72 lines
3.4 KiB
Diff
72 lines
3.4 KiB
Diff
From 58902877128851f628fe644a5c71600866317fac Mon Sep 17 00:00:00 2001
|
|
From: Laszlo Ersek <lersek@redhat.com>
|
|
Date: Fri, 31 Jan 2020 12:42:42 +0100
|
|
Subject: [PATCH 06/12] SecurityPkg/DxeImageVerificationHandler: fix retval on
|
|
memalloc failure
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
RH-Author: Laszlo Ersek <lersek@redhat.com>
|
|
Message-id: <20200131124248.22369-7-lersek@redhat.com>
|
|
Patchwork-id: 93616
|
|
O-Subject: [RHEL-8.2.0 edk2 PATCH 06/12] SecurityPkg/DxeImageVerificationHandler: fix retval on memalloc failure
|
|
Bugzilla: 1751993
|
|
RH-Acked-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
|
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
|
|
|
|
A SECURITY2_FILE_AUTHENTICATION_HANDLER function is not expected to return
|
|
EFI_OUT_OF_RESOURCES. We should only return EFI_SUCCESS,
|
|
EFI_SECURITY_VIOLATION, or EFI_ACCESS_DENIED.
|
|
|
|
In case we run out of memory while preparing "SignatureList" for
|
|
AddImageExeInfo(), we should simply stick with the EFI_ACCESS_DENIED value
|
|
that is already in "Status" -- from just before the "Action" condition --,
|
|
and not suppress it with EFI_OUT_OF_RESOURCES.
|
|
|
|
This patch does not change the control flow in the function, it only
|
|
changes the "Status" outcome from API-incompatible error codes to
|
|
EFI_ACCESS_DENIED, under some circumstances.
|
|
|
|
Cc: Chao Zhang <chao.b.zhang@intel.com>
|
|
Cc: Jian J Wang <jian.j.wang@intel.com>
|
|
Cc: Jiewen Yao <jiewen.yao@intel.com>
|
|
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2129
|
|
Fixes: 570b3d1a7278df29878da87990e8366bd42d0ec5
|
|
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
|
Message-Id: <20200116190705.18816-6-lersek@redhat.com>
|
|
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
|
|
[lersek@redhat.com: push with Mike's R-b due to Chinese New Year
|
|
Holiday: <https://edk2.groups.io/g/devel/message/53429>; msgid
|
|
<d3fbb76dabed4e1987c512c328c82810@intel.com>]
|
|
(cherry picked from commit f891b052c5ec13c1032fb9d340d5262ac1a7e7e1)
|
|
|
|
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|
---
|
|
SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c | 2 --
|
|
1 file changed, 2 deletions(-)
|
|
|
|
diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
|
|
index 5cc82c1..5f09a66 100644
|
|
--- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
|
|
+++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
|
|
@@ -1541,7 +1541,6 @@ Done:
|
|
and non-NULL FileBuffer did authenticate, and the platform
|
|
policy dictates that the DXE Foundation may execute the image in
|
|
FileBuffer.
|
|
- @retval EFI_OUT_RESOURCE Fail to allocate memory.
|
|
@retval EFI_SECURITY_VIOLATION The file specified by File did not authenticate, and
|
|
the platform policy dictates that File should be placed
|
|
in the untrusted state. The image has been added to the file
|
|
@@ -1862,7 +1861,6 @@ DxeImageVerificationHandler (
|
|
SignatureListSize = sizeof (EFI_SIGNATURE_LIST) + sizeof (EFI_SIGNATURE_DATA) - 1 + mImageDigestSize;
|
|
SignatureList = (EFI_SIGNATURE_LIST *) AllocateZeroPool (SignatureListSize);
|
|
if (SignatureList == NULL) {
|
|
- Status = EFI_OUT_OF_RESOURCES;
|
|
goto Done;
|
|
}
|
|
SignatureList->SignatureHeaderSize = 0;
|
|
--
|
|
1.8.3.1
|
|
|