Skip to content

v2.0.2

Choose a tag to compare

View all tags
@github-actions github-actions released this 15 Nov 21:30
· 1432 commits to refs/heads/main since this release
v2.0.2
3d64fec

What's Changed

  • Update uefi-core dependencies to v2.0.0, increase uefi-dxe-core version to v2.0.2 @kouchekiniad (#166)
    Change Details
      ## Description

    Updates uefi-core dependencies to version v2.0.0, and updates the version of uefi-dxe-core to v2.0.2.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    Booted to Windows using uefi-dxe-core.

    Integration Instructions

    N/A



  • Update Empty Linked List Initialization to Match Mu Basecore Definition @kouchekiniad (#157)
    Change Details
      ## Description

    Updated empty linked list initialization in runtime.rs to match Mu's definition of an empty linked list where the forward and backward links both point to the list head. A list head with a forward and backward link set to null is an invalid list per https://github.com/microsoft/mu_basecore/blob/dev/202405/MdePkg/Library/BaseLib/LinkedList.c#L75-L76.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    Booted to Windows on private branches with this change.

    Integration Instructions

    N/A

      </blockquote>
  <hr>
</details>

🐛 Bug Fixes

  • Fix polarity inversion on boot\_policy logic in load\_image implementation @joschock (#160)
    Change Details
      ## Description

    Bugfix: boot_policy conditional logic was inverted from correct behavior.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    This impacts the loading of PCI Option ROMs. Confirmed proper loading of ROMs with this change.

    Integration Instructions

    N/A

      </blockquote>
  <hr>
</details>
  • fv.rs: Fix FV Protocol ReadFile() behavior @makubacki (#158)
    Change Details
      ## Description

    The EFI_FIRMWARE_VOLUME2_PROTOCOL.ReadFile() definition in the PI Specification states:

    "Pointer to a pointer to a buffer in which the file contents are returned, not including the file header. See 'Description' below for more details on the use of the Buffer parameter."

    However, the implementation currently returns the header followed by the contents, in turn also returning the header + content size instead of just the file content size.

    This change updates read_file() to match the PI Specification described behavior and match the C code behavior.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    • Dumped file buffer read using Fv2Protocol.ReadFile() on a physical machine.

    Integration Instructions

    N/A



🔐 Security Impacting

  • Add support for Security Architectural Protocols [Rebase \& FF] @joschock (#155)
    Change Details
      ## Description

    Implements support for the Security Architectural Protocols in the core as specified in the UEFI Platform Initialization Spec

    Key changes:

    • improvements/extensions to device path library to support security calls.

    • add support for multiple FV image sections within a single FFS file

    • Add security calls for checking FVs

    • Add security calls for loading images

    • Add security calls for connecting controllers

    • Add DxeServices->Trust() routine

    • Updated Theory of Operations documentation accordingly.

    • Impacts functionality?

    • Impacts security?

    • Breaking change?

    • Includes tests?

    • Includes documentation?

    How This Was Tested

    Added rust unit tests for FV and image checks. driver_services (connect_controller) and dxe_services (trust()) modules do not yet have testing in place, so did not extend.

    Verified via direct instrumentation in QEMU Q35 that Security Stub handlers for Security and Security2 protocols are called by the core at appropriate times.

    Verified via testing on QEMU Q35 with UEFI secure boot enabled that Security2 Architecture calls hit the DxeImageVerificationLib and successfully prevent an unsigned image from being loaded.

    Integration Instructions

    N/A

      </blockquote>
  <hr>
</details>

📖 Documentation Updates

  • Add Dispatcher TOPs documentation @joschock (#137)
    Change Details
      ## Description

    Add Dispatcher TOPs documentation

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    MdBook renders as expected.

    Integration Instructions

    N/A

      </blockquote>
  <hr>
</details>

Full Changelog: v2.0.0...v2.0.2

Contributors

makubacki, joschock, and kouchekiniad
Assets 2
Loading