mCpuHotPlugData.SmrrBase/mCpuHotPlugData.SmrrSiz.
Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Michael Kinney <michael.d.kinney@intel.com> Cc: Feng Tian <feng.tian@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan <jeff.fan@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Jeff Fan [Tue, 28 Mar 2017 00:48:17 +0000 (08:48 +0800)]
UefiCpuPkg/PiSmmCpuDxeSmm: Save SMM ranges info into global variables
v2:
Add #define SMRR_MAX_ADDRESS to clarify SMRR requirement.
Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Michael Kinney <michael.d.kinney@intel.com> Cc: Feng Tian <feng.tian@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan <jeff.fan@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>