[edk2-devel] [PATCH v2 1/1] CryptoPkg: Need to enable crypto functions

Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- CryptoPkg/CryptoPkg.dsc | 8 +++- CryptoPkg/Readme.md | 12 ++-- 2 files changed, 13 insertions(+), 7 deletions(-) diff --git a/CryptoPkg/CryptoPkg.dsc b/CryptoPkg/CryptoPkg.dsc

[edk2-devel] [PATCH v2 0/1] Enable AES and HKDF

https://bugzilla.tianocore.org/show_bug.cgi?id=3992 Enable Aes services in PEI based on PCD_CRYPTO_SERVICE_ENABLE_FAMILY. Enable Hkdf in SMM based on PCD_CRYPTO_SERVICE_ENABLE_FAMILY. Update Readme table reflect these changes. Judah Vang (1): CryptoPkg: Need to enable crypto functions

Re: [edk2-devel] [PATCH] SecurityPkg: deprecate RpmcLib and VariableKeyLib

f these two libraries. They're deprecated. > > Cc: Jiewen Yao > Cc: Michael D Kinney > Cc: Nishant C Mistry > Cc: Judah Vang > Signed-off-by: Jian J Wang > --- > SecurityPkg/Include/Library/RpmcLib.h | 42 > SecurityPkg/Include/Library/Var

Re: [edk2-devel] [PATCH v1 1/1] CryptoPkg: Need to enable crypto functions

CryptoPkg: Need to enable > crypto > > > functions > > > > > > Hi Jiewen, > > > > > > Has this patch been merged? > > > This is an important change for the UEFI Protected Variable feature. > > > > > > Judah > > > > &

Re: [edk2-devel] [PATCH v1 1/1] CryptoPkg: Need to enable crypto functions

Hi Jiewen, Has this patch been merged? This is an important change for the UEFI Protected Variable feature. Judah -Original Message- From: devel@edk2.groups.io On Behalf Of Judah Vang Sent: Monday, November 7, 2022 2:16 PM To: devel@edk2.groups.io Cc: Yao, Jiewen ; Wang, Jian J

[edk2-devel] [PATCH v1 0/1] Enable AES and HKDF

https://bugzilla.tianocore.org/show_bug.cgi?id=3992 Need crypto AES to be supported for PEI phase and need crypto KDF to be supported for SMM phase. Update Readme to show AES and HKDF defaults. Judah Vang (1): CryptoPkg: Need to enable crypto functions CryptoPkg/Library/BaseCryptLib

[edk2-devel] [PATCH v1 1/1] CryptoPkg: Need to enable crypto functions

Signed-off-by: Judah Vang --- CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 2 +- CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 2 +- CryptoPkg/Readme.md| 27 +++- 3 files changed, 17 insertions(+), 14 deletions(-) diff --git a/CryptoPkg/Library

[edk2-devel] [PATCH v3 0/1] CryptoPkg bug fix

https://bugzilla.tianocore.org/show_bug.cgi?id=3991 There is a #define to deprecate Sha1 functions but not all the Sha1 function are wrapped around this #define causing a build error. The fix is to wrap all Sha1 functions with the #define. Judah Vang (1): CryptoPkg: Sha1 functions causing

[edk2-devel] [PATCH v3 1/1] CryptoPkg: Sha1 functions causing build errors

Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c | 14 +- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c b/CryptoPkg/Library

Re: [edk2-devel] [PATCH v2 0/2] CryptoPkg bug fixes

ix. > > I suggest we defer 3992 to next release, because it is feature enhancement. > > Comment is welcome! > > Thank you > Yao, Jiewen > > > > -Original Message- > > From: devel@edk2.groups.io On Behalf Of Judah > > Vang > > Sent: Tue

Re: [edk2-devel] [PATCH v2 0/2] CryptoPkg bug fixes

> -Original Message- > From: devel@edk2.groups.io On Behalf Of Judah > Vang > Sent: Tuesday, November 8, 2022 2:37 AM > To: devel@edk2.groups.io > Subject: [edk2-devel] [PATCH v2 0/2] CryptoPkg bug fixes > > https://bugzilla.tianocore.org/show

Re: [edk2-devel] [PATCH V1 0/2] CryptoPkg bug fixes

you prefer? Best regards, Mike > -Original Message- > From: devel@edk2.groups.io On Behalf Of Judah > Vang > Sent: Monday, October 24, 2022 9:42 AM > To: devel@edk2.groups.io > Subject: [edk2-devel] [PATCH V1 0/2] CryptoPkg bug fixes > > https://bugzilla.tiano

[edk2-devel] [PATCH v2 2/2] CryptoPkg: Need to enable crypto functions

Signed-off-by: Judah Vang --- CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 2 +- CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 2 +- CryptoPkg/Readme.md| 26 +++- 3 files changed, 16 insertions(+), 14 deletions(-) diff --git a/CryptoPkg/Library

[edk2-devel] [PATCH v2 0/2] CryptoPkg bug fixes

crypto AES to be supported for PEI phase and need crypto KDF to be supported for SMM phase. Update Readme to show AES and HKDF defaults. Judah Vang (2): CryptoPkg: Sha1 functions causing build errors CryptoPkg: Need to enable crypto functions CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf

[edk2-devel] [PATCH v2 1/2] CryptoPkg: Sha1 functions causing build errors

Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c | 14 +- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c b/CryptoPkg/Library

[edk2-devel] [PATCH v5 02/19] MdeModulePkg: Update AUTH_VARIABLE_INFO struct

Mistry Signed-off-by: Judah Vang Reviewed-by: Jian J Wang --- MdeModulePkg/Include/Library/AuthVariableLib.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/MdeModulePkg/Include/Library/AuthVariableLib.h b/MdeModulePkg/Include/Library/AuthVariableLib.h index 37aceba699e6

[edk2-devel] [PATCH v5 17/19] SecurityPkg: Add EncryptionVariable lib with AES

-by: Judah Vang --- SecurityPkg/Library/EncryptionVariableLib/EncryptionVariableLib.inf | 43 ++ SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.h | 49 ++ SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.c | 734 3 files changed, 826

[edk2-devel] [PATCH v5 19/19] SecurityPkg: Add references to new *.inf files

J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- SecurityPkg/SecurityPkg.dsc | 13 - 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc index 6bf53c565882..3134b103ff53 100644 --- a/SecurityPkg

[edk2-devel] [PATCH v5 16/19] SecurityPkg: Add VariableKey library function

Mistry Signed-off-by: Judah Vang --- SecurityPkg/Library/VariableKeyLib/VariableKeyLib.inf | 36 SecurityPkg/Library/VariableKeyLib/VariableKeyLib.c | 59 2 files changed, 95 insertions(+) diff --git a/SecurityPkg/Library/VariableKeyLib/VariableKeyLib.inf b

[edk2-devel] [PATCH v5 12/19] SecurityPkg: Add new variable types and functions

Cc: Jiewen Yao Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- SecurityPkg/Include/Library/RpmcLib.h| 15 +--- SecurityPkg/Include/Library/VariableKeyLib.h | 37 +++- 2 files changed, 16 insertions(+), 36

[edk2-devel] [PATCH v5 14/19] SecurityPkg: Fix GetVariableKey API

: Nishant C Mistry Signed-off-by: Judah Vang --- SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c b/SecurityPkg/Library/VariableKeyLibNull

[edk2-devel] [PATCH v5 07/19] MdeModulePkg: Add new Variable functionality

variable information. Add new function stubs for retrieving Protected variable information. Cc: Jian J Wang Cc: Liming Gao Cc: Hao A Wu Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang Acked-by: Hao A Wu --- MdeModulePkg/Universal

[edk2-devel] [PATCH v5 15/19] SecurityPkg: Add null encryption variable libs

x27;t support protected variable encryption. Cc: Jian J Wang Cc: Jiewen Yao Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariableLibNull.inf | 34 SecurityPkg/Li

[edk2-devel] [PATCH v5 10/19] SecurityPkg: Add new GUIDs for

gEdkiiProtectedVariableContextGuid contains the Protected Variable context saved in PEI phase to be used later. Cc: Jian J Wang Cc: Jiewen Yao Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang Reviewed-by: Jian J Wang --- SecurityPkg/SecurityPkg.dec | 43

[edk2-devel] [PATCH v5 11/19] SecurityPkg: Add new KeyService types and defines

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 V4: revert copyright date change. V1: Add new KeyService types and defines. Cc: Jian J Wang Cc: Jiewen Yao Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- SecurityPkg

[edk2-devel] [PATCH v5 13/19] SecurityPkg: Update RPMC APIs with index

: Judah Vang Reviewed-by: Jian J Wang --- SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c | 8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c b/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c index 792e48250e5d..557aeb6abf09 100644

[edk2-devel] [PATCH v5 05/19] MdeModulePkg: Add new GUID for Variable Store Info

Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang Reviewed-by: Jian J Wang --- MdeModulePkg/MdeModulePkg.dec | 13 - 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec index 58e6ab004882..e896dd038479 100644

[edk2-devel] [PATCH v5 04/19] MdeModulePkg: Add new include files

protected variables. Add ProtectedVariableLib.h for providing integrity or variables. Cc: Jian J Wang Cc: Liming Gao Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- MdeModulePkg/Include/Library/EncryptionVariableLib.h | 165

[edk2-devel] [PATCH v5 06/19] MdeModulePkg: Add Null ProtectedVariable Library

: Liming Gao Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull.inf | 34 ++ MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariable.c | 336

[edk2-devel] [PATCH v5 00/19] UEFI variable protection

- Applied code review comments by adding PEIM to library class Patch 18 - Applied code review comments by removing unused API. Notes: The CryptoPkg changes are now being tracked separately. Patches 21 on is no longer needed due to reorganization of the new protected variable modules. Judah Vang (19

[edk2-devel] [PATCH v5 03/19] MdeModulePkg: Add new ProtectedVariable GUIDs

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 New ProtectVariable GUIDs for passing variable information from PEI phase to SMM phase. Cc: Jian J Wang Cc: Liming Gao Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang Reviewed

[edk2-devel] [PATCH v5 01/19] MdePkg: Add reference to new Ppi Guid

Signed-off-by: Judah Vang Reviewed-by: Jian J Wang --- MdePkg/Include/Ppi/ReadOnlyVariable2.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/MdePkg/Include/Ppi/ReadOnlyVariable2.h b/MdePkg/Include/Ppi/ReadOnlyVariable2.h index 926c0bc82a43..c5a8470565bb 100644 --- a/MdePkg

[edk2-devel] [PATCH v5 09/19] MdeModulePkg: Reference Null ProtectedVariableLib

Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- MdeModulePkg/MdeModulePkg.dsc | 20 +++- MdeModulePkg/Test/MdeModulePkgHostTest.dsc | 8 2 files changed, 27 insertions(+), 1 deletion(-) diff --git a/MdeModulePkg/MdeModulePkg.dsc b/MdeModulePkg

Re: [edk2-devel] [PATCH V1 0/2] CryptoPkg bug fixes

that allows those services to be disabled in the Crypto >Protocol/PPI. The defines to deprecate MD5 and SH1 extend into the > BaseCryptLib >instance implementations such that a call to those services when static > linking >will generate a build error instead of a runt

Re: [edk2-devel] [PATCH V1 0/2] CryptoPkg bug fixes

will generate a build error instead of a runtime ASSERT(). Which behavior do you prefer? Best regards, Mike > -Original Message- > From: devel@edk2.groups.io On Behalf Of Judah > Vang > Sent: Monday, October 24, 2022 9:42 AM > To: devel@edk2.groups.io > Subject: [

[edk2-devel] [PATCH V1 2/2] CryptoPkg: Need to enable crypto functions

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3992 Enable CryptAes for PEI phase. Enable CryptHkdf for SMM phase. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang

[edk2-devel] [PATCH V1 1/2] CryptoPkg: Sha1 functions causing build errors

Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c | 14 +- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c b/CryptoPkg/Library

[edk2-devel] [PATCH V1 0/2] CryptoPkg bug fixes

crypto AES to be supported for PEI phase and need crypto KDF to be supported for SMM phase. Judah Vang (2): CryptoPkg: Sha1 functions causing build errors CryptoPkg: Need to enable crypto functions CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf| 2 +- CryptoPkg/Library/BaseCryptLib

[edk2-devel] [PATCH v4 26/28] OvmfPkg: Add ProtectedVariableLib reference

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 Add reference to null ProtectedVariableLib. Cc: Jian J Wang Cc: Gerd Hoffmann Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- OvmfPkg/Microvm/MicrovmX64.dsc | 3 ++- 1

[edk2-devel] [PATCH v4 27/28] OvmfPkg: Add ProtectedVariable reference

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 Add reference to null ProtectedVariableLib. Cc: Jian J Wang Cc: Sebastien Boeuf Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- OvmfPkg/CloudHv/CloudHvX64.dsc | 1 + 1

[edk2-devel] [PATCH v4 28/28] IntelTdx: Add ProtectedVariable reference

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 Add reference to null ProtectedVariableLib. Cc: Jian J Wang Cc: Jiewen Yao Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- OvmfPkg/IntelTdx/IntelTdxX64.dsc | 1 + 1 file

[edk2-devel] [PATCH v4 25/28] OvmfPkg: Add ProtectedVariableLib reference

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 Add reference to null ProtectedVariableLib. Cc: Jian J Wang Cc: Rebecca Cran Cc: Peter Grehan Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- OvmfPkg/Bhyve/BhyveX64.dsc

[edk2-devel] [PATCH v4 24/28] OvmfPkg: Add ProtectedVariableLib reference

Mistry Signed-off-by: Judah Vang --- OvmfPkg/AmdSev/AmdSevX64.dsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc index 90e8a213ef77..a94a8c30ca3e 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev

[edk2-devel] [PATCH v4 23/28] OvmfPkg: Add ProtectedVariable reference

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 Add reference to null ProtectedVariableLib. Cc: Jian J Wang Cc: Ard Biesheuvel Cc: Jiewen Yao Cc: Jordan Justen Cc: Gerd Hoffmann Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah

[edk2-devel] [PATCH v4 21/28] UefiPayloadPkg: Add ProtectedVariable reference

Signed-off-by: Judah Vang Reviewed-by: Ray Ni --- UefiPayloadPkg/UefiPayloadPkg.dsc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/UefiPayloadPkg/UefiPayloadPkg.dsc b/UefiPayloadPkg/UefiPayloadPkg.dsc index 91cd78dbf109..591fae635b23 100644 --- a/UefiPayloadPkg/UefiPayloadPkg.dsc +++ b

[edk2-devel] [PATCH v4 22/28] EmulatorPkg: Add ProtectedVariable reference

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 Add reference to null ProtectedVariableLib. Cc: Jian J Wang Cc: Andrew Fish Cc: Ray Ni Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- EmulatorPkg/EmulatorPkg.dsc | 3

[edk2-devel] [PATCH v4 20/28] ArmVirtPkg: Add reference to ProtectedVariableNull

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 Need reference to ProtectVariableNullLib otherwise build fails. Cc: Jian J Wang Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang

[edk2-devel] [PATCH v4 19/28] SecurityPkg: Add references to new *.inf files

J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- SecurityPkg/SecurityPkg.dsc | 13 - 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc index f48187650f2f..f124084815cf 100644 --- a/SecurityPkg

[edk2-devel] [PATCH v4 17/28] SecurityPkg: Add EncryptionVariable lib with AES

-by: Judah Vang --- SecurityPkg/Library/EncryptionVariableLib/EncryptionVariableLib.inf | 43 ++ SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.h | 49 ++ SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.c | 734 3 files changed, 826

[edk2-devel] [PATCH v4 15/28] SecurityPkg: Add null encryption variable libs

x27;t support protected variable encryption. Cc: Jian J Wang Cc: Jiewen Yao Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariableLibNull.inf | 34 SecurityPkg/Li

[edk2-devel] [PATCH v4 16/28] SecurityPkg: Add VariableKey library function

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 Provide function that retrieves the key for protected variables. Cc: Jian J Wang Cc: Jiewen Yao Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- SecurityPkg/Library

[edk2-devel] [PATCH v4 13/28] SecurityPkg: Update RPMC APIs with index

: Judah Vang Reviewed-by: Jian J Wang --- SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c | 8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c b/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c index 792e48250e5d..557aeb6abf09 100644

[edk2-devel] [PATCH v4 14/28] SecurityPkg: Fix GetVariableKey API

: Nishant C Mistry Signed-off-by: Judah Vang --- SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c b/SecurityPkg/Library/VariableKeyLibNull

[edk2-devel] [PATCH v4 12/28] SecurityPkg: Add new variable types and functions

Cc: Jiewen Yao Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- SecurityPkg/Include/Library/RpmcLib.h| 15 +--- SecurityPkg/Include/Library/VariableKeyLib.h | 37 +++- 2 files changed, 16 insertions(+), 36

[edk2-devel] [PATCH v4 11/28] SecurityPkg: Add new KeyService types and defines

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 V4: revert copyright date change. V1: Add new KeyService types and defines. Cc: Jian J Wang Cc: Jiewen Yao Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- SecurityPkg

[edk2-devel] [PATCH v4 10/28] SecurityPkg: Add new GUIDs for

gEdkiiProtectedVariableContextGuid contains the Protected Variable context saved in PEI phase to be used later. Cc: Jian J Wang Cc: Jiewen Yao Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang Reviewed-by: Jian J Wang --- SecurityPkg/SecurityPkg.dec | 43

[edk2-devel] [PATCH v4 09/28] MdeModulePkg: Reference Null ProtectedVariableLib

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 Make reference to new Null ProtectVariableLib. The null ProtectedVariableLib is used by default. Cc: Jian J Wang Cc: Liming Gao Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang

[edk2-devel] [PATCH v4 05/28] MdeModulePkg: Add new GUID for Variable Store Info

Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang Reviewed-by: Jian J Wang --- MdeModulePkg/MdeModulePkg.dec | 13 - 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec index 7d989108324a..e812e016ccca 100644

[edk2-devel] [PATCH v4 07/28] MdeModulePkg: Add new Variable functionality

Wang Cc: Liming Gao Cc: Hao A Wu Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang Acked-by: Hao A Wu --- MdeModulePkg/Universal/Variable/Pei/VariablePei.inf | 10 +- MdeModulePkg/Universal/Variable/Pei/Variable.h| 80

[edk2-devel] [PATCH v4 06/28] MdeModulePkg: Add Null ProtectedVariable Library

: Liming Gao Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull.inf | 34 ++ MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariable.c | 336

[edk2-devel] [PATCH v4 03/28] MdeModulePkg: Add new ProtectedVariable GUIDs

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 New ProtectVariable GUIDs for passing variable information from PEI phase to SMM phase. Cc: Jian J Wang Cc: Liming Gao Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang Reviewed

[edk2-devel] [PATCH v4 02/28] MdeModulePkg: Add reference to new Ppi Guid

Signed-off-by: Judah Vang Reviewed-by: Jian J Wang --- MdePkg/Include/Ppi/ReadOnlyVariable2.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/MdePkg/Include/Ppi/ReadOnlyVariable2.h b/MdePkg/Include/Ppi/ReadOnlyVariable2.h index 926c0bc82a43..c5a8470565bb 100644 --- a/MdePkg

[edk2-devel] [PATCH v4 04/28] MdeModulePkg: Add new include files

protected variables. Add ProtectedVariableLib.h for providing integrity or variables. Cc: Jian J Wang Cc: Liming Gao Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- MdeModulePkg/Include/Library/EncryptionVariableLib.h | 165

[edk2-devel] [PATCH v4 01/28] MdeModulePkg: Update AUTH_VARIABLE_INFO struct

Mistry Signed-off-by: Judah Vang Reviewed-by: Jian J Wang --- MdeModulePkg/Include/Library/AuthVariableLib.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/MdeModulePkg/Include/Library/AuthVariableLib.h b/MdeModulePkg/Include/Library/AuthVariableLib.h index 37aceba699e6

[edk2-devel] [PATCH v4 00/28] UEFI variable protection

ce Patch 01 --> 05 Patch 02 --> 10 Patch 03 --> 01 Patch 04 --> 02 Patch 05 --> 03 Patch 06 --> 04 Patch 07 --> 06 Patch 08 --> 07 Patch 09 --> 08 Patch 10 --> 11 Patch 11 --> 12 Patch 12 --> 13 Patch 13 --> 14 Patch 14 --> 15 Patch 15 --> 16 Patch 16 --&g

[edk2-devel] [PATCH v3 3/3] CryptoPkg: Need to enable crypto functions

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3992 Enable CryptAes for PEI phase. Enable CryptHkdf for SMM phase. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang

[edk2-devel] [PATCH v3 2/3] CryptoPkg: Sha1 functions causing build errors

Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c | 14 +- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c b/CryptoPkg/Library

[edk2-devel] [PATCH v3 1/3] CryptoPkg: Fix memoryleak in BaseMemAllocation

Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- CryptoPkg/Library/BaseCryptLib/SysCall/BaseMemAllocation.c | 11 ++- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/CryptoPkg

[edk2-devel] [PATCH v3 0/3] CryptoPkg bug fixes

for SMM phase. Judah Vang (3): CryptoPkg: Fix memoryleak in BaseMemAllocation CryptoPkg: Sha1 functions causing build errors CryptoPkg: Need to enable crypto functions CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 2 +- CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf

Re: [edk2-devel] [PATCH v3 17/28] SecurityPkg: Add Protected Variable Services

Min, I prefer not to do this since there is already 28 patches. The line changes are mostly from the .h and .c files, I do not think there is much benefit from moving the the .inf files to a different patch.  Doing something like that will still leave 5800 lines changes in this patch. Judah -

[edk2-devel] [PATCH v3 26/28] OvmfPkg: Add ProtectedVariableLib reference

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 Add reference to null ProtectedVariableLib. Cc: Jian J Wang Cc: Gerd Hoffmann Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- OvmfPkg/Microvm/MicrovmX64.dsc | 3 ++- 1

[edk2-devel] [PATCH v3 25/28] OvmfPkg: Add ProtectedVariableLib reference

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 Add reference to null ProtectedVariableLib. Cc: Jian J Wang Cc: Rebecca Cran Cc: Peter Grehan Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- OvmfPkg/Bhyve/BhyveX64.dsc

[edk2-devel] [PATCH v3 27/28] OvmfPkg: Add ProtectedVariable reference

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 Add reference to null ProtectedVariableLib. Cc: Jian J Wang Cc: Sebastien Boeuf Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- OvmfPkg/CloudHv/CloudHvX64.dsc | 1 + 1

[edk2-devel] [PATCH v3 24/28] OvmfPkg: Add ProtectedVariableLib reference

Mistry Signed-off-by: Judah Vang --- OvmfPkg/AmdSev/AmdSevX64.dsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc index 6b3827f7f6ed..52c390cde2f0 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev

[edk2-devel] [PATCH v3 22/28] EmulatorPkg: Add ProtectedVariable reference

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 Add reference to null ProtectedVariableLib. Cc: Jian J Wang Cc: Andrew Fish Cc: Ray Ni Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- EmulatorPkg/EmulatorPkg.dsc | 3

[edk2-devel] [PATCH v3 23/28] OvmfPkg: Add ProtectedVariable reference

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 Add reference to null ProtectedVariableLib. Cc: Jian J Wang Cc: Ard Biesheuvel Cc: Jiewen Yao Cc: Jordan Justen Cc: Gerd Hoffmann Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah

[edk2-devel] [PATCH v3 20/28] ArmVirtPkg: Add reference to ProtectedVariableNull

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 Need reference to ProtectVariableNullLib otherwise build fails. Cc: Jian J Wang Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang

[edk2-devel] [PATCH v3 21/28] UefiPayloadPkg: Add ProtectedVariable reference

Signed-off-by: Judah Vang --- UefiPayloadPkg/UefiPayloadPkg.dsc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/UefiPayloadPkg/UefiPayloadPkg.dsc b/UefiPayloadPkg/UefiPayloadPkg.dsc index 4d9bbc80c866..dca0970ad61c 100644 --- a/UefiPayloadPkg/UefiPayloadPkg.dsc +++ b/UefiPayloadPkg

[edk2-devel] [PATCH v3 28/28] CryptoPkg: Enable cypto HMAC KDF and AES library

ian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 2 +- CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 2 +- CryptoPkg/Library/BaseCryptLib/SysCall/BaseMemAllocation.c | 11 ++- CryptoPkg/Li

[edk2-devel] [PATCH v3 11/28] SecurityPkg: Update RPMC APIs with index

: Judah Vang --- SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c | 8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c b/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c index 792e48250e5d..557aeb6abf09 100644 --- a/SecurityPkg/Library

[edk2-devel] [PATCH v3 16/28] SecurityPkg: Add EncryptionVariable lib with AES

-by: Judah Vang --- SecurityPkg/Library/EncryptionVariableLib/EncryptionVariableLib.inf | 43 ++ SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.h | 49 ++ SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.c | 734 3 files changed, 826

[edk2-devel] [PATCH v3 18/28] MdeModulePkg: Reference Null ProtectedVariableLib

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 Make reference to new Null ProtectVariableLib. The null ProtectedVariableLib is used by default. Cc: Jian J Wang Cc: Liming Gao Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang

[edk2-devel] [PATCH v3 19/28] SecurityPkg: Add references to new *.inf files

J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- SecurityPkg/SecurityPkg.dsc | 13 - 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc index d883747474e4..08777c57a5e9 100644 --- a/SecurityPkg

[edk2-devel] [PATCH v3 15/28] SecurityPkg: Add VariableKey library function

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 Provide function that retrieves the key for protected variables. Cc: Jian J Wang Cc: Jiewen Yao Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- SecurityPkg/Library

[edk2-devel] [PATCH v3 12/28] SecurityPkg: Add new variable types and functions

Cc: Jiewen Yao Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- SecurityPkg/Include/Library/RpmcLib.h| 15 +--- SecurityPkg/Include/Library/VariableKeyLib.h | 37 +++- 2 files changed, 16 insertions(+), 36

[edk2-devel] [PATCH v3 10/28] SecurityPkg: Add new KeyService types and defines

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 Add new KeyService types and defines. Cc: Jian J Wang Cc: Jiewen Yao Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- SecurityPkg/Include/Ppi/KeyServicePpi.h | 57

[edk2-devel] [PATCH v3 13/28] SecurityPkg: Fix GetVariableKey API

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 Fix GetVariableKey API to match changes in header files. Cc: Jian J Wang Cc: Jiewen Yao Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- SecurityPkg/Library

[edk2-devel] [PATCH v3 14/28] SecurityPkg: Add null encryption variable libs

ff-by: Nishant C Mistry Signed-off-by: Judah Vang --- SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariableLibNull.inf | 38 +++ SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariable.c | 107 SecurityPkg/Library/EncryptionVariableLi

[edk2-devel] [PATCH v3 06/28] MdeModulePkg: Add new include files

: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- MdeModulePkg/Include/Library/EncryptionVariableLib.h | 165 + MdeModulePkg/Include/Library/ProtectedVariableLib.h | 700 2 files changed, 865 insertions(+) diff --git a/MdeModulePkg/Include/Library

[edk2-devel] [PATCH v3 02/28] SecurityPkg: Add new GUIDs for

gEdkiiProtectedVariableContextGuid contains the Protected Variable context saved in PEI phase to be used later. Cc: Jian J Wang Cc: Jiewen Yao Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- SecurityPkg/SecurityPkg.dec | 43 +++- 1 file changed

[edk2-devel] [PATCH v3 08/28] MdeModulePkg: Add new Variable functionality

Wang Cc: Liming Gao Cc: Hao A Wu Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- MdeModulePkg/Universal/Variable/Pei/VariablePei.inf | 10 +- MdeModulePkg/Universal/Variable/Pei/Variable.h| 80 +- MdeModulePkg/Universal

[edk2-devel] [PATCH v3 05/28] MdeModulePkg: Add new ProtectedVariable GUIDs

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 New ProtectVariable GUIDs for passing variable information from PEI phase to SMM phase. Cc: Jian J Wang Cc: Liming Gao Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang

[edk2-devel] [PATCH v3 07/28] MdeModulePkg: Add Null ProtectedVariable Library

: Nishant C Mistry Signed-off-by: Judah Vang --- MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull.inf | 34 ++ MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariable.c | 449 2 files changed, 483 insertions(+) diff --git a

[edk2-devel] [PATCH v3 03/28] MdeModulePkg: Update AUTH_VARIABLE_INFO struct

Mistry Signed-off-by: Judah Vang --- MdeModulePkg/Include/Library/AuthVariableLib.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/MdeModulePkg/Include/Library/AuthVariableLib.h b/MdeModulePkg/Include/Library/AuthVariableLib.h index 37aceba699e6..32391bbf2b61 100644 --- a

[edk2-devel] [PATCH v3 01/28] MdeModulePkg: Add new GUID for Variable Store Info

Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- MdeModulePkg/MdeModulePkg.dec | 13 - 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec index 2bcb9f9453af..5c1dda004808 100644 --- a/MdeModulePkg

[edk2-devel] [PATCH v3 04/28] MdeModulePkg: Add reference to new Ppi Guid

Signed-off-by: Judah Vang --- MdePkg/Include/Ppi/ReadOnlyVariable2.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/MdePkg/Include/Ppi/ReadOnlyVariable2.h b/MdePkg/Include/Ppi/ReadOnlyVariable2.h index 926c0bc82a43..c5a8470565bb 100644 --- a/MdePkg/Include/Ppi

[edk2-devel] [PATCH v3 00/28] UEFI variable protection

h FreePages() because FreePool() is not supported in PEI phase. FreePool() does not free the allocated pool in PEI phase causing a memory leak. Judah Vang (28): MdeModulePkg: Add new GUID for Variable Store Info SecurityPkg: Add new GUIDs for MdeModulePkg: Update AUTH_VARIABLE_INFO struct

[edk2-devel] [Patch v2 28/28] CryptoPkg: Enable cypto HMAC KDF library

istry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf b/CryptoPkg/Library/BaseCry

[edk2-devel] [Patch v2 25/28] OvmfPkg: Add ProtectedVariableLib reference

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 Add reference to null ProtectedVariableLib. Cc: Jian J Wang Cc: Rebecca Cran Cc: Peter Grehan Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- OvmfPkg/Bhyve/BhyveX64.dsc

[edk2-devel] [Patch v2 27/28] OvmfPkg: Add ProtectedVariable reference

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 Add reference to null ProtectedVariableLib. Cc: Jian J Wang Cc: Sebastien Boeuf Cc: Nishant C Mistry Signed-off-by: Jian J Wang Signed-off-by: Nishant C Mistry Signed-off-by: Judah Vang --- OvmfPkg/CloudHv/CloudHvX64.dsc | 1 + 1

  1   2   >