edk2[16337] Fix a bug in DHCP6 driver when using DUID LLT.
Revision: 16337 http://sourceforge.net/p/edk2/code/16337 Author: sfu5 Date: 2014-11-12 05:14:07 + (Wed, 12 Nov 2014) Log Message: --- Fix a bug in DHCP6 driver when using DUID LLT. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Fu Siyuan Reviewed-by: Dong Eric Reviewed-by: Wu Jiaxin Modified Paths: -- trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c Modified: trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c === --- trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c 2014-11-12 03:30:11 UTC (rev 16336) +++ trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c 2014-11-12 05:14:07 UTC (rev 16337) @@ -143,9 +143,9 @@ // // Set the Duid-type, hardware-type, time and copy the hardware address. // -WriteUnaligned16 ((UINT16 *) ((UINT8 *)&Duid + OFFSET_OF (EFI_DHCP6_DUID, Duid)), HTONS (Dhcp6DuidTypeLlt)); -WriteUnaligned16 ((UINT16 *) ((UINT8 *)&Duid + OFFSET_OF (EFI_DHCP6_DUID, Duid) + 2), HTONS (NET_IFTYPE_ETHERNET)); -WriteUnaligned32 ((UINT32 *) ((UINT8 *)&Duid + OFFSET_OF (EFI_DHCP6_DUID, Duid) + 4), HTONL (Stamp)); +WriteUnaligned16 ((UINT16 *) ((UINT8 *) Duid + OFFSET_OF (EFI_DHCP6_DUID, Duid)), HTONS (Dhcp6DuidTypeLlt)); +WriteUnaligned16 ((UINT16 *) ((UINT8 *) Duid + OFFSET_OF (EFI_DHCP6_DUID, Duid) + 2), HTONS (NET_IFTYPE_ETHERNET)); +WriteUnaligned32 ((UINT32 *) ((UINT8 *) Duid + OFFSET_OF (EFI_DHCP6_DUID, Duid) + 4), HTONL (Stamp)); CopyMem (Duid->Duid + 8, &Mode->CurrentAddress, Mode->HwAddressSize); } -- Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://pubads.g.doubleclick.net/gampad/clk?id=154624111&iu=/4140/ostg.clktrk ___ edk2-commits mailing list edk2-commits@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-commits
edk2[16465] Fix memory leak in Ip4Config.
Revision: 16465
http://sourceforge.net/p/edk2/code/16465
Author: sfu5
Date: 2014-12-02 01:51:37 + (Tue, 02 Dec 2014)
Log Message:
---
Fix memory leak in Ip4Config.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Samer El-Haj-Mahmoud
Reviewed-by: Fu Siyuan
Reviewed-by: Tian Feng
Modified Paths:
--
trunk/edk2/MdeModulePkg/Universal/Network/Ip4ConfigDxe/Ip4Config.c
Modified: trunk/edk2/MdeModulePkg/Universal/Network/Ip4ConfigDxe/Ip4Config.c
===
--- trunk/edk2/MdeModulePkg/Universal/Network/Ip4ConfigDxe/Ip4Config.c
2014-12-02 00:44:04 UTC (rev 16464)
+++ trunk/edk2/MdeModulePkg/Universal/Network/Ip4ConfigDxe/Ip4Config.c
2014-12-02 01:51:37 UTC (rev 16465)
@@ -1,6 +1,7 @@
/** @file
This code implements the IP4Config and NicIp4Config protocols.
+Copyright (c) 2014, Hewlett-Packard Development Company, L.P.
Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
@@ -656,7 +657,7 @@
This->Dhcp4Handle = NULL;
}
- if (This->Dhcp4Event == NULL) {
+ if (This->Dhcp4Event != NULL) {
gBS->CloseEvent (This->Dhcp4Event);
This->Dhcp4Event = NULL;
}
--
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
edk2[16472] NetworkPkg: Source fixes and cleanup for ARMGCC compiles
Revision: 16472
http://sourceforge.net/p/edk2/code/16472
Author: sfu5
Date: 2014-12-04 00:55:50 + (Thu, 04 Dec 2014)
Log Message:
---
NetworkPkg: Source fixes and cleanup for ARMGCC compiles
- Fix EFI_IPv4_ADDRESS usages to use a macro to copy the structure
instead of direct assignment, to avoid runtime alignment errors.
- Delete excess local variables that are initialized but otherwise unused.
- Add LibraryClasses.ARM & AARCH64 section in NetworkPkg.dsc file,
containing a CompilerIntrinsicsLib null-library, required for successful
standalone package builds (copied from MdeModulePkg.dsc).
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Randy Pawell
Reviewed-by: Fu Siyuan
Reviewed-by: Ye Ting
Modified Paths:
--
trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
trunk/edk2/NetworkPkg/Ip6Dxe/Ip6Impl.c
trunk/edk2/NetworkPkg/NetworkPkg.dsc
trunk/edk2/NetworkPkg/TcpDxe/TcpDispatcher.c
trunk/edk2/NetworkPkg/TcpDxe/TcpMain.c
trunk/edk2/NetworkPkg/TcpDxe/TcpMisc.c
trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcDriver.c
Modified: trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
===
--- trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c2014-12-04 00:32:24 UTC (rev
16471)
+++ trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c2014-12-04 00:55:50 UTC (rev
16472)
@@ -1,6 +1,7 @@
/** @file
Dhcp6 internal functions implementation.
+ (C) Copyright 2014 Hewlett-Packard Development Company, L.P.
Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.
This program and the accompanying materials
@@ -544,7 +545,6 @@
)
{
EFI_STATUS Status;
- EFI_DHCP6_STATE State;
UINT8 *Option;
UINT8 *IaInnerOpt;
UINT16 IaInnerLen;
@@ -565,7 +565,6 @@
//
// See details in the section-18.1.8 of rfc-3315.
//
- State = Dhcp6Init;
Option = Dhcp6SeekIaOption (
Packet->Dhcp6.Option,
Packet->Length - sizeof (EFI_DHCP6_HEADER),
@@ -2428,14 +2427,12 @@
{
EFI_STATUS Status;
UINT8 *Option;
- UINT16 StsCode;
BOOLEAN Timeout;
ASSERT(Instance->Config);
ASSERT(Instance->IaCb.Ia);
Timeout = FALSE;
- StsCode = Dhcp6StsSuccess;
//
// If the client does receives a valid reply message that includes a rapid
Modified: trunk/edk2/NetworkPkg/Ip6Dxe/Ip6Impl.c
===
--- trunk/edk2/NetworkPkg/Ip6Dxe/Ip6Impl.c 2014-12-04 00:32:24 UTC (rev
16471)
+++ trunk/edk2/NetworkPkg/Ip6Dxe/Ip6Impl.c 2014-12-04 00:55:50 UTC (rev
16472)
@@ -1,6 +1,7 @@
/** @file
Implementation of EFI_IP6_PROTOCOL protocol interfaces.
+ (C) Copyright 2014 Hewlett-Packard Development Company, L.P.
Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.
This program and the accompanying materials
@@ -1761,7 +1762,6 @@
)
{
IP6_PROTOCOL *IpInstance;
- IP6_SERVICE *IpSb;
EFI_STATUSStatus;
EFI_TPL OldTpl;
@@ -1770,7 +1770,6 @@
}
IpInstance = IP6_INSTANCE_FROM_PROTOCOL (This);
- IpSb = IpInstance->Service;
OldTpl = gBS->RaiseTPL (TPL_CALLBACK);
Modified: trunk/edk2/NetworkPkg/NetworkPkg.dsc
===
--- trunk/edk2/NetworkPkg/NetworkPkg.dsc2014-12-04 00:32:24 UTC (rev
16471)
+++ trunk/edk2/NetworkPkg/NetworkPkg.dsc2014-12-04 00:55:50 UTC (rev
16472)
@@ -1,6 +1,7 @@
## @file
# UEFI 2.4 Network Module Package for All Architectures
#
+# (C) Copyright 2014 Hewlett-Packard Development Company, L.P.
# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.
#
#This program and the accompanying materials
@@ -19,7 +20,7 @@
PLATFORM_VERSION = 0.95
DSC_SPECIFICATION = 0x00010005
OUTPUT_DIRECTORY = Build/NetworkPkg
- SUPPORTED_ARCHITECTURES= IA32|IPF|X64|EBC|ARM
+ SUPPORTED_ARCHITECTURES= IA32|IPF|X64|EBC|ARM|AARCH64
BUILD_TARGETS = DEBUG|RELEASE
SKUID_IDENTIFIER = DEFAULT
@@ -57,6 +58,14 @@
SortLib|ShellPkg/Library/UefiSortLib/UefiSortLib.inf
ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf
+[LibraryClasses.ARM, LibraryClasses.AARCH64]
+ #
+ # It is not possible to prevent ARM compiler calls to generic intrinsic
functions.
+ # This library provides the instrinsic functions generated by a given
compiler.
+ # [LibraryClasses.ARM] and NULL mean link this library into all ARM images.
+ #
+ NULL|ArmPkg/Library/CompilerIntrinsicsLib/CompilerIntrinsicsLib.inf
+
[PcdsFeatureFlag]
gEfiMdePkgTokenSpaceGuid.PcdComp
edk2[16535] Fix a bug that the gateway is not necessary in a simple PXE network.
Revision: 16535
http://sourceforge.net/p/edk2/code/16535
Author: sfu5
Date: 2014-12-18 03:03:52 + (Thu, 18 Dec 2014)
Log Message:
---
Fix a bug that the gateway is not necessary in a simple PXE network.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Lin
Reviewed-by: Ye Ting
Reviewed-by: Fu Siyuan
Modified Paths:
--
trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
Modified: trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
===
--- trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c 2014-12-17 07:03:52 UTC
(rev 16534)
+++ trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c 2014-12-18 03:03:52 UTC
(rev 16535)
@@ -1280,7 +1280,7 @@
}
//
-// Find out the gateway address which can route the message whcih send to
ServerIp.
+// Find out the gateway address which can route the message which send to
ServerIp.
//
for (Index = 0; Index < Ip6ModeData.RouteCount; Index++) {
if (NetIp6IsNetEqual (&Private->ServerIp.v6,
&Ip6ModeData.RouteTable[Index].Destination,
Ip6ModeData.RouteTable[Index].PrefixLength)) {
@@ -1381,6 +1381,7 @@
EFI_STATUS Status;
UINT64 DadTriggerTime;
EFI_IP6_CONFIG_DUP_ADDR_DETECT_TRANSMITSDadXmits;
+ BOOLEAN NoGateway;
Status = EFI_SUCCESS;
TimeOutEvt = NULL;
@@ -1388,6 +1389,7 @@
DataSize = sizeof (EFI_IP6_CONFIG_POLICY);
Ip6Cfg = Private->Ip6Cfg;
Ip6= Private->Ip6;
+ NoGateway = FALSE;
ZeroMem (&CfgAddr, sizeof (EFI_IP6_CONFIG_MANUAL_ADDRESS));
CopyMem (&CfgAddr.Address, Address, sizeof (EFI_IPv6_ADDRESS));
@@ -1402,7 +1404,7 @@
//
Status = PxeBcCheckRouteTable (Private, PXEBC_IP6_ROUTE_TABLE_TIMEOUT,
&GatewayAddr);
if (EFI_ERROR (Status)) {
-goto ON_EXIT;
+NoGateway = TRUE;
}
//
@@ -1503,7 +1505,7 @@
//
// Set the default gateway address back if needed.
//
- if (!NetIp6IsUnspecifiedAddr (&GatewayAddr)) {
+ if (!NoGateway && !NetIp6IsUnspecifiedAddr (&GatewayAddr)) {
Status = Ip6Cfg->SetData (
Ip6Cfg,
Ip6ConfigDataTypeGateway,
--
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
edk2[16832] DHCP6 bug fix:
Revision: 16832
http://sourceforge.net/p/edk2/code/16832
Author: sfu5
Date: 2015-02-11 08:26:36 + (Wed, 11 Feb 2015)
Log Message:
---
DHCP6 bug fix:
DHCP6 won?\226?\128?\153t process more message if one message?\226?\128?\153s
Xid is mismatched.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Lin
Reviewed-by: Ye Ting
Reviewed-by: Fu Siyuan
Modified Paths:
--
trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
Modified: trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
===
--- trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c2015-02-11 08:20:17 UTC (rev
16831)
+++ trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c2015-02-11 08:26:36 UTC (rev
16832)
@@ -2,7 +2,7 @@
Dhcp6 internal functions implementation.
(C) Copyright 2014 Hewlett-Packard Development Company, L.P.
- Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.
+ Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
@@ -2812,6 +2812,7 @@
LIST_ENTRY*Next1;
LIST_ENTRY*Entry2;
LIST_ENTRY*Next2;
+ EFI_STATUSStatus;
ASSERT (Udp6Wrap != NULL);
ASSERT (Context != NULL);
@@ -2891,6 +2892,18 @@
ON_CONTINUE:
+ if (!IsDispatched) {
+Status = UdpIoRecvDatagram (
+ Service->UdpIo,
+ Dhcp6ReceivePacket,
+ Service,
+ 0
+ );
+if (EFI_ERROR (Status)) {
+ Dhcp6CleanupRetry (Instance, DHCP6_PACKET_ALL);
+}
+ }
+
NetbufFree (Udp6Wrap);
if (Packet != NULL) {
--
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
edk2[17062] Fix GCC hang issue: Point should use directly assignment instead of IP4_COPY_ADDRESS.
Revision: 17062 http://sourceforge.net/p/edk2/code/17062 Author: sfu5 Date: 2015-03-18 02:53:09 + (Wed, 18 Mar 2015) Log Message: --- Fix GCC hang issue: Point should use directly assignment instead of IP4_COPY_ADDRESS. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Fu Siyuan Reviewed-by: Ye Ting Reviewed-by: Dong Eric Modified Paths: -- trunk/edk2/NetworkPkg/TcpDxe/TcpMain.c Modified: trunk/edk2/NetworkPkg/TcpDxe/TcpMain.c === --- trunk/edk2/NetworkPkg/TcpDxe/TcpMain.c 2015-03-18 00:45:50 UTC (rev 17061) +++ trunk/edk2/NetworkPkg/TcpDxe/TcpMain.c 2015-03-18 02:53:09 UTC (rev 17062) @@ -2,7 +2,7 @@ Implementation of EFI_TCP4_PROTOCOL and EFI_TCP6_PROTOCOL. (C) Copyright 2014 Hewlett-Packard Development Company, L.P. - Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved. + Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License @@ -230,9 +230,9 @@ Sock = SOCK_FROM_THIS (This); RouteInfo.DeleteRoute = DeleteRoute; - IP4_COPY_ADDRESS (&RouteInfo.SubnetAddress, &SubnetAddress); - IP4_COPY_ADDRESS (&RouteInfo.SubnetMask, &SubnetMask); - IP4_COPY_ADDRESS (&RouteInfo.GatewayAddress, &GatewayAddress); + RouteInfo.SubnetAddress = SubnetAddress; + RouteInfo.SubnetMask = SubnetMask; + RouteInfo.GatewayAddress = GatewayAddress; return SockRoute (Sock, &RouteInfo); } -- Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ ___ edk2-commits mailing list edk2-commits@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-commits
edk2[17070] PXE driver bug fix.
Revision: 17070 http://sourceforge.net/p/edk2/code/17070 Author: sfu5 Date: 2015-03-24 02:09:36 + (Tue, 24 Mar 2015) Log Message: --- PXE driver bug fix. A failed PXEv6 after a success PXEv4 will cause ASSERT. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Fu Siyuan Reviewed-by: Ye Ting Reviewed-by: Wu Jiaxin Modified Paths: -- trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c Modified: trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c === --- trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c 2015-03-23 05:39:51 UTC (rev 17069) +++ trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c 2015-03-24 02:09:36 UTC (rev 17070) @@ -1,7 +1,7 @@ /** @file This implementation of EFI_PXE_BASE_CODE_PROTOCOL and EFI_LOAD_FILE_PROTOCOL. - Copyright (c) 2007 - 2014, Intel Corporation. All rights reserved. + Copyright (c) 2007 - 2015, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License @@ -346,6 +346,7 @@ gBS->CloseEvent (Private->IcmpToken.Event); Private->IcmpToken.Event = NULL; } +Private->BootFileName = NULL; } gBS->CloseEvent (Private->UdpTimeOutEvent); -- Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ ___ edk2-commits mailing list edk2-commits@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-commits
edk2[17075] PXE driver bug fix.
Revision: 17075
http://sourceforge.net/p/edk2/code/17075
Author: sfu5
Date: 2015-03-26 04:49:30 + (Thu, 26 Mar 2015)
Log Message:
---
PXE driver bug fix.
1. Update the parameter check of PXE.UdpRead() to align with spec definition.
2. Update PXE driver to use EFI_PXE_BASE_CODE_UDP_OPFLAGS_ANY_DEST_IP when
calling UdpRead to receive server discovery message.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Wu Jiaxin
Modified Paths:
--
trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c
Modified: trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
===
--- trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c 2015-03-25 21:13:26 UTC
(rev 17074)
+++ trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c 2015-03-26 04:49:30 UTC
(rev 17075)
@@ -2,7 +2,7 @@
Functions implementation related with DHCPv6 for UefiPxeBc Driver.
(C) Copyright 2014 Hewlett-Packard Development Company, L.P.
- Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.
+ Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
@@ -793,8 +793,8 @@
Status = PxeBc->UdpRead (
PxeBc,
-EFI_PXE_BASE_CODE_UDP_OPFLAGS_ANY_SRC_IP,
-&Private->StationIp,
+EFI_PXE_BASE_CODE_UDP_OPFLAGS_ANY_SRC_IP |
EFI_PXE_BASE_CODE_UDP_OPFLAGS_ANY_DEST_IP,
+NULL,
&SrcPort,
&Private->ServerIp,
&DestPort,
@@ -1807,7 +1807,6 @@
UINT8 *RequestOpt;
UINT8 *DiscoverOpt;
UINTN ReadSize;
- UINT16 OpFlags;
UINT16 OpCode;
UINT16 OpLen;
UINT32 Xid;
@@ -1818,7 +1817,6 @@
Request = Private->Dhcp6Request;
SrcPort = PXEBC_BS_DISCOVER_PORT;
DestPort= PXEBC_BS_DISCOVER_PORT;
- OpFlags = 0;
if (!UseBis && Layer != NULL) {
*Layer &= EFI_PXE_BASE_CODE_BOOT_LAYER_MASK;
@@ -1862,7 +1860,7 @@
Status = PxeBc->UdpWrite (
PxeBc,
-OpFlags,
+0,
&Private->ServerIp,
&DestPort,
NULL,
@@ -1899,8 +1897,8 @@
Status = PxeBc->UdpRead (
PxeBc,
-OpFlags,
-&Private->StationIp,
+EFI_PXE_BASE_CODE_UDP_OPFLAGS_ANY_DEST_IP,
+NULL,
&SrcPort,
&Private->ServerIp,
&DestPort,
Modified: trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c
===
--- trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c 2015-03-25 21:13:26 UTC
(rev 17074)
+++ trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c 2015-03-26 04:49:30 UTC
(rev 17075)
@@ -1265,7 +1265,7 @@
UINTN FragmentIndex;
UINT8 *FragmentBuffer;
- if (This == NULL || DestIp == NULL || DestPort == NULL) {
+ if (This == NULL) {
return EFI_INVALID_PARAMETER;
}
@@ -1276,9 +1276,9 @@
Udp4Rx= NULL;
Udp6Rx= NULL;
- if (((OpFlags & EFI_PXE_BASE_CODE_UDP_OPFLAGS_ANY_DEST_PORT) != 0 &&
DestPort == NULL) ||
- ((OpFlags & EFI_PXE_BASE_CODE_UDP_OPFLAGS_ANY_SRC_IP) != 0 && SrcIp ==
NULL) ||
- ((OpFlags & EFI_PXE_BASE_CODE_UDP_OPFLAGS_ANY_SRC_PORT) != 0 && SrcPort
== NULL)) {
+ if (((OpFlags & EFI_PXE_BASE_CODE_UDP_OPFLAGS_ANY_DEST_PORT) == 0 &&
DestPort == NULL) ||
+ ((OpFlags & EFI_PXE_BASE_CODE_UDP_OPFLAGS_ANY_SRC_IP) == 0 && SrcIp ==
NULL) ||
+ ((OpFlags & EFI_PXE_BASE_CODE_UDP_OPFLAGS_ANY_SRC_PORT) == 0 && SrcPort
== NULL)) {
return EFI_INVALID_PARAMETER;
}
--
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
edk2[17165] Save initial TSVal from TCP connection initiation packets.
Revision: 17165 http://sourceforge.net/p/edk2/code/17165 Author: sfu5 Date: 2015-04-13 01:39:29 + (Mon, 13 Apr 2015) Log Message: --- Save initial TSVal from TCP connection initiation packets. RFC1323 says the most recently received TSVal must be echoed in TSecr in ACK packets which was not done at first connection because the code saving the TSVal from the peer was skipped at this point. This resulted in sending an ACK reply with a 0 TSecr that was rejected at least by FreeBSD. This patch fixes this by updating the saved TSVal also for connection initiation packets. Thanks to Laszlo Ersek for analysis and help in debugging. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: BALATON Zoltan Reviewed-by: Laszlo Ersek Reviewed-by: Fu Siyuan Reviewed-by: Ye Ting Modified Paths: -- trunk/edk2/MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Misc.c trunk/edk2/NetworkPkg/TcpDxe/TcpMisc.c Modified: trunk/edk2/MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Misc.c === --- trunk/edk2/MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Misc.c 2015-04-10 22:08:57 UTC (rev 17164) +++ trunk/edk2/MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Misc.c 2015-04-13 01:39:29 UTC (rev 17165) @@ -1,7 +1,7 @@ /** @file Misc support routines for tcp. -Copyright (c) 2005 - 2014, Intel Corporation. All rights reserved. +Copyright (c) 2005 - 2015, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -157,6 +157,8 @@ TCP_SET_FLG (Tcb->CtrlFlag, TCP_CTRL_SND_TS); TCP_SET_FLG (Tcb->CtrlFlag, TCP_CTRL_RCVD_TS); +Tcb->TsRecent = Opt->TSVal; + // // Compute the effective SndMss per RFC1122 // section 4.2.2.6. If timestamp option is Modified: trunk/edk2/NetworkPkg/TcpDxe/TcpMisc.c === --- trunk/edk2/NetworkPkg/TcpDxe/TcpMisc.c 2015-04-10 22:08:57 UTC (rev 17164) +++ trunk/edk2/NetworkPkg/TcpDxe/TcpMisc.c 2015-04-13 01:39:29 UTC (rev 17165) @@ -2,7 +2,7 @@ Misc support routines for TCP driver. (C) Copyright 2014 Hewlett-Packard Development Company, L.P. - Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved. + Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License @@ -161,6 +161,8 @@ TCP_SET_FLG (Tcb->CtrlFlag, TCP_CTRL_SND_TS); TCP_SET_FLG (Tcb->CtrlFlag, TCP_CTRL_RCVD_TS); +Tcb->TsRecent = Opt->TSVal; + // // Compute the effective SndMss per RFC1122 // section 4.2.2.6. If timestamp option is -- BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT Develop your own process in accordance with the BPMN 2 standard Learn Process modeling best practices with Bonita BPM through live exercises http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_ source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF ___ edk2-commits mailing list edk2-commits@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-commits
edk2[17186] Fix some grammar and converge formatting of the two versions of TcpInput.c
Revision: 17186
http://sourceforge.net/p/edk2/code/17186
Author: sfu5
Date: 2015-04-17 02:25:05 + (Fri, 17 Apr 2015)
Log Message:
---
Fix some grammar and converge formatting of the two versions of TcpInput.c
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: BALATON Zoltan
Reviewed-by: Fu Siyuan
Reviewed-by: Ye Ting
Modified Paths:
--
trunk/edk2/MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Input.c
trunk/edk2/NetworkPkg/TcpDxe/TcpInput.c
Modified: trunk/edk2/MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Input.c
===
--- trunk/edk2/MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Input.c
2015-04-16 06:50:38 UTC (rev 17185)
+++ trunk/edk2/MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Input.c
2015-04-17 02:25:05 UTC (rev 17186)
@@ -1,7 +1,7 @@
/** @file
TCP input process routines.
-Copyright (c) 2005 - 2010, Intel Corporation. All rights reserved.
+Copyright (c) 2005 - 2015, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -61,7 +61,7 @@
//
// Step 1A: Invoking fast retransmission.
//
-FlightSize = TCP_SUB_SEQ (Tcb->SndNxt, Tcb->SndUna);
+FlightSize= TCP_SUB_SEQ (Tcb->SndNxt, Tcb->SndUna);
Tcb->Ssthresh = MAX (FlightSize >> 1, (UINT32) (2 * Tcb->SndMss));
Tcb->Recover = Tcb->SndNxt;
@@ -109,7 +109,7 @@
// Step 5 - Full ACK:
// deflate the congestion window, and exit fast recovery
//
- FlightSize = TCP_SUB_SEQ (Tcb->SndNxt, Tcb->SndUna);
+ FlightSize= TCP_SUB_SEQ (Tcb->SndNxt, Tcb->SndUna);
Tcb->CWnd = MIN (Tcb->Ssthresh, FlightSize + Tcb->SndMss);
@@ -556,15 +556,15 @@
if (IsListEmpty (Head)) {
InsertTailList (Head, &Nbuf->List);
-return ;
+return;
}
//
// Find the point to insert the buffer
//
for (Prev = Head, Cur = Head->ForwardLink;
- Cur != Head;
- Prev = Cur, Cur = Cur->ForwardLink) {
+ Cur != Head;
+ Prev = Cur, Cur = Cur->ForwardLink) {
Node = NET_LIST_USER_STRUCT (Cur, NET_BUF, List);
@@ -585,7 +585,7 @@
if (TCP_SEQ_LEQ (Seg->End, TCPSEG_NETBUF (Node)->End)) {
NetbufFree (Nbuf);
-return ;
+return;
}
TcpTrimSegment (Nbuf, TCPSEG_NETBUF (Node)->End, Seg->End);
@@ -737,7 +737,7 @@
);
if ((Tcb == NULL) || (Tcb->State == TCP_CLOSED)) {
-DEBUG ((EFI_D_INFO, "TcpInput: send reset because no TCB find\n"));
+DEBUG ((EFI_D_INFO, "TcpInput: send reset because no TCB found\n"));
Tcb = NULL;
goto SEND_RESET;
@@ -751,7 +751,7 @@
//
if (TcpParseOption (Nbuf->Tcp, &Option) == -1) {
DEBUG ((EFI_D_ERROR, "TcpInput: reset the peer because"
- " of mal-format option for Tcb %p\n", Tcb));
+ " of malformed option for TCB %p\n", Tcb));
goto SEND_RESET;
}
@@ -799,7 +799,7 @@
Tcb = TcpCloneTcb (Parent);
if (Tcb == NULL) {
DEBUG ((EFI_D_ERROR, "TcpInput: discard a segment because"
- " failed to clone a child for TCB%x\n", Tcb));
+ " failed to clone a child for TCB %p\n", Tcb));
goto DISCARD;
}
@@ -865,7 +865,7 @@
//
//
-// Fourth step: Check SYN. Pay attention to sitimulatous open
+// Fourth step: Check SYN. Pay attention to simultaneous open
//
if (TCP_FLG_ON (Seg->Flag, TCP_FLG_SYN)) {
@@ -902,7 +902,7 @@
goto StepSix;
} else {
//
-// Received a SYN segment without ACK, simultanous open.
+// Received a SYN segment without ACK, simultaneous open.
//
TcpSetState (Tcb, TCP_SYN_RCVD);
@@ -911,7 +911,7 @@
TcpTrimInWnd (Tcb, Nbuf);
-DEBUG ((EFI_D_WARN, "TcpInput: simultanous open "
+DEBUG ((EFI_D_WARN, "TcpInput: simultaneous open "
"for TCB %p in SYN_SENT\n", Tcb));
goto StepSix;
@@ -1290,7 +1290,8 @@
TcpSetKeepaliveTimer (Tcb);
if (TCP_FLG_ON (Seg->Flag, TCP_FLG_URG) &&
- !TCP_FIN_RCVD (Tcb->State)) {
+ !TCP_FIN_RCVD (Tcb->State))
+ {
DEBUG ((EFI_D_INFO, "TcpInput: received urgent data "
"from peer for connected TCB %p\n", Tcb));
Modified: trunk/edk2/NetworkPkg/TcpDxe/TcpInput.c
===
--- trunk/edk2/NetworkPkg/TcpDxe/TcpInput.c 2015-04-16 06:50:38 UTC (rev
17185)
+++ trunk/edk2/NetworkPkg/TcpDxe/TcpInput.c 2015-04-17 02:25:05 UTC (rev
17186)
@@ -1,7 +
edk2[17263] Remove duplicate DAD entry in IP6 driver to fix DAD fail issue.
Revision: 17263
http://sourceforge.net/p/edk2/code/17263
Author: sfu5
Date: 2015-04-29 05:47:03 + (Wed, 29 Apr 2015)
Log Message:
---
Remove duplicate DAD entry in IP6 driver to fix DAD fail issue.
The IP6 driver may create duplicate IP6_DAD_ENTRY in DupAddrDetectList in some
situation like:
1. Address policy switch but not clear the delay node list, OR
2. Set manual address repeatedly before the previous DAD is finished.
The NS sent out by duplicate DAD entry will mix up with the loop back multicast
packet, result in DAD fail.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Wu Jiaxin
Modified Paths:
--
trunk/edk2/NetworkPkg/Ip6Dxe/Ip6ConfigImpl.c
trunk/edk2/NetworkPkg/Ip6Dxe/Ip6Nd.c
Modified: trunk/edk2/NetworkPkg/Ip6Dxe/Ip6ConfigImpl.c
===
--- trunk/edk2/NetworkPkg/Ip6Dxe/Ip6ConfigImpl.c2015-04-29 05:45:44 UTC
(rev 17262)
+++ trunk/edk2/NetworkPkg/Ip6Dxe/Ip6ConfigImpl.c2015-04-29 05:47:03 UTC
(rev 17263)
@@ -52,7 +52,8 @@
LIST_ENTRY *Next;
IP6_INTERFACE *IpIf;
IP6_DAD_ENTRY *DadEntry;
-
+ IP6_DELAY_JOIN_LIST *DelayNode;
+
//
// Currently there are only two policies: Manual and Automatic. Regardless of
// what transition is going on, i.e., Manual -> Automatic and Automatic ->
@@ -94,10 +95,18 @@
NET_LIST_FOR_EACH (Entry, &IpSb->Interfaces) {
//
-// remove all pending DAD entries for the global addresses.
+// remove all pending delay node and DAD entries for the global addresses.
//
IpIf = NET_LIST_USER_STRUCT_S (Entry, IP6_INTERFACE, Link,
IP6_INTERFACE_SIGNATURE);
+NET_LIST_FOR_EACH_SAFE (Entry2, Next, &IpIf->DelayJoinList) {
+ DelayNode = NET_LIST_USER_STRUCT (Entry2, IP6_DELAY_JOIN_LIST, Link);
+ if (!NetIp6IsLinkLocalAddr (&DelayNode->AddressInfo->Address)) {
+RemoveEntryList (&DelayNode->Link);
+FreePool (DelayNode);
+ }
+}
+
NET_LIST_FOR_EACH_SAFE (Entry2, Next, &IpIf->DupAddrDetectList) {
DadEntry = NET_LIST_USER_STRUCT_S (Entry2, IP6_DAD_ENTRY, Link,
IP6_DAD_ENTRY_SIGNATURE);
Modified: trunk/edk2/NetworkPkg/Ip6Dxe/Ip6Nd.c
===
--- trunk/edk2/NetworkPkg/Ip6Dxe/Ip6Nd.c2015-04-29 05:45:44 UTC (rev
17262)
+++ trunk/edk2/NetworkPkg/Ip6Dxe/Ip6Nd.c2015-04-29 05:47:03 UTC (rev
17263)
@@ -982,6 +982,13 @@
NET_CHECK_SIGNATURE (IpIf, IP6_INTERFACE_SIGNATURE);
ASSERT (AddressInfo != NULL);
+ //
+ // Do nothing if we have already started DAD on the address.
+ //
+ if (Ip6FindDADEntry (IpIf->Service, &AddressInfo->Address, NULL) != NULL) {
+return EFI_SUCCESS;
+ }
+
Status = EFI_SUCCESS;
IpSb = IpIf->Service;
DadXmits = &IpSb->Ip6ConfigInstance.DadXmits;
@@ -1577,16 +1584,6 @@
if (IsDAD && !IsMaintained) {
DupAddrDetect = Ip6FindDADEntry (IpSb, &Target, &IpIf);
if (DupAddrDetect != NULL) {
- if (DupAddrDetect->Transmit == 0) {
-//
-// The NS is from another node to performing DAD on the same address
since
-// we haven't send out any NS yet. Fail DAD for the tentative address.
-//
-Ip6OnDADFinished (FALSE, IpIf, DupAddrDetect);
-Status = EFI_ICMP_ERROR;
-goto Exit;
- }
-
//
// Check the MAC address of the incoming packet.
//
@@ -2863,7 +2860,7 @@
//
Flag = FALSE;
if ((DupAddrDetect->Receive == 0) ||
- (DupAddrDetect->Transmit == DupAddrDetect->Receive)) {
+ (DupAddrDetect->Transmit <= DupAddrDetect->Receive)) {
Flag = TRUE;
}
--
One dashboard for servers and applications across Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
edk2[17751] NetworkPkg: Add IPv6 DUID configuration support using platform PCD.
Revision: 17751
http://sourceforge.net/p/edk2/code/17751
Author: sfu5
Date: 2015-07-01 02:17:07 + (Wed, 01 Jul 2015)
Log Message:
---
NetworkPkg: Add IPv6 DUID configuration support using platform PCD.
The code today always uses DUID-UUID unless there is an error in reading the
UUID,
which results in falling through to DUID-LLT. This change allows the platform to
control the DUID method (DUID-UUID or DUID-LLT) using a platform dynamic PCD.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Samer El-Haj-Mahmoud
Reviewed-by: Fu Siyuan
Modified Paths:
--
trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Dxe.inf
trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c
trunk/edk2/NetworkPkg/NetworkPkg.dec
Modified: trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Dxe.inf
===
--- trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Dxe.inf 2015-07-01 01:46:20 UTC (rev
17750)
+++ trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Dxe.inf 2015-07-01 02:17:07 UTC (rev
17751)
@@ -4,6 +4,7 @@
# This driver produces EFI DHCPv6 Protocol which is used to get IPv6 addresses
# and other configuration parameters from DHCPv6 servers.
#
+# (C) Copyright 2015 Hewlett-Packard Development Company, L.P.
# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.
#
# This program and the accompanying materials
@@ -51,8 +52,8 @@
[Packages]
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
+ NetworkPkg/NetworkPkg.dec
-
[LibraryClasses]
UefiLib
BaseLib
@@ -73,5 +74,9 @@
gEfiDhcp6ProtocolGuid ## BY_START
gEfiIp6ConfigProtocolGuid ## TO_START
+
+[Pcd]
+ gEfiNetworkPkgTokenSpaceGuid.PcdDhcp6UidType
+
[UserExtensions.TianoCore."ExtraFiles"]
Dhcp6DxeExtra.uni
Modified: trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c
===
--- trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c 2015-07-01 01:46:20 UTC
(rev 17750)
+++ trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c 2015-07-01 02:17:07 UTC
(rev 17751)
@@ -1,6 +1,7 @@
/** @file
Dhcp6 support functions implementation.
+ (C) Copyright 2015 Hewlett-Packard Development Company, L.P.
Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.
This program and the accompanying materials
@@ -63,7 +64,7 @@
//
// If System UUID is found from SMBIOS Table, use DUID-UUID type.
//
- if (!EFI_ERROR (NetLibGetSystemGuid (&Uuid))) {
+ if ((PcdGet8 (PcdDhcp6UidType) == Dhcp6DuidTypeUuid) && !EFI_ERROR
(NetLibGetSystemGuid (&Uuid))) {
//
//
// The format of DUID-UUID:
Modified: trunk/edk2/NetworkPkg/NetworkPkg.dec
===
--- trunk/edk2/NetworkPkg/NetworkPkg.dec2015-07-01 01:46:20 UTC (rev
17750)
+++ trunk/edk2/NetworkPkg/NetworkPkg.dec2015-07-01 02:17:07 UTC (rev
17751)
@@ -3,6 +3,7 @@
#
# This package provides network modules that conform to UEFI 2.4 specification.
#
+# (C) Copyright 2015 Hewlett-Packard Development Company, L.P.
# Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.
#
# This program and the accompanying materials are licensed and made available
under
@@ -68,5 +69,13 @@
# @Prompt Private Key's size.
gEfiNetworkPkgTokenSpaceGuid.PcdIpsecUefiCertificateKeySize|0x3d5|UINT32|0x0006
+[PcdsDynamicEx]
+ ## IPv6 DHCP Unique Identifier (DUID) Type configuration (From RFCs 3315 and
6355).
+ # 01 = DUID Based on Link-layer Address Plus Time [DUID-LLT]
+ # 04 = UUID-Based DHCPv6 Unique Identifier (DUID-UUID)
+ # 02 = DUID Assigned by Vendor Based on Enterprise Number [DUID-EN] (not
supported)
+ # 03 = DUID Based on Link-layer Address [DUID-LL] (not supported)
+ gEfiNetworkPkgTokenSpaceGuid.PcdDhcp6UidType|4|UINT8|0x1001
+
[UserExtensions.TianoCore."ExtraFiles"]
NetworkPkgExtra.uni
--
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
edk2[17773] NetworkPkg: Remove unused variables from IpSecDxe to fix GCC build.
Revision: 17773
http://sourceforge.net/p/edk2/code/17773
Author: sfu5
Date: 2015-07-01 03:35:32 + (Wed, 01 Jul 2015)
Log Message:
---
NetworkPkg: Remove unused variables from IpSecDxe to fix GCC build.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Samer El-Haj-Mahmoud
Reviewed-by: Fu Siyuan
Modified Paths:
--
trunk/edk2/NetworkPkg/IpSecDxe/Ikev2/Info.c
trunk/edk2/NetworkPkg/IpSecDxe/Ikev2/Payload.c
trunk/edk2/NetworkPkg/IpSecDxe/Ikev2/Sa.c
trunk/edk2/NetworkPkg/IpSecDxe/Ikev2/Utility.c
trunk/edk2/NetworkPkg/IpSecDxe/IpSecImpl.c
Modified: trunk/edk2/NetworkPkg/IpSecDxe/Ikev2/Info.c
===
--- trunk/edk2/NetworkPkg/IpSecDxe/Ikev2/Info.c 2015-07-01 03:13:02 UTC (rev
17772)
+++ trunk/edk2/NetworkPkg/IpSecDxe/Ikev2/Info.c 2015-07-01 03:35:32 UTC (rev
17773)
@@ -1,6 +1,7 @@
/** @file
The Implementations for Information Exchange.
+ (C) Copyright 2015 Hewlett-Packard Development Company, L.P.
Copyright (c) 2010, Intel Corporation. All rights reserved.
This program and the accompanying materials
@@ -211,7 +212,6 @@
{
IKEV2_CHILD_SA_SESSION *ChildSaSession;
IKEV2_SA_SESSION *IkeSaSession;
- IKE_PAYLOAD*NotifyPayload;
IKE_PAYLOAD*DeletePayload;
IKE_PAYLOAD*IkePayload;
IKEV2_DELETE *Delete;
@@ -229,7 +229,6 @@
IkeSaSession = (IKEV2_SA_SESSION *) SaSession;
- NotifyPayload = NULL;
DeletePayload = NULL;
Private= NULL;
RespondPacket = NULL;
Modified: trunk/edk2/NetworkPkg/IpSecDxe/Ikev2/Payload.c
===
--- trunk/edk2/NetworkPkg/IpSecDxe/Ikev2/Payload.c 2015-07-01 03:13:02 UTC
(rev 17772)
+++ trunk/edk2/NetworkPkg/IpSecDxe/Ikev2/Payload.c 2015-07-01 03:35:32 UTC
(rev 17773)
@@ -1,6 +1,7 @@
/** @file
The implementation of Payloads Creation.
+ (C) Copyright 2015 Hewlett-Packard Development Company, L.P.
Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.
This program and the accompanying materials
@@ -284,7 +285,6 @@
IKE_PAYLOAD*IdPayload;
IKEV2_ID *Id;
UINTN IdSize;
- UINT8 IpVersion;
UINTN SubjectSize;
UINT8 *CertSubject;
@@ -304,7 +304,6 @@
SubjectSize = 0;
CertSubject = NULL;
- IpVersion = CommonSession->UdpService->IpVersion;
IpSecCryptoIoGetSubjectFromCert (
InCert,
CertSize,
@@ -615,7 +614,6 @@
UINTN DigestSize;
PRF_DATA_FRAGMENT Fragments[3];
UINT8 *KeyBuf;
- UINTN KeySize;
IKE_PAYLOAD*AuthPayload;
IKEV2_AUTH *PayloadBuf;
EFI_STATUS Status;
@@ -663,7 +661,6 @@
ASSERT (KeyBuf != NULL);
CopyMem (KeyBuf, Digest, DigestSize);
- KeySize = DigestSize;
//
// Calculate Prf(SK_Pi/r, IDi/r)
@@ -2558,14 +2555,12 @@
IKEV2_CHILD_SA_SESSION *ChildSaSession;
EFI_STATUS Status;
UINT8 PadLen;
- UINTN CryptKeyLength;
HASH_DATA_FRAGMENT Fragments[1];
IvSize = 0;
IkeSaSession = NULL;
CryptBlockSize = 0;
CheckSumSize = 0;
- CryptKeyLength = 0;
//
// Check if the first payload is the Encrypted payload
@@ -2583,7 +2578,7 @@
if (SessionCommon->IkeSessionType == IkeSessionTypeIkeSa) {
CryptBlockSize = (UINT8) IpSecGetEncryptBlockSize ((UINT8)
SessionCommon->SaParams->EncAlgId);
-CryptKeyLength = IpSecGetEncryptKeyLength ((UINT8)
SessionCommon->SaParams->EncAlgId);
+
CheckSumSize = (UINT8) IpSecGetIcvLength ((UINT8)
SessionCommon->SaParams->IntegAlgId);
IkeSaSession = IKEV2_SA_SESSION_FROM_COMMON (SessionCommon);
@@ -2592,7 +2587,6 @@
ChildSaSession = IKEV2_CHILD_SA_SESSION_FROM_COMMON (SessionCommon);
IkeSaSession = ChildSaSession->IkeSaSession;
CryptBlockSize = (UINT8) IpSecGetEncryptBlockSize ((UINT8)
IkeSaSession->SessionCommon.SaParams->EncAlgId);
-CryptKeyLength = IpSecGetEncryptKeyLength ((UINT8)
IkeSaSession->SessionCommon.SaParams->EncAlgId);
CheckSumSize = (UINT8) IpSecGetIcvLength ((UINT8)
IkeSaSession->SessionCommon.SaParams->IntegAlgId);
} else {
//
@@ -2768,7 +2762,6 @@
UINT8 *EncryptPayloadBuf; // Contain whole Encrypted
Payload
UINTN EncryptPayloadSize; // Total size of the Encrypted
payload
UINT8 *IntegrityBuf; // Buffer to be intergity
- UINT32 IntegrityBufSize;// Buffer size of IntegrityBuf
UINT8 *IvBuffer; // Initialization Vector
UINT8 IvSize; // Iv Size
UINT8 CheckSumSize;// Integrity Check Sum Size
depends on intergrity Auth
@@ -2780,7 +2773,6 @@
EFI_STATUS
edk2[17856] MdeModulePkg: Add HttpLib.
Revision: 17856 http://sourceforge.net/p/edk2/code/17856 Author: sfu5 Date: 2015-07-07 09:29:00 + (Tue, 07 Jul 2015) Log Message: --- MdeModulePkg: Add HttpLib. This patch add the header file and DXE implementation for the HttpLib. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Fu Siyuan Reviewed-by: Ye Ting Added Paths: --- trunk/edk2/MdeModulePkg/Include/Library/HttpLib.h trunk/edk2/MdeModulePkg/Library/DxeHttpLib/ trunk/edk2/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c trunk/edk2/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.inf trunk/edk2/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.uni Added: trunk/edk2/MdeModulePkg/Include/Library/HttpLib.h === --- trunk/edk2/MdeModulePkg/Include/Library/HttpLib.h (rev 0) +++ trunk/edk2/MdeModulePkg/Include/Library/HttpLib.h 2015-07-07 09:29:00 UTC (rev 17856) @@ -0,0 +1,323 @@ +/** @file + This library is used to share code between UEFI network stack modules. + It provides the helper routines to parse the HTTP message byte stream. + +Copyright (c) 2015, Intel Corporation. All rights reserved. +This program and the accompanying materials +are licensed and made available under the terms and conditions of the BSD License +which accompanies this distribution. The full text of the license may be found at +http://opensource.org/licenses/bsd-license.php + +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +#ifndef _HTTP_LIB_H_ +#define _HTTP_LIB_H_ + +#include + +/** + Decode a percent-encoded URI component to the ASCII character. + + Decode the input component in Buffer according to RFC 3986. The caller is responsible to make + sure ResultBuffer points to a buffer with size equal or greater than ((AsciiStrSize (Buffer)) + in bytes. + + @param[in]Buffer The pointer to a percent-encoded URI component. + @param[in]BufferLength Length of Buffer in bytes. + @param[out] ResultBuffer Point to the buffer to store the decode result. + @param[out] ResultLength Length of decoded string in ResultBuffer in bytes. + + @retval EFI_SUCCESSSuccessfully decoded the URI. + @retval EFI_INVALID_PARAMETER Buffer is not a valid percent-encoded string. + +**/ +EFI_STATUS +EFIAPI +UriPercentDecode ( + IN CHAR8*Buffer, + IN UINT32BufferLength, + OUT CHAR8*ResultBuffer, + OUT UINT32 *ResultLength + ); + +/** + Create a URL parser for the input URL string. + + This function will parse and dereference the input HTTP URL into it components. The original + content of the URL won't be modified and the result will be returned in UrlParser, which can + be used in other functions like NetHttpUrlGetHostName(). It is the caller's responsibility to + free the buffer returned in *UrlParser by HttpUrlFreeParser(). + + @param[in]UrlThe pointer to a HTTP URL string. + @param[in]Length Length of Url in bytes. + @param[in]IsConnectMethodWhether the Url is used in HTTP CONNECT method or not. + @param[out] UrlParser Pointer to the returned buffer to store the parse result. + + @retval EFI_SUCCESS Successfully dereferenced the HTTP URL. + @retval EFI_INVALID_PARAMETERUrlParser is NULL or Url is not a valid HTTP URL. + @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources. + +**/ +EFI_STATUS +EFIAPI +HttpParseUrl ( + IN CHAR8 *Url, + IN UINT32 Length, + IN BOOLEANIsConnectMethod, + OUT VOID **UrlParser + ); + +/** + Get the Hostname from a HTTP URL. + + This function will return the HostName according to the Url and previous parse result ,and + it is the caller's responsibility to free the buffer returned in *HostName. + + @param[in]UrlThe pointer to a HTTP URL string. + @param[in]UrlParser URL Parse result returned by NetHttpParseUrl(). + @param[out] HostName Pointer to a buffer to store the HostName. + + @retval EFI_SUCCESS Successfully get the required component. + @retval EFI_INVALID_PARAMETERUri is NULL or HostName is NULL or UrlParser is invalid. + @retval EFI_NOT_FOUNDNo hostName component in the URL. + @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources. + +**/ +EFI_STATUS +EFIAPI +HttpUrlGetHostName ( + IN CHAR8 *Url, + IN VOID *UrlParser, + OUT CHAR8 **HostName + ); + +/** + Get the IPv4 address from a HTTP URL. + + This function will return the IPv4 address according to the Url and previous parse result. + + @param[in]
edk2[17858] NetworkPkg: Update package DSC file.
Revision: 17858 http://sourceforge.net/p/edk2/code/17858 Author: sfu5 Date: 2015-07-07 09:29:54 + (Tue, 07 Jul 2015) Log Message: --- NetworkPkg: Update package DSC file. Add DNS, HTTP and HTTP boot driver to NetworkPkg.dsc. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Fu Siyuan Reviewed-by: Ye Ting Modified Paths: -- trunk/edk2/NetworkPkg/NetworkPkg.dsc Modified: trunk/edk2/NetworkPkg/NetworkPkg.dsc === --- trunk/edk2/NetworkPkg/NetworkPkg.dsc2015-07-07 09:29:28 UTC (rev 17857) +++ trunk/edk2/NetworkPkg/NetworkPkg.dsc2015-07-07 09:29:54 UTC (rev 17858) @@ -44,6 +44,7 @@ IpIoLib|MdeModulePkg/Library/DxeIpIoLib/DxeIpIoLib.inf UdpIoLib|MdeModulePkg/Library/DxeUdpIoLib/DxeUdpIoLib.inf TcpIoLib|MdeModulePkg/Library/DxeTcpIoLib/DxeTcpIoLib.inf + HttpLib|MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.inf BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf @@ -99,6 +100,9 @@ NetworkPkg/Udp6Dxe/Udp6Dxe.inf NetworkPkg/Dhcp6Dxe/Dhcp6Dxe.inf NetworkPkg/Mtftp6Dxe/Mtftp6Dxe.inf + NetworkPkg/DnsDxe/DnsDxe.inf + NetworkPkg/HttpDxe/HttpDxe.inf + NetworkPkg/HttpBootDxe/HttpBootDxe.inf NetworkPkg/Application/IfConfig6/IfConfig6.inf NetworkPkg/Application/IpsecConfig/IpSecConfig.inf -- Don't Limit Your Business. Reach for the Cloud. GigeNET's Cloud Solutions provide you with the tools and support that you need to offload your IT needs and focus on growing your business. Configured For All Businesses. Start Your Cloud Today. https://www.gigenetcloud.com/ ___ edk2-commits mailing list edk2-commits@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-commits
edk2[17857] NetworkPkg: Add UEFI HTTP boot driver.
Revision: 17857
http://sourceforge.net/p/edk2/code/17857
Author: sfu5
Date: 2015-07-07 09:29:28 + (Tue, 07 Jul 2015)
Log Message:
---
NetworkPkg: Add UEFI HTTP boot driver.
This patch add the implementation for UEFI HTTP boot driver.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Added Paths:
---
trunk/edk2/NetworkPkg/HttpBootDxe/
trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootClient.c
trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootClient.h
trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootComponentName.c
trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootComponentName.h
trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootDhcp4.c
trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootDhcp4.h
trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootDxe.c
trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootDxe.h
trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootDxe.inf
trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootDxe.uni
trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootDxeExtra.uni
trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootImpl.c
trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootImpl.h
trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootSupport.c
trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootSupport.h
Added: trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootClient.c
===
--- trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootClient.c
(rev 0)
+++ trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootClient.c 2015-07-07 09:29:28 UTC
(rev 17857)
@@ -0,0 +1,830 @@
+/** @file
+ Implementation of the boot file download function.
+
+Copyright (c) 2015, Intel Corporation. All rights reserved.
+This program and the accompanying materials are licensed and made available
under
+the terms and conditions of the BSD License that accompanies this
distribution.
+The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php.
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include "HttpBootDxe.h"
+
+/**
+ Update the IP and URL device path node to include the boot resource
information.
+
+ @param[in]PrivateThe pointer to the driver's private data.
+
+ @retval EFI_SUCCESS Device patch successfully updated.
+ @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.
+ @retval Others Unexpected error happened.
+
+**/
+EFI_STATUS
+HttpBootUpdateDevicePath (
+ IN HTTP_BOOT_PRIVATE_DATA *Private
+ )
+{
+ EFI_DEV_PATH *Node;
+ EFI_DEVICE_PATH_PROTOCOL *TmpDevicePath;
+ EFI_DEVICE_PATH_PROTOCOL *NewDevicePath;
+ UINTN Length;
+ EFI_STATUS Status;
+
+ TmpDevicePath = NULL;
+
+ //
+ // Update the IP node with DHCP assigned information.
+ //
+ if (!Private->UsingIpv6) {
+Node = AllocateZeroPool (sizeof (IPv4_DEVICE_PATH));
+if (Node == NULL) {
+ return EFI_OUT_OF_RESOURCES;
+}
+Node->Ipv4.Header.Type= MESSAGING_DEVICE_PATH;
+Node->Ipv4.Header.SubType = MSG_IPv4_DP;
+SetDevicePathNodeLength (Node, sizeof (IPv4_DEVICE_PATH));
+CopyMem (&Node->Ipv4.LocalIpAddress, &Private->StationIp, sizeof
(EFI_IPv4_ADDRESS));
+Node->Ipv4.RemotePort = Private->Port;
+Node->Ipv4.Protocol= EFI_IP_PROTO_TCP;
+Node->Ipv4.StaticIpAddress = FALSE;
+CopyMem (&Node->Ipv4.GatewayIpAddress, &Private->GatewayIp, sizeof
(EFI_IPv4_ADDRESS));
+CopyMem (&Node->Ipv4.SubnetMask, &Private->SubnetMask, sizeof
(EFI_IPv4_ADDRESS));
+
+TmpDevicePath = AppendDevicePathNode (Private->ParentDevicePath,
(EFI_DEVICE_PATH_PROTOCOL*) Node);
+FreePool (Node);
+if (TmpDevicePath == NULL) {
+ return EFI_OUT_OF_RESOURCES;
+}
+ } else {
+ASSERT (FALSE);
+ }
+
+ //
+ // Update the URI node with the boot file URI.
+ //
+ Length = sizeof (EFI_DEVICE_PATH_PROTOCOL) + AsciiStrSize
(Private->BootFileUri);
+ Node = AllocatePool (Length);
+ if (Node == NULL) {
+FreePool (TmpDevicePath);
+return EFI_OUT_OF_RESOURCES;
+ }
+ Node->DevPath.Type= MESSAGING_DEVICE_PATH;
+ Node->DevPath.SubType = MSG_URI_DP;
+ SetDevicePathNodeLength (Node, Length);
+ CopyMem ((UINT8*) Node + sizeof (EFI_DEVICE_PATH_PROTOCOL),
Private->BootFileUri, AsciiStrSize (Private->BootFileUri));
+
+ NewDevicePath = AppendDevicePathNode (TmpDevicePath,
(EFI_DEVICE_PATH_PROTOCOL*) Node);
+ FreePool (Node);
+ FreePool (TmpDevicePath);
+ if (NewDevicePath == NULL) {
+return EFI_OUT_OF_RESOURCES;
+ }
+
+ //
+ // Reinstall the device path protocol of the child handle.
+ //
+ Status = gBS->ReinstallProtocolInterface (
+
edk2[17900] Nt32Pkg: Update DSC/FDF to include drivers for HTTP boot.
Revision: 17900 http://sourceforge.net/p/edk2/code/17900 Author: sfu5 Date: 2015-07-09 08:33:38 + (Thu, 09 Jul 2015) Log Message: --- Nt32Pkg: Update DSC/FDF to include drivers for HTTP boot. This patch add the HTTP boot related drivers to NT32 platform. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Fu Siyuan Reviewed-by: Ye Ting Modified Paths: -- trunk/edk2/Nt32Pkg/Nt32Pkg.dsc trunk/edk2/Nt32Pkg/Nt32Pkg.fdf Modified: trunk/edk2/Nt32Pkg/Nt32Pkg.dsc === --- trunk/edk2/Nt32Pkg/Nt32Pkg.dsc 2015-07-09 06:24:29 UTC (rev 17899) +++ trunk/edk2/Nt32Pkg/Nt32Pkg.dsc 2015-07-09 08:33:38 UTC (rev 17900) @@ -108,6 +108,7 @@ NetLib|MdeModulePkg/Library/DxeNetLib/DxeNetLib.inf IpIoLib|MdeModulePkg/Library/DxeIpIoLib/DxeIpIoLib.inf UdpIoLib|MdeModulePkg/Library/DxeUdpIoLib/DxeUdpIoLib.inf + HttpLib|MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.inf DpcLib|MdeModulePkg/Library/DxeDpcLib/DxeDpcLib.inf OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf GenericBdsLib|IntelFrameworkModulePkg/Library/GenericBdsLib/GenericBdsLib.inf @@ -417,7 +418,6 @@ MdeModulePkg/Universal/Network/DpcDxe/DpcDxe.inf MdeModulePkg/Universal/Network/ArpDxe/ArpDxe.inf MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Dxe.inf - MdeModulePkg/Universal/Network/Ip4ConfigDxe/Ip4ConfigDxe.inf MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Dxe.inf MdeModulePkg/Universal/Network/MnpDxe/MnpDxe.inf MdeModulePkg/Universal/Network/VlanConfigDxe/VlanConfigDxe.inf @@ -429,6 +429,10 @@ MdeModulePkg/Universal/Network/IScsiDxe/IScsiDxe.inf + NetworkPkg/HttpBootDxe/HttpBootDxe.inf + NetworkPkg/DnsDxe/DnsDxe.inf + NetworkPkg/HttpDxe/HttpDxe.inf + !if $(USE_NEW_BDS) == TRUE MdeModulePkg/Universal/BdsDxe/BdsDxe.inf MdeModulePkg/Application/BootManagerMenuApp/BootManagerMenuApp.inf Modified: trunk/edk2/Nt32Pkg/Nt32Pkg.fdf === --- trunk/edk2/Nt32Pkg/Nt32Pkg.fdf 2015-07-09 06:24:29 UTC (rev 17899) +++ trunk/edk2/Nt32Pkg/Nt32Pkg.fdf 2015-07-09 08:33:38 UTC (rev 17900) @@ -252,7 +252,6 @@ INF MdeModulePkg/Universal/Network/DpcDxe/DpcDxe.inf INF MdeModulePkg/Universal/Network/ArpDxe/ArpDxe.inf INF MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Dxe.inf -INF MdeModulePkg/Universal/Network/Ip4ConfigDxe/Ip4ConfigDxe.inf INF MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Dxe.inf INF MdeModulePkg/Universal/Network/MnpDxe/MnpDxe.inf INF MdeModulePkg/Universal/Network/VlanConfigDxe/VlanConfigDxe.inf @@ -262,6 +261,9 @@ INF Nt32Pkg/SnpNt32Dxe/SnpNt32Dxe.inf INF MdeModulePkg/Universal/Network/UefiPxeBcDxe/UefiPxeBcDxe.inf INF MdeModulePkg/Universal/Network/IScsiDxe/IScsiDxe.inf +INF NetworkPkg/HttpBootDxe/HttpBootDxe.inf +INF NetworkPkg/DnsDxe/DnsDxe.inf +INF NetworkPkg/HttpDxe/HttpDxe.inf # # FILE statements are provided so that a platform integrator can include -- Don't Limit Your Business. Reach for the Cloud. GigeNET's Cloud Solutions provide you with the tools and support that you need to offload your IT needs and focus on growing your business. Configured For All Businesses. Start Your Cloud Today. https://www.gigenetcloud.com/ ___ edk2-commits mailing list edk2-commits@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-commits
edk2[18185] MdeModulePkg: Use monotonic count to initialize the NetLib random seed.
Revision: 18185
http://sourceforge.net/p/edk2/code/18185
Author: sfu5
Date: 2015-08-07 03:22:10 + (Fri, 07 Aug 2015)
Log Message:
---
MdeModulePkg: Use monotonic count to initialize the NetLib random seed.
NetRandomInitSeed() function use current time to initialize the random seed,
while in some platform the time service is not accuracy that make the random
seed collision. This patch add the monotonic count to the seed to avoid this.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan
Reviewed-by: Jiaxin Wu
Reviewed-by: Ye Ting
Modified Paths:
--
trunk/edk2/MdeModulePkg/Include/Library/NetLib.h
trunk/edk2/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c
Modified: trunk/edk2/MdeModulePkg/Include/Library/NetLib.h
===
--- trunk/edk2/MdeModulePkg/Include/Library/NetLib.h2015-08-07 01:33:32 UTC
(rev 18184)
+++ trunk/edk2/MdeModulePkg/Include/Library/NetLib.h2015-08-07 03:22:10 UTC
(rev 18185)
@@ -530,13 +530,13 @@
);
/**
- Initialize a random seed using current time.
+ Initialize a random seed using current time and monotonic count.
- Get current time first. Then initialize a random seed based on some basic
- mathematical operations on the hour, day, minute, second, nanosecond and year
- of the current time.
+ Get current time and monotonic count first. Then initialize a random seed
+ based on some basic mathematics operation on the hour, day, minute, second,
+ nanosecond and year of the current time and the monotonic count value.
- @return The random seed, initialized with current time.
+ @return The random seed initialized with current time.
**/
UINT32
Modified: trunk/edk2/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c
===
--- trunk/edk2/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c 2015-08-07
01:33:32 UTC (rev 18184)
+++ trunk/edk2/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c 2015-08-07
03:22:10 UTC (rev 18185)
@@ -853,11 +853,11 @@
}
/**
- Initialize a random seed using current time.
+ Initialize a random seed using current time and monotonic count.
- Get current time first. Then initialize a random seed based on some basic
- mathematics operation on the hour, day, minute, second, nanosecond and year
- of the current time.
+ Get current time and monotonic count first. Then initialize a random seed
+ based on some basic mathematics operation on the hour, day, minute, second,
+ nanosecond and year of the current time and the monotonic count value.
@return The random seed initialized with current time.
@@ -870,12 +870,16 @@
{
EFI_TIME Time;
UINT32Seed;
+ UINT64MonotonicCount;
gRT->GetTime (&Time, NULL);
Seed = (~Time.Hour << 24 | Time.Day << 16 | Time.Minute << 8 | Time.Second);
Seed ^= Time.Nanosecond;
Seed ^= Time.Year << 7;
+ gBS->GetNextMonotonicCount (&MonotonicCount);
+ Seed += (UINT32) MonotonicCount;
+
return Seed;
}
--
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
edk2[18257] NetworkPkg: Remove the hostname from the http request URL.
Revision: 18257
http://sourceforge.net/p/edk2/code/18257
Author: sfu5
Date: 2015-08-22 12:35:19 + (Sat, 22 Aug 2015)
Log Message:
---
NetworkPkg: Remove the hostname from the http request URL.
Per RFC7230, the URL must be a absolute-path when making a request directly to
the server. Since proxy is not supported now, all requests to the HTTP driver
are actually direct requests. This commit removes the scheme and the hostname
from the URL in the http request if the URL is an absolute-URI so that the HTTP
server can interpret the request properly.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Ching-Pang Lin
Reviewed-by: Ye Ting
Reviewed-by: Fu Siyuan
Modified Paths:
--
trunk/edk2/NetworkPkg/HttpDxe/HttpImpl.c
Modified: trunk/edk2/NetworkPkg/HttpDxe/HttpImpl.c
===
--- trunk/edk2/NetworkPkg/HttpDxe/HttpImpl.c2015-08-21 01:09:16 UTC (rev
18256)
+++ trunk/edk2/NetworkPkg/HttpDxe/HttpImpl.c2015-08-22 12:35:19 UTC (rev
18257)
@@ -227,7 +227,8 @@
CHAR16*HostNameStr;
HTTP_TOKEN_WRAP *Wrap;
HTTP_TCP_TOKEN_WRAP *TcpWrap;
-
+ CHAR8 *FileUrl;
+
if ((This == NULL) || (Token == NULL)) {
return EFI_INVALID_PARAMETER;
}
@@ -450,7 +451,25 @@
//
// Create request message.
//
- RequestStr = HttpGenRequestString (HttpInstance, HttpMsg, Url);
+ FileUrl = Url;
+ if (*FileUrl != '/') {
+//
+// Convert the absolute-URI to the absolute-path
+//
+while (*FileUrl != ':') {
+ FileUrl++;
+}
+if ((*(FileUrl+1) == '/') && (*(FileUrl+2) == '/')) {
+ FileUrl += 3;
+ while (*FileUrl != '/') {
+FileUrl++;
+ }
+} else {
+ Status = EFI_INVALID_PARAMETER;
+ goto Error3;
+}
+ }
+ RequestStr = HttpGenRequestString (HttpInstance, HttpMsg, FileUrl);
if (RequestStr == NULL) {
Status = EFI_OUT_OF_RESOURCES;
goto Error3;
--
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
edk2[18365] MdeModulePkg/NetworkPkg: Locate IpSec on IP packet processing only if it's installed.
Revision: 18365
http://sourceforge.net/p/edk2/code/18365
Author: sfu5
Date: 2015-08-31 07:44:12 + (Mon, 31 Aug 2015)
Log Message:
---
MdeModulePkg/NetworkPkg: Locate IpSec on IP packet processing only if it's
installed.
Modified the logic in Ip4Dxe and Ip6Dxe to not locate EFI_IPSEC2_PROTOCOL on
each
message transmit/receive. Instead, register a callback in the drivers entry
points
on the IpSec protocol installation, and process only if the protocol is
installed.
This speeds up the network stacks when IpSec is not installed since there is a
penalty associated with searching the entire handle database on each packet
processing.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Samer El-Haj-Mahmoud
Reviewed-by: Fu Siyuan
Modified Paths:
--
trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Driver.c
trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.h
trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Input.c
trunk/edk2/NetworkPkg/Ip6Dxe/Ip6Driver.c
trunk/edk2/NetworkPkg/Ip6Dxe/Ip6Impl.h
trunk/edk2/NetworkPkg/Ip6Dxe/Ip6Input.c
Modified: trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Driver.c
===
--- trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Driver.c
2015-08-31 06:03:10 UTC (rev 18364)
+++ trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Driver.c
2015-08-31 07:44:12 UTC (rev 18365)
@@ -2,6 +2,8 @@
The driver binding and service binding protocol for IP4 driver.
Copyright (c) 2005 - 2015, Intel Corporation. All rights reserved.
+(C) Copyright 2015 Hewlett-Packard Development Company, L.P.
+
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -23,7 +25,31 @@
NULL
};
+BOOLEAN mIpSec2Installed = FALSE;
+
/**
+ Callback function for IpSec2 Protocol install.
+
+ @param[in] Event Event whose notification function is being
invoked
+ @param[in] Context Pointer to the notification function's context
+
+**/
+VOID
+EFIAPI
+IpSec2InstalledCallback (
+ IN EFI_EVENT Event,
+ IN VOID *Context
+ )
+{
+ //
+ // Close the event so it does not get called again.
+ //
+ gBS->CloseEvent (Event);
+
+ mIpSec2Installed = TRUE;
+}
+
+/**
This is the declaration of an EFI image entry point. This entry point is
the same for UEFI Applications, UEFI OS Loaders, and UEFI Drivers including
both device drivers and bus drivers.
@@ -45,6 +71,16 @@
IN EFI_SYSTEM_TABLE *SystemTable
)
{
+ VOID*Registration;
+
+ EfiCreateProtocolNotifyEvent (
+&gEfiIpSec2ProtocolGuid,
+TPL_CALLBACK,
+IpSec2InstalledCallback,
+NULL,
+&Registration
+);
+
return EfiLibInstallDriverBindingComponentName2 (
ImageHandle,
SystemTable,
Modified: trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.h
===
--- trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.h 2015-08-31
06:03:10 UTC (rev 18364)
+++ trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.h 2015-08-31
07:44:12 UTC (rev 18365)
@@ -2,6 +2,8 @@
Ip4 internal functions and type defintions.
Copyright (c) 2005 - 2015, Intel Corporation. All rights reserved.
+(C) Copyright 2015 Hewlett-Packard Development Company, L.P.
+
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -396,5 +398,6 @@
);
extern EFI_IPSEC2_PROTOCOL *mIpSec;
+extern BOOLEAN mIpSec2Installed;
#endif
Modified: trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Input.c
===
--- trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Input.c 2015-08-31
06:03:10 UTC (rev 18364)
+++ trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Input.c 2015-08-31
07:44:12 UTC (rev 18365)
@@ -2,6 +2,8 @@
IP4 input process.
Copyright (c) 2005 - 2014, Intel Corporation. All rights reserved.
+(C) Copyright 2015 Hewlett-Packard Development Company, L.P.
+
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -512,6 +514,11 @@
IP4_HEAD ZeroHead;
Status= EFI_SUCCESS;
+
+ if (!mIpSec2Installed) {
+goto ON_EXIT;
+ }
+
Packet= *Netbuf;
RecycleEvent = NULL;
IpSecWrap = NULL;
Modified: trunk/edk2/NetworkPkg/Ip6Dxe/Ip6Driver.c
=
edk2[18384] NetworkPkg: remove redundant words in function comment.
Revision: 18384 http://sourceforge.net/p/edk2/code/18384 Author: sfu5 Date: 2015-09-02 07:40:21 + (Wed, 02 Sep 2015) Log Message: --- NetworkPkg: remove redundant words in function comment. A function with void return type doesn't need @retval line in its function comment. This patch removes one redundant line from Ip6 driver in r18365. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Fu Siyuan Revision Links: -- http://sourceforge.net/p/edk2/code/18365 Modified Paths: -- trunk/edk2/NetworkPkg/Ip6Dxe/Ip6Driver.c Modified: trunk/edk2/NetworkPkg/Ip6Dxe/Ip6Driver.c === --- trunk/edk2/NetworkPkg/Ip6Dxe/Ip6Driver.c2015-09-02 06:29:06 UTC (rev 18383) +++ trunk/edk2/NetworkPkg/Ip6Dxe/Ip6Driver.c2015-09-02 07:40:21 UTC (rev 18384) @@ -33,7 +33,6 @@ @param[in] Event Event whose notification function is being invoked @param[in] Context Pointer to the notification function's context - @retval EFI_SUCCESS Callback successful. **/ VOID EFIAPI -- Monitor Your Dynamic Infrastructure at Any Scale With Datadog! Get real-time metrics from all of your servers, apps and tools in one place. SourceForge users - Click here to start your Free Trial of Datadog now! http://pubads.g.doubleclick.net/gampad/clk?id=241902991&iu=/4140 ___ edk2-commits mailing list edk2-commits@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-commits
edk2[18447] NetworkPkg: Enlarge receive block size of HTTP boot driver.
Revision: 18447 http://sourceforge.net/p/edk2/code/18447 Author: sfu5 Date: 2015-09-14 09:04:25 + (Mon, 14 Sep 2015) Log Message: --- NetworkPkg: Enlarge receive block size of HTTP boot driver. HTTP boot driver uses block size of 1024 when receiving HTTP message body, but typically the MTU of Ethernet is 1500 bytes so it makes 1 TCP segment data split into 2 Http.Response call. This patch enlarges the block size to avoid this issue. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Fu Siyuan Reviewed-by: Ye Ting Modified Paths: -- trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootClient.h Modified: trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootClient.h === --- trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootClient.h 2015-09-14 07:12:29 UTC (rev 18446) +++ trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootClient.h 2015-09-14 09:04:25 UTC (rev 18447) @@ -16,7 +16,7 @@ #define __EFI_HTTP_BOOT_HTTP_H__ #define HTTP_BOOT_REQUEST_TIMEOUT5000 // 5 seconds in uints of millisecond. -#define HTTP_BOOT_BLOCK_SIZE 1024 +#define HTTP_BOOT_BLOCK_SIZE 1500 #define HTTP_FIELD_NAME_USER_AGENT "User-Agent" #define HTTP_FIELD_NAME_HOST "Host" -- ___ edk2-commits mailing list edk2-commits@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-commits
edk2[18448] NetworkPkg: Update cache management in HTTP boot driver.
Revision: 18448
http://sourceforge.net/p/edk2/code/18448
Author: sfu5
Date: 2015-09-14 09:05:12 + (Mon, 14 Sep 2015)
Log Message:
---
NetworkPkg: Update cache management in HTTP boot driver.
The original HTTP boot driver always save the received message body in its
cache,
it bring a large of memory allocation during HTTP download. This patch updates
the HTTP boot driver to only cache data when caller doesn't provide a buffer for
download (which is usually used when caller want to get the required buffer
size).
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Modified Paths:
--
trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootClient.c
Modified: trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootClient.c
===
--- trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootClient.c 2015-09-14 09:04:25 UTC
(rev 18447)
+++ trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootClient.c 2015-09-14 09:05:12 UTC
(rev 18448)
@@ -458,23 +458,7 @@
}
CallbackData = (HTTP_BOOT_CALLBACK_DATA *) Context;
-
//
- // Save the data into cache list.
- //
- NewEntityData = AllocatePool (sizeof (HTTP_BOOT_ENTITY_DATA));
- if (NewEntityData == NULL) {
-return EFI_OUT_OF_RESOURCES;
- }
- if (CallbackData->NewBlock) {
-NewEntityData->Block = CallbackData->Block;
-CallbackData->Block = NULL;
- }
- NewEntityData->DataLength = Length;
- NewEntityData->DataStart = (UINT8*) Data;
- InsertTailList (&CallbackData->Cache->EntityDataList, &NewEntityData->Link);
-
- //
// Copy data if caller has provided a buffer.
//
if (CallbackData->BufferSize > CallbackData->CopyedSize) {
@@ -486,6 +470,22 @@
CallbackData->CopyedSize += MIN (Length, CallbackData->BufferSize -
CallbackData->CopyedSize);
}
+ //
+ // The caller doesn't provide a buffer, save the block into cache list.
+ //
+ if (CallbackData->Cache != NULL) {
+NewEntityData = AllocatePool (sizeof (HTTP_BOOT_ENTITY_DATA));
+if (NewEntityData == NULL) {
+ return EFI_OUT_OF_RESOURCES;
+}
+if (CallbackData->NewBlock) {
+ NewEntityData->Block = CallbackData->Block;
+ CallbackData->Block = NULL;
+}
+NewEntityData->DataLength = Length;
+NewEntityData->DataStart = (UINT8*) Data;
+InsertTailList (&CallbackData->Cache->EntityDataList,
&NewEntityData->Link);
+ }
return EFI_SUCCESS;
}
@@ -566,10 +566,10 @@
//
//
- // 1. Create a temp cache item for the requested URI.
+ // 1. Create a temp cache item for the requested URI if caller doesn't
provide buffer.
//
Cache = NULL;
- if (!HeaderOnly) {
+ if ((!HeaderOnly) && (*BufferSize == 0)) {
Cache = AllocateZeroPool (sizeof (HTTP_BOOT_CACHE_CONTENT));
if (Cache == NULL) {
Status = EFI_OUT_OF_RESOURCES;
@@ -659,7 +659,7 @@
//
// 2.3 Record the request info in a temp cache item.
//
- if (!HeaderOnly) {
+ if (Cache != NULL) {
Cache->RequestData = RequestData;
}
@@ -703,7 +703,7 @@
//
// 3.2 Cache the response header.
//
- if (!HeaderOnly) {
+ if (Cache != NULL) {
Cache->ResponseData = ResponseData;
}
@@ -733,17 +733,26 @@
//
// 3.4 Continue to receive and parse message-body if needed.
//
+ Block = NULL;
if (!HeaderOnly) {
ZeroMem (&ResponseBody, sizeof (HTTP_IO_RESOPNSE_DATA));
while (!HttpIsMessageComplete (Parser)) {
//
- // Allocate a new block to hold the message-body.
+ // Allocate a block to hold the message-body, if caller doesn't provide
+ // a buffer, the block will be cached and we will allocate a new one
here.
//
- Block = AllocatePool (HTTP_BOOT_BLOCK_SIZE);
- if (Block == NULL) {
-Status = EFI_OUT_OF_RESOURCES;
-goto ERROR_6;
+ if (Block == NULL || Context.BufferSize == 0) {
+Block = AllocatePool (HTTP_BOOT_BLOCK_SIZE);
+if (Block == NULL) {
+ Status = EFI_OUT_OF_RESOURCES;
+ goto ERROR_6;
+}
+Context.NewBlock = TRUE;
+Context.Block = Block;
+ } else {
+Context.NewBlock = FALSE;
}
+
ResponseBody.Body = (CHAR8*) Block;
ResponseBody.BodyLength = HTTP_BOOT_BLOCK_SIZE;
Status = HttpIoRecvResponse (
@@ -758,8 +767,6 @@
//
// Parse the new received block of the message-body, the block will be
saved in cache.
//
- Context.NewBlock = TRUE;
- Context.Block= Block;
Status = HttpParseMessageBody (
Parser,
ResponseBody.BodyLength,
@@ -787,7 +794,7 @@
//
// 4. Save the cache item to driver's cache list and return.
//
- if (!
edk2[18449] NetworkPkg: Avoid memory allocation for each HTTP message exchange.
Revision: 18449
http://sourceforge.net/p/edk2/code/18449
Author: sfu5
Date: 2015-09-14 09:05:49 + (Mon, 14 Sep 2015)
Log Message:
---
NetworkPkg: Avoid memory allocation for each HTTP message exchange.
This patch updates the HTTP driver to use a shared buffer for URL parsing to
avoid memory allocation for each HTTP request.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Modified Paths:
--
trunk/edk2/NetworkPkg/HttpDxe/HttpImpl.c
trunk/edk2/NetworkPkg/HttpDxe/HttpProto.c
trunk/edk2/NetworkPkg/HttpDxe/HttpProto.h
Modified: trunk/edk2/NetworkPkg/HttpDxe/HttpImpl.c
===
--- trunk/edk2/NetworkPkg/HttpDxe/HttpImpl.c2015-09-14 09:05:12 UTC (rev
18448)
+++ trunk/edk2/NetworkPkg/HttpDxe/HttpImpl.c2015-09-14 09:05:49 UTC (rev
18449)
@@ -224,6 +224,7 @@
BOOLEAN ReConfigure;
CHAR8 *RequestStr;
CHAR8 *Url;
+ UINTN UrlLen;
CHAR16*HostNameStr;
HTTP_TOKEN_WRAP *Wrap;
HTTP_TCP_TOKEN_WRAP *TcpWrap;
@@ -283,10 +284,15 @@
//
// Parse the URI of the remote host.
//
- Url = AllocatePool (StrLen (Request->Url) + 1);
- if (Url == NULL) {
-return EFI_OUT_OF_RESOURCES;
- }
+ UrlLen = StrLen (Request->Url) + 1;
+ if (UrlLen > HTTP_URL_BUFFER_LEN) {
+Url = AllocateZeroPool (UrlLen);
+if (Url == NULL) {
+ return EFI_OUT_OF_RESOURCES;
+}
+FreePool (HttpInstance->Url);
+HttpInstance->Url = Url;
+ }
UnicodeStrToAsciiStr (Request->Url, Url);
UrlParser = NULL;
@@ -347,7 +353,6 @@
Wrap->TcpWrap.Method = Request->Method;
-FreePool (Url);
FreePool (HostName);
//
@@ -480,7 +485,6 @@
goto Error4;
}
- FreePool (Url);
if (HostName != NULL) {
FreePool (HostName);
}
@@ -520,9 +524,6 @@
}
Error1:
- if (Url != NULL) {
-FreePool (Url);
- }
if (HostName != NULL) {
FreePool (HostName);
}
Modified: trunk/edk2/NetworkPkg/HttpDxe/HttpProto.c
===
--- trunk/edk2/NetworkPkg/HttpDxe/HttpProto.c 2015-09-14 09:05:12 UTC (rev
18448)
+++ trunk/edk2/NetworkPkg/HttpDxe/HttpProto.c 2015-09-14 09:05:49 UTC (rev
18449)
@@ -431,6 +431,12 @@
goto ON_ERROR;
}
+ HttpInstance->Url = AllocateZeroPool (HTTP_URL_BUFFER_LEN);
+ if (HttpInstance->Url == NULL) {
+Status = EFI_OUT_OF_RESOURCES;
+goto ON_ERROR;
+ }
+
NetMapInit (&HttpInstance->TxTokens);
NetMapInit (&HttpInstance->RxTokens);
@@ -496,6 +502,11 @@
HttpInstance->MsgParser = NULL;
}
+ if (HttpInstance->Url != NULL) {
+FreePool (HttpInstance->Url);
+HttpInstance->Url = NULL;
+ }
+
NetMapClean (&HttpInstance->TxTokens);
NetMapClean (&HttpInstance->RxTokens);
Modified: trunk/edk2/NetworkPkg/HttpDxe/HttpProto.h
===
--- trunk/edk2/NetworkPkg/HttpDxe/HttpProto.h 2015-09-14 09:05:12 UTC (rev
18448)
+++ trunk/edk2/NetworkPkg/HttpDxe/HttpProto.h 2015-09-14 09:05:49 UTC (rev
18449)
@@ -51,6 +51,8 @@
#define HTTP_KEEP_ALIVE_TIME 7200
#define HTTP_KEEP_ALIVE_INTERVAL 30
+#define HTTP_URL_BUFFER_LEN 4096
+
typedef struct _HTTP_SERVICE {
UINT32Signature;
EFI_SERVICE_BINDING_PROTOCOL ServiceBinding;
@@ -120,6 +122,8 @@
NET_MAP TxTokens;
NET_MAP RxTokens;
+
+ CHAR8 *Url;
} HTTP_PROTOCOL;
typedef struct {
--
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
edk2[18450] NetworkPkg: RxToken event not closed in Http.Response().
Revision: 18450
http://sourceforge.net/p/edk2/code/18450
Author: sfu5
Date: 2015-09-14 09:06:02 + (Mon, 14 Sep 2015)
Log Message:
---
NetworkPkg: RxToken event not closed in Http.Response().
This patch contains a bug fix in HTTP driver that the RxToken is not closed,
this is one of the main reasons which lower the HTTP download speed.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Modified Paths:
--
trunk/edk2/NetworkPkg/HttpDxe/HttpProto.c
Modified: trunk/edk2/NetworkPkg/HttpDxe/HttpProto.c
===
--- trunk/edk2/NetworkPkg/HttpDxe/HttpProto.c 2015-09-14 09:05:49 UTC (rev
18449)
+++ trunk/edk2/NetworkPkg/HttpDxe/HttpProto.c 2015-09-14 09:06:02 UTC (rev
18450)
@@ -104,6 +104,7 @@
}
Wrap = (HTTP_TOKEN_WRAP *) Context;
+ gBS->CloseEvent (Wrap->TcpWrap.RxToken.CompletionToken.Event);
if (EFI_ERROR (Wrap->TcpWrap.RxToken.CompletionToken.Status)) {
return ;
}
--
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
edk2[18451] NetworkPkg: Update Http driver to use DPC mechanism.
Revision: 18451
http://sourceforge.net/p/edk2/code/18451
Author: sfu5
Date: 2015-09-14 09:06:26 + (Mon, 14 Sep 2015)
Log Message:
---
NetworkPkg: Update Http driver to use DPC mechanism.
This patch updates the HttpDxe driver to use the DPC mechanism to avoid long
time delay when single event.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Modified Paths:
--
trunk/edk2/NetworkPkg/HttpDxe/HttpDriver.h
trunk/edk2/NetworkPkg/HttpDxe/HttpDxe.inf
trunk/edk2/NetworkPkg/HttpDxe/HttpImpl.c
trunk/edk2/NetworkPkg/HttpDxe/HttpProto.c
Modified: trunk/edk2/NetworkPkg/HttpDxe/HttpDriver.h
===
--- trunk/edk2/NetworkPkg/HttpDxe/HttpDriver.h 2015-09-14 09:06:02 UTC (rev
18450)
+++ trunk/edk2/NetworkPkg/HttpDxe/HttpDriver.h 2015-09-14 09:06:26 UTC (rev
18451)
@@ -28,7 +28,7 @@
#include
#include
#include
-#include
+#include
//
// UEFI Driver Model Protocols
Modified: trunk/edk2/NetworkPkg/HttpDxe/HttpDxe.inf
===
--- trunk/edk2/NetworkPkg/HttpDxe/HttpDxe.inf 2015-09-14 09:06:02 UTC (rev
18450)
+++ trunk/edk2/NetworkPkg/HttpDxe/HttpDxe.inf 2015-09-14 09:06:26 UTC (rev
18451)
@@ -48,6 +48,7 @@
DebugLib
NetLib
HttpLib
+ DpcLib
[Protocols]
gEfiHttpServiceBindingProtocolGuid ## BY_START
Modified: trunk/edk2/NetworkPkg/HttpDxe/HttpImpl.c
===
--- trunk/edk2/NetworkPkg/HttpDxe/HttpImpl.c2015-09-14 09:06:02 UTC (rev
18450)
+++ trunk/edk2/NetworkPkg/HttpDxe/HttpImpl.c2015-09-14 09:06:26 UTC (rev
18451)
@@ -502,6 +502,8 @@
goto Error5;
}
+ DispatchDpc ();
+
return EFI_SUCCESS;
Error5:
@@ -1330,6 +1332,7 @@
)
{
HTTP_PROTOCOL *HttpInstance;
+ EFI_STATUSStatus;
if (This == NULL) {
return EFI_INVALID_PARAMETER;
@@ -1346,5 +1349,9 @@
return EFI_NOT_STARTED;
}
- return HttpInstance->Tcp4->Poll (HttpInstance->Tcp4);
+ Status = HttpInstance->Tcp4->Poll (HttpInstance->Tcp4);
+
+ DispatchDpc ();
+
+ return Status;
}
Modified: trunk/edk2/NetworkPkg/HttpDxe/HttpProto.c
===
--- trunk/edk2/NetworkPkg/HttpDxe/HttpProto.c 2015-09-14 09:06:02 UTC (rev
18450)
+++ trunk/edk2/NetworkPkg/HttpDxe/HttpProto.c 2015-09-14 09:06:26 UTC (rev
18451)
@@ -38,20 +38,18 @@
/**
The notify function associated with TxToken for Tcp4->Transmit().
- @param[in] Event The event signaled.
@param[in] Context The context.
**/
VOID
EFIAPI
-HttpTcpTransmitNotify (
- IN EFI_EVENT Event,
+HttpTcpTransmitNotifyDpc (
IN VOID *Context
)
{
HTTP_TOKEN_WRAP *Wrap;
- if ((Event == NULL) || (Context == NULL)) {
+ if (Context == NULL) {
return ;
}
@@ -80,16 +78,35 @@
}
/**
+ Request HttpTcpTransmitNotifyDpc as a DPC at TPL_CALLBACK.
+
+ @param Event The receive event delivered to TCP for
transmit.
+ @param Context Context for the callback.
+
+**/
+VOID
+EFIAPI
+HttpTcpTransmitNotify (
+ IN EFI_EVENTEvent,
+ IN VOID *Context
+ )
+{
+ //
+ // Request HttpTcpTransmitNotifyDpc as a DPC at TPL_CALLBACK
+ //
+ QueueDpc (TPL_CALLBACK, HttpTcpTransmitNotifyDpc, Context);
+}
+
+
+/**
The notify function associated with RxToken for Tcp4->Receive ().
- @param[in] Event The event signaled.
@param[in] Context The context.
**/
VOID
EFIAPI
-HttpTcpReceiveNotify (
- IN EFI_EVENT Event,
+HttpTcpReceiveNotifyDpc (
IN VOID *Context
)
{
@@ -99,7 +116,7 @@
EFI_STATUS Status;
HTTP_PROTOCOL*HttpInstance;
- if ((Event == NULL) || (Context == NULL)) {
+ if (Context == NULL) {
return ;
}
@@ -174,6 +191,27 @@
}
/**
+ Request HttpTcpReceiveNotifyDpc as a DPC at TPL_CALLBACK.
+
+ @param Event The receive event delivered to TCP for receive.
+ @param Context Context for the callback.
+
+**/
+VOID
+EFIAPI
+HttpTcpReceiveNotify (
+ IN EFI_EVENTEvent,
+ IN VOID *Context
+ )
+{
+ //
+ // Request HttpTcpTransmitNotifyDpc as a DPC at TPL_CALLBACK
+ //
+ QueueDpc (TPL_CALLBACK, HttpTcpReceiveNotifyDpc, Context);
+}
+
+
+/**
Create events for the TCP4 connection token and TCP4 close token.
@param[in] HttpInstance Pointer to HTTP_PROTOCOL structure.
--
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
edk2[18453] NetworkPkg: Correct the missed code in r18449.
Revision: 18453
http://sourceforge.net/p/edk2/code/18453
Author: sfu5
Date: 2015-09-15 00:59:37 + (Tue, 15 Sep 2015)
Log Message:
---
NetworkPkg: Correct the missed code in r18449.
The fix r18449 missed 1 line which will cause Http.Request() ASSERT. This patch
will correct this error.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Revision Links:
--
http://sourceforge.net/p/edk2/code/18449
http://sourceforge.net/p/edk2/code/18449
Modified Paths:
--
trunk/edk2/NetworkPkg/HttpDxe/HttpImpl.c
Modified: trunk/edk2/NetworkPkg/HttpDxe/HttpImpl.c
===
--- trunk/edk2/NetworkPkg/HttpDxe/HttpImpl.c2015-09-15 00:58:59 UTC (rev
18452)
+++ trunk/edk2/NetworkPkg/HttpDxe/HttpImpl.c2015-09-15 00:59:37 UTC (rev
18453)
@@ -275,7 +275,6 @@
return EFI_ACCESS_DENIED;
}
- Url = NULL;
HostName= NULL;
Wrap= NULL;
HostNameStr = NULL;
@@ -284,6 +283,7 @@
//
// Parse the URI of the remote host.
//
+ Url = HttpInstance->Url;
UrlLen = StrLen (Request->Url) + 1;
if (UrlLen > HTTP_URL_BUFFER_LEN) {
Url = AllocateZeroPool (UrlLen);
--
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
edk2[18455] MdeModulePkg: Change the algorithm in SNP to use the first found BAR index.
Revision: 18455
http://sourceforge.net/p/edk2/code/18455
Author: sfu5
Date: 2015-09-15 03:12:15 + (Tue, 15 Sep 2015)
Log Message:
---
MdeModulePkg: Change the algorithm in SNP to use the first found BAR index.
The driver binding start function in SNP.c goes through all the BARs and get
the last BAR index for use. Theoretically it should work with all valid BARs,
but we got reports some device did always use the first valid BAR, so we change
the logic in SNP to use the first found BAR index instead of the last one.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Modified Paths:
--
trunk/edk2/MdeModulePkg/Universal/Network/SnpDxe/Snp.c
Modified: trunk/edk2/MdeModulePkg/Universal/Network/SnpDxe/Snp.c
===
--- trunk/edk2/MdeModulePkg/Universal/Network/SnpDxe/Snp.c 2015-09-15
01:08:59 UTC (rev 18454)
+++ trunk/edk2/MdeModulePkg/Universal/Network/SnpDxe/Snp.c 2015-09-15
03:12:15 UTC (rev 18455)
@@ -1,7 +1,7 @@
/** @file
Implementation of driver entry point and driver binding protocol.
-Copyright (c) 2004 - 2014, Intel Corporation. All rights reserved.
+Copyright (c) 2004 - 2015, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed
and made available under the terms and conditions of the BSD License which
accompanies this distribution. The full text of the license may be found at
@@ -273,6 +273,8 @@
PXE_STATFLAGS InitStatFlags;
EFI_PCI_IO_PROTOCOL *PciIo;
EFI_ACPI_ADDRESS_SPACE_DESCRIPTOR *BarDesc;
+ BOOLEAN FoundIoBar;
+ BOOLEAN FoundMemoryBar;
DEBUG ((EFI_D_NET, "\nSnpNotifyNetworkInterfaceIdentifier() "));
@@ -403,7 +405,7 @@
Snp->TxRxBuffer = NULL;
if (Nii->Revision >= EFI_NETWORK_INTERFACE_IDENTIFIER_PROTOCOL_REVISION) {
- Snp->IfNum = Nii->IfNum;
+Snp->IfNum = Nii->IfNum;
} else {
Snp->IfNum = (UINT8) (Nii->IfNum & 0xFF);
@@ -463,6 +465,8 @@
//
Snp->MemoryBarIndex = 0;
Snp->IoBarIndex = 1;
+ FoundMemoryBar = FALSE;
+ FoundIoBar = FALSE;
for (BarIndex = 0; BarIndex < PCI_MAX_BAR; BarIndex++) {
Status = PciIo->GetBarAttributes (
PciIo,
@@ -476,13 +480,19 @@
goto Error_DeleteSNP;
}
-if (BarDesc->ResType == ACPI_ADDRESS_SPACE_TYPE_MEM) {
+if ((!FoundMemoryBar) && (BarDesc->ResType ==
ACPI_ADDRESS_SPACE_TYPE_MEM)) {
Snp->MemoryBarIndex = BarIndex;
-} else if (BarDesc->ResType == ACPI_ADDRESS_SPACE_TYPE_IO) {
+ FoundMemoryBar = TRUE;
+} else if ((!FoundIoBar) && (BarDesc->ResType ==
ACPI_ADDRESS_SPACE_TYPE_IO)) {
Snp->IoBarIndex = BarIndex;
+ FoundIoBar = TRUE;
}
FreePool (BarDesc);
+
+if (FoundMemoryBar && FoundIoBar) {
+ break;
+}
}
Status = PxeStart (Snp);
--
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
edk2[18483] NetworkPkg: TrafficDirection not saved in IPsecConfig.
Revision: 18483
http://sourceforge.net/p/edk2/code/18483
Author: sfu5
Date: 2015-09-16 08:52:43 + (Wed, 16 Sep 2015)
Log Message:
---
NetworkPkg: TrafficDirection not saved in IPsecConfig.
Fix a bug that the TrafficDirection field is not saved in IPsecConfig.SetData.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Modified Paths:
--
trunk/edk2/NetworkPkg/IpSecDxe/IpSecConfigImpl.c
trunk/edk2/NetworkPkg/IpSecDxe/IpSecImpl.h
Modified: trunk/edk2/NetworkPkg/IpSecDxe/IpSecConfigImpl.c
===
--- trunk/edk2/NetworkPkg/IpSecDxe/IpSecConfigImpl.c2015-09-16 08:52:24 UTC
(rev 18482)
+++ trunk/edk2/NetworkPkg/IpSecDxe/IpSecConfigImpl.c2015-09-16 08:52:43 UTC
(rev 18483)
@@ -1167,9 +1167,10 @@
SpdData->Name,
sizeof (SpdData->Name)
);
- SpdEntry->Data->PackageFlag = SpdData->PackageFlag;
- SpdEntry->Data->Action = SpdData->Action;
-
+ SpdEntry->Data->PackageFlag = SpdData->PackageFlag;
+ SpdEntry->Data->TrafficDirection = SpdData->TrafficDirection;
+ SpdEntry->Data->Action = SpdData->Action;
+
//
// Fix the address of ProcessingPolicy and copy it if need, which is
continous
// memory and close to the base structure of SAD data.
@@ -1690,9 +1691,10 @@
//
CopyMem (SpdData->Name, SpdEntry->Data->Name, sizeof (SpdData->Name));
- SpdData->PackageFlag = SpdEntry->Data->PackageFlag;
- SpdData->Action = SpdEntry->Data->Action;
-
+ SpdData->PackageFlag = SpdEntry->Data->PackageFlag;
+ SpdData->TrafficDirection = SpdEntry->Data->TrafficDirection;
+ SpdData->Action = SpdEntry->Data->Action;
+
if (SpdData->Action != EfiIPsecActionProtect) {
SpdData->ProcessingPolicy = NULL;
} else {
Modified: trunk/edk2/NetworkPkg/IpSecDxe/IpSecImpl.h
===
--- trunk/edk2/NetworkPkg/IpSecDxe/IpSecImpl.h 2015-09-16 08:52:24 UTC (rev
18482)
+++ trunk/edk2/NetworkPkg/IpSecDxe/IpSecImpl.h 2015-09-16 08:52:43 UTC (rev
18483)
@@ -76,6 +76,7 @@
struct _IPSEC_SPD_DATA {
CHAR16Name[100];
UINT32PackageFlag;
+ EFI_IPSEC_TRAFFIC_DIR TrafficDirection;
EFI_IPSEC_ACTION Action;
EFI_IPSEC_PROCESS_POLICY *ProcessingPolicy;
LIST_ENTRYSas;
--
Monitor Your Dynamic Infrastructure at Any Scale With Datadog!
Get real-time metrics from all of your servers, apps and tools
in one place.
SourceForge users - Click here to start your Free Trial of Datadog now!
http://pubads.g.doubleclick.net/gampad/clk?id=241902991&iu=/4140
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
edk2[18482] NetworkPkg: Enhance the NULL pointer check before dereference it.
Revision: 18482
http://sourceforge.net/p/edk2/code/18482
Author: sfu5
Date: 2015-09-16 08:52:24 + (Wed, 16 Sep 2015)
Log Message:
---
NetworkPkg: Enhance the NULL pointer check before dereference it.
This patch enhances the NULL pointer check of the HttpInstance->RemoteHost
pointer before dereference it.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Modified Paths:
--
trunk/edk2/NetworkPkg/HttpDxe/HttpImpl.c
Modified: trunk/edk2/NetworkPkg/HttpDxe/HttpImpl.c
===
--- trunk/edk2/NetworkPkg/HttpDxe/HttpImpl.c2015-09-16 08:40:20 UTC (rev
18481)
+++ trunk/edk2/NetworkPkg/HttpDxe/HttpImpl.c2015-09-16 08:52:24 UTC (rev
18482)
@@ -316,7 +316,7 @@
Configure = TRUE;
ReConfigure = TRUE;
- if (HttpInstance->RemoteHost == NULL && HttpInstance->RemotePort == 0) {
+ if (HttpInstance->RemoteHost == NULL) {
//
// Request() is called the first time.
//
@@ -373,6 +373,7 @@
if (HttpInstance->RemoteHost != NULL) {
FreePool (HttpInstance->RemoteHost);
HttpInstance->RemoteHost = NULL;
+HttpInstance->RemotePort = 0;
}
}
}
--
Monitor Your Dynamic Infrastructure at Any Scale With Datadog!
Get real-time metrics from all of your servers, apps and tools
in one place.
SourceForge users - Click here to start your Free Trial of Datadog now!
http://pubads.g.doubleclick.net/gampad/clk?id=241902991&iu=/4140
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
edk2[18520] MdePkg: Http.h - Add HttpMethodMax to EFI_HTTP_METHOD.
Revision: 18520 http://sourceforge.net/p/edk2/code/18520 Author: sfu5 Date: 2015-09-21 07:53:00 + (Mon, 21 Sep 2015) Log Message: --- MdePkg: Http.h - Add HttpMethodMax to EFI_HTTP_METHOD. Add HttpMethodMax enum value to EFI_HTTP_METHOD to make it easier to iterate through the HTTP methods using a loop. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Samer El-Haj-Mahmoud Reviewed-by: Fu Siyuan Modified Paths: -- trunk/edk2/MdePkg/Include/Protocol/Http.h Modified: trunk/edk2/MdePkg/Include/Protocol/Http.h === --- trunk/edk2/MdePkg/Include/Protocol/Http.h 2015-09-21 05:54:03 UTC (rev 18519) +++ trunk/edk2/MdePkg/Include/Protocol/Http.h 2015-09-21 07:53:00 UTC (rev 18520) @@ -5,6 +5,7 @@ HTTP Protocol (HTTP) Copyright (c) 2015, Intel Corporation. All rights reserved. + (C) Copyright 2015 Hewlett Packard Enterprise Development LP This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -54,7 +55,8 @@ HttpMethodHead, HttpMethodPut, HttpMethodDelete, - HttpMethodTrace + HttpMethodTrace, + HttpMethodMax } EFI_HTTP_METHOD; /// -- ___ edk2-commits mailing list edk2-commits@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-commits
edk2[18521] NetworkPkg: Fix typos in some EFI_HTTP_STATUS_CODE definitions
Revision: 18521 http://sourceforge.net/p/edk2/code/18521 Author: sfu5 Date: 2015-09-21 07:53:16 + (Mon, 21 Sep 2015) Log Message: --- NetworkPkg: Fix typos in some EFI_HTTP_STATUS_CODE definitions Fix spelling typos in EFI_HTTP_STATUS_CODE definitions for error 415 and 501. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Samer El-Haj-Mahmoud Reviewed-by: Fu Siyuan Modified Paths: -- trunk/edk2/MdePkg/Include/Protocol/Http.h trunk/edk2/NetworkPkg/HttpDxe/HttpProto.c Modified: trunk/edk2/MdePkg/Include/Protocol/Http.h === --- trunk/edk2/MdePkg/Include/Protocol/Http.h 2015-09-21 07:53:00 UTC (rev 18520) +++ trunk/edk2/MdePkg/Include/Protocol/Http.h 2015-09-21 07:53:16 UTC (rev 18521) @@ -95,11 +95,11 @@ HTTP_STATUS_412_PRECONDITION_FAILED, HTTP_STATUS_413_REQUEST_ENTITY_TOO_LARGE, HTTP_STATUS_414_REQUEST_URI_TOO_LARGE, - HTTP_STATUS_415_UNSUPPORETD_MEDIA_TYPE, + HTTP_STATUS_415_UNSUPPORTED_MEDIA_TYPE, HTTP_STATUS_416_REQUESTED_RANGE_NOT_SATISFIED, HTTP_STATUS_417_EXPECTATION_FAILED, HTTP_STATUS_500_INTERNAL_SERVER_ERROR, - HTTP_STATUS_501_NOT_IMIPLEMENTED, + HTTP_STATUS_501_NOT_IMPLEMENTED, HTTP_STATUS_502_BAD_GATEWAY, HTTP_STATUS_503_SERVICE_UNAVAILABLE, HTTP_STATUS_504_GATEWAY_TIME_OUT, Modified: trunk/edk2/NetworkPkg/HttpDxe/HttpProto.c === --- trunk/edk2/NetworkPkg/HttpDxe/HttpProto.c 2015-09-21 07:53:00 UTC (rev 18520) +++ trunk/edk2/NetworkPkg/HttpDxe/HttpProto.c 2015-09-21 07:53:16 UTC (rev 18521) @@ -2,6 +2,7 @@ Miscellaneous routines for HttpDxe driver. Copyright (c) 2015, Intel Corporation. All rights reserved. +(C) Copyright 2015 Hewlett Packard Enterprise Development LP This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -893,7 +894,7 @@ case 414: return HTTP_STATUS_414_REQUEST_URI_TOO_LARGE; case 415: -return HTTP_STATUS_415_UNSUPPORETD_MEDIA_TYPE; +return HTTP_STATUS_415_UNSUPPORTED_MEDIA_TYPE; case 416: return HTTP_STATUS_416_REQUESTED_RANGE_NOT_SATISFIED; case 417: @@ -901,7 +902,7 @@ case 500: return HTTP_STATUS_500_INTERNAL_SERVER_ERROR; case 501: -return HTTP_STATUS_501_NOT_IMIPLEMENTED; +return HTTP_STATUS_501_NOT_IMPLEMENTED; case 502: return HTTP_STATUS_502_BAD_GATEWAY; case 503: -- ___ edk2-commits mailing list edk2-commits@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-commits
edk2[18559] MdeModulePkg: Add SMBIOS 3.0 support in NetLibGetSystemGuid.
Revision: 18559
http://sourceforge.net/p/edk2/code/18559
Author: sfu5
Date: 2015-09-30 01:06:57 + (Wed, 30 Sep 2015)
Log Message:
---
MdeModulePkg: Add SMBIOS 3.0 support in NetLibGetSystemGuid.
NetLibGetSystemGuid gets the UUID from SMBIOS table to use as the System GUID
(in DHCP and other network use cases). This change adds support to get the
UUID from either SMBIOS 2.x or 3.0, since SMBIOS 3.0 uses a different GUID in
the System Configuration Table.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Samer El-Haj-Mahmoud
Reviewed-by: Fu Siyuan
Modified Paths:
--
trunk/edk2/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c
trunk/edk2/MdeModulePkg/Library/DxeNetLib/DxeNetLib.inf
Modified: trunk/edk2/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c
===
--- trunk/edk2/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c 2015-09-29
06:35:33 UTC (rev 18558)
+++ trunk/edk2/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c 2015-09-30
01:06:57 UTC (rev 18559)
@@ -2,6 +2,7 @@
Network library.
Copyright (c) 2005 - 2015, Intel Corporation. All rights reserved.
+(C) Copyright 2015 Hewlett Packard Enterprise Development LP
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -3254,22 +3255,27 @@
OUT EFI_GUID *SystemGuid
)
{
- EFI_STATUSStatus;
- SMBIOS_TABLE_ENTRY_POINT *SmbiosTable;
- SMBIOS_STRUCTURE_POINTER Smbios;
- SMBIOS_STRUCTURE_POINTER SmbiosEnd;
- CHAR8 *String;
+ EFI_STATUSStatus;
+ SMBIOS_TABLE_ENTRY_POINT *SmbiosTable;
+ SMBIOS_TABLE_3_0_ENTRY_POINT *Smbios30Table;
+ SMBIOS_STRUCTURE_POINTER Smbios;
+ SMBIOS_STRUCTURE_POINTER SmbiosEnd;
+ CHAR8 *String;
SmbiosTable = NULL;
- Status = EfiGetSystemConfigurationTable (&gEfiSmbiosTableGuid, (VOID
**) &SmbiosTable);
-
- if (EFI_ERROR (Status) || SmbiosTable == NULL) {
-return EFI_NOT_FOUND;
+ Status = EfiGetSystemConfigurationTable (&gEfiSmbios3TableGuid, (VOID **)
&Smbios30Table);
+ if (!(EFI_ERROR (Status) || Smbios30Table == NULL)) {
+Smbios.Hdr = (SMBIOS_STRUCTURE *) (UINTN) Smbios30Table->TableAddress;
+SmbiosEnd.Raw = (UINT8 *) (UINTN) (Smbios30Table->TableAddress +
Smbios30Table->TableMaximumSize);
+ } else {
+Status = EfiGetSystemConfigurationTable (&gEfiSmbiosTableGuid, (VOID **)
&SmbiosTable);
+if (EFI_ERROR (Status) || SmbiosTable == NULL) {
+ return EFI_NOT_FOUND;
+}
+Smbios.Hdr= (SMBIOS_STRUCTURE *) (UINTN) SmbiosTable->TableAddress;
+SmbiosEnd.Raw = (UINT8 *) (UINTN) (SmbiosTable->TableAddress +
SmbiosTable->TableLength);
}
- Smbios.Hdr= (SMBIOS_STRUCTURE *) (UINTN) SmbiosTable->TableAddress;
- SmbiosEnd.Raw = (UINT8 *) (UINTN) (SmbiosTable->TableAddress +
SmbiosTable->TableLength);
-
do {
if (Smbios.Hdr->Type == 1) {
if (Smbios.Hdr->Length < 0x19) {
Modified: trunk/edk2/MdeModulePkg/Library/DxeNetLib/DxeNetLib.inf
===
--- trunk/edk2/MdeModulePkg/Library/DxeNetLib/DxeNetLib.inf 2015-09-29
06:35:33 UTC (rev 18558)
+++ trunk/edk2/MdeModulePkg/Library/DxeNetLib/DxeNetLib.inf 2015-09-30
01:06:57 UTC (rev 18559)
@@ -2,6 +2,7 @@
# This library instance provides the basic network services.
#
# Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.
+# (C) Copyright 2015 Hewlett Packard Enterprise Development LP
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD
License
# which accompanies this distribution. The full text of the license may be
found at
@@ -52,6 +53,7 @@
[Guids]
gEfiSmbiosTableGuid ## SOMETIMES_CONSUMES ##
SystemTable
+ gEfiSmbios3TableGuid ## SOMETIMES_CONSUMES ##
SystemTable
[Protocols]
--
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
edk2[18560] MdeModulePkg Ip4Dxe: Ip4Config2 to request DHCP Option6 DNS server IP
Revision: 18560
http://sourceforge.net/p/edk2/code/18560
Author: sfu5
Date: 2015-09-30 03:01:13 + (Wed, 30 Sep 2015)
Log Message:
---
MdeModulePkg Ip4Dxe: Ip4Config2 to request DHCP Option6 DNS server IP
Ip4Config2 protocol implementation must request for DNS server info when the
policy is set to DHCP. And when a DHCP server responds to it with a list of
DNS server addresses, it must parse it and set it for the instance. Without
this, nobody can do a Ip4Config->GetData for DNS server IPs before calling
Dns->Configure(). This will mean a DHCP is initiated when calling
Dns->Configure(), thus causing serious performance issues. This patch
attempts to address this issue.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Samer El-Haj-Mahmoud
Reviewed-by: Ye Ting
Reviewed-by: Samer El-Haj-Mahmoud
Reviewed-by: Fu Siyuan
Modified Paths:
--
trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c
trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.h
Modified: trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c
===
--- trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c
2015-09-30 01:06:57 UTC (rev 18559)
+++ trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c
2015-09-30 03:01:13 UTC (rev 18560)
@@ -2,6 +2,7 @@
The implementation of EFI IPv4 Configuration II Protocol.
Copyright (c) 2015, Intel Corporation. All rights reserved.
+ (C) Copyright 2015 Hewlett Packard Enterprise Development LP
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
@@ -677,7 +678,127 @@
}
}
+/**
+ This worker function sets the DNS server list for the EFI IPv4 network
+ stack running on the communication device that this EFI_IP4_CONFIG2_PROTOCOL
+ manages. The DNS server addresses must be unicast IPv4 addresses.
+ @param[in] InstanceThe pointer to the IP4 config2 instance data.
+ @param[in] DataSizeThe size of the buffer pointed to by Data in
bytes.
+ @param[in] DataThe data buffer to set, points to an array of
+ EFI_IPv4_ADDRESS instances.
+
+ @retval EFI_BAD_BUFFER_SIZEThe DataSize does not match the size of the
type.
+ @retval EFI_INVALID_PARAMETER One or more fields in Data is invalid.
+ @retval EFI_OUT_OF_RESOURCES Failed to allocate resources to complete the
operation.
+ @retval EFI_ABORTEDThe DNS server addresses to be set equal the
current
+ configuration.
+ @retval EFI_SUCCESSThe specified configuration data for the EFI
IPv4
+ network stack was set.
+
+**/
+EFI_STATUS
+Ip4Config2SetDnsServerWorker (
+ IN IP4_CONFIG2_INSTANCE*Instance,
+ IN UINTN DataSize,
+ IN VOID*Data
+ )
+{
+ UINTN OldIndex;
+ UINTN NewIndex;
+ UINTN Index1;
+ EFI_IPv4_ADDRESS *OldDns;
+ EFI_IPv4_ADDRESS *NewDns;
+ UINTN OldDnsCount;
+ UINTN NewDnsCount;
+ IP4_CONFIG2_DATA_ITEM *Item;
+ BOOLEAN OneAdded;
+ VOID *Tmp;
+ IP4_ADDR DnsAddress;
+
+ if ((DataSize % sizeof (EFI_IPv4_ADDRESS) != 0) || (DataSize == 0)) {
+return EFI_BAD_BUFFER_SIZE;
+ }
+
+ Item= &Instance->DataItem[Ip4Config2DataTypeDnsServer];
+ NewDns = (EFI_IPv4_ADDRESS *) Data;
+ OldDns = Item->Data.DnsServers;
+ NewDnsCount = DataSize / sizeof (EFI_IPv4_ADDRESS);
+ OldDnsCount = Item->DataSize / sizeof (EFI_IPv4_ADDRESS);
+ OneAdded= FALSE;
+
+ if (NewDnsCount != OldDnsCount) {
+Tmp = AllocatePool (DataSize);
+if (Tmp == NULL) {
+ return EFI_OUT_OF_RESOURCES;
+}
+ } else {
+Tmp = NULL;
+ }
+
+ for (NewIndex = 0; NewIndex < NewDnsCount; NewIndex++) {
+CopyMem (&DnsAddress, NewDns + NewIndex, sizeof (IP4_ADDR));
+
+if (!NetIp4IsUnicast (NTOHL (DnsAddress), 0)) {
+ //
+ // The dns server address must be unicast.
+ //
+ FreePool (Tmp);
+ return EFI_INVALID_PARAMETER;
+}
+
+for (Index1 = NewIndex + 1; Index1 < NewDnsCount; Index1++) {
+ if (EFI_IP4_EQUAL (NewDns + NewIndex, NewDns + Index1)) {
+FreePool (Tmp);
+return EFI_INVALID_PARAMETER;
+ }
+}
+
+if (OneAdded) {
+ //
+ // If any address in the new setting is not in the old settings, skip the
+ // comparision below.
+ //
+ continue;
+}
+
+for (OldIndex = 0; OldIndex < OldDnsCount; OldIndex++) {
+ if (EFI_IP4_EQUAL (NewDns + NewIndex, OldDns + OldIndex)) {
+//
+// If found break out.
+//
+break;
+ }
+}
+
+if (OldIndex == Ol
edk2[18610] NetworkPkg: remove unnecessary timeout event when setting IPv6 address.
Revision: 18610
http://sourceforge.net/p/edk2/code/18610
Author: sfu5
Date: 2015-10-15 06:42:50 + (Thu, 15 Oct 2015)
Log Message:
---
NetworkPkg: remove unnecessary timeout event when setting IPv6 address.
Use Ip6Cfg->SetData() to set IP6 manual address is asynchronous process and the
registered data notify event will be singled when process is done. So it's not
necessary to create another timeout event for the address setting.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Jiaxin Wu
Modified Paths:
--
trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
Modified: trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
===
--- trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c 2015-10-15 02:43:31 UTC
(rev 18609)
+++ trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c 2015-10-15 06:42:50 UTC
(rev 18610)
@@ -1376,16 +1376,15 @@
EFI_IP6_CONFIG_MANUAL_ADDRESSCfgAddr;
EFI_IPv6_ADDRESS GatewayAddr;
UINTNDataSize;
- EFI_EVENTTimeOutEvt;
EFI_EVENTMappedEvt;
EFI_STATUS Status;
- UINT64 DadTriggerTime;
- EFI_IP6_CONFIG_DUP_ADDR_DETECT_TRANSMITSDadXmits;
BOOLEAN NoGateway;
+ EFI_IPv6_ADDRESS *Ip6Addr;
+ UINTNIndex;
Status = EFI_SUCCESS;
- TimeOutEvt = NULL;
MappedEvt = NULL;
+ Ip6Addr= NULL;
DataSize = sizeof (EFI_IP6_CONFIG_POLICY);
Ip6Cfg = Private->Ip6Cfg;
Ip6= Private->Ip6;
@@ -1427,34 +1426,6 @@
}
//
- // Get Duplicate Address Detection Transmits count.
- //
- DataSize = sizeof (EFI_IP6_CONFIG_DUP_ADDR_DETECT_TRANSMITS);
- Status = Ip6Cfg->GetData (
- Ip6Cfg,
- Ip6ConfigDataTypeDupAddrDetectTransmits,
- &DataSize,
- &DadXmits
- );
- if (EFI_ERROR (Status)) {
-goto ON_EXIT;
- }
-
- //
- // Create a timer as setting address timeout event since DAD in IP6 driver.
- //
- Status = gBS->CreateEvent (
- EVT_TIMER,
- TPL_CALLBACK,
- NULL,
- NULL,
- &TimeOutEvt
- );
- if (EFI_ERROR (Status)) {
-goto ON_EXIT;
- }
-
- //
// Create a notify event to set address flag when DAD if IP6 driver
succeeded.
//
Status = gBS->CreateEvent (
@@ -1468,6 +1439,7 @@
goto ON_EXIT;
}
+ Private->IsAddressOk = FALSE;
Status = Ip6Cfg->RegisterDataNotify (
Ip6Cfg,
Ip6ConfigDataTypeManualAddress,
@@ -1485,23 +1457,54 @@
);
if (EFI_ERROR(Status) && Status != EFI_NOT_READY) {
goto ON_EXIT;
- }
+ } else if (Status == EFI_NOT_READY) {
+//
+// Poll the network until the asynchronous process is finished.
+//
+while (!Private->IsAddressOk) {
+ Ip6->Poll (Ip6);
+}
+//
+// Check whether the IP6 address setting is successed.
+//
+DataSize = 0;
+Status = Ip6Cfg->GetData (
+ Ip6Cfg,
+ Ip6ConfigDataTypeManualAddress,
+ &DataSize,
+ NULL
+ );
+if (Status != EFI_BUFFER_TOO_SMALL || DataSize == 0) {
+ Status = EFI_DEVICE_ERROR;
+ goto ON_EXIT;
+}
- //
- // Start the 5 secondes timer to wait for setting address.
- //
- Status = EFI_NO_MAPPING;
- DadTriggerTime = TICKS_PER_SECOND * DadXmits.DupAddrDetectTransmits +
PXEBC_DAD_ADDITIONAL_DELAY;
- gBS->SetTimer (TimeOutEvt, TimerRelative, DadTriggerTime);
+Ip6Addr = AllocatePool (DataSize);
+if (Ip6Addr == NULL) {
+ return EFI_OUT_OF_RESOURCES;
+}
+Status = Ip6Cfg->GetData (
+ Ip6Cfg,
+ Ip6ConfigDataTypeManualAddress,
+ &DataSize,
+ (VOID*) Ip6Addr
+ );
+if (EFI_ERROR (Status)) {
+ Status = EFI_DEVICE_ERROR;
+ goto ON_EXIT;
+}
- while (EFI_ERROR (gBS->CheckEvent (TimeOutEvt))) {
-Ip6->Poll (Ip6);
-if (Private->IsAddressOk) {
- Status = EFI_SUCCESS;
- break;
+for (Index = 0; Index < DataSize / sizeof (EFI_IPv6_ADDRESS); Index++) {
+ if (CompareMem (Ip6Addr + Index, Address, sizeof (EFI_IPv6_ADDRESS)) ==
0) {
+break;
+ }
}
+if (Index == DataSize / sizeof (EFI_IPv6_ADDRESS)) {
+ Status = EFI_ABORTED;
+ goto ON_EXIT;
+}
}
-
+
//
// Set the default gateway address back if needed.
//
@@ -1526,8 +1529,8 @@
);
gBS->CloseEvent (MappedEvt);
}
edk2[18615] MdeModulePkg: reset DHCP child when leaving PXE LoadFile.
Revision: 18615
http://sourceforge.net/p/edk2/code/18615
Author: sfu5
Date: 2015-10-16 07:18:38 + (Fri, 16 Oct 2015)
Log Message:
---
MdeModulePkg: reset DHCP child when leaving PXE LoadFile.
The DHCP4 can have only one configured child instance so we need to reset
the DHCP4 child when leaving PXE driver's LoadFile() function, otherwise the
other programs which also need to use DHCP4 (like HTTP boot) will be impacted.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan
Reviewed-by: Sriram Subramanian
Reviewed-by: Ye Ting
Modified Paths:
--
trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcImpl.c
Modified: trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcImpl.c
===
--- trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcImpl.c
2015-10-16 01:46:19 UTC (rev 18614)
+++ trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcImpl.c
2015-10-16 07:18:38 UTC (rev 18615)
@@ -2902,9 +2902,14 @@
//
if (Status == EFI_SUCCESS) {
//
+// The DHCP4 can have only one configured child instance so we need to stop
+// reset the DHCP4 child before we return. Otherwise the other programs
which
+// also need to use DHCP4 will be impacted.
// The functionality of PXE Base Code protocol will not be stopped,
// when downloading is successfully.
//
+Private->Dhcp4->Stop (Private->Dhcp4);
+Private->Dhcp4->Configure (Private->Dhcp4, NULL);
return EFI_SUCCESS;
} else if (Status == EFI_BUFFER_TOO_SMALL) {
--
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
edk2[18616] NetworkPkg: reset DHCP child when leaving PXE LoadFile.
Revision: 18616
http://sourceforge.net/p/edk2/code/18616
Author: sfu5
Date: 2015-10-16 07:18:51 + (Fri, 16 Oct 2015)
Log Message:
---
NetworkPkg: reset DHCP child when leaving PXE LoadFile.
The DHCP4 can have only one configured child instance so we need to reset
the DHCP4 child when leaving PXE driver's LoadFile() function, otherwise the
other programs which also need to use DHCP4 (like HTTP boot) will be impacted.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Sriram Subramanian
Modified Paths:
--
trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c
Modified: trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c
===
--- trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c 2015-10-16 07:18:38 UTC
(rev 18615)
+++ trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c 2015-10-16 07:18:51 UTC
(rev 18616)
@@ -2392,6 +2392,16 @@
// 3. unsupported.
//
PxeBc->Stop (PxeBc);
+ } else {
+//
+// The DHCP4 can have only one configured child instance so we need to stop
+// reset the DHCP4 child before we return. Otherwise these programs which
+// also need to use DHCP4 will be impacted.
+//
+if (!PxeBc->Mode->UsingIpv6) {
+ Private->Dhcp4->Stop (Private->Dhcp4);
+ Private->Dhcp4->Configure (Private->Dhcp4, NULL);
+}
}
return Status;
--
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
edk2[19435] MdePkg: Add HTTP 1.1 industry standard definitions.
Revision: 19435
http://sourceforge.net/p/edk2/code/19435
Author: sfu5
Date: 2015-12-22 01:42:26 + (Tue, 22 Dec 2015)
Log Message:
---
MdePkg: Add HTTP 1.1 industry standard definitions.
Add common HTTP 1.1 industry standard definitions for use in HTTP
clients/applications. List includes: HTTP methods, request/response
headers, and encodings.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Samer El-Haj-Mahmoud
Reviewed-by: Fu Siyuan
Added Paths:
---
trunk/edk2/MdePkg/Include/IndustryStandard/Http11.h
Added: trunk/edk2/MdePkg/Include/IndustryStandard/Http11.h
===
--- trunk/edk2/MdePkg/Include/IndustryStandard/Http11.h
(rev 0)
+++ trunk/edk2/MdePkg/Include/IndustryStandard/Http11.h 2015-12-22 01:42:26 UTC
(rev 19435)
@@ -0,0 +1,208 @@
+/** @file
+ Hypertext Transfer Protocol -- HTTP/1.1 Standard definitions, from RFC 2616
+
+ This file contains common HTTP 1.1 definitions from RFC 2616
+
+ (C) Copyright 2015 Hewlett Packard Enterprise Development LP
+ This program and the accompanying materials
+ are licensed and made available under the terms and conditions of the BSD
License
+ which accompanies this distribution. The full text of the license may be
found at
+ http://opensource.org/licenses/bsd-license.php
+
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+**/
+
+#ifndef __HTTP_11_H__
+#define __HTTP_11_H__
+
+#pragma pack(1)
+
+///
+/// HTTP Version (currently HTTP 1.1)
+///
+/// The version of an HTTP message is indicated by an HTTP-Version field
+/// in the first line of the message.
+///
+#define HTTP_VERSION"HTTP/1.1"
+
+
+///
+/// HTTP Request Method definitions
+///
+/// The Method token indicates the method to be performed on the
+/// resource identified by the Request-URI. The method is case-sensitive.
+///
+#define HTTP_METHOD_OPTIONS "OPTIONS"
+#define HTTP_METHOD_GET "GET"
+#define HTTP_METHOD_HEAD"HEAD"
+#define HTTP_METHOD_POST"POST"
+#define HTTP_METHOD_PUT "PUT"
+#define HTTP_METHOD_DELETE "DELETE"
+#define HTTP_METHOD_TRACE "TRACE"
+#define HTTP_METHOD_CONNECT "CONNECT"
+#define HTTP_METHOD_PATCH "PATCH"
+
+#define HTTP_METHOD_MAXIMUM_LEN sizeof ("CONNECT")
+
+///
+/// Accept Request Header
+/// The Accept request-header field can be used to specify certain media types
which are
+/// acceptable for the response. Accept headers can be used to indicate that
the request
+/// is specifically limited to a small set of desired types, as in the case of
a request
+/// for an in-line image.
+///
+#define HTTP_HEADER_ACCEPT "Accept"
+
+
+///
+/// Accept-Charset Request Header
+/// The Accept-Charset request-header field can be used to indicate what
character sets
+/// are acceptable for the response. This field allows clients capable of
understanding
+/// more comprehensive or special-purpose character sets to signal that
capability to a
+/// server which is capable of representing documents in those character sets.
+///
+#define HTTP_HEADER_ACCEPT_CHARSET "Accept-Charset"
+
+///
+/// Accept-Language Request Header
+/// The Accept-Language request-header field is similar to Accept,
+/// but restricts the set of natural languages that are preferred
+/// as a response to the request.
+///
+#define HTTP_HEADER_ACCEPT_LANGUAGE"Accept-Language"
+
+///
+/// Accept-Ranges Request Header
+/// The Accept-Ranges response-header field allows the server to
+/// indicate its acceptance of range requests for a resource:
+///
+#define HTTP_HEADER_ACCEPT_RANGES "Accept-Ranges"
+
+
+///
+/// Accept-Encoding Request Header
+/// The Accept-Encoding request-header field is similar to Accept,
+/// but restricts the content-codings that are acceptable in the response.
+///
+#define HTTP_HEADER_ACCEPT_ENCODING"Accept-Encoding"
+
+///
+/// Content-Encoding Header
+/// The Content-Encoding entity-header field is used as a modifier to the
media-type.
+/// When present, its value indicates what additional content codings have
been applied
+/// to the entity-body, and thus what decoding mechanisms must be applied in
order to
+/// obtain the media-type referenced by the Content-Type header field.
Content-Encoding
+/// is primarily used to allow a document to be compressed without losing the
identity
+/// of its underlying media type.
+///
+#define HTTP_HEADER_CONTENT_ENCODING "Content-Encoding"
+
+///
+/// HTTP Content-Encoding Compression types
+///
+
+#define HTTP_CONTENT_ENCODING_IDENTITY "identity" /// No transformation is
used. This is the default value for conte
edk2[19436] NetworkPkg : Remove unused local variables to fix gcc build errors.
Revision: 19436
http://sourceforge.net/p/edk2/code/19436
Author: sfu5
Date: 2015-12-22 02:02:11 + (Tue, 22 Dec 2015)
Log Message:
---
NetworkPkg : Remove unused local variables to fix gcc build errors.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Samer El-Haj-Mahmoud
Reviewed-by: Fu Siyuan
Modified Paths:
--
trunk/edk2/NetworkPkg/HttpDxe/HttpProto.c
Modified: trunk/edk2/NetworkPkg/HttpDxe/HttpProto.c
===
--- trunk/edk2/NetworkPkg/HttpDxe/HttpProto.c 2015-12-22 01:42:26 UTC (rev
19435)
+++ trunk/edk2/NetworkPkg/HttpDxe/HttpProto.c 2015-12-22 02:02:11 UTC (rev
19436)
@@ -568,13 +568,9 @@
)
{
HTTP_PROTOCOL*HttpInstance;
- EFI_TCP4_IO_TOKEN*Rx4Token;
- EFI_TCP6_IO_TOKEN*Rx6Token;
ASSERT (Wrap != NULL);
HttpInstance = Wrap->HttpInstance;
- Rx4Token = NULL;
- Rx6Token = NULL;
if (HttpInstance->LocalAddressIsIPv6) {
if (Wrap->TcpWrap.Rx6Token.CompletionToken.Event != NULL) {
--
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
edk2[19482] NetworkPkg: Remove a CopyMem to speed up the HTTP boot download .
Revision: 19482
http://sourceforge.net/p/edk2/code/19482
Author: sfu5
Date: 2015-12-23 06:54:52 + (Wed, 23 Dec 2015)
Log Message:
---
NetworkPkg: Remove a CopyMem to speed up the HTTP boot download.
This patch updates the HTTP boot driver to use the caller provided buffer
directly in identity transfer-coding mode, this could save one time CopyMem
operation to benefit the download performance.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan
Reviewed-by: Zhang Lubo
Reviewed-by: Jiaxin Wu
Modified Paths:
--
trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootClient.c
Modified: trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootClient.c
===
--- trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootClient.c 2015-12-23 05:44:19 UTC
(rev 19481)
+++ trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootClient.c 2015-12-23 06:54:52 UTC
(rev 19482)
@@ -457,81 +457,6 @@
}
/**
- Get the file content from cached data.
-
- @param[in] Private The pointer to the driver's private data.
- @param[in] Uri Uri of the file to be retrieved from
cache.
- @param[in, out] BufferSize On input the size of Buffer in bytes. On
output with a return
- code of EFI_SUCCESS, the amount of data
transferred to
- Buffer. On output with a return code of
EFI_BUFFER_TOO_SMALL,
- the size of Buffer required to retrieve
the requested file.
- @param[out] Buffer The memory buffer to transfer the file
to. IF Buffer is NULL,
- then the size of the requested file is
returned in
- BufferSize.
-
- @retval EFI_SUCCESS Successfully created.
- @retval Others Failed to create HttpIo.
-
-**/
-EFI_STATUS
-HttpBootGetFileFromCache (
- IN HTTP_BOOT_PRIVATE_DATA *Private,
- IN CHAR16 *Uri,
- IN OUT UINTN*BufferSize,
- OUT UINT8*Buffer
- )
-{
- LIST_ENTRY *Entry;
- LIST_ENTRY *Entry2;
- HTTP_BOOT_CACHE_CONTENT *Cache;
- HTTP_BOOT_ENTITY_DATA *EntityData;
- UINTN CopyedSize;
-
- if (Uri == NULL || BufferSize == 0 || Buffer == NULL) {
-return EFI_INVALID_PARAMETER;
- }
-
- NET_LIST_FOR_EACH (Entry, &Private->CacheList) {
-Cache = NET_LIST_USER_STRUCT (Entry, HTTP_BOOT_CACHE_CONTENT, Link);
-//
-// Compare the URI to see whether we already have a cache for this file.
-//
-if ((Cache->RequestData != NULL) &&
-(Cache->RequestData->Url != NULL) &&
-(StrCmp (Uri, Cache->RequestData->Url) == 0))
-{
- //
- // Hit cache, check buffer size.
- //
- if (*BufferSize < Cache->EntityLength) {
-*BufferSize = Cache->EntityLength;
-return EFI_BUFFER_TOO_SMALL;
- }
-
- //
- // Fill data to buffer.
- //
- CopyedSize = 0;
- NET_LIST_FOR_EACH (Entry2, &Cache->EntityDataList) {
-EntityData = NET_LIST_USER_STRUCT (Entry2, HTTP_BOOT_ENTITY_DATA,
Link);
-if (*BufferSize > CopyedSize) {
- CopyMem (
-Buffer + CopyedSize,
-EntityData->DataStart,
-MIN (EntityData->DataLength, *BufferSize - CopyedSize)
-);
- CopyedSize += MIN (EntityData->DataLength, *BufferSize - CopyedSize);
-}
- }
- *BufferSize = CopyedSize;
- return EFI_SUCCESS;
-}
- }
-
- return EFI_NOT_FOUND;
-}
-
-/**
Release all the resource of a cache item.
@param[in] Cache The pointer to the cache item.
@@ -610,6 +535,91 @@
}
/**
+ Get the file content from cached data.
+
+ @param[in] Private The pointer to the driver's private data.
+ @param[in] Uri Uri of the file to be retrieved from
cache.
+ @param[in, out] BufferSize On input the size of Buffer in bytes. On
output with a return
+ code of EFI_SUCCESS, the amount of data
transferred to
+ Buffer. On output with a return code of
EFI_BUFFER_TOO_SMALL,
+ the size of Buffer required to retrieve
the requested file.
+ @param[out] Buffer The memory buffer to transfer the file
to. IF Buffer is NULL,
+ then the size of the requested file is
returned in
+ BufferSize.
+
+ @retval EFI_SUCCESS Successfully created.
+ @retval Others Failed to create HttpIo.
+
+**/
+EFI_STATUS
+HttpBootGetFileFromCache (
+ IN HTTP_BOOT_PRIVA
edk2[19623] MdeModulePkg: update SNP. GetStatus to handle multiple recycled TX buffer.
Revision: 19623
http://sourceforge.net/p/edk2/code/19623
Author: sfu5
Date: 2016-01-08 02:21:25 + (Fri, 08 Jan 2016)
Log Message:
---
MdeModulePkg: update SNP.GetStatus to handle multiple recycled TX buffer.
This patch fixes a bug in SNP.GetStatus() interface. The UNDI driver may return
multiple transmitted buffers in a single GetStatus command, while SNP.GetStatus
could only return one pointer each time, the rest of them are lost. This patch
fixes this issue by store these recycled pointer in a temporary buffer in SNP
driver.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan
Reviewed-by: Jiaxin Wu
Reviewed-by: Ye Ting
Modified Paths:
--
trunk/edk2/MdeModulePkg/Universal/Network/SnpDxe/Get_status.c
trunk/edk2/MdeModulePkg/Universal/Network/SnpDxe/Snp.c
trunk/edk2/MdeModulePkg/Universal/Network/SnpDxe/Snp.h
Modified: trunk/edk2/MdeModulePkg/Universal/Network/SnpDxe/Get_status.c
===
--- trunk/edk2/MdeModulePkg/Universal/Network/SnpDxe/Get_status.c
2016-01-08 01:36:45 UTC (rev 19622)
+++ trunk/edk2/MdeModulePkg/Universal/Network/SnpDxe/Get_status.c
2016-01-08 02:21:25 UTC (rev 19623)
@@ -2,7 +2,7 @@
Implementation of reading the current interrupt status and recycled transmit
buffer status from a network interface.
-Copyright (c) 2004 - 2010, Intel Corporation. All rights reserved.
+Copyright (c) 2004 - 2016, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed
and made available under the terms and conditions of the BSD License which
accompanies this distribution. The full text of the license may be found at
@@ -16,15 +16,15 @@
#include "Snp.h"
/**
- Call undi to get the status of the interrupts, get the list of transmit
- buffers that completed transmitting.
+ Call undi to get the status of the interrupts, get the list of recycled
transmit
+ buffers that completed transmitting. The recycled transmit buffer address
will
+ be saved into Snp->RecycledTxBuf.
@param Snp Pointer to snp driver structure.
@param InterruptStatusPtr A non null pointer to contain the interrupt
status.
- @param TransmitBufferListPtrs A non null pointer to contain the list of
- pointers of previous transmitted buffers
whose
- transmission was completed asynchrnously.
+ @param GetTransmittedBuf Set to TRUE to retrieve the recycled transmit
+ buffer address.
@retval EFI_SUCCESS The status of the network interface was
retrieved.
@retval EFI_DEVICE_ERRORThe command could not be sent to the network
@@ -35,19 +35,23 @@
PxeGetStatus (
SNP_DRIVER *Snp,
UINT32 *InterruptStatusPtr,
- VOID **TransmitBufferListPtr
+ BOOLEANGetTransmittedBuf
)
{
PXE_DB_GET_STATUS *Db;
UINT16InterruptFlags;
+ UINT32Index;
+ UINT64*Tmp;
+ Tmp = NULL;
Db= Snp->Db;
Snp->Cdb.OpCode = PXE_OPCODE_GET_STATUS;
Snp->Cdb.OpFlags = 0;
- if (TransmitBufferListPtr != NULL) {
+ if (GetTransmittedBuf) {
Snp->Cdb.OpFlags |= PXE_OPFLAGS_GET_TRANSMITTED_BUFFERS;
+ZeroMem (Db->TxBuffer, sizeof (Db->TxBuffer));
}
if (InterruptStatusPtr != NULL) {
@@ -116,13 +120,34 @@
}
- if (TransmitBufferListPtr != NULL) {
-*TransmitBufferListPtr =
- (
-((Snp->Cdb.StatFlags & PXE_STATFLAGS_GET_STATUS_NO_TXBUFS_WRITTEN) !=
0) ||
-((Snp->Cdb.StatFlags & PXE_STATFLAGS_GET_STATUS_TXBUF_QUEUE_EMPTY) !=
0)
- ) ? 0 : (VOID *) (UINTN) Db->TxBuffer[0];
-
+ if (GetTransmittedBuf) {
+if ((Snp->Cdb.StatFlags & PXE_STATFLAGS_GET_STATUS_NO_TXBUFS_WRITTEN) ==
0) {
+ //
+ // UNDI has written some transmitted buffer addresses into the DB. Store
them into Snp->RecycledTxBuf.
+ //
+ for (Index = 0; Index < MAX_XMIT_BUFFERS; Index++) {
+if (Db->TxBuffer[Index] != 0) {
+ if (Snp->RecycledTxBufCount == Snp->MaxRecycledTxBuf) {
+//
+// Snp->RecycledTxBuf is full, reallocate a new one.
+//
+if ((Snp->MaxRecycledTxBuf + SNP_TX_BUFFER_INCREASEMENT) >=
SNP_MAX_TX_BUFFER_NUM) {
+ return EFI_DEVICE_ERROR;
+}
+Tmp = AllocatePool (sizeof (UINT64) * (Snp->MaxRecycledTxBuf +
SNP_TX_BUFFER_INCREASEMENT));
+if (Tmp == NULL) {
+ return EFI_DEVICE_ERROR;
+}
+CopyMem (Tmp, Snp->RecycledTxBuf, sizeof (UINT64) *
Snp->RecycledTxBufCount);
+FreePool (Snp->RecycledTxBuf);
+Snp->RecycledTxBuf= Tmp;
+Snp->MaxRecycledTxBuf += SNP
edk2[19624] MdeModulePkg: Update MNP driver to recycle TX buffer asynchronously.
Revision: 19624
http://sourceforge.net/p/edk2/code/19624
Author: sfu5
Date: 2016-01-08 02:38:34 + (Fri, 08 Jan 2016)
Log Message:
---
MdeModulePkg: Update MNP driver to recycle TX buffer asynchronously.
This patch updates the MNP driver to recycle TX buffer asynchronously, instead
of using a while loop wait after each transmit command.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Fu Siyuan
Reviewed-by: Jiaxin Wu
Reviewed-by: Ye Ting
Modified Paths:
--
trunk/edk2/MdeModulePkg/Universal/Network/MnpDxe/MnpConfig.c
trunk/edk2/MdeModulePkg/Universal/Network/MnpDxe/MnpDriver.h
trunk/edk2/MdeModulePkg/Universal/Network/MnpDxe/MnpImpl.h
trunk/edk2/MdeModulePkg/Universal/Network/MnpDxe/MnpIo.c
trunk/edk2/MdeModulePkg/Universal/Network/MnpDxe/MnpMain.c
Modified: trunk/edk2/MdeModulePkg/Universal/Network/MnpDxe/MnpConfig.c
===
--- trunk/edk2/MdeModulePkg/Universal/Network/MnpDxe/MnpConfig.c
2016-01-08 02:21:25 UTC (rev 19623)
+++ trunk/edk2/MdeModulePkg/Universal/Network/MnpDxe/MnpConfig.c
2016-01-08 02:38:34 UTC (rev 19624)
@@ -1,7 +1,7 @@
/** @file
Implementation of Managed Network Protocol private services.
-Copyright (c) 2005 - 2012, Intel Corporation. All rights reserved.
+Copyright (c) 2005 - 2016, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions
of the BSD License which accompanies this distribution. The full
@@ -209,8 +209,210 @@
gBS->RestoreTPL (OldTpl);
}
+/**
+ Add Count of TX buffers to MnpDeviceData->AllTxBufList and
MnpDeviceData->FreeTxBufList.
+ The length of the buffer is specified by MnpDeviceData->BufferLength.
+ @param[in, out] MnpDeviceData Pointer to the MNP_DEVICE_DATA.
+ @param[in] Count Number of TX buffers to add.
+
+ @retval EFI_SUCCESS The specified amount of TX buffers are
allocated.
+ @retval EFI_OUT_OF_RESOURCES Failed to allocate a TX buffer.
+
+**/
+EFI_STATUS
+MnpAddFreeTxBuf (
+ IN OUT MNP_DEVICE_DATA *MnpDeviceData,
+ IN UINTN Count
+ )
+{
+ EFI_STATUSStatus;
+ UINT32Index;
+ MNP_TX_BUF_WRAP *TxBufWrap;
+
+ NET_CHECK_SIGNATURE (MnpDeviceData, MNP_DEVICE_DATA_SIGNATURE);
+ ASSERT ((Count > 0) && (MnpDeviceData->BufferLength > 0));
+
+ Status = EFI_SUCCESS;
+ for (Index = 0; Index < Count; Index++) {
+TxBufWrap = (MNP_TX_BUF_WRAP*) AllocatePool (sizeof (MNP_TX_BUF_WRAP) +
MnpDeviceData->BufferLength - 1);
+if (TxBufWrap == NULL) {
+ DEBUG ((EFI_D_ERROR, "MnpAddFreeTxBuf: TxBuf Alloc failed.\n"));
+
+ Status = EFI_OUT_OF_RESOURCES;
+ break;
+}
+DEBUG ((EFI_D_INFO, "MnpAddFreeTxBuf: Add TxBufWrap %p, TxBuf %p\n",
TxBufWrap, TxBufWrap->TxBuf));
+TxBufWrap->Signature = MNP_TX_BUF_WRAP_SIGNATURE;
+TxBufWrap->InUse = FALSE;
+InsertTailList (&MnpDeviceData->FreeTxBufList, &TxBufWrap->WrapEntry);
+InsertTailList (&MnpDeviceData->AllTxBufList, &TxBufWrap->AllEntry);
+ }
+
+ MnpDeviceData->TxBufCount += Index;
+ return Status;
+}
+
/**
+ Allocate a free TX buffer from MnpDeviceData->FreeTxBufList. If there is none
+ in the queue, first try to recycle some from SNP, then try to allocate some
and add
+ them into the queue, then fetch the NET_BUF from the updated FreeTxBufList.
+
+ @param[in, out] MnpDeviceDataPointer to the MNP_DEVICE_DATA.
+
+ @return Pointer to the allocated free NET_BUF structure, if NULL the
+ operation is failed.
+
+**/
+UINT8 *
+MnpAllocTxBuf (
+ IN OUT MNP_DEVICE_DATA *MnpDeviceData
+ )
+{
+ EFI_TPL OldTpl;
+ UINT8 *TxBuf;
+ EFI_STATUSStatus;
+ LIST_ENTRY*Entry;
+ MNP_TX_BUF_WRAP *TxBufWrap;
+
+ NET_CHECK_SIGNATURE (MnpDeviceData, MNP_DEVICE_DATA_SIGNATURE);
+
+ OldTpl = gBS->RaiseTPL (TPL_CALLBACK);
+
+ if (IsListEmpty (&MnpDeviceData->FreeTxBufList)) {
+//
+// First try to recycle some TX buffer from SNP
+//
+Status = MnpRecycleTxBuf (MnpDeviceData);
+if (EFI_ERROR (Status)) {
+ TxBuf = NULL;
+ goto ON_EXIT;
+}
+
+//
+// If still no free TX buffer, allocate more.
+//
+if (IsListEmpty (&MnpDeviceData->FreeTxBufList)) {
+ if ((MnpDeviceData->TxBufCount + MNP_TX_BUFFER_INCREASEMENT) >
MNP_MAX_TX_BUFFER_NUM) {
+DEBUG (
+ (EFI_D_ERROR,
+ "MnpAllocTxBuf: The maximum TxBuf size is reached for MNP driver
instance %p.\n",
+ MnpDeviceData)
+ );
+
+TxBuf = NULL;
+goto ON_EXIT;
+ }
+
+ Status = MnpAddFreeTxBuf (MnpDeviceData, MNP_TX_BUFFER_INCREASEMENT);
+ if (IsListEmpty (&MnpDeviceData-&
edk2[19640] NetworkPkg: Fix some typos in Http boot driver.
Revision: 19640
http://sourceforge.net/p/edk2/code/19640
Author: sfu5
Date: 2016-01-12 01:37:48 + (Tue, 12 Jan 2016)
Log Message:
---
NetworkPkg: Fix some typos in Http boot driver.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Paulo Alcantara
Reviewed-by: Jiaxin Wu
Reviewed-by: Fu Siyuan
Modified Paths:
--
trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootClient.c
trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootClient.h
trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootSupport.c
trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootSupport.h
Modified: trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootClient.c
===
--- trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootClient.c 2016-01-12 00:37:02 UTC
(rev 19639)
+++ trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootClient.c 2016-01-12 01:37:48 UTC
(rev 19640)
@@ -719,8 +719,8 @@
EFI_STATUS Status;
CHAR8 *HostName;
EFI_HTTP_REQUEST_DATA *RequestData;
- HTTP_IO_RESOPNSE_DATA *ResponseData;
- HTTP_IO_RESOPNSE_DATA ResponseBody;
+ HTTP_IO_RESPONSE_DATA *ResponseData;
+ HTTP_IO_RESPONSE_DATA ResponseBody;
HTTP_IO*HttpIo;
HTTP_IO_HEADER *HttpIoHeader;
VOID *Parser;
@@ -884,7 +884,7 @@
//
// 3.1 First step, use zero BodyLength to only receive the response headers.
//
- ResponseData = AllocateZeroPool (sizeof(HTTP_IO_RESOPNSE_DATA));
+ ResponseData = AllocateZeroPool (sizeof(HTTP_IO_RESPONSE_DATA));
if (ResponseData == NULL) {
Status = EFI_OUT_OF_RESOURCES;
goto ERROR_4;
@@ -948,7 +948,7 @@
// 3.4.2, start the message-body download, the identity and chunked
transfer-coding
// is handled in different path here.
//
-ZeroMem (&ResponseBody, sizeof (HTTP_IO_RESOPNSE_DATA));
+ZeroMem (&ResponseBody, sizeof (HTTP_IO_RESPONSE_DATA));
if (IdentityMode) {
//
// In identity transfer-coding there is no need to parse the message
body,
Modified: trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootClient.h
===
--- trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootClient.h 2016-01-12 00:37:02 UTC
(rev 19639)
+++ trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootClient.h 2016-01-12 01:37:48 UTC
(rev 19640)
@@ -41,7 +41,7 @@
typedef struct {
LIST_ENTRY Link;// Link to the CacheList in
driver's private data.
EFI_HTTP_REQUEST_DATA *RequestData;
- HTTP_IO_RESOPNSE_DATA *ResponseData; // Not include any message-body
data.
+ HTTP_IO_RESPONSE_DATA *ResponseData; // Not include any message-body
data.
UINTN EntityLength;
LIST_ENTRY EntityDataList; // Entity data (message-body)
} HTTP_BOOT_CACHE_CONTENT;
Modified: trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootSupport.c
===
--- trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootSupport.c 2016-01-12 00:37:02 UTC
(rev 19639)
+++ trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootSupport.c 2016-01-12 01:37:48 UTC
(rev 19640)
@@ -914,7 +914,7 @@
FALSE to continue receive the previous
response message.
@param[out] ResponseData Point to a wrapper of the received response
data.
- @retval EFI_SUCCESSThe HTTP resopnse is received.
+ @retval EFI_SUCCESSThe HTTP response is received.
@retval EFI_INVALID_PARAMETER One or more parameters are invalid.
@retval EFI_OUT_OF_RESOURCES Failed to allocate memory.
@retval EFI_DEVICE_ERROR An unexpected network or system error
occurred.
@@ -925,7 +925,7 @@
HttpIoRecvResponse (
IN HTTP_IO *HttpIo,
IN BOOLEAN RecvMsgHeader,
- OUT HTTP_IO_RESOPNSE_DATA*ResponseData
+ OUT HTTP_IO_RESPONSE_DATA*ResponseData
)
{
EFI_STATUS Status;
Modified: trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootSupport.h
===
--- trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootSupport.h 2016-01-12 00:37:02 UTC
(rev 19639)
+++ trunk/edk2/NetworkPkg/HttpBootDxe/HttpBootSupport.h 2016-01-12 01:37:48 UTC
(rev 19640)
@@ -168,7 +168,7 @@
} HTTP_IO_CONFIG_DATA;
//
-// HTTO_IO wrapper of the EFI HTTP service.
+// HTTP_IO wrapper of the EFI HTTP service.
//
typedef struct {
UINT8 IpVersion;
@@ -196,7 +196,7 @@
EFI_HTTP_HEADER *Headers;
UINTN BodyLength;
CHAR8 *Body;
-} HTTP_IO_RESOPNSE_DATA;
+} HTTP_IO_RESPONSE_DATA;
/**
Retrieve the host address using the EFI_DNS6_PROTOCOL.
@@ -303,7 +303,7 @@
FALSE to continue receive the previous
response message.
@param[out] ResponseData Point
SF.net SVN: edk2:[13534] trunk/edk2/MdeModulePkg/Universal/Variable/ RuntimeDxe/VariableSmm.c
Revision: 13534
http://edk2.svn.sourceforge.net/edk2/?rev=13534&view=rev
Author: sfu5
Date: 2012-07-17 08:07:29 + (Tue, 17 Jul 2012)
Log Message:
---
Fix a buffer overflow bug in VariableSmm driver.
Signed-off-by: Fu Siyuan
Reviewed-by: Dong Guo
Reviewed-by: Zhang, Chao
Modified Paths:
--
trunk/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
Modified: trunk/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
===
--- trunk/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
2012-07-17 01:51:26 UTC (rev 13533)
+++ trunk/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
2012-07-17 08:07:29 UTC (rev 13534)
@@ -319,7 +319,7 @@
}
StatisticsInfoSize = sizeof (VARIABLE_INFO_ENTRY) + StrSize
(VariableInfo->Name);
- if (*InfoSize < sizeof (VARIABLE_INFO_ENTRY)) {
+ if (*InfoSize < StatisticsInfoSize) {
*InfoSize = StatisticsInfoSize;
return EFI_BUFFER_TOO_SMALL;
}
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[13535] trunk/edk2
Revision: 13535
http://edk2.svn.sourceforge.net/edk2/?rev=13535&view=rev
Author: sfu5
Date: 2012-07-17 08:21:42 + (Tue, 17 Jul 2012)
Log Message:
---
Return EFI_UNSUPPORTED if READY_TO_BOOT function is invoked at SMM runtime.
Signed-off-by: Fu Siyuan
Reviewed-by: Dong Guo
Reviewed-by: Ye Ting
Modified Paths:
--
trunk/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.c
Modified: trunk/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
===
--- trunk/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
2012-07-17 08:07:29 UTC (rev 13534)
+++ trunk/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
2012-07-17 08:21:42 UTC (rev 13535)
@@ -513,6 +513,10 @@
break;
case SMM_VARIABLE_FUNCTION_READY_TO_BOOT:
+ if (AtRuntime()) {
+Status = EFI_UNSUPPORTED;
+break;
+ }
ReclaimForOS ();
Status = EFI_SUCCESS;
break;
Modified: trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
===
--- trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
2012-07-17 08:07:29 UTC (rev 13534)
+++ trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
2012-07-17 08:21:42 UTC (rev 13535)
@@ -2528,8 +2528,8 @@
/**
This function reclaims variable storage if free size is below the threshold.
- Caution: This function may be invoked at SMM runtime.
- Care must be taken to make sure not security issue at runtime.
+ Caution: This function may be invoked at SMM mode.
+ Care must be taken to make sure not security issue.
**/
VOID
Modified: trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.c
===
--- trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.c
2012-07-17 08:07:29 UTC (rev 13534)
+++ trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.c
2012-07-17 08:21:42 UTC (rev 13535)
@@ -519,6 +519,10 @@
break;
case SMM_VARIABLE_FUNCTION_READY_TO_BOOT:
+ if (AtRuntime()) {
+Status = EFI_UNSUPPORTED;
+break;
+ }
ReclaimForOS ();
Status = EFI_SUCCESS;
break;
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[13536] trunk/edk2/SecurityPkg/VariableAuthenticated/ RuntimeDxe
Revision: 13536
http://edk2.svn.sourceforge.net/edk2/?rev=13536&view=rev
Author: sfu5
Date: 2012-07-17 08:38:58 + (Tue, 17 Jul 2012)
Log Message:
---
1. Remove extra attribute for SetupMode, SignatureSupport and SecureBoot
variable.
2. Allow the PK owner to update db/dbx variable directly.
Signed-off-by: Fu Siyuan
Reviewed-by: Dong Guo
Reviewed-by: Ye Ting
Modified Paths:
--
trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
Modified: trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
===
--- trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
2012-07-17 08:21:42 UTC (rev 13535)
+++ trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
2012-07-17 08:38:58 UTC (rev 13536)
@@ -254,68 +254,46 @@
}
//
- // Check "SetupMode" variable's existence.
- // If it doesn't exist, check PK database's existence to determine the value.
- // Then create a new one with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set.
+ // Create "SetupMode" varable with BS+RT attribute set.
//
- Status = FindVariable (
+ FindVariable (EFI_SETUP_MODE_NAME, &gEfiGlobalVariableGuid, &Variable,
&mVariableModuleGlobal->VariableGlobal, FALSE);
+ if (PkVariable.CurrPtr == NULL) {
+mPlatformMode = SETUP_MODE;
+ } else {
+mPlatformMode = USER_MODE;
+ }
+ Status = UpdateVariable (
EFI_SETUP_MODE_NAME,
&gEfiGlobalVariableGuid,
+ &mPlatformMode,
+ sizeof(UINT8),
+ EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
+ 0,
+ 0,
&Variable,
- &mVariableModuleGlobal->VariableGlobal,
- FALSE
+ NULL
);
-
- if (Variable.CurrPtr == NULL) {
-if (PkVariable.CurrPtr == NULL) {
- mPlatformMode = SETUP_MODE;
-} else {
- mPlatformMode = USER_MODE;
-}
-
-VarAttr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS |
EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS;
-Status = UpdateVariable (
-EFI_SETUP_MODE_NAME,
-&gEfiGlobalVariableGuid,
-&mPlatformMode,
-sizeof(UINT8),
-VarAttr,
-0,
-0,
-&Variable,
-NULL
-);
-if (EFI_ERROR (Status)) {
- return Status;
-}
- } else {
-mPlatformMode = *(GetVariableDataPtr (Variable.CurrPtr));
+ if (EFI_ERROR (Status)) {
+return Status;
}
+
//
- // Check "SignatureSupport" variable's existence.
- // If it doesn't exist, then create a new one with
EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set.
+ // Create "SignatureSupport" varable with BS+RT attribute set.
//
- Status = FindVariable (
- EFI_SIGNATURE_SUPPORT_NAME,
- &gEfiGlobalVariableGuid,
- &Variable,
- &mVariableModuleGlobal->VariableGlobal,
- FALSE
- );
-
- if (Variable.CurrPtr == NULL) {
-VarAttr = EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS |
EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS;
-Status = UpdateVariable (
-EFI_SIGNATURE_SUPPORT_NAME,
-&gEfiGlobalVariableGuid,
-mSignatureSupport,
-sizeof(mSignatureSupport),
-VarAttr,
-0,
-0,
-&Variable,
-NULL
-);
+ FindVariable (EFI_SIGNATURE_SUPPORT_NAME, &gEfiGlobalVariableGuid,
&Variable, &mVariableModuleGlobal->VariableGlobal, FALSE);
+ Status = UpdateVariable (
+ EFI_SIGNATURE_SUPPORT_NAME,
+ &gEfiGlobalVariableGuid,
+ mSignatureSupport,
+ sizeof(mSignatureSupport),
+ EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
+ 0,
+ 0,
+ &Variable,
+ NULL
+ );
+ if (EFI_ERROR (Status)) {
+return Status;
}
//
@@ -348,6 +326,9 @@
}
}
+ //
+ // Create "SecureBoot" varable with BS+RT attribute set.
+ //
if (SecureBootEnable == SECURE_BOOT_ENABLE && mPlatformMode == USER_MODE) {
SecureBootMode = SECURE_BOOT_MODE_ENABLE;
} else {
@@ -359,7 +340,7 @@
&gEfiGlobalVariableGuid,
&SecureBootMode,
sizeof (UINT8),
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS |
EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS,
+ EFI_VARI
SF.net SVN: edk2:[13546] trunk/edk2/SecurityPkg/VariableAuthenticated/ SecureBootConfigDxe/SecureBootConfigImpl.c
Revision: 13546
http://edk2.svn.sourceforge.net/edk2/?rev=13546&view=rev
Author: sfu5
Date: 2012-07-23 01:03:53 + (Mon, 23 Jul 2012)
Log Message:
---
Update the secure boot configuration UI to accept *.crt certificate file.
Signed-off-by: Fu Siyuan
Reviewed-by: Dong Guo
Reviewed-by: Ye Ting
Modified Paths:
--
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
Modified:
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
===
---
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
2012-07-23 00:59:26 UTC (rev 13545)
+++
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
2012-07-23 01:03:53 UTC (rev 13546)
@@ -68,8 +68,9 @@
{ L"SHA512", 64, &mHashOidValue[40], 9, NULL,NULL,
NULL, NULL }
};
-
-// Variable Definitions
+//
+// Variable Definitions
+//
UINT32mPeCoffHeaderOffset = 0;
WIN_CERTIFICATE *mCertificate = NULL;
IMAGE_TYPEmImageType;
@@ -81,8 +82,41 @@
EFI_IMAGE_SECURITY_DATA_DIRECTORY*mSecDataDir = NULL;
EFI_IMAGE_OPTIONAL_HEADER_PTR_UNION mNtHeader;
+//
+// Possible DER-encoded certificate file suffixes, end with NULL pointer.
+//
+CHAR16* mDerEncodedSuffix[] = {
+ L".cer",
+ L".der",
+ L".crt",
+ NULL
+};
+CHAR16* mSupportX509Suffix = L"*.cer/der/crt";
/**
+ This code checks if the FileSuffix is one of the possible DER-encoded
certificate suffix.
+
+ @param[in] FileSuffixThe suffix of the input certificate file
+
+ @retvalTRUE It's a DER-encoded certificate.
+ @retvalFALSE It's NOT a DER-encoded certificate.
+
+**/
+BOOLEAN
+IsDerEncodeCertificate (
+ IN CONST CHAR16 *FileSuffix
+)
+{
+ UINTN Index;
+ for (Index = 0; mDerEncodedSuffix[Index] != NULL; Index++) {
+if (StrCmp (FileSuffix, mDerEncodedSuffix[Index]) == 0) {
+ return TRUE;
+}
+ }
+ return FALSE;
+}
+
+/**
Set Secure Boot option into variable space.
@param[in] VarValue The option of Secure Boot.
@@ -347,11 +381,11 @@
PkCert = NULL;
//
- // Parse the file's postfix. Only support DER encoded X.509 certificate
files (*.cer or *.der).
+ // Parse the file's postfix. Only support DER encoded X.509 certificate
files.
//
FilePostFix = Private->FileContext->FileName + StrLen
(Private->FileContext->FileName) - 4;
- if ((CompareMem (FilePostFix, L".cer",4) != 0) && (CompareMem (FilePostFix,
L".der",4) != 0)) {
-DEBUG ((EFI_D_ERROR, "Unsupported file type, only DER encoded certificate
file (*.cer or *.der) is supported."));
+ if (!IsDerEncodeCertificate(FilePostFix)) {
+DEBUG ((EFI_D_ERROR, "Unsupported file type, only DER encoded certificate
(%s) is supported.", mSupportX509Suffix));
return EFI_INVALID_PARAMETER;
}
DEBUG ((EFI_D_INFO, "FileName= %s\n", Private->FileContext->FileName));
@@ -738,11 +772,11 @@
}
//
- // Parse the file's postfix. Supports .cer and .der file as X509
certificate,
+ // Parse the file's postfix. Supports DER-encoded X509 certificate,
// and .pbk as RSA public key file.
//
FilePostFix = Private->FileContext->FileName + StrLen
(Private->FileContext->FileName) - 4;
- if ((CompareMem (FilePostFix, L".cer",4) == 0) || (CompareMem (FilePostFix,
L".der",4) == 0)) {
+ if (IsDerEncodeCertificate(FilePostFix)) {
return EnrollX509ToKek (Private);
} else if (CompareMem (FilePostFix, L".pbk",4) == 0) {
return EnrollRsa2048ToKek (Private);
@@ -1483,9 +1517,9 @@
// Parse the file's postfix.
//
FilePostFix = Private->FileContext->FileName + StrLen
(Private->FileContext->FileName) - 4;
- if ((CompareMem (FilePostFix, L".cer",4) == 0) || (CompareMem (FilePostFix,
L".der",4) == 0)) {
+ if (IsDerEncodeCertificate(FilePostFix)) {
//
-// Supports .cer and .der file as X509 certificate.
+// Supports DER-encoded X509 certificate.
//
return EnrollX509toSigDB (Private, VariableName);
}
@@ -2321,6 +2355,7 @@
SECUREBOOT_CONFIGURATION*IfrNvData;
UINT16 LabelId;
UINT8 *SecureBootEnable;
+ CHAR16 PromptString[100];
SecureBootEnable = NULL;
@@ -2509,11 +2544,18 @@
break;
case KEY_VALUE_SAVE_AND_EXIT_PK:
Status = EnrollPlatformKey (Private);
+ UnicodeSPrint (
+PromptString,
+sizeof (PromptString),
+L"Only DER encode
SF.net SVN: edk2:[13553] trunk/edk2/SecurityPkg/VariableAuthenticated/ RuntimeDxe/AuthService.c
Revision: 13553
http://edk2.svn.sourceforge.net/edk2/?rev=13553&view=rev
Author: sfu5
Date: 2012-07-25 02:01:58 + (Wed, 25 Jul 2012)
Log Message:
---
Use RsaGetPublicKeyFromX509() to validate the given X.509 certificate for
PK/KEK/db/dbx database.
Signed-off-by: Fu Siyuan
Reviewed-by: Dong Guo
Reviewed-by: Ye Ting
Modified Paths:
--
trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
Modified: trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
===
--- trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
2012-07-24 07:17:24 UTC (rev 13552)
+++ trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
2012-07-25 02:01:58 UTC (rev 13553)
@@ -746,7 +746,7 @@
}
/**
- Check input data form to make sure it is a valid EFI_SIGNATURE_LIST for
PK/KEK variable.
+ Check input data form to make sure it is a valid EFI_SIGNATURE_LIST for
PK/KEK/db/dbx variable.
@param[in] VariableNameName of Variable to be check.
@param[in] VendorGuid Variable vendor GUID.
@@ -770,6 +770,9 @@
UINT32 Index;
UINT32 SigCount;
BOOLEANIsPk;
+ VOID *RsaContext;
+ EFI_SIGNATURE_DATA *CertData;
+ UINTN CertLen;
if (DataSize == 0) {
return EFI_SUCCESS;
@@ -779,7 +782,9 @@
if (CompareGuid (VendorGuid, &gEfiGlobalVariableGuid) && (StrCmp
(VariableName, EFI_PLATFORM_KEY_NAME) == 0)){
IsPk = TRUE;
- } else if (CompareGuid (VendorGuid, &gEfiGlobalVariableGuid) && (StrCmp
(VariableName, EFI_KEY_EXCHANGE_KEY_NAME) == 0)) {
+ } else if ((CompareGuid (VendorGuid, &gEfiGlobalVariableGuid) && StrCmp
(VariableName, EFI_KEY_EXCHANGE_KEY_NAME) == 0) ||
+ (CompareGuid (VendorGuid, &gEfiImageSecurityDatabaseGuid) &&
+ (StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE) == 0 ||
StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE1) == 0))){
IsPk = FALSE;
} else {
return EFI_SUCCESS;
@@ -788,6 +793,7 @@
SigCount = 0;
SigList = (EFI_SIGNATURE_LIST *) Data;
SigDataSize = DataSize;
+ RsaContext = NULL;
//
// Walk throuth the input signature list and check the data format.
@@ -819,6 +825,24 @@
return EFI_INVALID_PARAMETER;
}
+if (CompareGuid (&SigList->SignatureType, &gEfiCertX509Guid)) {
+ //
+ // Try to retrieve the RSA public key from the X.509 certificate.
+ // If this operation fails, it's not a valid certificate.
+ //
+ RsaContext = RsaNew ();
+ if (RsaContext == NULL) {
+return EFI_INVALID_PARAMETER;
+ }
+ CertData = (EFI_SIGNATURE_DATA *) ((UINT8 *) SigList + sizeof
(EFI_SIGNATURE_LIST) + SigList->SignatureHeaderSize);
+ CertLen = SigList->SignatureSize - sizeof (EFI_GUID);
+ if (!RsaGetPublicKeyFromX509 (CertData->SignatureData, CertLen,
&RsaContext)) {
+RsaFree (RsaContext);
+return EFI_INVALID_PARAMETER;
+ }
+ RsaFree (RsaContext);
+}
+
if ((SigList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) -
SigList->SignatureHeaderSize) % SigList->SignatureSize != 0) {
return EFI_INVALID_PARAMETER;
}
@@ -1029,6 +1053,11 @@
Payload = (UINT8 *) Data + AUTHINFO2_SIZE (Data);
PayloadSize = DataSize - AUTHINFO2_SIZE (Data);
+Status = CheckSignatureListFormat(VariableName, VendorGuid, Payload,
PayloadSize);
+if (EFI_ERROR (Status)) {
+ return Status;
+}
+
Status = UpdateVariable (
VariableName,
VendorGuid,
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[13605] trunk/edk2/CryptoPkg/Library/OpensslLib/ EDKII_openssl-0.9.8w.patch
Revision: 13605 http://edk2.svn.sourceforge.net/edk2/?rev=13605&view=rev Author: sfu5 Date: 2012-08-10 01:27:30 + (Fri, 10 Aug 2012) Log Message: --- Update openssl patch to replaces the ?\226?\128?\156__FILE__?\226?\128?\157 and ?\226?\128?\156__LINE__?\226?\128?\157 with NULL and 0. Signed-off-by: Fu Siyuan Reviewed-by: Ye Ting Reviewed-by: Dong Guo Modified Paths: -- trunk/edk2/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8w.patch Modified: trunk/edk2/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8w.patch === --- trunk/edk2/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8w.patch 2012-08-10 01:13:05 UTC (rev 13604) +++ trunk/edk2/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8w.patch 2012-08-10 01:27:30 UTC (rev 13605) @@ -26,6 +26,87 @@ #endif /* OPENSSL_NO_STDIO */ #endif /* HEADER_BSS_FILE_C */ +Index: crypto/crypto.h +=== +--- crypto/crypto.h(revision 1) crypto/crypto.h(working copy) +@@ -235,15 +235,15 @@ + #ifndef OPENSSL_NO_LOCKING + #ifndef CRYPTO_w_lock + #define CRYPTO_w_lock(type) \ +- CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__) ++ CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,NULL,0) + #define CRYPTO_w_unlock(type) \ +- CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__) ++ CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,NULL,0) + #define CRYPTO_r_lock(type) \ +- CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__) ++ CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,NULL,0) + #define CRYPTO_r_unlock(type) \ +- CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__) ++ CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,NULL,0) + #define CRYPTO_add(addr,amount,type) \ +- CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__) ++ CRYPTO_add_lock(addr,amount,type,NULL,0) + #endif + #else + #define CRYPTO_w_lock(a) +@@ -361,19 +361,19 @@ + #define MemCheck_off()CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE) + #define is_MemCheck_on() CRYPTO_is_mem_check_on() + +-#define OPENSSL_malloc(num) CRYPTO_malloc((int)num,__FILE__,__LINE__) +-#define OPENSSL_strdup(str) CRYPTO_strdup((str),__FILE__,__LINE__) ++#define OPENSSL_malloc(num) CRYPTO_malloc((int)num,NULL,0) ++#define OPENSSL_strdup(str) CRYPTO_strdup((str),NULL,0) + #define OPENSSL_realloc(addr,num) \ +- CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__) ++ CRYPTO_realloc((char *)addr,(int)num,NULL,0) + #define OPENSSL_realloc_clean(addr,old_num,num) \ +- CRYPTO_realloc_clean(addr,old_num,num,__FILE__,__LINE__) ++ CRYPTO_realloc_clean(addr,old_num,num,NULL,0) + #define OPENSSL_remalloc(addr,num) \ +- CRYPTO_remalloc((char **)addr,(int)num,__FILE__,__LINE__) ++ CRYPTO_remalloc((char **)addr,(int)num,NULL,0) + #define OPENSSL_freeFunc CRYPTO_free + #define OPENSSL_free(addr)CRYPTO_free(addr) + + #define OPENSSL_malloc_locked(num) \ +- CRYPTO_malloc_locked((int)num,__FILE__,__LINE__) ++ CRYPTO_malloc_locked((int)num,NULL,0) + #define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr) + + +@@ -487,7 +487,7 @@ + long CRYPTO_get_mem_debug_options(void); + + #define CRYPTO_push_info(info) \ +-CRYPTO_push_info_(info, __FILE__, __LINE__); ++CRYPTO_push_info_(info, NULL, 0); + int CRYPTO_push_info_(const char *info, const char *file, int line); + int CRYPTO_pop_info(void); + int CRYPTO_remove_all_info(void); +@@ -528,17 +528,17 @@ + + /* die if we have to */ + void OpenSSLDie(const char *file,int line,const char *assertion); +-#define OPENSSL_assert(e) (void)((e) ? 0 : (OpenSSLDie(__FILE__, __LINE__, #e),1)) ++#define OPENSSL_assert(e) (void)((e) ? 0 : (OpenSSLDie(NULL, 0, #e),1)) + + unsigned long *OPENSSL_ia32cap_loc(void); + #define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc())) + int OPENSSL_isservice(void); + + #ifdef OPENSSL_FIPS +-#define FIPS_ERROR_IGNORED(alg) OpenSSLDie(__FILE__, __LINE__, \ ++#define FIPS_ERROR_IGNORED(alg) OpenSSLDie(NULL, 0, \ + alg " previous FIPS forbidden algorithm error ignored"); + +-#define FIPS_BAD_ABORT(alg) OpenSSLDie(__FILE__, __LINE__, \ ++#define FIPS_BAD_ABORT(alg) OpenSSLDie(NULL, 0, \ + #alg " Algorithm forbidden in FIPS mode"); + + #ifdef OPENSSL_FIPS_STRICT Index: crypto/err/err.c === --- crypto/err/err.c (revision 1) This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endp
SF.net SVN: edk2:[13636] trunk/edk2/SecurityPkg/Library/ DxeImageVerificationLib/DxeImageVerificationLib.c
Revision: 13636
http://edk2.svn.sourceforge.net/edk2/?rev=13636&view=rev
Author: sfu5
Date: 2012-08-15 01:39:43 + (Wed, 15 Aug 2012)
Log Message:
---
1. Remove the code path which use X509 cert in KEK to validate PKCS7 signed
image.
2. Remove the code path to validate UEFI image signed by RSA2048 key.
3. Disable the ALLOW_EXECUTE/DEFER_EXECUTE/QUERY_USER policy PCD.
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Dong Guo
Modified Paths:
--
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
Modified:
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
===
---
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
2012-08-15 00:03:59 UTC (rev 13635)
+++
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
2012-08-15 01:39:43 UTC (rev 13636)
@@ -783,60 +783,6 @@
}
/**
- Discover if the UEFI image is authorized by user's policy setting.
-
- @param[in]PolicySpecify platform's policy setting.
-
- @retval EFI_ACCESS_DENIED Image is not allowed to run.
- @retval EFI_SECURITY_VIOLATION Image is deferred.
- @retval EFI_SUCCESS Image is authorized to run.
-
-**/
-EFI_STATUS
-ImageAuthorization (
- IN UINT32 Policy
- )
-{
- EFI_STATUSStatus;
- EFI_INPUT_KEY Key;
-
- Status = EFI_ACCESS_DENIED;
-
- switch (Policy) {
-
- case QUERY_USER_ON_SECURITY_VIOLATION:
-do {
- CreatePopUp (EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, &Key, mNotifyString1,
mNotifyString2, NULL);
- if (Key.UnicodeChar == L'Y' || Key.UnicodeChar == L'y') {
-Status = EFI_SUCCESS;
-break;
- } else if (Key.UnicodeChar == L'N' || Key.UnicodeChar == L'n') {
-Status = EFI_ACCESS_DENIED;
-break;
- } else if (Key.UnicodeChar == L'D' || Key.UnicodeChar == L'd') {
-Status = EFI_SECURITY_VIOLATION;
-break;
- }
-} while (TRUE);
-break;
-
- case ALLOW_EXECUTE_ON_SECURITY_VIOLATION:
-Status = EFI_SUCCESS;
-break;
-
- case DEFER_EXECUTE_ON_SECURITY_VIOLATION:
-Status = EFI_SECURITY_VIOLATION;
-break;
-
- case DENY_EXECUTE_ON_SECURITY_VIOLATION:
-Status = EFI_ACCESS_DENIED;
-break;
- }
-
- return Status;
-}
-
-/**
Check whether signature is in specified database.
@param[in] VariableNameName of database variable that is searched
in.
@@ -1040,15 +986,8 @@
}
//
- // 2: Find certificate from KEK database and try to verify authenticode
struct.
+ // 2: Find certificate from DB database and try to verify authenticode
struct.
//
- if (IsPkcsSignedDataVerifiedBySignatureList (EFI_KEY_EXCHANGE_KEY_NAME,
&gEfiGlobalVariableGuid)) {
-return EFI_SUCCESS;
- }
-
- //
- // 3: Find certificate from DB database and try to verify authenticode
struct.
- //
if (IsPkcsSignedDataVerifiedBySignatureList (EFI_IMAGE_SECURITY_DATABASE,
&gEfiImageSecurityDatabaseGuid)) {
return EFI_SUCCESS;
} else {
@@ -1057,139 +996,6 @@
}
/**
- Verify certificate in WIN_CERTIFICATE_UEFI_GUID format.
-
- @retval EFI_SUCCESS Image pass verification.
- @retval EFI_SECURITY_VIOLATION Image fail verification.
- @retval other error value
-
-**/
-EFI_STATUS
-VerifyCertUefiGuid (
- VOID
- )
-{
- BOOLEAN Status;
- WIN_CERTIFICATE_UEFI_GUID *EfiCert;
- EFI_SIGNATURE_LIST *KekList;
- EFI_SIGNATURE_DATA *KekItem;
- EFI_CERT_BLOCK_RSA_2048_SHA256 *CertBlock;
- VOID*Rsa;
- UINTN KekCount;
- UINTN Index;
- UINTN KekDataSize;
- BOOLEAN IsFound;
- EFI_STATUS Result;
-
- EfiCert = NULL;
- KekList = NULL;
- KekItem = NULL;
- CertBlock = NULL;
- Rsa = NULL;
- Status= FALSE;
- IsFound = FALSE;
- KekDataSize = 0;
-
- EfiCert = (WIN_CERTIFICATE_UEFI_GUID *) (mImageBase +
mSecDataDir->VirtualAddress);
- CertBlock = (EFI_CERT_BLOCK_RSA_2048_SHA256 *) EfiCert->CertData;
- if (!CompareGuid (&EfiCert->CertType, &gEfiCertTypeRsa2048Sha256Guid)) {
-//
-// Invalid Certificate Data Type.
-//
-return EFI_SECURITY_VIOLATION;
- }
-
- //
- // Get KEK database variable data size
- //
- Result = gRT->GetVariable (EFI_KEY_EXCHANGE_KEY_NAME,
&gEfiGlobalVariableGuid, NULL, &KekDataSize, NULL);
- if (Result != EFI_BUFFER_TOO_SMALL) {
-return EFI_SECURITY_VIOLATION;
- }
-
- //
- // Get KEK database variable.
- //
- GetEfiGlobalVariable2 (EFI_KEY_EXCHANGE_KEY_NAME, (VOID**)&KekList, NULL);
- if (KekList == NULL) {
-return EFI_SECURITY_VIOLATION
SF.net SVN: edk2:[13664] trunk/edk2/NetworkPkg/Dhcp6Dxe
Revision: 13664
http://edk2.svn.sourceforge.net/edk2/?rev=13664&view=rev
Author: sfu5
Date: 2012-08-22 08:01:19 + (Wed, 22 Aug 2012)
Log Message:
---
Add additional delay in DHCP6 InfoRequest interface to wait for link local
address DAD to finish.
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: qianouyang
Modified Paths:
--
trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Driver.c
trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Dxe.inf
trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Impl.c
trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Impl.h
trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Io.h
trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c
trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.h
Modified: trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Driver.c
===
--- trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Driver.c2012-08-22 07:12:10 UTC
(rev 13663)
+++ trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Driver.c2012-08-22 08:01:19 UTC
(rev 13664)
@@ -2,7 +2,7 @@
Driver Binding functions and Service Binding functions
implementationfor for Dhcp6 Driver.
- Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.
+ Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
@@ -132,6 +132,7 @@
)
{
DHCP6_SERVICE *Dhcp6Srv;
+ EFI_STATUSStatus;
*Service = NULL;
Dhcp6Srv = AllocateZeroPool (sizeof (DHCP6_SERVICE));
@@ -166,6 +167,19 @@
);
//
+ // Locate Ip6->Ip6Config and store it for get IP6 Duplicate Address
Detection transmits.
+ //
+ Status = gBS->HandleProtocol (
+ Controller,
+ &gEfiIp6ConfigProtocolGuid,
+ (VOID **) &Dhcp6Srv->Ip6Cfg
+ );
+ if (EFI_ERROR (Status)) {
+FreePool (Dhcp6Srv);
+return Status;
+ }
+
+ //
// Generate client Duid: If SMBIOS system UUID is located, generate DUID in
DUID-UUID format.
// Otherwise, in DUID-LLT format.
//
Modified: trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Dxe.inf
===
--- trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Dxe.inf 2012-08-22 07:12:10 UTC (rev
13663)
+++ trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Dxe.inf 2012-08-22 08:01:19 UTC (rev
13664)
@@ -1,7 +1,7 @@
## @file
# Component description file for Dhcp6 module.
#
-# Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.
+# Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.
#
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD
License
@@ -66,4 +66,4 @@
gEfiUdp6ProtocolGuid
gEfiDhcp6ServiceBindingProtocolGuid
gEfiDhcp6ProtocolGuid
-
+ gEfiIp6ConfigProtocolGuid
Modified: trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Impl.c
===
--- trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Impl.c 2012-08-22 07:12:10 UTC (rev
13663)
+++ trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Impl.c 2012-08-22 08:01:19 UTC (rev
13664)
@@ -608,11 +608,12 @@
)
{
EFI_STATUS Status;
- EFI_TPL OldTpl;
DHCP6_INSTANCE *Instance;
DHCP6_SERVICE*Service;
- DHCP6_INF_CB *InfCb;
UINTNIndex;
+ EFI_EVENTTimer;
+ EFI_STATUS TimerStatus;
+ UINTNGetMappingTimeOut;
if (This == NULL || OptionRequest == NULL || Retransmission == NULL ||
ReplyCallback == NULL) {
return EFI_INVALID_PARAMETER;
@@ -637,58 +638,64 @@
Instance = DHCP6_INSTANCE_FROM_THIS (This);
Service = Instance->Service;
- OldTpl = gBS->RaiseTPL (TPL_CALLBACK);
- Instance->UdpSts = EFI_ALREADY_STARTED;
-
- //
- // Create and initialize the control block for the info-request.
- //
- InfCb = AllocateZeroPool (sizeof(DHCP6_INF_CB));
-
- if (InfCb == NULL) {
-gBS->RestoreTPL (OldTpl);
-return EFI_OUT_OF_RESOURCES;
- }
-
- InfCb->ReplyCallback = ReplyCallback;
- InfCb->CallbackContext = CallbackContext;
- InfCb->TimeoutEvent= TimeoutEvent;
-
- InsertTailList (&Instance->InfList, &InfCb->Link);
-
- //
- // Send the info-request message to start exchange process.
- //
- Status = Dhcp6SendInfoRequestMsg (
+ Status = Dhcp6StartInfoRequest (
Instance,
- InfCb,
SendClientId,
OptionRequest,
OptionCount,
OptionList,
- Retransmission
+ Retransmission,
+ TimeoutEvent,
+ ReplyCallback,
+ CallbackContext
);
+ if (Status == EFI_NO_MAPPING) {
+
SF.net SVN: edk2:[13671] trunk/edk2/SecurityPkg
Revision: 13671
http://edk2.svn.sourceforge.net/edk2/?rev=13671&view=rev
Author: sfu5
Date: 2012-08-23 06:53:51 + (Thu, 23 Aug 2012)
Log Message:
---
1. Initialize certdb variable with correct value of list size.
2. Use gloable database array instead of calling AllocateZeroPool in
SetVariable.
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Dong Guo
Modified Paths:
--
trunk/edk2/SecurityPkg/Include/Guid/AuthenticatedVariableFormat.h
trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h
Modified: trunk/edk2/SecurityPkg/Include/Guid/AuthenticatedVariableFormat.h
===
--- trunk/edk2/SecurityPkg/Include/Guid/AuthenticatedVariableFormat.h
2012-08-23 03:31:00 UTC (rev 13670)
+++ trunk/edk2/SecurityPkg/Include/Guid/AuthenticatedVariableFormat.h
2012-08-23 06:53:51 UTC (rev 13671)
@@ -52,15 +52,6 @@
#define STANDARD_SECURE_BOOT_MODE 0
///
-/// "certdb" variable stores the signer's certificates for non PK/KEK/DB/DBX
-/// variables with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set.
-///
-///
-#define EFI_CERT_DB_NAME L"certdb"
-
-extern EFI_GUID gEfiCertDbGuid;
-
-///
/// Alignment of variable name and data, according to the architecture:
/// * For IA-32 and Intel(R) 64 architectures: 1.
/// * For IA-64 architecture: 8.
Modified: trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
===
--- trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
2012-08-23 03:31:00 UTC (rev 13670)
+++ trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
2012-08-23 06:53:51 UTC (rev 13671)
@@ -34,6 +34,7 @@
///
UINT8mPubKeyStore[MAX_KEYDB_SIZE];
UINT32 mPubKeyNumber;
+UINT8mCertDbStore[MAX_CERTDB_SIZE];
UINT32 mPlatformMode;
EFI_GUID mSignatureSupport[] = {EFI_CERT_SHA1_GUID, EFI_CERT_SHA256_GUID,
EFI_CERT_RSA2048_GUID, EFI_CERT_X509_GUID};
//
@@ -398,7 +399,7 @@
if (Variable.CurrPtr == NULL) {
VarAttr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS |
EFI_VARIABLE_BOOTSERVICE_ACCESS |
EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
-ListSize = 0;
+ListSize = sizeof (UINT32);
Status = UpdateVariable (
EFI_CERT_DB_NAME,
&gEfiCertDbGuid,
@@ -410,7 +411,9 @@
&Variable,
NULL
);
-
+if (EFI_ERROR (Status)) {
+ return Status;
+}
}
return Status;
@@ -1664,10 +1667,7 @@
// Construct new data content of variable "certdb".
//
NewCertDbSize = (UINT32) DataSize - CertNodeSize;
- NewCertDb = AllocateZeroPool (NewCertDbSize);
- if (NewCertDb == NULL) {
-return EFI_OUT_OF_RESOURCES;
- }
+ NewCertDb = (UINT8*) mCertDbStore;
//
// Copy the DB entries before deleting node.
@@ -1704,7 +1704,6 @@
NULL
);
- FreePool (NewCertDb);
return Status;
}
@@ -1793,11 +1792,11 @@
//
NameSize = (UINT32) StrLen (VariableName);
CertNodeSize = sizeof (AUTH_CERT_DB_DATA) + (UINT32) CertDataSize +
NameSize * sizeof (CHAR16);
- NewCertDbSize = (UINT32) DataSize + CertNodeSize;
- NewCertDb = AllocateZeroPool (NewCertDbSize);
- if (NewCertDb == NULL) {
+ NewCertDbSize = (UINT32) DataSize + CertNodeSize;
+ if (NewCertDbSize > MAX_CERTDB_SIZE) {
return EFI_OUT_OF_RESOURCES;
}
+ NewCertDb = (UINT8*) mCertDbStore;
//
// Copy the DB entries before deleting node.
@@ -1844,7 +1843,6 @@
NULL
);
- FreePool (NewCertDb);
return Status;
}
Modified: trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h
===
--- trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h
2012-08-23 03:31:00 UTC (rev 13670)
+++ trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h
2012-08-23 06:53:51 UTC (rev 13671)
@@ -36,15 +36,24 @@
/// "AuthVarKeyDatabase" variable for the Public Key store.
///
#define AUTHVAR_KEYDB_NAME L"AuthVarKeyDatabase"
-#define AUTHVAR_KEYDB_NAME_SIZE 38
///
/// Max size of public key database, restricted by max individal EFI varible
size, exclude variable header and name size.
///
-#define MAX_KEYDB_SIZE (FixedPcdGet32 (PcdMaxVariableSize) - sizeof
(VARIABLE_HEADER) - AUTHVAR_KEYDB_NAME_SIZE)
+#define MAX_KEYDB_SIZE (FixedPcdGet32 (PcdMaxVariableSize) - sizeof
(VARIABLE_HEADER) - sizeof (AUTHVAR_KEYDB_NAME))
#define MAX_KEY_NUM (MAX_KEYDB_SIZE / EFI_CERT_TYPE_RSA2048_SIZE)
///
+/// "certdb" var
SF.net SVN: edk2:[13672] trunk/edk2/SecurityPkg/Library/ DxeImageVerificationLib
Revision: 13672
http://edk2.svn.sourceforge.net/edk2/?rev=13672&view=rev
Author: sfu5
Date: 2012-08-23 07:55:35 + (Thu, 23 Aug 2012)
Log Message:
---
Update the DxeImageVerificationLib to handle the signed image which CertType is
set to EFI_CERT_TYPE_PKCS7_GUID.
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Dong Guo
Modified Paths:
--
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
Modified:
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
===
---
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
2012-08-23 06:53:51 UTC (rev 13671)
+++
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
2012-08-23 07:55:35 UTC (rev 13672)
@@ -31,7 +31,6 @@
//
EFI_IMAGE_OPTIONAL_HEADER_PTR_UNION mNtHeader;
UINT32 mPeCoffHeaderOffset;
-EFI_IMAGE_DATA_DIRECTORY*mSecDataDir = NULL;
EFI_GUIDmCertType;
//
@@ -585,24 +584,21 @@
PE/COFF image is external input, so this function will validate its data
structure
within this image buffer before use.
+ @param[in] AuthDataPointer to the Authenticode Signature
retrieved from signed image.
+ @param[in] AuthDataSizeSize of the Authenticode Signature in bytes.
+
@retval EFI_UNSUPPORTED Hash algorithm is not supported.
@retval EFI_SUCCESS Hash successfully.
**/
EFI_STATUS
HashPeImageByType (
- VOID
+ IN UINT8 *AuthData,
+ IN UINTN AuthDataSize
)
{
UINT8 Index;
- WIN_CERTIFICATE_EFI_PKCS *PkcsCertData;
- PkcsCertData = (WIN_CERTIFICATE_EFI_PKCS *) (mImageBase +
mSecDataDir->VirtualAddress);
-
- if (PkcsCertData->Hdr.dwLength < sizeof (WIN_CERTIFICATE_EFI_PKCS) + 32) {
-return EFI_UNSUPPORTED;
- }
-
for (Index = 0; Index < HASHALG_MAX; Index++) {
//
// Check the Hash algorithm in PE/COFF Authenticode.
@@ -616,18 +612,18 @@
//This field has the fixed offset (+32) in final Authenticode ASN.1
data.
//Fixed offset (+32) is calculated based on two bytes of length
encoding.
//
-if ((*(PkcsCertData->CertData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE) {
+if ((*(AuthData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE) {
//
// Only support two bytes of Long Form of Length Encoding.
//
continue;
}
-if (PkcsCertData->Hdr.dwLength < sizeof (WIN_CERTIFICATE_EFI_PKCS) + 32 +
mHash[Index].OidLength) {
+if (AuthDataSize < 32 + mHash[Index].OidLength) {
return EFI_UNSUPPORTED;
}
-if (CompareMem (PkcsCertData->CertData + 32, mHash[Index].OidValue,
mHash[Index].OidLength) == 0) {
+if (CompareMem (AuthData + 32, mHash[Index].OidValue,
mHash[Index].OidLength) == 0) {
break;
}
}
@@ -875,8 +871,10 @@
Verify PKCS#7 SignedData using certificate found in Variable which formatted
as EFI_SIGNATURE_LIST. The Variable may be PK, KEK, DB or DBX.
- @param VariableName Name of Variable to search for Certificate.
- @param VendorGuidVariable vendor GUID.
+ @param[in] AuthData Pointer to the Authenticode Signature retrieved
from signed image.
+ @param[in] AuthDataSize Size of the Authenticode Signature in bytes.
+ @param[in] VariableName Name of Variable to search for Certificate.
+ @param[in] VendorGuidVariable vendor GUID.
@retval TRUE Image pass verification.
@retval FALSEImage fail verification.
@@ -884,13 +882,14 @@
**/
BOOLEAN
IsPkcsSignedDataVerifiedBySignatureList (
+ IN UINT8 *AuthData,
+ IN UINTN AuthDataSize,
IN CHAR16 *VariableName,
IN EFI_GUID *VendorGuid
)
{
EFI_STATUSStatus;
BOOLEAN VerifyStatus;
- WIN_CERTIFICATE_EFI_PKCS *PkcsCertData;
EFI_SIGNATURE_LIST*CertList;
EFI_SIGNATURE_DATA*Cert;
UINTN DataSize;
@@ -906,7 +905,6 @@
RootCert = NULL;
RootCertSize = 0;
VerifyStatus = FALSE;
- PkcsCertData = (WIN_CERTIFICATE_EFI_PKCS *) (mImageBase +
mSecDataDir->VirtualAddress);
DataSize = 0;
Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize,
NULL);
@@ -940,8 +938,8 @@
// Call AuthenticodeVerify library to Verify Authenticode struct.
//
VerifyStatus = AuthenticodeVerify (
- PkcsCertData->CertData,
- PkcsCertData->Hdr.dwLength -
sizeof(PkcsCertData->Hdr),
+ AuthData,
+
SF.net SVN: edk2:[13676] trunk/edk2/NetworkPkg/UefiPxeBcDxe
Revision: 13676
http://edk2.svn.sourceforge.net/edk2/?rev=13676&view=rev
Author: sfu5
Date: 2012-08-24 08:25:42 + (Fri, 24 Aug 2012)
Log Message:
---
Fix bugs in PXE driver when using option 43 for boot server list and boot menu
prompt.
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Ouyang Qian
Modified Paths:
--
trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcBoot.c
trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcBoot.h
trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp4.c
trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp4.h
trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c
Modified: trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcBoot.c
===
--- trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcBoot.c 2012-08-24 00:37:40 UTC
(rev 13675)
+++ trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcBoot.c 2012-08-24 08:25:42 UTC
(rev 13676)
@@ -1,7 +1,7 @@
/** @file
Boot functions implementation for UefiPxeBc Driver.
- Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.
+ Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
@@ -86,9 +86,9 @@
OfferType= Mode->UsingIpv6 ? Cache->Dhcp6.OfferType :
Cache->Dhcp4.OfferType;
//
- // Only ProxyPxe10 offer needs boot prompt.
+ // Only DhcpPxe10 and ProxyPxe10 offer needs boot prompt.
//
- if (OfferType != PxeOfferTypeProxyPxe10) {
+ if (OfferType != PxeOfferTypeProxyPxe10 && OfferType !=
PxeOfferTypeDhcpPxe10) {
return EFI_NOT_FOUND;
}
@@ -99,7 +99,7 @@
VendorOpt = &Cache->Dhcp4.VendorOpt;
if (!IS_VALID_BOOT_PROMPT (VendorOpt->BitMap)) {
-return EFI_SUCCESS;
+return EFI_TIMEOUT;
}
Timeout = VendorOpt->MenuPrompt->Timeout;
@@ -110,10 +110,10 @@
// The valid scope of Timeout refers to PXE2.1 spec.
//
if (Timeout == 0) {
-return EFI_SUCCESS;
+return EFI_TIMEOUT;
}
if (Timeout == 255) {
-return EFI_TIMEOUT;
+return EFI_SUCCESS;
}
//
@@ -173,6 +173,7 @@
gST->ConOut->SetCursorPosition (gST->ConOut, SecCol + PromptLen, SecRow);
AsciiPrint ("(%d) ", Timeout--);
+ Status = EFI_TIMEOUT;
while (EFI_ERROR (gBS->CheckEvent (TimeoutEvent))) {
if (!EFI_ERROR (gBS->CheckEvent (DescendEvent))) {
gST->ConOut->SetCursorPosition (gST->ConOut, SecCol + PromptLen, SecRow);
@@ -184,6 +185,7 @@
}
//
// Parse the input key by user.
+// If or + is pressed, return success to display the boot
menu.
//
if (InputKey.ScanCode == 0) {
@@ -196,7 +198,7 @@
case CTRL ('m'):
case 'm':
case 'M':
-Status = EFI_TIMEOUT;
+Status = EFI_SUCCESS;
break;
default:
@@ -208,7 +210,7 @@
switch (InputKey.ScanCode) {
case SCAN_F8:
-Status = EFI_TIMEOUT;
+Status = EFI_SUCCESS;
break;
case SCAN_ESC:
@@ -284,10 +286,10 @@
OfferType = Mode->UsingIpv6 ? Cache->Dhcp6.OfferType :
Cache->Dhcp4.OfferType;
//
- // There is no specified ProxyPxe10 for IPv6 in PXE and UEFI spec.
+ // There is no specified DhcpPxe10/ProxyPxe10 for IPv6 in PXE and UEFI spec.
//
ASSERT (!Mode->UsingIpv6);
- ASSERT (OfferType == PxeOfferTypeProxyPxe10);
+ ASSERT (OfferType == PxeOfferTypeProxyPxe10 || OfferType ==
PxeOfferTypeDhcpPxe10);
VendorOpt = &Cache->Dhcp4.VendorOpt;
if (!IS_VALID_BOOT_MENU (VendorOpt->BitMap)) {
@@ -351,7 +353,7 @@
gBS->Stall (10 * TICKS_PER_MS);
}
-if (InputKey.ScanCode != 0) {
+if (InputKey.ScanCode == 0) {
switch (InputKey.UnicodeChar) {
case CTRL ('c'):
InputKey.ScanCode = SCAN_ESC;
@@ -651,7 +653,7 @@
@param[in] Private Pointer to PxeBc private data.
@param[in] Type The type of bootstrap to perform.
- @param[in, out] Info Pointer to EFI_PXE_BASE_CODE_DISCOVER_INFO.
+ @param[in, out] DiscoverInfo Pointer to EFI_PXE_BASE_CODE_DISCOVER_INFO.
@param[out] BootEntryPointer to PXEBC_BOOT_SVR_ENTRY.
@param[out] SrvList Pointer to EFI_PXE_BASE_CODE_SRVLIST.
@@ -663,7 +665,7 @@
PxeBcExtractDiscoverInfo (
IN PXEBC_PRIVATE_DATA *Private,
IN UINT16 Type,
- IN OUT EFI_PXE_BASE_CODE_DISCOVER_INFO *Info,
+ IN OUT EFI_PXE_BASE_CODE_DISCOVER_INFO **DiscoverInfo,
OUT PXEBC_BOOT_SVR_ENTRY **BootEntry,
OUT EFI_PXE_BASE_CODE_SRVLIST**SrvList
)
@@ -673,8 +675,11 @@
PXEBC_VENDOR_OPTION *VendorOpt;
PXEBC_BOOT_SVR_ENTRY*Entry;
BOOLEAN IsFound;
+ EFI_PXE_BASE_CODE_DISCOVER_INFO *Info;
+ UINT16
SF.net SVN: edk2:[13701] trunk/edk2/SecurityPkg/Library/ DxeImageVerificationLib/DxeImageVerificationLib.c
Revision: 13701
http://edk2.svn.sourceforge.net/edk2/?rev=13701&view=rev
Author: sfu5
Date: 2012-09-06 02:15:59 + (Thu, 06 Sep 2012)
Log Message:
---
Check the value of Hdr.dwLength for signed EFI image before image validation.
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Dong Guo
Modified Paths:
--
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
Modified:
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
===
---
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
2012-09-05 08:46:51 UTC (rev 13700)
+++
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
2012-09-06 02:15:59 UTC (rev 13701)
@@ -1276,6 +1276,9 @@
// Authenticode specification.
//
PkcsCertData = (WIN_CERTIFICATE_EFI_PKCS *) WinCertificate;
+if (PkcsCertData->Hdr.dwLength <= sizeof (PkcsCertData->Hdr)) {
+ goto Done;
+}
AuthData = PkcsCertData->CertData;
AuthDataSize = PkcsCertData->Hdr.dwLength - sizeof(PkcsCertData->Hdr);
@@ -1290,7 +1293,8 @@
// The certificate is formatted as WIN_CERTIFICATE_UEFI_GUID which is
described in UEFI Spec.
//
WinCertUefiGuid = (WIN_CERTIFICATE_UEFI_GUID *) WinCertificate;
-if (!CompareGuid(&WinCertUefiGuid->CertType, &gEfiCertPkcs7Guid)) {
+if (!CompareGuid(&WinCertUefiGuid->CertType, &gEfiCertPkcs7Guid) ||
+(WinCertUefiGuid->Hdr.dwLength <= OFFSET_OF(WIN_CERTIFICATE_UEFI_GUID,
CertData))) {
goto Done;
}
AuthData = WinCertUefiGuid->CertData;
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[13731] trunk/edk2
Revision: 13731
http://edk2.svn.sourceforge.net/edk2/?rev=13731&view=rev
Author: sfu5
Date: 2012-09-14 02:59:35 + (Fri, 14 Sep 2012)
Log Message:
---
1. Fix a bug when comparing two timestamp in auth-variable driver.
2. Remove the TimeCompare function in Bds since it's not used anymore.
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Dong Guo
Modified Paths:
--
trunk/edk2/IntelFrameworkModulePkg/Universal/BdsDxe/BootMaint/BmLib.c
trunk/edk2/IntelFrameworkModulePkg/Universal/BdsDxe/FrontPage.h
trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
Modified: trunk/edk2/IntelFrameworkModulePkg/Universal/BdsDxe/BootMaint/BmLib.c
===
--- trunk/edk2/IntelFrameworkModulePkg/Universal/BdsDxe/BootMaint/BmLib.c
2012-09-13 11:28:27 UTC (rev 13730)
+++ trunk/edk2/IntelFrameworkModulePkg/Universal/BdsDxe/BootMaint/BmLib.c
2012-09-14 02:59:35 UTC (rev 13731)
@@ -358,40 +358,6 @@
}
/**
- Compare two EFI_TIME data.
-
-
- @param FirstTime - A pointer to the first EFI_TIME data.
- @param SecondTime - A pointer to the second EFI_TIME data.
-
- @retval TRUE The FirstTime is not later than the SecondTime.
- @retval FALSE The FirstTime is later than the SecondTime.
-
-**/
-BOOLEAN
-TimeCompare (
- IN EFI_TIME *FirstTime,
- IN EFI_TIME *SecondTime
- )
-{
- if (FirstTime->Year != SecondTime->Year) {
-return (BOOLEAN) (FirstTime->Year < SecondTime->Year);
- } else if (FirstTime->Month != SecondTime->Month) {
-return (BOOLEAN) (FirstTime->Month < SecondTime->Month);
- } else if (FirstTime->Day != SecondTime->Day) {
-return (BOOLEAN) (FirstTime->Day < SecondTime->Day);
- } else if (FirstTime->Hour != SecondTime->Hour) {
-return (BOOLEAN) (FirstTime->Hour < SecondTime->Hour);
- } else if (FirstTime->Minute != SecondTime->Minute) {
-return (BOOLEAN) (FirstTime->Minute < FirstTime->Minute);
- } else if (FirstTime->Second != SecondTime->Second) {
-return (BOOLEAN) (FirstTime->Second < SecondTime->Second);
- }
-
- return (BOOLEAN) (FirstTime->Nanosecond <= SecondTime->Nanosecond);
-}
-
-/**
Get a string from the Data Hub record based on
a device path.
Modified: trunk/edk2/IntelFrameworkModulePkg/Universal/BdsDxe/FrontPage.h
===
--- trunk/edk2/IntelFrameworkModulePkg/Universal/BdsDxe/FrontPage.h
2012-09-13 11:28:27 UTC (rev 13730)
+++ trunk/edk2/IntelFrameworkModulePkg/Universal/BdsDxe/FrontPage.h
2012-09-14 02:59:35 UTC (rev 13731)
@@ -217,23 +217,6 @@
);
/**
- Compare two EFI_TIME data.
-
-
- @param FirstTime - A pointer to the first EFI_TIME data.
- @param SecondTime - A pointer to the second EFI_TIME data.
-
- @retval TRUE The FirstTime is not later than the SecondTime.
- @retval FALSE The FirstTime is later than the SecondTime.
-
-**/
-BOOLEAN
-TimeCompare (
- IN EFI_TIME *FirstTime,
- IN EFI_TIME *SecondTime
- );
-
-/**
This function is the main entry of the platform setup entry.
The function will present the main menu of the system setup,
this is the platform reference part and can be customize.
Modified: trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
===
--- trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
2012-09-13 11:28:27 UTC (rev 13730)
+++ trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
2012-09-14 02:59:35 UTC (rev 13731)
@@ -1381,7 +1381,7 @@
} else if (FirstTime->Hour != SecondTime->Hour) {
return (BOOLEAN) (FirstTime->Hour < SecondTime->Hour);
} else if (FirstTime->Minute != SecondTime->Minute) {
-return (BOOLEAN) (FirstTime->Minute < FirstTime->Minute);
+return (BOOLEAN) (FirstTime->Minute < SecondTime->Minute);
}
return (BOOLEAN) (FirstTime->Second <= SecondTime->Second);
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
--
Got visibility?
Most devs has no idea what their production app looks like.
Find out how fast your code is with AppDynamics Lite.
http://ad.doubleclick.net/clk;262219671;13503038;y?
http://info.appdynamics.com/FreeJavaPerformanceDownload.html
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[13733] trunk/edk2/SecurityPkg/VariableAuthenticated/ SecureBootConfigDxe/SecureBootConfigImpl.c
Revision: 13733
http://edk2.svn.sourceforge.net/edk2/?rev=13733&view=rev
Author: sfu5
Date: 2012-09-14 07:28:37 + (Fri, 14 Sep 2012)
Log Message:
---
Add a dialog box with help message when user changes the state of "Attempt
Secure Boot" check box.
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Dong Guo
Modified Paths:
--
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
Modified:
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
===
---
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
2012-09-14 06:54:35 UTC (rev 13732)
+++
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
2012-09-14 07:28:37 UTC (rev 13733)
@@ -2396,6 +2396,13 @@
NULL
);
Status = EFI_UNSUPPORTED;
+} else {
+ CreatePopUp (
+EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
+&Key,
+L"Secure boot configuration is changed, please reset the platform
to take effect!",
+NULL
+);
}
*ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY;
}
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
--
Got visibility?
Most devs has no idea what their production app looks like.
Find out how fast your code is with AppDynamics Lite.
http://ad.doubleclick.net/clk;262219671;13503038;y?
http://info.appdynamics.com/FreeJavaPerformanceDownload.html
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[13858] trunk/edk2/CryptoPkg/Library/OpensslLib/ EDKII_openssl-0.9.8w.patch
Revision: 13858
http://edk2.svn.sourceforge.net/edk2/?rev=13858&view=rev
Author: sfu5
Date: 2012-10-17 08:17:33 + (Wed, 17 Oct 2012)
Log Message:
---
Fix a bug in OpensslLib that PKCS7_verify will use over 8k stack space.
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Dong Guo
Modified Paths:
--
trunk/edk2/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8w.patch
Modified: trunk/edk2/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8w.patch
===
--- trunk/edk2/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8w.patch
2012-10-17 06:07:27 UTC (rev 13857)
+++ trunk/edk2/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8w.patch
2012-10-17 08:17:33 UTC (rev 13858)
@@ -182,6 +182,45 @@
PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR);
goto err;
}
+@@ -173,7 +176,8 @@
+ STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
+ PKCS7_SIGNER_INFO *si;
+ X509_STORE_CTX cert_ctx;
+- char buf[4096];
++ char *buf = NULL;
++ int bufsiz;
+ int i, j=0, k, ret = 0;
+ BIO *p7bio;
+ BIO *tmpin, *tmpout;
+@@ -284,10 +288,16 @@
+ BIO_set_mem_eof_return(tmpout, 0);
+ } else tmpout = out;
+
++ bufsiz = 4096;
++ buf = OPENSSL_malloc (bufsiz);
++ if (buf == NULL) {
++ goto err;
++ }
++
+ /* We now have to 'read' from p7bio to calculate digests etc. */
+ for (;;)
+ {
+- i=BIO_read(p7bio,buf,sizeof(buf));
++ i=BIO_read(p7bio,buf,bufsiz);
+ if (i <= 0) break;
+ if (tmpout) BIO_write(tmpout, buf, i);
+ }
+@@ -326,6 +336,10 @@
+
+ sk_X509_free(signers);
+
++ if (buf != NULL) {
++ OPENSSL_free (buf);
++ }
++
+ return ret;
+ }
+
Index: crypto/rand/rand_egd.c
===
--- crypto/rand/rand_egd.c (revision 1)
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
--
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_sfd2d_oct
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[13957] trunk/edk2/SecurityPkg/VariableAuthenticated/ RuntimeDxe
Revision: 13957
http://edk2.svn.sourceforge.net/edk2/?rev=13957&view=rev
Author: sfu5
Date: 2012-11-21 08:06:02 + (Wed, 21 Nov 2012)
Log Message:
---
1. Correct the counter-based hash algorithm according to UEFI spec.
2. Check the reserverd bit in variable attribute.
3. Return EFI_OUT_OF_RESOURCE instead of EFI_SECURITY_VIOLATION if there is not
enough speace to store the public key.
4. Fix a bug when deleting a non-existent time-based auth variable, we store
the certificate into cert DB incorrectly.
5. Fix a bug that time-based auth variable can't been updated again after
append operation.
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Dong Guo
Modified Paths:
--
trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.h
Modified: trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
===
--- trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
2012-11-21 03:03:32 UTC (rev 13956)
+++ trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
2012-11-21 08:06:02 UTC (rev 13957)
@@ -526,7 +526,9 @@
EFI_CERT_BLOCK_RSA_2048_SHA256 *CertBlock;
UINT8 Digest[SHA256_DIGEST_SIZE];
VOID*Rsa;
-
+ UINTN PayloadSize;
+
+ PayloadSize = DataSize - AUTHINFO_SIZE;
Rsa = NULL;
CertData= NULL;
CertBlock = NULL;
@@ -558,11 +560,18 @@
if (!Status) {
goto Done;
}
- Status = Sha256Update (mHashCtx, Data + AUTHINFO_SIZE, (UINTN) (DataSize -
AUTHINFO_SIZE));
+ Status = Sha256Update (mHashCtx, Data + AUTHINFO_SIZE, PayloadSize);
if (!Status) {
goto Done;
}
//
+ // Hash Size.
+ //
+ Status = Sha256Update (mHashCtx, &PayloadSize, sizeof (UINTN));
+ if (!Status) {
+goto Done;
+ }
+ //
// Hash Monotonic Count.
//
Status = Sha256Update (mHashCtx, &CertData->MonotonicCount, sizeof
(UINT64));
@@ -1099,6 +1108,7 @@
@return EFI_INVALID_PARAMETER Invalid parameter.
@return EFI_WRITE_PROTECTED Variable is write-protected and
needs authentication with
EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set.
+ @return EFI_OUT_OF_RESOURCESThe Database to save the public key
is full.
@return EFI_SECURITY_VIOLATION The variable is with
EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS
set, but the AuthInfo does NOT pass
the validation
check carried out by the firmware.
@@ -1253,7 +1263,7 @@
//
KeyIndex = AddPubKeyInStore (PubKey);
if (KeyIndex == 0) {
- return EFI_SECURITY_VIOLATION;
+ return EFI_OUT_OF_RESOURCES;
}
}
@@ -2155,13 +2165,13 @@
//
// Delete signer's certificates when delete the common authenticated
variable.
//
-if ((PayloadSize == 0) && (Variable->CurrPtr != NULL)) {
+if ((PayloadSize == 0) && (Variable->CurrPtr != NULL) && ((Attributes &
EFI_VARIABLE_APPEND_WRITE) == 0)) {
Status = DeleteCertsFromDb (VariableName, VendorGuid);
if (EFI_ERROR (Status)) {
VerifyStatus = FALSE;
goto Exit;
}
-} else if (Variable->CurrPtr == NULL) {
+} else if (Variable->CurrPtr == NULL && PayloadSize != 0) {
//
// Insert signer's certificates when adding a new common authenticated
variable.
//
Modified: trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
===
--- trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
2012-11-21 03:03:32 UTC (rev 13956)
+++ trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
2012-11-21 08:06:02 UTC (rev 13957)
@@ -2281,6 +2281,13 @@
}
//
+ // Check for reserverd bit in variable attribute.
+ //
+ if ((Attributes & (~EFI_VARIABLE_ATTRIBUTES_MASK)) != 0) {
+return EFI_INVALID_PARAMETER;
+ }
+
+ //
// Make sure if runtime bit is set, boot service bit is set also.
//
if ((Attributes & (EFI_VARIABLE_RUNTIME_ACCESS |
EFI_VARIABLE_BOOTSERVICE_ACCESS)) == EFI_VARIABLE_RUNTIME_ACCESS) {
Modified: trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.h
===
--- trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.h
2012-11-21 03:03:32 UTC (rev 13956)
+++ trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.h
2012-11-21 08:06:02 UTC (rev 13957)
@@ -43,6 +43,13 @@
#include
#define VARIABLE_REC
SF.net SVN: edk2:[13975] trunk/edk2/SecurityPkg
Revision: 13975 http://edk2.svn.sourceforge.net/edk2/?rev=13975&view=rev Author: sfu5 Date: 2012-11-28 06:59:13 + (Wed, 28 Nov 2012) Log Message: --- Move the declaration of gEfiCertDbGuid to the package's Include folder. Signed-off-by: Fu Siyuan Reviewed-by: Ye Ting Reviewed-by: Dong Guo Modified Paths: -- trunk/edk2/SecurityPkg/Include/Guid/AuthenticatedVariableFormat.h trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h Modified: trunk/edk2/SecurityPkg/Include/Guid/AuthenticatedVariableFormat.h === --- trunk/edk2/SecurityPkg/Include/Guid/AuthenticatedVariableFormat.h 2012-11-28 04:49:48 UTC (rev 13974) +++ trunk/edk2/SecurityPkg/Include/Guid/AuthenticatedVariableFormat.h 2012-11-28 06:59:13 UTC (rev 13975) @@ -27,6 +27,8 @@ extern EFI_GUID gEfiAuthenticatedVariableGuid; extern EFI_GUID gEfiSecureBootEnableDisableGuid; +extern EFI_GUID gEfiCertDbGuid; +extern EFI_GUID gEfiCustomModeEnableGuid; /// /// "SecureBootEnable" variable for the Secure Boot feature enable/disable. @@ -37,8 +39,6 @@ #define SECURE_BOOT_ENABLE 1 #define SECURE_BOOT_DISABLE 0 -extern EFI_GUID gEfiCustomModeEnableGuid; - /// /// "CustomMode" variable for two Secure Boot modes feature: "Custom" and "Standard". /// Standard Secure Boot mode is the default mode as UEFI Spec's description. Modified: trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h === --- trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h 2012-11-28 04:49:48 UTC (rev 13974) +++ trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h 2012-11-28 06:59:13 UTC (rev 13975) @@ -51,8 +51,6 @@ #define EFI_CERT_DB_NAMEL"certdb" #define MAX_CERTDB_SIZE (FixedPcdGet32 (PcdMaxVariableSize) - sizeof (VARIABLE_HEADER) - sizeof (EFI_CERT_DB_NAME)) -extern EFI_GUID gEfiCertDbGuid; - /// /// Struct to record signature requirement defined by UEFI spec. /// For SigHeaderSize and SigDataSize, ((UINT32) ~0) means NO exact length requirement for this field. This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. -- Keep yourself connected to Go Parallel: INSIGHTS What's next for parallel hardware, programming and related areas? Interviews and blogs by thought leaders keep you ahead of the curve. http://goparallel.sourceforge.net ___ edk2-commits mailing list edk2-commits@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[13990] trunk/edk2/SecurityPkg/Library/ DxeImageVerificationLib/DxeImageVerificationLib.c
Revision: 13990
http://edk2.svn.sourceforge.net/edk2/?rev=13990&view=rev
Author: sfu5
Date: 2012-12-12 03:03:07 + (Wed, 12 Dec 2012)
Log Message:
---
Add a NULL string to the Image Execution Information Table if the Name is NULL
in function AddImageExeInfo().
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Dong Guo
Modified Paths:
--
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
Modified:
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
===
---
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
2012-12-11 21:19:14 UTC (rev 13989)
+++
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
2012-12-12 03:03:07 UTC (rev 13990)
@@ -715,14 +715,15 @@
if (Name != NULL) {
NameStringLen = StrSize (Name);
+ } else {
+NameStringLen = sizeof (CHAR16);
}
- ImageExeInfoTable = NULL;
EfiGetSystemConfigurationTable (&gEfiImageSecurityDatabaseGuid, (VOID **)
&ImageExeInfoTable);
if (ImageExeInfoTable != NULL) {
//
// The table has been found!
-// We must enlarge the table to accmodate the new exe info entry.
+// We must enlarge the table to accomodate the new exe info entry.
//
ImageExeInfoTableSize = GetImageExeInfoTableSize (ImageExeInfoTable);
} else {
@@ -755,6 +756,8 @@
if (Name != NULL) {
CopyMem ((UINT8 *) &ImageExeInfoEntry->InfoSize + sizeof (UINT32), Name,
NameStringLen);
+ } else {
+ZeroMem ((UINT8 *) &ImageExeInfoEntry->InfoSize + sizeof (UINT32), sizeof
(CHAR16));
}
CopyMem (
(UINT8 *) &ImageExeInfoEntry->InfoSize + sizeof (UINT32) + NameStringLen,
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
--
LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial
Remotely access PCs and mobile devices and provide instant support
Improve your efficiency, and focus on delivering more value-add services
Discover what IT Professionals Know. Rescue delivers
http://p.sf.net/sfu/logmein_12329d2d
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[13994] trunk/edk2/OptionRomPkg/UndiRuntimeDxe
Revision: 13994 http://edk2.svn.sourceforge.net/edk2/?rev=13994&view=rev Author: sfu5 Date: 2012-12-13 06:41:07 + (Thu, 13 Dec 2012) Log Message: --- 1. Add EFI_COMPONENT_NAME2_PROTOCOL support for UNDI driver. Signed-off-by: Fu Siyuan Reviewed-by: Ye Ting Reviewed-by: Ouyang Qian Modified Paths: -- trunk/edk2/OptionRomPkg/UndiRuntimeDxe/Init.c trunk/edk2/OptionRomPkg/UndiRuntimeDxe/Undi32.h trunk/edk2/OptionRomPkg/UndiRuntimeDxe/UndiRuntimeDxe.inf Added Paths: --- trunk/edk2/OptionRomPkg/UndiRuntimeDxe/ComponentName.c Added: trunk/edk2/OptionRomPkg/UndiRuntimeDxe/ComponentName.c === --- trunk/edk2/OptionRomPkg/UndiRuntimeDxe/ComponentName.c (rev 0) +++ trunk/edk2/OptionRomPkg/UndiRuntimeDxe/ComponentName.c 2012-12-13 06:41:07 UTC (rev 13994) @@ -0,0 +1,365 @@ +/** @file +UEFI Component Name(2) protocol implementation for EFI UNDI32 driver. + +Copyright (c) 2012, Intel Corporation. All rights reserved. +This program and the accompanying materials are licensed +and made available under the terms and conditions of the BSD License which +accompanies this distribution. The full text of the license may be found at +http://opensource.org/licenses/bsd-license.php + +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + + +#include "Undi32.h" + +// +// EFI Component Name Functions +// +/** + Retrieves a Unicode string that is the user readable name of the driver. + + This function retrieves the user readable name of a driver in the form of a + Unicode string. If the driver specified by This has a user readable name in + the language specified by Language, then a pointer to the driver name is + returned in DriverName, and EFI_SUCCESS is returned. If the driver specified + by This does not support the language specified by Language, + then EFI_UNSUPPORTED is returned. + + @param This[in] A pointer to the EFI_COMPONENT_NAME2_PROTOCOL or +EFI_COMPONENT_NAME_PROTOCOL instance. + + @param Language[in] A pointer to a Null-terminated ASCII string +array indicating the language. This is the +language of the driver name that the caller is +requesting, and it must match one of the +languages specified in SupportedLanguages. The +number of languages supported by a driver is up +to the driver writer. Language is specified +in RFC 4646 or ISO 639-2 language code format. + + @param DriverName[out] A pointer to the Unicode string to return. +This Unicode string is the name of the +driver specified by This in the language +specified by Language. + + @retval EFI_SUCCESS The Unicode string for the Driver specified by +This and the language specified by Language was +returned in DriverName. + + @retval EFI_INVALID_PARAMETER Language is NULL. + + @retval EFI_INVALID_PARAMETER DriverName is NULL. + + @retval EFI_UNSUPPORTED The driver specified by This does not support +the language specified by Language. + +**/ +EFI_STATUS +EFIAPI +UndiComponentNameGetDriverName ( + IN EFI_COMPONENT_NAME_PROTOCOL *This, + IN CHAR8*Language, + OUT CHAR16 **DriverName + ); + + +/** + Retrieves a Unicode string that is the user readable name of the controller + that is being managed by a driver. + + This function retrieves the user readable name of the controller specified by + ControllerHandle and ChildHandle in the form of a Unicode string. If the + driver specified by This has a user readable name in the language specified by + Language, then a pointer to the controller name is returned in ControllerName, + and EFI_SUCCESS is returned. If the driver specified by This is not currently + managing the controller specified by ControllerHandle and ChildHandle, + then EFI_UNSUPPORTED is returned. If the driver specified by This does not + support the language specified by Language, then EFI_UNSUPPORTED is returned. + + @param This[in] A pointer to the EFI_COMPONENT_NAME2_PROTOCOL or +EFI_COMPONENT_NAME_PROTOCOL instance. + + @param ControllerHandle[in] The handle of a controller that the driver +specified by This is managing. This handle +specifies the contro
SF.net SVN: edk2:[14007] trunk/edk2
Revision: 14007
http://edk2.svn.sourceforge.net/edk2/?rev=14007&view=rev
Author: sfu5
Date: 2012-12-17 06:48:35 + (Mon, 17 Dec 2012)
Log Message:
---
Fix GCC build fail issue for MdeModulePkg and NetworkPkg.
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Ouyang Qian
Modified Paths:
--
trunk/edk2/MdeModulePkg/Include/Library/NetLib.h
trunk/edk2/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c
trunk/edk2/MdeModulePkg/Universal/Network/ArpDxe/ArpDriver.c
trunk/edk2/MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Driver.c
trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Driver.c
trunk/edk2/MdeModulePkg/Universal/Network/MnpDxe/MnpConfig.c
trunk/edk2/MdeModulePkg/Universal/Network/MnpDxe/MnpDriver.c
trunk/edk2/MdeModulePkg/Universal/Network/Mtftp4Dxe/Mtftp4Driver.c
trunk/edk2/MdeModulePkg/Universal/Network/Mtftp4Dxe/Mtftp4Impl.h
trunk/edk2/MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Driver.c
trunk/edk2/MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Driver.c
trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Driver.c
trunk/edk2/NetworkPkg/Ip6Dxe/Ip6Common.c
trunk/edk2/NetworkPkg/Ip6Dxe/Ip6Driver.c
trunk/edk2/NetworkPkg/Mtftp6Dxe/Mtftp6Driver.c
trunk/edk2/NetworkPkg/TcpDxe/TcpDriver.c
trunk/edk2/NetworkPkg/Udp6Dxe/Udp6Driver.c
Modified: trunk/edk2/MdeModulePkg/Include/Library/NetLib.h
===
--- trunk/edk2/MdeModulePkg/Include/Library/NetLib.h2012-12-17 03:30:43 UTC
(rev 14006)
+++ trunk/edk2/MdeModulePkg/Include/Library/NetLib.h2012-12-17 06:48:35 UTC
(rev 14007)
@@ -677,7 +677,7 @@
(EFIAPI *NET_DESTROY_LINK_LIST_CALLBACK) (
IN LIST_ENTRY *Entry,
IN VOID *Context OPTIONAL
-);
+ );
/**
Safe destroy nodes in a linked list, and return the length of the list after
all possible operations finished.
@@ -708,7 +708,7 @@
IN NET_DESTROY_LINK_LIST_CALLBACK CallBack,
IN VOID *Context,OPTIONAL
OUT UINTN*ListLength OPTIONAL
-);
+ );
/**
This function checks the input Handle to see if it's one of these handles in
ChildHandleBuffer.
@@ -723,11 +723,12 @@
**/
BOOLEAN
+EFIAPI
NetIsInHandleBuffer (
IN EFI_HANDLE Handle,
IN UINTN NumberOfChildren,
IN EFI_HANDLE *ChildHandleBuffer OPTIONAL
-);
+ );
//
// Object container: EFI network stack spec defines various kinds of
Modified: trunk/edk2/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c
===
--- trunk/edk2/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c 2012-12-17
03:30:43 UTC (rev 14006)
+++ trunk/edk2/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c 2012-12-17
06:48:35 UTC (rev 14007)
@@ -1095,7 +1095,7 @@
IN NET_DESTROY_LINK_LIST_CALLBACK CallBack,
IN VOID *Context,OPTIONAL
OUT UINTN*ListLength OPTIONAL
-)
+ )
{
UINTN PreviousLength;
LIST_ENTRY*Entry;
@@ -1158,7 +1158,7 @@
IN EFI_HANDLE Handle,
IN UINTN NumberOfChildren,
IN EFI_HANDLE *ChildHandleBuffer OPTIONAL
-)
+ )
{
UINTN Index;
Modified: trunk/edk2/MdeModulePkg/Universal/Network/ArpDxe/ArpDriver.c
===
--- trunk/edk2/MdeModulePkg/Universal/Network/ArpDxe/ArpDriver.c
2012-12-17 03:30:43 UTC (rev 14006)
+++ trunk/edk2/MdeModulePkg/Universal/Network/ArpDxe/ArpDriver.c
2012-12-17 06:48:35 UTC (rev 14007)
@@ -252,10 +252,11 @@
**/
EFI_STATUS
+EFIAPI
ArpDestroyChildEntryInHandleBuffer (
IN LIST_ENTRY *Entry,
IN VOID *Context
-)
+ )
{
ARP_INSTANCE_DATA *Instance;
EFI_SERVICE_BINDING_PROTOCOL *ServiceBinding;
Modified: trunk/edk2/MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Driver.c
===
--- trunk/edk2/MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Driver.c
2012-12-17 03:30:43 UTC (rev 14006)
+++ trunk/edk2/MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Driver.c
2012-12-17 06:48:35 UTC (rev 14007)
@@ -364,10 +364,11 @@
**/
EFI_STATUS
+EFIAPI
Dhcp4DestroyChildEntry (
IN LIST_ENTRY *Entry,
IN VOID *Context
-)
+ )
{
DHCP_PROTOCOL*Instance;
EFI_SERVICE_BINDING_PROTOCOL *ServiceBinding;
Modified: trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Driver.c
===
--- trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Driver.c
2012-12-17 03:30:43 UTC (rev 14006)
+++ trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Driver.c
2012-12-17 06:48:35 UTC (rev 14007)
@@ -406,10 +406,11 @@
**/
EFI_STATU
SF.net SVN: edk2:[14017] trunk/edk2
Revision: 14017
http://edk2.svn.sourceforge.net/edk2/?rev=14017&view=rev
Author: sfu5
Date: 2012-12-24 02:52:27 + (Mon, 24 Dec 2012)
Log Message:
---
1. Fix buffer overflow bugs in SNP, MNP and IP6 driver.
2. Fix GCC build fail issue in DxeNetLib.
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Ouyang Qian
Modified Paths:
--
trunk/edk2/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c
trunk/edk2/MdeModulePkg/Universal/Network/MnpDxe/ComponentName.c
trunk/edk2/MdeModulePkg/Universal/Network/SnpDxe/ComponentName.c
trunk/edk2/NetworkPkg/Ip6Dxe/ComponentName.c
Modified: trunk/edk2/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c
===
--- trunk/edk2/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c 2012-12-22
00:47:17 UTC (rev 14016)
+++ trunk/edk2/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c 2012-12-24
02:52:27 UTC (rev 14017)
@@ -1154,6 +1154,7 @@
**/
BOOLEAN
+EFIAPI
NetIsInHandleBuffer (
IN EFI_HANDLE Handle,
IN UINTN NumberOfChildren,
Modified: trunk/edk2/MdeModulePkg/Universal/Network/MnpDxe/ComponentName.c
===
--- trunk/edk2/MdeModulePkg/Universal/Network/MnpDxe/ComponentName.c
2012-12-22 00:47:17 UTC (rev 14016)
+++ trunk/edk2/MdeModulePkg/Universal/Network/MnpDxe/ComponentName.c
2012-12-24 02:52:27 UTC (rev 14017)
@@ -148,7 +148,7 @@
for (Index = 0; Index < SnpModeData.HwAddressSize; Index++) {
OffSet += UnicodeSPrint (
HandleName + OffSet,
- sizeof (HandleName) - OffSet,
+ sizeof (HandleName) - OffSet * sizeof (CHAR16),
L"%02X-",
SnpModeData.CurrentAddress.Addr[Index]
);
@@ -162,7 +162,7 @@
//
OffSet += UnicodeSPrint (
HandleName + OffSet,
-sizeof (HandleName) - OffSet,
+sizeof (HandleName) - OffSet * sizeof (CHAR16),
L", ProtocolType=0x%X, VlanId=%d)",
MnpConfigData.ProtocolTypeFilter,
Instance->MnpServiceData->VlanId
Modified: trunk/edk2/MdeModulePkg/Universal/Network/SnpDxe/ComponentName.c
===
--- trunk/edk2/MdeModulePkg/Universal/Network/SnpDxe/ComponentName.c
2012-12-22 00:47:17 UTC (rev 14016)
+++ trunk/edk2/MdeModulePkg/Universal/Network/SnpDxe/ComponentName.c
2012-12-24 02:52:27 UTC (rev 14017)
@@ -266,7 +266,7 @@
for (Index = 0; Index < Snp->Mode->HwAddressSize; Index++) {
OffSet += UnicodeSPrint (
HandleName + OffSet,
-sizeof (HandleName) - OffSet,
+sizeof (HandleName) - OffSet * sizeof (CHAR16),
L"%02X-",
Snp->Mode->CurrentAddress.Addr[Index]
);
@@ -276,8 +276,8 @@
//
OffSet--;
OffSet += UnicodeSPrint (
- HandleName,
- sizeof (HandleName),
+ HandleName + OffSet,
+ sizeof (HandleName) - OffSet * sizeof (CHAR16),
L")"
);
if (gSimpleNetworkControllerNameTable != NULL) {
Modified: trunk/edk2/NetworkPkg/Ip6Dxe/ComponentName.c
===
--- trunk/edk2/NetworkPkg/Ip6Dxe/ComponentName.c2012-12-22 00:47:17 UTC
(rev 14016)
+++ trunk/edk2/NetworkPkg/Ip6Dxe/ComponentName.c2012-12-24 02:52:27 UTC
(rev 14017)
@@ -280,7 +280,7 @@
}
UnicodeSPrint (
HandleName + Offset,
- sizeof(HandleName) - Offset,
+ sizeof(HandleName) - Offset * sizeof (CHAR16),
L"DestinationAddress=%s)",
Address
);
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
--
LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial
Remotely access PCs and mobile devices and provide instant support
Improve your efficiency, and focus on delivering more value-add services
Discover what IT Professionals Know. Rescue delivers
http://p.sf.net/sfu/logmein_12329d2d
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[14026] trunk/edk2/CryptoPkg/Library
Revision: 14026
http://edk2.svn.sourceforge.net/edk2/?rev=14026&view=rev
Author: sfu5
Date: 2012-12-28 01:20:57 + (Fri, 28 Dec 2012)
Log Message:
---
1. Enable the whole X509v3 extension checking.
2. Replace d2i_X509_bio with d2i_X509.
Signed-off-by: Fu Siyuan
Reviewed-by: Ling Qin
Reviewed-by: Ouyang Qian
Modified Paths:
--
trunk/edk2/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
trunk/edk2/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
trunk/edk2/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8w.patch
Modified: trunk/edk2/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
===
--- trunk/edk2/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
2012-12-27 02:13:15 UTC (rev 14025)
+++ trunk/edk2/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
2012-12-28 01:20:57 UTC (rev 14026)
@@ -25,6 +25,7 @@
#include
#include
+#include
#include
UINT8 mOidValue[9] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x02 };
@@ -543,7 +544,6 @@
)
{
PKCS7 *Pkcs7;
- BIO *CertBio;
BIO *DataBio;
BOOLEAN Status;
X509*Cert;
@@ -562,7 +562,6 @@
}
Pkcs7 = NULL;
- CertBio = NULL;
DataBio = NULL;
Cert = NULL;
CertStore = NULL;
@@ -614,12 +613,7 @@
//
// Read DER-encoded root certificate and Construct X509 Certificate
//
- CertBio = BIO_new (BIO_s_mem ());
- BIO_write (CertBio, TrustedCert, (int)CertLength);
- if (CertBio == NULL) {
-goto _Exit;
- }
- Cert = d2i_X509_bio (CertBio, NULL);
+ Cert = d2i_X509 (NULL, &TrustedCert, (long) CertLength);
if (Cert == NULL) {
goto _Exit;
}
@@ -649,6 +643,13 @@
BIO_write (DataBio, InData, (int)DataLength);
//
+ // OpenSSL PKCS7 Verification by default checks for SMIME (email signing) and
+ // doesn't support the extended key usage for Authenticode Code Signing.
+ // Bypass the certificate purpose checking by enabling any purposes setting.
+ //
+ X509_STORE_set_purpose (CertStore, X509_PURPOSE_ANY);
+
+ //
// Verifies the PKCS#7 signedData structure
//
Status = (BOOLEAN) PKCS7_verify (Pkcs7, NULL, CertStore, DataBio, NULL,
PKCS7_BINARY);
@@ -658,7 +659,6 @@
// Release Resources
//
BIO_free (DataBio);
- BIO_free (CertBio);
X509_free (Cert);
X509_STORE_free (CertStore);
PKCS7_free (Pkcs7);
Modified: trunk/edk2/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
===
--- trunk/edk2/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c2012-12-27
02:13:15 UTC (rev 14025)
+++ trunk/edk2/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c2012-12-28
01:20:57 UTC (rev 14026)
@@ -38,9 +38,7 @@
OUT UINT8**SingleX509Cert
)
{
- BIO *CertBio;
X509 *X509Cert;
- BOOLEAN Status;
//
// Check input parameters.
@@ -49,31 +47,17 @@
return FALSE;
}
- Status = FALSE;
-
//
// Read DER-encoded X509 Certificate and Construct X509 object.
//
- CertBio = BIO_new (BIO_s_mem ());
- BIO_write (CertBio, Cert, (int) CertSize);
- if (CertBio == NULL) {
-goto _Exit;
- }
- X509Cert = d2i_X509_bio (CertBio, NULL);
+ X509Cert = d2i_X509 (NULL, &Cert, (long) CertSize);
if (X509Cert == NULL) {
-goto _Exit;
+return FALSE;
}
*SingleX509Cert = (UINT8 *) X509Cert;
- Status = TRUE;
-_Exit:
- //
- // Release Resources.
- //
- BIO_free (CertBio);
-
- return Status;
+ return TRUE;
}
/**
Modified: trunk/edk2/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8w.patch
===
--- trunk/edk2/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8w.patch
2012-12-27 02:13:15 UTC (rev 14025)
+++ trunk/edk2/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8w.patch
2012-12-28 01:20:57 UTC (rev 14026)
@@ -260,21 +260,8 @@
===
--- crypto/x509/x509_vfy.c (revision 1)
+++ crypto/x509/x509_vfy.c (working copy)
-@@ -386,7 +386,11 @@
+@@ -899,6 +899,10 @@
- static int check_chain_extensions(X509_STORE_CTX *ctx)
- {
--#ifdef OPENSSL_NO_CHAIN_VERIFY
-+#if defined(OPENSSL_NO_CHAIN_VERIFY) || defined(OPENSSL_SYS_UEFI)
-+ /*
-+NOTE: Bypass KU Flags Checking for UEFI version. There are incorrect KU
flag setting
-+ in Authenticode Signing Certificates.
-+ */
- return 1;
- #else
- int i, ok=0, must_be_ca, plen = 0;
-@@ -899,6 +903,10 @@
-
static int check_cert_time(X509_STORE_CTX *ctx, X509 *x)
{
+#if defined(OPENSSL_SYS_UEFI)
@@ -284,7 +271,7 @@
time_t *ptime;
int i;
-@@ -942,6 +950,7 @@
+@@ -942,6 +946,7 @@
}
return 1;
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open S
SF.net SVN: edk2:[14039] trunk/edk2/NetworkPkg/Dhcp6Dxe
Revision: 14039
http://edk2.svn.sourceforge.net/edk2/?rev=14039&view=rev
Author: sfu5
Date: 2013-01-08 08:28:11 + (Tue, 08 Jan 2013)
Log Message:
---
Fix several RFC compliance issues in DHCP6 driver as below.
1. Client must ignore any Advertise message that includes a Status Code option
containing the value NoAddrsAvail.
2. The elapsed-time should start from the current DHCP transaction.
3. Client should not change any information about addresses the client has
recorded in the IA but not included in the IA from the server.
4. Client need to update to handle the error status code
UnspecFail/UseMulticast/NotOnLink/NoBinding in the Reply message from server.
5. When the client receives a Reply message in response to a Renew/ Rebind
message, the client examines each IA independently. For each IA in the original
Renew/ Rebind message, the client sends a Renew/ Rebind if the IA is not in the
Reply message.
6. Client should uses network byte order in IANA T1/T2 option
7. Client should discard any addresses for which the preferred lifetime is
greater than the valid lifetime.
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Ouyang Qian
Modified Paths:
--
trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Impl.c
trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Impl.h
trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.c
trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Utility.h
Modified: trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Impl.c
===
--- trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Impl.c 2013-01-08 02:07:14 UTC (rev
14038)
+++ trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Impl.c 2013-01-08 08:28:11 UTC (rev
14039)
@@ -104,12 +104,6 @@
Instance->UdpSts = EFI_ALREADY_STARTED;
//
- // Need to clear initial time to make sure that elapsed-time
- // is set to 0 for first Solicit.
- //
- Instance->StartTime = 0;
-
- //
// Send the solicit message to start S.A.R.R process.
//
Status = Dhcp6SendSolicitMsg (Instance);
Modified: trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Impl.h
===
--- trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Impl.h 2013-01-08 02:07:14 UTC (rev
14038)
+++ trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Impl.h 2013-01-08 08:28:11 UTC (rev
14039)
@@ -249,6 +249,10 @@
volatile EFI_STATUS UdpSts;
BOOLEAN InDestroy;
BOOLEAN MediaPresent;
+ //
+ // StartTime is used to calculate the 'elapsed-time' option. Refer to
RFC3315,
+ // the elapsed-time is amount of time since the client began its current
DHCP transaction.
+ //
UINT64StartTime;
};
Modified: trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
===
--- trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c2013-01-08 02:07:14 UTC (rev
14038)
+++ trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c2013-01-08 08:28:11 UTC (rev
14039)
@@ -593,6 +593,14 @@
if (Instance->Config->IaDescriptor.Type == Dhcp6OptIana) {
T1 = NTOHL (ReadUnaligned32 ((UINT32 *) (Option + 8)));
T2 = NTOHL (ReadUnaligned32 ((UINT32 *) (Option + 12)));
+//
+// Refer to RFC3155 Chapter 22.4. If a client receives an IA_NA with T1
greater than T2,
+// and both T1 and T2 are greater than 0, the client discards the IA_NA
option and processes
+// the remainder of the message as though the server had not included the
invalid IA_NA option.
+//
+if (T1 > T2 && T2 > 0) {
+ return EFI_DEVICE_ERROR;
+}
IaInnerOpt = Option + 16;
IaInnerLen = (UINT16) (NTOHS (ReadUnaligned16 ((UINT16 *) (Option + 2))) -
12);
} else {
@@ -697,7 +705,7 @@
&Instance->Config->IaDescriptor
);
if (*Option == NULL) {
-return EFI_DEVICE_ERROR;
+return EFI_SUCCESS;
}
//
@@ -949,7 +957,8 @@
Cursor,
Instance->IaCb.Ia,
Instance->IaCb.T1,
- Instance->IaCb.T2
+ Instance->IaCb.T2,
+ Packet->Dhcp6.Header.MessageType
);
//
@@ -987,6 +996,10 @@
// Dhcp6selecting.
//
Instance->IaCb.Ia->State = Dhcp6Selecting;
+ //
+ // Clear initial time for current transaction.
+ //
+ Instance->StartTime = 0;
Status = Dhcp6TransmitPacket (Instance, Packet, Elapsed);
@@ -1133,7 +1146,8 @@
Cursor,
Instance->IaCb.Ia,
Instance->IaCb.T1,
- Instance->IaCb.T2
+ Instance->IaCb.T2,
+ Packet->Dhcp6.Header.MessageType
);
//
@@ -1171,6 +1185,10 @@
// Dhcp6requesting.
//
Instance->IaCb.Ia->State = Dhcp6Requesting;
+ //
+ // Clear initial time for current transaction.
+ //
+ Instance->StartTime = 0;
Status = Dhc
SF.net SVN: edk2:[14041] trunk/edk2/SecurityPkg/VariableAuthenticated/ RuntimeDxe
Revision: 14041
http://edk2.svn.sourceforge.net/edk2/?rev=14041&view=rev
Author: sfu5
Date: 2013-01-09 05:09:39 + (Wed, 09 Jan 2013)
Log Message:
---
Fix a bug that the invalid public key will never be removed from public key
database.
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Dong Guo
Modified Paths:
--
trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.h
Modified: trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
===
--- trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
2013-01-08 08:30:51 UTC (rev 14040)
+++ trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
2013-01-09 05:09:39 UTC (rev 14041)
@@ -15,7 +15,7 @@
They will do basic validation for authentication data structure, then call
crypto library
to verify the signature.
-Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.
+Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -437,6 +437,8 @@
UINT32 Index;
VARIABLE_POINTER_TRACK Variable;
UINT8 *Ptr;
+ UINT8 *Data;
+ UINTN DataSize;
if (PubKey == NULL) {
return 0;
@@ -468,9 +470,45 @@
//
if (mPubKeyNumber == MAX_KEY_NUM) {
//
- // Notes: Database is full, need enhancement here, currently just return
0.
+ // Public key dadatase is full, try to reclaim invalid key.
//
- return 0;
+ if (AtRuntime ()) {
+//
+// NV storage can't reclaim at runtime.
+//
+return 0;
+ }
+
+ Status = Reclaim (
+ mVariableModuleGlobal->VariableGlobal.NonVolatileVariableBase,
+ &mVariableModuleGlobal->NonVolatileLastVariableOffset,
+ FALSE,
+ NULL,
+ TRUE,
+ TRUE
+ );
+ if (EFI_ERROR (Status)) {
+return 0;
+ }
+
+ Status = FindVariable (
+ AUTHVAR_KEYDB_NAME,
+ &gEfiAuthenticatedVariableGuid,
+ &Variable,
+ &mVariableModuleGlobal->VariableGlobal,
+ FALSE
+ );
+ ASSERT_EFI_ERROR (Status);
+
+ DataSize = DataSizeOfVariable (Variable.CurrPtr);
+ Data = GetVariableDataPtr (Variable.CurrPtr);
+ ASSERT ((DataSize != 0) && (Data != NULL));
+ CopyMem (mPubKeyStore, (UINT8 *) Data, DataSize);
+ mPubKeyNumber = (UINT32) (DataSize / EFI_CERT_TYPE_RSA2048_SIZE);
+
+ if (mPubKeyNumber == MAX_KEY_NUM) {
+return 0;
+ }
}
CopyMem (mPubKeyStore + mPubKeyNumber * EFI_CERT_TYPE_RSA2048_SIZE,
PubKey, EFI_CERT_TYPE_RSA2048_SIZE);
Modified: trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
===
--- trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
2013-01-08 08:30:51 UTC (rev 14040)
+++ trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
2013-01-09 05:09:39 UTC (rev 14041)
@@ -16,7 +16,7 @@
VariableServiceSetVariable() should also check authenticate data to avoid
buffer overflow,
integer overflow. It should also check attribute to avoid authentication
bypass.
-Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.
+Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -511,21 +511,157 @@
return (VARIABLE_HEADER *) HEADER_ALIGN ((UINTN) VarStoreHeader +
VarStoreHeader->Size);
}
+/**
+ Check the PubKeyIndex is a valid key or not.
+
+ This function will iterate the NV storage to see if this PubKeyIndex is
still referenced
+ by any valid count-based auth variabe.
+
+ @param[in] PubKeyIndex Index of the public key in public key store.
+
+ @retval TRUEThe PubKeyIndex is still in use.
+ @retval FALSE The PubKeyIndex is not referenced by any
count-based auth variabe.
+
+**/
+BOOLEAN
+IsValidPubKeyIndex (
+ IN UINT32 PubKeyIndex
+ )
+{
+ VARIABLE_HEADER *Variable;
+
+ if (PubKeyIndex > mPubKeyNumber) {
+return FALSE;
+ }
+
+ Variable = GetStartPointer (mNvVariableCache
SF.net SVN: edk2:[14042] trunk/edk2/SecurityPkg/VariableAuthenticated
Revision: 14042
http://edk2.svn.sourceforge.net/edk2/?rev=14042&view=rev
Author: sfu5
Date: 2013-01-09 05:19:43 + (Wed, 09 Jan 2013)
Log Message:
---
1. Set the secure boot state to Standard Mode when user leaving secure boot
setup page.
2. Add ?\226?\128?\156Current SecureBoot State?\226?\128?\157 field to reflect
current secure boot status of the platform.
Signed-off-by: Fu Siyuan
Reviewed-by: Dong Guo
Reviewed-by: Yao Jiewen
Modified Paths:
--
trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigNvData.h
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigStrings.uni
Modified: trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
===
--- trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
2013-01-09 05:09:39 UTC (rev 14041)
+++ trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
2013-01-09 05:19:43 UTC (rev 14042)
@@ -356,30 +356,23 @@
DEBUG ((EFI_D_INFO, "Variable %s is %x\n", EFI_SECURE_BOOT_ENABLE_NAME,
SecureBootEnable));
//
- // Check "CustomMode" variable's existence.
+ // Initialize "CustomMode" in STANDARD_SECURE_BOOT_MODE state.
//
FindVariable (EFI_CUSTOM_MODE_NAME, &gEfiCustomModeEnableGuid, &Variable,
&mVariableModuleGlobal->VariableGlobal, FALSE);
- if (Variable.CurrPtr != NULL) {
-CustomMode = *(GetVariableDataPtr (Variable.CurrPtr));
- } else {
-//
-// "CustomMode" not exist, initialize it in STANDARD_SECURE_BOOT_MODE.
-//
-CustomMode = STANDARD_SECURE_BOOT_MODE;
-Status = UpdateVariable (
- EFI_CUSTOM_MODE_NAME,
- &gEfiCustomModeEnableGuid,
- &CustomMode,
- sizeof (UINT8),
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,
- 0,
- 0,
- &Variable,
- NULL
- );
-if (EFI_ERROR (Status)) {
- return Status;
-}
+ CustomMode = STANDARD_SECURE_BOOT_MODE;
+ Status = UpdateVariable (
+ EFI_CUSTOM_MODE_NAME,
+ &gEfiCustomModeEnableGuid,
+ &CustomMode,
+ sizeof (UINT8),
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,
+ 0,
+ 0,
+ &Variable,
+ NULL
+ );
+ if (EFI_ERROR (Status)) {
+return Status;
}
DEBUG ((EFI_D_INFO, "Variable %s is %x\n", EFI_CUSTOM_MODE_NAME,
CustomMode));
Modified:
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
===
---
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
2013-01-09 05:09:39 UTC (rev 14041)
+++
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
2013-01-09 05:19:43 UTC (rev 14042)
@@ -1,7 +1,7 @@
/** @file
VFR file used by the SecureBoot configuration component.
-Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.
+Copyright (c) 2011 - 2013, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -32,7 +32,12 @@
title = STRING_TOKEN(STR_SECUREBOOT_TITLE);
subtitle text = STRING_TOKEN(STR_NULL);
-
+
+text
+ help = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP),
+ text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),
+text = STRING_TOKEN(STR_SECURE_BOOT_STATE_CONTENT);
+
//
// Define of Check Box: Attempt Secure Boot
//
@@ -47,7 +52,7 @@
// Display of Check Box: Attempt Secure Boot
//
grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;
-checkbox varid = SECUREBOOT_CONFIGURATION.SecureBootState,
+checkbox varid = SECUREBOOT_CONFIGURATION.AttemptSecureBoot,
questionid = KEY_SECURE_BOOT_ENABLE,
prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT),
help = STRING_TOKEN(STR_SECURE_BOOT_HELP),
Modified:
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
===
---
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
2013-01-09 05:09:39 UTC (rev 14041)
+++
trunk/edk2/
SF.net SVN: edk2:[14082] trunk/edk2/SecurityPkg/VariableAuthenticated/ SecureBootConfigDxe/SecureBootConfigImpl.c
Revision: 14082 http://edk2.svn.sourceforge.net/edk2/?rev=14082&view=rev Author: sfu5 Date: 2013-01-25 02:01:47 + (Fri, 25 Jan 2013) Log Message: --- Fix infinite loop bug in secure boot UI driver. Signed-off-by: Fu Siyuan Reviewed-by: Ye Ting Reviewed-by: Dong Guo Modified Paths: -- trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c Modified: trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c === --- trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c 2013-01-25 02:00:22 UTC (rev 14081) +++ trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c 2013-01-25 02:01:47 UTC (rev 14082) @@ -1707,6 +1707,8 @@ // // The signature type is not supported in current implementation. // + ItemDataSize -= CertList->SignatureListSize; + CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize); continue; } This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. -- Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS, MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft MVPs and experts. ON SALE this month only -- learn more at: http://p.sf.net/sfu/learnnow-d2d ___ edk2-commits mailing list edk2-commits@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[14086] trunk/edk2/SecurityPkg/VariableAuthenticated/ RuntimeDxe/Variable.c
Revision: 14086 http://edk2.svn.sourceforge.net/edk2/?rev=14086&view=rev Author: sfu5 Date: 2013-01-25 07:12:25 + (Fri, 25 Jan 2013) Log Message: --- Check for NULL pointer before dereference it. Signed-off-by: Fu Siyuan Reviewed-by: Ye Ting Reviewed-by: Dong Guo Modified Paths: -- trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c Modified: trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c === --- trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c 2013-01-25 06:17:43 UTC (rev 14085) +++ trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c 2013-01-25 07:12:25 UTC (rev 14086) @@ -808,6 +808,7 @@ // // Reinstall the new public key database. // +ASSERT (PubKeyHeader != NULL); CopyMem (CurrPtr, (UINT8*) PubKeyHeader, sizeof (VARIABLE_HEADER)); Variable = (VARIABLE_HEADER*) CurrPtr; Variable->DataSize = NewPubKeySize; This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. -- Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS, MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft MVPs and experts. ON SALE this month only -- learn more at: http://p.sf.net/sfu/learnnow-d2d ___ edk2-commits mailing list edk2-commits@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[14087] trunk/edk2/SecurityPkg/VariableAuthenticated/ RuntimeDxe/Variable.c
Revision: 14087
http://edk2.svn.sourceforge.net/edk2/?rev=14087&view=rev
Author: sfu5
Date: 2013-01-25 07:14:43 + (Fri, 25 Jan 2013)
Log Message:
---
Check the input VaraibleName for db/dbx when appending variables with formatted
as EFI_SIGNATURE_LIST.
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Dong Guo
Modified Paths:
--
trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
Modified: trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
===
--- trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
2013-01-25 07:12:25 UTC (rev 14086)
+++ trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
2013-01-25 07:14:43 UTC (rev 14087)
@@ -1820,11 +1820,11 @@
DataOffset = sizeof (VARIABLE_HEADER) + Variable->CurrPtr->NameSize +
GET_PAD_SIZE (Variable->CurrPtr->NameSize);
CopyMem (mStorageArea, (UINT8*)((UINTN) Variable->CurrPtr +
DataOffset), Variable->CurrPtr->DataSize);
-if (CompareGuid (VendorGuid, &gEfiImageSecurityDatabaseGuid) ||
- (CompareGuid (VendorGuid, &gEfiGlobalVariableGuid) && (StrCmp
(VariableName, EFI_KEY_EXCHANGE_KEY_NAME) == 0))) {
+if ((CompareGuid (VendorGuid, &gEfiImageSecurityDatabaseGuid) &&
+((StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE) == 0) ||
(StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE1) == 0))) ||
+(CompareGuid (VendorGuid, &gEfiGlobalVariableGuid) && (StrCmp
(VariableName, EFI_KEY_EXCHANGE_KEY_NAME) == 0))) {
//
- // For variables with the GUID EFI_IMAGE_SECURITY_DATABASE_GUID
(i.e. where the data
- // buffer is formatted as EFI_SIGNATURE_LIST), the driver shall not
perform an append of
+ // For variables with formatted as EFI_SIGNATURE_LIST, the driver
shall not perform an append of
// EFI_SIGNATURE_DATA values that are already part of the existing
variable value.
//
BufSize = AppendSignatureList (mStorageArea,
Variable->CurrPtr->DataSize, Data, DataSize);
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
--
Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS,
MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current
with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft
MVPs and experts. ON SALE this month only -- learn more at:
http://p.sf.net/sfu/learnnow-d2d
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[14115] trunk/edk2/MdeModulePkg/Universal/Network/SnpDxe/ Snp.c
Revision: 14115
http://edk2.svn.sourceforge.net/edk2/?rev=14115&view=rev
Author: sfu5
Date: 2013-02-01 01:10:47 + (Fri, 01 Feb 2013)
Log Message:
---
Fix a bug in snp driver binding Start() that it may return incorrect status
code.
Signed-off-by: Ari Zigler
Reviewed-by: Ye Ting
Reviewed-by: Fu Siyuan
Modified Paths:
--
trunk/edk2/MdeModulePkg/Universal/Network/SnpDxe/Snp.c
Modified: trunk/edk2/MdeModulePkg/Universal/Network/SnpDxe/Snp.c
===
--- trunk/edk2/MdeModulePkg/Universal/Network/SnpDxe/Snp.c 2013-01-30
05:19:46 UTC (rev 14114)
+++ trunk/edk2/MdeModulePkg/Universal/Network/SnpDxe/Snp.c 2013-02-01
01:10:47 UTC (rev 14115)
@@ -1,7 +1,7 @@
/** @file
Implementation of driver entry point and driver binding protocol.
-Copyright (c) 2004 - 2012, Intel Corporation. All rights reserved.
+Copyright (c) 2004 - 2013, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed
and made available under the terms and conditions of the BSD License which
accompanies this distribution. The full text of the license may be found at
@@ -258,7 +258,7 @@
device to start.
@retval EFI_SUCCESS This driver is added to ControllerHandle
- @retval EFI_ALREADY_STARTED This driver is already running on
ControllerHandle
+ @retval EFI_DEVICE_ERROR This driver could not be started due to a
device error
@retval otherThis driver does not support this device
**/
@@ -698,11 +698,11 @@
return Status;
}
- Status = mPciIo->FreeBuffer (
-mPciIo,
-SNP_MEM_PAGES (4096),
-Snp->Cpb
-);
+ mPciIo->FreeBuffer (
+mPciIo,
+SNP_MEM_PAGES (4096),
+Snp->Cpb
+);
Error_DeleteSNP:
@@ -726,6 +726,13 @@
Controller
);
+ //
+ // If we got here that means we are in error state.
+ //
+ if (!EFI_ERROR (Status)) {
+Status = EFI_DEVICE_ERROR;
+ }
+
return Status;
}
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
--
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_jan
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[14116] trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcBoot.c
Revision: 14116 http://edk2.svn.sourceforge.net/edk2/?rev=14116&view=rev Author: sfu5 Date: 2013-02-01 04:47:37 + (Fri, 01 Feb 2013) Log Message: --- Fix corrupt PXE boot menu display issue. Signed-off-by: El-Haj-Mahmoud, Samer Reviewed-by: Ye Ting Reviewed-by: Fu Siyuan Modified Paths: -- trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcBoot.c Modified: trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcBoot.c === --- trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcBoot.c 2013-02-01 01:10:47 UTC (rev 14115) +++ trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcBoot.c 2013-02-01 04:47:37 UTC (rev 14116) @@ -1,7 +1,7 @@ /** @file Boot functions implementation for UefiPxeBc Driver. - Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved. + Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License @@ -278,7 +278,7 @@ PXEBC_BOOT_MENU_ENTRY *MenuArray[PXEBC_MENU_MAX_NUM]; Finish= FALSE; - Select= 1; + Select= 0; Index = 0; *Type = 0; Mode = Private->PxeBc.Mode; This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. -- Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_jan ___ edk2-commits mailing list edk2-commits@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[14117] trunk/edk2/MdeModulePkg/Universal/Network/ UefiPxeBcDxe/PxeBcImpl.c
Revision: 14117
http://edk2.svn.sourceforge.net/edk2/?rev=14117&view=rev
Author: sfu5
Date: 2013-02-01 04:50:28 + (Fri, 01 Feb 2013)
Log Message:
---
Removes a useless condition in PxeBcImpl.c.
Signed-off-by: Olivier Martin
Reviewed-by: Ye Ting
Reviewed-by: Fu Siyuan
Modified Paths:
--
trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcImpl.c
Modified: trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcImpl.c
===
--- trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcImpl.c
2013-02-01 04:47:37 UTC (rev 14116)
+++ trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcImpl.c
2013-02-01 04:50:28 UTC (rev 14117)
@@ -1,7 +1,7 @@
/** @file
Interface routines for PxeBc.
-Copyright (c) 2007 - 2011, Intel Corporation. All rights reserved.
+Copyright (c) 2007 - 2013, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -652,9 +652,6 @@
// finished, set the various Mode members.
//
Status = PxeBcCheckSelectedOffer (Private);
- if (!EFI_ERROR (Status)) {
-goto ON_EXIT;
- }
ON_EXIT:
if (EFI_ERROR (Status)) {
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
--
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_jan
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[14137] trunk/edk2/NetworkPkg/UefiPxeBcDxe
Revision: 14137
http://edk2.svn.sourceforge.net/edk2/?rev=14137&view=rev
Author: sfu5
Date: 2013-02-20 08:20:14 + (Wed, 20 Feb 2013)
Log Message:
---
Remove the useless goto statements in PXE driver.
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Ouyang Qian
Modified Paths:
--
trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c
trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcSupport.c
Modified: trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c
===
--- trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c 2013-02-20 03:38:10 UTC
(rev 14136)
+++ trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c 2013-02-20 08:20:14 UTC
(rev 14137)
@@ -1,7 +1,7 @@
/** @file
This implementation of EFI_PXE_BASE_CODE_PROTOCOL and EFI_LOAD_FILE_PROTOCOL.
- Copyright (c) 2007 - 2012, Intel Corporation. All rights reserved.
+ Copyright (c) 2007 - 2013, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
@@ -428,10 +428,6 @@
// Start S.A.R.R. process to get a IPv6 address and other boot information.
//
Status = PxeBcDhcp6Sarr (Private, Private->Dhcp6);
-
-if (EFI_ERROR (Status)) {
- goto ON_EXIT;
-}
} else {
//
@@ -443,13 +439,11 @@
// Start D.O.R.A. process to get a IPv4 address and other boot information.
//
Status = PxeBcDhcp4Dora (Private, Private->Dhcp4);
-
-if (EFI_ERROR (Status)) {
- goto ON_EXIT;
-}
}
-
-ON_EXIT:
+
+ //
+ // Reconfigure the UDP instance with the default configuration.
+ //
if (Mode->UsingIpv6) {
Private->Udp6Read->Configure (Private->Udp6Read, &Private->Udp6CfgData);
} else {
@@ -690,9 +684,7 @@
}
}
- if (EFI_ERROR (Status)) {
-goto ON_EXIT;
- } else {
+ if (!EFI_ERROR (Status)) {
//
// Parse the cached PXE reply packet, and store it into mode data if valid.
//
@@ -964,11 +956,9 @@
Mode->IcmpErrorReceived = TRUE;
}
- if (EFI_ERROR (Status)) {
-goto ON_EXIT;
- }
-
-ON_EXIT:
+ //
+ // Reconfigure the UDP instance with the default configuration.
+ //
if (Mode->UsingIpv6) {
Private->Udp6Read->Configure (Private->Udp6Read, &Private->Udp6CfgData);
} else {
Modified: trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcSupport.c
===
--- trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcSupport.c 2013-02-20 03:38:10 UTC
(rev 14136)
+++ trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcSupport.c 2013-02-20 08:20:14 UTC
(rev 14137)
@@ -1,7 +1,7 @@
/** @file
Support functions implementation for UefiPxeBc Driver.
- Copyright (c) 2007 - 2011, Intel Corporation. All rights reserved.
+ Copyright (c) 2007 - 2013, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
@@ -59,10 +59,6 @@
}
Status = Private->Ip6->Receive (Private->Ip6, &Private->Icmp6Token);
-if (EFI_ERROR (Status)) {
- goto ON_EXIT;
-}
-
} else {
ASSERT (SubnetMask != NULL);
CopyMem (&Private->Udp4CfgData.StationAddress, StationIp, sizeof
(EFI_IPv4_ADDRESS));
@@ -82,10 +78,6 @@
}
Status = Private->Ip4->Receive (Private->Ip4, &Private->IcmpToken);
-if (EFI_ERROR (Status)) {
- goto ON_EXIT;
-}
-
}
ON_EXIT:
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
--
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_feb
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[14139] trunk/edk2/SecurityPkg/VariableAuthenticated/ RuntimeDxe
Revision: 14139
http://edk2.svn.sourceforge.net/edk2/?rev=14139&view=rev
Author: sfu5
Date: 2013-02-21 01:35:22 + (Thu, 21 Feb 2013)
Log Message:
---
Add error handling code to prevent variable store corruption in release build.
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Dong Guo
Modified Paths:
--
trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.h
Modified: trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
===
--- trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
2013-02-20 18:21:14 UTC (rev 14138)
+++ trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
2013-02-21 01:35:22 UTC (rev 14139)
@@ -445,6 +445,10 @@
FALSE
);
ASSERT_EFI_ERROR (Status);
+ if (EFI_ERROR (Status)) {
+return 0;
+ }
+
//
// Check whether the public key entry does exist.
//
@@ -492,6 +496,9 @@
FALSE
);
ASSERT_EFI_ERROR (Status);
+ if (EFI_ERROR (Status)) {
+return 0;
+ }
DataSize = DataSizeOfVariable (Variable.CurrPtr);
Data = GetVariableDataPtr (Variable.CurrPtr);
Modified: trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
===
--- trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
2013-02-20 18:21:14 UTC (rev 14138)
+++ trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
2013-02-21 01:35:22 UTC (rev 14139)
@@ -651,27 +651,28 @@
If ReclaimPubKeyStore is TRUE, reclaim invalid key in public key database
and update the PubKeyIndex
for all the count-based authenticate variable in NV storage.
- @param[in] VariableBaseBase address of variable store.
- @param[out] LastVariableOffset Offset of last variable.
- @param[in] IsVolatile The variable store is volatile or not;
- if it is non-volatile, need FTW.
- @param[in, out] UpdatingPtrTrack Pointer to updating variable pointer
track structure.
- @param[in] ReclaimPubKeyStore Reclaim for public key database or not.
- @param[in] ReclaimAnyway If TRUE, do reclaim anyway.
+ @param[in] VariableBaseBase address of variable store.
+ @param[out] LastVariableOffset Offset of last variable.
+ @param[in] IsVolatile The variable store is volatile or
not;
+ if it is non-volatile, need FTW.
+ @param[in, out] UpdatingPtrTrackPointer to updating variable pointer
track structure.
+ @param[in] ReclaimPubKeyStore Reclaim for public key database or
not.
+ @param[in] ReclaimAnyway If TRUE, do reclaim anyway.
+ @return EFI_SUCCESS Reclaim operation has finished
successfully.
@return EFI_OUT_OF_RESOURCES No enough memory resources.
- @return EFI_SUCCESS Reclaim operation has finished
successfully.
+ @return EFI_DEVICE_ERROR The public key database doesn't exist.
@return Others Unexpect error happened during reclaim
operation.
**/
EFI_STATUS
Reclaim (
- IN EFI_PHYSICAL_ADDRESS VariableBase,
- OUT UINTN *LastVariableOffset,
- IN BOOLEAN IsVolatile,
- IN OUT VARIABLE_POINTER_TRACK *UpdatingPtrTrack,
- IN BOOLEAN ReclaimPubKeyStore,
- IN BOOLEAN ReclaimAnyway
+ IN EFI_PHYSICAL_ADDRESS VariableBase,
+ OUTUINTN*LastVariableOffset,
+ IN BOOLEAN IsVolatile,
+ IN OUT VARIABLE_POINTER_TRACK *UpdatingPtrTrack,
+ IN BOOLEAN ReclaimPubKeyStore,
+ IN BOOLEAN ReclaimAnyway
)
{
VARIABLE_HEADER *Variable;
@@ -809,6 +810,12 @@
// Reinstall the new public key database.
//
ASSERT (PubKeyHeader != NULL);
+if (PubKeyHeader == NULL) {
+ FreePool (ValidBuffer);
+ FreePool (NewPubKeyIndex);
+ FreePool (NewPubKeyStore);
+ return EFI_DEVICE_ERROR;
+}
CopyMem (CurrPtr, (UINT8*) PubKeyHeader, sizeof (VARIABLE_HEADER));
Variable = (VARIABLE_HEADER*) CurrPtr;
Variable->DataSize = NewPubKeySize;
Modified: trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.h
===
--- trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.h
2013-02-20 18:21:14 UTC (rev 14138)
+++ trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.h
2013-02-21 01:35:22 UT
SF.net SVN: edk2:[14141] trunk/edk2/SecurityPkg/Library/ DxeImageVerificationLib
Revision: 14141
http://edk2.svn.sourceforge.net/edk2/?rev=14141&view=rev
Author: sfu5
Date: 2013-02-21 05:00:21 + (Thu, 21 Feb 2013)
Log Message:
---
Update the DxeImageVerificationLib to support for Authenticode-signed UEFI
images with multiple signatures.
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Dong Guo
Modified Paths:
--
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.h
Modified:
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
===
---
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
2013-02-21 03:40:02 UTC (rev 14140)
+++
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
2013-02-21 05:00:21 UTC (rev 14141)
@@ -12,7 +12,7 @@
DxeImageVerificationHandler(), HashPeImageByType(), HashPeImage() function
will accept
untrusted PE/COFF image and validate its data structure within this image
buffer before use.
-Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.
+Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -967,43 +967,6 @@
}
/**
- Verify certificate in WIN_CERT_TYPE_PKCS_SIGNED_DATA format.
-
- @param[in] AuthData Pointer to the Authenticode Signature retrieved
from signed image.
- @param[in] AuthDataSize Size of the Authenticode Signature in bytes.
-
- @retval EFI_SUCCESS Image pass verification.
- @retval EFI_SECURITY_VIOLATION Image fail verification.
-
-**/
-EFI_STATUS
-VerifyCertPkcsSignedData (
- IN UINT8 *AuthData,
- IN UINTN AuthDataSize
- )
-{
- //
- // 1: Find certificate from DBX forbidden database for revoked certificate.
- //
- if (IsPkcsSignedDataVerifiedBySignatureList (AuthData, AuthDataSize,
EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid)) {
-//
-// DBX is forbidden database, if Authenticode verification pass with
-// one of the certificate in DBX, this image should be rejected.
-//
-return EFI_SECURITY_VIOLATION;
- }
-
- //
- // 2: Find certificate from DB database and try to verify authenticode
struct.
- //
- if (IsPkcsSignedDataVerifiedBySignatureList (AuthData, AuthDataSize,
EFI_IMAGE_SECURITY_DATABASE, &gEfiImageSecurityDatabaseGuid)) {
-return EFI_SUCCESS;
- } else {
-return EFI_SECURITY_VIOLATION;
- }
-}
-
-/**
Provide verification service for signed images, which include both signature
validation
and platform policy control. For signature types, both UEFI
WIN_CERTIFICATE_UEFI_GUID and
MSFT Authenticode type signatures are supported.
@@ -1011,25 +974,14 @@
In this implementation, only verify external executables when in USER MODE.
Executables from FV is bypass, so pass in AuthenticationStatus is ignored.
- The image verification process is:
+ The image verification policy is:
If the image is signed,
- If the image's certificate verifies against a certificate (root or
intermediate) in the allowed
- database (DB) and not in the forbidden database (DBX), the certificate
verification is passed.
-If the image's hash digest is in DBX,
- deny execution.
-If not,
- run it.
- If the Image's certificate verification failed.
-If the Image's Hash is in DB and not in DBX,
- run it.
-Otherwise,
- deny execution.
+ At least one valid signature or at least one hash value of the image
must match a record
+ in the security database "db", and no valid signature nor any hash value
of the image may
+ be reflected in the security database "dbx".
Otherwise, the image is not signed,
- Is the Image's Hash in DBX?
-If yes, deny execution.
-If not, is the Image's Hash in DB?
- If yes, run it.
- If not, deny execution.
+ The SHA256 hash value of the image must match a record in the security
database "db", and
+ not be reflected in the security data base "dbx".
Caution: This function may receive untrusted input.
PE/COFF image is external input, so this function will validate its data
structure
@@ -1084,12 +1036,12 @@
UINT8*SecureBoot;
PE_COFF_LOADER_IMAGE_CONTEXT ImageContext;
UINT32 NumberOfRvaAndSizes;
- UINT32 CertSize;
WIN_CERTIFICATE_EFI_PKCS *PkcsCertData;
WIN_CERTIFICATE_UEFI_G
SF.net SVN: edk2:[14165] trunk/edk2/SecurityPkg/Library/ DxeImageVerificationLib/DxeImageVerificationLib.c
Revision: 14165
http://edk2.svn.sourceforge.net/edk2/?rev=14165&view=rev
Author: sfu5
Date: 2013-03-06 01:42:04 + (Wed, 06 Mar 2013)
Log Message:
---
Fix a bug that IsSignatureFoundInDatabase() incorrectly computes CertCount.
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Dong Guo
Modified Paths:
--
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
Modified:
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
===
---
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
2013-03-06 00:01:49 UTC (rev 14164)
+++
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
2013-03-06 01:42:04 UTC (rev 14165)
@@ -837,7 +837,7 @@
//
CertList = (EFI_SIGNATURE_LIST *) Data;
while ((DataSize > 0) && (DataSize >= CertList->SignatureListSize)) {
-CertCount = (CertList->SignatureListSize - CertList->SignatureHeaderSize)
/ CertList->SignatureSize;
+CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) -
CertList->SignatureHeaderSize) / CertList->SignatureSize;
Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList + sizeof
(EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
if ((CertList->SignatureSize == sizeof(EFI_SIGNATURE_DATA) - 1 +
SignatureSize) && (CompareGuid(&CertList->SignatureType, CertType))) {
for (Index = 0; Index < CertCount; Index++) {
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
--
Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester
Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the
endpoint security space. For insight on selecting the right partner to
tackle endpoint security challenges, access the full report.
http://p.sf.net/sfu/symantec-dev2dev
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[14167] trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/ Ip4Output.c
Revision: 14167
http://edk2.svn.sourceforge.net/edk2/?rev=14167&view=rev
Author: sfu5
Date: 2013-03-11 07:44:10 + (Mon, 11 Mar 2013)
Log Message:
---
Fix a bug in IP4 driver that the broadcast/multicast mac address is overrided
by the gateway?\226?\128?\153s mac address.
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Ouyang Qian
Modified Paths:
--
trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Output.c
Modified: trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Output.c
===
--- trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Output.c
2013-03-11 01:22:51 UTC (rev 14166)
+++ trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Output.c
2013-03-11 07:44:10 UTC (rev 14167)
@@ -1,7 +1,7 @@
/** @file
Transmit the IP4 packet.
-Copyright (c) 2005 - 2012, Intel Corporation. All rights reserved.
+Copyright (c) 2005 - 2013, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -286,46 +286,40 @@
if (EFI_ERROR(Status)) {
return Status;
}
+
+ Dest = Head->Dst;
+ if (IP4_IS_BROADCAST (Ip4GetNetCast (Dest, IpIf)) || (Dest ==
IP4_ALLONE_ADDRESS)) {
+//
+// Set the gateway to local broadcast if the Dest is
+// the broadcast address for the connected network or
+// it is local broadcast.
+//
+GateWay = IP4_ALLONE_ADDRESS;
- //
- // Route the packet unless overrided, that is, GateWay isn't zero.
- //
- if (GateWay == IP4_ALLZERO_ADDRESS) {
-Dest = Head->Dst;
+ } else if (IP4_IS_MULTICAST (Dest)) {
+//
+// Set the gateway to the destination if it is an multicast
+// address. The IP4_INTERFACE won't consult ARP to send local
+// broadcast and multicast.
+//
+GateWay = Head->Dst;
-if (IP4_IS_BROADCAST (Ip4GetNetCast (Dest, IpIf)) || (Dest ==
IP4_ALLONE_ADDRESS)) {
- //
- // Set the gateway to local broadcast if the Dest is
- // the broadcast address for the connected network or
- // it is local broadcast.
- //
- GateWay = IP4_ALLONE_ADDRESS;
-
-} else if (IP4_IS_MULTICAST (Dest)) {
- //
- // Set the gateway to the destination if it is an multicast
- // address. The IP4_INTERFACE won't consult ARP to send local
- // broadcast and multicast.
- //
- GateWay = Head->Dst;
-
+ } else if (GateWay == IP4_ALLZERO_ADDRESS) {
+//
+// Route the packet unless overrided, that is, GateWay isn't zero.
+//
+if (IpInstance == NULL) {
+ CacheEntry = Ip4Route (IpSb->DefaultRouteTable, Head->Dst, Head->Src);
} else {
- //
- // Consult the route table to route the packet
- //
- if (IpInstance == NULL) {
-CacheEntry = Ip4Route (IpSb->DefaultRouteTable, Head->Dst, Head->Src);
- } else {
-CacheEntry = Ip4Route (IpInstance->RouteTable, Head->Dst, Head->Src);
- }
+ CacheEntry = Ip4Route (IpInstance->RouteTable, Head->Dst, Head->Src);
+}
- if (CacheEntry == NULL) {
-return EFI_NOT_FOUND;
- }
-
- GateWay = CacheEntry->NextHop;
- Ip4FreeRouteCacheEntry (CacheEntry);
+if (CacheEntry == NULL) {
+ return EFI_NOT_FOUND;
}
+
+GateWay = CacheEntry->NextHop;
+Ip4FreeRouteCacheEntry (CacheEntry);
}
//
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
--
Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester
Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the
endpoint security space. For insight on selecting the right partner to
tackle endpoint security challenges, access the full report.
http://p.sf.net/sfu/symantec-dev2dev
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[14168] trunk/edk2
Revision: 14168
http://edk2.svn.sourceforge.net/edk2/?rev=14168&view=rev
Author: sfu5
Date: 2013-03-11 07:47:42 + (Mon, 11 Mar 2013)
Log Message:
---
Initialize DefaultInfo before using it.
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Ouyang Qian
Modified Paths:
--
trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcImpl.c
trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c
Modified: trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcImpl.c
===
--- trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcImpl.c
2013-03-11 07:44:10 UTC (rev 14167)
+++ trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcImpl.c
2013-03-11 07:47:42 UTC (rev 14168)
@@ -837,6 +837,7 @@
// If info isn't offered,
// use the cached DhcpAck and ProxyOffer packets.
//
+ ZeroMem (&DefaultInfo, sizeof (EFI_PXE_BASE_CODE_DISCOVER_INFO));
if (*Layer != EFI_PXE_BASE_CODE_BOOT_LAYER_INITIAL) {
if (!Mode->PxeDiscoverValid || !Mode->PxeReplyReceived ||
(!Mode->PxeBisReplyReceived && UseBis)) {
Modified: trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c
===
--- trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c 2013-03-11 07:44:10 UTC
(rev 14167)
+++ trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcImpl.c 2013-03-11 07:47:42 UTC
(rev 14168)
@@ -566,6 +566,7 @@
//
// There are 3 methods to get the information for discover.
//
+ ZeroMem (&DefaultInfo, sizeof (EFI_PXE_BASE_CODE_DISCOVER_INFO));
if (*Layer != EFI_PXE_BASE_CODE_BOOT_LAYER_INITIAL) {
//
// 1. Take the previous setting as the discover info.
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
--
Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester
Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the
endpoint security space. For insight on selecting the right partner to
tackle endpoint security challenges, access the full report.
http://p.sf.net/sfu/symantec-dev2dev
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[14169] trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
Revision: 14169
http://edk2.svn.sourceforge.net/edk2/?rev=14169&view=rev
Author: sfu5
Date: 2013-03-11 07:49:41 + (Mon, 11 Mar 2013)
Log Message:
---
Update DHCP6 driver to handle EFI_DHCP6_CALLBACK return status correctly.
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Ouyang Qian
Modified Paths:
--
trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
Modified: trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c
===
--- trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c2013-03-11 07:47:42 UTC (rev
14168)
+++ trunk/edk2/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c2013-03-11 07:49:41 UTC (rev
14169)
@@ -1,7 +1,7 @@
/** @file
Dhcp6 internal functions implementation.
- Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.
+ Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
@@ -2981,7 +2981,9 @@
// Select the advertisement received before.
//
Status = Dhcp6SelectAdvertiseMsg (Instance, Instance->AdSelect);
- if (EFI_ERROR (Status)) {
+ if (Status == EFI_ABORTED) {
+goto ON_CLOSE;
+ } else if (EFI_ERROR (Status)) {
TxCb->RetryCnt++;
}
return;
@@ -2997,6 +2999,7 @@
// Check whether overflow the max retry count limit for this packet
//
if (TxCb->RetryCtl.Mrc != 0 && TxCb->RetryCtl.Mrc < TxCb->RetryCnt) {
+Status = EFI_NO_RESPONSE;
goto ON_CLOSE;
}
@@ -3004,6 +3007,7 @@
// Check whether overflow the max retry duration for this packet
//
if (TxCb->RetryCtl.Mrd != 0 && TxCb->RetryCtl.Mrd <= TxCb->RetryLos) {
+Status = EFI_NO_RESPONSE;
goto ON_CLOSE;
}
@@ -3093,9 +3097,10 @@
ON_CLOSE:
- if (TxCb->TxPacket->Dhcp6.Header.MessageType == Dhcp6MsgInfoRequest ||
+ if (TxCb->TxPacket != NULL &&
+ (TxCb->TxPacket->Dhcp6.Header.MessageType == Dhcp6MsgInfoRequest ||
TxCb->TxPacket->Dhcp6.Header.MessageType == Dhcp6MsgRenew ||
- TxCb->TxPacket->Dhcp6.Header.MessageType == Dhcp6MsgConfirm
+ TxCb->TxPacket->Dhcp6.Header.MessageType == Dhcp6MsgConfirm)
) {
//
// The failure of renew/Confirm will still switch to the bound state.
@@ -3120,6 +3125,6 @@
//
// The failure of the others will terminate current state machine if
timeout.
//
-Dhcp6CleanupSession (Instance, EFI_NO_RESPONSE);
+Dhcp6CleanupSession (Instance, Status);
}
}
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
--
Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester
Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the
endpoint security space. For insight on selecting the right partner to
tackle endpoint security challenges, access the full report.
http://p.sf.net/sfu/symantec-dev2dev
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[14170] trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe
Revision: 14170
http://edk2.svn.sourceforge.net/edk2/?rev=14170&view=rev
Author: sfu5
Date: 2013-03-11 08:04:39 + (Mon, 11 Mar 2013)
Log Message:
---
Fix a bug in IP4 driver which may cause ?\226?\128?\156reconnect
?\226?\128?\147r?\226?\128?\157 hang.
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Ouyang Qian
Modified Paths:
--
trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c
trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.c
Modified: trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c
===
--- trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c2013-03-11
07:49:41 UTC (rev 14169)
+++ trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c2013-03-11
08:04:39 UTC (rev 14170)
@@ -1,7 +1,7 @@
/** @file
Implement IP4 pesudo interface.
-Copyright (c) 2005 - 2012, Intel Corporation. All rights reserved.
+Copyright (c) 2005 - 2013, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -740,24 +740,11 @@
//
Ip4CancelFrames (Interface, EFI_ABORTED, Ip4CancelInstanceFrame, IpInstance);
- if (--Interface->RefCnt > 0) {
-return EFI_SUCCESS;
- }
-
//
- // Destroy the interface if this is the last IP instance that
- // has the address. Remove all the system transmitted packets
- // from this interface, cancel the receive request if there is
- // one, and destroy the ARP requests.
+ // Destroy the ARP instance if this is the last IP instance that
+ // has the address.
//
- Ip4CancelFrames (Interface, EFI_ABORTED, Ip4CancelInstanceFrame, NULL);
- Ip4CancelReceive (Interface);
-
- ASSERT (IsListEmpty (&Interface->IpInstances));
- ASSERT (IsListEmpty (&Interface->ArpQues));
- ASSERT (IsListEmpty (&Interface->SentFrames));
-
- if (Interface->Arp != NULL) {
+ if (Interface->Arp != NULL && IsListEmpty (&Interface->IpInstances)) {
gBS->CloseProtocol (
Interface->ArpHandle,
&gEfiArpProtocolGuid,
@@ -771,8 +758,25 @@
&gEfiArpServiceBindingProtocolGuid,
Interface->ArpHandle
);
+Interface->Arp = NULL;
}
+
+ if (--Interface->RefCnt > 0) {
+return EFI_SUCCESS;
+ }
+ //
+ // Destroy the interface if it is not referenced by any IP instance (for
common Interface)
+ // or the IP service (for the DefaultInterface). Remove all the system
transmitted packets
+ // from this interface, cancel the receive request if there is one.
+ //
+ Ip4CancelFrames (Interface, EFI_ABORTED, Ip4CancelInstanceFrame, NULL);
+ Ip4CancelReceive (Interface);
+
+ ASSERT (IsListEmpty (&Interface->IpInstances));
+ ASSERT (IsListEmpty (&Interface->ArpQues));
+ ASSERT (IsListEmpty (&Interface->SentFrames));
+
RemoveEntryList (&Interface->Link);
FreePool (Interface);
Modified: trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.c
===
--- trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.c 2013-03-11
07:49:41 UTC (rev 14169)
+++ trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.c 2013-03-11
08:04:39 UTC (rev 14170)
@@ -1,6 +1,6 @@
/** @file
-Copyright (c) 2005 - 2012, Intel Corporation. All rights reserved.
+Copyright (c) 2005 - 2013, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -562,6 +562,9 @@
IP4_ADDR SubnetMask;
IP4_ADDR SubnetAddress;
IP4_ADDR GatewayAddress;
+ IP4_PROTOCOL *Ip4Instance;
+ EFI_ARP_PROTOCOL *Arp;
+ LIST_ENTRY*Entry;
IpSb = (IP4_SERVICE *) Context;
NET_CHECK_SIGNATURE (IpSb, IP4_SERVICE_SIGNATURE);
@@ -650,11 +653,33 @@
StationAddress = EFI_NTOHL (Data->StationAddress);
SubnetMask = EFI_NTOHL (Data->SubnetMask);
Status = Ip4SetAddress (IpIf, StationAddress, SubnetMask);
-
if (EFI_ERROR (Status)) {
goto ON_EXIT;
}
+ if (IpIf->Arp != NULL) {
+//
+// A non-NULL IpIf->Arp here means a new ARP child is created when setting
default address,
+// but some IP children may have referenced the default interface before
it is configured,
+// these IP instances also consume this ARP protocol so they need to open
it BY_CHILD_CONTROLLER.
+//
+Arp = NULL;
+NET_LIST_FOR_EACH (Entry, &IpIf->IpInstances) {
+ Ip4Instance = NET_LIST_USER_STRUCT_S (Entry,
SF.net SVN: edk2:[14215] trunk/edk2/NetworkPkg/Ip6Dxe/Ip6ConfigNv.c
Revision: 14215
http://edk2.svn.sourceforge.net/edk2/?rev=14215&view=rev
Author: sfu5
Date: 2013-03-20 08:30:05 + (Wed, 20 Mar 2013)
Log Message:
---
Remove HiiUpdateForm from ExtractConfig fucntion.
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Dong Eric
Modified Paths:
--
trunk/edk2/NetworkPkg/Ip6Dxe/Ip6ConfigNv.c
Modified: trunk/edk2/NetworkPkg/Ip6Dxe/Ip6ConfigNv.c
===
--- trunk/edk2/NetworkPkg/Ip6Dxe/Ip6ConfigNv.c 2013-03-20 07:26:19 UTC (rev
14214)
+++ trunk/edk2/NetworkPkg/Ip6Dxe/Ip6ConfigNv.c 2013-03-20 08:30:05 UTC (rev
14215)
@@ -695,7 +695,6 @@
CHAR16 PortString[ADDRESS_STR_MAX_SIZE];
CHAR16 FormatString[8];
EFI_STRING_ID StringId;
- EFI_STATUS Status;
if ((IfInfo == NULL) || (HiiHandle == NULL) || (IfrNvData == NULL)) {
return EFI_INVALID_PARAMETER;
@@ -780,17 +779,7 @@
return EFI_OUT_OF_RESOURCES;
}
- //
- // Print the route table information.
- //
- Status = Ip6ConvertAddressListToString (
- PortString,
- HiiHandle,
- Ip6ConfigNvRouteTable,
- IfInfo->RouteTable,
- IfInfo->RouteCount
- );
- return Status;
+ return EFI_SUCCESS;
}
/**
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
--
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_mar
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[14216] trunk/edk2/NetworkPkg/Ip6Dxe
Revision: 14216
http://edk2.svn.sourceforge.net/edk2/?rev=14216&view=rev
Author: sfu5
Date: 2013-03-20 08:35:24 + (Wed, 20 Mar 2013)
Log Message:
---
Making the IP6_CONFIG_DATA_RECORD the same size for both IA32 and X64 builds.
Signed-off-by: Kinney, Michael D
Reviewed-by: Ye Ting
Reviewed-by: Fu Siyuan
Modified Paths:
--
trunk/edk2/NetworkPkg/Ip6Dxe/Ip6ConfigImpl.c
trunk/edk2/NetworkPkg/Ip6Dxe/Ip6ConfigImpl.h
Modified: trunk/edk2/NetworkPkg/Ip6Dxe/Ip6ConfigImpl.c
===
--- trunk/edk2/NetworkPkg/Ip6Dxe/Ip6ConfigImpl.c2013-03-20 08:30:05 UTC
(rev 14215)
+++ trunk/edk2/NetworkPkg/Ip6Dxe/Ip6ConfigImpl.c2013-03-20 08:35:24 UTC
(rev 14216)
@@ -1,7 +1,7 @@
/** @file
The implementation of EFI IPv6 Configuration Protocol.
- Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.
+ Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
@@ -473,7 +473,7 @@
DataRecord = &Variable->DataRecord[Variable->DataRecordCount];
DataRecord->DataType = (EFI_IP6_CONFIG_DATA_TYPE) Index;
- DataRecord->DataSize = DataItem->DataSize;
+ DataRecord->DataSize = (UINT32) DataItem->DataSize;
DataRecord->Offset = (UINT16) (Heap - (CHAR8 *) Variable);
Variable->DataRecordCount++;
Modified: trunk/edk2/NetworkPkg/Ip6Dxe/Ip6ConfigImpl.h
===
--- trunk/edk2/NetworkPkg/Ip6Dxe/Ip6ConfigImpl.h2013-03-20 08:30:05 UTC
(rev 14215)
+++ trunk/edk2/NetworkPkg/Ip6Dxe/Ip6ConfigImpl.h2013-03-20 08:35:24 UTC
(rev 14216)
@@ -1,7 +1,7 @@
/** @file
Definitions for EFI IPv6 Configuartion Protocol implementation.
- Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.
+ Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
@@ -129,7 +129,7 @@
typedef struct {
UINT16Offset;
- UINTN DataSize;
+ UINT32DataSize;
EFI_IP6_CONFIG_DATA_TYPE DataType;
} IP6_CONFIG_DATA_RECORD;
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
--
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_mar
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[14257] trunk/edk2/SecurityPkg/VariableAuthenticated/ SecureBootConfigDxe
Revision: 14257
http://edk2.svn.sourceforge.net/edk2/?rev=14257&view=rev
Author: sfu5
Date: 2013-04-12 01:44:54 + (Fri, 12 Apr 2013)
Log Message:
---
Update secure boot UI driver to handle ?\226?\128?\156reset to
default?\226?\128?\157 hot key.
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Yao Jiewen
Modified Paths:
--
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigNvData.h
Modified:
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
===
---
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
2013-04-11 01:39:39 UTC (rev 14256)
+++
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
2013-04-12 01:44:54 UTC (rev 14257)
@@ -43,8 +43,10 @@
//
suppressif TRUE;
checkbox varid = SECUREBOOT_CONFIGURATION.HideSecureBoot,
+ questionid = KEY_HIDE_SECURE_BOOT,
prompt = STRING_TOKEN(STR_NULL),
help = STRING_TOKEN(STR_NULL),
+ flags= INTERACTIVE,
endcheckbox;
endif;
Modified:
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
===
---
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
2013-04-11 01:39:39 UTC (rev 14256)
+++
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
2013-04-12 01:44:54 UTC (rev 14257)
@@ -2378,6 +2378,11 @@
OUT EFI_STRING *Progress
)
{
+ UINT8 *SecureBootEnable;
+ SECUREBOOT_CONFIGURATION IfrNvData;
+ UINTN BufferSize;
+ EFI_STATUS Status;
+
if (Configuration == NULL || Progress == NULL) {
return EFI_INVALID_PARAMETER;
}
@@ -2387,6 +2392,31 @@
return EFI_NOT_FOUND;
}
+ BufferSize = sizeof (SECUREBOOT_CONFIGURATION);
+ Status = gHiiConfigRouting->ConfigToBlock (
+gHiiConfigRouting,
+Configuration,
+(UINT8 *)&IfrNvData,
+&BufferSize,
+Progress
+);
+ if (EFI_ERROR (Status)) {
+return Status;
+ }
+
+ //
+ // Store Buffer Storage back to EFI variable if needed
+ //
+ SecureBootEnable = NULL;
+ GetVariable2 (EFI_SECURE_BOOT_ENABLE_NAME, &gEfiSecureBootEnableDisableGuid,
(VOID**)&SecureBootEnable, NULL);
+ if (NULL != SecureBootEnable) {
+FreePool (SecureBootEnable);
+Status = SaveSecureBootVariable (IfrNvData.AttemptSecureBoot);
+if (EFI_ERROR (Status)) {
+ return Status;
+}
+ }
+
*Progress = Configuration + StrLen (Configuration);
return EFI_SUCCESS;
}
@@ -2445,7 +2475,8 @@
if ((Action != EFI_BROWSER_ACTION_CHANGED) &&
(Action != EFI_BROWSER_ACTION_CHANGING) &&
- (Action != EFI_BROWSER_ACTION_FORM_CLOSE)) {
+ (Action != EFI_BROWSER_ACTION_FORM_CLOSE) &&
+ (Action != EFI_BROWSER_ACTION_DEFAULT_STANDARD)) {
return EFI_UNSUPPORTED;
}
@@ -2733,6 +2764,17 @@
}
break;
}
+ } else if (Action == EFI_BROWSER_ACTION_DEFAULT_STANDARD) {
+if (QuestionId == KEY_HIDE_SECURE_BOOT) {
+ GetVariable2 (EFI_SECURE_BOOT_ENABLE_NAME,
&gEfiSecureBootEnableDisableGuid, (VOID**)&SecureBootEnable, NULL);
+ if (SecureBootEnable == NULL) {
+IfrNvData->HideSecureBoot = TRUE;
+ } else {
+FreePool (SecureBootEnable);
+IfrNvData->HideSecureBoot = FALSE;
+ }
+ Value->b = IfrNvData->HideSecureBoot;
+}
} else if (Action == EFI_BROWSER_ACTION_FORM_CLOSE) {
//
// Force the platform back to Standard Mode once user leave the setup
screen.
Modified:
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigNvData.h
===
---
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigNvData.h
2013-04-11 01:39:39 UTC (rev 14256)
+++
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigNvData.h
2013-04-12 01:44:54 UTC (rev 14257)
@@ -55,6 +55,7 @@
#define KEY_VALUE_NO_SAVE_AND_EXIT_KEK0x1009
#define KEY_VALUE_SAVE_AND_EXIT_DBX 0x100a
#define KEY_VALUE_NO_SAVE_AND_EXIT_DBX0x100b
+#define KEY_HIDE_SECURE_BOOT 0x100c
#define KEY_SECURE_BOOT_OPTION
SF.net SVN: edk2:[14309] trunk/edk2/CryptoPkg/Library/BaseCryptLib/Pk
Revision: 14309
http://edk2.svn.sourceforge.net/edk2/?rev=14309&view=rev
Author: sfu5
Date: 2013-04-23 01:52:17 + (Tue, 23 Apr 2013)
Log Message:
---
The openssl API RSA_public_decrypt() and RSA_private_encrypt() are deprecated,
use RSA_sign(), RSA_verify() instead.
Signed-off-by: Long Qin < qin.l...@intel.com >
Reviewed-by: Ye Ting
Reviewed-by: Dong Guo
Modified Paths:
--
trunk/edk2/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c
trunk/edk2/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c
Modified: trunk/edk2/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c
===
--- trunk/edk2/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c
2013-04-23 01:42:35 UTC (rev 14308)
+++ trunk/edk2/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c
2013-04-23 01:52:17 UTC (rev 14309)
@@ -7,7 +7,7 @@
3) RsaSetKey
4) RsaPkcs1Verify
-Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.
+Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -21,9 +21,8 @@
#include "InternalCryptLib.h"
#include
-#include
+#include
-
/**
Allocates and initializes one RSA context for subsequent use.
@@ -289,8 +288,8 @@
IN UINTNSigSize
)
{
- INTN Length;
- UINT8*DecryptedSigature;
+ INT32DigestType;
+ UINT8*SigBuf;
//
// Check input parameters.
@@ -302,65 +301,35 @@
if (SigSize > INT_MAX || SigSize == 0) {
return FALSE;
}
-
- //
- // Check for unsupported hash size:
- //Only MD5, SHA-1 or SHA-256 digest size is supported
- //
- if (HashSize != MD5_DIGEST_SIZE && HashSize != SHA1_DIGEST_SIZE && HashSize
!= SHA256_DIGEST_SIZE) {
-return FALSE;
- }
//
- // Prepare buffer to store decrypted signature.
+ // Determine the message digest algorithm according to digest size.
+ // Only MD5, SHA-1 or SHA-256 algorithm is supported.
//
- DecryptedSigature = (UINT8 *) malloc (SigSize);
- if (DecryptedSigature == NULL) {
-return FALSE;
- }
+ switch (HashSize) {
+ case MD5_DIGEST_SIZE:
+DigestType = NID_md5;
+break;
+
+ case SHA1_DIGEST_SIZE:
+DigestType = NID_sha1;
+break;
+
+ case SHA256_DIGEST_SIZE:
+DigestType = NID_sha256;
+break;
- //
- // RSA PKCS#1 Signature Decoding using OpenSSL RSA Decryption with Public Key
- //
- Length = RSA_public_decrypt (
- (UINT32) SigSize,
- Signature,
- DecryptedSigature,
- RsaContext,
- RSA_PKCS1_PADDING
- );
-
- //
- // Invalid RSA Key or PKCS#1 Padding Checking Failed (if Length < 0)
- // NOTE: Length should be the addition of HashSize and some DER value.
- // Ignore more strict length checking here.
- //
- if (Length < (INTN) HashSize) {
-free (DecryptedSigature);
+ default:
return FALSE;
}
- //
- // Validate the MessageHash and Decoded Signature
- // NOTE: The decoded Signature should be the DER encoding of the DigestInfo
value
- // DigestInfo ::= SEQUENCE {
- // digestAlgorithm AlgorithmIdentifier
- // digest OCTET STRING
- // }
- // Then Memory Comparing should skip the DER value of the underlying
SEQUENCE
- // type and AlgorithmIdentifier.
- //
- if (CompareMem (MessageHash, DecryptedSigature + Length - HashSize,
HashSize) == 0) {
-//
-// Valid RSA PKCS#1 Signature
-//
-free (DecryptedSigature);
-return TRUE;
- } else {
-//
-// Failed to verification
-//
-free (DecryptedSigature);
-return FALSE;
- }
+ SigBuf = (UINT8 *) Signature;
+ return (BOOLEAN) RSA_verify (
+ DigestType,
+ MessageHash,
+ (UINT32) HashSize,
+ SigBuf,
+ (UINT32) SigSize,
+ (RSA *) RsaContext
+ );
}
Modified: trunk/edk2/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c
===
--- trunk/edk2/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c 2013-04-23
01:42:35 UTC (rev 14308)
+++ trunk/edk2/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c 2013-04-23
01:52:17 UTC (rev 14309)
@@ -7,7 +7,7 @@
3) RsaCheckKey
4) RsaPkcs1Sign
-Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.
+Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -22,
SF.net SVN: edk2:[14310] trunk/edk2
Revision: 14310 http://edk2.svn.sourceforge.net/edk2/?rev=14310&view=rev Author: sfu5 Date: 2013-04-23 05:50:55 + (Tue, 23 Apr 2013) Log Message: --- Remove unused [Guids] section from PXE inf file. Signed-off-by: Fu Siyuan Reviewed-by: Ye Ting Reviewed-by: Ouyang Qian Modified Paths: -- trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/UefiPxeBcDxe.inf trunk/edk2/NetworkPkg/UefiPxeBcDxe/UefiPxeBcDxe.inf Modified: trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/UefiPxeBcDxe.inf === --- trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/UefiPxeBcDxe.inf 2013-04-23 01:52:17 UTC (rev 14309) +++ trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/UefiPxeBcDxe.inf 2013-04-23 05:50:55 UTC (rev 14310) @@ -1,7 +1,7 @@ ## @file # Component name for module UefiPxeBc # -# Copyright (c) 2007 - 2010, Intel Corporation. All rights reserved. +# Copyright (c) 2007 - 2013, Intel Corporation. All rights reserved. # # This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License @@ -66,9 +66,6 @@ DpcLib PcdLib -[Guids] - gEfiSmbiosTableGuid # ALWAYS_CONSUMED - [Protocols] gEfiArpServiceBindingProtocolGuid# PROTOCOL ALWAYS_CONSUMED gEfiArpProtocolGuid # PROTOCOL ALWAYS_CONSUMED Modified: trunk/edk2/NetworkPkg/UefiPxeBcDxe/UefiPxeBcDxe.inf === --- trunk/edk2/NetworkPkg/UefiPxeBcDxe/UefiPxeBcDxe.inf 2013-04-23 01:52:17 UTC (rev 14309) +++ trunk/edk2/NetworkPkg/UefiPxeBcDxe/UefiPxeBcDxe.inf 2013-04-23 05:50:55 UTC (rev 14310) @@ -1,7 +1,7 @@ ## @file # Component name for module PxeBc # -# Copyright (c) 2007 - 2010, Intel Corporation. All rights reserved. +# Copyright (c) 2007 - 2013, Intel Corporation. All rights reserved. # # This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License @@ -63,11 +63,6 @@ DevicePathLib PcdLib - -[Guids] - gEfiSmbiosTableGuid - - [Protocols] gEfiDevicePathProtocolGuid gEfiNetworkInterfaceIdentifierProtocolGuid_31 This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. -- Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_apr ___ edk2-commits mailing list edk2-commits@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[14313] trunk/edk2
Revision: 14313
http://edk2.svn.sourceforge.net/edk2/?rev=14313&view=rev
Author: sfu5
Date: 2013-04-25 01:18:58 + (Thu, 25 Apr 2013)
Log Message:
---
Get ParentDevicePath by using attribute EFI_OPEN_PROTOCOL_GET_PROTOCOL instead
of BY_CHILD.
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Ouyang Qian
Modified Paths:
--
trunk/edk2/MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Driver.c
trunk/edk2/NetworkPkg/TcpDxe/TcpDriver.c
Modified: trunk/edk2/MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Driver.c
===
--- trunk/edk2/MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Driver.c
2013-04-24 09:33:48 UTC (rev 14312)
+++ trunk/edk2/MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Driver.c
2013-04-25 01:18:58 UTC (rev 14313)
@@ -1,7 +1,7 @@
/** @file
Tcp driver function.
-Copyright (c) 2005 - 2012, Intel Corporation. All rights reserved.
+Copyright (c) 2005 - 2013, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -607,7 +607,7 @@
(VOID **) &This->ParentDevicePath,
TcpServiceData->DriverBindingHandle,
This->SockHandle,
- EFI_OPEN_PROTOCOL_BY_CHILD_CONTROLLER
+ EFI_OPEN_PROTOCOL_GET_PROTOCOL
);
if (EFI_ERROR (Status)) {
gBS->CloseProtocol (
@@ -649,16 +649,6 @@
RemoveEntryList (&This->Link);
//
- // Close the device path protocol
- //
- gBS->CloseProtocol (
- TcpServiceData->ControllerHandle,
- &gEfiDevicePathProtocolGuid,
- TcpServiceData->DriverBindingHandle,
- This->SockHandle
- );
-
- //
// Close the Ip4 protocol.
//
gBS->CloseProtocol (
Modified: trunk/edk2/NetworkPkg/TcpDxe/TcpDriver.c
===
--- trunk/edk2/NetworkPkg/TcpDxe/TcpDriver.c2013-04-24 09:33:48 UTC (rev
14312)
+++ trunk/edk2/NetworkPkg/TcpDxe/TcpDriver.c2013-04-25 01:18:58 UTC (rev
14313)
@@ -1,7 +1,7 @@
/** @file
The driver binding and service binding protocol for the TCP driver.
- Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.
+ Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
@@ -717,7 +717,7 @@
(VOID **) &This->ParentDevicePath,
TcpServiceData->DriverBindingHandle,
This->SockHandle,
- EFI_OPEN_PROTOCOL_BY_CHILD_CONTROLLER
+ EFI_OPEN_PROTOCOL_GET_PROTOCOL
);
if (EFI_ERROR (Status)) {
gBS->CloseProtocol (
@@ -766,16 +766,6 @@
RemoveEntryList (&This->Link);
//
- // Close the device path protocol
- //
- gBS->CloseProtocol (
- TcpServiceData->ControllerHandle,
- &gEfiDevicePathProtocolGuid,
- TcpServiceData->DriverBindingHandle,
- This->SockHandle
- );
-
- //
// Close the IP protocol.
//
gBS->CloseProtocol (
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
--
Try New Relic Now & We'll Send You this Cool Shirt
New Relic is the only SaaS-based application performance monitoring service
that delivers powerful full stack analytics. Optimize and monitor your
browser, app, & servers with just a few lines of code. Try New Relic
and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_apr
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[14314] trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe
Revision: 14314
http://edk2.svn.sourceforge.net/edk2/?rev=14314&view=rev
Author: sfu5
Date: 2013-04-25 01:25:49 + (Thu, 25 Apr 2013)
Log Message:
---
Fix ping command issue in IP4 driver.
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Ouyang Qian
Modified Paths:
--
trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Driver.c
trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c
Modified: trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Driver.c
===
--- trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Driver.c
2013-04-25 01:18:58 UTC (rev 14313)
+++ trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Driver.c
2013-04-25 01:25:49 UTC (rev 14314)
@@ -1,7 +1,7 @@
/** @file
The driver binding and service binding protocol for IP4 driver.
-Copyright (c) 2005 - 2012, Intel Corporation. All rights reserved.
+Copyright (c) 2005 - 2013, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -572,6 +572,8 @@
INTN State;
LIST_ENTRY *List;
IP4_DESTROY_CHILD_IN_HANDLE_BUF_CONTEXT Context;
+ IP4_INTERFACE*IpIf;
+ IP4_ROUTE_TABLE *RouteTable;
//
// IP4 driver opens the MNP child, ARP children or the IP4_CONFIG protocol
@@ -681,6 +683,35 @@
&Context,
NULL
);
+ } else if (IpSb->DefaultInterface->ArpHandle == ControllerHandle) {
+//
+// The ARP protocol for the default interface is being uninstalled and all
+// its IP child handles should have been destroyed before. So, release the
+// default interface and route table, create a new one and mark it as not
started.
+//
+Ip4CancelReceive (IpSb->DefaultInterface);
+Ip4FreeInterface (IpSb->DefaultInterface, NULL);
+Ip4FreeRouteTable (IpSb->DefaultRouteTable);
+
+IpIf = Ip4CreateInterface (IpSb->Mnp, IpSb->Controller, IpSb->Image);
+if (IpIf == NULL) {
+ goto ON_ERROR;
+}
+RouteTable = Ip4CreateRouteTable ();
+if (RouteTable == NULL) {
+ Ip4FreeInterface (IpIf, NULL);
+ goto ON_ERROR;;
+}
+
+IpSb->DefaultInterface = IpIf;
+InsertHeadList (&IpSb->Interfaces, &IpIf->Link);
+IpSb->DefaultRouteTable = RouteTable;
+Ip4ReceiveFrame (IpIf, NULL, Ip4AccpetFrame, IpSb);
+
+if (IpSb->Ip4Config != NULL && IpSb->State != IP4_SERVICE_DESTROY) {
+ IpSb->Ip4Config->Stop (IpSb->Ip4Config);
+}
+IpSb->State = IP4_SERVICE_UNSTARTED;
} else if (IsListEmpty (&IpSb->Children)) {
State = IpSb->State;
IpSb->State = IP4_SERVICE_DESTROY;
Modified: trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c
===
--- trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c2013-04-25
01:18:58 UTC (rev 14313)
+++ trunk/edk2/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c2013-04-25
01:25:49 UTC (rev 14314)
@@ -740,11 +740,24 @@
//
Ip4CancelFrames (Interface, EFI_ABORTED, Ip4CancelInstanceFrame, IpInstance);
+ if (--Interface->RefCnt > 0) {
+return EFI_SUCCESS;
+ }
+
//
- // Destroy the ARP instance if this is the last IP instance that
- // has the address.
+ // Destroy the interface if this is the last IP instance that
+ // has the address. Remove all the system transmitted packets
+ // from this interface, cancel the receive request if there is
+ // one, and destroy the ARP requests.
//
- if (Interface->Arp != NULL && IsListEmpty (&Interface->IpInstances)) {
+ Ip4CancelFrames (Interface, EFI_ABORTED, Ip4CancelInstanceFrame, NULL);
+ Ip4CancelReceive (Interface);
+
+ ASSERT (IsListEmpty (&Interface->IpInstances));
+ ASSERT (IsListEmpty (&Interface->ArpQues));
+ ASSERT (IsListEmpty (&Interface->SentFrames));
+
+ if (Interface->Arp != NULL) {
gBS->CloseProtocol (
Interface->ArpHandle,
&gEfiArpProtocolGuid,
@@ -758,25 +771,8 @@
&gEfiArpServiceBindingProtocolGuid,
Interface->ArpHandle
);
-Interface->Arp = NULL;
}
-
- if (--Interface->RefCnt > 0) {
-return EFI_SUCCESS;
- }
- //
- // Destroy the interface if it is not referenced by any IP instance (for
common Interface)
- // or the IP service (for the DefaultInterface). Remove all the system
transmitted packets
- // from this interface, cancel the receive request if there is one.
- //
- Ip4CancelFrames (Interface, EFI_ABORTED, Ip4CancelInstanceFram
SF.net SVN: edk2:[14316] trunk/edk2/SecurityPkg/VariableAuthenticated/ SecureBootConfigDxe/SecureBootConfigFileExplorer.c
Revision: 14316
http://edk2.svn.sourceforge.net/edk2/?rev=14316&view=rev
Author: sfu5
Date: 2013-04-25 01:38:06 + (Thu, 25 Apr 2013)
Log Message:
---
Check for NULL pointer before free it.
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Dong Guo
Modified Paths:
--
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c
Modified:
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c
===
---
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c
2013-04-25 01:33:43 UTC (rev 14315)
+++
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c
2013-04-25 01:38:06 UTC (rev 14316)
@@ -1,7 +1,7 @@
/** @file
Internal file explorer functions for SecureBoot configuration module.
-Copyright (c) 2012, Intel Corporation. All rights reserved.
+Copyright (c) 2012 - 2013, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -323,7 +323,7 @@
FileContext = (SECUREBOOT_FILE_CONTEXT *) MenuEntry->FileContext;
- if (!FileContext->IsRoot) {
+ if (!FileContext->IsRoot && FileContext->DevicePath != NULL) {
FreePool (FileContext->DevicePath);
} else {
if (FileContext->FHandle != NULL) {
@@ -340,7 +340,9 @@
FreePool (FileContext);
- FreePool (MenuEntry->DisplayString);
+ if (MenuEntry->DisplayString != NULL) {
+FreePool (MenuEntry->DisplayString);
+ }
if (MenuEntry->HelpString != NULL) {
FreePool (MenuEntry->HelpString);
}
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
--
Try New Relic Now & We'll Send You this Cool Shirt
New Relic is the only SaaS-based application performance monitoring service
that delivers powerful full stack analytics. Optimize and monitor your
browser, app, & servers with just a few lines of code. Try New Relic
and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_apr
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[14332] trunk/edk2
Revision: 14332
http://edk2.svn.sourceforge.net/edk2/?rev=14332&view=rev
Author: sfu5
Date: 2013-05-09 05:28:27 + (Thu, 09 May 2013)
Log Message:
---
Skip PXE prompt/menu/discover if PXE_DISCOVERY_CONTROL tag bit 3 set.
Signed-off-by: Laszlo Ersek
Reviewed-by: Ye Ting
Reviewed-by: Fu Siyuan
Modified Paths:
--
trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcDhcp.c
trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcDhcp.h
trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcBoot.c
trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp4.h
Modified: trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcDhcp.c
===
--- trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcDhcp.c
2013-05-09 04:06:58 UTC (rev 14331)
+++ trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcDhcp.c
2013-05-09 05:28:27 UTC (rev 14332)
@@ -1,7 +1,7 @@
/** @file
Support for PxeBc dhcp functions.
-Copyright (c) 2007 - 2012, Intel Corporation. All rights reserved.
+Copyright (c) 2007 - 2013, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -1536,6 +1536,16 @@
}
VendorOpt = &Packet->PxeVendorOption;
+ //
+ // According to the PXE specification 2.1, Table 2-1 PXE DHCP Options,
+ // we must not consider a boot prompt or boot menu if all of the following
hold:
+ // - the PXE_DISCOVERY_CONTROL tag(6) is present inside the Vendor
Options(43), and has bit 3 set
+ // - a boot file name has been presented in the initial DHCP or ProxyDHCP
offer packet.
+ //
+ if (IS_DISABLE_PROMPT_MENU (VendorOpt->DiscoverCtrl) &&
+ Packet->Dhcp4Option[PXEBC_DHCP4_TAG_INDEX_BOOTFILE] != NULL) {
+return EFI_ABORTED;
+ }
if (!IS_VALID_BOOT_PROMPT (VendorOpt->BitMap)) {
return EFI_SUCCESS;
Modified: trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcDhcp.h
===
--- trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcDhcp.h
2013-05-09 04:06:58 UTC (rev 14331)
+++ trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcDhcp.h
2013-05-09 05:28:27 UTC (rev 14332)
@@ -1,7 +1,7 @@
/** @file
Dhcp and Discover routines for PxeBc.
-Copyright (c) 2007 - 2011, Intel Corporation. All rights reserved.
+Copyright (c) 2007 - 2013, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -160,7 +160,7 @@
#define IS_DISABLE_BCAST_DISCOVER(x)(((x) & BIT (0)) == BIT (0))
#define IS_DISABLE_MCAST_DISCOVER(x)(((x) & BIT (1)) == BIT (1))
#define IS_ENABLE_USE_SERVER_LIST(x)(((x) & BIT (2)) == BIT (2))
-#define IS_ENABLE_BOOT_FILE_NAME(x) (((x) & BIT (3)) == BIT (3))
+#define IS_DISABLE_PROMPT_MENU(x) (((x) & BIT (3)) == BIT (3))
#define SET_VENDOR_OPTION_BIT_MAP(x, y) (((x)[(y) / 32]) = (UINT32) ((x)[(y) /
32]) | BIT ((y) % 32))
Modified: trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcBoot.c
===
--- trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcBoot.c 2013-05-09 04:06:58 UTC
(rev 14331)
+++ trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcBoot.c 2013-05-09 05:28:27 UTC
(rev 14332)
@@ -98,6 +98,17 @@
ASSERT (!Mode->UsingIpv6);
VendorOpt = &Cache->Dhcp4.VendorOpt;
+ //
+ // According to the PXE specification 2.1, Table 2-1 PXE DHCP Options,
+ // we must not consider a boot prompt or boot menu if all of the following
hold:
+ // - the PXE_DISCOVERY_CONTROL tag(6) is present inside the Vendor
Options(43), and has bit 3 set
+ // - a boot file name has been presented in the initial DHCP or ProxyDHCP
offer packet.
+ //
+ if (IS_DISABLE_PROMPT_MENU (VendorOpt->DiscoverCtrl) &&
+ Cache->Dhcp4.OptList[PXEBC_DHCP4_TAG_INDEX_BOOTFILE] != NULL) {
+return EFI_ABORTED;
+ }
+
if (!IS_VALID_BOOT_PROMPT (VendorOpt->BitMap)) {
return EFI_TIMEOUT;
}
Modified: trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp4.h
===
--- trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp4.h 2013-05-09 04:06:58 UTC
(rev 14331)
+++ trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp4.h 2013-05-09 05:28:27 UTC
(rev 14332)
@@ -1,7 +1,7 @@
/** @file
Functions declaration related with DHCPv4 for UefiPxeBc Driver.
- Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.
+ Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.
This program and the ac
SF.net SVN: edk2:[14354] trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcDriver.c
Revision: 14354
http://edk2.svn.sourceforge.net/edk2/?rev=14354&view=rev
Author: sfu5
Date: 2013-05-14 03:01:51 + (Tue, 14 May 2013)
Log Message:
---
Fix bug in PXE driver: memory may be freed before use.
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Ouyang Qian
Modified Paths:
--
trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcDriver.c
Modified: trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcDriver.c
===
--- trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcDriver.c2013-05-13 17:22:30 UTC
(rev 14353)
+++ trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcDriver.c2013-05-14 03:01:51 UTC
(rev 14354)
@@ -1353,9 +1353,6 @@
&gEfiCallerIdGuid,
&Private->Id
);
-if (Private != NULL) {
- FreePool (Private);
-}
}
if (IpVersion == IP_VERSION_4) {
@@ -1364,6 +1361,10 @@
PxeBcDestroyIp6Children (This, Private);
}
+ if (FirstStart && Private != NULL) {
+FreePool (Private);
+ }
+
return Status;
}
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
--
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a single console and one unified framework. Download a free trial.
http://p.sf.net/sfu/alienvault_d2d
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[14355] trunk/edk2/MdeModulePkg/Universal/Network/ UefiPxeBcDxe
Revision: 14355
http://edk2.svn.sourceforge.net/edk2/?rev=14355&view=rev
Author: sfu5
Date: 2013-05-14 06:25:39 + (Tue, 14 May 2013)
Log Message:
---
Add Copyright notices and comments for Red Hat contributor.
Signed-off-by: Laszlo Ersek
Reviewed-by: Fu Siyuan
Modified Paths:
--
trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcDhcp.c
trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcDhcp.h
Modified: trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcDhcp.c
===
--- trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcDhcp.c
2013-05-14 03:01:51 UTC (rev 14354)
+++ trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcDhcp.c
2013-05-14 06:25:39 UTC (rev 14355)
@@ -1,7 +1,8 @@
/** @file
Support for PxeBc dhcp functions.
-Copyright (c) 2007 - 2013, Intel Corporation. All rights reserved.
+Copyright (c) 2013, Red Hat, Inc.
+Copyright (c) 2007 - 2012, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -1537,10 +1538,13 @@
VendorOpt = &Packet->PxeVendorOption;
//
- // According to the PXE specification 2.1, Table 2-1 PXE DHCP Options,
- // we must not consider a boot prompt or boot menu if all of the following
hold:
- // - the PXE_DISCOVERY_CONTROL tag(6) is present inside the Vendor
Options(43), and has bit 3 set
- // - a boot file name has been presented in the initial DHCP or ProxyDHCP
offer packet.
+ // According to the PXE specification 2.1, Table 2-1 PXE DHCP Options (Full
+ // List), we must not consider a boot prompt or boot menu if all of the
+ // following hold:
+ // - the PXE_DISCOVERY_CONTROL PXE tag is present inside the Vendor Options
+ // (=43) DHCP tag, and
+ // - the PXE_DISCOVERY_CONTROL PXE tag has bit 3 set, and
+ // - a boot file name has been presented with DHCP option 67.
//
if (IS_DISABLE_PROMPT_MENU (VendorOpt->DiscoverCtrl) &&
Packet->Dhcp4Option[PXEBC_DHCP4_TAG_INDEX_BOOTFILE] != NULL) {
Modified: trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcDhcp.h
===
--- trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcDhcp.h
2013-05-14 03:01:51 UTC (rev 14354)
+++ trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcDhcp.h
2013-05-14 06:25:39 UTC (rev 14355)
@@ -1,7 +1,8 @@
/** @file
Dhcp and Discover routines for PxeBc.
-Copyright (c) 2007 - 2013, Intel Corporation. All rights reserved.
+Copyright (c) 2013, Red Hat, Inc.
+Copyright (c) 2007 - 2011, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
--
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a single console and one unified framework. Download a free trial.
http://p.sf.net/sfu/alienvault_d2d
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[14373] trunk/edk2/SecurityPkg/VariableAuthenticated/ SecureBootConfigDxe/SecureBootConfigImpl.c
Revision: 14373
http://edk2.svn.sourceforge.net/edk2/?rev=14373&view=rev
Author: sfu5
Date: 2013-05-17 07:03:49 + (Fri, 17 May 2013)
Log Message:
---
Pop up error message when user tries to enroll an invalid certificate file into
KEK/DB/DBX.
Signed-off-by: Fu Siyuan
Reviewed-by: Ye Ting
Reviewed-by: Yao Jiewen
Modified Paths:
--
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
Modified:
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
===
---
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
2013-05-17 03:49:35 UTC (rev 14372)
+++
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
2013-05-17 07:03:49 UTC (rev 14373)
@@ -2632,14 +2632,41 @@
case KEY_VALUE_SAVE_AND_EXIT_KEK:
Status = EnrollKeyExchangeKey (Private);
+ if (EFI_ERROR (Status)) {
+CreatePopUp (
+ EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
+ &Key,
+ L"ERROR: Unsupported file type!",
+ L"Only supports DER-encoded X509 certificate",
+ NULL
+ );
+ }
break;
case KEY_VALUE_SAVE_AND_EXIT_DB:
Status = EnrollSignatureDatabase (Private, EFI_IMAGE_SECURITY_DATABASE);
+ if (EFI_ERROR (Status)) {
+CreatePopUp (
+ EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
+ &Key,
+ L"ERROR: Unsupported file type!",
+ L"Only supports DER-encoded X509 certificate and executable EFI
image",
+ NULL
+ );
+ }
break;
case KEY_VALUE_SAVE_AND_EXIT_DBX:
Status = EnrollSignatureDatabase (Private, EFI_IMAGE_SECURITY_DATABASE1);
+ if (EFI_ERROR (Status)) {
+CreatePopUp (
+ EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
+ &Key,
+ L"ERROR: Unsupported file type!",
+ L"Only supports DER-encoded X509 certificate and executable EFI
image",
+ NULL
+ );
+ }
break;
default:
@@ -2680,13 +2707,13 @@
break;
case KEY_VALUE_SAVE_AND_EXIT_PK:
Status = EnrollPlatformKey (Private);
- UnicodeSPrint (
-PromptString,
-sizeof (PromptString),
-L"Only DER encoded certificate file (%s) is supported.",
-mSupportX509Suffix
-);
if (EFI_ERROR (Status)) {
+UnicodeSPrint (
+ PromptString,
+ sizeof (PromptString),
+ L"Only DER encoded certificate file (%s) is supported.",
+ mSupportX509Suffix
+ );
CreatePopUp (
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
&Key,
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
--
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a single console and one unified framework. Download a free trial.
http://p.sf.net/sfu/alienvault_d2d
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[14375] trunk/edk2/SecurityPkg
Revision: 14375
http://edk2.svn.sourceforge.net/edk2/?rev=14375&view=rev
Author: sfu5
Date: 2013-05-17 08:05:01 + (Fri, 17 May 2013)
Log Message:
---
Fix a bug that ?\226?\128?\156SecureBoot?\226?\128?\157 varaible will be
updated to NV+AT attribute incorrectly.
Signed-off-by: Fu Siyuan
Reviewed-by: Ni Ruiyu
Reviewed-by: Dong Guo
Modified Paths:
--
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
Modified:
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
===
---
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
2013-05-17 07:36:14 UTC (rev 14374)
+++
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
2013-05-17 08:05:01 UTC (rev 14375)
@@ -1348,53 +1348,6 @@
}
/**
- When VariableWriteArchProtocol install, create "SecureBoot" variable.
-
- @param[in] EventEvent whose notification function is being invoked.
- @param[in] Context Pointer to the notification function's context.
-
-**/
-VOID
-EFIAPI
-VariableWriteCallBack (
- IN EFI_EVENT Event,
- IN VOID*Context
- )
-{
- UINT8 SecureBootMode;
- UINT8 *SecureBootModePtr;
- EFI_STATUS Status;
- VOID*ProtocolPointer;
-
- Status = gBS->LocateProtocol (&gEfiVariableWriteArchProtocolGuid, NULL,
&ProtocolPointer);
- if (EFI_ERROR (Status)) {
-return;
- }
-
- //
- // Check whether "SecureBoot" variable exists.
- // If this library is built-in, it means firmware has capability to perform
- // driver signing verification.
- //
- GetEfiGlobalVariable2 (EFI_SECURE_BOOT_MODE_NAME,
(VOID**)&SecureBootModePtr, NULL);
- if (SecureBootModePtr == NULL) {
-SecureBootMode = SECURE_BOOT_MODE_DISABLE;
-//
-// Authenticated variable driver will update "SecureBoot" depending on
SetupMode variable.
-//
-gRT->SetVariable (
- EFI_SECURE_BOOT_MODE_NAME,
- &gEfiGlobalVariableGuid,
- EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS |
EFI_VARIABLE_NON_VOLATILE,
- sizeof (UINT8),
- &SecureBootMode
- );
- } else {
-FreePool (SecureBootModePtr);
- }
-}
-
-/**
Register security measurement handler.
@param ImageHandle ImageHandle of the loaded driver.
@@ -1409,19 +1362,6 @@
IN EFI_SYSTEM_TABLE *SystemTable
)
{
- VOID*Registration;
-
- //
- // Register callback function upon VariableWriteArchProtocol.
- //
- EfiCreateProtocolNotifyEvent (
-&gEfiVariableWriteArchProtocolGuid,
-TPL_CALLBACK,
-VariableWriteCallBack,
-NULL,
-&Registration
-);
-
return RegisterSecurity2Handler (
DxeImageVerificationHandler,
EFI_AUTH_OPERATION_VERIFY_IMAGE | EFI_AUTH_OPERATION_IMAGE_REQUIRED
Modified:
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
===
---
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
2013-05-17 07:36:14 UTC (rev 14374)
+++
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
2013-05-17 08:05:01 UTC (rev 14375)
@@ -7,7 +7,7 @@
# This external input must be validated carefully to avoid security issue like
# buffer overflow, integer overflow.
#
-# Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.
+# Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD
License
# which accompanies this distribution. The full text of the license may be
found at
@@ -59,7 +59,6 @@
gEfiFirmwareVolume2ProtocolGuid
gEfiBlockIoProtocolGuid
gEfiSimpleFileSystemProtocolGuid
- gEfiVariableWriteArchProtocolGuid
[Guids]
gEfiCertTypeRsa2048Sha256Guid
Modified: trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
===
--- trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
2013-05-17 07:36:14 UTC (rev 14374)
+++ trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
2013-05-17 08:05:01 UTC (rev 14375)
@@ -675,7 +675,6 @@
{
EFI_STATUS Status;
VARIABLE_POINTER_TRACK Variable;
- UINT32 VarAttr;
UINT8 SecureBootMode;
UINT8 SecureBo
SF.net SVN: edk2:[14450] trunk/edk2/NetworkPkg/Mtftp6Dxe/Mtftp6Rrq.c
Revision: 14450 http://sourceforge.net/p/edk2/code/14450 Author: sfu5 Date: 2013-07-02 06:44:27 + (Tue, 02 Jul 2013) Log Message: --- Fix a bug in Mtftp6 retransmission mechanism of the ACK. Signed-off-by: Ari Zigler Reviewed-by: Ouyang Qian Reviewed-by: Fu Siyuan Modified Paths: -- trunk/edk2/NetworkPkg/Mtftp6Dxe/Mtftp6Rrq.c Modified: trunk/edk2/NetworkPkg/Mtftp6Dxe/Mtftp6Rrq.c === --- trunk/edk2/NetworkPkg/Mtftp6Dxe/Mtftp6Rrq.c 2013-07-01 14:14:37 UTC (rev 14449) +++ trunk/edk2/NetworkPkg/Mtftp6Dxe/Mtftp6Rrq.c 2013-07-02 06:44:27 UTC (rev 14450) @@ -59,6 +59,7 @@ // Reset current retry count of the instance. // Instance->CurRetry = 0; + Instance->LastPacket = Packet; return Mtftp6TransmitPacket (Instance, Packet); } This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. -- This SF.net email is sponsored by Windows: Build for Windows Store. http://p.sf.net/sfu/windows-dev2dev ___ edk2-commits mailing list edk2-commits@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[14461] trunk/edk2/NetworkPkg/IScsiDxe/IScsiProto.c
Revision: 14461
http://sourceforge.net/p/edk2/code/14461
Author: sfu5
Date: 2013-07-10 05:52:58 + (Wed, 10 Jul 2013)
Log Message:
---
Roll back the changes in revision 14294 since it will cause iSCSI security
authentication issue.
Signed-off-by: Fu Siyuan
Reviewed-by: Ouyang Qian
Reviewed-by: Ye Ting
Revision Links:
--
http://sourceforge.net/p/edk2/code/14294
Modified Paths:
--
trunk/edk2/NetworkPkg/IScsiDxe/IScsiProto.c
Modified: trunk/edk2/NetworkPkg/IScsiDxe/IScsiProto.c
===
--- trunk/edk2/NetworkPkg/IScsiDxe/IScsiProto.c 2013-07-10 02:06:49 UTC (rev
14460)
+++ trunk/edk2/NetworkPkg/IScsiDxe/IScsiProto.c 2013-07-10 05:52:58 UTC (rev
14461)
@@ -1,7 +1,7 @@
/** @file
The implementation of iSCSI protocol based on RFC3720.
-Copyright (c) 2004 - 2012, Intel Corporation. All rights reserved.
+Copyright (c) 2004 - 2013, Intel Corporation. All rights reserved.
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -975,7 +975,7 @@
NetbufQueAppend (&Conn->RspQue, Pdu);
Conn->PartialRspRcvd = Continue;
- if ((!Transit) || Continue) {
+ if (Continue) {
//
// It is a partial response; must wait for another or more Request/Response
// conversations to get the full response.
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
--
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[14503] trunk/edk2/MdeModulePkg/Universal/Network/IScsiDxe /IScsiProto.c
Revision: 14503
http://sourceforge.net/p/edk2/code/14503
Author: sfu5
Date: 2013-07-25 05:55:09 + (Thu, 25 Jul 2013)
Log Message:
---
Roll back the changes in revision 14296 since it will cause iSCSI security
authentication issue.
Signed-off-by: Fu Siyuan
Reviewed-by: Ouyang Qian
Reviewed-by: Ye Ting
Revision Links:
--
http://sourceforge.net/p/edk2/code/14296
Modified Paths:
--
trunk/edk2/MdeModulePkg/Universal/Network/IScsiDxe/IScsiProto.c
Modified: trunk/edk2/MdeModulePkg/Universal/Network/IScsiDxe/IScsiProto.c
===
--- trunk/edk2/MdeModulePkg/Universal/Network/IScsiDxe/IScsiProto.c
2013-07-24 15:31:19 UTC (rev 14502)
+++ trunk/edk2/MdeModulePkg/Universal/Network/IScsiDxe/IScsiProto.c
2013-07-25 05:55:09 UTC (rev 14503)
@@ -742,7 +742,7 @@
NetbufQueAppend (&Conn->RspQue, Pdu);
Conn->PartialRspRcvd = Continue;
- if ((!Transit) || Continue) {
+ if (Continue) {
//
// It's a partial response, have to wait for another or more
Request/Response
// conversations to get the full response.
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
--
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
___
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
SF.net SVN: edk2:[14590] trunk/edk2/SecurityPkg/VariableAuthenticated/ SecureBootConfigDxe
Revision: 14590
http://sourceforge.net/p/edk2/code/14590
Author: sfu5
Date: 2013-08-22 09:46:03 + (Thu, 22 Aug 2013)
Log Message:
---
Fix a bug in secure boot configuration driver: Enroll DB/KEK will disable
Attempt Secure Boot option.
Signed-off-by: Fu Siyuan
Reviewed-by: Eric Dong
Reviewed-by: Ye Ting
Modified Paths:
--
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
Modified:
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
===
---
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
2013-08-22 05:55:29 UTC (rev 14589)
+++
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
2013-08-22 09:46:03 UTC (rev 14590)
@@ -65,20 +65,29 @@
//
// Display of Oneof: 'Secure Boot Mode'
//
-oneof varid = SECUREBOOT_CONFIGURATION.SecureBootMode,
- questionid = KEY_SECURE_BOOT_MODE,
- prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),
- help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),
- flags = INTERACTIVE,
- option text = STRING_TOKEN(STR_STANDARD_MODE),value =
SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;
- option text = STRING_TOKEN(STR_CUSTOM_MODE), value =
SECURE_BOOT_MODE_CUSTOM, flags = 0;
-endoneof;
+disableif TRUE;
+ oneof varid = SECUREBOOT_CONFIGURATION.SecureBootMode,
+prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),
+help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),
+flags = INTERACTIVE,
+option text = STRING_TOKEN(STR_STANDARD_MODE),value =
SECURE_BOOT_MODE_STANDARD, flags = 0;
+option text = STRING_TOKEN(STR_CUSTOM_MODE), value =
SECURE_BOOT_MODE_CUSTOM, flags = 0;
+ endoneof;
+endif;
+ oneof name = SecureBootMode,
+questionid = KEY_SECURE_BOOT_MODE,
+prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),
+help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),
+flags = INTERACTIVE | NUMERIC_SIZE_1,
+option text = STRING_TOKEN(STR_STANDARD_MODE),value =
SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;
+option text = STRING_TOKEN(STR_CUSTOM_MODE), value =
SECURE_BOOT_MODE_CUSTOM, flags = 0;
+ endoneof;
//
//
// Display of 'Current Secure Boot Mode'
//
-suppressif ideqval SECUREBOOT_CONFIGURATION.SecureBootMode ==
SECURE_BOOT_MODE_STANDARD;
+suppressif questionref(SecureBootMode) == SECURE_BOOT_MODE_STANDARD;
grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;
goto FORMID_SECURE_BOOT_OPTION_FORM,
prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),
Modified:
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
===
---
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
2013-08-22 05:55:29 UTC (rev 14589)
+++
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
2013-08-22 09:46:03 UTC (rev 14590)
@@ -48,6 +48,8 @@
};
+BOOLEAN mIsEnterSecureBootForm = FALSE;
+
//
// OID ASN.1 Value for Hash Algorithms
//
@@ -2407,6 +2409,14 @@
return EFI_NOT_FOUND;
}
+ //
+ // Get Configuration from Variable.
+ //
+ SecureBootExtractConfigFromVariable (&IfrNvData);
+
+ //
+ // Map the Configuration to the configuration block.
+ //
BufferSize = sizeof (SECUREBOOT_CONFIGURATION);
Status = gHiiConfigRouting->ConfigToBlock (
gHiiConfigRouting,
@@ -2488,6 +2498,25 @@
return EFI_INVALID_PARAMETER;
}
+ if (Action == EFI_BROWSER_ACTION_FORM_OPEN) {
+if (QuestionId == KEY_SECURE_BOOT_MODE) {
+ mIsEnterSecureBootForm = TRUE;
+}
+
+return EFI_SUCCESS;
+ }
+
+ if (Action == EFI_BROWSER_ACTION_RETRIEVE) {
+Status = EFI_UNSUPPORTED;
+if (QuestionId == KEY_SECURE_BOOT_MODE) {
+ if (mIsEnterSecureBootForm) {
+Value->u8 = SECURE_BOOT_MODE_STANDARD;
+Status = EFI_SUCCESS;
+ }
+}
+return Status;
+ }
+
if ((Action != EFI_BROWSER_ACTION_CHANGED) &&
(Action != EFI_BROWSER_ACTION_CHANGING) &&
(Action != EFI_BROWSER_ACTION_FORM_CLOSE) &&
@@ -2759,19 +2788,7 @@
break;
case KEY_SECURE_BOOT_MODE:
- GetVariable2 (EFI_CUSTOM_MODE_NAME, &gEfiCustomModeEnableGuid,
(VOID**)&SecureBootMode, NULL);
- if (NULL != SecureBootMode) {
-Status = gRT->SetVariable (
SF.net SVN: edk2:[14607] trunk/edk2
Revision: 14607 http://sourceforge.net/p/edk2/code/14607 Author: sfu5 Date: 2013-08-28 09:06:40 + (Wed, 28 Aug 2013) Log Message: --- 1. Change default PCD in SecurityPkg to 4 (DENY_EXECUTE) in DEC file. 2. ASSERT if PCD value is set to 5 (QUERY_USER_ON_SECURITY_VIOLATION). 3. Update override PCD setting from 5 to 4 in platform DSC file. Signed-off-by: Fu Siyuan Reviewed-by: Ni Ruiyu Reviewed-by: Ye Ting Modified Paths: -- trunk/edk2/Nt32Pkg/Nt32Pkg.dsc trunk/edk2/OvmfPkg/OvmfPkgIa32.dsc trunk/edk2/OvmfPkg/OvmfPkgIa32X64.dsc trunk/edk2/OvmfPkg/OvmfPkgX64.dsc trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c trunk/edk2/SecurityPkg/SecurityPkg.dec Modified: trunk/edk2/Nt32Pkg/Nt32Pkg.dsc === --- trunk/edk2/Nt32Pkg/Nt32Pkg.dsc 2013-08-27 09:17:20 UTC (rev 14606) +++ trunk/edk2/Nt32Pkg/Nt32Pkg.dsc 2013-08-28 09:06:40 UTC (rev 14607) @@ -226,9 +226,9 @@ !if $(SECURE_BOOT_ENABLE) == TRUE # override the default values from SecurityPkg to ensure images from all sources are verified in secure boot - gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x05 - gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy|0x05 - gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy|0x05 + gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x04 + gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy|0x04 + gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy|0x04 !endif Modified: trunk/edk2/OvmfPkg/OvmfPkgIa32.dsc === --- trunk/edk2/OvmfPkg/OvmfPkgIa32.dsc 2013-08-27 09:17:20 UTC (rev 14606) +++ trunk/edk2/OvmfPkg/OvmfPkgIa32.dsc 2013-08-28 09:06:40 UTC (rev 14607) @@ -303,9 +303,9 @@ !if $(SECURE_BOOT_ENABLE) == TRUE # override the default values from SecurityPkg to ensure images from all sources are verified in secure boot - gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x05 - gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy|0x05 - gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy|0x05 + gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x04 + gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy|0x04 + gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy|0x04 !endif # IRQs 5, 9, 10, 11 are level-triggered Modified: trunk/edk2/OvmfPkg/OvmfPkgIa32X64.dsc === --- trunk/edk2/OvmfPkg/OvmfPkgIa32X64.dsc 2013-08-27 09:17:20 UTC (rev 14606) +++ trunk/edk2/OvmfPkg/OvmfPkgIa32X64.dsc 2013-08-28 09:06:40 UTC (rev 14607) @@ -309,9 +309,9 @@ [PcdsFixedAtBuild.X64] !if $(SECURE_BOOT_ENABLE) == TRUE # override the default values from SecurityPkg to ensure images from all sources are verified in secure boot - gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x05 - gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy|0x05 - gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy|0x05 + gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x04 + gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy|0x04 + gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy|0x04 !endif # IRQs 5, 9, 10, 11 are level-triggered Modified: trunk/edk2/OvmfPkg/OvmfPkgX64.dsc === --- trunk/edk2/OvmfPkg/OvmfPkgX64.dsc 2013-08-27 09:17:20 UTC (rev 14606) +++ trunk/edk2/OvmfPkg/OvmfPkgX64.dsc 2013-08-28 09:06:40 UTC (rev 14607) @@ -308,9 +308,9 @@ !if $(SECURE_BOOT_ENABLE) == TRUE # override the default values from SecurityPkg to ensure images from all sources are verified in secure boot - gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x05 - gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy|0x05 - gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy|0x05 + gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x04 + gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy|0x04 + gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy|0x04 !endif # IRQs 5, 9, 10, 11 are level-triggered Modified: trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c === --- trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c 2013-08-27 09:17:20 UTC (rev 14606) +++ trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c 2013-08
