[edk2] [PATCH] SecurityPkg: Change TPM MMIO range attribute

For TCG spec compliance, Change TPM MMIO range attribute Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang --- SecurityPkg/Tcg/TcgSmm/Tpm.asl | 4 ++-- SecurityPkg/Tcg/TrEESmm/Tpm.asl | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Securi

[edk2] [PATCH] SecurityPkg: Fix DBX Variable Read Error in ImageVerificationLib

ImageVerificationLib passes wrong data buffer size when reading DBX variable, causing heap crash. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang --- SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c | 2 +- 1 file changed, 1 insertion(+), 1

[edk2] [PATCH] SecurityPkg: Change BootOrder/Boot#### measure behavior

Change EV_EFI_VARIABLE_BOOT measure behavior. Include VarName, VarGuid to hash extend to PCR Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang --- SecurityPkg/Tcg/TcgDxe/TcgDxe.c | 4 ++-- SecurityPkg/Tcg/TrEEDxe/TrEEDxe.c | 28 2

[edk2] [PATCH V2] SecurityPkg: Make time based AuthVariable update atomic

System may break during time based AuthVariable update, causing certdb inconsistent. 2 ways are used to ensure update atomic. 1. Delete cert in certdb after variable is deleted 2. Clean up certdb on variable initialization Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: C

[edk2] [PATCH] SecurityPkg: Add default value for TPM action question

1. Add default value for TPM action question. F9 restore default can get the right value 2. Remove redundant suppressif Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang --- SecurityPkg/Tcg/TcgConfigDxe/TcgConfig.vfr | 38 ++ 1 file ch

[edk2] [PATCH] SecurityPkg: Make time based AuthVariable update atomic

System may break during time based AuthVariable update, causing certdb inconsistent. 2 ways are used to ensure update atomic. 1. Delete cert in certdb after variable is deleted 2. Clean up certdb on variable initialization Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Cha

Re: [edk2] [PATCH] Fix type cast of ~0 in CheckSignatureListFormat: SigHeaderSize is UINT32

Bruce: The patch is good Reviewed-by： Chao Zhang Thanks & Best regards Chao Zhang -Original Message- From: Bruce Cran [mailto:br...@cran.org.uk] Sent: Tuesday, July 07, 2015 10:22 AM To: Zhang, Chao B; edk2-devel@lists.sourceforge.net Cc: Bruce Cran Subject: [PATCH] Fix

Re: [edk2] [PATCH] SecurityPkg: Add MD5 support to Hash2DxeCrypto

hang, Chao B; El-Haj-Mahmoud, Samer Subject: RE: [edk2] [PATCH] SecurityPkg: Add MD5 support to Hash2DxeCrypto Thanks Laszlo. I didn't know the maintainer needs to be CC'd on the patch submission. I will do that on future submissions. Chao, Can you review please? Thanks, -Or

[edk2] [Patch] SecurityPkg: Provide correct file GUID for Pkcs7VerifyDxe

Provide correct file GUID for Pkcs7VerifyDxe Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang --- SecurityPkg/Pkcs7Verify/Pkcs7VerifyDxe/Pkcs7VerifyDxe.inf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/SecurityPkg/Pkcs7Verify/Pkcs7VerifyDxe/

Re: [edk2] [Patch] SecurityPkg: Fix wrong calculation of ImageExeInfoEntrySize

Hi Liming： Please also remove UEFI spec version in license header. Others are good to me Reviewed-by: Chao Zhang Thanks & Best regards Chao Zhang -Original Message- From: Liming Gao [mailto:liming@intel.com] Sent: Friday, June 19, 2015 10:45 AM To: edk2-devel@lists.sourceforge

Re: [edk2] [patch 2/2] SecurityPkg: Add UEFI-2.5 PKCS7 Verification Protocol Support

Qin: 2 typos Calculation/Funtion Others are good to me Reviewed-by: Chao Zhang Thanks & Best regards Chao Zhang -Original Message- From: Long, Qin Sent: Wednesday, June 17, 2015 3:33 PM To: Zhang, Chao B; edk2-devel@lists.sourceforge.net Subject: [patch

Re: [edk2] [patch 1/2] CryptoPkg: Add one new API for PKCS7 Verification Protocol Support

Qin: Please update CryptPkcs7Verify.c license header. Others are good to me. Reviewed-by: Chao Zhang Thanks & Best regards Chao Zhang -Original Message- From: Long, Qin Sent: Wednesday, June 17, 2015 3:33 PM To: Zhang, Chao B; edk2-devel@lists.sourceforge.net Sub

Re: [edk2] [patch 0/2] *** Add UEFI2.5 PKCS7 Verification Protocol Support ***

Qin: It is good to me. Reviewed-by: Chao Zhang Thanks & Best regards Chao Zhang -Original Message- From: Long, Qin Sent: Wednesday, June 17, 2015 3:33 PM To: Zhang, Chao B; edk2-devel@lists.sourceforge.net Subject: [patch 0/2] *** Add UEFI2.5 PKCS7 Verification Protocol Sup

[edk2] [Patch] SecurityPkg: Fix wrong cert data measurement in DBX path

Fix wrong cert data measurement when image is rejected by DBX Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang --- SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/SecurityP

[edk2] [PATCH v2] MdePkg: Add EFI Capsule Report data structure and GUID

Add EFI Capsule Report data structure and GUID. It is defined in UEFI2.4A Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang --- MdePkg/Include/Guid/CapsuleReport.h | 105 MdePkg/MdePkg.dec | 3 ++ 2 files ch

[edk2] [Patch] MdePkg: Add EFI Capsule Report data structure and GUID

Add EFI Capsule Report data structure and GUID. It is defined in UEFI2.4A Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang --- MdePkg/Include/Guid/CapsuleReport.h | 105 MdePkg/MdePkg.dec | 5 +- 2 files ch

Re: [edk2] [PATCH] MdePkg:Add UEFI 2.5 PKCS7 Verification Protocol Definition

Qin: The patch is OK to me. Reviewed-by: Chao Zhang Thanks & Best regards Chao Zhang -Original Message- From: Long, Qin Sent: Thursday, June 04, 2015 10:48 AM To: Zhang, Chao B; edk2-devel@lists.sourceforge.net Cc: Long, Qin Subject: [PATCH] MdePkg:Add UEFI 2.5 P

Re: [edk2] [PATCH] MdePkg: Refine the format of comment in WindowsUxCapsule.h

Hi Shumin: The patch is good to me. Thanks for the fix Reviewed-by : Chao Zhang Thanks & Best regards Chao Zhang -Original Message- From: Qiu, Shumin Sent: Wednesday, June 03, 2015 4:48 PM To: edk2-devel@lists.sourceforge.net Cc: Zhang, Chao B Subject: [PATCH] MdePkg: Re

Re: [edk2] TPM device resource in ASL

3 AM To: edk2-devel@lists.sourceforge.net; Zhang, Chao B Subject: TPM device resource in ASL SecurityPkg Maintainers, Is there a specific reason to report TPM region 0xfed4 as ReadOnly instead of ReadWrite in ASL code? Thanks. SecurityPkg/Tcg/TcgSmm/Tpm.asl SecurityPkg/Tcg/TrEESm

[edk2] [Patch 0/2] Update coding style

Update coding style & fix potential NULL memory copy Zhang, Chao B (2): MdePkg: Update coding style MdeModulePkg: Update coding style MdeModulePkg/Universal/EsrtDxe/EsrtDxe.c | 25 +- MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf | 5 +++-- MdeModul

[edk2] [Patch 1/2] MdePkg: Update coding style

Update to follow Tiano Coding style. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang --- MdePkg/Include/IndustryStandard/WindowsUxCapsule.h | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/MdePkg/Include/IndustryStandard/WindowsUxCapsul

[edk2] [Patch 2/2] MdeModulePkg: Update coding style

Update to follow Tiano Coding style. Fix potential NULL memory copy Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang --- MdeModulePkg/Universal/EsrtDxe/EsrtDxe.c | 25 - MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf | 5 +++-- MdeModulePkg

[edk2] [Patch 3/3] MdeModulePkg: Add ESRT management module.

It provides a repository to cache ESRT info for FMP or Non-FMP instance. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang --- MdeModulePkg/MdeModulePkg.dsc | 1 + MdeModulePkg/Universal/EsrtDxe/EsrtDxe.c| 652

[edk2] [Patch 2/3] MdeModulePkg: Add ESRT management protocol definition

Add ESRT management protocol definition into MdeModulePkg. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang --- MdeModulePkg/Include/Protocol/EsrtManagement.h | 144 + MdeModulePkg/MdeModulePkg.dec | 20 +++- MdeModulePkg

[edk2] [Patch 0/3] Add ESRT module

Add ESRT module. It is used to manage ESRT cache repository for FMP or NonFMP instance Zhang, Chao B (3): MdePkg: Add Microsoft UX capsule GUID & layout MdeModulePkg: Add ESRT management protocol definition MdeModulePkg: Add ESRT management module. MdeModulePkg/Include/Prot

[edk2] [Patch 1/3] MdePkg: Add Microsoft UX capsule GUID & layout

Add Microsoft UX capsule GUID & layout into IndustryStandard Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang --- MdePkg/Include/IndustryStandard/WindowsUxCapsule.h | 46 ++ MdePkg/MdePkg.dec | 6 +++ 2 files

Re: [edk2] [PATCH] SecurityPkg: allow image digest enrollment of non-Intel binaries

Agreement 1.0 Signed-off-by: Ard Biesheuvel Reviewed- by: Chao Zhang Thanks & Best regards Chao Zhang -Original Message- From: Ard Biesheuvel [mailto:ard.biesheu...@linaro.org] Sent: Monday, May 11, 2015 1:23 PM To: Zhang, Chao B Cc: edk2-devel@lists.sourceforge.net;

Re: [edk2] [PATCH] SecurityPkg: allow image digest enrollment of non-Intel binaries

Ard : It looks good to me. Reviewed-by: Chao Zhang Thanks & Best regards Chao Zhang -Original Message- From: Ard Biesheuvel [mailto:ard.biesheu...@linaro.org] Sent: Saturday, May 09, 2015 1:17 AM To: Zhang, Chao B; edk2-devel@lists.sourceforge.net Cc: ler...@redhat.com; ro

Re: [edk2] [Patch] MdePkg/Include: Add support for flexible array members

Hi Mike: I tried VS2008. UINTN Image[] can pass build. Thanks for the patch From: Kinney, Michael D [mailto:michael.d.kin...@intel.com] Sent: Wednesday, May 06, 2015 9:59 AM To: edk2-devel@lists.sourceforge.net Subject: [edk2] [Patch] MdePkg/Include: Add

[edk2] [Patch 3/3] MdeModulePkg : Add ESRT management module

Add ESRT management module. It provides a repository to cache ESRT info for FMP or Non-FMP instance Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang --- MdeModulePkg/Universal/EsrtDxe/EsrtDxe.c | 645 ++ MdeModulePkg/Universal/EsrtDx

[edk2] [Patch 1/3] MdePkg : Add Microsoft UX capsule GUID & layout

Add Microsoft UX capsule GUID & layout into IndustryStandard Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang --- MdePkg/Include/IndustryStandard/WindowsUxCapsule.h | 53 ++ MdePkg/MdePkg.dec | 5 ++ 2 files

[edk2] [Patch 2/3] MdeModulePkg : Add ESRT management protocol definition

Add ESRT management protocol definition into MdeModulePkg Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang --- MdeModulePkg/Include/Protocol/EsrtManagement.h | 136 + MdeModulePkg/MdeModulePkg.dec | 20 MdeModulePkg

[edk2] [Patch 0/3] Add ESRT Support

1. Add ESRT Module into MdeModulePkg. ESRT protocol is used to cache ESRT info for Non-FMP or FMP instance. Protocol provides interface to lock Repository. 2. Add Microsoft UX Capsule GUID & Layout Definition into IndustryStandard Zhang, Chao B (3): MdePkg : Add Microsoft UX capsule

Re: [edk2] [PATCH 1/3] SecurityPkg: remove unused variables

2015 11:10 PM To: Zhang, Chao B; edk2-devel@lists.sourceforge.net Subject: Re: [edk2] [PATCH 1/3] SecurityPkg: remove unused variables On 04/29/15 16:08, Zhang, Chao B wrote: > Laszlo: > Can you provide more info about the environment on which build failure > exposes. Ard answered that;

Re: [edk2] [PATCH 1/3] SecurityPkg: remove unused variables

Laszlo: Can you provide more info about the environment on which build failure exposes. When do you plan to check in this patch? Thanks & Best regards Chao Zhang -Original Message- From: Zhang, Chao B Sent: Tuesday, April 28, 2015 10:37 AM To: 'edk2-devel@lists.sourceforg

Re: [edk2] [PATCH 1/3] SecurityPkg: remove unused variables

Laszlo: It looks good to me. Reviewed-by: Chao Zhang Thanks & Best regards Chao Zhang -Original Message- From: Laszlo Ersek [mailto:ler...@redhat.com] Sent: Monday, April 27, 2015 7:08 PM To: edk2-devel@lists.sourceforge.net Cc: Zhang, Chao B Subject: Re: [edk2] [PATCH