From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.136; helo=mga12.intel.com; envelope-from=chao.b.zhang@intel.com; receiver=edk2-devel@lists.01.org Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id C2D0C210C0F72 for ; Mon, 23 Jul 2018 22:10:09 -0700 (PDT) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga008.jf.intel.com ([10.7.209.65]) by fmsmga106.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 23 Jul 2018 22:10:09 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.51,396,1526367600"; d="scan'208";a="59285312" Received: from fmsmsx104.amr.corp.intel.com ([10.18.124.202]) by orsmga008.jf.intel.com with ESMTP; 23 Jul 2018 22:09:50 -0700 Received: from shsmsx152.ccr.corp.intel.com (10.239.6.52) by fmsmsx104.amr.corp.intel.com (10.18.124.202) with Microsoft SMTP Server (TLS) id 14.3.319.2; Mon, 23 Jul 2018 22:09:42 -0700 Received: from shsmsx101.ccr.corp.intel.com ([169.254.1.57]) by SHSMSX152.ccr.corp.intel.com ([169.254.6.173]) with mapi id 14.03.0319.002; Tue, 24 Jul 2018 13:09:40 +0800 From: "Zhang, Chao B" To: Laszlo Ersek , edk2-devel-01 CC: "Yao, Jiewen" , Roman Bacik Thread-Topic: [PATCH 4/6] SecurityPkg/SecureBootConfigDxe: replace OpenFileByDevicePath() with UefiLib API Thread-Index: AQHUHtkKtq770UbWLUScdinUhC157KSd2Xkw Date: Tue, 24 Jul 2018 05:09:39 +0000 Message-ID: References: <20180718205043.17574-1-lersek@redhat.com> <20180718205043.17574-5-lersek@redhat.com> In-Reply-To: <20180718205043.17574-5-lersek@redhat.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ctpclassification: CTP_NT x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiYmQxZTQxY2YtMDIzNy00NTEwLThmMmMtZTMwNGEzNTVlYmE5IiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjEwLjE4MDQuNDkiLCJUcnVzdGVkTGFiZWxIYXNoIjoiZkhzWFwvN3RNS0wxMmVRYzAyNUgzdGhROFlKR0dOdThNR3lYNU5DM2Z6dlowNmd2a1Y2V21ZRjBqdHR5M2NoV3MifQ== dlp-product: dlpe-windows dlp-version: 11.0.200.100 dlp-reaction: no-action x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [PATCH 4/6] SecurityPkg/SecureBootConfigDxe: replace OpenFileByDevicePath() with UefiLib API X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Jul 2018 05:10:10 -0000 Content-Language: en-US Content-Type: text/plain; charset="iso-2022-jp" Content-Transfer-Encoding: quoted-printable Reviewed-by=1B$B!'=1B(B Chao Zhang -----Original Message----- From: Laszlo Ersek [mailto:lersek@redhat.com]=20 Sent: Thursday, July 19, 2018 4:51 AM To: edk2-devel-01 Cc: Zhang, Chao B ; Yao, Jiewen ; Roman Bacik Subject: [PATCH 4/6] SecurityPkg/SecureBootConfigDxe: replace OpenFileByDev= icePath() with UefiLib API Replace the OpenFileByDevicePath() function with EfiOpenFileByDevicePath() = from UefiLib, correcting the following issues: - imprecise comments on OpenFileByDevicePath(), - code duplication between this module and other modules, - local variable name "EfiSimpleFileSystemProtocol" starting with "Efi" prefix, - bogus "FileHandle =3D NULL" assignments, - leaking "Handle1" when the device path type/subtype check or the realignment-motivated AllocateCopyPool() fails in the loop, - stale SHELL_FILE_HANDLE reference in a comment. Cc: Chao Zhang Cc: Jiewen Yao Cc: Roman Bacik Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D1008 Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Laszlo Ersek --- SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.= inf | 1 - SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFile= Explorer.c | 151 +------------------- 2 files changed, 1 insertion(+), 151 deletions(-) diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBo= otConfigDxe.inf b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/Sec= ureBootConfigDxe.inf index 487fc8cda917..caf95ddac7d9 100644 --- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfi= gDxe.inf +++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootCo +++ nfigDxe.inf @@ -114,7 +114,6 @@ [Guids] [Protocols] gEfiHiiConfigAccessProtocolGuid ## PRODUCES gEfiDevicePathProtocolGuid ## PRODUCES - gEfiSimpleFileSystemProtocolGuid ## SOMETIMES_CONSUMES gEfiBlockIoProtocolGuid ## SOMETIMES_CONSUMES =20 [Depex] diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBo= otConfigFileExplorer.c b/SecurityPkg/VariableAuthenticated/SecureBootConfig= Dxe/SecureBootConfigFileExplorer.c index 2a26c20f394c..312a92d7461a 100644 --- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfi= gFileExplorer.c +++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootCo +++ nfigFileExplorer.c @@ -80,155 +80,6 @@ CleanUpPage ( ); } =20 -/** - This function will open a file or directory referenced by DevicePath. - - This function opens a file with the open mode according to the file path= . The - Attributes is valid only for EFI_FILE_MODE_CREATE. - - @param[in, out] FilePath On input, the device path to the file. - On output, the remaining device path. - @param[out] FileHandle Pointer to the file handle. - @param[in] OpenMode The mode to open the file with. - @param[in] Attributes The file's file attributes. - - @retval EFI_SUCCESS The information was set. - @retval EFI_INVALID_PARAMETER One of the parameters has an invalid va= lue. - @retval EFI_UNSUPPORTED Could not open the file path. - @retval EFI_NOT_FOUND The specified file could not be found o= n the - device or the file system could not be = found on - the device. - @retval EFI_NO_MEDIA The device has no medium. - @retval EFI_MEDIA_CHANGED The device has a different medium in it= or the - medium is no longer supported. - @retval EFI_DEVICE_ERROR The device reported an error. - @retval EFI_VOLUME_CORRUPTED The file system structures are corrupte= d. - @retval EFI_WRITE_PROTECTED The file or medium is write protected. - @retval EFI_ACCESS_DENIED The file was opened read only. - @retval EFI_OUT_OF_RESOURCES Not enough resources were available to = open the - file. - @retval EFI_VOLUME_FULL The volume is full. -**/ -EFI_STATUS -EFIAPI -OpenFileByDevicePath( - IN OUT EFI_DEVICE_PATH_PROTOCOL **FilePath, - OUT EFI_FILE_HANDLE *FileHandle, - IN UINT64 OpenMode, - IN UINT64 Attributes - ) -{ - EFI_STATUS Status; - EFI_SIMPLE_FILE_SYSTEM_PROTOCOL *EfiSimpleFileSystemProtocol; - EFI_FILE_PROTOCOL *Handle1; - EFI_FILE_PROTOCOL *Handle2; - EFI_HANDLE DeviceHandle; - CHAR16 *PathName; - UINTN PathLength; - - if ((FilePath =3D=3D NULL || FileHandle =3D=3D NULL)) { - return EFI_INVALID_PARAMETER; - } - - Status =3D gBS->LocateDevicePath ( - &gEfiSimpleFileSystemProtocolGuid, - FilePath, - &DeviceHandle - ); - if (EFI_ERROR (Status)) { - return Status; - } - - Status =3D gBS->OpenProtocol( - DeviceHandle, - &gEfiSimpleFileSystemProtocolGuid, - (VOID**)&EfiSimpleFileSystemProtocol, - gImageHandle, - NULL, - EFI_OPEN_PROTOCOL_GET_PROTOCOL - ); - if (EFI_ERROR (Status)) { - return Status; - } - - Status =3D EfiSimpleFileSystemProtocol->OpenVolume(EfiSimpleFileSystemPr= otocol, &Handle1); - if (EFI_ERROR (Status)) { - FileHandle =3D NULL; - return Status; - } - - // - // go down directories one node at a time. - // - while (!IsDevicePathEnd (*FilePath)) { - // - // For file system access each node should be a file path component - // - if (DevicePathType (*FilePath) !=3D MEDIA_DEVICE_PATH || - DevicePathSubType (*FilePath) !=3D MEDIA_FILEPATH_DP - ) { - FileHandle =3D NULL; - return (EFI_INVALID_PARAMETER); - } - // - // Open this file path node - // - Handle2 =3D Handle1; - Handle1 =3D NULL; - PathLength =3D DevicePathNodeLength (*FilePath) - sizeof (EFI_DEVICE_P= ATH_PROTOCOL); - PathName =3D AllocateCopyPool (PathLength, ((FILEPATH_DEVICE_PATH*)*Fi= lePath)->PathName); - if (PathName =3D=3D NULL) { - return EFI_OUT_OF_RESOURCES; - } - - // - // Try to test opening an existing file - // - Status =3D Handle2->Open ( - Handle2, - &Handle1, - PathName, - OpenMode &~EFI_FILE_MODE_CREATE, - 0 - ); - - // - // see if the error was that it needs to be created - // - if ((EFI_ERROR (Status)) && (OpenMode !=3D (OpenMode &~EFI_FILE_MODE_C= REATE))) { - Status =3D Handle2->Open ( - Handle2, - &Handle1, - PathName, - OpenMode, - Attributes - ); - } - // - // Close the last node - // - Handle2->Close (Handle2); - - FreePool (PathName); - - if (EFI_ERROR(Status)) { - return (Status); - } - - // - // Get the next node - // - *FilePath =3D NextDevicePathNode (*FilePath); - } - - // - // This is a weak spot since if the undefined SHELL_FILE_HANDLE format c= hanges this must change also! - // - *FileHandle =3D (VOID*)Handle1; - return EFI_SUCCESS; -} - - /** Extract filename from device path. The returned buffer is allocated usin= g AllocateCopyPool. The caller is responsible for freeing the allocated buffer using FreePoo= l(). If return NULL @@ -312,7 +163,7 @@ UpdatePage( =20 gSecureBootPrivateData->FileContext->FileName =3D FileName; =20 - OpenFileByDevicePath( + EfiOpenFileByDevicePath( &FilePath, &gSecureBootPrivateData->FileContext->FHandle, EFI_FILE_MODE_READ, -- 2.14.1.3.gb7cf6e02401b