Tags: NVIDIA/edk2
Tags
DynamicTablesPkg: SMBIOS table fix with proper string handling. - Some table generators may not be able to create SMBIOS records when there is an error with adding empty string and will terminate the process for the subsequent tables. - Fix string table memory leak within type11. Signed-off-by: Simon Wang <[email protected]> Reviewed-by: Jake Garver <[email protected]> Tested-by: Jake Garver <[email protected]>
pip-requirements.txt: Hold setuptools to <80.9 pkg_resources may be removed in setuptools 81.x. Avoid installing setuptools 81.x until we can remove our dependency on pkg_resources. Also, avoid 80.9.x, which only adds the warning that pkg_resources will be removed. But sticking with <80.9, we can remove the warning as well. Signed-off-by: Jake Garver <[email protected]> Reviewed-by: Jeff Brasen <[email protected]> Reviewed-by: Jeshua Smith <[email protected]>
pip-requirements.txt: Hold setuptools to <80.9 pkg_resources may be removed in setuptools 81.x. Avoid installing setuptools 81.x until we can remove our dependency on pkg_resources. Also, avoid 80.9.x, which only adds the warning that pkg_resources will be removed. But sticking with <80.9, we can remove the warning as well. Signed-off-by: Jake Garver <[email protected]> Reviewed-by: Jeff Brasen <[email protected]> Reviewed-by: Jeshua Smith <[email protected]>
SecurityPkg: Improving SecureBootConfigImpl:HashPeImageByType () logic
Namely:
(1) The TWO_BYTE_ENCODE check is independent of Index. If it evalutes
to TRUE for Index==0, then it will evaluate to TRUE for all other
Index values as well. As a result, the (Index == HASHALG_MAX)
condition will fire after the loop, and we'll return
EFI_UNSUPPORTED.
While this is correct, functionally speaking, it is wasteful to
keep re-checking TWO_BYTE_ENCODE in the loop body. The check
should be made at the top of the function, and EFI_UNSUPPORTED
should be returned at once, if appropriate.
(2) If the hash algorithm selected by Index has such a large OID that
the OID comparison cannot even be performed (because AuthDataSize
is not large enough for containing the OID in question, starting
at offset 32), then the function returns EFI_UNSUPPORTED at once.
This is bogus; this case should simply be treated as an OID
mismatch, and the loop should advance to the next Index value /
hash algorithm candidate. A remaining hash algo may have a shorter
OID and yield an OID match.
Signed-off-by: Doug Flick <[email protected]>
Tested-by: Amulya Yarlagadda <[email protected]>
Reviewed-by: Amulya Yarlagadda <[email protected]>
Tested-by: Jeff Brasen <[email protected]>
Reviewed-by: Jeff Brasen <[email protected]>
SecurityPkg: Improving SecureBootConfigImpl:HashPeImageByType () logic
Namely:
(1) The TWO_BYTE_ENCODE check is independent of Index. If it evalutes
to TRUE for Index==0, then it will evaluate to TRUE for all other
Index values as well. As a result, the (Index == HASHALG_MAX)
condition will fire after the loop, and we'll return
EFI_UNSUPPORTED.
While this is correct, functionally speaking, it is wasteful to
keep re-checking TWO_BYTE_ENCODE in the loop body. The check
should be made at the top of the function, and EFI_UNSUPPORTED
should be returned at once, if appropriate.
(2) If the hash algorithm selected by Index has such a large OID that
the OID comparison cannot even be performed (because AuthDataSize
is not large enough for containing the OID in question, starting
at offset 32), then the function returns EFI_UNSUPPORTED at once.
This is bogus; this case should simply be treated as an OID
mismatch, and the loop should advance to the next Index value /
hash algorithm candidate. A remaining hash algo may have a shorter
OID and yield an OID match.
Signed-off-by: Doug Flick <[email protected]>
SecurityPkg: Improving SecureBootConfigImpl:HashPeImageByType () logic
Namely:
(1) The TWO_BYTE_ENCODE check is independent of Index. If it evalutes
to TRUE for Index==0, then it will evaluate to TRUE for all other
Index values as well. As a result, the (Index == HASHALG_MAX)
condition will fire after the loop, and we'll return
EFI_UNSUPPORTED.
While this is correct, functionally speaking, it is wasteful to
keep re-checking TWO_BYTE_ENCODE in the loop body. The check
should be made at the top of the function, and EFI_UNSUPPORTED
should be returned at once, if appropriate.
(2) If the hash algorithm selected by Index has such a large OID that
the OID comparison cannot even be performed (because AuthDataSize
is not large enough for containing the OID in question, starting
at offset 32), then the function returns EFI_UNSUPPORTED at once.
This is bogus; this case should simply be treated as an OID
mismatch, and the loop should advance to the next Index value /
hash algorithm candidate. A remaining hash algo may have a shorter
OID and yield an OID match.
Signed-off-by: Doug Flick <[email protected]>
MdePkg/MockFdtLib: add FdtLib mock functions Add FdtDelNode() and FdtGetPath() mock functions. References: tianocore/edk2#11580 Signed-off-by: Bob Morgan <[email protected]>
MdePkg/MockFdtLib: add FdtLib mock functions Add FdtDelNode() and FdtGetPath() mock functions. References: tianocore/edk2#11580 Signed-off-by: Bob Morgan <[email protected]>
DynamicTablesPkg: Add multiple resource node locators Support for all resource node locator types Signed-off-by: Swatisri Kantamsetti <[email protected]> Tested-by: Jake Garver <[email protected]> Reviewed-by: Jake Garver <[email protected]>
DynamicTablesPkg: Add multiple resource node locators Support for all resource node locator types Signed-off-by: Swatisri Kantamsetti <[email protected]> Tested-by: Jake Garver <[email protected]> Reviewed-by: Jake Garver <[email protected]>
PreviousNext