render / rpms / edk2

Forked from rpms/edk2 3 months ago
Clone

Blame SOURCES/edk2-SecurityPkg-DxeImageVerificationHandler-fix-imgexec-.patch

6009e6
From d9f12d175da2d203be078d03c9127293ea6fe86b Mon Sep 17 00:00:00 2001
6009e6
From: Laszlo Ersek <lersek@redhat.com>
6009e6
Date: Fri, 31 Jan 2020 12:42:47 +0100
6009e6
Subject: [PATCH 11/12] SecurityPkg/DxeImageVerificationHandler: fix imgexec
6009e6
 info on memalloc fail
6009e6
MIME-Version: 1.0
6009e6
Content-Type: text/plain; charset=UTF-8
6009e6
Content-Transfer-Encoding: 8bit
6009e6
6009e6
RH-Author: Laszlo Ersek <lersek@redhat.com>
6009e6
Message-id: <20200131124248.22369-12-lersek@redhat.com>
6009e6
Patchwork-id: 93618
6009e6
O-Subject: [RHEL-8.2.0 edk2 PATCH 11/12] SecurityPkg/DxeImageVerificationHandler: fix imgexec info on memalloc fail
6009e6
Bugzilla: 1751993
6009e6
RH-Acked-by: Philippe Mathieu-Daudé <philmd@redhat.com>
6009e6
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
6009e6
6009e6
It makes no sense to call AddImageExeInfo() with (Signature == NULL) and
6009e6
(SignatureSize > 0). AddImageExeInfo() does not crash in such a case -- it
6009e6
avoids the CopyMem() call --, but it creates an invalid
6009e6
EFI_IMAGE_EXECUTION_INFO record. Namely, the
6009e6
"EFI_IMAGE_EXECUTION_INFO.InfoSize" field includes "SignatureSize", but
6009e6
the actual signature bytes are not filled in.
6009e6
6009e6
Document and ASSERT() this condition in AddImageExeInfo().
6009e6
6009e6
In DxeImageVerificationHandler(), zero out "SignatureListSize" if we set
6009e6
"SignatureList" to NULL due to AllocateZeroPool() failure.
6009e6
6009e6
(Another approach could be to avoid calling AddImageExeInfo() completely,
6009e6
in case AllocateZeroPool() fails. Unfortunately, the UEFI v2.8 spec does
6009e6
not seem to state clearly whether a signature is mandatory in
6009e6
EFI_IMAGE_EXECUTION_INFO, if the "Action" field is
6009e6
EFI_IMAGE_EXECUTION_AUTH_SIG_FAILED or EFI_IMAGE_EXECUTION_AUTH_SIG_FOUND.
6009e6
6009e6
For now, the EFI_IMAGE_EXECUTION_INFO addition logic is not changed; we
6009e6
only make sure that the record we add is not malformed.)
6009e6
6009e6
Cc: Chao Zhang <chao.b.zhang@intel.com>
6009e6
Cc: Jian J Wang <jian.j.wang@intel.com>
6009e6
Cc: Jiewen Yao <jiewen.yao@intel.com>
6009e6
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2129
6009e6
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
6009e6
Message-Id: <20200116190705.18816-11-lersek@redhat.com>
6009e6
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
6009e6
[lersek@redhat.com: push with Mike's R-b due to Chinese New Year
6009e6
 Holiday: <https://edk2.groups.io/g/devel/message/53429>; msgid
6009e6
 <d3fbb76dabed4e1987c512c328c82810@intel.com>]
6009e6
(cherry picked from commit 6aa31db5ebebe18b55aa5359142223a03592416f)
6009e6
6009e6
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
6009e6
---
6009e6
 SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c | 4 +++-
6009e6
 1 file changed, 3 insertions(+), 1 deletion(-)
6009e6
6009e6
diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
6009e6
index c98b9e4..015a5b6 100644
6009e6
--- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
6009e6
+++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
6009e6
@@ -704,7 +704,7 @@ GetImageExeInfoTableSize (
6009e6
   @param[in]  Name            Input a null-terminated, user-friendly name.
6009e6
   @param[in]  DevicePath      Input device path pointer.
6009e6
   @param[in]  Signature       Input signature info in EFI_SIGNATURE_LIST data structure.
6009e6
-  @param[in]  SignatureSize   Size of signature.
6009e6
+  @param[in]  SignatureSize   Size of signature. Must be zero if Signature is NULL.
6009e6
 
6009e6
 **/
6009e6
 VOID
6009e6
@@ -761,6 +761,7 @@ AddImageExeInfo (
6009e6
   //
6009e6
   // Signature size can be odd. Pad after signature to ensure next EXECUTION_INFO entry align
6009e6
   //
6009e6
+  ASSERT (Signature != NULL || SignatureSize == 0);
6009e6
   NewImageExeInfoEntrySize = sizeof (EFI_IMAGE_EXECUTION_INFO) + NameStringLen + DevicePathSize + SignatureSize;
6009e6
 
6009e6
   NewImageExeInfoTable      = (EFI_IMAGE_EXECUTION_INFO_TABLE *) AllocateRuntimePool (ImageExeInfoTableSize + NewImageExeInfoEntrySize);
6009e6
@@ -1858,6 +1859,7 @@ DxeImageVerificationHandler (
6009e6
     SignatureListSize = sizeof (EFI_SIGNATURE_LIST) + sizeof (EFI_SIGNATURE_DATA) - 1 + mImageDigestSize;
6009e6
     SignatureList     = (EFI_SIGNATURE_LIST *) AllocateZeroPool (SignatureListSize);
6009e6
     if (SignatureList == NULL) {
6009e6
+      SignatureListSize = 0;
6009e6
       goto Failed;
6009e6
     }
6009e6
     SignatureList->SignatureHeaderSize  = 0;
6009e6
-- 
6009e6
1.8.3.1
6009e6