From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) by mx.groups.io with SMTP id smtpd.web12.2437.1585703478798021121 for ; Tue, 31 Mar 2020 18:11:18 -0700 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: intel.com, ip: 192.55.52.120, mailfrom: guomin.jiang@intel.com) IronPort-SDR: iTwU0bHGPiSYwMv78KsWvHiug5l2+XB39lq+kik5/u9PaWSMsJ5NhVTGTKW6/0lyA2zHO8CEDF 3q4rlIliwGig== X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 Mar 2020 18:11:16 -0700 IronPort-SDR: 5WXq0W/V2HTMd6urWX4V3b6nRmtx/HN3SsGT2n1c2bNud4RSFH2XGVCk4iLmmNDo75QaKEMUV0 BDeXIfdtGFwg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.72,329,1580803200"; d="scan'208";a="272961151" Received: from guominji-mobl.ccr.corp.intel.com ([10.238.5.173]) by fmsmga004.fm.intel.com with ESMTP; 31 Mar 2020 18:11:14 -0700 From: "Guomin Jiang" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Chao Zhang Subject: [PATCH] SecurityPkg/MeasureBootLib: Return EFI_ACCESS_DENIED after image check fail Date: Wed, 1 Apr 2020 09:11:13 +0800 Message-Id: <20200401011113.624-1-guomin.jiang@intel.com> X-Mailer: git-send-email 2.25.1.windows.1 MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2652 If check the File at the begin of function, it will only allow the File is present and forbid image from buffer. It is possible that image come from the memory buffer, so make it can run and check the File after it. It is improvement for 4b026f0d5af36faf3a3629a3ad49c51b5b3be12f. Cc: Jiewen Yao Cc: Jian J Wang Cc: Chao Zhang Signed-off-by: Guomin Jiang --- .../DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c | 14 +++++++------- .../DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c | 14 +++++++------- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLi= b.c b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c index f0e95e5ec0..fdb4758cbe 100644 --- a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c +++ b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c @@ -435,13 +435,6 @@ DxeTpm2MeasureBootHandler ( EFI_PHYSICAL_ADDRESS FvAddress;=0D UINT32 Index;=0D =0D - //=0D - // Check for invalid parameters.=0D - //=0D - if (File =3D=3D NULL) {=0D - return EFI_ACCESS_DENIED;=0D - }=0D -=0D Status =3D gBS->LocateProtocol (&gEfiTcg2ProtocolGuid, NULL, (VOID **) &= Tcg2Protocol);=0D if (EFI_ERROR (Status)) {=0D //=0D @@ -615,6 +608,13 @@ DxeTpm2MeasureBootHandler ( //=0D Status =3D PeCoffLoaderGetImageInfo (&ImageContext);=0D if (EFI_ERROR (Status)) {=0D + //=0D + // Check for invalid parameters.=0D + //=0D + if (File =3D=3D NULL) {=0D + Status =3D EFI_ACCESS_DENIED;=0D + }=0D +=0D //=0D // The information can't be got from the invalid PeImage=0D //=0D diff --git a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.= c b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c index d499371e7a..20f7d94d6b 100644 --- a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c +++ b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c @@ -732,13 +732,6 @@ DxeTpmMeasureBootHandler ( EFI_PHYSICAL_ADDRESS FvAddress;=0D UINT32 Index;=0D =0D - //=0D - // Check for invalid parameters.=0D - //=0D - if (File =3D=3D NULL) {=0D - return EFI_ACCESS_DENIED;=0D - }=0D -=0D Status =3D gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **) &T= cgProtocol);=0D if (EFI_ERROR (Status)) {=0D //=0D @@ -912,6 +905,13 @@ DxeTpmMeasureBootHandler ( //=0D Status =3D PeCoffLoaderGetImageInfo (&ImageContext);=0D if (EFI_ERROR (Status)) {=0D + //=0D + // Check for invalid parameters.=0D + //=0D + if (File =3D=3D NULL) {=0D + return EFI_ACCESS_DENIED;=0D + }=0D +=0D //=0D // The information can't be got from the invalid PeImage=0D //=0D --=20 2.25.1.windows.1