From nobody Sun Apr 28 03:58:07 2024 Delivered-To: importer@patchew.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Authentication-Results: mx.zoho.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1486613707462616.2277907386325; Wed, 8 Feb 2017 20:15:07 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 22EB781F2B; Wed, 8 Feb 2017 20:15:05 -0800 (PST) Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 4CAE281EE4 for ; Wed, 8 Feb 2017 20:15:03 -0800 (PST) Received: from orsmga005.jf.intel.com ([10.7.209.41]) by fmsmga102.fm.intel.com with ESMTP; 08 Feb 2017 20:15:03 -0800 Received: from shwde7172.ccr.corp.intel.com ([10.239.9.23]) by orsmga005.jf.intel.com with ESMTP; 08 Feb 2017 20:15:02 -0800 X-Original-To: edk2-devel@lists.01.org X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.35,349,1484035200"; d="scan'208";a="62544371" From: Liming Gao To: edk2-devel@lists.01.org Date: Thu, 9 Feb 2017 12:14:51 +0800 Message-Id: <1486613692-11076-2-git-send-email-liming.gao@intel.com> X-Mailer: git-send-email 2.8.0.windows.1 In-Reply-To: <1486613692-11076-1-git-send-email-liming.gao@intel.com> References: <1486613692-11076-1-git-send-email-liming.gao@intel.com> Subject: [edk2] [Patch 1/2] MdeModulePkg PeiCore: Reset PeimNeedingDispatch when its security violation X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Star Zeng MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" When PEIM is security violation, its matched extraction ppi may not be installed. So, its PeimNeedingDispatch will still reset to TRUE. Cc: Star Zeng Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Liming Gao Reviewed-by: Star Zeng to this change. --- MdeModulePkg/Core/Pei/Dispatcher/Dispatcher.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/MdeModulePkg/Core/Pei/Dispatcher/Dispatcher.c b/MdeModulePkg/C= ore/Pei/Dispatcher/Dispatcher.c index 3934ed0..ff43a90 100644 --- a/MdeModulePkg/Core/Pei/Dispatcher/Dispatcher.c +++ b/MdeModulePkg/Core/Pei/Dispatcher/Dispatcher.c @@ -1,7 +1,7 @@ /** @file EFI PEI Core dispatch services =20 -Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.
+Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.
(C) Copyright 2016 Hewlett Packard Enterprise Development LP
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD = License @@ -1111,6 +1111,13 @@ PeiDispatcher ( PeimEntryPoint =3D (EFI_PEIM_ENTRY_POINT2)(UINTN)EntryPo= int; PeimEntryPoint (PeimFileHandle, (const EFI_PEI_SERVICES = **) PeiServices); Private->PeimDispatchOnThisPass =3D TRUE; + } else { + // + // The related GuidedSectionExtraction PPI for the + // signed PEIM image section may be installed in the rest + // of this do-while loop, so need to make another pass. + // + Private->PeimNeedingDispatch =3D TRUE; } =20 REPORT_STATUS_CODE_WITH_EXTENDED_DATA ( --=20 2.8.0.windows.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel From nobody Sun Apr 28 03:58:07 2024 Delivered-To: importer@patchew.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Authentication-Results: mx.zoho.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1486613710533296.4297632998241; Wed, 8 Feb 2017 20:15:10 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 688B981F29; Wed, 8 Feb 2017 20:15:07 -0800 (PST) Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 3B8B281EE4 for ; Wed, 8 Feb 2017 20:15:04 -0800 (PST) Received: from orsmga005.jf.intel.com ([10.7.209.41]) by fmsmga102.fm.intel.com with ESMTP; 08 Feb 2017 20:15:04 -0800 Received: from shwde7172.ccr.corp.intel.com ([10.239.9.23]) by orsmga005.jf.intel.com with ESMTP; 08 Feb 2017 20:15:03 -0800 X-Original-To: edk2-devel@lists.01.org X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.35,349,1484035200"; d="scan'208";a="62544385" From: Liming Gao To: edk2-devel@lists.01.org Date: Thu, 9 Feb 2017 12:14:52 +0800 Message-Id: <1486613692-11076-3-git-send-email-liming.gao@intel.com> X-Mailer: git-send-email 2.8.0.windows.1 In-Reply-To: <1486613692-11076-1-git-send-email-liming.gao@intel.com> References: <1486613692-11076-1-git-send-email-liming.gao@intel.com> Subject: [edk2] [Patch 2/2] MdeModulePkg PeiCore: Don't cache GUIDED section with AUTH_NOT_TESTED X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Star Zeng MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" If GUIDED section authentication has EFI_AUTH_STATUS_NOT_TESTED, its matched extraction ppi may not be installed. So, don't cache its data. Cc: Star Zeng Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Liming Gao Reviewed-by: Star Zeng --- MdeModulePkg/Core/Pei/FwVol/FwVol.c | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/MdeModulePkg/Core/Pei/FwVol/FwVol.c b/MdeModulePkg/Core/Pei/Fw= Vol/FwVol.c index 8d07bd0..0bbb86d 100644 --- a/MdeModulePkg/Core/Pei/FwVol/FwVol.c +++ b/MdeModulePkg/Core/Pei/FwVol/FwVol.c @@ -2,7 +2,7 @@ Pei Core Firmware File System service routines. =20 Copyright (c) 2015 HP Development Company, L.P. -Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.
+Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.
This program and the accompanying materials =20 are licensed and made available under the terms and conditions of the BSD = License =20 which accompanies this distribution. The full text of the license may be = found at =20 @@ -913,17 +913,19 @@ ProcessSection ( } =20 if (!EFI_ERROR (Status)) { - // - // Update cache section data. - // - if (PrivateData->CacheSection.AllSectionCount < CACHE_SETION_MAX= _NUMBER) { - PrivateData->CacheSection.AllSectionCount ++; + if ((Authentication & EFI_AUTH_STATUS_NOT_TESTED) =3D=3D 0) { + // + // Update cache section data. + // + if (PrivateData->CacheSection.AllSectionCount < CACHE_SETION_M= AX_NUMBER) { + PrivateData->CacheSection.AllSectionCount ++; + } + PrivateData->CacheSection.Section [PrivateData->CacheSection.S= ectionIndex] =3D Section; + PrivateData->CacheSection.SectionData [PrivateData->CacheSecti= on.SectionIndex] =3D PpiOutput; + PrivateData->CacheSection.SectionSize [PrivateData->CacheSecti= on.SectionIndex] =3D PpiOutputSize; + PrivateData->CacheSection.AuthenticationStatus [PrivateData->C= acheSection.SectionIndex] =3D Authentication; + PrivateData->CacheSection.SectionIndex =3D (PrivateData->Cache= Section.SectionIndex + 1)%CACHE_SETION_MAX_NUMBER; } - PrivateData->CacheSection.Section [PrivateData->CacheSection.Sec= tionIndex] =3D Section; - PrivateData->CacheSection.SectionData [PrivateData->CacheSection= .SectionIndex] =3D PpiOutput; - PrivateData->CacheSection.SectionSize [PrivateData->CacheSection= .SectionIndex] =3D PpiOutputSize; - PrivateData->CacheSection.AuthenticationStatus [PrivateData->Cac= heSection.SectionIndex] =3D Authentication; - PrivateData->CacheSection.SectionIndex =3D (PrivateData->CacheSe= ction.SectionIndex + 1)%CACHE_SETION_MAX_NUMBER; =20 TempAuthenticationStatus =3D 0; Status =3D ProcessSection ( --=20 2.8.0.windows.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel