[PATCH edk2-platforms v3 1/5] Hisilicon/D0x: Fix secure boot bug in FlashFvbDxe

public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed

From: Ming Huang <ming.huang@linaro.org>
To: leif.lindholm@linaro.org, linaro-uefi@lists.linaro.org,
	edk2-devel@lists.01.org, graeme.gregory@linaro.org
Cc: ard.biesheuvel@linaro.org, michael.d.kinney@intel.com,
	lersek@redhat.com, wanghuiqiang@huawei.com,
	huangming23@huawei.com, zhangjinsong2@huawei.com,
	huangdaode@hisilicon.com, john.garry@huawei.com,
	xinliang.liu@linaro.org, zhangfeng56@huawei.com,
	Ming Huang <ming.huang@linaro.org>
Subject: [PATCH edk2-platforms v3 1/5] Hisilicon/D0x: Fix secure boot bug in FlashFvbDxe
Date: Tue, 20 Nov 2018 17:01:46 +0800	[thread overview]
Message-ID: <20181120090150.1102-2-ming.huang@linaro.org> (raw)
In-Reply-To: <20181120090150.1102-1-ming.huang@linaro.org>

Now that the generic Variable Runtime DXE code no longer
distinguishes between gEfiVariableGuid and
gEfiAuthenticatedVariableGuid in the varstore FV header.
We can relax the check in the flashFvb driver to accept
either GUID regardless of whether we are running a secure
boot capable build or not.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ming Huang <ming.huang@linaro.org>
---
 Silicon/Hisilicon/Drivers/FlashFvbDxe/FlashFvbDxe.inf | 1 +
 Silicon/Hisilicon/Drivers/FlashFvbDxe/FlashFvbDxe.c   | 5 +++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/Silicon/Hisilicon/Drivers/FlashFvbDxe/FlashFvbDxe.inf b/Silicon/Hisilicon/Drivers/FlashFvbDxe/FlashFvbDxe.inf
index f8be4741ef7c..a0226e0d87c0 100644
--- a/Silicon/Hisilicon/Drivers/FlashFvbDxe/FlashFvbDxe.inf
+++ b/Silicon/Hisilicon/Drivers/FlashFvbDxe/FlashFvbDxe.inf
@@ -44,6 +44,7 @@ [LibraryClasses]
   UefiRuntimeLib
 
 [Guids]
+  gEfiAuthenticatedVariableGuid
   gEfiSystemNvDataFvGuid
   gEfiVariableGuid
 
diff --git a/Silicon/Hisilicon/Drivers/FlashFvbDxe/FlashFvbDxe.c b/Silicon/Hisilicon/Drivers/FlashFvbDxe/FlashFvbDxe.c
index e18cc9e06ec2..12baed41cd4e 100644
--- a/Silicon/Hisilicon/Drivers/FlashFvbDxe/FlashFvbDxe.c
+++ b/Silicon/Hisilicon/Drivers/FlashFvbDxe/FlashFvbDxe.c
@@ -189,7 +189,7 @@ InitializeFvAndVariableStoreHeaders (
     // VARIABLE_STORE_HEADER
     //
     VariableStoreHeader = (VARIABLE_STORE_HEADER*)((UINTN)Headers + (UINTN)FirmwareVolumeHeader->HeaderLength);
-    CopyGuid (&VariableStoreHeader->Signature, &gEfiVariableGuid);
+    CopyGuid (&VariableStoreHeader->Signature, &gEfiAuthenticatedVariableGuid);
     VariableStoreHeader->Size = PcdGet32(PcdFlashNvStorageVariableSize) - FirmwareVolumeHeader->HeaderLength;
     VariableStoreHeader->Format            = VARIABLE_STORE_FORMATTED;
     VariableStoreHeader->State             = VARIABLE_STORE_HEALTHY;
@@ -258,7 +258,8 @@ ValidateFvHeader (
     VariableStoreHeader = (VARIABLE_STORE_HEADER*)((UINTN)FwVolHeader + (UINTN)FwVolHeader->HeaderLength);
 
     // Check the Variable Store Guid
-    if ( CompareGuid (&VariableStoreHeader->Signature, &gEfiVariableGuid) == FALSE )
+    if (!CompareGuid (&VariableStoreHeader->Signature, &gEfiVariableGuid) &&
+        !CompareGuid (&VariableStoreHeader->Signature, &gEfiAuthenticatedVariableGuid))
     {
         DEBUG ((EFI_D_ERROR, "ValidateFvHeader: Variable Store Guid non-compatible\n"));
         return EFI_NOT_FOUND;
-- 
2.9.5

next prev parent reply	other threads:[~2018-11-20  9:02 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-11-20  9:01 [PATCH edk2-platforms v3 0/5] Fix D06 SBSA/SBBR issue and improve Ming Huang
2018-11-20  9:01 ` Ming Huang [this message]
2018-11-20 12:13   ` [PATCH edk2-platforms v3 1/5] Hisilicon/D0x: Fix secure boot bug in FlashFvbDxe Leif Lindholm
2018-11-20 12:40     ` Ming Huang
2018-11-20 12:58       ` Leif Lindholm
2018-11-20 14:29         ` Ming Huang
2018-11-20 14:39           ` Leif Lindholm
2018-11-20 15:00             ` Ming Huang
2018-11-20 15:20               ` Laszlo Ersek
2018-11-20 16:23               ` Leif Lindholm
2018-11-21  7:42             ` Ming Huang
2018-11-20 14:40           ` Ard Biesheuvel
2018-11-20 15:14             ` Laszlo Ersek
2018-11-20  9:01 ` [PATCH edk2-platforms v3 2/5] Hisilicon/D06: Modify Gic base Ming Huang
2018-11-20  9:01 ` [PATCH edk2-platforms v3 3/5] Hisilicon/D06: Correct PcdGicInterruptInterfaceBase Ming Huang
2018-11-20  9:01 ` [PATCH edk2-platforms v3 4/5] Silicon/Hisilicon/D06: Set TA as Node 0 for TA boot Ming Huang
2019-02-11 14:45   ` Leif Lindholm
2018-11-20  9:01 ` [PATCH edk2-platforms v3 5/5] Hisilicon/D06: Move some functions to OemMiscLib Ming Huang
2018-11-20 13:02 ` [PATCH edk2-platforms v3 0/5] Fix D06 SBSA/SBBR issue and improve Leif Lindholm

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:f8be4741ef7 dfblob:a0226e0d87c dfblob:e18cc9e06ec
dfblob:12baed41cd4 )
 OR (
bs:"[PATCH edk2-platforms v3 1/5] Hisilicon/D0x: Fix secure boot bug in FlashFvbDxe" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20181120090150.1102-2-ming.huang@linaro.org \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox