From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <chao.b.zhang@intel.com>
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=192.55.52.93; helo=mga11.intel.com;
 envelope-from=chao.b.zhang@intel.com; receiver=edk2-devel@lists.01.org 
Received: from mga11.intel.com (mga11.intel.com [192.55.52.93])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 3CB0320349D96
 for <edk2-devel@lists.01.org>; Sun, 12 Nov 2017 19:26:03 -0800 (PST)
Received: from orsmga003.jf.intel.com ([10.7.209.27])
 by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 12 Nov 2017 19:30:08 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.44,387,1505804400"; 
   d="scan'208";a="1559963"
Received: from fmsmsx107.amr.corp.intel.com ([10.18.124.205])
 by orsmga003.jf.intel.com with ESMTP; 12 Nov 2017 19:30:08 -0800
Received: from fmsmsx151.amr.corp.intel.com (10.18.125.4) by
 fmsmsx107.amr.corp.intel.com (10.18.124.205) with Microsoft SMTP Server (TLS)
 id 14.3.319.2; Sun, 12 Nov 2017 19:30:07 -0800
Received: from shsmsx104.ccr.corp.intel.com (10.239.4.70) by
 FMSMSX151.amr.corp.intel.com (10.18.125.4) with Microsoft SMTP Server (TLS)
 id 14.3.319.2; Sun, 12 Nov 2017 19:30:07 -0800
Received: from shsmsx102.ccr.corp.intel.com ([169.254.2.175]) by
 SHSMSX104.ccr.corp.intel.com ([169.254.5.152]) with mapi id 14.03.0319.002;
 Mon, 13 Nov 2017 11:29:40 +0800
From: "Zhang, Chao B" <chao.b.zhang@intel.com>
To: "Chen, Chen A" <chen.a.chen@intel.com>, "edk2-devel@lists.01.org"
 <edk2-devel@lists.01.org>
Thread-Topic: [PATCH] SecurityPkg/SecureBootConfigDxe: Fix deleting
 signature data issue.
Thread-Index: AQHTWIuYgazykuJeykyHeHA8Bg6QM6MRkeHA
Date: Mon, 13 Nov 2017 03:29:39 +0000
Message-ID: <FF72C7E4248F3C4E9BDF19D4918E90F2495FC048@shsmsx102.ccr.corp.intel.com>
References: <20171108121739.23520-1-chen.a.chen@intel.com>
In-Reply-To: <20171108121739.23520-1-chen.a.chen@intel.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
dlp-product: dlpe-windows
dlp-version: 11.0.0.116
dlp-reaction: no-action
x-originating-ip: [10.239.127.40]
MIME-Version: 1.0
Subject: Re: [PATCH] SecurityPkg/SecureBootConfigDxe: Fix deleting signature data issue.
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Nov 2017 03:26:03 -0000
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

ChenChen:
  Please also refine the code to make it more clear.=20
  =20

-----Original Message-----
From: Chen, Chen A=20
Sent: Wednesday, November 8, 2017 8:18 PM
To: edk2-devel@lists.01.org
Cc: Chen, Chen A <chen.a.chen@intel.com>; Zhang, Chao B <chao.b.zhang@intel=
.com>
Subject: [PATCH] SecurityPkg/SecureBootConfigDxe: Fix deleting signature da=
ta issue.

Replace "(UINT8 *)NewVariableData" with (UINT8 *)NewVariableData + Offset"
to avoid the header of EFI_SIGNATURE_LIST being copied to the front of NewV=
ariableData every time and update ListWalker when handling the current EFI_=
SIGNATURE_LIST finishes.

Cc: Zhang Chao <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: chenc2 <chen.a.chen@intel.com>
---
 .../SecureBootConfigDxe/SecureBootConfigImpl.c                      | 6 ++=
+++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBo=
otConfigImpl.c b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/Secu=
reBootConfigImpl.c
index d035763106..618c972ce3 100644
--- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfi=
gImpl.c
+++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootCo
+++ nfigImpl.c
@@ -3155,6 +3155,9 @@ DeleteSignatureEx (
     }
=20
     if (CheckedCount =3D=3D SIGNATURE_DATA_COUNTS (ListWalker) || DelType =
=3D=3D Delete_Signature_List_One) {
+      //
+      //  If delete the whole EFI_SIGNATURE_LIST, skip and continue to nex=
t EFI_SIGNATURE_LIST.
+      //
       RemainingSize -=3D ListWalker->SignatureListSize;
       ListWalker =3D (EFI_SIGNATURE_LIST *)((UINT8 *)ListWalker + ListWalk=
er->SignatureListSize);
     } else {
@@ -3162,7 +3165,7 @@ DeleteSignatureEx (
       //
       // Copy header.
       //
-      CopyMem ((UINT8 *)NewVariableData, ListWalker, sizeof (EFI_SIGNATURE=
_LIST) + ListWalker->SignatureHeaderSize);
+      CopyMem ((UINT8 *)NewVariableData + Offset, ListWalker, sizeof=20
+ (EFI_SIGNATURE_LIST) + ListWalker->SignatureHeaderSize);
       Offset +=3D sizeof (EFI_SIGNATURE_LIST) + ListWalker->SignatureHeade=
rSize;
=20
       DataWalker =3D (EFI_SIGNATURE_DATA *)((UINT8 *)ListWalker + sizeof(E=
FI_SIGNATURE_LIST) + ListWalker->SignatureHeaderSize); @@ -3183,6 +3186,7 @=
@ DeleteSignatureEx (
       }
=20
       RemainingSize -=3D ListWalker->SignatureListSize;
+      ListWalker =3D (EFI_SIGNATURE_LIST *)((UINT8 *)ListWalker +=20
+ ListWalker->SignatureListSize);
     }
=20
     //
--
2.13.2.windows.1