From b68d6a626977f48ac4d05396edcb70a73b12c66c Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Fri, 31 Jan 2020 12:42:45 +0100 Subject: [PATCH 09/12] SecurityPkg/DxeImageVerificationHandler: eliminate "Status" variable MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit RH-Author: Laszlo Ersek Message-id: <20200131124248.22369-10-lersek@redhat.com> Patchwork-id: 93619 O-Subject: [RHEL-8.2.0 edk2 PATCH 09/12] SecurityPkg/DxeImageVerificationHandler: eliminate "Status" variable Bugzilla: 1751993 RH-Acked-by: Philippe Mathieu-Daudé RH-Acked-by: Vitaly Kuznetsov The "Status" variable is set to EFI_ACCESS_DENIED at the top of the function. Then it is overwritten with EFI_SECURITY_VIOLATION under the "Failed" (earlier: "Done") label. We finally return "Status". The above covers the complete usage of "Status" in DxeImageVerificationHandler(). Remove the variable, and simply return EFI_SECURITY_VIOLATION in the end. This patch is a no-op, regarding behavior. Cc: Chao Zhang Cc: Jian J Wang Cc: Jiewen Yao Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2129 Signed-off-by: Laszlo Ersek Message-Id: <20200116190705.18816-9-lersek@redhat.com> Reviewed-by: Michael D Kinney [lersek@redhat.com: push with Mike's R-b due to Chinese New Year Holiday: ; msgid ] (cherry picked from commit fb02f5b2cd0b2a2d413a4f4fc41e085be2ede089) Signed-off-by: Miroslav Rezanina --- .../Library/DxeImageVerificationLib/DxeImageVerificationLib.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c index 51968bd..b49fe87 100644 --- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c +++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c @@ -1560,7 +1560,6 @@ DxeImageVerificationHandler ( IN BOOLEAN BootPolicy ) { - EFI_STATUS Status; EFI_IMAGE_DOS_HEADER *DosHdr; BOOLEAN IsVerified; EFI_SIGNATURE_LIST *SignatureList; @@ -1588,7 +1587,6 @@ DxeImageVerificationHandler ( SecDataDir = NULL; PkcsCertData = NULL; Action = EFI_IMAGE_EXECUTION_AUTH_UNTESTED; - Status = EFI_ACCESS_DENIED; IsVerified = FALSE; @@ -1880,13 +1878,12 @@ Failed: DEBUG ((DEBUG_INFO, "The image doesn't pass verification: %s\n", NameStr)); FreePool(NameStr); } - Status = EFI_SECURITY_VIOLATION; if (SignatureList != NULL) { FreePool (SignatureList); } - return Status; + return EFI_SECURITY_VIOLATION; } /** -- 1.8.3.1