-
Notifications
You must be signed in to change notification settings - Fork 144
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CryptoPkg: Fix the pkcs7 get cert fuzz #484
Draft
Wenxing-hou
wants to merge
321
commits into
tianocore:OpenSSL11_EOL
Choose a base branch
from
Wenxing-hou:fix_pkcs7_fuzz
base: OpenSSL11_EOL
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Draft
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Replace the OVMF-specific SataControllerDxe (to be later removed) with the generic, MdeModulePkg one, for the Bhyve platform. Signed-off-by: Pedro Falcato <pedro.falcato@gmail.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Ard Biesheuvel <ardb@kernel.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Acked-by: Peter Grehan <grehan@freebsd.org> Acked-by: Corvin Köhne <corvink@FreeBSD.org>
Replace the OVMF-specific SataControllerDxe (to be later removed) with the generic, MdeModulePkg one, for the CloudHv platform. Signed-off-by: Pedro Falcato <pedro.falcato@gmail.com> Acked-by: Ard Biesheuvel <ardb@kernel.org> Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Replace the OVMF-specific SataControllerDxe (to be later removed) with the generic, MdeModulePkg one, for the IntelTdx platform. Signed-off-by: Pedro Falcato <pedro.falcato@gmail.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Ard Biesheuvel <ardb@kernel.org>
Replace the OVMF-specific SataControllerDxe (to be later removed) with the generic, MdeModulePkg one, for the AmdSev platform. Signed-off-by: Pedro Falcato <pedro.falcato@gmail.com> Acked-by: Ard Biesheuvel <ardb@kernel.org> Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Replace the OVMF-specific SataControllerDxe (to be later removed) with the generic, MdeModulePkg one, for the OvmfXen platform. Signed-off-by: Pedro Falcato <pedro.falcato@gmail.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Ard Biesheuvel <ardb@kernel.org> Acked-by: Anthony PERARD <anthony.perard@citrix.com>
Now that OvmfPkg/SataControllerDxe and its MdeModulePkg counterpart have been unified, and no in-tree uses of the OVMF variant remain, let's delete it. Tested-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Pedro Falcato <pedro.falcato@gmail.com> Acked-by: Ard Biesheuvel <ardb@kernel.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
…view. As per the SMBIOS spec, in smbios type0 table, if the Bios size is greater than 16MB, extended bios size is used to update size information and bios size is set to 0xff. when this data is printed by smbiosview, both bios size and extended bios size is printed if the smbios version is beyond 3.1, which is incorrect as Bios size is set to 0xff when rom size is more than 16MB. To fix this bug, added a condition to print bios size only when it is not set to 0xff or if the smbios version is older than 3.1. Signed-off-by: Thejaswani Putta <tputta@nvidia.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Zhichao Gao <zhichao.gao@intel.com> Reviewed-by: Zhichao Gao <zhichao.gao@intel.com>
In case ShellConvertStringToUint64() fails the Handles are left uninitialized. That can for example happen for Handle2 and Handle3 in case only one parameter was specified on the command line. Which can trigger the ASSERT() in line 185. Reproducer: boot ovmf to efi shell in qemu, using q35 machine type, then try disconnect the sata controller in efi shell. Fix that by explicitly setting them to NULL in that case. While being at it also simplify the logic and avoid pointlessly calling ShellConvertStringToUint64() in case ParamN is NULL. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Zhichao Gao <zhichao.gao@intel.com>
Uncrustify checks are too rigid, making them counter-productive: - it leads to code that is arguably harder to parse visually (e.g., the changes to ArmPkg/Include/Chipset/AArch64Mmu.h in commit 429309e) - it forces indentation-only changes to code in the vicinity of actual changes, making the code history more bloated than necessary (see commit 7f19832 for an example) - finding out from the web UI what exactly Uncrustify objected to is not straight-forward. So let's enable AuditMode for ArmPkg, so that interested parties can see the uncrustify recommendations if desired, but without preventing the changes from being merged. This leaves it at the discretion of the ArmPkg maintainers to decide which level of conformance is required. Cc: Leif Lindholm <quic_llindhol@quicinc.com> Cc: "Kinney, Michael D" <michael.d.kinney@intel.com> Cc: Michael Kubacki <mikuback@linux.microsoft.com> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Reviewed-by: Leif Lindholm <quic_llindhol@quicinc.com>
They are useful for those platforms where SMC SiP calls exist. Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org> Reviewed-by: Leif Lindholm <quic_llindhol@quicinc.com>
The RISC-V version of the DXE IPL does not implement setting the stack NX, so before switching to an implementation that will ASSERT() on the missing support, drop the PCD setting that enables it. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Reviewed-by: Sunil V L <sunilvl@ventanamicro.com>
Edk2 was failing, rather than creating more PML4 entries, when they weren't present in the initial memory acceptance flow. Because of that VMs with more than 512G memory were crashing. This code fixes that. This change affects only SEV-SNP VMs. The code was tested by successfully booting a 512G SEV-SNP VM. Signed-off-by: Mikolaj Lisik <lisik@google.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Tom Lendacky <thomas.lendacky@amd.com>
Xen and bhyve are placing ACPI tables into system memory. So, they can share the same code. Therefore, create a new library which searches and installs ACPI tables from system memory. Signed-off-by: Corvin Köhne <corvink@FreeBSD.org> Reviewed-by: Anthony PERARD <anthony.perard@citrix.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com>
This makes the function reuseable by bhyve. Signed-off-by: Corvin Köhne <corvink@FreeBSD.org> Reviewed-by: Anthony PERARD <anthony.perard@citrix.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com>
It's much easier to create configuration dependent ACPI tables for bhyve than for OVMF. For this reason, don't use the statically created ACPI tables provided by OVMF. Instead, prefer the dynamically created ACPI tables of bhyve. If bhyve provides no ACPI tables or we are unable to detect those, fall back to OVMF tables. Ideally, we use the qemu fwcfg interface to pass the ACPI tables from bhyve to OVMF. bhyve will support this in the future. However, current bhyve executables don't support passing ACPI tables by the qemu fwcfg interface. They just copy the ACPI into main memory. For that reason, pick up the ACPI tables from main memory. Signed-off-by: Corvin Köhne <corvink@FreeBSD.org> Reviewed-by: Rebecca Cran <rebecca@bsdio.com> Acked-by: Peter Grehan <grehan@freebsd.org> Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Currently, CharEncodingCheckPlugin prints a message for every file that passes the test, which for some platforms can cause most of the CI build log to be filled with this print. It does not add any value, so this patch removes the noisy print and only prints if the encoding check fails. Cc: Sean Brogan <sean.brogan@microsoft.com> Cc: Michael Kubacki <mikuback@linux.microsoft.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Liming Gao <gaoliming@byosoft.com.cn> Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Michael Kubacki <michael.kubacki@microsoft.com> Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4474 ACPI_Spec_6_5_Aug29 Table 5.19 page 128 that MADT Revision field is 6. Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Liming Gao <gaoliming@byosoft.com.cn> Cc: Zhiguang Liu <zhiguang.liu@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Aryeh Chen <aryeh.chen@intel.com> Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn> Tested-by: Aryeh Chen <aryeh.chen@intel.com>
Implement the SpeculationBarrier with implementations consisting of fence instruction which provides finer-grain memory orderings. Perform Data Barrier in RiscV: fence rw,rw Perform Instruction Barrier in RiscV: fence.i; fence r,r More detail is in Appendix A: RVWMO Explanatory Material in https://github.com/riscv/riscv-isa-manual This API is first introduced in the below commits for IA32 and x64 tianocore/edk2@d9f1cac tianocore/edk2@e83d841 and below the commit for ARM and AArch64 implementation tianocore/edk2@c0959b4 This commit is to add the RiscV64 implementation which will be used by variable service under Variable/RuntimeDxe Cc: Andrei Warkentin <andrei.warkentin@intel.com> Cc: Evan Chai <evan.chai@intel.com> Cc: Sunil V L <sunilvl@ventanamicro.com> Cc: Tuan Phan <tphan@ventanamicro.com> Signed-off-by: Yong Li <yong.li@intel.com> Reviewed-by: Sunil V L <sunilvl@ventanamicro.com>
If there is no port multiplier, PortMultiplierPort should be converted to 0 to follow AHCI spec. The same logic already applied in AtaAtapiPassThruDxe driver. Signed-off-by: Neo Hsueh <Hong-Chih.Hsueh@amd.com> Acked-by: Abner Chang <abner.chang@amd.com> Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
RedfishClientPkg is moved from edk2-staging repository to edk2-redfish-client repository. Update the link in Readme.md to new location. Signed-off-by: Nickle Wang <nicklew@nvidia.com> Cc: Abner Chang <abner.chang@amd.com> Cc: Igor Kulchytskyy <igork@ami.com> Reviewed-by: Abner Chang <abner.chang@amd.com>
Supreeth is no longer supreeth.venkatesh@arm.com. Therefore, remove the reviewer entry from StandaloneMmPkg. Signed-off-by: Sami Mujawar <sami.mujawar@arm.com>
Add Ray, remove Jiewen. Signed-off-by: Ray Ni <ray.ni@intel.com> Reviewed-by: Sami Mujawar <sami.mujawar@arm.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Currently, have two command for pre-build binary support 1. --BuildEntryOnly: build UPL Entry file 2. --PreBuildUplBinary: build UPL binary based on UPL And these two commands should be exclusived, shouldn't have chance run it in the meantime. Case1: Build UPL entry with CLANGDWARF python UefiPayloadPkg/UniversalPayloadBuild.py --BuildEntryOnly Case2: Use pre-built UPL entry and build other fv by VS2019 python UefiPayloadPkg/UniversalPayloadBuild.py -t VS2019 \ --PreBuildUplBinary UniversalPayload.elf Case3: Build UPL Entry with CLANGDWARF and build other fv by VS2019 python UefiPayloadPkg/UniversalPayloadBuild.py -t VS2019 Cc: Guo Dong <guo.dong@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Sean Rhodes <sean@starlabs.systems> Cc: James Lu <james.lu@intel.com> Cc: Gua Guo <gua.guo@intel.com> Signed-off-by: Gua Guo <gua.guo@intel.com> Reviewed-by: James Lu <james.lu@intel.com>
The initial version of Smbios Specification 3.6.0 type 45 and type 46 support. Signed-off-by: Simon Wang <simowang@nvidia.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Zhichao Gao <zhichao.gao@intel.com> Reviewed-by: Zhichao Gao <zhichao.gao@intel.com>
This library supports a PeiServicesTablePointerLib implementation that allows code dependent upon PeiServicesTable to operate in an isolated execution environment such as within the context of a host-based unit test framework. The unit test should initialize the PeiServicesTable database with any required elements (e.g. PPIs, Hob etc.) prior to the services being invoked by code under test. It is strongly recommended to clean any global databases by using EFI_PEI_SERVICES.ResetSystem2 after every unit test so the tests execute in a predictable manner from a clean state. Cc: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Michael Kubacki <mikuback@linux.microsoft.com> Cc: Sean Brogan <sean.brogan@microsoft.com> Reviewed-by: Ray Ni <ray.ni@intel.com> Signed-off-by: Zhiguang Liu <zhiguang.liu@intel.com>
The Shell binaries are not generated anymore in each stable tag release. So, remove the section. Reviewed-by: Zhichao Gao <zhichao.gao@intel.com> Cc: Leif Lindholm <quic_llindhol@quicinc.com> Reviewed-by: Ard Biesheuvel <ardb+tianocore@kernel.org> Signed-off-by: Ray Ni <ray.ni@intel.com>
Signed-off-by: Ray Ni <ray.ni@intel.com> Cc: Guo Dong <guo.dong@intel.com> Cc: Sean Rhodes <sean@starlabs.systems> Cc: James Lu <james.lu@intel.com> Reviewed-by: Gua Guo <gua.guo@intel.com> Reviewed-by: Zhichao Gao <zhichao.gao@intel.com> Reviewed-by: Gua Guo <gua.guo@intel.com>
…ault REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4479 Add CAPSULE_SUPPORT to optionally select CapsuleLib instance, default value is FALSE. Cc: Ray Ni <ray.ni@intel.com> Cc: Sean Rhodes <sean@starlabs.systems> Reviewed-by: Gua Guo <gua.guo@intel.com> Reviewed-by: James Lu <james.lu@intel.com> Cc: Guo Dong <guo.dong@intel.com> Signed-off-by: MarsX Lin <marsx.lin@intel.com>
Fix incorrect code on AddSectionHeader32() and AddSectionHeader64() Cc: Guo Dong <guo.dong@intel.com> Cc: Sean Rhodes <sean@starlabs.systems> Cc: James Lu <james.lu@intel.com> Cc: Gua Guo <gua.guo@intel.com> Signed-off-by: BruceX Wang <brucex.wang@intel.com> Reviewed-by: Gua Guo <gua.guo@intel.com>
SbiSetTimer expects core tick value. Cc: Andrei Warkentin <andrei.warkentin@intel.com> Signed-off-by: Tuan Phan <tphan@ventanamicro.com> Reviewed-by: Sunil V L <sunilvl@ventanamicro.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Yi Li <yi1.li@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
In Pkcs7 spec RFC2315: The IMPLICIT [0] tag in the authenticatedAttributes field is not part of the Attributes value. The Attributes value’s tag is SET OF, and the DER encoding of the SET OF tag, rather than of the IMPLICIT [0] tag, is to be digested along with the length and contents octets of the Attributes value. And this operation is same with Openssl code ``` alen = ASN1_item_i2d((ASN1_VALUE *)sk, &abuf, ASN1_ITEM_rptr(PKCS7_ATTR_VERIFY)); ``` in PKCS7_signatureVerify API. Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Wenxing-hou
force-pushed
the
fix_pkcs7_fuzz
branch
from
March 19, 2024 06:43
bbb4d91
to
397fb1b
Compare
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Wenxing-hou
force-pushed
the
fix_pkcs7_fuzz
branch
from
March 19, 2024 09:23
397fb1b
to
98fab3d
Compare
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Wenxing-hou
force-pushed
the
fix_pkcs7_fuzz
branch
from
March 20, 2024 06:23
98fab3d
to
78994de
Compare
liyi77
reviewed
Mar 20, 2024
@@ -470,6 +470,10 @@ Pkcs7GetSignedData ( | |||
goto End; | |||
} | |||
|
|||
if (CertNum != 0) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
When parsing the certificate fails or verify ends, the cert pools are not released correctly.
This problem requires a more robust fix.
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Wenxing-hou
force-pushed
the
fix_pkcs7_fuzz
branch
from
March 20, 2024 08:04
78994de
to
707ab22
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.