Revision: 14923
http://sourceforge.net/p/edk2/code/14923
Author: sfu5
Date: 2013-12-02 07:52:35 +0000 (Mon, 02 Dec 2013)
Log Message:
-----------
Update DEC file and DxeImageVerificationLib to note user that
ALLOW_EXECUTE_ON_SECURITY_VIOLATION is no longer supported.
Signed-off-by: Fu Siyuan <[email protected]>
Reviewed-by: Dong, Guo <[email protected]>
Modified Paths:
--------------
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
trunk/edk2/SecurityPkg/SecurityPkg.dec
Modified:
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
===================================================================
---
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
2013-11-30 06:33:08 UTC (rev 14922)
+++
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
2013-12-02 07:52:35 UTC (rev 14923)
@@ -1108,10 +1108,11 @@
}
//
- // The policy QUERY_USER_ON_SECURITY_VIOLATION violates the UEFI spec and
has been removed.
+ // The policy QUERY_USER_ON_SECURITY_VIOLATION and
ALLOW_EXECUTE_ON_SECURITY_VIOLATION
+ // violates the UEFI spec and has been removed.
//
- ASSERT (Policy != QUERY_USER_ON_SECURITY_VIOLATION);
- if (Policy == QUERY_USER_ON_SECURITY_VIOLATION) {
+ ASSERT (Policy != QUERY_USER_ON_SECURITY_VIOLATION && Policy !=
ALLOW_EXECUTE_ON_SECURITY_VIOLATION);
+ if (Policy == QUERY_USER_ON_SECURITY_VIOLATION || Policy ==
ALLOW_EXECUTE_ON_SECURITY_VIOLATION) {
CpuDeadLoop ();
}
Modified: trunk/edk2/SecurityPkg/SecurityPkg.dec
===================================================================
--- trunk/edk2/SecurityPkg/SecurityPkg.dec 2013-11-30 06:33:08 UTC (rev
14922)
+++ trunk/edk2/SecurityPkg/SecurityPkg.dec 2013-12-02 07:52:35 UTC (rev
14923)
@@ -114,7 +114,8 @@
# DEFER_EXECUTE_ON_SECURITY_VIOLATION 0x00000003
# DENY_EXECUTE_ON_SECURITY_VIOLATION 0x00000004
# QUERY_USER_ON_SECURITY_VIOLATION 0x00000005
- # NOTE: Do NOT use QUERY_USER_ON_SECURITY_VIOLATION since it violates the
UEFI specification and has been removed.
+ # NOTE: Do NOT use QUERY_USER_ON_SECURITY_VIOLATION and
ALLOW_EXECUTE_ON_SECURITY_VIOLATION since
+ # it violates the UEFI specification and has been removed.
gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x04|UINT32|0x00000001
## Pcd for removable media.
@@ -126,7 +127,8 @@
# DEFER_EXECUTE_ON_SECURITY_VIOLATION 0x00000003
# DENY_EXECUTE_ON_SECURITY_VIOLATION 0x00000004
# QUERY_USER_ON_SECURITY_VIOLATION 0x00000005
- # NOTE: Do NOT use QUERY_USER_ON_SECURITY_VIOLATION since it violates the
UEFI specification and has been removed.
+ # NOTE: Do NOT use QUERY_USER_ON_SECURITY_VIOLATION and
ALLOW_EXECUTE_ON_SECURITY_VIOLATION since
+ # it violates the UEFI specification and has been removed.
gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy|0x04|UINT32|0x00000002
## Pcd for fixed media.
@@ -138,7 +140,8 @@
# DEFER_EXECUTE_ON_SECURITY_VIOLATION 0x00000003
# DENY_EXECUTE_ON_SECURITY_VIOLATION 0x00000004
# QUERY_USER_ON_SECURITY_VIOLATION 0x00000005
- # NOTE: Do NOT use QUERY_USER_ON_SECURITY_VIOLATION since it violates the
UEFI specification and has been removed.
+ # NOTE: Do NOT use QUERY_USER_ON_SECURITY_VIOLATION and
ALLOW_EXECUTE_ON_SECURITY_VIOLATION since
+ # it violates the UEFI specification and has been removed.
gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy|0x04|UINT32|0x00000003
## Defer Image Load policy settings.
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
------------------------------------------------------------------------------
Rapidly troubleshoot problems before they affect your business. Most IT
organizations don't have a clear picture of how application performance
affects their revenue. With AppDynamics, you get 100% visibility into your
Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro!
http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
_______________________________________________
edk2-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/edk2-commits
