From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <chen.a.chen@intel.com>
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=192.55.52.115; helo=mga14.intel.com;
 envelope-from=chen.a.chen@intel.com; receiver=edk2-devel@lists.01.org 
Received: from mga14.intel.com (mga14.intel.com [192.55.52.115])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 4A1732035520F
 for <edk2-devel@lists.01.org>; Wed,  8 Nov 2017 04:13:44 -0800 (PST)
Received: from fmsmga005.fm.intel.com ([10.253.24.32])
 by fmsmga103.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 08 Nov 2017 04:17:45 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.44,364,1505804400"; d="scan'208";a="173167808"
Received: from chenche4.ccr.corp.intel.com ([10.239.158.36])
 by fmsmga005.fm.intel.com with ESMTP; 08 Nov 2017 04:17:44 -0800
From: chenc2 <chen.a.chen@intel.com>
To: edk2-devel@lists.01.org
Cc: chenc2 <chen.a.chen@intel.com>,
	Zhang Chao <chao.b.zhang@intel.com>
Date: Wed,  8 Nov 2017 20:17:39 +0800
Message-Id: <20171108121739.23520-1-chen.a.chen@intel.com>
X-Mailer: git-send-email 2.13.2.windows.1
Subject: [PATCH] SecurityPkg/SecureBootConfigDxe: Fix deleting signature data issue.
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Nov 2017 12:13:45 -0000

Replace "(UINT8 *)NewVariableData" with (UINT8 *)NewVariableData + Offset"
to avoid the header of EFI_SIGNATURE_LIST being copied to the front of
NewVariableData every time and update ListWalker when handling the current
EFI_SIGNATURE_LIST finishes.

Cc: Zhang Chao <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: chenc2 <chen.a.chen@intel.com>
---
 .../SecureBootConfigDxe/SecureBootConfigImpl.c                      | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
index d035763106..618c972ce3 100644
--- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
+++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
@@ -3155,6 +3155,9 @@ DeleteSignatureEx (
     }
 
     if (CheckedCount == SIGNATURE_DATA_COUNTS (ListWalker) || DelType == Delete_Signature_List_One) {
+      //
+      //  If delete the whole EFI_SIGNATURE_LIST, skip and continue to next EFI_SIGNATURE_LIST.
+      //
       RemainingSize -= ListWalker->SignatureListSize;
       ListWalker = (EFI_SIGNATURE_LIST *)((UINT8 *)ListWalker + ListWalker->SignatureListSize);
     } else {
@@ -3162,7 +3165,7 @@ DeleteSignatureEx (
       //
       // Copy header.
       //
-      CopyMem ((UINT8 *)NewVariableData, ListWalker, sizeof (EFI_SIGNATURE_LIST) + ListWalker->SignatureHeaderSize);
+      CopyMem ((UINT8 *)NewVariableData + Offset, ListWalker, sizeof (EFI_SIGNATURE_LIST) + ListWalker->SignatureHeaderSize);
       Offset += sizeof (EFI_SIGNATURE_LIST) + ListWalker->SignatureHeaderSize;
 
       DataWalker = (EFI_SIGNATURE_DATA *)((UINT8 *)ListWalker + sizeof(EFI_SIGNATURE_LIST) + ListWalker->SignatureHeaderSize);
@@ -3183,6 +3186,7 @@ DeleteSignatureEx (
       }
 
       RemainingSize -= ListWalker->SignatureListSize;
+      ListWalker = (EFI_SIGNATURE_LIST *)((UINT8 *)ListWalker + ListWalker->SignatureListSize);
     }
 
     //
-- 
2.13.2.windows.1