Confirmed by Long, Qin mailto:qin.l...@intel.com>>
(And sorry for this rule breaking caused by me. I didn't notice this updates.)
Best Regards & Thanks,
LONG, Qin
From: Gao, Liming
Sent: Thursday, December 13, 2018 9:15 PM
To: Laszlo Ersek ; Ye, Ting ; Long, Qin
Cc: edk2-dev
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Long Qin
---
.../Library/BaseCryptLib/SysCall/RuntimeMemAllocation.c| 14 +-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/RuntimeMemAllocation.c
b/CryptoPkg
Thanks, Laszlo.
From: Laszlo Ersek [mailto:ler...@redhat.com]
Sent: Thursday, October 25, 2018 12:59 AM
To: Long, Qin ; edk2-devel@lists.01.org
Cc: Ye, Ting
Subject: Re: [edk2] [PATCH] CryptoPkg/BaseCryptLib: Fix potential integer
overflow issue.
On 10/24/18 15:22, Long Qin wrote:
>
to add the extra parameter checks to remove this possible
overflow risk.
Cc: Ye Ting
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Long Qin
---
.../Library/BaseCryptLib/SysCall/RuntimeMemAllocation.c| 14 +-
1 file changed, 13 insertions(+), 1 deletion
uma
--> Oniguruma-v6.8.2
And use update command to init and sync-up all submodules:
$ git submodule update --init --recursive
(Will update the README for more clear information later . Thanks)
Best Regards & Thanks,
LONG, Qin
From: Leif Lindholm [mailto:leif.lindh...@linaro.org]
Sent
Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
> -Original Message-
> From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of
> Stephano Cetola
> Sent: Tuesday, September 4, 2018 10:51 AM
> To: edk2-devel@lists.01.org
> Cc: Long, Qin
>
Chao, Please change the lowercase letters in the new GUID to uppercase letters
when committing this.
Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
> -Original Message-
> From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Zhang,
> Chao B
>
Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
> -Original Message-
> From: Zhang, Chao B
> Sent: Friday, July 27, 2018 11:21 AM
> To: edk2-devel@lists.01.org
> Cc: Long, Qin ; Zhang, Chao B
>
> Subject: [Patch] SecurityPkg: HashLib: Add SHA384, SHA51
Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
> -Original Message-
> From: Zhang, Chao B
> Sent: Thursday, July 19, 2018 6:00 PM
> To: edk2-devel@lists.01.org
> Cc: Long, Qin ; Yao, Jiewen ;
> Zhang, Chao B
> Subject: [Patch] SecurityPkg: TcgSmm: Ha
Reviewed-by: Long Qin
(BTW: Please remove the extra "Signed-off-by" signature)
Best Regards & Thanks,
LONG, Qin
> -Original Message-
> From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of
> Zhang, Chao B
> Sent: Monday, July 16, 2018 3:21 PM
Series Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
> -Original Message-
> From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of
> Zhang, Chao B
> Sent: Monday, June 25, 2018 12:44 PM
> To: edk2-devel@lists.01.org
> Subject: [edk
Reviewed-by: Long Qin
Please correct the typos:
+ @retval EFI_SUCCESS DTPM2.0 instance is registered, or system dose not
surpport registr DTPM2.0 instance
;Include/Protocol" folder;
4. Remove "[Protocols]" section from CryptoPkg.dec;
5. Remove whole "Library/BaseCryptLibRuntimeCryptProtocol" folder;
Best Regards & Thanks,
LONG, Qin
> -Original Message-
> From: Chen, Chen A
> Sent: Wedne
Hi, Chao,
The update from NULL to real wrapper looks good to me.
Please also update the "Note" part in this INF's comment before your commit,
since SHA384/512 was noted as "not supported" before.
Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
> -
Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
> -Original Message-
> From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of
> Zhang, Chao B
> Sent: Monday, May 28, 2018 10:10 PM
> To: edk2-devel@lists.01.org
> Cc: Yao, Jiewen ; Long,
Cc: Michael Turner
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Long Qin
---
CryptoPkg/Include/Library/BaseCryptLib.h | 4 +-
CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 53 ++-
CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c | 4
Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
> -Original Message-
> From: Zhang, Chao B
> Sent: Sunday, May 20, 2018 10:42 PM
> To: edk2-devel@lists.01.org
> Cc: Yao, Jiewen ; Long, Qin
> Subject: [Patch] SecurityPkg:Tcg2Smm: Update TcgNvs info after
; > +Subproject commit d4e4bd2a8163f355fa8a3884077eaec7adc75ff7
>
> This hunk should not be necessary; please see edk2 commit b85b20fba42e
> ("CryptoPkg/OpensslLib: Update OpenSSL version to 1.1.0h", 2018-04-15).
>
> (I'll let the SecurityPkg maintainers r
It's OK for me to add this NULL wrapper.
Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: Laszlo Ersek [mailto:ler...@redhat.com]
Sent: Tuesday, May 8, 2018 4:21 AM
To: edk2-devel-01
Cc: Long, Qin ; Ye, Ting
Subject: [PATCH] CryptoPkg/CrtL
Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Jiaxin Wu
Sent: Friday, May 4, 2018 11:53 AM
To: edk2-devel@lists.01.org
Cc: Ye, Ting ; Bi, Dandan ; Fu, Siyuan
; Wu, Jiaxin ; Long,
data?
The data initialization from code snippet looks good. What's the returned
errcode value? (And one reminder is that KEK and DB are binding with different
vendor GUID: gEfiGlobalVariableGuid, and gEfiImageSecurityDatabaseGuid).
Best Regards & Thanks,
LONG, Qin
From: edk2-devel [mai
Yes, this was not refreshed at last upgrade. And I agree it's better to remove
this statement.
Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: Laszlo Ersek [mailto:ler...@redhat.com]
Sent: Thursday, April 26, 2018 1:58 AM
To: edk2-devel-01
Thanks, Laszlo!
Pushed these two fixes with updates by the commits:
a701ea0fe1d5178eb4fd2659d83461751cb9e7c9
b85b20fba42e25ff658ed1a470250d530c189027
Best Regards & Thanks,
LONG, Qin
From: Laszlo Ersek [mailto:ler...@redhat.com]
Sent: Saturday, April 14, 2018 4:08 AM
To: Long, Qin ; Ye,
Ah, "it's wrong here" means "the existence of "--remote" in original suggested
command is wrong".
"It's important" looks also make sense to address the "update" goal. I can
update that, if old message will cause confusion.
Best
Hi, Laszlo,
The updated patch series looks good to me.
Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: Laszlo Ersek [mailto:ler...@redhat.com]
Sent: Wednesday, April 11, 2018 6:43 PM
To: edk2-devel@lists.01.org
Cc: Ard Biesheuvel ; Gary Ching-Pang
Hi, Laszlo,
You are right. "--remote" is really incorrect here.
And thanks you so much to point out this.
Best Regards & Thanks,
LONG, Qin
-Original Message-----
From: Long, Qin
Sent: Wednesday, April 11, 2018 4:39 PM
To: 'Laszlo Ersek' ; Ye, Ting
Cc: edk2-devel@
sitory.
use the following commend to make your existing submodule track this
update:
$ git submodule update -–recursive
Cc: Laszlo Ersek
Cc: Ye Ting
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Long Qin
---
CryptoPkg/Library/OpensslLib/openssl | 2 +-
1 file changed, 1
entation issue here.
Cc: Laszlo Ersek
Cc: Ye Ting
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Long Qin
---
CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.
Updating the supported OpenSSL version to 1.1.0h release.
Additional patch is to address / fix one HOWTO documentation issue
about submodule update command which used the wrong "--remote" option.
(Thanks Laszlo's catch).
Long Qin (2):
CryptoPkg/OpensslLib: Fix the documentation
Thank you so much about this clarification, Laszlo.
The submodule maintenance (commands for update / sync) looks a little confused
to me.
Let me check more locally before the V2.
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: Laszlo Ersek [mailto:ler...@redhat.com]
Agreement 1.0
Signed-off-by: Long Qin
---
CryptoPkg/Library/OpensslLib/openssl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/CryptoPkg/Library/OpensslLib/openssl
b/CryptoPkg/Library/OpensslLib/openssl
index b2758a2292..d4e4bd2a81 16
--- a/CryptoPkg/Library/OpensslLib/ope
& IETF-RFCs & EDKII-openssl build
options.
Best Regards & Thanks,
LONG, Qin
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Laszlo
Ersek
Sent: Tuesday, April 10, 2018 5:48 PM
To: Wu, Jiaxin ; edk2-devel-01
Cc: Ard Biesheuvel ; Ye, Ting ;
Justen, Jordan L ;
Thanks, Laszlo.
In fact, these implementation optimizations are good to me. ☺
On 04/10/18 12:02, Laszlo Ersek wrote:
> On 04/10/18 09:40, Long, Qin wrote:
>> #0005, #0006, #0007, #0012, #0013:
>> These implementation looks good to me.
>> But some of upda
enabled, and then added into this table.
#0005, #0006, #0007, #0012, #0013:
These implementation looks good to me.
But some of updates were based on the assumption of #0008-0009. I have
no strong opinion
if some original light implementation are good enough currently.
Best
Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: Gao, Liming
Sent: Tuesday, March 27, 2018 8:59 PM
To: edk2-devel@lists.01.org
Cc: Zhu, Yonghong ; Long, Qin
Subject: [Patch] BaseTools: Update Rsa2048Sha256Sign to use openssl dgst option
Contrib
This ("sha1 -sha256") looks a little odd.
Could we try "openssl dgst -sha256 "?
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Zhu,
Yonghong
Sent: Tuesday, March 27, 2018 3:56 P
Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Zhang,
Chao B
Sent: Tuesday, March 20, 2018 11:12 PM
To: edk2-devel@lists.01.org
Cc: Yao, Jiewen ; Zhang, Chao B ;
Long, Qin
Subject: [
Hi, Chao,
One minor suggestion to add the comment to explain the following value "8": the
number of digests in list is not greater than 8 per TPML_DIGEST definition.
+ if (PcrValues->count > 8) {
+return EFI_DEVICE_ERROR;
+ }
Other looks good to me.
Reviewed-by:
).
I am not sure if current OS will enforce any periodical update. Currently, UEFI
is just distributing the revocation list file to address possible security
risks (http://www.uefi.org/revocationlistfile).
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: edk2-devel [mailto:edk
Could you update the AsciiStrLen usage with safe version, or direct "sizeof()"?
Others looks good to me.
Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: Zhang, Chao B
Sent: Monday, February 5, 2018 10:32 AM
To: edk2-devel@lists.01.org
responding certificate revocation case, the UEFI introduced the
DBX database (forbidden list) to address this.
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Bryan
Rosario
Sent: Tuesday, February 6, 2018 5:
Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: Zhang, Chao B
Sent: Tuesday, January 30, 2018 9:17 AM
To: edk2-devel@lists.01.org
Cc: Yao, Jiewen ; Long, Qin ; Zhang,
Chao B
Subject: [PATCH] SecurityPkg: Disable TPM interrupt in DEC
Disable
Reviewed-by: Qin Long
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: Zhang, Chao B
Sent: Monday, January 22, 2018 10:11 PM
To: edk2-devel@lists.01.org
Cc: Long, Qin ; Zhang, Chao B
Subject: [PATCH] SecurityPkg: Update package version to 0.98
Update package versio
Update package version of CryptoPkg to 0.98.
Cc: Ting Ye
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/CryptoPkg.dec | 4 ++--
CryptoPkg/CryptoPkg.dsc | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/CryptoPkg/CryptoPkg.dec
Yes, and the function comment were already there.
-Original Message-
From: Ni, Ruiyu
Sent: Friday, January 19, 2018 3:16 PM
To: Zeng, Star ; Long, Qin ;
edk2-devel@lists.01.org
Cc: Ye, Ting ; Zeng, Star
Subject: RE: [PATCH] CryptoPkg/BaseCryptLib: Add error handling for time
It's legal to continue the calculation about the seconds elapsed since
1970.01.01 00:00:00.
-Original Message-
From: Zeng, Star
Sent: Friday, January 19, 2018 3:10 PM
To: Long, Qin ; edk2-devel@lists.01.org
Cc: Ye, Ting ; Zeng, Star
Subject: RE: [PATCH] CryptoPkg/BaseCryptLib
In time() wrapper implementation, the gRT->GetTime() call may be not
available. This patch adds the extra error handling to avoid the
potential dead loop.
Cc: Star Zeng
Cc: Ting Ye
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/Library/BaseCryptLi
Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: Heyi Guo [mailto:heyi@linaro.org]
Sent: Tuesday, January 16, 2018 4:02 PM
To: edk2-devel@lists.01.org
Cc: Heyi Guo ; Long, Qin ; Ye, Ting
; Ard Biesheuvel
Subject: [PATCH] CryptoPkg/Openss
A submodule allows to keep another Git repository in a subdirectory
of main repository. The submodule repository has its own history, which
does not interfere with the history of the current repository. This can
be used to have external dependencies such as third party libraries.
After the extra p
Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Zhang,
Chao B
Sent: Monday, January 15, 2018 3:29 PM
To: edk2-devel@lists.01.org
Cc: Yao, Jiewen ; Zhang, Chao B ;
Long, Qin
Sub
Chao,
Could you leverage the EFI type instead of C type here for consistence?
We can use "INT32" type for Asn1Tag and ObjClass, and one "UINTN" Length should
be OK with one extra zeroing here.
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: Zha
ution Agreement 1.1
Signed-off-by: Long Qin
---
CryptoPkg/Library/OpensslLib/OpensslLib.inf | 2 +-
CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
b/CryptoPkg/Library/O
This makes sense to me.
Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: Ard Biesheuvel [mailto:ard.biesheu...@linaro.org]
Sent: Wednesday, December 27, 2017 5:27 PM
To: edk2-devel@lists.01.org; Long, Qin ; Ye, Ting
Cc: Ard Biesheuvel
Subject: [P
Thanks, Ard.
Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Ard
Biesheuvel
Sent: Wednesday, December 27, 2017 4:05 PM
To: edk2-devel@lists.01.org; Long, Qin ; Ye, Ting
Cc:
Hi, Ard,
Could you kindly help to produce one extra patch to fix and validate this ARM &
AARCH64 build? Thanks.
Best Regards & Thanks,
LONG, Qin
From: Ard Biesheuvel [mailto:ard.biesheu...@linaro.org]
Sent: Wednesday, December 27, 2017 3:25 AM
To: Ye, Ting
Cc: Long, Qin ; edk2-dev
BZ#: https://bugzilla.tianocore.org/show_bug.cgi?id=820
Remove the RngTest application from SecurityPkg, which was only for
unit test.
Cc: Chao Zhang
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Long Qin
---
SecurityPkg/Application/RngTest/RngTest.c| 234
flag to suppress this warning,
since we have no real printf usage in BaseCryptLib, and BIO_printf()
was already wrappered as the dummy implementation in CryptoPkg.
Cc: Ye Ting
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Long Qin
---
CryptoPkg/Library/Openssl
Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: Wu, Jiaxin
Sent: Thursday, December 21, 2017 1:17 PM
To: edk2-devel@lists.01.org
Cc: Ye, Ting ; Long, Qin ; Fu, Siyuan
; Wu, Jiaxin
Subject: [Patch] CryptoPkg/TlsLib: Add some parameter check
Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Zhang,
Chao B
Sent: Tuesday, December 12, 2017 3:41 PM
To: edk2-devel@lists.01.org
Cc: Yao, Jiewen ; Zhang, Chao B ;
Long, Qin
Sub
dData, you need to
strip-off some bytes.
See more discussion & clarifications from
https://bugzilla.tianocore.org/show_bug.cgi?id=586
And share us the binary data for more analysis if you still have verification
issues.
Best Regards & Thanks,
LONG, Qin
-Original Message
Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: Zhang, Chao B
Sent: Monday, December 11, 2017 9:34 AM
To: edk2-devel@lists.01.org
Cc: Long, Qin ; Yao, Jiewen ; Zhang,
Chao B
Subject: [PATCH] SecurityPkg:Tcg2Smm: Add MSFT copyright
Add MSFT copyr
Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Zhang,
Chao B
Sent: Friday, December 8, 2017 8:45 AM
To: edk2-devel@lists.01.org
Cc: Yao, Jiewen ; Zhang, Chao B ;
Long, Qin
Sub
Reviewed-by: Long Qin
(Thanks, Gary.
I cannot recall why we used "char" instead of "int" here. Obviously, the
prototype of CRT memset should use "int").
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: Gary Lin [mailto:g...@suse.com]
Sen
Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: Wu, Jiaxin
Sent: Friday, November 17, 2017 11:57 AM
To: edk2-devel@lists.01.org
Cc: Ye, Ting ; Long, Qin ; Fu, Siyuan
; Wu, Jiaxin
Subject: [Patch] CryptoPkg/TlsLib: Change the return typ
Reviewed-by: Long Qin
One minor comment: please leave one space before the structure name:
+} EFI_CERT_DATA;
and
+} EFI_CERT_STACK;
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: Chen, Chen A
Sent: Tuesday, November 7, 2017 9:05 AM
To: edk2-devel@lists.01.org
Cc:
Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of chenc2
Sent: Tuesday, November 7, 2017 9:05 AM
To: edk2-devel@lists.01.org
Cc: Zhang, Chao B ; Long, Qin
Subject: [edk2] [PATCH
Reviewed-by: Long Qin
-Original Message-
From: Zhang, Chao B
Sent: Tuesday, October 31, 2017 2:35 PM
To: edk2-devel@lists.01.org
Cc: Long, Qin ; Zeng, Star ; Zhang,
Chao B
Subject: [PATCH 3/3] MdeModulePkg: Deprecate
EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS
Mark
Reviewed-by: Long Qin
-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Zhang,
Chao B
Sent: Tuesday, October 31, 2017 2:35 PM
To: edk2-devel@lists.01.org
Cc: Zhang, Chao B ; Zeng, Star ;
Long, Qin
Subject: [edk2] [PATCH 2/3] MdePkg: Deprecate
Reviewed-by: Long Qin
-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Zhang,
Chao B
Sent: Tuesday, October 31, 2017 2:35 PM
To: edk2-devel@lists.01.org
Cc: Zhang, Chao B ; Zeng, Star ;
Long, Qin
Subject: [edk2] [PATCH 1/3] SecurityPkg: Remove
There is one long-standing problem in CRT realloc wrapper, which will
cause the obvious buffer overflow issue when re-allocating one bigger
memory block:
void *realloc (void *ptr, size_t size)
{
//
// BUG: hardcode OldSize == size! We have no any knowledge about
// memory
The malloc/free (instead of AllocatePool/FreePool) were used directly
in some wrapper implementations, which was designed to leverage the
light-weight memory management routines at Runtime phase.
The malloc/free and AllocatePool/FreePool usages are required to be
matched, after extra memory size in
patch series is to fix this buffer overflow issue by introducing
one extra header to record the memory buffer size information.
And extra comments were also added to clarify the memory release routines
if the caller is required to free the memory block outside the function.
Long Qin (2):
CryptoPkg
Thanks, Jian. It's great to pass the validation.
And exactly, the null data checking was missed. I will re-produce the V2 patch.
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: Wang, Jian J
Sent: Wednesday, November 1, 2017 3:28 PM
To: Long, Qin ; edk2-devel@lists.
introducing
one extra header to record the memory buffer size information.
And extra comments were also added to clarify the memory release routines
if the caller is required to free the memory block outside the function.
Long Qin (2):
CryptoPkg/BaseCryptLib: Fix buffer overflow issue in realloc wrapper
There is one long-standing problem in CRT realloc wrapper, which will
cause the obvious buffer overflow issue when re-allocating one bigger
memory block:
void *realloc (void *ptr, size_t size)
{
//
// BUG: hardcode OldSize == size! We have no any knowledge about
// memory
The malloc/free (instead of AllocatePool/FreePool) were used directly
in some wrapper implementations, which was designed to leverage the
light-weight memory management routines at Runtime phase.
The malloc/free and AllocatePool/FreePool usages are required to be
matched, after extra memory size in
The patch was already push @b5a985ca9237b551618cd97b1b71af2fff55e209
I forgot to inform that. Thanks, Laszlo.
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Laszlo
Ersek
Sent: Tuesday, October 24, 2017 3:5
This looks good to me.
Reviewed-by: Long Qin qin.l...@intel.com<mailto:qin.l...@intel.com>
Best Regards & Thanks,
LONG, Qin
From: Peter Jones [mailto:pjo...@redhat.com]
Sent: Saturday, October 21, 2017 2:22 AM
To: Laszlo Ersek
Cc: edk2-devel@lists.01.org; Shi, Steven ; Long, Qin
Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: Wu, Jiaxin
Sent: Thursday, October 19, 2017 1:58 PM
To: edk2-devel@lists.01.org
Cc: Long, Qin ; Ye, Ting ; Fu, Siyuan
; Wu, Jiaxin
Subject: [Patch] NetworkPkg/TlsAuthConfigDxe: Remove the extra Free
Agree. It's better to use CHAR8 directly.
From: Gary Lin [mailto:g...@suse.com]
Sent: Tuesday, October 17, 2017 10:10 AM
To: Zhang, Chao B
Cc: edk2-devel@lists.01.org; Long, Qin
Subject: Re: [edk2] [PATCH] SecurityPkg:AuthVariableLib:Fix GCC build error
On Mon, Oct 16, 2017 at 10:08
Thanks, Chao.
The suggested change looks too neutral against this problem. I still prefer to
keep the original language, which was also cited from the description of this
spec ECR document.
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: Zhang, Chao B
Sent: Monday, Oct
Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: Zhang, Chao B
Sent: Friday, October 13, 2017 3:26 PM
To: edk2-devel@lists.01.org
Cc: Long, Qin ; Yao, Jiewen ;
sean.bro...@microsoft.com; Zhang, Chao B
Subject: [PATCH V2] SecurityPkg\Tcg2Pei: FV mea
Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: Zhang, Chao B
Sent: Thursday, October 12, 2017 5:14 PM
To: edk2-devel@lists.01.org
Cc: Long, Qin ; Chen, Chen A ;
Zhang, Chao B
Subject: [PATCH] SecurityPkg:AuthVariableLib:Implement ECR1707 for Pri
Add the comments to address security problems in the Pkcs7Verify Protocol
per UEFI 2.7 updates.
The Pkcs7Verifier function VerifySignature() has problematic use cases
where it might be used to unwittingly bypass security checks. The specific
problem is that if the supplied hash is a different alg
Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: Zhang, Chao B
Sent: Monday, October 9, 2017 4:50 PM
To: edk2-devel@lists.01.org
Cc: Long, Qin ; Yao, Jiewen ;
sean.bro...@microsoft.com; Zhang, Chao B
Subject: [PATCH] SecurityPkg\Tcg2Pei: FV mea
The patch looks good to me.
Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
From: Yao, Jiewen
Sent: Tuesday, October 10, 2017 9:47 PM
To: Laszlo Ersek ; Long, Qin
Cc: Brijesh Singh ; edk2-devel@lists.01.org; Justen,
Jordan L ; Tom Lendacky ;
Zhang, Chao B
Subject: RE: [edk2] [P
Yes, they are legacy version with old style alignment.
It's first try to address this return status change in this new API. We may
update some APIs depending on requirement and impacts evaluations later.
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: Zhang, Cha
From: Laszlo Ersek [mailto:ler...@redhat.com]
Sent: Thursday, September 21, 2017 12:38 AM
To: Long, Qin ; Ye, Ting ; Zhang, Chao B
Cc: edk2-devel@lists.01.org
Subject: Re: [PATCH v2] CryptoPkg: Add new API to retrieve commonName of X.509
certificate
Hello Qin,
On 09/20/17 18:05, Qin Long
h per your suggestion.
Thanks for raising this.
Best Regards & Thanks,
LONG, Qin
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Laszlo
Ersek
Sent: Wednesday, September 20, 2017 8:09 PM
To: Long, Qin ; Ye, Ting ; Zhang, Chao B
Cc: edk2-devel@lists.01.org
Subject: Re:
Thanks, Chao.
Cryptest just simply use the hard-coded test vectors for API usage
demonstration. So 64 is big enough for the given test X.509 data.
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: Zhang, Chao B
Sent: Wednesday, September 20, 2017 2:57 PM
To: Long, Qin
Add one new API (X509GetCommonName()) to retrieve the subject commonName
string from one X.509 certificate.
Cc: Ting Ye
Cc: Chao Zhang
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/Application/Cryptest/RsaVerify2.c| 17
CryptoPkg/Inc
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=680
Adding ARM and AARCH64 to SUPPORTED_ARCHITECTURES in SecurityPkg.dsc
to enable RngTest module build, since this is one platform-independent
application.
Cc: Chao Zhang
Cc: Laszlo Ersek
Contributed-under: TianoCore Contribution Agreement 1.
Reviewed-by: Long Qin
-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Jiaxin Wu
Sent: Monday, July 31, 2017 1:41 PM
To: edk2-devel@lists.01.org
Cc: Ye, Ting ; Wu, Jiaxin ; Long, Qin
Subject: [edk2] [Patch 1/2] CryptoPkg/TlsLib: Remove the
Sean,
Thank you for the comments.
And for the submodule maintenance, do you have any BKMs (e.g. alias setting,
any scripts for synchronous clone/pull...) for sharing?
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: Sean Brogan [mailto:sean.bro...@microsoft.com]
is change? Any impacts? ...). Thanks.
Best Regards & Thanks,
LONG, Qin
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
Reviewed-by: Long Qin
Best Regards & Thanks,
LONG, Qin
-Original Message-
From: Ard Biesheuvel [mailto:ard.biesheu...@linaro.org]
Sent: Saturday, July 15, 2017 1:19 AM
To: edk2-devel@lists.01.org; Long, Qin
Cc: Ye, Ting ; leif.lindh...@linaro.org; ler...@redhat.com;
Ard Bieshe
Add more NULL pointer checks before using them in DhGenerateKey and
Pkcs7GetCertificatesList functions to eliminate possible dereferenced
pointer issue.
Cc: Ting Ye
Cc: Hao Wu
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/Library/BaseCryptLib/Pk/
Reviewed-by: Qin Long
> -Original Message-
> From: Zhang, Chao B
> Sent: Thursday, May 11, 2017 1:15 PM
> To: edk2-devel@lists.01.org
> Cc: Long, Qin; Yao, Jiewen; Zhang, Chao B
> Subject: [PATCH] SecurityPkg: Add TCG Spec info to TCG related modules
>
> Add TCG
Reviewed-by: Qin Long
> -Original Message-
> From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of
> Zhang, Chao B
> Sent: Friday, May 05, 2017 1:20 PM
> To: edk2-devel@lists.01.org
> Cc: Zhang, Chao B; Long, Qin
> Subject: [edk2] [PATCH] Securi
Update package version of CryptoPkg to 0.97.
Cc: Ting Ye
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long
---
CryptoPkg/CryptoPkg.dec | 2 +-
CryptoPkg/CryptoPkg.dsc | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/CryptoPkg/CryptoPkg.dec b
1 - 100 of 248 matches
Mail list logo
