From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM03-BY2-obe.outbound.protection.outlook.com (mail-by2nam03on070a.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe4a::70a]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 9480E1A1EC7 for ; Tue, 11 Oct 2016 02:51:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=ogKZa6G5shCJwZWUWrU0L7HA+Rcg0bcPcHRMbyKEOLc=; b=TCrHimHQHzm6JphbZuCF7KVCYR//xwGugS2sVNZD3f9f8DjMeD+3aASeqo2UKtqWPSKGr0EFyehSpGWTySqPONrahB25EY6Sq0Gf9soJ7MQ+89K23I46jgRKjMI+/Oy47eSw23Grnu1K0mV/kfwbXDfvpgtvf2wbVv8z7L8DInU= Received: from BY1PR03MB1355.namprd03.prod.outlook.com (10.162.109.25) by BY1PR03MB1353.namprd03.prod.outlook.com (10.162.109.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.659.11; Tue, 11 Oct 2016 09:51:29 +0000 Received: from BY1PR03MB1355.namprd03.prod.outlook.com ([10.162.109.25]) by BY1PR03MB1355.namprd03.prod.outlook.com ([10.162.109.25]) with mapi id 15.01.0659.018; Tue, 11 Oct 2016 09:51:29 +0000 From: Sean Brogan To: Jiewen Yao , "edk2-devel@lists.01.org" CC: Michael D Kinney , Feng Tian , Chao Zhang , Liming Gao , Star Zeng Thread-Topic: [edk2] [PATCH V2 09/50] MdeModulePkg/FmpAuthenticationLib: Add FmpAuthenticationLib instance. Thread-Index: AQHSGxVfqpx4fuGpN0ymTNjw43Ajj6CjD7tg Date: Tue, 11 Oct 2016 09:51:29 +0000 Message-ID: References: <1475238128-22448-1-git-send-email-jiewen.yao@intel.com> <1475238128-22448-10-git-send-email-jiewen.yao@intel.com> In-Reply-To: <1475238128-22448-10-git-send-email-jiewen.yao@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=sean.brogan@microsoft.com; x-originating-ip: [50.46.222.147] x-ms-office365-filtering-correlation-id: 62895326-395b-410e-dab8-08d3f1bc2ce7 x-microsoft-exchange-diagnostics: 1; BY1PR03MB1353; 7:2cdqC0JHwdE+863gn55wOfBezRA8X9DhvP4TkDvt1oibL2WBlA0oc+3ov6oqtGkuDt08sRxnFhNvBy2KHoSDwn5KuJEOHt0iMao7daM8LFUHGe4sNgUUsnh9mLanyZQ+eWjbcMO0DQTlQAWzFllN5xvyNRmk8deSEzjIpUQvYTiRY3HYTFan1nC5xV5BPaR4aibOpqJU04uVTfhenf2qiPqrrYqElYpCbsINUT2OpAknZVzLytHQL2al+sgbwAFubndBc9KK59/D2lhy9F8aeqUyBV0j3B4xpnSydA0YHKOhRXkDs3mfFx3F+kkeEc18bTIAIS8Tm0yicnpCMinMg1MZBGkQlDLmU2+hvG9YcCFqxXwOW8rYC/yVpynATHMk x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BY1PR03MB1353; x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(162533806227266)(228905959029699); x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(6040176)(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001)(6055026)(61426038)(61427038); SRVR:BY1PR03MB1353; BCL:0; PCL:0; RULEID:; SRVR:BY1PR03MB1353; x-forefront-prvs: 00922518D8 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(7916002)(377454003)(13464003)(189002)(199003)(33656002)(9686002)(77096005)(15975445007)(15395725005)(2950100002)(92566002)(8936002)(305945005)(74316002)(4326007)(7736002)(7696004)(7846002)(2501003)(11100500001)(76576001)(3660700001)(122556002)(5001770100001)(97736004)(3280700002)(68736007)(2900100001)(99286002)(19580395003)(105586002)(54356999)(101416001)(87936001)(106116001)(106356001)(50986999)(76176999)(16799955002)(86362001)(15188155005)(86612001)(575784001)(5002640100001)(19580405001)(5005710100001)(189998001)(8990500004)(2906002)(5660300001)(10400500002)(10290500002)(8676002)(10090500001)(66066001)(586003)(3846002)(102836003)(6116002)(81166006)(81156014); DIR:OUT; SFP:1102; SCL:1; SRVR:BY1PR03MB1353; H:BY1PR03MB1355.namprd03.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts) spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM MIME-Version: 1.0 X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Oct 2016 09:51:29.7218 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY1PR03MB1353 Subject: Re: [PATCH V2 09/50] MdeModulePkg/FmpAuthenticationLib: Add FmpAuthenticationLib instance. X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Oct 2016 09:51:31 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable In ExecuteFmpAuthenticationHandler and other functions you use asserts to h= andle parameter validation. I didn't see in the caller any protections aga= inst bad parameters so on builds with ASSERT disabled this code will not be= safe. =20 Can you explain how you are using monotonic count? Your comment says you a= re incrementing the PCD to avoid rollback (line 246: It is incremented duri= ng each firmware image operation.) Looks like it is just being compared to make sure capsule counter not less = than PCD based value? =20 Same comments as patch 3. In my opinion library registration pattern is ov= erkill for this usage. =20 Thanks Sean =20 > -----Original Message----- > From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of > Jiewen Yao > Sent: Friday, September 30, 2016 5:21 AM > To: edk2-devel@lists.01.org > Cc: Michael D Kinney ; Feng Tian > ; Chao Zhang ; Liming Gao > ; Star Zeng > Subject: [edk2] [PATCH V2 09/50] MdeModulePkg/FmpAuthenticationLib: Add > FmpAuthenticationLib instance. >=20 > This library is used to authenticate a UEFI defined FMP Capsule. >=20 > Cc: Feng Tian > Cc: Star Zeng > Cc: Michael D Kinney > Cc: Liming Gao > Cc: Chao Zhang > Contributed-under: TianoCore Contribution Agreement 1.0 > Signed-off-by: Jiewen Yao > Reviewed-by: Liming Gao > --- > MdeModulePkg/Library/FmpAuthenitcationLib/FmpAuthenitcationLib.c | 277 > ++++++++++++++++++++ > MdeModulePkg/Library/FmpAuthenitcationLib/FmpAuthenitcationLib.inf | 47 > ++++ MdeModulePkg/Library/FmpAuthenitcationLib/FmpAuthenitcationLib.uni > | 22 ++ > 3 files changed, 346 insertions(+) >=20 > diff --git > a/MdeModulePkg/Library/FmpAuthenitcationLib/FmpAuthenitcationLib.c > b/MdeModulePkg/Library/FmpAuthenitcationLib/FmpAuthenitcationLib.c > new file mode 100644 > index 0000000..878cbf9 > --- /dev/null > +++ b/MdeModulePkg/Library/FmpAuthenitcationLib/FmpAuthenitcationLib.c > @@ -0,0 +1,277 @@ > +/** @file > + Provide generic FMP authentication functions for DXE/PEI post memory > phase. > + > + ExecuteFmpAuthenticationHandler() will receive untrusted input and do > + basic validation. > + > + Copyright (c) 2016, Intel Corporation. All rights reserved.
This > + program and the accompanying materials are licensed and made > + available under the terms and conditions of the BSD License which > + accompanies this distribution. The full text of the license may be > + found at http://opensource.org/licenses/bsd-license.php. > + > + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" > BASIS, > + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER > EXPRESS OR IMPLIED. > + > +**/ > + > +#include > + > +#include > +#include > +#include #include > + #include #include > + #include > + > +#define FMP_AUTHENTICATION_HANDLER_TABLE_SIZE 0x10 > + > +UINT64 mMonotonicCount; > + > +UINT32 mNumberOfFmpAuthenticationHandler =3D 0; > +UINT32 mMaxNumberOfFmpAuthenticationHandler =3D 0; > + > +GUID *mFmpAuthenticationHandlerGuidTable =3D NUL= L; > +FMP_AUTHENTICATION_HANDLER *mFmpAuthenticationHandlerTable =3D > NULL; > + > +/** > + Reallocates more global memory to store the registered guid and Handle= r > list. > + > + @retval RETURN_SUCCESS Reallocated more global memory spac= e to > store guid and function tables. > + @retval RETURN_OUT_OF_RESOURCES Not enough memory to allocate. > +**/ > +RETURN_STATUS > +EFIAPI > +ReallocateFmpAuthenticationHandlerTable ( > + ) > +{ > + // > + // Reallocate memory for GuidTable > + // > + mFmpAuthenticationHandlerGuidTable =3D ReallocatePool ( > + mMaxNumberOfFmpAuthenticationHa= ndler * sizeof > (GUID), > + (mMaxNumberOfFmpAuthenticationH= andler + > FMP_AUTHENTICATION_HANDLER_TABLE_SIZE) * sizeof (GUID), > + mFmpAuthenticationHandlerGuidTa= ble > + ); > + if (mFmpAuthenticationHandlerGuidTable =3D=3D NULL) { > + goto Done; > + } > + > + // > + // Reallocate memory for Authentication handler Table // > + mFmpAuthenticationHandlerTable =3D ReallocatePool ( > + mMaxNumberOfFmpAuthenticationHandle= r * sizeof > (FMP_AUTHENTICATION_HANDLER), > + (mMaxNumberOfFmpAuthenticationHandl= er + > FMP_AUTHENTICATION_HANDLER_TABLE_SIZE) * sizeof > (FMP_AUTHENTICATION_HANDLER), > + mFmpAuthenticationHandlerTable > + ); if > + (mFmpAuthenticationHandlerTable =3D=3D NULL) { > + goto Done; > + } > + > + // > + // Increase max handler number > + // > + mMaxNumberOfFmpAuthenticationHandler =3D > + mMaxNumberOfFmpAuthenticationHandler + > + FMP_AUTHENTICATION_HANDLER_TABLE_SIZE; > + return RETURN_SUCCESS; > + > +Done: > + if (mFmpAuthenticationHandlerGuidTable !=3D NULL) { > + FreePool (mFmpAuthenticationHandlerGuidTable); > + } > + if (mFmpAuthenticationHandlerTable !=3D NULL) { > + FreePool (mFmpAuthenticationHandlerTable); > + } > + > + return RETURN_OUT_OF_RESOURCES; > +} > + > +/** > + Constructor allocates the global memory to store the registered guid a= nd > Handler list. > + > + @param ImageHandle The firmware allocated handle for the EFI image. > + @param SystemTable A pointer to the EFI System Table. > + > + @retval RETURN_SUCCESS Allocated the global memory space t= o > store guid and function tables. > + @retval RETURN_OUT_OF_RESOURCES Not enough memory to allocate. > +**/ > +RETURN_STATUS > +EFIAPI > +FmpAuthenticationLibConstructor ( > + VOID > + ) > +{ > + mMonotonicCount =3D > PcdGet64(PcdEdkiiSystemFmpCapsuleMonotonicCount); > + > + return ReallocateFmpAuthenticationHandlerTable (); } > + > +/** > + Register FMP authentication handler with CertType. > + > + If CertType is NULL, then ASSERT(). > + If FmpAuthenticationHandler is NULL, then ASSERT(). > + > + @param[in] CertType The certificate type associated= with the > FMP auth handler. > + @param[in] FmpAuthenticationHandler The FMP authentication handler = to > be registered. > + > + @retval RETURN_SUCCESS The handlers were registered. > + @retval RETURN_OUT_OF_RESOURCES There are not enough resources > available to register the handlers. > +**/ > +RETURN_STATUS > +EFIAPI > +RegisterFmpAuthenticationHandler( > + IN GUID *CertType, > + IN FMP_AUTHENTICATION_HANDLER FmpAuthenticationHandler > + ) > +{ > + UINTN Index; > + > + // > + // Check input paramter. > + // > + ASSERT (CertType !=3D NULL); > + ASSERT (FmpAuthenticationHandler !=3D NULL); > + > + // > + // Search the match registered GetInfo handler for the input guided se= ction. > + // > + for (Index =3D 0; Index < mNumberOfFmpAuthenticationHandler; Index ++)= { > + if (CompareGuid (&mFmpAuthenticationHandlerGuidTable[Index], > CertType)) { > + // > + // If the guided handler has been registered before, only update i= ts > handler. > + // > + mFmpAuthenticationHandlerTable[Index] =3D FmpAuthenticationHandler= ; > + return RETURN_SUCCESS; > + } > + } > + > + // > + // Check the global table is enough to contain new Handler. > + // > + if (mNumberOfFmpAuthenticationHandler >=3D > mMaxNumberOfFmpAuthenticationHandler) { > + if (ReallocateFmpAuthenticationHandlerTable () !=3D RETURN_SUCCESS) = { > + return RETURN_OUT_OF_RESOURCES; > + } > + } > + > + // > + // Register new Handler and guid value. > + // > + CopyGuid (&mFmpAuthenticationHandlerGuidTable > + [mNumberOfFmpAuthenticationHandler], CertType); > + mFmpAuthenticationHandlerTable [mNumberOfFmpAuthenticationHandler] > =3D > + FmpAuthenticationHandler; mNumberOfFmpAuthenticationHandler++; > + > + return RETURN_SUCCESS; > +} > + > +/** > + Execute FMP authentication handlers. > + > + Caution: This function may receive untrusted input. > + > + If Image is NULL, then ASSERT(). > + If ImageSize is 0, then ASSERT(). > + If LastAttemptStatus is NULL, then ASSERT(). > + > + @param[in] Image Points to the new FMP authentication = image, > + start from EFI_FIRMWARE_IMAGE_AUTHENT= ICATION. > + @param[in] ImageSize Size of the authentication image in b= ytes. > + @param[out] LastAttemptStatus The last attempt status, which will b= e > recorded > + in ESRT and FMP EFI_FIRMWARE_IMAGE_DE= SCRIPTOR. > + > + @retval RETURN_SUCCESS Authentication pass. > + @retval RETURN_SECURITY_VIOLATION Authentication fail. > + The detail reson is recorded in Last= AttemptStatus. > + @retval RETURN_UNSUPPORTED No Authentication handler associated > with CertType. > +**/ > +RETURN_STATUS > +EFIAPI > +ExecuteFmpAuthenticationHandler( > + IN VOID *Image, > + IN UINTN ImageSize, > + OUT UINT32 *LastAttemptStatus > + ) > +{ > + EFI_FIRMWARE_IMAGE_AUTHENTICATION *ImageAuthentication; > + UINTN ImageOffset; > + UINTN Index; > + GUID *CertType; > + > + // > + // Check the input parameters > + // > + ASSERT (Image !=3D NULL); > + ASSERT (ImageSize !=3D 0); > + ASSERT (LastAttemptStatus !=3D NULL); > + > + ASSERT (mNumberOfFmpAuthenticationHandler !=3D 0); > + > + ImageAuthentication =3D (EFI_FIRMWARE_IMAGE_AUTHENTICATION *)Image; > if > + (ImageSize < sizeof(EFI_FIRMWARE_IMAGE_AUTHENTICATION)) { > + DEBUG((DEBUG_ERROR, "ExecuteFmpAuthenticationHandler - ImageSize > too small\n")); > + *LastAttemptStatus =3D LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT; > + return RETURN_SECURITY_VIOLATION; > + } > + if (ImageAuthentication->AuthInfo.Hdr.dwLength <=3D > sizeof(WIN_CERTIFICATE) + sizeof(EFI_GUID)) { > + DEBUG((DEBUG_ERROR, "ExecuteFmpAuthenticationHandler - dwLength > too small\n")); > + *LastAttemptStatus =3D LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT; > + return RETURN_SECURITY_VIOLATION; > + } > + if (ImageAuthentication->AuthInfo.Hdr.dwLength > MAX_UINTN - > sizeof(UINT64)) { > + DEBUG((DEBUG_ERROR, "ExecuteFmpAuthenticationHandler - dwLength > too big\n")); > + *LastAttemptStatus =3D LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT; > + return RETURN_SECURITY_VIOLATION; > + } > + ImageOffset =3D sizeof(UINT64) + > + ImageAuthentication->AuthInfo.Hdr.dwLength; > + if (ImageSize <=3D ImageOffset) { > + DEBUG((DEBUG_ERROR, "ExecuteFmpAuthenticationHandler - ImageSize > too small\n")); > + *LastAttemptStatus =3D LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT; > + return RETURN_SECURITY_VIOLATION; > + } > + if (ImageAuthentication->AuthInfo.Hdr.wRevision !=3D 0x0200) { > + DEBUG((DEBUG_ERROR, "ExecuteFmpAuthenticationHandler - wRevision: > 0x%02x, expect - 0x%02x\n", (UINTN)ImageAuthentication- > >AuthInfo.Hdr.wRevision, (UINTN)0x0200)); > + *LastAttemptStatus =3D LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT; > + return RETURN_SECURITY_VIOLATION; > + } > + if (ImageAuthentication->AuthInfo.Hdr.wCertificateType !=3D > WIN_CERT_TYPE_EFI_GUID) { > + DEBUG((DEBUG_ERROR, "ExecuteFmpAuthenticationHandler - > wCertificateType: 0x%02x, expect - 0x%02x\n", (UINTN)ImageAuthentication- > >AuthInfo.Hdr.wCertificateType, (UINTN)WIN_CERT_TYPE_EFI_GUID)); > + *LastAttemptStatus =3D LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT; > + return RETURN_SECURITY_VIOLATION; > + } > + > + // > + // It is used to ensure freshness / no replay. > + // It is incremented during each firmware image operation. > + // > + if (ImageAuthentication->MonotonicCount < mMonotonicCount) { > + DEBUG((DEBUG_ERROR, "ExecuteFmpAuthenticationHandler - > MonotonicCount: 0x%016lx, current - 0x%016lx\n", ImageAuthentication- > >MonotonicCount, mMonotonicCount)); > + *LastAttemptStatus =3D > LAST_ATTEMPT_STATUS_ERROR_INCORRECT_VERSION; > + return RETURN_SECURITY_VIOLATION; > + } > + > + CertType =3D &ImageAuthentication->AuthInfo.CertType; > + DEBUG((DEBUG_INFO, "ExecuteFmpAuthenticationHandler - CertType: > + %g\n", CertType)); > + > + // > + // Search the match registered extract handler for the input guided se= ction. > + // > + for (Index =3D 0; Index < mNumberOfFmpAuthenticationHandler; Index ++)= { > + if (CompareGuid (&mFmpAuthenticationHandlerGuidTable[Index], > CertType)) { > + // > + // Call the match handler to extract raw data for the input sectio= n data. > + // > + return mFmpAuthenticationHandlerTable [Index] ( > + Image, > + ImageSize, > + LastAttemptStatus > + ); > + } > + } > + > + // > + // Not found, the input guided section is not supported. > + // > + return RETURN_UNSUPPORTED; > +} > diff --git > a/MdeModulePkg/Library/FmpAuthenitcationLib/FmpAuthenitcationLib.inf > b/MdeModulePkg/Library/FmpAuthenitcationLib/FmpAuthenitcationLib.inf > new file mode 100644 > index 0000000..edd0a61 > --- /dev/null > +++ b/MdeModulePkg/Library/FmpAuthenitcationLib/FmpAuthenitcationLib.inf > @@ -0,0 +1,47 @@ > +## @file > +# FmpAuthenitcation Library > +# > +# Instance of FmpAuthenitcation Library for DXE/PEI post memory phase. > +# > +# Copyright (c) 2016, Intel Corporation. All rights reserved.
# # > +This program and the accompanying materials # are licensed and made > +available under the terms and conditions of the BSD License # which > +accompanies this distribution. The full text of the license may be > +found at # http://opensource.org/licenses/bsd-license.php. > +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" > +BASIS, # WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER > EXPRESS OR IMPLIED. > +# > +## > + > +[Defines] > + INF_VERSION =3D 0x00010005 > + BASE_NAME =3D FmpAuthenitcationLib > + MODULE_UNI_FILE =3D FmpAuthenitcationLib.uni > + FILE_GUID =3D 5011522C-7B0E-4ACB-8E30-9B1D133CF2E= 0 > + MODULE_TYPE =3D BASE > + VERSION_STRING =3D 1.0 > + LIBRARY_CLASS =3D FmpAuthenitcationLib > + CONSTRUCTOR =3D FmpAuthenticationLibConstructor > + > +# > +# The following information is for reference only and not required by th= e build > tools. > +# > +# VALID_ARCHITECTURES =3D IA32 X64 IPF EBC > +# > + > +[Sources] > + FmpAuthenitcationLib.c > + > +[Packages] > + MdePkg/MdePkg.dec > + MdeModulePkg/MdeModulePkg.dec > + > +[LibraryClasses] > + MemoryAllocationLib > + BaseMemoryLib > + DebugLib > + PcdLib > + > +[Pcd] > + > gEfiMdeModulePkgTokenSpaceGuid.PcdEdkiiSystemFmpCapsuleMonotonicCou > nt > diff --git > a/MdeModulePkg/Library/FmpAuthenitcationLib/FmpAuthenitcationLib.uni > b/MdeModulePkg/Library/FmpAuthenitcationLib/FmpAuthenitcationLib.uni > new file mode 100644 > index 0000000..ea660c0 > --- /dev/null > +++ > b/MdeModulePkg/Library/FmpAuthenitcationLib/FmpAuthenitcationLib.uni > @@ -0,0 +1,22 @@ > +// /** @file > +// FmpAuthenitcation Library > +// > +// Instance of FmpAuthenitcation Library for DXE/PEI post memory phase. > +// > +// Copyright (c) 2016, Intel Corporation. All rights reserved.
// > +// This program and the accompanying materials // are licensed and made > +available under the terms and conditions of the BSD License // which > +accompanies this distribution. The full text of the license may be > +found at // http://opensource.org/licenses/bsd-license.php > +// > +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" > +BASIS, // WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER > EXPRESS OR IMPLIED. > +// > +// **/ > + > + > +#string STR_MODULE_ABSTRACT #language en-US "FmpAuthenitcati= on > Library" > + > +#string STR_MODULE_DESCRIPTION #language en-US "Instance of > FmpAuthenitcation Library for DXE/PEI post memory phase." > + > -- > 2.7.4.windows.1 >=20 > _______________________________________________ > edk2-devel mailing list > edk2-devel@lists.01.org > https://lists.01.org/mailman/listinfo/edk2-devel