On Tue, May 26, 2015 at 07:15:11PM -0700, Neeraj Ladkani wrote:
> Hi All,
>
> Is there any open source project which has tftp client for UEFI? I am
> looking for a simple UEFI application which connects to tftp server and
> download the file.
>
The netboot part of shim can be an example of the tf
On Mon, Jun 22, 2015 at 02:24:55PM -0400, Peter Jones wrote:
> On Sat, Jun 20, 2015 at 03:01:17PM +0200, Ard Biesheuvel wrote:
>
> > I wonder what is going on here. My AArch64 boot tests work fine with
> > these patches applied, but they don't use shim. (They do use GRUB as
> > an intermediate loa
On Tue, Jun 23, 2015 at 10:07:36AM +0200, Laszlo Ersek wrote:
> On 06/23/15 04:25, Gary Ching-Pang Lin wrote:
> > On Mon, Jun 22, 2015 at 02:24:55PM -0400, Peter Jones wrote:
> >> On Sat, Jun 20, 2015 at 03:01:17PM +0200, Ard Biesheuvel wrote:
> >>
> >>> I w
data() was missed in this
> > updated patch file.
> > It's cool. Thanks for catching this.
> >
> >
> > Best Regards & Thanks,
> > LONG, Qin
> >
> > -----Original Message-
> > From: Ard Biesheuvel [mailto:ard.biesheu...@linaro
On Wed, Jul 01, 2015 at 10:23:44AM +0800, Qiu Shumin wrote:
> In order to indicate the catena length use StrnCatS instead of StrCatS to
> generate Destination string, and update the DestMax of Destination string.
>
I just found the latest OVMF crashed when loading the shell, and this patch
works
verification.
(*) The critical commit in openssl is da084a5ec6cebd67ae27f2463ebe4a50bb840fa5
https://git.openssl.org/?p=openssl.git;a=commit;h=da084a5ec6cebd67ae27f2463ebe4a50bb840fa5
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Ching-Pang Lin
---
CryptoPkg/Library
On Fri, Jul 03, 2015 at 11:37:22AM +0800, Gary Ching-Pang Lin wrote:
> After updating openssl from 0.9.8zf to 1.0.2c(*), all images with the depth
> zero self-signed certificates were rejected since X509_verify_cert() issued
> this error: X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT. This commi
SE:Factory/shim?arch=x86_64&repository=standard
and unpack the rpm with 'unrpm shim-*.rpm'. The signed EFI files will
be in 'usr/lib64/efi/' and the certificate of the sign key is
'usr/lib64/efi/shim-devel.der'.
Thanks,
Gary Lin
>
> Best Regards & Thanks,
> caused by some inaccuracy when converting certificate format (e.g. PEM <->
> DER).
>
All those conversions were done by openssl or nss. I'll check the image
signing and verification process to find more clues.
Thanks,
Gary Lin
>
> Best Regards & Thanks,
> L
just revealed a fault
in our certs.
Sorry for the noise.
Gary Lin
>
> Best Regards & Thanks,
> LONG, Qin
>
> -Original Message-
> From: Gary Ching-Pang Lin [mailto:g...@suse.com]
> Sent: Friday, July 3, 2015 4:40 PM
> To: edk2-devel@lists.sourceforge.net
>
On Wed, Oct 01, 2014 at 12:47:17PM +0200, Laszlo Ersek wrote:
> The patch messages say it all.
>
> Laszlo Ersek (2):
> OvmfPkg: disable stale fork of SecureBootConfigDxe
> OvmfPkg: SecureBootConfigDxe: remove stale fork
>
Thank you for pushing the patch.
Tested-by: Gary Lin
Gary Lin
> ..
function was introduced in ae97201c to support
PXEv6 cross subnet. I wrote a patch to allow the route table check fail and
it works for me.
Cheers,
Gary Lin
>From d6c2266eaa09ca47ad2644b74afb4eab45ad32a0 Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin
Date: Wed, 17 Dec 2014 15:37:40 +0800
Include the IPv6 drivers to enable the PXE6 support.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Lin
---
OvmfPkg/OvmfPkgIa32.dsc| 12 +++-
OvmfPkg/OvmfPkgIa32.fdf| 11 ++-
OvmfPkg/OvmfPkgIa32X64.dsc | 12 +++-
OvmfPkg/OvmfPkgIa32X64
On Thu, Dec 18, 2014 at 09:09:39AM +0100, Laszlo Ersek wrote:
> comments below
>
> On 12/18/14 08:11, Gary Ching-Pang Lin wrote:
> > Include the IPv6 drivers to enable the PXE6 support.
> >
> > Contributed-under: TianoCore Contribution Agreement 1.0
On Thu, Dec 18, 2014 at 11:20:49AM +0100, Laszlo Ersek wrote:
> On 12/18/14 10:38, Gary Ching-Pang Lin wrote:
>
> > NetworkPkg/IScsiDxe is a bit different. It requires BaseCryptLib while
> > the one in MdeModulePkg doesn't need the library, so a few more changes
> >
There are several network stack drivers in MdeModulePkg or NetworkPkg.
Currently, we only use the drivers from MdeModulePkg which only provides
the IPv4 support. This commit adds the IPv6 drivers in NetworkPkg into
OVMF.
Here is the table of drivers from Laszlo.
currently included related driver
On Thu, Jan 15, 2015 at 03:35:40PM -0800, James Bottomley wrote:
> The UEFI Security Sub team needs to do some prototyping across all
> supported architectures. We've been having some discussions about how a
> particular feature would work on different architectures and have
> decided that prototy
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Ching-Pang Lin
---
MdeModulePkg/Universal/PCD/Pei/Service.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/MdeModulePkg/Universal/PCD/Pei/Service.c
b/MdeModulePkg/Universal/PCD/Pei/Service.c
index e42d045..6ae190c
unction.
Gary Lin
> Star
> -----Original Message-
> From: Gary Ching-Pang Lin [mailto:g...@suse.com]
> Sent: Wednesday, November 20, 2013 5:06 PM
> To: edk2-devel@lists.sourceforge.net
> Subject: [edk2] [PATCH] MdeModulePkg Pcd: Add the missing attribute
>
> Contributed-under: Ti
On Tue, Nov 26, 2013 at 06:21:21AM +0100, Laszlo Ersek wrote:
> Hi,
>
> as soon as Timer.efi is installed and the first timer interrupt is
> delivered, OVMF hangs with the VCPU spinning at 100%.
>
> I can see that SVN r14887 is the commit that directly switches the
> libraries that OvmfPkg uses.
On Tue, Nov 26, 2013 at 09:46:08AM +0100, Laszlo Ersek wrote:
> On 11/26/13 07:44, Gary Ching-Pang Lin wrote:
> > On Tue, Nov 26, 2013 at 06:21:21AM +0100, Laszlo Ersek wrote:
> >> Hi,
> >>
> >> as soon as Timer.efi is installed and the first timer interrupt is
Hi,
I recently started to build OVMF on my openSUSE 13.1 box and found the
secure boot config menu went blank. After several tests, the root cause
is identified:
https://sourceware.org/git/?p=glibc.git;a=commit;h=2d48b41c8fa610067c4d664ac2339ae6ca43e78c
This glibc commit is included in glibc 2.1
On Wed, Jan 15, 2014 at 02:03:02PM +0100, Laszlo Ersek wrote:
> On 01/15/14 07:31, Gary Ching-Pang Lin wrote:
> > Hi,
> >
> > I recently started to build OVMF on my openSUSE 13.1 box and found the
> > secure boot config menu went blank. After several tests, the r
On Thu, Jan 16, 2014 at 04:26:13PM +0100, Laszlo Ersek wrote:
> On 01/16/14 09:01, Gary Ching-Pang Lin wrote:
> > On Wed, Jan 15, 2014 at 02:03:02PM +0100, Laszlo Ersek wrote:
> >> On 01/15/14 07:31, Gary Ching-Pang Lin wrote:
> >>> Hi,
> >>>
> >&g
On Fri, Jan 17, 2014 at 12:49:45AM -0600, Scott Duplichan wrote:
> Gary Ching-Pang Lin [mailto:g...@suse.com] wrote:
>
> <...>
>
> ]> > It turned out the problem is caused by VfrCompile + glibc 2.18.
> ]> > I built the programs in BaseTools/Source/C stat
Agreement 1.0
Signed-off-by: Gary Ching-Pang Lin
---
BaseTools/Source/C/VfrCompile/VfrFormPkg.cpp | 8
BaseTools/Source/C/VfrCompile/VfrFormPkg.h | 28 ++--
2 files changed, 18 insertions(+), 18 deletions(-)
diff --git a/BaseTools/Source/C/VfrCompile
Hi,
I am using OVMF to test OS PXE installation. The function basically
works except the transmission rate of tftp is much lower than expected.
Here is my setup:
A virtual net device, tap0, was created to connect the host and the guest
in QEMU like this:
[ HOST ] [tap0] [ guest ]
dhc
Hi Laszlo,
On Tue, Apr 01, 2014 at 11:54:35AM +0200, Laszlo Ersek wrote:
> Hi Gary,
>
> On 04/01/14 09:30, Gary Ching-Pang Lin wrote:
> > Hi,
> >
> > I am using OVMF to test OS PXE installation. The function basically
> > works except the transmission rate of
Hi Laszlo,
On Wed, Jun 18, 2014 at 11:34:45PM +0200, Laszlo Ersek wrote:
> This is a longish and quite raw email, but (for me at least) a big
> improvement, so I'll share my findings here.
>
Thanks for your sharing. I followed the steps and saw the backtrace in gdb.
This is exactly something I am
On Fri, Jun 20, 2014 at 11:43:18AM +0200, Laszlo Ersek wrote:
> On 06/20/14 10:55, Gary Ching-Pang Lin wrote:
> > Hi Laszlo,
> >
> > On Wed, Jun 18, 2014 at 11:34:45PM +0200, Laszlo Ersek wrote:
> >> This is a longish and quite raw email, but (for me at least) a
Hi,
As mentioned in the recent commits (14141, 14165), the multiple signatures
support is integrated into edk2 mainline. However, my test showed those
two commits broke the image verification. Even the image with only one
signature was rejected and I got "Security Violation" when executing the
ima
security data base "dbx".
>
I found it's related to the signing tool. The image signed by Microsoft
passed the verification. The images signed with pesign which used to work
without R14141 failed now.
Gary Lin
>
> Best Regards,
> Fu, Siyuan
>
> -Original Me
Signed-off-by: Gary Ching-Pang Lin
---
.../Library/EdkIIGlueLib/Library/BasePrintLib/PrintLib.c | 11 +--
MdePkg/Library/BasePrintLib/PrintLibInternal.c| 11 +--
2 files changed, 18 insertions(+), 4 deletions(-)
diff --git
a/EdkCompatibilityPkg/Foundation
A variable store length check was introduced since r14252. After applying the
patch, OVMF died in
SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
ASSERT(MAX (PcdGet32 (PcdMaxVariableSize), PcdGet32
(PcdMaxHardwareErrorVariableSize)) < VariableStoreLength);
The check is reasonable. Howev
On Wed, May 15, 2013 at 03:22:53PM +0200, Laszlo Ersek wrote:
> On 05/15/13 11:03, Gary Ching-Pang Lin wrote:
> > When Secure Boot is enabled, PcdFlashNvStorageVariableSize is much
> > smaller than PcdMaxVariableSize, not to mention VariableStoreLength
> >
On Wed, May 15, 2013 at 11:28:23AM -0700, Jordan Justen wrote:
> On Wed, May 15, 2013 at 2:03 AM, Gary Ching-Pang Lin wrote:
> > A variable store length check was introduced since r14252. After applying
> > the
> > patch, OVMF died in
> >
> > SecurityPkg
t; Without this fix, the "%r" format specifier prints eg. "001A"
> instead of "Security Violation" for EFI_SECURITY_VIOLATION.
>
Thanks for the feedback.
> (3) Further 2*2 comments below:
>
>
> On 05/14/13 10:40, Gary Ching-Pang Lin wrote:
EFI_INVALID_LANGUAGE 32
> EFI_COMPROMISED_DATA 33
> EFI_WARN_STALE_DATA 5
Okay! I'll correct the patch.
Thanks,
Gary Lin
>
> Thanks
> Liming
> -Original Message-
> From: Laszlo Ersek [mailto:ler...@redhat.com]
> Sent: Tuesday, May 21, 2013
On Tue, May 21, 2013 at 10:52:27AM +0200, Laszlo Ersek wrote:
> On 05/16/13 08:04, Gary Ching-Pang Lin wrote:
> > On Wed, May 15, 2013 at 03:22:53PM +0200, Laszlo Ersek wrote:
>
> >> [...] I failed to secure boot Fedora 19
> >> <h
Some error status strings were not defined in the status strings
array. The following patches add the missing strings so that %r
prints comprehensive strings instead of obscure numbers.
Gary Ching-Pang Lin (2):
EdkCompatibilityPkg/BasePrintLib: add missing status strings for %r
MdePkg
Without this fix, the "%r" format specifier prints eg. "001A"
instead of "Security Violation" for EFI_SECURITY_VIOLATION.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Ching-Pang Lin
---
.../Library/EdkIIGlueLib/Library/Bas
Without this fix, the "%r" format specifier prints eg. "001A"
instead of "Security Violation" for EFI_SECURITY_VIOLATION.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Ching-Pang Lin
---
MdePkg/Library/BasePrintLib/PrintLibInter
Signed-off-by: Gary Ching-Pang Lin
---
CryptoPkg/Library/BaseCryptLib/Rand/CryptRand.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/CryptoPkg/Library/BaseCryptLib/Rand/CryptRand.c
b/CryptoPkg/Library/BaseCryptLib/Rand/CryptRand.c
index 4a056e8..f521e64 100644
--- a/CryptoPkg
the status of random
> number generator
>
> Though the comment of RandomSeed() states it should return FALSE if there is
> not enough entropy for random generation, the function always returns TRUE.
> This commit checks the status of pseudorandom number generator to match the
&
Signed-off-by: Gary Ching-Pang Lin
---
CryptoPkg/Library/BaseCryptLib/Rand/CryptRand.c| 2 +-
CryptoPkg/Library/BaseCryptLib/Rand/CryptRandItc.c | 2 +-
CryptoPkg/Library/BaseCryptLib/Rand/CryptRandTsc.c | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/CryptoPkg/Library
Signed-off-by: Gary Ching-Pang Lin
---
CryptoPkg/Library/BaseCryptLib/Rand/CryptRand.c| 5 -
CryptoPkg/Library/BaseCryptLib/Rand/CryptRandItc.c | 5 -
CryptoPkg/Library/BaseCryptLib/Rand/CryptRandTsc.c | 5 -
3 files changed, 12 insertions(+), 3 deletions(-)
diff --git a/CryptoPkg
ug?
Thanks,
Gary Lin
> Thanks
> Liming
> -Original Message-
> From: Gary Ching-Pang Lin [mailto:g...@suse.com]
> Sent: Wednesday, May 22, 2013 12:15 PM
> To: edk2-devel@lists.sourceforge.net
> Subject: [edk2] [PATCH 0/2] Add missing status strings to BasePrintLib
&g
.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Ching-Pang Lin
---
CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
b/CryptoPkg/Library
On Tue, Jul 09, 2013 at 12:50:00PM +0200, Laszlo Ersek wrote:
> On 07/09/13 11:26, Gary Ching-Pang Lin wrote:
> > Per gmtime manpage, tm_mon is the number of months since January
> > while MonthNo is the month of the year, so tm_mon should be MonthNo-1.
> >
> > Also
.
This commit also corrected miscalculated MonthNo and DayNo for the last
day of the month. (Thanks to Laszlo Ersek!)
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Ching-Pang Lin
---
CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c | 6 +++---
1 file changed, 3
On Wed, Jul 10, 2013 at 11:10:58AM +0200, Laszlo Ersek wrote:
> On 07/10/13 09:19, Gary Ching-Pang Lin wrote:
> > Per gmtime manpage, tm_mon is the number of months since January
> > while MonthNo is the month of the year, so tm_mon should be MonthNo-1.
> >
> > Simil
Although the EFI status code is supposed to be the same as the
shell status code, it's better to use its own status code.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Ching-Pang Lin
---
ShellPkg/Library/UefiShellLevel2CommandsLib/Rm.c | 2 +-
1 file chang
file name to avoid illegal access.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Ching-Pang Lin
---
OvmfPkg/SecureBootConfigDxe/SecureBootConfigImpl.c | 21 ++---
1 file changed, 18 insertions(+), 3 deletions(-)
diff --git a/OvmfPkg/SecureBootConf
file name to avoid illegal access.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Ching-Pang Lin
---
.../SecureBootConfigDxe/SecureBootConfigImpl.c | 21 ++---
1 file changed, 18 insertions(+), 3 deletions(-)
diff --git
a/Securi
On Tue, Jul 30, 2013 at 01:36:16PM +0200, Laszlo Ersek wrote:
> On 07/30/13 11:23, Gary Ching-Pang Lin wrote:
> > When enrolling the certificate from a file, the suffix check function
> > check the last 4 characters to filter out non-DER files. However,
> > if the length of
file name to avoid illegal access.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Ching-Pang Lin
---
.../SecureBootConfigDxe/SecureBootConfigImpl.c | 21 ++---
1 file changed, 18 insertions(+), 3 deletions(-)
diff --git
a/Securi
file name to avoid illegal access.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Ching-Pang Lin
---
OvmfPkg/SecureBootConfigDxe/SecureBootConfigImpl.c | 21 ++---
1 file changed, 18 insertions(+), 3 deletions(-)
diff --git a/OvmfPkg/SecureBootConf
Hi,
I recently updated qemu to 1.6.0 and found OVMF just showed a blank
screen when kvm was enabled. I tried to dump OVMF log with the
following commond but nothing was stored in debug.log.
qemu-system-x86_64 -s -enable-kvm -bios OVMF.fd -debugcon file:debug.log
-global isa-debugcon.iobase=0x402
On Wed, Aug 28, 2013 at 02:55:26PM +0200, Andreas Färber wrote:
> Am 28.08.2013 14:10, schrieb Laszlo Ersek:
> > On 08/28/13 13:49, Andreas Färber wrote:
> >> Am 28.08.2013 13:45, schrieb Laszlo Ersek:
> >>> (qemu-devel CC'd)
> >>>
> >>&
On Fri, Aug 30, 2013 at 02:04:40AM +1000, Bruce Rogers wrote:
> >>> On 8/29/2013 at 02:23 AM, Gary Ching-Pang Lin wrote:
> > On Wed, Aug 28, 2013 at 02:55:26PM +0200, Andreas Färber wrote:
> >> Am 28.08.2013 14:10, schrieb Laszlo Ersek:
> >> > On 08/28/13
On Thu, Aug 29, 2013 at 11:16:34PM +0200, Laszlo Ersek wrote:
> On 08/28/13 12:35, Gary Ching-Pang Lin wrote:
> > Hi,
> >
> > I recently updated qemu to 1.6.0 and found OVMF just showed a blank
> > screen when kvm was enabled. I tried to dump OVMF log with the
> &
On Fri, Aug 30, 2013 at 11:10:26AM +0200, Laszlo Ersek wrote:
> On 08/30/13 05:34, Gary Ching-Pang Lin wrote:
> > On Thu, Aug 29, 2013 at 11:16:34PM +0200, Laszlo Ersek wrote:
> >> On 08/28/13 12:35, Gary Ching-Pang Lin wrote:
> >>> Hi,
> >>>
> >&g
On Sat, Aug 31, 2013 at 12:16:21AM -0700, Jordan Justen wrote:
> On Thu, Aug 29, 2013 at 8:28 PM, Gary Ching-Pang Lin wrote:
> > On Fri, Aug 30, 2013 at 02:04:40AM +1000, Bruce Rogers wrote:
> >> I tried this out, and I get the black screen as well when ept=n, but it
> >&
63 matches
Mail list logo
