shim-unsigned-x64/0034-MokManager-Use-CompareMem-on-MokListNode.Type-instea.patch
Peter Jones 34668cd0d4 Pull in the RHEL CVE fixes.
Related: rhbz#1915194

Signed-off-by: Peter Jones <pjones@redhat.com>
2021-08-06 13:10:11 -05:00

73 lines
2.5 KiB
Diff

From 5d30a31fef4eb7e773da24c5e6c20576282a9c3a Mon Sep 17 00:00:00 2001
From: Gary Lin <glin@suse.com>
Date: Tue, 26 Feb 2019 11:33:53 +0800
Subject: [PATCH 34/62] MokManager: Use CompareMem on MokListNode.Type instead
of CompareGuid
Fix the errors from gcc9 '-Werror=address-of-packed-member'
https://github.com/rhboot/shim/issues/161
Signed-off-by: Gary Lin <glin@suse.com>
Upstream-commit-id: aaa09b35e73
---
MokManager.c | 14 +++++++++-----
1 file changed, 9 insertions(+), 5 deletions(-)
diff --git a/MokManager.c b/MokManager.c
index a1bd39a68e2..30192c16789 100644
--- a/MokManager.c
+++ b/MokManager.c
@@ -1079,7 +1079,8 @@ static EFI_STATUS write_back_mok_list(MokListNode * list, INTN key_num,
continue;
DataSize += sizeof(EFI_SIGNATURE_LIST);
- if (CompareMemberGuid(&(list[i].Type), &X509_GUID) == 0)
+ if (CompareMem(&(list[i].Type), &X509_GUID,
+ sizeof(EFI_GUID)) == 0)
DataSize += sizeof(EFI_GUID);
DataSize += list[i].MokSize;
}
@@ -1101,7 +1102,8 @@ static EFI_STATUS write_back_mok_list(MokListNode * list, INTN key_num,
CertList->SignatureType = list[i].Type;
CertList->SignatureHeaderSize = 0;
- if (CompareMemberGuid(&(list[i].Type), &X509_GUID) == 0) {
+ if (CompareMem(&(list[i].Type), &X509_GUID,
+ sizeof(EFI_GUID)) == 0) {
CertList->SignatureListSize = list[i].MokSize +
sizeof(EFI_SIGNATURE_LIST) + sizeof(EFI_GUID);
CertList->SignatureSize =
@@ -1142,7 +1144,8 @@ static void delete_cert(void *key, UINT32 key_size,
int i;
for (i = 0; i < mok_num; i++) {
- if (CompareMemberGuid(&(mok[i].Type), &X509_GUID) != 0)
+ if (CompareMem(&(mok[i].Type), &X509_GUID,
+ sizeof(EFI_GUID)) != 0)
continue;
if (mok[i].MokSize == key_size &&
@@ -1193,7 +1196,7 @@ static void delete_hash_in_list(EFI_GUID Type, UINT8 * hash, UINT32 hash_size,
sig_size = hash_size + sizeof(EFI_GUID);
for (i = 0; i < mok_num; i++) {
- if ((CompareMemberGuid(&(mok[i].Type), &Type) != 0) ||
+ if ((CompareMem(&(mok[i].Type), &Type, sizeof(EFI_GUID)) != 0) ||
(mok[i].MokSize < sig_size))
continue;
@@ -1357,7 +1360,8 @@ static EFI_STATUS delete_keys(void *MokDel, UINTN MokDelSize, BOOLEAN MokX)
/* Search and destroy */
for (i = 0; i < del_num; i++) {
- if (CompareMemberGuid(&(del_key[i].Type), &X509_GUID) == 0) {
+ if (CompareMem(&(del_key[i].Type), &X509_GUID,
+ sizeof(EFI_GUID)) == 0) {
delete_cert(del_key[i].Mok, del_key[i].MokSize,
mok, mok_num);
} else if (is_sha2_hash(del_key[i].Type)) {
--
2.26.2