diff options
author | Guomin Jiang <guomin.jiang@intel.com> | 2020-04-15 11:33:08 +0800 |
---|---|---|
committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2020-04-22 01:55:34 +0000 |
commit | 1755932f89e0b32fa09232661a5ae6c357f4e471 (patch) | |
tree | 0577ffe6761ff46b2c3ab8f580256e244514a415 /SecurityPkg | |
parent | b447a20bdfb2ff24ba048bb3026c902c4768a7e9 (diff) | |
download | edk2-1755932f89e0b32fa09232661a5ae6c357f4e471.tar.gz edk2-1755932f89e0b32fa09232661a5ae6c357f4e471.tar.bz2 edk2-1755932f89e0b32fa09232661a5ae6c357f4e471.zip |
SecurityPkg/TPM: measure UEFI images without associated device paths again
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2652
DxeTpm2MeasureBootHandler() and DxeTpmMeasureBootHandler() functions may
receive a FileBuffer argument that is not associated with any particular
device path (e.g., because the UEFI image has not been loaded from any
particular device path).
Therefore rejecting (File==NULL) at the top of the function is invalid.
Fixes: 4b026f0d5af36faf3a3629a3ad49c51b5b3be12f
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
Diffstat (limited to 'SecurityPkg')
-rw-r--r-- | SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c | 20 | ||||
-rw-r--r-- | SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c | 20 |
2 files changed, 20 insertions, 20 deletions
diff --git a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c index f0e95e5ec0..92eac71580 100644 --- a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c +++ b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c @@ -384,8 +384,6 @@ Finish: and other exception operations. The File parameter allows for possible logging
within the SAP of the driver.
- If File is NULL, then EFI_ACCESS_DENIED is returned.
-
If the file specified by File with an authentication status specified by
AuthenticationStatus is safe for the DXE Core to use, then EFI_SUCCESS is returned.
@@ -398,6 +396,8 @@ Finish: might be possible to use it at a future time, then EFI_SECURITY_VIOLATION is
returned.
+ If check image specified by FileBuffer and File is NULL meanwhile, return EFI_ACCESS_DENIED.
+
@param[in] AuthenticationStatus This is the authentication status returned
from the securitymeasurement services for the
input file.
@@ -416,7 +416,7 @@ EFI_STATUS EFIAPI
DxeTpm2MeasureBootHandler (
IN UINT32 AuthenticationStatus,
- IN CONST EFI_DEVICE_PATH_PROTOCOL *File,
+ IN CONST EFI_DEVICE_PATH_PROTOCOL *File, OPTIONAL
IN VOID *FileBuffer,
IN UINTN FileSize,
IN BOOLEAN BootPolicy
@@ -435,13 +435,6 @@ DxeTpm2MeasureBootHandler ( EFI_PHYSICAL_ADDRESS FvAddress;
UINT32 Index;
- //
- // Check for invalid parameters.
- //
- if (File == NULL) {
- return EFI_ACCESS_DENIED;
- }
-
Status = gBS->LocateProtocol (&gEfiTcg2ProtocolGuid, NULL, (VOID **) &Tcg2Protocol);
if (EFI_ERROR (Status)) {
//
@@ -616,6 +609,13 @@ DxeTpm2MeasureBootHandler ( Status = PeCoffLoaderGetImageInfo (&ImageContext);
if (EFI_ERROR (Status)) {
//
+ // Check for invalid parameters.
+ //
+ if (File == NULL) {
+ Status = EFI_ACCESS_DENIED;
+ }
+
+ //
// The information can't be got from the invalid PeImage
//
goto Finish;
diff --git a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c index d499371e7a..d990eb2ad3 100644 --- a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c +++ b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c @@ -678,8 +678,6 @@ Finish: and other exception operations. The File parameter allows for possible logging
within the SAP of the driver.
- If File is NULL, then EFI_ACCESS_DENIED is returned.
-
If the file specified by File with an authentication status specified by
AuthenticationStatus is safe for the DXE Core to use, then EFI_SUCCESS is returned.
@@ -692,6 +690,8 @@ Finish: might be possible to use it at a future time, then EFI_SECURITY_VIOLATION is
returned.
+ If check image specified by FileBuffer and File is NULL meanwhile, return EFI_ACCESS_DENIED.
+
@param[in] AuthenticationStatus This is the authentication status returned
from the securitymeasurement services for the
input file.
@@ -710,7 +710,7 @@ EFI_STATUS EFIAPI
DxeTpmMeasureBootHandler (
IN UINT32 AuthenticationStatus,
- IN CONST EFI_DEVICE_PATH_PROTOCOL *File,
+ IN CONST EFI_DEVICE_PATH_PROTOCOL *File, OPTIONAL
IN VOID *FileBuffer,
IN UINTN FileSize,
IN BOOLEAN BootPolicy
@@ -732,13 +732,6 @@ DxeTpmMeasureBootHandler ( EFI_PHYSICAL_ADDRESS FvAddress;
UINT32 Index;
- //
- // Check for invalid parameters.
- //
- if (File == NULL) {
- return EFI_ACCESS_DENIED;
- }
-
Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **) &TcgProtocol);
if (EFI_ERROR (Status)) {
//
@@ -913,6 +906,13 @@ DxeTpmMeasureBootHandler ( Status = PeCoffLoaderGetImageInfo (&ImageContext);
if (EFI_ERROR (Status)) {
//
+ // Check for invalid parameters.
+ //
+ if (File == NULL) {
+ return EFI_ACCESS_DENIED;
+ }
+
+ //
// The information can't be got from the invalid PeImage
//
goto Finish;
|