pre-commit: autoupdate hooks #117
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![pre-commit-ci[bot]](https://avatars.githubusercontent.com/in/68672?s=60&v=4){kind=small}
pre-commit-ci
bot
force-pushed
the
pre-commit-ci-update-config
branch
from
6cf37b9 to
fdb6e4f
Compare
…tures.c: Remove extra newline Co-authored-by: Michał Żygowski <[email protected]>
Signed-off-by: Kacper Stojek <[email protected]>
…ge for handoff at ReadyToBoot Signed-off-by: Kacper Stojek <[email protected]>
…ar to a single uint8 value Signed-off-by: Kacper Stojek <[email protected]>
…p to changes in efivar Signed-off-by: Kacper Stojek <[email protected]>
…t of PcdVTdPolicyPropertyMask Signed-off-by: Kacper Stojek <[email protected]>
…wrong values in IommuConfig Signed-off-by: Kacper Stojek <[email protected]>
…e proper variable types Signed-off-by: Kacper Stojek <[email protected]>
Signed-off-by: Michał Żygowski <[email protected]>
…tures.c: disable IOMMU by default Signed-off-by: Michał Żygowski <[email protected]>
…ble option Signed-off-by: Michał Kopeć <[email protected]>
…option Signed-off-by: Michał Żygowski <[email protected]>
…ot enabled Signed-off-by: Michał Żygowski <[email protected]> Co-authored-by: Michał Kopeć <[email protected]>
…s for variables Signed-off-by: Karol Zmyslowski <[email protected]>
…turesVfr.vfr: fix default and add reset requirement Signed-off-by: Michał Żygowski <[email protected]>
…tures.c: handle interactive NetworkBoot default Signed-off-by: Michał Żygowski <[email protected]>
… WDT timeout depend on PCD Signed-off-by: Michał Żygowski <[email protected]>
…h PCD if not enabled Signed-off-by: Michał Żygowski <[email protected]>
…tures: add FUM This commit adds option in security menu to enable Firmware Update Mode. As a result, UEFI variable is set, which will be later caught by coreboot and acted upon to disable firmware write protections. Signed-off-by: Krystian Hebel <[email protected]> Signed-off-by: Michał Żygowski <[email protected]>
Selects state the system gets into when power supply is restored after power failure. Adds gDasharoSystemFeaturesTokenSpaceGuid.PcdDefaultPowerFailureState PCD which sets its default value. Signed-off-by: Sergii Dmytruk <[email protected]>
It controls visibility of sleep type inside Power Management Options submenu. The PCD is on by default for compatibility. Signed-off-by: Sergii Dmytruk <[email protected]>
…ants Signed-off-by: Sergii Dmytruk <[email protected]>
Signed-off-by: Sergii Dmytruk <[email protected]>
Signed-off-by: Sergii Dmytruk <[email protected]>
Signed-off-by: Sergii Dmytruk <[email protected]>
…y 'Enable Camera'
…tures.c: warn about network use DTS will be automatically started after FUM is enabled. Inform user that Ethernet cable must be plugged in for seamless update process. Signed-off-by: Krystian Hebel <[email protected]>
Signed-off-by: Filip Go¿a¿ <[email protected]> Signed-off-by: Filip Gołaś <[email protected]>
This reverts commit 6fac4ac. Signed-off-by: Filip Gołaś <[email protected]>
Signed-off-by: Filip Gołaś <[email protected]>
This gives a caller a chance to report a meaningful error to the user. Signed-off-by: Sergii Dmytruk <[email protected]>
Commit b68d566 added support for input subject name with signtool and broke --decode operation by using incorrect identifier in one place (could be an incomplete rename during review). It's `args.SignToolSubjectName`, not `args.SignSubjectName`. Signed-off-by: Sergii Dmytruk <[email protected]>
This field seems to be one-based according UEFI specification, default value is 1 and --decode of GenerateCapsule.py errors upon seeing UpdateImageIndex less than 1. So align --encode behaviour to enforce a value within the 1..255 range. Signed-off-by: Sergii Dmytruk <[email protected]>
Print error text from the exception. Signed-off-by: Sergii Dmytruk <[email protected]>
--decode unconditionally uses args.OutputFile.name as a prefix for output files that it creates and fails in a non-pretty way without --output option. This doesn't address creation/truncation of the file specified via --output, but at least you're able to decode a capsule. Signed-off-by: Sergii Dmytruk <[email protected]>
Just add a space between colon and a more detailed error message in two places. Signed-off-by: Sergii Dmytruk <[email protected]>
struct.unpack() returns a tuple even for a single-element pack, resulting in signature verification being evaluated to false even when the signature is there. This fixes --decode and --dump-info actions incorrectly reporting issues with parsing capsule dependencies when there are none. Signed-off-by: Sergii Dmytruk <[email protected]>
…he INF file Fix build complaining on missing ParseVBootWorkbuf. Signed-off-by: Michał Żygowski <[email protected]>
Add PlatformGopPolicy to use external GOP driver Signed-off-by: Matt DeVillier <[email protected]>
Use PlatformGopPolicy in place of GraphicsOutputDxe if command line param passed Signed-off-by: Matt DeVillier <[email protected]>
Signed-off-by: Michał Żygowski <[email protected]>
Signed-off-by: Michał Żygowski <[email protected]>
Make gmtime() return pointer to a statically allocated storage. This is how it's documented and that's how it gets used. The API isn't thread-safe but given that EDK2 is essentially single-threaded (MP Services Protocol is a special exception). Given that this code gets run at runtime phase, the leak could potentially be used to exhaust memory reserved for the runtime phase. Signed-off-by: Sergii Dmytruk <[email protected]>
This is a follow up for 6ca2060 and 784750e which provide more detailed information on the issue and how this addresses it. The files modified by this commit were chosen based on the list of sources in CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLib.inf The only source permitted to request memory from boot services is SysCall/RuntimeMemAllocation.c which does it in constructor before ExitBootServices() is called. Trying to update minimal set of files because some of the API which does allocations get used outside of BaseCryptLibMbedTls and can do FreePool(). In the updated files, allocations are of two types: - temporary allocations within a function (they don't get returned or set to some output parameter) - paired alloc/free kind of functions which remain in control of how the memory is treated Signed-off-by: Sergii Dmytruk <[email protected]>
This is a port of upstream commits c248802 and bfefdc2 On modern platforms with TBT devices the coreboot resource allocator opens large PCI bridge MMIO windows above 4GiB to place hotplugable PCI BARs there as they won't fit below 4GiB. In addition modern GPGPU devices have very big PCI bars that doesn't fit below 4GiB. The PciHostBridgeLib made lots of assumptions about the coreboot resource allocator that were not verified at runtime and are no longer true. Remove all of the 'coreboot specific' code and implement the same logic as OvmfPkg's ScanForRootBridges. Fixes assertion "ASSERT [PciHostBridgeDxe] Bridge->Mem.Limit < 0x0000000100000000ULL". Co-authored-by: Patrick Rudolph <[email protected]> Signed-off-by: Michał Kopeć <[email protected]>
Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction writes to TPM2 physical presence PPI provided by coreboot (a memory region preserved across reboots). CPU caches must be explicitly flushed prior to platform reboot or request written to PPI will be lost. Signed-off-by: Artur Kowalski <[email protected]>
Flush cache not only when placing request in PPI, but also after clearing old request from PPI. Signed-off-by: Artur Kowalski <[email protected]>
It has been observed on MinnowBoard Turbot that the detected CPU count is lower than the number of all cores. In the tested unit, CPU is dual core, so only the BSP is detected. However, similar situation is observed on MTL laptop, where a total of 22 cores should be reported, but only 1 is detected. After EDK2 rebase a new PCD has been added, PcdFirstTimeWakeUpAPsBySipi which, when enabled (by default), sends only SIPI to APs. When disabled sends full INIT-SIPI-SIPI sequence. Only the latter case causes all the APs to wake up and be detected. Signed-off-by: Michał Żygowski <[email protected]> Signed-off-by: Sergii Dmytruk <[email protected]>
Signed-off-by: Wiktor Mowinski <[email protected]>
This fixes "SecurityPkg: measure Dasharo variables before boot". gRT->GetNextVariableName() doesn't return variables in any fixed order. Seems like the order matches order in SMMSTORE. This means that measuring variables while enumerating them will produce different results depending on which variables were update last (setting a variable in SMMSTORE is marking old entry as deleted and appending of a new one). Sort list of variables that share the same GUID before measuring any of them to impose a fixed order. Also fix spacing in several places. Signed-off-by: Sergii Dmytruk <[email protected]>
Signed-off-by: Michał Żygowski <[email protected]>
…hout spaces Signed-off-by: Michał Żygowski <[email protected]>
Signed-off-by: Michał Żygowski <[email protected]>
Match the help text string with what can actually be set at runtime. Signed-off-by: Michał Żygowski <[email protected]>
updates: - [github.com/pre-commit/pre-commit-hooks: v4.4.0 → v5.0.0](pre-commit/pre-commit-hooks@v4.4.0...v5.0.0) - [github.com/talos-systems/conform: v0.1.0-alpha.27 → v0.1.0-alpha.30](siderolabs/conform@v0.1.0-alpha.27...v0.1.0-alpha.30) - [github.com/codespell-project/codespell: v2.2.5 → v2.3.0](codespell-project/codespell@v2.2.5...v2.3.0)
pre-commit-ci
bot
force-pushed
the
pre-commit-ci-update-config
branch
from
fdb6e4f to
86c9798
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
updates: