MdeModulePkg Variable: Fix Timestamp zeroing issue on APPEND_WRITE - edk2 - Cross-platform firmware development environment

diff options

author	Star Zeng <star.zeng@intel.com>	2017-02-28 14:01:47 +0800
committer	Star Zeng <star.zeng@intel.com>	2018-10-17 11:24:44 +0800
commit	b7dc8888f31402f410c53242839271ba3b94b619 (patch)
tree	2297526626c0fb08316a891fbc866e149a608539 /BaseTools/Source/Python
parent	25d310d9b6187ca2e770b0b959831416441ce271 (diff)
download	edk2-b7dc8888f31402f410c53242839271ba3b94b619.tar.gz edk2-b7dc8888f31402f410c53242839271ba3b94b619.tar.bz2 edk2-b7dc8888f31402f410c53242839271ba3b94b619.zip

MdeModulePkg Variable: Fix Timestamp zeroing issue on APPEND_WRITE

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=415 When SetVariable() to a time based auth variable with APPEND_WRITE attribute, and if the EFI_VARIABLE_AUTHENTICATION_2.TimeStamp in the input Data is earlier than current value, it will cause timestamp zeroing. This issue may bring time based auth variable downgrade problem. For example: A vendor released three certs at 2014, 2015, and 2016, and system integrated the 2016 cert. User can SetVariable() with 2015 cert and APPEND_WRITE attribute to cause timestamp zeroing first, then SetVariable() with 2014 cert to downgrade the cert. This patch fixes this issue. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Jian J Wang <jian.j.wang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

Diffstat (limited to 'BaseTools/Source/Python')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: