Hi Naveen,
According to the table you shared (defined in RFC 3720), it seems when TSIH is
ZERO, the target should not fail the login with "session does not exist".
+--+
|new | zero| any| instantiate a
Reviewed-by: jiewen@intel.com
> -Original Message-
> From: Ni, Ruiyu
> Sent: Monday, February 27, 2017 3:23 PM
> To: edk2-devel@lists.01.org
> Cc: Yao, Jiewen
> Subject: [PATCH v2 10/11] SignedCapsulePkg/IniParsingLib: Use AsciiStrToGuid
> in
> BaseLib
>
>
Reviewed-by: jiewen@intel.com
> -Original Message-
> From: Ni, Ruiyu
> Sent: Monday, February 27, 2017 3:23 PM
> To: edk2-devel@lists.01.org
> Cc: Yao, Jiewen
> Subject: [PATCH v2 03/11] SignedCapsulePkg/IniParsing: Rename StrToGuid to
> avoid link failure
>
>
Reviewed-by: jiewen@intel.com
> -Original Message-
> From: Ni, Ruiyu
> Sent: Monday, February 27, 2017 3:23 PM
> To: edk2-devel@lists.01.org
> Cc: Yao, Jiewen
> Subject: [PATCH v2 07/11] MdeModulePkg/CapsuleApp: Use StrToGuid in BaseLib
>
> Contributed-under:
Leo,
I just saw your patch removed SetCacheability() also. I will drop my patch in
https://www.mail-archive.com/edk2-devel@lists.01.org/msg22944.html :-)
Thanks!
Jeff
-Original Message-
From: Leo Duran [mailto:leo.du...@amd.com]
Sent: Monday, February 27, 2017 1:43 AM
To:
From: chen881220
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chen A Chen
Cc: Jaben Carsey
---
.../UefiShellBcfgCommandLib.c | 352 -
Reviewed-by: Jeff Fan
-Original Message-
From: Wu, Hao A
Sent: Tuesday, February 21, 2017 7:35 PM
To: edk2-devel@lists.01.org
Cc: Wu, Hao A; Yao, Jiewen; Fan, Jeff
Subject: [PATCH 1/7] IntelFrameworkModulePkg: Replace
[Ascii|Unicode]ValueToString
It is the follow
Reviewed-by: Jeff Fan
-Original Message-
From: Wu, Hao A
Sent: Saturday, February 25, 2017 1:13 PM
To: edk2-devel@lists.01.org
Cc: Wu, Hao A; Fan, Jeff
Subject: [PATCH v3 12/12] UefiCpuPkg: Refine casting expression result to
bigger size
There are cases that the
Reviewed-by: Jeff Fan
-Original Message-
From: Wu, Hao A
Sent: Saturday, February 25, 2017 1:13 PM
To: edk2-devel@lists.01.org
Cc: Wu, Hao A; Fan, Jeff
Subject: [PATCH v3 11/12] SourceLevelDebugPkg: Refine casting expression result
to bigger size
There are cases
Reviewed-by: Ruiyu Ni
Thanks/Ray
> -Original Message-
> From: Wu, Hao A
> Sent: Saturday, February 25, 2017 1:13 PM
> To: edk2-devel@lists.01.org
> Cc: Wu, Hao A ; Ni, Ruiyu
> Subject: [PATCH v3 08/12] PcAtChipsetPkg: Refine
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni
Cc: Jiewen Yao
---
.../Library/IniParsingLib/IniParsingLib.c | 146 +
1 file changed, 3 insertions(+), 143 deletions(-)
diff --git
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni
Cc: Jaben Carsey
---
.../Library/UefiShellDebug1CommandsLib/DmpStore.c | 7 +-
.../Library/UefiShellDebug1CommandsLib/SetVar.c| 12 +--
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni
Cc: Siyuan Fu
---
MdeModulePkg/Include/Library/NetLib.h | 5 +-
MdeModulePkg/Library/DxeNetLib/DxeNetLib.c | 382 +++--
2 files changed, 32
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni
Cc: Jiewen Yao
---
MdeModulePkg/Application/CapsuleApp/AppSupport.c | 140 +--
MdeModulePkg/Application/CapsuleApp/CapsuleApp.c | 27 +
2 files
Since the following patch needs to add API converting string
to IP address in BaseLib, define the IP address as base types
in Base.h.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni
Cc: Liming Gao
---
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni
Cc: Jiewen Yao
---
.../SecureBootConfigDxe/SecureBootConfigImpl.c | 12 +-
.../SecureBootConfigDxe/SecureBootConfigImpl.h | 22 +---
Update UefiDevicePathLib to use StrToGuid/StrHexToBytes
/StrToIpv4Address/StrToIpv6Address provided by BaseLib.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni
Cc: Liming Gao
---
Since the next patch will add StrToGuid in BaseLib, renaming the
internal function StrToGuid to DevicePathLibStrToGuid to avoid
link failure.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni
Cc: Liming Gao
---
The patch set adds StrToGuid/StrHexToBytes/StrToIPv4Address
/StrToIPv6Address and the accordingly ASCII versioins to BaseLib.
It also changes all existing consumers to use the new APIs.
v2: Return UNSUPPORTED for cases when the string is malformatted.
Update consumer code to use RETURN_STATUS
Since the next patch will add AsciiStrToGuid in BaseLib, renaming
the internal function AsciiStrToGuid to IniAsciiStrToGuid to avoid
link failure.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni
Cc: Jiewen Yao
---
The patch adds 4 APIs to convert ASCII string to GUID, bytes
buffer, IP v4 address and IP v6 address.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni
Cc: Liming Gao
Cc: Jiewen Yao
Cc: Siyuan Fu
The patch adds 4 APIs to convert Unicode string to GUID, bytes
buffer, IP v4 address and IP v6 address.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni
Cc: Liming Gao
Cc: Jiewen Yao
Cc: Siyuan Fu
v2:
Re-generate the patch after the new OpensslLibCrypto instance.
OpenSSL 1.0.2k was released with several severity fixes at
26-Jan-2017 (https://www.openssl.org/news/secadv/20170126.txt).
This patch is to upgrade the supported OpenSSL version in
CryptoPkg/OpensslLib to catch the latest release
Reviewed-by: Ruiyu Ni
Thanks/Ray
> -Original Message-
> From: Bi, Dandan
> Sent: Monday, February 27, 2017 3:15 PM
> To: edk2-devel@lists.01.org
> Cc: Dong, Eric ; Ni, Ruiyu ; Zeng,
> Star
> Subject:
Reviewed-by: Ruiyu Ni
Thanks/Ray
> -Original Message-
> From: Wu, Hao A
> Sent: Saturday, February 25, 2017 12:05 PM
> To: edk2-devel@lists.01.org
> Cc: Wu, Hao A ; Carsey, Jaben
> ; Ni, Ruiyu
>
Use the API EfiBootManagerDeleteLoadOptionVariable in UefiBootManagerLib to
replace the same logic in function Var_DelBootOption/Var_DelDriverOption.
This can make code clean and prevent potential bugs.
https://bugzilla.tianocore.org/show_bug.cgi?id=391
Cc: Eric Dong
Cc:
Thanks/Ray
> -Original Message-
> From: Wu, Hao A
> Sent: Monday, February 27, 2017 1:59 PM
> To: Ni, Ruiyu ; edk2-devel@lists.01.org
> Cc: Carsey, Jaben
> Subject: RE: [PATCH v3 6/6] ShellPkg: Refine type cast for pointer subtraction
>
> >
Reviewed-by: Jeff Fan
-Original Message-
From: Wu, Hao A
Sent: Saturday, February 25, 2017 1:12 PM
To: edk2-devel@lists.01.org
Cc: Wu, Hao A; Fan, Jeff
Subject: [PATCH v3 04/12] IntelFrameworkModulePkg: Refine casting expression
result to bigger size
There are
Reviewed-by: Jeff Fan
-Original Message-
From: Wu, Hao A
Sent: Saturday, February 25, 2017 12:05 PM
To: edk2-devel@lists.01.org
Cc: Wu, Hao A; Fan, Jeff
Subject: [PATCH v3 3/6] IntelFrameworkModulePkg: Refine type cast for pointer
subtraction
For pointer
CoreAllocatePoolPages() could not be updated simply by adding
CoreAcquireMemoryLock() and CoreReleaseMemoryLock(), it is also used by
AllocateMemoryMapEntry() with the lock locked.
Thanks,
Star
-Original Message-
From: Gao, Liming
Sent: Monday, February 27, 2017 2:43 PM
To: Ard
Ard:
I have minor comment. GetPermissionAttributeForMemoryType() function header
comment doesn't match its definition, and IsInSmm() has no function header.
Thanks
Liming
>-Original Message-
>From: Ard Biesheuvel [mailto:ard.biesheu...@linaro.org]
>Sent: Monday, February 27, 2017 2:30
Reviewed-by: Feng Tian
Thanks
Feng
-Original Message-
From: Fan, Jeff
Sent: Monday, February 27, 2017 1:31 PM
To: edk2-devel@lists.01.org
Cc: Leo Duran ; Tian, Feng ; Kinney,
Michael D
Subject:
Ard:
I agree to separate lock for pool allocations. I suggest you update
CoreAllocatePoolPages() and CoreFreePoolPages() implementation by adding
CoreAcquireMemoryLock() and CoreReleaseMemoryLock(). If so, you don't need to
introduce new CoreAllocatePoolPagesI () and CoreFreePoolPagesI ().
Ard:
In line 128, there is another AllocatePages() to allocate memory to store
the code. To be consistent, could you help also update it?
Thanks
Liming
>-Original Message-
>From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Ard
>Biesheuvel
>Sent: Monday,
Series Reviewed-by: Hegde, Nagaraj P
Series Tested-by: Hegde, Nagaraj P
-Original Message-
From: Jiaxin Wu [mailto:jiaxin...@intel.com]
Sent: Thursday, February 23, 2017 11:01 AM
To: edk2-devel@lists.01.org
Cc: Hegde, Nagaraj P
Thanks Rebecca. I tried to apply your patch but failed with the below errors,
could you update and send the patch again?
.git/rebase-apply/patch:16: trailing whitespace.
# INDEX
.git/rebase-apply/patch:17: trailing whitespace.
.git/rebase-apply/patch:26: trailing whitespace.
> -Original Message-
> From: Ni, Ruiyu
> Sent: Monday, February 27, 2017 1:10 PM
> To: Wu, Hao A; edk2-devel@lists.01.org
> Cc: Carsey, Jaben
> Subject: RE: [PATCH v3 6/6] ShellPkg: Refine type cast for pointer subtraction
>
>
>
> Thanks/Ray
>
> > -Original Message-
> > From:
Reviewed-by: Zhang Chao
-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Zhang
Lubo
Sent: Wednesday, February 22, 2017 5:01 PM
To: edk2-devel@lists.01.org
Cc: Yao, Jiewen ; Zhang, Chao B
No one uses the internal function SetCacheability().
https://bugzilla.tianocore.org/show_bug.cgi?id=400
This updating is suggested by Leo' comments at
https://www.mail-archive.com/edk2-devel@lists.01.org/msg22634.html
Cc: Leo Duran
Cc: Feng Tian
Cc:
Thanks Ard.
I found V3 5/6 has typo below:
+
gEfiMdeModulePkgTokenSpaceGuid.PcdDxeMemoryProtectionPolicy|0x000|UINT64|0x1048
It should be PcdDxeNxMemoryProtectionPolicy. Or I got build failure.
With above typo update, all series reviewed-by:
Thanks/Ray
> -Original Message-
> From: Wu, Hao A
> Sent: Saturday, February 25, 2017 12:05 PM
> To: edk2-devel@lists.01.org
> Cc: Wu, Hao A ; Carsey, Jaben
> ; Ni, Ruiyu
> Subject: [PATCH v3 6/6] ShellPkg: Refine type
Reviewed-by: Ruiyu Ni
Thanks/Ray
> -Original Message-
> From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of
> Hao Wu
> Sent: Saturday, February 25, 2017 1:12 PM
> To: edk2-devel@lists.01.org
> Cc: Wu, Hao A ; Ni, Ruiyu
Hi,
64
I created a Duet usb stick using a precompiled package that prepared the
usb drive as a 'UDK_X64' path. I then copied a precompiled bootx64.efi file
into the boot folder and even though that works wanted to compile my own
version of shellx64.efi using VS2013x86 building it as release X64
The formatting of ReadMe.MD on GitHub wasn't very nice, with steps
running into one another. This change reformats the text to use
GitHub Flavored Markdown.
It also simplifies a few of the steps, for example combining the
git clone and rename into a single command.
Cc: David Wei
Reviewed-by: Ruiyu Ni
Thanks/Ray
> -Original Message-
> From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of
> Laszlo Ersek
> Sent: Friday, February 24, 2017 7:02 PM
> To: edk2-devel-01
> Cc: Ni, Ruiyu ;
Reviewed-by: Qin Long
> -Original Message-
> From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of
> Hao Wu
> Sent: Saturday, February 25, 2017 12:05 PM
> To: edk2-devel@lists.01.org
> Cc: Wu, Hao A; Ye, Ting; Long, Qin
> Subject: [edk2] [PATCH v3
Reviewed-by: Ruiyu Ni
Thanks/Ray
> -Original Message-
> From: Wu, Hao A
> Sent: Saturday, February 25, 2017 1:13 PM
> To: edk2-devel@lists.01.org
> Cc: Wu, Hao A ; Carsey, Jaben
> ; Ni, Ruiyu
> Subject:
Yes. Some platform sets memory allocation HOB. It makes sense. So, I remove
ASSERT() from the code.
-Original Message-
From: Laszlo Ersek [mailto:ler...@redhat.com]
Sent: Friday, February 24, 2017 5:44 PM
To: Fan, Jeff; edk2-de...@ml01.01.org
Cc: Zeng, Star; Tian, Feng; Kinney, Michael
Reviewed-by: Wu Jiaxin
Thanks,
Jiaxin
> -Original Message-
> From: Wu, Hao A
> Sent: Saturday, February 25, 2017 1:13 PM
> To: edk2-devel@lists.01.org
> Cc: Wu, Hao A ; Fu, Siyuan ;
> Wu, Jiaxin
>
We saw you defined 4K/2M/1G in previous patch series,
#define PAGING_4K_ADDRESS_MASK_64 0x000FF000ull
#define PAGING_2M_ADDRESS_MASK_64 0x000FFFE0ull
#define PAGING_1G_ADDRESS_MASK_64 0x000FC000ull
But only 1G mask is defined and used in this patch series, is that on
Minor comment: CoreFreePoolPagesI() has no need to have PoolType parameter, how
about to remove it?
Thanks,
Star
-Original Message-
From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Ard
Biesheuvel
Sent: Monday, February 27, 2017 2:30 AM
To: edk2-devel@lists.01.org;
Reviewed-by: Star Zeng
-Original Message-
From: Wu, Hao A
Sent: Monday, February 27, 2017 9:39 AM
To: edk2-devel@lists.01.org
Cc: Wu, Hao A ; Zeng, Star
Subject: [PATCH 0/2] Dp: Add check to avoid NULL pointer dereference
Cc: Star Zeng
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu
---
ShellPkg/Library/UefiDpLib/Dp.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ShellPkg/Library/UefiDpLib/Dp.c
Cc: Star Zeng
Hao Wu (2):
PerformancePkg/Dp_App: Add check to avoid NULL pointer dereference
ShellPkg/UefiDpLib: Add check to avoid NULL pointer dereference
PerformancePkg/Dp_App/Dp.c | 2 +-
ShellPkg/Library/UefiDpLib/Dp.c | 2 +-
2 files changed, 2
Cc: Star Zeng
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu
---
PerformancePkg/Dp_App/Dp.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/PerformancePkg/Dp_App/Dp.c b/PerformancePkg/Dp_App/Dp.c
index
Reviewed-by: jiewen@intel.com
> -Original Message-
> From: Wu, Hao A
> Sent: Tuesday, February 21, 2017 7:36 PM
> To: edk2-devel@lists.01.org
> Cc: Wu, Hao A ; Yao, Jiewen
> Subject: [PATCH 4/7] SignedCapsulePkg: Replace
Reviewed-by: Wu Jiaxin
> -Original Message-
> From: Laszlo Ersek [mailto:ler...@redhat.com]
> Sent: Friday, February 24, 2017 7:01 PM
> To: edk2-devel-01
> Cc: Ard Biesheuvel ; Gary Lin ;
> Wu,
Reviewed-by: Wu Jiaxin
Thanks,
Jiaxin
> -Original Message-
> From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of
> Laszlo Ersek
> Sent: Friday, February 24, 2017 7:02 PM
> To: edk2-devel-01
> Cc: Ni, Ruiyu
On 26 February 2017 at 18:30, Ard Biesheuvel wrote:
> In preparation of adding memory permission attribute management to
> the pool allocator, split off the locking of the pool metadata into
> a separate lock. This is an improvement in itself, given that pool
>
Define a new fixed/patchable PCD that sets the DXE memory protection
policy: its primary use is to define which memory types should have
their executable permissions removed. Combined with the image protection
policy, this can be used to implement a strict W^X policy, i.e.. a policy
where no
Ensure that any memory allocated for PE/COFF images is identifiable as
a boot services code region, so that we know it requires its executable
permissions to be preserved when we tighten mapping permissions later on.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard
This implements a DXE memory protection policy that ensure that regions
that don't require executable permissions are mapped with the non-exec
attribute set.
First of all, it iterates over all entries in the UEFI memory map, and
removes executable permissions according to the configured DXE
The EBC driver emits thunks for native to EBC calls, which are short
instructions sequences that bridge the gap between the native execution
environment and the EBC virtual machine.
Since these thunks are allocated using MemoryAllocationLib::AllocatePool(),
they are emitted into
To prevent the initial MMU->GCD memory space map synchronization from
stripping permissions attributes [which we cannot use in the GCD memory
space map, unfortunately], implement the same approach as x86, and ignore
SetMemoryAttributes() calls during the time SyncCacheConfig() is in
progress. This
Hello all,
This is a proof of concept implementation that removes all executable
permissions from writable memory regions, which greatly enhances security.
It is based on Jiewen's recent work, which is a step in the right direction,
but still leaves most of memory exploitable due to the default
In preparation of adding memory permission attribute management to
the pool allocator, split off the locking of the pool metadata into
a separate lock. This is an improvement in itself, given that pool
allocation can only interfere with the page allocation bookkeeping
if pool pages are allocated
This PCD holds the address mask for page table entries when memory
encryption is enabled on AMD processors supporting the Secure Encrypted
Virtualization (SEV) feature.
The mask is applied when 4GB tables are created (UefiCapsule.c), and when
the tables are expanded on-demand by page-faults above
This PCD holds the address mask for page table entries when memory
encryption is enabled on AMD processors supporting the Secure Encrypted
Virtualization (SEV) feature.
Cc: Feng Tian
Cc: Star Zeng
Cc: Laszlo Ersek
Contributed-under:
This PCD holds the address mask for page table entries when memory
encryption is enabled on AMD processors supporting the Secure Encrypted
Virtualization (SEV) feature.
The mask is applied when page tables are created (S3Resume.c).
CC: Jeff Fan
Cc: Feng Tian
This PCD holds the address mask for page table entries when memory
encryption is enabled on AMD processors supporting the Secure Encrypted
Virtualization (SEV) feature.
The mask is applied when creating page tables.
Cc: Feng Tian
Cc: Star Zeng
Cc:
This new PCD holds the address mask for page table entries when memory
encryption is enabled on AMD processors supporting the Secure Encrypted
Virtualization (SEV) feature.
This mask is be applied when creating or modifying page-table entries.
For example, the OvmfPkg would set the PCD when
This PCD holds the address mask for page table entries when memory
encryption is enabled on AMD processors supporting the Secure Encrypted
Virtualization (SEV) feature.
The mask is applied when page tables entriees are created or modified.
CC: Jeff Fan
Cc: Feng Tian
This PCD holds the address mask for page table entries when memory
encryption is enabled on AMD processors supporting the Secure Encrypted
Virtualization (SEV) feature.
This module updates the under-4GB page tables configured by the S3-Resume
code in UefiCpuPkg/Universal/Acpi/S3Resume2Pei. The
On 25 February 2017 at 04:04, Yao, Jiewen wrote:
> Thank you Ard. I like this patch - simple and obvious.
>
Thank you
> I put all my comment together for your consideration.
>
> 1) Patch V2 1/5 -- reviewed-by: jiewen@intel.com
> 2) Patch V2 2/5 - reviewed-by:
On 25 February 2017 at 04:04, Yao, Jiewen wrote:
> Hi Ard
> I agree with you on this enhancement.
>
> I prefer to adding the description as comment in the code, so that people
> can get clear picture when he/she reads the code.
>
> //
> // Instead of assuming that a PE/COFF
75 matches
Mail list logo