From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: None (no SPF record) identity=mailfrom; client-ip=15.241.48.73; helo=g9t5009.houston.hpe.com; envelope-from=nickle.wang@hpe.com; receiver=edk2-devel@lists.01.org Received: from g9t5009.houston.hpe.com (g9t5009.houston.hpe.com [15.241.48.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id DFDFE2097DD1B for ; Tue, 29 May 2018 05:08:38 -0700 (PDT) Received: from WANGNICK4.asiapacific.hpqcorp.net (unknown [16.169.19.66]) by g9t5009.houston.hpe.com (Postfix) with ESMTP id 62EAD75; Tue, 29 May 2018 12:08:35 +0000 (UTC) From: Nickle Wang To: edk2-devel@lists.01.org Cc: chao.b.zhang@intel.com, jiewen.yao@intel.com, Nickle Wang , cinnamon shia Date: Tue, 29 May 2018 20:08:25 +0800 Message-Id: <20180529120825.9044-1-nickle.wang@hpe.com> X-Mailer: git-send-email 2.17.0.windows.1 Subject: [PATCH] SecurityPkg/SecureBootConfigDxe: Fix invalid NV data issue. X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 May 2018 12:08:39 -0000 Check the return value of HiiGetBrowserData() before calling HiiSetBrowserData(). HiiGetBrowserData() failed to retrieve NV data during action EFI_BROWSER_ACTION_RETRIEVE. If NV data is invalid, stop sending it to form browser. Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Nickle Wang Signed-off-by: cinnamon shia --- .../SecureBootConfigDxe/SecureBootConfigImpl.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c index e3066f7..6123b56 100644 --- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c +++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c @@ -2,6 +2,7 @@ HII Config Access protocol implementation of SecureBoot configuration module. Copyright (c) 2011 - 2017, Intel Corporation. All rights reserved.
+(C) Copyright 2018 Hewlett Packard Enterprise Development LP
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -4319,6 +4320,7 @@ SecureBootCallback ( UINTN NameLength; UINT16 *FilePostFix; SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData; + BOOLEAN GetBrowserDataResult; Status = EFI_SUCCESS; SecureBootEnable = NULL; @@ -4343,7 +4345,7 @@ SecureBootCallback ( return EFI_OUT_OF_RESOURCES; } - HiiGetBrowserData (&gSecureBootConfigFormSetGuid, mSecureBootStorageName, BufferSize, (UINT8 *) IfrNvData); + GetBrowserDataResult = HiiGetBrowserData (&gSecureBootConfigFormSetGuid, mSecureBootStorageName, BufferSize, (UINT8 *) IfrNvData); if (Action == EFI_BROWSER_ACTION_FORM_OPEN) { if (QuestionId == KEY_SECURE_BOOT_MODE) { @@ -4889,7 +4891,7 @@ SecureBootCallback ( EXIT: - if (!EFI_ERROR (Status)) { + if (!EFI_ERROR (Status) && GetBrowserDataResult) { BufferSize = sizeof (SECUREBOOT_CONFIGURATION); HiiSetBrowserData (&gSecureBootConfigFormSetGuid, mSecureBootStorageName, BufferSize, (UINT8*) IfrNvData, NULL); } -- 2.5.1.windows.1