Gitiles
Code Review Sign In
review.shift-gmbh.com / SHIFTPHONES / android_bootable_bootloader_edk2 / 3b9f94c33bfb637e772d73b8cd527e91e165e7f6 / SecurityPkg
  1. 3aa8dc6 Add UEFI RNG Protocol support. The driver will leverage Intel Secure Key technology to produce the Random Number Generator protocol, which is used to provide high-quality random numbers for use in applications, or entropy for seeding other random number generators. Refer to http://software.intel.com/en-us/articles/intel-digital-random-number-generator-drng-software-implementation-guide/ for more information about Intel Secure Key technology. by Long, Qin · 11 years ago
  2. fddbbc6 SecurityPkg Variable: Remove mStorageData buffer allocation and use Scratch buffer instead to reduce SMRAM consumption. by Star Zeng · 11 years ago
  3. 128ef09 MdeModulePkg and SecurityPkg Variable: Optimize the code to reduce some SMRAM consumption during variable reclaiming. by Star Zeng · 11 years ago
  4. 7baf3c6 MdeModulePkg and SecurityPkg Variable: Enhance code to use the new variable data instead of old variable data when variable reclaim. by Star Zeng · 11 years ago
  5. 9318b08 Add TPM1.2 SaveState API. by jyao1 · 11 years ago
  6. c793510 1. Enable use-cases in PEI using SecurityPPI co-equal to the use-cases in DXE using the Security Arch Protocol by Star Zeng · 11 years ago
  7. 5ecc20b Fix coding style issue. by Fu Siyuan · 11 years ago
  8. 22f8964 TrEEPhysicalPresenceLib|Include/Library/TrEEPhysicalPresenceLib.h by jyao1 · 11 years ago
  9. 44446d1 Fix a bug about the “VendorKey” variable update logic. by Fu Siyuan · 11 years ago
  10. 15d73df Add missing comments for function parameters. by gdong1 · 11 years ago
  11. c1d9324 Add TPM2 implementation. by jyao1 · 11 years ago
  12. e84f07b Create PCDs in MdeModulePkg for ACPI table OEM_ID/OEM_TABLE_ID/OEM_REVISION/CREATOR_ID/CREATOR_REVISION customization. by Star Zeng · 11 years ago
  13. 3a186b0 Return EFI_WRITE_PROTECTED when setting KEKDefault, PKDefault, dbDefault, dbxDefault and dbtDefault variable. by Fu Siyuan · 11 years ago
  14. 74b5fd7 Update the chaining requirements with regards to the Platform Key. by Fu Siyuan · 11 years ago
  15. a555940 Add “VendorKeys” variable for indicating out of band key modification. by Fu Siyuan · 11 years ago
  16. ed09456 Enhance TPM driver to protect TPM physical presence flags. by Dong Guo · 11 years ago
  17. db44ea6 1. Change default PCD in SecurityPkg to 4 (DENY_EXECUTE) in DEC file. by Fu Siyuan · 11 years ago
  18. a365eed Fix a bug in secure boot configuration driver: Enroll DB/KEK will disable Attempt Secure Boot option. by Fu Siyuan · 11 years ago
  19. 6675a21 MdePkg/MdeModulePkg/SecurityPkg Variable: Forbid creation of non-spec variables in EFI_GLOBAL_VARIABLE namespace. by Star Zeng · 11 years ago
  20. 6e67fec MdeModulePkg/SecurityPkg Variable: If a preexisting variable is rewritten with different attributes, SetVariable() shall not modify the variable and shall return EFI_INVALID_PARAMETER. by Star Zeng · 11 years ago
  21. 301c867 Change EFI_TCG_EVENT_HOB_GUID value to avoid the duplicated GUID value with EFI_LEGACY_BIOS_GUID. by Shumin Qiu · 11 years ago
  22. fd64f84 Checks the length of the file name to avoid illegal access. by Gary Ching-Pang Lin · 11 years ago
  23. 863986b Update all the code to consume the ConvertDevicePathToText, ConvertDevicePathNodeToText, ConvertTextToDevicePath and ConvertTextToDeviceNode APIs in DevicePathLib. by Ruiyu Ni · 11 years ago
  24. 41982eb SecurityPkg Variable: Add the check for PcdFlashNvStorageVariableSize <= PcdFlashNvStorageFtwSpareSize. by Star Zeng · 12 years ago
  25. 039a40a SecurityPkg: Variable drivers robustly handle crashes during Reclaim(). by Star Zeng · 12 years ago
  26. 328e5d8 The list of locked variables is traversed at runtime, hence we must by Laszlo Ersek · 12 years ago
  27. e4b7e2c Revert the changes made in 14403 because it incorrectly changed the EOL. by Ruiyu Ni · 12 years ago
  28. 9199cb9 The list of locked variables is traversed at runtime, hence we must by Laszlo Ersek · 12 years ago
  29. 443bd74 Fix overflow issue in TcgProtocol by Chao Zhang · 12 years ago
  30. 164a9b6 Fix the TOCTOU issue of CommBufferSize itself for SMM communicate handler input. by lzeng14 · 12 years ago
  31. 6ab9f44 Add the EDKII_VARIABLE_LOCK_PROTOCOL implementation in SecurityPkg variable drivers. by niruiyu · 12 years ago
  32. 0ba17ad Fix a bug that “SecureBoot” varaible will be updated to NV+AT attribute incorrectly. by sfu5 · 12 years ago
  33. ee79ac8 Pop up error message when user tries to enroll an invalid certificate file into KEK/DB/DBX. by sfu5 · 12 years ago
  34. cbcccd2 Update Code to pass EBC compiler. by lgao4 · 12 years ago
  35. 5e5bb2a 1. Fix TOCTOU issue in VariableSmm, FtwSmm, FpdtSmm, SmmCorePerformance SMM handler. For VariableSmm, pre-allocate a mVariableBufferPayload buffer with mVariableBufferPayloadSize(match with mVariableBufferPayloadSize in VariableSmmRuntimeDxe) to hold communicate buffer payload to avoid TOCTOU issue. by lzeng14 · 12 years ago
  36. 732d199 Fix memory overflow & VariableSize check issue for SetVariable append write. by czhang46 · 12 years ago
  37. 9d00d20 1. Use the check IsAddressValid() to prevent SMM communication buffer overflow in SmmVariable, FtwSmm, FpdtSmm, SmmCorePerformance and SmmBaseHelper, and add check to prevent InfoSize overflows in SmmVariableHandler. by lzeng14 · 12 years ago
  38. 968e143 Check for NULL pointer before free it. by sfu5 · 12 years ago
  39. 56251c6 Fix potential overflow for SetVariable interface by czhang46 · 12 years ago
  40. d17c4ea Fix a potential SMM memory dump issue. If pass communication buffer with DataBuffer to SMM SetVariable which is big enough to cover SMM range. Then GetVariable can dump SMM memory contents. Add more range check for SetVariable by czhang46 · 12 years ago
  41. 772b601 Update code not to block application/driver load when event log is full. by gdong1 · 12 years ago
  42. 3a146f2 Fix SMM Variable driver stack GetVariable return INVALID_PARAMETER when DataSize is bigger than SMM communication buffer. by czhang46 · 12 years ago
  43. 0c55190 Update SMM variable DXE driver GetNextVariable interface to comply with UEFI spec by czhang46 · 12 years ago
  44. a2f2c25 Update secure boot UI driver to handle “reset to default” hot key. by sfu5 · 12 years ago
  45. 3588bb3 If DataSize or VariableNameSize is near MAX_ADDRESS, this can cause the computed PayLoadSize to overflow to a small value and pass the check in InitCommunicateBuffer(). To protect against this vulnerability, check DataSize and VariableNameSize to make sure PayloadSize doesn't overflow. by lzeng14 · 12 years ago
  46. 7403ff5 Fix a bug that IsSignatureFoundInDatabase() incorrectly computes CertCount. by sfu5 · 12 years ago
  47. 6de4c35 Update the DxeImageVerificationLib to support for Authenticode-signed UEFI images with multiple signatures. by sfu5 · 12 years ago
  48. ca5a7d8 Add error handling code to prevent variable store corruption in release build. by sfu5 · 12 years ago
  49. 5767f22 Check the input VaraibleName for db/dbx when appending variables with formatted as EFI_SIGNATURE_LIST. by sfu5 · 12 years ago
  50. 12cbe23 Check for NULL pointer before dereference it. by sfu5 · 12 years ago
  51. 932e0f6 Variables with state VAR_ADDED&VAR_IN_DELETED_TRANSITION should be considered as valid variables if there is no duplicated ones with VAR_ADDED state. by lzeng14 · 12 years ago
  52. 0cc565d Add NULL pointer check. by lzeng14 · 12 years ago
  53. b7d269e Fix infinite loop bug in secure boot UI driver. by sfu5 · 12 years ago
  54. 03ecb57 Fix TPM may be locked twice issue in normal boot. by gdong1 · 12 years ago
  55. 23b0693 1. Update the logic of UpdateVariable() for updating variable from: by lzeng14 · 12 years ago
  56. aab9212 Fix the issue that RuntimeServiceQueryVariableInfo() in VariableSmmRuntimeDxe always return EFI_SUCCESS. by lzeng14 · 12 years ago
  57. f71ed83 1. Set the secure boot state to Standard Mode when user leaving secure boot setup page. by sfu5 · 12 years ago
  58. 83758cd Fix a bug that the invalid public key will never be removed from public key database. by sfu5 · 12 years ago
  59. 6ed1ec5 Add the TPL raise/restore code for VariableSmmRuntimeDxe to avoid variable services reentry. by lzeng14 · 12 years ago
  60. 335e268 1. Don't assume that flush the HOB variable to flash must be successful. by lzeng14 · 12 years ago
  61. 3f5c168 Use SMM_VARIABLE_COMMUNICATE_HEADER_SIZE instead of OFFSET_OF (SMM_VARIABLE_COMMUNICATE_HEADER, Data). by lzeng14 · 12 years ago
  62. b3d4217 Add a NULL string to the Image Execution Information Table if the Name is NULL in function AddImageExeInfo(). by sfu5 · 12 years ago
  63. bcb7667 Fix Gcc build error by czhang46 · 12 years ago
  64. f3ac87a Fix coding style issue by czhang46 · 12 years ago
  65. c11d47b Move the declaration of gEfiCertDbGuid to the package's Include folder. by sfu5 · 12 years ago
  66. b25380e Measure Processor location as system identity to PCR[1] according to Tcg server spec by czhang46 · 12 years ago
  67. a332cfd 1.Measure ACPI table data comes from flash event type EV_POST_CODE ACPI DATA to PCR[0] by czhang46 · 12 years ago
  68. 275beb2 1. Correct the counter-based hash algorithm according to UEFI spec. by sfu5 · 12 years ago
  69. 8c3883b Fix ECC issue by czhang46 · 12 years ago
  70. 4821140 Add Physical Presence request UI detection logic. Refine UIConfirm ReadKey logic by czhang46 · 12 years ago
  71. 6f6c785 Remove TPM selftest on S3 boot path to save time by czhang46 · 12 years ago
  72. 64470c1 Remove useless MD5 OID ASN.1 value from DxeImageVerificationLib. by tye1 · 12 years ago
  73. f941bec Change TPM ACCESS_X.activeLocality test timeout to TIMEOUT_A by czhang46 · 12 years ago
  74. 89be2b0 Fix time-based and count-based authenticated variable can be updated by each other without verification. by gdong1 · 12 years ago
  75. 0758c83 Rename Trusted Hob to Measured FV hob and add Guided Hob layout structure by czhang46 · 12 years ago
  76. 0357efe Add a dialog box with help message when user changes the state of "Attempt Secure Boot" check box. by sfu5 · 12 years ago
  77. 42ed760 1. Fix a bug when comparing two timestamp in auth-variable driver. by sfu5 · 12 years ago
  78. 89799ec Fix coding style issue by czhang46 · 12 years ago
  79. d0043e4 Add ImageAuthenticationStatusLib to SAP to check Authentication Status returned from by czhang46 · 12 years ago
  80. 504dfa9 Add Tper Reset Logic by using MOR bit. by qianouyang · 12 years ago
  81. ad84df7 SecurityPkg/VariableSmm: Fix a VariableSmm bug when reading variable with size 0. by erictian · 12 years ago
  82. 6dbdb19 Fix compile error by czhang46 · 12 years ago
  83. 2aadc92 Enable TPM measurement lib to measure all PE image from a FV unmeasured by TcgPei by czhang46 · 12 years ago
  84. 59f968c TcgPei is a generic module, so move PcdFirmwareVersionString to generic Pcd list by czhang46 · 12 years ago
  85. 84bce75 Check the value of Hdr.dwLength for signed EFI image before image validation. by sfu5 · 12 years ago
  86. 8cc0681 fix compile error in TcgPei by czhang46 · 12 years ago
  87. 4dbb98a Add check for DevicePathNode. by lgao4 · 12 years ago
  88. 055c829 TcgPei need to measure anything to PCR in S3 bootpath, so skip shadow logic. by czhang46 · 12 years ago
  89. 333a53e Use firmware version instead of hardcode string for S-CRTM version identifier by czhang46 · 12 years ago
  90. db999bd Remove MOR check box feature. should not have a switch to turn off MOR. by czhang46 · 12 years ago
  91. f6f9031 Update the DxeImageVerificationLib to handle the signed image which CertType is set to EFI_CERT_TYPE_PKCS7_GUID. by sfu5 · 12 years ago
  92. f6e2335 1. Initialize certdb variable with correct value of list size. by sfu5 · 12 years ago
  93. 15f2d73 Add TcgDxeHashLogExtendEvent EventLogLastEntry parameter update logic by czhang46 · 12 years ago
  94. 5db28a6 Add PI1.2.1 SAP2 support and UEFI231B mantis 896 by lgao4 · 12 years ago
  95. 677e5c0 Fix TCG protocol TcgDxeHashLogExtendEvent and TcgDxeLogEvent SDL issue by czhang46 · 12 years ago
  96. be02dce Fix TCG protocol PassThroughToTpm() SDL issue by czhang46 · 12 years ago
  97. 50fe73a 1. Remove the code path which use X509 cert in KEK to validate PKCS7 signed image. by sfu5 · 12 years ago
  98. 8f3a9e5 LastVariableOffset is wrongly set to 0 when FtwVariableSpace() fails. Recalculate the HwErrVariableTotalSize, HwErrVariableTotalSize and LastVariableOffset when FtwVariableSpace() fails. by lzeng14 · 12 years ago
  99. 477be7c Fix physical presence request failure for PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE, PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE and PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE. by gdong1 · 12 years ago
  100. 9e945f7 Measure ExitBootServices failure case by czhang46 · 12 years ago