diff options
| author | Laszlo Ersek <lersek@redhat.com> | 2020-01-16 13:34:21 +0100 |
|---|---|---|
| committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2020-01-31 09:35:31 +0000 |
| commit | fb02f5b2cd0b2a2d413a4f4fc41e085be2ede089 (patch) | |
| tree | 3c637092b7d455cd6e9c788a056bc81e3e695277 /SecurityPkg/Library/DxeImageVerificationLib | |
| parent | c602e97446a8e818bf09182f5dc9f3fa409ece95 (diff) | |
| download | edk2-fb02f5b2cd0b2a2d413a4f4fc41e085be2ede089.tar.gz edk2-fb02f5b2cd0b2a2d413a4f4fc41e085be2ede089.tar.bz2 edk2-fb02f5b2cd0b2a2d413a4f4fc41e085be2ede089.zip | |
SecurityPkg/DxeImageVerificationHandler: eliminate "Status" variable
The "Status" variable is set to EFI_ACCESS_DENIED at the top of the
function. Then it is overwritten with EFI_SECURITY_VIOLATION under the
"Failed" (earlier: "Done") label. We finally return "Status".
The above covers the complete usage of "Status" in
DxeImageVerificationHandler(). Remove the variable, and simply return
EFI_SECURITY_VIOLATION in the end.
This patch is a no-op, regarding behavior.
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2129
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20200116190705.18816-9-lersek@redhat.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
[lersek@redhat.com: push with Mike's R-b due to Chinese New Year
Holiday: <https://edk2.groups.io/g/devel/message/53429>; msgid
<d3fbb76dabed4e1987c512c328c82810@intel.com>]
Diffstat (limited to 'SecurityPkg/Library/DxeImageVerificationLib')
| -rw-r--r-- | SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c | 5 |
1 files changed, 1 insertions, 4 deletions
diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c index 51968bd9c8..b49fe87a10 100644 --- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c +++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c @@ -1560,7 +1560,6 @@ DxeImageVerificationHandler ( IN BOOLEAN BootPolicy
)
{
- EFI_STATUS Status;
EFI_IMAGE_DOS_HEADER *DosHdr;
BOOLEAN IsVerified;
EFI_SIGNATURE_LIST *SignatureList;
@@ -1588,7 +1587,6 @@ DxeImageVerificationHandler ( SecDataDir = NULL;
PkcsCertData = NULL;
Action = EFI_IMAGE_EXECUTION_AUTH_UNTESTED;
- Status = EFI_ACCESS_DENIED;
IsVerified = FALSE;
@@ -1880,13 +1878,12 @@ Failed: DEBUG ((DEBUG_INFO, "The image doesn't pass verification: %s\n", NameStr));
FreePool(NameStr);
}
- Status = EFI_SECURITY_VIOLATION;
if (SignatureList != NULL) {
FreePool (SignatureList);
}
- return Status;
+ return EFI_SECURITY_VIOLATION;
}
/**
|