* [PATCH] SecurityPkg/SecureBootConfigDxe: Fix invalid NV data issue.
@ 2018-05-29 12:08 Nickle Wang
2018-06-04 14:17 ` Zhang, Chao B
0 siblings, 1 reply; 2+ messages in thread
From: Nickle Wang @ 2018-05-29 12:08 UTC (permalink / raw)
To: edk2-devel; +Cc: chao.b.zhang, jiewen.yao, Nickle Wang, cinnamon shia
Check the return value of HiiGetBrowserData() before calling HiiSetBrowserData(). HiiGetBrowserData() failed to retrieve NV data during action EFI_BROWSER_ACTION_RETRIEVE. If NV data is invalid, stop sending it to form browser.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Nickle Wang <nickle.wang@hpe.com>
Signed-off-by: cinnamon shia <cinnamon.shia@hpe.com>
---
.../SecureBootConfigDxe/SecureBootConfigImpl.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
index e3066f7..6123b56 100644
--- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
+++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
@@ -2,6 +2,7 @@
HII Config Access protocol implementation of SecureBoot configuration module.
Copyright (c) 2011 - 2017, Intel Corporation. All rights reserved.<BR>
+(C) Copyright 2018 Hewlett Packard Enterprise Development LP<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -4319,6 +4320,7 @@ SecureBootCallback (
UINTN NameLength;
UINT16 *FilePostFix;
SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData;
+ BOOLEAN GetBrowserDataResult;
Status = EFI_SUCCESS;
SecureBootEnable = NULL;
@@ -4343,7 +4345,7 @@ SecureBootCallback (
return EFI_OUT_OF_RESOURCES;
}
- HiiGetBrowserData (&gSecureBootConfigFormSetGuid, mSecureBootStorageName, BufferSize, (UINT8 *) IfrNvData);
+ GetBrowserDataResult = HiiGetBrowserData (&gSecureBootConfigFormSetGuid, mSecureBootStorageName, BufferSize, (UINT8 *) IfrNvData);
if (Action == EFI_BROWSER_ACTION_FORM_OPEN) {
if (QuestionId == KEY_SECURE_BOOT_MODE) {
@@ -4889,7 +4891,7 @@ SecureBootCallback (
EXIT:
- if (!EFI_ERROR (Status)) {
+ if (!EFI_ERROR (Status) && GetBrowserDataResult) {
BufferSize = sizeof (SECUREBOOT_CONFIGURATION);
HiiSetBrowserData (&gSecureBootConfigFormSetGuid, mSecureBootStorageName, BufferSize, (UINT8*) IfrNvData, NULL);
}
--
2.5.1.windows.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] SecurityPkg/SecureBootConfigDxe: Fix invalid NV data issue.
2018-05-29 12:08 [PATCH] SecurityPkg/SecureBootConfigDxe: Fix invalid NV data issue Nickle Wang
@ 2018-06-04 14:17 ` Zhang, Chao B
0 siblings, 0 replies; 2+ messages in thread
From: Zhang, Chao B @ 2018-06-04 14:17 UTC (permalink / raw)
To: Nickle Wang, edk2-devel@lists.01.org; +Cc: Yao, Jiewen, cinnamon shia
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
-----Original Message-----
From: Nickle Wang [mailto:nickle.wang@hpe.com]
Sent: Tuesday, May 29, 2018 8:08 PM
To: edk2-devel@lists.01.org
Cc: Zhang, Chao B <chao.b.zhang@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Nickle Wang <nickle.wang@hpe.com>; cinnamon shia <cinnamon.shia@hpe.com>
Subject: [PATCH] SecurityPkg/SecureBootConfigDxe: Fix invalid NV data issue.
Check the return value of HiiGetBrowserData() before calling HiiSetBrowserData(). HiiGetBrowserData() failed to retrieve NV data during action EFI_BROWSER_ACTION_RETRIEVE. If NV data is invalid, stop sending it to form browser.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Nickle Wang <nickle.wang@hpe.com>
Signed-off-by: cinnamon shia <cinnamon.shia@hpe.com>
---
.../SecureBootConfigDxe/SecureBootConfigImpl.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
index e3066f7..6123b56 100644
--- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
+++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootCo
+++ nfigImpl.c
@@ -2,6 +2,7 @@
HII Config Access protocol implementation of SecureBoot configuration module.
Copyright (c) 2011 - 2017, Intel Corporation. All rights reserved.<BR>
+(C) Copyright 2018 Hewlett Packard Enterprise Development LP<BR>
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -4319,6 +4320,7 @@ SecureBootCallback (
UINTN NameLength;
UINT16 *FilePostFix;
SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData;
+ BOOLEAN GetBrowserDataResult;
Status = EFI_SUCCESS;
SecureBootEnable = NULL;
@@ -4343,7 +4345,7 @@ SecureBootCallback (
return EFI_OUT_OF_RESOURCES;
}
- HiiGetBrowserData (&gSecureBootConfigFormSetGuid, mSecureBootStorageName, BufferSize, (UINT8 *) IfrNvData);
+ GetBrowserDataResult = HiiGetBrowserData
+ (&gSecureBootConfigFormSetGuid, mSecureBootStorageName, BufferSize,
+ (UINT8 *) IfrNvData);
if (Action == EFI_BROWSER_ACTION_FORM_OPEN) {
if (QuestionId == KEY_SECURE_BOOT_MODE) { @@ -4889,7 +4891,7 @@ SecureBootCallback (
EXIT:
- if (!EFI_ERROR (Status)) {
+ if (!EFI_ERROR (Status) && GetBrowserDataResult) {
BufferSize = sizeof (SECUREBOOT_CONFIGURATION);
HiiSetBrowserData (&gSecureBootConfigFormSetGuid, mSecureBootStorageName, BufferSize, (UINT8*) IfrNvData, NULL);
}
--
2.5.1.windows.1
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2018-06-04 14:18 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-05-29 12:08 [PATCH] SecurityPkg/SecureBootConfigDxe: Fix invalid NV data issue Nickle Wang
2018-06-04 14:17 ` Zhang, Chao B
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox