From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 224601A1E3B for ; Thu, 29 Sep 2016 08:59:21 -0700 (PDT) Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 8AEA36196E for ; Thu, 29 Sep 2016 15:59:20 +0000 (UTC) Received: from trillian.internal.datastacks.com (ovpn-112-23.phx2.redhat.com [10.3.112.23]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id u8TFxHxv022510; Thu, 29 Sep 2016 11:59:19 -0400 From: Peter Jones To: edk2-devel@ml01.01.org Cc: Peter Jones Date: Thu, 29 Sep 2016 11:59:11 -0400 Message-Id: <20160929155911.9838-1-pjones@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Thu, 29 Sep 2016 15:59:20 +0000 (UTC) Subject: [PATCH] Pkcs7VerifyDxe: Don't allow Pkcs7Verify to install protocols twice. X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Sep 2016 15:59:21 -0000 This patch makes Pkcs7VerifyDxe check that it has not already been installed before installing its protocols. This prevents the case where loading it as an external driver (either manually, through Driver#### variables, etc.) will refuse to add a second provider of the API. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Peter Jones --- SecurityPkg/Pkcs7Verify/Pkcs7VerifyDxe/Pkcs7VerifyDxe.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/SecurityPkg/Pkcs7Verify/Pkcs7VerifyDxe/Pkcs7VerifyDxe.c b/SecurityPkg/Pkcs7Verify/Pkcs7VerifyDxe/Pkcs7VerifyDxe.c index 07fdf55..3389af4 100644 --- a/SecurityPkg/Pkcs7Verify/Pkcs7VerifyDxe/Pkcs7VerifyDxe.c +++ b/SecurityPkg/Pkcs7Verify/Pkcs7VerifyDxe/Pkcs7VerifyDxe.c @@ -1030,8 +1030,16 @@ Pkcs7VerifyDriverEntry ( IN EFI_SYSTEM_TABLE *SystemTable ) { - EFI_STATUS Status; - EFI_HANDLE Handle; + EFI_STATUS Status; + EFI_HANDLE Handle; + EFI_PKCS7_VERIFY_PROTOCOL Useless; + + // + // Avoid loading a second copy if this is built as an external module. + // + Status = gBS->LocateProtocol (&gEfiPkcs7VerifyProtocolGuid, NULL, (VOID **) &Useless); + if (Status != EFI_NOT_FOUND) + return EFI_SUCCESS; // // Install UEFI Pkcs7 Verification Protocol -- 2.10.0