rpms / edk2

Clone
Source Code
GIT

Blame SOURCES/edk2-SecurityPkg-DxeImageVerificationHandler-fix-imgexec-.patch

c8 c8-beta c8s c8s-sig-hyperscale c9 c9-beta
  1.   63d87e251caa5ac03942a02b780495b62f2ff767
  2.   SOURCES
  3.   edk2-SecurityPkg-DxeImageVerificationHandler-fix-imgexec-.patch
Blob History Raw
63d87e 
From d9f12d175da2d203be078d03c9127293ea6fe86b Mon Sep 17 00:00:00 2001
63d87e 
From: Laszlo Ersek <lersek@redhat.com>
63d87e 
Date: Fri, 31 Jan 2020 12:42:47 +0100
63d87e 
Subject: [PATCH 11/12] SecurityPkg/DxeImageVerificationHandler: fix imgexec
63d87e 
 info on memalloc fail
63d87e 
MIME-Version: 1.0
63d87e 
Content-Type: text/plain; charset=UTF-8
63d87e 
Content-Transfer-Encoding: 8bit
63d87e
63d87e 
RH-Author: Laszlo Ersek <lersek@redhat.com>
63d87e 
Message-id: <20200131124248.22369-12-lersek@redhat.com>
63d87e 
Patchwork-id: 93618
63d87e 
O-Subject: [RHEL-8.2.0 edk2 PATCH 11/12] SecurityPkg/DxeImageVerificationHandler: fix imgexec info on memalloc fail
63d87e 
Bugzilla: 1751993
63d87e 
RH-Acked-by: Philippe Mathieu-Daudé <philmd@redhat.com>
63d87e 
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
63d87e
63d87e 
It makes no sense to call AddImageExeInfo() with (Signature == NULL) and
63d87e 
(SignatureSize > 0). AddImageExeInfo() does not crash in such a case -- it
63d87e 
avoids the CopyMem() call --, but it creates an invalid
63d87e 
EFI_IMAGE_EXECUTION_INFO record. Namely, the
63d87e 
"EFI_IMAGE_EXECUTION_INFO.InfoSize" field includes "SignatureSize", but
63d87e 
the actual signature bytes are not filled in.
63d87e
63d87e 
Document and ASSERT() this condition in AddImageExeInfo().
63d87e
63d87e 
In DxeImageVerificationHandler(), zero out "SignatureListSize" if we set
63d87e 
"SignatureList" to NULL due to AllocateZeroPool() failure.
63d87e
63d87e 
(Another approach could be to avoid calling AddImageExeInfo() completely,
63d87e 
in case AllocateZeroPool() fails. Unfortunately, the UEFI v2.8 spec does
63d87e 
not seem to state clearly whether a signature is mandatory in
63d87e 
EFI_IMAGE_EXECUTION_INFO, if the "Action" field is
63d87e 
EFI_IMAGE_EXECUTION_AUTH_SIG_FAILED or EFI_IMAGE_EXECUTION_AUTH_SIG_FOUND.
63d87e
63d87e 
For now, the EFI_IMAGE_EXECUTION_INFO addition logic is not changed; we
63d87e 
only make sure that the record we add is not malformed.)
63d87e
63d87e 
Cc: Chao Zhang <chao.b.zhang@intel.com>
63d87e 
Cc: Jian J Wang <jian.j.wang@intel.com>
63d87e 
Cc: Jiewen Yao <jiewen.yao@intel.com>
63d87e 
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2129
63d87e 
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
63d87e 
Message-Id: <20200116190705.18816-11-lersek@redhat.com>
63d87e 
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
63d87e 
[lersek@redhat.com: push with Mike's R-b due to Chinese New Year
63d87e 
 Holiday: <https://edk2.groups.io/g/devel/message/53429>; msgid
63d87e 
 <d3fbb76dabed4e1987c512c328c82810@intel.com>]
63d87e 
(cherry picked from commit 6aa31db5ebebe18b55aa5359142223a03592416f)
63d87e
63d87e 
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
63d87e 
---
63d87e 
 SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c | 4 +++-
63d87e 
 1 file changed, 3 insertions(+), 1 deletion(-)
63d87e
63d87e 
diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
63d87e 
index c98b9e4..015a5b6 100644
63d87e 
--- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
63d87e 
+++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
63d87e 
@@ -704,7 +704,7 @@ GetImageExeInfoTableSize (
63d87e 
   @param[in]  Name            Input a null-terminated, user-friendly name.
63d87e 
   @param[in]  DevicePath      Input device path pointer.
63d87e 
   @param[in]  Signature       Input signature info in EFI_SIGNATURE_LIST data structure.
63d87e 
-  @param[in]  SignatureSize   Size of signature.
63d87e 
+  @param[in]  SignatureSize   Size of signature. Must be zero if Signature is NULL.
63d87e
63d87e 
 **/
63d87e 
 VOID
63d87e 
@@ -761,6 +761,7 @@ AddImageExeInfo (
63d87e 
   //
63d87e 
   // Signature size can be odd. Pad after signature to ensure next EXECUTION_INFO entry align
63d87e 
   //
63d87e 
+  ASSERT (Signature != NULL || SignatureSize == 0);
63d87e 
   NewImageExeInfoEntrySize = sizeof (EFI_IMAGE_EXECUTION_INFO) + NameStringLen + DevicePathSize + SignatureSize;
63d87e
63d87e 
   NewImageExeInfoTable      = (EFI_IMAGE_EXECUTION_INFO_TABLE *) AllocateRuntimePool (ImageExeInfoTableSize + NewImageExeInfoEntrySize);
63d87e 
@@ -1858,6 +1859,7 @@ DxeImageVerificationHandler (
63d87e 
     SignatureListSize = sizeof (EFI_SIGNATURE_LIST) + sizeof (EFI_SIGNATURE_DATA) - 1 + mImageDigestSize;
63d87e 
     SignatureList     = (EFI_SIGNATURE_LIST *) AllocateZeroPool (SignatureListSize);
63d87e 
     if (SignatureList == NULL) {
63d87e 
+      SignatureListSize = 0;
63d87e 
       goto Failed;
63d87e 
     }
63d87e 
     SignatureList->SignatureHeaderSize  = 0;
63d87e 
--
63d87e 
1.8.3.1
63d87e

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation