pre-commit: autoupdate hooks #117
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
pre-commit-ci
bot
force-pushed
the
pre-commit-ci-update-config
branch
from
6cf37b9 to
fdb6e4f
Compare
pre-commit-ci
bot
force-pushed
the
pre-commit-ci-update-config
branch
from
fdb6e4f to
86c9798
Compare
pre-commit-ci
bot
force-pushed
the
pre-commit-ci-update-config
branch
from
86c9798 to
9b9293b
Compare
pre-commit-ci
bot
force-pushed
the
pre-commit-ci-update-config
branch
from
9b9293b to
e3fe2ce
Compare
Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
…nd CPU_TIMER_LIB Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
…onally Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
… variables Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Signed-off-by: Maciej Pijanowski <maciej.pijanowski@3mdeb.com> Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Signed-off-by: Maciej Pijanowski <maciej.pijanowski@3mdeb.com>
This script can be useful for testing in OSFV. The serial port can be accessed with: telnet 127.0.0.1 1234 This way, we can control the edk2 menus in tests. The graphics is ON unless "nographic" is specified as a parameter. Signed-off-by: Maciej Pijanowski <maciej.pijanowski@3mdeb.com>
Signed-off-by: Maciej Pijanowski <maciej.pijanowski@3mdeb.com>
Our tests expect these strings to be there, as they are for the DasharoPayloadPkg as well. Signed-off-by: Maciej Pijanowski <maciej.pijanowski@3mdeb.com>
Ported from EmulatorPkg. Signed-off-by: Maciej Pijanowski <maciej.pijanowski@3mdeb.com>
Signed-off-by: Maciej Pijanowski <maciej.pijanowski@3mdeb.com>
Signed-off-by: Maciej Pijanowski <maciej.pijanowski@3mdeb.com>
We want the following: - ESC - one time boot menu - F2 - setup menu See the discussion in Github: #91 (comment) Signed-off-by: Maciej Pijanowski <maciej.pijanowski@3mdeb.com>
Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
…timeout Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
…lt value Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
This will allow us testing easily more menus in QEMU Signed-off-by: Maciej Pijanowski <maciej.pijanowski@3mdeb.com>
Signed-off-by: Maciej Pijanowski <maciej.pijanowski@3mdeb.com> Signed-off-by: Piotr Król <piotr.krol@3mdeb.com>
Find the log using DasharoPayloadPkg/CbParseLib in DasharoPayloadPkg/BlSupportPei and create HOBs like those produced by TcgPei and Tcg2Pei all of which will be picked up by TcgDxe and Tcg2Dxe. TPM1 case is quite simple: - use coreboot's Spec ID Event as EDK doesn't seem to add one of its own TPM2 case is more advanced and is more complicated: - don't create a HOB for coreboot's Spec ID Event (the first entry) because TPM2 can have multiple digests and coreboot produces at most one - when importing HOBs in Tcg2Dxe add missing hashes of OneDigest kind from TXT spec (0x01 followed by 0x00 bytes) just to not come up with some custom placeholder Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Basically a copy&paste from Tcg2Smm. Intentionally not making any changes (like dropping use of PCDs to pass data) beyond what's necessary to make it work. No need for an analogous change for TPM1 because TcgDxe already publishes the log. Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Signed-off-by: Micha¿ Kope¿ <michal.kopec@3mdeb.com>
Co-authored-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
Fixes the assert happenning in OVMF when attempting to enter setup: GetVariableInfo(): Unknown variable: UsbPortPower. ASSERT DasharoVariablesLib.c(198): (0 && "No default value set for a variable.") Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
…or capsule progress bar Signed-off-by: Wiktor Mowinski <wiktor.mowinski@3mdeb.com>
Conditionally include module definitions for VirtIO storage drivers and their dependencies for q35 mainboard (`[Components.X64]` only) Signed-off-by: Kamil Aronowski <kamil.aronowski@yahoo.com>
Hightlighting empty strings or strings containing a single SPACE character resulted in drawing a confusing single-character-wide black rectangle. Skip highlighting those mepty strings. it may be useful in forms where no entry should be highlighted by default. It can be done by defining a text field with empty prompt and help string as first menu entry. Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
The text field between the list of files and option to create files or directories was a selectable empty string with no functionality. When moving through the menu one had to press the arrow one extra time to navigate to the files. As it is confusing, change the text field to subtitle so it is not selectable anymore. Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
…XE boot in FUM Signed-off-by: Wiktor Mowinski <wiktor.mowinski@3mdeb.com> Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
…utodetect and use FTDI converters Previously the FTDI device had to be manually selected from console options to become a console redirection device. Then there was the chance of it being dropped across reboots due to path instability. This commit automatically searches for an FTDI device and attaches it to the Con variables. Signed-off-by: Filip Lewinski <filip.lewinski@3mdeb.com>
Signed-off-by: Filip Lewiński <filip.lewinski@3mdeb.com>
Signed-off-by: Micha¿ ¿ygowski <michal.zygowski@3mdeb.com> Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
Reset Secure Boot Keys option should only touch the keys and nothing else. Keep the SecureBootEnable variable value from before selecting to reset the keys as re-enrolling PK would unconditionally enable Secure Boot. Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
…ead current firmware EFI_OUT_OF_RESOURCES was a bad choice as it most often suggests memory allocation issue. EFI_END_OF_MEDIA is not used and is therefore unambiguous. Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
At least Clevo laptops seem to be especially prone to SMIs being occasionally ignored, so double the number of tries. Practically speaking, retrying 6 times would probably have the same effect, but there should be no negative side-effects of 10 retries as it affects only a highly unlikely cases of multiple failures in a row. The approximate failure rate with 5 retries was ~1/128000 SMM requests. This change should lower the rate by several orders of magnitude. Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
There is a chance that adding NOPs has the effect of increasing the probability of success. The reasoning is that SMI might not happen if an interrupt occurs due to IRET in the handler suppressing the SMI, thus extra instructions could give the interrupt a higher chance of being processed before CMP instruction is run. From Intel SDM 3c: An SMI may be blocked for one instruction following execution of STI, MOV to SS, or POP into SS. From Intel SDM 2a: If the return is to another privilege level, the IRET instruction also pops the stack pointer and SS from the stack, before resuming program execution. So it's not entirely clear this could happen in the firmware running at ring 0, but it won't hurt either. Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Signed-off-by: Michał Kopeć <michal.kopec@3mdeb.com>
The "Dependencies" key of Payloads was set to "None" string for capsules with no DepEx. The produced JSON file wasn't suitable for passing back to --encode without modifications. Fix the issue by removing such invalid "Dependencies" keys similarly how it's done for keys related to signing. Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
When a capsule is signed, --decode printed a warning if neither openssl nor signtool was configured via command-line options. And yet, it then proceeded to attempt the verification anyway. Current implementation only ever uses --trusted-public-cert during verification, so there could be some logic to this behaviour. However, it's still confusing, so don't attempt to verify anything if it's not expected to work. Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
…n JSON Collect paths to drivers as they being saved and pass to GenerateOutputJson() for inclusion into the output JSON file. Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
DB default was missing the Microsoft Option ROM UEFI CA 2023. Microsoft has separated the signing of Option ROMs from regular PE binaries. Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Microsoft certificates in DB and KEK must have the Signature Owner GUID set to 77fa9abd-0359-4d32-bd60-28f4e78f784b in the signature list structure. By default EDK2 used gEfiGlobalVariableGuid as signature owner. For reference see Windows Secure Boot Key Creation and Management Guidance on https://learn.microsoft.com/ Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Some hashes were simply ignored (lack of all CompareGuid in conditions) and it caused the browser to enter an infinite loop. Because CertList variable was never updated, the exit condition for the while loop never met. Also add formatting for displaying image hashes or certificate hashes instead of prue GUIDs. Fixes Dasharo/dasharo-issues#1365 TEST=Enroll DTS grubx64.efi to DB then delete its signature from DB using the Secure Boot menu on QEMU OVMF. Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
updates: - [github.com/pre-commit/pre-commit-hooks: v4.4.0 → v6.0.0](pre-commit/pre-commit-hooks@v4.4.0...v6.0.0) - [github.com/talos-systems/conform: v0.1.0-alpha.27 → v0.1.0-alpha.30](siderolabs/conform@v0.1.0-alpha.27...v0.1.0-alpha.30) - [github.com/codespell-project/codespell: v2.2.5 → v2.4.1](codespell-project/codespell@v2.2.5...v2.4.1)
pre-commit-ci
bot
force-pushed
the
pre-commit-ci-update-config
branch
from
e3fe2ce to
a28d997
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
updates: