On 02/07/20 01:04, Philippe Mathieu-Daudé wrote:
> The DxeTpmMeasureBootHandler and DxeTpm2MeasureBootHandler handlers
> are SECURITY2_FILE_AUTHENTICATION_HANDLER prototype. This prototype
> can not return EFI_INVALID_PARAMETER.
>
> The prototype documentation states it returns EFI_ACCESS_DENIED if:
>
> "The file specified by File and FileBuffer did not authenticate,
> and the platform policy dictates that the DXE Foundation may not
> use File."
>
> Correct the documentation, and add a early check, returning
> EFI_ACCESS_DENIED when File is NULL.
>
> Noticed while reviewing commit 6d57592740cdd0b6868baeef7929d6e6fef.
>
> Cc: Jiewen Yao <jiewen....@intel.com>
> Cc: Jian J Wang <jian.j.w...@intel.com>
> Cc: Chao Zhang <chao.b.zh...@intel.com>
> Signed-off-by: Philippe Mathieu-Daude <phi...@redhat.com>
> ---
> .../DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c | 9 ++++++++-
> .../Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c | 9 ++++++++-
> 2 files changed, 16 insertions(+), 2 deletions(-)
>
> diff --git
> a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c
> b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c
> index 04b9b0d7fbf3..cabc0c6c7556 100644
> --- a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c
> +++ b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c
> @@ -384,7 +384,7 @@ Tcg2MeasurePeImage (
> and other exception operations. The File parameter allows for possible
> logging
> within the SAP of the driver.
>
> - If File is NULL, then EFI_INVALID_PARAMETER is returned.
> + If File is NULL, then EFI_ACCESS_DENIED is returned.
>
> If the file specified by File with an authentication status specified by
> AuthenticationStatus is safe for the DXE Core to use, then EFI_SUCCESS is
> returned.
> @@ -435,6 +435,13 @@ DxeTpm2MeasureBootHandler (
> EFI_PHYSICAL_ADDRESS FvAddress;
> UINT32 Index;
>
> + //
> + // Check for invalid parameters.
> + //
> + if (File == NULL) {
> + return EFI_ACCESS_DENIED;
> + }
> +
> Status = gBS->LocateProtocol (&gEfiTcg2ProtocolGuid, NULL, (VOID **)
> &Tcg2Protocol);
> if (EFI_ERROR (Status)) {
> //
> diff --git a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c
> b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c
> index 1f2eed29a1df..dfaaa0f0b332 100644
> --- a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c
> +++ b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c
> @@ -678,7 +678,7 @@ TcgMeasurePeImage (
> and other exception operations. The File parameter allows for possible
> logging
> within the SAP of the driver.
>
> - If File is NULL, then EFI_INVALID_PARAMETER is returned.
> + If File is NULL, then EFI_ACCESS_DENIED is returned.
>
> If the file specified by File with an authentication status specified by
> AuthenticationStatus is safe for the DXE Core to use, then EFI_SUCCESS is
> returned.
> @@ -732,6 +732,13 @@ DxeTpmMeasureBootHandler (
> EFI_PHYSICAL_ADDRESS FvAddress;
> UINT32 Index;
>
> + //
> + // Check for invalid parameters.
> + //
> + if (File == NULL) {
> + return EFI_ACCESS_DENIED;
> + }
> +
> Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **)
> &TcgProtocol);
> if (EFI_ERROR (Status)) {
> //
>
Reviewed-by: Laszlo Ersek <ler...@redhat.com>
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#54035): https://edk2.groups.io/g/devel/message/54035
Mute This Topic: https://groups.io/mt/71038142/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
