From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (NAM10-BN7-obe.outbound.protection.outlook.com [40.92.40.33]) by mx.groups.io with SMTP id smtpd.web12.3413.1596673850738659575 for ; Wed, 05 Aug 2020 17:30:51 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="body hash did not verify" header.i=@outlook.com header.s=selector1 header.b=lTqlKFhN; spf=pass (domain: outlook.com, ip: 40.92.40.33, mailfrom: michael.kubacki@outlook.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=LNar2uOjAj8RBLG4pzxe4WI94b+gyOirjSWUQ1cZVRkYuN5p+fPu+oBZ8ojrSqLSd1kIn0/HGnBi02Z2xtmKw5qfiygJDAJthM8ipWT07FwxHA9ouzMf5OItM2J7cKwgf3LqqBHriOURAM8OJw7H9efvZblCoFVPx5Kl+a5a0rultz6VOgGap0tMYoa6N4bndGZMk6YlICcVVzQvpsqEZtVsDzC3mTymiM9ZLpD4qB0X2S1nlQgd+v8CePCN9dxlUTOU10K3oevgnK4Pus+uOykfsuutNHbFm23VxPQAMBsxZQZlw7+c1Bbl6yq56vtLS2KNPhmuczjK6azhrWKKhg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pLX7rKD4MsNePNRkI8bXfZNnQlpiN/x7VuS80Q1iEg4=; b=Q1oRIyWJWOzVsVlftuz69B+FuOLz1gWmFfABwMil3qunjmU3kA4lQ7mdj7EnwVKFV110QlADXTqyGiCKttqBWRQjjnJP9Ti+5rQlXsN2w7S/y41TJWOuXU5gcJSNmW5FiMFjV9O4KqFKk57y9HZ5p/0PlShzRx58BhaZVXx3xh0UPqyr2bMFTWOICzm7x7s6wb3ntlxliT3cxsN37XC25h2qzIhctV6M2Q74zb5dPWmTbSFaBOJ+KLzoAnQiGTEmAib+ZY/r2KLnM6IEkQZq5ysLZuI1ZbeJEeDuLGrTE97DPRTwb92n7u5lrqHAYgrLhygsD+yZ2C7ipopy20PH2A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pLX7rKD4MsNePNRkI8bXfZNnQlpiN/x7VuS80Q1iEg4=; b=lTqlKFhN90z9blrbzbyrr/6Y6r2i8WHDKdH3gYz5LrzmZmPzr1gI2bb5+tate2jbphW4w68Qltxs2POliZ1GDkZWhzHIfsFqlpSIoidSIPJNezf03JXtH6JrSEK6vmYBeEXMau4JxSqNlt8/45713/kf1inpiunJk4RBTyVES9U5gSRPkHXjXGbPWI7iZ0lqjafXgNYehYyeXlY+iI7MHC6mOQVsBBlL2jtpKRZCjAzT+54vUCxN7CR4v8RVbDSQ7cScWg/HAB/SeWfIEu7rJLTouWQnHaqdexO1KgDkQyX6iYYIUcXEXK8zzZwv5dxcX2U1RQQzxhtIrAfLJzHe6w== Received: from DM6NAM10FT020.eop-nam10.prod.protection.outlook.com (2a01:111:e400:7e86::4f) by DM6NAM10HT027.eop-nam10.prod.protection.outlook.com (2a01:111:e400:7e86::121) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3261.16; Thu, 6 Aug 2020 00:30:49 +0000 Received: from MWHPR07MB3440.namprd07.prod.outlook.com (2a01:111:e400:7e86::4b) by DM6NAM10FT020.mail.protection.outlook.com (2a01:111:e400:7e86::115) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3261.16 via Frontend Transport; Thu, 6 Aug 2020 00:30:49 +0000 X-IncomingTopHeaderMarker: OriginalChecksum:198FAC71F0B1B2AA6D08FD7F2A6B22C3DAF9E335E722F89E0A474B47377F0A74;UpperCasedChecksum:F017D17EFF7E0656CA882385B899548AA36C9C1ABDB5A88AF0EA9F404652D2C5;SizeAsReceived:9317;Count:49 Received: from MWHPR07MB3440.namprd07.prod.outlook.com ([fe80::9856:570e:1735:974e]) by MWHPR07MB3440.namprd07.prod.outlook.com ([fe80::9856:570e:1735:974e%7]) with mapi id 15.20.3239.022; Thu, 6 Aug 2020 00:30:49 +0000 Subject: Re: [edk2-devel] [PATCH v1 7/7] FmpDevicePkg/FmpDxe: Improve function parameter validation To: devel@edk2.groups.io, michael.d.kinney@intel.com CC: "Gao, Liming" References: <20200731031448.1103-1-michael.kubacki@outlook.com> From: "Michael Kubacki" Message-ID: Date: Wed, 5 Aug 2020 17:30:47 -0700 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.11.0 In-Reply-To: X-ClientProxiedBy: MWHPR13CA0040.namprd13.prod.outlook.com (2603:10b6:300:95::26) To MWHPR07MB3440.namprd07.prod.outlook.com (2603:10b6:301:69::28) Return-Path: michael.kubacki@outlook.com X-Microsoft-Original-Message-ID: <23b1188f-5b5b-7688-f0d5-6d6044ddddf5@outlook.com> MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from [IPv6:2001:4898:d8:39:2142:5170:12c:6904] (2001:4898:80e8:a:a160:5170:12c:6904) by MWHPR13CA0040.namprd13.prod.outlook.com (2603:10b6:300:95::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3261.13 via Frontend Transport; Thu, 6 Aug 2020 00:30:48 +0000 X-Microsoft-Original-Message-ID: <23b1188f-5b5b-7688-f0d5-6d6044ddddf5@outlook.com> X-TMN: [U28/Gi7KhWD9bbNpJbRDBxUwto3FuVBQdhNVQYNjVcYf7tOaD7B5zaYPkMAEYvLA] X-MS-PublicTrafficType: Email X-IncomingHeaderCount: 49 X-EOPAttributedMessage: 0 X-MS-Office365-Filtering-Correlation-Id: 3a5939cd-3079-4000-5840-08d8399ff773 X-MS-TrafficTypeDiagnostic: DM6NAM10HT027: X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: /O4QkgHcElJaz8o71wjjzLAz0Xjw91TSHBI12M249jl3Ek3objoX/QkItObCHBRwbN5AH3fF2iaoVye9zZuYnlMkARB6u8q4aeMrJBVB96T/bPnbSadAaHu7krE7DzU0SuH2gNLG3xnPBixhZRo4eg5M+qI79YyQplPYJR77AMeKNzmSHmyiCob30o8Qz/usCU6/iAB4IO79VLARbC+DOpQMpeu3oNSQl2hKCBFWXzGEV3qUyWCuUTE83u+r+Al4 X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:0;SRV:;IPV:NLI;SFV:NSPM;H:MWHPR07MB3440.namprd07.prod.outlook.com;PTR:;CAT:NONE;SFTY:;SFS:;DIR:OUT;SFP:1901; X-MS-Exchange-AntiSpam-MessageData: x3nZXhnn4ZIJVE1YH2Eos6z45PoBPIlNyh7eb9ZgYtqekUKy4v3GJcFtE9il3/vi55t/PctOvEY+CC5Uwp1ldxxfVLuaSdHmvN4jdibWTviHAehWiD8URhTYeEB6FeXdWrIz8fyZ7DFHfw1LZ3v9OEizRiEAPVMdiBj4hIRagMCnY7yBo3coGre3h3XMiTI2sNy2OKo8xRrsMWHS3bPLtA== X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 3a5939cd-3079-4000-5840-08d8399ff773 X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Aug 2020 00:30:48.9408 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-AuthSource: DM6NAM10FT020.eop-nam10.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: Internet X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6NAM10HT027 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: quoted-printable Hi Mike, There's quite a few discrepancies at the moment between functions in=20 FmpDxe that implement EFI_FIRMWARE_MANAGEMENT_PROTOCOL and the=20 corresponding description in the UEFI spec. For example: UEFI Spec 2.8B - EFI_FIRMWARE_MANAGEMENT_PROTOCOL.GetImageInfo(): Status Codes Returned EFI_SUCCESS The image information was successfully returned. EFI_BUFFER_TOO_SMALL The ImageInfo buffer was too small. The current buffer size needed to hold the image(s) information is returned in ImageInfoSize. EFI_INVALID_PARAMETER ImageInfoSize is not too small and ImageInfo is NULL. EFI_INVALID_PARAMETER ImageInfoSize is non-zero and DescriptorVersion is NULL. EFI_INVALID_PARAMETER ImageInfoSize is non-zero and DescriptorCount is NULL. EFI_INVALID_PARAMETER ImageInfoSize is non-zero and DescriptorSize is NULL. EFI_INVALID_PARAMETER ImageInfoSize is non-zero and PackageVersion is NULL. EFI_INVALID_PARAMETER ImageInfoSize is non-zero and PackageVersionName is NULL. EFI_DEVICE_ERROR Valid information could not be returned. Possible corrupted image. Actual - FmpDxe - GetTheImageInfo(): @retval EFI_SUCCESS The device was successfully updated with the new image. @retval EFI_BUFFER_TOO_SMALL The ImageInfo buffer was too small. The current buffer size needed to hold the image(s) information is returned in ImageInfoSize. @retval EFI_INVALID_PARAMETER ImageInfoSize is NULL. @retval EFI_DEVICE_ERROR Valid information could not be returned. Possible corrupted image. There's cases such as in GetTheImage() where the code describes=20 EFI_INVALID_PARAMETER is returned as follows: @retval EFI_INVALID_PARAMETER The Image was NULL. However, the implementation will actually return the status code under=20 other conditions such as an invalid ImageIndex or NULL ImageSize pointer. I agree these should be cleaned up such that implementation and spec=20 match and the descriptions are accurate, but that could warrant its own=20 series. For this series, is the ask to leave the descriptions as-is? If so, I=20 can file a BZ to resolve the code/spec discrepancies. Thanks, Michael On 8/5/2020 4:30 PM, Michael D Kinney wrote: > Michael, >=20 > That is a good point. I missed that behavior in some of the APIs. >=20 > What I also missed was that these APIs are defined in the UEFI Spec and = the > description of the return codes is from there and should match the UEFI = Spec. >=20 > The implementation should be conformant with the UEFI Spec. If you noti= ce > behavior that is not conformant, then we need to update the code or pote= ntially > work on spec updates. >=20 > For this patch series, let=E2=80=99s make sure the Firmware Management P= rotocol service > headers match the UEFI Spec. >=20 > Mike >=20 >> -----Original Message----- >> From: Michael Kubacki >> Sent: Wednesday, August 5, 2020 1:43 PM >> To: Kinney, Michael D ; devel@edk2.groups.i= o >> Cc: Gao, Liming >> Subject: Re: [PATCH v1 7/7] FmpDevicePkg/FmpDxe: Improve function param= eter validation >> >> Hi Mike, >> >> Some of those functions currently return EFI_SUCCESS if ImageIndex is >> invalid. Example: >> https://github.com/tianocore/edk2/blob/master/FmpDevicePkg/FmpDxe/FmpDx= e.c#L851 >> >> Given the request to update the EFI_INVALID_PARAMETER text for those >> other functions, I'm assuming you'd like me to make those return >> EFI_INVALID_PARAMETER like what GetTheImage() currently does - >> https://github.com/tianocore/edk2/blob/master/FmpDevicePkg/FmpDxe/FmpDx= e.c#L573? >> >> Thanks, >> Michael >> >> On 8/5/2020 9:51 AM, Kinney, Michael D wrote: >>> Hi Michael, >>> >>> A few minor comments included below. With those updates, >>> >>> Reviewed-bv: Michael D Kinney >>> >>> Mike >>> >>>> -----Original Message----- >>>> From: michael.kubacki@outlook.com >>>> Sent: Thursday, July 30, 2020 8:15 PM >>>> To: devel@edk2.groups.io >>>> Cc: Gao, Liming ; Kinney, Michael D >>>> Subject: [PATCH v1 7/7] FmpDevicePkg/FmpDxe: Improve function paramet= er validation >>>> >>>> From: Michael Kubacki >>>> >>>> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3D2869 >>>> >>>> Makes some minor improvements to function parameter validation >>>> in FmpDxe, in particular to externally exposed functions such >>>> as those that back EFI_FIRMWARE_MANAGEMENT_PROTOCOL. >>>> >>>> Cc: Liming Gao >>>> Cc: Michael D Kinney >>>> Signed-off-by: Michael Kubacki >>>> --- >>>> FmpDevicePkg/FmpDxe/FmpDxe.c | 56 +++++++++++++++++--- >>>> FmpDevicePkg/FmpDxe/FmpDxe.h | 10 ++-- >>>> 2 files changed, 54 insertions(+), 12 deletions(-) >>>> >>>> diff --git a/FmpDevicePkg/FmpDxe/FmpDxe.c b/FmpDevicePkg/FmpDxe/FmpDx= e.c >>>> index a3e342591936..958d9b394b71 100644 >>>> --- a/FmpDevicePkg/FmpDxe/FmpDxe.c >>>> +++ b/FmpDevicePkg/FmpDxe/FmpDxe.c >>>> @@ -278,6 +278,11 @@ PopulateDescriptor ( >>>> EFI_STATUS Status; >>>> UINT32 DependenciesSize; >>>> >>>> + if (Private =3D=3D NULL) { >>>> + DEBUG ((DEBUG_ERROR, "FmpDxe(%s): PopulateDescriptor() - Private= is NULL.\n", mImageIdName)); >>>> + return; >>>> + } >>>> + >>>> if (Private->DescriptorPopulated) { >>>> return; >>>> } >>>> @@ -429,7 +434,7 @@ PopulateDescriptor ( >>>> @retval EFI_SUCCESS The device was successfully u= pdated with the new image. >>>> @retval EFI_BUFFER_TOO_SMALL The ImageInfo buffer was too = small. The current buffer size >>>> needed to hold the image(s) i= nformation is returned in ImageInfoSize. >>>> - @retval EFI_INVALID_PARAMETER ImageInfoSize is NULL. >>>> + @retval EFI_INVALID_PARAMETER A required pointer is NULL. >>>> @retval EFI_DEVICE_ERROR Valid information could not b= e returned. Possible corrupted image. >>>> >>>> **/ >>>> @@ -451,6 +456,12 @@ GetTheImageInfo ( >>>> >>>> Status =3D EFI_SUCCESS; >>>> >>>> + if (This =3D=3D NULL) { >>>> + DEBUG ((DEBUG_ERROR, "FmpDxe(%s): GetImageInfo() - This is NULL.= \n", mImageIdName)); >>>> + Status =3D EFI_INVALID_PARAMETER; >>>> + goto cleanup; >>>> + } >>>> + >>>> // >>>> // Retrieve the private context structure >>>> // >>>> @@ -536,7 +547,7 @@ GetTheImageInfo ( >>>> @retval EFI_BUFFER_TOO_SMALL The buffer specified by ImageSize= is too small to hold the >>>> image. The current buffer size ne= eded to hold the image is returned >>>> in ImageSize. >>>> - @retval EFI_INVALID_PARAMETER The Image was NULL. >>>> + @retval EFI_INVALID_PARAMETER A required pointer is NULL or Image= Index is invalid. >>>> @retval EFI_NOT_FOUND The current image is not copied t= o the buffer. >>>> @retval EFI_UNSUPPORTED The operation is not supported. >>>> @retval EFI_SECURITY_VIOLATION The operation could not be perfor= med due to an authentication failure. >>>> @@ -561,6 +572,12 @@ GetTheImage ( >>>> >>>> Status =3D EFI_SUCCESS; >>>> >>>> + if (This =3D=3D NULL) { >>>> + DEBUG ((DEBUG_ERROR, "FmpDxe(%s): GetImage() - This is NULL.\n",= mImageIdName)); >>>> + Status =3D EFI_INVALID_PARAMETER; >>>> + goto cleanup; >>>> + } >>>> + >>>> // >>>> // Retrieve the private context structure >>>> // >>>> @@ -615,7 +632,8 @@ GetTheImage ( >>>> @param[in] Image Pointer to the image. >>>> @param[in] ImageSize Size of the image. >>>> @param[in] AdditionalHeaderSize Size of any headers that cann= ot be calculated by this function. >>>> - @param[out] PayloadSize >>>> + @param[out] PayloadSize An optional pointer to a UINTN = that holds the size of the payload >>>> + (image size minus headers) >>>> >>>> @retval !NULL Valid pointer to the header. >>>> @retval NULL Structure is bad and pointer cannot be found. >>>> @@ -626,7 +644,7 @@ GetFmpHeader ( >>>> IN CONST EFI_FIRMWARE_IMAGE_AUTHENTICATION *Image, >>>> IN CONST UINTN ImageSize, >>>> IN CONST UINTN AdditionalHeaderSiz= e, >>>> - OUT UINTN *PayloadSize >>>> + OUT UINTN *PayloadSize OPTIONAL >>>> ) >>>> { >>>> // >>>> @@ -640,7 +658,10 @@ GetFmpHeader ( >>>> return NULL; >>>> } >>>> >>>> - *PayloadSize =3D ImageSize - (sizeof (Image->MonotonicCount) + Ima= ge->AuthInfo.Hdr.dwLength + AdditionalHeaderSize); >>>> + if (PayloadSize !=3D NULL) { >>>> + *PayloadSize =3D ImageSize - (sizeof (Image->MonotonicCount) + I= mage->AuthInfo.Hdr.dwLength + AdditionalHeaderSize); >>>> + } >>>> + >>>> return (VOID *)((UINT8 *)Image + sizeof (Image->MonotonicCount) = + Image->AuthInfo.Hdr.dwLength + AdditionalHeaderSize); >>>> } >>>> >>>> @@ -663,6 +684,10 @@ GetAllHeaderSize ( >>>> { >>>> UINT32 CalculatedSize; >>>> >>>> + if (Image =3D=3D NULL) { >>> >>> This is an internal helper function. If Image is ever NULL, it must b= e a bug in the >>> FmpDxe driver. Should we do more than just return 0? Perhaps a DEBUG= _ERROR message too? >>> >>>> + return 0; >>>> + } >>>> + >>>> CalculatedSize =3D sizeof (Image->MonotonicCount) + >>>> AdditionalHeaderSize + >>>> Image->AuthInfo.Hdr.dwLength; >>>> @@ -698,7 +723,7 @@ GetAllHeaderSize ( >>>> >>>> @retval EFI_SUCCESS The image was successfully checke= d. >>>> @retval EFI_ABORTED The operation is aborted. >>>> - @retval EFI_INVALID_PARAMETER The Image was NULL. >>>> + @retval EFI_INVALID_PARAMETER A required pointer is NULL. >>> >>> This function also uses ImageIndex. Similar to updates above, I think= this >>> @retval line should be: >>> >>> @retval EFI_INVALID_PARAMETER A required pointer is NULL or Image= Index is invalid. >>> >>>> @retval EFI_UNSUPPORTED The operation is not supported. >>>> @retval EFI_SECURITY_VIOLATION The operation could not be perfor= med due to an authentication failure. >>>> >>>> @@ -743,6 +768,12 @@ CheckTheImage ( >>>> return EFI_UNSUPPORTED; >>>> } >>>> >>>> + if (This =3D=3D NULL) { >>>> + DEBUG ((DEBUG_ERROR, "FmpDxe(%s): CheckImage() - This is NULL.\n= ", mImageIdName)); >>>> + Status =3D EFI_INVALID_PARAMETER; >>>> + goto cleanup; >>>> + } >>>> + >>>> // >>>> // Retrieve the private context structure >>>> // >>>> @@ -978,7 +1009,7 @@ CheckTheImage ( >>>> >>>> @retval EFI_SUCCESS The device was successfully updat= ed with the new image. >>>> @retval EFI_ABORTED The operation is aborted. >>>> - @retval EFI_INVALID_PARAMETER The Image was NULL. >>>> + @retval EFI_INVALID_PARAMETER A required pointer is NULL. >>> >>> This function also uses ImageIndex. Similar to updates above, I think= this >>> @retval line should be: >>> >>> @retval EFI_INVALID_PARAMETER A required pointer is NULL or Image= Index is invalid. >>> >>>> @retval EFI_UNSUPPORTED The operation is not supported. >>>> @retval EFI_SECURITY_VIOLATION The operation could not be perfor= med due to an authentication failure. >>>> >>>> @@ -1026,6 +1057,12 @@ SetTheImage ( >>>> return EFI_UNSUPPORTED; >>>> } >>>> >>>> + if (This =3D=3D NULL) { >>>> + DEBUG ((DEBUG_ERROR, "FmpDxe(%s): SetTheImage() - This is NULL.\= n", mImageIdName)); >>>> + Status =3D EFI_INVALID_PARAMETER; >>>> + goto cleanup; >>>> + } >>>> + >>>> // >>>> // Retrieve the private context structure >>>> // >>>> @@ -1382,6 +1419,11 @@ FmpDxeLockEventNotify ( >>>> EFI_STATUS Status; >>>> FIRMWARE_MANAGEMENT_PRIVATE_DATA *Private; >>>> >>>> + if (Context =3D=3D NULL) { >>>> + ASSERT (Context !=3D NULL); >>>> + return; >>>> + } >>>> + >>>> Private =3D (FIRMWARE_MANAGEMENT_PRIVATE_DATA *)Context; >>>> >>>> if (!Private->FmpDeviceLocked) { >>>> diff --git a/FmpDevicePkg/FmpDxe/FmpDxe.h b/FmpDevicePkg/FmpDxe/FmpDx= e.h >>>> index 30754dea495e..4dfec316a558 100644 >>>> --- a/FmpDevicePkg/FmpDxe/FmpDxe.h >>>> +++ b/FmpDevicePkg/FmpDxe/FmpDxe.h >>>> @@ -3,7 +3,7 @@ >>>> image stored in a firmware device with platform and firmware dev= ice specific >>>> information provided through PCDs and libraries. >>>> >>>> - Copyright (c) 2016, Microsoft Corporation. All rights reserved. >>>> + Copyright (c) Microsoft Corporation.
>>>> Copyright (c) 2018 - 2019, Intel Corporation. All rights reserve= d.
>>>> >>>> SPDX-License-Identifier: BSD-2-Clause-Patent >>>> @@ -132,7 +132,7 @@ DetectTestKey ( >>>> @retval EFI_SUCCESS The device was successfully u= pdated with the new image. >>>> @retval EFI_BUFFER_TOO_SMALL The ImageInfo buffer was too = small. The current buffer size >>>> needed to hold the image(s) i= nformation is returned in ImageInfoSize. >>>> - @retval EFI_INVALID_PARAMETER ImageInfoSize is NULL. >>>> + @retval EFI_INVALID_PARAMETER A required pointer is NULL. >>>> @retval EFI_DEVICE_ERROR Valid information could not b= e returned. Possible corrupted image. >>>> >>>> **/ >>>> @@ -166,7 +166,7 @@ GetTheImageInfo ( >>>> @retval EFI_BUFFER_TOO_SMALL The buffer specified by ImageSize= is too small to hold the >>>> image. The current buffer size ne= eded to hold the image is returned >>>> in ImageSize. >>>> - @retval EFI_INVALID_PARAMETER The Image was NULL. >>>> + @retval EFI_INVALID_PARAMETER A required pointer is NULL or Image= Index is invalid. >>>> @retval EFI_NOT_FOUND The current image is not copied t= o the buffer. >>>> @retval EFI_UNSUPPORTED The operation is not supported. >>>> @retval EFI_SECURITY_VIOLATION The operation could not be perfor= med due to an authentication failure. >>>> @@ -198,7 +198,7 @@ GetTheImage ( >>>> >>>> @retval EFI_SUCCESS The image was successfully checke= d. >>>> @retval EFI_ABORTED The operation is aborted. >>>> - @retval EFI_INVALID_PARAMETER The Image was NULL. >>>> + @retval EFI_INVALID_PARAMETER A required pointer is NULL. >>> >>> This function also uses ImageIndex. Similar to updates above, I think= this >>> @retval line should be: >>> >>> @retval EFI_INVALID_PARAMETER A required pointer is NULL or Image= Index is invalid. >>> >>>> @retval EFI_UNSUPPORTED The operation is not supported. >>>> @retval EFI_SECURITY_VIOLATION The operation could not be perfor= med due to an authentication failure. >>>> >>>> @@ -254,7 +254,7 @@ CheckTheImage ( >>>> >>>> @retval EFI_SUCCESS The device was successfully updat= ed with the new image. >>>> @retval EFI_ABORTED The operation is aborted. >>>> - @retval EFI_INVALID_PARAMETER The Image was NULL. >>>> + @retval EFI_INVALID_PARAMETER A required pointer is NULL. >>> >>> This function also uses ImageIndex. Similar to updates above, I think= this >>> @retval line should be: >>> >>> @retval EFI_INVALID_PARAMETER A required pointer is NULL or Image= Index is invalid. >>> >>>> @retval EFI_UNSUPPORTED The operation is not supported. >>>> @retval EFI_SECURITY_VIOLATION The operation could not be perfor= med due to an authentication failure. >>>> >>>> -- >>>> 2.27.0.windows.1 >>> >=20 >=20 >=20