PcdGet (PcdRequireSelfSignedPk) && IsPk)
If IsPk is FALSE, both of these evaluate to TRUE no matter what the PCD
is.
-Jan
> On 1/25/2023 1:38 PM, Jan Bobek wrote:
>> Hi Sean,
>>
>>> From looking over the patch 1/4 email i have a concern.
>>>
>>&g
-Jan
> On 1/22/2023 10:13 PM, Yao, Jiewen wrote:
>
> Hi Sean
> I would like to hear your feedback, since it is a little different from the
> original MSFT patch.
>
> Would you please take a look?
>
> Thank you
> Yao, Jiewen
>
>
>
> -----Original Messag
, but the old code assumed ContentInfo was not present and
incorrectly rejected authenticated variable updates when it were
present.
Cc: Jiewen Yao
Cc: Jian J Wang
Cc: Min Xu
Signed-off-by: Jan Bobek
---
.../Library/AuthVariableLib/AuthService.c | 50 ---
1 file changed, 42
self-signed in this case.
Cc: Jiewen Yao
Cc: Jian J Wang
Signed-off-by: Jan Bobek
---
SecurityPkg/SecurityPkg.dec | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec
index d3b7ad7ff6fb..0382090f4e75 100644
--- a/SecurityPkg
Yao
Cc: Jian J Wang
Cc: Min Xu
Co-authored-by: Matthew Carlson
Signed-off-by: Jan Bobek
---
SecurityPkg/SecurityPkg.dec | 7 +++
SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf | 3 +++
SecurityPkg/Library/AuthVariableLib/AuthService.c | 9
: Sebastien Boeuf
Signed-off-by: Jan Bobek
---
OvmfPkg/Bhyve/BhyveX64.dsc | 3 +++
OvmfPkg/CloudHv/CloudHvX64.dsc | 3 +++
OvmfPkg/IntelTdx/IntelTdxX64.dsc | 3 +++
OvmfPkg/Microvm/MicrovmX64.dsc | 3 +++
OvmfPkg/OvmfPkgIa32.dsc | 3 +++
OvmfPkg/OvmfPkgIa32X64.dsc | 3
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2506
In all DSC files that define SECURE_BOOT_ENABLE, opt-in into requiring
self-signed PK when SECURE_BOOT_ENABLE is TRUE.
Cc: Ard Biesheuvel
Cc: Leif Lindholm
Cc: Sami Mujawar
Cc: Gerd Hoffmann
Signed-off-by: Jan Bobek
---
ArmVirtPkg
by Matthew Carlson; I've credited him
with co-authorship of the first patch even though in the end I decided
to do the implementation a bit differently.
Comments & reviews welcome!
Cheers,
-Jan
References:
1. https://bugzilla.tianocore.org/show_bug.cgi?id=2506
Jan Bobek (4):
SecurityPkg: li
ted to use EDK2 as a
basis for their (typically proprietary) UEFI implementation, they would
need to address this issue one way or the other on their own.
-Jan
>> -----Original Message-
>> From: Jan Bobek
>> Sent: Tuesday, January 17, 2023 6:30 AM
>> To: Yao, Jiewen
&g
> Hi
> That is good catch!
> My apology to miss it before.
>
> 1) Please file a bugzilla (https://bugzilla.tianocore.org/) to record the
> issue and associate to the patch.
Filed bug 4305 [1]. Sorry for the delay, I didn't get my bugzilla
credentials until late last week.
> 2) Would you please s
Anothing ping. Comments/reviews/merge highly appreciated.
Thank you,
-Jan
Jan Bobek writes:
> Ping. Can I get a review and/or some comments on this patch, please?
>
> Thanks,
> -Jan
>
> Jan Bobek writes:
>
>> Based on whether the DER-encoded ContentInfo structure is
Ping. Can I get a review and/or some comments on this patch, please?
Thanks,
-Jan
Jan Bobek writes:
> Based on whether the DER-encoded ContentInfo structure is present in
> authenticated SetVariable payload or not, the SHA-256 OID can be
> located at different places.
>
> UEF
incorrectly rejected authenticated variable updates when it were
present.
Cc: Jiewen Yao
Cc: Jian J Wang
Cc: Min Xu
Signed-off-by: Jan Bobek
---
.../Library/AuthVariableLib/AuthService.c | 18 +++---
1 file changed, 11 insertions(+), 7 deletions(-)
diff --git a/SecurityPkg
Hello,
sending a v2 of my patch after following the instructions Laszlo Ersek
gave me in response to the v1.
Best,
-Jan
Jan Bobek (1):
MdePkg/BaseLib: Fix invalid memory access in AArch64 SetJump/LongJump
MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S | 8
MdePkg/Library
memory gap in the middle of the structure and
causing SetJump/LongJump functions to read/write 8 bytes of memory
past the end of the jump buffer struct.
Signed-off-by: Jan Bobek
---
MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S | 8
MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm | 8
Ard Biesheuvel writes:
> On 10/1/20 3:04 PM, Laszlo Ersek wrote:
>> On 09/29/20 03:12, Jan Bobek wrote:
>>> Correct the memory offsets used in REG_ONE/REG_PAIR macros to
>>> synchronize them with definition of the BASE_LIBRARY_JUMP_BUFFER
>>> structure o
, creating an unused memory gap in the middle of the
structure and causing SetJump/LongJump functions to read/write 8 bytes
of memory past the end of the jump buffer struct.
Signed-off-by: Jan Bobek
---
MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S | 8
MdePkg/Library/BaseLib/AArch64
s my first contribution to EDK-II; I have tried to
follow the guidelines as closely as possible, but if there is still
something wrong with formatting etc., let me know and I shall submit a
v2 with the issues fixed. That being said, I did run PatchCheck.py and
it reported no errors.
Cheers!
-Jan
18 matches
Mail list logo
