[edk2] [PATCH 1/1] EmbeddedPkg: Add EFIAPI to several Ebl functions

[Thomas Palmer]

The EFIAPI function declaration is missing for several functions in the 
EmbeddedPkg/Ebl directory. A few function pointer struct members expect EFIAPI 
though and GCC46/X64 will fail to compile the directory without them.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 EmbeddedPkg/Ebl/Command.c   | 9 +
 EmbeddedPkg/Ebl/Dir.c   | 3 +++
 EmbeddedPkg/Ebl/EfiDevice.c | 9 +
 EmbeddedPkg/Ebl/Hob.c   | 2 ++
 EmbeddedPkg/Ebl/HwDebug.c   | 4 
 EmbeddedPkg/Ebl/HwIoDebug.c | 3 +++
 EmbeddedPkg/Ebl/Main.c  | 3 +++
 EmbeddedPkg/Ebl/Network.c   | 2 ++
 EmbeddedPkg/Ebl/Script.c| 2 ++
 EmbeddedPkg/Ebl/Variable.c  | 3 +++
 EmbeddedPkg/Include/Library/EblCmdLib.h | 3 +++
 11 files changed, 43 insertions(+)

diff --git a/EmbeddedPkg/Ebl/Command.c b/EmbeddedPkg/Ebl/Command.c
index 04ea794..e75c6a2 100644
--- a/EmbeddedPkg/Ebl/Command.c
+++ b/EmbeddedPkg/Ebl/Command.c
@@ -3,6 +3,7 @@
 
   Copyright (c) 2007, Intel Corporation. All rights reserved.
   Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.
+  (C) Copyright 2015 Hewlett Packard Enterprise Development LP
 
   This program and the accompanying materials
   are licensed and made available under the terms and conditions of the BSD 
License
@@ -256,6 +257,7 @@ CountNewLines (
 
 **/
 EFI_STATUS
+EFIAPI
 EblHelpCmd (
   IN UINTN  Argc,
   IN CHAR8  **Argv
@@ -313,6 +315,7 @@ EblHelpCmd (
 
 **/
 EFI_STATUS
+EFIAPI
 EblExitCmd (
   IN UINTN  Argc,
   IN CHAR8  **Argv
@@ -418,6 +421,7 @@ EblPauseCallback (
 
 **/
 EFI_STATUS
+EFIAPI
 EblPauseCmd (
   IN UINTN  Argc,
   IN CHAR8  **Argv
@@ -452,6 +456,7 @@ EblPauseCmd (
 
 **/
 EFI_STATUS
+EFIAPI
 EblBreakPointCmd (
   IN UINTN  Argc,
   IN CHAR8  **Argv
@@ -478,6 +483,7 @@ EblBreakPointCmd (
 
 **/
 EFI_STATUS
+EFIAPI
 EblResetCmd (
   IN UINTN  Argc,
   IN CHAR8  **Argv
@@ -518,6 +524,7 @@ EblResetCmd (
 
 **/
 EFI_STATUS
+EFIAPI
 EblPageCmd (
   IN UINTN  Argc,
   IN CHAR8  **Argv
@@ -542,6 +549,7 @@ EblPageCmd (
 }
 
 EFI_STATUS
+EFIAPI
 EblSleepCmd (
   IN UINTN Argc,
   IN CHAR8 **Argv
@@ -741,6 +749,7 @@ WidthFromCommandName (
 
 **/
 EFI_STATUS
+EFIAPI
 EblHexdumpCmd (
   IN UINTN  Argc,
   IN CHAR8  **Argv
diff --git a/EmbeddedPkg/Ebl/Dir.c b/EmbeddedPkg/Ebl/Dir.c
index c45f67b..36095b6 100644
--- a/EmbeddedPkg/Ebl/Dir.c
+++ b/EmbeddedPkg/Ebl/Dir.c
@@ -3,6 +3,7 @@
 
   Copyright (c) 2007, Intel Corporation. All rights reserved.
   Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.
+  (C) Copyright 2015 Hewlett Packard Enterprise Development LP
 
 
   This program and the accompanying materials
@@ -62,6 +63,7 @@ GLOBAL_REMOVE_IF_UNREFERENCED   CHAR8 *gFvFileType[] = {
 
 **/
 EFI_STATUS
+EFIAPI
 EblDirCmd (
   IN UINTN  Argc,
   IN CHAR8  **Argv
@@ -307,6 +309,7 @@ Done:
 
 **/
 EFI_STATUS
+EFIAPI
 EblCdCmd (
   IN UINTN  Argc,
   IN CHAR8  **Argv
diff --git a/EmbeddedPkg/Ebl/EfiDevice.c b/EmbeddedPkg/Ebl/EfiDevice.c
index 7d20609..ec9c331 100644
--- a/EmbeddedPkg/Ebl/EfiDevice.c
+++ b/EmbeddedPkg/Ebl/EfiDevice.c
@@ -3,6 +3,7 @@
 
   Copyright (c) 2007, Intel Corporation. All rights reserved.
   Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.
+  (C) Copyright 2015 Hewlett Packard Enterprise Development LP
 
   This program and the accompanying materials
   are licensed and made available under the terms and conditions of the BSD 
License
@@ -202,6 +203,7 @@ EblPrintLoadFileInfo (
 
 **/
 EFI_STATUS
+EFIAPI
 EblDeviceCmd (
   IN UINTN  Argc,
   IN CHAR8  **Argv
@@ -285,6 +287,7 @@ EblDeviceCmd (
 
 **/
 EFI_STATUS
+EFIAPI
 EblStartCmd (
   IN UINTN  Argc,
   IN CHAR8  **Argv
@@ -370,6 +373,7 @@ EblStartCmd (
 
 **/
 EFI_STATUS
+EFIAPI
 EblLoadFvCmd (
   IN UINTN  Argc,
   IN CHAR8  **Argv
@@ -426,6 +430,7 @@ EblLoadFvCmd (
 
 **/
 EFI_STATUS
+EFIAPI
 EblConnectCmd (
   IN UINTN  Argc,
   IN CHAR8  **Argv
@@ -548,6 +553,7 @@ CHAR8 *gMemMapType[] = {
 
 **/
 EFI_STATUS
+EFIAPI
 EblMemMapCmd (
   IN UINTN  Argc,
   IN CHAR8  **Argv
@@ -657,6 +663,7 @@ EblMemMapCmd (
 
 **/
 EFI_STATUS
+EFIAPI
 EblGoCmd (
   IN UINTN  Argc,
   IN CHAR8  **Argv
@@ -721,6 +728,7 @@ EblGoCmd (
 #define FILE_COPY_CHUNK 0x2
 
 EFI_STATUS
+EFIAPI
 EblFileCopyCmd (
   IN UINTN  Argc,
   IN CHAR8  **Argv
@@ -863,6 +871,7 @@ Exit:
 }
 
 EFI_STATUS
+EFIAPI
 EblFileDiffCmd (
   IN UINTN  Argc,
   IN CHAR8  **Argv
diff --git a/EmbeddedPkg/Ebl/Hob.c b/EmbeddedPkg/Ebl/Hob.c
index 8b7a52e..edc0a74 100644
--- a/EmbeddedPkg/Ebl/Hob.c
+++ b/EmbeddedPkg/Ebl/Hob.c
@@ -3,6 +3,7 @@
 
   Copyright (c) 2007, Intel Corporation. All rights reserved.
   Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.
+  (C) Copyright 2015 Hewlett Packard Enterprise Development LP
 
   This program and the accompanying materials
   are licensed and made available under the terms and conditions of the BSD

[edk2] [PATCH v2] EmbeddedPkg: Add EFIAPI to several Ebl functions

[Thomas Palmer]

The EFIAPI function declaration is missing for several functions in the 
EmbeddedPkg/Ebl directory. A few function pointer struct members expect EFIAPI 
though and GCC46/X64 will fail to compile the directory without them.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 EmbeddedPkg/Ebl/Command.c   | 9 +
 EmbeddedPkg/Ebl/Dir.c   | 3 +++
 EmbeddedPkg/Ebl/Ebl.h   | 3 +++
 EmbeddedPkg/Ebl/EfiDevice.c | 9 +
 EmbeddedPkg/Ebl/Hob.c   | 2 ++
 EmbeddedPkg/Ebl/HwDebug.c   | 4 
 EmbeddedPkg/Ebl/HwIoDebug.c | 3 +++
 EmbeddedPkg/Ebl/Main.c  | 3 +++
 EmbeddedPkg/Ebl/Network.c   | 2 ++
 EmbeddedPkg/Ebl/Script.c| 2 ++
 EmbeddedPkg/Ebl/Variable.c  | 3 +++
 EmbeddedPkg/Include/Library/EblCmdLib.h | 3 +++
 12 files changed, 46 insertions(+)

diff --git a/EmbeddedPkg/Ebl/Command.c b/EmbeddedPkg/Ebl/Command.c
index 04ea794..e75c6a2 100644
--- a/EmbeddedPkg/Ebl/Command.c
+++ b/EmbeddedPkg/Ebl/Command.c
@@ -3,6 +3,7 @@
 
   Copyright (c) 2007, Intel Corporation. All rights reserved.
   Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.
+  (C) Copyright 2015 Hewlett Packard Enterprise Development LP
 
   This program and the accompanying materials
   are licensed and made available under the terms and conditions of the BSD 
License
@@ -256,6 +257,7 @@ CountNewLines (
 
 **/
 EFI_STATUS
+EFIAPI
 EblHelpCmd (
   IN UINTN  Argc,
   IN CHAR8  **Argv
@@ -313,6 +315,7 @@ EblHelpCmd (
 
 **/
 EFI_STATUS
+EFIAPI
 EblExitCmd (
   IN UINTN  Argc,
   IN CHAR8  **Argv
@@ -418,6 +421,7 @@ EblPauseCallback (
 
 **/
 EFI_STATUS
+EFIAPI
 EblPauseCmd (
   IN UINTN  Argc,
   IN CHAR8  **Argv
@@ -452,6 +456,7 @@ EblPauseCmd (
 
 **/
 EFI_STATUS
+EFIAPI
 EblBreakPointCmd (
   IN UINTN  Argc,
   IN CHAR8  **Argv
@@ -478,6 +483,7 @@ EblBreakPointCmd (
 
 **/
 EFI_STATUS
+EFIAPI
 EblResetCmd (
   IN UINTN  Argc,
   IN CHAR8  **Argv
@@ -518,6 +524,7 @@ EblResetCmd (
 
 **/
 EFI_STATUS
+EFIAPI
 EblPageCmd (
   IN UINTN  Argc,
   IN CHAR8  **Argv
@@ -542,6 +549,7 @@ EblPageCmd (
 }
 
 EFI_STATUS
+EFIAPI
 EblSleepCmd (
   IN UINTN Argc,
   IN CHAR8 **Argv
@@ -741,6 +749,7 @@ WidthFromCommandName (
 
 **/
 EFI_STATUS
+EFIAPI
 EblHexdumpCmd (
   IN UINTN  Argc,
   IN CHAR8  **Argv
diff --git a/EmbeddedPkg/Ebl/Dir.c b/EmbeddedPkg/Ebl/Dir.c
index c45f67b..36095b6 100644
--- a/EmbeddedPkg/Ebl/Dir.c
+++ b/EmbeddedPkg/Ebl/Dir.c
@@ -3,6 +3,7 @@
 
   Copyright (c) 2007, Intel Corporation. All rights reserved.
   Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.
+  (C) Copyright 2015 Hewlett Packard Enterprise Development LP
 
 
   This program and the accompanying materials
@@ -62,6 +63,7 @@ GLOBAL_REMOVE_IF_UNREFERENCED   CHAR8 *gFvFileType[] = {
 
 **/
 EFI_STATUS
+EFIAPI
 EblDirCmd (
   IN UINTN  Argc,
   IN CHAR8  **Argv
@@ -307,6 +309,7 @@ Done:
 
 **/
 EFI_STATUS
+EFIAPI
 EblCdCmd (
   IN UINTN  Argc,
   IN CHAR8  **Argv
diff --git a/EmbeddedPkg/Ebl/Ebl.h b/EmbeddedPkg/Ebl/Ebl.h
index c2242df..e028735 100644
--- a/EmbeddedPkg/Ebl/Ebl.h
+++ b/EmbeddedPkg/Ebl/Ebl.h
@@ -3,6 +3,7 @@
 
   Copyright (c) 2007, Intel Corporation. All rights reserved.
   Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.
+  (C) Copyright 2015 Hewlett Packard Enterprise Development LP
 
   This program and the accompanying materials
   are licensed and made available under the terms and conditions of the BSD 
License
@@ -87,6 +88,7 @@ EblPathToDevice (
   );
 
 BOOLEAN
+EFIAPI
 EblAnyKeyToContinueQtoQuit (
   IN  UINTN   *CurrentRow,
   IN  BOOLEAN PrefixNewline
@@ -114,6 +116,7 @@ EblSetTextColor (
 
 
 EFI_STATUS
+EFIAPI
 EblGetCharKey (
   IN OUT EFI_INPUT_KEY*Key,
   IN UINTNTimoutInSec,
diff --git a/EmbeddedPkg/Ebl/EfiDevice.c b/EmbeddedPkg/Ebl/EfiDevice.c
index 7d20609..ec9c331 100644
--- a/EmbeddedPkg/Ebl/EfiDevice.c
+++ b/EmbeddedPkg/Ebl/EfiDevice.c
@@ -3,6 +3,7 @@
 
   Copyright (c) 2007, Intel Corporation. All rights reserved.
   Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.
+  (C) Copyright 2015 Hewlett Packard Enterprise Development LP
 
   This program and the accompanying materials
   are licensed and made available under the terms and conditions of the BSD 
License
@@ -202,6 +203,7 @@ EblPrintLoadFileInfo (
 
 **/
 EFI_STATUS
+EFIAPI
 EblDeviceCmd (
   IN UINTN  Argc,
   IN CHAR8  **Argv
@@ -285,6 +287,7 @@ EblDeviceCmd (
 
 **/
 EFI_STATUS
+EFIAPI
 EblStartCmd (
   IN UINTN  Argc,
   IN CHAR8  **Argv
@@ -370,6 +373,7 @@ EblStartCmd (
 
 **/
 EFI_STATUS
+EFIAPI
 EblLoadFvCmd (
   IN UINTN  Argc,
   IN CHAR8  **Argv
@@ -426,6 +430,7 @@ EblLoadFvCmd (
 
 **/
 EFI_STATUS
+EFIAPI
 EblConnectCmd (
   IN UINTN  Argc,
   IN CHAR8  **Argv
@@ -548,6 +553,7 @@ CHAR8 *gMemMapType[] = {
 
 **/
 EFI_STATUS
+EFIAPI

[edk2] [PATCH] [BaseTools]/Build: Better DSC arch filtering

[Thomas Palmer]

Description:
When building for any specific architecture, the build script today is loading
DSC sections for other architectures not in the build. The build process should
disregard DSC sections that are not relevant to the build.

My previous patch only fixed issue for one section type (Components). This
patch will handle all section types by updating the MetaFileParser class, which
now takes a Arch argument and will filter the DSC table results as they are
returned from the database.  The database still contains all information from
DSCs for when builds support multiple arch's

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 .../Source/Python/Workspace/MetaFileParser.py  | 40 ++
 .../Source/Python/Workspace/WorkspaceDatabase.py   |  7 +---
 2 files changed, 26 insertions(+), 21 deletions(-)

diff --git a/BaseTools/Source/Python/Workspace/MetaFileParser.py 
b/BaseTools/Source/Python/Workspace/MetaFileParser.py
index 2811fd1..209f47c 100644
--- a/BaseTools/Source/Python/Workspace/MetaFileParser.py
+++ b/BaseTools/Source/Python/Workspace/MetaFileParser.py
@@ -2,7 +2,7 @@
 # This file is used to parse meta files
 #
 # Copyright (c) 2008 - 2016, Intel Corporation. All rights reserved.
-# Copyright (c) 2015, Hewlett Packard Enterprise Development, L.P.
+# (C) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD 
License
 # which accompanies this distribution.  The full text of the license may be 
found at
@@ -144,14 +144,15 @@ class MetaFileParser(object):
 #
 #   @param  FilePathThe path of platform description file
 #   @param  FileTypeThe raw data of DSC file
+#   @param  ArchDefault Arch value for filtering sections
 #   @param  Table   Database used to retrieve module/package 
information
-#   @param  Macros  Macros used for replacement in file
 #   @param  Owner   Owner ID (for sub-section parsing)
 #   @param  FromID from which the data comes (for !INCLUDE 
directive)
 #
-def __init__(self, FilePath, FileType, Table, Owner= -1, From= -1):
+def __init__(self, FilePath, FileType, Arch, Table, Owner= -1, From= -1):
 self._Table = Table
 self._RawTable = Table
+self._Arch = Arch
 self._FileType = FileType
 self.MetaFile = FilePath
 self._FileDir = self.MetaFile.Dir
@@ -211,6 +212,15 @@ class MetaFileParser(object):
 def _SetFinished(self, Value):
 self._Finished = Value
 
+## Remove records that do not match given Filter Arch
+def _FilterRecordList(self, RecordList, FilterArch):
+NewRecordList = []
+for Record in RecordList:
+Arch = Record[3]
+if Arch == 'COMMON' or Arch == FilterArch:
+NewRecordList.append(Record)
+return NewRecordList
+
 ## Use [] style to query data in table, just for readability
 #
 #   DataInfo = [data_type, scope1(arch), scope2(platform/moduletype)]
@@ -230,13 +240,13 @@ class MetaFileParser(object):
 
 # No specific ARCH or Platform given, use raw data
 if self._RawTable and (len(DataInfo) == 1 or DataInfo[1] == None):
-return self._RawTable.Query(*DataInfo)
+return self._FilterRecordList(self._RawTable.Query(*DataInfo), 
self._Arch)
 
 # Do post-process if necessary
 if not self._PostProcessed:
 self._PostProcess()
 
-return self._Table.Query(*DataInfo)
+return self._FilterRecordList(self._Table.Query(*DataInfo), 
DataInfo[1])
 
 ## Data parser for the common format in different type of file
 #
@@ -490,14 +500,14 @@ class InfParser(MetaFileParser):
 #
 #   @param  FilePathThe path of module description file
 #   @param  FileTypeThe raw data of DSC file
+#   @param  ArchDefault Arch value for filtering sections
 #   @param  Table   Database used to retrieve module/package 
information
-#   @param  Macros  Macros used for replacement in file
 #
-def __init__(self, FilePath, FileType, Table):
+def __init__(self, FilePath, FileType, Arch, Table):
 # prevent re-initialization
 if hasattr(self, "_Table"):
 return
-MetaFileParser.__init__(self, FilePath, FileType, Table)
+MetaFileParser.__init__(self, FilePath, FileType, Arch, Table)
 self.PcdsDict = {}
 
 ## Parser starter
@@ -848,16 +858,16 @@ class DscParser(MetaFileParser):
 #
 #   @param  FilePathThe path of platform description file
 #   @param  FileTypeThe raw data of DSC file
+#   @param  ArchDefault Arch value for filtering sections
 

[edk2] [PATCH] [MdePkg/BaseLib]: Remove overreaction to SourceLen in StrCpyS

[Thomas Palmer]

The StrCpyS function is "safe" because the destination buffer will
not be overwritten and the string will have a NULL terminator byte.
Today, StrCpyS will also refuse to copy the string if its length is
greater than the size of the destination buffer.  However, this
behavior is not documented in the function's comment section.

I will publicly speculate that most uses/users of StrCpyS expect it
to copy as much of the source string as possible instead of
ASSERT'ing or returning an error (and copying nothing) when the
source string is longer than the destination buffer.  If the source
length copied must be limited, the developer should choose StrnCpyS
instead where the source length limit can be explicitly stated.

This patch will remove the ASSERT check and use SourceLen to control
how many bytes are copied.  SourceLen will not be allowed to be
greater than DestMax-1 so that the Destination will always have its
NULL terminator inside its boundaries.

We'll also update the overlap boundary check to not include the NULL
terminator adjusment(+1).  In both the current implementation of
StrCpyS and my proposed patch, the NULL byte is never copied from the
 source string itself.

AsciiStrCpyS will want the same update if this patch is approved, but
I wanted to limit the amount of change in this patch to facilitate
easier discussion.  I'll propose a AsciiStrCpyS changes as well if
and after this patch is accepted.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 MdePkg/Library/BaseLib/SafeString.c | 22 ++
 1 file changed, 14 insertions(+), 8 deletions(-)

diff --git a/MdePkg/Library/BaseLib/SafeString.c 
b/MdePkg/Library/BaseLib/SafeString.c
index b0e1ce7..ac5cfdc 100644
--- a/MdePkg/Library/BaseLib/SafeString.c
+++ b/MdePkg/Library/BaseLib/SafeString.c
@@ -2,6 +2,7 @@
   Safe String functions.
 
   Copyright (c) 2014, Intel Corporation. All rights reserved.
+  (C) Copyright 2016 Hewlett Packard Enterprise Development LP
   This program and the accompanying materials
   are licensed and made available under the terms and conditions of the BSD 
License
   which accompanies this distribution.  The full text of the license may be 
found at
@@ -202,23 +203,28 @@ StrCpyS (
   SAFE_STRING_CONSTRAINT_CHECK ((DestMax != 0), RETURN_INVALID_PARAMETER);
 
   //
-  // 4. DestMax shall be greater than StrnLenS(Source, DestMax).
+  // SourceLength is used to count how many characaters to copy. We decrement
+  // DestMax by one in the StrnLenS call to ensure we always have space for a
+  // NULL terminator after we finished copying the non-NULL characters
   //
-  SourceLen = StrnLenS (Source, DestMax);
-  SAFE_STRING_CONSTRAINT_CHECK ((DestMax > SourceLen), 
RETURN_BUFFER_TOO_SMALL);
+  SourceLen = StrnLenS (Source, DestMax-1);
 
   //
-  // 5. Copying shall not take place between objects that overlap.
+  // 4. Copying shall not take place between objects that overlap.
   //
-  SAFE_STRING_CONSTRAINT_CHECK (InternalSafeStringNoStrOverlap (Destination, 
DestMax, (CHAR16 *)Source, SourceLen + 1), RETURN_ACCESS_DENIED);
+  SAFE_STRING_CONSTRAINT_CHECK (InternalSafeStringNoStrOverlap (Destination, 
DestMax, (CHAR16 *)Source, SourceLen), RETURN_ACCESS_DENIED);
 
   //
-  // The StrCpyS function copies the string pointed to by Source (including 
the terminating
-  // null character) into the array pointed to by Destination.
+  // The StrCpyS function copies the string pointed to by Source into the
+  // array pointed to by Destination, except NULL terminator
   //
-  while (*Source != 0) {
+  while (SourceLen-- > 0) {
 *(Destination++) = *(Source++);
   }
+
+  //
+  // ALWAYS terminate string with NULL byte.
+  //
   *Destination = 0;
 
   return RETURN_SUCCESS;
-- 
1.9.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH] [BaseTools/BinWrappers] bash script fix for PosixLike/LzmaF86Compress

[Thomas Palmer]

Add missing "done" token needed to complete the for loop. Tested in
Ubuntu 14.04

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 BaseTools/BinWrappers/PosixLike/LzmaF86Compress | 48 +
 1 file changed, 25 insertions(+), 23 deletions(-)

diff --git a/BaseTools/BinWrappers/PosixLike/LzmaF86Compress 
b/BaseTools/BinWrappers/PosixLike/LzmaF86Compress
index 50af530..c684957 100755
--- a/BaseTools/BinWrappers/PosixLike/LzmaF86Compress
+++ b/BaseTools/BinWrappers/PosixLike/LzmaF86Compress
@@ -1,23 +1,25 @@
-#!/usr/bin/env bash
-#
-# This script will exec LzmaCompress tool with --f86 option that enables 
converter for x86 code.
-#
-# Copyright (c) 2012, Intel Corporation. All rights reserved.
-# This program and the accompanying materials
-# are licensed and made available under the terms and conditions of the BSD 
License
-# which accompanies this distribution.  The full text of the license may be 
found at
-# http://opensource.org/licenses/bsd-license.php
-# 
-# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-#
-
-for arg; do
-  case $arg in
--e|-d)
-  set -- "$@" --f86
-  break
-;;
-esac
-
-exec LzmaCompress "$@"
+#!/usr/bin/env bash
+#
+# This script will exec LzmaCompress tool with --f86 option that enables 
converter for x86 code.
+#
+# (C) Copyright 2016 Hewlett Packard Enterprise Development LP
+# Copyright (c) 2012, Intel Corporation. All rights reserved.
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD 
License
+# which accompanies this distribution.  The full text of the license may be 
found at
+# http://opensource.org/licenses/bsd-license.php
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+
+for arg; do
+  case $arg in
+-e|-d)
+  set -- "$@" --f86
+  break
+;;
+  esac
+done
+
+exec LzmaCompress "$@"
-- 
1.9.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH v2] [BaseTools/BinWrappers] bash script fix for PosixLike/LzmaF86Compress

[Thomas Palmer]

Add missing "done" token needed to complete the for loop. Tested in
Ubuntu 14.04

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 BaseTools/BinWrappers/PosixLike/LzmaF86Compress | 6 --
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/BaseTools/BinWrappers/PosixLike/LzmaF86Compress 
b/BaseTools/BinWrappers/PosixLike/LzmaF86Compress
index 50af530..078cb1e 100755
--- a/BaseTools/BinWrappers/PosixLike/LzmaF86Compress
+++ b/BaseTools/BinWrappers/PosixLike/LzmaF86Compress
@@ -2,12 +2,13 @@
 #
 # This script will exec LzmaCompress tool with --f86 option that enables 
converter for x86 code.
 #
+# (C) Copyright 2016 Hewlett Packard Enterprise Development LP
 # Copyright (c) 2012, Intel Corporation. All rights reserved.
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD 
License
 # which accompanies this distribution.  The full text of the license may be 
found at
 # http://opensource.org/licenses/bsd-license.php
-# 
+#
 # THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 # WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 #
@@ -18,6 +19,7 @@ for arg; do
   set -- "$@" --f86
   break
 ;;
-esac
+  esac
+done
 
 exec LzmaCompress "$@"
-- 
1.9.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH] [edk2-staging/HTTPS-TLS][PATCH]: CryptoPkg/TlsLib: Remove NULL cipher

[Thomas Palmer]

The term "NULL" refers to NULL-MD5, NULL-SHA and NULL-SHA256 when
used to set the SSL cipher list.  As both MD5 and SHA variants are
explicitly listed in our code, I surmise enabling all three by
setting the cipher list to just NULL was not the intended behavior.
This patch will remove NULL as an option for the cipher list and
allow NULL-SHA256 instead.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 CryptoPkg/Library/TlsLib/TlsLib.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CryptoPkg/Library/TlsLib/TlsLib.c 
b/CryptoPkg/Library/TlsLib/TlsLib.c
index 9f56b7a..b76dd20 100644
--- a/CryptoPkg/Library/TlsLib/TlsLib.c
+++ b/CryptoPkg/Library/TlsLib/TlsLib.c
@@ -53,7 +53,6 @@ typedef struct {
 // OpenSSL-used Cipher Suite name.
 //
 STATIC CONST TLS_CIPHER_PAIR TlsCipherMappingTable[] = {
-  { 0x, "NULL" }, /// TLS_NULL_WITH_NULL_NULL
   { 0x0001, "NULL-MD5" }, /// TLS_RSA_WITH_NULL_MD5
   { 0x0002, "NULL-SHA" }, /// TLS_RSA_WITH_NULL_SHA
   { 0x0004, "RC4-MD5" },  /// TLS_RSA_WITH_RC4_128_MD5
@@ -62,6 +61,7 @@ STATIC CONST TLS_CIPHER_PAIR TlsCipherMappingTable[] = {
   { 0x000A, "DES-CBC3-SHA" }, /// TLS_RSA_WITH_3DES_EDE_CBC_SHA
   { 0x002F, "AES128-SHA" },   /// TLS_RSA_WITH_AES_128_CBC_SHA
   { 0x0035, "AES256-SHA" },   /// TLS_RSA_WITH_AES_256_CBC_SHA
+  { 0x003B, "NULL-SHA256" },  /// TLS_RSA_WITH_NULL_SHA256
   { 0x003C, "AES128-SHA256" },/// TLS_RSA_WITH_AES_128_CBC_SHA256
   { 0x003D, "AES256-SHA256" } /// TLS_RSA_WITH_AES_256_CBC_SHA256
 };
-- 
1.9.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH] [edk2-staging/HTTPS-TLS][PATCH]: CryptoPkg/TlsLib: Handshake failure

[Thomas Palmer]

TlsLib should inspect the return from the SSL_do_handshake and return
EFI_PROTOCOL_ERROR on certain conditions that are not recoverable.

For example, if a client is configured with a certain set of ciphers
that the TLS server does not support, the server will send a fatal
alert before the handshake finishes.  Our TLS protocol only expects
an alert to come after the handshake, so we would have continued TLS
operations.

Please note I am using types int and unsigned long to match the
OpenSSL api.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 CryptoPkg/Library/TlsLib/TlsLib.c | 29 +++--
 1 file changed, 27 insertions(+), 2 deletions(-)

diff --git a/CryptoPkg/Library/TlsLib/TlsLib.c 
b/CryptoPkg/Library/TlsLib/TlsLib.c
index b76dd20..8b441a5 100644
--- a/CryptoPkg/Library/TlsLib/TlsLib.c
+++ b/CryptoPkg/Library/TlsLib/TlsLib.c
@@ -616,6 +616,8 @@ TlsDoHandshake (
 {
   TLS_CONNECTION  *TlsConn;
   UINTN   PendingBufferSize;
+  int ret;
+  unsigned long   e;
 
   TlsConn   = (TLS_CONNECTION *) Tls;
   PendingBufferSize = 0;
@@ -638,18 +640,41 @@ TlsDoHandshake (
 PendingBufferSize = (UINTN) BIO_ctrl_pending (TlsConn->OutBio);
 if (PendingBufferSize == 0) {
   SSL_set_connect_state (TlsConn->Ssl);
-  SSL_do_handshake (TlsConn->Ssl);
+  ret = SSL_do_handshake (TlsConn->Ssl);
   PendingBufferSize = (UINTN) BIO_ctrl_pending (TlsConn->OutBio);
 }
   } else {
 PendingBufferSize = (UINTN) BIO_ctrl_pending (TlsConn->OutBio);
 if (PendingBufferSize == 0) {
   BIO_write (TlsConn->InBio, BufferIn, (UINT32) BufferInSize);
-  SSL_do_handshake (TlsConn->Ssl);
+  ret = SSL_do_handshake (TlsConn->Ssl);
   PendingBufferSize = (UINTN) BIO_ctrl_pending (TlsConn->OutBio);
 }
   }
 
+  if (ret < 1) {
+ret = SSL_get_error (TlsConn->Ssl, ret);
+if (ret == SSL_ERROR_SSL ||
+ret == SSL_ERROR_SYSCALL ||
+ret == SSL_ERROR_ZERO_RETURN) {
+  DEBUG ((DEBUG_ERROR, "%a SSL_HANDSHAKE_ERROR State=0x%x SSL_ERROR_%a\n", 
__FUNCTION__, SSL_state (TlsConn->Ssl),
+ret == SSL_ERROR_SSL ? "SSL":
+ret == SSL_ERROR_SYSCALL ? "SYSCALL":
+"ZERO_RETURN"
+));
+  DEBUG_CODE_BEGIN ();
+  while (1) {
+e = ERR_get_error ();
+if (e == 0) {
+  break;
+}
+DEBUG ((DEBUG_ERROR, "%a ERROR 0x%x=L%x:F%x:R%x\n", __FUNCTION__, e, 
ERR_GET_LIB (e), ERR_GET_FUNC (e), ERR_GET_REASON (e)));
+  }
+  DEBUG_CODE_END ();
+  return EFI_PROTOCOL_ERROR;
+}
+  }
+
   if (PendingBufferSize > *BufferOutSize) {
 *BufferOutSize = PendingBufferSize;
 return EFI_BUFFER_TOO_SMALL;
-- 
1.9.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 1/1] ShellPkg/UefiShellLevel2CommandsLib: Fix "cp" for GCC systems

[Thomas Palmer]

On GCC built UEFIs, the "cp" command fails with "The source and
destination are the same".

The root cause is that StrniCmp failed to detect a case-
insensitive string difference due to the InternalCharToUpper function
being improperly declared.

Fix is to add missing EFIAPI token to match the original
implementation.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 .../Library/UefiShellLevel2CommandsLib/UefiShellLevel2CommandsLib.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git 
a/ShellPkg/Library/UefiShellLevel2CommandsLib/UefiShellLevel2CommandsLib.c 
b/ShellPkg/Library/UefiShellLevel2CommandsLib/UefiShellLevel2CommandsLib.c
index 7948e53cfc46..4dbff4de26f8 100644
--- a/ShellPkg/Library/UefiShellLevel2CommandsLib/UefiShellLevel2CommandsLib.c
+++ b/ShellPkg/Library/UefiShellLevel2CommandsLib/UefiShellLevel2CommandsLib.c
@@ -21,6 +21,7 @@
 
   * functions are non-interactive only
 
+  (C) Copyright 2017 Hewlett Packard Enterprise Development LP
   Copyright (c) 2014 Hewlett-Packard Development Company, L.P.
   Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.
   This program and the accompanying materials
@@ -268,6 +269,7 @@ VerifyIntermediateDirectories (
   @return Char as an upper case character.
 **/
 CHAR16
+EFIAPI
 InternalCharToUpper (
   IN CONST CHAR16Char
   );
-- 
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH] ShellPkg/UefiHandleParsingLib: Fix GUID reference

[Thomas Palmer]

Pass in GUID* for the GUID reference in a CatSPrint statement. Issue
was noticed when running "dh -d -v" command on a system with a PCI
NIC installed.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 ShellPkg/Library/UefiHandleParsingLib/UefiHandleParsingLib.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ShellPkg/Library/UefiHandleParsingLib/UefiHandleParsingLib.c 
b/ShellPkg/Library/UefiHandleParsingLib/UefiHandleParsingLib.c
index 4c46e5e..9d97d05 100644
--- a/ShellPkg/Library/UefiHandleParsingLib/UefiHandleParsingLib.c
+++ b/ShellPkg/Library/UefiHandleParsingLib/UefiHandleParsingLib.c
@@ -3,7 +3,7 @@
 
   Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.
   (C) Copyright 2013-2015 Hewlett-Packard Development Company, L.P.
-  (C) Copyright 2015 Hewlett Packard Enterprise Development LP
+  (C) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
   This program and the accompanying materials
   are licensed and made available under the terms and conditions of the BSD 
License
   which accompanies this distribution.  The full text of the license may be 
found at
@@ -668,7 +668,7 @@ AdapterInformationDumpInformation (
   if (TempStr == NULL) {
 goto ERROR_EXIT;
   }
-  TempRetVal = CatSPrint (RetVal, TempStr, (GuidIndex + 1), 
InfoTypesBuffer[GuidIndex]);
+  TempRetVal = CatSPrint (RetVal, TempStr, (GuidIndex + 1), 
&InfoTypesBuffer[GuidIndex]);
   SHELL_FREE_NON_NULL (RetVal);
   RetVal = TempRetVal;
   SHELL_FREE_NON_NULL (TempStr);
-- 
1.9.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH] SecurityPkg/Tcg2Dxe: Fix undersized TempBuf

[Thomas Palmer]

TempBuf in SetupEventLog needs to include sizeof (UINT32) to hold
NumberOfAlgorithms.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c 
b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
index b1c885e..ee7c12b 100644
--- a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
+++ b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
@@ -2,6 +2,7 @@
   This module implements Tcg2 Protocol.
   
 Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.
+(C) Copyright 2016 Hewlett Packard Enterprise Development LP
 This program and the accompanying materials 
 are licensed and made available under the terms and conditions of the BSD 
License 
 which accompanies this distribution.  The full text of the license may be 
found at 
@@ -1482,7 +1483,7 @@ SetupEventLog (
   UINT32  DigestListBinSize;
   UINT32  EventSize;
   TCG_EfiSpecIDEventStruct*TcgEfiSpecIdEventStruct;
-  UINT8   TempBuf[sizeof(TCG_EfiSpecIDEventStruct) + 
(HASH_COUNT * sizeof(TCG_EfiSpecIdEventAlgorithmSize)) + sizeof(UINT8)];
+  UINT8   TempBuf[sizeof (TCG_EfiSpecIDEventStruct) + 
sizeof (UINT32) + (HASH_COUNT * sizeof (TCG_EfiSpecIdEventAlgorithmSize)) + 
sizeof (UINT8)];
   TCG_PCR_EVENT_HDR   FirstPcrEvent;
   TCG_EfiSpecIdEventAlgorithmSize *DigestSize;
   TCG_EfiSpecIdEventAlgorithmSize *TempDigestSize;
-- 
1.9.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH] MdeModulePkg/UefiBootManagerLib: Expose BmLoadOption function

[Thomas Palmer]

Redfine the BmIsValidLoadOptionVariableName function to allow public
use. Change name to EfiBootManagerIsValidLoadOptionVariableName to
match naming scheme.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 MdeModulePkg/Include/Library/UefiBootManagerLib.h  | 23 +-
 .../Library/UefiBootManagerLib/BmLoadOption.c  |  9 +
 2 files changed, 27 insertions(+), 5 deletions(-)

diff --git a/MdeModulePkg/Include/Library/UefiBootManagerLib.h 
b/MdeModulePkg/Include/Library/UefiBootManagerLib.h
index afb4271..e761ef2 100644
--- a/MdeModulePkg/Include/Library/UefiBootManagerLib.h
+++ b/MdeModulePkg/Include/Library/UefiBootManagerLib.h
@@ -2,7 +2,7 @@
   Provide Boot Manager related library APIs.
 
 Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.
-(C) Copyright 2015 Hewlett Packard Enterprise Development LP
+(C) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD 
License
 which accompanies this distribution.  The full text of the license may be 
found at
@@ -731,4 +731,25 @@ EFIAPI
 EfiBootManagerProcessLoadOption (
   EFI_BOOT_MANAGER_LOAD_OPTION   *LoadOption
   );
+
+/**
+  Check whether the VariableName is a valid load option variable name
+  and return the load option type and option number.
+
+  @param VariableName The name of the load option variable.
+  @param OptionType   Return the load option type.
+  @param OptionNumber Return the load option number.
+
+  @retval TRUE  The variable name is valid; The load option type and
+load option number is returned.
+  @retval FALSE The variable name is NOT valid.
+**/
+BOOLEAN
+EFIAPI
+EfiBootManagerIsValidLoadOptionVariableName (
+  IN CHAR16 *VariableName,
+  OUT EFI_BOOT_MANAGER_LOAD_OPTION_TYPE *OptionType,
+  OUT UINT16*OptionNumber
+  );
+
 #endif
diff --git a/MdeModulePkg/Library/UefiBootManagerLib/BmLoadOption.c 
b/MdeModulePkg/Library/UefiBootManagerLib/BmLoadOption.c
index 696e995..20fe6af 100644
--- a/MdeModulePkg/Library/UefiBootManagerLib/BmLoadOption.c
+++ b/MdeModulePkg/Library/UefiBootManagerLib/BmLoadOption.c
@@ -2,7 +2,7 @@
   Load option library functions which relate with creating and processing load 
options.
 
 Copyright (c) 2011 - 2016, Intel Corporation. All rights reserved.
-(C) Copyright 2015 Hewlett Packard Enterprise Development LP
+(C) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD 
License
 which accompanies this distribution.  The full text of the license may be 
found at
@@ -775,7 +775,8 @@ BmValidateOption (
   @retval FALSE The variable name is NOT valid.
 **/
 BOOLEAN
-BmIsValidLoadOptionVariableName (
+EFIAPI
+EfiBootManagerIsValidLoadOptionVariableName (
   IN CHAR16 *VariableName,
   OUT EFI_BOOT_MANAGER_LOAD_OPTION_TYPE *OptionType,
   OUT UINT16*OptionNumber
@@ -853,7 +854,7 @@ EfiBootManagerVariableToLoadOptionEx (
 return EFI_INVALID_PARAMETER;
   }
 
-  if (!BmIsValidLoadOptionVariableName (VariableName, &OptionType, 
&OptionNumber)) {
+  if (!EfiBootManagerIsValidLoadOptionVariableName (VariableName, &OptionType, 
&OptionNumber)) {
 return EFI_INVALID_PARAMETER;
   }
 
@@ -979,7 +980,7 @@ BmCollectLoadOptions (
 
   if (CompareGuid (Guid, Param->Guid) && (
   Param->OptionType == LoadOptionTypePlatformRecovery &&
-  BmIsValidLoadOptionVariableName (Name, &OptionType, &OptionNumber) &&
+  EfiBootManagerIsValidLoadOptionVariableName (Name, &OptionType, 
&OptionNumber) &&
   OptionType == LoadOptionTypePlatformRecovery
  )) {
 Status = EfiBootManagerVariableToLoadOptionEx (Name, Guid, &Option);
-- 
1.9.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH] MdeModulePkg/UefiBootManagerLib: BmGetActiveConsoleIn code cleanup

[Thomas Palmer]

Check for NULL from AllocateCopyPool before setting Count to 1. Also
change sizeof (EFI_HANDLE*) to sizeof (EFI_HANDLE).  Handles is a
EFI_HANDLE pointer, so the allocated memory must be the size of
EFI_HANDLE.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 MdeModulePkg/Library/UefiBootManagerLib/BmHotkey.c | 7 +--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/MdeModulePkg/Library/UefiBootManagerLib/BmHotkey.c 
b/MdeModulePkg/Library/UefiBootManagerLib/BmHotkey.c
index b49758b..f8cb69c 100644
--- a/MdeModulePkg/Library/UefiBootManagerLib/BmHotkey.c
+++ b/MdeModulePkg/Library/UefiBootManagerLib/BmHotkey.c
@@ -2,6 +2,7 @@
   Hotkey library functions.
 
 Copyright (c) 2011 - 2016, Intel Corporation. All rights reserved.
+(C) Copyright 2016 Hewlett Packard Enterprise Development LP
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD 
License
 which accompanies this distribution.  The full text of the license may be 
found at
@@ -471,8 +472,10 @@ BmGetActiveConsoleIn (
 EFI_OPEN_PROTOCOL_TEST_PROTOCOL
 );
 if (!EFI_ERROR (Status)) {
-  Handles = AllocateCopyPool (sizeof (EFI_HANDLE *), 
&gST->ConsoleInHandle);
-  *Count  = 1;
+  Handles = AllocateCopyPool (sizeof (EFI_HANDLE), &gST->ConsoleInHandle);
+  if (Handles != NULL) {
+*Count  = 1;
+  }
 }
   } else {
 Status = gBS->LocateHandleBuffer (
-- 
1.9.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH] MdeModulePkg/UefiBootManagerLib: API BmIsValidLoadOptionVariableName

[Thomas Palmer]

Redfine the BmIsValidLoadOptionVariableName function to allow public use. 
Change name to EfiBootManagerIsValidLoadOptionVariableName to match naming 
scheme. Check that VariableName is never NULL and allow OptionType and 
OptionNumber to be optional.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 MdeModulePkg/Include/Library/UefiBootManagerLib.h  | 23 -
 .../Library/UefiBootManagerLib/BmLoadOption.c  | 38 ++
 2 files changed, 46 insertions(+), 15 deletions(-)

diff --git a/MdeModulePkg/Include/Library/UefiBootManagerLib.h 
b/MdeModulePkg/Include/Library/UefiBootManagerLib.h
index afb4271..e3555b5 100644
--- a/MdeModulePkg/Include/Library/UefiBootManagerLib.h
+++ b/MdeModulePkg/Include/Library/UefiBootManagerLib.h
@@ -2,7 +2,7 @@
   Provide Boot Manager related library APIs.
 
 Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.
-(C) Copyright 2015 Hewlett Packard Enterprise Development LP
+(C) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD 
License
 which accompanies this distribution.  The full text of the license may be 
found at
@@ -731,4 +731,25 @@ EFIAPI
 EfiBootManagerProcessLoadOption (
   EFI_BOOT_MANAGER_LOAD_OPTION   *LoadOption
   );
+
+/**
+  Check whether the VariableName is a valid load option variable name
+  and return the load option type and option number.
+
+  @param VariableName The name of the load option variable.
+  @param OptionType   Return the load option type.
+  @param OptionNumber Return the load option number.
+
+  @retval TRUE  The variable name is valid; The load option type and
+load option number is returned.
+  @retval FALSE The variable name is NOT valid.
+**/
+BOOLEAN
+EFIAPI
+EfiBootManagerIsValidLoadOptionVariableName (
+  IN CHAR16 *VariableName,
+  OUT EFI_BOOT_MANAGER_LOAD_OPTION_TYPE *OptionType   OPTIONAL,
+  OUT UINT16*OptionNumber OPTIONAL
+  );
+
 #endif
diff --git a/MdeModulePkg/Library/UefiBootManagerLib/BmLoadOption.c 
b/MdeModulePkg/Library/UefiBootManagerLib/BmLoadOption.c
index 696e995..8201255 100644
--- a/MdeModulePkg/Library/UefiBootManagerLib/BmLoadOption.c
+++ b/MdeModulePkg/Library/UefiBootManagerLib/BmLoadOption.c
@@ -2,7 +2,7 @@
   Load option library functions which relate with creating and processing load 
options.
 
 Copyright (c) 2011 - 2016, Intel Corporation. All rights reserved.
-(C) Copyright 2015 Hewlett Packard Enterprise Development LP
+(C) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD 
License
 which accompanies this distribution.  The full text of the license may be 
found at
@@ -775,16 +775,21 @@ BmValidateOption (
   @retval FALSE The variable name is NOT valid.
 **/
 BOOLEAN
-BmIsValidLoadOptionVariableName (
+EFIAPI
+EfiBootManagerIsValidLoadOptionVariableName (
   IN CHAR16 *VariableName,
-  OUT EFI_BOOT_MANAGER_LOAD_OPTION_TYPE *OptionType,
-  OUT UINT16*OptionNumber
+  OUT EFI_BOOT_MANAGER_LOAD_OPTION_TYPE *OptionType   OPTIONAL,
+  OUT UINT16*OptionNumber OPTIONAL
   )
 {
   UINTN VariableNameLen;
   UINTN Index;
   UINTN Uint;
 
+  if (VariableName == NULL) {
+return FALSE;
+  }
+
   VariableNameLen = StrLen (VariableName);
 
   if (VariableNameLen <= 4) {
@@ -803,14 +808,19 @@ BmIsValidLoadOptionVariableName (
 return FALSE;
   }
 
-  *OptionType = (EFI_BOOT_MANAGER_LOAD_OPTION_TYPE) Index;
-  *OptionNumber = 0;
-  for (Index = VariableNameLen - 4; Index < VariableNameLen; Index++) {
-Uint = BmCharToUint (VariableName[Index]);
-if (Uint == -1) {
-  break;
-} else {
-  *OptionNumber = (UINT16) Uint + *OptionNumber * 0x10;
+  if (OptionType != NULL) {
+*OptionType = (EFI_BOOT_MANAGER_LOAD_OPTION_TYPE) Index;
+  }
+
+  if (OptionNumber != NULL) {
+*OptionNumber = 0;
+for (Index = VariableNameLen - 4; Index < VariableNameLen; Index++) {
+  Uint = BmCharToUint (VariableName[Index]);
+  if (Uint == -1) {
+break;
+  } else {
+*OptionNumber = (UINT16) Uint + *OptionNumber * 0x10;
+  }
 }
   }
 
@@ -853,7 +863,7 @@ EfiBootManagerVariableToLoadOptionEx (
 return EFI_INVALID_PARAMETER;
   }
 
-  if (!BmIsValidLoadOptionVariableName (VariableName, &OptionType, 
&OptionNumber)) {
+  if (!EfiBootManagerIsValidLoadOptionVariableName (VariableName, &OptionType, 
&OptionNumber)) {
 return EFI_INVALID_PARAMETER;
   }
 
@@ -979,7 +989,7 @@ BmCollectLoadOptions (
 
   if (CompareGuid (Guid, Param->Guid) &

[edk2] [PATCH] [BaseTools]/Build: Consider only build-specified architectures

[Thomas Palmer]

When building for any specific architecture, the build script today
is loading DSC sections for other architectures not in the build.
The build process should disregard DSC sections that are not
relevant to the build.

This fixes scenario whereby a build occurs in a source tree that was
been cleaned of non-essential directories.  For instance, X64 builds
do not require the ArmPkg directory to build a firmware image.  This
condition (build break when ArmPkg is absent) occurs when included
DSCs have sections for multiple architectures.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 BaseTools/Source/Python/GenFds/FfsInfStatement.py  | 36 --
 .../Source/Python/Workspace/WorkspaceDatabase.py   |  8 +
 2 files changed, 14 insertions(+), 30 deletions(-)

diff --git a/BaseTools/Source/Python/GenFds/FfsInfStatement.py 
b/BaseTools/Source/Python/GenFds/FfsInfStatement.py
index 864e5be..3c59f14 100644
--- a/BaseTools/Source/Python/GenFds/FfsInfStatement.py
+++ b/BaseTools/Source/Python/GenFds/FfsInfStatement.py
@@ -2,7 +2,7 @@
 # process FFS generation from INF statement
 #
 #  Copyright (c) 2007 - 2015, Intel Corporation. All rights reserved.
-#  Copyright (c) 2014 Hewlett-Packard Development Company, L.P.
+#  Copyright (c) 2014-2016 Hewlett-Packard Development Company, L.P.
 #
 #  This program and the accompanying materials
 #  are licensed and made available under the terms and conditions of the BSD 
License
@@ -555,35 +555,11 @@ class FfsInfStatement(FfsInfStatementClassObject):
 
 InfFileKey = 
os.path.normpath(mws.join(GenFdsGlobalVariable.WorkSpaceDir, self.InfFileName))
 DscArchList = []
-PlatformDataBase = 
GenFdsGlobalVariable.WorkSpace.BuildObject[GenFdsGlobalVariable.ActivePlatform, 
'IA32', GenFdsGlobalVariable.TargetName, GenFdsGlobalVariable.ToolChainTag]
-if  PlatformDataBase != None:
-if InfFileKey in PlatformDataBase.Modules:
-DscArchList.append ('IA32')
-
-PlatformDataBase = 
GenFdsGlobalVariable.WorkSpace.BuildObject[GenFdsGlobalVariable.ActivePlatform, 
'X64', GenFdsGlobalVariable.TargetName, GenFdsGlobalVariable.ToolChainTag]
-if  PlatformDataBase != None:
-if InfFileKey in PlatformDataBase.Modules:
-DscArchList.append ('X64')
-
-PlatformDataBase = 
GenFdsGlobalVariable.WorkSpace.BuildObject[GenFdsGlobalVariable.ActivePlatform, 
'IPF', GenFdsGlobalVariable.TargetName, GenFdsGlobalVariable.ToolChainTag]
-if PlatformDataBase != None:
-if InfFileKey in (PlatformDataBase.Modules):
-DscArchList.append ('IPF')
-
-PlatformDataBase = 
GenFdsGlobalVariable.WorkSpace.BuildObject[GenFdsGlobalVariable.ActivePlatform, 
'ARM', GenFdsGlobalVariable.TargetName, GenFdsGlobalVariable.ToolChainTag]
-if PlatformDataBase != None:
-if InfFileKey in (PlatformDataBase.Modules):
-DscArchList.append ('ARM')
-
-PlatformDataBase = 
GenFdsGlobalVariable.WorkSpace.BuildObject[GenFdsGlobalVariable.ActivePlatform, 
'EBC', GenFdsGlobalVariable.TargetName, GenFdsGlobalVariable.ToolChainTag]
-if PlatformDataBase != None:
-if InfFileKey in (PlatformDataBase.Modules):
-DscArchList.append ('EBC')
-
-PlatformDataBase = 
GenFdsGlobalVariable.WorkSpace.BuildObject[GenFdsGlobalVariable.ActivePlatform, 
'AARCH64', GenFdsGlobalVariable.TargetName, GenFdsGlobalVariable.ToolChainTag]
-if PlatformDataBase != None:
-if InfFileKey in (PlatformDataBase.Modules):
-DscArchList.append ('AARCH64')
+for Arch in GenFdsGlobalVariable.ArchList :
+PlatformDataBase = 
GenFdsGlobalVariable.WorkSpace.BuildObject[GenFdsGlobalVariable.ActivePlatform, 
Arch, GenFdsGlobalVariable.TargetName, GenFdsGlobalVariable.ToolChainTag]
+if  PlatformDataBase != None:
+if InfFileKey in PlatformDataBase.Modules:
+DscArchList.append (Arch)
 
 return DscArchList
 
diff --git a/BaseTools/Source/Python/Workspace/WorkspaceDatabase.py 
b/BaseTools/Source/Python/Workspace/WorkspaceDatabase.py
index b2c4d6e..34bc48a 100644
--- a/BaseTools/Source/Python/Workspace/WorkspaceDatabase.py
+++ b/BaseTools/Source/Python/Workspace/WorkspaceDatabase.py
@@ -2,6 +2,7 @@
 # This file is used to create a database used by build tool
 #
 # Copyright (c) 2008 - 2016, Intel Corporation. All rights reserved.
+# (C) Copyright 2016 Hewlett Packard Enterprise Development LP
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD 
License
 # which accompanies this distribution.  The full text of the license may be 
found at
@@ -543,6 +544,13 @@ class DscBuildData(PlatformBuildClassObject):

[edk2] [PATCH v2 0/2][edk2-staging/HTTPS-TLS][PATCH]: CryptoPkg/TlsLib: Version renegotiate

[Thomas Palmer]

The TLS protocol allows for clients and servers to negotiate which
version of TLS to use.  Newer versions are deemed safer, so when
they are available the client and server should opt to use them.

The EDK2 TLS code today only allows TLSv1.0 for TLS communication,
regardless of the target server's capabilities. In order to use the
newer protocols, we'll update the EDK2 TlsLib.c code to allow for
TLS version negotiation when a new TLS object is created. The TLS
version specified in TlsCtxNew will be the minimum version accepted.

Because EDK2 is not yet using OpenSSL 1.1, we use SSL_set_options to
simulate SSL_CTX_set_min_proto_version.

We'll leave the current "EfiTlsVersion" functionality intact, which
will restrict which version of TLS to use and prevent negotiation.

However, to demonstrate the TLS regotiation in this feature branch,
we'll remove the code that calls EfiTlsVersion in the HttpDxe
module.

Contributed-under: TianoCore Contribution Agreement 1.0

Thomas Palmer (2):
  [edk2-staging/HTTPS-TLS][PATCH]: CryptoPkg/TlsLib: TLS Ver negotiate
  [edk2-staging/HTTPS-TLS][PATCH]: NetworkPkg/HttpDxe: Unrestrict TLSv

 CryptoPkg/Library/TlsLib/TlsLib.c | 20 
 NetworkPkg/HttpDxe/HttpsSupport.c | 14 +-
 2 files changed, 17 insertions(+), 17 deletions(-)

-- 
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH v2 2/2] [edk2-staging/HTTPS-TLS][PATCH]: NetworkPkg/HttpDxe: Unrestrict TLSv

[Thomas Palmer]

Demonstrate the TLS regotiation in this feature branch. Remove the
code that calls EfiTlsVersion in the HttpDxe module.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 NetworkPkg/HttpDxe/HttpsSupport.c | 14 +-
 1 file changed, 1 insertion(+), 13 deletions(-)

diff --git a/NetworkPkg/HttpDxe/HttpsSupport.c 
b/NetworkPkg/HttpDxe/HttpsSupport.c
index 9a68b45..5af3233 100644
--- a/NetworkPkg/HttpDxe/HttpsSupport.c
+++ b/NetworkPkg/HttpDxe/HttpsSupport.c
@@ -2,6 +2,7 @@
   Miscellaneous routines specific to Https for HttpDxe driver.
 
 Copyright (c) 2016, Intel Corporation. All rights reserved.
+(C) Copyright 2016 Hewlett Packard Enterprise Development LP
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD 
License
 which accompanies this distribution.  The full text of the license may be 
found at
@@ -480,30 +481,17 @@ TlsConfigureSession (
   //
   // TlsConfigData initialization
   //
-  HttpInstance->TlsConfigData.Version.Major = TLS10_PROTOCOL_VERSION_MAJOR;
-  HttpInstance->TlsConfigData.Version.Minor = TLS10_PROTOCOL_VERSION_MINOR;
   HttpInstance->TlsConfigData.ConnectionEnd = EfiTlsClient;
   HttpInstance->TlsConfigData.VerifyMethod = EFI_TLS_VERIFY_PEER;
   HttpInstance->TlsConfigData.SessionState = EfiTlsSessionNotStarted;
 
   //
-  // EfiTlsVersion
   // EfiTlsConnectionEnd,
   // EfiTlsVerifyMethod
   // EfiTlsSessionState
   //
   Status = HttpInstance->Tls->SetSessionData (
 HttpInstance->Tls,
-EfiTlsVersion,
-&(HttpInstance->TlsConfigData.Version),
-sizeof (EFI_TLS_VERSION)
-);
-  if (EFI_ERROR (Status)) {
-goto ERROR;
-  }
-  
-  Status = HttpInstance->Tls->SetSessionData (
-HttpInstance->Tls,
 EfiTlsConnectionEnd,
 &(HttpInstance->TlsConfigData.ConnectionEnd),
 sizeof (EFI_TLS_CONNECTION_END)
-- 
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH v2 1/2] [edk2-staging/HTTPS-TLS][PATCH]: CryptoPkg/TlsLib: TLS Ver negotiate

[Thomas Palmer]

The TLS protocol allows for clients and servers to negotiate which
version of TLS to use.  Newer versions are deemed safer, so when
they are available the client and server should opt to use them.

The EDK2 TLS code today only allows TLSv1.0 for TLS communication,
regardless of the target server's capabilities. In order to use the
newer protocols, we'll update the EDK2 TlsLib.c code to allow for
TLS version negotiation when a new TLS object is created. The TLS
version specified in TlsCtxNew will be the minimum version accepted.

Because EDK2 is not yet using OpenSSL 1.1, we use SSL_set_options to
simulate SSL_CTX_set_min_proto_version.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 CryptoPkg/Library/TlsLib/TlsLib.c | 20 
 1 file changed, 16 insertions(+), 4 deletions(-)

diff --git a/CryptoPkg/Library/TlsLib/TlsLib.c 
b/CryptoPkg/Library/TlsLib/TlsLib.c
index aa08595..32bd165 100644
--- a/CryptoPkg/Library/TlsLib/TlsLib.c
+++ b/CryptoPkg/Library/TlsLib/TlsLib.c
@@ -195,26 +195,38 @@ TlsCtxNew (
 
   ProtoVersion = (MajorVer << 8) | MinorVer;
 
-  TlsCtx = NULL;
+  TlsCtx = SSL_CTX_new (SSLv23_client_method ());
+  if (TlsCtx == NULL) {
+return NULL;
+  }
+
+  //
+  // Ensure SSLv3 is disabled
+  //
+  SSL_CTX_set_options (TlsCtx, SSL_OP_NO_SSLv3);
 
+  //
+  // Treat as minimum accepted versions.  Client can use higher
+  // TLS version if server supports it
+  //
   switch (ProtoVersion) {
   case TLS1_VERSION:
 //
 // TLS 1.0
 //
-TlsCtx = SSL_CTX_new (TLSv1_method ());
 break;
   case TLS1_1_VERSION:
 //
 // TLS 1.1
 //
-TlsCtx = SSL_CTX_new (TLSv1_1_method ());
+SSL_CTX_set_options (TlsCtx, SSL_OP_NO_TLSv1);
 break;
   case TLS1_2_VERSION:
 //
 // TLS 1.2
 //
-TlsCtx = SSL_CTX_new (TLSv1_2_method ());
+SSL_CTX_set_options (TlsCtx, SSL_OP_NO_TLSv1);
+SSL_CTX_set_options (TlsCtx, SSL_OP_NO_TLSv1_1);
 break;
   default:
 //
-- 
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH] ShellPkg/UefiShellTftpCommandLib: Update TFTP help text

[Thomas Palmer]

Clear up some help text for the TFTP shell command

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 .../Library/UefiShellTftpCommandLib/UefiShellTftpCommandLib.uni   | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git 
a/ShellPkg/Library/UefiShellTftpCommandLib/UefiShellTftpCommandLib.uni 
b/ShellPkg/Library/UefiShellTftpCommandLib/UefiShellTftpCommandLib.uni
index a16265c..4f4447d 100644
--- a/ShellPkg/Library/UefiShellTftpCommandLib/UefiShellTftpCommandLib.uni
+++ b/ShellPkg/Library/UefiShellTftpCommandLib/UefiShellTftpCommandLib.uni
@@ -1,6 +1,6 @@
 // /**
 //
-// (C) Copyright 2015 Hewlett Packard Enterprise Development LP
+// (C) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
 // Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved. 
 // This program and the accompanying materials
 // are licensed and made available under the terms and conditions of the BSD 
License
@@ -75,11 +75,11 @@
 " stored locally using the provided file path. If the local file path 
is\r\n"
 " not specified, the file is stored in the current directory using the 
file\r\n"
 " server's name.\r\n"
-"  2. Prior to invoke the TFTP command, the network interface intended to 
be\r\n"
-" used to retrieve the file as to be configured. This configuration may 
be\r\n"
+"  2. Before using the TFTP command, the network interface intended to be\r\n"
+" used to retrieve the file must be configured. This configuration may 
be\r\n"
 " done by means of the 'ifconfig' command.\r\n"
 "  3. If a network interface is defined with the '-i' option then only 
this\r\n"
-" interface is used to access to the remote file. Otherwise, all 
network\r\n"
+" interface will be used to retrieve the remote file. Otherwise, all 
network\r\n"
 " interfaces are tried in the order they have been discovered during 
the\r\n"
 " DXE phase.\r\n"
 ".SH EXAMPLES\r\n"
-- 
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH] Nt32Pkg/WinNtBusDriverDxe: Fix small memory overrun

[Thomas Palmer]

When allocating memory for a string, the CHAR16 NUL character needs
two bytes of space. Use StrSize to get accurate size

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 Nt32Pkg/WinNtBusDriverDxe/WinNtBusDriver.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Nt32Pkg/WinNtBusDriverDxe/WinNtBusDriver.c 
b/Nt32Pkg/WinNtBusDriverDxe/WinNtBusDriver.c
index 1516ab8..c46ee07 100644
--- a/Nt32Pkg/WinNtBusDriverDxe/WinNtBusDriver.c
+++ b/Nt32Pkg/WinNtBusDriverDxe/WinNtBusDriver.c
@@ -452,8 +452,8 @@ Returns:
 PcdTempStr = (VOID *)LibPcdGetPtr (mPcdEnvironment[Index].Token);
 ASSERT (PcdTempStr != NULL);
 
-TempStrSize = StrLen (PcdTempStr);
-TempStr = AllocateMemory ((TempStrSize * sizeof (CHAR16)) + 1);
+TempStrSize = StrSize (PcdTempStr);
+TempStr = AllocateMemory (TempStrSize);
 StrCpy (TempStr, PcdTempStr);
 
 StartString = TempStr;
-- 
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH] [edk2-staging/HTTPS-TLS][PATCH]: CryptoPkg/TlsLib: Fix FILE_GUID

[Thomas Palmer]

TlsLib's FILE_GUID is a duplicate of BaseCryptLib. Use a new unique
guid instead

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 CryptoPkg/Library/TlsLib/TlsLib.inf | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/CryptoPkg/Library/TlsLib/TlsLib.inf 
b/CryptoPkg/Library/TlsLib/TlsLib.inf
index 6194e95..823e159 100644
--- a/CryptoPkg/Library/TlsLib/TlsLib.inf
+++ b/CryptoPkg/Library/TlsLib/TlsLib.inf
@@ -2,6 +2,7 @@
 #  SSL/TLS Wrapper Library Instance based on OpenSSL.
 #
 #  Copyright (c) 2016, Intel Corporation. All rights reserved.
+#  (C) Copyright 2016 Hewlett Packard Enterprise Development LP
 #  This program and the accompanying materials
 #  are licensed and made available under the terms and conditions of the BSD 
License
 #  which accompanies this distribution.  The full text of the license may be 
found at
@@ -16,7 +17,7 @@
   INF_VERSION= 0x00010005
   BASE_NAME  = TlsLib
   MODULE_UNI_FILE= TlsLib.uni
-  FILE_GUID  = be3bb803-91b6-4da0-bd91-a8b21c18ca5d
+  FILE_GUID  = CC729DC5-4E21-0B36-1A00-3A8E1B86A155
   MODULE_TYPE= DXE_DRIVER
   VERSION_STRING = 1.0
   LIBRARY_CLASS  = TlsLib|DXE_DRIVER DXE_CORE UEFI_APPLICATION 
UEFI_DRIVER
@@ -43,4 +44,4 @@
   OpensslLib
   IntrinsicLib
   PrintLib
-  OpensslTlsLib
\ No newline at end of file
+  OpensslTlsLib
-- 
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH] [edk2-staging/HTTPS-TLS][PATCH]: Initialize handshake ret variable

[Thomas Palmer]

Initialize the variable that holds the return from SSL_do_handshake.
When the handshake function is not called it will be uninitialized.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 CryptoPkg/Library/TlsLib/TlsLib.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CryptoPkg/Library/TlsLib/TlsLib.c 
b/CryptoPkg/Library/TlsLib/TlsLib.c
index ed300c4..e597995 100644
--- a/CryptoPkg/Library/TlsLib/TlsLib.c
+++ b/CryptoPkg/Library/TlsLib/TlsLib.c
@@ -631,6 +631,7 @@ TlsDoHandshake (
 return EFI_INVALID_PARAMETER;
   }
   
+  ret = 1;
   if(BufferIn == NULL && BufferInSize == 0) {
 //
 // If RequestBuffer is NULL and RequestSize is 0, and TLS session 
-- 
1.9.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH] [edk2-staging/HTTPS-TLS][PATCH]: Centralize TLS var cert name and guid

[Thomas Palmer]

Put the TLS cert variable name define into GlobalVariable.h and create
a GUID for it in CryptoPkg.dec. Describe the minimum size and expected
variable attributes in VarCheckUefiLib.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 CryptoPkg/CryptoPkg.dec|  5 
 .../Library/VarCheckUefiLib/VarCheckUefiLib.inf|  3 +++
 .../VarCheckUefiLib/VarCheckUefiLibNullClass.c | 28 +-
 MdePkg/Include/Guid/GlobalVariable.h   |  7 ++
 NetworkPkg/HttpDxe/HttpDxe.inf |  7 +-
 NetworkPkg/HttpDxe/HttpsSupport.c  |  7 +++---
 NetworkPkg/HttpDxe/HttpsSupport.h  | 11 +
 NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf   |  3 +++
 NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigImpl.c| 11 -
 NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigImpl.h| 11 +
 10 files changed, 61 insertions(+), 32 deletions(-)

diff --git a/CryptoPkg/CryptoPkg.dec b/CryptoPkg/CryptoPkg.dec
index ea02ad7..fe04b7d 100644
--- a/CryptoPkg/CryptoPkg.dec
+++ b/CryptoPkg/CryptoPkg.dec
@@ -5,6 +5,7 @@
 #  It also provides a test application to test libraries.
 #
 #  Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.
+#  (C) Copyright 2016 Hewlett Packard Enterprise Development LP
 #  This program and the accompanying materials
 #  are licensed and made available under the terms and conditions of the BSD 
License
 #  which accompanies this distribution.  The full text of the license may be 
found at
@@ -35,6 +36,10 @@
   ##
   TlsLib|Include/Library/TlsLib.h
 
+[Guids]
+  ## GUID used for TLS Certificate verification
+  gEfiTlsCaCertificateGuid = {0xfd2340D0, 0x3dab, 0x4349, {0xa6, 0xc7, 0x3b, 
0x4f, 0x12, 0xb4, 0x8e, 0xae}}
+
 [Protocols]
   ## Include/Protocol/RuntimeCrypt.h
   gEfiRuntimeCryptProtocolGuid = { 0xe1475e0c, 0x1746, 0x4802, {0x86, 0x2e, 
0x1, 0x1c, 0x2c, 0x2d, 0x9d, 0x86 }}
diff --git a/MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf 
b/MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf
index 128c44d..945397a 100644
--- a/MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf
+++ b/MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf
@@ -36,6 +36,7 @@
 [Packages]
   MdePkg/MdePkg.dec
   MdeModulePkg/MdeModulePkg.dec
+  CryptoPkg/CryptoPkg.dec
 
 [LibraryClasses]
   BaseLib
@@ -81,6 +82,8 @@
   ## SOMETIMES_CONSUMES   ## Variable:L"SysPrep"
   ## SOMETIMES_CONSUMES   ## Variable:L"Key"
   gEfiGlobalVariableGuid
+  ## SOMETIMES_CONSUMES   ## Variable:L"TlsCaCertificate"
+  gEfiTlsCaCertificateGuid
   ## SOMETIMES_CONSUMES   ## Variable:L"DB"
   ## SOMETIMES_CONSUMES   ## Variable:L"DBX"
   ## SOMETIMES_CONSUMES   ## Variable:L"DBT"
diff --git a/MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLibNullClass.c 
b/MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLibNullClass.c
index 8f7126e..b820659 100644
--- a/MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLibNullClass.c
+++ b/MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLibNullClass.c
@@ -2,6 +2,7 @@
   Implementation functions and structures for var check uefi library.
 
 Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.
+(C) Copyright 2016 Hewlett Packard Enterprise Development LP
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD 
License
 which accompanies this distribution.  The full text of the license may be 
found at
@@ -671,10 +672,26 @@ UEFI_DEFINED_VARIABLE_ENTRY mHwErrRecVariable = {
   NULL
 };
 
+//
+// EFI_TLS_CA_CERTIFICATE_VARIABLE
+//
+UEFI_DEFINED_VARIABLE_ENTRY mTlsCaCertificateVariable = {
+  EFI_TLS_CA_CERTIFICATE_VARIABLE,
+  {
+VAR_CHECK_VARIABLE_PROPERTY_REVISION,
+0,
+VARIABLE_ATTRIBUTE_NV_BS_RT,
+sizeof (EFI_SIGNATURE_LIST),
+MAX_UINTN
+  },
+  NULL
+};
+
 EFI_GUID *mUefiDefinedGuid[] = {
   &gEfiGlobalVariableGuid,
   &gEfiImageSecurityDatabaseGuid,
-  &gEfiHardwareErrorVariableGuid
+  &gEfiHardwareErrorVariableGuid,
+  &gEfiTlsCaCertificateGuid,
 };
 
 /**
@@ -915,6 +932,15 @@ VariablePropertySetUefiDefined (
 &gEfiHardwareErrorVariableGuid,
 &mHwErrRecVariable.VariableProperty
 );
+
+  //
+  // EFI_TLS_CA_CERTIFICATE_VARIABLE
+  //
+  VarCheckLibVariablePropertySet (
+mTlsCaCertificateVariable.Name,
+&gEfiTlsCaCertificateGuid,
+&mTlsCaCertificateVariable.VariableProperty
+);
 }
 
 /**
diff --git a/MdePkg/Include/Guid/GlobalVariable.h 
b/MdePkg/Include/Guid/GlobalVariable.h
index 0804236..aebf56d 100644
--- a/MdePkg/Include/Guid/GlobalVariable.h
+++ b/MdePkg/Include/Guid/GlobalVariable.h
@@ -2,6 +2,7 @@
   GUID for EFI (NVRAM) Variables.
 
   Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.
+  (C) Copyright 2016 Hewlett Packard Enterprise Development LP
   This program and the accompa

[edk2] [PATCH] [ShellPkg/UefiHandleParsingLib]: Fix GUID dereference

[Thomas Palmer]

Print's "%g" argument requires a EFI_GUID pointer, not the EFI_GUID
value.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 ShellPkg/Library/UefiHandleParsingLib/UefiHandleParsingLib.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/ShellPkg/Library/UefiHandleParsingLib/UefiHandleParsingLib.c 
b/ShellPkg/Library/UefiHandleParsingLib/UefiHandleParsingLib.c
index b82f925..23d619e 100644
--- a/ShellPkg/Library/UefiHandleParsingLib/UefiHandleParsingLib.c
+++ b/ShellPkg/Library/UefiHandleParsingLib/UefiHandleParsingLib.c
@@ -1323,7 +1323,7 @@ FirmwareManagementDumpInformation (
TempStr,
Index,
ImageInfoV1[Index].ImageIndex,
-   ImageInfoV1[Index].ImageTypeId,
+   &ImageInfoV1[Index].ImageTypeId,
ImageInfoV1[Index].ImageId,
ImageInfoV1[Index].ImageIdName,
ImageInfoV1[Index].Version,
@@ -1350,7 +1350,7 @@ FirmwareManagementDumpInformation (
TempStr,
Index,
ImageInfoV2[Index].ImageIndex,
-   ImageInfoV2[Index].ImageTypeId,
+   &ImageInfoV2[Index].ImageTypeId,
ImageInfoV2[Index].ImageId,
ImageInfoV2[Index].ImageIdName,
ImageInfoV2[Index].Version,
@@ -1378,7 +1378,7 @@ FirmwareManagementDumpInformation (
TempStr,
Index,
ImageInfo[Index].ImageIndex,
-   ImageInfo[Index].ImageTypeId,
+   &ImageInfo[Index].ImageTypeId,
ImageInfo[Index].ImageId,
ImageInfo[Index].ImageIdName,
ImageInfo[Index].Version,
-- 
1.9.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH] [BaseTools/Scripts]: Preserve hii section in GCC binaries

[Thomas Palmer]

This change keeps the .hii sections in GCC built binaries.  Please
refer to email thread titled "[edk2] HII
gEfiHiiPackageListProtocolGuid problem with  GCC48 (VS2012x86 works)"

As this is the first time I've ever touched a GCC linker script,
please feel free to send feedback

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 BaseTools/Scripts/GccBase.lds | 4 
 1 file changed, 4 insertions(+)

diff --git a/BaseTools/Scripts/GccBase.lds b/BaseTools/Scripts/GccBase.lds
index 32310bc..a761fa6 100644
--- a/BaseTools/Scripts/GccBase.lds
+++ b/BaseTools/Scripts/GccBase.lds
@@ -57,6 +57,10 @@ SECTIONS {
 *(.rela .rela.*)
   }
 
+  .hii : ALIGN(CONSTANT(COMMONPAGESIZE)) {
+KEEP (*(.hii))
+  }
+
   /DISCARD/ : {
 *(.note.GNU-stack)
 *(.gnu_debuglink)
-- 
1.9.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH v2] [BaseTools/Scripts]: Preserve hii section in GCC binaries

[Thomas Palmer]

This change keeps the .hii sections in GCC built binaries.  Please
refer to email thread titled "[edk2] HII
gEfiHiiPackageListProtocolGuid problem with  GCC48 (VS2012x86 works)"

As this is the first time I've ever touched a GCC linker script,
please feel free to send feedback

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 BaseTools/Scripts/GccBase.lds | 5 +
 1 file changed, 5 insertions(+)

diff --git a/BaseTools/Scripts/GccBase.lds b/BaseTools/Scripts/GccBase.lds
index 32310bc..7e4cdde 100644
--- a/BaseTools/Scripts/GccBase.lds
+++ b/BaseTools/Scripts/GccBase.lds
@@ -4,6 +4,7 @@
 
   Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.
   Copyright (c) 2015, Linaro Ltd. All rights reserved.
+  (C) Copyright 2016 Hewlett Packard Enterprise Development LP
 
   This program and the accompanying materials are licensed and made available 
under
   the terms and conditions of the BSD License that accompanies this 
distribution.
@@ -57,6 +58,10 @@ SECTIONS {
 *(.rela .rela.*)
   }
 
+  .hii : ALIGN(CONSTANT(COMMONPAGESIZE)) {
+KEEP (*(.hii))
+  }
+
   /DISCARD/ : {
 *(.note.GNU-stack)
 *(.gnu_debuglink)
-- 
1.9.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH v3] [BaseTools/Scripts]: Preserve hii section in GCC binaries

[Thomas Palmer]

According to UEFI spec:
Once an image is loaded, LoadImage() installs
EFI_HII_PACKAGE_LIST_PROTOCOL on the handle if the image contains a
custom PE/COFF resource with the type 'HII'. The protocol's
interface pointer points to the HII package list which is contained
in the resource's data.

This is controlled by the UEFI_HII_RESOURCE_SECTION define in the INF
file.  When present the HII resource is linked with the module
binary.

Unfortunately GCC-built binaries have been stripping the .hii section
entirely.  See  "[edk2] HII gEfiHiiPackageListProtocolGuid problem
with  GCC48(VS2012x86 works)"
http://thread.gmane.org/gmane.comp.bios.tianocore.devel/13438
http://thread.gmane.org/gmane.comp.bios.tianocore.devel/14899

This patch tells the linker to preserve the .hii sections

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 BaseTools/Scripts/GccBase.lds | 5 +
 1 file changed, 5 insertions(+)

diff --git a/BaseTools/Scripts/GccBase.lds b/BaseTools/Scripts/GccBase.lds
index 32310bc..7e4cdde 100644
--- a/BaseTools/Scripts/GccBase.lds
+++ b/BaseTools/Scripts/GccBase.lds
@@ -4,6 +4,7 @@
 
   Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.
   Copyright (c) 2015, Linaro Ltd. All rights reserved.
+  (C) Copyright 2016 Hewlett Packard Enterprise Development LP
 
   This program and the accompanying materials are licensed and made available 
under
   the terms and conditions of the BSD License that accompanies this 
distribution.
@@ -57,6 +58,10 @@ SECTIONS {
 *(.rela .rela.*)
   }
 
+  .hii : ALIGN(CONSTANT(COMMONPAGESIZE)) {
+KEEP (*(.hii))
+  }
+
   /DISCARD/ : {
 *(.note.GNU-stack)
 *(.gnu_debuglink)
-- 
1.9.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH] OvmfPkg/Sec: Handle bigger FV sizes

[Thomas Palmer]

Ovmf's SecMain needs to handle the EFI_COMMON_SECTION_HEADER2 header
so that larger images can be created. Use IS_SECTION2 and
SECTION2_SIZE macros to calculate accurate image sizes when
appropriate.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 OvmfPkg/Sec/SecMain.c | 25 ++---
 1 file changed, 18 insertions(+), 7 deletions(-)

diff --git a/OvmfPkg/Sec/SecMain.c b/OvmfPkg/Sec/SecMain.c
index a12e676..464de10 100644
--- a/OvmfPkg/Sec/SecMain.c
+++ b/OvmfPkg/Sec/SecMain.c
@@ -2,6 +2,7 @@
   Main SEC phase code.  Transitions to PEI.
 
   Copyright (c) 2008 - 2015, Intel Corporation. All rights reserved.
+  (C) Copyright 2016 Hewlett Packard Enterprise Development LP
 
   This program and the accompanying materials
   are licensed and made available under the terms and conditions of the BSD 
License
@@ -332,11 +333,13 @@ DecompressMemFvs (
   UINT32AuthenticationStatus;
   VOID  *OutputBuffer;
   VOID  *ScratchBuffer;
-  EFI_FIRMWARE_VOLUME_IMAGE_SECTION *FvSection;
+  EFI_COMMON_SECTION_HEADER *FvSection;
   EFI_FIRMWARE_VOLUME_HEADER*PeiMemFv;
   EFI_FIRMWARE_VOLUME_HEADER*DxeMemFv;
+  UINT32FvHeaderSize;
+  UINT32FvSectionSize;
 
-  FvSection = (EFI_FIRMWARE_VOLUME_IMAGE_SECTION*) NULL;
+  FvSection = (EFI_COMMON_SECTION_HEADER*) NULL;
 
   Status = FindFfsFileAndSection (
  *Fv,
@@ -386,7 +389,7 @@ DecompressMemFvs (
  OutputBufferSize,
  EFI_SECTION_FIRMWARE_VOLUME_IMAGE,
  0,
- (EFI_COMMON_SECTION_HEADER**) &FvSection
+ &FvSection
  );
   if (EFI_ERROR (Status)) {
 DEBUG ((EFI_D_ERROR, "Unable to find PEI FV section\n"));
@@ -411,7 +414,7 @@ DecompressMemFvs (
  OutputBufferSize,
  EFI_SECTION_FIRMWARE_VOLUME_IMAGE,
  1,
- (EFI_COMMON_SECTION_HEADER**) &FvSection
+ &FvSection
  );
   if (EFI_ERROR (Status)) {
 DEBUG ((EFI_D_ERROR, "Unable to find DXE FV section\n"));
@@ -419,11 +422,19 @@ DecompressMemFvs (
   }
 
   ASSERT (FvSection->Type == EFI_SECTION_FIRMWARE_VOLUME_IMAGE);
-  ASSERT (SECTION_SIZE (FvSection) ==
-  (PcdGet32 (PcdOvmfDxeMemFvSize) + sizeof (*FvSection)));
+
+  if (IS_SECTION2 (FvSection)) {
+FvSectionSize = SECTION2_SIZE (FvSection);
+FvHeaderSize = sizeof (EFI_COMMON_SECTION_HEADER2);
+  } else {
+FvSectionSize = SECTION_SIZE (FvSection);
+FvHeaderSize = sizeof (EFI_COMMON_SECTION_HEADER);
+  }
+
+  ASSERT (FvSectionSize == (PcdGet32 (PcdOvmfDxeMemFvSize) + FvHeaderSize));
 
   DxeMemFv = (EFI_FIRMWARE_VOLUME_HEADER*)(UINTN) PcdGet32 
(PcdOvmfDxeMemFvBase);
-  CopyMem (DxeMemFv, (VOID*) (FvSection + 1), PcdGet32 (PcdOvmfDxeMemFvSize));
+  CopyMem (DxeMemFv, (VOID*) ((UINTN)FvSection + FvHeaderSize), PcdGet32 
(PcdOvmfDxeMemFvSize));
 
   if (DxeMemFv->Signature != EFI_FVH_SIGNATURE) {
 DEBUG ((EFI_D_ERROR, "Extracted FV at %p does not have FV header 
signature\n", DxeMemFv));
-- 
1.9.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] OvmfPkg/Sec: OvmfPkg/Sec: Handle bigger DXEFV sizes

[Thomas Palmer]

OvmfPkg/Sec: OvmfPkg/Sec: Handle bigger DXEFV sizes 

Downstream projects may generate DXEFVs larger than 16MB and are
handled properly by the EDK2 build tools.  However, Ovmf does not
expect to ever see such large FVs and an ASSERT ensues.

This patch will add support for FVs with SECTION2 common headers
to allow for larger DXEFVs.

[PATCH v2 1/2] OvmfPkg/Sec: Use EFI_COMMON_SECTION_HEADER to avoid
[PATCH v2 2/2] OvmfPkg/Sec: Support SECTION2 DXEFV types

Contributed-under: TianoCore Contribution Agreement 1.0
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH v2 2/2] OvmfPkg/Sec: Support SECTION2 DXEFV types

[Thomas Palmer]

Support down-stream projects that require large DXEFV sizes greater
than 16NB by handling SECTION2 common headers. These are already
created by the build tools when necessary.

Use IS_SECTION2 and SECTION2_SIZE macros to calculate accurate image
sizes when appropriate.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 OvmfPkg/Sec/SecMain.c | 16 +---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/OvmfPkg/Sec/SecMain.c b/OvmfPkg/Sec/SecMain.c
index 384fa74..464de10 100644
--- a/OvmfPkg/Sec/SecMain.c
+++ b/OvmfPkg/Sec/SecMain.c
@@ -336,6 +336,8 @@ DecompressMemFvs (
   EFI_COMMON_SECTION_HEADER *FvSection;
   EFI_FIRMWARE_VOLUME_HEADER*PeiMemFv;
   EFI_FIRMWARE_VOLUME_HEADER*DxeMemFv;
+  UINT32FvHeaderSize;
+  UINT32FvSectionSize;
 
   FvSection = (EFI_COMMON_SECTION_HEADER*) NULL;
 
@@ -420,11 +422,19 @@ DecompressMemFvs (
   }
 
   ASSERT (FvSection->Type == EFI_SECTION_FIRMWARE_VOLUME_IMAGE);
-  ASSERT (SECTION_SIZE (FvSection) ==
-  (PcdGet32 (PcdOvmfDxeMemFvSize) + sizeof (*FvSection)));
+
+  if (IS_SECTION2 (FvSection)) {
+FvSectionSize = SECTION2_SIZE (FvSection);
+FvHeaderSize = sizeof (EFI_COMMON_SECTION_HEADER2);
+  } else {
+FvSectionSize = SECTION_SIZE (FvSection);
+FvHeaderSize = sizeof (EFI_COMMON_SECTION_HEADER);
+  }
+
+  ASSERT (FvSectionSize == (PcdGet32 (PcdOvmfDxeMemFvSize) + FvHeaderSize));
 
   DxeMemFv = (EFI_FIRMWARE_VOLUME_HEADER*)(UINTN) PcdGet32 
(PcdOvmfDxeMemFvBase);
-  CopyMem (DxeMemFv, (VOID*) (FvSection + 1), PcdGet32 (PcdOvmfDxeMemFvSize));
+  CopyMem (DxeMemFv, (VOID*) ((UINTN)FvSection + FvHeaderSize), PcdGet32 
(PcdOvmfDxeMemFvSize));
 
   if (DxeMemFv->Signature != EFI_FVH_SIGNATURE) {
 DEBUG ((EFI_D_ERROR, "Extracted FV at %p does not have FV header 
signature\n", DxeMemFv));
-- 
1.9.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH v2 1/2] OvmfPkg/Sec: Use EFI_COMMON_SECTION_HEADER to avoid casts

[Thomas Palmer]

Drop superfluous casts. There is no change in behavior because
EFI_FIRMWARE_VOLUME_IMAGE_SECTION is just a typedef of
EFI_COMMON_SECTION_HEADER.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 OvmfPkg/Sec/SecMain.c | 9 +
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/OvmfPkg/Sec/SecMain.c b/OvmfPkg/Sec/SecMain.c
index a12e676..384fa74 100644
--- a/OvmfPkg/Sec/SecMain.c
+++ b/OvmfPkg/Sec/SecMain.c
@@ -2,6 +2,7 @@
   Main SEC phase code.  Transitions to PEI.
 
   Copyright (c) 2008 - 2015, Intel Corporation. All rights reserved.
+  (C) Copyright 2016 Hewlett Packard Enterprise Development LP
 
   This program and the accompanying materials
   are licensed and made available under the terms and conditions of the BSD 
License
@@ -332,11 +333,11 @@ DecompressMemFvs (
   UINT32AuthenticationStatus;
   VOID  *OutputBuffer;
   VOID  *ScratchBuffer;
-  EFI_FIRMWARE_VOLUME_IMAGE_SECTION *FvSection;
+  EFI_COMMON_SECTION_HEADER *FvSection;
   EFI_FIRMWARE_VOLUME_HEADER*PeiMemFv;
   EFI_FIRMWARE_VOLUME_HEADER*DxeMemFv;
 
-  FvSection = (EFI_FIRMWARE_VOLUME_IMAGE_SECTION*) NULL;
+  FvSection = (EFI_COMMON_SECTION_HEADER*) NULL;
 
   Status = FindFfsFileAndSection (
  *Fv,
@@ -386,7 +387,7 @@ DecompressMemFvs (
  OutputBufferSize,
  EFI_SECTION_FIRMWARE_VOLUME_IMAGE,
  0,
- (EFI_COMMON_SECTION_HEADER**) &FvSection
+ &FvSection
  );
   if (EFI_ERROR (Status)) {
 DEBUG ((EFI_D_ERROR, "Unable to find PEI FV section\n"));
@@ -411,7 +412,7 @@ DecompressMemFvs (
  OutputBufferSize,
  EFI_SECTION_FIRMWARE_VOLUME_IMAGE,
  1,
- (EFI_COMMON_SECTION_HEADER**) &FvSection
+ &FvSection
  );
   if (EFI_ERROR (Status)) {
 DEBUG ((EFI_D_ERROR, "Unable to find DXE FV section\n"));
-- 
1.9.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH] [staging/HTTPS-TLS] Delete extra TlsCipherMappingTable entries

[Thomas Palmer]

The TlsCipherMappingTable will be used to control which ciphers UEFI
officially supports. When a user configures the ciphers, each cipher
is checked against this table and if not found is sent the
EFI_UNSUPPORTED error.

However, when an entry is present in TlsCipherMappingTable, but our
library does not have support for it, the user will not see any
error if other ciphers are being set at the same time.

This patch will remove entries from TlsLib's TlsCipherMappingTable
that our OpenSSL library is not configured to support. This restores
behavior of immediate feedback to user.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 CryptoPkg/Library/TlsLib/TlsLib.c | 7 ---
 1 file changed, 7 deletions(-)

diff --git a/CryptoPkg/Library/TlsLib/TlsLib.c 
b/CryptoPkg/Library/TlsLib/TlsLib.c
index 1f3554a..aa08595 100644
--- a/CryptoPkg/Library/TlsLib/TlsLib.c
+++ b/CryptoPkg/Library/TlsLib/TlsLib.c
@@ -57,31 +57,24 @@ STATIC CONST TLS_CIPHER_PAIR TlsCipherMappingTable[] = {
   { 0x0002, "NULL-SHA" }, /// TLS_RSA_WITH_NULL_SHA
   { 0x0004, "RC4-MD5" },  /// TLS_RSA_WITH_RC4_128_MD5
   { 0x0005, "RC4-SHA" },  /// TLS_RSA_WITH_RC4_128_SHA
-  { 0x0007, "IDEA-CBC-SHA" }, /// TLS_RSA_WITH_IDEA_CBC_SHA
-  { 0x0009, "DES-CBC-SHA" },  /// TLS_RSA_WITH_DES_CBC_SHA
   { 0x000A, "DES-CBC3-SHA" }, /// TLS_RSA_WITH_3DES_EDE_CBC_SHA, 
mandatory TLS 1.1
-  { 0x0013, "DHE-DSS-DES-CBC3-SHA" }, /// 
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA, mandatory TLS 1.0
   { 0x0016, "DHE-RSA-DES-CBC3-SHA" }, /// TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
   { 0x002F, "AES128-SHA" },   /// TLS_RSA_WITH_AES_128_CBC_SHA, 
mandatory TLS 1.2
   { 0x0030, "DH-DSS-AES128-SHA" },/// TLS_DH_DSS_WITH_AES_128_CBC_SHA
   { 0x0031, "DH-RSA-AES128-SHA" },/// TLS_DH_RSA_WITH_AES_128_CBC_SHA
-  { 0x0032, "DHE-DSS-AES128-SHA" },   /// TLS_DHE_DSS_WITH_AES_128_CBC_SHA
   { 0x0033, "DHE-RSA-AES128-SHA" },   /// TLS_DHE_RSA_WITH_AES_128_CBC_SHA
   { 0x0035, "AES256-SHA" },   /// TLS_RSA_WITH_AES_256_CBC_SHA
   { 0x0036, "DH-DSS-AES256-SHA" },/// TLS_DH_DSS_WITH_AES_256_CBC_SHA
   { 0x0037, "DH-RSA-AES256-SHA" },/// TLS_DH_RSA_WITH_AES_256_CBC_SHA
-  { 0x0038, "DHE-DSS-AES256-SHA" },   /// TLS_DHE_DSS_WITH_AES_256_CBC_SHA
   { 0x0039, "DHE-RSA-AES256-SHA" },   /// TLS_DHE_RSA_WITH_AES_256_CBC_SHA
   { 0x003B, "NULL-SHA256" },  /// TLS_RSA_WITH_NULL_SHA256
   { 0x003C, "AES128-SHA256" },/// TLS_RSA_WITH_AES_128_CBC_SHA256
   { 0x003D, "AES256-SHA256" },/// TLS_RSA_WITH_AES_256_CBC_SHA256
   { 0x003E, "DH-DSS-AES128-SHA256" }, /// 
TLS_DH_DSS_WITH_AES_128_CBC_SHA256
   { 0x003F, "DH-RSA-AES128-SHA256" }, /// 
TLS_DH_RSA_WITH_AES_128_CBC_SHA256
-  { 0x0040, "DHE-DSS-AES128-SHA256" },/// 
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
   { 0x0067, "DHE-RSA-AES128-SHA256" },/// 
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
   { 0x0068, "DH-DSS-AES256-SHA256" }, /// 
TLS_DH_DSS_WITH_AES_256_CBC_SHA256
   { 0x0069, "DH-RSA-AES256-SHA256" }, /// 
TLS_DH_RSA_WITH_AES_256_CBC_SHA256
-  { 0x006A, "DHE-DSS-AES256-SHA256" },/// 
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
   { 0x006B, "DHE-RSA-AES256-SHA256" } /// 
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
 };
 
-- 
1.9.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [edk2-staging/HTTPS-TLS][PATCH]: CryptoPkg/TlsLib: Version renegotiate

[Thomas Palmer]

The TLS protocol allows for clients and servers to negotiate which
version of TLS to use.  Newer versions are deemed safer, so when
they are available the client and server should opt to use them.

The EDK2 TLS code today only allows TLSv1.0 for TLS communication,
regardless of the target server's capabilities. In order to use the
newer protocols, we'll update the EDK2 TlsLib.c code to allow for
TLS version negotiation when a new TLS object is created. The TLS
version specified in TlsCtxNew will be the minimum version accepted.

Because EDK2 is not yet using OpenSSL 1.1, we use SSL_set_options to
simulate SSL_CTX_set_min_proto_version.

We'll leave the current "EfiTlsVersion" functionality intact, which
will restrict which version of TLS to use and prevent negotiation.

However, to demonstrate the TLS regotiation in this feature branch,
we'll remove the code that calls EfiTlsVersion in the HttpDxe
module.

[PATCH 1/2] [edk2-staging/HTTPS-TLS][PATCH]: CryptoPkg/TlsLib: TLS
[PATCH 2/2] [edk2-staging/HTTPS-TLS][PATCH]: NetworkPkg/HttpDxe:
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 2/2] [edk2-staging/HTTPS-TLS][PATCH]: NetworkPkg/HttpDxe: Unrestrict TLSv

[Thomas Palmer]

Demonstrate the TLS regotiation in this feature branch. Remove the
code that calls EfiTlsVersion in the HttpDxe module.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 NetworkPkg/HttpDxe/HttpsSupport.c | 12 +---
 1 file changed, 1 insertion(+), 11 deletions(-)

diff --git a/NetworkPkg/HttpDxe/HttpsSupport.c 
b/NetworkPkg/HttpDxe/HttpsSupport.c
index 9a68b45..4cfeab5 100644
--- a/NetworkPkg/HttpDxe/HttpsSupport.c
+++ b/NetworkPkg/HttpDxe/HttpsSupport.c
@@ -2,6 +2,7 @@
   Miscellaneous routines specific to Https for HttpDxe driver.
 
 Copyright (c) 2016, Intel Corporation. All rights reserved.
+(C) Copyright 2016 Hewlett Packard Enterprise Development LP
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD 
License
 which accompanies this distribution.  The full text of the license may be 
found at
@@ -487,23 +488,12 @@ TlsConfigureSession (
   HttpInstance->TlsConfigData.SessionState = EfiTlsSessionNotStarted;
 
   //
-  // EfiTlsVersion
   // EfiTlsConnectionEnd,
   // EfiTlsVerifyMethod
   // EfiTlsSessionState
   //
   Status = HttpInstance->Tls->SetSessionData (
 HttpInstance->Tls,
-EfiTlsVersion,
-&(HttpInstance->TlsConfigData.Version),
-sizeof (EFI_TLS_VERSION)
-);
-  if (EFI_ERROR (Status)) {
-goto ERROR;
-  }
-  
-  Status = HttpInstance->Tls->SetSessionData (
-HttpInstance->Tls,
 EfiTlsConnectionEnd,
 &(HttpInstance->TlsConfigData.ConnectionEnd),
 sizeof (EFI_TLS_CONNECTION_END)
-- 
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 1/2] [edk2-staging/HTTPS-TLS][PATCH]: CryptoPkg/TlsLib: TLS Ver negotiate

[Thomas Palmer]

The TLS protocol allows for clients and servers to negotiate which
version of TLS to use.  Newer versions are deemed safer, so when
they are available the client and server should opt to use them.

The EDK2 TLS code today only allows TLSv1.0 for TLS communication,
regardless of the target server's capabilities. In order to use the
newer protocols, we'll update the EDK2 TlsLib.c code to allow for
TLS version negotiation when a new TLS object is created. The TLS
version specified in TlsCtxNew will be the minimum version accepted.

Because EDK2 is not yet using OpenSSL 1.1, we use SSL_set_options to
simulate SSL_CTX_set_min_proto_version.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 CryptoPkg/Library/TlsLib/TlsLib.c | 21 +
 1 file changed, 17 insertions(+), 4 deletions(-)

diff --git a/CryptoPkg/Library/TlsLib/TlsLib.c 
b/CryptoPkg/Library/TlsLib/TlsLib.c
index aa08595..0ff699b 100644
--- a/CryptoPkg/Library/TlsLib/TlsLib.c
+++ b/CryptoPkg/Library/TlsLib/TlsLib.c
@@ -195,26 +195,39 @@ TlsCtxNew (
 
   ProtoVersion = (MajorVer << 8) | MinorVer;
 
-  TlsCtx = NULL;
+  TlsCtx = SSL_CTX_new (SSLv23_client_method ());
+  if (TlsCtx == NULL) {
+ASSERT (TlsCtx != NULL);
+return NULL;
+  }
+
+  //
+  // Ensure SSLv3 is disabled
+  //
+  SSL_CTX_set_options (TlsCtx, SSL_OP_NO_SSLv3);
 
+  //
+  // Treat as minimum accepted versions.  Client can use higher
+  // TLS version if server supports it
+  //
   switch (ProtoVersion) {
   case TLS1_VERSION:
 //
 // TLS 1.0
 //
-TlsCtx = SSL_CTX_new (TLSv1_method ());
 break;
   case TLS1_1_VERSION:
 //
 // TLS 1.1
 //
-TlsCtx = SSL_CTX_new (TLSv1_1_method ());
+SSL_CTX_set_options (TlsCtx, SSL_OP_NO_TLSv1);
 break;
   case TLS1_2_VERSION:
 //
 // TLS 1.2
 //
-TlsCtx = SSL_CTX_new (TLSv1_2_method ());
+SSL_CTX_set_options (TlsCtx, SSL_OP_NO_TLSv1);
+SSL_CTX_set_options (TlsCtx, SSL_OP_NO_TLSv1_1);
 break;
   default:
 //
-- 
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH] Pkg-Module: Integrate new RngLib into RngDxe

[Thomas Palmer]

Use the new RngLib to provide the IA32/X64 random data for RngDxe.
Remove x86 specific functions from RdRand files.
Clean up files in RngDxe/IA32 and RngDxe/X64 that are subsumed by files in 
BaseRngLib.
A key piece to this change was creating a RdRandWord and RdRandGetWords 
functions that could work for both IA32 and X64 builds.  The RngLib provides 
functions to get 16,32, and 64 bit random values, but RngDxe uses RdRandWord to 
get a UINTN value.   I use sizeof (UINTN) to determine when to use 
GetRandomNumber32 or GetRandomNumber64

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 .../RngDxe/IA32/AsmRdRand.asm  |   67 
 .../RandomNumberGenerator/RngDxe/IA32/GccRdRand.c  |   69 
 SecurityPkg/RandomNumberGenerator/RngDxe/RdRand.c  |  173 +---
 SecurityPkg/RandomNumberGenerator/RngDxe/RdRand.h  |  115 +
 SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.c  |9 +-
 .../RandomNumberGenerator/RngDxe/RngDxe.inf|   14 +-
 .../RandomNumberGenerator/RngDxe/X64/AsmRdRand.asm |   83 --
 .../RandomNumberGenerator/RngDxe/X64/GccRdRand.c   |   95 ---
 SecurityPkg/SecurityPkg.dsc|3 +
 9 files changed, 47 insertions(+), 581 deletions(-)
 delete mode 100644 SecurityPkg/RandomNumberGenerator/RngDxe/IA32/AsmRdRand.asm
 delete mode 100644 SecurityPkg/RandomNumberGenerator/RngDxe/IA32/GccRdRand.c
 delete mode 100644 SecurityPkg/RandomNumberGenerator/RngDxe/X64/AsmRdRand.asm
 delete mode 100644 SecurityPkg/RandomNumberGenerator/RngDxe/X64/GccRdRand.c

diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/IA32/AsmRdRand.asm 
b/SecurityPkg/RandomNumberGenerator/RngDxe/IA32/AsmRdRand.asm
deleted file mode 100644
index 37b3830..000
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/IA32/AsmRdRand.asm
+++ /dev/null
@@ -1,67 +0,0 @@
-;--
-;
-; Copyright (c) 2013, Intel Corporation. All rights reserved.
-; This program and the accompanying materials
-; are licensed and made available under the terms and conditions of the BSD 
License
-; which accompanies this distribution.  The full text of the license may be 
found at
-; http://opensource.org/licenses/bsd-license.php.
-;
-; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-;
-; Module Name:
-;
-;   AsmRdRand.Asm
-;
-; Abstract:
-;
-;   Implementation for 16-, and 32- invocations of RDRAND instruction under 
32bit platform.
-;
-; Notes:
-;
-;   Visual Studio coding practices do not use inline asm since multiple 
compilers and 
-;   architectures are supported assembler not recognizing rdrand instruction 
so using DB's.
-;
-;--
-
-.586P
-.model flat, C
-.code
- 
-;--
-;  Generate a 16 bit random number
-;  Return TRUE if Rand generated successfully, or FALSE if not
-;
-;  BOOLEAN EFIAPI RdRand16Step (UINT16 *Rand);   ECX
-;--
-RdRand16Step  PROC
-; rdrand   ax  ; generate a 16 bit RN into ax, CF=1 if RN 
generated ok, otherwise CF=0
-db 0fh, 0c7h, 0f0h ; rdrand r16:  "0f c7 /6  ModRM:r/m(w)"
-jb rn16_ok ; jmp if CF=1
-xoreax, eax; reg=0 if CF=0
-ret; return with failure status
-rn16_ok:
-mov[ecx], ax
-moveax, 1
-ret
-RdRand16Step ENDP
-
-;--
-;  Generate a 32 bit random number
-;Return TRUE if Rand generated successfully, or FALSE if not
-;
-;  BOOLEAN EFIAPI RdRand32Step (UINT32 *Rand);   ECX
-;--
-RdRand32Step  PROC
-; rdrand   eax ; generate a 32 bit RN into eax, CF=1 if RN 
generated ok, otherwise CF=0
-db 0fh, 0c7h, 0f0h ; rdrand r32:  "0f c7 /6  ModRM:r/m(w)"
-jb rn32_ok ; jmp if CF=1
-xoreax, eax; reg=0 if CF=0
-ret; return with failure status
-rn32_ok:
-mov[ecx], eax
-moveax,  1
-ret
-RdRand32Step  ENDP
-
-END
diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/IA32/GccRdRand.c 
b/SecurityPkg/RandomNumberGenerator/RngDxe/IA32/GccRdRand.c
deleted file mode 100644
index f42302a..000
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/IA32/GccRdRand.c
+++ /dev/null
@@ -1,69 +0,0 @@
-/** @file
-  RDRAND Support Routines for GCC environment.
-
-Copyright (c) 2013, Intel Corporation. All rights reserved.
-This program and the accompanying materials
-ar

[edk2] [PATCH] Pkg-Module: Integrate new RngLib into RngDxe v2

[Thomas Palmer]

Use the new RngLib to provide the IA32/X64 random data for RngDxe.
Remove x86 specific functions from RdRand files.
Clean up files in RngDxe/IA32 and RngDxe/X64 that are subsumed by files in 
BaseRngLib.
Simplify RngDxe by using GetRandomNumber64 for both IA32 and X64 platforms. 
Explicitly use UINT64 instead of UINTN where appropriate

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 .../RngDxe/IA32/AsmRdRand.asm  |   67 --
 .../RandomNumberGenerator/RngDxe/IA32/GccRdRand.c  |   69 --
 .../RandomNumberGenerator/RngDxe/IA32/RdRandWord.c |  104 -
 SecurityPkg/RandomNumberGenerator/RngDxe/RdRand.c  |  241 +---
 SecurityPkg/RandomNumberGenerator/RngDxe/RdRand.h  |  151 +---
 SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.c  |9 +-
 .../RandomNumberGenerator/RngDxe/RngDxe.inf|   14 +-
 .../RandomNumberGenerator/RngDxe/X64/AsmRdRand.asm |   83 ---
 .../RandomNumberGenerator/RngDxe/X64/GccRdRand.c   |   95 
 .../RandomNumberGenerator/RngDxe/X64/RdRandWord.c  |   70 --
 SecurityPkg/SecurityPkg.dsc|3 +
 11 files changed, 60 insertions(+), 846 deletions(-)
 delete mode 100644 SecurityPkg/RandomNumberGenerator/RngDxe/IA32/AsmRdRand.asm
 delete mode 100644 SecurityPkg/RandomNumberGenerator/RngDxe/IA32/GccRdRand.c
 delete mode 100644 SecurityPkg/RandomNumberGenerator/RngDxe/IA32/RdRandWord.c
 delete mode 100644 SecurityPkg/RandomNumberGenerator/RngDxe/X64/AsmRdRand.asm
 delete mode 100644 SecurityPkg/RandomNumberGenerator/RngDxe/X64/GccRdRand.c
 delete mode 100644 SecurityPkg/RandomNumberGenerator/RngDxe/X64/RdRandWord.c

diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/IA32/AsmRdRand.asm 
b/SecurityPkg/RandomNumberGenerator/RngDxe/IA32/AsmRdRand.asm
deleted file mode 100644
index 37b3830..000
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/IA32/AsmRdRand.asm
+++ /dev/null
@@ -1,67 +0,0 @@
-;--
-;
-; Copyright (c) 2013, Intel Corporation. All rights reserved.
-; This program and the accompanying materials
-; are licensed and made available under the terms and conditions of the BSD 
License
-; which accompanies this distribution.  The full text of the license may be 
found at
-; http://opensource.org/licenses/bsd-license.php.
-;
-; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-;
-; Module Name:
-;
-;   AsmRdRand.Asm
-;
-; Abstract:
-;
-;   Implementation for 16-, and 32- invocations of RDRAND instruction under 
32bit platform.
-;
-; Notes:
-;
-;   Visual Studio coding practices do not use inline asm since multiple 
compilers and 
-;   architectures are supported assembler not recognizing rdrand instruction 
so using DB's.
-;
-;--
-
-.586P
-.model flat, C
-.code
- 
-;--
-;  Generate a 16 bit random number
-;  Return TRUE if Rand generated successfully, or FALSE if not
-;
-;  BOOLEAN EFIAPI RdRand16Step (UINT16 *Rand);   ECX
-;--
-RdRand16Step  PROC
-; rdrand   ax  ; generate a 16 bit RN into ax, CF=1 if RN 
generated ok, otherwise CF=0
-db 0fh, 0c7h, 0f0h ; rdrand r16:  "0f c7 /6  ModRM:r/m(w)"
-jb rn16_ok ; jmp if CF=1
-xoreax, eax; reg=0 if CF=0
-ret; return with failure status
-rn16_ok:
-mov[ecx], ax
-moveax, 1
-ret
-RdRand16Step ENDP
-
-;--
-;  Generate a 32 bit random number
-;Return TRUE if Rand generated successfully, or FALSE if not
-;
-;  BOOLEAN EFIAPI RdRand32Step (UINT32 *Rand);   ECX
-;--
-RdRand32Step  PROC
-; rdrand   eax ; generate a 32 bit RN into eax, CF=1 if RN 
generated ok, otherwise CF=0
-db 0fh, 0c7h, 0f0h ; rdrand r32:  "0f c7 /6  ModRM:r/m(w)"
-jb rn32_ok ; jmp if CF=1
-xoreax, eax; reg=0 if CF=0
-ret; return with failure status
-rn32_ok:
-mov[ecx], eax
-moveax,  1
-ret
-RdRand32Step  ENDP
-
-END
diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/IA32/GccRdRand.c 
b/SecurityPkg/RandomNumberGenerator/RngDxe/IA32/GccRdRand.c
deleted file mode 100644
index f42302a..000
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/IA32/GccRdRand.c
+++ /dev/null
@@ -1,69 +0,0 @@
-/** @file
-  RDRAND Support Routines for GCC environment.
-
-Copyright (c) 2013, Intel Corp

[edk2] [PATCH v3] Pkg-Module: Integrate new RngLib into RngDxe

[Thomas Palmer]

Use the new RngLib to provide the IA32/X64 random data for RngDxe.
Remove x86 specific functions from RdRand files.
Clean up files in RngDxe/IA32 and RngDxe/X64 that are subsumed by files in 
BaseRngLib.
Simplify RngDxe by using WriteUnaligned64 for both IA32 and X64 platforms.
Create and use GetRandomNumber128 in RngDxe to leverage 128 bit support found 
in some HW RNG devices

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 MdePkg/Include/Library/RngLib.h|   17 ++
 MdePkg/Library/BaseRngLib/BaseRng.c|   32 +++
 .../RngDxe/IA32/AsmRdRand.asm  |   67 -
 .../RandomNumberGenerator/RngDxe/IA32/GccRdRand.c  |   69 --
 .../RandomNumberGenerator/RngDxe/IA32/RdRandWord.c |  104 
 SecurityPkg/RandomNumberGenerator/RngDxe/RdRand.c  |  256 ++--
 SecurityPkg/RandomNumberGenerator/RngDxe/RdRand.h  |  151 +---
 SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.c  |9 +-
 .../RandomNumberGenerator/RngDxe/RngDxe.inf|   14 +-
 .../RandomNumberGenerator/RngDxe/X64/AsmRdRand.asm |   83 ---
 .../RandomNumberGenerator/RngDxe/X64/GccRdRand.c   |   95 
 .../RandomNumberGenerator/RngDxe/X64/RdRandWord.c  |   70 --
 SecurityPkg/SecurityPkg.dsc|3 +
 13 files changed, 75 insertions(+), 895 deletions(-)
 delete mode 100644 SecurityPkg/RandomNumberGenerator/RngDxe/IA32/AsmRdRand.asm
 delete mode 100644 SecurityPkg/RandomNumberGenerator/RngDxe/IA32/GccRdRand.c
 delete mode 100644 SecurityPkg/RandomNumberGenerator/RngDxe/IA32/RdRandWord.c
 delete mode 100644 SecurityPkg/RandomNumberGenerator/RngDxe/X64/AsmRdRand.asm
 delete mode 100644 SecurityPkg/RandomNumberGenerator/RngDxe/X64/GccRdRand.c
 delete mode 100644 SecurityPkg/RandomNumberGenerator/RngDxe/X64/RdRandWord.c

diff --git a/MdePkg/Include/Library/RngLib.h b/MdePkg/Include/Library/RngLib.h
index 157a931..ece4394 100644
--- a/MdePkg/Include/Library/RngLib.h
+++ b/MdePkg/Include/Library/RngLib.h
@@ -66,4 +66,21 @@ GetRandomNumber64 (
   OUT UINT64*Rand
   );
 
+/**
+  Generates a 128-bit random number.
+
+  if Rand is NULL, then ASSERT().
+
+  @param[out] Rand Buffer pointer to store the 128-bit random value.
+
+  @retval TRUE Random number generated successfully.
+  @retval FALSEFailed to generate the random number.
+
+**/
+BOOLEAN
+EFIAPI
+GetRandomNumber128 (
+  OUT UINT64*Rand
+  );
+
 #endif  // __RNG_LIB_H__
diff --git a/MdePkg/Library/BaseRngLib/BaseRng.c 
b/MdePkg/Library/BaseRngLib/BaseRng.c
index 279df30..2c8df56 100644
--- a/MdePkg/Library/BaseRngLib/BaseRng.c
+++ b/MdePkg/Library/BaseRngLib/BaseRng.c
@@ -155,3 +155,35 @@ GetRandomNumber64 (
 
   return FALSE;
 }
+
+/**
+  Generates a 128-bit random number.
+
+  if Rand is NULL, then ASSERT().
+
+  @param[out] Rand Buffer pointer to store the 128-bit random value.
+
+  @retval TRUE Random number generated successfully.
+  @retval FALSEFailed to generate the random number.
+
+**/
+BOOLEAN
+EFIAPI
+GetRandomNumber128 (
+  OUT UINT64*Rand
+  )
+{
+  ASSERT (Rand != NULL);
+
+  //
+  // Read first 64 bits
+  //
+  if (!GetRandomNumber64 (Rand)) {
+return FALSE;
+  }
+
+  //
+  // Read second 64 bits
+  //
+  return GetRandomNumber64 (++Rand);
+}
diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/IA32/AsmRdRand.asm 
b/SecurityPkg/RandomNumberGenerator/RngDxe/IA32/AsmRdRand.asm
deleted file mode 100644
index 37b3830..000
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/IA32/AsmRdRand.asm
+++ /dev/null
@@ -1,67 +0,0 @@
-;--
-;
-; Copyright (c) 2013, Intel Corporation. All rights reserved.
-; This program and the accompanying materials
-; are licensed and made available under the terms and conditions of the BSD 
License
-; which accompanies this distribution.  The full text of the license may be 
found at
-; http://opensource.org/licenses/bsd-license.php.
-;
-; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-;
-; Module Name:
-;
-;   AsmRdRand.Asm
-;
-; Abstract:
-;
-;   Implementation for 16-, and 32- invocations of RDRAND instruction under 
32bit platform.
-;
-; Notes:
-;
-;   Visual Studio coding practices do not use inline asm since multiple 
compilers and 
-;   architectures are supported assembler not recognizing rdrand instruction 
so using DB's.
-;
-;--
-
-.586P
-.model flat, C
-.code
- 
-;--
-;  Generate a 16 bit random number
-;  Return TRUE if Rand generated successfully, or FALSE if not
-;
-;  BOOLEAN EFIAPI RdRand16Step (UINT1

[edk2] [PATCH 2/3] SecurityPkg: Integrate new RngLib into RngDxe

[Thomas Palmer]

Use the new RngLib to provide the IA32/X64 random data for RngDxe.
Remove x86 specific functions from RdRand files.
Simplify RngDxe by using WriteUnaligned64 for all platforms.
Use GetRandomNumber128 in RngDxe to leverage 128 bit support provided by some 
HW RNG devices

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 SecurityPkg/RandomNumberGenerator/RngDxe/RdRand.c  |  256 ++--
 SecurityPkg/RandomNumberGenerator/RngDxe/RdRand.h  |  151 +---
 SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.c  |9 +-
 .../RandomNumberGenerator/RngDxe/RngDxe.inf|   14 +-
 SecurityPkg/SecurityPkg.dsc|3 +
 5 files changed, 26 insertions(+), 407 deletions(-)

diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/RdRand.c 
b/SecurityPkg/RandomNumberGenerator/RngDxe/RdRand.c
index 7e618dc..395b886 100644
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/RdRand.c
+++ b/SecurityPkg/RandomNumberGenerator/RngDxe/RdRand.c
@@ -2,6 +2,7 @@
   Support routines for RDRAND instruction access.
 
 Copyright (c) 2013, Intel Corporation. All rights reserved.
+(C) Copyright 2015 Hewlett Packard Enterprise Development LP
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD 
License
 which accompanies this distribution.  The full text of the license may be 
found at
@@ -11,177 +12,11 @@ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS 
IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 
 **/
+#include 
 
 #include "RdRand.h"
 #include "AesCore.h"
 
-//
-// Bit mask used to determine if RdRand instruction is supported.
-//
-#define RDRAND_MASK0x4000
-
-/**
-  Determines whether or not RDRAND instruction is supported by the host 
hardware.
-
-  @retval EFI_SUCCESS  RDRAND instruction supported.
-  @retval EFI_UNSUPPORTED  RDRAND instruction not supported.
-
-**/
-EFI_STATUS
-EFIAPI
-IsRdRandSupported (
-  VOID
-  )
-{
-  EFI_STATUS  Status;
-  UINT32  RegEax;
-  UINT32  RegEbx;
-  UINT32  RegEcx;
-  UINT32  RegEdx;
-  BOOLEAN IsIntelCpu;
-
-  Status = EFI_UNSUPPORTED;
-  IsIntelCpu = FALSE;
-  
-  //
-  // Checks whether the current processor is an Intel product by CPUID.
-  //
-  AsmCpuid (0, &RegEax, &RegEbx, &RegEcx, &RegEdx);
-  if ((CompareMem ((CHAR8 *)(&RegEbx), "Genu", 4) == 0) &&
-  (CompareMem ((CHAR8 *)(&RegEdx), "ineI", 4) == 0) &&
-  (CompareMem ((CHAR8 *)(&RegEcx), "ntel", 4) == 0)) {
-IsIntelCpu = TRUE;
-  }
-
-  if (IsIntelCpu) {
-//
-// Determine RDRAND support by examining bit 30 of the ECX register 
returned by CPUID.
-// A value of 1 indicates that processor supports RDRAND instruction.
-//
-AsmCpuid (1, 0, 0, &RegEcx, 0);
-
-if ((RegEcx & RDRAND_MASK) == RDRAND_MASK) {
-  Status = EFI_SUCCESS;
-}
-  }
-
-  return Status;
-}
-
-/**
-  Calls RDRAND to obtain a 16-bit random number.
-
-  @param[out]  Rand  Buffer pointer to store the random result.
-  @param[in]   NeedRetry Determine whether or not to loop retry.
-
-  @retval EFI_SUCCESSRDRAND call was successful.
-  @retval EFI_NOT_READY  Failed attempts to call RDRAND.
-
-**/
-EFI_STATUS
-EFIAPI
-RdRand16 (
-  OUT UINT16   *Rand,
-  IN BOOLEAN   NeedRetry
-  )
-{
-  UINT32  Index;
-  UINT32  RetryCount;
-
-  if (NeedRetry) {
-RetryCount = RETRY_LIMIT;
-  } else {
-RetryCount = 1;
-  }
-
-  //
-  // Perform a single call to RDRAND, or enter a loop call until RDRAND 
succeeds.
-  //
-  for (Index = 0; Index < RetryCount; Index++) {
-if (RdRand16Step (Rand)) {
-  return EFI_SUCCESS;
-}
-  }
-  
-  return EFI_NOT_READY;
-}
-
-/**
-  Calls RDRAND to obtain a 32-bit random number.
-
-  @param[out]  Rand  Buffer pointer to store the random result.
-  @param[in]   NeedRetry Determine whether or not to loop retry.
-
-  @retval EFI_SUCCESSRDRAND call was successful.
-  @retval EFI_NOT_READY  Failed attempts to call RDRAND.
-
-**/
-EFI_STATUS
-EFIAPI
-RdRand32 (
-  OUT UINT32   *Rand,
-  IN BOOLEAN   NeedRetry
-  )
-{
-  UINT32  Index;
-  UINT32  RetryCount;
-
-  if (NeedRetry) {
-RetryCount = RETRY_LIMIT;
-  } else {
-RetryCount = 1;
-  }
-
-  //
-  // Perform a single call to RDRAND, or enter a loop call until RDRAND 
succeeds.
-  //
-  for (Index = 0; Index < RetryCount; Index++) {
-if (RdRand32Step (Rand)) {
-  return EFI_SUCCESS;
-}
-  }
-  
-  return EFI_NOT_READY;
-}
-
-/**
-  Calls RDRAND to obtain a 64-bit random number.
-
-  @param[out]  Rand  Buffer pointer to store the random result.
-  @param[in]   NeedRetry Determine whether or not to loop retry.
-
-  @retval EFI_SUCCESSRDRAND call was successful.
-  @retval EFI_

[edk2] [PATCH 3/3] SecurityPkg: Clean up unused files in RngDxe

[Thomas Palmer]

Clean up files in RngDxe/IA32 and RngDxe/X64 that are subsumed by files in 
BaseRngLib.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 .../RngDxe/IA32/AsmRdRand.asm  |   67 -
 .../RandomNumberGenerator/RngDxe/IA32/GccRdRand.c  |   69 -
 .../RandomNumberGenerator/RngDxe/IA32/RdRandWord.c |  104 
 .../RandomNumberGenerator/RngDxe/X64/AsmRdRand.asm |   83 
 .../RandomNumberGenerator/RngDxe/X64/GccRdRand.c   |   95 --
 .../RandomNumberGenerator/RngDxe/X64/RdRandWord.c  |   70 -
 6 files changed, 488 deletions(-)
 delete mode 100644 SecurityPkg/RandomNumberGenerator/RngDxe/IA32/AsmRdRand.asm
 delete mode 100644 SecurityPkg/RandomNumberGenerator/RngDxe/IA32/GccRdRand.c
 delete mode 100644 SecurityPkg/RandomNumberGenerator/RngDxe/IA32/RdRandWord.c
 delete mode 100644 SecurityPkg/RandomNumberGenerator/RngDxe/X64/AsmRdRand.asm
 delete mode 100644 SecurityPkg/RandomNumberGenerator/RngDxe/X64/GccRdRand.c
 delete mode 100644 SecurityPkg/RandomNumberGenerator/RngDxe/X64/RdRandWord.c

diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/IA32/AsmRdRand.asm 
b/SecurityPkg/RandomNumberGenerator/RngDxe/IA32/AsmRdRand.asm
deleted file mode 100644
index 37b3830..000
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/IA32/AsmRdRand.asm
+++ /dev/null
@@ -1,67 +0,0 @@
-;--
-;
-; Copyright (c) 2013, Intel Corporation. All rights reserved.
-; This program and the accompanying materials
-; are licensed and made available under the terms and conditions of the BSD 
License
-; which accompanies this distribution.  The full text of the license may be 
found at
-; http://opensource.org/licenses/bsd-license.php.
-;
-; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-;
-; Module Name:
-;
-;   AsmRdRand.Asm
-;
-; Abstract:
-;
-;   Implementation for 16-, and 32- invocations of RDRAND instruction under 
32bit platform.
-;
-; Notes:
-;
-;   Visual Studio coding practices do not use inline asm since multiple 
compilers and 
-;   architectures are supported assembler not recognizing rdrand instruction 
so using DB's.
-;
-;--
-
-.586P
-.model flat, C
-.code
- 
-;--
-;  Generate a 16 bit random number
-;  Return TRUE if Rand generated successfully, or FALSE if not
-;
-;  BOOLEAN EFIAPI RdRand16Step (UINT16 *Rand);   ECX
-;--
-RdRand16Step  PROC
-; rdrand   ax  ; generate a 16 bit RN into ax, CF=1 if RN 
generated ok, otherwise CF=0
-db 0fh, 0c7h, 0f0h ; rdrand r16:  "0f c7 /6  ModRM:r/m(w)"
-jb rn16_ok ; jmp if CF=1
-xoreax, eax; reg=0 if CF=0
-ret; return with failure status
-rn16_ok:
-mov[ecx], ax
-moveax, 1
-ret
-RdRand16Step ENDP
-
-;--
-;  Generate a 32 bit random number
-;Return TRUE if Rand generated successfully, or FALSE if not
-;
-;  BOOLEAN EFIAPI RdRand32Step (UINT32 *Rand);   ECX
-;--
-RdRand32Step  PROC
-; rdrand   eax ; generate a 32 bit RN into eax, CF=1 if RN 
generated ok, otherwise CF=0
-db 0fh, 0c7h, 0f0h ; rdrand r32:  "0f c7 /6  ModRM:r/m(w)"
-jb rn32_ok ; jmp if CF=1
-xoreax, eax; reg=0 if CF=0
-ret; return with failure status
-rn32_ok:
-mov[ecx], eax
-moveax,  1
-ret
-RdRand32Step  ENDP
-
-END
diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/IA32/GccRdRand.c 
b/SecurityPkg/RandomNumberGenerator/RngDxe/IA32/GccRdRand.c
deleted file mode 100644
index f42302a..000
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/IA32/GccRdRand.c
+++ /dev/null
@@ -1,69 +0,0 @@
-/** @file
-  RDRAND Support Routines for GCC environment.
-
-Copyright (c) 2013, Intel Corporation. All rights reserved.
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD 
License
-which accompanies this distribution.  The full text of the license may be 
found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-/**
-  Generates a 16-bit random number through RDRAND instruction.
-
-  @param[out]  Ran

[edk2] [PATCH 1/3] MdePkg: Create GetRandomNumber128 in RngLib

[Thomas Palmer]

Declare GetRandomNumber128 in RngLib.h.
Create GetRandomNumber128 in BaseRngLib, which is simply calling 
GetRandomNumber64 twice

A GetRandomNumber128 function allows platforms with 128bit HWRNGs to save on IO 
overhead that comes from having to prime the HWRNG device before each read 
operation.  Using the HWRNG installed on the HP ProLiant m400 moonshot 
cartridge, this will save about 50ms per RAW Entropy operation as compared with 
calling GetRandomNumber64 twice.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 MdePkg/Include/Library/RngLib.h |   17 +
 MdePkg/Library/BaseRngLib/BaseRng.c |   32 
 2 files changed, 49 insertions(+)

diff --git a/MdePkg/Include/Library/RngLib.h b/MdePkg/Include/Library/RngLib.h
index 157a931..ece4394 100644
--- a/MdePkg/Include/Library/RngLib.h
+++ b/MdePkg/Include/Library/RngLib.h
@@ -66,4 +66,21 @@ GetRandomNumber64 (
   OUT UINT64*Rand
   );
 
+/**
+  Generates a 128-bit random number.
+
+  if Rand is NULL, then ASSERT().
+
+  @param[out] Rand Buffer pointer to store the 128-bit random value.
+
+  @retval TRUE Random number generated successfully.
+  @retval FALSEFailed to generate the random number.
+
+**/
+BOOLEAN
+EFIAPI
+GetRandomNumber128 (
+  OUT UINT64*Rand
+  );
+
 #endif  // __RNG_LIB_H__
diff --git a/MdePkg/Library/BaseRngLib/BaseRng.c 
b/MdePkg/Library/BaseRngLib/BaseRng.c
index 279df30..2c8df56 100644
--- a/MdePkg/Library/BaseRngLib/BaseRng.c
+++ b/MdePkg/Library/BaseRngLib/BaseRng.c
@@ -155,3 +155,35 @@ GetRandomNumber64 (
 
   return FALSE;
 }
+
+/**
+  Generates a 128-bit random number.
+
+  if Rand is NULL, then ASSERT().
+
+  @param[out] Rand Buffer pointer to store the 128-bit random value.
+
+  @retval TRUE Random number generated successfully.
+  @retval FALSEFailed to generate the random number.
+
+**/
+BOOLEAN
+EFIAPI
+GetRandomNumber128 (
+  OUT UINT64*Rand
+  )
+{
+  ASSERT (Rand != NULL);
+
+  //
+  // Read first 64 bits
+  //
+  if (!GetRandomNumber64 (Rand)) {
+return FALSE;
+  }
+
+  //
+  // Read second 64 bits
+  //
+  return GetRandomNumber64 (++Rand);
+}
-- 
1.7.9.5

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 1/1] OvmfPkg/IoMmuDxe: Fix header guard macro

[Thomas Palmer]

Correct the header guard macro

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 OvmfPkg/IoMmuDxe/AmdSevIoMmu.h | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/OvmfPkg/IoMmuDxe/AmdSevIoMmu.h b/OvmfPkg/IoMmuDxe/AmdSevIoMmu.h
index 8b3962a8c395..47428c235090 100644
--- a/OvmfPkg/IoMmuDxe/AmdSevIoMmu.h
+++ b/OvmfPkg/IoMmuDxe/AmdSevIoMmu.h
@@ -7,6 +7,7 @@
 
   Copyright (c) 2017, Intel Corporation. All rights reserved.
   Copyright (c) 2017, AMD Inc. All rights reserved.
+  (C) Copyright 2017 Hewlett Packard Enterprise Development LP
   This program and the accompanying materials are licensed and made available
   under the terms and conditions of the BSD License which accompanies this
   distribution.  The full text of the license may be found at
@@ -18,7 +19,7 @@
 **/
 
 #ifndef __AMD_SEV_IOMMU_H_
-#define __AMD_SEV_IOMMU_H
+#define __AMD_SEV_IOMMU_H_
 
 #include 
 
-- 
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH v2 1/1] OvmfPkg/IoMmuDxe: Fix header guard macro

[Thomas Palmer]

Correct the header guard macro

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer 
---
 OvmfPkg/IoMmuDxe/AmdSevIoMmu.h | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/OvmfPkg/IoMmuDxe/AmdSevIoMmu.h b/OvmfPkg/IoMmuDxe/AmdSevIoMmu.h
index 8b3962a8c395..073202968235 100644
--- a/OvmfPkg/IoMmuDxe/AmdSevIoMmu.h
+++ b/OvmfPkg/IoMmuDxe/AmdSevIoMmu.h
@@ -7,6 +7,7 @@
 
   Copyright (c) 2017, Intel Corporation. All rights reserved.
   Copyright (c) 2017, AMD Inc. All rights reserved.
+  (C) Copyright 2017 Hewlett Packard Enterprise Development LP
   This program and the accompanying materials are licensed and made available
   under the terms and conditions of the BSD License which accompanies this
   distribution.  The full text of the license may be found at
@@ -17,8 +18,8 @@
 
 **/
 
-#ifndef __AMD_SEV_IOMMU_H_
-#define __AMD_SEV_IOMMU_H
+#ifndef _AMD_SEV_IOMMU_H_
+#define _AMD_SEV_IOMMU_H_
 
 #include 
 
-- 
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 1/1] StdLib/EfiSocketLib: Fix ABI mismatch for 2 event functions

[Thomas Palmer]

The gBS->CreateEvent expects a EFI_EVENT_NOTIFY function as the third
argument. The EFIAPI token is an important component of that prototype. Its
absence can cause unexpected issues on DEBUG systems built with GCC due to
ABI mismatches.

Both EslTcp4ConnectComplete and EslTcp6ConnectComplete did not have the
EFIAPI token required of a EFI_EVENT_NOTIFY function. GCC did not catch
this because of the explicit EFI_EVENT_NOTIFY cast.  By removing the cast,
a build error ensues.

This patch removes the cast and updates both functions to comply with
EFI_EVENT_NOTIFY.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Thomas Palmer 
---
 StdLib/EfiSocketLib/Tcp4.c | 8 ++--
 StdLib/EfiSocketLib/Tcp6.c | 8 ++--
 2 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/StdLib/EfiSocketLib/Tcp4.c b/StdLib/EfiSocketLib/Tcp4.c
index 68477fba6e70..8125a8d4f5ad 100644
--- a/StdLib/EfiSocketLib/Tcp4.c
+++ b/StdLib/EfiSocketLib/Tcp4.c
@@ -2,6 +2,7 @@
   Implement the TCP4 driver support for the socket layer.
 
   Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.
+  (C) Copyright 2017 Hewlett Packard Enterprise Development LP
   This program and the accompanying materials are licensed and made available
   under the terms and conditions of the BSD License which accompanies this
   distribution.  The full text of the license may be found at
@@ -192,9 +193,10 @@ EslTcp4Accept (
 
 **/
 VOID
+EFIAPI
 EslTcp4ConnectComplete (
   IN EFI_EVENT Event,
-  IN ESL_PORT * pPort
+  IN VOID  *Context
   )
 {
   BOOLEAN bRemoveFirstPort;
@@ -203,12 +205,14 @@ EslTcp4ConnectComplete (
   ESL_SOCKET * pSocket;
   ESL_TCP4_CONTEXT * pTcp4;
   EFI_STATUS Status;
+  ESL_PORT * pPort;
 
   DBG_ENTER ( );
 
   //
   //  Locate the TCP context
   //
+  pPort = Context;
   pSocket = pPort->pSocket;
   pTcp4 = &pPort->Context.Tcp4;
 
@@ -1288,7 +1292,7 @@ EslTcp4PortAllocate (
 //
 Status = gBS->CreateEvent (  EVT_NOTIFY_SIGNAL,
  TPL_SOCKETS,
- (EFI_EVENT_NOTIFY)EslTcp4ConnectComplete,
+ EslTcp4ConnectComplete,
  pPort,
  &pTcp4->ConnectToken.CompletionToken.Event);
 if ( EFI_ERROR ( Status )) {
diff --git a/StdLib/EfiSocketLib/Tcp6.c b/StdLib/EfiSocketLib/Tcp6.c
index 0f6d2d6ac93c..9f9c00f6dc57 100644
--- a/StdLib/EfiSocketLib/Tcp6.c
+++ b/StdLib/EfiSocketLib/Tcp6.c
@@ -2,6 +2,7 @@
   Implement the TCP6 driver support for the socket layer.
 
   Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.
+  (C) Copyright 2017 Hewlett Packard Enterprise Development LP
   This program and the accompanying materials are licensed and made available
   under the terms and conditions of the BSD License which accompanies this
   distribution.  The full text of the license may be found at
@@ -186,9 +187,10 @@ EslTcp6Accept (
 
 **/
 VOID
+EFIAPI
 EslTcp6ConnectComplete (
   IN EFI_EVENT Event,
-  IN ESL_PORT * pPort
+  IN VOID  *Context
   )
 {
   BOOLEAN bRemoveFirstPort;
@@ -197,12 +199,14 @@ EslTcp6ConnectComplete (
   ESL_SOCKET * pSocket;
   ESL_TCP6_CONTEXT * pTcp6;
   EFI_STATUS Status;
+  ESL_PORT * pPort;
 
   DBG_ENTER ( );
 
   //
   //  Locate the TCP context
   //
+  pPort = Context;
   pSocket = pPort->pSocket;
   pTcp6 = &pPort->Context.Tcp6;
 
@@ -1339,7 +1343,7 @@ EslTcp6PortAllocate (
 //
 Status = gBS->CreateEvent (  EVT_NOTIFY_SIGNAL,
  TPL_SOCKETS,
- (EFI_EVENT_NOTIFY)EslTcp6ConnectComplete,
+ EslTcp6ConnectComplete,
  pPort,
  &pTcp6->ConnectToken.CompletionToken.Event);
 if ( EFI_ERROR ( Status )) {
-- 
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 1/8] IntelFrameworkModulePkg/LegacyBootMaintUiLib: Update RouteConfig function

[Thomas Palmer]

According to UEFI spec, the RouteConfig protocol function should populate
the Progress pointer with an address inside Configuration.  This patch
ensures that these functions are compliant when EFI_NOT_FOUND is returned.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Thomas Palmer 
---
 .../Library/LegacyBootMaintUiLib/LegacyBootMaintUi.c   | 3 +++
 1 file changed, 3 insertions(+)

diff --git 
a/IntelFrameworkModulePkg/Library/LegacyBootMaintUiLib/LegacyBootMaintUi.c 
b/IntelFrameworkModulePkg/Library/LegacyBootMaintUiLib/LegacyBootMaintUi.c
index a4828b7130c7..3092184ab760 100644
--- a/IntelFrameworkModulePkg/Library/LegacyBootMaintUiLib/LegacyBootMaintUi.c
+++ b/IntelFrameworkModulePkg/Library/LegacyBootMaintUiLib/LegacyBootMaintUi.c
@@ -2,6 +2,7 @@
   Legacy Boot Maintainence UI implementation.
 
 Copyright (c) 2004 - 2016, Intel Corporation. All rights reserved.
+(C) Copyright 2018 Hewlett Packard Enterprise Development LP
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD 
License
 which accompanies this distribution.  The full text of the license may be 
found at
@@ -563,6 +564,8 @@ LegacyBootOptionRouteConfig (
 return EFI_INVALID_PARAMETER;
   }
 
+  *Progress = Configuration;
+
   //
   // Check routing data in .
   // Note: there is no name for Name/Value storage, only GUID will be checked
-- 
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 2/8] MdeModulePkg/UiApp: Update RouteConfig function

[Thomas Palmer]

According to UEFI spec, the RouteConfig protocol function should populate
the Progress pointer with an address inside Configuration.  This patch
ensures that these functions are compliant when EFI_NOT_FOUND is returned.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Thomas Palmer 
---
 MdeModulePkg/Application/UiApp/FrontPage.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/MdeModulePkg/Application/UiApp/FrontPage.c 
b/MdeModulePkg/Application/UiApp/FrontPage.c
index adee67a8ac14..2403aad9d98f 100644
--- a/MdeModulePkg/Application/UiApp/FrontPage.c
+++ b/MdeModulePkg/Application/UiApp/FrontPage.c
@@ -2,6 +2,7 @@
   FrontPage routines to handle the callbacks and browser calls
 
 Copyright (c) 2004 - 2017, Intel Corporation. All rights reserved.
+(C) Copyright 2018 Hewlett Packard Enterprise Development LP
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD 
License
 which accompanies this distribution.  The full text of the license may be 
found at
@@ -152,6 +153,8 @@ FakeRouteConfig (
 return EFI_INVALID_PARAMETER;
   }
 
+  *Progress = Configuration;
+
   return EFI_NOT_FOUND;
 }
 
-- 
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 3/8] MdeModulePkg/RamDiskDxe: Update RouteConfig function

[Thomas Palmer]

According to UEFI spec, the RouteConfig protocol function should populate
the Progress pointer with an address inside Configuration.  This patch
ensures that these functions are compliant when EFI_NOT_FOUND is returned.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Thomas Palmer 
---
 MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskImpl.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskImpl.c 
b/MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskImpl.c
index b562bc102582..7ebd397fe68a 100644
--- a/MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskImpl.c
+++ b/MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskImpl.c
@@ -2,7 +2,7 @@
   HII Config Access protocol implementation of RamDiskDxe driver.
 
   Copyright (c) 2016, Intel Corporation. All rights reserved.
-  (C) Copyright 2016 Hewlett Packard Enterprise Development LP
+  (C) Copyright 2016-2018 Hewlett Packard Enterprise Development LP
   This program and the accompanying materials
   are licensed and made available under the terms and conditions of the BSD 
License
   which accompanies this distribution.  The full text of the license may be 
found at
@@ -277,6 +277,8 @@ RamDiskRouteConfig (
 return EFI_INVALID_PARAMETER;
   }
 
+  *Progress = Configuration;
+
   return EFI_NOT_FOUND;
 }
 
-- 
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 4/8] MdeModulePkg/DriverHealthManagerDxe: Update RouteConfig function

[Thomas Palmer]

According to UEFI spec, the RouteConfig protocol function should populate
the Progress pointer with an address inside Configuration.  This patch
ensures that these functions are compliant when EFI_NOT_FOUND is returned.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Thomas Palmer 
---
 MdeModulePkg/Universal/DriverHealthManagerDxe/DriverHealthManagerDxe.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git 
a/MdeModulePkg/Universal/DriverHealthManagerDxe/DriverHealthManagerDxe.c 
b/MdeModulePkg/Universal/DriverHealthManagerDxe/DriverHealthManagerDxe.c
index 16b703495a2f..3f9c24036d43 100644
--- a/MdeModulePkg/Universal/DriverHealthManagerDxe/DriverHealthManagerDxe.c
+++ b/MdeModulePkg/Universal/DriverHealthManagerDxe/DriverHealthManagerDxe.c
@@ -5,6 +5,7 @@
   firmware setup (UI).
 
 Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.
+(C) Copyright 2018 Hewlett Packard Enterprise Development LP
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD 
License
 which accompanies this distribution.  The full text of the license may be 
found at
@@ -123,6 +124,8 @@ DriverHealthManagerFakeRouteConfig (
 return EFI_INVALID_PARAMETER;
   }
 
+  *Progress = Configuration;
+
   return EFI_NOT_FOUND;
 }
 
-- 
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 5/8] SecurityPkg/Tcg2Config: Update RouteConfig function

[Thomas Palmer]

According to UEFI spec, the RouteConfig protocol function should populate
the Progress pointer with an address inside Configuration.  This patch
ensures that these functions are compliant when EFI_NOT_FOUND is returned.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Thomas Palmer 
---
 SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigImpl.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigImpl.c 
b/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigImpl.c
index b3a849e91812..4195b6c68f5d 100644
--- a/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigImpl.c
+++ b/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigImpl.c
@@ -3,6 +3,7 @@
   NOTE: This module is only for reference only, each platform should have its 
own setup page.
 
 Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.
+(C) Copyright 2018 Hewlett Packard Enterprise Development LP
 This program and the accompanying materials 
 are licensed and made available under the terms and conditions of the BSD 
License 
 which accompanies this distribution.  The full text of the license may be 
found at 
@@ -375,6 +376,8 @@ Tcg2RouteConfig (
 return EFI_INVALID_PARAMETER;
   }
 
+  *Progress = Configuration;
+
   return EFI_NOT_FOUND;
 }
 
-- 
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 6/8] SecurityPkg/PwdCredentialProviderDxe: Update RouteConfig function

[Thomas Palmer]

According to UEFI spec, the RouteConfig protocol function should populate
the Progress pointer with an address inside Configuration.  This patch
ensures that these functions are compliant when EFI_NOT_FOUND is returned.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Thomas Palmer 
---
 .../PwdCredentialProviderDxe/PwdCredentialProvider.c   | 3 +++
 1 file changed, 3 insertions(+)

diff --git 
a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProvider.c
 
b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProvider.c
index b9e89cbfe796..ec1e3893fc04 100644
--- 
a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProvider.c
+++ 
b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProvider.c
@@ -2,6 +2,7 @@
   Password Credential Provider driver implementation.
 
 Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.
+(C) Copyright 2018 Hewlett Packard Enterprise Development LP
 This program and the accompanying materials 
 are licensed and made available under the terms and conditions of the BSD 
License 
 which accompanies this distribution.  The full text of the license may be 
found at 
@@ -646,6 +647,8 @@ FakeRouteConfig (
 return EFI_INVALID_PARAMETER;
   }
 
+  *Progress = Configuration;
+
   return EFI_NOT_FOUND;
 }
 
-- 
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 8/8] SecurityPkg/UserProfileManagerDxe: Update RouteConfig function

[Thomas Palmer]

According to UEFI spec, the RouteConfig protocol function should populate
the Progress pointer with an address inside Configuration.  This patch
ensures that these functions are compliant when EFI_NOT_FOUND is returned.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Thomas Palmer 
---
 .../UserIdentification/UserProfileManagerDxe/UserProfileManager.c  | 3 +++
 1 file changed, 3 insertions(+)

diff --git 
a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager.c 
b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager.c
index 4bba0824c7ab..b84f2cdf9c02 100644
--- a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager.c
+++ b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager.c
@@ -5,6 +5,7 @@
   policy, etc.
 
 Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.
+(C) Copyright 2018 Hewlett Packard Enterprise Development LP
 This program and the accompanying materials 
 are licensed and made available under the terms and conditions of the BSD 
License 
 which accompanies this distribution.  The full text of the license may be 
found at 
@@ -805,6 +806,8 @@ FakeRouteConfig (
 return EFI_INVALID_PARAMETER;
   }
 
+  *Progress = Configuration;
+
   return EFI_NOT_FOUND;
 }
 
-- 
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 7/8] SecurityPkg/UserIdentifyManagerDxe: Update RouteConfig function

[Thomas Palmer]

According to UEFI spec, the RouteConfig protocol function should populate
the Progress pointer with an address inside Configuration.  This patch
ensures that these functions are compliant when EFI_NOT_FOUND is returned.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Thomas Palmer 
---
 .../UserIdentification/UserIdentifyManagerDxe/UserIdentifyManager.c| 3 +++
 1 file changed, 3 insertions(+)

diff --git 
a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManager.c 
b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManager.c
index a7467b366290..f9743db84d88 100644
--- 
a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManager.c
+++ 
b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManager.c
@@ -2,6 +2,7 @@
   This driver manages user information and produces user manager protocol.
   
 Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.
+(C) Copyright 2018 Hewlett Packard Enterprise Development LP
 This program and the accompanying materials 
 are licensed and made available under the terms and conditions of the BSD 
License 
 which accompanies this distribution.  The full text of the license may be 
found at 
@@ -2752,6 +2753,8 @@ FakeRouteConfig (
 return EFI_INVALID_PARAMETER;
   }
 
+  *Progress = Configuration;
+
   return EFI_NOT_FOUND;
 }
 
-- 
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 1/1] Nt32Pkg/WinNtBusDriverDxe: Fix memory allocation size

[Thomas Palmer]

A single byte was allocate for a CHAR16 NUL terminator when instead
two bytes should have been used.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Thomas Palmer 
---
 Nt32Pkg/WinNtBusDriverDxe/WinNtBusDriver.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/Nt32Pkg/WinNtBusDriverDxe/WinNtBusDriver.c 
b/Nt32Pkg/WinNtBusDriverDxe/WinNtBusDriver.c
index 1516ab8d1c12..cfce4a0af345 100644
--- a/Nt32Pkg/WinNtBusDriverDxe/WinNtBusDriver.c
+++ b/Nt32Pkg/WinNtBusDriverDxe/WinNtBusDriver.c
@@ -1,6 +1,7 @@
 /**@file
 
 Copyright (c) 2006 - 2009, Intel Corporation. All rights reserved.
+(C) Copyright 2018 Hewlett Packard Enterprise Development LP
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD 
License
 which accompanies this distribution.  The full text of the license may be 
found at
@@ -453,7 +454,7 @@ Returns:
 ASSERT (PcdTempStr != NULL);
 
 TempStrSize = StrLen (PcdTempStr);
-TempStr = AllocateMemory ((TempStrSize * sizeof (CHAR16)) + 1);
+TempStr = AllocateMemory (((TempStrSize + 1) * sizeof (CHAR16)));
 StrCpy (TempStr, PcdTempStr);
 
 StartString = TempStr;
-- 
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 1/1] MdeModulePkg/PciBusDxe: Fix small memory leak in FreePciDevice

[Thomas Palmer]

When cleaning the PciIoDevice, also free the BusNumberRange

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Thomas Palmer 
---
 MdeModulePkg/Bus/Pci/PciBusDxe/PciDeviceSupport.c | 5 +
 1 file changed, 5 insertions(+)

diff --git a/MdeModulePkg/Bus/Pci/PciBusDxe/PciDeviceSupport.c 
b/MdeModulePkg/Bus/Pci/PciBusDxe/PciDeviceSupport.c
index ad7a2337f578..48cf57a24f8f 100644
--- a/MdeModulePkg/Bus/Pci/PciBusDxe/PciDeviceSupport.c
+++ b/MdeModulePkg/Bus/Pci/PciBusDxe/PciDeviceSupport.c
@@ -2,6 +2,7 @@
   Supporting functions implementaion for PCI devices management.
 
 Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.
+(C) Copyright 2018 Hewlett Packard Enterprise Development LP
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD 
License
 which accompanies this distribution.  The full text of the license may be 
found at
@@ -105,6 +106,10 @@ FreePciDevice (
 FreePool (PciIoDevice->DevicePath);
   }
 
+  if (PciIoDevice->BusNumberRanges != NULL) {
+FreePool (PciIoDevice->BusNumberRanges);
+  }
+
   FreePool (PciIoDevice);
 }
 
-- 
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 1/1] MdeModulePkg/UefiBootManagerLib: Fix small LoadOptionToVariable leak

[Thomas Palmer]

After calling SetVariable, the allocated memory in Variable should be
freed.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Thomas Palmer 
---
 .../Library/UefiBootManagerLib/BmLoadOption.c | 19 +++
 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/MdeModulePkg/Library/UefiBootManagerLib/BmLoadOption.c 
b/MdeModulePkg/Library/UefiBootManagerLib/BmLoadOption.c
index ff0c65a2efc6..7bf96646c690 100644
--- a/MdeModulePkg/Library/UefiBootManagerLib/BmLoadOption.c
+++ b/MdeModulePkg/Library/UefiBootManagerLib/BmLoadOption.c
@@ -2,7 +2,7 @@
   Load option library functions which relate with creating and processing load 
options.
 
 Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.
-(C) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
+(C) Copyright 2015-2018 Hewlett Packard Enterprise Development LP
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD 
License
 which accompanies this distribution.  The full text of the license may be 
found at
@@ -250,13 +250,16 @@ structure.
 VariableAttributes = EFI_VARIABLE_BOOTSERVICE_ACCESS | 
EFI_VARIABLE_RUNTIME_ACCESS;
   }
 
-  return gRT->SetVariable (
-OptionName,
-&gEfiGlobalVariableGuid,
-VariableAttributes,
-VariableSize,
-Variable
-);
+  Status = gRT->SetVariable (
+  OptionName,
+  &gEfiGlobalVariableGuid,
+  VariableAttributes,
+  VariableSize,
+  Variable
+  );
+  FreePool (Variable);
+
+  return Status;
 }
 
 /**
-- 
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 1/1] MdeModulePkg/DisplayEngineDxe: Fix small InitializeDisplayEngine leak

[Thomas Palmer]

After calling RegisterHotKey, the allocated memory in NewString should
be freed.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Thomas Palmer 
---
 MdeModulePkg/Universal/DisplayEngineDxe/FormDisplay.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/MdeModulePkg/Universal/DisplayEngineDxe/FormDisplay.c 
b/MdeModulePkg/Universal/DisplayEngineDxe/FormDisplay.c
index f2eac4d3fece..7390f954b67f 100644
--- a/MdeModulePkg/Universal/DisplayEngineDxe/FormDisplay.c
+++ b/MdeModulePkg/Universal/DisplayEngineDxe/FormDisplay.c
@@ -4221,11 +4221,13 @@ InitializeDisplayEngine (
 NewString = HiiGetString (gHiiHandle, STRING_TOKEN 
(FUNCTION_TEN_STRING), NULL);
 ASSERT (NewString != NULL);
 FormBrowserEx2->RegisterHotKey (&HotKey, BROWSER_ACTION_SUBMIT, 0, 
NewString);
+FreePool (NewString);
 
 HotKey.ScanCode   = SCAN_F9;
 NewString = HiiGetString (gHiiHandle, STRING_TOKEN 
(FUNCTION_NINE_STRING), NULL);
 ASSERT (NewString != NULL);
 FormBrowserEx2->RegisterHotKey (&HotKey, BROWSER_ACTION_DEFAULT, 
EFI_HII_DEFAULT_CLASS_STANDARD, NewString);
+FreePool (NewString);
   }
 
   return EFI_SUCCESS;
-- 
2.7.4

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel