Changeset 58466 for trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg – Oracle VirtualBox

trunk/src/VBox/Devices/EFI/Firmware

Property svn:mergeinfo changed
/vendor/edk2/current merged: 103769-103776

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Application/RngTest/RngTest.c

-              r58464
+              r58466
 Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 **/
+**/
 #include <Uefi.h>
 …
   as the real entry point for the application.
   @param[in] ImageHandle    The firmware allocated handle for the EFI image.
+  @param[in] ImageHandle    The firmware allocated handle for the EFI image.
   @param[in] SystemTable    A pointer to the EFI System Table.
   @retval EFI_SUCCESS       The entry point is executed successfully.
   @retval other             Some error occurs when executing this entry point.
 …
   PtrRngAlg = NULL;
   Rand      = NULL;
   Print (L"UEFI RNG Protocol Testing :\n");
   Print (L"----------------------------\n");
 …
   // Rng->GetInfo() interface test.
   //-----------------------------------------
   Print (L" -- Call RNG->GetInfo() interface : ");
   RngAlgListSize = 0;
 …
              PtrRngAlg->Data2, PtrRngAlg->Data3, PtrRngAlg->Data4[0], PtrRngAlg->Data4[1],
              PtrRngAlg->Data4[2], PtrRngAlg->Data4[3], PtrRngAlg->Data4[4],
              PtrRngAlg->Data4[5], PtrRngAlg->Data4[6], PtrRngAlg->Data4[7]);
+             PtrRngAlg->Data4[5], PtrRngAlg->Data4[6], PtrRngAlg->Data4[7]);
+  }
 …
     goto Exit;
+  }
   //
   // RNG with default algorithm
 …
     Print (L"[Pass]");
+  }
   //
   // RNG with SP800-90-HMAC-256
 …
   Print (L"\n -- Exit UEFI RNG Protocol Test (Status = %r).\n", Status);
 Exit:
   if (Rand != NULL) {

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Application/RngTest/RngTest.inf

-              r58464
+              r58466
 ## @file
 #  UEFI RNG (Random Number Generator) Protocol test application.
+#
 #  This application can print out the supported RNG algorithm in UEFI RNG Protocol.
 #  And then it will do a generation test on the supported RNG algorithm.
+#
+#  This application can print out the supported RNG algorithm in UEFI RNG Protocol.
+#  And then it will do a generation test on the supported RNG algorithm.
+#
 #  Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
 …
   gEfiRngAlgorithmX931AesGuid           ## SOMETIMES_CONSUMES    ## GUID        # Unique ID of the algorithm for RNG
   gEfiRngAlgorithmRaw                   ## SOMETIMES_CONSUMES    ## GUID        # Unique ID of the algorithm for RNG
   [UserExtensions.TianoCore."ExtraFiles"]
   RngTestExtra.uni

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Application/VariableInfo/VariableInfo.c

-              r48674
+              r58466
 /** @file
   If the Variable services have PcdVariableCollectStatistics set to TRUE then
   this utility will print out the statistics information. You can use console
+  If the Variable services have PcdVariableCollectStatistics set to TRUE then
+  this utility will print out the statistics information. You can use console
   redirection to capture the data.
 Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
 /**
   This function get the variable statistics data from SMM variable driver.
+  This function get the variable statistics data from SMM variable driver.
   @param[in, out] SmmCommunicateHeader In input, a pointer to a collection of data that will
                                        be passed into an SMM environment. In output, a pointer
+                                       be passed into an SMM environment. In output, a pointer
                                        to a collection of data that comes from an SMM environment.
   @param[in, out] SmmCommunicateSize   The size of the SmmCommunicateHeader.
   @retval EFI_SUCCESS               Get the statistics data information.
   @retval EFI_NOT_FOUND             Not found.
 …
   SmmVariableFunctionHeader = (SMM_VARIABLE_COMMUNICATE_HEADER *) &SmmCommunicateHeader->Data[0];
   SmmVariableFunctionHeader->Function = SMM_VARIABLE_FUNCTION_GET_STATISTICS;
   Status = mSmmCommunication->Communicate (mSmmCommunication, SmmCommunicateHeader, SmmCommunicateSize);
   ASSERT_EFI_ERROR (Status);
   Status = SmmVariableFunctionHeader->ReturnStatus;
+  Status = SmmVariableFunctionHeader->ReturnStatus;
   return Status;
+}
 …
 /**
   This function get and print the variable statistics data from SMM variable driver.
+  This function get and print the variable statistics data from SMM variable driver.
   @retval EFI_SUCCESS               Print the statistics information successfully.
   @retval EFI_NOT_FOUND             Not found the statistics information.
 …
 EFI_STATUS
 PrintInfoFromSmm (
   VOID
+  VOID
+  )
+{
 …
   SMM_VARIABLE_COMMUNICATE_HEADER                *FunctionHeader;
   EFI_SMM_VARIABLE_PROTOCOL                      *Smmvariable;
   Status = gBS->LocateProtocol (&gEfiSmmVariableProtocolGuid, NULL, (VOID **) &Smmvariable);
 …
   if (EFI_ERROR (Status)) {
     return Status;
+  }
+  }
   CommSize  = SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE;
 …
   CommBuffer = AllocateZeroPool (CommSize);
   ASSERT (CommBuffer != NULL);
   Print (L"Non-Volatile SMM Variables:\n");
   do {
 …
+    }
     if (EFI_ERROR (Status) || (CommSize <= SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE)) {
+    if (EFI_ERROR (Status) || (CommSize <= SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE)) {
       break;
+    }
 …
     if (!VariableInfo->Volatile) {
       Print (
           L"%g R%03d(%03d) W%03d D%03d:%s\n",
           &VariableInfo->VendorGuid,
+          L"%g R%03d(%03d) W%03d D%03d:%s\n",
+          &VariableInfo->VendorGuid,
           VariableInfo->ReadCount,
           VariableInfo->CacheCount,
 …
+    }
   } while (TRUE);
   Print (L"Volatile SMM Variables:\n");
   ZeroMem (CommBuffer, CommSize);
 …
+    }
     if (EFI_ERROR (Status) || (CommSize <= SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE)) {
+    if (EFI_ERROR (Status) || (CommSize <= SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE)) {
       break;
+    }
 …
     if (VariableInfo->Volatile) {
       Print (
           L"%g R%03d(%03d) W%03d D%03d:%s\n",
           &VariableInfo->VendorGuid,
+          L"%g R%03d(%03d) W%03d D%03d:%s\n",
+          &VariableInfo->VendorGuid,
           VariableInfo->ReadCount,
           VariableInfo->CacheCount,
 …
   } while (TRUE);
   FreePool (CommBuffer);
+  FreePool (CommBuffer);
   return Status;
+}
 …
 /**
   The user Entry Point for Application. The user code starts with this function
   as the real entry point for the image goes into a library that calls this
+  as the real entry point for the image goes into a library that calls this
   function.
   @param[in] ImageHandle    The firmware allocated handle for the EFI image.
+  @param[in] ImageHandle    The firmware allocated handle for the EFI image.
   @param[in] SystemTable    A pointer to the EFI System Table.
   @retval EFI_SUCCESS       The entry point is executed successfully.
   @retval other             Some error occurs when executing this entry point.
 …
       return Status;
+    }
+  }
+  }
   if (!EFI_ERROR (Status) && (Entry != NULL)) {
 …
       if (!VariableInfo->Volatile) {
         Print (
           L"%g R%03d(%03d) W%03d D%03d:%s\n",
           &VariableInfo->VendorGuid,
+          L"%g R%03d(%03d) W%03d D%03d:%s\n",
+          &VariableInfo->VendorGuid,
           VariableInfo->ReadCount,
           VariableInfo->CacheCount,
 …
       if (VariableInfo->Volatile) {
         Print (
           L"%g R%03d(%03d) W%03d D%03d:%s\n",
           &VariableInfo->VendorGuid,
+          L"%g R%03d(%03d) W%03d D%03d:%s\n",
+          &VariableInfo->VendorGuid,
           VariableInfo->ReadCount,
           VariableInfo->CacheCount,

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Application/VariableInfo/VariableInfo.inf

-              r58459
+              r58466
 [Protocols]
   gEfiSmmCommunicationProtocolGuid     ## SOMETIMES_CONSUMES
     ## UNDEFINED           # Used to do smm communication
     ## SOMETIMES_CONSUMES
   gEfiSmmVariableProtocolGuid
+    ## SOMETIMES_CONSUMES
+  gEfiSmmVariableProtocolGuid
 [Guids]
   gEfiAuthenticatedVariableGuid        ## SOMETIMES_CONSUMES    ## SystemTable

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/AuthenticatedVariableFormat.h

-              r58459
+              r58466
 /** @file
   The variable data structures are related to EDKII-specific
+  The variable data structures are related to EDKII-specific
   implementation of UEFI authenticated variables.
   AuthenticatedVariableFormat.h defines variable data headers
+  AuthenticatedVariableFormat.h defines variable data headers
   and variable storage region headers.
 Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   EFI_GUID  Signature;
   ///
   /// Size of entire variable store,
+  /// Size of entire variable store,
   /// including size of variable store header but not including the size of FvHeader.
   ///
 …
   UINT64      MonotonicCount;
   ///
   /// Associated TimeStamp value against replay attack.
+  /// Associated TimeStamp value against replay attack.
   ///
   EFI_TIME    TimeStamp;
 …
 /// This structure contains the variable list that is put in EFI system table.
 /// The variable driver collects all variables that were used at boot service time and produces this list.
 /// This is an optional feature to dump all used variables in shell environment.
+/// This is an optional feature to dump all used variables in shell environment.
 ///
 struct _VARIABLE_INFO_ENTRY {
   VARIABLE_INFO_ENTRY *Next;       ///< Pointer to next entry.
   EFI_GUID            VendorGuid;  ///< Guid of Variable.
   CHAR16              *Name;       ///< Name of Variable.
+  CHAR16              *Name;       ///< Name of Variable.
   UINT32              Attributes;  ///< Attributes of variable defined in UEFI spec.
   UINT32              ReadCount;   ///< Number of times to read this variable.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/MeasuredFvHob.h

-              r58464
+              r58466
 /** @file
   Defines the HOB GUID used to pass all PEI measured FV info to
+  Defines the HOB GUID used to pass all PEI measured FV info to
   DXE Driver.
 Copyright (c) 2012, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/PhysicalPresenceData.h

-              r58459
+              r58466
   Define the variable data structures used for TCG physical presence.
   The TPM request from firmware or OS is saved to variable. And it is
   cleared after it is processed in the next boot cycle. The TPM response
+  cleared after it is processed in the next boot cycle. The TPM response
   is saved to variable.
 Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
 #define PHYSICAL_PRESENCE_DISABLE                                 2
 #define PHYSICAL_PRESENCE_ACTIVATE                                3
 #define PHYSICAL_PRESENCE_DEACTIVATE                              4
+#define PHYSICAL_PRESENCE_DEACTIVATE                              4
 #define PHYSICAL_PRESENCE_CLEAR                                   5
 #define PHYSICAL_PRESENCE_ENABLE_ACTIVATE                         6
 …
 //
 // This variable is used to save TPM Management Flags and corresponding operations.
 // It should be protected from malicious software (e.g. Set it as read-only variable).
+// It should be protected from malicious software (e.g. Set it as read-only variable).
 //
 #define PHYSICAL_PRESENCE_FLAGS_VARIABLE  L"PhysicalPresenceFlags"

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/PwdCredentialProviderHii.h

-              r48674
+              r58466
 Copyright (c) 2011, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/SecureBootConfigHii.h

-              r48674
+              r58466
 /** @file
   GUIDs used as HII FormSet and HII Package list GUID in SecureBootConfigDxe driver.
+  GUIDs used as HII FormSet and HII Package list GUID in SecureBootConfigDxe driver.
 Copyright (c) 2011, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials are licensed and made available under
 the terms and conditions of the BSD License that accompanies this distribution.
+This program and the accompanying materials are licensed and made available under
+the terms and conditions of the BSD License that accompanies this distribution.
 The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php.
+http://opensource.org/licenses/bsd-license.php.
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/SecurityPkgTokenSpace.h

-              r48674
+              r58466
 Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/TcgConfigHii.h

-              r48674
+              r58466
 /** @file
   GUIDs used as HII FormSet and HII Package list GUID in TcgConfig driver.
+  GUIDs used as HII FormSet and HII Package list GUID in TcgConfig driver.
 Copyright (c) 2011, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials are licensed and made available under
 the terms and conditions of the BSD License that accompanies this distribution.
+This program and the accompanying materials are licensed and made available under
+the terms and conditions of the BSD License that accompanies this distribution.
 The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php.
+http://opensource.org/licenses/bsd-license.php.
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/TcgEventHob.h

-              r58459
+              r58466
 /** @file
   Defines the HOB GUID used to pass a TCG_PCR_EVENT from a TPM PEIM to
   a TPM DXE Driver. A GUIDed HOB is generated for each measurement
+  Defines the HOB GUID used to pass a TCG_PCR_EVENT from a TPM PEIM to
+  a TPM DXE Driver. A GUIDed HOB is generated for each measurement
   made in the PEI Phase.
 Copyright (c) 2007 - 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/TrEEConfigHii.h

-              r58464
+              r58466
 /** @file
   GUIDs used as HII FormSet and HII Package list GUID in TrEEConfig driver.
+  GUIDs used as HII FormSet and HII Package list GUID in TrEEConfig driver.
 Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials are licensed and made available under
 the terms and conditions of the BSD License that accompanies this distribution.
+This program and the accompanying materials are licensed and made available under
+the terms and conditions of the BSD License that accompanies this distribution.
 The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php.
+http://opensource.org/licenses/bsd-license.php.
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/TrEEPhysicalPresenceData.h

-              r58464
+              r58466
   Define the variable data structures used for TrEE physical presence.
   The TPM2 request from firmware or OS is saved to variable. And it is
   cleared after it is processed in the next boot cycle. The TPM2 response
+  cleared after it is processed in the next boot cycle. The TPM2 response
   is saved to variable.
 …
 //
 // This variable is used to save TPM Management Flags and corresponding operations.
 // It should be protected from malicious software (e.g. Set it as read-only variable).
+// It should be protected from malicious software (e.g. Set it as read-only variable).
 //
 #define TREE_PHYSICAL_PRESENCE_FLAGS_VARIABLE  L"TrEEPhysicalPresenceFlags"

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/UsbCredentialProviderHii.h

-              r48674
+              r58466
 Copyright (c) 2011, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/UserIdentifyManagerHii.h

-              r48674
+              r58466
 Copyright (c) 2011, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/UserProfileManagerHii.h

-              r48674
+              r58466
 Copyright (c) 2011, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/PlatformSecureLib.h

-              r48674
+              r58466
 Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   This function provides a platform-specific method to detect whether the platform
   is operating by a physically present user.
+  is operating by a physically present user.
   Programmatic changing of platform security policy (such as disable Secure Boot,
 …
   NOTE THAT: This function cannot depend on any EFI Variable Service since they are
   not available when this function is called in AuthenticateVariable driver.
   @retval  TRUE       The platform is operated by a physically present user.
   @retval  FALSE      The platform is NOT operated by a physically present user.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/TcgPhysicalPresenceLib.h

-              r58459
+              r58466
 Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   Check and execute the pending TPM request and Lock TPM.
   The TPM request may come from OS or BIOS. This API will display request information and wait
+  The TPM request may come from OS or BIOS. This API will display request information and wait
   for user confirmation if TPM request exists. The TPM request will be sent to TPM device after
   the TPM request is confirmed, and one or more reset may be required to make TPM request to
+  the TPM request is confirmed, and one or more reset may be required to make TPM request to
   take effect. At last, it will lock TPM to prevent TPM state change by malware.
   This API should be invoked after console in and console out are all ready as they are required
   to display request information and get user input to confirm the request. This API should also
+  to display request information and get user input to confirm the request. This API should also
   be invoked as early as possible as TPM is locked in this function.
 **/
 VOID
 …
   The TPM request may come from OS. This API will check if TPM request exists and need user
   input to confirmation.
   @retval    TRUE        TPM needs input to confirm user physical presence.
   @retval    FALSE       TPM doesn't need input to confirm user physical presence.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/TcgPpVendorLib.h

-              r58464
+              r58466
   The Vendor Specific PPI operation may change TPM state, BIOS TPM management
   flags, and may need additional boot cycle.
   Caution: This function may receive untrusted input.
 Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   This API should be invoked in BIOS boot phase to process pending request.
   Caution: This function may receive untrusted input.
   If OperationRequest < 128, then ASSERT().
 …
   This API should be invoked in BIOS boot phase to process pending request.
   Caution: This function may receive untrusted input.
 …
   Caution: This function may receive untrusted input.
   If OperationRequest < 128, then ASSERT().
 …
   Caution: This function may receive untrusted input.
   If OperationRequest < 128, then ASSERT().

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/Tpm12CommandLib.h

-              r58464
+              r58466
 /**
   Send NV DefineSpace command to TPM1.2.
   @param PubInfo           The public parameters of the NV area.
   @param EncAuth           The encrypted AuthData, only valid if the attributes require subsequent authorization.
 …
 /**
   Send NV ReadValue command to TPM1.2.
   @param NvIndex           The index of the area to set.
   @param Offset            The offset into the area.
 …
 /**
   Send NV WriteValue command to TPM1.2.
   @param NvIndex           The index of the area to set.
   @param Offset            The offset into the NV Area.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/Tpm12DeviceLib.h

r58464	r58466
28	28	@retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received.
29	29	@retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device.
30		@retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
	30	@retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
31	31	**/
32	32	EFI_STATUS

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/Tpm2CommandLib.h

-              r58464
+              r58466
                                 An Event sequence starts if this is TPM_ALG_NULL.
   @param[out] SequenceHandle    A handle to reference the sequence
   @retval EFI_SUCCESS      Operation completed successfully.
   @retval EFI_DEVICE_ERROR Unexpected device behavior.
 …
   @param[in] SequenceHandle    Handle for the sequence object
   @param[in] Buffer            Data to be added to hash
   @retval EFI_SUCCESS      Operation completed successfully.
   @retval EFI_DEVICE_ERROR Unexpected device behavior.
 …
   @param[in]  Buffer            Data to be added to the Event
   @param[out] Results           List of digests computed for the PCR
   @retval EFI_SUCCESS      Operation completed successfully.
   @retval EFI_DEVICE_ERROR Unexpected device behavior.
 …
   @param[in]  Buffer            Data to be added to the hash/HMAC
   @param[out] Result            The returned HMAC or digest in a sized buffer
   @retval EFI_SUCCESS      Operation completed successfully.
   @retval EFI_DEVICE_ERROR Unexpected device behavior.
 …
   @param[in] AuthHandle        TPM_RH_LOCKOUT or TPM_RH_PLATFORM+{PP}
   @param[in] AuthSession       Auth Session context
   @retval EFI_SUCCESS      Operation completed successfully.
   @retval EFI_DEVICE_ERROR Unexpected device behavior.
 …
   @param[out] NvPublic           The public area of the index.
   @param[out] NvName             The Name of the nvIndex.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   @param[in]  Auth               The authorization data.
   @param[in]  NvPublic           The public area of the index.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   @param[in]  NvIndex            The NV Index.
   @param[in]  AuthSession        Auth Session context
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   @param[in]     Offset             Byte offset into the area.
   @param[in,out] OutData            The data read.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   @param[in]  InData             The data to write.
   @param[in]  Offset             The offset into the NV Area.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   @param[out] PcrSelectionOut    The PCR in the returned list.
   @param[out] PcrValues          The contents of the PCR indicated in pcrSelect.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   @param[out] SizeNeeded         number of octets required to satisfy the request
   @param[out] SizeAvailable      Number of octets available. Computed before the allocation
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   This command returns various information regarding the TPM and its current state.
   The capability parameter determines the category of data returned. The property parameter
   selects the first value of the selected category to be returned. If there is no property
+  The capability parameter determines the category of data returned. The property parameter
+  selects the first value of the selected category to be returned. If there is no property
   that corresponds to the value of property, the next higher value is returned, if it exists.
   The moreData parameter will have a value of YES if there are more values of the requested
+  The moreData parameter will have a value of YES if there are more values of the requested
   type that were not returned.
   If no next capability exists, the TPM will return a zero-length list and moreData will have
+  If no next capability exists, the TPM will return a zero-length list and moreData will have
   a value of NO.
   NOTE:
   To simplify this function, leave returned CapabilityData for caller to unpack since there are
+  NOTE:
+  To simplify this function, leave returned CapabilityData for caller to unpack since there are
   many capability categories and only few categories will be used in firmware. It means the caller
   need swap the byte order for the feilds in CapabilityData.
   @param[in]  Capability         Group selection; determines the format of the response.
   @param[in]  Property           Further definition of information.
+  @param[in]  Property           Further definition of information.
   @param[in]  PropertyCount      Number of properties of the indicated type to return.
   @param[out] MoreData           Flag to indicate if there are more values of this type.
   @param[out] CapabilityData     The capability data.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   @param[out] Family             The Family of TPM. (a 4-octet character string)
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   @param[out] ManufactureId      The manufacture ID of TPM.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   @param[out] FirmwareVersion1   The FirmwareVersion1.
   @param[out] FirmwareVersion2   The FirmwareVersion2.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   @param[out] MaxCommandSize     The maximum value for commandSize in a command.
   @param[out] MaxResponseSize    The maximum value for responseSize in a command.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
 /**
   This command returns Returns a list of TPMS_ALG_PROPERTIES. Each entry is an
   algorithm ID and a set of properties of the algorithm.
+  algorithm ID and a set of properties of the algorithm.
   This function parse the value got from TPM2_GetCapability and return the list.
   @param[out] AlgList      List of algorithm.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   @param[out] LockoutCounter     The LockoutCounter of TPM.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   @param[out] LockoutInterval    The LockoutInterval of TPM.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   @param[out] InputBufferSize    The InputBufferSize of TPM.
                                  the maximum size of a parameter (typically, a TPM2B_MAX_BUFFER)
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   @param[out] Pcrs    The Pcr Selection
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   @param[out] AlgorithmSet    The AlgorithmSet of TPM.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   @param[out] SessionHandle      Handle for the newly created session.
   @param[out] NonceTPM           The initial nonce from the TPM, used in the computation of the sessionKey.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   @param[in]  FlushHandle        The handle of the item to flush.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   The caller proves knowledge of the secret value using an authorization
   session using the authValue associated with authHandle.
   @param[in]  AuthHandle         Handle for an entity providing the authorization
   @param[in]  PolicySession      Handle for the policy session being extended.
 …
   @param[out] Timeout            Time value used to indicate to the TPM when the ticket expires.
   @param[out] PolicyTicket       A ticket that includes a value indicating when the authorization expires.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   @param[in] PolicySession      Handle for the policy session being extended.
   @param[in] HashList           the list of hashes to check for a match.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   @param[in]  PolicySession      Handle for the policy session being extended.
   @param[in]  Code               The allowed commandCode.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   @param[in]  PolicySession      Handle for the policy session.
   @param[out] PolicyHash         the current value of the policyHash of policySession.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/Tpm2DeviceLib.h

-              r58464
+              r58466
   @retval EFI_SUCCESS            The command byte stream was successfully sent to the device and a response was successfully received.
   @retval EFI_DEVICE_ERROR       The command was not successfully sent to the device or a response was not successfully received from the device.
   @retval EFI_BUFFER_TOO_SMALL   The output parameter block is too small.
+  @retval EFI_BUFFER_TOO_SMALL   The output parameter block is too small.
 **/
 EFI_STATUS
 …
   @retval EFI_SUCCESS            The command byte stream was successfully sent to the device and a response was successfully received.
   @retval EFI_DEVICE_ERROR       The command was not successfully sent to the device or a response was not successfully received from the device.
   @retval EFI_BUFFER_TOO_SMALL   The output parameter block is too small.
+  @retval EFI_BUFFER_TOO_SMALL   The output parameter block is too small.
 **/
 typedef

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/TpmCommLib.h

-              r58459
+              r58466
 Copyright (c) 2005 - 2012, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
 ///
 /// When this bit is 1, TPM is in the Ready state,
+/// When this bit is 1, TPM is in the Ready state,
 /// indicating it is ready to receive a new command.
 ///
 …
 TisPcWaitRegisterBits (
   IN UINT8   *Register,
   IN UINT8   BitSet,
   IN UINT8   BitClear,
   IN UINT32  TimeOut
   );
 /**
   Get BurstCount by reading the burstCount field of a TIS regiger
+  IN UINT8   BitSet,
+  IN UINT8   BitClear,
+  IN UINT32  TimeOut
+  );
+/**
+  Get BurstCount by reading the burstCount field of a TIS regiger
   in the time of default TIS_TIMEOUT_D.
 …
 /**
   Set TPM chip to ready state by sending ready command TIS_PC_STS_READY
+  Set TPM chip to ready state by sending ready command TIS_PC_STS_READY
   to Status Register in time.
 …
 /**
   Get the control of TPM chip by sending requestUse command TIS_PC_ACC_RQUUSE
+  Get the control of TPM chip by sending requestUse command TIS_PC_ACC_RQUUSE
   to ACCESS Register in the time of default TIS_TIMEOUT_D.
 …
   @param[in]  DataLen       Size of the raw data.
   @param[out] Digest        Pointer to a buffer that stores the final digest.
   @retval     EFI_SUCCESS   Always successfully calculate the final digest.
 **/

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/TpmMeasurementLib.h

r58464	r58466
32	32	**/
33	33	EFI_STATUS
34		EFIAPI
	34	EFIAPI
35	35	TpmMeasureAndLogData (
36	36	IN UINT32 PcrIndex,

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/TrEEPhysicalPresenceLib.h

-              r58464
+              r58466
 Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   Check and execute the pending TPM request.
   The TPM request may come from OS or BIOS. This API will display request information and wait
+  The TPM request may come from OS or BIOS. This API will display request information and wait
   for user confirmation if TPM request exists. The TPM request will be sent to TPM device after
   the TPM request is confirmed, and one or more reset may be required to make TPM request to
+  the TPM request is confirmed, and one or more reset may be required to make TPM request to
   take effect.
   This API should be invoked after console in and console out are all ready as they are required
   to display request information and get user input to confirm the request.
+  to display request information and get user input to confirm the request.
   @param  PlatformAuth                   platform auth value. NULL means no platform auth change.
 …
   The TPM request may come from OS. This API will check if TPM request exists and need user
   input to confirmation.
   @retval    TRUE        TPM needs input to confirm user physical presence.
   @retval    FALSE       TPM doesn't need input to confirm user physical presence.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/TrEEPpVendorLib.h

-              r58464
+              r58466
   The Vendor Specific PPI operation may change TPM state, BIOS TPM management
   flags, and may need additional boot cycle.
   Caution: This function may receive untrusted input.
 Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   This API should be invoked in BIOS boot phase to process pending request.
   Caution: This function may receive untrusted input.
   If OperationRequest < 128, then ASSERT().
 …
   This API should be invoked in BIOS boot phase to process pending request.
   Caution: This function may receive untrusted input.
 …
   Caution: This function may receive untrusted input.
   If OperationRequest < 128, then ASSERT().
 …
   Caution: This function may receive untrusted input.
   If OperationRequest < 128, then ASSERT().

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Ppi/FirmwareVolumeInfoMeasurementExcluded.h

-              r58464
+              r58466
 Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Ppi/LockPhysicalPresence.h

-              r48674
+              r58466
 /** @file
   This file defines the lock physical Presence PPI. This PPI is
   produced by a platform specific PEIM and consumed by the TPM
+  This file defines the lock physical Presence PPI. This PPI is
+  produced by a platform specific PEIM and consumed by the TPM
   PEIM.
 Copyright (c) 2011, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
 ///
 /// Global ID for the PEI_LOCK_PHYSICAL_PRESENCE_PPI_GUID.
+/// Global ID for the PEI_LOCK_PHYSICAL_PRESENCE_PPI_GUID.
 ///
 #define PEI_LOCK_PHYSICAL_PRESENCE_PPI_GUID  \
 …
 ///
 /// This service abstracts TPM physical presence lock interface. It is necessary for
 /// safety to convey this information to the TPM driver so that TPM physical presence
 /// can be locked as early as possible. This PPI is produced by a platform specific
+/// This service abstracts TPM physical presence lock interface. It is necessary for
+/// safety to convey this information to the TPM driver so that TPM physical presence
+/// can be locked as early as possible. This PPI is produced by a platform specific
 /// PEIM and consumed by the TPM PEIM.
 ///

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Ppi/TpmInitialized.h

-              r58459
+              r58466
   initialized.  PEIMs that must execute after TPM hardware initialization
   may use this GUID in their dependency expressions.
 Copyright (c) 2008 - 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
 ///
 /// Global ID for the PEI_TPM_INITIALIZED_PPI which always uses a NULL interface.
+/// Global ID for the PEI_TPM_INITIALIZED_PPI which always uses a NULL interface.
 ///
 #define PEI_TPM_INITIALIZED_PPI_GUID \
 …
 ///
 /// Global ID for the PEI_TPM_INITIALIZATION_DONE_PPI which always uses a NULL interface.
+/// Global ID for the PEI_TPM_INITIALIZATION_DONE_PPI which always uses a NULL interface.
 ///
 #define PEI_TPM_INITIALIZATION_DONE_PPI_GUID \

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/DxeDeferImageLoadLib/DxeDeferImageLoadLib.c

-              r58459
+              r58466
 Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   @param[in]    File    This is a pointer to the device path of the file
                         that is being dispatched.
   @return       UINT32  Image Type
+                        that is being dispatched.
+  @return       UINT32  Image Type
 **/
 …
+{
   EFI_STATUS                        Status;
   EFI_HANDLE                        DeviceHandle;
+  EFI_HANDLE                        DeviceHandle;
   EFI_DEVICE_PATH_PROTOCOL          *TempDevicePath;
   EFI_BLOCK_IO_PROTOCOL             *BlockIo;
 …
   //
   // File is not in a Firmware Volume or on a Block I/O device, so check to see if
+  // File is not in a Firmware Volume or on a Block I/O device, so check to see if
   // the device path supports the Simple File System Protocol.
   //
 …
   //
   // File is not from an FV, Block I/O or Simple File System, so the only options
   // left are a PCI Option ROM and a Load File Protocol such as a PXE Boot from a NIC.
+  // left are a PCI Option ROM and a Load File Protocol such as a PXE Boot from a NIC.
   //
   TempDevicePath = (EFI_DEVICE_PATH_PROTOCOL *)File;
   while (!IsDevicePathEndType (TempDevicePath)) {
     switch (DevicePathType (TempDevicePath)) {
     case MEDIA_DEVICE_PATH:
       if (DevicePathSubType (TempDevicePath) == MEDIA_RELATIVE_OFFSET_RANGE_DP) {
 …
       if (DevicePathSubType(TempDevicePath) == MSG_MAC_ADDR_DP) {
         return IMAGE_FROM_REMOVABLE_MEDIA;
+      }
+      }
       break;
 …
     TempDevicePath = NextDevicePathNode (TempDevicePath);
+  }
   return IMAGE_UNKNOWN;
+  return IMAGE_UNKNOWN;
+}
 …
     return EFI_NOT_FOUND;
+  }
   //
   // Get current user access information.
 …
       break;
+    }
     ASSERT (Info != NULL);
     if (Info->InfoType != EFI_USER_INFO_ACCESS_POLICY_RECORD) {
       continue;
+    }
     //
     // Get specified access information.
 …
+    }
+  }
   if (Info != NULL) {
     FreePool (Info);
 …
   Get file name from device path.
   The file name may contain one or more device path node. Save the file name in a
   buffer if file name is found. The caller is responsible to free the buffer.
+  The file name may contain one or more device path node. Save the file name in a
+  buffer if file name is found. The caller is responsible to free the buffer.
   @param[in]  DevicePath     A pointer to a device path.
   @param[out] FileName       The callee allocated buffer to save the file name if file name is found.
   @param[out] FileNameOffset The offset of file name in device path if file name is found.
   @retval     UINTN          The file name length. 0 means file name is not found.
 **/
 UINTN
+UINTN
 GetFileName (
   IN  CONST EFI_DEVICE_PATH_PROTOCOL          *DevicePath,
 …
     NodeStr = (CHAR8 *)TmpDevicePath + sizeof (EFI_DEVICE_PATH_PROTOCOL);
     NodeStrLength = DevicePathNodeLength (TmpDevicePath) - sizeof (EFI_DEVICE_PATH_PROTOCOL) - sizeof(CHAR16);
     if ((FirstNodeChar == '\\') && (LastNodeChar == '\\')) {
       //
 …
       //
       NodeStr += sizeof (CHAR16);
       NodeStrLength -= sizeof (CHAR16);
+      NodeStrLength -= sizeof (CHAR16);
     } else if ((FirstNodeChar != '\\') && (LastNodeChar != '\\')) {
       //
 …
       WriteUnaligned16 ((UINT16 *)(*FileName + Length), '\\');
       Length += sizeof (CHAR16);
+    }
+    }
     CopyMem (*FileName + Length, NodeStr, NodeStrLength);
     Length += NodeStrLength;
     LastNodeChar  = (CHAR16) ReadUnaligned16 ((UINT16 *) (NodeStr + NodeStrLength - sizeof(CHAR16)));
     TmpDevicePath = NextDevicePathNode (TmpDevicePath);
+  }
+  }
   return Length;
 …
   If DevicePath2 is identical with DevicePath1, or with DevicePath1's child device
   path, then TRUE returned. Otherwise, FALSE is returned.
   If DevicePath1 is NULL, then ASSERT().
   If DevicePath2 is NULL, then ASSERT().
 …
   @param[in]  DevicePath2   A pointer to a device path.
   @retval     TRUE          Two device paths are identical , or DevicePath2 is
+  @retval     TRUE          Two device paths are identical , or DevicePath2 is
                             DevicePath1's child device path.
   @retval     FALSE         Two device paths are not identical, and DevicePath2
+  @retval     FALSE         Two device paths are not identical, and DevicePath2
                             is not DevicePath1's child device path.
 …
     return FALSE;
+  }
   //
   // The file name may contain one or more device path node.
+  //
+  // The file name may contain one or more device path node.
   // To compare the file name, copy file name to a buffer and compare the buffer.
   //
 …
       goto Done;
+    }
     if (CompareMem (DevicePath1, DevicePath2, FileNameOffset1) != 0) {
+    if (CompareMem (DevicePath1, DevicePath2, FileNameOffset1) != 0) {
       DevicePathEqual = FALSE;
       goto Done;
 …
       goto Done;
+    }
     if (CompareMem (FileName1, FileName2, FileNameSize1) != 0) {
+    if (CompareMem (FileName1, FileName2, FileNameSize1) != 0) {
       DevicePathEqual = FALSE;
       goto Done;
 …
   if (CompareMem (DevicePath1, DevicePath2, DevicePathSize) != 0) {
     DevicePathEqual = FALSE;
+  }
 Done:
+  }
+Done:
   if (FileName1 != NULL) {
     FreePool (FileName1);
 …
 /**
   Check whether the image pointed to by DevicePath is in the device path list
   specified by AccessType.
+  Check whether the image pointed to by DevicePath is in the device path list
+  specified by AccessType.
   @param[in] DevicePath  Points to device path.
   @param[in] AccessType  The type of user access control.
   @retval    TURE        The DevicePath is in the specified List.
   @retval    FALSE       The DevicePath is not in the specified List.
 …
   EFI_USER_INFO_ACCESS_CONTROL          *Access;
   EFI_DEVICE_PATH_PROTOCOL              *Path;
   UINTN                                 OffSet;
+  UINTN                                 OffSet;
   Status = GetAccessControl (&Access, AccessType);
   if (EFI_ERROR (Status)) {
     return FALSE;
+  }
+  }
   OffSet = 0;
   while (OffSet < Access->Size - sizeof (EFI_USER_INFO_ACCESS_CONTROL)) {
     Path = (EFI_DEVICE_PATH_PROTOCOL*)((UINT8*)(Access + 1) + OffSet);
+    Path = (EFI_DEVICE_PATH_PROTOCOL*)((UINT8*)(Access + 1) + OffSet);
     if (CheckDevicePath (Path, DevicePath)) {
       //
 …
       FreePool (Access);
       return TRUE;
+    }
+    }
     OffSet += GetDevicePathSize (Path);
+  }
   FreePool (Access);
   return FALSE;
+}
 /**
   Check whether the image pointed to by DevicePath is permitted to load.
+  return FALSE;
+}
+/**
+  Check whether the image pointed to by DevicePath is permitted to load.
   @param[in] DevicePath  Points to device path
   @retval    TURE        The image pointed by DevicePath is permitted to load.
   @retval    FALSE       The image pointed by DevicePath is forbidden to load.
 …
   if (IsDevicePathInList (DevicePath, EFI_USER_INFO_ACCESS_PERMIT_LOAD)) {
     //
     // This access control overrides any restrictions put in place by the
+    // This access control overrides any restrictions put in place by the
     // EFI_USER_INFO_ACCESS_FORBID_LOAD record.
     //
     return TRUE;
+  }
   if (IsDevicePathInList (DevicePath, EFI_USER_INFO_ACCESS_FORBID_LOAD)) {
     //
 …
     return FALSE;
+  }
   return TRUE;
+}
 /**
   Check the image pointed by DevicePath is a boot option or not.
+  return TRUE;
+}
+/**
+  Check the image pointed by DevicePath is a boot option or not.
   @param[in] DevicePath  Points to device path.
   @retval    TURE        The image pointed by DevicePath is a boot option.
   @retval    FALSE       The image pointed by DevicePath is not a boot option.
 …
   UINT8                             *OptionPtr;
   EFI_DEVICE_PATH_PROTOCOL          *OptionDevicePath;
   //
   // Get BootOrder
   //
   BootOrderListSize = 0;
   BootOrderList     = NULL;
+  BootOrderList     = NULL;
   Status = gRT->GetVariable (
                   L"BootOrder",
                   &gEfiGlobalVariableGuid,
                   NULL,
                   &BootOrderListSize,
+                  L"BootOrder",
+                  &gEfiGlobalVariableGuid,
+                  NULL,
+                  &BootOrderListSize,
                   NULL
                   );
 …
     ASSERT (BootOrderList != NULL);
     Status = gRT->GetVariable (
                     L"BootOrder",
                     &gEfiGlobalVariableGuid,
                     NULL,
                     &BootOrderListSize,
+                    L"BootOrder",
+                    &gEfiGlobalVariableGuid,
+                    NULL,
+                    &BootOrderListSize,
                     BootOrderList
                     );
+  }
   if (EFI_ERROR (Status)) {
     //
 …
     // Check whether the image is forbidden.
     //
     OptionPtr = OptionBuffer;
     //
 …
     //
     OptionPtr += StrSize ((UINT16 *) OptionPtr);
     //
     // Now OptionPtr points to Device Path.
 …
   Add the image info to a deferred image list.
   @param[in]  ImageDevicePath  A pointer to the device path of a image.
   @param[in]  Image            Points to the first byte of the image, or NULL if the
+  @param[in]  ImageDevicePath  A pointer to the device path of a image.
+  @param[in]  Image            Points to the first byte of the image, or NULL if the
                                image is not available.
   @param[in]  ImageSize        The size of the image, or 0 if the image is not available.
 **/
 VOID
 …
     CurImageInfo = AllocatePool ((mDeferredImage.Count + 1) * sizeof (DEFERRED_IMAGE_INFO));
     ASSERT (CurImageInfo != NULL);
     CopyMem (
       CurImageInfo,
+      CurImageInfo,
       mDeferredImage.ImageInfo,
       mDeferredImage.Count * sizeof (DEFERRED_IMAGE_INFO)
 …
+  }
   mDeferredImage.Count++;
   //
   // Save the deferred image information.
 …
   Returns information about a deferred image.
   This function returns information about a single deferred image. The deferred images are
   numbered consecutively, starting with 0.  If there is no image which corresponds to
   ImageIndex, then EFI_NOT_FOUND is returned. All deferred images may be returned by
+  This function returns information about a single deferred image. The deferred images are
+  numbered consecutively, starting with 0.  If there is no image which corresponds to
+  ImageIndex, then EFI_NOT_FOUND is returned. All deferred images may be returned by
   iteratively calling this function until EFI_NOT_FOUND is returned.
   Image may be NULL and ImageSize set to 0 if the decision to defer execution was made
   because of the location of the executable image, rather than its actual contents.
+  Image may be NULL and ImageSize set to 0 if the decision to defer execution was made
+  because of the location of the executable image, rather than its actual contents.
   @param[in]  This             Points to this instance of the EFI_DEFERRED_IMAGE_LOAD_PROTOCOL.
   @param[in]  ImageIndex       Zero-based index of the deferred index.
   @param[out] ImageDevicePath  On return, points to a pointer to the device path of the image.
                                The device path should not be freed by the caller.
   @param[out] Image            On return, points to the first byte of the image or NULL if the
+  @param[out] ImageDevicePath  On return, points to a pointer to the device path of the image.
+                               The device path should not be freed by the caller.
+  @param[out] Image            On return, points to the first byte of the image or NULL if the
                                image is not available. The image should not be freed by the caller
                                unless LoadImage() has been successfully called.
+                               unless LoadImage() has been successfully called.
   @param[out] ImageSize        On return, the size of the image, or 0 if the image is not available.
   @param[out] BootOption       On return, points to TRUE if the image was intended as a boot option
                                or FALSE if it was not intended as a boot option.
+  @param[out] BootOption       On return, points to TRUE if the image was intended as a boot option
+                               or FALSE if it was not intended as a boot option.
   @retval EFI_SUCCESS           Image information returned successfully.
   @retval EFI_NOT_FOUND         ImageIndex does not refer to a valid image.
   @retval EFI_INVALID_PARAMETER ImageDevicePath is NULL or Image is NULL or ImageSize is NULL or
+  @retval EFI_INVALID_PARAMETER ImageDevicePath is NULL or Image is NULL or ImageSize is NULL or
                                 BootOption is NULL.
 **/
 EFI_STATUS
 …
     return EFI_INVALID_PARAMETER;
+  }
   if ((ImageDevicePath == NULL) || (BootOption == NULL)) {
     return EFI_INVALID_PARAMETER;
 …
     return EFI_NOT_FOUND;
+  }
   //
   // Get the request deferred image.
   //
+  //
   ReqImageInfo = &mDeferredImage.ImageInfo[ImageIndex];
   *ImageDevicePath = ReqImageInfo->ImageDevicePath;
   *Image           = ReqImageInfo->Image;
   *ImageSize       = ReqImageInfo->ImageSize;
   *BootOption      = ReqImageInfo->BootOption;
   return EFI_SUCCESS;
+}
 …
   and installs Deferred Image Load Protocol.
   @param[in]  AuthenticationStatus  This is the authentication status returned from the
+  @param[in]  AuthenticationStatus  This is the authentication status returned from the
                                     security measurement services for the input file.
   @param[in]  File                  This is a pointer to the device path of the file that
 …
   //
   // Check whether user has a logon.
   //
+  //
   CurrentUser = NULL;
   if (mUserManager != NULL) {
 …
+    }
+  }
   //
   // Still no user logon.
 …
     return EFI_SUCCESS;
+  }
   DEBUG ((EFI_D_INFO, "[Security] No user identified, the image is deferred to load!\n"));
   PutDefferedImageInfo (File, FileBuffer, FileSize);
 …
 /**
   Locate user manager protocol when user manager is installed.
+  Locate user manager protocol when user manager is installed.
   @param[in] Event    The Event that is being processed, not used.
   @param[in] Context  Event Context, not used.
+  @param[in] Context  Event Context, not used.
 **/
 …
          (VOID **) &mUserManager
          );
+}
 …
+{
   VOID                 *Registration;
   //
   // Register user manager notification function.
   //
   EfiCreateProtocolNotifyEvent (
     &gEfiUserManagerProtocolGuid,
+    &gEfiUserManagerProtocolGuid,
     TPL_CALLBACK,
     FindUserManagerProtocol,
 …
     &Registration
     );
   return RegisterSecurity2Handler (
            DxeDeferImageLoadHandler,
            EFI_AUTH_OPERATION_DEFER_IMAGE_LOAD
            );
+}
+           EFI_AUTH_OPERATION_DEFER_IMAGE_LOAD
+           );
+}

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/DxeDeferImageLoadLib/DxeDeferImageLoadLib.h

-              r58459
+              r58466
 Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   Returns information about a deferred image.
   This function returns information about a single deferred image. The deferred images are
   numbered consecutively, starting with 0.  If there is no image which corresponds to
   ImageIndex, then EFI_NOT_FOUND is returned. All deferred images may be returned by
+  This function returns information about a single deferred image. The deferred images are
+  numbered consecutively, starting with 0.  If there is no image which corresponds to
+  ImageIndex, then EFI_NOT_FOUND is returned. All deferred images may be returned by
   iteratively calling this function until EFI_NOT_FOUND is returned.
   Image may be NULL and ImageSize set to 0 if the decision to defer execution was made
   because of the location of the executable image, rather than its actual contents.
+  Image may be NULL and ImageSize set to 0 if the decision to defer execution was made
+  because of the location of the executable image, rather than its actual contents.
   @param[in]  This              Points to this instance of the EFI_DEFERRED_IMAGE_LOAD_PROTOCOL.
   @param[in]  ImageIndex        Zero-based index of the deferred index.
   @param[out] ImageDevicePath   On return, points to a pointer to the device path of the image.
                                 The device path should not be freed by the caller.
   @param[out] Image             On return, points to the first byte of the image or NULL if the
+  @param[out] ImageDevicePath   On return, points to a pointer to the device path of the image.
+                                The device path should not be freed by the caller.
+  @param[out] Image             On return, points to the first byte of the image or NULL if the
                                 image is not available. The image should not be freed by the caller
                                 unless LoadImage() has been called successfully.
+                                unless LoadImage() has been called successfully.
   @param[out] ImageSize         On return, the size of the image, or 0 if the image is not available.
   @param[out] BootOption        On return, points to TRUE if the image was intended as a boot option
                                 or FALSE if it was not intended as a boot option.
+  @param[out] BootOption        On return, points to TRUE if the image was intended as a boot option
+                                or FALSE if it was not intended as a boot option.
   @retval EFI_SUCCESS           Image information returned successfully.
   @retval EFI_NOT_FOUND         ImageIndex does not refer to a valid image.
   @retval EFI_INVALID_PARAMETER ImageDevicePath is NULL or Image is NULL or ImageSize is NULL or
+  @retval EFI_INVALID_PARAMETER ImageDevicePath is NULL or Image is NULL or ImageSize is NULL or
                                 BootOption is NULL.
 **/
 EFI_STATUS
 …
      OUT BOOLEAN                           *BootOption
   );
 #endif

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/DxeDeferImageLoadLib/DxeDeferImageLoadLib.inf

-              r58459
+              r58466
 #  Provides security service of deferred image load
+#
 #  The platform may need to defer the execution of an image because of security
 #  considerations. These deferred images will be recorded and then reported by
+#  The platform may need to defer the execution of an image because of security
+#  considerations. These deferred images will be recorded and then reported by
 #  installing an instance of the EFI_DEFERRED_IMAGE_LOAD_PROTOCOL.
+#
 …
   BaseMemoryLib
   PrintLib
   DebugLib
+  DebugLib
   UefiLib
   PcdLib
+  PcdLib
 [Protocols]
 …
   ## NOTIFY
   gEfiUserManagerProtocolGuid
 [Guids]
   gEfiGlobalVariableGuid                                  ## SOMETIMES_CONSUMES  ## Variable:L"BootOrder"
 [Pcd]
   gEfiSecurityPkgTokenSpaceGuid.PcdDeferImageLoadPolicy   ## SOMETIMES_CONSUMES

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/DxeImageAuthenticationStatusLib/DxeImageAuthenticationStatusLib.c

-              r58464
+              r58466
 /**
   Check image authentication status returned from Section Extraction Protocol
   @param[in]    AuthenticationStatus  This is the authentication status returned from
+  @param[in]    AuthenticationStatus  This is the authentication status returned from
                              the Section Extraction Protocol when reading the input file.
   @param[in]    File       This is a pointer to the device path of the file that is

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/DxeImageAuthenticationStatusLib/DxeImageAuthenticationStatusLib.inf

r58464	r58466
21	21	MODULE_TYPE = DXE_DRIVER
22	22	VERSION_STRING = 1.0
23		LIBRARY_CLASS = NULL\|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
	23	LIBRARY_CLASS = NULL\|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
24	24	CONSTRUCTOR = DxeImageAuthenticationStatusLibConstructor
25	25

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c

-              r58459
+              r58466
   @param  FileHandle      Pointer to the file handle to read the PE/COFF image.
   @param  FileOffset      Offset into the PE/COFF image to begin the read operation.
   @param  ReadSize        On input, the size in bytes of the requested read operation.
+  @param  ReadSize        On input, the size in bytes of the requested read operation.
                           On output, the number of bytes actually read.
   @param  Buffer          Output buffer that contains the data read from the PE/COFF image.
   @retval EFI_SUCCESS     The specified portion of the PE/COFF image was read and the size
+  @retval EFI_SUCCESS     The specified portion of the PE/COFF image was read and the size
 **/
 EFI_STATUS
 …
   if (FileHandle == NULL || ReadSize == NULL || Buffer == NULL) {
     return EFI_INVALID_PARAMETER;
+    return EFI_INVALID_PARAMETER;
+  }
 …
   if (mNtHeader.Pe32->FileHeader.Machine == IMAGE_FILE_MACHINE_IA64 && mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
     //
     // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value
     //       in the PE/COFF Header. If the MachineType is Itanium(IA64) and the
+    // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value
+    //       in the PE/COFF Header. If the MachineType is Itanium(IA64) and the
     //       Magic value in the OptionalHeader is EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC
     //       then override the magic value to EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC
 …
     Magic =  mNtHeader.Pe32->OptionalHeader.Magic;
+  }
   //
   // 3.  Calculate the distance from the base of the image header to the image checksum address.
 …
         goto Done;
+      }
+    }
+    }
+  }
 …
   @param[in]  AuthData            Pointer to the Authenticode Signature retrieved from signed image.
   @param[in]  AuthDataSize        Size of the Authenticode Signature in bytes.
   @retval EFI_UNSUPPORTED             Hash algorithm is not supported.
   @retval EFI_SUCCESS                 Hash successfully.
 …
   //
   // The policy QUERY_USER_ON_SECURITY_VIOLATION and ALLOW_EXECUTE_ON_SECURITY_VIOLATION
+  // The policy QUERY_USER_ON_SECURITY_VIOLATION and ALLOW_EXECUTE_ON_SECURITY_VIOLATION
   // violates the UEFI spec and has been removed.
   //
 …
   if (mNtHeader.Pe32->FileHeader.Machine == IMAGE_FILE_MACHINE_IA64 && mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
     //
     // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value
     //       in the PE/COFF Header. If the MachineType is Itanium(IA64) and the
+    // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value
+    //       in the PE/COFF Header. If the MachineType is Itanium(IA64) and the
     //       Magic value in the OptionalHeader is EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC
     //       then override the magic value to EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC
 …
     Magic = mNtHeader.Pe32->OptionalHeader.Magic;
+  }
   if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
     //
 …
     if (NumberOfRvaAndSizes > EFI_IMAGE_DIRECTORY_ENTRY_SECURITY) {
       SecDataDir = (EFI_IMAGE_DATA_DIRECTORY *) &mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY];
+    }
+    }
   } else {
     //
 …
   if (SecDataDir == NULL || SecDataDir->Size == 0) {
     //
     // This image is not signed. The SHA256 hash value of the image must match a record in the security database "db",
+    // This image is not signed. The SHA256 hash value of the image must match a record in the security database "db",
     // and not be reflected in the security data base "dbx".
     //
 …
   //
   // Verify the signature of the image, multiple signatures are allowed as per PE/COFF Section 4.7
+  // Verify the signature of the image, multiple signatures are allowed as per PE/COFF Section 4.7
   // "Attribute Certificate Table".
   // The first certificate starts at offset (SecDataDir->VirtualAddress) from the start of the file.
 …
       break;
+    }
     //
     // Verify the image's Authenticode signature, only DER-encoded PKCS#7 signed data is supported.
 …
     if (WinCertificate->wCertificateType == WIN_CERT_TYPE_PKCS_SIGNED_DATA) {
       //
       // The certificate is formatted as WIN_CERTIFICATE_EFI_PKCS which is described in the
+      // The certificate is formatted as WIN_CERTIFICATE_EFI_PKCS which is described in the
       // Authenticode specification.
       //
 …
       continue;
+    }
     //
     // Check the digital signature against the revoked certificate in forbidden database (dbx).
 …
     VerifyStatus = EFI_ACCESS_DENIED;
+  }
   if (!EFI_ERROR (VerifyStatus)) {
     return EFI_SUCCESS;
 …
+  }
   ImageExeInfoTable->NumberOfImages = 0;
+  ImageExeInfoTable->NumberOfImages = 0;
   gBS->InstallConfigurationTable (&gEfiImageSecurityDatabaseGuid, (VOID *) ImageExeInfoTable);
 …
   EfiCreateEventReadyToBootEx (
     TPL_CALLBACK,
     OnReadyToBoot,
     NULL,
+    OnReadyToBoot,
+    NULL,
     &Event
     );
+    );
   return RegisterSecurity2Handler (

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.h

-              r58459
+              r58466
 Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
 // Set max digest size as SHA256 Output (32 bytes) by far
 //
 #define MAX_DIGEST_SIZE    SHA256_DIGEST_SIZE
+#define MAX_DIGEST_SIZE    SHA256_DIGEST_SIZE
 //
 //

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf

-              r58459
+              r58466
   MODULE_TYPE                    = DXE_DRIVER
   VERSION_STRING                 = 1.0
   LIBRARY_CLASS                  = NULL|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
+  LIBRARY_CLASS                  = NULL|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
   CONSTRUCTOR                    = DxeImageVerificationLibConstructor
 …
   ## SOMETIMES_PRODUCES   ## GUID       # Unique ID for the type of the signature.
   gEfiCertSha1Guid
   ## SOMETIMES_CONSUMES   ## GUID       # Unique ID for the type of the signature.
   ## SOMETIMES_PRODUCES   ## GUID       # Unique ID for the type of the signature.
 …
   gEfiCertX509Guid                      ## SOMETIMES_CONSUMES    ## GUID     # Unique ID for the type of the signature.
   gEfiCertPkcs7Guid                     ## SOMETIMES_CONSUMES    ## GUID     # Unique ID for the type of the certificate.
 [Pcd]
   gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy          ## SOMETIMES_CONSUMES

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/DxeImageVerificationLib/Measurement.c

-              r58464
+              r58466
   @param[in]  VarName           A Null-terminated string that is the name of the vendor's variable.
   @param[in]  VendorGuid        A unique identifier for the vendor.
   @param[in]  VarData           The content of the variable data.
   @param[in]  VarSize           The size of the variable data.
+  @param[in]  VarData           The content of the variable data.
+  @param[in]  VarSize           The size of the variable data.
   @retval EFI_SUCCESS           Operation completed successfully.
   @retval EFI_OUT_OF_RESOURCES  Out of memory.
 …
   @param[in]  VarName           A Null-terminated string that is the name of the vendor's variable.
   @param[in]  VendorGuid        A unique identifier for the vendor.
   @param[in]  VarData           The content of the variable data.
   @param[in]  VarSize           The size of the variable data.
+  @param[in]  VarData           The content of the variable data.
+  @param[in]  VarSize           The size of the variable data.
   @retval TRUE  The data is already measured.
 …
   for (Index = 0; Index < sizeof(mVariableType)/sizeof(mVariableType[0]); Index++) {
     if ((StrCmp (VariableName, mVariableType[Index].VariableName) == 0) &&
+    if ((StrCmp (VariableName, mVariableType[Index].VariableName) == 0) &&
         (CompareGuid (VendorGuid, mVariableType[Index].VendorGuid))) {
       return TRUE;
 …
   @param[in]  VarName           A Null-terminated string that is the name of the vendor's variable.
   @param[in]  VendorGuid        A unique identifier for the vendor.
   @param[in]  VarData           The content of the variable data.
   @param[in]  VarSize           The size of the variable data.
+  @param[in]  VarData           The content of the variable data.
+  @param[in]  VarSize           The size of the variable data.
   @retval EFI_SUCCESS           Operation completed successfully.
   @retval EFI_OUT_OF_RESOURCES  Out of memory.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/DxeRsa2048Sha256GuidedSectionExtractLib/DxeRsa2048Sha256GuidedSectionExtractLib.c

-              r58464
+              r58466
 /** @file
   This library registers RSA 2048 SHA 256 guided section handler
+  This library registers RSA 2048 SHA 256 guided section handler
   to parse RSA 2048 SHA 256 encapsulation section and extract raw data.
   It uses the BaseCrypyLib based on OpenSSL to authenticate the signature.
 Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 **/
 …
   GetInfo gets raw data size and attribute of the input guided section.
   It first checks whether the input guid section is supported.
+  It first checks whether the input guid section is supported.
   If not, EFI_INVALID_PARAMETER will return.
 …
   @param SectionAttribute   The attribute of the input guided section.
   @retval EFI_SUCCESS            The size of destination buffer, the size of scratch buffer and
+  @retval EFI_SUCCESS            The size of destination buffer, the size of scratch buffer and
                                  the attribute of the input section are successull retrieved.
   @retval EFI_INVALID_PARAMETER  The GUID in InputSection does not match this instance guid.
 …
   Extraction handler tries to extract raw data from the input guided section.
   It also does authentication check for RSA 2048 SHA 256 signature in the input guided section.
   It first checks whether the input guid section is supported.
+  It first checks whether the input guid section is supported.
   If not, EFI_INVALID_PARAMETER will return.
 …
   VOID                            *HashContext;
   VOID                            *Rsa;
   HashContext = NULL;
   Rsa         = NULL;
   if (IS_SECTION2 (InputSection)) {
     //
 …
       return EFI_INVALID_PARAMETER;
+    }
     //
     // Get the RSA 2048 SHA 256 information.
 …
       return EFI_INVALID_PARAMETER;
+    }
     //
     // Get the RSA 2048 SHA 256 information.
 …
     //
     *AuthenticationStatus |= EFI_AUTH_STATUS_PLATFORM_OVERRIDE;
     return EFI_SUCCESS;
+  }
 …
   //
   Status = EFI_SUCCESS;
   //
   // Fail if the HashType is not SHA 256
 …
     goto Done;
+  }
   //
   // Fail if the PublicKey is not one of the public keys in PcdRsa2048Sha256PublicKeyBuffer
 …
     goto Done;
+  }
   //
+  //
   // Set RSA Key Components.
   // NOTE: Only N and E are needed to be set as RSA public key for signature verification.
 …
   PERF_START (NULL, "RsaVerify", "DXE", 0);
   CryptoStatus = RsaPkcs1Verify (
                    Rsa,
                    Digest,
                    SHA256_DIGEST_SIZE,
                    CertBlockRsa2048Sha256->Signature,
+                   Rsa,
+                   Digest,
+                   SHA256_DIGEST_SIZE,
+                   CertBlockRsa2048Sha256->Signature,
                    sizeof (CertBlockRsa2048Sha256->Signature)
                    );

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/DxeRsa2048Sha256GuidedSectionExtractLib/DxeRsa2048Sha256GuidedSectionExtractLib.inf

-              r58464
+              r58466
 ## @file
 #  This library doesn't produce any library class. The constructor function uses
+#  This library doesn't produce any library class. The constructor function uses
 #  ExtractGuidedSectionLib service to register an RSA 2048 SHA 256 guided section handler
 #  that parses RSA 2048 SHA 256 encapsulation section and extracts raw data.
 …
   CryptoPkg/CryptoPkg.dec
   SecurityPkg/SecurityPkg.dec
 [LibraryClasses]
   ExtractGuidedSectionLib
 …
   PerformanceLib
 [PcdEx]
+[PcdEx]
   gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer    ## SOMETIMES_CONSUMES
 [Protocols]
   gEfiSecurityPolicyProtocolGuid                   ## SOMETIMES_CONSUMES (Set platform override AUTH status if exist)
 [Guids]
   gEfiCertTypeRsa2048Sha256Guid  ## PRODUCES       ## UNDEFINED  # Specifies RSA 2048 SHA 256 authentication algorithm.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.c

-              r58459
+              r58466
 Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   Get TPM physical presence permanent flags.
   @param[in]  TcgProtocol   EFI TCG Protocol instance.
   @param[out] LifetimeLock  physicalPresenceLifetimeLock permanent flag.
+  @param[in]  TcgProtocol   EFI TCG Protocol instance.
+  @param[out] LifetimeLock  physicalPresenceLifetimeLock permanent flag.
   @param[out] CmdEnable     physicalPresenceCMDEnable permanent flag.
   @retval EFI_SUCCESS       Flags were returns successfully.
   @retval other             Failed to locate EFI TCG Protocol.
 …
   TPM_PERMANENT_FLAGS               *TpmPermanentFlags;
   UINT8                             RecvBuffer[40];
   //
   // Fill request header
 …
   TpmRsp = (TPM_RSP_COMMAND_HDR*)RecvBuffer;
   TpmRqu = (TPM_RQU_COMMAND_HDR*)SendBuffer;
   TpmRqu->tag       = SwapBytes16 (TPM_TAG_RQU_COMMAND);
   TpmRqu->paramSize = SwapBytes32 (sizeof (SendBuffer));
 …
   WriteUnaligned32 (SendBufPtr++, SwapBytes32 (TPM_CAP_FLAG));
   WriteUnaligned32 (SendBufPtr++, SwapBytes32 (sizeof (TPM_CAP_FLAG_PERMANENT)));
   WriteUnaligned32 (SendBufPtr, SwapBytes32 (TPM_CAP_FLAG_PERMANENT));
+  WriteUnaligned32 (SendBufPtr, SwapBytes32 (TPM_CAP_FLAG_PERMANENT));
   Status = TcgProtocol->PassThroughToTpm (
                           TcgProtocol,
 …
   ASSERT (TpmRsp->tag == SwapBytes16 (TPM_TAG_RSP_COMMAND));
   ASSERT (TpmRsp->returnCode == 0);
   TpmPermanentFlags = (TPM_PERMANENT_FLAGS *)&RecvBuffer[sizeof (TPM_RSP_COMMAND_HDR) + sizeof (UINT32)];
   if (LifetimeLock != NULL) {
     *LifetimeLock = TpmPermanentFlags->physicalPresenceLifetimeLock;
 …
   Issue TSC_PhysicalPresence command to TPM.
   @param[in] TcgProtocol          EFI TCG Protocol instance.
   @param[in] PhysicalPresence     The state to set the TPM's Physical Presence flags.
+  @param[in] TcgProtocol          EFI TCG Protocol instance.
+  @param[in] PhysicalPresence     The state to set the TPM's Physical Presence flags.
   @retval EFI_SUCCESS             TPM executed the command successfully.
   @retval EFI_SECURITY_VIOLATION  TPM returned error when executing the command.
 …
   TpmRqu->paramSize = SwapBytes32 (sizeof (Buffer));
   TpmRqu->ordinal   = SwapBytes32 (TSC_ORD_PhysicalPresence);
   WriteUnaligned16 (TpmPp, (TPM_PHYSICAL_PRESENCE) SwapBytes16 (PhysicalPresence));
+  WriteUnaligned16 (TpmPp, (TPM_PHYSICAL_PRESENCE) SwapBytes16 (PhysicalPresence));
   Status = TcgProtocol->PassThroughToTpm (
 …
     return EFI_SECURITY_VIOLATION;
+  }
   return Status;
+}
 …
   Issue a TPM command for which no additional output data will be returned.
   @param[in] TcgProtocol              EFI TCG Protocol instance.
   @param[in] Ordinal                  TPM command code.
   @param[in] AdditionalParameterSize  Additional parameter size.
   @param[in] AdditionalParameters     Pointer to the Additional paramaters.
   @retval TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE  Error occurred during sending command to TPM or
+  @param[in] TcgProtocol              EFI TCG Protocol instance.
+  @param[in] Ordinal                  TPM command code.
+  @param[in] AdditionalParameterSize  Additional parameter size.
+  @param[in] AdditionalParameters     Pointer to the Additional paramaters.
+  @retval TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE  Error occurred during sending command to TPM or
                                                   receiving response from TPM.
   @retval Others                                  Return code from the TPM device after command execution.
 …
   @param[in]      CommandCode         Physical presence operation value.
   @param[in, out] PpiFlags            The physical presence interface flags.
   @retval TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE  Unknown physical presence operation.
   @retval TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE  Error occurred during sending command to TPM or
+  @retval TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE  Error occurred during sending command to TPM or
                                                   receiving response from TPM.
   @retval Others                                  Return code from the TPM device after command execution.
 …
       PpiFlags->PPFlags |= TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_MAINTENANCE;
       return 0;
     case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:
       //
 …
         TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE, PpiFlags);
         PpiFlags->PPFlags &= ~TCG_VENDOR_LIB_FLAG_RESET_TRACK;
+      }
+      }
       return TpmResponse;
 …
   UINTN                             Index;
   InputKey = 0;
+  InputKey = 0;
   do {
     Status = gST->ConIn->ReadKeyStroke (gST->ConIn, &Key);
 …
     return TRUE;
+  }
   return FALSE;
+}
 …
 /**
   The constructor function register UNI strings into imageHandle.
   It will ASSERT() if that operation fails and it will always return EFI_SUCCESS.
+  It will ASSERT() if that operation fails and it will always return EFI_SUCCESS.
   @param  ImageHandle   The firmware allocated handle for the EFI image.
   @param  SystemTable   A pointer to the EFI System Table.
   @retval EFI_SUCCESS   The constructor successfully added string package.
   @retval Other value   The constructor can't add string package.
 …
   CHAR16                            *ConfirmText;
   CHAR16                            *TmpStr1;
   CHAR16                            *TmpStr2;
+  CHAR16                            *TmpStr2;
   UINTN                             BufSize;
   BOOLEAN                           CautionKey;
   UINT16                            Index;
   CHAR16                            DstStr[81];
   TmpStr2     = NULL;
   CautionKey  = FALSE;
 …
     case PHYSICAL_PRESENCE_ENABLE:
       TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE));
       TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
       UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
 …
     case PHYSICAL_PRESENCE_DISABLE:
       TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DISABLE));
       TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
       UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
 …
       FreePool (TmpStr1);
       break;
     case PHYSICAL_PRESENCE_ACTIVATE:
       TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACTIVATE));
       TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
       UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
 …
       TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));
       StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
       FreePool (TmpStr1);
+      FreePool (TmpStr1);
       break;
 …
       StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
       StrnCat (ConfirmText, L" \n\n", (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
       FreePool (TmpStr1);
+      FreePool (TmpStr1);
       TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));
 …
     case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE:
       TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DEACTIVATE_DISABLE));
       TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
+      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
       UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
       FreePool (TmpStr1);
 …
       StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
       FreePool (TmpStr1);
       TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));
       StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
 …
     case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE:
       TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ALLOW_TAKE_OWNERSHIP));
       TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
+      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
       UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
       FreePool (TmpStr1);
 …
     case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE:
       TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DISALLOW_TAKE_OWNERSHIP));
       TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
+      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
       UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
       FreePool (TmpStr1);
 …
     case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE:
       TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_TURN_OFF));
       TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
+      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
       UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
       FreePool (TmpStr1);
 …
       StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
       FreePool (TmpStr1);
       TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));
       StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
 …
       CautionKey = TRUE;
       TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_UNOWNED_FIELD_UPGRADE));
       TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_UPGRADE_HEAD_STR));
       UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
       FreePool (TmpStr1);
+      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_UPGRADE_HEAD_STR));
+      UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
+      FreePool (TmpStr1);
       TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_MAINTAIN));
       StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
 …
       StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
       StrnCat (ConfirmText, L" \n\n", (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
       FreePool (TmpStr1);
+      FreePool (TmpStr1);
       TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));
 …
   DstStr[80] = L'\0';
   for (Index = 0; Index < StrLen (ConfirmText); Index += 80) {
     StrnCpy(DstStr, ConfirmText + Index, 80);
     Print (DstStr);
+  }
+    StrnCpy(DstStr, ConfirmText + Index, 80);
+    Print (DstStr);
+  }
   FreePool (TmpStr1);
   FreePool (TmpStr2);
 …
+  }
   return FALSE;
+  return FALSE;
+}
 /**
   Check if there is a valid physical presence command request. Also updates parameter value
+  Check if there is a valid physical presence command request. Also updates parameter value
   to whether the requested physical presence command already confirmed by user
    @param[in]  TcgPpData           EFI TCG Physical Presence request data.
    @param[in]  Flags               The physical presence interface flags.
+   @param[in]  Flags               The physical presence interface flags.
    @param[out] RequestConfirmed    If the physical presence operation command required user confirm from UI.
                                    True, it indicates the command doesn't require user confirm, or already confirmed
+                                   True, it indicates the command doesn't require user confirm, or already confirmed
                                    in last boot cycle by user.
                                    False, it indicates the command need user confirm from UI.
 …
   its data structure to be valid value.
   @param[in] TcgProtocol          EFI TCG Protocol instance.
+  @param[in] TcgProtocol          EFI TCG Protocol instance.
   @param[in] TcgPpData            Point to the physical presence NV variable.
   @param[in] Flags                The physical presence interface flags.
 …
     if (!RequestConfirmed) {
       //
       // Print confirm text and wait for approval.
+      // Print confirm text and wait for approval.
       //
       RequestConfirmed = UserConfirm (TcgPpData->PPRequest);
 …
                       sizeof (EFI_PHYSICAL_PRESENCE_FLAGS),
                       &NewFlags
                       );
+                      );
     if (EFI_ERROR (Status)) {
       return;
+    }
+  }
   //
   // Clear request
 …
   if ((NewFlags.PPFlags & TCG_VENDOR_LIB_FLAG_RESET_TRACK) == 0) {
     TcgPpData->LastPPRequest = TcgPpData->PPRequest;
     TcgPpData->PPRequest = PHYSICAL_PRESENCE_NO_ACTION;
+    TcgPpData->PPRequest = PHYSICAL_PRESENCE_NO_ACTION;
+  }
 …
     case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE:
     case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:
     case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:
+    case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:
       break;
     default:
 …
   Print (L"Rebooting system to make TPM settings in effect\n");
   gRT->ResetSystem (EfiResetCold, EFI_SUCCESS, 0, NULL);
   ASSERT (FALSE);
+  ASSERT (FALSE);
+}
 …
   Check and execute the pending TPM request and Lock TPM.
   The TPM request may come from OS or BIOS. This API will display request information and wait
+  The TPM request may come from OS or BIOS. This API will display request information and wait
   for user confirmation if TPM request exists. The TPM request will be sent to TPM device after
   the TPM request is confirmed, and one or more reset may be required to make TPM request to
+  the TPM request is confirmed, and one or more reset may be required to make TPM request to
   take effect. At last, it will lock TPM to prevent TPM state change by malware.
   This API should be invoked after console in and console out are all ready as they are required
   to display request information and get user input to confirm the request. This API should also
+  to display request information and get user input to confirm the request. This API should also
   be invoked as early as possible as TPM is locked in this function.
 **/
 VOID
 …
   EDKII_VARIABLE_LOCK_PROTOCOL      *VariableLockProtocol;
   EFI_PHYSICAL_PRESENCE_FLAGS       PpiFlags;
   Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **)&TcgProtocol);
   if (EFI_ERROR (Status)) {
 …
   //
   // This flags variable controls whether physical presence is required for TPM command.
+  // This flags variable controls whether physical presence is required for TPM command.
   // It should be protected from malicious software. We set it as read-only variable here.
   //
 …
+    }
+  }
   //
   // Initialize physical presence variable.
 …
     return ;
+  }
   if (!CmdEnable) {
     if (LifetimeLock) {
 …
+    }
+  }
   //
   // Set operator physical presence flags
 …
   //
   // Execute pending TPM request.
   //
+  //
   ExecutePendingTpmRequest (TcgProtocol, &TcgPpData, PpiFlags);
   DEBUG ((EFI_D_INFO, "[TPM] PPResponse = %x\n", TcgPpData.PPResponse));
 …
   The TPM request may come from OS. This API will check if TPM request exists and need user
   input to confirmation.
   @retval    TRUE        TPM needs input to confirm user physical presence.
   @retval    FALSE       TPM doesn't need input to confirm user physical presence.
 …
   EFI_TCG_PROTOCOL             *TcgProtocol;
   EFI_PHYSICAL_PRESENCE_FLAGS  PpiFlags;
   Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **)&TcgProtocol);
   if (EFI_ERROR (Status)) {
 …
     return FALSE;
+  }
   if (TcgPpData.PPRequest == PHYSICAL_PRESENCE_NO_ACTION) {
     //

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.inf

-              r58459
+              r58466
+#
 #  This library will check and execute TPM 1.2 request from OS or BIOS. The request may
 #  ask for user confirmation before execution. This Library will also lock TPM physical
+#  ask for user confirmation before execution. This Library will also lock TPM physical
 #  presence at last.
+#
 …
   MODULE_TYPE                    = DXE_DRIVER
   VERSION_STRING                 = 1.0
   LIBRARY_CLASS                  = TcgPhysicalPresenceLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER UEFI_APPLICATION UEFI_DRIVER
+  LIBRARY_CLASS                  = TcgPhysicalPresenceLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER UEFI_APPLICATION UEFI_DRIVER
   CONSTRUCTOR                    = TcgPhysicalPresenceLibConstructor
+#
 # The following information is for reference only and not required by the build tools.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/PhysicalPresenceStrings.uni

Property svn:mime-type changed from application/octet-stream to text/plain;encoding=UTF-16LE

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c

-              r58464
+              r58466
 Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   @param  FileHandle      Pointer to the file handle to read the PE/COFF image.
   @param  FileOffset      Offset into the PE/COFF image to begin the read operation.
   @param  ReadSize        On input, the size in bytes of the requested read operation.
+  @param  ReadSize        On input, the size in bytes of the requested read operation.
                           On output, the number of bytes actually read.
   @param  Buffer          Output buffer that contains the data read from the PE/COFF image.
   @retval EFI_SUCCESS     The specified portion of the PE/COFF image was read and the size
+  @retval EFI_SUCCESS     The specified portion of the PE/COFF image was read and the size
 **/
 EFI_STATUS
 …
   //
   // Read the EFI Partition Table Header
   //
+  //
   PrimaryHeader = (EFI_PARTITION_TABLE_HEADER *) AllocatePool (BlockIo->Media->BlockSize);
   if (PrimaryHeader == NULL) {
     return EFI_OUT_OF_RESOURCES;
+  }
+  }
   Status = DiskIo->ReadDisk (
                      DiskIo,
 …
     FreePool (PrimaryHeader);
     return EFI_DEVICE_ERROR;
+  }
+  }
   //
   // Read the partition entry.
 …
     return EFI_DEVICE_ERROR;
+  }
   //
   // Count the valid partition
 …
   for (Index = 0; Index < PrimaryHeader->NumberOfPartitionEntries; Index++) {
     if (!CompareGuid (&PartitionEntry->PartitionTypeGUID, &mTrEEZeroGuid)) {
       NumberOfPartition++;
+      NumberOfPartition++;
+    }
     PartitionEntry = (EFI_PARTITION_ENTRY *)((UINT8 *)PartitionEntry + PrimaryHeader->SizeOfPartitionEntry);
 …
   //
   // Prepare Data for Measurement
   //
   EventSize = (UINT32)(sizeof (EFI_GPT_DATA) - sizeof (GptData->Partitions)
+  //
+  EventSize = (UINT32)(sizeof (EFI_GPT_DATA) - sizeof (GptData->Partitions)
                         + NumberOfPartition * PrimaryHeader->SizeOfPartitionEntry);
   TreeEvent = (TrEE_EVENT *) AllocateZeroPool (EventSize + sizeof (TrEE_EVENT) - sizeof(TreeEvent->Event));
 …
   TreeEvent->Header.PCRIndex      = 5;
   TreeEvent->Header.EventType     = EV_EFI_GPT_EVENT;
   GptData = (EFI_GPT_DATA *) TreeEvent->Event;
+  GptData = (EFI_GPT_DATA *) TreeEvent->Event;
   //
   // Copy the EFI_PARTITION_TABLE_HEADER and NumberOfPartition
   //
+  //
   CopyMem ((UINT8 *)GptData, (UINT8*)PrimaryHeader, sizeof (EFI_PARTITION_TABLE_HEADER));
   GptData->NumberOfPartitions = NumberOfPartition;
 …
   @retval EFI_SUCCESS            Successfully measure image.
   @retval EFI_OUT_OF_RESOURCES   No enough resource to measure image.
   @retval EFI_UNSUPPORTED        ImageType is unsupported or PE image is mal-format.
+  @retval EFI_UNSUPPORTED        ImageType is unsupported or PE image is mal-format.
   @retval other error value
 …
 /**
   The security handler is used to abstract platform-specific policy
   from the DXE core response to an attempt to use a file that returns a
   given status for the authentication check from the section extraction protocol.
   The possible responses in a given SAP implementation may include locking
   flash upon failure to authenticate, attestation logging for all signed drivers,
   and other exception operations.  The File parameter allows for possible logging
+  The security handler is used to abstract platform-specific policy
+  from the DXE core response to an attempt to use a file that returns a
+  given status for the authentication check from the section extraction protocol.
+  The possible responses in a given SAP implementation may include locking
+  flash upon failure to authenticate, attestation logging for all signed drivers,
+  and other exception operations.  The File parameter allows for possible logging
   within the SAP of the driver.
   If File is NULL, then EFI_INVALID_PARAMETER is returned.
   If the file specified by File with an authentication status specified by
+  If the file specified by File with an authentication status specified by
   AuthenticationStatus is safe for the DXE Core to use, then EFI_SUCCESS is returned.
   If the file specified by File with an authentication status specified by
   AuthenticationStatus is not safe for the DXE Core to use under any circumstances,
+  If the file specified by File with an authentication status specified by
+  AuthenticationStatus is not safe for the DXE Core to use under any circumstances,
   then EFI_ACCESS_DENIED is returned.
   If the file specified by File with an authentication status specified by
   AuthenticationStatus is not safe for the DXE Core to use right now, but it
   might be possible to use it at a future time, then EFI_SECURITY_VIOLATION is
+  If the file specified by File with an authentication status specified by
+  AuthenticationStatus is not safe for the DXE Core to use right now, but it
+  might be possible to use it at a future time, then EFI_SECURITY_VIOLATION is
   returned.
 …
   ProtocolCapability.Size = (UINT8) sizeof (ProtocolCapability);
   Status = TreeProtocol->GetCapability (
                            TreeProtocol,
+                           TreeProtocol,
                            &ProtocolCapability
                            );
 …
   //
   OrigDevicePathNode = DuplicateDevicePath (File);
   //
   // 1. Check whether this device path support BlockIo protocol.
 …
         //
         // Check whether it is a gpt partition or not
         //
         if (((HARDDRIVE_DEVICE_PATH *) DevicePathNode)->MBRType == MBR_TYPE_EFI_PARTITION_TABLE_HEADER &&
+        //
+        if (((HARDDRIVE_DEVICE_PATH *) DevicePathNode)->MBRType == MBR_TYPE_EFI_PARTITION_TABLE_HEADER &&
             ((HARDDRIVE_DEVICE_PATH *) DevicePathNode)->SignatureType == SIGNATURE_TYPE_GUID) {
 …
+    }
+  }
   //
   // 2. Measure PE image.
 …
       do {
         Status = gBS->HandleProtocol(
                         TempHandle,
+                        TempHandle,
                         &gEfiFirmwareVolumeBlockProtocolGuid,
                         (VOID**)&FvbProtocol
 …
     goto Finish;
+  }
   //
   // Measure only application if Application flag is set
   // Measure drivers and applications if Application flag is not set
   //
   if ((!ApplicationRequired) ||
         (ApplicationRequired && ImageContext.ImageType == EFI_IMAGE_SUBSYSTEM_EFI_APPLICATION)) {
+  if ((!ApplicationRequired) ||
+        (ApplicationRequired && ImageContext.ImageType == EFI_IMAGE_SUBSYSTEM_EFI_APPLICATION)) {
     //
     // Print the image path to be measured.
     //
+    //
     DEBUG_CODE_BEGIN ();
       CHAR16                            *ToText;
 …
     Status = TrEEMeasurePeImage (
                TreeProtocol,
                (EFI_PHYSICAL_ADDRESS) (UINTN) FileBuffer,
                FileSize,
                (UINTN) ImageContext.ImageAddress,
                ImageContext.ImageType,
+               (EFI_PHYSICAL_ADDRESS) (UINTN) FileBuffer,
+               FileSize,
+               (UINTN) ImageContext.ImageAddress,
+               ImageContext.ImageType,
                DevicePathNode
                );

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf

-              r58464
+              r58466
 #  Provides security service for TPM 2.0 measured boot
+#
 #  This library instance hooks LoadImage() API to measure every image that
+#  This library instance hooks LoadImage() API to measure every image that
 #  is not measured in PEI phase. And, it will also measure GPT partition.
+#
 #  Caution: This module requires additional review when modified.
 #  This library will have external input - PE/COFF image and GPT partition.
 #  This external input must be validated carefully to avoid security issues such
+#  This external input must be validated carefully to avoid security issues such
 #  as buffer overflow or integer overflow.
+#
 …
   MODULE_TYPE                    = DXE_DRIVER
   VERSION_STRING                 = 1.0
   LIBRARY_CLASS                  = NULL|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
+  LIBRARY_CLASS                  = NULL|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
   CONSTRUCTOR                    = DxeTpm2MeasureBootLibConstructor

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c

-              r58459
+              r58466
 /** @file
   The library instance provides security service of TPM measure boot.
+  The library instance provides security service of TPM measure boot.
   Caution: This file requires additional review when modified.
 …
 Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   @param  FileHandle      Pointer to the file handle to read the PE/COFF image.
   @param  FileOffset      Offset into the PE/COFF image to begin the read operation.
   @param  ReadSize        On input, the size in bytes of the requested read operation.
+  @param  ReadSize        On input, the size in bytes of the requested read operation.
                           On output, the number of bytes actually read.
   @param  Buffer          Output buffer that contains the data read from the PE/COFF image.
   @retval EFI_SUCCESS     The specified portion of the PE/COFF image was read and the size
+  @retval EFI_SUCCESS     The specified portion of the PE/COFF image was read and the size
 **/
 EFI_STATUS
 …
   //
   // Read the EFI Partition Table Header
   //
+  //
   PrimaryHeader = (EFI_PARTITION_TABLE_HEADER *) AllocatePool (BlockIo->Media->BlockSize);
   if (PrimaryHeader == NULL) {
     return EFI_OUT_OF_RESOURCES;
+  }
+  }
   Status = DiskIo->ReadDisk (
                      DiskIo,
 …
     FreePool (PrimaryHeader);
     return EFI_DEVICE_ERROR;
+  }
+  }
   //
   // Read the partition entry.
 …
     return EFI_DEVICE_ERROR;
+  }
   //
   // Count the valid partition
 …
   for (Index = 0; Index < PrimaryHeader->NumberOfPartitionEntries; Index++) {
     if (!CompareGuid (&PartitionEntry->PartitionTypeGUID, &mZeroGuid)) {
       NumberOfPartition++;
+      NumberOfPartition++;
+    }
     PartitionEntry = (EFI_PARTITION_ENTRY *)((UINT8 *)PartitionEntry + PrimaryHeader->SizeOfPartitionEntry);
 …
   //
   // Prepare Data for Measurement
   //
   EventSize = (UINT32)(sizeof (EFI_GPT_DATA) - sizeof (GptData->Partitions)
+  //
+  EventSize = (UINT32)(sizeof (EFI_GPT_DATA) - sizeof (GptData->Partitions)
                         + NumberOfPartition * PrimaryHeader->SizeOfPartitionEntry);
   TcgEvent = (TCG_PCR_EVENT *) AllocateZeroPool (EventSize + sizeof (TCG_PCR_EVENT_HDR));
 …
   TcgEvent->EventType  = EV_EFI_GPT_EVENT;
   TcgEvent->EventSize  = EventSize;
   GptData = (EFI_GPT_DATA *) TcgEvent->Event;
+  GptData = (EFI_GPT_DATA *) TcgEvent->Event;
   //
   // Copy the EFI_PARTITION_TABLE_HEADER and NumberOfPartition
   //
+  //
   CopyMem ((UINT8 *)GptData, (UINT8*)PrimaryHeader, sizeof (EFI_PARTITION_TABLE_HEADER));
   GptData->NumberOfPartitions = NumberOfPartition;
 …
   @retval EFI_SUCCESS            Successfully measure image.
   @retval EFI_OUT_OF_RESOURCES   No enough resource to measure image.
   @retval EFI_UNSUPPORTED        ImageType is unsupported or PE image is mal-format.
+  @retval EFI_UNSUPPORTED        ImageType is unsupported or PE image is mal-format.
   @retval other error value
 …
   if (Hdr.Pe32->FileHeader.Machine == IMAGE_FILE_MACHINE_IA64 && Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
     //
     // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value
     //       in the PE/COFF Header. If the MachineType is Itanium(IA64) and the
+    // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value
+    //       in the PE/COFF Header. If the MachineType is Itanium(IA64) and the
     //       Magic value in the OptionalHeader is EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC
     //       then override the magic value to EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC
 …
     Magic = Hdr.Pe32->OptionalHeader.Magic;
+  }
   //
   // 3.  Calculate the distance from the base of the image header to the image checksum address.
 …
   if (!HashStatus) {
     goto Finish;
+  }
+  }
   //
 …
         goto Finish;
+      }
+    }
+    }
   } else {
     //
 …
       //
       // Use PE32+ offset
       //
+      //
       HashBase = (UINT8 *) &Hdr.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);
       HashSize = (UINTN) ((UINT8 *)(&Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - HashBase);
 …
       HashSize = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - ImageAddress);
+    }
     if (HashSize != 0) {
       HashStatus  = Sha1Update (Sha1Ctx, HashBase, HashSize);
 …
 /**
   The security handler is used to abstract platform-specific policy
   from the DXE core response to an attempt to use a file that returns a
   given status for the authentication check from the section extraction protocol.
   The possible responses in a given SAP implementation may include locking
   flash upon failure to authenticate, attestation logging for all signed drivers,
   and other exception operations.  The File parameter allows for possible logging
+  The security handler is used to abstract platform-specific policy
+  from the DXE core response to an attempt to use a file that returns a
+  given status for the authentication check from the section extraction protocol.
+  The possible responses in a given SAP implementation may include locking
+  flash upon failure to authenticate, attestation logging for all signed drivers,
+  and other exception operations.  The File parameter allows for possible logging
   within the SAP of the driver.
   If File is NULL, then EFI_INVALID_PARAMETER is returned.
   If the file specified by File with an authentication status specified by
+  If the file specified by File with an authentication status specified by
   AuthenticationStatus is safe for the DXE Core to use, then EFI_SUCCESS is returned.
   If the file specified by File with an authentication status specified by
   AuthenticationStatus is not safe for the DXE Core to use under any circumstances,
+  If the file specified by File with an authentication status specified by
+  AuthenticationStatus is not safe for the DXE Core to use under any circumstances,
   then EFI_ACCESS_DENIED is returned.
   If the file specified by File with an authentication status specified by
   AuthenticationStatus is not safe for the DXE Core to use right now, but it
   might be possible to use it at a future time, then EFI_SECURITY_VIOLATION is
+  If the file specified by File with an authentication status specified by
+  AuthenticationStatus is not safe for the DXE Core to use right now, but it
+  might be possible to use it at a future time, then EFI_SECURITY_VIOLATION is
   returned.
 …
   ProtocolCapability.Size = (UINT8) sizeof (ProtocolCapability);
   Status = TcgProtocol->StatusCheck (
              TcgProtocol,
+             TcgProtocol,
              &ProtocolCapability,
              &TCGFeatureFlags,
 …
   //
   OrigDevicePathNode = DuplicateDevicePath (File);
   //
   // 1. Check whether this device path support BlockIo protocol.
 …
         //
         // Check whether it is a gpt partition or not
         //
         if (((HARDDRIVE_DEVICE_PATH *) DevicePathNode)->MBRType == MBR_TYPE_EFI_PARTITION_TABLE_HEADER &&
+        //
+        if (((HARDDRIVE_DEVICE_PATH *) DevicePathNode)->MBRType == MBR_TYPE_EFI_PARTITION_TABLE_HEADER &&
             ((HARDDRIVE_DEVICE_PATH *) DevicePathNode)->SignatureType == SIGNATURE_TYPE_GUID) {
 …
+    }
+  }
   //
   // 2. Measure PE image.
 …
       do {
         Status = gBS->HandleProtocol(
                         TempHandle,
+                        TempHandle,
                         &gEfiFirmwareVolumeBlockProtocolGuid,
                         (VOID**)&FvbProtocol
 …
     goto Finish;
+  }
   //
   // Measure only application if Application flag is set
   // Measure drivers and applications if Application flag is not set
   //
   if ((!ApplicationRequired) ||
         (ApplicationRequired && ImageContext.ImageType == EFI_IMAGE_SUBSYSTEM_EFI_APPLICATION)) {
+  if ((!ApplicationRequired) ||
+        (ApplicationRequired && ImageContext.ImageType == EFI_IMAGE_SUBSYSTEM_EFI_APPLICATION)) {
     //
     // Print the image path to be measured.
     //
+    //
     DEBUG_CODE_BEGIN ();
       CHAR16                            *ToText;
 …
     Status = TcgMeasurePeImage (
                TcgProtocol,
                (EFI_PHYSICAL_ADDRESS) (UINTN) FileBuffer,
                FileSize,
                (UINTN) ImageContext.ImageAddress,
                ImageContext.ImageType,
+               (EFI_PHYSICAL_ADDRESS) (UINTN) FileBuffer,
+               FileSize,
+               (UINTN) ImageContext.ImageAddress,
+               ImageContext.ImageType,
                DevicePathNode
                );

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf

-              r58459
+              r58466
 #  Provides security service for TPM 1.2 measured boot
+#
 #  This library instance hooks LoadImage() API to measure every image that
+#  This library instance hooks LoadImage() API to measure every image that
 #  is not measured in PEI phase. And, it will also measure GPT partition.
+#
 #  Caution: This module requires additional review when modified.
 #  This library will have external input - PE/COFF image and GPT partition.
 #  This external input must be validated carefully to avoid security issues such
+#  This external input must be validated carefully to avoid security issues such
 #  as buffer overflow or integer overflow.
+#
 …
   MODULE_TYPE                    = DXE_DRIVER
   VERSION_STRING                 = 1.0
   LIBRARY_CLASS                  = NULL|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
+  LIBRARY_CLASS                  = NULL|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
   CONSTRUCTOR                    = DxeTpmMeasureBootLibConstructor

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.c

r58464	r58466
172	172	**/
173	173	EFI_STATUS
174		EFIAPI
	174	EFIAPI
175	175	TpmMeasureAndLogData (
176	176	IN UINT32 PcrIndex,

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf

-              r58464
+              r58466
 ## @file
 #  Provides TPM measurement functions for TPM1.2 and TPM 2.0
+#
 #  This library provides TpmMeasureAndLogData() to to measure and log data, and
+#
+#  This library provides TpmMeasureAndLogData() to to measure and log data, and
 #  extend the measurement result into a specific PCR.
+#
 …
   MODULE_TYPE                    = UEFI_DRIVER
   VERSION_STRING                 = 1.0
   LIBRARY_CLASS                  = TpmMeasurementLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
+  LIBRARY_CLASS                  = TpmMeasurementLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
   MODULE_UNI_FILE                = DxeTpmMeasurementLib.uni

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/DxeTrEEPhysicalPresenceLib/DxeTrEEPhysicalPresenceLib.c

-              r58464
+              r58466
 Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   @param[in]      CommandCode         Physical presence operation value.
   @param[in, out] PpiFlags            The physical presence interface flags.
   @retval TREE_PP_OPERATION_RESPONSE_BIOS_FAILURE  Unknown physical presence operation.
   @retval TREE_PP_OPERATION_RESPONSE_BIOS_FAILURE  Error occurred during sending command to TPM or
+  @retval TREE_PP_OPERATION_RESPONSE_BIOS_FAILURE  Error occurred during sending command to TPM or
                                                    receiving response from TPM.
   @retval Others                                   Return code from the TPM device after command execution.
 …
   EFI_INPUT_KEY                     Key;
   UINT16                            InputKey;
   InputKey = 0;
+  InputKey = 0;
   do {
     Status = gBS->CheckEvent (gST->ConIn->WaitForKey);
 …
         InputKey = Key.ScanCode;
+      }
+    }
+    }
   } while (InputKey == 0);
 …
     return TRUE;
+  }
   return FALSE;
+}
 …
 /**
   The constructor function register UNI strings into imageHandle.
   It will ASSERT() if that operation fails and it will always return EFI_SUCCESS.
+  It will ASSERT() if that operation fails and it will always return EFI_SUCCESS.
   @param  ImageHandle   The firmware allocated handle for the EFI image.
   @param  SystemTable   A pointer to the EFI System Table.
   @retval EFI_SUCCESS   The constructor successfully added string package.
   @retval Other value   The constructor can't add string package.
 …
   CHAR16                            *ConfirmText;
   CHAR16                            *TmpStr1;
   CHAR16                            *TmpStr2;
+  CHAR16                            *TmpStr2;
   UINTN                             BufSize;
   BOOLEAN                           CautionKey;
   UINT16                            Index;
   CHAR16                            DstStr[81];
   TmpStr2     = NULL;
   CautionKey  = FALSE;
 …
       StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
       StrnCat (ConfirmText, L" \n\n", (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
       FreePool (TmpStr1);
+      FreePool (TmpStr1);
       TmpStr1 = TrEEPhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));
 …
       StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
       StrnCat (ConfirmText, L" \n\n", (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
       FreePool (TmpStr1);
+      FreePool (TmpStr1);
       TmpStr1 = TrEEPhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));
 …
   DstStr[80] = L'\0';
   for (Index = 0; Index < StrLen (ConfirmText); Index += 80) {
     StrnCpy(DstStr, ConfirmText + Index, 80);
     Print (DstStr);
+  }
+    StrnCpy(DstStr, ConfirmText + Index, 80);
+    Print (DstStr);
+  }
   FreePool (TmpStr1);
   FreePool (TmpStr2);
 …
+  }
   return FALSE;
+}
 /**
   Check if there is a valid physical presence command request. Also updates parameter value
+  return FALSE;
+}
+/**
+  Check if there is a valid physical presence command request. Also updates parameter value
   to whether the requested physical presence command already confirmed by user
    @param[in]  TcgPpData                 EFI TrEE Physical Presence request data.
+   @param[in]  TcgPpData                 EFI TrEE Physical Presence request data.
    @param[in]  Flags                     The physical presence interface flags.
    @param[out] RequestConfirmed            If the physical presence operation command required user confirm from UI.
                                              True, it indicates the command doesn't require user confirm, or already confirmed
+                                             True, it indicates the command doesn't require user confirm, or already confirmed
                                                    in last boot cycle by user.
                                              False, it indicates the command need user confirm from UI.
 …
     if (!RequestConfirmed) {
       //
       // Print confirm text and wait for approval.
+      // Print confirm text and wait for approval.
       //
       RequestConfirmed = TrEEUserConfirm (TcgPpData->PPRequest
 …
     NewFlags = Flags;
     if (RequestConfirmed) {
       TcgPpData->PPResponse = TrEEExecutePhysicalPresence (PlatformAuth, TcgPpData->PPRequest,
+      TcgPpData->PPResponse = TrEEExecutePhysicalPresence (PlatformAuth, TcgPpData->PPRequest,
                                                            &NewFlags);
+    }
 …
                       sizeof (EFI_TREE_PHYSICAL_PRESENCE_FLAGS),
                       &NewFlags
                       );
+                      );
+  }
 …
   if ((NewFlags.PPFlags & TREE_VENDOR_LIB_FLAG_RESET_TRACK) == 0) {
     TcgPpData->LastPPRequest = TcgPpData->PPRequest;
     TcgPpData->PPRequest = TREE_PHYSICAL_PRESENCE_NO_ACTION;
+    TcgPpData->PPRequest = TREE_PHYSICAL_PRESENCE_NO_ACTION;
+  }
 …
   Print (L"Rebooting system to make TPM2 settings in effect\n");
   gRT->ResetSystem (EfiResetCold, EFI_SUCCESS, 0, NULL);
   ASSERT (FALSE);
+  ASSERT (FALSE);
+}
 …
   Check and execute the pending TPM request.
   The TPM request may come from OS or BIOS. This API will display request information and wait
+  The TPM request may come from OS or BIOS. This API will display request information and wait
   for user confirmation if TPM request exists. The TPM request will be sent to TPM device after
   the TPM request is confirmed, and one or more reset may be required to make TPM request to
+  the TPM request is confirmed, and one or more reset may be required to make TPM request to
   take effect.
   This API should be invoked after console in and console out are all ready as they are required
   to display request information and get user input to confirm the request.
+  to display request information and get user input to confirm the request.
   @param[in]  PlatformAuth                   platform auth value. NULL means no platform auth change.
 …
   //
   // This flags variable controls whether physical presence is required for TPM command.
+  // This flags variable controls whether physical presence is required for TPM command.
   // It should be protected from malicious software. We set it as read-only variable here.
   //
 …
+    }
+  }
   //
   // Initialize physical presence variable.
 …
   //
   // Execute pending TPM request.
   //
+  //
   TrEEExecutePendingTpmRequest (PlatformAuth, &TcgPpData, PpiFlags);
   DEBUG ((EFI_D_INFO, "[TPM2] PPResponse = %x (LastPPRequest=%x, Flags=%x)\n", TcgPpData.PPResponse, TcgPpData.LastPPRequest, PpiFlags.PPFlags));
 …
   The TPM request may come from OS. This API will check if TPM request exists and need user
   input to confirmation.
   @retval    TRUE        TPM needs input to confirm user physical presence.
   @retval    FALSE       TPM doesn't need input to confirm user physical presence.
 …
     return FALSE;
+  }
   if (TcgPpData.PPRequest == TREE_PHYSICAL_PRESENCE_NO_ACTION) {
     //

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/DxeTrEEPhysicalPresenceLib/DxeTrEEPhysicalPresenceLib.inf

-              r58464
+              r58466
   MODULE_TYPE                    = DXE_DRIVER
   VERSION_STRING                 = 1.0
   LIBRARY_CLASS                  = TrEEPhysicalPresenceLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER UEFI_APPLICATION UEFI_DRIVER
+  LIBRARY_CLASS                  = TrEEPhysicalPresenceLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER UEFI_APPLICATION UEFI_DRIVER
   CONSTRUCTOR                    = TrEEPhysicalPresenceLibConstructor
+#
 # The following information is for reference only and not required by the build tools.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.c

-              r58464
+              r58466
   FreePool (Sha1Ctx);
   Tpm2SetSha1ToDigestList (DigestList, Digest);
 …
 /**
   The function register SHA1 instance.
   @retval EFI_SUCCESS   SHA1 instance is registered, or system dose not surpport registr SHA1 instance
 **/

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.c

-              r58464
+              r58466
   FreePool (Sha256Ctx);
   Tpm2SetSha256ToDigestList (DigestList, Digest);
 …
 /**
   The function register SHA256 instance.
   @retval EFI_SUCCESS   SHA256 instance is registered, or system dose not surpport registr SHA256 instance
 **/

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.c

r58464	r58466
217	217	CopyMem (&mHashInterface[mHashInterfaceCount], HashInterface, sizeof(*HashInterface));
218	218	mHashInterfaceCount ++;
219
	219
220	220	return EFI_SUCCESS;
221	221	}

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf

r58464	r58466
3	3	#
4	4	# Ihis library is BaseCrypto router. It will redirect hash request to each individual
5		# hash handler registered, such as SHA1, SHA256. Platform can use PcdTpm2HashMask to
	5	# hash handler registered, such as SHA1, SHA256. Platform can use PcdTpm2HashMask to
6	6	# mask some hash engines.
7	7	#
…	…
23	23	MODULE_TYPE = DXE_DRIVER
24	24	VERSION_STRING = 1.0
25		LIBRARY_CLASS = HashLib\|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
	25	LIBRARY_CLASS = HashLib\|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
26	26
27	27	#

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.c

r58464	r58466
284	284	CopyMem (&HashInterfaceHob->HashInterface[HashInterfaceHob->HashInterfaceCount], HashInterface, sizeof(*HashInterface));
285	285	HashInterfaceHob->HashInterfaceCount ++;
286
	286
287	287	return EFI_SUCCESS;
288	288	}

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf

r58464	r58466
3	3	#
4	4	# Ihis library is BaseCrypto router. It will redirect hash request to each individual
5		# hash handler registered, such as SHA1, SHA256. Platform can use PcdTpm2HashMask to
	5	# hash handler registered, such as SHA1, SHA256. Platform can use PcdTpm2HashMask to
6	6	# mask some hash engines.
7	7	#

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/HashLibTpm2/HashLibTpm2.inf

r58464	r58466
2	2	# Provides hash service using TPM2 device
3	3	#
4		# This library uses TPM2 device to calculate hash. Platform can use PcdTpm2HashMask to
	4	# This library uses TPM2 device to calculate hash. Platform can use PcdTpm2HashMask to
5	5	# mask some hash calculation.
6	6	#

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/PeiRsa2048Sha256GuidedSectionExtractLib/PeiRsa2048Sha256GuidedSectionExtractLib.c

-              r58464
+              r58466
 /** @file
   This library registers RSA 2048 SHA 256 guided section handler
+  This library registers RSA 2048 SHA 256 guided section handler
   to parse RSA 2048 SHA 256 encapsulation section and extract raw data.
   It uses the BaseCrypyLib based on OpenSSL to authenticate the signature.
 Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 **/
 …
   GetInfo gets raw data size and attribute of the input guided section.
   It first checks whether the input guid section is supported.
+  It first checks whether the input guid section is supported.
   If not, EFI_INVALID_PARAMETER will return.
 …
   @param SectionAttribute   The attribute of the input guided section.
   @retval EFI_SUCCESS            The size of destination buffer, the size of scratch buffer and
+  @retval EFI_SUCCESS            The size of destination buffer, the size of scratch buffer and
                                  the attribute of the input section are successull retrieved.
   @retval EFI_INVALID_PARAMETER  The GUID in InputSection does not match this instance guid.
 …
   Extraction handler tries to extract raw data from the input guided section.
   It also does authentication check for RSA 2048 SHA 256 signature in the input guided section.
   It first checks whether the input guid section is supported.
+  It first checks whether the input guid section is supported.
   If not, EFI_INVALID_PARAMETER will return.
 …
   VOID                            *HashContext;
   VOID                            *Rsa;
   HashContext = NULL;
   Rsa         = NULL;
   if (IS_SECTION2 (InputSection)) {
     //
 …
       return EFI_INVALID_PARAMETER;
+    }
     //
     // Get the RSA 2048 SHA 256 information.
 …
       return EFI_INVALID_PARAMETER;
+    }
     //
     // Get the RSA 2048 SHA 256 information.
 …
   //
   Status = EFI_SUCCESS;
   //
   // Fail if the HashType is not SHA 256
 …
     goto Done;
+  }
   //
   // Fail if the PublicKey is not one of the public keys in PcdRsa2048Sha256PublicKeyBuffer
 …
     goto Done;
+  }
   //
+  //
   // Set RSA Key Components.
   // NOTE: Only N and E are needed to be set as RSA public key for signature verification.
 …
   PERF_START (NULL, "RsaVerify", "PEI", 0);
   CryptoStatus = RsaPkcs1Verify (
                    Rsa,
                    Digest,
                    SHA256_DIGEST_SIZE,
                    CertBlockRsa2048Sha256->Signature,
+                   Rsa,
+                   Digest,
+                   SHA256_DIGEST_SIZE,
+                   CertBlockRsa2048Sha256->Signature,
                    sizeof (CertBlockRsa2048Sha256->Signature)
                    );

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/PeiRsa2048Sha256GuidedSectionExtractLib/PeiRsa2048Sha256GuidedSectionExtractLib.inf

-              r58464
+              r58466
 ## @file
 #  This library doesn't produce any library class. The constructor function uses
+#  This library doesn't produce any library class. The constructor function uses
 #  ExtractGuidedSectionLib service to register an RSA 2048 SHA 256 guided section handler
 #  that parses RSA 2048 SHA 256 encapsulation section and extracts raw data.
 …
   PerformanceLib
 [PcdEx]
+[PcdEx]
   gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer      ## SOMETIMES_CONSUMES
 [Guids]
   gEfiCertTypeRsa2048Sha256Guid  ## PRODUCES     ## UNDEFINED  # Specifies RSA 2048 SHA 256 authentication algorithm.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.c

-              r48674
+              r58466
 /** @file
   NULL PlatformSecureLib instance does NOT really detect whether a physical present
+  NULL PlatformSecureLib instance does NOT really detect whether a physical present
   user exists but return TRUE directly. This instance can be used to verify security
   related features during platform enabling and development. It should be replaced
 …
 Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   This function provides a platform-specific method to detect whether the platform
   is operating by a physically present user.
+  is operating by a physically present user.
   Programmatic changing of platform security policy (such as disable Secure Boot,
 …
   NOTE THAT: This function cannot depend on any EFI Variable Service since they are
   not available when this function is called in AuthenticateVariable driver.
   @retval  TRUE       The platform is operated by a physically present user.
   @retval  FALSE      The platform is NOT operated by a physically present user.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.inf

r58459	r58466
2	2	# NULL platform secure library instance that alway returns TRUE for a user physical present
3	3	#
4		# NULL PlatformSecureLib instance does NOT really detect whether a physical present
	4	# NULL PlatformSecureLib instance does NOT really detect whether a physical present
5	5	# user exists but returns TRUE directly. This instance can be used to verify security
6	6	# related features during platform enabling and development. It should be replaced

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/TcgPpVendorLibNull/TcgPpVendorLibNull.c

-              r58464
+              r58466
 Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   This API should be invoked in BIOS boot phase to process pending request.
   Caution: This function may receive untrusted input.
   If OperationRequest < 128, then ASSERT().
 …
   This API should be invoked in BIOS boot phase to process pending request.
   Caution: This function may receive untrusted input.
 …
   Caution: This function may receive untrusted input.
   If OperationRequest < 128, then ASSERT().
 …
   Caution: This function may receive untrusted input.
   If OperationRequest < 128, then ASSERT().

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/TcgPpVendorLibNull/TcgPpVendorLibNull.inf

r58464	r58466
33	33	MdePkg/MdePkg.dec
34	34	SecurityPkg/SecurityPkg.dec
35
	35
36	36	[LibraryClasses]
37	37	DebugLib

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/Tpm12CommandLib/Tpm12NvStorage.c

-              r58464
+              r58466
 /**
   Send NV DefineSpace command to TPM1.2.
   @param PubInfo           The public parameters of the NV area.
   @param EncAuth           The encrypted AuthData, only valid if the attributes require subsequent authorization.
 …
 /**
   Send NV WriteValue command to TPM1.2.
   @param NvIndex           The index of the area to set.
   @param Offset            The offset into the NV Area.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf

-              r58464
+              r58466
 ## @file
 #  Provides TPM 1.2 TIS functions
+#
 #  This library implements TIS (TPM Interface Specification) functions which is
 #  used for every TPM 1.2 command. Choosing this library means platform uses and
+#
+#  This library implements TIS (TPM Interface Specification) functions which is
+#  used for every TPM 1.2 command. Choosing this library means platform uses and
 #  only uses TPM 1.2 device.
+#

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12Tis.c

-              r58464
+              r58466
 /** @file
   TIS (TPM Interface Specification) functions used by TPM1.2.
 Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
 ///
 /// When this bit is 1, TPM is in the Ready state,
+/// When this bit is 1, TPM is in the Ready state,
 /// indicating it is ready to receive a new command.
 ///
 …
+{
   UINT8                             RegRead;
   RegRead = MmioRead8 ((UINTN)&TisReg->Access);
   return (BOOLEAN)(RegRead != (UINT8)-1);
 …
 /**
   Get BurstCount by reading the burstCount field of a TIS regiger
+  Get BurstCount by reading the burstCount field of a TIS regiger
   in the time of default TIS_TIMEOUT_D.
 …
 /**
   Set TPM chip to ready state by sending ready command TIS_PC_STS_READY
+  Set TPM chip to ready state by sending ready command TIS_PC_STS_READY
   to Status Register in time.
 …
 /**
   Get the control of TPM chip by sending requestUse command TIS_PC_ACC_RQUUSE
+  Get the control of TPM chip by sending requestUse command TIS_PC_ACC_RQUUSE
   to ACCESS Register in the time of default TIS_TIMEOUT_A.
 …
+{
   EFI_STATUS                        Status;
   if (TisReg == NULL) {
     return EFI_INVALID_PARAMETER;
+  }
   if (!Tpm12TisPcPresenceCheck (TisReg)) {
     return EFI_NOT_FOUND;
 …
   Send a command to TPM for execution and return response data.
   @param[in]      TisReg        TPM register space base address.
   @param[in]      BufferIn      Buffer for command data.
   @param[in]      SizeIn        Size of command data.
   @param[in, out] BufferOut     Buffer for response data.
   @param[in, out] SizeOut       Size of response data.
+  @param[in]      TisReg        TPM register space base address.
+  @param[in]      BufferIn      Buffer for command data.
+  @param[in]      SizeIn        Size of command data.
+  @param[in, out] BufferOut     Buffer for response data.
+  @param[in, out] SizeOut       Size of response data.
   @retval EFI_SUCCESS           Operation completed successfully.
   @retval EFI_BUFFER_TOO_SMALL  Response data buffer is too small.
 …
   @retval EFI_SUCCESS            The command byte stream was successfully sent to the device and a response was successfully received.
   @retval EFI_DEVICE_ERROR       The command was not successfully sent to the device or a response was not successfully received from the device.
   @retval EFI_BUFFER_TOO_SMALL   The output parameter block is too small.
+  @retval EFI_BUFFER_TOO_SMALL   The output parameter block is too small.
 **/
 EFI_STATUS

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.c

-              r58464
+              r58466
 #include <IndustryStandard/Tpm12.h>
 EFI_TCG_PROTOCOL  *mTcgProtocol = NULL;
+EFI_TCG_PROTOCOL  *mTcgProtocol = NULL;
 /**
 …
   @retval EFI_SUCCESS            The command byte stream was successfully sent to the device and a response was successfully received.
   @retval EFI_DEVICE_ERROR       The command was not successfully sent to the device or a response was not successfully received from the device.
   @retval EFI_BUFFER_TOO_SMALL   The output parameter block is too small.
+  @retval EFI_BUFFER_TOO_SMALL   The output parameter block is too small.
 **/
 EFI_STATUS

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf

r58464	r58466
22	22	MODULE_TYPE = BASE
23	23	VERSION_STRING = 1.0
24		LIBRARY_CLASS = Tpm12DeviceLib\|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER UEFI_APPLICATION UEFI_DRIVER
	24	LIBRARY_CLASS = Tpm12DeviceLib\|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER UEFI_APPLICATION UEFI_DRIVER
25	25
26	26	#

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/Tpm2CommandLib/Tpm2Capability.c

-              r58464
+              r58466
   This command returns various information regarding the TPM and its current state.
   The capability parameter determines the category of data returned. The property parameter
   selects the first value of the selected category to be returned. If there is no property
+  The capability parameter determines the category of data returned. The property parameter
+  selects the first value of the selected category to be returned. If there is no property
   that corresponds to the value of property, the next higher value is returned, if it exists.
   The moreData parameter will have a value of YES if there are more values of the requested
+  The moreData parameter will have a value of YES if there are more values of the requested
   type that were not returned.
   If no next capability exists, the TPM will return a zero-length list and moreData will have
+  If no next capability exists, the TPM will return a zero-length list and moreData will have
   a value of NO.
   NOTE:
   To simplify this function, leave returned CapabilityData for caller to unpack since there are
+  NOTE:
+  To simplify this function, leave returned CapabilityData for caller to unpack since there are
   many capability categories and only few categories will be used in firmware. It means the caller
   need swap the byte order for the feilds in CapabilityData.
   @param[in]  Capability         Group selection; determines the format of the response.
   @param[in]  Property           Further definition of information.
+  @param[in]  Property           Further definition of information.
   @param[in]  PropertyCount      Number of properties of the indicated type to return.
   @param[out] MoreData           Flag to indicate if there are more values of this type.
   @param[out] CapabilityData     The capability data.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   SendBuffer.Property = SwapBytes32 (Property);
   SendBuffer.PropertyCount = SwapBytes32 (PropertyCount);
   SendBufferSize = (UINT32) sizeof (SendBuffer);
   SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
   //
   // send Tpm command
 …
   //
   CopyMem (CapabilityData, &RecvBuffer.CapabilityData, RecvBufferSize - sizeof (TPM2_RESPONSE_HEADER) - sizeof (UINT8));
   return EFI_SUCCESS;
+}
 …
   @param[out] Family             The Family of TPM. (a 4-octet character string)
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   TPMS_CAPABILITY_DATA    TpmCap;
   TPMI_YES_NO             MoreData;
   EFI_STATUS              Status;
   Status = Tpm2GetCapability (
              TPM_CAP_TPM_PROPERTIES,
              TPM_PT_FAMILY_INDICATOR,
 ,
              &MoreData,
+  EFI_STATUS              Status;
+  Status = Tpm2GetCapability (
+             TPM_CAP_TPM_PROPERTIES,
+             TPM_PT_FAMILY_INDICATOR,
+,
+             &MoreData,
              &TpmCap
              );
 …
   @param[out] ManufactureId      The manufacture ID of TPM.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   TPMS_CAPABILITY_DATA    TpmCap;
   TPMI_YES_NO             MoreData;
   EFI_STATUS              Status;
   Status = Tpm2GetCapability (
              TPM_CAP_TPM_PROPERTIES,
              TPM_PT_MANUFACTURER,
 ,
              &MoreData,
+  EFI_STATUS              Status;
+  Status = Tpm2GetCapability (
+             TPM_CAP_TPM_PROPERTIES,
+             TPM_PT_MANUFACTURER,
+,
+             &MoreData,
              &TpmCap
              );
 …
   @param[out] FirmwareVersion1   The FirmwareVersion1.
   @param[out] FirmwareVersion2   The FirmwareVersion2.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   TPMS_CAPABILITY_DATA    TpmCap;
   TPMI_YES_NO             MoreData;
   EFI_STATUS              Status;
   Status = Tpm2GetCapability (
              TPM_CAP_TPM_PROPERTIES,
              TPM_PT_FIRMWARE_VERSION_1,
 ,
              &MoreData,
+  EFI_STATUS              Status;
+  Status = Tpm2GetCapability (
+             TPM_CAP_TPM_PROPERTIES,
+             TPM_PT_FIRMWARE_VERSION_1,
+,
+             &MoreData,
              &TpmCap
              );
 …
   Status = Tpm2GetCapability (
              TPM_CAP_TPM_PROPERTIES,
              TPM_PT_FIRMWARE_VERSION_2,
 ,
              &MoreData,
+             TPM_CAP_TPM_PROPERTIES,
+             TPM_PT_FIRMWARE_VERSION_2,
+,
+             &MoreData,
              &TpmCap
              );
 …
   @param[out] MaxCommandSize     The maximum value for commandSize in a command.
   @param[out] MaxResponseSize    The maximum value for responseSize in a command.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   Status = Tpm2GetCapability (
              TPM_CAP_TPM_PROPERTIES,
              TPM_PT_MAX_COMMAND_SIZE,
 ,
              &MoreData,
+             TPM_CAP_TPM_PROPERTIES,
+             TPM_PT_MAX_COMMAND_SIZE,
+,
+             &MoreData,
              &TpmCap
              );
 …
   Status = Tpm2GetCapability (
              TPM_CAP_TPM_PROPERTIES,
              TPM_PT_MAX_RESPONSE_SIZE,
 ,
              &MoreData,
+             TPM_CAP_TPM_PROPERTIES,
+             TPM_PT_MAX_RESPONSE_SIZE,
+,
+             &MoreData,
              &TpmCap
              );
 …
   *MaxResponseSize = SwapBytes32 (TpmCap.data.tpmProperties.tpmProperty->value);
   return EFI_SUCCESS;
+  return EFI_SUCCESS;
+}
 /**
   This command returns Returns a list of TPMS_ALG_PROPERTIES. Each entry is an
   algorithm ID and a set of properties of the algorithm.
+  algorithm ID and a set of properties of the algorithm.
   This function parse the value got from TPM2_GetCapability and return the list.
   @param[out] AlgList      List of algorithm.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   UINTN                   Index;
   EFI_STATUS              Status;
   Status = Tpm2GetCapability (
              TPM_CAP_ALGS,
 ,
              MAX_CAP_ALGS,
              &MoreData,
              &TpmCap
              );
   if (EFI_ERROR (Status)) {
     return Status;
+  }
+  Status = Tpm2GetCapability (
+             TPM_CAP_ALGS,
+,
+             MAX_CAP_ALGS,
+             &MoreData,
+             &TpmCap
+             );
+  if (EFI_ERROR (Status)) {
+    return Status;
+  }
   CopyMem (AlgList, &TpmCap.data.algorithms, sizeof (TPML_ALG_PROPERTY));
 …
   @param[out] LockoutCounter     The LockoutCounter of TPM.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   TPMS_CAPABILITY_DATA    TpmCap;
   TPMI_YES_NO             MoreData;
   EFI_STATUS              Status;
   Status = Tpm2GetCapability (
              TPM_CAP_TPM_PROPERTIES,
              TPM_PT_LOCKOUT_COUNTER,
 ,
              &MoreData,
+  EFI_STATUS              Status;
+  Status = Tpm2GetCapability (
+             TPM_CAP_TPM_PROPERTIES,
+             TPM_PT_LOCKOUT_COUNTER,
+,
+             &MoreData,
              &TpmCap
              );
 …
   @param[out] LockoutInterval    The LockoutInterval of TPM.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   TPMS_CAPABILITY_DATA    TpmCap;
   TPMI_YES_NO             MoreData;
   EFI_STATUS              Status;
   Status = Tpm2GetCapability (
              TPM_CAP_TPM_PROPERTIES,
              TPM_PT_LOCKOUT_INTERVAL,
 ,
              &MoreData,
+  EFI_STATUS              Status;
+  Status = Tpm2GetCapability (
+             TPM_CAP_TPM_PROPERTIES,
+             TPM_PT_LOCKOUT_INTERVAL,
+,
+             &MoreData,
              &TpmCap
              );
 …
   @param[out] InputBufferSize    The InputBufferSize of TPM.
                                  the maximum size of a parameter (typically, a TPM2B_MAX_BUFFER)
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   TPMS_CAPABILITY_DATA    TpmCap;
   TPMI_YES_NO             MoreData;
   EFI_STATUS              Status;
   Status = Tpm2GetCapability (
              TPM_CAP_TPM_PROPERTIES,
              TPM_PT_INPUT_BUFFER,
 ,
              &MoreData,
+  EFI_STATUS              Status;
+  Status = Tpm2GetCapability (
+             TPM_CAP_TPM_PROPERTIES,
+             TPM_PT_INPUT_BUFFER,
+,
+             &MoreData,
              &TpmCap
              );
 …
   @param[out] Pcrs    The Pcr Selection
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   Status = Tpm2GetCapability (
              TPM_CAP_PCRS,
 ,
 ,
              &MoreData,
+             TPM_CAP_PCRS,
+,
+,
+             &MoreData,
              &TpmCap
              );
 …
   @param[out] AlgorithmSet    The AlgorithmSet of TPM.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   TPMS_CAPABILITY_DATA    TpmCap;
   TPMI_YES_NO             MoreData;
   EFI_STATUS              Status;
   Status = Tpm2GetCapability (
              TPM_CAP_TPM_PROPERTIES,
              TPM_PT_ALGORITHM_SET,
 ,
              &MoreData,
+  EFI_STATUS              Status;
+  Status = Tpm2GetCapability (
+             TPM_CAP_TPM_PROPERTIES,
+             TPM_PT_ALGORITHM_SET,
+,
+             &MoreData,
              &TpmCap
              );

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/Tpm2CommandLib/Tpm2Context.c

-              r58464
+              r58466
   @param[in]  FlushHandle        The handle of the item to flush.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   SendBuffer.FlushHandle = SwapBytes32 (FlushHandle);
   SendBufferSize = (UINT32) sizeof (SendBuffer);
   SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/Tpm2CommandLib/Tpm2EnhancedAuthorization.c

-              r58464
+              r58466
   @param[out] Timeout            Time value used to indicate to the TPM when the ticket expires.
   @param[out] PolicyTicket       A ticket that includes a value indicating when the authorization expires.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   SendBuffer.AuthHandle = SwapBytes32 (AuthHandle);
   SendBuffer.PolicySession = SwapBytes32 (PolicySession);
   //
   // Add in Auth session
 …
   CopyMem (Buffer, PolicyRef->buffer, PolicyRef->size);
   Buffer += PolicyRef->size;
   WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32((UINT32)Expiration));
   Buffer += sizeof(UINT32);
 …
   @param[in] PolicySession      Handle for the policy session being extended.
   @param[in] HashList           the list of hashes to check for a match.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   @param[in]  PolicySession      Handle for the policy session being extended.
   @param[in]  Code               The allowed commandCode.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   @param[in]  PolicySession      Handle for the policy session.
   @param[out] PolicyHash         the current value of the policyHash of policySession.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/Tpm2CommandLib/Tpm2Help.c

r58464	r58466
74	74
75	75	Buffer = (UINT8 *)AuthSessionOut;
76
	76
77	77	//
78	78	// Add in Auth session

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/Tpm2CommandLib/Tpm2Hierarchy.c

-              r58464
+              r58466
   @param[in] AuthHandle        TPM_RH_LOCKOUT or TPM_RH_PLATFORM+{PP}
   @param[in] AuthSession       Auth Session context
   @retval EFI_SUCCESS      Operation completed successfully.
   @retval EFI_DEVICE_ERROR Unexpected device behavior.
 …
   //
   Status = Tpm2SubmitCommand (
              CmdSize,
              (UINT8 *)&Cmd,
+             CmdSize,
+             (UINT8 *)&Cmd,
              &ResultBufSize,
              ResultBuf
 …
   //
   Status = Tpm2SubmitCommand (
              CmdSize,
              (UINT8 *)&Cmd,
+             CmdSize,
+             (UINT8 *)&Cmd,
              &ResultBufSize,
              ResultBuf
 …
   //
   Status = Tpm2SubmitCommand (
              CmdSize,
              (UINT8 *)&Cmd,
+             CmdSize,
+             (UINT8 *)&Cmd,
              &ResultBufSize,
              ResultBuf
 …
   //
   Status = Tpm2SubmitCommand (
              CmdSize,
              (UINT8 *)&Cmd,
+             CmdSize,
+             (UINT8 *)&Cmd,
              &ResultBufSize,
              ResultBuf

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c

-              r58464
+              r58466
   //
   Buffer = (UINT8 *)&Cmd.AuthSessionPcr;
   // sessionInfoSize
   SessionInfoSize = CopyAuthSessionCommand (NULL, Buffer);
   Buffer += SessionInfoSize;
   Cmd.AuthorizationSize = SwapBytes32(SessionInfoSize);
   //Digest Count
   WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32(Digests->count));
   Buffer += sizeof(UINT32);
   //Digest
   for (Index = 0; Index < Digests->count; Index++) {
 …
   CopyMem (Buffer, EventData->buffer, EventData->size);
   Buffer += EventData->size;
   CmdSize              = (UINT32)((UINTN)Buffer - (UINTN)&Cmd);
   Cmd.Header.paramSize = SwapBytes32(CmdSize);
 …
   @param[out] PcrSelectionOut    The PCR in the returned list.
   @param[out] PcrValues          The contents of the PCR indicated in pcrSelect.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   SendBuffer.Header.tag = SwapBytes16(TPM_ST_NO_SESSIONS);
   SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_PCR_Read);
   SendBuffer.PcrSelectionIn.count = SwapBytes32(PcrSelectionIn->count);
   for (Index = 0; Index < PcrSelectionIn->count; Index++) {
 …
   @param[out] SizeNeeded         number of octets required to satisfy the request
   @param[out] SizeAvailable      Number of octets available. Computed before the allocation
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   //
   Status = Tpm2SubmitCommand (
              CmdSize,
              (UINT8 *)&Cmd,
+             CmdSize,
+             (UINT8 *)&Cmd,
              &ResultBufSize,
              ResultBuf

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/Tpm2CommandLib/Tpm2NVStorage.c

-              r58464
+              r58466
   @param[out] NvPublic           The public area of the index.
   @param[out] NvName             The Name of the nvIndex.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   SendBuffer.NvIndex = SwapBytes32 (NvIndex);
   SendBufferSize = (UINT32) sizeof (SendBuffer);
   SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
 …
   CopyMem (NvName, (UINT8 *)&RecvBuffer + sizeof(TPM2_RESPONSE_HEADER) + sizeof(UINT16) + NvPublicSize, NvNameSize);
   NvName->size = NvNameSize;
   return EFI_SUCCESS;
+}
 …
   @param[in]  Auth               The authorization data.
   @param[in]  NvPublic           The public area of the index.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
     return EFI_DEVICE_ERROR;
+  }
   return EFI_SUCCESS;
+}
 …
   @param[in]  NvIndex            The NV Index.
   @param[in]  AuthSession        Auth Session context
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   @param[in]     Offset             Byte offset into the area.
   @param[in,out] OutData            The data read.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   OutData->size = SwapBytes16 (RecvBuffer.Data.size);
   CopyMem (OutData->buffer, &RecvBuffer.Data.buffer, OutData->size);
   return EFI_SUCCESS;
+}
 …
   @param[in]  InData             The data to write.
   @param[in]  Offset             The offset into the NV Area.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/Tpm2CommandLib/Tpm2Sequences.c

-              r58464
+              r58466
                                 An Event sequence starts if this is TPM_ALG_NULL.
   @param[out] SequenceHandle    A handle to reference the sequence
   @retval EFI_SUCCESS      Operation completed successfully.
   @retval EFI_DEVICE_ERROR Unexpected device behavior.
 …
   @param[in] SequenceHandle    Handle for the sequence object
   @param[in] Buffer            Data to be added to hash
   @retval EFI_SUCCESS      Operation completed successfully.
   @retval EFI_DEVICE_ERROR Unexpected device behavior.
 …
   @param[in]  Buffer            Data to be added to the Event
   @param[out] Results           List of digests computed for the PCR
   @retval EFI_SUCCESS      Operation completed successfully.
   @retval EFI_DEVICE_ERROR Unexpected device behavior.
 …
   @param[in]  Buffer            Data to be added to the hash/HMAC
   @param[out] Result            The returned HMAC or digest in a sized buffer
   @retval EFI_SUCCESS      Operation completed successfully.
   @retval EFI_DEVICE_ERROR Unexpected device behavior.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/Tpm2CommandLib/Tpm2Session.c

-              r58464
+              r58466
   @param[out] SessionHandle      Handle for the newly created session.
   @param[out] NonceTPM           The initial nonce from the TPM, used in the computation of the sessionKey.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
 …
   WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (AuthHash));
   Buffer += sizeof(UINT16);
   SendBufferSize = (UINT32) ((UINTN)Buffer - (UINTN)&SendBuffer);
   SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.c

-              r58464
+              r58466
   @retval EFI_SUCCESS            The command byte stream was successfully sent to the device and a response was successfully received.
   @retval EFI_DEVICE_ERROR       The command was not successfully sent to the device or a response was not successfully received from the device.
   @retval EFI_BUFFER_TOO_SMALL   The output parameter block is too small.
+  @retval EFI_BUFFER_TOO_SMALL   The output parameter block is too small.
 **/
 EFI_STATUS
 …
   @retval EFI_SUCCESS            The command byte stream was successfully sent to the device and a response was successfully received.
   @retval EFI_DEVICE_ERROR       The command was not successfully sent to the device or a response was not successfully received from the device.
   @retval EFI_BUFFER_TOO_SMALL   The output parameter block is too small.
+  @retval EFI_BUFFER_TOO_SMALL   The output parameter block is too small.
 **/
 EFI_STATUS

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf

-              r58464
+              r58466
 ## @file
 #  Provides TPM 2.0 TIS functions for DTPM
+#
 #  This library implements TIS (TPM Interface Specification) functions which is
 #  used for every TPM 2.0 command. Choosing this library means platform uses and
+#
+#  This library implements TIS (TPM Interface Specification) functions which is
+#  used for every TPM 2.0 command. Choosing this library means platform uses and
 #  only uses TPM 2.0 DTPM device.
+#

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.c

-              r58464
+              r58466
   @retval EFI_SUCCESS            The command byte stream was successfully sent to the device and a response was successfully received.
   @retval EFI_DEVICE_ERROR       The command was not successfully sent to the device or a response was not successfully received from the device.
   @retval EFI_BUFFER_TOO_SMALL   The output parameter block is too small.
+  @retval EFI_BUFFER_TOO_SMALL   The output parameter block is too small.
 **/
 EFI_STATUS
 …
 /**
   The function register DTPM2.0 instance.
   @retval EFI_SUCCESS   DTPM2.0 instance is registered, or system dose not surpport registr DTPM2.0 instance
 **/

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf

r58464	r58466
2	2	# Provides a DTPM instance for TPM 2.0
3	3	#
4		# This library can be registered to Tpm 2.0 device router, to be active TPM 2.0
	4	# This library can be registered to Tpm 2.0 device router, to be active TPM 2.0
5	5	# engine, based on platform setting.
6	6	#

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Tis.c

-              r58464
+              r58466
 /** @file
   TIS (TPM Interface Specification) functions used by dTPM2.0 library.
 Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
 ///
 /// When this bit is 1, TPM is in the Ready state,
+/// When this bit is 1, TPM is in the Ready state,
 /// indicating it is ready to receive a new command.
 ///
 …
+{
   UINT8                             RegRead;
   RegRead = MmioRead8 ((UINTN)&TisReg->Access);
   return (BOOLEAN)(RegRead != (UINT8)-1);
 …
 /**
   Get BurstCount by reading the burstCount field of a TIS regiger
+  Get BurstCount by reading the burstCount field of a TIS regiger
   in the time of default TIS_TIMEOUT_D.
 …
 /**
   Set TPM chip to ready state by sending ready command TIS_PC_STS_READY
+  Set TPM chip to ready state by sending ready command TIS_PC_STS_READY
   to Status Register in time.
 …
 /**
   Get the control of TPM chip by sending requestUse command TIS_PC_ACC_RQUUSE
+  Get the control of TPM chip by sending requestUse command TIS_PC_ACC_RQUUSE
   to ACCESS Register in the time of default TIS_TIMEOUT_A.
 …
+{
   EFI_STATUS                        Status;
   if (TisReg == NULL) {
     return EFI_INVALID_PARAMETER;
+  }
   if (!TisPcPresenceCheck (TisReg)) {
     return EFI_NOT_FOUND;
 …
   Send a command to TPM for execution and return response data.
   @param[in]      TisReg        TPM register space base address.
   @param[in]      BufferIn      Buffer for command data.
   @param[in]      SizeIn        Size of command data.
   @param[in, out] BufferOut     Buffer for response data.
   @param[in, out] SizeOut       Size of response data.
+  @param[in]      TisReg        TPM register space base address.
+  @param[in]      BufferIn      Buffer for command data.
+  @param[in]      SizeIn        Size of command data.
+  @param[in, out] BufferOut     Buffer for response data.
+  @param[in, out] SizeOut       Size of response data.
   @retval EFI_SUCCESS           Operation completed successfully.
   @retval EFI_BUFFER_TOO_SMALL  Response data buffer is too small.
 …
   @retval EFI_SUCCESS            The command byte stream was successfully sent to the device and a response was successfully received.
   @retval EFI_DEVICE_ERROR       The command was not successfully sent to the device or a response was not successfully received from the device.
   @retval EFI_BUFFER_TOO_SMALL   The output parameter block is too small.
+  @retval EFI_BUFFER_TOO_SMALL   The output parameter block is too small.
 **/
 EFI_STATUS

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.c

r58464	r58466
33	33	@retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received.
34	34	@retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device.
35		@retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
	35	@retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
36	36	**/
37	37	EFI_STATUS

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf

r58464	r58466
23	23	MODULE_TYPE = DXE_DRIVER
24	24	VERSION_STRING = 1.0
25		LIBRARY_CLASS = Tpm2DeviceLib\|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
	25	LIBRARY_CLASS = Tpm2DeviceLib\|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
26	26
27	27	#

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterPei.c

r58464	r58466
55	55	@retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received.
56	56	@retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device.
57		@retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
	57	@retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
58	58	**/
59	59	EFI_STATUS

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/Tpm2DeviceLibTrEE/Tpm2DeviceLibTrEE.c

-              r58464
+              r58466
 #include <IndustryStandard/Tpm20.h>
 EFI_TREE_PROTOCOL  *mTreeProtocol = NULL;
+EFI_TREE_PROTOCOL  *mTreeProtocol = NULL;
 /**
 …
   @retval EFI_SUCCESS            The command byte stream was successfully sent to the device and a response was successfully received.
   @retval EFI_DEVICE_ERROR       The command was not successfully sent to the device or a response was not successfully received from the device.
   @retval EFI_BUFFER_TOO_SMALL   The output parameter block is too small.
+  @retval EFI_BUFFER_TOO_SMALL   The output parameter block is too small.
 **/
 EFI_STATUS

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/Tpm2DeviceLibTrEE/Tpm2DeviceLibTrEE.inf

r58464	r58466
22	22	MODULE_TYPE = DXE_DRIVER
23	23	VERSION_STRING = 1.0
24		LIBRARY_CLASS = Tpm2DeviceLib\|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
	24	LIBRARY_CLASS = Tpm2DeviceLib\|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
25	25
26	26	#

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/TpmCommLib/CommonHeader.h

-              r48674
+              r58466
 Copyright (c) 2006 - 2010, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/TpmCommLib/TisPc.c

-              r58459
+              r58466
 Copyright (c) 2005 - 2012, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
+{
   UINT8                             RegRead;
   RegRead = MmioRead8 ((UINTN)&TisReg->Access);
   return (BOOLEAN)(RegRead != (UINT8)-1);
 …
 /**
   Get BurstCount by reading the burstCount field of a TIS regiger
+  Get BurstCount by reading the burstCount field of a TIS regiger
   in the time of default TIS_TIMEOUT_D.
 …
 /**
   Set TPM chip to ready state by sending ready command TIS_PC_STS_READY
+  Set TPM chip to ready state by sending ready command TIS_PC_STS_READY
   to Status Register in time.
 …
 /**
   Get the control of TPM chip by sending requestUse command TIS_PC_ACC_RQUUSE
+  Get the control of TPM chip by sending requestUse command TIS_PC_ACC_RQUUSE
   to ACCESS Register in the time of default TIS_TIMEOUT_A.
 …
+{
   EFI_STATUS                        Status;
   if (TisReg == NULL) {
     return EFI_INVALID_PARAMETER;
+  }
   if (!TisPcPresenceCheck (TisReg)) {
     return EFI_NOT_FOUND;

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/TpmCommLib/TpmComm.c

-              r48674
+              r58466
 Copyright (c) 2005 - 2010, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   @param[in]  DataLen       Size of the raw data.
   @param[out] Digest        Pointer to a buffer that stores the final digest.
   @retval     EFI_SUCCESS   Always successfully calculate the final digest.
 **/

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/TpmCommLib/TpmCommLib.inf

r58459	r58466
2	2	# Provides some common functions for the TCG feature
3	3	#
4		# This instance provides basic TPM Interface Specification (TIS) functions
	4	# This instance provides basic TPM Interface Specification (TIS) functions
5	5	# and TPM hashall function.
6	6	#

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/TrEEPpVendorLibNull/TrEEPpVendorLibNull.c

-              r58464
+              r58466
 Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   This API should be invoked in BIOS boot phase to process pending request.
   Caution: This function may receive untrusted input.
   If OperationRequest < 128, then ASSERT().
 …
   This API should be invoked in BIOS boot phase to process pending request.
   Caution: This function may receive untrusted input.
 …
   Caution: This function may receive untrusted input.
   If OperationRequest < 128, then ASSERT().
 …
   Caution: This function may receive untrusted input.
   If OperationRequest < 128, then ASSERT().

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Library/TrEEPpVendorLibNull/TrEEPpVendorLibNull.inf

r58464	r58466
33	33	MdePkg/MdePkg.dec
34	34	SecurityPkg/SecurityPkg.dec
35
	35
36	36	[LibraryClasses]
37	37	DebugLib

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.c

-              r58464
+              r58466
 /** @file
   Core Primitive Implementation of the Advanced Encryption Standard (AES) algorithm.
   Refer to FIPS PUB 197 ("Advanced Encryption Standard (AES)") for detailed algorithm
   description of AES.
+  Refer to FIPS PUB 197 ("Advanced Encryption Standard (AES)") for detailed algorithm
+  description of AES.
 Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
 …
 //
 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT32 AesForwardTable[] = {
 xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d, 0xfff2f20d, 0xd66b6bbd,
+xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d, 0xfff2f20d, 0xd66b6bbd,
 xde6f6fb1, 0x91c5c554, 0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d,
 xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a, 0x8fcaca45, 0x1f82829d,
+xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a, 0x8fcaca45, 0x1f82829d,
 x89c9c940, 0xfa7d7d87, 0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b,
 x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea, 0x239c9cbf, 0x53a4a4f7,
+x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea, 0x239c9cbf, 0x53a4a4f7,
 xe4727296, 0x9bc0c05b, 0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a,
 x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f, 0x6834345c, 0x51a5a5f4,
+x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f, 0x6834345c, 0x51a5a5f4,
 xd1e5e534, 0xf9f1f108, 0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f,
 x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e, 0x30181828, 0x379696a1,
+x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e, 0x30181828, 0x379696a1,
 x0a05050f, 0x2f9a9ab5, 0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d,
 xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f, 0x1209091b, 0x1d83839e,
+xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f, 0x1209091b, 0x1d83839e,
 x582c2c74, 0x341a1a2e, 0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb,
 xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce, 0x5229297b, 0xdde3e33e,
+xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce, 0x5229297b, 0xdde3e33e,
 x5e2f2f71, 0x13848497, 0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c,
 x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed, 0xd46a6abe, 0x8dcbcb46,
+x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed, 0xd46a6abe, 0x8dcbcb46,
 x67bebed9, 0x7239394b, 0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a,
 xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16, 0x864343c5, 0x9a4d4dd7,
+xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16, 0x864343c5, 0x9a4d4dd7,
 x66333355, 0x11858594, 0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81,
 xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3, 0xa25151f3, 0x5da3a3fe,
+xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3, 0xa25151f3, 0x5da3a3fe,
 x804040c0, 0x058f8f8a, 0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504,
 x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163, 0x20101030, 0xe5ffff1a,
+x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163, 0x20101030, 0xe5ffff1a,
 xfdf3f30e, 0xbfd2d26d, 0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f,
 xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739, 0x93c4c457, 0x55a7a7f2,
+xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739, 0x93c4c457, 0x55a7a7f2,
 xfc7e7e82, 0x7a3d3d47, 0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395,
 xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f, 0x44222266, 0x542a2a7e,
+xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f, 0x44222266, 0x542a2a7e,
 x3b9090ab, 0x0b888883, 0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c,
 xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76, 0xdbe0e03b, 0x64323256,
+xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76, 0xdbe0e03b, 0x64323256,
 x743a3a4e, 0x140a0a1e, 0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4,
 x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6, 0x399191a8, 0x319595a4,
+x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6, 0x399191a8, 0x319595a4,
 xd3e4e437, 0xf279798b, 0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7,
 x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0, 0xd86c6cb4, 0xac5656fa,
+x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0, 0xd86c6cb4, 0xac5656fa,
 xf3f4f407, 0xcfeaea25, 0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818,
 x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72, 0x381c1c24, 0x57a6a6f1,
+x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72, 0x381c1c24, 0x57a6a6f1,
 x73b4b4c7, 0x97c6c651, 0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21,
 x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85, 0xe0707090, 0x7c3e3e42,
+x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85, 0xe0707090, 0x7c3e3e42,
 x71b5b5c4, 0xcc6666aa, 0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12,
 xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0, 0x17868691, 0x99c1c158,
+xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0, 0x17868691, 0x99c1c158,
 x3a1d1d27, 0x279e9eb9, 0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133,
 xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7, 0x2d9b9bb6, 0x3c1e1e22,
+xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7, 0x2d9b9bb6, 0x3c1e1e22,
 x15878792, 0xc9e9e920, 0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a,
 x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17, 0x65bfbfda, 0xd7e6e631,
+x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17, 0x65bfbfda, 0xd7e6e631,
 x844242c6, 0xd06868b8, 0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11,
 x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a
 …
 /**
   AES Key Expansion.
+  AES Key Expansion.
   This function expands the cipher key into encryption schedule.
 …
     LOAD32H (Ek[Index1], Key + Index2);
+  }
   //
   // Initialize the encryption key scheduler
 …
     } else {
       //
       // Different routine for key expansion If Cipher Key is 256 bits,
+      // Different routine for key expansion If Cipher Key is 256 bits,
       //
       for (Index1 = 1; Index1 < 4 && (Index1 + Index2) < Nw; Index1++) {
 …
                                                (AES_FT1((Temp)       & 0xFF) & 0x000000FF);
+      }
       for (Index1 = 5; Index1 < Nk && (Index1 + Index2) < Nw; Index1++) {
         Ek[Index1 + Index2] = Ek[Index1 + Index2 - Nk] ^ Ek[Index1 + Index2 - 1];
 …
   //
   // AES Cipher transformation rounds (Nr - 1 rounds), in which SubBytes(),
   // ShiftRows() and MixColumns() operations were combined by a sequence of
+  // AES Cipher transformation rounds (Nr - 1 rounds), in which SubBytes(),
+  // ShiftRows() and MixColumns() operations were combined by a sequence of
   // table lookups to speed up the execution.
   //

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/RandomNumberGenerator/RngDxe/IA32/AsmRdRand.asm

-              r58464
+              r58466
 ; Notes:
+;
 ;   Visual Studio coding practices do not use inline asm since multiple compilers and
+;   Visual Studio coding practices do not use inline asm since multiple compilers and
 ;   architectures are supported assembler not recognizing rdrand instruction so using DB's.
+;
 …
     .model flat, C
     .code
 ;------------------------------------------------------------------------------
 ;  Generate a 16 bit random number

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/RandomNumberGenerator/RngDxe/IA32/GccRdRand.c

-              r58464
+              r58466
   __asm__ __volatile__ (
     ".byte 0x66; .byte 0x0f; .byte 0xc7; .byte 0xf0; setc %1"
     :"=a"  (*Rand),
+    :"=a"  (*Rand),
      "=qm" (Carry)
     );
+    );
   return (BOOLEAN) Carry;
 …
   __asm__ __volatile__ (
     ".byte 0x0f; .byte 0xc7; .byte 0xf0; setc %1"
     :"=a"  (*Rand),
+    :"=a"  (*Rand),
      "=qm" (Carry)
     );

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/RandomNumberGenerator/RngDxe/IA32/RdRandWord.c

-              r58464
+              r58466
   //
   // Generating a 64-bit rand on a 32-bit system by
+  // Generating a 64-bit rand on a 32-bit system by
   // mapping two 32-bit RDRAND instructions.
   //
 …
       return Status;
+    }
     RandBuffer++;
+  }

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/RandomNumberGenerator/RngDxe/RdRand.c

r58464	r58466
43	43	Status = EFI_UNSUPPORTED;
44	44	IsIntelCpu = FALSE;
45
	45
46	46	//
47	47	// Checks whether the current processor is an Intel product by CPUID.
…	…
103	103	}
104	104	}
105
	105
106	106	return EFI_NOT_READY;
107	107	}
…	…
141	141	}
142	142	}
143
	143
144	144	return EFI_NOT_READY;
145	145	}
…	…
179	179	}
180	180	}
181
	181
182	182	return EFI_NOT_READY;
183	183	}
…	…
215	215
216	216	//
217		// Compute the address of the first word aligned (32/64-bit) block in the
	217	// Compute the address of the first word aligned (32/64-bit) block in the
218	218	// destination buffer, depending on whether we are in 32- or 64-bit mode.
219	219	//
…	…
286	286	delays to ensure reseeding and performs AES-CBC-MAC over the data to compute the
287	287	seed value.
288
	288
289	289	@param[out] SeedBuffer Pointer to a 128bit buffer to store the random seed.
290	290

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/RandomNumberGenerator/RngDxe/RdRand.h

-              r58464
+              r58466
 //
 // The maximun number of retries to obtain one available random number.
+// The maximun number of retries to obtain one available random number.
 //
 #define RETRY_LIMIT    10
 …
   IN BOOLEAN       NeedRetry
   );
 /**
   Calls RDRAND to request a word-length random number.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.c

-              r58464
+              r58466
 /** @file
+/** @file
   RNG Driver to produce the UEFI Random Number Generator protocol.
   The driver will use the new RDRAND instruction to produce high-quality, high-performance
+  The driver will use the new RDRAND instruction to produce high-quality, high-performance
   entropy and random number.
 …
 Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   @param[in]     This                 A pointer to the EFI_RNG_PROTOCOL instance.
   @param[in,out] RNGAlgorithmListSize On input, the size in bytes of RNGAlgorithmList.
+  @param[in,out] RNGAlgorithmListSize On input, the size in bytes of RNGAlgorithmList.
                                       On output with a return code of EFI_SUCCESS, the size
                                       in bytes of the data returned in RNGAlgorithmList. On output
 …
+  }
   *RNGAlgorithmListSize = RequiredSize;
   return Status;
+}
 …
   if (CompareGuid (RNGAlgorithm, &gEfiRngAlgorithmRaw)) {
     //
     // When a DRBG is used on the output of a entropy source,
+    // When a DRBG is used on the output of a entropy source,
     // its security level must be at least 256 bits according to UEFI Spec.
     //
 …
       return EFI_INVALID_PARAMETER;
+    }
     Status = RdRandGenerateEntropy (RNGValueLength, RNGValue);
     return Status;
 …
                   NULL
                   );
   return Status;
+}

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf

r58464	r58466
60	60	UefiBootServicesTableLib
61	61	BaseLib
62		DebugLib
	62	DebugLib
63	63	UefiDriverEntryPoint
64	64	TimerLib

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/RandomNumberGenerator/RngDxe/X64/AsmRdRand.asm

-              r58464
+              r58466
 ; Notes:
+;
 ;   Visual Studio coding practices do not use inline asm since multiple compilers and
+;   Visual Studio coding practices do not use inline asm since multiple compilers and
 ;   architectures are supported assembler not recognizing rdrand instruction so using DB's.
+;
 …
     .code
 ;------------------------------------------------------------------------------
 ;  Generate a 16 bit random number
 …
 RdRand64Step  PROC
     ; rdrand   rax                 ; generate a 64 bit RN into rax, CF=1 if RN generated ok, otherwise CF=0
     db     048h, 0fh, 0c7h, 0f0h   ; rdrand r64: "REX.W + 0F C7 /6 ModRM:r/m(w)"
+    db     048h, 0fh, 0c7h, 0f0h   ; rdrand r64: "REX.W + 0F C7 /6 ModRM:r/m(w)"
     jb     rn64_ok                 ; jmp if CF=1
     xor    rax, rax                ; reg=0 if CF=0

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/RandomNumberGenerator/RngDxe/X64/GccRdRand.c

-              r58464
+              r58466
     :"=a"  (*Rand),
      "=qm" (Carry)
     );
+    );
   return (BOOLEAN) Carry;
 …
   __asm__ __volatile__ (
     ".byte 0x0f; .byte 0xc7; .byte 0xf0; setc %1"
     :"=a"  (*Rand),
+    :"=a"  (*Rand),
      "=qm" (Carry)
     );
 …
   __asm__ __volatile__ (
     ".byte 0x48; .byte 0x0f; .byte 0xc7; .byte 0xf0; setc %1"
     :"=a"  (*Rand),
+    :"=a"  (*Rand),
      "=qm" (Carry)
     );
   return (BOOLEAN) Carry;
+}

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/RandomNumberGenerator/RngDxe/X64/RdRandWord.c

r58464	r58466
63	63	return Status;
64	64	}
65
	65
66	66	RandBuffer++;
67	67	}

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/SecurityPkg.dec

Property svn:eol-style set to native

-              r58459
+              r58466
 [LibraryClasses]
   ##  @libraryclass  Provides hash interfaces from different implementations.
+  #
+  #
   HashLib|Include/Library/HashLib.h
   ##  @libraryclass  Provides a platform specific interface to detect physically present user.
+  #
   PlatformSecureLib|Include/Library/PlatformSecureLib.h
   ##  @libraryclass  Provides interfaces to handle TPM 1.2 request.
+  #
   TcgPhysicalPresenceLib|Include/Library/TcgPhysicalPresenceLib.h
   ##  @libraryclass  Provides support for TCG PP >= 128 Vendor Specific PPI Operation.
+  #
   TcgPpVendorLib|Include/Library/TcgPpVendorLib.h
   ##  @libraryclass  Provides interfaces for other modules to send TPM 2.0 command.
+  #
   Tpm2CommandLib|Include/Library/Tpm2CommandLib.h
   ##  @libraryclass  Provides interfaces on how to access TPM 2.0 hardware device.
+  #
   Tpm2DeviceLib|Include/Library/Tpm2DeviceLib.h
   ##  @libraryclass  Provides interfaces for other modules to send TPM 1.2 command.
+  #
   Tpm12CommandLib|Include/Library/Tpm12CommandLib.h
   ##  @libraryclass  Provides interfaces on how to access TPM 1.2 hardware device.
+  #
   Tpm12DeviceLib|Include/Library/Tpm12DeviceLib.h
   ##  @libraryclass  Provides TPM Interface Specification (TIS) interfaces for TPM command.
+  #
   TpmCommLib|Include/Library/TpmCommLib.h
   ##  @libraryclass  Provides common interfaces about TPM measurement for other modules.
+  #
   TpmMeasurementLib|Include/Library/TpmMeasurementLib.h
   ##  @libraryclass  Provides interfaces to handle TPM 2.0 request.
+  #
   TrEEPhysicalPresenceLib|Include/Library/TrEEPhysicalPresenceLib.h
   ##  @libraryclass  Provides support for TrEE PP >= 128 Vendor Specific PPI Operation.
+  #
 …
   ## GUID used to "VendorKeysNv" variable to record the out of band secure boot keys modification.
   #  This variable is a read-only NV variable that indicates whether someone other than the platform vendor has used a
+  #  This variable is a read-only NV variable that indicates whether someone other than the platform vendor has used a
   #  mechanism not defined by the UEFI Specification to transition the system to setup mode or to update secure boot keys.
   #  Include/Guid/AuthenticatedVariableFormat.h
 …
   #  Include/Guid/AuthenticatedVariableFormat.h
   gEfiCertDbGuid                     = { 0xd9bee56e, 0x75dc, 0x49d9, { 0xb4, 0xd7, 0xb5, 0x34, 0x21, 0xf, 0x63, 0x7a } }
   ## Hob GUID used to pass a TCG_PCR_EVENT from a TPM PEIM to a TPM DXE Driver.
   #  Include/Guid/TcgEventHob.h
 …
   #  Include/Guid/PhysicalPresenceData.h
   gEfiPhysicalPresenceGuid           = { 0xf6499b1, 0xe9ad, 0x493d, { 0xb9, 0xc2, 0x2f, 0x90, 0x81, 0x5c, 0x6c, 0xbc }}
   ## GUID used for form browser, password credential and provider identifier.
   # Include/Guid/PwdCredentialProviderHii.h
 …
   #  Include/Guid/TcgConfigHii.h
   gTcgConfigFormSetGuid              = { 0xb0f901e4, 0xc424, 0x45de, { 0x90, 0x81, 0x95, 0xe2, 0xb, 0xde, 0x6f, 0xb5 }}
   ## GUID used for FormSet.
   #  Include/Guid/SecureBootConfigHii.h
 …
   #  Include/Guid/TpmInstance.h
   gEfiTpmDeviceInstanceNoneGuid      = { 0x00000000, 0x0000, 0x0000, { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }
   ## GUID value used for PcdTpmInstanceGuid to indicate TPM 1.2 device is selected to support.
   #  Include/Guid/TpmInstance.h
   gEfiTpmDeviceInstanceTpm12Guid     = { 0x8b01e5b6, 0x4f19, 0x46e8, { 0xab, 0x93, 0x1c, 0x53, 0x67, 0x1b, 0x90, 0xcc } }
   ## GUID value used for PcdTpmInstanceGuid to indicate discrete TPM 2.0 device is selected to support.
   #  Include/Guid/TpmInstance.h
   gEfiTpmDeviceInstanceTpm20DtpmGuid = { 0x286bf25a, 0xc2c3, 0x408c, { 0xb3, 0xb4, 0x25, 0xe6, 0x75, 0x8b, 0x73, 0x17 } }
   ## GUID used to select supported TPM instance from UI.
   #  Include/Guid/TpmInstance.h
 …
   #  0x00000005      Query user when there is security violation.<BR>
   # @Prompt Set policy for the image from fixed media.
   # @ValidRange 0x80000001 | 0x00000000 - 0x00000005
+  # @ValidRange 0x80000001 | 0x00000000 - 0x00000005
   gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy|0x04|UINT32|0x00000003
   ## Defer Image Load policy settings. The policy is bitwise.
   #  If a bit is set, the image from corresponding device will be trusted when loading. Or
+  ## Defer Image Load policy settings. The policy is bitwise.
+  #  If a bit is set, the image from corresponding device will be trusted when loading. Or
   #  the image will be deferred. The deferred image will be checked after user is identified.<BR><BR>
   #    BIT0       - Image from unknown device. <BR>
 …
   #    BIT4       - Image from fixed media device which includes hard disk.<BR>
   # @Prompt Set policy whether trust image before user identification.
   # @ValidRange 0x80000002 | 0x00000000 - 0x0000001F
+  # @ValidRange 0x80000002 | 0x00000000 - 0x0000001F
   gEfiSecurityPkgTokenSpaceGuid.PcdDeferImageLoadPolicy|0x0000001F|UINT32|0x0000004
 …
   #  Note: This PCD is not been used.
   # @Prompt Max variable size for append operation.
   gEfiSecurityPkgTokenSpaceGuid.PcdMaxAppendVariableSize|0x2000|UINT32|0x30000005
+  gEfiSecurityPkgTokenSpaceGuid.PcdMaxAppendVariableSize|0x2000|UINT32|0x30000005
   ## Specifies the type of TCG platform that contains TPM chip.<BR><BR>
 …
   #  If 1, TCG platform type is PC server.<BR>
   # @Prompt Select platform type.
   # @ValidRange 0x80000001 | 0x00 - 0x1
+  # @ValidRange 0x80000001 | 0x00 - 0x1
   gEfiSecurityPkgTokenSpaceGuid.PcdTpmPlatformClass|0|UINT8|0x00000006
   ## Progress Code for TPM device subclass definitions.<BR><BR>
   #  EFI_PERIPHERAL_TPM  = (EFI_PERIPHERAL | 0x000D0000) = 0x010D0000<BR>
 …
 [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]
   ## Indicates the presence or absence of the platform operator during firmware booting.
   #  If platform operator is not physical presence during boot. TPM will be locked and the TPM commands
+  #  If platform operator is not physical presence during boot. TPM will be locked and the TPM commands
   #  that required operator physical presence can not run.<BR><BR>
   #   TRUE  - The platform operator is physically present.<BR>
 …
 [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]
   ## Indicates whether TPM physical presence is locked during platform initialization.
+  ## Indicates whether TPM physical presence is locked during platform initialization.
   #  Once it is locked, it can not be unlocked for TPM life time.<BR><BR>
   #   TRUE  - Lock TPM physical presence asserting method.<BR>
 …
   #  If 1, initialization needed.<BR>
   # @Prompt TPM 2.0 device initialization policy.<BR>
   # @ValidRange 0x80000001 | 0x00 - 0x1
+  # @ValidRange 0x80000001 | 0x00 - 0x1
   gEfiSecurityPkgTokenSpaceGuid.PcdTpm2InitializationPolicy|1|UINT8|0x0001000A
 …
   #  If 1, initialization needed.<BR>
   # @Prompt TPM 1.2 device initialization policy.
   # @ValidRange 0x80000001 | 0x00 - 0x1
+  # @ValidRange 0x80000001 | 0x00 - 0x1
   gEfiSecurityPkgTokenSpaceGuid.PcdTpmInitializationPolicy|1|UINT8|0x0001000B
 …
   #  if 1, SelfTest needed.<BR>
   # @Prompt TPM 2.0 device selftest.
   # @ValidRange 0x80000001 | 0x00 - 0x1
+  # @ValidRange 0x80000001 | 0x00 - 0x1
   gEfiSecurityPkgTokenSpaceGuid.PcdTpm2SelfTestPolicy|1|UINT8|0x0001000C
 …
   #  if 1, SCRTM measurement done by BIOS.<BR>
   # @Prompt SCRTM policy setting for TPM 2.0 device.
   # @ValidRange 0x80000001 | 0x00 - 0x1
+  # @ValidRange 0x80000001 | 0x00 - 0x1
   gEfiSecurityPkgTokenSpaceGuid.PcdTpm2ScrtmPolicy|1|UINT8|0x0001000D
 …
   #  if 1, SCRTM measurement done by BIOS.<BR>
   # @Prompt SCRTM policy setting for TPM 1.2 device
   # @ValidRange 0x80000001 | 0x00 - 0x1
+  # @ValidRange 0x80000001 | 0x00 - 0x1
   gEfiSecurityPkgTokenSpaceGuid.PcdTpmScrtmPolicy|1|UINT8|0x0001000E
 …
   #    BIT3  -  SHA512.<BR>
   # @Prompt Hash mask for TPM 2.0
   # @ValidRange 0x80000001 | 0x00000000 - 0x0000000F
+  # @ValidRange 0x80000001 | 0x00000000 - 0x0000000F
   gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask|0x0000000F|UINT32|0x00010010
 …
+  #
   gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer|{0x91, 0x29, 0xc4, 0xbd, 0xea, 0x6d, 0xda, 0xb3, 0xaa, 0x6f, 0x50, 0x16, 0xfc, 0xdb, 0x4b, 0x7e, 0x3c, 0xd6, 0xdc, 0xa4, 0x7a, 0x0e, 0xdd, 0xe6, 0x15, 0x8c, 0x73, 0x96, 0xa2, 0xd4, 0xa6, 0x4d}|VOID*|0x00010013
 [UserExtensions.TianoCore."ExtraFiles"]
   SecurityPkgExtra.uni

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/SecurityPkg.dsc

-              r58459
+              r58466
 [LibraryClasses]
   DebugLib|MdePkg/Library/BaseDebugLibNull/BaseDebugLibNull.inf
   DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf
+  DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf
   BaseLib|MdePkg/Library/BaseLib/BaseLib.inf
   SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchronizationLib.inf
 …
   Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf
   Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTrEE/Tpm2DeviceLibTrEE.inf
 [PcdsDynamicDefault.common.DEFAULT]
   gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0xb6, 0xe5, 0x01, 0x8b, 0x19, 0x4f, 0xe8, 0x46, 0xab, 0x93, 0x1c, 0x53, 0x67, 0x1b, 0x90, 0xcc}
 …
   SecurityPkg/Library/DxeRsa2048Sha256GuidedSectionExtractLib/DxeRsa2048Sha256GuidedSectionExtractLib.inf
   SecurityPkg/Library/PeiRsa2048Sha256GuidedSectionExtractLib/PeiRsa2048Sha256GuidedSectionExtractLib.inf
 [Components.IA32, Components.X64, Components.IPF]
 #  SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProviderDxe.inf
 …
 [Components.IPF]
   SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/EsalVariableDxeSal.inf
+  SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/EsalVariableDxeSal.inf
 [BuildOptions]

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.c

-              r58459
+              r58466
   TCG MOR (Memory Overwrite Request) Control Driver.
   This driver initilize MemoryOverwriteRequestControl variable. It
+  This driver initilize MemoryOverwriteRequestControl variable. It
   will clear MOR_CLEAR_MEMORY_BIT bit if it is set.
 Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   EFI_STATUS  Status;
   UINTN       DataSize;
   if (MOR_CLEAR_MEMORY_VALUE (mMorControl) == 0x0) {
     //
 …
   //
   DEBUG ((EFI_D_INFO, "TcgMor: Clear MorClearMemory bit\n"));
   mMorControl &= 0xFE;
+  mMorControl &= 0xFE;
   DataSize = sizeof (mMorControl);
   Status   = gRT->SetVariable (
                MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,
                &gEfiMemoryOverwriteControlDataGuid,
+               MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,
+               &gEfiMemoryOverwriteControlDataGuid,
                EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
                DataSize,
+               DataSize,
                &mMorControl
                );
 …
   @param[in] SystemTable  A Pointer to the EFI System Table.
   @retval EFI_SUCEESS
+  @retval EFI_SUCEESS
   @return Others          Some error occurs.
 **/
 …
   DataSize = sizeof (mMorControl);
   Status = gRT->GetVariable (
                   MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,
                   &gEfiMemoryOverwriteControlDataGuid,
                   NULL,
                   &DataSize,
+                  MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,
+                  &gEfiMemoryOverwriteControlDataGuid,
+                  NULL,
+                  &DataSize,
                   &mMorControl
                   );
 …
     mMorControl = 0;
     Status = gRT->SetVariable (
                     MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,
                     &gEfiMemoryOverwriteControlDataGuid,
+                    MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,
+                    &gEfiMemoryOverwriteControlDataGuid,
                     EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
                     DataSize,
+                    DataSize,
                     &mMorControl
                     );
 …
                &Event
                );
+  }
+  }
   return Status;
+}

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.h

-              r58459
+              r58466
 Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/PhysicalPresencePei/PhysicalPresencePei.c

-              r48674
+              r58466
 /** @file
   This driver produces PEI_LOCK_PHYSICAL_PRESENCE_PPI to indicate
   whether TPM need be locked or not. It can be replaced by a platform
+  This driver produces PEI_LOCK_PHYSICAL_PRESENCE_PPI to indicate
+  whether TPM need be locked or not. It can be replaced by a platform
   specific driver.
 Copyright (c) 2005 - 2011, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   //
   // The CRTM has sensed the physical presence assertion of the user. For example,
   // the user has pressed the startup button or inserted a USB dongle. The details
+  // The CRTM has sensed the physical presence assertion of the user. For example,
+  // the user has pressed the startup button or inserted a USB dongle. The details
   // of the implementation are vendor-specific. Here we read a PCD value to indicate
   // whether operator physical presence.
   //
+  //
   if (!PcdGetBool (PcdTpmPhysicalPresence)) {
     return TRUE;
 …
   //
   // Check the pending TPM requests. Lock TPM physical presence if there is no TPM
   // request.
+  // Check the pending TPM requests. Lock TPM physical presence if there is no TPM
+  // request.
   //
   Status = PeiServicesLocatePpi (
 …
   if (!EFI_ERROR (Status)) {
     DataSize = sizeof (EFI_PHYSICAL_PRESENCE);
     Status = Variable->GetVariable (
                          Variable,
+    Status = Variable->GetVariable (
+                         Variable,
                          PHYSICAL_PRESENCE_VARIABLE,
                          &gEfiPhysicalPresenceGuid,
 …
   Entry point of this module.
   It installs lock physical presence PPI.
+  It installs lock physical presence PPI.
   @param[in] FileHandle   Handle of the file being invoked.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/PhysicalPresencePei/PhysicalPresencePei.inf

-              r58459
+              r58466
+#
 #  This module produces PEI_LOCK_PHYSICAL_PRESENCE_PPI to indicate whether
 #  TPM physical presence needs to be locked. It can be replaced by a
+#  TPM physical presence needs to be locked. It can be replaced by a
 #  platform specific module.
+#
 …
   gEfiSecurityPkgTokenSpaceGuid.PcdTpmPhysicalPresence  ## SOMETIMES_CONSUMES
 [Depex]
+[Depex]
   gEfiPeiMemoryDiscoveredPpiGuid AND
   gEfiPeiReadOnlyVariable2PpiGuid AND

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgConfigDxe/TcgConfig.vfr

Property svn:eol-style set to native

-              r58459
+              r58466
 Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
           endif
           //
           // Clear (TPM_ORD_ForceClear) command is not available when disabled or deactivated.
+          // Clear (TPM_ORD_ForceClear) command is not available when disabled or deactivated.
           //
           suppressif ideqval TCG_CONFIGURATION.TpmEnable == 0 OR
 …
           option text = STRING_TOKEN(STR_ENABLE), value = PHYSICAL_PRESENCE_ENABLE, flags = RESET_REQUIRED;
           option text = STRING_TOKEN(STR_TPM_ENABLE_ACTIVATE), value = PHYSICAL_PRESENCE_ENABLE_ACTIVATE, flags = RESET_REQUIRED;
+          option text = STRING_TOKEN(STR_TPM_ENABLE_ACTIVATE), value = PHYSICAL_PRESENCE_ENABLE_ACTIVATE, flags = RESET_REQUIRED;
           option text = STRING_TOKEN(STR_TPM_ENABLE_ACTIVATE_CLEAR), value = PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR, flags = RESET_REQUIRED;
           option text = STRING_TOKEN(STR_TPM_ENABLE_ACTIVATE_CLEAR_E_A), value = PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE, flags = RESET_REQUIRED;

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDriver.c

-              r58459
+              r58466
 Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
     TcgProtocol = NULL;
+  }
   Status = gBS->OpenProtocol (
                   ImageHandle,
 …
     return EFI_ALREADY_STARTED;
+  }
   //
   // Create a private data structure.
 …
     return EFI_OUT_OF_RESOURCES;
+  }
   PrivateData->TcgProtocol = TcgProtocol;
   //
   // Install TCG configuration form
 …
   //
   // Install private GUID.
   //
+  //
   Status = gBS->InstallMultipleProtocolInterfaces (
                   &ImageHandle,
 …
   if (PrivateData != NULL) {
     UninstallTcgConfigForm (PrivateData);
+  }
+  }
   return Status;
+}
 …
                   &gEfiCallerIdGuid,
                   (VOID **) &PrivateData
                   );
+                  );
   if (EFI_ERROR (Status)) {
     return Status;
+    return Status;
+  }
   ASSERT (PrivateData->Signature == TCG_CONFIG_PRIVATE_DATA_SIGNATURE);
 …
          NULL
          );
   UninstallTcgConfigForm (PrivateData);

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDxe.inf

-              r58459
+              r58466
   ## SOMETIMES_CONSUMES ## Variable:L"PhysicalPresence"
   gEfiPhysicalPresenceGuid
   gEfiIfrTianoGuid                                    ## SOMETIMES_PRODUCES  ## GUID       # HII opcode
   ## PRODUCES            ## HII
 …
   gEfiVariableArchProtocolGuid      AND
   gEfiVariableWriteArchProtocolGuid
 [UserExtensions.TianoCore."ExtraFiles"]
   TcgConfigDxeExtra.uni

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.c

-              r58459
+              r58466
 Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
     END_DEVICE_PATH_TYPE,
     END_ENTIRE_DEVICE_PATH_SUBTYPE,
+    {
+    {
       (UINT8) (END_DEVICE_PATH_LENGTH),
       (UINT8) ((END_DEVICE_PATH_LENGTH) >> 8)
 …
   ASSERT (TcgProtocol != NULL);
   //
   // Get TPM Permanent flags (TpmEnable, TpmActivate)
 …
     *(UINT32*)&CmdBuf[2]  = SwapBytes32 (TpmSendSize);
     *(UINT32*)&CmdBuf[6]  = SwapBytes32 (TPM_ORD_GetCapability);
     *(UINT32*)&CmdBuf[10] = SwapBytes32 (TPM_CAP_FLAG);
     *(UINT32*)&CmdBuf[14] = SwapBytes32 (sizeof (TPM_CAP_FLAG_PERMANENT));
 …
                             sizeof (CmdBuf),
                             CmdBuf
                             );
+                            );
     TpmRsp = (TPM_RSP_COMMAND_HDR *) &CmdBuf[0];
     if (EFI_ERROR (Status) || (TpmRsp->tag != SwapBytes16 (TPM_TAG_RSP_COMMAND)) || (TpmRsp->returnCode != 0)) {
       return EFI_DEVICE_ERROR;
+    }
     TpmPermanentFlags = (TPM_PERMANENT_FLAGS *) &CmdBuf[sizeof (TPM_RSP_COMMAND_HDR) + sizeof (UINT32)];
 …
+    }
+  }
   return EFI_SUCCESS;
+  return EFI_SUCCESS;
+}
 …
   //
   // Convert buffer data to <ConfigResp> by helper function BlockToConfig()
   //
+  //
   ZeroMem (&Configuration, sizeof (TCG_CONFIGURATION));
 …
   if (EFI_ERROR (Status)) {
     return Status;
+  }
+  }
   PpData.PPRequest = PpRequest;
   Status = gRT->SetVariable (
 …
   SavePpRequest (Value->u8);
   *ActionRequest = EFI_BROWSER_ACTION_REQUEST_SUBMIT;
   return EFI_SUCCESS;
+}
 …
            ConfigAccess,
            NULL
            );
+           );
     return EFI_OUT_OF_RESOURCES;
+  }
   PrivateData->HiiHandle = HiiHandle;
   return EFI_SUCCESS;
+  return EFI_SUCCESS;
+}
 …
     PrivateData->DriverHandle = NULL;
+  }
   FreePool (PrivateData);
+}

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.h

-              r58459
+              r58466
 Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   EFI_HII_CONFIG_ACCESS_PROTOCOL    ConfigAccess;
   EFI_HII_HANDLE                    HiiHandle;
   EFI_HANDLE                        DriverHandle;
+  EFI_HANDLE                        DriverHandle;
   EFI_TCG_PROTOCOL                  *TcgProtocol;

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigNvData.h

-              r58459
+              r58466
 Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigStrings.uni

Property svn:mime-type changed from application/octet-stream to text/plain;encoding=UTF-16LE

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgDxe/TcgDxe.c

-              r58459
+              r58466
 /** @file
+/** @file
   This module implements TCG EFI Protocol.
 Caution: This module requires additional review when modified.
 This driver will have external input - TcgDxePassThroughToTpm
 …
 Copyright (c) 2005 - 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
 // The following EFI_TCG_SERVER_ACPI_TABLE default setting is just one example,
 // the TPM device connectes to LPC, and also defined the ACPI _UID as 0xFF,
 // this _UID can be changed and should match with the _UID setting of the TPM
 // ACPI device object
+// this _UID can be changed and should match with the _UID setting of the TPM
+// ACPI device object
 //
 EFI_TCG_SERVER_ACPI_TABLE           mTcgServerAcpiTemplate = {
 …
 /**
   This service provides EFI protocol capability information, state information
+  This service provides EFI protocol capability information, state information
   about the TPM, and Event Log state information.
   @param[in]  This               Indicates the calling context
   @param[out] ProtocolCapability The callee allocates memory for a TCG_BOOT_SERVICE_CAPABILITY
                                  structure and fills in the fields with the EFI protocol
+  @param[out] ProtocolCapability The callee allocates memory for a TCG_BOOT_SERVICE_CAPABILITY
+                                 structure and fills in the fields with the EFI protocol
                                  capability information and the current TPM state information.
   @param[out] TCGFeatureFlags    This is a pointer to the feature flags. No feature
                                  flags are currently defined so this parameter
                                  MUST be set to 0. However, in the future,
                                  feature flags may be defined that, for example,
+  @param[out] TCGFeatureFlags    This is a pointer to the feature flags. No feature
+                                 flags are currently defined so this parameter
+                                 MUST be set to 0. However, in the future,
+                                 feature flags may be defined that, for example,
                                  enable hash algorithm agility.
   @param[out] EventLogLocation   This is a pointer to the address of the event log in memory.
   @param[out] EventLogLastEntry  If the Event Log contains more than one entry,
                                  this is a pointer to the address of the start of
                                  the last entry in the event log in memory.
+  @param[out] EventLogLastEntry  If the Event Log contains more than one entry,
+                                 this is a pointer to the address of the start of
+                                 the last entry in the event log in memory.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_INVALID_PARAMETER  ProtocolCapability does not match TCG capability.
 **/
 EFI_STATUS
 …
 /**
   This service abstracts the capability to do a hash operation on a data buffer.
   @param[in]      This             Indicates the calling context
   @param[in]      HashData         Pointer to the data buffer to be hashed
 …
   @param[in]      AlgorithmId      Identification of the Algorithm to use for the hashing operation
   @param[in, out] HashedDataLen    Resultant length of the hashed data
   @param[in, out] HashedDataResult Resultant buffer of the hashed data
+  @param[in, out] HashedDataResult Resultant buffer of the hashed data
   @retval EFI_SUCCESS              Operation completed successfully.
   @retval EFI_INVALID_PARAMETER    HashDataLen is NULL.
 …
   @retval EFI_UNSUPPORTED          AlgorithmId not supported.
   @retval EFI_BUFFER_TOO_SMALL     *HashedDataLen < sizeof (TCG_DIGEST).
 **/
 EFI_STATUS
 …
           if (*HashedDataResult == NULL) {
                 *HashedDataResult = AllocatePool ((UINTN) *HashedDataLen);
+          }
+          }
       return TpmCommHashAll (
 …
   @param[in] TcgData       TCG_DXE_DATA structure.
   @param[in] NewEventHdr   Pointer to a TCG_PCR_EVENT_HDR data structure.
   @param[in] NewEventData  Pointer to the new event data.
+  @param[in] NewEventHdr   Pointer to a TCG_PCR_EVENT_HDR data structure.
+  @param[in] NewEventData  Pointer to the new event data.
   @retval EFI_SUCCESS           The new event log entry was added.
   @retval EFI_OUT_OF_RESOURCES  No enough memory to log the new event.
 …
   @param[in]      This           Indicates the calling context
   @param[in]      TCGLogData     Pointer to the start of the data buffer containing
                                  the TCG_PCR_EVENT data structure. All fields in
+  @param[in]      TCGLogData     Pointer to the start of the data buffer containing
+                                 the TCG_PCR_EVENT data structure. All fields in
                                  this structure are properly filled by the caller.
   @param[in, out] EventNumber    The event number of the event just logged
   @param[in]      Flags          Indicate additional flags. Only one flag has been
                                  defined at this time, which is 0x01 and means the
                                  extend operation should not be performed. All
                                  other bits are reserved.
+  @param[in]      Flags          Indicate additional flags. Only one flag has been
+                                 defined at this time, which is 0x01 and means the
+                                 extend operation should not be performed. All
+                                 other bits are reserved.
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_OUT_OF_RESOURCES   Insufficient memory in the event log to complete this action.
 **/
 EFI_STATUS
 …
   TcgData = TCG_DXE_DATA_FROM_THIS (This);
   if (TcgData->BsCap.TPMDeactivatedFlag || (!TcgData->BsCap.TPMPresentFlag)) {
     return EFI_DEVICE_ERROR;
 …
   @retval     EFI_UNSUPPORTED             Current Task Priority Level  >= EFI_TPL_CALLBACK.
   @retval     EFI_TIMEOUT                 The TIS timed-out.
 **/
 EFI_STATUS
 …
   TCG_DXE_DATA                      *TcgData;
   if (TpmInputParameterBlock == NULL ||
       TpmOutputParameterBlock == NULL ||
+  if (TpmInputParameterBlock == NULL ||
+      TpmOutputParameterBlock == NULL ||
       TpmInputParameterBlockSize == 0 ||
       TpmOutputParameterBlockSize == 0) {
 …
   @param[in]      TcgData       TCG_DXE_DATA structure.
   @param[in]      HashData      Physical address of the start of the data buffer
+  @param[in]      HashData      Physical address of the start of the data buffer
                                 to be hashed, extended, and logged.
   @param[in]      HashDataLen   The length, in bytes, of the buffer referenced by HashData
   @param[in, out] NewEventHdr   Pointer to a TCG_PCR_EVENT_HDR data structure.
   @param[in]      NewEventData  Pointer to the new event data.
+  @param[in, out] NewEventHdr   Pointer to a TCG_PCR_EVENT_HDR data structure.
+  @param[in]      NewEventData  Pointer to the new event data.
   @retval EFI_SUCCESS           Operation completed successfully.
 …
   @param[in]      This               Indicates the calling context
   @param[in]      HashData           Physical address of the start of the data buffer
+  @param[in]      HashData           Physical address of the start of the data buffer
                                      to be hashed, extended, and logged.
   @param[in]      HashDataLen        The length, in bytes, of the buffer referenced by HashData
   @param[in]      AlgorithmId        Identification of the Algorithm to use for the hashing operation
   @param[in, out] TCGLogData         The physical address of the start of the data
+  @param[in, out] TCGLogData         The physical address of the start of the data
                                      buffer containing the TCG_PCR_EVENT data structure.
   @param[in, out] EventNumber        The event number of the event just logged.
   @param[out]     EventLogLastEntry  Physical address of the first byte of the entry
                                      just placed in the Event Log. If the Event Log was
                                      empty when this function was called then this physical
                                      address will be the same as the physical address of
+  @param[out]     EventLogLastEntry  Physical address of the first byte of the entry
+                                     just placed in the Event Log. If the Event Log was
+                                     empty when this function was called then this physical
+                                     address will be the same as the physical address of
                                      the start of the Event Log.
 …
   @retval EFI_UNSUPPORTED            Current TPL >= EFI_TPL_CALLBACK.
   @retval EFI_DEVICE_ERROR           The command was unsuccessful.
 **/
 EFI_STATUS
 …
   TcgData = TCG_DXE_DATA_FROM_THIS (This);
   if (TcgData->BsCap.TPMDeactivatedFlag || (!TcgData->BsCap.TPMPresentFlag)) {
     return EFI_DEVICE_ERROR;
+  }
   if (AlgorithmId != TPM_ALG_SHA) {
     return EFI_UNSUPPORTED;
+  }
   if (HashData == 0 && HashDataLen > 0) {
     return EFI_INVALID_PARAMETER;
 …
   EFI_PEI_HOB_POINTERS  GuidHob;
   EFI_PHYSICAL_ADDRESS  Lasa;
   if (PcdGet8 (PcdTpmPlatformClass) == TCG_PLATFORM_TYPE_CLIENT) {
     Lasa = mTcgClientAcpiTemplate.Lasa;
     Status = gBS->AllocatePages (
                     AllocateMaxAddress,
 …
     mTcgClientAcpiTemplate.Lasa = Lasa;
     //
     // To initialize them as 0xFF is recommended
+    // To initialize them as 0xFF is recommended
     // because the OS can know the last entry for that.
     //
     SetMem ((VOID *)(UINTN)mTcgClientAcpiTemplate.Lasa, EFI_TCG_LOG_AREA_SIZE, 0xFF);
     mTcgClientAcpiTemplate.Laml = EFI_TCG_LOG_AREA_SIZE;
   } else {
     Lasa = mTcgServerAcpiTemplate.Lasa;
     Status = gBS->AllocatePages (
                     AllocateMaxAddress,
 …
     mTcgServerAcpiTemplate.Lasa = Lasa;
     //
     // To initialize them as 0xFF is recommended
+    // To initialize them as 0xFF is recommended
     // because the OS can know the last entry for that.
     //
 …
   GuidHob.Raw = GetHobList ();
   while (!EFI_ERROR (Status) &&
+  while (!EFI_ERROR (Status) &&
          (GuidHob.Raw = GetNextGuidHob (&gTcgEventEntryHobGuid, GuidHob.Raw)) != NULL) {
     TcgEvent    = GET_GUID_HOB_DATA (GuidHob.Guid);
 …
   Measure and log an action string, and extend the measurement result into PCR[5].
   @param[in] String           A specific string that indicates an Action event.
+  @param[in] String           A specific string that indicates an Action event.
   @retval EFI_SUCCESS         Operation completed successfully.
   @retval EFI_DEVICE_ERROR    The operation was unsuccessful.
 …
   if (PcdGet8 (PcdTpmPlatformClass) == TCG_PLATFORM_TYPE_SERVER) {
     //
     // Tcg Server spec.
+    // Tcg Server spec.
     // Measure each processor EFI_CPU_PHYSICAL_LOCATION with EV_TABLE_OF_DEVICES to PCR[1]
     //
 …
   Measure and log Separator event, and extend the measurement result into a specific PCR.
   @param[in] PCRIndex         PCR index.
+  @param[in] PCRIndex         PCR index.
   @retval EFI_SUCCESS         Operation completed successfully.
 …
   @param[in]  VarName     A Null-terminated string that is the name of the vendor's variable.
   @param[in]  VendorGuid  A unique identifier for the vendor.
   @param[out] VarSize     The size of the variable data.
+  @param[out] VarSize     The size of the variable data.
   @return A pointer to the buffer to return the contents of the variable.Otherwise NULL.
 …
   Measure and log an EFI variable, and extend the measurement result into a specific PCR.
   @param[in]  PCRIndex          PCR Index.
   @param[in]  EventType         Event type.
+  @param[in]  PCRIndex          PCR Index.
+  @param[in]  EventType         Event type.
   @param[in]  VarName           A Null-terminated string that is the name of the vendor's variable.
   @param[in]  VendorGuid        A unique identifier for the vendor.
   @param[in]  VarData           The content of the variable data.
   @param[in]  VarSize           The size of the variable data.
+  @param[in]  VarData           The content of the variable data.
+  @param[in]  VarSize           The size of the variable data.
   @retval EFI_SUCCESS           Operation completed successfully.
   @retval EFI_OUT_OF_RESOURCES  Out of memory.
 …
   @param[in]   VarName          A Null-terminated string that is the name of the vendor's variable.
   @param[in]   VendorGuid       A unique identifier for the vendor.
   @param[out]  VarSize          The size of the variable data.
   @param[out]  VarData          Pointer to the content of the variable.
+  @param[out]  VarSize          The size of the variable data.
+  @param[out]  VarData          Pointer to the content of the variable.
   @retval EFI_SUCCESS           Operation completed successfully.
   @retval EFI_OUT_OF_RESOURCES  Out of memory.
 …
   Install TCG ACPI Table when ACPI Table Protocol is available.
   A system's firmware uses an ACPI table to identify the system's TCG capabilities
   to the Post-Boot environment. The information in this ACPI table is not guaranteed
   to be valid until the Host Platform transitions from pre-boot state to post-boot state.
+  A system's firmware uses an ACPI table to identify the system's TCG capabilities
+  to the Post-Boot environment. The information in this ACPI table is not guaranteed
+  to be valid until the Host Platform transitions from pre-boot state to post-boot state.
   @param[in]  Event     Event whose notification function is being invoked
 …
     mTcgClientAcpiTemplate.Header.CreatorRevision  = PcdGet32 (PcdAcpiDefaultCreatorRevision);
     //
     // The ACPI table must be checksumed before calling the InstallAcpiTable()
+    // The ACPI table must be checksumed before calling the InstallAcpiTable()
     // service of the ACPI table protocol to install it.
     //
 …
     mTcgServerAcpiTemplate.Header.CreatorRevision  = PcdGet32 (PcdAcpiDefaultCreatorRevision);
     //
     // The ACPI table must be checksumed before calling the InstallAcpiTable()
+    // The ACPI table must be checksumed before calling the InstallAcpiTable()
     // service of the ACPI table protocol to install it.
     //
 …
   Get TPM Deactivated state.
   @param[out] TPMDeactivatedFlag   Returns TPM Deactivated state.
+  @param[out] TPMDeactivatedFlag   Returns TPM Deactivated state.
   @retval EFI_SUCCESS              Operation completed successfully.
 …
   It publishes EFI TCG Protocol.
   @param[in] ImageHandle  The firmware allocated handle for the EFI image.
+  @param[in] ImageHandle  The firmware allocated handle for the EFI image.
   @param[in] SystemTable  A pointer to the EFI System Table.
   @retval EFI_SUCCESS     The entry point is executed successfully.
   @retval other           Some error occurs when executing this entry point.
 …
     //
     // Measure Exit Boot Service failed
+    // Measure Exit Boot Service failed
     //
     Status = gBS->CreateEventEx (
 …
   //
   EfiCreateProtocolNotifyEvent (&gEfiAcpiTableProtocolGuid, TPL_CALLBACK, InstallAcpiTable, NULL, &Registration);
   return Status;
+}

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgDxe/TcgDxe.inf

-              r58459
+              r58466
   ## SOMETIMES_CONSUMES     ## GUID                  # Handoff Table for measurement.
   gEfiSmbiosTableGuid
   gEfiGlobalVariableGuid                             ## SOMETIMES_CONSUMES  ## Variable:L"BootXXXX"
   gTcgEventEntryHobGuid                              ## SOMETIMES_CONSUMES  ## HOB
 …
   gEfiAcpiTableProtocolGuid                          ## NOTIFY
   gEfiMpServiceProtocolGuid                          ## SOMETIMES_CONSUMES
 [Pcd]
   gEfiSecurityPkgTokenSpaceGuid.PcdTpmPlatformClass              ## SOMETIMES_CONSUMES

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgDxe/TisDxe.c

-              r58459
+              r58466
 /** @file
+/** @file
   TIS (TPM Interface Specification) functions used by TPM Dxe driver.
 Copyright (c) 2005 - 2012, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   Send command to TPM for execution.
   @param[in] TisReg     TPM register space base address.
   @param[in] TpmBuffer  Buffer for TPM command data.
   @param[in] DataLength TPM command data length.
+  @param[in] TisReg     TPM register space base address.
+  @param[in] TpmBuffer  Buffer for TPM command data.
+  @param[in] DataLength TPM command data length.
   @retval EFI_SUCCESS   Operation completed successfully.
   @retval EFI_TIMEOUT   The register can't run into the expected status in time.
 …
   Receive response data of last command from TPM.
   @param[in]  TisReg            TPM register space base address.
   @param[out] TpmBuffer         Buffer for response data.
   @param[out] RespSize          Response data length.
+  @param[in]  TisReg            TPM register space base address.
+  @param[out] TpmBuffer         Buffer for response data.
+  @param[out] RespSize          Response data length.
   @retval EFI_SUCCESS           Operation completed successfully.
   @retval EFI_TIMEOUT           The register can't run into the expected status in time.
 …
   Format TPM command data according to the format control character.
   @param[in]      FmtChar       Format control character.
   @param[in, out] ap            List of arguments.
   @param[in]      TpmBuffer     Buffer for TPM command data.
   @param[out]     DataLength    TPM command data length.
+  @param[in]      FmtChar       Format control character.
+  @param[in, out] ap            List of arguments.
+  @param[in]      TpmBuffer     Buffer for TPM command data.
+  @param[out]     DataLength    TPM command data length.
   @retval EFI_SUCCESS           Operation completed successfully.
   @retval EFI_INVALID_PARAMETER Invalid format control character.
 …
   Format reponse data according to the format control character.
   @param[in]      FmtChar       Format control character.
   @param[in, out] ap            List of arguments.
   @param[out]     TpmBuffer     Buffer for reponse data.
   @param[in, out] DataIndex     Data offset in reponse data buffer.
   @param[in]      RespSize      Response data length.
   @param[out]     DataFinished  Reach the end of Response data.
+  @param[in]      FmtChar       Format control character.
+  @param[in, out] ap            List of arguments.
+  @param[out]     TpmBuffer     Buffer for reponse data.
+  @param[in, out] DataIndex     Data offset in reponse data buffer.
+  @param[in]      RespSize      Response data length.
+  @param[out]     DataFinished  Reach the end of Response data.
   @retval EFI_SUCCESS           Operation completed successfully.
   @retval EFI_INVALID_PARAMETER Invalid format control character.
 …
       Size = VA_ARG (*ap, UINTN);
       //
       // If overflowed, which means Size is big enough for Response data.
       // skip this check. Copy the whole data
+      // If overflowed, which means Size is big enough for Response data.
+      // skip this check. Copy the whole data
       //
       if ((UINT32) (~0)- *DataIndex >= (UINT32)Size) {
 …
   Send formatted command to TPM for execution and return formatted data from response.
   @param[in] TisReg    TPM Handle.
   @param[in] Fmt       Format control string.
+  @param[in] TisReg    TPM Handle.
+  @param[in] Fmt       Format control string.
   @param[in] ...       The variable argument list.
   @retval EFI_SUCCESS  Operation completed successfully.
   @retval EFI_TIMEOUT  The register can't run into the expected status in time.
 …
     goto Error;
+  }
   //
   // Get the formatted data from the TpmCommandBuf.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgDxe/TpmComm.c

-              r58459
+              r58466
 /** @file
+/** @file
   Utility functions used by TPM Dxe driver.
 Copyright (c) 2005 - 2013, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   Extend a TPM PCR.
   @param[in]  TpmHandle       TPM handle.
   @param[in]  DigestToExtend  The 160 bit value representing the event to be recorded.
+  @param[in]  TpmHandle       TPM handle.
+  @param[in]  DigestToExtend  The 160 bit value representing the event to be recorded.
   @param[in]  PcrIndex        The PCR to be updated.
   @param[out] NewPcrValue     New PCR value after extend.
+  @param[out] NewPcrValue     New PCR value after extend.
   @retval EFI_SUCCESS         Operation completed successfully.
   @retval EFI_DEVICE_ERROR    The command was unsuccessful.
 …
   Get TPM capability flags.
   @param[in]  TpmHandle    TPM handle.
   @param[in]  FlagSubcap   Flag subcap.
+  @param[in]  TpmHandle    TPM handle.
+  @param[in]  FlagSubcap   Flag subcap.
   @param[out] FlagBuffer   Pointer to the buffer for returned flag structure.
   @param[in]  FlagSize     Size of the buffer.
+  @param[in]  FlagSize     Size of the buffer.
   @retval EFI_SUCCESS      Operation completed successfully.
   @retval EFI_DEVICE_ERROR The command was unsuccessful.
 …
   Add a new entry to the Event Log.
   @param[in, out] EventLogPtr   Pointer to the Event Log data.
   @param[in, out] LogSize       Size of the Event Log.
+  @param[in, out] EventLogPtr   Pointer to the Event Log data.
+  @param[in, out] LogSize       Size of the Event Log.
   @param[in]      MaxSize       Maximum size of the Event Log.
   @param[in]      NewEventHdr   Pointer to a TCG_PCR_EVENT_HDR data structure.
   @param[in]      NewEventData  Pointer to the new event data.
+  @param[in]      NewEventHdr   Pointer to a TCG_PCR_EVENT_HDR data structure.
+  @param[in]      NewEventData  Pointer to the new event data.
   @retval EFI_SUCCESS           The new event log entry was added.
   @retval EFI_OUT_OF_RESOURCES  No enough memory to log the new event.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgDxe/TpmComm.h

-              r48674
+              r58466
 /** @file
+/** @file
   Definitions and function prototypes used by TPM DXE driver.
 Copyright (c) 2005 - 2010, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   Add a new entry to the Event Log.
   @param[in, out] EventLogPtr   Pointer to the Event Log data.
   @param[in, out] LogSize       Size of the Event Log.
+  @param[in, out] EventLogPtr   Pointer to the Event Log data.
+  @param[in, out] LogSize       Size of the Event Log.
   @param[in]      MaxSize       Maximum size of the Event Log.
   @param[in]      NewEventHdr   Pointer to a TCG_PCR_EVENT_HDR data structure.
   @param[in]      NewEventData  Pointer to the new event data.
+  @param[in]      NewEventHdr   Pointer to a TCG_PCR_EVENT_HDR data structure.
+  @param[in]      NewEventData  Pointer to the new event data.
   @retval EFI_SUCCESS           The new event log entry was added.
   @retval EFI_OUT_OF_RESOURCES  No enough memory to log the new event.
 …
   Extend a TPM PCR.
   @param[in]  TpmHandle       TPM handle.
   @param[in]  DigestToExtend  The 160 bit value representing the event to be recorded.
+  @param[in]  TpmHandle       TPM handle.
+  @param[in]  DigestToExtend  The 160 bit value representing the event to be recorded.
   @param[in]  PcrIndex        The PCR to be updated.
   @param[out] NewPcrValue     New PCR value after extend.
+  @param[out] NewPcrValue     New PCR value after extend.
   @retval EFI_SUCCESS         Operation completed successfully.
   @retval EFI_DEVICE_ERROR    The command was unsuccessful.
 …
   Get TPM capability flags.
   @param[in]  TpmHandle    TPM handle.
   @param[in]  FlagSubcap   Flag subcap.
+  @param[in]  TpmHandle    TPM handle.
+  @param[in]  FlagSubcap   Flag subcap.
   @param[out] FlagBuffer   Pointer to the buffer for returned flag structure.
   @param[in]  FlagSize     Size of the buffer.
+  @param[in]  FlagSize     Size of the buffer.
   @retval EFI_SUCCESS      Operation completed successfully.
   @retval EFI_DEVICE_ERROR The command was unsuccessful.
 …
   Send formatted command to TPM for execution and return formatted data from response.
   @param[in] TisReg    TPM Handle.
   @param[in] Fmt       Format control string.
+  @param[in] TisReg    TPM Handle.
+  @param[in] Fmt       Format control string.
   @param[in] ...       The variable argument list.
   @retval EFI_SUCCESS  Operation completed successfully.
   @retval EFI_TIMEOUT  The register can't run into the expected status in time.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgPei/TcgPei.c

-              r58459
+              r58466
 Copyright (c) 2005 - 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
     EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK,
     &gEfiPeiFirmwareVolumeInfoPpiGuid,
     FirmwareVolmeInfoPpiNotifyCallback
+    FirmwareVolmeInfoPpiNotifyCallback
   },
+  {
     EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK,
     &gEfiPeiFirmwareVolumeInfo2PpiGuid,
     FirmwareVolmeInfoPpiNotifyCallback
+    FirmwareVolmeInfoPpiNotifyCallback
   },
+  {
 …
 /**
   Record all measured Firmware Volum Information into a Guid Hob
   Guid Hob payload layout is
+  Guid Hob payload layout is
      UINT32 *************************** FIRMWARE_BLOB number
 …
   IN VOID                          *Ppi
+  )
+{
+{
   MEASURED_HOB_DATA *MeasuredHobData;
 …
   //
   // Create a Guid hob to save all measured Fv
+  // Create a Guid hob to save all measured Fv
   //
   MeasuredHobData = BuildGuidHob(
 …
   @param[in]      PeiServices   Describes the list of possible PEI Services.
   @param[in]      HashData      Physical address of the start of the data buffer
+  @param[in]      HashData      Physical address of the start of the data buffer
                                 to be hashed, extended, and logged.
   @param[in]      HashDataLen   The length, in bytes, of the buffer referenced by HashData.
   @param[in]      TpmHandle     TPM handle.
   @param[in]      NewEventHdr   Pointer to a TCG_PCR_EVENT_HDR data structure.
   @param[in]      NewEventData  Pointer to the new event data.
+  @param[in]      NewEventHdr   Pointer to a TCG_PCR_EVENT_HDR data structure.
+  @param[in]      NewEventData  Pointer to the new event data.
   @retval EFI_SUCCESS           Operation completed successfully.
 …
   EFI_STATUS                        Status;
   VOID                              *HobData;
   if (GetFirstGuidHob (&gTpmErrorHobGuid) != NULL) {
     return EFI_DEVICE_ERROR;
 …
 /**
   Measure FV image.
   Add it into the measured FV list after the FV is measured successfully.
+  Measure FV image.
+  Add it into the measured FV list after the FV is measured successfully.
   @param[in]  FvBase            Base address of FV image.
   @param[in]  FvLength          Length of FV image.
   @retval EFI_SUCCESS           Fv image is measured successfully
+  @retval EFI_SUCCESS           Fv image is measured successfully
                                 or it has been already measured.
   @retval EFI_OUT_OF_RESOURCES  No enough memory to log the new event.
 …
+    }
+  }
   //
   // Measure and record the FV to the TPM
 …
   EFI_FV_INFO                       VolumeInfo;
   EFI_PEI_FIRMWARE_VOLUME_PPI       *FvPpi;
   FvInstances    = 0;
   while (TRUE) {
 …
       break;
+    }
     //
     // Measure and record the firmware volume that is dispatched by PeiCore
 …
     //
     Status = PeiServicesLocatePpi (
                &VolumeInfo.FvFormat,
 ,
+               &VolumeInfo.FvFormat,
+,
                NULL,
                (VOID**)&FvPpi
 …
   //
   Status = PeiServicesLocatePpi (
              &Fv->FvFormat,
 ,
+             &Fv->FvFormat,
+,
              NULL,
              (VOID**)&FvPpi
 …
     return EFI_SUCCESS;
+  }
   //
   // This is an FV from an FFS file, and the parent FV must have already been measured,
 …
   //
   if (Fv->ParentFvName != NULL || Fv->ParentFileName != NULL ) {
     ASSERT (mMeasuredChildFvIndex < PcdGet32 (PcdPeiCoreMaxFvSupported));
     if (mMeasuredChildFvIndex < PcdGet32 (PcdPeiCoreMaxFvSupported)) {
 …
   if (PcdGetBool (PcdPhysicalPresenceLifetimeLock) && !LifetimeLock) {
     //
     // Lock TPM LifetimeLock is required, and LifetimeLock is not locked yet.
+    // Lock TPM LifetimeLock is required, and LifetimeLock is not locked yet.
     //
     PhysicalPresenceValue = TPM_PHYSICAL_PRESENCE_LIFETIME_LOCK;
 …
     } else {
       PhysicalPresenceValue |= TPM_PHYSICAL_PRESENCE_HW_DISABLE;
+    }
+    }
     Status = TpmCommPhysicalPresence (
                PeiServices,
 …
+    }
+  }
   //
   // 2. Lock physical presence if it is required.
 …
   //
   // Lock physical presence
   //
+  //
   Status = TpmCommPhysicalPresence (
               PeiServices,
 …
     return FALSE;
+  }
   return (BOOLEAN)(!Deactivated);
+  return (BOOLEAN)(!Deactivated);
+}
 …
   Status = PeiServicesLocatePpi (
                &gEfiPeiFirmwareVolumeInfoMeasurementExcludedPpiGuid,
 ,
+               &gEfiPeiFirmwareVolumeInfoMeasurementExcludedPpiGuid,
+,
                NULL,
                (VOID**)&mMeasurementExcludedFvPpi
 …
     Status = MeasureMainBios (PeiServices, TpmHandle);
+  }
+  }
   //
 …
   // 1). for the FvInfoPpi services to measure and record
   // the additional Fvs to TPM
   // 2). for the OperatorPresencePpi service to determine whether to
+  // 2). for the OperatorPresencePpi service to determine whether to
   // lock the TPM
   //

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgPei/TcgPei.inf

-              r58459
+              r58466
 [Pcd]
   gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceLifetimeLock       ## SOMETIMES_CONSUMES
   gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceCmdEnable          ## SOMETIMES_CONSUMES
+  gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceLifetimeLock       ## SOMETIMES_CONSUMES
+  gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceCmdEnable          ## SOMETIMES_CONSUMES
   gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceHwEnable           ## SOMETIMES_CONSUMES
   gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareVersionString             ## SOMETIMES_CONSUMES

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgPei/TisPei.c

-              r48674
+              r58466
 /** @file
   TIS (TPM Interface Specification) functions used by TPM PEI driver.
 Copyright (c) 2005 - 2011, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   @param[in]      PeiServices   Describes the list of possible PEI Services.
   @param[in]      TisReg        TPM register space base address.
   @param[in]      BufferIn      Buffer for command data.
   @param[in]      SizeIn        Size of command data.
   @param[in, out] BufferOut     Buffer for response data.
   @param[in, out] SizeOut       Size of response data.
+  @param[in]      TisReg        TPM register space base address.
+  @param[in]      BufferIn      Buffer for command data.
+  @param[in]      SizeIn        Size of command data.
+  @param[in, out] BufferOut     Buffer for response data.
+  @param[in, out] SizeOut       Size of response data.
   @retval EFI_SUCCESS           Operation completed successfully.
   @retval EFI_TIMEOUT           The register can't run into the expected status in time.
 …
     goto Exit;
+  }
   CopyMem (&Data32, (BufferOut + 2), sizeof (UINT32));
   TpmOutSize  = SwapBytes32 (Data32);

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgPei/TpmComm.c

-              r58459
+              r58466
 /** @file
   Utility functions used by TPM PEI driver.
 Copyright (c) 2005 - 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   @param[in]      PeiServices   Describes the list of possible PEI Services.
   @param[in]      TisReg        TPM register space base address.
   @param[in]      BufferIn      Buffer for command data.
   @param[in]      SizeIn        Size of command data.
   @param[in, out] BufferOut     Buffer for response data.
   @param[in, out] SizeOut       size of response data.
+  @param[in]      TisReg        TPM register space base address.
+  @param[in]      BufferIn      Buffer for command data.
+  @param[in]      SizeIn        Size of command data.
+  @param[in, out] BufferOut     Buffer for response data.
+  @param[in, out] SizeOut       size of response data.
   @retval EFI_SUCCESS           Operation completed successfully.
   @retval EFI_TIMEOUT           The register can't run into the expected status in time.
 …
   @param[in] PeiServices        Describes the list of possible PEI Services.
   @param[in] TpmHandle          TPM handle.
   @param[in] BootMode           Boot mode.
+  @param[in] TpmHandle          TPM handle.
+  @param[in] BootMode           Boot mode.
   @retval EFI_SUCCESS           Operation completed successfully.
   @retval EFI_TIMEOUT           The register can't run into the expected status in time.
 …
   @param[in] PeiServices        Describes the list of possible PEI Services.
   @param[in] TpmHandle          TPM handle.
+  @param[in] TpmHandle          TPM handle.
   @retval EFI_SUCCESS           Operation completed successfully.
   @retval EFI_TIMEOUT           The register can't run into the expected status in time.
 …
   TpmSendSize               = sizeof (TPM_CMD_SELF_TEST);
   SendBuffer.Hdr.tag        = SwapBytes16 (TPM_TAG_RQU_COMMAND);
   SendBuffer.Hdr.paramSize  = SwapBytes32 (TpmSendSize);
+  SendBuffer.Hdr.paramSize  = SwapBytes32 (TpmSendSize);
   SendBuffer.Hdr.ordinal    = SwapBytes32 (TPM_ORD_ContinueSelfTest);
   Status = TisTpmCommand (PeiServices, TpmHandle, (UINT8 *)&SendBuffer, TpmSendSize, RecvBuffer, &TpmRecvSize);
 …
   @param[in]  PeiServices       Describes the list of possible PEI Services.
   @param[in]  TpmHandle         TPM handle.
+  @param[in]  TpmHandle         TPM handle.
   @param[out] Deactivated       Returns deactivated flag.
   @param[out] LifetimeLock      Returns physicalPresenceLifetimeLock permanent flag.
+  @param[out] LifetimeLock      Returns physicalPresenceLifetimeLock permanent flag.
   @param[out] CmdEnable         Returns physicalPresenceCMDEnable permanent flag.
   @retval EFI_SUCCESS           Operation completed successfully.
   @retval EFI_TIMEOUT           The register can't run into the expected status in time.
 …
   TpmSendSize                   = sizeof (TPM_CMD_GET_CAPABILITY);
   SendBuffer.Hdr.tag            = SwapBytes16 (TPM_TAG_RQU_COMMAND);
   SendBuffer.Hdr.paramSize      = SwapBytes32 (TpmSendSize);
+  SendBuffer.Hdr.paramSize      = SwapBytes32 (TpmSendSize);
   SendBuffer.Hdr.ordinal        = SwapBytes32 (TPM_ORD_GetCapability);
   SendBuffer.Capability         = SwapBytes32 (TPM_CAP_FLAG);
 …
   @param[in]  PeiServices       Describes the list of possible PEI Services.
   @param[in]  TpmHandle         TPM handle.
   @param[in]  DigestToExtend    The 160 bit value representing the event to be recorded.
+  @param[in]  TpmHandle         TPM handle.
+  @param[in]  DigestToExtend    The 160 bit value representing the event to be recorded.
   @param[in]  PcrIndex          The PCR to be updated.
   @param[out] NewPcrValue       New PCR value after extend.
+  @param[out] NewPcrValue       New PCR value after extend.
   @retval EFI_SUCCESS           Operation completed successfully.
   @retval EFI_TIMEOUT           The register can't run into the expected status in time.
 …
   @param[in] PeiServices        Describes the list of possible PEI Services.
   @param[in] TpmHandle          TPM handle.
   @param[in] PhysicalPresence   The state to set the TPMs Physical Presence flags.
+  @param[in] TpmHandle          TPM handle.
+  @param[in] PhysicalPresence   The state to set the TPMs Physical Presence flags.
   @retval EFI_SUCCESS           Operation completed successfully.
   @retval EFI_TIMEOUT           The register can't run into the expected status in time.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgPei/TpmComm.h

-              r48674
+              r58466
 /** @file
   The header file for TPM PEI driver.
 Copyright (c) 2005 - 2010, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   @param[in] PeiServices        Describes the list of possible PEI Services.
   @param[in] TpmHandle          TPM handle.
   @param[in] BootMode           Boot mode.
+  @param[in] TpmHandle          TPM handle.
+  @param[in] BootMode           Boot mode.
   @retval EFI_SUCCESS           Operation completed successfully.
   @retval EFI_TIMEOUT           The register can't run into the expected status in time.
 …
   @param[in] PeiServices        Describes the list of possible PEI Services.
   @param[in] TpmHandle          TPM handle.
+  @param[in] TpmHandle          TPM handle.
   @retval EFI_SUCCESS           Operation completed successfully.
   @retval EFI_TIMEOUT           The register can't run into the expected status in time.
 …
   @param[in]  PeiServices       Describes the list of possible PEI Services.
   @param[in]  TpmHandle         TPM handle.
+  @param[in]  TpmHandle         TPM handle.
   @param[out] Deactivated       Returns deactivated flag.
   @param[out] LifetimeLock      Returns physicalPresenceLifetimeLock permanent flag.
+  @param[out] LifetimeLock      Returns physicalPresenceLifetimeLock permanent flag.
   @param[out] CmdEnable         Returns physicalPresenceCMDEnable permanent flag.
   @retval EFI_SUCCESS           Operation completed successfully.
   @retval EFI_TIMEOUT           The register can't run into the expected status in time.
 …
   @param[in]  PeiServices       Describes the list of possible PEI Services.
   @param[in]  TpmHandle         TPM handle.
   @param[in]  DigestToExtend    The 160 bit value representing the event to be recorded.
+  @param[in]  TpmHandle         TPM handle.
+  @param[in]  DigestToExtend    The 160 bit value representing the event to be recorded.
   @param[in]  PcrIndex          The PCR to be updated.
   @param[out] NewPcrValue       New PCR value after extend.
+  @param[out] NewPcrValue       New PCR value after extend.
   @retval EFI_SUCCESS           Operation completed successfully.
   @retval EFI_TIMEOUT           The register can't run into the expected status in time.
 …
   @param[in] PeiServices        Describes the list of possible PEI Services.
   @param[in] TpmHandle          TPM handle.
   @param[in] PhysicalPresence   The state to set the TPMs Physical Presence flags.
+  @param[in] TpmHandle          TPM handle.
+  @param[in] PhysicalPresence   The state to set the TPMs Physical Presence flags.
   @retval EFI_SUCCESS           Operation completed successfully.
   @retval EFI_TIMEOUT           The register can't run into the expected status in time.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgSmm/TcgSmm.c

-              r58459
+              r58466
 Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
     mTcgNvs->PhysicalPresence.LastRequest = PpData.LastPPRequest;
     mTcgNvs->PhysicalPresence.Response    = PpData.PPResponse;
   } else if ((mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS)
+  } else if ((mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS)
           || (mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS_2)) {
     if (EFI_ERROR (Status)) {
 …
+    }
     if (EFI_ERROR (Status)) {
+    if (EFI_ERROR (Status)) {
       mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE;
       return EFI_SUCCESS;
 …
           RequestConfirmed = TRUE;
+        }
         break;
+        break;
       case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE:
 …
         // This command requires UI to prompt user for Auth data
         //
         mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_GET_USER_CONFIRMATION_NOT_IMPLEMENTED;
+        mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_GET_USER_CONFIRMATION_NOT_IMPLEMENTED;
         return EFI_SUCCESS;
       default:
 …
     } else {
       mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_GET_USER_CONFIRMATION_ALLOWED_AND_PPUSER_REQUIRED;
+    }
+    }
     if (mTcgNvs->PhysicalPresence.Request >= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
       mTcgNvs->PhysicalPresence.ReturnCode = TcgPpVendorLibGetUserConfirmationStatusFunction (mTcgNvs->PhysicalPresence.Request, Flags.PPFlags);
+    }
+  }
+  }
   return EFI_SUCCESS;
 …
                            &MorControl
                            );
   if (EFI_ERROR (Status)) {
+  if (EFI_ERROR (Status)) {
     mTcgNvs->MemoryClear.ReturnCode = MOR_REQUEST_GENERAL_FAILURE;
     DEBUG ((EFI_D_ERROR, "[TPM] Set MOR variable failure! Status = %r\n", Status));
 …
        OpRegion <= (AML_OP_REGION_32_8 *) ((UINT8 *) Table + Table->Length);
        OpRegion  = (AML_OP_REGION_32_8 *) ((UINT8 *) OpRegion + 1)) {
     if ((OpRegion->OpRegionOp  == AML_EXT_REGION_OP) &&
+    if ((OpRegion->OpRegionOp  == AML_EXT_REGION_OP) &&
         (OpRegion->NameString  == Name) &&
         (OpRegion->DWordPrefix == AML_DWORD_PREFIX) &&
 …
   The driver's entry point.
   It install callbacks for TPM physical presence and MemoryClear, and locate
+  It install callbacks for TPM physical presence and MemoryClear, and locate
   SMM variable to be used in the callback function.
   @param[in] ImageHandle  The firmware allocated handle for the EFI image.
+  @param[in] ImageHandle  The firmware allocated handle for the EFI image.
   @param[in] SystemTable  A pointer to the EFI System Table.
   @retval EFI_SUCCESS     The entry point is executed successfully.
   @retval Others          Some error occurs when executing this entry point.
 …
+  }
   mTcgNvs->MemoryClear.SoftwareSmi = (UINT8) SwContext.SwSmiInputValue;
   //
   // Locate SmmVariableProtocol.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgSmm/TcgSmm.h

-              r58459
+              r58466
 /** @file
   The header file for TCG SMM driver.
 Copyright (c) 2012 - 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgSmm/TcgSmm.inf

-              r58459
+              r58466
 #  Implements ACPI metholds for the TCG feature
+#
 #  This driver implements TPM definition block in ACPI table and registers SMI
 #  callback functions for physical presence and MemoryClear to handle the requests
+#  This driver implements TPM definition block in ACPI table and registers SMI
+#  callback functions for physical presence and MemoryClear to handle the requests
 #  from ACPI method.
+#
 …
   ## SOMETIMES_CONSUMES ## Variable:L"MemoryOverwriteRequestControl"
   gEfiMemoryOverwriteControlDataGuid
   gEfiTpmDeviceInstanceTpm12Guid                        ## PRODUCES           ## GUID       # TPM device identifier
 …
   gEfiSmmVariableProtocolGuid AND
   gEfiTcgProtocolGuid
 [UserExtensions.TianoCore."ExtraFiles"]
   TcgSmmExtra.uni

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgSmm/Tpm.asl

Property svn:eol-style set to native

-              r58459
+              r58466
 /** @file
   The TPM definition block in ACPI table for physical presence
+  The TPM definition block in ACPI table for physical presence
   and MemoryClear.
 Copyright (c) 2011 - 2013, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
       OperationRegion (SMIP, SystemIO, 0xB2, 1)
       Field (SMIP, ByteAcc, NoLock, Preserve)
+      {
+      {
           IOB2, 8
+      }
 …
       Method (PTS, 1, Serialized)
+      {
+      {
         //
         // Detect Sx state for MOR, only S4, S5 need to handle
         //
         If (LAnd (LLess (Arg0, 6), LGreater (Arg0, 3)))
+        {
+        {
           //
           // Bit4 -- DisableAutoDetect. 0 -- Firmware MAY autodetect.
 …
             //
             Store (0x02, MCIP)
             //
             // Triggle the SMI interrupt
 …
+        }
         Return (0)
+      }
+      }
       Method (_STA, 0)
 …
       Name(TPM2, Package (0x02){
-        Zero,
-        Zero
-      })
-      Name(TPM3, Package (0x03){
-        Zero,
         Zero,
         Zero
       })
+      Name(TPM3, Package (0x03){
+        Zero,
+        Zero,
+        Zero
+      })
       //
       // TCG Physical Presence Interface
       //
       Method (TPPI, 3, Serialized, 0, {BuffObj, PkgObj, IntObj, StrObj}, {UnknownObj, UnknownObj, UnknownObj}) // IntObj, IntObj, PkgObj
+      {
+      {
         //
         // Switch by function index
 …
             // b) Submit TPM Operation Request to Pre-OS Environment
             //
             Store (DerefOf (Index (Arg2, 0x00)), PPRQ)
             Store (0x02, PPIP)
             //
             // Triggle the SMI interrupt
 …
             // c) Get Pending TPM Operation Requested By the OS
             //
             Store (PPRQ, Index (TPM2, 0x01))
             Return (TPM2)
 …
             //
             Store (0x05, PPIP)
             //
             // Triggle the SMI interrupt
             //
             Store (PPIN, IOB2)
             Store (LPPR, Index (TPM3, 0x01))
             Store (PPRP, Index (TPM3, 0x02))
 …
             Store (7, PPIP)
             Store (DerefOf (Index (Arg2, 0x00)), PPRQ)
             //
             // Triggle the SMI interrupt
             //
             Store (PPIN, IOB2)
+            //
+            // Triggle the SMI interrupt
+            //
+            Store (PPIN, IOB2)
             Return (FRET)
+          }
 …
             Store (8, PPIP)
             Store (DerefOf (Index (Arg2, 0x00)), PPRQ)
             //
             // Triggle the SMI interrupt
             //
             Store (PPIN, IOB2)
             Return (FRET)
+          }
 …
             //
             Store (DerefOf (Index (Arg2, 0x00)), MORD)
             //
             // Triggle the SMI through ACPI _DSM method.
             //
             Store (0x01, MCIP)
             //
             // Triggle the SMI interrupt
 …
           Default {BreakPoint}
+        }
         Return (1)
+        Return (1)
+      }

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TrEEConfig/TpmDetection.c

-              r58464
+              r58466
 Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
+{
   UINT8                             RegRead;
   RegRead = MmioRead8 ((UINTN)PcdGet64 (PcdTpmBaseAddress));
   if (RegRead == 0xFF) {

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TrEEConfig/TrEEConfig.vfr

-              r58464
+              r58466
 Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TrEEConfig/TrEEConfigDriver.c

-              r58464
+              r58466
 Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
     return EFI_ALREADY_STARTED;
+  }
   //
   // Create a private data structure.
 …
   //
   // Install private GUID.
   //
+  //
   Status = gBS->InstallMultipleProtocolInterfaces (
                   &ImageHandle,
 …
     ASSERT_EFI_ERROR (Status);
+  }
   //
   // Install TrEE configuration form
 …
   if (PrivateData != NULL) {
     UninstallTrEEConfigForm (PrivateData);
+  }
+  }
   return Status;
+}
 …
                   &gEfiCallerIdGuid,
                   (VOID **) &PrivateData
                   );
   if (EFI_ERROR (Status)) {
     return Status;
+  }
+                  );
+  if (EFI_ERROR (Status)) {
+    return Status;
+  }
   ASSERT (PrivateData->Signature == TREE_CONFIG_PRIVATE_DATA_SIGNATURE);
 …
          NULL
          );
   UninstallTrEEConfigForm (PrivateData);

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TrEEConfig/TrEEConfigDxe.inf

-              r58464
+              r58466
 ## @file
 #  TPM device configuration for TPM 2.0
+#
+#
 #  By this module, user may select TPM device, clear TPM state, etc.
 #  NOTE: This module is only for reference only, each platform should have its own setup page.
 …
   ## SOMETIMES_CONSUMES ## Variable:L"TrEEPhysicalPresence"
   gEfiTrEEPhysicalPresenceGuid
   ## PRODUCES           ## HII
   ## SOMETIMES_PRODUCES ## Variable:L"TREE_CONFIGURATION"
 …
   gEfiVariableArchProtocolGuid      AND
   gEfiVariableWriteArchProtocolGuid
 [UserExtensions.TianoCore."ExtraFiles"]
   TrEEConfigDxeExtra.uni

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TrEEConfig/TrEEConfigImpl.c

-              r58464
+              r58466
 Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
     END_DEVICE_PATH_TYPE,
     END_ENTIRE_DEVICE_PATH_SUBTYPE,
+    {
+    {
       (UINT8) (END_DEVICE_PATH_LENGTH),
       (UINT8) ((END_DEVICE_PATH_LENGTH) >> 8)
 …
   if (EFI_ERROR (Status)) {
     return Status;
+  }
+  }
   PpData.PPRequest = PpRequest;
   Status = gRT->SetVariable (
 …
     return EFI_INVALID_PARAMETER;
+  }
   if (Action == EFI_BROWSER_ACTION_CHANGED) {
     if (QuestionId == KEY_TPM_DEVICE) {
 …
            ConfigAccess,
            NULL
            );
+           );
     return EFI_OUT_OF_RESOURCES;
+  }
   PrivateData->HiiHandle = HiiHandle;
 …
+  }
   return EFI_SUCCESS;
+  return EFI_SUCCESS;
+}
 …
     PrivateData->DriverHandle = NULL;
+  }
   FreePool (PrivateData);
+}

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TrEEConfig/TrEEConfigImpl.h

-              r58464
+              r58466
 Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   EFI_HII_CONFIG_ACCESS_PROTOCOL    ConfigAccess;
   EFI_HII_HANDLE                    HiiHandle;
   EFI_HANDLE                        DriverHandle;
+  EFI_HANDLE                        DriverHandle;
   UINT8                             TpmDeviceDetected;

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TrEEConfig/TrEEConfigNvData.h

-              r58464
+              r58466
 Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf

-              r58464
+              r58466
   gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid                 ## PRODUCES
   gEfiSecurityPkgTokenSpaceGuid.PcdTpmInitializationPolicy         ## PRODUCES
   gEfiSecurityPkgTokenSpaceGuid.PcdTpmAutoDetection                ## CONSUMES
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpmAutoDetection                ## CONSUMES
   gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress                  ## SOMETIMES_CONSUMES
 …
   gEfiPeiMasterBootModePpiGuid AND
   gEfiPeiReadOnlyVariable2PpiGuid
 [UserExtensions.TianoCore."ExtraFiles"]
   TrEEConfigPeiExtra.uni

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TrEEConfig/TrEEConfigPeim.c

-              r58464
+              r58466
 Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TrEEDxe/MeasureBootPeCoff.c

-              r58464
+              r58466
 /** @file
   This module implements measuring PeCoff image for TrEE Protocol.
   Caution: This file requires additional review when modified.
   This driver will have external input - PE/COFF image.
 …
 Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   if (Hdr.Pe32->FileHeader.Machine == IMAGE_FILE_MACHINE_IA64 && Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
     //
     // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value
     //       in the PE/COFF Header. If the MachineType is Itanium(IA64) and the
+    // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value
+    //       in the PE/COFF Header. If the MachineType is Itanium(IA64) and the
     //       Magic value in the OptionalHeader is EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC
     //       then override the magic value to EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC
 …
     Magic = Hdr.Pe32->OptionalHeader.Magic;
+  }
   //
   // 3.  Calculate the distance from the base of the image header to the image checksum address.
 …
   if (EFI_ERROR (Status)) {
     goto Finish;
+  }
+  }
   //
 …
         goto Finish;
+      }
+    }
+    }
   } else {
     //
 …
       //
       // Use PE32+ offset
       //
+      //
       HashBase = (UINT8 *) &Hdr.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);
       HashSize = (UINTN) ((UINT8 *)(&Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - HashBase);
 …
       HashSize = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - ImageAddress);
+    }
     if (HashSize != 0) {
       Status  = HashUpdate (HashHandle, HashBase, HashSize);

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TrEEDxe/TrEEDxe.c

-              r58464
+              r58466
 /** @file
   This module implements TrEE Protocol.
 Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
 // The following EFI_TCG_SERVER_ACPI_TABLE default setting is just one example,
 // the TPM device connectes to LPC, and also defined the ACPI _UID as 0xFF,
 // this _UID can be changed and should match with the _UID setting of the TPM
 // ACPI device object
+// this _UID can be changed and should match with the _UID setting of the TPM
+// ACPI device object
 //
 EFI_TCG_SERVER_ACPI_TABLE           mTcgServerAcpiTemplate = {
 …
   @retval EFI_SUCCESS            Operation completed successfully.
   @retval EFI_DEVICE_ERROR       The command was unsuccessful.
                                  The ProtocolCapability variable will not be populated.
+                                 The ProtocolCapability variable will not be populated.
   @retval EFI_INVALID_PARAMETER  One or more of the parameters are incorrect.
                                  The ProtocolCapability variable will not be populated.
   @retval EFI_BUFFER_TOO_SMALL   The ProtocolCapability variable is too small to hold the full response.
                                  It will be partially populated (required Size field will be set).
+                                 It will be partially populated (required Size field will be set).
 **/
 EFI_STATUS
 …
   DEBUG ((EFI_D_INFO, "EventLogFormat: (0x%x)\n", EventLogFormat));
   switch (EventLogFormat) {
   case TREE_EVENT_LOG_FORMAT_TCG_1_2:
 …
 /**
   The EFI_TREE_PROTOCOL Get Event Log function call allows a caller to
   retrieve the address of a given event log and its last entry.
+  retrieve the address of a given event log and its last entry.
   @param[in]  This               Indicates the calling context
 …
   Add a new entry to the Event Log.
   @param[in, out] EventLogPtr     Pointer to the Event Log data.
   @param[in, out] LogSize         Size of the Event Log.
+  @param[in, out] EventLogPtr     Pointer to the Event Log data.
+  @param[in, out] LogSize         Size of the Event Log.
   @param[in]      MaxSize         Maximum size of the Event Log.
   @param[in]      NewEventHdr     Pointer to a TCG_PCR_EVENT_HDR/TCG_PCR_EVENT_EX data structure.
+  @param[in]      NewEventHdr     Pointer to a TCG_PCR_EVENT_HDR/TCG_PCR_EVENT_EX data structure.
   @param[in]      NewEventHdrSize New event header size.
   @param[in]      NewEventData    Pointer to the new event data.
+  @param[in]      NewEventData    Pointer to the new event data.
   @param[in]      NewEventSize    New event data size.
   @retval EFI_SUCCESS           The new event log entry was added.
   @retval EFI_OUT_OF_RESOURCES  No enough memory to log the new event.
 …
   @param[in] EventLogFormat  The type of the event log for which the information is requested.
   @param[in] NewEventHdr     Pointer to a TCG_PCR_EVENT_HDR/TCG_PCR_EVENT_EX data structure.
+  @param[in] NewEventHdr     Pointer to a TCG_PCR_EVENT_HDR/TCG_PCR_EVENT_EX data structure.
   @param[in] NewEventHdrSize New event header size.
   @param[in] NewEventData    Pointer to the new event data.
+  @param[in] NewEventData    Pointer to the new event data.
   @param[in] NewEventSize    New event data size.
 …
              NewEventSize
              );
   if (Status == EFI_DEVICE_ERROR) {
     return EFI_DEVICE_ERROR;
 …
   @param[in]      Flags         Bitmap providing additional information.
   @param[in]      HashData      Physical address of the start of the data buffer
+  @param[in]      HashData      Physical address of the start of the data buffer
                                 to be hashed, extended, and logged.
   @param[in]      HashDataLen   The length, in bytes, of the buffer referenced by HashData
   @param[in, out] NewEventHdr   Pointer to a TCG_PCR_EVENT_HDR data structure.
   @param[in]      NewEventData  Pointer to the new event data.
+  @param[in, out] NewEventHdr   Pointer to a TCG_PCR_EVENT_HDR data structure.
+  @param[in]      NewEventData  Pointer to the new event data.
   @retval EFI_SUCCESS           Operation completed successfully.
 …
   EFI_STATUS                        Status;
   TPML_DIGEST_VALUES                DigestList;
   if (!mTcgDxeData.BsCap.TrEEPresentFlag) {
     return EFI_DEVICE_ERROR;
 …
   The EFI_TREE_PROTOCOL HashLogExtendEvent function call provides callers with
   an opportunity to extend and optionally log events without requiring
   knowledge of actual TPM commands.
+  knowledge of actual TPM commands.
   The extend operation will occur even if this function cannot create an event
   log entry (e.g. due to the event log being full).
+  log entry (e.g. due to the event log being full).
   @param[in]  This               Indicates the calling context
   @param[in]  Flags              Bitmap providing additional information.
   @param[in]  DataToHash         Physical address of the start of the data buffer to be hashed.
+  @param[in]  DataToHash         Physical address of the start of the data buffer to be hashed.
   @param[in]  DataToHashLen      The length in bytes of the buffer referenced by DataToHash.
   @param[in]  Event              Pointer to data buffer containing information about the event.
 …
   @retval EFI_DEVICE_ERROR       The command was not successfully sent to the device or a response was not successfully received from the device.
   @retval EFI_INVALID_PARAMETER  One or more of the parameters are incorrect.
   @retval EFI_BUFFER_TOO_SMALL   The output parameter block is too small.
+  @retval EFI_BUFFER_TOO_SMALL   The output parameter block is too small.
 **/
 EFI_STATUS
 …
       mTcgDxeData.EventLogAreaStruct[Index].Laml = EFI_TCG_LOG_AREA_SIZE;
       //
       // To initialize them as 0xFF is recommended
+      // To initialize them as 0xFF is recommended
       // because the OS can know the last entry for that.
       //
 …
       GuidHob.Raw = GetHobList ();
       Status = EFI_SUCCESS;
       while (!EFI_ERROR (Status) &&
+      while (!EFI_ERROR (Status) &&
              (GuidHob.Raw = GetNextGuidHob (mTreeEventInfo[Index].EventGuid, GuidHob.Raw)) != NULL) {
         TcgEvent    = GET_GUID_HOB_DATA (GuidHob.Guid);
 …
   Measure and log an action string, and extend the measurement result into PCR[5].
   @param[in] String           A specific string that indicates an Action event.
+  @param[in] String           A specific string that indicates an Action event.
   @retval EFI_SUCCESS         Operation completed successfully.
   @retval EFI_DEVICE_ERROR    The operation was unsuccessful.
 …
   if (PcdGet8 (PcdTpmPlatformClass) == TCG_PLATFORM_TYPE_SERVER) {
     //
     // Tcg Server spec.
+    // Tcg Server spec.
     // Measure each processor EFI_CPU_PHYSICAL_LOCATION with EV_TABLE_OF_DEVICES to PCR[1]
     //
 …
   Measure and log Separator event, and extend the measurement result into a specific PCR.
   @param[in] PCRIndex         PCR index.
+  @param[in] PCRIndex         PCR index.
   @retval EFI_SUCCESS         Operation completed successfully.
 …
   Measure and log an EFI variable, and extend the measurement result into a specific PCR.
   @param[in]  PCRIndex          PCR Index.
   @param[in]  EventType         Event type.
+  @param[in]  PCRIndex          PCR Index.
+  @param[in]  EventType         Event type.
   @param[in]  VarName           A Null-terminated string that is the name of the vendor's variable.
   @param[in]  VendorGuid        A unique identifier for the vendor.
   @param[in]  VarData           The content of the variable data.
   @param[in]  VarSize           The size of the variable data.
+  @param[in]  VarData           The content of the variable data.
+  @param[in]  VarSize           The size of the variable data.
   @retval EFI_SUCCESS           Operation completed successfully.
   @retval EFI_OUT_OF_RESOURCES  Out of memory.
 …
   Read then Measure and log an EFI variable, and extend the measurement result into a specific PCR.
   @param[in]  PCRIndex          PCR Index.
   @param[in]  EventType         Event type.
+  @param[in]  PCRIndex          PCR Index.
+  @param[in]  EventType         Event type.
   @param[in]   VarName          A Null-terminated string that is the name of the vendor's variable.
   @param[in]   VendorGuid       A unique identifier for the vendor.
   @param[out]  VarSize          The size of the variable data.
   @param[out]  VarData          Pointer to the content of the variable.
+  @param[out]  VarSize          The size of the variable data.
+  @param[out]  VarData          Pointer to the content of the variable.
   @retval EFI_SUCCESS           Operation completed successfully.
   @retval EFI_OUT_OF_RESOURCES  Out of memory.
 …
   @param[in]   VarName          A Null-terminated string that is the name of the vendor's variable.
   @param[in]   VendorGuid       A unique identifier for the vendor.
   @param[out]  VarSize          The size of the variable data.
   @param[out]  VarData          Pointer to the content of the variable.
+  @param[out]  VarSize          The size of the variable data.
+  @param[out]  VarData          Pointer to the content of the variable.
   @retval EFI_SUCCESS           Operation completed successfully.
   @retval EFI_OUT_OF_RESOURCES  Out of memory.
 …
   @param[in]   VarName          A Null-terminated string that is the name of the vendor's variable.
   @param[in]   VendorGuid       A unique identifier for the vendor.
   @param[out]  VarSize          The size of the variable data.
   @param[out]  VarData          Pointer to the content of the variable.
+  @param[out]  VarSize          The size of the variable data.
+  @param[out]  VarData          Pointer to the content of the variable.
   @retval EFI_SUCCESS           Operation completed successfully.
   @retval EFI_OUT_OF_RESOURCES  Out of memory.
 …
   Install TCG ACPI Table when ACPI Table Protocol is available.
   A system's firmware uses an ACPI table to identify the system's TCG capabilities
   to the Post-Boot environment. The information in this ACPI table is not guaranteed
   to be valid until the Host Platform transitions from pre-boot state to post-boot state.
+  A system's firmware uses an ACPI table to identify the system's TCG capabilities
+  to the Post-Boot environment. The information in this ACPI table is not guaranteed
+  to be valid until the Host Platform transitions from pre-boot state to post-boot state.
   @param[in]  Event     Event whose notification function is being invoked
 …
     mTcgClientAcpiTemplate.Header.CreatorRevision  = PcdGet32 (PcdAcpiDefaultCreatorRevision);
     //
     // The ACPI table must be checksumed before calling the InstallAcpiTable()
+    // The ACPI table must be checksumed before calling the InstallAcpiTable()
     // service of the ACPI table protocol to install it.
     //
 …
     mTcgServerAcpiTemplate.Header.CreatorRevision  = PcdGet32 (PcdAcpiDefaultCreatorRevision);
     //
     // The ACPI table must be checksumed before calling the InstallAcpiTable()
+    // The ACPI table must be checksumed before calling the InstallAcpiTable()
     // service of the ACPI table protocol to install it.
     //
 …
 /**
   The function install TrEE protocol.
   @retval EFI_SUCCESS     TrEE protocol is installed.
   @retval other           Some error occurs.
 …
   The driver's entry point. It publishes EFI TrEE Protocol.
   @param[in] ImageHandle  The firmware allocated handle for the EFI image.
+  @param[in] ImageHandle  The firmware allocated handle for the EFI image.
   @param[in] SystemTable  A pointer to the EFI System Table.
   @retval EFI_SUCCESS     The entry point is executed successfully.
   @retval other           Some error occurs when executing this entry point.
 …
     return EFI_DEVICE_ERROR;
+  }
   Status = Tpm2RequestUseTpm ();
   if (EFI_ERROR (Status)) {
 …
     return Status;
+  }
   //
   // Fill information
 …
     //
     // Measure Exit Boot Service failed
+    // Measure Exit Boot Service failed
     //
     Status = gBS->CreateEventEx (

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TrEEDxe/TrEEDxe.inf

-              r58464
+              r58466
   ## SOMETIMES_CONSUMES     ## GUID                  # Handoff Table for measurement.
   gEfiSmbiosTableGuid
   ## SOMETIMES_CONSUMES     ## Variable:L"SecureBoot"
   ## SOMETIMES_CONSUMES     ## Variable:L"PK"
 …
   ## SOMETIMES_CONSUMES      ## Variable:L"dbx"
   gEfiImageSecurityDatabaseGuid
   gTcgEventEntryHobGuid                              ## SOMETIMES_CONSUMES  ## HOB
   gTpmErrorHobGuid                                   ## SOMETIMES_CONSUMES  ## HOB

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TrEEPei/TrEEPei.c

-              r58464
+              r58466
 Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
     EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK,
     &gEfiPeiFirmwareVolumeInfoPpiGuid,
     FirmwareVolmeInfoPpiNotifyCallback
+    FirmwareVolmeInfoPpiNotifyCallback
   },
+  {
     EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK,
     &gEfiPeiFirmwareVolumeInfo2PpiGuid,
     FirmwareVolmeInfoPpiNotifyCallback
+    FirmwareVolmeInfoPpiNotifyCallback
   },
+  {
 …
 /**
   Record all measured Firmware Volum Information into a Guid Hob
   Guid Hob payload layout is
+  Guid Hob payload layout is
      UINT32 *************************** FIRMWARE_BLOB number
 …
   IN VOID                          *Ppi
+  )
+{
+{
   MEASURED_HOB_DATA *MeasuredHobData;
 …
   //
   // Create a Guid hob to save all measured Fv
+  // Create a Guid hob to save all measured Fv
   //
   MeasuredHobData = BuildGuidHob(
 …
   @param[in]      Flags         Bitmap providing additional information.
   @param[in]      HashData      Physical address of the start of the data buffer
+  @param[in]      HashData      Physical address of the start of the data buffer
                                 to be hashed, extended, and logged.
   @param[in]      HashDataLen   The length, in bytes, of the buffer referenced by HashData.
   @param[in]      NewEventHdr   Pointer to a TCG_PCR_EVENT_HDR data structure.
   @param[in]      NewEventData  Pointer to the new event data.
+  @param[in]      NewEventHdr   Pointer to a TCG_PCR_EVENT_HDR data structure.
+  @param[in]      NewEventData  Pointer to the new event data.
   @retval EFI_SUCCESS           Operation completed successfully.
 …
+    }
+  }
   if (Status == EFI_DEVICE_ERROR) {
     DEBUG ((EFI_D_ERROR, "HashLogExtendEvent - %r. Disable TPM.\n", Status));
 …
 /**
   Measure FV image.
   Add it into the measured FV list after the FV is measured successfully.
+  Measure FV image.
+  Add it into the measured FV list after the FV is measured successfully.
   @param[in]  FvBase            Base address of FV image.
   @param[in]  FvLength          Length of FV image.
   @retval EFI_SUCCESS           Fv image is measured successfully
+  @retval EFI_SUCCESS           Fv image is measured successfully
                                 or it has been already measured.
   @retval EFI_OUT_OF_RESOURCES  No enough memory to log the new event.
 …
+    }
+  }
   //
   // Measure and record the FV to the TPM
 …
       break;
+    }
     //
     // Measure and record the firmware volume that is dispatched by PeiCore
 …
     //
     Status = PeiServicesLocatePpi (
                &VolumeInfo.FvFormat,
 ,
+               &VolumeInfo.FvFormat,
+,
                NULL,
                (VOID**)&FvPpi
 …
   //
   Status = PeiServicesLocatePpi (
              &Fv->FvFormat,
 ,
+             &Fv->FvFormat,
+,
              NULL,
              (VOID**)&FvPpi
 …
     return EFI_SUCCESS;
+  }
   //
   // This is an FV from an FFS file, and the parent FV must have already been measured,
 …
   //
   if (Fv->ParentFvName != NULL || Fv->ParentFileName != NULL ) {
     ASSERT (mMeasuredChildFvIndex < FixedPcdGet32 (PcdPeiCoreMaxFvSupported));
     if (mMeasuredChildFvIndex < FixedPcdGet32 (PcdPeiCoreMaxFvSupported)) {
 …
   Status = PeiServicesLocatePpi (
                &gEfiPeiFirmwareVolumeInfoMeasurementExcludedPpiGuid,
 ,
+               &gEfiPeiFirmwareVolumeInfoMeasurementExcludedPpiGuid,
+,
                NULL,
                (VOID**)&mMeasurementExcludedFvPpi
 …
   mMeasuredChildFvInfo = (EFI_PLATFORM_FIRMWARE_BLOB *) AllocateZeroPool (sizeof (EFI_PLATFORM_FIRMWARE_BLOB) * PcdGet32 (PcdPeiCoreMaxFvSupported));
   ASSERT (mMeasuredChildFvInfo != NULL);
   if (PcdGet8 (PcdTpm2ScrtmPolicy) == 1) {
     Status = MeasureCRTMVersion ();

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TrEESmm/Tpm.asl

Property svn:eol-style set to native

-              r58464
+              r58466
 /** @file
   The TPM2 definition block in ACPI table for TrEE physical presence
+  The TPM2 definition block in ACPI table for TrEE physical presence
   and MemoryClear.
 Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
       //
       Name (_HID, "MSFT0101")
       //
       // Readable name of this device, don't know if this way is correct yet
 …
       OperationRegion (SMIP, SystemIO, 0xB2, 1)
       Field (SMIP, ByteAcc, NoLock, Preserve)
+      {
+      {
           IOB2, 8
+      }
 …
       Method (PTS, 1, Serialized)
+      {
+      {
         //
         // Detect Sx state for MOR, only S4, S5 need to handle
         //
         If (LAnd (LLess (Arg0, 6), LGreater (Arg0, 3)))
+        {
+        {
           //
           // Bit4 -- DisableAutoDetect. 0 -- Firmware MAY autodetect.
 …
             //
             Store (0x02, MCIP)
             //
             // Triggle the SMI interrupt
 …
+        }
         Return (0)
+      }
+      }
       Method (_STA, 0)
 …
       Name(TPM2, Package (0x02){
-        Zero,
-        Zero
-      })
-      Name(TPM3, Package (0x03){
-        Zero,
         Zero,
         Zero
       })
+      Name(TPM3, Package (0x03){
+        Zero,
+        Zero,
+        Zero
+      })
       //
       // TCG Physical Presence Interface
       //
       Method (TPPI, 3, Serialized, 0, {BuffObj, PkgObj, IntObj, StrObj}, {UnknownObj, UnknownObj, UnknownObj}) // IntObj, IntObj, PkgObj
+      {
+      {
         //
         // Switch by function index
 …
             // b) Submit TPM Operation Request to Pre-OS Environment
             //
             Store (DerefOf (Index (Arg2, 0x00)), PPRQ)
             Store (0x02, PPIP)
             //
             // Triggle the SMI interrupt
 …
             // c) Get Pending TPM Operation Requested By the OS
             //
             Store (PPRQ, Index (TPM2, 0x01))
             Return (TPM2)
 …
             //
             Store (0x05, PPIP)
             //
             // Triggle the SMI interrupt
             //
             Store (PPIN, IOB2)
             Store (LPPR, Index (TPM3, 0x01))
             Store (PPRP, Index (TPM3, 0x02))
 …
             Store (7, PPIP)
             Store (DerefOf (Index (Arg2, 0x00)), PPRQ)
             //
             // Triggle the SMI interrupt
             //
             Store (PPIN, IOB2)
+            //
+            // Triggle the SMI interrupt
+            //
+            Store (PPIN, IOB2)
             Return (FRET)
+          }
 …
             Store (8, PPIP)
             Store (DerefOf (Index (Arg2, 0x00)), PPRQ)
             //
             // Triggle the SMI interrupt
             //
             Store (PPIN, IOB2)
             Return (FRET)
+          }
 …
             //
             Store (DerefOf (Index (Arg2, 0x00)), MORD)
             //
             // Triggle the SMI through ACPI _DSM method.
             //
             Store (0x01, MCIP)
             //
             // Triggle the SMI interrupt
 …
           Default {BreakPoint}
+        }
         Return (1)
+        Return (1)
+      }

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TrEESmm/TrEESmm.c

-              r58464
+              r58466
 Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
     mTcgNvs->PhysicalPresence.LastRequest = PpData.LastPPRequest;
     mTcgNvs->PhysicalPresence.Response    = PpData.PPResponse;
   } else if ((mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS)
+  } else if ((mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS)
           || (mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS_2)) {
     if (EFI_ERROR (Status)) {
 …
+    }
     if (EFI_ERROR (Status)) {
+    if (EFI_ERROR (Status)) {
       mTcgNvs->PhysicalPresence.ReturnCode = TREE_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE;
       DEBUG ((EFI_D_ERROR, "[TPM2] Set PP variable failure! Status = %r\n", Status));
 …
         } else {
           if (mTcgNvs->PhysicalPresence.Request < TREE_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
             mTcgNvs->PhysicalPresence.ReturnCode = TREE_PP_GET_USER_CONFIRMATION_NOT_IMPLEMENTED;
+            mTcgNvs->PhysicalPresence.ReturnCode = TREE_PP_GET_USER_CONFIRMATION_NOT_IMPLEMENTED;
             return EFI_SUCCESS;
+          }
 …
     } else {
       mTcgNvs->PhysicalPresence.ReturnCode = TREE_PP_GET_USER_CONFIRMATION_ALLOWED_AND_PPUSER_REQUIRED;
+    }
+    }
     if (mTcgNvs->PhysicalPresence.Request >= TREE_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
       mTcgNvs->PhysicalPresence.ReturnCode = TrEEPpVendorLibGetUserConfirmationStatusFunction (mTcgNvs->PhysicalPresence.Request, Flags.PPFlags);
+    }
+  }
+  }
   return EFI_SUCCESS;
 …
                            &MorControl
                            );
   if (EFI_ERROR (Status)) {
+  if (EFI_ERROR (Status)) {
     mTcgNvs->MemoryClear.ReturnCode = MOR_REQUEST_GENERAL_FAILURE;
     DEBUG ((EFI_D_ERROR, "[TPM] Set MOR variable failure! Status = %r\n", Status));
 …
        OpRegion <= (AML_OP_REGION_32_8 *) ((UINT8 *) Table + Table->Length);
        OpRegion  = (AML_OP_REGION_32_8 *) ((UINT8 *) OpRegion + 1)) {
     if ((OpRegion->OpRegionOp  == AML_EXT_REGION_OP) &&
+    if ((OpRegion->OpRegionOp  == AML_EXT_REGION_OP) &&
         (OpRegion->NameString  == Name) &&
         (OpRegion->DWordPrefix == AML_DWORD_PREFIX) &&
 …
   The driver's entry point.
   It install callbacks for TPM physical presence and MemoryClear, and locate
+  It install callbacks for TPM physical presence and MemoryClear, and locate
   SMM variable to be used in the callback function.
   @param[in] ImageHandle  The firmware allocated handle for the EFI image.
+  @param[in] ImageHandle  The firmware allocated handle for the EFI image.
   @param[in] SystemTable  A pointer to the EFI System Table.
   @retval EFI_SUCCESS     The entry point is executed successfully.
   @retval Others          Some error occurs when executing this entry point.
 …
+  }
   mTcgNvs->MemoryClear.SoftwareSmi = (UINT8) SwContext.SwSmiInputValue;
   //
   // Locate SmmVariableProtocol.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TrEESmm/TrEESmm.h

-              r58464
+              r58466
 /** @file
   The header file for TrEE SMM driver.
 Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TrEESmm/TrEESmm.inf

-              r58464
+              r58466
 #  Provides ACPI metholds for TPM 2.0 support
+#
 #  This driver implements TPM 2.0 definition block in ACPI table and
 #  registers SMI callback functions for TrEE physical presence and
+#  This driver implements TPM 2.0 definition block in ACPI table and
+#  registers SMI callback functions for TrEE physical presence and
 #  MemoryClear to handle the requests from ACPI method.
+#
 …
   ## SOMETIMES_PRODUCES ## Variable:L"MemoryOverwriteRequestControl"
   ## SOMETIMES_CONSUMES ## Variable:L"MemoryOverwriteRequestControl"
+  ## SOMETIMES_CONSUMES ## Variable:L"MemoryOverwriteRequestControl"
   gEfiMemoryOverwriteControlDataGuid
   gEfiTpmDeviceInstanceTpm20DtpmGuid                            ## PRODUCES           ## GUID       # TPM device identifier

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProvider.c

-              r58459
+              r58466
 /** @file
   Password Credential Provider driver implementation.
 Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   //
   NewTable = (CREDENTIAL_TABLE *) AllocateZeroPool (
                                     sizeof (CREDENTIAL_TABLE) +
+                                    sizeof (CREDENTIAL_TABLE) +
                                     (Count - 1) * sizeof (PASSWORD_INFO)
                                     );
   ASSERT (NewTable != NULL);
+  ASSERT (NewTable != NULL);
   NewTable->MaxCount    = Count;
 …
   //
   CopyMem (
     &NewTable->UserInfo,
     &mPwdTable->UserInfo,
+    &NewTable->UserInfo,
+    &mPwdTable->UserInfo,
     mPwdTable->Count * sizeof (PASSWORD_INFO)
     );
 …
   @param[in]  Index     The index of the password in table. If index is found in
                         table, update the info, else add the into to table.
   @param[in]  Info      The new password info to add into table.If Info is NULL,
+                        table, update the info, else add the into to table.
+  @param[in]  Info      The new password info to add into table.If Info is NULL,
                         delete the info by Index.
 …
       if (Index != mPwdTable->Count) {
         NewPasswordInfo = &mPwdTable->UserInfo[mPwdTable->Count];
+      }
+      }
     } else {
       //
 …
   Var     = NULL;
   Status  = gRT->GetVariable (
                    L"PwdCredential",
                    &gPwdCredentialProviderGuid,
                    NULL,
+                   L"PwdCredential",
+                   &gPwdCredentialProviderGuid,
+                   NULL,
                    &VarSize,
                    Var
 …
+    }
     Status = gRT->GetVariable (
                     L"PwdCredential",
                     &gPwdCredentialProviderGuid,
                     NULL,
+                    L"PwdCredential",
+                    &gPwdCredentialProviderGuid,
+                    NULL,
                     &VarSize,
                     Var
 …
     return Status;
+  }
   //
   // Create the password credential table.
 …
   mPwdTable = AllocateZeroPool (
                 sizeof (CREDENTIAL_TABLE) - sizeof (PASSWORD_INFO) +
                 PASSWORD_TABLE_INC * sizeof (PASSWORD_INFO) +
+                PASSWORD_TABLE_INC * sizeof (PASSWORD_INFO) +
                 VarSize
                 );
 …
   @retval      TRUE           Hash the password successfully.
   @retval      FALSE          Failed to hash the password.
 **/
 BOOLEAN
 …
   UINTN             HashSize;
   VOID              *Hash;
   HashSize = Sha1GetContextSize ();
   Hash     = AllocatePool (HashSize);
   ASSERT (Hash != NULL);
   Status = Sha1Init (Hash);
   if (!Status) {
     goto Done;
+  }
   Status = Sha1Update (Hash, Password, PasswordSize);
   if (!Status) {
     goto Done;
+  }
   Status = Sha1Final (Hash, Credential);
 Done:
   FreePool (Hash);
 …
   CHAR16        *QuestionStr;
   CHAR16        *LineStr;
   PasswordLen = 0;
   while (TRUE) {
 …
     FreePool (QuestionStr);
     FreePool (LineStr);
     //
     // Check key stroke
 …
           PasswordLen--;
+        }
       } else if ((Key.UnicodeChar == CHAR_NULL) ||
                  (Key.UnicodeChar == CHAR_TAB) ||
+      } else if ((Key.UnicodeChar == CHAR_NULL) ||
+                 (Key.UnicodeChar == CHAR_TAB) ||
                  (Key.UnicodeChar == CHAR_LINEFEED)) {
         continue;
 …
+    }
+  }
   PasswordLen = PasswordLen * sizeof (CHAR16);
   GenerateCredential (Password, PasswordLen, (UINT8 *)Credential);
 …
   UINTN      Index;
   CHAR8      *Pwd;
   //
   // Check password credential.
 …
   Find a user infomation record by the information record type.
   This function searches all user information records of User from beginning
+  This function searches all user information records of User from beginning
   until either the information is found, or there are no more user infomation
   records. A match occurs when a Info.InfoType field matches the user information
   record type.
   @param[in]     User      Points to the user profile record to search.
+  @param[in]     User      Points to the user profile record to search.
   @param[in]     InfoType  The infomation type to be searched.
   @param[out]    Info      Points to the user info found, the caller is responsible
                            to free.
   @retval EFI_SUCCESS      Find the user information successfully.
   @retval Others           Fail to find the user information.
 …
   EFI_USER_INFO_HANDLE       UserInfoHandle;
   EFI_USER_MANAGER_PROTOCOL  *UserManager;
   //
   // Find user information by information type.
 …
       *Info = UserInfo;
       return EFI_SUCCESS;
+    }
+    }
+  }
 …
+      }
       *ActionRequest  = EFI_BROWSER_ACTION_REQUEST_EXIT;
+    }
+    }
     return EFI_SUCCESS;
+  }
 …
   Enroll a user on a credential provider.
   This function enrolls a user on this credential provider. If the user exists on
   this credential provider, update the user information on this credential provider;
+  This function enrolls a user on this credential provider. If the user exists on
+  this credential provider, update the user information on this credential provider;
   otherwise add the user information on credential provider.
   @param[in] This                Points to this instance of EFI_USER_CREDENTIAL2_PROTOCOL.
   @param[in] User                The user profile to enroll.
   @retval EFI_SUCCESS            User profile was successfully enrolled.
   @retval EFI_ACCESS_DENIED      Current user profile does not permit enrollment on the
                                  user profile handle. Either the user profile cannot enroll
                                  on any user profile or cannot enroll on a user profile
+                                 on any user profile or cannot enroll on a user profile
                                  other than the current user profile.
   @retval EFI_UNSUPPORTED        This credential provider does not support enrollment in
 …
                                  error.
   @retval EFI_INVALID_PARAMETER  User does not refer to a valid user profile handle.
 **/
 EFI_STATUS
 …
+  }
   CopyMem (PwdInfo.UserId, (UINT8 *) (UserInfo + 1), sizeof (EFI_USER_INFO_IDENTIFIER));
+  CopyMem (PwdInfo.UserId, (UINT8 *) (UserInfo + 1), sizeof (EFI_USER_INFO_IDENTIFIER));
   FreePool (UserInfo);
   //
   // Get password from user.
   //
+  //
   while (TRUE) {
     //
 …
     if (CompareMem (PwdInfo.Password, Password, CREDENTIAL_LEN) == 0) {
       break;
+    }
+    }
     QuestionStr = GetStringById (STRING_TOKEN (STR_PASSWORD_MISMATCH));
     PromptStr   = GetStringById (STRING_TOKEN (STR_INPUT_PASSWORD_AGAIN));
+    PromptStr   = GetStringById (STRING_TOKEN (STR_INPUT_PASSWORD_AGAIN));
     CreatePopUp (
       EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
 …
   //
   // Check whether User is ever enrolled in the provider.
   //
+  //
   for (Index = 0; Index < mPwdTable->Count; Index++) {
     UserId = (UINT8 *) &mPwdTable->UserInfo[Index].UserId;
 …
       //
       // User already exists, update the password.
       //
+      //
       break;
+    }
+  }
   //
   // Enroll the User to the provider.
 …
   This function returns information about the form used when interacting with the
   user during user identification. The form is the first enabled form in the form-set
   class EFI_HII_USER_CREDENTIAL_FORMSET_GUID installed on the HII handle HiiHandle. If
+  class EFI_HII_USER_CREDENTIAL_FORMSET_GUID installed on the HII handle HiiHandle. If
   the user credential provider does not require a form to identify the user, then this
   function should return EFI_NOT_FOUND.
 …
   @param[out] FormSetId  On return, holds the identifier of the form set which contains
                          the form used during user identification.
   @param[out] FormId     On return, holds the identifier of the form used during user
+  @param[out] FormId     On return, holds the identifier of the form used during user
                          identification.
   @retval EFI_SUCCESS            Form returned successfully.
   @retval EFI_NOT_FOUND          Form not returned.
   @retval EFI_INVALID_PARAMETER  Hii is NULL or FormSetId is NULL or FormId is NULL.
 **/
 EFI_STATUS
 …
+  )
+{
   if ((This == NULL) || (Hii == NULL) ||
+  if ((This == NULL) || (Hii == NULL) ||
       (FormSetId == NULL) || (FormId == NULL)) {
     return EFI_INVALID_PARAMETER;
 …
   *FormId    = FORMID_GET_PASSWORD_FORM;
   CopyGuid (FormSetId, &gPwdCredentialProviderGuid);
   return EFI_SUCCESS;
+}
 …
   This optional function returns a bitmap that is less than or equal to the number
   of pixels specified by Width and Height. If no such bitmap exists, then EFI_NOT_FOUND
   is returned.
+  is returned.
   @param[in]      This    Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
   @param[in, out] Width   On entry, points to the desired bitmap width. If NULL then no
                           bitmap information will be returned. On exit, points to the
+  @param[in, out] Width   On entry, points to the desired bitmap width. If NULL then no
+                          bitmap information will be returned. On exit, points to the
                           width of the bitmap returned.
   @param[in, out] Height  On entry, points to the desired bitmap height. If NULL then no
                           bitmap information will be returned. On exit, points to the
+                          bitmap information will be returned. On exit, points to the
                           height of the bitmap returned
   @param[out]     Hii     On return, holds the HII database handle.
   @param[out]     Image   On return, holds the HII image identifier.
+  @param[out]     Hii     On return, holds the HII database handle.
+  @param[out]     Image   On return, holds the HII image identifier.
   @retval EFI_SUCCESS            Image identifier returned successfully.
   @retval EFI_NOT_FOUND          Image identifier not returned.
   @retval EFI_INVALID_PARAMETER  Hii is NULL or Image is NULL.
 **/
 EFI_STATUS
 …
       OUT    EFI_IMAGE_ID                        *Image
+  )
+{
+{
   if ((This == NULL) || (Hii == NULL) || (Image == NULL)) {
     return EFI_INVALID_PARAMETER;
 …
   This function returns a string which describes the credential provider. If no
   such string exists, then EFI_NOT_FOUND is returned.
+  such string exists, then EFI_NOT_FOUND is returned.
   @param[in]  This       Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
   @param[out] Hii        On return, holds the HII database handle.
   @param[out] String     On return, holds the HII string identifier.
   @retval EFI_SUCCESS            String identifier returned successfully.
   @retval EFI_NOT_FOUND          String identifier not returned.
   @retval EFI_INVALID_PARAMETER  Hii is NULL or String is NULL.
 **/
 EFI_STATUS
 …
     return EFI_INVALID_PARAMETER;
+  }
   //
   // Set Hii handle and String ID.
 …
   This function returns the user identifier of the user authenticated by this credential
   provider. This function is called after the credential-related information has been
+  provider. This function is called after the credential-related information has been
   submitted on a form, OR after a call to Default() has returned that this credential is
   ready to log on.
   @param[in]  This           Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
   @param[in]  User           The user profile handle of the user profile currently being
+  @param[in]  User           The user profile handle of the user profile currently being
                              considered by the user identity manager. If NULL, then no user
                              profile is currently under consideration.
   @param[out] Identifier     On return, points to the user identifier.
+  @param[out] Identifier     On return, points to the user identifier.
   @retval EFI_SUCCESS            User identifier returned successfully.
   @retval EFI_NOT_READY          No user identifier can be returned.
 …
   @retval EFI_NOT_FOUND          User is not NULL, and the specified user handle can't be
                                  found in user profile database
 **/
 EFI_STATUS
 …
     return EFI_NOT_READY;
+  }
   if (User == NULL) {
     //
     // Return the user ID whose password matches the input password.
     //
+    //
     CopyMem (
       Identifier,
       &mPwdTable->UserInfo[mPwdTable->ValidIndex - 1].UserId,
+      Identifier,
+      &mPwdTable->UserInfo[mPwdTable->ValidIndex - 1].UserId,
       sizeof (EFI_USER_INFO_IDENTIFIER)
       );
+      );
     return EFI_SUCCESS;
+  }
   //
   // Get the User's ID.
 …
     return EFI_NOT_FOUND;
+  }
   //
   // Check whether the input password matches one in PwdTable.
 …
         FreePool (UserInfo);
         return EFI_SUCCESS;
+      }
+    }
+  }
   FreePool (UserInfo);
+      }
+    }
+  }
+  FreePool (UserInfo);
   return EFI_NOT_READY;
+}
 …
   Indicate that user interface interaction has begun for the specified credential.
   This function is called when a credential provider is selected by the user. If
+  This function is called when a credential provider is selected by the user. If
   AutoLogon returns FALSE, then the user interface will be constructed by the User
   Identity Manager.
+  Identity Manager.
   @param[in]  This       Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
   @param[out] AutoLogon  On return, points to the credential provider's capabilities
                          after the credential provider has been selected by the user.
+  @param[out] AutoLogon  On return, points to the credential provider's capabilities
+                         after the credential provider has been selected by the user.
   @retval EFI_SUCCESS            Credential provider successfully selected.
   @retval EFI_INVALID_PARAMETER  AutoLogon is NULL.
 **/
 EFI_STATUS
 …
   @param[in] This        Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
   @retval EFI_SUCCESS    Credential provider successfully deselected.
 **/
 EFI_STATUS
 …
   Return the default logon behavior for this user credential.
   This function reports the default login behavior regarding this credential provider.
+  This function reports the default login behavior regarding this credential provider.
   @param[in]  This       Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
   @param[out] AutoLogon  On return, holds whether the credential provider should be used
                          by default to automatically log on the user.
+                         by default to automatically log on the user.
   @retval EFI_SUCCESS            Default information successfully returned.
   @retval EFI_INVALID_PARAMETER  AutoLogon is NULL.
 **/
 EFI_STATUS
 …
+  }
   *AutoLogon = 0;
   return EFI_SUCCESS;
+}
 …
   Return information attached to the credential provider.
   This function returns user information.
+  This function returns user information.
   @param[in]      This          Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
   @param[in]      UserInfo      Handle of the user information data record.
+  @param[in]      UserInfo      Handle of the user information data record.
   @param[out]     Info          On entry, points to a buffer of at least *InfoSize bytes. On
                                 exit, holds the user information. If the buffer is too small
 …
                                 and InfoSize is updated to contain the number of bytes actually
                                 required.
   @param[in, out] InfoSize      On entry, points to the size of Info. On return, points to the
                                 size of the user information.
+  @param[in, out] InfoSize      On entry, points to the size of Info. On return, points to the
+                                size of the user information.
   @retval EFI_SUCCESS           Information returned successfully.
   @retval EFI_BUFFER_TOO_SMALL  The size specified by InfoSize is too small to hold all of the
                                 user information. The size required is returned in *InfoSize.
   @retval EFI_INVALID_PARAMETER Info is NULL or InfoSize is NULL.
   @retval EFI_NOT_FOUND         The specified UserInfo does not refer to a valid user info handle.
+  @retval EFI_NOT_FOUND         The specified UserInfo does not refer to a valid user info handle.
 **/
 EFI_STATUS
 …
   EFI_USER_INFO            *CredentialInfo;
   UINTN                    Index;
   if ((This == NULL) || (InfoSize == NULL) || (Info == NULL)) {
     return EFI_INVALID_PARAMETER;
 …
     return EFI_NOT_FOUND;
+  }
   //
   // Find information handle in credential info table.
 …
         return EFI_BUFFER_TOO_SMALL;
+      }
       CopyMem (Info, CredentialInfo, CredentialInfo->InfoSize);
       return EFI_SUCCESS;
+    }
+  }
+      CopyMem (Info, CredentialInfo, CredentialInfo->InfoSize);
+      return EFI_SUCCESS;
+    }
+  }
   return EFI_NOT_FOUND;
+}
 …
   information record handle, point UserInfo at a NULL. Each subsequent call will retrieve
   another user information record handle until there are no more, at which point UserInfo
   will point to NULL.
+  will point to NULL.
   @param[in]      This     Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
 …
                            to start enumeration. On exit, points to the next user information
                            handle or NULL if there is no more user information.
   @retval EFI_SUCCESS            User information returned.
   @retval EFI_NOT_FOUND          No more user information found.
   @retval EFI_INVALID_PARAMETER  UserInfo is NULL.
 **/
 EFI_STATUS
 …
   UINTN                    Index;
   UINTN                    ProvStrLen;
   if ((This == NULL) || (UserInfo == NULL)) {
     return EFI_INVALID_PARAMETER;
 …
     Info    = AllocateZeroPool (InfoLen);
     ASSERT (Info != NULL);
     Info->InfoType    = EFI_USER_INFO_CREDENTIAL_PROVIDER_RECORD;
     Info->InfoSize    = (UINT32) InfoLen;
 …
     CopyGuid (&Info->Credential, &gPwdCredentialProviderGuid);
     CopyGuid ((EFI_GUID *)(Info + 1), &gPwdCredentialProviderGuid);
     mPwdInfoHandle->Info[0] = Info;
     mPwdInfoHandle->Count++;
 …
     Info        = AllocateZeroPool (InfoLen);
     ASSERT (Info != NULL);
     Info->InfoType    = EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD;
     Info->InfoSize    = (UINT32) InfoLen;
 …
     Info    = AllocateZeroPool (InfoLen);
     ASSERT (Info != NULL);
     Info->InfoType    = EFI_USER_INFO_CREDENTIAL_TYPE_RECORD;
     Info->InfoSize    = (UINT32) InfoLen;
 …
     CopyGuid (&Info->Credential, &gPwdCredentialProviderGuid);
     CopyGuid ((EFI_GUID *)(Info + 1), &gEfiUserCredentialClassPasswordGuid);
     mPwdInfoHandle->Info[2] = Info;
     mPwdInfoHandle->Count++;
     //
     // The fourth information, Credential Provider type name info.
 …
     Info        = AllocateZeroPool (InfoLen);
     ASSERT (Info != NULL);
     Info->InfoType    = EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD;
     Info->InfoSize    = (UINT32) InfoLen;
 …
     CopyMem ((UINT8*)(Info + 1), ProvNameStr, ProvStrLen);
     FreePool (ProvNameStr);
     mPwdInfoHandle->Info[3] = Info;
     mPwdInfoHandle->Count++;
+  }
   if (*UserInfo == NULL) {
     //
 …
     return EFI_SUCCESS;
+  }
   //
   // Find information handle in credential info table.
 …
         return EFI_NOT_FOUND;
+      }
       Index++;
       *UserInfo = (EFI_USER_INFO_HANDLE)mPwdInfoHandle->Info[Index];
       return EFI_SUCCESS;
+      return EFI_SUCCESS;
+    }
+  }
 …
   Delete a user on this credential provider.
   This function deletes a user on this credential provider.
+  This function deletes a user on this credential provider.
   @param[in]     This            Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
 …
   @retval EFI_SUCCESS            User profile was successfully deleted.
   @retval EFI_ACCESS_DENIED      Current user profile does not permit deletion on the user profile handle.
                                  Either the user profile cannot delete on any user profile or cannot delete
                                  on a user profile other than the current user profile.
+  @retval EFI_ACCESS_DENIED      Current user profile does not permit deletion on the user profile handle.
+                                 Either the user profile cannot delete on any user profile or cannot delete
+                                 on a user profile other than the current user profile.
   @retval EFI_UNSUPPORTED        This credential provider does not support deletion in the pre-OS.
   @retval EFI_DEVICE_ERROR       The new credential could not be deleted because of a device error.
 …
   UINT8                     *NewUserId;
   UINTN                     Index;
   if ((This == NULL) || (User == NULL)) {
     return EFI_INVALID_PARAMETER;
 …
   //
   // Find the user by user identifier in mPwdTable.
   //
+  //
   for (Index = 0; Index < mPwdTable->Count; Index++) {
     UserId    = (UINT8 *) &mPwdTable->UserInfo[Index].UserId;
 …
     return Status;
+  }
   //
   // Init Form Browser.
 …
     return Status;
+  }
   //
   // Install protocol interfaces for the password credential provider.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProvider.h

-              r48674
+              r58466
 /** @file
   Password Credential Provider driver header file.
 Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   Enroll a user on a credential provider.
   This function enrolls a user on this credential provider. If the user exists on
   this credential provider, update the user information on this credential provider;
+  This function enrolls a user on this credential provider. If the user exists on
+  this credential provider, update the user information on this credential provider;
   otherwise delete the user information on credential provider.
   @param[in] This                Points to this instance of EFI_USER_CREDENTIAL2_PROTOCOL.
   @param[in] User                The user profile to enroll.
   @retval EFI_SUCCESS            User profile was successfully enrolled.
   @retval EFI_ACCESS_DENIED      Current user profile does not permit enrollment on the
                                  user profile handle. Either the user profile cannot enroll
                                  on any user profile or cannot enroll on a user profile
+                                 on any user profile or cannot enroll on a user profile
                                  other than the current user profile.
   @retval EFI_UNSUPPORTED        This credential provider does not support enrollment in
 …
                                  error.
   @retval EFI_INVALID_PARAMETER  User does not refer to a valid user profile handle.
 **/
 EFI_STATUS
 …
   This function returns information about the form used when interacting with the
   user during user identification. The form is the first enabled form in the form-set
   class EFI_HII_USER_CREDENTIAL_FORMSET_GUID installed on the HII handle HiiHandle. If
+  class EFI_HII_USER_CREDENTIAL_FORMSET_GUID installed on the HII handle HiiHandle. If
   the user credential provider does not require a form to identify the user, then this
   function should return EFI_NOT_FOUND.
 …
   @param[out] FormSetId  On return, holds the identifier of the form set which contains
                          the form used during user identification.
   @param[out] FormId     On return, holds the identifier of the form used during user
+  @param[out] FormId     On return, holds the identifier of the form used during user
                          identification.
   @retval EFI_SUCCESS            Form returned successfully.
   @retval EFI_NOT_FOUND          Form not returned.
   @retval EFI_INVALID_PARAMETER  Hii is NULL or FormSetId is NULL or FormId is NULL.
 **/
 EFI_STATUS
 …
   This optional function returns a bitmap which is less than or equal to the number
   of pixels specified by Width and Height. If no such bitmap exists, then EFI_NOT_FOUND
   is returned.
+  is returned.
   @param[in]      This    Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
   @param[in, out] Width   On entry, points to the desired bitmap width. If NULL then no
                           bitmap information will be returned. On exit, points to the
+  @param[in, out] Width   On entry, points to the desired bitmap width. If NULL then no
+                          bitmap information will be returned. On exit, points to the
                           width of the bitmap returned.
   @param[in, out] Height  On entry, points to the desired bitmap height. If NULL then no
                           bitmap information will be returned. On exit, points to the
+                          bitmap information will be returned. On exit, points to the
                           height of the bitmap returned
   @param[out]     Hii     On return, holds the HII database handle.
   @param[out]     Image   On return, holds the HII image identifier.
+  @param[out]     Hii     On return, holds the HII database handle.
+  @param[out]     Image   On return, holds the HII image identifier.
   @retval EFI_SUCCESS            Image identifier returned successfully.
   @retval EFI_NOT_FOUND          Image identifier not returned.
   @retval EFI_INVALID_PARAMETER  Hii is NULL or Image is NULL.
 **/
 EFI_STATUS
 …
   This function returns a string which describes the credential provider. If no
   such string exists, then EFI_NOT_FOUND is returned.
+  such string exists, then EFI_NOT_FOUND is returned.
   @param[in]  This       Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
   @param[out] Hii        On return, holds the HII database handle.
   @param[out] String     On return, holds the HII string identifier.
   @retval EFI_SUCCESS            String identifier returned successfully.
   @retval EFI_NOT_FOUND          String identifier not returned.
   @retval EFI_INVALID_PARAMETER  Hii is NULL or String is NULL.
 **/
 EFI_STATUS
 …
   This function returns the user identifier of the user authenticated by this credential
   provider. This function is called after the credential-related information has been
+  provider. This function is called after the credential-related information has been
   submitted on a form OR after a call to Default() has returned that this credential is
   ready to log on.
   @param[in]  This           Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
   @param[in]  User           The user profile handle of the user profile currently being
+  @param[in]  User           The user profile handle of the user profile currently being
                              considered by the user identity manager. If NULL, then no user
                              profile is currently under consideration.
   @param[out] Identifier     On return, points to the user identifier.
+  @param[out] Identifier     On return, points to the user identifier.
   @retval EFI_SUCCESS            User identifier returned successfully.
   @retval EFI_NOT_READY          No user identifier can be returned.
 …
   @retval EFI_NOT_FOUND          User is not NULL, and the specified user handle can't be
                                  found in user profile database
 **/
 EFI_STATUS
 …
   Indicate that user interface interaction has begun for the specified credential.
   This function is called when a credential provider is selected by the user. If
+  This function is called when a credential provider is selected by the user. If
   AutoLogon returns FALSE, then the user interface will be constructed by the User
   Identity Manager.
+  Identity Manager.
   @param[in]  This       Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
   @param[out] AutoLogon  On return, points to the credential provider's capabilities
                          after the credential provider has been selected by the user.
+  @param[out] AutoLogon  On return, points to the credential provider's capabilities
+                         after the credential provider has been selected by the user.
   @retval EFI_SUCCESS            Credential provider successfully selected.
   @retval EFI_INVALID_PARAMETER  AutoLogon is NULL.
 **/
 EFI_STATUS
 …
   @param[in] This        Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
   @retval EFI_SUCCESS    Credential provider successfully deselected.
 **/
 EFI_STATUS
 …
   Return the default logon behavior for this user credential.
   This function reports the default login behavior regarding this credential provider.
+  This function reports the default login behavior regarding this credential provider.
   @param[in]  This       Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
   @param[out] AutoLogon  On return, holds whether the credential provider should be used
                          by default to automatically log on the user.
+                         by default to automatically log on the user.
   @retval EFI_SUCCESS            Default information successfully returned.
   @retval EFI_INVALID_PARAMETER  AutoLogon is NULL.
 …
   Return information attached to the credential provider.
   This function returns user information.
+  This function returns user information.
   @param[in]      This          Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
   @param[in]      UserInfo      Handle of the user information data record.
+  @param[in]      UserInfo      Handle of the user information data record.
   @param[out]     Info          On entry, points to a buffer of at least *InfoSize bytes. On
                                 exit, holds the user information. If the buffer is too small
 …
                                 and InfoSize is updated to contain the number of bytes actually
                                 required.
   @param[in, out] InfoSize      On entry, points to the size of Info. On return, points to the
                                 size of the user information.
+  @param[in, out] InfoSize      On entry, points to the size of Info. On return, points to the
+                                size of the user information.
   @retval EFI_SUCCESS           Information returned successfully.
   @retval EFI_BUFFER_TOO_SMALL  The size specified by InfoSize is too small to hold all of the
                                 user information. The size required is returned in *InfoSize.
   @retval EFI_INVALID_PARAMETER Info is NULL or InfoSize is NULL.
   @retval EFI_NOT_FOUND         The specified UserInfo does not refer to a valid user info handle.
+  @retval EFI_NOT_FOUND         The specified UserInfo does not refer to a valid user info handle.
 **/
 EFI_STATUS
 …
   information record handle, point UserInfo at a NULL. Each subsequent call will retrieve
   another user information record handle until there are no more, at which point UserInfo
   will point to NULL.
+  will point to NULL.
   @param[in]      This     Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
 …
                            to start enumeration. On exit, points to the next user information
                            handle or NULL if there is no more user information.
   @retval EFI_SUCCESS            User information returned.
   @retval EFI_NOT_FOUND          No more user information found.
   @retval EFI_INVALID_PARAMETER  UserInfo is NULL.
 **/
 EFI_STATUS
 …
   Delete a user on this credential provider.
   This function deletes a user on this credential provider.
+  This function deletes a user on this credential provider.
   @param[in]     This            Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
 …
   @retval EFI_SUCCESS            User profile was successfully deleted.
   @retval EFI_ACCESS_DENIED      Current user profile does not permit deletion on the user profile handle.
                                  Either the user profile cannot delete on any user profile or cannot delete
                                  on a user profile other than the current user profile.
+  @retval EFI_ACCESS_DENIED      Current user profile does not permit deletion on the user profile handle.
+                                 Either the user profile cannot delete on any user profile or cannot delete
+                                 on a user profile other than the current user profile.
   @retval EFI_UNSUPPORTED        This credential provider does not support deletion in the pre-OS.
   @retval EFI_DEVICE_ERROR       The new credential could not be deleted because of a device error.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProviderData.h

-              r48674
+              r58466
 /** @file
   Data structure used by the Password Credential Provider driver.
 Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
 //
 // Key defination
 //
+//
 #define KEY_GET_PASSWORD              0x1000

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProviderDxe.inf

-              r58459
+              r58466
   UefiLib
   BaseCryptLib
 [Guids]
   gEfiUserCredentialClassPasswordGuid           ## SOMETIMES_CONSUMES          ## GUID
   ## PRODUCES             ## Variable:L"PwdCredential"
   ## CONSUMES             ## Variable:L"PwdCredential"
 …
   ## SOMETIMES_CONSUMES   ## GUID               #  The credential provider identifier
   gPwdCredentialProviderGuid
 [Protocols]
   gEfiDevicePathProtocolGuid                    ## PRODUCES
 …
   gEfiUserCredential2ProtocolGuid               ## PRODUCES
   gEfiUserManagerProtocolGuid                   ## SOMETIMES_CONSUMES
 [UserExtensions.TianoCore."ExtraFiles"]
   PwdCredentialProviderExtra.uni

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProviderStrings.uni

Property svn:mime-type changed from application/octet-stream to text/plain;encoding=UTF-16LE

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProviderVfr.Vfr

Property svn:eol-style set to native

-              r58459
+              r58466
 Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
 #include "PwdCredentialProviderData.h"
 formset
+formset
   guid      = PWD_CREDENTIAL_PROVIDER_GUID,
   title     = STRING_TOKEN(STR_CREDENTIAL_TITLE),
   help      = STRING_TOKEN(STR_NULL_STRING),
+  title     = STRING_TOKEN(STR_CREDENTIAL_TITLE),
+  help      = STRING_TOKEN(STR_NULL_STRING),
   classguid = PWD_CREDENTIAL_PROVIDER_GUID,
   form formid = FORMID_GET_PASSWORD_FORM,
+  form formid = FORMID_GET_PASSWORD_FORM,
     title = STRING_TOKEN(STR_FORM_TITLE);
     text
       help   = STRING_TOKEN(STR_NULL_STRING),
+    text
+      help   = STRING_TOKEN(STR_NULL_STRING),
       text   = STRING_TOKEN(STR_INPUT_PASSWORD),
       flags  = INTERACTIVE,
 …
   endform;
 endformset;

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProvider.c

-              r58459
+              r58466
 /** @file
   Usb Credential Provider driver implemenetation.
 Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
                Count * sizeof (USB_INFO)
                );
   ASSERT (NewTable != NULL);
+  ASSERT (NewTable != NULL);
   NewTable->MaxCount = Count;
 …
   //
   CopyMem (
     &NewTable->UserInfo,
     &mUsbTable->UserInfo,
+    &NewTable->UserInfo,
+    &mUsbTable->UserInfo,
     mUsbTable->Count * sizeof (USB_INFO)
     );
 …
   @param[in]  Index     The index of the password in table. If index is found in
                         table, update the info, else add the into to table.
   @param[in]  Info      The new credential info to add into table. If Info is NULL,
+                        table, update the info, else add the into to table.
+  @param[in]  Info      The new credential info to add into table. If Info is NULL,
                         delete the info by Index.
 …
   EFI_STATUS  Status;
   USB_INFO    *NewUsbInfo;
   NewUsbInfo = NULL;
   if (Index < mUsbTable->Count) {
 …
       if (Index != mUsbTable->Count) {
         NewUsbInfo = &mUsbTable->UserInfo[mUsbTable->Count];
+      }
+      }
     } else {
       //
 …
   Var     = NULL;
   Status  = gRT->GetVariable (
                    L"UsbCredential",
                    &gUsbCredentialProviderGuid,
                    NULL,
+                   L"UsbCredential",
+                   &gUsbCredentialProviderGuid,
+                   NULL,
                    &VarSize,
                    Var
 …
+    }
     Status = gRT->GetVariable (
                     L"UsbCredential",
                     &gUsbCredentialProviderGuid,
                     NULL,
+                    L"UsbCredential",
+                    &gUsbCredentialProviderGuid,
+                    NULL,
                     &VarSize,
                     Var
 …
     return Status;
+  }
   //
   // Init Usb credential table.
 …
   mUsbTable = AllocateZeroPool (
                 sizeof (CREDENTIAL_TABLE) - sizeof (USB_INFO) +
                 USB_TABLE_INC * sizeof (USB_INFO) +
+                USB_TABLE_INC * sizeof (USB_INFO) +
                 VarSize
                 );
 …
         continue;
+      }
       Status = SimpleFileSystem->OpenVolume (
                                    SimpleFileSystem,
 …
         continue;
+      }
       Status = RootFs->Open (
                          RootFs,
 …
       if (!EFI_ERROR (Status)) {
         break;
+      }
+      }
+    }
+  }
 …
     goto Done;
+  }
   //
   // Figure out how big the file is.
 …
+  }
   FileInfo = AllocateZeroPool (ScratchBufferSize);
+  FileInfo = AllocateZeroPool (ScratchBufferSize);
   if (FileInfo == NULL) {
     DEBUG ((DEBUG_ERROR, "Can not allocate enough memory for the token file!\n"));
 …
     goto Done;
+  }
   //
   // Allocate a buffer for the file.
   //
   *BufferSize = (UINT32) FileInfo->FileSize;
   *Buffer     = AllocateZeroPool (*BufferSize);
+  *Buffer     = AllocateZeroPool (*BufferSize);
   if (*Buffer == NULL) {
     DEBUG ((DEBUG_ERROR, "Can not allocate a buffer for the file!\n"));
 …
     goto Done;
+  }
   //
   // Load file into the allocated memory.
 …
     goto Done;
+  }
   //
   // Close file.
 …
   Hash the data to get credential.
   @param[in]   Buffer         Points to the data buffer
+  @param[in]   Buffer         Points to the data buffer
   @param[in]   BufferSize     The size of data in buffer, in bytes.
   @param[out]  Credential     Points to the hashed result
 …
   @retval      TRUE           Hash the data successfully.
   @retval      FALSE          Failed to hash the data.
 **/
 BOOLEAN
 …
   UINTN             HashSize;
   VOID              *Hash;
   HashSize = Sha1GetContextSize ();
   Hash     = AllocatePool (HashSize);
   ASSERT (Hash != NULL);
   Status = Sha1Init (Hash);
   if (!Status) {
     goto Done;
+  }
   Status = Sha1Update (Hash, Buffer, BufferSize);
   if (!Status) {
     goto Done;
+  }
   Status = Sha1Final (Hash, Credential);
 Done:
   FreePool (Hash);
 …
   @retval EFI_SUCCESS           Read a Token successfully.
   @retval Others                Fails to read a Token.
 **/
 EFI_STATUS
 …
     return Status;
+  }
   if (!GenerateCredential (Buffer, BufSize, Token)) {
     DEBUG ((DEBUG_ERROR, "Generate credential from read data failed!\n"));
 …
     return EFI_SECURITY_VIOLATION;
+  }
   FreePool (Buffer);
+  FreePool (Buffer);
   return EFI_SUCCESS;
+}
 …
   Find a user infomation record by the information record type.
   This function searches all user information records of User from beginning
+  This function searches all user information records of User from beginning
   until either the information is found or there are no more user infomation
   record. A match occurs when a Info.InfoType field matches the user information
   record type.
   @param[in]     User      Points to the user profile record to search.
+  @param[in]     User      Points to the user profile record to search.
   @param[in]     InfoType  The infomation type to be searched.
   @param[out]    Info      Points to the user info found, the caller is responsible
                            to free.
   @retval EFI_SUCCESS      Find the user information successfully.
   @retval Others           Fail to find the user information.
 …
   EFI_USER_INFO_HANDLE       UserInfoHandle;
   EFI_USER_MANAGER_PROTOCOL  *UserManager;
   //
   // Find user information by information type.
 …
       *Info = UserInfo;
       return EFI_SUCCESS;
+    }
+    }
+  }
 …
+{
   USB_PROVIDER_CALLBACK_INFO  *CallbackInfo;
   //
   // Initialize driver private data.
 …
     return EFI_OUT_OF_RESOURCES;
+  }
   CallbackInfo->DriverHandle  = NULL;
 …
   Enroll a user on a credential provider.
   This function enrolls a user on this credential provider. If the user exists on
   this credential provider, update the user information on this credential provider;
+  This function enrolls a user on this credential provider. If the user exists on
+  this credential provider, update the user information on this credential provider;
   otherwise add the user information on credential provider.
   @param[in] This                Points to this instance of EFI_USER_CREDENTIAL2_PROTOCOL.
   @param[in] User                The user profile to enroll.
   @retval EFI_SUCCESS            User profile was successfully enrolled.
   @retval EFI_ACCESS_DENIED      Current user profile does not permit enrollment on the
                                  user profile handle. Either the user profile cannot enroll
                                  on any user profile or cannot enroll on a user profile
+                                 on any user profile or cannot enroll on a user profile
                                  other than the current user profile.
   @retval EFI_UNSUPPORTED        This credential provider does not support enrollment in
 …
                                  error.
   @retval EFI_INVALID_PARAMETER  User does not refer to a valid user profile handle.
 **/
 EFI_STATUS
 …
     return EFI_INVALID_PARAMETER;
+  }
   //
   // Get User Identifier
 …
+  }
   CopyMem (UsbInfo.UserId, (UINT8 *) (UserInfo + 1), sizeof (EFI_USER_INFO_IDENTIFIER));
+  CopyMem (UsbInfo.UserId, (UINT8 *) (UserInfo + 1), sizeof (EFI_USER_INFO_IDENTIFIER));
   FreePool (UserInfo);
   //
   // Get Token and User ID to UsbInfo.
 …
   if (EFI_ERROR (Status)) {
     QuestionStr = GetStringById (STRING_TOKEN (STR_READ_USB_TOKEN_ERROR));
     PromptStr   = GetStringById (STRING_TOKEN (STR_INSERT_USB_TOKEN));
+    PromptStr   = GetStringById (STRING_TOKEN (STR_INSERT_USB_TOKEN));
     CreatePopUp (
       EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
 …
     FreePool (PromptStr);
     return Status;
+  }
+  }
   //
   // Check whether User is ever enrolled in the provider.
   //
+  //
   for (Index = 0; Index < mUsbTable->Count; Index++) {
     UserId = (UINT8 *) &mUsbTable->UserInfo[Index].UserId;
 …
       //
       // User already exists, update the password.
       //
+      //
       break;
+    }
+  }
   //
   // Enroll the User to the provider.
 …
   This function returns information about the form used when interacting with the
   user during user identification. The form is the first enabled form in the form-set
   class EFI_HII_USER_CREDENTIAL_FORMSET_GUID installed on the HII handle HiiHandle. If
+  class EFI_HII_USER_CREDENTIAL_FORMSET_GUID installed on the HII handle HiiHandle. If
   the user credential provider does not require a form to identify the user, then this
   function should return EFI_NOT_FOUND.
 …
   @param[out] FormSetId  On return, holds the identifier of the form set which contains
                          the form used during user identification.
   @param[out] FormId     On return, holds the identifier of the form used during user
+  @param[out] FormId     On return, holds the identifier of the form used during user
                          identification.
   @retval EFI_SUCCESS            Form returned successfully.
   @retval EFI_NOT_FOUND          Form not returned.
   @retval EFI_INVALID_PARAMETER  Hii is NULL or FormSetId is NULL or FormId is NULL.
 **/
 EFI_STATUS
 …
+  )
+{
   if ((This == NULL) || (Hii == NULL) ||
+  if ((This == NULL) || (Hii == NULL) ||
       (FormSetId == NULL) || (FormId == NULL)) {
     return EFI_INVALID_PARAMETER;
 …
   This optional function returns a bitmap which is less than or equal to the number
   of pixels specified by Width and Height. If no such bitmap exists, then EFI_NOT_FOUND
   is returned.
+  is returned.
   @param[in]     This    Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
   @param[in, out] Width  On entry, points to the desired bitmap width. If NULL then no
                          bitmap information will be returned. On exit, points to the
+  @param[in, out] Width  On entry, points to the desired bitmap width. If NULL then no
+                         bitmap information will be returned. On exit, points to the
                          width of the bitmap returned.
   @param[in, out] Height On entry, points to the desired bitmap height. If NULL then no
                          bitmap information will be returned. On exit, points to the
+                         bitmap information will be returned. On exit, points to the
                          height of the bitmap returned.
   @param[out]    Hii     On return, holds the HII database handle.
   @param[out]    Image   On return, holds the HII image identifier.
+  @param[out]    Hii     On return, holds the HII database handle.
+  @param[out]    Image   On return, holds the HII image identifier.
   @retval EFI_SUCCESS            Image identifier returned successfully.
   @retval EFI_NOT_FOUND          Image identifier not returned.
   @retval EFI_INVALID_PARAMETER  Hii is NULL or Image is NULL.
 **/
 EFI_STATUS
 …
   This function returns a string which describes the credential provider. If no
   such string exists, then EFI_NOT_FOUND is returned.
+  such string exists, then EFI_NOT_FOUND is returned.
   @param[in]  This       Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
   @param[out] Hii        On return, holds the HII database handle.
   @param[out] String     On return, holds the HII string identifier.
   @retval EFI_SUCCESS            String identifier returned successfully.
   @retval EFI_NOT_FOUND          String identifier not returned.
   @retval EFI_INVALID_PARAMETER  Hii is NULL or String is NULL.
 **/
 EFI_STATUS
 …
   This function returns the user identifier of the user authenticated by this credential
   provider. This function is called after the credential-related information has been
+  provider. This function is called after the credential-related information has been
   submitted on a form OR after a call to Default() has returned that this credential is
   ready to log on.
   @param[in]  This           Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
   @param[in]  User           The user profile handle of the user profile currently being
+  @param[in]  User           The user profile handle of the user profile currently being
                              considered by the user identity manager. If NULL, then no user
                              profile is currently under consideration.
   @param[out] Identifier     On return, points to the user identifier.
+  @param[out] Identifier     On return, points to the user identifier.
   @retval EFI_SUCCESS            User identifier returned successfully.
   @retval EFI_NOT_READY          No user identifier can be returned.
 …
   @retval EFI_NOT_FOUND          User is not NULL, and the specified user handle can't be
                                  found in user profile database.
 **/
 EFI_STATUS
 …
   UINT8         *UserId;
   UINT8         *NewUserId;
   UINT8         *UserToken;
+  UINT8         *UserToken;
   UINT8         ReadToken[HASHED_CREDENTIAL_LEN];
   EFI_INPUT_KEY Key;
   CHAR16        *QuestionStr;
   CHAR16        *PromptStr;
   if ((This == NULL) || (Identifier == NULL)) {
     return EFI_INVALID_PARAMETER;
+  }
   if (User == NULL) {
     //
 …
       return EFI_NOT_READY;
+    }
     //
     // No user selected, get token first and verify the user existed in user database.
 …
       return EFI_NOT_READY;
+    }
     for (Index = 0; Index < mUsbTable->Count; Index++) {
       //
 …
+    }
     return EFI_NOT_READY;
+  }
   //
   // User is not NULL here. Read a token, and check whether the token matches with
   // the selected user's Token. If not, try to find a token in token DB to matches
+    return EFI_NOT_READY;
+  }
+  //
+  // User is not NULL here. Read a token, and check whether the token matches with
+  // the selected user's Token. If not, try to find a token in token DB to matches
   // with read token.
   //
+  //
   Status = GetToken (ReadToken);
   if (EFI_ERROR (Status)) {
 …
   if (EFI_ERROR (Status)) {
     return EFI_NOT_FOUND;
+  }
+  }
   //
   // Check the selected user's Token with the read token.
 …
         FreePool (UserInfo);
         return EFI_SUCCESS;
+      }
+    }
+  }
   FreePool (UserInfo);
+      }
+    }
+  }
+  FreePool (UserInfo);
   return EFI_NOT_READY;
+}
 …
   Indicate that user interface interaction has begun for the specified credential.
   This function is called when a credential provider is selected by the user. If
+  This function is called when a credential provider is selected by the user. If
   AutoLogon returns FALSE, then the user interface will be constructed by the User
   Identity Manager.
+  Identity Manager.
   @param[in]  This       Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
   @param[out] AutoLogon  On return, points to the credential provider's capabilities
                          after the credential provider has been selected by the user.
+  @param[out] AutoLogon  On return, points to the credential provider's capabilities
+                         after the credential provider has been selected by the user.
   @retval EFI_SUCCESS            Credential provider successfully selected.
   @retval EFI_INVALID_PARAMETER  AutoLogon is NULL.
 **/
 EFI_STATUS
 …
   @param[in] This        Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
   @retval EFI_SUCCESS    Credential provider successfully deselected.
 **/
 EFI_STATUS
 …
   Return the default logon behavior for this user credential.
   This function reports the default login behavior regarding this credential provider.
+  This function reports the default login behavior regarding this credential provider.
   @param[in]  This       Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
   @param[out] AutoLogon  On return, holds whether the credential provider should be used
                          by default to automatically log on the user.
+                         by default to automatically log on the user.
   @retval EFI_SUCCESS            Default information successfully returned.
   @retval EFI_INVALID_PARAMETER  AutoLogon is NULL.
 **/
 EFI_STATUS
 …
   Return information attached to the credential provider.
   This function returns user information.
+  This function returns user information.
   @param[in]      This          Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
   @param[in]      UserInfo      Handle of the user information data record.
+  @param[in]      UserInfo      Handle of the user information data record.
   @param[out]     Info          On entry, points to a buffer of at least *InfoSize bytes. On
                                 exit, holds the user information. If the buffer is too small
 …
                                 and InfoSize is updated to contain the number of bytes actually
                                 required.
   @param[in, out] InfoSize      On entry, points to the size of Info. On return, points to the
                                 size of the user information.
+  @param[in, out] InfoSize      On entry, points to the size of Info. On return, points to the
+                                size of the user information.
   @retval EFI_SUCCESS           Information returned successfully.
   @retval EFI_BUFFER_TOO_SMALL  The size specified by InfoSize is too small to hold all of the
                                 user information. The size required is returned in *InfoSize.
   @retval EFI_INVALID_PARAMETER Info is NULL or InfoSize is NULL.
   @retval EFI_NOT_FOUND         The specified UserInfo does not refer to a valid user info handle.
+  @retval EFI_NOT_FOUND         The specified UserInfo does not refer to a valid user info handle.
 **/
 EFI_STATUS
 …
   EFI_USER_INFO            *CredentialInfo;
   UINTN                    Index;
   if ((This == NULL) || (InfoSize == NULL) || (Info == NULL)) {
     return EFI_INVALID_PARAMETER;
 …
     return EFI_NOT_FOUND;
+  }
   //
   // Find information handle in credential info table.
 …
         return EFI_BUFFER_TOO_SMALL;
+      }
       CopyMem (Info, CredentialInfo, CredentialInfo->InfoSize);
       return EFI_SUCCESS;
+    }
+  }
+      CopyMem (Info, CredentialInfo, CredentialInfo->InfoSize);
+      return EFI_SUCCESS;
+    }
+  }
   return EFI_NOT_FOUND;
+}
 …
   information record handle, point UserInfo at a NULL. Each subsequent call will retrieve
   another user information record handle until there are no more, at which point UserInfo
   will point to NULL.
+  will point to NULL.
   @param[in]      This     Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
 …
                            to start enumeration. On exit, points to the next user information
                            handle or NULL if there is no more user information.
   @retval EFI_SUCCESS            User information returned.
   @retval EFI_NOT_FOUND          No more user information found.
   @retval EFI_INVALID_PARAMETER  UserInfo is NULL.
 **/
 EFI_STATUS
 …
   UINTN                    Index;
   UINTN                    ProvStrLen;
   if ((This == NULL) || (UserInfo == NULL)) {
     return EFI_INVALID_PARAMETER;
 …
     Info    = AllocateZeroPool (InfoLen);
     ASSERT (Info != NULL);
     Info->InfoType    = EFI_USER_INFO_CREDENTIAL_PROVIDER_RECORD;
     Info->InfoSize    = (UINT32) InfoLen;
 …
     CopyGuid (&Info->Credential, &gUsbCredentialProviderGuid);
     CopyGuid ((EFI_GUID *)(Info + 1), &gUsbCredentialProviderGuid);
     mUsbInfoHandle->Info[0] = Info;
     mUsbInfoHandle->Count++;
 …
     Info        = AllocateZeroPool (InfoLen);
     ASSERT (Info != NULL);
     Info->InfoType    = EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD;
     Info->InfoSize    = (UINT32) InfoLen;
 …
     CopyMem ((UINT8*)(Info + 1), ProvNameStr, ProvStrLen);
     FreePool (ProvNameStr);
     mUsbInfoHandle->Info[1] = Info;
     mUsbInfoHandle->Count++;
 …
     Info    = AllocateZeroPool (InfoLen);
     ASSERT (Info != NULL);
     Info->InfoType    = EFI_USER_INFO_CREDENTIAL_TYPE_RECORD;
     Info->InfoSize    = (UINT32) InfoLen;
 …
     CopyGuid (&Info->Credential, &gUsbCredentialProviderGuid);
     CopyGuid ((EFI_GUID *)(Info + 1), &gEfiUserCredentialClassSecureCardGuid);
     mUsbInfoHandle->Info[2] = Info;
     mUsbInfoHandle->Count++;
     //
     // The fourth information, Credential Provider type name info.
 …
     Info        = AllocateZeroPool (InfoLen);
     ASSERT (Info != NULL);
     Info->InfoType    = EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD;
     Info->InfoSize    = (UINT32) InfoLen;
 …
     CopyMem ((UINT8*)(Info + 1), ProvNameStr, ProvStrLen);
     FreePool (ProvNameStr);
     mUsbInfoHandle->Info[3] = Info;
     mUsbInfoHandle->Count++;
+  }
   if (*UserInfo == NULL) {
     //
 …
     return EFI_SUCCESS;
+  }
   //
   // Find information handle in credential info table.
 …
       Index++;
       *UserInfo = (EFI_USER_INFO_HANDLE)mUsbInfoHandle->Info[Index];
       return EFI_SUCCESS;
+      return EFI_SUCCESS;
+    }
+  }
 …
   Delete a user on this credential provider.
   This function deletes a user on this credential provider.
+  This function deletes a user on this credential provider.
   @param[in]     This            Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
 …
   @retval EFI_SUCCESS            User profile was successfully deleted.
   @retval EFI_ACCESS_DENIED      Current user profile does not permit deletion on the user profile handle.
                                  Either the user profile cannot delete on any user profile or cannot delete
                                  on a user profile other than the current user profile.
+  @retval EFI_ACCESS_DENIED      Current user profile does not permit deletion on the user profile handle.
+                                 Either the user profile cannot delete on any user profile or cannot delete
+                                 on a user profile other than the current user profile.
   @retval EFI_UNSUPPORTED        This credential provider does not support deletion in the pre-OS.
   @retval EFI_DEVICE_ERROR       The new credential could not be deleted because of a device error.
 …
   UINT8                     *NewUserId;
   UINTN                     Index;
   if ((This == NULL) || (User == NULL)) {
     return EFI_INVALID_PARAMETER;
 …
   //
   // Find the user by user identifier in mPwdTable.
   //
+  //
   for (Index = 0; Index < mUsbTable->Count; Index++) {
     UserId    = (UINT8 *) &mUsbTable->UserInfo[Index].UserId;
 …
     return Status;
+  }
   //
   // Init Form Browser
 …
     return Status;
+  }
   //
   // Install protocol interfaces for the Usb Credential Provider.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProvider.h

-              r48674
+              r58466
 /** @file
   Usb Credential Provider driver header file.
 Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   Enroll a user on a credential provider.
   This function enrolls and deletes a user profile using this credential provider.
   If a user profile is successfully enrolled, it calls the User Manager Protocol
   function Notify() to notify the user manager driver that credential information
   has changed. If an enrolled user does exist, delete the user on the credential
+  This function enrolls and deletes a user profile using this credential provider.
+  If a user profile is successfully enrolled, it calls the User Manager Protocol
+  function Notify() to notify the user manager driver that credential information
+  has changed. If an enrolled user does exist, delete the user on the credential
   provider.
   @param[in] This                Points to this instance of EFI_USER_CREDENTIAL2_PROTOCOL.
   @param[in] User                The user profile to enroll.
   @retval EFI_SUCCESS            User profile was successfully enrolled.
   @retval EFI_ACCESS_DENIED      Current user profile does not permit enrollment on the
                                  user profile handle. Either the user profile cannot enroll
                                  on any user profile or cannot enroll on a user profile
+                                 on any user profile or cannot enroll on a user profile
                                  other than the current user profile.
   @retval EFI_UNSUPPORTED        This credential provider does not support enrollment in
 …
                                  error.
   @retval EFI_INVALID_PARAMETER  User does not refer to a valid user profile handle.
 **/
 EFI_STATUS
 …
   Returns the user interface information used during user identification.
   This function enrolls a user on this credential provider. If the user exists on
   this credential provider, update the user information on this credential provider;
+  This function enrolls a user on this credential provider. If the user exists on
+  this credential provider, update the user information on this credential provider;
   otherwise delete the user information on credential provider.
 …
   @param[out] FormSetId  On return, holds the identifier of the form set which contains
                          the form used during user identification.
   @param[out] FormId     On return, holds the identifier of the form used during user
+  @param[out] FormId     On return, holds the identifier of the form used during user
                          identification.
   @retval EFI_SUCCESS            Form returned successfully.
   @retval EFI_NOT_FOUND          Form not returned.
   @retval EFI_INVALID_PARAMETER  Hii is NULL or FormSetId is NULL or FormId is NULL.
 **/
 EFI_STATUS
 …
   This optional function returns a bitmap which is less than or equal to the number
   of pixels specified by Width and Height. If no such bitmap exists, then EFI_NOT_FOUND
   is returned.
+  is returned.
   @param[in]     This    Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
   @param[in, out] Width  On entry, points to the desired bitmap width. If NULL then no
                          bitmap information will be returned. On exit, points to the
+  @param[in, out] Width  On entry, points to the desired bitmap width. If NULL then no
+                         bitmap information will be returned. On exit, points to the
                          width of the bitmap returned.
   @param[in, out] Height On entry, points to the desired bitmap height. If NULL then no
                          bitmap information will be returned. On exit, points to the
+                         bitmap information will be returned. On exit, points to the
                          height of the bitmap returned.
   @param[out]    Hii     On return, holds the HII database handle.
   @param[out]    Image   On return, holds the HII image identifier.
+  @param[out]    Hii     On return, holds the HII database handle.
+  @param[out]    Image   On return, holds the HII image identifier.
   @retval EFI_SUCCESS            Image identifier returned successfully.
   @retval EFI_NOT_FOUND          Image identifier not returned.
   @retval EFI_INVALID_PARAMETER  Hii is NULL or Image is NULL.
 **/
 EFI_STATUS
 …
   This function returns a string which describes the credential provider. If no
   such string exists, then EFI_NOT_FOUND is returned.
+  such string exists, then EFI_NOT_FOUND is returned.
   @param[in]  This       Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
   @param[out] Hii        On return, holds the HII database handle.
   @param[out] String     On return, holds the HII string identifier.
   @retval EFI_SUCCESS            String identifier returned successfully.
   @retval EFI_NOT_FOUND          String identifier not returned.
   @retval EFI_INVALID_PARAMETER  Hii is NULL or String is NULL.
 **/
 EFI_STATUS
 …
   This function returns the user identifier of the user authenticated by this credential
   provider. This function is called after the credential-related information has been
+  provider. This function is called after the credential-related information has been
   submitted on a form OR after a call to Default() has returned that this credential is
   ready to log on.
   @param[in]  This           Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
   @param[in]  User           The user profile handle of the user profile currently being
+  @param[in]  User           The user profile handle of the user profile currently being
                              considered by the user identity manager. If NULL, then no user
                              profile is currently under consideration.
   @param[out] Identifier     On return, points to the user identifier.
+  @param[out] Identifier     On return, points to the user identifier.
   @retval EFI_SUCCESS        User identifier returned successfully.
   @retval EFI_NOT_READY      No user identifier can be returned.
 …
   @retval EFI_NOT_FOUND          User is not NULL, and the specified user handle can't be
                                  found in user profile database.
 **/
 EFI_STATUS
 …
   Indicate that user interface interaction has begun for the specified credential.
   This function is called when a credential provider is selected by the user. If
+  This function is called when a credential provider is selected by the user. If
   AutoLogon returns FALSE, then the user interface will be constructed by the User
   Identity Manager.
+  Identity Manager.
   @param[in]  This       Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
   @param[out] AutoLogon  On return, points to the credential provider's capabilities
                          after the credential provider has been selected by the user.
+  @param[out] AutoLogon  On return, points to the credential provider's capabilities
+                         after the credential provider has been selected by the user.
   @retval EFI_SUCCESS            Credential provider successfully selected.
   @retval EFI_INVALID_PARAMETER  AutoLogon is NULL.
 **/
 EFI_STATUS
 …
   @param[in] This        Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
   @retval EFI_SUCCESS    Credential provider successfully deselected.
 **/
 EFI_STATUS
 …
   Return the default logon behavior for this user credential.
   This function reports the default login behavior regarding this credential provider.
+  This function reports the default login behavior regarding this credential provider.
   @param[in]  This       Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
   @param[out] AutoLogon  On return, holds whether the credential provider should be used
                          by default to automatically log on the user.
+                         by default to automatically log on the user.
   @retval EFI_SUCCESS            Default information successfully returned.
   @retval EFI_INVALID_PARAMETER  AutoLogon is NULL.
 …
   Return information attached to the credential provider.
   This function returns user information.
+  This function returns user information.
   @param[in]      This          Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
   @param[in]      UserInfo      Handle of the user information data record.
+  @param[in]      UserInfo      Handle of the user information data record.
   @param[out]     Info          On entry, points to a buffer of at least *InfoSize bytes. On
                                 exit, holds the user information. If the buffer is too small
 …
                                 and InfoSize is updated to contain the number of bytes actually
                                 required.
   @param[in, out] InfoSize      On entry, points to the size of Info. On return, points to the
                                 size of the user information.
+  @param[in, out] InfoSize      On entry, points to the size of Info. On return, points to the
+                                size of the user information.
   @retval EFI_SUCCESS           Information returned successfully.
   @retval EFI_BUFFER_TOO_SMALL  The size specified by InfoSize is too small to hold all of the
                                 user information. The size required is returned in *InfoSize.
   @retval EFI_INVALID_PARAMETER Info is NULL or InfoSize is NULL.
   @retval EFI_NOT_FOUND         The specified UserInfo does not refer to a valid user info handle.
+  @retval EFI_NOT_FOUND         The specified UserInfo does not refer to a valid user info handle.
 **/
 EFI_STATUS
 …
   information record handle, point UserInfo at a NULL. Each subsequent call will retrieve
   another user information record handle until there are no more, at which point UserInfo
   will point to NULL.
+  will point to NULL.
   @param[in]      This     Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
 …
                            to start enumeration. On exit, points to the next user information
                            handle or NULL if there is no more user information.
   @retval EFI_SUCCESS            User information returned.
   @retval EFI_NOT_FOUND          No more user information found.
   @retval EFI_INVALID_PARAMETER  UserInfo is NULL.
 **/
 EFI_STATUS
 …
   Delete a user on this credential provider.
   This function deletes a user on this credential provider.
+  This function deletes a user on this credential provider.
   @param[in]     This            Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
 …
   @retval EFI_SUCCESS            User profile was successfully deleted.
   @retval EFI_ACCESS_DENIED      Current user profile does not permit deletion on the user profile handle.
                                  Either the user profile cannot delete on any user profile or cannot delete
                                  on a user profile other than the current user profile.
+  @retval EFI_ACCESS_DENIED      Current user profile does not permit deletion on the user profile handle.
+                                 Either the user profile cannot delete on any user profile or cannot delete
+                                 on a user profile other than the current user profile.
   @retval EFI_UNSUPPORTED        This credential provider does not support deletion in the pre-OS.
   @retval EFI_DEVICE_ERROR       The new credential could not be deleted because of a device error.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProviderDxe.inf

-              r58459
+              r58466
 #  Provides a USB credential provider implementation
+#
 #  This module reads a token from a token file that is saved in the root
+#  This module reads a token from a token file that is saved in the root
 #  folder of a USB stick. The token file name can be specified by the PCD
 #  PcdFixedUsbCredentialProviderTokenFileName.
 …
   UefiLib
   BaseCryptLib
 [Guids]
   ## PRODUCES             ## Variable:L"UsbCredential"
 …
   ## SOMETIMES_CONSUMES   ## GUID               # The credential provider identifier
   gUsbCredentialProviderGuid
   gEfiFileInfoGuid                              ## SOMETIMES_CONSUMES         ## GUID
   gEfiUserCredentialClassSecureCardGuid         ## SOMETIMES_CONSUMES         ## GUID
 [Pcd]
   gEfiSecurityPkgTokenSpaceGuid.PcdFixedUsbCredentialProviderTokenFileName    ## SOMETIMES_CONSUMES
+  gEfiSecurityPkgTokenSpaceGuid.PcdFixedUsbCredentialProviderTokenFileName    ## SOMETIMES_CONSUMES
 [Protocols]
 …
   gEfiBlockIoProtocolGuid                       ## SOMETIMES_CONSUMES
   gEfiSimpleFileSystemProtocolGuid              ## SOMETIMES_CONSUMES
 [UserExtensions.TianoCore."ExtraFiles"]
   UsbCredentialProviderExtra.uni

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProviderStrings.uni

Property svn:mime-type changed from application/octet-stream to text/plain;encoding=UTF-16LE

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/LoadDeferredImage.c

-              r48674
+              r58466
 /** @file
   Load the deferred images after user is identified.
 Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   EFI_DEVICE_PATH_PROTOCOL           *ImageDevicePath;
   VOID                               *DriverImage;
   UINTN                              ImageSize;
+  UINTN                              ImageSize;
   BOOLEAN                            BootOption;
   EFI_HANDLE                         ImageHandle;
 …
       //
       Status = DeferredImage->GetImageInfo(
                                 DeferredImage,
                                 DriverIndex,
                                 &ImageDevicePath,
+                                DeferredImage,
+                                DriverIndex,
+                                &ImageDevicePath,
                                 (VOID **) &DriverImage,
                                 &ImageSize,
+                                &ImageSize,
                                 &BootOption
                                 );
       if (EFI_ERROR (Status)) {
         break;
+      }
+      }
       //
 …
         gBS->SetWatchdogTimer (5 * 60, 0x0000, 0x00, NULL);
         Status = gBS->StartImage (ImageHandle, &ExitDataSize, &ExitData);
         //
         // Clear the Watchdog Timer after the image returns.
 …
     } while (TRUE);
+  }
   FreePool (HandleBuf);
+  FreePool (HandleBuf);
+}
 …
   mDeferredImageHandle = ImageHandle;
   Status = gBS->CreateEventEx (
                   EVT_NOTIFY_SIGNAL,

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManager.c

-              r58459
+              r58466
 /** @file
   This driver manages user information and produces user manager protocol.
 Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   Find the specified user in the user database.
   This function searches the specified user from the beginning of the user database.
   And if NextUser is TRUE, return the next User in the user database.
   @param[in, out] User         On entry, points to the user profile entry to search.
+  This function searches the specified user from the beginning of the user database.
+  And if NextUser is TRUE, return the next User in the user database.
+  @param[in, out] User         On entry, points to the user profile entry to search.
                                On return, points to the user profile entry or NULL if not found.
   @param[in]      NextUser     If FALSE, find the user in user profile database specifyed by User
                                If TRUE, find the next user in user profile database specifyed
                                by User.
   @param[out]     ProfileIndex A pointer to the index of user profile database that matches the
+                               If TRUE, find the next user in user profile database specifyed
+                               by User.
+  @param[out]     ProfileIndex A pointer to the index of user profile database that matches the
                                user specifyed by User.
   @retval EFI_NOT_FOUND        User was NULL, or User was not found, or the next user was not found.
   @retval EFI_SUCCESS          User or the next user are found in user profile database
 **/
 EFI_STATUS
 …
     return EFI_NOT_FOUND;
+  }
   //
   // Check whether the user profile is in the user profile database.
 …
   Find the specified user information record in the specified User profile.
   This function searches the specified user information record from the beginning of the user
   profile. And if NextInfo is TRUE, return the next info in the user profile.
   @param[in]      User     Points to the user profile entry.
+  This function searches the specified user information record from the beginning of the user
+  profile. And if NextInfo is TRUE, return the next info in the user profile.
+  @param[in]      User     Points to the user profile entry.
   @param[in, out] Info     On entry, points to the user information record or NULL to start
                            searching with the first user information record.
                            On return, points to the user information record or NULL if not found.
+                           On return, points to the user information record or NULL if not found.
   @param[in]      NextInfo If FALSE, find the user information record in profile specifyed by User.
                            If TRUE, find the next user information record in profile specifyed
                            by User.
+                           If TRUE, find the next user information record in profile specifyed
+                           by User.
   @param[out]     Offset   A pointer to the offset of the information record in the user profile.
 …
   @retval EFI_NOT_FOUND         Info was not found, or the next Info was not found.
   @retval EFI_SUCCESS           Info or the next info are found in user profile.
 **/
 EFI_STATUS
 …
     return EFI_INVALID_PARAMETER;
+  }
   //
   // Check user profile entry
 …
     InfoLen += ALIGN_VARIABLE (UserInfo->InfoSize);
+  }
   //
   // Check whether to find the next user information.
 …
   Find a user infomation record by the information record type.
   This function searches all user information records of User. The search starts with the
   user information record following Info and continues until either the information is found
+  This function searches all user information records of User. The search starts with the
+  user information record following Info and continues until either the information is found
   or there are no more user infomation record.
   A match occurs when a Info.InfoType field matches the user information record type.
   @param[in]      User     Points to the user profile record to search.
+  @param[in]      User     Points to the user profile record to search.
   @param[in, out] Info     On entry, points to the user information record or NULL to start
                            searching with the first user information record.
 …
   @retval EFI_SUCCESS           User information was found. Info points to the user information record.
   @retval EFI_NOT_FOUND         User information was not found.
+  @retval EFI_NOT_FOUND         User information was not found.
   @retval EFI_INVALID_PARAMETER User is NULL or Info is NULL.
 **/
 EFI_STATUS
 …
     return EFI_INVALID_PARAMETER;
+  }
   //
   // Check whether the user has the specified user information.
 …
     return EFI_NOT_FOUND;
+  }
   while (InfoLen < User->UserProfileSize) {
     UserInfo = (EFI_USER_INFO *) (User->ProfileInfo + InfoLen);
 …
   Find a user using a user information record.
   This function searches all user profiles for the specified user information record. The
   search starts with the user information record handle following UserInfo and continues
+  This function searches all user profiles for the specified user information record. The
+  search starts with the user information record handle following UserInfo and continues
   until either the information is found or there are no more user profiles.
   A match occurs when the Info.InfoType field matches the user information record type and the
+  A match occurs when the Info.InfoType field matches the user information record type and the
   user information record data matches the portion of Info passed the EFI_USER_INFO header.
   @param[in, out] User     On entry, points to the previously returned user profile record,
                            or NULL to start searching with the first user profile.
+  @param[in, out] User     On entry, points to the previously returned user profile record,
+                           or NULL to start searching with the first user profile.
                            On return, points to the user profile entry, or NULL if not found.
   @param[in, out] UserInfo On entry, points to the previously returned user information record,
                            or NULL to start searching with the first.
+  @param[in, out] UserInfo On entry, points to the previously returned user information record,
+                           or NULL to start searching with the first.
                            On return, points to the user information record, or NULL if not found.
   @param[in]      Info     Points to the buffer containing the user information to be compared
+  @param[in]      Info     Points to the buffer containing the user information to be compared
                            to the user information record.
   @param[in]      InfoSize The size of Info, in bytes. Same as Info->InfoSize.
   @retval EFI_SUCCESS           User information was found. User points to the user profile record,
+  @retval EFI_SUCCESS           User information was found. User points to the user profile record,
                                 and UserInfo points to the user information record.
   @retval EFI_NOT_FOUND         User information was not found.
+  @retval EFI_NOT_FOUND         User information was not found.
   @retval EFI_INVALID_PARAMETER User is NULL; Info is NULL; or, InfoSize is too small.
 **/
 EFI_STATUS
 …
     *User = mUserProfileDb->UserProfile[0];
+  }
   //
   // Check user profile handle.
 …
         break;
+      }
       if (InfoSize == Info->InfoSize) {
         if (CompareMem ((UINT8 *) (InfoEntry + 1), (UINT8 *) (Info + 1), InfoSize - sizeof (EFI_USER_INFO)) == 0) {
 …
           return EFI_SUCCESS;
+        }
+      }
+    }
+      }
+    }
     //
     // Get next user profile.
 …
   @retval TRUE     The policy is a valid access policy.
   @retval FALSE    The access policy is not a valid access policy.
 **/
 BOOLEAN
 …
     // Check access policy according to type.
     //
     CopyMem (&Access, PolicyInfo + TotalLen, sizeof (Access));
+    CopyMem (&Access, PolicyInfo + TotalLen, sizeof (Access));
     ValueLen = Access.Size - sizeof (EFI_USER_INFO_ACCESS_CONTROL);
     switch (Access.Type) {
 …
   @retval TRUE     The policy is a valid identity policy.
   @retval FALSE    The access policy is not a valid identity policy.
 **/
 BOOLEAN
 …
   @retval TRUE     The info is a valid user information record.
   @retval FALSE    The info is not a valid user information record.
 **/
 BOOLEAN
 …
   @retval TRUE     It is a valid user profile.
   @retval FALSE    It is not a valid user profile.
 **/
 BOOLEAN
 …
     return FALSE;
+  }
   //
   // Check user profile information length.
 …
                              EFI_USER_INFO_ACCESS_ENROLL_OTHERS or
                              EFI_USER_INFO_ACCESS_ENROLL_SELF.
   @retval TRUE     Find the specified RightType in current user profile.
   @retval FALSE    Can't find the right in the profile.
 **/
 BOOLEAN
 …
   @retval TRUE     Success to expand user profile database.
   @retval FALSE    Fail to expand user profile database.
 **/
 BOOLEAN
 …
   @param[in]  User                    Points to user profile.
   @param[in]  ExpandSize              The size of user profile.
+  @param[in]  ExpandSize              The size of user profile.
   @retval TRUE     Success to expand user profile size.
   @retval FALSE    Fail to expand user profile size.
 **/
 BOOLEAN
 …
     return FALSE;
+  }
   //
   // Copy exist information.
 …
   @retval EFI_SUCCESS      Save or delete user profile successfully.
   @retval Others           Fail to change the profile.
 **/
 EFI_STATUS
 …
     return Status;
+  }
   //
   // Save the user profile to non-volatile memory.
 …
     return EFI_INVALID_PARAMETER;
+  }
   //
   // Check user profile handle.
 …
     return Status;
+  }
   //
   // Check user information memory size.
 …
+    }
+  }
   //
   // Add new user information.
 …
   @param[in]      User            Point to the user profile.
   @param[in]      UserInfo        Point to the user information record to get.
   @param[out]     Info            On entry, points to a buffer of at least *InfoSize bytes.
+  @param[out]     Info            On entry, points to a buffer of at least *InfoSize bytes.
                                   On exit, holds the user information.
   @param[in, out] InfoSize        On entry, points to the size of Info.
+  @param[in, out] InfoSize        On entry, points to the size of Info.
                                   On return, points to the size of the user information.
   @param[in]      ChkRight        If TRUE, check the user info attribute.
 …
   @retval EFI_ACCESS_DENIED       The information cannot be accessed by the current user.
   @retval EFI_INVALID_PARAMETER   InfoSize is NULL or UserInfo is NULL.
   @retval EFI_BUFFER_TOO_SMALL    The number of bytes specified by *InfoSize is too small to hold the
+  @retval EFI_BUFFER_TOO_SMALL    The number of bytes specified by *InfoSize is too small to hold the
                                   returned data. The actual size required is returned in *InfoSize.
   @retval EFI_SUCCESS             Information returned successfully.
 …
     return EFI_INVALID_PARAMETER;
+  }
   //
   // Find the user information to get.
 …
     return Status;
+  }
   //
   // Check information attributes.
 …
+    }
+  }
   //
   // Get user information.
 …
     return EFI_ACCESS_DENIED;
+  }
   //
   // Delete the specified user information.
 …
   @param[in]      User           Point to the user profile.
   @param[in, out] UserInfo       On entry, points to the user information to modify,
                                  or NULL to add a new UserInfo.
+                                 or NULL to add a new UserInfo.
                                  On return, points to the modified user information.
   @param[in]      Info           Points to the new user information.
 …
     return EFI_INVALID_PARAMETER;
+  }
   //
   // Check user information.
 …
     return EFI_ACCESS_DENIED;
+  }
   if (!CheckUserInfo (Info)) {
     return EFI_INVALID_PARAMETER;
 …
       ASSERT (OldInfo != NULL);
       if (((OldInfo->InfoAttribs & EFI_USER_INFO_EXCLUSIVE) != 0) ||
+      if (((OldInfo->InfoAttribs & EFI_USER_INFO_EXCLUSIVE) != 0) ||
            ((Info->InfoAttribs & EFI_USER_INFO_EXCLUSIVE) != 0)) {
         //
 …
         continue;
+      }
       PayloadLen = Info->InfoSize - sizeof (EFI_USER_INFO);
       if (PayloadLen == 0) {
 …
     return Status;
+  }
   //
   // Modify existing user information.
 …
     return EFI_INVALID_PARAMETER;
+  }
   if (((Info->InfoAttribs & EFI_USER_INFO_EXCLUSIVE) != 0) &&
+  if (((Info->InfoAttribs & EFI_USER_INFO_EXCLUSIVE) != 0) &&
        (OldInfo->InfoAttribs & EFI_USER_INFO_EXCLUSIVE) == 0) {
     //
     // Try to add exclusive attrib in new info.
+    // Try to add exclusive attrib in new info.
     // Check whether there is another information with the same type in profile.
     //
 …
         return EFI_ACCESS_DENIED;
+      }
     } while (TRUE);
+    } while (TRUE);
+  }
 …
   @retval EFI_SUCCESS      Delete user from the user profile successfully.
   @retval Others           Fail to delete user from user profile
 **/
 EFI_STATUS
 …
     return EFI_INVALID_PARAMETER;
+  }
   //
   // Check whether it is the current user.
 …
     return EFI_ACCESS_DENIED;
+  }
   //
   // Delete user profile from the non-volatile memory.
 …
     return EFI_SECURITY_VIOLATION;
+  }
   //
   // Create user profile entry.
 …
   UnicodeSPrint (
     User->UserVarName,
+    User->UserVarName,
     sizeof (User->UserVarName),
     L"User%04x",
+    L"User%04x",
     mUserProfileDb->UserProfileNum
     );
 …
   UserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV | EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
   GenerateUserId ((UINT8 *) (UserInfo + 1));
   //
   // Add user profile to the user profile database.
 …
   @retval EFI_SUCCESS             A default user profile is added successfully.
   @retval Others                  Fail to add a default user profile
 **/
 EFI_STATUS
 …
   EFI_USER_INFO_ACCESS_CONTROL  *Access;
   EFI_USER_INFO_IDENTITY_POLICY *Policy;
   //
   // Create a user profile.
 …
     return Status;
+  }
   //
   // Allocate a buffer to add all default user information.
 …
     goto Done;
+  }
   //
   // Add user profile create date record.
 …
     goto Done;
+  }
   //
   // Add user profile usage count record.
 …
     goto Done;
+  }
   //
   // Add user access right.
 …
     goto Done;
+  }
   //
   // Add user identity policy.
 …
   Policy            = (EFI_USER_INFO_IDENTITY_POLICY *) (Info + 1);
   Policy->Type      = EFI_USER_INFO_IDENTITY_TRUE;
   Policy->Length    = sizeof (EFI_USER_INFO_IDENTITY_POLICY);
+  Policy->Length    = sizeof (EFI_USER_INFO_IDENTITY_POLICY);
   Info->InfoSize    = sizeof (EFI_USER_INFO) + Policy->Length;
   NewInfo = NULL;
 …
   Publish current user information into EFI System Configuration Table.
   By UEFI spec, the User Identity Manager will publish the current user profile
+  By UEFI spec, the User Identity Manager will publish the current user profile
   into the EFI System Configuration Table. Currently, only the user identifier and user
   name are published.
 …
   if (!EFI_ERROR (Status)) {
     //
     // The table existed!
+    // The table existed!
     //
     return EFI_SUCCESS;
 …
     return Status;
+  }
   //
   // Allocate a buffer for user information table.
   //
   UserInfoTable = (EFI_USER_INFO_TABLE *) AllocateRuntimePool (
                                             sizeof (EFI_USER_INFO_TABLE) +
                                             IdInfo->InfoSize +
+                                            sizeof (EFI_USER_INFO_TABLE) +
+                                            IdInfo->InfoSize +
                                             NameInfo->InfoSize
                                             );
 …
+  }
   UserInfoTable->Size = sizeof (EFI_USER_INFO_TABLE);
+  UserInfoTable->Size = sizeof (EFI_USER_INFO_TABLE);
   //
   // Append the user information to the user info table
 …
   Get the user's identity type.
   The identify manager only supports the identity policy in which the credential
+  The identify manager only supports the identity policy in which the credential
   provider handles are connected by the operator 'AND' or 'OR'.
 …
+  }
   ASSERT (IdentifyInfo != NULL);
   //
   // Search the user identify policy according to type.
 …
     return EFI_INVALID_PARAMETER;
+  }
   //
   // Check the user ID identified by the specified credential provider.
 …
         //
         Status = UserCredential->Form (
                                    UserCredential,
                                    &HiiHandle,
                                    &FormSetId,
+                                   UserCredential,
+                                   &HiiHandle,
+                                   &FormSetId,
                                    &FormId
                                    );
         if (!EFI_ERROR (Status)) {
+        if (!EFI_ERROR (Status)) {
           //
           // Send form to get user input.
 …
           if (EFI_ERROR (Status)) {
             return Status;
+          }
+        }
+          }
+        }
+      }
 …
         return Status;
+      }
       return EFI_SUCCESS;
+    }
 …
     return EFI_OUT_OF_RESOURCES;
+  }
   //
   // Check create date record.
 …
+    }
+  }
   //
   // Update usage date record.
 …
+    }
+  }
   //
   // Update usage count record.
 …
   @param[in]  Index            The index of the user in the user name list.
   @param[in]  User             Points to the user profile whose username is added.
+  @param[in]  User             Points to the user profile whose username is added.
   @param[in]  OpCodeHandle     Points to container for dynamic created opcodes.
 …
     return Status;
+  }
   //
   // Add user name selection.
 …
 /**
   Identify the user whose identity policy does not contain the operator 'OR'.
   @param[in]  User             Points to the user profile.
   @retval EFI_SUCCESS          The specified user is identified successfully.
   @retval Others               Fail to identify the user.
 **/
 EFI_STATUS
 …
+  }
   ASSERT (IdentifyInfo != NULL);
   //
   // Check each part of identification policy expression.
 …
 /**
   Identify the user whose identity policy does not contain the operator 'AND'.
   @param[in]  User             Points to the user profile.
   @retval EFI_SUCCESS          The specified user is identified successfully.
   @retval Others               Fail to identify the user.
 **/
 EFI_STATUS
 …
+  }
   ASSERT (IdentifyInfo != NULL);
   //
   // Initialize the container for dynamic opcodes.
 …
         return EFI_SUCCESS;
+      }
       //
       // Initialize the container for dynamic opcodes.
 …
       StartOpCodeHandle = HiiAllocateOpCodeHandle ();
       ASSERT (StartOpCodeHandle != NULL);
       EndOpCodeHandle = HiiAllocateOpCodeHandle ();
       ASSERT (EndOpCodeHandle != NULL);
       //
       // Create Hii Extend Label OpCode.
 …
       StartLabel->ExtendOpCode  = EFI_IFR_EXTEND_OP_LABEL;
       StartLabel->Number        = LABEL_USER_NAME;
       EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
                                           EndOpCodeHandle,
 …
       EndLabel->ExtendOpCode  = EFI_IFR_EXTEND_OP_LABEL;
       EndLabel->Number        = LABEL_END;
       //
       // Add all the user profile in the user profile database.
 …
         AddUserSelection ((UINT16)(LABEL_USER_NAME + Index), User, StartOpCodeHandle);
+      }
       HiiUpdateForm (
         mCallbackInfo->HiiHandle, // HII handle
 …
         EndOpCodeHandle           // Replace data
         );
       HiiFreeOpCodeHandle (StartOpCodeHandle);
       HiiFreeOpCodeHandle (EndOpCodeHandle);
       return EFI_SUCCESS;
+    }
 …
     if (QuestionId >= LABEL_PROVIDER_NAME) {
       //
       // QuestionId comes from the second Form (Select a Credential Provider if identity
+      // QuestionId comes from the second Form (Select a Credential Provider if identity
       // policy is OR type). Identify the user by the selected provider.
       //
 …
+    }
     break;
   case EFI_BROWSER_ACTION_CHANGING:
     //
 …
 /**
   This function construct user profile database from user data saved in the Flash.
   If no user is found in Flash, add one default user "administrator" in the user
+  If no user is found in Flash, add one default user "administrator" in the user
   profile database.
   @retval EFI_SUCCESS            Init user profile database successfully.
   @retval Others                 Fail to init user profile database.
 **/
 EFI_STATUS
 …
     return EFI_OUT_OF_RESOURCES;
+  }
   //
   // Get all user proifle entries.
 …
     //
     UnicodeSPrint (
       VarName,
+      VarName,
       sizeof (VarName),
       L"User%04x",
+      L"User%04x",
       Index
       );
 …
       break;
+    }
     //
     // Check variable attributes.
 …
       continue;
+    }
     //
     // Add user profile to the user profile database.
 …
     return Status;
+  }
   //
   // Check whether the user profile database is empty.
 …
   UINTN       HandleCount;
   EFI_HANDLE  *HandleBuf;
   UINTN       Index;
+  UINTN       Index;
   if (mProviderDb != NULL) {
 …
   //
   mProviderDb = AllocateZeroPool (
                   sizeof (CREDENTIAL_PROVIDER_INFO) -
                   sizeof (EFI_USER_CREDENTIAL2_PROTOCOL *) +
+                  sizeof (CREDENTIAL_PROVIDER_INFO) -
+                  sizeof (EFI_USER_CREDENTIAL2_PROTOCOL *) +
                   HandleCount * sizeof (EFI_USER_CREDENTIAL2_PROTOCOL *)
                   );
 …
   CallbackInfo->FormBrowser2  = FormBrowser2;
   CallbackInfo->DriverHandle  = NULL;
   //
   // Install Device Path Protocol and Config Access protocol to driver handle.
 …
     return Status;
+  }
   //
   // Find user with the specified user ID.
 …
     return EFI_NOT_READY;
+  }
   return Status;
+}
 …
   @param[in]   ProtocolGuid   Points to the protocol guid of sonsole .
   @retval TRUE     The given console is ready.
   @retval FALSE    The given console is not ready.
 **/
 BOOLEAN
 CheckConsole (
   EFI_GUID                     *ProtocolGuid
+  EFI_GUID                     *ProtocolGuid
+  )
+{
 …
   UINTN                        HandleCount;
   EFI_HANDLE                   *HandleBuf;
   UINTN                        Index;
+  UINTN                        Index;
   EFI_DEVICE_PATH_PROTOCOL     *DevicePath;
   //
   // Try to find all the handle driver.
 …
+    }
+  }
   FreePool (HandleBuf);
+  FreePool (HandleBuf);
   return FALSE;
+}
 …
   @retval TRUE     The console is ready.
   @retval FALSE    The console is not ready.
 **/
 BOOLEAN
 …
+    }
+  }
   return TRUE;
+}
 …
+    }
+  }
   //
   // Find and login the default & AutoLogon user.
 …
+    }
+  }
   if (!IsConsoleReady ()) {
     //
 …
                                  NULL
                                  );
   if (mIdentified) {
     *User = (USER_PROFILE_ENTRY *) mCurrentUser;
 …
     return EFI_SUCCESS;
+  }
   return EFI_ACCESS_DENIED;
+}
 …
 /**
   An empty function to pass error checking of CreateEventEx ().
   @param  Event         Event whose notification function is being invoked.
   @param  Context       Pointer to the notification function's context,
 …
   Create a new user profile.
   This function creates a new user profile with only a new user identifier attached and returns
+  This function creates a new user profile with only a new user identifier attached and returns
   its handle. The user profile is non-volatile, but the handle User can change across reboots.
   @param[in]  This               Points to this instance of the EFI_USER_MANAGER_PROTOCOL.
   @param[out] User               On return, points to the new user profile handle.
+  @param[out] User               On return, points to the new user profile handle.
                                  The user profile handle is unique only during this boot.
   @retval EFI_SUCCESS            User profile was successfully created.
   @retval EFI_ACCESS_DENIED      Current user does not have sufficient permissions to create a
+  @retval EFI_ACCESS_DENIED      Current user does not have sufficient permissions to create a
                                  user profile.
   @retval EFI_UNSUPPORTED        Creation of new user profiles is not supported.
   @retval EFI_INVALID_PARAMETER  The User parameter is NULL.
 **/
 EFI_STATUS
 …
+    }
+  }
   //
   // Create new user profile
 …
   @param[in] This                Points to this instance of the EFI_USER_MANAGER_PROTOCOL.
   @param[in] User                User profile handle.
+  @param[in] User                User profile handle.
   @retval EFI_SUCCESS            User profile was successfully deleted.
 …
   @retval EFI_UNSUPPORTED        Deletion of new user profiles is not supported.
   @retval EFI_INVALID_PARAMETER  User does not refer to a valid user profile.
 **/
 EFI_STATUS
 …
     return EFI_INVALID_PARAMETER;
+  }
   //
   // Check the right of the current user.
 …
     return EFI_ACCESS_DENIED;
+  }
   //
   // Delete user profile.
 …
   Enumerate all of the enrolled users on the platform.
   This function returns the next enrolled user profile. To retrieve the first user profile handle,
   point User at a NULL. Each subsequent call will retrieve another user profile handle until there
   are no more, at which point User will point to NULL.
+  This function returns the next enrolled user profile. To retrieve the first user profile handle,
+  point User at a NULL. Each subsequent call will retrieve another user profile handle until there
+  are no more, at which point User will point to NULL.
   @param[in]      This           Points to this instance of the EFI_USER_MANAGER_PROTOCOL.
   @param[in, out] User           On entry, points to the previous user profile handle or NULL to
+  @param[in, out] User           On entry, points to the previous user profile handle or NULL to
                                  start enumeration. On exit, points to the next user profile handle
                                  or NULL if there are no more user profiles.
   @retval EFI_SUCCESS            Next enrolled user profile successfully returned.
+  @retval EFI_SUCCESS            Next enrolled user profile successfully returned.
   @retval EFI_ACCESS_DENIED      Next enrolled user profile was not successfully returned.
   @retval EFI_INVALID_PARAMETER  The User parameter is NULL.
 …
     return EFI_INVALID_PARAMETER;
+  }
   Status = FindUserProfile ((USER_PROFILE_ENTRY **) User, TRUE, NULL);
   if (EFI_ERROR (Status)) {
 …
   @param[out] CurrentUser        On return, points to the current user profile handle.
   @retval EFI_SUCCESS            Current user profile handle returned successfully.
+  @retval EFI_SUCCESS            Current user profile handle returned successfully.
   @retval EFI_INVALID_PARAMETER  The CurrentUser parameter is NULL.
 **/
 EFI_STATUS
 …
   OUT       EFI_USER_PROFILE_HANDLE             *CurrentUser
+  )
+{
+{
   //
   // Get current user profile.
 …
   Identify the user and, if authenticated, returns the user handle and changes the current
   user profile. All user information marked as private in a previously selected profile
   is no longer available for inspection.
   Whenever the current user profile is changed then the an event with the GUID
+  is no longer available for inspection.
+  Whenever the current user profile is changed then the an event with the GUID
   EFI_EVENT_GROUP_USER_PROFILE_CHANGED is signaled.
 …
   @retval EFI_ACCESS_DENIED      User was not successfully identified.
   @retval EFI_INVALID_PARAMETER  The User parameter is NULL.
 **/
 EFI_STATUS
 …
     return EFI_SUCCESS;
+  }
   //
   // Identify user
 …
     return EFI_ACCESS_DENIED;
+  }
   //
   // Publish the user info into the EFI system configuration table.
 …
   This function searches all user profiles for the specified user information record.
   The search starts with the user information record handle following UserInfo and
+  The search starts with the user information record handle following UserInfo and
   continues until either the information is found or there are no more user profiles.
   A match occurs when the Info.InfoType field matches the user information record
 …
   @param[in]      This           Points to this instance of the EFI_USER_MANAGER_PROTOCOL.
   @param[in, out] User           On entry, points to the previously returned user profile
+  @param[in, out] User           On entry, points to the previously returned user profile
                                  handle, or NULL to start searching with the first user profile.
                                  On return, points to the user profile handle, or NULL if not
                                  found.
   @param[in, out] UserInfo       On entry, points to the previously returned user information
                                  handle, or NULL to start searching with the first. On return,
+                                 handle, or NULL to start searching with the first. On return,
                                  points to the user information handle of the user information
                                  record, or NULL if not found. Can be NULL, in which case only
                                  one user information record per user can be returned.
   @param[in]      Info           Points to the buffer containing the user information to be
                                  compared to the user information record. If the user information
                                  record data is empty, then only the user information record type
                                  is compared. If InfoSize is 0, then the user information record
+                                 record, or NULL if not found. Can be NULL, in which case only
+                                 one user information record per user can be returned.
+  @param[in]      Info           Points to the buffer containing the user information to be
+                                 compared to the user information record. If the user information
+                                 record data is empty, then only the user information record type
+                                 is compared. If InfoSize is 0, then the user information record
                                  must be empty.
   @param[in]      InfoSize       The size of Info, in bytes.
+  @param[in]      InfoSize       The size of Info, in bytes.
   @retval EFI_SUCCESS            User information was found. User points to the user profile
                                  handle, and UserInfo points to the user information handle.
   @retval EFI_NOT_FOUND          User information was not found. User points to NULL, and
+  @retval EFI_NOT_FOUND          User information was not found. User points to NULL, and
                                  UserInfo points to NULL.
   @retval EFI_INVALID_PARAMETER  User is NULL. Or Info is NULL.
+  @retval EFI_INVALID_PARAMETER  User is NULL. Or Info is NULL.
 **/
 EFI_STATUS
 …
+    }
+  }
   Size = Info->InfoSize;
+  Size = Info->InfoSize;
   //
   // Find user profile accdoring to user information.
 …
     return EFI_NOT_FOUND;
+  }
   return EFI_SUCCESS;
+}
 …
   Return information attached to the user.
   This function returns user information. The format of the information is described in User
   Information. The function may return EFI_ACCESS_DENIED if the information is marked private
   and the handle specified by User is not the current user profile. The function may return
   EFI_ACCESS_DENIED if the information is marked protected and the information is associated
+  This function returns user information. The format of the information is described in User
+  Information. The function may return EFI_ACCESS_DENIED if the information is marked private
+  and the handle specified by User is not the current user profile. The function may return
+  EFI_ACCESS_DENIED if the information is marked protected and the information is associated
   with a credential provider for which the user has not been authenticated.
   @param[in]      This           Points to this instance of the EFI_USER_MANAGER_PROTOCOL.
   @param[in]      User           Handle of the user whose profile will be retrieved.
   @param[in]      UserInfo       Handle of the user information data record.
   @param[out]     Info           On entry, points to a buffer of at least *InfoSize bytes. On exit,
                                  holds the user information. If the buffer is too small to hold the
                                  information, then EFI_BUFFER_TOO_SMALL is returned and InfoSize is
                                  updated to contain the number of bytes actually required.
   @param[in, out] InfoSize       On entry, points to the size of Info. On return, points to the size
                                  of the user information.
+  @param[in]      User           Handle of the user whose profile will be retrieved.
+  @param[in]      UserInfo       Handle of the user information data record.
+  @param[out]     Info           On entry, points to a buffer of at least *InfoSize bytes. On exit,
+                                 holds the user information. If the buffer is too small to hold the
+                                 information, then EFI_BUFFER_TOO_SMALL is returned and InfoSize is
+                                 updated to contain the number of bytes actually required.
+  @param[in, out] InfoSize       On entry, points to the size of Info. On return, points to the size
+                                 of the user information.
   @retval EFI_SUCCESS            Information returned successfully.
   @retval EFI_ACCESS_DENIED      The information about the specified user cannot be accessed by the
+  @retval EFI_ACCESS_DENIED      The information about the specified user cannot be accessed by the
                                  current user.
   @retval EFI_BUFFER_TOO_SMALL   The number of bytes specified by *InfoSize is too small to hold the
+  @retval EFI_BUFFER_TOO_SMALL   The number of bytes specified by *InfoSize is too small to hold the
                                  returned data. The actual size required is returned in *InfoSize.
   @retval EFI_NOT_FOUND          User does not refer to a valid user profile or UserInfo does not refer
+  @retval EFI_NOT_FOUND          User does not refer to a valid user profile or UserInfo does not refer
                                  to a valid user info handle.
   @retval EFI_INVALID_PARAMETER  Info is NULL or InfoSize is NULL.
 **/
 EFI_STATUS
 …
     return EFI_INVALID_PARAMETER;
+  }
   if ((User == NULL) || (UserInfo == NULL)) {
     return EFI_NOT_FOUND;
+  }
   Status = GetUserInfo (User, UserInfo, Info, InfoSize, TRUE);
   if (EFI_ERROR (Status)) {
 …
   Add or update user information.
   This function changes user information.  If NULL is pointed to by UserInfo, then a new user
   information record is created and its handle is returned in UserInfo. Otherwise, the existing
+  This function changes user information.  If NULL is pointed to by UserInfo, then a new user
+  information record is created and its handle is returned in UserInfo. Otherwise, the existing
   one is replaced.
   If EFI_USER_INFO_IDENITTY_POLICY_RECORD is changed, it is the caller's responsibility to keep
+  If EFI_USER_INFO_IDENITTY_POLICY_RECORD is changed, it is the caller's responsibility to keep
   it to be synced with the information on credential providers.
   If EFI_USER_INFO_EXCLUSIVE is specified in Info and a user information record of the same
+  If EFI_USER_INFO_EXCLUSIVE is specified in Info and a user information record of the same
   type already exists in the user profile, then EFI_ACCESS_DENIED will be returned and UserInfo
   will point to the handle of the existing record.
   @param[in]      This            Points to this instance of the EFI_USER_MANAGER_PROTOCOL.
   @param[in]      User            Handle of the user whose profile will be retrieved.
   @param[in, out] UserInfo        Handle of the user information data record.
   @param[in]      Info            On entry, points to a buffer of at least *InfoSize bytes. On exit,
                                   holds the user information. If the buffer is too small to hold the
                                   information, then EFI_BUFFER_TOO_SMALL is returned and InfoSize is
                                   updated to contain the number of bytes actually required.
   @param[in]      InfoSize        On entry, points to the size of Info. On return, points to the size
                                   of the user information.
+  @param[in]      User            Handle of the user whose profile will be retrieved.
+  @param[in, out] UserInfo        Handle of the user information data record.
+  @param[in]      Info            On entry, points to a buffer of at least *InfoSize bytes. On exit,
+                                  holds the user information. If the buffer is too small to hold the
+                                  information, then EFI_BUFFER_TOO_SMALL is returned and InfoSize is
+                                  updated to contain the number of bytes actually required.
+  @param[in]      InfoSize        On entry, points to the size of Info. On return, points to the size
+                                  of the user information.
   @retval EFI_SUCCESS             Information returned successfully.
   @retval EFI_ACCESS_DENIED       The record is exclusive.
   @retval EFI_SECURITY_VIOLATION  The current user does not have permission to change the specified
+  @retval EFI_SECURITY_VIOLATION  The current user does not have permission to change the specified
                                   user profile or user information record.
   @retval EFI_NOT_FOUND           User does not refer to a valid user profile or UserInfo does not
+  @retval EFI_NOT_FOUND           User does not refer to a valid user profile or UserInfo does not
                                   refer to a valid user info handle.
   @retval EFI_INVALID_PARAMETER   UserInfo is NULL or Info is NULL.
+  @retval EFI_INVALID_PARAMETER   UserInfo is NULL or Info is NULL.
 **/
 EFI_STATUS
 …
     return EFI_INVALID_PARAMETER;
+  }
   //
   // Check the right of the current user.
 …
         return EFI_SECURITY_VIOLATION;
+      }
       if (!CheckCurrentUserAccessRight (EFI_USER_INFO_ACCESS_ENROLL_OTHERS)) {
         //
 …
+    }
+  }
   //
   // Modify user information.
 …
   if (EFI_ERROR (Status)) {
     if (Status == EFI_ACCESS_DENIED) {
       return EFI_ACCESS_DENIED;
+      return EFI_ACCESS_DENIED;
+    }
     return EFI_SECURITY_VIOLATION;
 …
   Called by credential provider to notify of information change.
   This function allows the credential provider to notify the User Identity Manager when user status
+  This function allows the credential provider to notify the User Identity Manager when user status
   has changed.
   If the User Identity Manager doesn't support asynchronous changes in credentials, then this function
   should return EFI_UNSUPPORTED.
   If current user does not exist, and the credential provider can identify a user, then make the user
+  If the User Identity Manager doesn't support asynchronous changes in credentials, then this function
+  should return EFI_UNSUPPORTED.
+  If current user does not exist, and the credential provider can identify a user, then make the user
   to be current user and signal the EFI_EVENT_GROUP_USER_PROFILE_CHANGED event.
   If current user already exists, and the credential provider can identify another user, then switch
+  If current user already exists, and the credential provider can identify another user, then switch
   current user to the newly identified user, and signal the EFI_EVENT_GROUP_USER_PROFILE_CHANGED event.
   If current user was identified by this credential provider and now the credential provider cannot identify
+  If current user was identified by this credential provider and now the credential provider cannot identify
   current user, then logout current user and signal the EFI_EVENT_GROUP_USER_PROFILE_CHANGED event.
   @param[in] This          Points to this instance of the EFI_USER_MANAGER_PROTOCOL.
   @param[in] Changed       Handle on which is installed an instance of the EFI_USER_CREDENTIAL2_PROTOCOL
+  @param[in] Changed       Handle on which is installed an instance of the EFI_USER_CREDENTIAL2_PROTOCOL
                            where the user has changed.
 …
   @retval EFI_NOT_READY    The function was called while the specified credential provider was not selected.
   @retval EFI_UNSUPPORTED  The User Identity Manager doesn't support asynchronous notifications.
 **/
 EFI_STATUS
 …
   IN        EFI_HANDLE                          Changed
+  )
+{
+{
   return EFI_UNSUPPORTED;
+}
 …
   @retval EFI_SUCCESS        User information deleted successfully.
   @retval EFI_NOT_FOUND      User information record UserInfo does not exist in the user profile.
   @retval EFI_ACCESS_DENIED  The current user does not have permission to delete this user information.
+  @retval EFI_ACCESS_DENIED  The current user does not have permission to delete this user information.
 **/
 EFI_STATUS
 …
     return EFI_INVALID_PARAMETER;
+  }
   //
   // Check the right of the current user.
 …
+    }
+  }
   //
   // Delete user information.
 …
+    }
     return EFI_ACCESS_DENIED;
+  }
+  }
   return EFI_SUCCESS;
+}
 …
   Enumerate user information of all the enrolled users on the platform.
   This function returns the next user information record. To retrieve the first user
   information record handle, point UserInfo at a NULL. Each subsequent call will retrieve
   another user information record handle until there are no more, at which point UserInfo
   will point to NULL.
+  This function returns the next user information record. To retrieve the first user
+  information record handle, point UserInfo at a NULL. Each subsequent call will retrieve
+  another user information record handle until there are no more, at which point UserInfo
+  will point to NULL.
   @param[in]      This           Points to this instance of the EFI_USER_MANAGER_PROTOCOL.
 …
   @retval EFI_NOT_FOUND          No more user information found.
   @retval EFI_INVALID_PARAMETER  UserInfo is NULL.
 **/
 EFI_STATUS
 …
                   &gUserIdentifyManager
                   );
   ASSERT_EFI_ERROR (Status);
+  ASSERT_EFI_ERROR (Status);
   LoadDeferredImageInit (ImageHandle);

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManager.h

-              r48674
+              r58466
 /** @file
   The header file for User identify Manager driver.
 Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   This function searches all user profiles for the specified user information record.
   The search starts with the user information record handle following UserInfo and
+  The search starts with the user information record handle following UserInfo and
   continues until either the information is found or there are no more user profiles.
   A match occurs when the Info.InfoType field matches the user information record
   type and the user information record data matches the portion of Info passed the
+  type and the user information record data matches the portion of Info passed the
   EFI_USER_INFO header.
   @param[in]      This     Points to this instance of the EFI_USER_MANAGER_PROTOCOL.
   @param[in, out] User     On entry, points to the previously returned user profile
+  @param[in, out] User     On entry, points to the previously returned user profile
                            handle, or NULL to start searching with the first user profile.
                            On return, points to the user profile handle, or NULL if not
                            found.
   @param[in, out] UserInfo On entry, points to the previously returned user information
                            handle, or NULL to start searching with the first. On return,
+                           handle, or NULL to start searching with the first. On return,
                            points to the user information handle of the user information
                            record, or NULL if not found. Can be NULL, in which case only
                            one user information record per user can be returned.
   @param[in]      Info     Points to the buffer containing the user information to be
                            compared to the user information record. If NULL, then only
                            the user information record type is compared. If InfoSize is 0,
+                           record, or NULL if not found. Can be NULL, in which case only
+                           one user information record per user can be returned.
+  @param[in]      Info     Points to the buffer containing the user information to be
+                           compared to the user information record. If NULL, then only
+                           the user information record type is compared. If InfoSize is 0,
                            then the user information record must be empty.
   @param[in]      InfoSize The size of Info, in bytes.
+  @param[in]      InfoSize The size of Info, in bytes.
   @retval EFI_SUCCESS      User information was found. User points to the user profile handle,
                            and UserInfo points to the user information handle.
   @retval EFI_NOT_FOUND    User information was not found. User points to NULL and UserInfo
+  @retval EFI_NOT_FOUND    User information was not found. User points to NULL and UserInfo
                            points to NULL.
 **/
 EFI_STATUS
 …
   IN OUT    EFI_USER_INFO_HANDLE                *UserInfo
   );
 #endif

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManagerData.h

-              r48674
+              r58466
 /** @file
   Data structure used by the user identify manager driver.
 Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManagerDxe.inf

-              r58459
+              r58466
+#
 #  This module manages user information and produces user manager protocol.
+#
+#
 # Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 …
   gEfiIfrTianoGuid                              ## SOMETIMES_CONSUMES  ## GUID
   gEfiEventUserProfileChangedGuid               ## SOMETIMES_PRODUCES  ## Event
   ## SOMETIMES_PRODUCES                         ## Variable:L"Userxxxx"
   ## SOMETIMES_CONSUMES                         ## Variable:L"Userxxxx"
 …
   gEfiHiiConfigAccessProtocolGuid               ## PRODUCES
   gEfiDevicePathProtocolGuid                    ## PRODUCES
   ## PRODUCES
   ## SOMETIMES_PRODUCES                         ## SystemTable
   gEfiUserManagerProtocolGuid
+  gEfiUserManagerProtocolGuid
 [Depex]
   gEfiHiiDatabaseProtocolGuid   AND
   gEfiHiiStringProtocolGuid     AND
   gEfiFormBrowser2ProtocolGuid
+  gEfiHiiDatabaseProtocolGuid   AND
+  gEfiHiiStringProtocolGuid     AND
+  gEfiFormBrowser2ProtocolGuid
 [UserExtensions.TianoCore."ExtraFiles"]

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManagerStrings.uni

Property svn:mime-type changed from application/octet-stream to text/plain;encoding=UTF-16LE

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManagerVfr.Vfr

Property svn:eol-style set to native

-              r58459
+              r58466
 Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
 #include "UserIdentifyManagerData.h"
 formset
+formset
   guid      = USER_IDENTIFY_MANAGER_GUID,
   title     = STRING_TOKEN(STR_TITLE),
   help      = STRING_TOKEN(STR_NULL_STRING),
+  title     = STRING_TOKEN(STR_TITLE),
+  help      = STRING_TOKEN(STR_NULL_STRING),
   classguid = USER_IDENTIFY_MANAGER_GUID,
   form formid = FORMID_USER_FORM,
     title = STRING_TOKEN(STR_USER_SELECT);
+    title = STRING_TOKEN(STR_USER_SELECT);
     suppressif TRUE;
 …
     label LABEL_USER_NAME;
     label LABEL_END;
+    label LABEL_END;
   endform;
   form formid = FORMID_PROVIDER_FORM,
     title = STRING_TOKEN(STR_PROVIDER_SELECT);
     label LABEL_PROVIDER_NAME;
     label LABEL_END;
   endform;
+  endform;
 endformset;

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyAccessPolicy.c

-              r58459
+              r58466
 /** @file
   The functions for access policy modification.
 Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
 /**
   Collect all the access policy data to mUserInfo.AccessPolicy,
+  Collect all the access policy data to mUserInfo.AccessPolicy,
   and save it to user profile.
 …
   mUserInfo.AccessPolicyModified  = TRUE;
   OffSet                          = 0;
   //
   // Save access right.
 …
   CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
   OffSet += sizeof (Control);
   //
   // Save access setup.
 …
   Control.Type = EFI_USER_INFO_ACCESS_SETUP;
   Control.Size = (UINT32) Size;
+  Control.Size = (UINT32) Size;
   CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
   OffSet += sizeof (Control);
   if (mAccessInfo.AccessSetup == ACCESS_SETUP_NORMAL) {
     CopyGuid ((EFI_GUID *) (mUserInfo.AccessPolicy + OffSet), &gEfiUserInfoAccessSetupNormalGuid);
 …
+  }
   OffSet += sizeof (EFI_GUID);
   //
   // Save access of boot order.
 …
   Control.Type = EFI_USER_INFO_ACCESS_BOOT_ORDER;
   Control.Size = (UINT32) Size;
+  Control.Size = (UINT32) Size;
   CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
   OffSet += sizeof (Control);
 …
   CopyMem ((UINT8 *) (mUserInfo.AccessPolicy + OffSet), &mAccessInfo.AccessBootOrder, sizeof (UINT32));
   OffSet += sizeof (UINT32);
   //
   // Save permit load.
 …
     Control.Type = EFI_USER_INFO_ACCESS_PERMIT_LOAD;
     Control.Size = (UINT32) Size;
+    Control.Size = (UINT32) Size;
     CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
     OffSet += sizeof (Control);
     CopyMem (mUserInfo.AccessPolicy + OffSet, mAccessInfo.LoadPermit, mAccessInfo.LoadPermitLen);
     OffSet += mAccessInfo.LoadPermitLen;
+  }
   //
   // Save forbid load.
 …
     Control.Type = EFI_USER_INFO_ACCESS_FORBID_LOAD;
     Control.Size = (UINT32) Size;
+    Control.Size = (UINT32) Size;
     CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
     OffSet += sizeof (Control);
     CopyMem (mUserInfo.AccessPolicy + OffSet, mAccessInfo.LoadForbid, mAccessInfo.LoadForbidLen);
     OffSet += mAccessInfo.LoadForbidLen;
+  }
   //
   // Save permit connect.
 …
     Control.Type = EFI_USER_INFO_ACCESS_PERMIT_CONNECT;
     Control.Size = (UINT32) Size;
+    Control.Size = (UINT32) Size;
     CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
     OffSet += sizeof (Control);
     CopyMem (mUserInfo.AccessPolicy + OffSet, mAccessInfo.ConnectPermit, mAccessInfo.ConnectPermitLen);
     OffSet += mAccessInfo.ConnectPermitLen;
+  }
   //
   // Save forbid connect.
 …
     Control.Type = EFI_USER_INFO_ACCESS_FORBID_CONNECT;
     Control.Size = (UINT32) Size;
+    Control.Size = (UINT32) Size;
     CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
     OffSet += sizeof (Control);
     CopyMem (mUserInfo.AccessPolicy + OffSet, mAccessInfo.ConnectForbid, mAccessInfo.ConnectForbidLen);
     OffSet += mAccessInfo.ConnectForbidLen;
 …
 /**
   Check whether the DevicePath is in the device path forbid list
+  Check whether the DevicePath is in the device path forbid list
   (mAccessInfo.LoadForbid).
   @param[in]  DevicePath           Points to device path.
   @retval TRUE     The DevicePath is in the device path forbid list.
   @retval FALSE    The DevicePath is not in the device path forbid list.
 …
   OrderSize = 0;
   Status    = gRT->GetVariable (
                      L"DriverOrder",
                      &gEfiGlobalVariableGuid,
                      NULL,
                      &OrderSize,
+                     L"DriverOrder",
+                     &gEfiGlobalVariableGuid,
+                     NULL,
+                     &OrderSize,
                      NULL
                      );
 …
   Status = gRT->GetVariable (
                   L"DriverOrder",
                   &gEfiGlobalVariableGuid,
                   NULL,
                   &OrderSize,
+                  L"DriverOrder",
+                  &gEfiGlobalVariableGuid,
+                  NULL,
+                  &OrderSize,
                   Order
                   );
 …
     return ;
+  }
   //
   // Initialize the container for dynamic opcodes.
 …
       continue;
+    }
     //
     // Check whether the driver is already forbidden.
     //
     VarPtr = Var;
     //
 …
+{
   //
   // Note:
+  // Note:
   // As no architect protocol/interface to be called in ConnectController()
   // to verify the device path, just add a place holder for permitted connect
 …
+{
   //
   // Note:
+  // Note:
   // As no architect protocol/interface to be called in ConnectController()
   // to verify the device path, just add a place holder for forbidden connect
 …
 /**
   Delete the specified device path by DriverIndex from the forbid device path
+  Delete the specified device path by DriverIndex from the forbid device path
   list (mAccessInfo.LoadForbid).
   @param[in]  DriverIndex   The index of driver in forbidden device path list.
 **/
 VOID
 …
     DriverIndex--;
+  }
   //
   // Specified device path found.
 …
     if (OffLen > 0) {
       CopyMem (
         mAccessInfo.LoadForbid + OffSet,
         mAccessInfo.LoadForbid + OffSet + DPSize,
+        mAccessInfo.LoadForbid + OffSet,
+        mAccessInfo.LoadForbid + OffSet + DPSize,
         OffLen
         );
 …
 /**
   Add the specified device path by DriverIndex to the forbid device path
+  Add the specified device path by DriverIndex to the forbid device path
   list (mAccessInfo.LoadForbid).
   @param[in]  DriverIndex   The index of driver saved in driver options.
 **/
 VOID
 …
     return;
+  }
   //
   // Save forbid load driver.
   //
   VarPtr = Var;
   //

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyIdentityPolicy.c

-              r48674
+              r58466
 /** @file
   The functions for identification policy modification.
 Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   @param[in] NewGuid       Points to the credential provider guid.
   @retval TRUE     The NewGuid was found in the identity policy.
   @retval FALSE    The NewGuid was not found.
 …
     Offset += Identity->Length;
+  }
   return FALSE;
+}
 …
 EnrollUserOnProvider (
   IN  EFI_USER_INFO_IDENTITY_POLICY              *Identity,
   IN  EFI_USER_PROFILE_HANDLE                    User
+  IN  EFI_USER_PROFILE_HANDLE                    User
+  )
+{
   UINTN                          Index;
   EFI_USER_CREDENTIAL2_PROTOCOL  *UserCredential;
   //
   // Find the specified credential provider.
 …
+  }
   return EFI_NOT_FOUND;
+  return EFI_NOT_FOUND;
+}
 …
 DeleteUserOnProvider (
   IN  EFI_USER_INFO_IDENTITY_POLICY              *Identity,
   IN  EFI_USER_PROFILE_HANDLE                    User
+  IN  EFI_USER_PROFILE_HANDLE                    User
+  )
+{
   UINTN                          Index;
   EFI_USER_CREDENTIAL2_PROTOCOL  *UserCredential;
   //
   // Find the specified credential provider.
 …
+  }
   return EFI_NOT_FOUND;
+  return EFI_NOT_FOUND;
+}
 …
 /**
   Delete User's credental from all the providers that exist in User's identity policy.
   @param[in]  IdentityPolicy     Point to User's identity policy.
   @param[in]  IdentityPolicyLen  The length of the identity policy.
 …
   IN     UINT8                                *IdentityPolicy,
   IN     UINTN                                 IdentityPolicyLen,
   IN     EFI_USER_PROFILE_HANDLE               User
+  IN     EFI_USER_PROFILE_HANDLE               User
+  )
+{
 …
 /**
   Remove the provider specified by Offset from the new user identification record.
   @param[in]  IdentityPolicy    Point to user identity item in new identification policy.
   @param[in]  Offset            The item offset in the new identification policy.
 …
     //
     // This provider is not the last item in the identification policy, delete it and the connector.
     //
+    //
     RemainingLen = mUserInfo.NewIdentityPolicyLen - Offset - DeleteLen;
     CopyMem ((UINT8 *) IdentityPolicy, (UINT8 *) IdentityPolicy + DeleteLen, RemainingLen);
+  }
   mUserInfo.NewIdentityPolicyLen -= DeleteLen;
+  mUserInfo.NewIdentityPolicyLen -= DeleteLen;
+}
 …
   @param[in] NewGuid       Points to the credential provider guid.
 **/
 VOID
 …
     FreePool (mUserInfo.NewIdentityPolicy);
+  }
   //
   // Save credential provider.
 …
   @retval TRUE     The policy is a valid identity policy.
   @retval FALSE    The policy is not a valid identity policy.
 **/
 BOOLEAN
 …
   UINTN                         Offset;
   UINT32                        OpCode;
   //
   // Check policy expression.
 …
     Identity = (EFI_USER_INFO_IDENTITY_POLICY *) (PolicyInfo + Offset);
     switch (Identity->Type) {
     case EFI_USER_INFO_IDENTITY_TRUE:
       break;
 …
 /**
   Save the identity policy and update UI with it.
   This funciton will verify the new identity policy, in current implementation,
+  This funciton will verify the new identity policy, in current implementation,
   the identity policy can be:  T, P & P & P & ..., P | P | P | ...
   Here, "T" means "True", "P" means "Credential Provider", "&" means "and", "|" means "or".
   Other identity policies are not supported.
+  Other identity policies are not supported.
 **/
 …
     return ;
+  }
   //
   // Update the informantion on credential provider.
 …
     return ;
+  }
   //
   // Save new identification policy.
 …
   Status = mUserManager->SetInfo (mUserManager, mModifyUser, &UserInfo, Info, Info->InfoSize);
   FreePool (Info);
   //
   // Update the mUserInfo.IdentityPolicy by mUserInfo.NewIdentityPolicy
 …
   mUserInfo.NewIdentityPolicy         = NULL;
   mUserInfo.NewIdentityPolicyLen      = 0;
   mUserInfo.NewIdentityPolicyModified = FALSE;
+  mUserInfo.NewIdentityPolicyModified = FALSE;
   //
 …
     return ;
+  }
   //
   // Check the identity policy.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileAdd.c

-              r48674
+              r58466
 /** @file
   The functions to add a user profile.
 Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
 /**
   Get user name from the popup windows.
   @param[in, out]  UserNameLen  On entry, point to UserName buffer lengh, in bytes.
                                 On exit, point to input user name length, in bytes.
   @param[out]      UserName     The buffer to hold the input user name.
   @retval EFI_ABORTED           It is given up by pressing 'ESC' key.
   @retval EFI_NOT_READY         Not a valid input at all.
 …
   *UserNameLen = NameLen * sizeof (CHAR16);
   CopyMem (UserName, Name, *UserNameLen);
   return EFI_SUCCESS;
+}
 …
   @retval EFI_NOT_READY      The usernme in mAddUserName had been used.
   @retval EFI_SUCCESS        Change the user's username successfully with
+  @retval EFI_SUCCESS        Change the user's username successfully with
                              username in mAddUserName.
 …
   EFI_USER_PROFILE_HANDLE TempUser;
   EFI_USER_INFO           *NewUserInfo;
   NewUserInfo = AllocateZeroPool (sizeof (EFI_USER_INFO) + UserNameLen);
   ASSERT (NewUserInfo != NULL);
   NewUserInfo->InfoType    = EFI_USER_INFO_NAME_RECORD;
   NewUserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
                              EFI_USER_INFO_PUBLIC |
+  NewUserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
+                             EFI_USER_INFO_PUBLIC |
                              EFI_USER_INFO_EXCLUSIVE;
   NewUserInfo->InfoSize    = (UINT32) (sizeof (EFI_USER_INFO) + UserNameLen);
 …
   EFI_USER_INFO_CREATE_DATE Date;
   EFI_USER_INFO             *NewUserInfo;
   NewUserInfo = AllocateZeroPool (
                   sizeof (EFI_USER_INFO) +
 …
   NewUserInfo->InfoType    = EFI_USER_INFO_CREATE_DATE_RECORD;
   NewUserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
                              EFI_USER_INFO_PUBLIC |
+  NewUserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
+                             EFI_USER_INFO_PUBLIC |
                              EFI_USER_INFO_EXCLUSIVE;
   NewUserInfo->InfoSize    = sizeof (EFI_USER_INFO) + sizeof (EFI_USER_INFO_CREATE_DATE);
 …
   Set the default identity policy of the specified user.
   @param[in]  User               Handle of a user profile.
+  @param[in]  User               Handle of a user profile.
 **/
 …
   EFI_USER_INFO_HANDLE          UserInfo;
   EFI_USER_INFO                 *NewUserInfo;
   NewUserInfo = AllocateZeroPool (
                   sizeof (EFI_USER_INFO) +
+                  sizeof (EFI_USER_INFO) +
                   sizeof (EFI_USER_INFO_IDENTITY_POLICY)
                   );
   ASSERT (NewUserInfo != NULL);
   Policy                   = (EFI_USER_INFO_IDENTITY_POLICY *) (NewUserInfo + 1);
   Policy->Type             = EFI_USER_INFO_IDENTITY_TRUE;
 …
   NewUserInfo->InfoType    = EFI_USER_INFO_IDENTITY_POLICY_RECORD;
   NewUserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
                              EFI_USER_INFO_PUBLIC |
+  NewUserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
+                             EFI_USER_INFO_PUBLIC |
                              EFI_USER_INFO_EXCLUSIVE;
   NewUserInfo->InfoSize    = sizeof (EFI_USER_INFO) + Policy->Length;
 …
   Set the default access policy of the specified user.
   @param[in]  User               Handle of a user profile.
+  @param[in]  User               Handle of a user profile.
 **/
 …
   EFI_USER_INFO_HANDLE          UserInfo;
   EFI_USER_INFO                 *NewUserInfo;
   NewUserInfo = AllocateZeroPool (
                   sizeof (EFI_USER_INFO) +
+                  sizeof (EFI_USER_INFO) +
                   sizeof (EFI_USER_INFO_ACCESS_CONTROL)
                   );
   ASSERT (NewUserInfo != NULL);
   Control                  = (EFI_USER_INFO_ACCESS_CONTROL *) (NewUserInfo + 1);
   Control->Type            = EFI_USER_INFO_ACCESS_ENROLL_SELF;
 …
   NewUserInfo->InfoType    = EFI_USER_INFO_ACCESS_POLICY_RECORD;
   NewUserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
                              EFI_USER_INFO_PUBLIC |
+  NewUserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
+                             EFI_USER_INFO_PUBLIC |
                              EFI_USER_INFO_EXCLUSIVE;
   NewUserInfo->InfoSize    = sizeof (EFI_USER_INFO) + Control->Size;
 …
   QuestionStr = NULL;
   PromptStr   = NULL;
   //
   // Get user name to add.
 …
     if (Status != EFI_ABORTED) {
       QuestionStr = GetStringById (STRING_TOKEN (STR_GET_USERNAME_FAILED));
       PromptStr   = GetStringById (STRING_TOKEN (STR_STROKE_KEY_CONTINUE));
+      PromptStr   = GetStringById (STRING_TOKEN (STR_STROKE_KEY_CONTINUE));
       goto Done;
+    }
 …
   if (EFI_ERROR (Status)) {
     QuestionStr = GetStringById (STRING_TOKEN (STR_CREATE_PROFILE_FAILED));
     PromptStr   = GetStringById (STRING_TOKEN (STR_STROKE_KEY_CONTINUE));
+    PromptStr   = GetStringById (STRING_TOKEN (STR_STROKE_KEY_CONTINUE));
   } else {
     //
 …
     if (EFI_ERROR (Status)) {
       QuestionStr = GetStringById (STRING_TOKEN (STR_USER_ALREADY_EXISTED));
       PromptStr   = GetStringById (STRING_TOKEN (STR_STROKE_KEY_CONTINUE));
+      PromptStr   = GetStringById (STRING_TOKEN (STR_STROKE_KEY_CONTINUE));
       goto Done;
+    }
 …
     QuestionStr = GetStringById (STRING_TOKEN (STR_CREATE_PROFILE_SUCCESS));
     PromptStr   = GetStringById (STRING_TOKEN (STR_STROKE_KEY_CONTINUE));
+    PromptStr   = GetStringById (STRING_TOKEN (STR_STROKE_KEY_CONTINUE));
+  }

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileDelete.c

-              r48674
+              r58466
 /** @file
   The functions to delete a user profile.
 Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   Get the username from the specified user.
   @param[in]   User              Handle of a user profile.
+  @param[in]   User              Handle of a user profile.
   @retval EFI_STRING_ID          The String Id of the user's username.
 **/
 EFI_STRING_ID
+EFI_STRING_ID
 GetUserName (
   IN  EFI_USER_PROFILE_HANDLE                   User
 …
   CHAR16                UserName[USER_NAME_LENGTH];
   EFI_STRING_ID         UserId;
   //
   // Allocate user information memory.
 …
   Info    = AllocateZeroPool (MemSize);
   ASSERT (Info != NULL);
   //
   // Get user name information.
 …
   Add a username item in form.
   @param[in]  User          Points to the user profile whose username is added.
+  @param[in]  User          Points to the user profile whose username is added.
   @param[in]  Index         The index of the user in the user name list
   @param[in]  OpCodeHandle  Points to container for dynamic created opcodes.
 …
     return ;
+  }
   //
   // Create user name option.
 …
   Delete the user specified by UserIndex in user profile database.
   @param[in]  UserIndex       The index of user in the user name list
+  @param[in]  UserIndex       The index of user in the user name list
                               to be deleted.
 …
     goto Done;
+  }
   while (UserIndex > 1) {
     Status = mUserManager->GetNext (mUserManager, &User);
 …
     DeleteCredentialFromProviders ((UINT8 *)(Info + 1), Info->InfoSize - sizeof (EFI_USER_INFO), User);
     FreePool (Info);
     Status = mUserManager->Delete (mUserManager, User);
     if (EFI_ERROR (Status)) {
 …
       NULL
       );
     return ;
+    return ;
+  }

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager.c

-              r48674
+              r58466
 /** @file
   This driver is a configuration tool for adding, deleting or modifying user
   profiles, including gathering the necessary information to ascertain their
   identity in the future, updating user access policy and identification
+  This driver is a configuration tool for adding, deleting or modifying user
+  profiles, including gathering the necessary information to ascertain their
+  identity in the future, updating user access policy and identification
   policy, etc.
 Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
 /**
   This function gets all the credential providers in the system and saved them
+  This function gets all the credential providers in the system and saved them
   to mProviderInfo.
   @retval EFI_SUCESS     Init credential provider database successfully.
   @retval Others         Fail to init credential provider database.
 **/
 EFI_STATUS
 …
   UINTN       HandleCount;
   EFI_HANDLE  *HandleBuf;
   UINTN       Index;
+  UINTN       Index;
   //
   // Try to find all the user credential provider driver.
 …
     return Status;
+  }
   //
   // Get provider infomation.
 …
+  }
   mProviderInfo = AllocateZeroPool (
                     sizeof (CREDENTIAL_PROVIDER_INFO) -
+                    sizeof (CREDENTIAL_PROVIDER_INFO) -
                     sizeof (EFI_USER_CREDENTIAL2_PROTOCOL *) +
                     HandleCount * sizeof (EFI_USER_CREDENTIAL2_PROTOCOL *)
 …
         return EFI_SUCCESS;
+      }
       //
       // Get current user
 …
         return EFI_NOT_READY;
+      }
       //
       // Get current user's right information.
 …
         CurrentAccessRight = EFI_USER_INFO_ACCESS_ENROLL_SELF;
+      }
       //
       // Init credential provider information.
 …
         return Status;
+      }
       //
       // Initialize the container for dynamic opcodes.
 …
       StartOpCodeHandle = HiiAllocateOpCodeHandle ();
       ASSERT (StartOpCodeHandle != NULL);
       EndOpCodeHandle = HiiAllocateOpCodeHandle ();
       ASSERT (EndOpCodeHandle != NULL);
       //
       // Create Hii Extend Label OpCode.
 …
       StartLabel->ExtendOpCode  = EFI_IFR_EXTEND_OP_LABEL;
       StartLabel->Number        = LABEL_USER_MANAGE_FUNC;
       EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
                                           EndOpCodeHandle,
 …
       EndLabel->ExtendOpCode  = EFI_IFR_EXTEND_OP_LABEL;
       EndLabel->Number        = LABEL_END;
       //
       // Add user profile option.
 …
           );
+      }
       //
       // Add modify user profile option.
 …
         KEY_MODIFY_USER                       // Question ID
         );
       //
       // Add delete user profile option
 …
           );
+      }
       HiiUpdateForm (
         mCallbackInfo->HiiHandle,               // HII handle
 …
         EndOpCodeHandle                         // Replace data
         );
       HiiFreeOpCodeHandle (StartOpCodeHandle);
       HiiFreeOpCodeHandle (EndOpCodeHandle);
       return EFI_SUCCESS;
+    }
 …
   case EFI_BROWSER_ACTION_CHANGED:
+  {
+  {
     //
     // Handle the request from form.
 …
       return EFI_INVALID_PARAMETER;
+    }
     //
     // Judge first 2 bits.
 …
           // Change credential provider option.
           //
           case KEY_MODIFY_PROV:
+          case KEY_MODIFY_PROV:
             mProviderChoice = Value->u8;
             break;
 …
   case EFI_BROWSER_ACTION_CHANGING:
+  {
+  {
     //
     // Handle the request from form.
 …
       return EFI_INVALID_PARAMETER;
+    }
     //
     // Judge first 2 bits.
 …
               DisplayLoadPermit ();
               break;
             //
             // Forbid load device path.
 …
               DisplayLoadForbid ();
               break;
             default:
               break;
+            }
             break;
           //
           // Connect device path form.
 …
               DisplayConnectPermit ();
               break;
             //
             // Forbid connect device path.
 …
               DisplayConnectForbid ();
               break;
             default:
               break;
 …
     return EFI_SUCCESS;
+  }
   //
   // Initialize driver private data.
 …
   CallbackInfo = AllocateZeroPool (sizeof (USER_PROFILE_MANAGER_CALLBACK_INFO));
   ASSERT (CallbackInfo != NULL);
+  ASSERT (CallbackInfo != NULL);
   CallbackInfo->Signature                   = USER_PROFILE_MANAGER_SIGNATURE;
 …
   CallbackInfo->ConfigAccess.Callback       = UserProfileManagerCallback;
   CallbackInfo->DriverHandle                = NULL;
   //
   // Install Device Path Protocol and Config Access protocol to driver handle.
 …
                               NULL
                               );
   ASSERT (CallbackInfo->HiiHandle != NULL);
+  ASSERT (CallbackInfo->HiiHandle != NULL);
   mCallbackInfo = CallbackInfo;
 …
+}

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager.h

-              r58459
+              r58466
 /** @file
   The header file for user profile manager driver.
 Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   UINTN     AccessPolicyLen;
   UINTN     IdentityPolicyLen;
   UINTN     NewIdentityPolicyLen;
+  UINTN     NewIdentityPolicyLen;
   UINT8     *AccessPolicy;
   UINT8     *IdentityPolicy;
 …
   Add a username item in form.
   @param[in]  User             Points to the user profile whose username is added.
+  @param[in]  User             Points to the user profile whose username is added.
   @param[in]  Index            The index of the user in the user name list.
   @param[in]  OpCodeHandle     Points to container for dynamic created opcodes.
 …
   @param[in] UserIndex       The index of the user in display list to modify.
 **/
 VOID
 …
 /**
   Get the username from user input and update username string in Hii
+  Get the username from user input and update username string in Hii
   database with it.
 …
 /**
   Save the identity policy and update UI with it.
   This funciton will verify the new identity policy, in current implementation,
+  This funciton will verify the new identity policy, in current implementation,
   the identity policy can be:  T, P & P & P & ..., P | P | P | ...
   Here, "T" means "True", "P" means "Credential Provider", "&" means "and", "|" means "or".
   Other identity policies are not supported.
+  Other identity policies are not supported.
 **/
 …
   In this form, access right, access setu,p and access boot order are dynamically
   added. Load devicepath and connect devicepath are displayed too.
 **/
 VOID
 …
 /**
   Collect all the access policy data to mUserInfo.AccessPolicy,
+  Collect all the access policy data to mUserInfo.AccessPolicy,
   and save it to user profile.
 …
 /**
   Delete the specified device path by DriverIndex from the forbid device path
+  Delete the specified device path by DriverIndex from the forbid device path
   list (mAccessInfo.LoadForbid).
   @param[in]  DriverIndex   The index of driver in a forbidden device path list.
 **/
 VOID
 …
   IN  UINT16                                    DriverIndex
   );
 /**
   Add the specified device path by DriverIndex to the forbid device path
+/**
+  Add the specified device path by DriverIndex to the forbid device path
   list (mAccessInfo.LoadForbid).
   @param[in]  DriverIndex   The index of driver saved in driver options.
 **/
 VOID
 …
 /**
   Get user name from the popup windows.
   @param[in, out]  UserNameLen   On entry, point to the buffer lengh of UserName.
                                  On exit, point to the input user name length.
   @param[out]      UserName      The buffer to hold the input user name.
   @retval EFI_ABORTED            It is given up by pressing 'ESC' key.
   @retval EFI_NOT_READY          Not a valid input at all.
 …
   @param[in]  InfoType     The user information type to find.
   @param[out] UserInfo     Points to user information handle found.
   @retval EFI_SUCCESS      Find the user information successfully.
   @retval Others           Fail to find the user information.
 …
   @param[in] ValidLen       The valid access policy length.
   @param[in] ExpandLen      The length that is needed to expand.
 **/
 VOID
 …
 /**
   Delete User's credental from all the providers that exist in User's identity policy.
   @param[in]  IdentityPolicy     Point to User's identity policy.
   @param[in]  IdentityPolicyLen  The length of the identity policy.
 …
   IN     UINT8                                *IdentityPolicy,
   IN     UINTN                                 IdentityPolicyLen,
   IN     EFI_USER_PROFILE_HANDLE               User
   );
+  IN     EFI_USER_PROFILE_HANDLE               User
+  );
 #endif

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManagerData.h

-              r48674
+              r58466
 /** @file
   The form data for user profile manager driver.
 Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
 //
 // First form key (Add/modify/del user profile).
+// First form key (Add/modify/del user profile).
 // First 2 bits (bit 16~15).
 //
 …
 // Specified key, used in VFR (KEY_MODIFY_USER | KEY_SELECT_USER | KEY_MODIFY_NAME).
 //
 #define  KEY_MODIFY_USER_NAME       0x5200
+#define  KEY_MODIFY_USER_NAME       0x5200
 //
 …
 // Device path modify key.
 // 2 bits (bit 12~11).
 //
+//
 #define KEY_LOAD_PERMIT_MODIFY      0x0000
 #define KEY_LOAD_FORBID_MODIFY      0x0400

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManagerDxe.inf

-              r58459
+              r58466
   UefiLib
   DevicePathLib
 [Guids]
   gEfiIfrTianoGuid                              ## SOMETIMES_CONSUMES  ## GUID
 …
 [Depex]
   gEfiUserManagerProtocolGuid
 [UserExtensions.TianoCore."ExtraFiles"]
   UserProfileManagerExtra.uni

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManagerStrings.uni

Property svn:mime-type changed from application/octet-stream to text/plain;encoding=UTF-16LE

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManagerVfr.Vfr

Property svn:eol-style set to native

-              r58459
+              r58466
 Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
 #define USER_MANAGER_SUBCLASS    0x04
 formset
+formset
   guid     = USER_PROFILE_MANAGER_GUID,
   title    = STRING_TOKEN(STR_FORMSET_TITLE),
+  title    = STRING_TOKEN(STR_FORMSET_TITLE),
   help     = STRING_TOKEN(STR_TITLE_HELP),
   class    = USER_MANAGER_CLASS,
   subclass = USER_MANAGER_SUBCLASS,
   // User manager form
   form formid = FORMID_USER_MANAGE,
 …
         key    = QUESTIONID_USER_MANAGE;
     endif;
   endform;
+  endform;
   // Modify user profile form
   form formid = FORMID_MODIFY_USER,
 …
   endform;
   // Delete user profile form
   form formid = FORMID_DEL_USER,
     title     = STRING_TOKEN(STR_DELETE_USER_TITLE);
     label LABEL_USER_DEL_FUNC;
     label LABEL_END;
     subtitle
       text   = STRING_TOKEN(STR_NULL_STRING);
   endform;
+    subtitle
+      text   = STRING_TOKEN(STR_NULL_STRING);
+  endform;
   //
   // User profile information form
 …
     title     = STRING_TOKEN(STR_USER_INFO);
     text
       help   = STRING_TOKEN(STR_USER_NAME_VAL),
+    text
+      help   = STRING_TOKEN(STR_USER_NAME_VAL),
       text   = STRING_TOKEN(STR_USER_NAME),
       flags  = INTERACTIVE,
       key    = KEY_MODIFY_USER_NAME;
     text
       help   = STRING_TOKEN(STR_CREATE_DATE_VAL),
+    text
+      help   = STRING_TOKEN(STR_CREATE_DATE_VAL),
       text   = STRING_TOKEN(STR_CREATE_DATE);
     text
       help   = STRING_TOKEN(STR_USAGE_DATE_VAL),
+    text
+      help   = STRING_TOKEN(STR_USAGE_DATE_VAL),
       text   = STRING_TOKEN(STR_USAGE_DATE);
     text
       help   = STRING_TOKEN(STR_USAGE_COUNT_VAL),
+    text
+      help   = STRING_TOKEN(STR_USAGE_COUNT_VAL),
       text   = STRING_TOKEN(STR_USAGE_COUNT);
     label LABEL_USER_INFO_FUNC;
     label LABEL_END;
   endform;
+    label LABEL_USER_INFO_FUNC;
+    label LABEL_END;
+  endform;
   //
   // Identify policy modify form
 …
     title     = STRING_TOKEN(STR_IDENTIFY_POLICY);
     text
+    text
       help   = STRING_TOKEN(STR_IDENTIFY_POLICY_HELP),
       text   = STRING_TOKEN(STR_IDENTIFY_POLICY),
         text   = STRING_TOKEN(STR_IDENTIFY_POLICY_VALUE);
     label LABEL_IP_MOD_FUNC;
     label LABEL_END;
     text
       help   = STRING_TOKEN(STR_ADD_OPTION_HELP),
+    text
+      help   = STRING_TOKEN(STR_ADD_OPTION_HELP),
       text   = STRING_TOKEN(STR_ADD_OPTION),
       flags  = INTERACTIVE,
       key    = KEY_ADD_LOGICAL_OP;
     subtitle
+    subtitle
       text   = STRING_TOKEN(STR_NULL_STRING);
 …
   endform;
   //
   // Access policy modify form
 …
       key     = KEY_CONN_DP;
     subtitle
       text   = STRING_TOKEN(STR_NULL_STRING);
+    subtitle
+      text   = STRING_TOKEN(STR_NULL_STRING);
     text
       help   = STRING_TOKEN(STR_ACCESS_SAVE_HELP),
 …
       flags   = INTERACTIVE,
       key     = KEY_LOAD_PERMIT;
     goto FORMID_FORBID_LOAD_DP,
       prompt  = STRING_TOKEN(STR_LOAD_FORBID),
 …
       flags   = INTERACTIVE,
       key     = KEY_LOAD_FORBID;
   endform;
+  endform;
   //
   // Permit load device path form
 …
   form formid = FORMID_PERMIT_LOAD_DP,
     title     = STRING_TOKEN(STR_LOAD_PERMIT);
     label LABEL_PERMIT_LOAD_FUNC;
     label LABEL_END;
     subtitle
       text   = STRING_TOKEN(STR_NULL_STRING);
   endform;
+    subtitle
+      text   = STRING_TOKEN(STR_NULL_STRING);
+  endform;
   //
   // Forbid load device path form
 …
   form formid = FORMID_FORBID_LOAD_DP,
     title     = STRING_TOKEN(STR_LOAD_FORBID);
     label LABLE_FORBID_LOAD_FUNC;
     label LABEL_END;
     subtitle
       text   = STRING_TOKEN(STR_NULL_STRING);
   endform;
+    subtitle
+      text   = STRING_TOKEN(STR_NULL_STRING);
+  endform;
   //
   // Connect device path form
 …
       flags   = INTERACTIVE,
       key     = KEY_CONNECT_PERMIT;
     goto FORMID_FORBID_CONNECT_DP,
       prompt  = STRING_TOKEN(STR_CONNECT_FORBID),
 …
       flags   = INTERACTIVE,
       key     = KEY_CONNECT_FORBID;
   endform;
+  endform;
   //
   // Permit connect device path form
 …
   form formid = FORMID_PERMIT_CONNECT_DP,
     title     = STRING_TOKEN(STR_CONNECT_PERMIT);
     subtitle
       text   = STRING_TOKEN(STR_NULL_STRING);
   endform;
+    subtitle
+      text   = STRING_TOKEN(STR_NULL_STRING);
+  endform;
   //
   // Forbid connect device path form
 …
   form formid = FORMID_FORBID_CONNECT_DP,
     title     = STRING_TOKEN(STR_CONNECT_FORBID);
    subtitle
+   subtitle
      text   = STRING_TOKEN(STR_NULL_STRING);
   endform;
 endformset;

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileModify.c

-              r48674
+              r58466
 /** @file
   The functions to modify a user profile.
 Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   mUserInfo.UsageDateExist          = FALSE;
   mUserInfo.UsageCount              = 0;
   mUserInfo.AccessPolicyLen         = 0;
   mUserInfo.AccessPolicyModified    = FALSE;
 …
     mUserInfo.IdentityPolicy = NULL;
+  }
   //
   // Allocate user information memory.
 …
     return ;
+  }
   //
   // Get each user information.
 …
     InfoSize  = MemSize;
     Status    = mUserManager->GetInfo (
                                 mUserManager,
                                 mModifyUser,
                                 UserInfo,
                                 Info,
+                                mUserManager,
+                                mModifyUser,
+                                UserInfo,
+                                Info,
                                 &InfoSize
                                 );
 …
     Str + StrLen (Str),
     DateBufLen,
     L"%2d:%2d:%2d",
+    L"%2d:%2d:%2d",
     Date->Hour,
     Date->Minute,
     Date->Second
     );
   HiiSetString (mCallbackInfo->HiiHandle, DateId, Str, NULL);
   FreePool (Str);
 …
   CHAR16  Count[10];
   UnicodeSPrint (Count, 20, L"%d", CountVal);
+  UnicodeSPrint (Count, 20, L"%d", CountVal);
   HiiSetString (mCallbackInfo->HiiHandle, CountId, Count, NULL);
+}
 …
   @param[in, out]  Source1      On entry, point to a Null-terminated Unicode string.
                                 On exit, point to a new concatenated Unicode string
+                                On exit, point to a new concatenated Unicode string
   @param[in]       Source2      Pointer to a Null-terminated Unicode string.
 …
   EFI_HII_HANDLE                HiiHandle;
   EFI_USER_CREDENTIAL2_PROTOCOL *UserCredential;
   TmpStr = NULL;
   //
   // Resolve each policy.
 …
       for (Index = 0; Index < mProviderInfo->Count; Index++) {
         UserCredential = mProviderInfo->Provider[Index];
+        if (CompareGuid ((EFI_GUID *) (Identity + 1), &UserCredential->Type)) {
+          UserCredential->Title (
+                            UserCredential,
+                            &HiiHandle,
+                            &ProvId
+                            );
+          ProvStr = HiiGetString (HiiHandle, ProvId, NULL);
+          if (ProvStr != NULL) {
+            AddStr (&TmpStr, ProvStr);
+            FreePool (ProvStr);
+          }
+          break;
+        }
+      }
+      break;
+    case EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER:
+      for (Index = 0; Index < mProviderInfo->Count; Index++) {
+        UserCredential = mProviderInfo->Provider[Index];
+        if (CompareGuid ((EFI_GUID *) (Identity + 1), &UserCredential->Identifier)) {
+        if (CompareGuid ((EFI_GUID *) (Identity + 1), &UserCredential->Type)) {
           UserCredential->Title (
                             UserCredential,
 …
+      }
       break;
+    case EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER:
+      for (Index = 0; Index < mProviderInfo->Count; Index++) {
+        UserCredential = mProviderInfo->Provider[Index];
+        if (CompareGuid ((EFI_GUID *) (Identity + 1), &UserCredential->Identifier)) {
+          UserCredential->Title (
+                            UserCredential,
+                            &HiiHandle,
+                            &ProvId
+                            );
+          ProvStr = HiiGetString (HiiHandle, ProvId, NULL);
+          if (ProvStr != NULL) {
+            AddStr (&TmpStr, ProvStr);
+            FreePool (ProvStr);
+          }
+          break;
+        }
+      }
+      break;
+    }
 …
   @param[in] UserIndex       The index of the user in display list to modify.
 **/
 VOID
 …
     UserIndex--;
+  }
   //
   // Get user profile information.
 …
     NULL
     );
   //
   // Update create date.
 …
       );
+  }
   //
   // Add usage date.
 …
       );
+  }
   //
   // Add usage count.
   //
   ResolveCount ((UINT32) mUserInfo.UsageCount, STRING_TOKEN (STR_USAGE_COUNT_VAL));
   //
   // Add identity policy.
 …
       );
+  }
   //
   // Add access policy.
 …
   //
   // Set default value
+  // Set default value
   //
   mAccessInfo.AccessRight       = EFI_USER_INFO_ACCESS_ENROLL_SELF;
 …
   mAccessInfo.ConnectPermitLen  = 0;
   mAccessInfo.ConnectForbidLen  = 0;
   //
   // Get each user access policy.
 …
   OffSet = 0;
   while (OffSet < mUserInfo.AccessPolicyLen) {
     CopyMem (&Control, mUserInfo.AccessPolicy + OffSet, sizeof (Control));
+    CopyMem (&Control, mUserInfo.AccessPolicy + OffSet, sizeof (Control));
     ValLen = Control.Size - sizeof (Control);
     switch (Control.Type) {
 …
   @param[in]  InfoType     The user information type to find.
   @param[out] UserInfo     Points to user information handle found.
   @retval EFI_SUCCESS      Find the user information successfully.
   @retval Others           Fail to find the user information.
 …
     return EFI_OUT_OF_RESOURCES;
+  }
   //
   // Get each user information.
 …
   In this form, access right, access setup and access boot order are dynamically
   added. Load devicepath and connect devicepath are displayed too.
 **/
 VOID
 …
   EFI_IFR_GUID_LABEL  *EndLabel;
   VOID                *DefaultOpCodeHandle;
   //
   // Initialize the container for dynamic opcodes.
 …
   DefaultOpCodeHandle = HiiAllocateOpCodeHandle ();
   ASSERT (DefaultOpCodeHandle != NULL);
   HiiCreateOneOfOptionOpCode (
     OptionsOpCodeHandle,
 …
   HiiCreateDefaultOpCode (
     DefaultOpCodeHandle,
     EFI_HII_DEFAULT_CLASS_STANDARD,
     EFI_IFR_NUMERIC_SIZE_1,
+    DefaultOpCodeHandle,
+    EFI_HII_DEFAULT_CLASS_STANDARD,
+    EFI_IFR_NUMERIC_SIZE_1,
     mAccessInfo.AccessRight
     );
   HiiCreateOneOfOpCode (
     StartOpCodeHandle,                    // Container for dynamic created opcodes
 …
   DefaultOpCodeHandle = HiiAllocateOpCodeHandle ();
   ASSERT (DefaultOpCodeHandle != NULL);
   HiiCreateOneOfOptionOpCode (
     OptionsOpCodeHandle,
 …
     ACCESS_SETUP_RESTRICTED
     );
   HiiCreateOneOfOptionOpCode (
     OptionsOpCodeHandle,
 …
   HiiCreateDefaultOpCode (
     DefaultOpCodeHandle,
     EFI_HII_DEFAULT_CLASS_STANDARD,
     EFI_IFR_NUMERIC_SIZE_1,
+    DefaultOpCodeHandle,
+    EFI_HII_DEFAULT_CLASS_STANDARD,
+    EFI_IFR_NUMERIC_SIZE_1,
     mAccessInfo.AccessSetup
     );
+    );
   HiiCreateOneOfOpCode (
 …
   HiiFreeOpCodeHandle (DefaultOpCodeHandle);
   HiiFreeOpCodeHandle (OptionsOpCodeHandle);
   //
   // Add boot order one-of-code.
 …
   DefaultOpCodeHandle = HiiAllocateOpCodeHandle ();
   ASSERT (DefaultOpCodeHandle != NULL);
   HiiCreateOneOfOptionOpCode (
     OptionsOpCodeHandle,
 …
     EFI_USER_INFO_ACCESS_BOOT_ORDER_REPLACE
     );
   HiiCreateOneOfOptionOpCode (
     OptionsOpCodeHandle,
 …
   HiiCreateDefaultOpCode (
     DefaultOpCodeHandle,
     EFI_HII_DEFAULT_CLASS_STANDARD,
     EFI_IFR_NUMERIC_SIZE_4,
+    DefaultOpCodeHandle,
+    EFI_HII_DEFAULT_CLASS_STANDARD,
+    EFI_IFR_NUMERIC_SIZE_4,
     mAccessInfo.AccessBootOrder
     );
   HiiCreateOneOfOpCode (
     StartOpCodeHandle,                  // Container for dynamic created opcodes
 …
     DefaultOpCodeHandle                 // Default Opcode
     );
   HiiFreeOpCodeHandle (DefaultOpCodeHandle);
+  HiiFreeOpCodeHandle (DefaultOpCodeHandle);
   HiiFreeOpCodeHandle (OptionsOpCodeHandle);
 …
   @param[in] ValidLen       The valid access policy length.
   @param[in] ExpandLen      The length that is needed to expand.
 **/
 VOID
 …
 /**
   Get the username from user input, and update username string in the Hii
+  Get the username from user input, and update username string in the Hii
   database with it.
 …
     return ;
+  }
   //
   // Check whether the username had been used or not.
 …
     return ;
+  }
   //
   // Update username display in the form.
 …
   CopyMem (mUserInfo.UserName, UserName, Len);
   HiiSetString (
     mCallbackInfo->HiiHandle,
     STRING_TOKEN (STR_USER_NAME_VAL),
     mUserInfo.UserName,
+    mCallbackInfo->HiiHandle,
+    STRING_TOKEN (STR_USER_NAME_VAL),
+    mUserInfo.UserName,
     NULL
     );
 …
     HiiFreeOpCodeHandle (OptionsOpCodeHandle);
+  }
   //
   // Add logical connector Option OpCode.
 …
   //
   ResolveIdentityPolicy (
     mUserInfo.IdentityPolicy,
     mUserInfo.IdentityPolicyLen,
+    mUserInfo.IdentityPolicy,
+    mUserInfo.IdentityPolicyLen,
     STRING_TOKEN (STR_IDENTIFY_POLICY_VALUE)
     );
 …
     return EFI_OUT_OF_RESOURCES;
+  }
   //
   // Get user access information.
 …
       break;
+    }
     //
     // Check user information.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/AuthService.c

-              r58459
+              r58466
 Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   ASSERT (mVariableModuleGlobal->HashContext[Physical] != NULL);
   //
   // Check "AuthVarKeyDatabase" variable's existence.
   // If it doesn't exist, create a new one with initial value of 0 and EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set.
+  // Check "AuthVarKeyDatabase" variable's existence.
+  // If it doesn't exist, create a new one with initial value of 0 and EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set.
   //
   Status = FindVariable (
              mVariableModuleGlobal->VariableName[Physical][VAR_AUTH_KEY_DB],
              &gEfiAuthenticatedVariableGuid,
              &Variable,
+             mVariableModuleGlobal->VariableName[Physical][VAR_AUTH_KEY_DB],
+             &gEfiAuthenticatedVariableGuid,
+             &Variable,
              &mVariableModuleGlobal->VariableGlobal[Physical],
              mVariableModuleGlobal->FvbInstance
 …
     //
     Valid = IsValidVariableHeader (
               Variable.CurrPtr,
               Variable.Volatile,
               &mVariableModuleGlobal->VariableGlobal[Physical],
               mVariableModuleGlobal->FvbInstance,
+              Variable.CurrPtr,
+              Variable.Volatile,
+              &mVariableModuleGlobal->VariableGlobal[Physical],
+              mVariableModuleGlobal->FvbInstance,
               &VariableHeader
               );
 …
+  }
   //
   // Check "SetupMode" variable's existence.
+  // Check "SetupMode" variable's existence.
   // If it doesn't exist, check PK database's existence to determine the value.
   // Then create a new one with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set.
+  // Then create a new one with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set.
   //
   Status = FindVariable (
              mVariableModuleGlobal->VariableName[Physical][VAR_SETUP_MODE],
              &gEfiGlobalVariableGuid,
              &Variable,
+             mVariableModuleGlobal->VariableName[Physical][VAR_SETUP_MODE],
+             &gEfiGlobalVariableGuid,
+             &Variable,
              &mVariableModuleGlobal->VariableGlobal[Physical],
              mVariableModuleGlobal->FvbInstance
 …
   if (Variable.CurrPtr == 0x0) {
     Status = FindVariable (
                mVariableModuleGlobal->VariableName[Physical][VAR_PLATFORM_KEY],
                &gEfiGlobalVariableGuid,
                &Variable,
+               mVariableModuleGlobal->VariableName[Physical][VAR_PLATFORM_KEY],
+               &gEfiGlobalVariableGuid,
+               &Variable,
                &mVariableModuleGlobal->VariableGlobal[Physical],
                mVariableModuleGlobal->FvbInstance
 …
+  }
   //
   // Check "SignatureSupport" variable's existence.
   // If it doesn't exist, then create a new one with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set.
+  // Check "SignatureSupport" variable's existence.
+  // If it doesn't exist, then create a new one with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set.
   //
   Status = FindVariable (
              EFI_SIGNATURE_SUPPORT_NAME,
              &gEfiGlobalVariableGuid,
              &Variable,
+             EFI_SIGNATURE_SUPPORT_NAME,
+             &gEfiGlobalVariableGuid,
+             &Variable,
              &mVariableModuleGlobal->VariableGlobal[Physical],
              mVariableModuleGlobal->FvbInstance
 …
   Rsa = RsaNew ();
   ASSERT (Rsa != NULL);
   //
+  //
   // Set RSA Key Components.
   // NOTE: Only N and E are needed to be set as RSA public key for signature verification.
 …
   //
   Status = RsaPkcs1Verify (
              Rsa,
              Digest,
              SHA256_DIGEST_SIZE,
              CertBlock->Signature,
+             Rsa,
+             Digest,
+             SHA256_DIGEST_SIZE,
+             CertBlock->Signature,
              EFI_CERT_TYPE_RSA2048_SHA256_SIZE
              );
 …
   Status = FindVariable (
              Global->VariableName[VirtualMode][VAR_SETUP_MODE],
              Global->GlobalVariableGuid[VirtualMode],
              &Variable,
+             Global->VariableName[VirtualMode][VAR_SETUP_MODE],
+             Global->GlobalVariableGuid[VirtualMode],
+             &Variable,
              &Global->VariableGlobal[VirtualMode],
              Global->FvbInstance
 …
   @retval EFI_INVALID_PARAMETER           Invalid parameter.
   @retval EFI_SECURITY_VIOLATION          The variable does NOT pass the validation
                                           check carried out by the firmware.
+  @retval EFI_SECURITY_VIOLATION          The variable does NOT pass the validation
+                                          check carried out by the firmware.
   @retval EFI_SUCCESS                     The variable passed validation successfully.
 …
     if (Variable->CurrPtr != 0x0) {
       Valid = IsValidVariableHeader (
                 Variable->CurrPtr,
                 Variable->Volatile,
                 &Global->VariableGlobal[VirtualMode],
                 Global->FvbInstance,
+                Variable->CurrPtr,
+                Variable->Volatile,
+                &Global->VariableGlobal[VirtualMode],
+                Global->FvbInstance,
                 &VariableHeader
                 );
 …
     //
     Status = FindVariable (
                Global->VariableName[VirtualMode][VAR_PLATFORM_KEY],
                Global->GlobalVariableGuid[VirtualMode],
                &PkVariable,
+               Global->VariableName[VirtualMode][VAR_PLATFORM_KEY],
+               Global->GlobalVariableGuid[VirtualMode],
+               &PkVariable,
                &Global->VariableGlobal[VirtualMode],
                Global->FvbInstance
 …
     if (!EFI_ERROR (Status)) {
       Status = UpdateVariable (
                  VariableName,
                  VendorGuid,
                  (UINT8*)Data + AUTHINFO_SIZE,
                  DataSize - AUTHINFO_SIZE,
                  Attributes,
 ,
                  CertData->MonotonicCount,
                  VirtualMode,
+                 VariableName,
+                 VendorGuid,
+                 (UINT8*)Data + AUTHINFO_SIZE,
+                 DataSize - AUTHINFO_SIZE,
+                 Attributes,
+,
+                 CertData->MonotonicCount,
+                 VirtualMode,
                  Global,
                  Variable
 …
   @retval EFI_INVALID_PARAMETER           Invalid parameter.
   @retval EFI_SECURITY_VIOLATION          The variable did NOT pass the validation
                                           check carried out by the firmware.
+  @retval EFI_SECURITY_VIOLATION          The variable did NOT pass the validation
+                                          check carried out by the firmware.
   @retval EFI_SUCCESS                     The variable passed validation successfully.
 …
     if (Variable->CurrPtr != 0x0) {
       Valid = IsValidVariableHeader (
                 Variable->CurrPtr,
                 Variable->Volatile,
                 &Global->VariableGlobal[VirtualMode],
                 Global->FvbInstance,
+                Variable->CurrPtr,
+                Variable->Volatile,
+                &Global->VariableGlobal[VirtualMode],
+                Global->FvbInstance,
                 &VariableHeader
                 );
 …
     //
     Status = FindVariable (
                Global->VariableName[VirtualMode][VAR_KEY_EXCHANGE_KEY],
                Global->GlobalVariableGuid[VirtualMode],
                &KekVariable,
+               Global->VariableName[VirtualMode][VAR_KEY_EXCHANGE_KEY],
+               Global->GlobalVariableGuid[VirtualMode],
+               &KekVariable,
                &Global->VariableGlobal[VirtualMode],
                Global->FvbInstance
 …
     if (!EFI_ERROR (Status)) {
       Status = UpdateVariable (
                  VariableName,
                  VendorGuid,
                  (UINT8*)Data + AUTHINFO_SIZE,
                  DataSize - AUTHINFO_SIZE,
                  Attributes,
 ,
                  CertData->MonotonicCount,
+                 VariableName,
+                 VendorGuid,
+                 (UINT8*)Data + AUTHINFO_SIZE,
+                 DataSize - AUTHINFO_SIZE,
+                 Attributes,
+,
+                 CertData->MonotonicCount,
                  VirtualMode,
                  Global,
 …
     //
     Status = UpdateVariable (
                VariableName,
                VendorGuid,
                Data,
                DataSize,
                Attributes,
 ,
 ,
+               VariableName,
+               VendorGuid,
+               Data,
+               DataSize,
+               Attributes,
+,
+,
                VirtualMode,
                Global,
 …
                                           EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set.
   @retval EFI_SECURITY_VIOLATION          The variable is with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS
                                           set, but the AuthInfo does NOT pass the validation
                                           check carried out by the firmware.
+                                          set, but the AuthInfo does NOT pass the validation
+                                          check carried out by the firmware.
   @retval EFI_SUCCESS                     The variable is not write-protected, or passed validation successfully.
 …
   if (Variable->CurrPtr != 0x0) {
     Valid = IsValidVariableHeader (
               Variable->CurrPtr,
               Variable->Volatile,
               &Global->VariableGlobal[VirtualMode],
               Global->FvbInstance,
+              Variable->CurrPtr,
+              Variable->Volatile,
+              &Global->VariableGlobal[VirtualMode],
+              Global->FvbInstance,
               &VariableHeader
               );
 …
       IsFirstTime = FALSE;
+    }
   } else if (Valid && (VariableHeader.Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) != 0) {
+  } else if (Valid && (VariableHeader.Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) != 0) {
       //
       // If the variable is already write-protected, it always needs authentication before update.
 …
       return EFI_SECURITY_VIOLATION;
+    }
+  }
+  }
   //
   // Verify the certificate in Data payload.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/AuthService.h

-              r48674
+              r58466
 Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
                                           EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set.
   @retval EFI_SECURITY_VIOLATION          The variable is with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS
                                           set, but the AuthInfo does NOT pass the validation
                                           check carried out by the firmware.
+                                          set, but the AuthInfo does NOT pass the validation
+                                          check carried out by the firmware.
   @retval EFI_SUCCESS                     The variable is not write-protected, or passed validation successfully.
 …
   @retval EFI_INVALID_PARAMETER           Invalid parameter.
   @retval EFI_SECURITY_VIOLATION          The variable does NOT pass the validation
                                           check carried out by the firmware.
+  @retval EFI_SECURITY_VIOLATION          The variable does NOT pass the validation
+                                          check carried out by the firmware.
   @retval EFI_SUCCESS                     The variable passed validation successfully.
 …
   @retval EFI_INVALID_PARAMETER           Invalid parameter.
   @retval EFI_SECURITY_VIOLATION          The variable does NOT pass the validation
                                           check carried out by the firmware.
+  @retval EFI_SECURITY_VIOLATION          The variable does NOT pass the validation
+                                          check carried out by the firmware.
   @retval EFI_SUCCESS                     The variable passed validation successfully.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/EsalVariableDxeSal.inf

-              r58459
+              r58466
 #  VALID_ARCHITECTURES           = IPF
+#
 #  VIRTUAL_ADDRESS_MAP_CALLBACK  =  VariableClassAddressChangeEvent
+#  VIRTUAL_ADDRESS_MAP_CALLBACK  =  VariableClassAddressChangeEvent
+#
 …
   ## PRODUCES             ## Variable:L"SignatureSupport"
   gEfiGlobalVariableGuid
   ## PRODUCES             ## GUID # Variable store header
   ## CONSUMES             ## GUID # Variable store header
 …
   ## SOMETIMES_PRODUCES   ## SystemTable
   gEfiAuthenticatedVariableGuid
   gEfiEventVirtualAddressChangeGuid             ## CONSUMES               ## Event
   gEfiCertRsa2048Sha256Guid                     ## CONSUMES               ## GUID        # Unique ID for the format of the CertType.
 …
   gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize                     ## CONSUMES
   gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize                      ## CONSUMES
 [FeaturePcd.common]
   gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics             ## CONSUMES    # statistic the information of variable.
 [Depex]
   gEfiExtendedSalFvBlockServicesProtocolGuid AND gEfiFaultTolerantWriteProtocolGuid
+  gEfiExtendedSalFvBlockServicesProtocolGuid AND gEfiFaultTolerantWriteProtocolGuid
 [UserExtensions.TianoCore."ExtraFiles"]

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/InitVariable.c

-              r48674
+              r58466
 Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
+{
   SAL_RETURN_REGS ReturnVal;
   ReturnVal.r9  = 0;
   ReturnVal.r10 = 0;

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Reclaim.c

-              r48674
+              r58466
 Copyright (c) 2006 - 2011, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Variable.c

-              r58459
+              r58466
 Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
       return EFI_INVALID_PARAMETER;
+    }
     //
     // For volatile variable, a simple memory copy is enough.
 …
                           EFI_EXTENDED_SAL_FV_BLOCK_SERVICES_PROTOCOL_GUID_LO,
                           EFI_EXTENDED_SAL_FV_BLOCK_SERVICES_PROTOCOL_GUID_HI,
                           GetPhysicalAddressFunctionId,
                           Instance,
                           (UINT64) &FvVolHdr,
 ,
 ,
 ,
 ,
+                          GetPhysicalAddressFunctionId,
+                          Instance,
+                          (UINT64) &FvVolHdr,
+,
+,
+,
+,
                           ).Status;
 …
     return EFI_INVALID_PARAMETER;
+  }
   LinearOffset  = (UINTN) FwVolHeader;
   CurrWritePtr  = StartAddress;
 …
                                     EFI_EXTENDED_SAL_FV_BLOCK_SERVICES_PROTOCOL_GUID_LO,
                                     EFI_EXTENDED_SAL_FV_BLOCK_SERVICES_PROTOCOL_GUID_HI,
                                     WriteFunctionId,
                                     Instance,
                                     LbaNumber,
                                     (CurrWritePtr - LinearOffset),
                                     (UINT64) &CurrWriteSize,
                                     (UINT64) CurrBuffer,
 ,
+                                    WriteFunctionId,
+                                    Instance,
+                                    LbaNumber,
+                                    (CurrWritePtr - LinearOffset),
+                                    (UINT64) &CurrWriteSize,
+                                    (UINT64) CurrBuffer,
+,
                                     ).Status;
 …
                                     EFI_EXTENDED_SAL_FV_BLOCK_SERVICES_PROTOCOL_GUID_LO,
                                     EFI_EXTENDED_SAL_FV_BLOCK_SERVICES_PROTOCOL_GUID_HI,
                                     ReadFunctionId,
                                     Instance,
                                     LbaNumber,
                                     (CurrWritePtr - LinearOffset),
                                     (UINT64) &CurrWriteSize,
                                     (UINT64) CurrBuffer,
 ,
+                                    ReadFunctionId,
+                                    Instance,
+                                    LbaNumber,
+                                    (CurrWritePtr - LinearOffset),
+                                    (UINT64) &CurrWriteSize,
+                                    (UINT64) CurrBuffer,
+,
                                     ).Status;
 …
                                     EFI_EXTENDED_SAL_FV_BLOCK_SERVICES_PROTOCOL_GUID_LO,
                                     EFI_EXTENDED_SAL_FV_BLOCK_SERVICES_PROTOCOL_GUID_HI,
                                     WriteFunctionId,
                                     Instance,
                                     LbaNumber,
                                     (CurrWritePtr - LinearOffset),
                                     (UINT64) &Size,
                                     (UINT64) CurrBuffer,
 ,
+                                    WriteFunctionId,
+                                    Instance,
+                                    LbaNumber,
+                                    (CurrWritePtr - LinearOffset),
+                                    (UINT64) &Size,
+                                    (UINT64) CurrBuffer,
+,
                                     ).Status;
 …
                                     EFI_EXTENDED_SAL_FV_BLOCK_SERVICES_PROTOCOL_GUID_LO,
                                     EFI_EXTENDED_SAL_FV_BLOCK_SERVICES_PROTOCOL_GUID_HI,
                                     ReadFunctionId,
                                     Instance,
                                     LbaNumber,
                                     (CurrWritePtr - LinearOffset),
                                     (UINT64) &Size,
                                     (UINT64) CurrBuffer,
 ,
+                                    ReadFunctionId,
+                                    Instance,
+                                    LbaNumber,
+                                    (CurrWritePtr - LinearOffset),
+                                    (UINT64) &Size,
+                                    (UINT64) CurrBuffer,
+,
                                     ).Status;
 …
              VarStoreAddress,
              sizeof (VARIABLE_STORE_HEADER),
              VarStoreHeader
+             VarStoreHeader
              );
   ASSERT_EFI_ERROR (Status);
 …
              VariableAddress,
              sizeof (VARIABLE_HEADER),
              &LocalVariableHeader
+             &LocalVariableHeader
              );
 …
              Address,
              VariableHeader.NameSize,
              VariableName
+             VariableName
              );
   ASSERT_EFI_ERROR (Status);
 …
              Address,
              VariableHeader.DataSize,
              VariableData
+             VariableData
              );
   ASSERT_EFI_ERROR (Status);
 …
   Gets the pointer to the first variable header in given variable store area.
   This function gets the pointer to the first variable header in given variable
+  This function gets the pointer to the first variable header in given variable
   store area. The variable store area is given by its start address.
 …
              VarStoreHeaderAddress,
              sizeof (VARIABLE_STORE_HEADER),
              &VariableStoreHeader
+             &VariableStoreHeader
              );
 …
   Updates variable info entry in EFI system table for statistical information.
   Routine used to track statistical information about variable usage.
+  Routine used to track statistical information about variable usage.
   The data is stored in the EFI system table so it can be accessed later.
   VariableInfo.efi can dump out the table. Only Boot Services variable
+  VariableInfo.efi can dump out the table. Only Boot Services variable
   accesses are tracked by this code. The PcdVariableCollectStatistics
   build flag controls if this feature is enabled.
   A read that hits in the cache will have Read and Cache true for
+  build flag controls if this feature is enabled.
+  A read that hits in the cache will have Read and Cache true for
   the transaction. Data is allocated by this routine, but never
   freed.
 …
+    }
     for (Entry = gVariableInfo; Entry != NULL; Entry = Entry->Next) {
       if (CompareGuid (VendorGuid, &Entry->VendorGuid)) {
 …
   for (Index = 0, Entry = mVariableCache; Index < sizeof (mVariableCache)/sizeof (VARIABLE_CACHE_ENTRY); Index++, Entry++) {
     if (CompareGuid (VendorGuid, Entry->Guid)) {
       if (StrCmp (VariableName, Entry->Name) == 0) {
+      if (StrCmp (VariableName, Entry->Name) == 0) {
         Entry->Attributes = Attributes;
         if (DataSize == 0) {
 …
+    }
+  }
   return EFI_NOT_FOUND;
+}
 …
+    }
     while (IsValidVariableHeader (Variable[Index], Volatile, Global, Instance, &VariableHeader)) {
       if (VariableHeader.State == VAR_ADDED ||
+      if (VariableHeader.State == VAR_ADDED ||
           VariableHeader.State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED)
          ) {
 …
     // Collect VAR_ADDED variables, and variables in delete transition status.
     //
     if (VariableHeader.State == VAR_ADDED ||
+    if (VariableHeader.State == VAR_ADDED ||
         VariableHeader.State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED)
        ) {
 …
   //
   // Reserve the 1 Bytes with Oxff to identify the
   // end of the variable buffer.
   //
+  // Reserve the 1 Bytes with Oxff to identify the
+  // end of the variable buffer.
+  //
   MaximumBufferSize += 1;
   ValidBuffer = AllocatePool (MaximumBufferSize);
 …
   //
   // Reinstall all ADDED variables
   //
+  //
   Variable = GetStartPointer (VariableBase);
   while (IsValidVariableHeader (Variable, IsVolatile, VariableGlobal, Instance, &VariableHeader)) {
 …
   //
   // Reinstall in delete transition variables
   //
+  //
   Variable = GetStartPointer (VariableBase);
   while (IsValidVariableHeader (Variable, IsVolatile, VariableGlobal, Instance, &VariableHeader)) {
 …
       //
       // Buffer has cached all ADDED variable.
+      // Buffer has cached all ADDED variable.
       // Per IN_DELETED variable, we have to guarantee that
       // no ADDED one in previous buffer.
       //
+      // no ADDED one in previous buffer.
+      //
       FoundAdded = FALSE;
       AddedVariable = GetStartPointer ((EFI_PHYSICAL_ADDRESS) ValidBuffer);
 …
   IN  CHAR8            *Lang,
   IN  BOOLEAN          Iso639Language
+  )
+  )
+{
   UINTN    Index;
 …
       //
       for (CompareLength = 0; SupportedLang[CompareLength] != '\0' && SupportedLang[CompareLength] != ';'; CompareLength++);
       if ((CompareLength == LanguageLength) &&
+      if ((CompareLength == LanguageLength) &&
           (AsciiStrnCmp (Lang, SupportedLang, CompareLength) == 0)) {
         //
 …
 /**
   Returns a pointer to an allocated buffer that contains the best matching language
   from a set of supported languages.
   This function supports both ISO 639-2 and RFC 4646 language codes, but language
+  Returns a pointer to an allocated buffer that contains the best matching language
+  from a set of supported languages.
+  This function supports both ISO 639-2 and RFC 4646 language codes, but language
   code types may not be mixed in a single call to this function. This function
   supports a variable argument list that allows the caller to pass in a prioritized
 …
   @param[in]  SupportedLanguages  A pointer to a Null-terminated ASCII string that
                                   contains a set of language codes in the format
+                                  contains a set of language codes in the format
                                   specified by Iso639Language.
   @param[in]  Iso639Language      If TRUE, then all language codes are assumed to be
 …
                                   codes are assumed to be in RFC 4646 language format.
   @param[in]  VirtualMode         Current calling mode for this function.
   @param[in]  ...                 A variable argument list that contains pointers to
+  @param[in]  ...                 A variable argument list that contains pointers to
                                   Null-terminated ASCII strings that contain one or more
                                   language codes in the format specified by Iso639Language.
                                   The first language code from each of these language
                                   code lists is used to determine if it is an exact or
                                   close match to any of the language codes in
+                                  close match to any of the language codes in
                                   SupportedLanguages.  Close matches only apply to RFC 4646
                                   language codes, and the matching algorithm from RFC 4647
                                   is used to determine if a close match is present.  If
+                                  is used to determine if a close match is present.  If
                                   an exact or close match is found, then the matching
                                   language code from SupportedLanguages is returned.  If
                                   no matches are found, then the next variable argument
                                   parameter is evaluated.  The variable argument list
+                                  parameter is evaluated.  The variable argument list
                                   is terminated by a NULL.
   @retval NULL   The best matching language could not be found in SupportedLanguages.
   @retval NULL   There are not enough resources available to return the best matching
+  @retval NULL   There are not enough resources available to return the best matching
                  language.
   @retval Other  A pointer to a Null-terminated ASCII string that is the best matching
+  @retval Other  A pointer to a Null-terminated ASCII string that is the best matching
                  language in SupportedLanguages.
 …
 CHAR8 *
 VariableGetBestLanguage (
   IN CONST CHAR8  *SupportedLanguages,
+  IN CONST CHAR8  *SupportedLanguages,
   IN BOOLEAN      Iso639Language,
   IN BOOLEAN      VirtualMode,
 …
       } else {
         //
         // If RFC 4646 mode, then trim Language from the right to the next '-' character
+        // If RFC 4646 mode, then trim Language from the right to the next '-' character
         //
         for (LanguageLength--; LanguageLength > 0 && Language[LanguageLength] != '-'; LanguageLength--);
 …
   //
   // No matches were found
+  // No matches were found
   //
   return NULL;
 …
     //
     // PlatformLang holds a single language from PlatformLangCodes,
+    // PlatformLang holds a single language from PlatformLangCodes,
     // so the size of PlatformLangCodes is enough for the PlatformLang.
     //
 …
+  }
   if (SetLanguageCodes
+  if (SetLanguageCodes
       && (Global->PlatformLangCodes[VirtualMode] != NULL)
       && (Global->LangCodes[VirtualMode] != NULL)) {
 …
                sizeof (DataSize),
                &DataSize
                );
+               );
     ASSERT_EFI_ERROR (Status);
+  }
 …
         Status = UpdateVariable (
                    PredefinedVariableName[VAR_PLATFORM_LANG],
                    Global->GlobalVariableGuid[VirtualMode],
                    BestPlatformLang,
                    AsciiStrSize (BestPlatformLang),
                    Attributes,
+                   PredefinedVariableName[VAR_PLATFORM_LANG],
+                   Global->GlobalVariableGuid[VirtualMode],
+                   BestPlatformLang,
+                   AsciiStrSize (BestPlatformLang),
+                   Attributes,
 ,
 ,
                    VirtualMode,
                    Global,
+                   VirtualMode,
+                   Global,
                    &Variable
                    );
 …
 /**
   Update the variable region with Variable information. These are the same
+  Update the variable region with Variable information. These are the same
   arguments as the EFI Variable services.
 …
   @param[in] Attributes         Attributes of the variable.
   @param[in] KeyIndex           Index of associated public key.
   @param[in] MonotonicCount     Value of associated monotonic count.
+  @param[in] MonotonicCount     Value of associated monotonic count.
   @param[in] VirtualMode        Current calling mode for this function.
   @param[in] Global             Context of this Extended SAL Variable Services Class call.
 …
   IN      VOID                    *Data,
   IN      UINTN                   DataSize,
   IN      UINT32                  Attributes OPTIONAL,
+  IN      UINT32                  Attributes OPTIONAL,
   IN      UINT32                  KeyIndex  OPTIONAL,
   IN      UINT64                  MonotonicCount  OPTIONAL,
 …
     //
     Volatile = Variable->Volatile;
     if (EfiAtRuntime ()) {
       //
       // If EfiAtRuntime and the variable is Volatile and Runtime Access,
       // the volatile is ReadOnly, and SetVariable should be aborted and
+    if (EfiAtRuntime ()) {
+      //
+      // If EfiAtRuntime and the variable is Volatile and Runtime Access,
+      // the volatile is ReadOnly, and SetVariable should be aborted and
       // return EFI_WRITE_PROTECTED.
       //
 …
       if ((VariableHeader.Attributes & EFI_VARIABLE_NON_VOLATILE) == 0) {
         Status = EFI_INVALID_PARAMETER;
         goto Done;
+        goto Done;
+      }
+    }
 …
     // specified causes it to be deleted.
     //
     if (DataSize == 0 || (Attributes & (EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS)) == 0) {
+    if (DataSize == 0 || (Attributes & (EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS)) == 0) {
       State = VariableHeader.State;
       State &= VAR_DELETED;
 …
                  sizeof (UINT8),
                  &State
                  );
+                 );
       if (!EFI_ERROR (Status)) {
         UpdateVariableInfo (VariableName, VendorGuid, Volatile, FALSE, FALSE, TRUE, FALSE);
         UpdateVariableCache (VariableName, VendorGuid, Attributes, DataSize, Data);
+      }
       goto Done;
+      goto Done;
+    }
     //
 …
                  sizeof (UINT8),
                  &State
                  );
+                 );
       if (EFI_ERROR (Status)) {
         goto Done;
+      }
+    }
+        goto Done;
+      }
+    }
   } else {
     //
     // Create a new variable
     //
+    //
     //
     // Make sure we are trying to create a new variable.
     // Setting a data variable with no access, or zero DataSize attributes means to delete it.
+    // Setting a data variable with no access, or zero DataSize attributes means to delete it.
     //
     if (DataSize == 0 || (Attributes & (EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS)) == 0) {
 …
       goto Done;
+    }
     //
     // Only variable have NV|RT attribute can be created in Runtime
 …
       Status = EFI_INVALID_PARAMETER;
       goto Done;
+    }
+    }
+  }
 …
     //
     Volatile = FALSE;
     GetVarStoreHeader (VariableGlobal->NonVolatileVariableBase, FALSE, VariableGlobal, Instance, &VariableStoreHeader);
     if ((((Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != 0)
+    if ((((Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != 0)
              && ((HEADER_ALIGN (VarSize) + Global->HwErrVariableTotalSize) > PcdGet32(PcdHwErrStorageSize)))
              || (((Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == 0)
+             || (((Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == 0)
              && ((HEADER_ALIGN (VarSize) + Global->CommonVariableTotalSize) > VariableStoreHeader.Size - sizeof (VARIABLE_STORE_HEADER) - PcdGet32(PcdHwErrStorageSize)))) {
       if (EfiAtRuntime ()) {
 …
       // If still no enough space, return out of resources
       //
       if ((((Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != 0)
+      if ((((Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != 0)
                && ((HEADER_ALIGN (VarSize) + Global->HwErrVariableTotalSize) > PcdGet32(PcdHwErrStorageSize)))
                || (((Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == 0)
+               || (((Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == 0)
                && ((HEADER_ALIGN (VarSize) + Global->CommonVariableTotalSize) > VariableStoreHeader.Size - sizeof (VARIABLE_STORE_HEADER) - PcdGet32(PcdHwErrStorageSize)))) {
         Status = EFI_OUT_OF_RESOURCES;
 …
     // Four steps
     // 1. Write variable header
     // 2. Set variable state to header valid
+    // 2. Set variable state to header valid
     // 3. Write variable data
     // 4. Set variable state to valid
 …
     //
     // Create a volatile variable
     //
+    //
     Volatile = TRUE;
 …
   This function implements EsalGetVariable function of Extended SAL Variable Services Class.
   It is equivalent in functionality to the EFI Runtime Service GetVariable().
   @param[in]      VariableName    A Null-terminated Unicode string that is the name of
                                   the vendor's variable.
   @param[in]      VendorGuid      A unique identifier for the vendor.
   @param[out]     Attributes      If not NULL, a pointer to the memory location to return the
+  @param[out]     Attributes      If not NULL, a pointer to the memory location to return the
                                   attributes bitmask for the variable.
   @param[in, out] DataSize        Size of Data found. If size is less than the
                                   data, this value contains the required size.
   @param[out]     Data            On input, the size in bytes of the return Data buffer.
+  @param[out]     Data            On input, the size in bytes of the return Data buffer.
                                   On output, the size of data returned in Data.
   @param[in]      VirtualMode     Current calling mode for this function.
   @param[in]      Global          Context of this Extended SAL Variable Services Class call.
   @retval EFI_SUCCESS            The function completed successfully.
+  @retval EFI_SUCCESS            The function completed successfully.
   @retval EFI_NOT_FOUND          The variable was not found.
   @retval EFI_BUFFER_TOO_SMALL   DataSize is too small for the result.  DataSize has
+  @retval EFI_BUFFER_TOO_SMALL   DataSize is too small for the result.  DataSize has
                                  been updated with the size needed to complete the request.
   @retval EFI_INVALID_PARAMETER  VariableName is NULL.
 …
     UpdateVariableInfo (VariableName, VendorGuid, Variable.Volatile, TRUE, FALSE, FALSE, FALSE);
     UpdateVariableCache (VariableName, VendorGuid, VariableHeader.Attributes, VarDataSize, Data);
     Status = EFI_SUCCESS;
     goto Done;
 …
   This function implements EsalGetNextVariableName function of Extended SAL Variable Services Class.
   It is equivalent in functionality to the EFI Runtime Service GetNextVariableName().
   @param[in, out] VariableNameSize Size of the variable
   @param[in, out] VariableName     On input, supplies the last VariableName that was returned by GetNextVariableName().
                                    On output, returns the Null-terminated Unicode string of the current variable.
   @param[in, out] VendorGuid       On input, supplies the last VendorGuid that was returned by GetNextVariableName().
                                    On output, returns the VendorGuid of the current variable.
+                                   On output, returns the VendorGuid of the current variable.
   @param[in]      VirtualMode      Current calling mode for this function.
   @param[in]      Global           Context of this Extended SAL Variable Services Class call.
   @retval EFI_SUCCESS             The function completed successfully.
+  @retval EFI_SUCCESS             The function completed successfully.
   @retval EFI_NOT_FOUND           The next variable was not found.
   @retval EFI_BUFFER_TOO_SMALL    VariableNameSize is too small for the result.
+  @retval EFI_BUFFER_TOO_SMALL    VariableNameSize is too small for the result.
                                   VariableNameSize has been updated with the size needed to complete the request.
   @retval EFI_INVALID_PARAMETER   VariableNameSize is NULL.
 …
   This function implements EsalSetVariable function of Extended SAL Variable Services Class.
   It is equivalent in functionality to the EFI Runtime Service SetVariable().
   @param[in]  VariableName       A Null-terminated Unicode string that is the name of the vendor's
                                  variable.  Each VariableName is unique for each
                                  VendorGuid.  VariableName must contain 1 or more
                                  Unicode characters.  If VariableName is an empty Unicode
+                                 variable.  Each VariableName is unique for each
+                                 VendorGuid.  VariableName must contain 1 or more
+                                 Unicode characters.  If VariableName is an empty Unicode
                                  string, then EFI_INVALID_PARAMETER is returned.
   @param[in]  VendorGuid         A unique identifier for the vendor.
 …
   @param[in]  Global             Context of this Extended SAL Variable Services Class call.
   @retval EFI_SUCCESS            The firmware has successfully stored the variable and its data as
+  @retval EFI_SUCCESS            The firmware has successfully stored the variable and its data as
                                  defined by the Attributes.
   @retval EFI_INVALID_PARAMETER  An invalid combination of attribute bits was supplied, or the
+  @retval EFI_INVALID_PARAMETER  An invalid combination of attribute bits was supplied, or the
                                  DataSize exceeds the maximum allowed.
   @retval EFI_INVALID_PARAMETER  VariableName is an empty Unicode string.
 …
   if (VariableName == NULL || VariableName[0] == 0 || VendorGuid == NULL) {
     return EFI_INVALID_PARAMETER;
+  }
+  }
   if (DataSize != 0 && Data == NULL) {
 …
       //
       return EFI_SECURITY_VIOLATION;
+    }
     PayloadSize = DataSize - AUTHINFO_SIZE;
+    }
+    PayloadSize = DataSize - AUTHINFO_SIZE;
   } else {
     PayloadSize = DataSize;
+  }
+    PayloadSize = DataSize;
+  }
   if ((UINTN)(~0) - PayloadSize < StrSize(VariableName)){
     //
     // Prevent whole variable size overflow
     //
+    // Prevent whole variable size overflow
+    //
     return EFI_INVALID_PARAMETER;
+  }
 …
     if (StrSize (VariableName) + PayloadSize > PcdGet32(PcdMaxVariableSize) - sizeof (VARIABLE_HEADER)) {
       return EFI_INVALID_PARAMETER;
+    }
+  }
+    }
+  }
   AcquireLockOnlyAtBootTime(&VariableGlobal->VariableServicesLock);
 …
         //
         Status = UpdateVariable (
                    VariableName,
                    VendorGuid,
                    (UINT8*)Data + AUTHINFO_SIZE,
                    DataSize - AUTHINFO_SIZE,
                    Attributes,
                    KeyIndex,
                    MonotonicCount,
                    VirtualMode,
                    Global,
+                   VariableName,
+                   VendorGuid,
+                   (UINT8*)Data + AUTHINFO_SIZE,
+                   DataSize - AUTHINFO_SIZE,
+                   Attributes,
+                   KeyIndex,
+                   MonotonicCount,
+                   VirtualMode,
+                   Global,
                    &Variable
                    );
       } else {
         //
         // Update variable as usual
+        // Update variable as usual
         //
         Status = UpdateVariable (
                    VariableName,
                    VendorGuid,
                    Data,
                    DataSize,
                    Attributes,
 ,
 ,
                    VirtualMode,
                    Global,
+                   VariableName,
+                   VendorGuid,
+                   Data,
+                   DataSize,
+                   Attributes,
+,
+,
+                   VirtualMode,
+                   Global,
                    &Variable
                    );
 …
   @param[in]  Attributes                   Attributes bitmask to specify the type of variables
                                            on which to return information.
   @param[out] MaximumVariableStorageSize   On output the maximum size of the storage space available for
                                            the EFI variables associated with the attributes specified.
   @param[out] RemainingVariableStorageSize Returns the remaining size of the storage space available for EFI
+  @param[out] MaximumVariableStorageSize   On output the maximum size of the storage space available for
+                                           the EFI variables associated with the attributes specified.
+  @param[out] RemainingVariableStorageSize Returns the remaining size of the storage space available for EFI
                                            variables associated with the attributes specified.
   @param[out] MaximumVariableSize          Returns the maximum size of an individual EFI variable
+  @param[out] MaximumVariableSize          Returns the maximum size of an individual EFI variable
                                            associated with the attributes specified.
   @param[in]  VirtualMode                  Current calling mode for this function
 …
   @retval EFI_SUCCESS                      Valid answer returned.
   @retval EFI_INVALID_PARAMETER            An invalid combination of attribute bits was supplied.
   @retval EFI_UNSUPPORTED                  The attribute is not supported on this platform, and the
                                            MaximumVariableStorageSize, RemainingVariableStorageSize,
+  @retval EFI_UNSUPPORTED                  The attribute is not supported on this platform, and the
+                                           MaximumVariableStorageSize, RemainingVariableStorageSize,
                                            MaximumVariableSize are undefined.
 **/
 …
     return EFI_INVALID_PARAMETER;
+  }
   if((Attributes & (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_HARDWARE_ERROR_RECORD)) == 0) {
     //
     // Make sure the Attributes combination is supported by the platform.
     //
     return EFI_UNSUPPORTED;
+    return EFI_UNSUPPORTED;
   } else if ((Attributes & (EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS)) == EFI_VARIABLE_RUNTIME_ACCESS) {
     //
 …
   VarSize = ((VARIABLE_STORE_HEADER *) ((UINTN) mVariableModuleGlobal->VariableGlobal[Physical].NonVolatileVariableBase))->Size;
   Status  = EFI_SUCCESS;
+  Status  = EFI_SUCCESS;
   //
   //Allowable max size of common variable storage space
 …
   RemainingCommonVariableSpace = CommonVariableSpace - mVariableModuleGlobal->CommonVariableTotalSize;
   RemainingHwErrVariableSpace = PcdGet32 (PcdHwErrStorageSize) - mVariableModuleGlobal->HwErrVariableTotalSize;
   //
 …
   //
   if ((RemainingCommonVariableSpace < PcdGet32 (PcdMaxVariableSize))
     || ((PcdGet32 (PcdHwErrStorageSize) != 0) &&
+    || ((PcdGet32 (PcdHwErrStorageSize) != 0) &&
        (RemainingHwErrVariableSpace < PcdGet32 (PcdMaxHardwareErrorVariableSize)))){
     Status = Reclaim (
 …
   // Note that in EdkII variable driver implementation, Hardware Error Record type variable
   // is stored with common variable in the same NV region. So the platform integrator should
   // ensure that the value of PcdHwErrStorageSize is less than or equal to the value of
+  // ensure that the value of PcdHwErrStorageSize is less than or equal to the value of
   // PcdFlashNvStorageVariableSize.
   //
 …
                                EFI_EXTENDED_SAL_FV_BLOCK_SERVICES_PROTOCOL_GUID_LO,
                                EFI_EXTENDED_SAL_FV_BLOCK_SERVICES_PROTOCOL_GUID_HI,
                                GetPhysicalAddressFunctionId,
                                Instance,
                                (UINT64) &FvVolHdr,
 ,
 ,
 ,
 ,
+                               GetPhysicalAddressFunctionId,
+                               Instance,
+                               (UINT64) &FvVolHdr,
+,
+,
+,
+,
                                ).Status;
 …
     //
     Status = EfiCreateEventReadyToBootEx (
                TPL_NOTIFY,
                ReclaimForOS,
                NULL,
+               TPL_NOTIFY,
+               ReclaimForOS,
+               NULL,
                &ReadyToBootEvent
                );

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Variable.h

-              r48674
+              r58466
 Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
 ///
 /// The maximum size of the public key database, restricted by maximum individal EFI
+/// The maximum size of the public key database, restricted by maximum individal EFI
 /// varible size, and excluding the variable header and name size.
 ///
 …
   This function implements EsalGetVariable function of Extended SAL Variable Services Class.
   It is equivalent in functionality to the EFI Runtime Service GetVariable().
   @param[in]      VariableName    A Null-terminated Unicode string that is the name of
                                   the vendor's variable.
   @param[in]      VendorGuid      A unique identifier for the vendor.
   @param[out]     Attributes      If not NULL, a pointer to the memory location to return the
+  @param[out]     Attributes      If not NULL, a pointer to the memory location to return the
                                   attributes bitmask for the variable.
   @param[in, out] DataSize        Size of Data found. If size is less than the
                                   data, this value contains the required size.
   @param[out]     Data            On input, the size in bytes of the return Data buffer.
+  @param[out]     Data            On input, the size in bytes of the return Data buffer.
                                   On output, the size of data returned in Data.
   @param[in]      VirtualMode     Current calling mode for this function.
   @param[in]      Global          Context of this Extended SAL Variable Services Class call.
   @retval EFI_SUCCESS            The function completed successfully.
+  @retval EFI_SUCCESS            The function completed successfully.
   @retval EFI_NOT_FOUND          The variable was not found.
   @retval EFI_BUFFER_TOO_SMALL   DataSize is too small for the result.  DataSize has
+  @retval EFI_BUFFER_TOO_SMALL   DataSize is too small for the result.  DataSize has
                                  been updated with the size needed to complete the request.
   @retval EFI_INVALID_PARAMETER  VariableName is NULL.
 …
   This function implements EsalGetNextVariableName function of Extended SAL Variable Services Class.
   It is equivalent in functionality to the EFI Runtime Service GetNextVariableName().
   @param[in, out] VariableNameSize Size of the variable
   @param[in, out] VariableName     On input, supplies the last VariableName that was returned by GetNextVariableName().
                                    On output, returns the Null-terminated Unicode string of the current variable.
   @param[in, out] VendorGuid       On input, supplies the last VendorGuid that was returned by GetNextVariableName().
                                    On output, returns the VendorGuid of the current variable.
+                                   On output, returns the VendorGuid of the current variable.
   @param[in]      VirtualMode      Current calling mode for this function.
   @param[in]      Global           Context of this Extended SAL Variable Services Class call.
   @retval EFI_SUCCESS             The function completed successfully.
+  @retval EFI_SUCCESS             The function completed successfully.
   @retval EFI_NOT_FOUND           The next variable was not found.
   @retval EFI_BUFFER_TOO_SMALL    VariableNameSize is too small for the result.
+  @retval EFI_BUFFER_TOO_SMALL    VariableNameSize is too small for the result.
                                   VariableNameSize has been updated with the size needed to complete the request.
   @retval EFI_INVALID_PARAMETER   VariableNameSize is NULL.
 …
   This function implements EsalSetVariable function of Extended SAL Variable Services Class.
   It is equivalent in functionality to the EFI Runtime Service SetVariable().
   @param[in]  VariableName       A Null-terminated Unicode string that is the name of the vendor's
                                  variable.  Each VariableName is unique for each
                                  VendorGuid.  VariableName must contain 1 or more
                                  Unicode characters.  If VariableName is an empty Unicode
+                                 variable.  Each VariableName is unique for each
+                                 VendorGuid.  VariableName must contain 1 or more
+                                 Unicode characters.  If VariableName is an empty Unicode
                                  string, then EFI_INVALID_PARAMETER is returned.
   @param[in]  VendorGuid         A unique identifier for the vendor.
 …
   @param[in]  Global             Context of this Extended SAL Variable Services Class call.
   @retval EFI_SUCCESS            The firmware has successfully stored the variable and its data as
+  @retval EFI_SUCCESS            The firmware has successfully stored the variable and its data as
                                  defined by the Attributes.
   @retval EFI_INVALID_PARAMETER  An invalid combination of attribute bits was supplied, or the
+  @retval EFI_INVALID_PARAMETER  An invalid combination of attribute bits was supplied, or the
                                  DataSize exceeds the maximum allowed.
   @retval EFI_INVALID_PARAMETER  VariableName is an empty Unicode string.
 …
   @param[in]  Attributes                   Attributes bitmask to specify the type of variables
                                            on which to return information.
   @param[out] MaximumVariableStorageSize   On output the maximum size of the storage space available for
                                            the EFI variables associated with the attributes specified.
   @param[out] RemainingVariableStorageSize Returns the remaining size of the storage space available for EFI
+  @param[out] MaximumVariableStorageSize   On output the maximum size of the storage space available for
+                                           the EFI variables associated with the attributes specified.
+  @param[out] RemainingVariableStorageSize Returns the remaining size of the storage space available for EFI
                                            variables associated with the attributes specified.
   @param[out] MaximumVariableSize          Returns the maximum size of an individual EFI variable
+  @param[out] MaximumVariableSize          Returns the maximum size of an individual EFI variable
                                            associated with the attributes specified.
   @param[in]  VirtualMode                  Current calling mode for this function
 …
   @retval EFI_SUCCESS                      Valid answer returned.
   @retval EFI_INVALID_PARAMETER            An invalid combination of attribute bits was supplied.
   @retval EFI_UNSUPPORTED                  The attribute is not supported on this platform, and the
                                            MaximumVariableStorageSize, RemainingVariableStorageSize,
+  @retval EFI_UNSUPPORTED                  The attribute is not supported on this platform, and the
+                                           MaximumVariableStorageSize, RemainingVariableStorageSize,
                                            MaximumVariableSize are undefined.
 **/
 …
 /**
   Update the variable region with Variable information. These are the same
+  Update the variable region with Variable information. These are the same
   arguments as the EFI Variable services.
 …
   @param[in] Attributes         Attributes of the variable.
   @param[in] KeyIndex           Index of associated public key.
   @param[in] MonotonicCount     Value of associated monotonic count.
+  @param[in] MonotonicCount     Value of associated monotonic count.
   @param[in] VirtualMode        Current calling mode for this function.
   @param[in] Global             Context of this Extended SAL Variable Services Class call.
 …
   IN      VOID                    *Data,
   IN      UINTN                   DataSize,
   IN      UINT32                  Attributes OPTIONAL,
+  IN      UINT32                  Attributes OPTIONAL,
   IN      UINT32                  KeyIndex  OPTIONAL,
   IN      UINT64                  MonotonicCount  OPTIONAL,

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/VariableAuthenticated/Pei/Variable.c

-              r58459
+              r58466
 /** @file
   Implement ReadOnly Variable Services required by PEIM and install PEI
   ReadOnly Varaiable2 PPI. These services operates the non-volatile
+  ReadOnly Varaiable2 PPI. These services operates the non-volatile
   storage space.
 Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
 /**
   Provide the functionality of the variable services.
   @param  FileHandle   Handle of the file being invoked.
+  @param  FileHandle   Handle of the file being invoked.
                        Type EFI_PEI_FILE_HANDLE is defined in FfsFindNextFile().
   @param  PeiServices  General purpose services available to every PEIM.
 …
+{
   UINTN Value;
   //
   // Be careful about pad size for alignment
 …
         NvStorageSize = PcdGet32 (PcdFlashNvStorageVariableSize);
         NvStorageBase = (EFI_PHYSICAL_ADDRESS) (PcdGet64 (PcdFlashNvStorageVariableBase64) != 0 ?
                                                 PcdGet64 (PcdFlashNvStorageVariableBase64) :
+        NvStorageBase = (EFI_PHYSICAL_ADDRESS) (PcdGet64 (PcdFlashNvStorageVariableBase64) != 0 ?
+                                                PcdGet64 (PcdFlashNvStorageVariableBase64) :
                                                 PcdGet32 (PcdFlashNvStorageVariableBase)
                                                );
 …
           break;
+        }
         VariableStoreHeader = (VARIABLE_STORE_HEADER *) ((UINT8 *) FvHeader + FvHeader->HeaderLength);
 …
           // If it's the first time to access variable region in flash, create a guid hob to record
           // VAR_ADDED type variable info.
           // Note that as the resource of PEI phase is limited, only store the limited number of
+          // Note that as the resource of PEI phase is limited, only store the limited number of
           // VAR_ADDED type variables to reduce access time.
           //
 …
   EFI_PHYSICAL_ADDRESS  SpareAddress;
   UINTN                 PartialSize;
   if (StoreInfo->FtwLastWriteData != NULL) {
     TargetAddress = StoreInfo->FtwLastWriteData->TargetAddress;
 …
                StoreInfo,
                VariableName,
                VendorGuid,
+               VendorGuid,
                PtrTrack
                );
 …
   This service retrieves a variable's value using its name and GUID.
   Read the specified variable from the UEFI variable store. If the Data
+  Read the specified variable from the UEFI variable store. If the Data
   buffer is too small to hold the contents of the variable, the error
   EFI_BUFFER_TOO_SMALL is returned and DataSize is set to the required buffer
 …
   @retval EFI_SUCCESS           The variable was read successfully.
   @retval EFI_NOT_FOUND         The variable could not be found.
   @retval EFI_BUFFER_TOO_SMALL  The DataSize is too small for the resulting data.
                                 DataSize is updated with the size required for
+  @retval EFI_BUFFER_TOO_SMALL  The DataSize is too small for the resulting data.
+                                DataSize is updated with the size required for
                                 the specified variable.
   @retval EFI_INVALID_PARAMETER VariableName, VariableGuid, DataSize or Data is NULL.
 …
   Return the next variable name and GUID.
   This function is called multiple times to retrieve the VariableName
   and VariableGuid of all variables currently available in the system.
   On each call, the previous results are passed into the interface,
   and, on return, the interface returns the data for the next
   interface. When the entire variable list has been returned,
+  This function is called multiple times to retrieve the VariableName
+  and VariableGuid of all variables currently available in the system.
+  On each call, the previous results are passed into the interface,
+  and, on return, the interface returns the data for the next
+  interface. When the entire variable list has been returned,
   EFI_NOT_FOUND is returned.
 …
   @param  VariableName      On entry, a pointer to a null-terminated string that is the variable's name.
                             On return, points to the next variable's null-terminated name string.
   @param  VariableGuid      On entry, a pointer to an EFI_GUID that is the variable's GUID.
+  @param  VariableGuid      On entry, a pointer to an EFI_GUID that is the variable's GUID.
                             On return, a pointer to the next variable's GUID.
 …
+      }
       //
       // Capture the case that
+      // Capture the case that
       // 1. current storage is the last one, or
       // 2. no further storage
 …
                    &StoreInfoForHob,
                    GetVariableNamePtr (Variable.CurrPtr),
                    &VariableHeader->VendorGuid,
+                   &VariableHeader->VendorGuid,
                    &VariableInHob
                    );

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/VariableAuthenticated/Pei/Variable.h

-              r58459
+              r58466
 Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
 /**
   Provide the functionality of the variable services.
   @param  FileHandle  Handle of the file being invoked.
+  @param  FileHandle  Handle of the file being invoked.
                       Type EFI_PEI_FILE_HANDLE is defined in FfsFindNextFile().
   @param  PeiServices  General purpose services available to every PEIM.
 …
   This service retrieves a variable's value using its name and GUID.
   Read the specified variable from the UEFI variable store. If the Data
+  Read the specified variable from the UEFI variable store. If the Data
   buffer is too small to hold the contents of the variable, the error
   EFI_BUFFER_TOO_SMALL is returned and DataSize is set to the required buffer
 …
   @retval EFI_SUCCESS           The variable was read successfully.
   @retval EFI_NOT_FOUND         The variable could not be found.
   @retval EFI_BUFFER_TOO_SMALL  The DataSize is too small for the resulting data.
                                 DataSize is updated with the size required for
+  @retval EFI_BUFFER_TOO_SMALL  The DataSize is too small for the resulting data.
+                                DataSize is updated with the size required for
                                 the specified variable.
   @retval EFI_INVALID_PARAMETER VariableName, VariableGuid, DataSize or Data is NULL.
 …
   Return the next variable name and GUID.
   This function is called multiple times to retrieve the VariableName
   and VariableGuid of all variables currently available in the system.
   On each call, the previous results are passed into the interface,
   and, on return, the interface returns the data for the next
   interface. When the entire variable list has been returned,
+  This function is called multiple times to retrieve the VariableName
+  and VariableGuid of all variables currently available in the system.
+  On each call, the previous results are passed into the interface,
+  and, on return, the interface returns the data for the next
+  interface. When the entire variable list has been returned,
   EFI_NOT_FOUND is returned.
 …
                             On return, points to the next variable's null-terminated name string.
   @param  VariableGuid      On entry, a pointer to an UEFI _GUID that is the variable's GUID.
+  @param  VariableGuid      On entry, a pointer to an UEFI _GUID that is the variable's GUID.
                             On return, a pointer to the next variable's GUID.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c

-              r58459
+              r58466
      The whole SMM authentication variable design relies on the integrity of flash part and SMM.
   which is assumed to be protected by platform.  All variable code and metadata in flash/SMM Memory
   may not be modified without authorization. If platform fails to protect these resources,
+  may not be modified without authorization. If platform fails to protect these resources,
   the authentication service provided in this driver will be broken, and the behavior is undefined.
 …
   @retval TRUE      This variable is protected, only a physical present user could set this variable.
   @retval FALSE     This variable is not protected.
 **/
 BOOLEAN
 …
     return TRUE;
+  }
   return FALSE;
+}
 …
     return TRUE;
+  }
   return FALSE;
+}
 …
     ASSERT ((DataSize != 0) && (Data != NULL));
     //
     // "AuthVarKeyDatabase" is an internal variable. Its DataSize is always ensured not to exceed mPubKeyStore buffer size(See definition before)
+    // "AuthVarKeyDatabase" is an internal variable. Its DataSize is always ensured not to exceed mPubKeyStore buffer size(See definition before)
     //  Therefore, there is no memory overflow in underlying CopyMem.
     //
 …
     DEBUG ((EFI_D_INFO, "Variable %s exists.\n", EFI_PLATFORM_KEY_NAME));
+  }
   //
   // Create "SetupMode" variable with BS+RT attribute set.
 …
     return Status;
+  }
   //
   // Create "SignatureSupport" variable with BS+RT attribute set.
 …
     return Status;
+  }
   DEBUG ((EFI_D_INFO, "Variable %s is %x\n", EFI_CUSTOM_MODE_NAME, CustomMode));
   //
   // Check "certdb" variable's existence.
   // If it doesn't exist, then create a new one with
+  // If it doesn't exist, then create a new one with
   // EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set.
   //
 …
       return Status;
+    }
+  }
+  }
   //
 …
   @param[in]  PubKey                  Input pointer to Public Key data
   @param[in]  VariableDataEntry       The variable data entry
+  @param[in]  VariableDataEntry       The variable data entry
   @return                             Index of new added item
 …
         return 0;
+      }
       Status = Reclaim (
                  mVariableModuleGlobal->VariableGlobal.NonVolatileVariableBase,
 …
       ASSERT ((DataSize != 0) && (Data != NULL));
       //
       // "AuthVarKeyDatabase" is an internal used variable. Its DataSize is always ensured not to exceed mPubKeyStore buffer size(See definition before)
+      // "AuthVarKeyDatabase" is an internal used variable. Its DataSize is always ensured not to exceed mPubKeyStore buffer size(See definition before)
       //  Therefore, there is no memory overflow in underlying CopyMem.
       //
 …
       if (mPubKeyNumber == mMaxKeyNumber) {
         return 0;
+      }
+      }
+    }
 …
   VOID                            *Rsa;
   UINTN                           PayloadSize;
   PayloadSize = DataSize - AUTHINFO_SIZE;
   Rsa         = NULL;
 …
   @return EFI_INVALID_PARAMETER           Invalid signature list format.
   @return EFI_SUCCESS                     Passed signature list format check successfully.
 **/
 EFI_STATUS
 …
     IsPk = TRUE;
   } else if ((CompareGuid (VendorGuid, &gEfiGlobalVariableGuid) && StrCmp (VariableName, EFI_KEY_EXCHANGE_KEY_NAME) == 0) ||
              (CompareGuid (VendorGuid, &gEfiImageSecurityDatabaseGuid) &&
+             (CompareGuid (VendorGuid, &gEfiImageSecurityDatabaseGuid) &&
               (StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE) == 0 || StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE1) == 0))){
     IsPk = FALSE;
 …
       if (CompareGuid (&SigList->SignatureType, &mSupportSigItem[Index].SigType)) {
         //
         // The value of SignatureSize should always be 16 (size of SignatureOwner
+        // The value of SignatureSize should always be 16 (size of SignatureOwner
         // component) add the data length according to signature type.
         //
         if (mSupportSigItem[Index].SigDataSize != ((UINT32) ~0) &&
+        if (mSupportSigItem[Index].SigDataSize != ((UINT32) ~0) &&
           (SigList->SignatureSize - sizeof (EFI_GUID)) != mSupportSigItem[Index].SigDataSize) {
           return EFI_INVALID_PARAMETER;
 …
+    }
     SigCount += (SigList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - SigList->SignatureHeaderSize) / SigList->SignatureSize;
     SigDataSize -= SigList->SignatureListSize;
     SigList = (EFI_SIGNATURE_LIST *) ((UINT8 *) SigList + SigList->SignatureListSize);
 …
   @return EFI_SUCCESS           Variable is updated successfully.
   @return Others                Failed to update variable.
 **/
 EFI_STATUS
 …
+  }
   mVendorKeyState = VENDOR_KEYS_MODIFIED;
   FindVariable (EFI_VENDOR_KEYS_NV_VARIABLE_NAME, &gEfiVendorKeysNvGuid, &Variable, &mVariableModuleGlobal->VariableGlobal, FALSE);
   Status = UpdateVariable (
 …
   UINTN                       PayloadSize;
   if ((Attributes & EFI_VARIABLE_NON_VOLATILE) == 0 ||
+  if ((Attributes & EFI_VARIABLE_NON_VOLATILE) == 0 ||
       (Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) == 0) {
     //
 …
       return Status;
+    }
     Status = UpdateVariable (
                VariableName,
 …
     return EFI_SECURITY_VIOLATION;
+  }
   //
   // A time-based authenticated variable and a count-based authenticated variable
   // can't be updated by each other.
   //
   if (Variable->CurrPtr != NULL) {
+  //
+  if (Variable->CurrPtr != NULL) {
     if (((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) != 0) &&
         ((Variable->CurrPtr->Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) != 0)) {
       return EFI_SECURITY_VIOLATION;
+    }
     if (((Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) != 0) &&
+      return EFI_SECURITY_VIOLATION;
+    }
+    if (((Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) != 0) &&
         ((Variable->CurrPtr->Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) != 0)) {
       return EFI_SECURITY_VIOLATION;
+    }
+  }
+      return EFI_SECURITY_VIOLATION;
+    }
+  }
   //
   // Process Time-based Authenticated variable.
 …
       IsFirstTime = FALSE;
+    }
   } else if ((Variable->CurrPtr != NULL) &&
+  } else if ((Variable->CurrPtr != NULL) &&
              ((Variable->CurrPtr->Attributes & (EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS)) != 0)
             ) {
 …
     //
     // 2 cases need to check here
     //   1. Internal PubKey variable. PubKeyIndex is always 0
+    //   1. Internal PubKey variable. PubKeyIndex is always 0
     //   2. Other counter-based AuthVariable. Check input PubKey.
     //
 …
   @param[in, out]  Data              Pointer to original EFI_SIGNATURE_LIST.
   @param[in]       DataSize          Size of Data buffer.
   @param[in]       FreeBufSize       Size of free data buffer
+  @param[in]       FreeBufSize       Size of free data buffer
   @param[in]       NewData           Pointer to new EFI_SIGNATURE_LIST to be appended.
   @param[in]       NewDataSize       Size of NewData buffer.
 …
       // Check whether VariableName matches.
       //
       if ((NameSize == StrLen (VariableName)) &&
+      if ((NameSize == StrLen (VariableName)) &&
           (CompareMem (Data + Offset, VariableName, NameSize * sizeof (CHAR16)) == 0)) {
         Offset = Offset + NameSize * sizeof (CHAR16);
 …
         if (CertDataSize != NULL) {
           *CertDataSize = CertSize;
+          *CertDataSize = CertSize;
+        }
 …
+  }
   return EFI_NOT_FOUND;
+  return EFI_NOT_FOUND;
+}
 …
     return EFI_INVALID_PARAMETER;
+  }
   //
   // Get variable "certdb".
 …
              &mVariableModuleGlobal->VariableGlobal,
              FALSE
              );
+             );
   if (EFI_ERROR (Status)) {
     return Status;
 …
     return EFI_INVALID_PARAMETER;
+  }
   //
   // Get variable "certdb".
 …
              &mVariableModuleGlobal->VariableGlobal,
              FALSE
              );
+             );
   if (EFI_ERROR (Status)) {
     return Status;
 …
   //
   // Set "certdb".
   //
   VarAttr  = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
+  //
+  VarAttr  = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
   Status   = UpdateVariable (
                EFI_CERT_DB_NAME,
 …
     return EFI_INVALID_PARAMETER;
+  }
   //
   // Get variable "certdb".
 …
              &mVariableModuleGlobal->VariableGlobal,
              FALSE
              );
+             );
   if (EFI_ERROR (Status)) {
     return Status;
 …
   //
   NameSize      = (UINT32) StrLen (VariableName);
   CertNodeSize  = sizeof (AUTH_CERT_DB_DATA) + (UINT32) CertDataSize + NameSize * sizeof (CHAR16);
+  CertNodeSize  = sizeof (AUTH_CERT_DB_DATA) + (UINT32) CertDataSize + NameSize * sizeof (CHAR16);
   NewCertDbSize = (UINT32) DataSize + CertNodeSize;
   if (NewCertDbSize > mMaxCertDbSize) {
 …
   CopyMem (&Ptr->NameSize, &NameSize, sizeof (UINT32));
   CopyMem (&Ptr->CertDataSize, &CertDataSize, sizeof (UINT32));
   CopyMem (
     (UINT8 *) Ptr + sizeof (AUTH_CERT_DB_DATA),
 …
     CertDataSize
     );
   //
   // Set "certdb".
   //
   VarAttr  = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
+  //
+  VarAttr  = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
   Status   = UpdateVariable (
                EFI_CERT_DB_NAME,
 …
         goto Exit;
+      }
       if ((CertStackSize != CertsSizeinDb) ||
           (CompareMem (SignerCerts, CertsInCertDb, CertsSizeinDb) != 0)) {
 …
     RootCert      = Cert->SignatureData;
     RootCertSize  = CertList->SignatureSize - (sizeof (EFI_SIGNATURE_DATA) - 1);
     // Verify Pkcs7 SignedData via Pkcs7Verify library.
     //

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h

-              r58459
+              r58466
      The whole SMM authentication variable design relies on the integrity of flash part and SMM.
   which is assumed to be protected by platform.  All variable code and metadata in flash/SMM Memory
   may not be modified without authorization. If platform fails to protect these resources,
+  may not be modified without authorization. If platform fails to protect these resources,
   the authentication service provided in this driver will be broken, and the behavior is undefined.
 …
 /// "certdb" variable stores the signer's certificates for non PK/KEK/DB/DBX
 /// variables with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set.
 ///
+///
 ///
 #define EFI_CERT_DB_NAME        L"certdb"
 …
   @return EFI_INVALID_PARAMETER           Invalid signature list format.
   @return EFI_SUCCESS                     Passed signature list format check successfully.
 **/
 EFI_STATUS
 …
   @param[in, out]  Data             Pointer to original EFI_SIGNATURE_LIST.
   @param[in]       DataSize         Size of Data buffer.
   @param[in]       FreeBufSize      Size of free data buffer
+  @param[in]       FreeBufSize      Size of free data buffer
   @param[in]       NewData          Pointer to new EFI_SIGNATURE_LIST to be appended.
   @param[in]       NewDataSize      Size of NewData buffer.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/VariableAuthenticated/RuntimeDxe/Measurement.c

-              r58464
+              r58466
   for (Index = 0; Index < sizeof(mVariableType)/sizeof(mVariableType[0]); Index++) {
     if ((StrCmp (VariableName, mVariableType[Index].VariableName) == 0) &&
+    if ((StrCmp (VariableName, mVariableType[Index].VariableName) == 0) &&
         (CompareGuid (VendorGuid, mVariableType[Index].VendorGuid))) {
       return TRUE;
 …
   @param[in]  VarName           A Null-terminated string that is the name of the vendor's variable.
   @param[in]  VendorGuid        A unique identifier for the vendor.
   @param[in]  VarData           The content of the variable data.
   @param[in]  VarSize           The size of the variable data.
+  @param[in]  VarData           The content of the variable data.
+  @param[in]  VarSize           The size of the variable data.
   @retval EFI_SUCCESS           Operation completed successfully.
   @retval EFI_OUT_OF_RESOURCES  Out of memory.
 …
 /**
   Returns the status whether get the variable success. The function retrieves
   variable  through the UEFI Runtime Service GetVariable().  The
+  Returns the status whether get the variable success. The function retrieves
+  variable  through the UEFI Runtime Service GetVariable().  The
   returned buffer is allocated using AllocatePool().  The caller is responsible
   for freeing this buffer with FreePool().
 …
     *Size  = 0;
+  }
   Status = gRT->GetVariable ((CHAR16 *) Name, (EFI_GUID *) Guid, NULL, &BufferSize, *Value);
   if (Status != EFI_BUFFER_TOO_SMALL) {

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/VariableAuthenticated/RuntimeDxe/Reclaim.c

-              r58459
+              r58466
 Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c

-              r58459
+              r58466
   Check the PubKeyIndex is a valid key or not.
   This function will iterate the NV storage to see if this PubKeyIndex is still referenced
+  This function will iterate the NV storage to see if this PubKeyIndex is still referenced
   by any valid count-based auth variabe.
   @param[in]  PubKeyIndex     Index of the public key in public key store.
   @retval     TRUE            The PubKeyIndex is still in use.
   @retval     FALSE           The PubKeyIndex is not referenced by any count-based auth variabe.
 **/
 BOOLEAN
 …
   while (IsValidVariableHeader (Variable, VariableStoreEnd)) {
     if ((Variable->State == VAR_ADDED || Variable->State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED)) &&
+    if ((Variable->State == VAR_ADDED || Variable->State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED)) &&
         Variable->PubKeyIndex == PubKeyIndex) {
       return TRUE;
 …
     Variable = GetNextVariablePtr (Variable);
+  }
   return FALSE;
+}
 …
   Get the number of valid public key in PubKeyStore.
   @param[in]  PubKeyNumber     Number of the public key in public key store.
 …
   Counter = 0;
   for (PubKeyIndex = 1; PubKeyIndex <= PubKeyNumber; PubKeyIndex++) {
     if (IsValidPubKeyIndex (PubKeyIndex)) {
 …
+    }
+  }
   return Counter;
+}
 …
   Filter the useless key in public key store.
   This function will find out all valid public keys in public key database, save them in new allocated
+  This function will find out all valid public keys in public key database, save them in new allocated
   buffer NewPubKeyStore, and give the new PubKeyIndex. The caller is responsible for freeing buffer
   NewPubKeyIndex and NewPubKeyStore with FreePool().
 …
   @param[out]  NewPubKeyStore       Saved all valid public keys in PubKeyStore.
   @param[out]  NewPubKeySize        Buffer size of the NewPubKeyStore.
   @retval  EFI_SUCCESS              Trim operation is complete successfully.
   @retval  EFI_OUT_OF_RESOURCES     No enough memory resources, or no useless key in PubKeyStore.
 **/
 EFI_STATUS
 …
   UINT32        CopiedKey;
   UINT32        NewPubKeyNumber;
   NewPubKeyNumber = GetValidPubKeyNumber (PubKeyNumber);
   if (NewPubKeyNumber == PubKeyNumber) {
 …
   @param[in]      NewVariableSize         New variable size.
   @param[in]      ReclaimPubKeyStore      Reclaim for public key database or not.
   @return EFI_SUCCESS                  Reclaim operation has finished successfully.
   @return EFI_OUT_OF_RESOURCES         No enough memory resources or variable space.
 …
       NextVariable = GetNextVariablePtr (Variable);
       if (Variable->State == VAR_ADDED || Variable->State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED)) {
         if ((StrCmp (GetVariableNamePtr (Variable), AUTHVAR_KEYDB_NAME) == 0) &&
+        if ((StrCmp (GetVariableNamePtr (Variable), AUTHVAR_KEYDB_NAME) == 0) &&
             (CompareGuid (&Variable->VendorGuid, &gEfiAuthenticatedVariableGuid))) {
           //
 …
           continue;
+        }
         VariableSize = (UINTN) NextVariable - (UINTN) Variable;
         CopyMem (CurrPtr, (UINT8 *) Variable, VariableSize);
 …
     StrCpy (GetVariableNamePtr (Variable), GetVariableNamePtr (PubKeyHeader));
     CopyMem (GetVariableDataPtr (Variable), NewPubKeyStore, NewPubKeySize);
     CurrPtr = (UINT8*) GetNextVariablePtr (Variable);
+    CurrPtr = (UINT8*) GetNextVariablePtr (Variable);
     CommonVariableTotalSize += (UINTN) CurrPtr - (UINTN) Variable;
   } else {
 …
   @param[in] Attributes         Variable attributes for Variable entries.
   @param ...                    The variable argument list with type VARIABLE_ENTRY_CONSISTENCY *.
                                 A NULL terminates the list. The VariableSize of
+                                A NULL terminates the list. The VariableSize of
                                 VARIABLE_ENTRY_CONSISTENCY is the variable data size as input.
                                 It will be changed to variable total size as output.
 …
         VariableEntry[0].Guid = &gEfiGlobalVariableGuid;
         VariableEntry[0].Name = EFI_LANG_VARIABLE_NAME;
         VariableEntry[1].VariableSize = AsciiStrSize (BestPlatformLang);
         VariableEntry[1].Guid = &gEfiGlobalVariableGuid;
 …
         goto Done;
+      }
       //
       // Only variable that have RT attributes can be updated/deleted in Runtime.
 …
         //
         // Set Max Common Variable Data Size as default MaxDataSize
+        // Set Max Common Variable Data Size as default MaxDataSize
         //
         MaxDataSize = PcdGet32 (PcdMaxVariableSize) - DataOffset;
 …
           Status = AppendSignatureList (
                      BufferForMerge,
                      Variable->CurrPtr->DataSize,
+                     Variable->CurrPtr->DataSize,
                      MaxDataSize - Variable->CurrPtr->DataSize,
                      Data,
 …
   Check if a Unicode character is a hexadecimal character.
   This function checks if a Unicode character is a
   hexadecimal character.  The valid hexadecimal character is
+  This function checks if a Unicode character is a
+  hexadecimal character.  The valid hexadecimal character is
   L'0' to L'9', L'a' to L'f', or L'A' to L'F'.
 …
   @retval TRUE      This variable is read-only variable.
   @retval FALSE     This variable is NOT read-only variable.
 **/
 BOOLEAN
 …
+    }
+  }
   return FALSE;
+}
 …
   if ((UINTN)(~0) - PayloadSize < StrSize(VariableName)){
     //
     // Prevent whole variable size overflow
     //
+    // Prevent whole variable size overflow
+    //
     return EFI_INVALID_PARAMETER;
+  }
 …
   } else if (CompareGuid (VendorGuid, &gEfiGlobalVariableGuid) && (StrCmp (VariableName, EFI_KEY_EXCHANGE_KEY_NAME) == 0)) {
     Status = ProcessVarWithPk (VariableName, VendorGuid, Data, DataSize, &Variable, Attributes, FALSE);
   } else if (CompareGuid (VendorGuid, &gEfiImageSecurityDatabaseGuid) &&
+  } else if (CompareGuid (VendorGuid, &gEfiImageSecurityDatabaseGuid) &&
           ((StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE) == 0) || (StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE1) == 0))) {
     Status = ProcessVarWithPk (VariableName, VendorGuid, Data, DataSize, &Variable, Attributes, FALSE);

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.h

-              r58459
+              r58466
 Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   @param[in] Attributes         Variable attributes for Variable entries.
   @param ...                    The variable argument list with type VARIABLE_ENTRY_CONSISTENCY *.
                                 A NULL terminates the list. The VariableSize of
+                                A NULL terminates the list. The VariableSize of
                                 VARIABLE_ENTRY_CONSISTENCY is the variable data size as input.
                                 It will be changed to variable total size as output.
 …
   ...
   );
 /**
   Update the variable region with Variable information. If EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS is set,
 …
   IN      UINT64          MonotonicCount  OPTIONAL,
   IN OUT  VARIABLE_POINTER_TRACK *Variable,
   IN      EFI_TIME        *TimeStamp  OPTIONAL
+  IN      EFI_TIME        *TimeStamp  OPTIONAL
   );
 …
 /**
   Return TRUE if ExitBootServices () has been called.
   @retval TRUE If ExitBootServices () has been called.
 **/
 …
   Initializes a basic mutual exclusion lock.
   This function initializes a basic mutual exclusion lock to the released state
   and returns the lock.  Each lock provides mutual exclusion access at its task
+  This function initializes a basic mutual exclusion lock to the released state
+  and returns the lock.  Each lock provides mutual exclusion access at its task
   priority level.  Since there is no preemption or multiprocessor support in EFI,
   acquiring the lock only consists of raising to the locks TPL.
 …
   );
 /**
   Acquires lock only at boot time. Simply returns at runtime.
 …
 ReleaseLockOnlyAtBootTime (
   IN EFI_LOCK  *Lock
   );
+  );
 /**
 …
   @retval EFI_UNSUPPORTED       The device does not support the FVB protocol.
   @retval EFI_INVALID_PARAMETER FvBlockHandle is not a valid EFI_HANDLE or FvBlock is NULL.
 **/
 EFI_STATUS
 …
 /**
   Function returns an array of handles that support the FVB protocol
   in a buffer allocated from pool.
+  in a buffer allocated from pool.
   @param[out]  NumberHandles    The number of handles returned in Buffer.
 …
   @retval EFI_OUT_OF_RESOURCES  There is not enough pool memory to store the matching results.
   @retval EFI_INVALID_PARAMETER NumberHandles is NULL or Buffer is NULL.
 **/
 EFI_STATUS
 …
   @param[in]      NewVariableSize         New variable size.
   @param[in]      ReclaimPubKeyStore      Reclaim for public key database or not.
   @return EFI_SUCCESS                  Reclaim operation has finished successfully.
   @return EFI_OUT_OF_RESOURCES         No enough memory resources or variable space.
 …
 /**
   This function reclaims variable storage if free size is below the threshold.
 **/
 VOID
 ReclaimForOS(
   VOID
   );
+  );
 …
   VOID
   );
 /**
   Retrive the SMM Fault Tolerent Write protocol interface.
 …
                                     data, this value contains the required size.
   @param Data                       Data pointer.
   @return EFI_INVALID_PARAMETER     Invalid parameter.
   @return EFI_SUCCESS               Find the specified variable.
 …
   OUT UINT64                 *RemainingVariableStorageSize,
   OUT UINT64                 *MaximumVariableSize
   );
+  );
 /**

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf

-              r58459
+              r58466
 #  Provides authenticated variable service
+#
 #  This module installs variable arch protocol and variable write arch protocol to provide
+#  This module installs variable arch protocol and variable write arch protocol to provide
 #  variable services: SetVariable, GetVariable, GetNextVariableName and QueryVariableInfo.
+#
 #  Caution: This module requires additional review when modified.
 #  This driver will have external input - variable data.
 #  This external input must be validated carefully to avoid security issues such as
+#  This external input must be validated carefully to avoid security issues such as
 #  buffer overflow or integer overflow.
+#
 …
   ## SOMETIMES_PRODUCES   ## SystemTable
   gEfiAuthenticatedVariableGuid
   ## SOMETIMES_CONSUMES   ## Variable:L"PlatformLang"
   ## SOMETIMES_PRODUCES   ## Variable:L"PlatformLang"
 …
   ## PRODUCES             ## Variable:L"SecureBoot"
   ## CONSUMES             ## Variable:L"SignatureSupport"
   ## PRODUCES             ## Variable:L"SignatureSupport"
+  ## PRODUCES             ## Variable:L"SignatureSupport"
   ## PRODUCES             ## Variable:L"VendorKeys"
   gEfiGlobalVariableGuid
   ## SOMETIMES_CONSUMES   ## Variable:L"DB"
   ## SOMETIMES_CONSUMES   ## Variable:L"DBX"
   gEfiImageSecurityDatabaseGuid
   ## CONSUMES             ## Variable:L"SecureBootEnable"
   ## PRODUCES             ## Variable:L"SecureBootEnable"
   gEfiSecureBootEnableDisableGuid
   ## CONSUMES             ## Variable:L"CustomMode"
   ## PRODUCES             ## Variable:L"CustomMode"
   gEfiCustomModeEnableGuid
   ## CONSUMES             ## Variable:L"certdb"
   ## PRODUCES             ## Variable:L"certdb"
   gEfiCertDbGuid
   ## CONSUMES             ## Variable:L"VendorKeysNv"
   ## PRODUCES             ## Variable:L"VendorKeysNv"

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.c

-              r58459
+              r58466
 /** @file
   The sample implementation for SMM variable protocol. And this driver
   implements an SMI handler to communicate with the DXE runtime driver
+  The sample implementation for SMM variable protocol. And this driver
+  implements an SMI handler to communicate with the DXE runtime driver
   to provide variable services.
 …
   SmmVariableHandler() will receive untrusted input and do basic validation.
   Each sub function VariableServiceGetVariable(), VariableServiceGetNextVariableName(),
   VariableServiceSetVariable(), VariableServiceQueryVariableInfo(), ReclaimForOS(),
+  Each sub function VariableServiceGetVariable(), VariableServiceGetNextVariableName(),
+  VariableServiceSetVariable(), VariableServiceQueryVariableInfo(), ReclaimForOS(),
   SmmVariableGetStatistics() should also do validation based on its own knowledge.
 Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
 /**
   Return TRUE if ExitBootServices () has been called.
   @retval TRUE If ExitBootServices () has been called.
 **/
 …
   Initializes a basic mutual exclusion lock.
   This function initializes a basic mutual exclusion lock to the released state
   and returns the lock.  Each lock provides mutual exclusion access at its task
+  This function initializes a basic mutual exclusion lock to the released state
+  and returns the lock.  Each lock provides mutual exclusion access at its task
   priority level.  Since there is no preemption or multiprocessor support in EFI,
   acquiring the lock only consists of raising to the locks TPL.
 …
   //
   Status = gSmst->SmmLocateProtocol (
                     &gEfiSmmFaultTolerantWriteProtocolGuid,
                     NULL,
+                    &gEfiSmmFaultTolerantWriteProtocolGuid,
+                    NULL,
                     FtwProtocol
                     );
 …
 /**
   Function returns an array of handles that support the SMM FVB protocol
   in a buffer allocated from pool.
+  in a buffer allocated from pool.
   @param[out]  NumberHandles    The number of handles returned in Buffer.
 …
   @param[in, out]  InfoEntry    A pointer to the buffer of variable information entry.
                                 On input, point to the variable information returned last time. if
+                                On input, point to the variable information returned last time. if
                                 InfoEntry->VendorGuid is zero, return the first information.
                                 On output, point to the next variable information.
 …
   @retval EFI_SUCCESS           The variable information is found and returned successfully.
   @retval EFI_UNSUPPORTED       No variable inoformation exists in variable driver. The
+  @retval EFI_UNSUPPORTED       No variable inoformation exists in variable driver. The
                                 PcdVariableCollectStatistics should be set TRUE to support it.
   @retval EFI_BUFFER_TOO_SMALL  The buffer is too small to hold the next variable information.
 …
   CHAR16                                               *InfoName;
   EFI_GUID                                             VendorGuid;
   if (InfoEntry == NULL) {
     return EFI_INVALID_PARAMETER;
+  }
   VariableInfo = gVariableInfo;
+  VariableInfo = gVariableInfo;
   if (VariableInfo == NULL) {
     return EFI_UNSUPPORTED;
 …
     VariableInfo = VariableInfo->Next;
   };
   if (VariableInfo == NULL) {
     *InfoSize = 0;
 …
   CopyMem (InfoName, VariableInfo->Name, StrSize (VariableInfo->Name));
   *InfoSize = StatisticsInfoSize;
   return EFI_SUCCESS;
+}
 …
   Caution: This function may receive untrusted input.
   This variable data and communicate buffer are external input, so this function will do basic validation.
   Each sub function VariableServiceGetVariable(), VariableServiceGetNextVariableName(),
   VariableServiceSetVariable(), VariableServiceQueryVariableInfo(), ReclaimForOS(),
+  Each sub function VariableServiceGetVariable(), VariableServiceGetNextVariableName(),
+  VariableServiceSetVariable(), VariableServiceQueryVariableInfo(), ReclaimForOS(),
   SmmVariableGetStatistics() should also do validation based on its own knowledge.
 …
   @param[in, out] CommBufferSize The size of the CommBuffer.
   @retval EFI_SUCCESS                         The interrupt was handled and quiesced. No other handlers
+  @retval EFI_SUCCESS                         The interrupt was handled and quiesced. No other handlers
                                               should still be called.
   @retval EFI_WARN_INTERRUPT_SOURCE_QUIESCED  The interrupt has been quiesced but other handlers should
+  @retval EFI_WARN_INTERRUPT_SOURCE_QUIESCED  The interrupt has been quiesced but other handlers should
                                               still be called.
   @retval EFI_WARN_INTERRUPT_SOURCE_PENDING   The interrupt is still pending and other handlers should still
+  @retval EFI_WARN_INTERRUPT_SOURCE_PENDING   The interrupt is still pending and other handlers should still
                                               be called.
   @retval EFI_INTERRUPT_PENDING               The interrupt could not be quiesced.
 …
     return EFI_SUCCESS;
+  }
   SmmVariableFunctionHeader = (SMM_VARIABLE_COMMUNICATE_HEADER *)CommBuffer;
   switch (SmmVariableFunctionHeader->Function) {
     case SMM_VARIABLE_FUNCTION_GET_VARIABLE:
 …
         goto EXIT;
+      }
       InfoSize = OFFSET_OF(SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name)
+      InfoSize = OFFSET_OF(SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name)
                  + SmmVariableHeader->DataSize + SmmVariableHeader->NameSize;
 …
       CopyMem (SmmVariableFunctionHeader->Data, mVariableBufferPayload, CommBufferPayloadSize);
       break;
     case SMM_VARIABLE_FUNCTION_GET_NEXT_VARIABLE_NAME:
       if (CommBufferPayloadSize < OFFSET_OF(SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME, Name)) {
 …
       CopyMem (SmmVariableFunctionHeader->Data, mVariableBufferPayload, CommBufferPayloadSize);
       break;
     case SMM_VARIABLE_FUNCTION_SET_VARIABLE:
       if (CommBufferPayloadSize < OFFSET_OF(SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name)) {
 …
                  );
       break;
     case SMM_VARIABLE_FUNCTION_QUERY_VARIABLE_INFO:
       if (CommBufferPayloadSize < sizeof (SMM_VARIABLE_COMMUNICATE_QUERY_VARIABLE_INFO)) {
 …
+      }
       QueryVariableInfo = (SMM_VARIABLE_COMMUNICATE_QUERY_VARIABLE_INFO *) SmmVariableFunctionHeader->Data;
       Status = VariableServiceQueryVariableInfo (
                  QueryVariableInfo->Attributes,
 …
       Status = EFI_SUCCESS;
       break;
     case SMM_VARIABLE_FUNCTION_EXIT_BOOT_SERVICE:
       mAtRuntime = TRUE;
 …
       //
       // Do not need to check SmmVariableFunctionHeader->Data in SMRAM here.
       // It is covered by previous CommBuffer check
       //
+      // Do not need to check SmmVariableFunctionHeader->Data in SMRAM here.
+      // It is covered by previous CommBuffer check
+      //
       if (!SmmIsBufferOutsideSmmValid ((EFI_PHYSICAL_ADDRESS)(UINTN)CommBufferSize, sizeof(UINTN))) {
         DEBUG ((EFI_D_ERROR, "GetStatistics: SMM communication buffer in SMRAM!\n"));
         Status = EFI_ACCESS_DENIED;
         goto EXIT;
+      }
+      }
       Status = SmmVariableGetStatistics (VariableInfo, &InfoSize);
 …
   SMM Fault Tolerant Write protocol notification event handler.
   Non-Volatile variable write may needs FTW protocol to reclaim when
+  Non-Volatile variable write may needs FTW protocol to reclaim when
   writting variable.
   @param  Protocol   Points to the protocol's unique identifier
   @param  Interface  Points to the interface instance
 …
   @retval EFI_SUCCESS   SmmEventCallback runs successfully
   @retval EFI_NOT_FOUND The Fvb protocol for variable is not found.
  **/
 EFI_STATUS
 …
   EFI_PHYSICAL_ADDRESS                    NvStorageVariableBase;
   UINTN                                   FtwMaxBlockSize;
   if (mVariableModuleGlobal->FvbInstance != NULL) {
     return EFI_SUCCESS;
 …
   mVariableModuleGlobal->FvbInstance = FvbProtocol;
   Status = VariableWriteServiceInitialize ();
   if (EFI_ERROR (Status)) {
     DEBUG ((DEBUG_ERROR, "Variable write service initialization failed. Status = %r\n", Status));
+  }
   //
   // Notify the variable wrapper driver the variable write service is ready
 …
                   );
   ASSERT_EFI_ERROR (Status);
   return EFI_SUCCESS;
+}
 …
 /**
   Variable Driver main entry point. The Variable driver places the 4 EFI
   runtime services in the EFI System Table and installs arch protocols
+  runtime services in the EFI System Table and installs arch protocols
   for variable read and write services being available. It also registers
   a notification function for an EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE event.
   @param[in] ImageHandle    The firmware allocated handle for the EFI image.
+  @param[in] ImageHandle    The firmware allocated handle for the EFI image.
   @param[in] SystemTable    A pointer to the EFI System Table.
   @retval EFI_SUCCESS       Variable service successfully initialized.
 …
   Status = gSmst->SmiHandlerRegister (SmmVariableHandler, &gEfiSmmVariableProtocolGuid, &VariableHandle);
   ASSERT_EFI_ERROR (Status);
   //
   // Notify the variable wrapper driver the variable service is ready
 …
                                         );
   ASSERT_EFI_ERROR (Status);
   //
   // Register EFI_SMM_END_OF_DXE_PROTOCOL_GUID notify function.
 …
   //
   // Register FtwNotificationEvent () notify function.
   //
+  //
   Status = gSmst->SmmRegisterProtocolNotify (
                     &gEfiSmmFaultTolerantWriteProtocolGuid,
 …
   SmmFtwNotificationEvent (NULL, NULL, NULL);
   return EFI_SUCCESS;
+}

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf

-              r58459
+              r58466
 #  Caution: This module requires additional review when modified.
 #  This driver will have external input - variable data and communicate buffer in SMM mode.
 #  This external input must be validated carefully to avoid security issues such as
+#  This external input must be validated carefully to avoid security issues such as
 #  buffer overflow or integer overflow.
 #    The whole SMM authentication variable design relies on the integrity of flash part and SMM.
 #  which is assumed to be protected by platform.  All variable code and metadata in flash/SMM Memory
 #  may not be modified without authorization. If platform fails to protect these resources,
+#  may not be modified without authorization. If platform fails to protect these resources,
 #  the authentication service provided in this driver will be broken, and the behavior is undefined.
+#
 …
 [Protocols]
   gEfiSmmFirmwareVolumeBlockProtocolGuid        ## CONSUMES
   ## PRODUCES
   ## UNDEFINED     # SmiHandlerRegister
   gEfiSmmVariableProtocolGuid
   ## CONSUMES
   ## NOTIFY
+  ## NOTIFY
   gEfiSmmFaultTolerantWriteProtocolGuid
   gEfiSmmEndOfDxeProtocolGuid              ## NOTIFY
 …
   ## SOMETIMES_CONSUMES   ## HOB
   gEfiAuthenticatedVariableGuid
   ## SOMETIMES_CONSUMES   ## Variable:L"PlatformLang"
   ## SOMETIMES_PRODUCES   ## Variable:L"PlatformLang"
 …
   ## PRODUCES             ## Variable:L"VendorKeys"
   gEfiGlobalVariableGuid
   ## SOMETIMES_CONSUMES   ## Variable:L"DB"
   ## SOMETIMES_CONSUMES   ## Variable:L"DBX"
   gEfiImageSecurityDatabaseGuid
   ## CONSUMES             ## Variable:L"SecureBootEnable"
   ## PRODUCES             ## Variable:L"SecureBootEnable"
   gEfiSecureBootEnableDisableGuid
   ## CONSUMES             ## Variable:L"CustomMode"
   ## PRODUCES             ## Variable:L"CustomMode"
   gEfiCustomModeEnableGuid
   ## CONSUMES             ## Variable:L"certdb"
   ## PRODUCES             ## Variable:L"certdb"
 …
   ## PRODUCES             ## Variable:L"VendorKeysNv"
   gEfiVendorKeysNvGuid
   gSmmVariableWriteGuid                    ## PRODUCES               ## GUID        # Install protocol
   gEfiCertTypeRsa2048Sha256Guid            ## SOMETIMES_CONSUMES     ## GUID        # Unique ID for the format of the CertData.
 …
   gEfiHardwareErrorVariableGuid            ## SOMETIMES_CONSUMES     ## Variable:L"HwErrRec####"
   gEdkiiFaultTolerantWriteGuid             ## SOMETIMES_CONSUMES     ## HOB
 [Pcd]
   gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize       ## CONSUMES
 …
 [Depex]
   TRUE
 [UserExtensions.TianoCore."ExtraFiles"]
   VariableSmmExtra.uni

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmmRuntimeDxe.c

-              r58459
+              r58466
 Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
 #include <Guid/SmmVariableCommon.h>
 EFI_HANDLE                       mHandle                    = NULL;
+EFI_HANDLE                       mHandle                    = NULL;
 EFI_SMM_VARIABLE_PROTOCOL       *mSmmVariable               = NULL;
 EFI_EVENT                        mVirtualAddressChangeEvent = NULL;
 …
   @param[in]       DataSize         The data size to send to SMM.
   @param[in]       Function         The function number to initialize the communicate header.
   @retval EFI_INVALID_PARAMETER     The data size is too big.
   @retval EFI_SUCCESS               Find the specified variable.
 …
+  )
+{
   EFI_SMM_COMMUNICATE_HEADER                *SmmCommunicateHeader;
   SMM_VARIABLE_COMMUNICATE_HEADER           *SmmVariableFunctionHeader;
+  EFI_SMM_COMMUNICATE_HEADER                *SmmCommunicateHeader;
+  SMM_VARIABLE_COMMUNICATE_HEADER           *SmmVariableFunctionHeader;
   if (DataSize + SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE > mVariableBufferSize) {
     return EFI_INVALID_PARAMETER;
 …
   CopyGuid (&SmmCommunicateHeader->HeaderGuid, &gEfiSmmVariableProtocolGuid);
   SmmCommunicateHeader->MessageLength = DataSize + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE;
   SmmVariableFunctionHeader = (SMM_VARIABLE_COMMUNICATE_HEADER *) SmmCommunicateHeader->Data;
   SmmVariableFunctionHeader->Function = Function;
 …
   @retval      EFI_SUCCESS            Success is returned from the functin in SMM.
   @retval      Others                 Failure is returned from the function in SMM.
+  @retval      Others                 Failure is returned from the function in SMM.
 **/
 EFI_STATUS
 …
   EFI_STATUS                                Status;
   UINTN                                     CommSize;
   EFI_SMM_COMMUNICATE_HEADER                *SmmCommunicateHeader;
+  EFI_SMM_COMMUNICATE_HEADER                *SmmCommunicateHeader;
   SMM_VARIABLE_COMMUNICATE_HEADER           *SmmVariableFunctionHeader;
   CommSize = DataSize + SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE;
   Status = mSmmCommunication->Communicate (mSmmCommunication, mVariableBufferPhysical, &CommSize);
 …
                                      data, this value contains the required size.
   @param[out]     Data               Data pointer.
   @retval EFI_INVALID_PARAMETER      Invalid parameter.
   @retval EFI_SUCCESS                Find the specified variable.
 …
     goto Done;
+  }
   CopyGuid (VendorGuid, &SmmGetNextVariableName->Guid);
   CopyMem (VariableName, SmmGetNextVariableName->Name, SmmGetNextVariableName->NameSize);
+  CopyMem (VariableName, SmmGetNextVariableName->Name, SmmGetNextVariableName->NameSize);
 Done:
 …
+{
   EFI_STATUS                                Status;
   UINTN                                     PayloadSize;
+  UINTN                                     PayloadSize;
   SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE  *SmmVariableHeader;
   UINTN                                     VariableNameSize;
   //
   // Check input parameters.
 …
   if (VariableName == NULL || VariableName[0] == 0 || VendorGuid == NULL) {
     return EFI_INVALID_PARAMETER;
+  }
+  }
   if (DataSize != 0 && Data == NULL) {
 …
   *MaximumVariableSize          = SmmQueryVariableInfo->MaximumVariableSize;
   *MaximumVariableStorageSize   = SmmQueryVariableInfo->MaximumVariableStorageSize;
   *RemainingVariableStorageSize = SmmQueryVariableInfo->RemainingVariableStorageSize;
+  *RemainingVariableStorageSize = SmmQueryVariableInfo->RemainingVariableStorageSize;
 Done:
 …
   // SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE.
   //
   InitCommunicateBuffer (NULL, 0, SMM_VARIABLE_FUNCTION_EXIT_BOOT_SERVICE);
+  InitCommunicateBuffer (NULL, 0, SMM_VARIABLE_FUNCTION_EXIT_BOOT_SERVICE);
   //
 …
   //
   InitCommunicateBuffer (NULL, 0, SMM_VARIABLE_FUNCTION_READY_TO_BOOT);
   //
   // Send data to SMM.
 …
   @param[in] Event    Event whose notification function is being invoked.
   @param[in] Context  Pointer to the notification function's context.
 **/
 VOID
 …
     return;
+  }
   Status = gBS->LocateProtocol (&gEfiSmmCommunicationProtocolGuid, NULL, (VOID **) &mSmmCommunication);
   ASSERT_EFI_ERROR (Status);
   //
   // Allocate memory for variable communicate buffer.
 …
   gRT->SetVariable         = RuntimeServiceSetVariable;
   gRT->QueryVariableInfo   = RuntimeServiceQueryVariableInfo;
   //
   // Install the Variable Architectural Protocol on a new handle.
 …
   Status = gBS->InstallProtocolInterface (
                   &mHandle,
                   &gEfiVariableArchProtocolGuid,
+                  &gEfiVariableArchProtocolGuid,
                   EFI_NATIVE_INTERFACE,
                   NULL
 …
   @param[in] Event    Event whose notification function is being invoked.
   @param[in] Context  Pointer to the notification function's context.
 **/
 VOID
 …
     return;
+  }
   Status = gBS->InstallProtocolInterface (
                   &mHandle,
                   &gEfiVariableWriteArchProtocolGuid,
+                  &gEfiVariableWriteArchProtocolGuid,
                   EFI_NATIVE_INTERFACE,
                   NULL
                   );
   ASSERT_EFI_ERROR (Status);
+  ASSERT_EFI_ERROR (Status);
+}
 …
 /**
   Variable Driver main entry point. The Variable driver places the 4 EFI
   runtime services in the EFI System Table and installs arch protocols
+  runtime services in the EFI System Table and installs arch protocols
   for variable read and write services being available. It also registers
   a notification function for an EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE event.
   @param[in] ImageHandle    The firmware allocated handle for the EFI image.
+  @param[in] ImageHandle    The firmware allocated handle for the EFI image.
   @param[in] SystemTable    A pointer to the EFI System Table.
   @retval EFI_SUCCESS       Variable service successfully initialized.
 …
   //
   EfiCreateProtocolNotifyEvent (
     &gEfiSmmVariableProtocolGuid,
     TPL_CALLBACK,
     SmmVariableReady,
     NULL,
+    &gEfiSmmVariableProtocolGuid,
+    TPL_CALLBACK,
+    SmmVariableReady,
+    NULL,
     &SmmVariableRegistration
     );
 …
   //
   EfiCreateProtocolNotifyEvent (
     &gSmmVariableWriteGuid,
     TPL_CALLBACK,
     SmmVariableWriteReady,
     NULL,
+    &gSmmVariableWriteGuid,
+    TPL_CALLBACK,
+    SmmVariableWriteReady,
+    NULL,
     &SmmVariableWriteRegistration
     );
 …
   //
   EfiCreateEventReadyToBootEx (
     TPL_NOTIFY,
     OnReadyToBoot,
     NULL,
+    TPL_NOTIFY,
+    OnReadyToBoot,
+    NULL,
     &OnReadyToBootEvent
     );
+    );
   //
 …
          &gEfiEventExitBootServicesGuid,
          &ExitBootServiceEvent
          );
+         );
   //
 …
          &mVirtualAddressChangeEvent
          );
   return EFI_SUCCESS;
+}

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmmRuntimeDxe.inf

-              r58459
+              r58466
 #  Runtime DXE part corresponding to SMM authenticated variable module
+#
 #  This module installs variable arch protocol and variable write arch protocol to provide
 #  variable service. This module need work together with SMM authenticated variable module.
+#  This module installs variable arch protocol and variable write arch protocol to provide
+#  variable service. This module need work together with SMM authenticated variable module.
+#
 #  Caution: This module requires additional review when modified.
 #  This driver will have external input - variable data.
 #  This external input must be validated carefully to avoid security issues such as
+#  This external input must be validated carefully to avoid security issues such as
 #  buffer overflow or integer overflow.
 #    The whole SMM authentication variable design relies on the integrity of flash part and SMM.
 #  which is assumed to be protected by platform.  All variable code and metadata in flash/SMM Memory
 #  may not be modified without authorization. If platform fails to protect these resources,
+#  may not be modified without authorization. If platform fails to protect these resources,
 #  the authentication service provided in this driver will be broken, and the behavior is undefined.
+#
 …
 [LibraryClasses]
   MemoryAllocationLib
   BaseLib
+  BaseLib
   UefiBootServicesTableLib
   DebugLib
 …
   DxeServicesTableLib
   UefiDriverEntryPoint
   PcdLib
+  PcdLib
   TpmMeasurementLib
 …
   gEfiEventVirtualAddressChangeGuid                                 ## CONSUMES       ## Event
   gEfiEventExitBootServicesGuid                                     ## CONSUMES       ## Event
   ## CONSUMES ## UNDEFINED # Locate protocol
   ## CONSUMES ## UNDEFINED # Protocol notify
   gSmmVariableWriteGuid
   ## SOMETIMES_CONSUMES   ## Variable:L"PK"
 …
   ## SOMETIMES_CONSUMES   ## Variable:L"SecureBoot"
   gEfiGlobalVariableGuid
   ## SOMETIMES_CONSUMES   ## Variable:L"DB"
   ## SOMETIMES_CONSUMES   ## Variable:L"DBX"

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr

Property svn:eol-style set to native

-              r58459
+              r58466
 Copyright (c) 2011 - 2013, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
     name  = SECUREBOOT_CONFIGURATION,
     guid  = SECUREBOOT_CONFIG_FORM_SET_GUID;
   //
   // ##1 Form "Secure Boot Configuration"
 …
       text   = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),
         text   = STRING_TOKEN(STR_SECURE_BOOT_STATE_CONTENT);
     //
     // Define of Check Box: Attempt Secure Boot
 …
               flags    = INTERACTIVE,
       endcheckbox;
     endif;
+    endif;
     //
     // Display of Check Box: Attempt Secure Boot
 …
     endcheckbox;
     endif;
     //
     // Display of Oneof: 'Secure Boot Mode'
 …
     endif;
       oneof name = SecureBootMode,
             questionid = KEY_SECURE_BOOT_MODE,
+            questionid = KEY_SECURE_BOOT_MODE,
             prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),
             help   = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),
 …
             option text = STRING_TOKEN(STR_CUSTOM_MODE),      value = SECURE_BOOT_MODE_CUSTOM,   flags = 0;
       endoneof;
     //
     //
 …
     endif;
   endform;
   //
   // ##2 Form: 'Custom Secure Boot Options'
 …
   form formid = FORMID_SECURE_BOOT_OPTION_FORM,
     title  = STRING_TOKEN(STR_SECURE_BOOT_OPTION_TITLE);
     subtitle text = STRING_TOKEN(STR_NULL);
+    subtitle text = STRING_TOKEN(STR_NULL);
     goto FORMID_SECURE_BOOT_PK_OPTION_FORM,
          prompt = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION),
 …
          flags  = INTERACTIVE,
          key    = KEY_SECURE_BOOT_PK_OPTION;
     subtitle text = STRING_TOKEN(STR_NULL);
+    subtitle text = STRING_TOKEN(STR_NULL);
     goto FORMID_SECURE_BOOT_KEK_OPTION_FORM,
          prompt = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION),
 …
          flags  = INTERACTIVE,
          key    = KEY_SECURE_BOOT_KEK_OPTION;
     subtitle text = STRING_TOKEN(STR_NULL);
+    subtitle text = STRING_TOKEN(STR_NULL);
     goto FORMID_SECURE_BOOT_DB_OPTION_FORM,
          prompt = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION),
 …
          flags  = INTERACTIVE,
          key    = KEY_SECURE_BOOT_DB_OPTION;
     subtitle text = STRING_TOKEN(STR_NULL);
+    subtitle text = STRING_TOKEN(STR_NULL);
     goto FORMID_SECURE_BOOT_DBX_OPTION_FORM,
          prompt = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION),
 …
   endform;
   //
   // ##3 Form: 'PK Options'
 …
   form formid = FORMID_SECURE_BOOT_PK_OPTION_FORM,
     title  = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION);
     subtitle text = STRING_TOKEN(STR_NULL);
+    subtitle text = STRING_TOKEN(STR_NULL);
     //
     // Define of Check Box: 'Delete PK'
 …
       endcheckbox;
     endif;
     grayoutif ideqval SECUREBOOT_CONFIGURATION.HasPk == 1;
     goto FORMID_ENROLL_PK_FORM,
 …
          key    = KEY_ENROLL_PK;
     endif;
     subtitle text = STRING_TOKEN(STR_NULL);
     //
     // Display of Check Box: 'Delete Pk'
+    subtitle text = STRING_TOKEN(STR_NULL);
+    //
+    // Display of Check Box: 'Delete Pk'
     //
     grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;
     checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,
           questionid = KEY_SECURE_BOOT_DELETE_PK,
           prompt = STRING_TOKEN(STR_DELETE_PK),
+          prompt = STRING_TOKEN(STR_DELETE_PK),
           help   = STRING_TOKEN(STR_DELETE_PK_HELP),
           flags  = INTERACTIVE | RESET_REQUIRED,
 …
     endif;
   endform;
   //
   // ##4 Form: 'Enroll PK'
 …
   form formid = FORMID_ENROLL_PK_FORM,
     title  = STRING_TOKEN(STR_ENROLL_PK);
     subtitle text = STRING_TOKEN(STR_NULL);
 …
          key = SECUREBOOT_ADD_PK_FILE_FORM_ID;
   endform;
   //
   // ##5 Form: 'KEK Options'
 …
     //
     // Display of 'Enroll KEK'
+    // Display of 'Enroll KEK'
     //
     goto FORMID_ENROLL_KEK_FORM,
 …
          help   = STRING_TOKEN(STR_ENROLL_KEK_HELP),
          flags  = INTERACTIVE;
     subtitle text = STRING_TOKEN(STR_NULL);
     //
     // Display of 'Delete KEK'
+    subtitle text = STRING_TOKEN(STR_NULL);
+    //
+    // Display of 'Delete KEK'
     //
     goto FORMID_DELETE_KEK_FORM,
 …
          flags  = INTERACTIVE,
          key    = KEY_DELETE_KEK;
     subtitle text = STRING_TOKEN(STR_NULL);
   endform;
   //
   // ##6 Form: 'Enroll KEK'
+    subtitle text = STRING_TOKEN(STR_NULL);
+  endform;
+  //
+  // ##6 Form: 'Enroll KEK'
   //
   form formid = FORMID_ENROLL_KEK_FORM,
 …
       flags  = INTERACTIVE,
       key    = KEY_VALUE_SAVE_AND_EXIT_KEK;
     goto FORMID_SECURE_BOOT_OPTION_FORM,
       prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
 …
   //
   // ##7 Form: 'Delete KEK'
   //
+  //
   form formid = FORMID_DELETE_KEK_FORM,
     title  = STRING_TOKEN(STR_DELETE_KEK_TITLE);
 …
     label LABEL_KEK_DELETE;
     label LABEL_END;
     subtitle text = STRING_TOKEN(STR_NULL);
+    subtitle text = STRING_TOKEN(STR_NULL);
   endform;
 …
     flags  = INTERACTIVE,
     key    = SECUREBOOT_DELETE_SIGNATURE_FROM_DB;
   endform;
 …
     label LABEL_END;
     subtitle text = STRING_TOKEN(STR_NULL);
   endform;
 …
     label LABEL_END;
     subtitle text = STRING_TOKEN(STR_NULL);
   endform;
 …
          flags  = INTERACTIVE,
          key    = KEY_VALUE_SAVE_AND_EXIT_DB;
     goto FORMID_SECURE_BOOT_OPTION_FORM,
          prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
 …
          flags  = INTERACTIVE,
          key    = KEY_VALUE_SAVE_AND_EXIT_DBX;
     goto FORMID_SECURE_BOOT_OPTION_FORM,
          prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
 …
        label LABEL_END;
   endform;
   //
   // File Explorer for KEK
 …
     label SECUREBOOT_ADD_PK_FILE_FORM_ID;
     label LABEL_END;
     subtitle text = STRING_TOKEN(STR_NULL);

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDriver.c

-              r48674
+              r58466
 Copyright (c) 2011, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
   EFI_STATUS                       Status;
   SECUREBOOT_CONFIG_PRIVATE_DATA   *PrivateData;
   //
   // If already started, return.
 …
     return EFI_ALREADY_STARTED;
+  }
   //
   // Create a private data structure.
 …
     return EFI_OUT_OF_RESOURCES;
+  }
   //
   // Install SecureBoot configuration form
 …
   //
   // Install private GUID.
   //
+  //
   Status = gBS->InstallMultipleProtocolInterfaces (
                   &ImageHandle,
 …
   if (PrivateData != NULL) {
     UninstallSecureBootConfigForm (PrivateData);
+  }
+  }
   return Status;
+}
 …
                   &gEfiCallerIdGuid,
                   (VOID **) &PrivateData
                   );
+                  );
   if (EFI_ERROR (Status)) {
     return Status;
+    return Status;
+  }
   ASSERT (PrivateData->Signature == SECUREBOOT_CONFIG_PRIVATE_DATA_SIGNATURE);
 …
          NULL
          );
   UninstallSecureBootConfigForm (PrivateData);

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf

-              r58459
+              r58466
   ## SOMETIMES_PRODUCES      ## Variable:L"CustomMode"
   gEfiCustomModeEnableGuid
   ## SOMETIMES_CONSUMES      ## Variable:L"SecureBootEnable"
   ## SOMETIMES_PRODUCES      ## Variable:L"SecureBootEnable"
   gEfiSecureBootEnableDisableGuid
   ## SOMETIMES_CONSUMES      ## GUID            # Unique ID for the type of the signature.
   ## SOMETIMES_PRODUCES      ## GUID            # Unique ID for the type of the signature.
   gEfiCertRsa2048Guid
   ## SOMETIMES_CONSUMES      ## GUID            # Unique ID for the type of the signature.
   ## SOMETIMES_PRODUCES      ## GUID            # Unique ID for the type of the signature.
+  ## SOMETIMES_PRODUCES      ## GUID            # Unique ID for the type of the signature.
   gEfiCertX509Guid
   ## SOMETIMES_CONSUMES      ## GUID            # Unique ID for the type of the signature.
   ## SOMETIMES_PRODUCES      ## GUID            # Unique ID for the type of the signature.
+  ## SOMETIMES_PRODUCES      ## GUID            # Unique ID for the type of the signature.
   gEfiCertSha1Guid
   ## SOMETIMES_CONSUMES      ## GUID            # Unique ID for the type of the signature.
   ## SOMETIMES_PRODUCES      ## GUID            # Unique ID for the type of the signature.
+  ## SOMETIMES_PRODUCES      ## GUID            # Unique ID for the type of the signature.
   gEfiCertSha256Guid
   ## SOMETIMES_CONSUMES      ## Variable:L"db"
   ## SOMETIMES_PRODUCES      ## Variable:L"db"
 …
   ## SOMETIMES_PRODUCES      ## Variable:L"dbx"
   gEfiImageSecurityDatabaseGuid
   ## SOMETIMES_CONSUMES      ## Variable:L"SetupMode"
   ## SOMETIMES_PRODUCES      ## Variable:L"PK"
 …
   ## SOMETIMES_CONSUMES      ## Variable:L"SecureBoot"
   gEfiGlobalVariableGuid
   gEfiIfrTianoGuid                              ## PRODUCES            ## GUID       # HII opcode
   ## PRODUCES                ## HII

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c

-              r58459
+              r58466
 /**
   Helper function called as part of the code needed to allocate
+  Helper function called as part of the code needed to allocate
   the proper sized buffer for various EFI interfaces.
 …
 /**
   Append file name to existing file name, and allocate a new buffer
+  Append file name to existing file name, and allocate a new buffer
   to hold the appended result.
 …
   ASSERT (Str != NULL);
   TmpStr = AllocateZeroPool (Size1 + Size2 + sizeof (CHAR16));
+  TmpStr = AllocateZeroPool (Size1 + Size2 + sizeof (CHAR16));
   ASSERT (TmpStr != NULL);
 …
       //
       // Use TmpStr as a backup, as StrCpy in BaseLib does not handle copy of two strings
+      // Use TmpStr as a backup, as StrCpy in BaseLib does not handle copy of two strings
       // that overlap.
       //
 …
       //
       // Use TmpStr as a backup, as StrCpy in BaseLib does not handle copy of two strings
+      // Use TmpStr as a backup, as StrCpy in BaseLib does not handle copy of two strings
       // that overlap.
       //
 …
   FreePool (TmpStr);
   return Str;
+}
 …
   @param[in, out]  MenuOption        Menu to be freed
 **/
 VOID
 …
   Attributes is valid only for EFI_FILE_MODE_CREATE.
   @param[in, out]  FilePath        On input, the device path to the file.
+  @param[in, out]  FilePath        On input, the device path to the file.
                                    On output, the remaining device path.
   @param[out]      FileHandle      Pointer to the file handle.
 …
   EFI_FILE_PROTOCOL               *Handle1;
   EFI_FILE_PROTOCOL               *Handle2;
   EFI_HANDLE                      DeviceHandle;
+  EFI_HANDLE                      DeviceHandle;
   if ((FilePath == NULL || FileHandle == NULL)) {
 …
     FreePool (SimpleFsHandle);
+  }
   //
   // Remember how many file system options are here
 …
 /**
   Find files under the current directory. All files and sub-directories
+  Find files under the current directory. All files and sub-directories
   in current directory will be stored in DirectoryMenu for future use.
 …
     return EFI_OUT_OF_RESOURCES;
+  }
   //
   // Get all files in current directory
 …
                                     );
       NewMenuEntry->HelpString = NULL;
       NewFileContext->IsDir = (BOOLEAN) ((DirInfo->Attribute & EFI_FILE_DIRECTORY) == EFI_FILE_DIRECTORY);
       if (NewFileContext->IsDir) {
 …
   //
   // Free current updated date
   //
+  //
   if (mStartOpCodeHandle != NULL) {
     HiiFreeOpCodeHandle (mStartOpCodeHandle);
 …
     FreeMenu (&FsOptionMenu);
     FindFileSystem ();
     CreateMenuStringToken (PrivateData->HiiHandle, &FsOptionMenu);
     UpdateFileExplorePage (PrivateData->HiiHandle, &FsOptionMenu, PrivateData->FeCurrentState);
 …
       PrivateData->MenuEntry = NewMenuEntry;
       PrivateData->FileContext->FileName = NewFileContext->FileName;
       TmpDevicePath = NewFileContext->DevicePath;
       OpenFileByDevicePath (
 …
 /**
   Clean up the dynamic opcode at label and form specified by both LabelId.
+  Clean up the dynamic opcode at label and form specified by both LabelId.
   @param[in] LabelId         It is both the Form ID and Label ID for opcode deletion.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c

-              r58459
+              r58466
 SECUREBOOT_CONFIG_PRIVATE_DATA         mSecureBootConfigPrivateDateTemplate = {
   SECUREBOOT_CONFIG_PRIVATE_DATA_SIGNATURE,
+  SECUREBOOT_CONFIG_PRIVATE_DATA_SIGNATURE,
+  {
     SecureBootExtractConfig,
 …
 //
 // Variable Definitions
 //
+// Variable Definitions
+//
 UINT32            mPeCoffHeaderOffset = 0;
 WIN_CERTIFICATE   *mCertificate = NULL;
 …
+)
+{
   UINTN     Index;
+  UINTN     Index;
   for (Index = 0; mDerEncodedSuffix[Index] != NULL; Index++) {
     if (StrCmp (FileSuffix, mDerEncodedSuffix[Index]) == 0) {
 …
   Create a time based data payload by concatenating the EFI_VARIABLE_AUTHENTICATION_2
   descriptor with the input data. NO authentication is required in this function.
   @param[in, out]   DataSize       On input, the size of Data buffer in bytes.
                                    On output, the size of data returned in Data
                                    buffer in bytes.
   @param[in, out]   Data           On input, Pointer to data buffer to be wrapped or
+  @param[in, out]   Data           On input, Pointer to data buffer to be wrapped or
                                    pointer to NULL to wrap an empty payload.
                                    On output, Pointer to the new payload date buffer allocated from pool,
                                    it's caller's responsibility to free the memory when finish using it.
+                                   it's caller's responsibility to free the memory when finish using it.
   @retval EFI_SUCCESS              Create time based payload successfully.
 …
   UINTN                            DescriptorSize;
   EFI_TIME                         Time;
   if (Data == NULL || DataSize == NULL) {
     return EFI_INVALID_PARAMETER;
+  }
   //
   // In Setup mode or Custom mode, the variable does not need to be signed but the
+  //
+  // In Setup mode or Custom mode, the variable does not need to be signed but the
   // parameters to the SetVariable() call still need to be prepared as authenticated
   // variable. So we create EFI_VARIABLE_AUTHENTICATED_2 descriptor without certificate
 …
   Payload     = *Data;
   PayloadSize = *DataSize;
   DescriptorSize    = OFFSET_OF (EFI_VARIABLE_AUTHENTICATION_2, AuthInfo) + OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData);
   NewData = (UINT8*) AllocateZeroPool (DescriptorSize + PayloadSize);
 …
   Time.Pad2       = 0;
   CopyMem (&DescriptorData->TimeStamp, &Time, sizeof (EFI_TIME));
   DescriptorData->AuthInfo.Hdr.dwLength         = OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData);
   DescriptorData->AuthInfo.Hdr.wRevision        = 0x0200;
   DescriptorData->AuthInfo.Hdr.wCertificateType = WIN_CERT_TYPE_EFI_GUID;
   CopyGuid (&DescriptorData->AuthInfo.CertType, &gEfiCertPkcs7Guid);
   if (Payload != NULL) {
     FreePool(Payload);
+  }
   *DataSize = DescriptorSize + PayloadSize;
   *Data     = NewData;
 …
   @param[in]   SecureBootMode        New secure boot mode: STANDARD_SECURE_BOOT_MODE or
                                      CUSTOM_SECURE_BOOT_MODE.
   @return EFI_SUCCESS                The platform has switched to the special mode successfully.
   @return other                      Fail to operate the secure boot mode.
 **/
 EFI_STATUS
 …
+  )
+{
   return gRT->SetVariable (
+  return gRT->SetVariable (
                 EFI_CUSTOM_MODE_NAME,
                 &gEfiCustomModeEnableGuid,
 …
   @param[in]   X509File              FileHandle of X509 Certificate storing file.
   @param[out]  PkCert                Point to the data buffer to store the signature list.
   @return EFI_UNSUPPORTED            Unsupported Key Length.
   @return EFI_OUT_OF_RESOURCES       There are not enough memory resourses to form the signature list.
 **/
 EFI_STATUS
 CreatePkX509SignatureList (
   IN    EFI_FILE_HANDLE             X509File,
   OUT   EFI_SIGNATURE_LIST          **PkCert
+  IN    EFI_FILE_HANDLE             X509File,
+  OUT   EFI_SIGNATURE_LIST          **PkCert
+  )
+{
   EFI_STATUS              Status;
+  EFI_STATUS              Status;
   UINT8                   *X509Data;
   UINTN                   X509DataSize;
 …
   X509Data = NULL;
   PkCertData = NULL;
   X509DataSize = 0;
+  X509DataSize = 0;
   Status = ReadFileContent (X509File, (VOID**) &X509Data, &X509DataSize, 0);
   if (EFI_ERROR (Status)) {
 …
+  }
   (*PkCert)->SignatureListSize   = (UINT32) (sizeof(EFI_SIGNATURE_LIST)
+  (*PkCert)->SignatureListSize   = (UINT32) (sizeof(EFI_SIGNATURE_LIST)
                                     + sizeof(EFI_SIGNATURE_DATA) - 1
                                     + X509DataSize);
 …
   (*PkCert)->SignatureHeaderSize = 0;
   CopyGuid (&(*PkCert)->SignatureType, &gEfiCertX509Guid);
   PkCertData                     = (EFI_SIGNATURE_DATA*) ((UINTN)(*PkCert)
+  PkCertData                     = (EFI_SIGNATURE_DATA*) ((UINTN)(*PkCert)
                                                           + sizeof(EFI_SIGNATURE_LIST)
                                                           + (*PkCert)->SignatureHeaderSize);
   CopyGuid (&PkCertData->SignatureOwner, &gEfiGlobalVariableGuid);
+  CopyGuid (&PkCertData->SignatureOwner, &gEfiGlobalVariableGuid);
   //
   // Fill the PK database with PKpub data from X509 certificate file.
   //
+  //
   CopyMem (&(PkCertData->SignatureData[0]), X509Data, X509DataSize);
 ON_EXIT:
   if (X509Data != NULL) {
     FreePool (X509Data);
+  }
   if (EFI_ERROR(Status) && *PkCert != NULL) {
     FreePool (*PkCert);
     *PkCert = NULL;
+  }
   return Status;
+}
 …
   @retval   EFI_INVALID_PARAMETER  The parameter is invalid.
   @retval   EFI_OUT_OF_RESOURCES   Could not allocate needed resources.
 **/
 EFI_STATUS
 EnrollPlatformKey (
    IN  SECUREBOOT_CONFIG_PRIVATE_DATA*   Private
+  )
+  )
+{
   EFI_STATUS                      Status;
 …
   UINT16*                         FilePostFix;
   UINTN                           NameLength;
   if (Private->FileContext->FileName == NULL) {
     return EFI_INVALID_PARAMETER;
 …
   //
   Status = CreatePkX509SignatureList (
             Private->FileContext->FHandle,
             &PkCert
+            Private->FileContext->FHandle,
+            &PkCert
             );
   if (EFI_ERROR (Status)) {
 …
+  }
   ASSERT (PkCert != NULL);
   //
   // Set Platform Key variable.
   //
   Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS
+  //
+  Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS
           | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
   DataSize = PkCert->SignatureListSize;
 …
     goto ON_EXIT;
+  }
   Status = gRT->SetVariable(
                   EFI_PLATFORM_KEY_NAME,
                   &gEfiGlobalVariableGuid,
                   Attr,
                   DataSize,
+                  EFI_PLATFORM_KEY_NAME,
+                  &gEfiGlobalVariableGuid,
+                  Attr,
+                  DataSize,
                   PkCert
                   );
 …
     goto ON_EXIT;
+  }
 ON_EXIT:
 …
     FreePool(PkCert);
+  }
   if (Private->FileContext->FHandle != NULL) {
     CloseFile (Private->FileContext->FHandle);
 …
   @retval EFI_SUCCESS    Delete PK successfully.
   @retval Others         Could not allow to delete PK.
 **/
 EFI_STATUS
 …
   EFI_SIGNATURE_DATA              *KEKSigData;
   UINTN                           KekSigListSize;
   UINT8                           *KeyBuffer;
+  UINT8                           *KeyBuffer;
   UINTN                           KeyLenInBytes;
 …
   KekSigList  = NULL;
   KekSigListSize = 0;
   //
   // Form the KeKpub certificate list into EFI_SIGNATURE_LIST type.
   // First, We have to parse out public key data from the pbk key file.
   //
+  //
   Status = ReadFileContent (
              Private->FileContext->FHandle,
 …
     goto ON_EXIT;
+  }
   //
   // Convert the Public key to fix octet string format represented in RSA PKCS#1.
   //
+  //
   KeyLenInBytes = KeyInfo->KeyLengthInBits / 8;
   KeyBuffer = AllocateZeroPool (KeyLenInBytes);
 …
+  }
   Int2OctStr (
     (UINTN*) (KeyBlob + sizeof (CPL_KEY_INFO)),
     KeyLenInBytes / sizeof (UINTN),
     KeyBuffer,
+    (UINTN*) (KeyBlob + sizeof (CPL_KEY_INFO)),
+    KeyLenInBytes / sizeof (UINTN),
+    KeyBuffer,
     KeyLenInBytes
     );
   CopyMem(KeyBlob + sizeof(CPL_KEY_INFO), KeyBuffer, KeyLenInBytes);
   //
   // Form an new EFI_SIGNATURE_LIST.
 …
   KekSigList->SignatureSize = sizeof(EFI_SIGNATURE_DATA) - 1 + WIN_CERT_UEFI_RSA2048_SIZE;
   CopyGuid (&KekSigList->SignatureType, &gEfiCertRsa2048Guid);
   KEKSigData = (EFI_SIGNATURE_DATA*)((UINT8*)KekSigList + sizeof(EFI_SIGNATURE_LIST));
   CopyGuid (&KEKSigData->SignatureOwner, Private->SignatureGUID);
 …
     WIN_CERT_UEFI_RSA2048_SIZE
     );
   //
   // Check if KEK entry has been already existed.
   // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the
+  //
+  // Check if KEK entry has been already existed.
+  // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the
   // new KEK to original variable.
   //
   Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS
+  //
+  Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS
          | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
   Status = CreateTimeBasedPayload (&KekSigListSize, (UINT8**) &KekSigList);
 …
   Status = gRT->GetVariable(
                   EFI_KEY_EXCHANGE_KEY_NAME,
                   &gEfiGlobalVariableGuid,
                   NULL,
                   &DataSize,
+                  EFI_KEY_EXCHANGE_KEY_NAME,
+                  &gEfiGlobalVariableGuid,
+                  NULL,
+                  &DataSize,
                   NULL
                   );
 …
     goto ON_EXIT;
+  }
   //
   // Done. Now we have formed the correct KEKpub database item, just set it into variable storage,
   //
+  //
   Status = gRT->SetVariable(
                   EFI_KEY_EXCHANGE_KEY_NAME,
                   &gEfiGlobalVariableGuid,
                   Attr,
                   KekSigListSize,
+                  EFI_KEY_EXCHANGE_KEY_NAME,
+                  &gEfiGlobalVariableGuid,
+                  Attr,
+                  KekSigListSize,
                   KekSigList
                   );
 …
     goto ON_EXIT;
+  }
 ON_EXIT:
 …
     FreePool (KekSigList);
+  }
   return Status;
+}
 …
 EnrollX509ToKek (
   IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private
+  )
+  )
+{
   EFI_STATUS                        Status;
 …
   //
   // Fill Certificate Database parameters.
   //
+  //
   KekSigList->SignatureListSize   = (UINT32) KekSigListSize;
   KekSigList->SignatureHeaderSize = 0;
 …
   //
   // Check if KEK been already existed.
   // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the
+  // Check if KEK been already existed.
+  // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the
   // new kek to original variable
   //
   Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS
+  //
+  Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS
           | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
   Status = CreateTimeBasedPayload (&KekSigListSize, (UINT8**) &KekSigList);
 …
     goto ON_EXIT;
+  }
   Status = gRT->GetVariable(
                   EFI_KEY_EXCHANGE_KEY_NAME,
                   &gEfiGlobalVariableGuid,
                   NULL,
                   &DataSize,
+                  EFI_KEY_EXCHANGE_KEY_NAME,
+                  &gEfiGlobalVariableGuid,
+                  NULL,
+                  &DataSize,
                   NULL
                   );
 …
   } else if (Status != EFI_NOT_FOUND) {
     goto ON_EXIT;
+  }
+  }
   Status = gRT->SetVariable(
                   EFI_KEY_EXCHANGE_KEY_NAME,
                   &gEfiGlobalVariableGuid,
                   Attr,
+                  EFI_KEY_EXCHANGE_KEY_NAME,
+                  &gEfiGlobalVariableGuid,
+                  Attr,
                   KekSigListSize,
                   KekSigList
 …
   Enroll new KEK into the System without PK's authentication.
   The SignatureOwner GUID will be Private->SignatureGUID.
   @param[in] PrivateData     The module's private data.
   @retval   EFI_SUCCESS            New KEK enrolled successful.
   @retval   EFI_INVALID_PARAMETER  The parameter is invalid.
   @retval   others                 Fail to enroll KEK data.
 **/
 EFI_STATUS
 EnrollKeyExchangeKey (
   IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private
+  )
+  )
+{
   UINT16*     FilePostFix;
   EFI_STATUS  Status;
   UINTN       NameLength;
   if ((Private->FileContext->FileName == NULL) || (Private->SignatureGUID == NULL)) {
     return EFI_INVALID_PARAMETER;
 …
   //
   // Parse the file's postfix. Supports DER-encoded X509 certificate,
+  // Parse the file's postfix. Supports DER-encoded X509 certificate,
   // and .pbk as RSA public key file.
   //
 …
   @param[in] PrivateData     The module's private data.
   @param[in] VariableName    Variable name of signature database, must be
+  @param[in] VariableName    Variable name of signature database, must be
                              EFI_IMAGE_SECURITY_DATABASE or EFI_IMAGE_SECURITY_DATABASE1.
   @retval   EFI_SUCCESS            New X509 is enrolled successfully.
   @retval   EFI_OUT_OF_RESOURCES   Could not allocate needed resources.
 …
   IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private,
   IN CHAR16                         *VariableName
+  )
+  )
+{
   EFI_STATUS                        Status;
 …
   //
   // Fill Certificate Database parameters.
   //
+  //
   SigDBCert = (EFI_SIGNATURE_LIST*) Data;
   SigDBCert->SignatureListSize   = (UINT32) SigDBSize;
 …
   //
   // Check if signature database entry has been already existed.
   // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the
+  // Check if signature database entry has been already existed.
+  // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the
   // new signature data to original variable
   //
   Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS
+  //
+  Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS
           | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
   Status = CreateTimeBasedPayload (&SigDBSize, (UINT8**) &Data);
 …
   Status = gRT->GetVariable(
                   VariableName,
                   &gEfiImageSecurityDatabaseGuid,
                   NULL,
                   &DataSize,
+                  VariableName,
+                  &gEfiImageSecurityDatabaseGuid,
+                  NULL,
+                  &DataSize,
                   NULL
                   );
 …
   } else if (Status != EFI_NOT_FOUND) {
     goto ON_EXIT;
+  }
+  }
   Status = gRT->SetVariable(
                   VariableName,
                   &gEfiImageSecurityDatabaseGuid,
                   Attr,
+                  VariableName,
+                  &gEfiImageSecurityDatabaseGuid,
+                  Attr,
                   SigDBSize,
                   Data
 …
 EFI_STATUS
 LoadPeImage (
   VOID
+  )
+  VOID
+  )
+{
   EFI_IMAGE_DOS_HEADER                  *DosHdr;
 …
+  {
     //
     // DOS image header is present,
+    // DOS image header is present,
     // So read the PE header after the DOS image header
     //
 …
   // Note the size of FileHeader field is constant for both IA32 and X64 arch
   //
   if ((NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_IA32)
+  if ((NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_IA32)
       || (NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_EBC)) {
     //
 …
   @param[in]    HashAlg   Hash algorithm type.
   @retval TRUE            Successfully hash image.
   @retval FALSE           Fail in hash image.
 **/
 BOOLEAN
+BOOLEAN
 HashPeImage (
   IN  UINT32                HashAlg
 …
     return FALSE;
+  }
   //
   // Initialize context of hash.
 …
   if (HashAlg == HASHALG_SHA1) {
     mImageDigestSize  = SHA1_DIGEST_SIZE;
     mCertType         = gEfiCertSha1Guid;
+    mCertType         = gEfiCertSha1Guid;
   } else if (HashAlg == HASHALG_SHA256) {
     mImageDigestSize  = SHA256_DIGEST_SIZE;
 …
   CtxSize   = mHash[HashAlg].GetContextSize();
   HashCtx = AllocatePool (CtxSize);
   ASSERT (HashCtx != NULL);
 …
   if (mNtHeader.Pe32->FileHeader.Machine == IMAGE_FILE_MACHINE_IA64 && mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
     //
     // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value
     //       in the PE/COFF Header. If the MachineType is Itanium(IA64) and the
+    // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value
+    //       in the PE/COFF Header. If the MachineType is Itanium(IA64) and the
     //       Magic value in the OptionalHeader is EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC
     //       then override the magic value to EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC
 …
     Magic = mNtHeader.Pe32->OptionalHeader.Magic;
+  }
   //
   // 3.  Calculate the distance from the base of the image header to the image checksum address.
 …
     //
     // Use PE32+ offset.
     //
+    //
     HashBase = (UINT8 *) &mNtHeader.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);
     HashSize = (UINTN) ((UINT8 *) (&mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - HashBase);
 …
                  mImageSize -
                  mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size -
                  SumOfBytesHashed);
+                 SumOfBytesHashed);
+    }
 …
 /**
   Recognize the Hash algorithm in PE/COFF Authenticode and caculate hash of
   Pe/Coff image based on the authenticated image hashing in PE/COFF Specification
+  Recognize the Hash algorithm in PE/COFF Authenticode and caculate hash of
+  Pe/Coff image based on the authenticated image hashing in PE/COFF Specification
 .0 Appendix A
 …
 **/
 EFI_STATUS
+EFI_STATUS
 HashPeImageByType (
   VOID
 …
   PkcsCertData = (WIN_CERTIFICATE_EFI_PKCS *) (mImageBase + mSecDataDir->Offset);
   for (Index = 0; Index < HASHALG_MAX; Index++) {
+  for (Index = 0; Index < HASHALG_MAX; Index++) {
     //
     // Check the Hash algorithm in PE/COFF Authenticode.
     //    According to PKCS#7 Definition:
+    //    According to PKCS#7 Definition:
     //        SignedData ::= SEQUENCE {
     //            version Version,
 …
+    }
     //
+    //
     if (CompareMem (PkcsCertData->CertData + 32, mHash[Index].OidValue, mHash[Index].OidLength) == 0) {
       break;
 …
 /**
   Enroll a new executable's signature into Signature Database.
+  Enroll a new executable's signature into Signature Database.
   @param[in] PrivateData     The module's private data.
   @param[in] VariableName    Variable name of signature database, must be
+  @param[in] VariableName    Variable name of signature database, must be
                              EFI_IMAGE_SECURITY_DATABASE or EFI_IMAGE_SECURITY_DATABASE1.
 …
   Status = ReadFileContent(
              Private->FileContext->FHandle,
              (VOID **) &mImageBase,
              &mImageSize,
+             (VOID **) &mImageBase,
+             &mImageSize,
              );
   if (EFI_ERROR (Status)) {
     goto ON_EXIT;
+  }
+  }
   ASSERT (mImageBase != NULL);
 …
+    }
   } else {
     //
     // Read the certificate data
 …
         goto ON_EXIT;;
+      }
     } else if (mCertificate->wCertificateType == WIN_CERT_TYPE_PKCS_SIGNED_DATA) {
 …
   // Create a new SigDB entry.
   //
   SigDBSize = sizeof(EFI_SIGNATURE_LIST)
+  SigDBSize = sizeof(EFI_SIGNATURE_LIST)
               + sizeof(EFI_SIGNATURE_DATA) - 1
               + (UINT32) mImageDigestSize;
 …
     goto ON_EXIT;
+  }
   //
   // Adjust the Certificate Database parameters.
   //
+  //
   SigDBCert = (EFI_SIGNATURE_LIST*) Data;
   SigDBCert->SignatureListSize   = (UINT32) SigDBSize;
 …
   CopyMem (SigDBCertData->SignatureData, mImageDigest, mImageDigestSize);
   Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS
+  Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS
           | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
   Status = CreateTimeBasedPayload (&SigDBSize, (UINT8**) &Data);
 …
     goto ON_EXIT;
+  }
   //
   // Check if SigDB variable has been already existed.
   // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the
+  //
+  // Check if SigDB variable has been already existed.
+  // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the
   // new signature data to original variable
   //
+  //
   DataSize = 0;
   Status = gRT->GetVariable(
                   VariableName,
                   &gEfiImageSecurityDatabaseGuid,
                   NULL,
                   &DataSize,
+                  VariableName,
+                  &gEfiImageSecurityDatabaseGuid,
+                  NULL,
+                  &DataSize,
                   NULL
                   );
 …
   } else if (Status != EFI_NOT_FOUND) {
     goto ON_EXIT;
+  }
+  }
   //
 …
   //
   Status = gRT->SetVariable(
                   VariableName,
                   &gEfiImageSecurityDatabaseGuid,
                   Attr,
                   SigDBSize,
+                  VariableName,
+                  &gEfiImageSecurityDatabaseGuid,
+                  Attr,
+                  SigDBSize,
                   Data
                   );
 …
   Enroll signature into DB/DBX without KEK's authentication.
   The SignatureOwner GUID will be Private->SignatureGUID.
   @param[in] PrivateData     The module's private data.
   @param[in] VariableName    Variable name of signature database, must be
+  @param[in] VariableName    Variable name of signature database, must be
                              EFI_IMAGE_SECURITY_DATABASE or EFI_IMAGE_SECURITY_DATABASE1.
   @retval   EFI_SUCCESS            New signature enrolled successfully.
   @retval   EFI_INVALID_PARAMETER  The parameter is invalid.
   @retval   others                 Fail to enroll signature data.
 **/
 EFI_STATUS
 …
   IN SECUREBOOT_CONFIG_PRIVATE_DATA     *Private,
   IN CHAR16                             *VariableName
+  )
+  )
+{
   UINT16*      FilePostFix;
 …
     return Status;
+  }
   //
   // Parse the file's postfix.
+  //
+  // Parse the file's postfix.
   //
   NameLength = StrLen (Private->FileContext->FileName);
 …
   @retval   EFI_SUCCESS             Success to update the signature list page
   @retval   EFI_OUT_OF_RESOURCES    Unable to allocate required resources.
 **/
 EFI_STATUS
 …
   VOID                        *EndOpCodeHandle;
   EFI_IFR_GUID_LABEL          *StartLabel;
   EFI_IFR_GUID_LABEL          *EndLabel;
+  EFI_IFR_GUID_LABEL          *EndLabel;
   UINTN                       DataSize;
   UINT8                       *Data;
 …
   StartOpCodeHandle = NULL;
   EndOpCodeHandle   = NULL;
   //
   // Initialize the container for dynamic opcodes.
 …
   if (StartOpCodeHandle == NULL) {
     Status = EFI_OUT_OF_RESOURCES;
     goto ON_EXIT;
+    goto ON_EXIT;
+  }
 …
   if (EndOpCodeHandle == NULL) {
     Status = EFI_OUT_OF_RESOURCES;
     goto ON_EXIT;
+    goto ON_EXIT;
+  }
 …
   //
   DataSize = 0;
   Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, Data);
+  Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, Data);
   if (EFI_ERROR (Status) && Status != EFI_BUFFER_TOO_SMALL) {
     goto ON_EXIT;
 …
     CertCount  = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
     for (Index = 0; Index < CertCount; Index++) {
       Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList
                                               + sizeof (EFI_SIGNATURE_LIST)
                                               + CertList->SignatureHeaderSize
+      Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList
+                                              + sizeof (EFI_SIGNATURE_LIST)
+                                              + CertList->SignatureHeaderSize
                                               + Index * CertList->SignatureSize);
       //
       // Display GUID and help
+      // Display GUID and help
       //
       GuidToString (&Cert->SignatureOwner, GuidStr, 100);
 …
         StartOpCodeHandle,
         (EFI_QUESTION_ID) (QuestionIdBase + GuidIndex++),
 ,
 ,
         GuidID,
+,
+,
+        GuidID,
         Help,
         EFI_IFR_FLAG_CALLBACK,
 ,
         NULL
         );
+        );
+    }
 …
     HiiFreeOpCodeHandle (EndOpCodeHandle);
+  }
   if (Data != NULL) {
     FreePool (Data);
 …
 /**
   Delete a KEK entry from KEK database.
+  Delete a KEK entry from KEK database.
   @param[in]    PrivateData         Module's private data.
 …
   @retval   EFI_SUCCESS            Delete kek item successfully.
   @retval   EFI_OUT_OF_RESOURCES   Could not allocate needed resources.
 **/
 EFI_STATUS
 …
   CertList        = NULL;
   Cert            = NULL;
   Attr            = 0;
+  Attr            = 0;
   DeleteKekIndex  = QuestionId - OPTION_DEL_KEK_QUESTION_ID;
 …
     return Status;
+  }
   //
   // Get original KEK variable.
   //
   DataSize = 0;
+  //
+  DataSize = 0;
   Status = gRT->GetVariable (EFI_KEY_EXCHANGE_KEY_NAME, &gEfiGlobalVariableGuid, NULL, &DataSize, NULL);
   if (EFI_ERROR(Status) && Status != EFI_BUFFER_TOO_SMALL) {
 …
   OldData = (UINT8*)AllocateZeroPool(DataSize);
   if (OldData == NULL) {
     Status = EFI_OUT_OF_RESOURCES;
+    Status = EFI_OUT_OF_RESOURCES;
     goto ON_EXIT;
+  }
 …
   //
   // Allocate space for new variable.
+  // Allocate space for new variable.
   //
   Data = (UINT8*) AllocateZeroPool (DataSize);
 …
           //
           NewCertList->SignatureListSize -= CertList->SignatureSize;
           IsKEKItemFound = TRUE;
+          IsKEKItemFound = TRUE;
         } else {
           //
 …
       Offset += CertList->SignatureListSize;
+    }
     KekDataSize -= CertList->SignatureListSize;
     CertList = (EFI_SIGNATURE_LIST*) ((UINT8*) CertList + CertList->SignatureListSize);
 …
       CopyMem (OldData + Offset, CertList, CertList->SignatureListSize);
       Offset += CertList->SignatureListSize;
+    }
+    }
     KekDataSize -= CertList->SignatureListSize;
     CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);
 …
   Status = gRT->SetVariable(
                   EFI_KEY_EXCHANGE_KEY_NAME,
                   &gEfiGlobalVariableGuid,
                   Attr,
                   DataSize,
+                  EFI_KEY_EXCHANGE_KEY_NAME,
+                  &gEfiGlobalVariableGuid,
+                  Attr,
+                  DataSize,
                   OldData
                   );
 …
     goto ON_EXIT;
+  }
 ON_EXIT:
   if (Data != NULL) {
 …
   return UpdateDeletePage (
            PrivateData,
+           PrivateData,
            EFI_KEY_EXCHANGE_KEY_NAME,
            &gEfiGlobalVariableGuid,
 …
   @param[in]    QuestionIdBase      Base question id of the signature list.
   @param[in]    DeleteIndex         Signature index to delete.
   @retval   EFI_SUCCESS             Delete siganture successfully.
   @retval   EFI_NOT_FOUND           Can't find the signature item,
 …
   CertList        = NULL;
   Cert            = NULL;
   Attr            = 0;
+  Attr            = 0;
   Status = SetSecureBootMode(CUSTOM_SECURE_BOOT_MODE);
 …
   //
   // Get original signature list data.
   //
+  //
   DataSize = 0;
   Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, NULL);
 …
   OldData = (UINT8 *) AllocateZeroPool (DataSize);
   if (OldData == NULL) {
     Status = EFI_OUT_OF_RESOURCES;
+    Status = EFI_OUT_OF_RESOURCES;
     goto ON_EXIT;
+  }
 …
   if (EFI_ERROR(Status)) {
     goto ON_EXIT;
+  }
   //
   // Allocate space for new variable.
+  }
+  //
+  // Allocate space for new variable.
   //
   Data = (UINT8*) AllocateZeroPool (DataSize);
 …
           //
           NewCertList->SignatureListSize -= CertList->SignatureSize;
           IsItemFound = TRUE;
+          IsItemFound = TRUE;
         } else {
           //
 …
       Offset += CertList->SignatureListSize;
+    }
     ItemDataSize -= CertList->SignatureListSize;
     CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);
 …
       CopyMem (OldData + Offset, (UINT8*)(CertList), CertList->SignatureListSize);
       Offset += CertList->SignatureListSize;
+    }
+    }
     ItemDataSize -= CertList->SignatureListSize;
     CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);
 …
   Status = gRT->SetVariable(
                   VariableName,
                   VendorGuid,
                   Attr,
                   DataSize,
+                  VariableName,
+                  VendorGuid,
+                  Attr,
+                  DataSize,
                   OldData
                   );
 …
     goto ON_EXIT;
+  }
 ON_EXIT:
   if (Data != NULL) {
 …
   return UpdateDeletePage (
            PrivateData,
+           PrivateData,
            VariableName,
            VendorGuid,
 …
 /**
   This function extracts configuration from variable.
   @param[in, out]  ConfigData   Point to SecureBoot configuration private data.
 …
 SecureBootExtractConfigFromVariable (
   IN OUT SECUREBOOT_CONFIGURATION    *ConfigData
+  )
+  )
+{
   UINT8   *SecureBootEnable;
 …
   SetupMode        = NULL;
   SecureBootMode   = NULL;
   //
   // If the SecureBootEnable Variable doesn't exist, hide the SecureBoot Enable/Disable
 …
+    }
+  }
   //
   // If it is Physical Presence User, set the PhysicalPresent to true.
 …
     ConfigData->PhysicalPresent = FALSE;
+  }
   //
   // If there is no PK then the Delete Pk button will be gray.
 …
     return EFI_INVALID_PARAMETER;
+  }
   AllocatedRequest = FALSE;
   ConfigRequestHdr = NULL;
 …
   Size             = 0;
   SecureBoot       = NULL;
   ZeroMem (&Configuration, sizeof (Configuration));
   PrivateData      = SECUREBOOT_CONFIG_PRIVATE_FROM_THIS (This);
   *Progress        = Request;
   if ((Request != NULL) && !HiiIsConfigHdrMatch (Request, &gSecureBootConfigFormSetGuid, mSecureBootStorageName)) {
     return EFI_NOT_FOUND;
 …
     FreePool (SecureBoot);
+  }
   BufferSize = sizeof (SECUREBOOT_CONFIGURATION);
   ConfigRequest = Request;
 …
   UINTN                      BufferSize;
   EFI_STATUS                 Status;
   if (Configuration == NULL || Progress == NULL) {
     return EFI_INVALID_PARAMETER;
 …
+{
   EFI_INPUT_KEY                   Key;
   EFI_STATUS                      Status;
+  EFI_STATUS                      Status;
   SECUREBOOT_CONFIG_PRIVATE_DATA  *Private;
   UINTN                           BufferSize;
 …
     return EFI_SUCCESS;
+  }
   if (Action == EFI_BROWSER_ACTION_RETRIEVE) {
     Status = EFI_UNSUPPORTED;
 …
     return Status;
+  }
   if ((Action != EFI_BROWSER_ACTION_CHANGED) &&
       (Action != EFI_BROWSER_ACTION_CHANGING) &&
 …
     return EFI_UNSUPPORTED;
+  }
   Private = SECUREBOOT_CONFIG_PRIVATE_FROM_THIS (This);
 …
   HiiGetBrowserData (&gSecureBootConfigFormSetGuid, mSecureBootStorageName, BufferSize, (UINT8 *) IfrNvData);
   if (Action == EFI_BROWSER_ACTION_CHANGING) {
 …
       // Refresh selected file.
       //
       CleanUpPage (LabelId, Private);
+      CleanUpPage (LabelId, Private);
       break;
     case SECUREBOOT_ADD_PK_FILE_FORM_ID:
     case FORMID_ENROLL_KEK_FORM:
 …
       break;
     case KEY_SECURE_BOOT_DELETE_PK:
+    case KEY_SECURE_BOOT_DELETE_PK:
       if (Value->u8) {
         CreatePopUp (
 …
     case KEY_DELETE_KEK:
       UpdateDeletePage (
         Private,
+        Private,
         EFI_KEY_EXCHANGE_KEY_NAME,
         &gEfiGlobalVariableGuid,
         LABEL_KEK_DELETE,
         FORMID_DELETE_KEK_FORM,
         OPTION_DEL_KEK_QUESTION_ID
+        OPTION_DEL_KEK_QUESTION_ID
         );
       break;
     case SECUREBOOT_DELETE_SIGNATURE_FROM_DB:
+    case SECUREBOOT_DELETE_SIGNATURE_FROM_DB:
       UpdateDeletePage (
         Private,
 …
           EFI_IMAGE_SECURITY_DATABASE,
           &gEfiImageSecurityDatabaseGuid,
           LABEL_DB_DELETE,
+          LABEL_DB_DELETE,
           SECUREBOOT_DELETE_SIGNATURE_FROM_DB,
           OPTION_DEL_DB_QUESTION_ID,
 …
           EFI_IMAGE_SECURITY_DATABASE1,
           &gEfiImageSecurityDatabaseGuid,
           LABEL_DBX_DELETE,
+          LABEL_DBX_DELETE,
           SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,
           OPTION_DEL_DBX_QUESTION_ID,
 …
     case KEY_SECURE_BOOT_ENABLE:
       *ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY;
       break;
+      break;
     case KEY_VALUE_SAVE_AND_EXIT_PK:
       Status = EnrollPlatformKey (Private);
 …
           );
       } else {
         *ActionRequest = EFI_BROWSER_ACTION_REQUEST_RESET;
+      }
+        *ActionRequest = EFI_BROWSER_ACTION_REQUEST_RESET;
+      }
       break;
 …
         Private->FileContext->FileName = NULL;
+      }
       if (Private->SignatureGUID != NULL) {
         FreePool (Private->SignatureGUID);
 …
       *ActionRequest = EFI_BROWSER_ACTION_REQUEST_EXIT;
       break;
     case KEY_SECURE_BOOT_MODE:
       mIsEnterSecureBootForm = FALSE;
 …
+    }
+  }
   if (!EFI_ERROR (Status)) {
     BufferSize = sizeof (SECUREBOOT_CONFIGURATION);
 …
+  }
   FreePool (IfrNvData);
   return EFI_SUCCESS;
+}
 …
   PrivateData->FileContext = AllocateZeroPool (sizeof (SECUREBOOT_FILE_CONTEXT));
   PrivateData->MenuEntry   = AllocateZeroPool (sizeof (SECUREBOOT_MENU_ENTRY));
   if (PrivateData->FileContext == NULL || PrivateData->MenuEntry == NULL) {
     UninstallSecureBootConfigForm (PrivateData);
     return EFI_OUT_OF_RESOURCES;
+  }
   PrivateData->FeCurrentState = FileExplorerStateInActive;
   PrivateData->FeDisplayContext = FileExplorerDisplayUnknown;
   InitializeListHead (&FsOptionMenu.Head);
   InitializeListHead (&DirectoryMenu.Head);
 …
   mEndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
   mEndLabel->Number       = LABEL_END;
   return EFI_SUCCESS;
+}

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.h

-              r58459
+              r58466
   CHAR16                   *Name;           ///< Name for Hash Algorithm
   UINTN                    DigestLength;    ///< Digest Length
   UINT8                    *OidValue;       ///< Hash Algorithm OID ASN.1 Value
+  UINT8                    *OidValue;       ///< Hash Algorithm OID ASN.1 Value
   UINTN                    OidLength;       ///< Length of Hash OID Value
   HASH_GET_CONTEXT_SIZE    GetContextSize;  ///< Pointer to Hash GetContentSize function
 …
 /**
   Clean up the dynamic opcode at label and form specified by both LabelId.
+  Clean up the dynamic opcode at label and form specified by both LabelId.
   @param[in] LabelId         It is both the Form ID and Label ID for opcode deletion.
 …
   @param[in, out]  MenuOption        Menu to be freed
 **/
 VOID
 …
 /**
   Read file content into BufferPtr, the size of the allocate buffer
+  Read file content into BufferPtr, the size of the allocate buffer
   is *FileSize plus AddtionAllocateSize.
 …
   @param[in, out]  BufferPtr             Pointers to the pointer of allocated buffer.
   @param[out]      FileSize              Size of input file
   @param[in]       AddtionAllocateSize   Addtion size the buffer need to be allocated.
+  @param[in]       AddtionAllocateSize   Addtion size the buffer need to be allocated.
                                          In case the buffer need to contain others besides the file content.
   @retval   EFI_SUCCESS                  The file was read into the buffer.
   @retval   EFI_INVALID_PARAMETER        A parameter was invalid.
 …
   @param[in] FileHandle           The file handle to close.
 **/
 VOID
 …
   @param[in]   Integer          Pointer to the nonnegative integer to be converted
   @param[in]   IntSizeInWords   Length of integer buffer in words
   @param[out]  OctetString      Converted octet string of the specified length
+  @param[out]  OctetString      Converted octet string of the specified length
   @param[in]   OSSizeInBytes    Intended length of resulting octet string in bytes
 …
 EFI_STATUS
 StringToGuid (
   IN   CHAR16           *Str,
   IN   UINTN            StrLen,
+  IN   CHAR16           *Str,
+  IN   UINTN            StrLen,
   OUT  EFI_GUID         *Guid
   );
 …
   @param[in]     Buffer        Buffer to print Guid into.
   @param[in]     BufferSize    Size of Buffer.
   @retval    Number of characters printed.

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigMisc.c

-              r48674
+              r58466
 /**
   Read file content into BufferPtr, the size of the allocate buffer
+  Read file content into BufferPtr, the size of the allocate buffer
   is *FileSize plus AddtionAllocateSize.
 …
   @param[in, out]  BufferPtr             Pointers to the pointer of allocated buffer.
   @param[out]      FileSize              Size of input file
   @param[in]       AddtionAllocateSize   Addtion size the buffer need to be allocated.
+  @param[in]       AddtionAllocateSize   Addtion size the buffer need to be allocated.
                                          In case the buffer need to contain others besides the file content.
   @retval   EFI_SUCCESS                  The file was read into the buffer.
   @retval   EFI_INVALID_PARAMETER        A parameter was invalid.
 …
     goto ON_EXIT;
+  }
   Status = FileHandle->SetPosition (FileHandle, 0);
   if (EFI_ERROR (Status)) {
 …
 ON_EXIT:
   *BufferPtr = Buffer;
   return Status;
 …
   @param[in] FileHandle           The file handle to close.
 **/
 VOID
 …
+{
   if (FileHandle != NULL) {
     FileHandle->Close (FileHandle);
+    FileHandle->Close (FileHandle);
+  }
+}
 …
   @param[in]   Integer          Pointer to the nonnegative integer to be converted
   @param[in]   IntSizeInWords   Length of integer buffer in words
   @param[out]  OctetString      Converted octet string of the specified length
+  @param[out]  OctetString      Converted octet string of the specified length
   @param[in]   OSSizeInBytes    Intended length of resulting octet string in bytes
 …
     *Ptr2 = *Ptr1;
+  }
   for (; Ptr1 < (CONST UINT8 *)(Integer + IntSizeInWords) && *Ptr1 == 0; Ptr1++);
   if (Ptr1 < (CONST UINT8 *)(Integer + IntSizeInWords)) {
     return EFI_BUFFER_TOO_SMALL;
+  }
   if (Ptr2 >= OctetString) {
     ZeroMem (OctetString, Ptr2 - OctetString + 1);
+  }
   return EFI_SUCCESS;
+}
 …
 EFI_STATUS
 StringToGuid (
   IN   CHAR16           *Str,
   IN   UINTN            StrLen,
+  IN   CHAR16           *Str,
+  IN   UINTN            StrLen,
   OUT  EFI_GUID         *Guid
+  )
 …
   //
   PtrBuffer       = Buffer;
   PtrPosition     = PtrBuffer;
+  PtrPosition     = PtrBuffer;
   while (*PtrBuffer != L'\0') {
     if (*PtrBuffer == L'-') {
 …
   FreePool (Buffer);
   return EFI_SUCCESS;
+}
 …
   @param[in]     Buffer        Buffer to print Guid into.
   @param[in]     BufferSize    Size of Buffer.
   @retval    Number of characters printed.
 …
   Size = UnicodeSPrint (
             Buffer,
             BufferSize,
+            BufferSize,
             L"%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x",
             (UINTN)Guid->Data1,
+            (UINTN)Guid->Data1,
             (UINTN)Guid->Data2,
             (UINTN)Guid->Data3,

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigNvData.h

-              r58459
+              r58466
 Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 …
 // Question ID 0x4000 ~ 0x4FFF is for DBX
 //
 #define OPTION_DEL_DBX_QUESTION_ID            0x4000
+#define OPTION_DEL_DBX_QUESTION_ID            0x4000
 #define FILE_OPTION_GOTO_OFFSET               0xC000
 …
   BOOLEAN PhysicalPresent; //If a Physical Present User;
   UINT8   SecureBootMode;  //Secure Boot Mode: Standard Or Custom
   BOOLEAN DeletePk;
+  BOOLEAN DeletePk;
   BOOLEAN HasPk;           //If Pk is existed it is true;
 } SECUREBOOT_CONFIGURATION;

trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigStrings.uni

Property svn:mime-type changed from application/octet-stream to text/plain;encoding=UTF-16LE

Changeset 58466 in vbox for trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg

Legend: