date:20160117

[edk2] [PATCH 1/2] PerformancePkg Dp_App: Use Image->FilePath to get name for SMM drivers

2016-01-17 Thread Star Zeng

This enhancement is to use the FilePath field in the loaded image
protocol to find the name of an image as a fallback for when the
loaded image device path protocol is not installed on the image handle.
This is necessary because the SMM core does not install the loaded
image device path protocol, so DP was displaying "Unknown Driver Name"
for every SMM driver.

Cc: Liming Gao 
Cc: Daryl McDaniel 
Cc: Jaben Carsey 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng 
---
 PerformancePkg/Dp_App/DpUtilities.c | 13 ++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/PerformancePkg/Dp_App/DpUtilities.c 
b/PerformancePkg/Dp_App/DpUtilities.c
index ec5a524..b49844a 100644
--- a/PerformancePkg/Dp_App/DpUtilities.c
+++ b/PerformancePkg/Dp_App/DpUtilities.c
@@ -1,7 +1,7 @@
 /** @file
   Utility functions used by the Dp application.
 
-  Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.
+  Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.
   This program and the accompanying materials
   are licensed and made available under the terms and conditions of the BSD 
License
   which accompanies this distribution.  The full text of the license may be 
found at
@@ -221,6 +221,9 @@ GetNameFromHandle (
   CHAR8   *BestLanguage;
   EFI_COMPONENT_NAME2_PROTOCOL  *ComponentName2;
 
+  Image = NULL;
+  LoadedImageDevicePath = NULL;
+  DevicePath = NULL;
   BestLanguage = NULL;
   PlatformLanguage = NULL;
 
@@ -307,9 +310,13 @@ GetNameFromHandle (
   );
   if (!EFI_ERROR (Status) && (LoadedImageDevicePath != NULL)) {
 DevicePath = LoadedImageDevicePath;
+  } else if (Image != NULL) {
+DevicePath = Image->FilePath;
+  }
 
+  if (DevicePath != NULL) {
 //
-// Try to get image GUID from LoadedImageDevicePath protocol
+// Try to get image GUID from image DevicePath
 //
 NameGuid = NULL;
 while (!IsDevicePathEndType (DevicePath)) {
@@ -356,7 +363,7 @@ GetNameFromHandle (
   //
   // Method 5: Get the name string from image DevicePath
   //
-  NameString = ConvertDevicePathToText (LoadedImageDevicePath, TRUE, 
FALSE);
+  NameString = ConvertDevicePathToText (DevicePath, TRUE, FALSE);
   if (NameString != NULL) {
 StrnCpyS (
   mGaugeString,
-- 
2.7.0.windows.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 0/2] DP: Use Image->FilePath to get name for SMM drivers

2016-01-17 Thread Star Zeng

This enhancement is to use the FilePath field in the loaded image
protocol to find the name of an image as a fallback for when the
loaded image device path protocol is not installed on the image handle.
This is necessary because the SMM core does not install the loaded
image device path protocol, so DP was displaying "Unknown Driver Name"
for every SMM driver.

Star Zeng (2):
  PerformancePkg Dp_App: Use Image->FilePath to get name for SMM drivers
  ShellPkg UefiDpLib: Use Image->FilePath to get name for SMM drivers

 PerformancePkg/Dp_App/DpUtilities.c  | 13 ++---
 ShellPkg/Library/UefiDpLib/DpUtilities.c | 14 +++---
 2 files changed, 21 insertions(+), 6 deletions(-)

-- 
2.7.0.windows.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [Patch] BaseTools: process the files by the priority in BUILDRULEORDER

2016-01-17 Thread Yonghong Zhu

By the BUILDRULEORDER feature to process files listed in INF [Sources]
sections in priority order, if a filename is listed with multiple
extensions, the tools will use only the file that matches the first
extension in the space separated list.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Yonghong Zhu 
---
 BaseTools/Source/Python/AutoGen/AutoGen.py | 29 -
 1 file changed, 28 insertions(+), 1 deletion(-)

diff --git a/BaseTools/Source/Python/AutoGen/AutoGen.py 
b/BaseTools/Source/Python/AutoGen/AutoGen.py
index abac477..e9f4888 100644
--- a/BaseTools/Source/Python/AutoGen/AutoGen.py
+++ b/BaseTools/Source/Python/AutoGen/AutoGen.py
@@ -1,9 +1,9 @@
 ## @file
 # Generate AutoGen.h, AutoGen.c and *.depex files
 #
-# Copyright (c) 2007 - 2015, Intel Corporation. All rights reserved.
+# Copyright (c) 2007 - 2016, Intel Corporation. All rights reserved.
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD 
License
 # which accompanies this distribution.  The full text of the license may be 
found at
 # http://opensource.org/licenses/bsd-license.php
 #
@@ -2739,13 +2739,40 @@ class ModuleAutoGen(AutoGen):
 
 # add the file path into search path list for file including
 if F.Dir not in self.IncludePathList and self.AutoGenVersion 
>= 0x00010005:
 self.IncludePathList.insert(0, F.Dir)
 self._SourceFileList.append(F)
+
+self._MatchBuildRuleOrder(self._SourceFileList)
+
+for F in self._SourceFileList:
 self._ApplyBuildRule(F, TAB_UNKNOWN_FILE)
 return self._SourceFileList
 
+def _MatchBuildRuleOrder(self, FileList):
+Order_Dict = {}
+self._GetModuleBuildOption()
+for SingleFile in FileList:
+if self.BuildRuleOrder and SingleFile.Ext in self.BuildRuleOrder 
and SingleFile.Ext in self.BuildRules:
+key = SingleFile.Path.split(SingleFile.Ext)[0]
+if key in Order_Dict:
+Order_Dict[key].append(SingleFile.Ext)
+else:
+Order_Dict[key] = [SingleFile.Ext]
+
+RemoveList = []
+for F in Order_Dict:
+if len(Order_Dict[F]) > 1:
+Order_Dict[F].sort(key=lambda i: self.BuildRuleOrder.index(i))
+for Ext in Order_Dict[F][1:]:
+RemoveList.append(F + Ext)
+   
+for item in RemoveList:
+FileList.remove(item)
+
+return FileList
+
 ## Return the list of unicode files
 def _GetUnicodeFileList(self):
 if self._UnicodeFileList == None:
 if TAB_UNICODE_FILE in self.FileTypes:
 self._UnicodeFileList = self.FileTypes[TAB_UNICODE_FILE]
-- 
2.6.1.windows.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [patch] SecurityPkg: Mark MorLock module deprecated.

2016-01-17 Thread jiewen yao

This module only handles MOR lock v1.
Now MOR lock V2 solution is published and added in variable
driver. So this module can be deprecated.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" 
Cc: "Zhang, Chao B" 
Cc: "Zeng, Star" 
---
 SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf | 5 -
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git 
a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf 
b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf
index a35a01f..1623bd0 100644
--- a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf
+++ b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf
@@ -3,7 +3,10 @@
 #
 #  This module will add Variable Hook and allow 
MemoryOverwriteRequestControlLock variable set only once.
 #
-# Copyright (c) 2015, Intel Corporation. All rights reserved.
+#  NOTE: This module only handles secure MOR V1 and is deprecated.
+#  The secure MOR V2 is handled inside of variable driver.
+#
+# Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD 
License
 # which accompanies this distribution. The full text of the license may be 
found at
-- 
1.9.5.msysgit.0

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [PATCH 10/12] ShellPkg: Add NOOPT target in ShellPkg.dsc

2016-01-17 Thread Qiu, Shumin

Reviewed-by: Qiu Shumin 

-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Hao Wu
Sent: Monday, January 18, 2016 1:18 PM
To: edk2-devel@lists.01.org; Gao, Liming
Cc: Wu, Hao A
Subject: [edk2] [PATCH 10/12] ShellPkg: Add NOOPT target in ShellPkg.dsc

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu 
---
 ShellPkg/ShellPkg.dsc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ShellPkg/ShellPkg.dsc b/ShellPkg/ShellPkg.dsc index 
7e07cfb..b29adb8 100644
--- a/ShellPkg/ShellPkg.dsc
+++ b/ShellPkg/ShellPkg.dsc
@@ -1,7 +1,7 @@
 ##  @file
 # Shell Package
 #
-# Copyright (c) 2007 - 2015, Intel Corporation. All rights reserved.
+# Copyright (c) 2007 - 2016, Intel Corporation. All rights 
+reserved.
 #
 #This program and the accompanying materials
 #are licensed and made available under the terms and conditions of the BSD 
License
@@ -20,7 +20,7 @@
   DSC_SPECIFICATION  = 0x00010006
   OUTPUT_DIRECTORY   = Build/Shell
   SUPPORTED_ARCHITECTURES= IA32|IPF|X64|EBC|ARM|AARCH64
-  BUILD_TARGETS  = DEBUG|RELEASE
+  BUILD_TARGETS  = DEBUG|RELEASE|NOOPT
   SKUID_IDENTIFIER   = DEFAULT
 
 [LibraryClasses.common]
--
1.9.5.msysgit.0

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [patch] SecurityPkg: Mark MorLock module deprecated.

2016-01-17 Thread Zhang, Chao B

Jiewen:
  The patch is good to me. Reviewed-by: Chao Zhang 





Thanks & Best regards
Chao Zhang


-Original Message-
From: Yao, Jiewen 
Sent: Monday, January 18, 2016 3:37 PM
To: edk2-de...@ml01.01.org
Cc: Yao, Jiewen; Zhang, Chao B; Zeng, Star
Subject: [patch] SecurityPkg: Mark MorLock module deprecated.

This module only handles MOR lock v1.
Now MOR lock V2 solution is published and added in variable driver. So this 
module can be deprecated.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" 
Cc: "Zhang, Chao B" 
Cc: "Zeng, Star" 
---
 SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf | 5 -
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git 
a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf 
b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf
index a35a01f..1623bd0 100644
--- a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf
+++ b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.in
+++ f
@@ -3,7 +3,10 @@
 #
 #  This module will add Variable Hook and allow 
MemoryOverwriteRequestControlLock variable set only once.
 #
-# Copyright (c) 2015, Intel Corporation. All rights reserved.
+#  NOTE: This module only handles secure MOR V1 and is deprecated.
+#  The secure MOR V2 is handled inside of variable driver.
+#
+# Copyright (c) 2015 - 2016, Intel Corporation. All rights 
+reserved.
 # This program and the accompanying materials  # are licensed and made 
available under the terms and conditions of the BSD License  # which 
accompanies this distribution. The full text of the license may be found at
--
1.9.5.msysgit.0

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [patch] SecurityPkg: Mark MorLock module deprecated.

2016-01-17 Thread Zeng, Star


On 2016/1/18 15:37, jiewen yao wrote:

This module only handles MOR lock v1.
Now MOR lock V2 solution is published and added in variable
driver. So this module can be deprecated.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" 
Cc: "Zhang, Chao B" 
Cc: "Zeng, Star" 
---
  SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf | 5 -
  1 file changed, 4 insertions(+), 1 deletion(-)


Reviewed-by: Star Zeng 



diff --git 
a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf 
b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf
index a35a01f..1623bd0 100644
--- a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf
+++ b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf
@@ -3,7 +3,10 @@
  #
  #  This module will add Variable Hook and allow 
MemoryOverwriteRequestControlLock variable set only once.
  #
-# Copyright (c) 2015, Intel Corporation. All rights reserved.
+#  NOTE: This module only handles secure MOR V1 and is deprecated.
+#  The secure MOR V2 is handled inside of variable driver.
+#
+# Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.
  # This program and the accompanying materials
  # are licensed and made available under the terms and conditions of the BSD 
License
  # which accompanies this distribution. The full text of the license may be 
found at



___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 09/12] SecurityPkg: Add NOOPT target in SecurityPkg.dsc

2016-01-17 Thread Hao Wu

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu 
---
 SecurityPkg/SecurityPkg.dsc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc
index 0908b26..0f1fc0f 100644
--- a/SecurityPkg/SecurityPkg.dsc
+++ b/SecurityPkg/SecurityPkg.dsc
@@ -1,7 +1,7 @@
 ## @file
 #  Security Module Package for All Architectures.
 #
-# Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.
+# Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.
 # (C) Copyright 2015 Hewlett Packard Enterprise Development LP
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD 
License
@@ -20,7 +20,7 @@
   DSC_SPECIFICATION  = 0x00010005
   OUTPUT_DIRECTORY   = Build/SecurityPkg
   SUPPORTED_ARCHITECTURES= IA32|IPF|X64|EBC
-  BUILD_TARGETS  = DEBUG|RELEASE
+  BUILD_TARGETS  = DEBUG|RELEASE|NOOPT
   SKUID_IDENTIFIER   = DEFAULT
 
 [LibraryClasses]
-- 
1.9.5.msysgit.0

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 11/12] SourceLevelDebugPkg: Add NOOPT target in SourceLevelDebugPkg.dsc

2016-01-17 Thread Hao Wu

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu 
---
 SourceLevelDebugPkg/SourceLevelDebugPkg.dsc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/SourceLevelDebugPkg/SourceLevelDebugPkg.dsc 
b/SourceLevelDebugPkg/SourceLevelDebugPkg.dsc
index 0dcaea2..bf14ec4 100644
--- a/SourceLevelDebugPkg/SourceLevelDebugPkg.dsc
+++ b/SourceLevelDebugPkg/SourceLevelDebugPkg.dsc
@@ -1,7 +1,7 @@
 ## @file
 # Source Level Debug Package.
 #
-# Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.
+# Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.
 #
 #This program and the accompanying materials
 #are licensed and made available under the terms and conditions of the BSD 
License
@@ -25,7 +25,7 @@
   DSC_SPECIFICATION  = 0x00010005
   OUTPUT_DIRECTORY   = Build/SourceLevelDebugPkg
   SUPPORTED_ARCHITECTURES= IA32|X64
-  BUILD_TARGETS  = DEBUG|RELEASE
+  BUILD_TARGETS  = DEBUG|RELEASE|NOOPT
   SKUID_IDENTIFIER   = DEFAULT
 
 [LibraryClasses.common]
-- 
1.9.5.msysgit.0

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 12/12] UefiCpuPkg: Add NOOPT target in UefiCpuPkg.dsc

2016-01-17 Thread Hao Wu

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu 
---
 UefiCpuPkg/UefiCpuPkg.dsc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/UefiCpuPkg/UefiCpuPkg.dsc b/UefiCpuPkg/UefiCpuPkg.dsc
index 4061050..31e60bb 100644
--- a/UefiCpuPkg/UefiCpuPkg.dsc
+++ b/UefiCpuPkg/UefiCpuPkg.dsc
@@ -1,7 +1,7 @@
 ## @file
 #  UefiCpuPkg Package
 #
-#  Copyright (c) 2007 - 2015, Intel Corporation. All rights reserved.
+#  Copyright (c) 2007 - 2016, Intel Corporation. All rights reserved.
 #
 #  This program and the accompanying materials
 #  are licensed and made available under the terms and conditions of the BSD 
License
@@ -20,7 +20,7 @@
   DSC_SPECIFICATION  = 0x00010005
   OUTPUT_DIRECTORY   = Build/UefiCpu
   SUPPORTED_ARCHITECTURES= IA32|IPF|X64
-  BUILD_TARGETS  = DEBUG|RELEASE
+  BUILD_TARGETS  = DEBUG|RELEASE|NOOPT
   SKUID_IDENTIFIER   = DEFAULT
 
 #
-- 
1.9.5.msysgit.0

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 08/12] PerformancePkg: Add NOOPT target in PerformancePkg.dsc

2016-01-17 Thread Hao Wu

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu 
---
 PerformancePkg/PerformancePkg.dsc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/PerformancePkg/PerformancePkg.dsc 
b/PerformancePkg/PerformancePkg.dsc
index d03ea36..ac53c4e 100644
--- a/PerformancePkg/PerformancePkg.dsc
+++ b/PerformancePkg/PerformancePkg.dsc
@@ -1,7 +1,7 @@
 ## @file
 # Build description file to generate Shell DP application.
 #
-# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.
+# Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD 
License
 # which accompanies this distribution.  The full text of the license may be 
found at
@@ -19,7 +19,7 @@
   PLATFORM_VERSION   = 0.2
   OUTPUT_DIRECTORY   = Build/PerformancePkg
   SUPPORTED_ARCHITECTURES= IA32|IPF|X64|EBC
-  BUILD_TARGETS  = DEBUG|RELEASE
+  BUILD_TARGETS  = DEBUG|RELEASE|NOOPT
   SKUID_IDENTIFIER   = DEFAULT
 
 [LibraryClasses]
-- 
1.9.5.msysgit.0

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [patch V2 1/3] MdeModulePkg: Add MorLockSmm to variable driver.

2016-01-17 Thread jiewen yao

Microsoft published secure MOR implementation at
https://msdn.microsoft.com/en-us/library/windows/hardware/mt270973(v=vs.85).aspx
with revision 2 update. See URL for tech detail.
Previous revision 1 is handled in SecurityPkg\Tcg\
MemoryOverwriteRequestControlLock.
But the VarCheck API can not satisfy revision 2 requirement.
So we decide include MOR lock control into variable driver
directly.

This patch add standalone TcgMorLockSmm implementation.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" 
Cc: "Zhang, Chao B" 
Cc: "Zeng, Star" 
---
 .../Universal/Variable/RuntimeDxe/TcgMorLockSmm.c  | 394 +
 1 file changed, 394 insertions(+)
 create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c 
b/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c
new file mode 100644
index 000..dade10a
--- /dev/null
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c
@@ -0,0 +1,394 @@
+/** @file
+  TCG MOR (Memory Overwrite Request) Lock Control support (SMM version).
+
+  This module initilizes MemoryOverwriteRequestControlLock variable.
+  This module adds Variable Hook and check MemoryOverwriteRequestControlLock.
+
+Copyright (c) 2016, Intel Corporation. All rights reserved.
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD 
License
+which accompanies this distribution.  The full text of the license may be 
found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include "Variable.h"
+
+typedef struct {
+  CHAR16 *VariableName;
+  EFI_GUID   *VendorGuid;
+} VARIABLE_TYPE;
+
+VARIABLE_TYPE  mMorVariableType[] = {
+  {MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,  
},
+  {MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME,  
},
+};
+
+#define MOR_LOCK_DATA_UNLOCKED   0x0
+#define MOR_LOCK_DATA_LOCKED_WITHOUT_KEY 0x1
+#define MOR_LOCK_DATA_LOCKED_WITH_KEY0x2
+
+#define MOR_LOCK_V1_SIZE  1
+#define MOR_LOCK_V2_KEY_SIZE  8
+
+typedef enum {
+  MorLockStateUnlocked = 0,
+  MorLockStateLocked = 1,
+} MOR_LOCK_STATE;
+
+UINT8   mMorLockKey[MOR_LOCK_V2_KEY_SIZE];
+BOOLEAN mMorLockKeyEmpty = TRUE;
+BOOLEAN mMorLockPassThru = FALSE;
+MOR_LOCK_STATE  mMorLockState = MorLockStateUnlocked;
+
+/**
+  Returns if this is MOR related variable.
+
+  @param  VariableName the name of the vendor's variable, it's a 
Null-Terminated Unicode String
+  @param  VendorGuid   Unify identifier for vendor.
+
+  @retval  TRUEThe variable is MOR related.
+  @retval  FALSE   The variable is NOT MOR related.
+**/
+BOOLEAN
+IsAnyMorVariable (
+  IN CHAR16 *VariableName,
+  IN EFI_GUID   *VendorGuid
+  )
+{
+  UINTN   Index;
+
+  for (Index = 0; Index < 
sizeof(mMorVariableType)/sizeof(mMorVariableType[0]); Index++) {
+if ((StrCmp (VariableName, mMorVariableType[Index].VariableName) == 0) && 
+(CompareGuid (VendorGuid, mMorVariableType[Index].VendorGuid))) {
+  return TRUE;
+}
+  }
+  return FALSE;
+}
+
+/**
+  Returns if this is MOR lock variable.
+
+  @param  VariableName the name of the vendor's variable, it's a 
Null-Terminated Unicode String
+  @param  VendorGuid   Unify identifier for vendor.
+
+  @retval  TRUEThe variable is MOR lock variable.
+  @retval  FALSE   The variable is NOT MOR lock variable.
+**/
+BOOLEAN
+IsMorLockVariable (
+  IN CHAR16 *VariableName,
+  IN EFI_GUID   *VendorGuid
+  )
+{
+  if ((StrCmp (VariableName, MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME) == 0) 
&& 
+  (CompareGuid (VendorGuid, ))) {
+return TRUE;
+  }
+  return FALSE;
+}
+
+/**
+  Set MOR lock variable.
+
+  @param  Data MOR Lock variable data.
+
+  @retval  EFI_SUCCESSThe firmware has successfully stored the 
variable and its data as
+  defined by the Attributes.
+  @retval  EFI_INVALID_PARAMETER  An invalid combination of attribute bits was 
supplied, or the
+  DataSize exceeds the maximum allowed.
+  @retval  EFI_INVALID_PARAMETER  VariableName is an empty Unicode string.
+  @retval  EFI_OUT_OF_RESOURCES   Not enough storage is available to hold the 
variable and its data.
+  @retval  EFI_DEVICE_ERROR   The variable could not be saved due to a 
hardware failure.
+  @retval  EFI_WRITE_PROTECTEDThe variable in question is read-only.
+  @retval  EFI_WRITE_PROTECTEDThe

[edk2] [patch V2 0/3] Add MorLock to variable driver

2016-01-17 Thread jiewen yao

Microsoft published secure MOR implementation at
https://msdn.microsoft.com/en-us/library/windows/hardware/mt270973(v=vs.85).aspx
with revision 2 update.
This series patches add MOR lock revision 2
to variable driver.

jiewen yao (3):
  MdeModulePkg: Add MorLockSmm to variable driver.
  MdeModulePkg: Add MorLockDxe to variable driver.
  MdeModulePkg: Add MorLock to variable driver.

 .../Universal/Variable/RuntimeDxe/TcgMorLockDxe.c  |  89 +
 .../Universal/Variable/RuntimeDxe/TcgMorLockSmm.c  | 394 +
 .../Universal/Variable/RuntimeDxe/Variable.c   |  60 +++-
 .../Variable/RuntimeDxe/VariableRuntimeDxe.inf |   6 +-
 .../Universal/Variable/RuntimeDxe/VariableSmm.inf  |   6 +-
 5 files changed, 552 insertions(+), 3 deletions(-)
 create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockDxe.c
 create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c

-- 
1.9.5.msysgit.0

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [patch V2 3/3] MdeModulePkg: Add MorLock to variable driver.

2016-01-17 Thread jiewen yao

This patch adds MorLock function to Variable main function.
It also updates corresponding INF file to pass build.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" 
Cc: "Zhang, Chao B" 
Cc: "Zeng, Star" 
---
 .../Universal/Variable/RuntimeDxe/Variable.c   | 60 +-
 .../Variable/RuntimeDxe/VariableRuntimeDxe.inf |  6 ++-
 .../Universal/Variable/RuntimeDxe/VariableSmm.inf  |  6 ++-
 3 files changed, 69 insertions(+), 3 deletions(-)

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c 
b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
index 2dc3038..5e39d44 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
@@ -16,7 +16,7 @@
   VariableServiceSetVariable() should also check authenticate data to avoid 
buffer overflow,
   integer overflow. It should also check attribute to avoid authentication 
bypass.
 
-Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.
+Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.
 (C) Copyright 2015 Hewlett Packard Enterprise Development LP
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD 
License
@@ -112,6 +112,43 @@ SecureBootHook (
   );
 
 /**
+  Initialization for MOR Lock Control.
+
+  @retval EFI_SUCEESS MorLock initialization success.
+  @return Others  Some error occurs.
+**/
+EFI_STATUS
+MorLockInit (
+  VOID
+  );
+
+/**
+  This service is an MOR/MorLock checker handler for the SetVariable().
+
+  @param  VariableName the name of the vendor's variable, as a
+   Null-Terminated Unicode String
+  @param  VendorGuid   Unify identifier for vendor.
+  @param  Attributes   Point to memory location to return the attributes of 
variable. If the point
+   is NULL, the parameter would be ignored.
+  @param  DataSize The size in bytes of Data-Buffer.
+  @param  Data Point to the content of the variable.
+
+  @retval  EFI_SUCCESSThe MOR/MorLock check pass, and Variable 
driver can store the variable data.
+  @retval  EFI_INVALID_PARAMETER  The MOR/MorLock data or data size or 
attributes is not allowed for MOR variable.
+  @retval  EFI_ACCESS_DENIED  The MOR/MorLock is locked.
+  @retval  EFI_ALREADY_STARTEDThe MorLock variable is handled inside this 
function.
+  Variable driver can just return EFI_SUCCESS.
+**/
+EFI_STATUS
+SetVariableCheckHandlerMor (
+  IN CHAR16 *VariableName,
+  IN EFI_GUID   *VendorGuid,
+  IN UINT32 Attributes,
+  IN UINTN  DataSize,
+  IN VOID   *Data
+  );
+
+/**
   Routine used to track statistical information about variable usage.
   The data is stored in the EFI system table so it can be accessed later.
   VariableInfo.efi can dump out the table. Only Boot Services variable
@@ -3192,6 +3229,21 @@ VariableServiceSetVariable (
 }
   }
 
+  //
+  // Special Handling for MOR Lock variable.
+  //
+  Status = SetVariableCheckHandlerMor (VariableName, VendorGuid, Attributes, 
PayloadSize, (VOID *) ((UINTN) Data + DataSize - PayloadSize));
+  if (Status == EFI_ALREADY_STARTED) {
+//
+// EFI_ALREADY_STARTED means the SetVariable() action is handled inside of 
SetVariableCheckHandlerMor().
+// Variable driver can just return SUCCESS.
+//
+return EFI_SUCCESS;
+  }
+  if (EFI_ERROR (Status)) {
+return Status;
+  }
+
   Status = VarCheckLibSetVariableCheck (VariableName, VendorGuid, Attributes, 
PayloadSize, (VOID *) ((UINTN) Data + DataSize - PayloadSize), mRequestSource);
   if (EFI_ERROR (Status)) {
 return Status;
@@ -3966,6 +4018,12 @@ VariableWriteServiceInitialize (
   }
 
   ReleaseLockOnlyAtBootTime 
(>VariableGlobal.VariableServicesLock);
+
+  //
+  // Initialize MOR Lock variable.
+  //
+  MorLockInit ();
+
   return Status;
 }
 
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf 
b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
index 62c1568..da9b8bb 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
@@ -9,7 +9,7 @@
 #  This external input must be validated carefully to avoid security issues 
such as
 #  buffer overflow or integer overflow.
 #
-# Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.
+# Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD 
License
 # which accompanies this distribution. The full text of the license may be 
found at
@@ -42,6 +42,7 @@
   VariableDxe.c
   Variable.h
   Measurement.c
+  TcgMorLockDxe.c
   VarCheck.c
   VariableExLib.c
 
@@ -95,6

[edk2] [patch V2 2/3] MdeModulePkg: Add MorLockDxe to variable driver.

2016-01-17 Thread jiewen yao

Per secure MOR implementation document, it is not
proper to add MOR lock in non-SMM version, because
DXE version can not provide protection.

This patch add standalone TcgMorLockDxe implementation.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" 
Cc: "Zhang, Chao B" 
Cc: "Zeng, Star" 
---
 .../Universal/Variable/RuntimeDxe/TcgMorLockDxe.c  | 89 ++
 1 file changed, 89 insertions(+)
 create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockDxe.c

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockDxe.c 
b/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockDxe.c
new file mode 100644
index 000..501d1a0
--- /dev/null
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockDxe.c
@@ -0,0 +1,89 @@
+/** @file
+  TCG MOR (Memory Overwrite Request) Lock Control support (DXE version).
+
+  This module clears MemoryOverwriteRequestControlLock variable to indicate
+  MOR lock control unsupported.
+
+Copyright (c) 2016, Intel Corporation. All rights reserved.
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD 
License
+which accompanies this distribution.  The full text of the license may be 
found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include "Variable.h"
+
+extern EDKII_VARIABLE_LOCK_PROTOCOL mVariableLock;
+
+/**
+  This service is an MOR/MorLock checker handler for the SetVariable().
+
+  @param  VariableName the name of the vendor's variable, as a
+   Null-Terminated Unicode String
+  @param  VendorGuid   Unify identifier for vendor.
+  @param  Attributes   Point to memory location to return the attributes of 
variable. If the point
+   is NULL, the parameter would be ignored.
+  @param  DataSize The size in bytes of Data-Buffer.
+  @param  Data Point to the content of the variable.
+
+  @retval  EFI_SUCCESSThe MOR/MorLock check pass, and Variable 
driver can store the variable data.
+  @retval  EFI_INVALID_PARAMETER  The MOR/MorLock data or data size or 
attributes is not allowed for MOR variable.
+  @retval  EFI_ACCESS_DENIED  The MOR/MorLock is locked.
+  @retval  EFI_ALREADY_STARTEDThe MorLock variable is handled inside this 
function.
+  Variable driver can just return EFI_SUCCESS.
+**/
+EFI_STATUS
+SetVariableCheckHandlerMor (
+  IN CHAR16 *VariableName,
+  IN EFI_GUID   *VendorGuid,
+  IN UINT32 Attributes,
+  IN UINTN  DataSize,
+  IN VOID   *Data
+  )
+{
+  //
+  // Just let it pass. No need provide protection for DXE version.
+  //
+  return EFI_SUCCESS;
+}
+
+/**
+  Initialization for MOR Lock Control.
+
+  @retval EFI_SUCEESS MorLock initialization success.
+  @return Others  Some error occurs.
+**/
+EFI_STATUS
+MorLockInit (
+  VOID
+  )
+{
+  //
+  // Always clear variable to report unsupported to OS.
+  // The reason is that the DXE version is not proper to provide *protection*.
+  // BIOS should use SMM version variable driver to provide such capability.
+  //
+  VariableServiceSetVariable (
+MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME,
+,
+EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | 
EFI_VARIABLE_RUNTIME_ACCESS,
+0,
+NULL
+);
+
+  //
+  // Need set this variable to be read-only to prevent other module set it.
+  //
+  VariableLockRequestToLock (, 
MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME, 
);
+  return EFI_SUCCESS;
+}
-- 
1.9.5.msysgit.0

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 05/12] MdePkg: Add NOOPT target in MdePkg.dsc

2016-01-17 Thread Hao Wu

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu 
---
 MdePkg/MdePkg.dsc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/MdePkg/MdePkg.dsc b/MdePkg/MdePkg.dsc
index 473df4d..1880b3b 100644
--- a/MdePkg/MdePkg.dsc
+++ b/MdePkg/MdePkg.dsc
@@ -1,7 +1,7 @@
 ## @file
 # EFI/PI MdePkg Package
 #
-# Copyright (c) 2007 - 2015, Intel Corporation. All rights reserved.
+# Copyright (c) 2007 - 2016, Intel Corporation. All rights reserved.
 # Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.
 #
 #This program and the accompanying materials
@@ -21,7 +21,7 @@
   DSC_SPECIFICATION  = 0x00010005
   OUTPUT_DIRECTORY   = Build/Mde
   SUPPORTED_ARCHITECTURES= IA32|IPF|X64|EBC|ARM|AARCH64
-  BUILD_TARGETS  = DEBUG|RELEASE
+  BUILD_TARGETS  = DEBUG|RELEASE|NOOPT
   SKUID_IDENTIFIER   = DEFAULT
 
 [PcdsFeatureFlag]
-- 
1.9.5.msysgit.0

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 00/12] Add NOOPT target in package DSC files

2016-01-17 Thread Hao Wu

Add NOOPT option in BUILD_TARGETS within package DSC files.

Hao Wu (12):
  CryptoPkg: Add NOOPT target in CryptoPkg.dsc
  IntelFrameworkModulePkg: Add NOOPT target in
IntelFrameworkModulePkg.dsc
  IntelFrameworkPkg: Add NOOPT target in IntelFrameworkPkg.dsc
  MdeModulePkg: Add NOOPT target in MdeModulePkg.dsc
  MdePkg: Add NOOPT target in MdePkg.dsc
  NetworkPkg: Add NOOPT target in NetworkPkg.dsc
  PcAtChipsetPkg: Add NOOPT target in PcAtChipsetPkg.dsc
  PerformancePkg: Add NOOPT target in PerformancePkg.dsc
  SecurityPkg: Add NOOPT target in SecurityPkg.dsc
  ShellPkg: Add NOOPT target in ShellPkg.dsc
  SourceLevelDebugPkg: Add NOOPT target in SourceLevelDebugPkg.dsc
  UefiCpuPkg: Add NOOPT target in UefiCpuPkg.dsc

 CryptoPkg/CryptoPkg.dsc | 4 ++--
 IntelFrameworkModulePkg/IntelFrameworkModulePkg.dsc | 4 ++--
 IntelFrameworkPkg/IntelFrameworkPkg.dsc | 4 ++--
 MdeModulePkg/MdeModulePkg.dsc   | 4 ++--
 MdePkg/MdePkg.dsc   | 4 ++--
 NetworkPkg/NetworkPkg.dsc   | 4 ++--
 PcAtChipsetPkg/PcAtChipsetPkg.dsc   | 4 ++--
 PerformancePkg/PerformancePkg.dsc   | 4 ++--
 SecurityPkg/SecurityPkg.dsc | 4 ++--
 ShellPkg/ShellPkg.dsc   | 4 ++--
 SourceLevelDebugPkg/SourceLevelDebugPkg.dsc | 4 ++--
 UefiCpuPkg/UefiCpuPkg.dsc   | 4 ++--
 12 files changed, 24 insertions(+), 24 deletions(-)

-- 
1.9.5.msysgit.0

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 07/12] PcAtChipsetPkg: Add NOOPT target in PcAtChipsetPkg.dsc

2016-01-17 Thread Hao Wu

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu 
---
 PcAtChipsetPkg/PcAtChipsetPkg.dsc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/PcAtChipsetPkg/PcAtChipsetPkg.dsc 
b/PcAtChipsetPkg/PcAtChipsetPkg.dsc
index 152f5f6..71b3a6e 100644
--- a/PcAtChipsetPkg/PcAtChipsetPkg.dsc
+++ b/PcAtChipsetPkg/PcAtChipsetPkg.dsc
@@ -1,7 +1,7 @@
 ## @file
 #  PC/AT Chipset Package
 #
-#  Copyright (c) 2007 - 2014, Intel Corporation. All rights reserved.
+#  Copyright (c) 2007 - 2016, Intel Corporation. All rights reserved.
 #
 #  This program and the accompanying materials
 #  are licensed and made available under the terms and conditions of the BSD 
License
@@ -20,7 +20,7 @@
   DSC_SPECIFICATION  = 0x00010005
   OUTPUT_DIRECTORY   = Build/PcAtChipset
   SUPPORTED_ARCHITECTURES= IA32|X64
-  BUILD_TARGETS  = DEBUG|RELEASE
+  BUILD_TARGETS  = DEBUG|RELEASE|NOOPT
   SKUID_IDENTIFIER   = DEFAULT
 
 [LibraryClasses]
-- 
1.9.5.msysgit.0

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 10/12] ShellPkg: Add NOOPT target in ShellPkg.dsc

2016-01-17 Thread Hao Wu

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu 
---
 ShellPkg/ShellPkg.dsc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ShellPkg/ShellPkg.dsc b/ShellPkg/ShellPkg.dsc
index 7e07cfb..b29adb8 100644
--- a/ShellPkg/ShellPkg.dsc
+++ b/ShellPkg/ShellPkg.dsc
@@ -1,7 +1,7 @@
 ##  @file
 # Shell Package
 #
-# Copyright (c) 2007 - 2015, Intel Corporation. All rights reserved.
+# Copyright (c) 2007 - 2016, Intel Corporation. All rights reserved.
 #
 #This program and the accompanying materials
 #are licensed and made available under the terms and conditions of the BSD 
License
@@ -20,7 +20,7 @@
   DSC_SPECIFICATION  = 0x00010006
   OUTPUT_DIRECTORY   = Build/Shell
   SUPPORTED_ARCHITECTURES= IA32|IPF|X64|EBC|ARM|AARCH64
-  BUILD_TARGETS  = DEBUG|RELEASE
+  BUILD_TARGETS  = DEBUG|RELEASE|NOOPT
   SKUID_IDENTIFIER   = DEFAULT
 
 [LibraryClasses.common]
-- 
1.9.5.msysgit.0

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 06/12] NetworkPkg: Add NOOPT target in NetworkPkg.dsc

2016-01-17 Thread Hao Wu

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu 
---
 NetworkPkg/NetworkPkg.dsc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/NetworkPkg/NetworkPkg.dsc b/NetworkPkg/NetworkPkg.dsc
index 39224f3..0695dc1 100644
--- a/NetworkPkg/NetworkPkg.dsc
+++ b/NetworkPkg/NetworkPkg.dsc
@@ -2,7 +2,7 @@
 # UEFI 2.4 Network Module Package for All Architectures
 #
 # (C) Copyright 2014 Hewlett-Packard Development Company, L.P.
-# Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.
+# Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.
 #
 #This program and the accompanying materials
 #are licensed and made available under the terms and conditions of the BSD 
License
@@ -21,7 +21,7 @@
   DSC_SPECIFICATION  = 0x00010005
   OUTPUT_DIRECTORY   = Build/NetworkPkg
   SUPPORTED_ARCHITECTURES= IA32|IPF|X64|EBC|ARM|AARCH64
-  BUILD_TARGETS  = DEBUG|RELEASE
+  BUILD_TARGETS  = DEBUG|RELEASE|NOOPT
   SKUID_IDENTIFIER   = DEFAULT
 
 [LibraryClasses]
-- 
1.9.5.msysgit.0

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 01/12] CryptoPkg: Add NOOPT target in CryptoPkg.dsc

2016-01-17 Thread Hao Wu

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu 
---
 CryptoPkg/CryptoPkg.dsc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/CryptoPkg/CryptoPkg.dsc b/CryptoPkg/CryptoPkg.dsc
index fdd0431..5ae0e67 100644
--- a/CryptoPkg/CryptoPkg.dsc
+++ b/CryptoPkg/CryptoPkg.dsc
@@ -1,7 +1,7 @@
 ## @file
 #  Cryptographic Library Package for UEFI Security Implementation.
 #
-#  Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.
+#  Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.
 #  This program and the accompanying materials
 #  are licensed and made available under the terms and conditions of the BSD 
License
 #  which accompanies this distribution.  The full text of the license may be 
found at
@@ -24,7 +24,7 @@
   DSC_SPECIFICATION  = 0x00010005
   OUTPUT_DIRECTORY   = Build/CryptoPkg
   SUPPORTED_ARCHITECTURES= IA32|X64|IPF|ARM|AARCH64
-  BUILD_TARGETS  = DEBUG|RELEASE
+  BUILD_TARGETS  = DEBUG|RELEASE|NOOPT
   SKUID_IDENTIFIER   = DEFAULT
 
 

-- 
1.9.5.msysgit.0

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 02/12] IntelFrameworkModulePkg: Add NOOPT target in IntelFrameworkModulePkg.dsc

2016-01-17 Thread Hao Wu

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu 
---
 IntelFrameworkModulePkg/IntelFrameworkModulePkg.dsc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/IntelFrameworkModulePkg/IntelFrameworkModulePkg.dsc 
b/IntelFrameworkModulePkg/IntelFrameworkModulePkg.dsc
index b4adab1..b5b0af7 100644
--- a/IntelFrameworkModulePkg/IntelFrameworkModulePkg.dsc
+++ b/IntelFrameworkModulePkg/IntelFrameworkModulePkg.dsc
@@ -3,7 +3,7 @@
 #
 # This file is used to build all modules in IntelFrameworkModulePkg.
 #
-#Copyright (c) 2007 - 2015, Intel Corporation. All rights reserved.
+#Copyright (c) 2007 - 2016, Intel Corporation. All rights reserved.
 #This program and the accompanying materials are licensed and made available 
under 
 #the terms and conditions of the BSD License that accompanies this 
distribution.  
 #The full text of the license may be found at
@@ -26,7 +26,7 @@
   DSC_SPECIFICATION  = 0x00010005
   OUTPUT_DIRECTORY   = Build/IntelFrameworkModuleAll
   SUPPORTED_ARCHITECTURES= IA32|IPF|X64|EBC|ARM
-  BUILD_TARGETS  = DEBUG|RELEASE
+  BUILD_TARGETS  = DEBUG|RELEASE|NOOPT
   SKUID_IDENTIFIER   = DEFAULT
 
 

-- 
1.9.5.msysgit.0

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] This text was added by using code

2016-01-17 Thread Yao, Jiewen

Yes.
I also take Star's feedback to separate DXE version from SMM version.
V2 patch will be sent soon.

Thank you
Yao Jiewen

-Original Message-
From: Ni, Ruiyu 
Sent: Monday, January 18, 2016 10:27 AM
To: Yao, Jiewen; edk2-de...@ml01.01.org
Cc: Yao, Jiewen; Zeng, Star; Zhang, Chao B
Subject: This text was added by using code

Jiewen,
Could you please remove the "EFIAPI" for SetVariableCheckHandlerMor()?

Regards,
Ray


-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of jiewen 
yao
Sent: Friday, January 15, 2016 2:24 PM
To: edk2-de...@ml01.01.org
Cc: Yao, Jiewen ; Zeng, Star ; 
Zhang, Chao B 
Subject: [edk2] [patch 2/2] MdeModulePkg: Include MorLock check into variable 
driver.

Microsoft published secure MOR implementation at 
https://msdn.microsoft.com/en-us/library/windows/hardware/mt270973(v=vs.85).aspx
with revision 2 update. See URL for tech detail.
Previous revision 1 is handled in SecurityPkg\Tcg\ 
MemoryOverwriteRequestControlLock.
But the VarCheck API can not satisfy revision 2 requirement.
So we decide include MOR lock control into variable driver directly.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" 
Cc: "Zhang, Chao B" 
Cc: "Zeng, Star" 
---
 .../Universal/Variable/RuntimeDxe/TcgMorLock.c | 404 +
 .../Universal/Variable/RuntimeDxe/Variable.c   |  60 +++
 .../Variable/RuntimeDxe/VariableRuntimeDxe.inf |   4 +
 .../Universal/Variable/RuntimeDxe/VariableSmm.inf  |   4 +
 4 files changed, 472 insertions(+)
 create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLock.c

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLock.c 
b/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLock.c
new file mode 100644
index 000..087e85a
--- /dev/null
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLock.c
@@ -0,0 +1,404 @@
+/** @file
+  TCG MOR (Memory Overwrite Request) Lock Control support.
+
+  This module initilizes MemoryOverwriteRequestControlLock variable.
+  This module adds Variable Hook and check MemoryOverwriteRequestControlLock.
+
+Copyright (c) 2016, Intel Corporation. All rights reserved. This 
+program and the accompanying materials are licensed and made available 
+under the terms and conditions of the BSD License which accompanies 
+this distribution.  The full text of the license may be found at 
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, 
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include 
+#include  #include 
+
+#include 
+#include 
+#include 
+#include "Variable.h"
+
+typedef struct {
+  CHAR16 *VariableName;
+  EFI_GUID   *VendorGuid;
+} VARIABLE_TYPE;
+
+VARIABLE_TYPE  mMorVariableType[] = {
+  {MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,  
},
+  {MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME,  
+},
+};
+
+#define MOR_LOCK_DATA_UNLOCKED   0x0
+#define MOR_LOCK_DATA_LOCKED_WITHOUT_KEY 0x1
+#define MOR_LOCK_DATA_LOCKED_WITH_KEY0x2
+
+#define MOR_LOCK_V1_SIZE  1
+#define MOR_LOCK_V2_KEY_SIZE  8
+
+typedef enum {
+  MorLockStateUnlocked = 0,
+  MorLockStateLocked = 1,
+} MOR_LOCK_STATE;
+
+UINT8   mMorLockKey[MOR_LOCK_V2_KEY_SIZE];
+BOOLEAN mMorLockKeyEmpty = TRUE;
+BOOLEAN mMorLockPassThru = FALSE;
+MOR_LOCK_STATE  mMorLockState = MorLockStateUnlocked;
+
+/**
+  Returns if this is MOR related variable.
+
+  @param  VariableName the name of the vendor's variable, it's a 
Null-Terminated Unicode String
+  @param  VendorGuid   Unify identifier for vendor.
+
+  @retval  TRUEThe variable is MOR related.
+  @retval  FALSE   The variable is NOT MOR related.
+**/
+BOOLEAN
+IsAnyMorVariable (
+  IN CHAR16 *VariableName,
+  IN EFI_GUID   *VendorGuid
+  )
+{
+  UINTN   Index;
+
+  for (Index = 0; Index < 
sizeof(mMorVariableType)/sizeof(mMorVariableType[0]); Index++) {
+if ((StrCmp (VariableName, mMorVariableType[Index].VariableName) == 0) && 
+(CompareGuid (VendorGuid, mMorVariableType[Index].VendorGuid))) {
+  return TRUE;
+}
+  }
+  return FALSE;
+}
+
+/**
+  Returns if this is MOR lock variable.
+
+  @param  VariableName the name of the vendor's variable, it's a 
Null-Terminated Unicode String
+  @param  VendorGuid   Unify identifier for vendor.
+
+  @retval  TRUEThe variable is MOR lock variable.
+  @retval  FALSE   The variable is NOT MOR lock variable.
+**/
+BOOLEAN
+IsMorLockVariable (
+  IN CHAR16 *VariableName,
+  IN EFI_GUID   *VendorGuid
+  )
+{
+  if ((StrCmp (VariableName,

Re: [edk2] [patch V2 0/3] Add MorLock to variable driver

2016-01-17 Thread Yao, Jiewen

Comments below:

-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Zeng, 
Star
Sent: Monday, January 18, 2016 3:23 PM
To: Yao, Jiewen; edk2-de...@ml01.01.org
Subject: Re: [edk2] [patch V2 0/3] Add MorLock to variable driver

On 2016/1/18 14:51, jiewen yao wrote:
> Microsoft published secure MOR implementation at 
> https://msdn.microsoft.com/en-us/library/windows/hardware/mt270973(v=v
> s.85).aspx
> with revision 2 update.
> This series patches add MOR lock revision 2 to variable driver.
>
> jiewen yao (3):
>MdeModulePkg: Add MorLockSmm to variable driver.
>MdeModulePkg: Add MorLockDxe to variable driver.
>MdeModulePkg: Add MorLock to variable driver.
>
>   .../Universal/Variable/RuntimeDxe/TcgMorLockDxe.c  |  89 +
>   .../Universal/Variable/RuntimeDxe/TcgMorLockSmm.c  | 394 
> +
>   .../Universal/Variable/RuntimeDxe/Variable.c   |  60 +++-
>   .../Variable/RuntimeDxe/VariableRuntimeDxe.inf |   6 +-
>   .../Universal/Variable/RuntimeDxe/VariableSmm.inf  |   6 +-
>   5 files changed, 552 insertions(+), 3 deletions(-)
>   create mode 100644 
> MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockDxe.c
>   create mode 100644 
> MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c
>

Reviewed-by: Star Zeng 

Only minor comments below

1. About the inf changes in [[patch V2 3/3].

+  gEfiMemoryOverwriteControlDataGuid## PRODUCES   ## 
Variable:L"MemoryOverwriteRequestControl"

should be CONSUMES?
[Jiewen] Yes, good catch. I will update it when I check in.

+  gEfiMemoryOverwriteRequestControlLockGuid ## CONSUMES   ## 
Variable:L"MemoryOverwriteRequestControlLock"
+

should be PRODUCES?
[Jiewen] Yes, good catch. I will update it when I check in.

2. Should SecurityPkg\Tcg\MemoryOverwriteRequestControlLock be removed or 
indicated to be deprecated or commented with more information to say it only 
supports MOR lock revision 1?
[Jiewen] Yes, good idea. I will send another patch to indicate it is deprecated.


Thanks,
Star



___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [patch V2 2/3] MdeModulePkg: Add MorLockDxe to variable driver.

2016-01-17 Thread Zhang, Chao B

Jiewen:
  The patch is good to me. Reviewed-by: Chao Zhang 





Thanks & Best regards
Chao Zhang


-Original Message-
From: Yao, Jiewen 
Sent: Monday, January 18, 2016 2:52 PM
To: edk2-de...@ml01.01.org
Cc: Yao, Jiewen; Zhang, Chao B; Zeng, Star
Subject: [patch V2 2/3] MdeModulePkg: Add MorLockDxe to variable driver.

Per secure MOR implementation document, it is not proper to add MOR lock in 
non-SMM version, because DXE version can not provide protection.

This patch add standalone TcgMorLockDxe implementation.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" 
Cc: "Zhang, Chao B" 
Cc: "Zeng, Star" 
---
 .../Universal/Variable/RuntimeDxe/TcgMorLockDxe.c  | 89 ++
 1 file changed, 89 insertions(+)
 create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockDxe.c

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockDxe.c 
b/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockDxe.c
new file mode 100644
index 000..501d1a0
--- /dev/null
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockDxe.c
@@ -0,0 +1,89 @@
+/** @file
+  TCG MOR (Memory Overwrite Request) Lock Control support (DXE version).
+
+  This module clears MemoryOverwriteRequestControlLock variable to 
+ indicate  MOR lock control unsupported.
+
+Copyright (c) 2016, Intel Corporation. All rights reserved. This 
+program and the accompanying materials are licensed and made available 
+under the terms and conditions of the BSD License which accompanies 
+this distribution.  The full text of the license may be found at 
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, 
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include 
+#include  #include 
+
+#include 
+#include 
+#include 
+#include "Variable.h"
+
+extern EDKII_VARIABLE_LOCK_PROTOCOL mVariableLock;
+
+/**
+  This service is an MOR/MorLock checker handler for the SetVariable().
+
+  @param  VariableName the name of the vendor's variable, as a
+   Null-Terminated Unicode String
+  @param  VendorGuid   Unify identifier for vendor.
+  @param  Attributes   Point to memory location to return the attributes of 
variable. If the point
+   is NULL, the parameter would be ignored.
+  @param  DataSize The size in bytes of Data-Buffer.
+  @param  Data Point to the content of the variable.
+
+  @retval  EFI_SUCCESSThe MOR/MorLock check pass, and Variable 
driver can store the variable data.
+  @retval  EFI_INVALID_PARAMETER  The MOR/MorLock data or data size or 
attributes is not allowed for MOR variable.
+  @retval  EFI_ACCESS_DENIED  The MOR/MorLock is locked.
+  @retval  EFI_ALREADY_STARTEDThe MorLock variable is handled inside this 
function.
+  Variable driver can just return EFI_SUCCESS.
+**/
+EFI_STATUS
+SetVariableCheckHandlerMor (
+  IN CHAR16 *VariableName,
+  IN EFI_GUID   *VendorGuid,
+  IN UINT32 Attributes,
+  IN UINTN  DataSize,
+  IN VOID   *Data
+  )
+{
+  //
+  // Just let it pass. No need provide protection for DXE version.
+  //
+  return EFI_SUCCESS;
+}
+
+/**
+  Initialization for MOR Lock Control.
+
+  @retval EFI_SUCEESS MorLock initialization success.
+  @return Others  Some error occurs.
+**/
+EFI_STATUS
+MorLockInit (
+  VOID
+  )
+{
+  //
+  // Always clear variable to report unsupported to OS.
+  // The reason is that the DXE version is not proper to provide *protection*.
+  // BIOS should use SMM version variable driver to provide such capability.
+  //
+  VariableServiceSetVariable (
+MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME,
+,
+EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | 
EFI_VARIABLE_RUNTIME_ACCESS,
+0,
+NULL
+);
+
+  //
+  // Need set this variable to be read-only to prevent other module set it.
+  //
+  VariableLockRequestToLock (, 
+MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME, 
+);
+  return EFI_SUCCESS;
+}
--
1.9.5.msysgit.0

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [Patch 0/2] Fix IpSec SPD and SAD mapping issue when SPD updated

2016-01-17 Thread Fu, Siyuan

The patch is good to me.

Reviewed-by: Fu Siyuan 

-Original Message-
From: Wu, Jiaxin 
Sent: Monday, January 11, 2016 4:44 PM
To: edk2-devel@lists.01.org
Cc: Ye, Ting ; Fu, Siyuan 
Subject: [Patch 0/2] Fix IpSec SPD and SAD mapping issue when SPD updated

The serial patches are used to fix the IpSec SPD and SAD mapping issue when SPD 
updated by IPSecConfig tool. The problem is divided into two
parts: One is SPD SetData policy, and the other is edit policy which mainly 
triggered by IPSecConfig tool.

Cc: Ye Ting 
Cc: Fu Siyuan 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu 

Jiaxin Wu (2):
  NetworkPkg: Fix IpSec SPD and SAD mapping issue when SPD is updated
  NetworkPkg: Fix SPD entry edit policy issue in IPSecConfig.

 .../Application/IpsecConfig/PolicyEntryOperation.c | 41 ++---
 NetworkPkg/IpSecDxe/IpSecConfigImpl.c  | 68 +++---
 2 files changed, 64 insertions(+), 45 deletions(-)

--
1.9.5.msysgit.1

___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] This text was added by using code

2016-01-17 Thread Ni, Ruiyu

Jiewen,
Could you please remove the "EFIAPI" for SetVariableCheckHandlerMor()?

Regards,
Ray


-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of jiewen 
yao
Sent: Friday, January 15, 2016 2:24 PM
To: edk2-de...@ml01.01.org
Cc: Yao, Jiewen ; Zeng, Star ; 
Zhang, Chao B 
Subject: [edk2] [patch 2/2] MdeModulePkg: Include MorLock check into variable 
driver.

Microsoft published secure MOR implementation at
https://msdn.microsoft.com/en-us/library/windows/hardware/mt270973(v=vs.85).aspx
with revision 2 update. See URL for tech detail.
Previous revision 1 is handled in SecurityPkg\Tcg\
MemoryOverwriteRequestControlLock.
But the VarCheck API can not satisfy revision 2 requirement.
So we decide include MOR lock control into variable driver
directly.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" 
Cc: "Zhang, Chao B" 
Cc: "Zeng, Star" 
---
 .../Universal/Variable/RuntimeDxe/TcgMorLock.c | 404 +
 .../Universal/Variable/RuntimeDxe/Variable.c   |  60 +++
 .../Variable/RuntimeDxe/VariableRuntimeDxe.inf |   4 +
 .../Universal/Variable/RuntimeDxe/VariableSmm.inf  |   4 +
 4 files changed, 472 insertions(+)
 create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLock.c

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLock.c 
b/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLock.c
new file mode 100644
index 000..087e85a
--- /dev/null
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLock.c
@@ -0,0 +1,404 @@
+/** @file
+  TCG MOR (Memory Overwrite Request) Lock Control support.
+
+  This module initilizes MemoryOverwriteRequestControlLock variable.
+  This module adds Variable Hook and check MemoryOverwriteRequestControlLock.
+
+Copyright (c) 2016, Intel Corporation. All rights reserved.
+This program and the accompanying materials 
+are licensed and made available under the terms and conditions of the BSD 
License 
+which accompanies this distribution.  The full text of the license may be 
found at 
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, 
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include "Variable.h"
+
+typedef struct {
+  CHAR16 *VariableName;
+  EFI_GUID   *VendorGuid;
+} VARIABLE_TYPE;
+
+VARIABLE_TYPE  mMorVariableType[] = {
+  {MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,  
},
+  {MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME,  
},
+};
+
+#define MOR_LOCK_DATA_UNLOCKED   0x0
+#define MOR_LOCK_DATA_LOCKED_WITHOUT_KEY 0x1
+#define MOR_LOCK_DATA_LOCKED_WITH_KEY0x2
+
+#define MOR_LOCK_V1_SIZE  1
+#define MOR_LOCK_V2_KEY_SIZE  8
+
+typedef enum {
+  MorLockStateUnlocked = 0,
+  MorLockStateLocked = 1,
+} MOR_LOCK_STATE;
+
+UINT8   mMorLockKey[MOR_LOCK_V2_KEY_SIZE];
+BOOLEAN mMorLockKeyEmpty = TRUE;
+BOOLEAN mMorLockPassThru = FALSE;
+MOR_LOCK_STATE  mMorLockState = MorLockStateUnlocked;
+
+/**
+  Returns if this is MOR related variable.
+
+  @param  VariableName the name of the vendor's variable, it's a 
Null-Terminated Unicode String
+  @param  VendorGuid   Unify identifier for vendor.
+
+  @retval  TRUEThe variable is MOR related.
+  @retval  FALSE   The variable is NOT MOR related.
+**/
+BOOLEAN
+IsAnyMorVariable (
+  IN CHAR16 *VariableName,
+  IN EFI_GUID   *VendorGuid
+  )
+{
+  UINTN   Index;
+
+  for (Index = 0; Index < 
sizeof(mMorVariableType)/sizeof(mMorVariableType[0]); Index++) {
+if ((StrCmp (VariableName, mMorVariableType[Index].VariableName) == 0) && 
+(CompareGuid (VendorGuid, mMorVariableType[Index].VendorGuid))) {
+  return TRUE;
+}
+  }
+  return FALSE;
+}
+
+/**
+  Returns if this is MOR lock variable.
+
+  @param  VariableName the name of the vendor's variable, it's a 
Null-Terminated Unicode String
+  @param  VendorGuid   Unify identifier for vendor.
+
+  @retval  TRUEThe variable is MOR lock variable.
+  @retval  FALSE   The variable is NOT MOR lock variable.
+**/
+BOOLEAN
+IsMorLockVariable (
+  IN CHAR16 *VariableName,
+  IN EFI_GUID   *VendorGuid
+  )
+{
+  if ((StrCmp (VariableName, MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME) == 0) 
&& 
+  (CompareGuid (VendorGuid, ))) {
+return TRUE;
+  }
+  return FALSE;
+}
+
+/**
+  Set MOR lock variable.
+
+  @param  Data MOR Lock variable data.
+
+  @retval  EFI_SUCCESSThe firmware has successfully stored the 
variable and its data as
+  defined by

[edk2] [PATCH 1/2] PerformancePkg Dp_App: Use Image->FilePath to get name for SMM drivers

[edk2] [PATCH 0/2] DP: Use Image->FilePath to get name for SMM drivers

[edk2] [Patch] BaseTools: process the files by the priority in BUILDRULEORDER

[edk2] [patch] SecurityPkg: Mark MorLock module deprecated.

Re: [edk2] [PATCH 10/12] ShellPkg: Add NOOPT target in ShellPkg.dsc

Re: [edk2] [patch] SecurityPkg: Mark MorLock module deprecated.

Re: [edk2] [patch] SecurityPkg: Mark MorLock module deprecated.

[edk2] [PATCH 09/12] SecurityPkg: Add NOOPT target in SecurityPkg.dsc

[edk2] [PATCH 11/12] SourceLevelDebugPkg: Add NOOPT target in SourceLevelDebugPkg.dsc

[edk2] [PATCH 12/12] UefiCpuPkg: Add NOOPT target in UefiCpuPkg.dsc

[edk2] [PATCH 08/12] PerformancePkg: Add NOOPT target in PerformancePkg.dsc

[edk2] [patch V2 1/3] MdeModulePkg: Add MorLockSmm to variable driver.

[edk2] [patch V2 0/3] Add MorLock to variable driver

[edk2] [patch V2 3/3] MdeModulePkg: Add MorLock to variable driver.

[edk2] [patch V2 2/3] MdeModulePkg: Add MorLockDxe to variable driver.

[edk2] [PATCH 05/12] MdePkg: Add NOOPT target in MdePkg.dsc

[edk2] [PATCH 00/12] Add NOOPT target in package DSC files

[edk2] [PATCH 07/12] PcAtChipsetPkg: Add NOOPT target in PcAtChipsetPkg.dsc

[edk2] [PATCH 10/12] ShellPkg: Add NOOPT target in ShellPkg.dsc

[edk2] [PATCH 06/12] NetworkPkg: Add NOOPT target in NetworkPkg.dsc

[edk2] [PATCH 01/12] CryptoPkg: Add NOOPT target in CryptoPkg.dsc

[edk2] [PATCH 02/12] IntelFrameworkModulePkg: Add NOOPT target in IntelFrameworkModulePkg.dsc

Re: [edk2] This text was added by using code

Re: [edk2] [patch V2 0/3] Add MorLock to variable driver

Re: [edk2] [patch V2 2/3] MdeModulePkg: Add MorLockDxe to variable driver.

Re: [edk2] [Patch 0/2] Fix IpSec SPD and SAD mapping issue when SPD updated

[edk2] This text was added by using code

27 matches

Site Navigation

Mail list logo

Footer information