|
 |
c49324 |
From 2fee03637d3a1d0c9c004b958af69f4b0e4b57f3 Mon Sep 17 00:00:00 2001
|
|
|
c49324 |
From: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
|
|
|
c49324 |
Date: Fri, 4 Nov 2022 17:41:31 +0100
|
|
|
c49324 |
Subject: [PATCH 2/2] tpm_bootlog_enrich: Get DevicePath length from
|
|
|
c49324 |
LengthOfDevicePath
|
|
|
c49324 |
|
|
|
c49324 |
In enrich_device_path(), get the length of DevicePath from the field
|
|
|
c49324 |
LengthOfDevicePath instead of calculating the length from the bytes
|
|
|
c49324 |
array.
|
|
|
c49324 |
|
|
|
c49324 |
This avoids a segmentation fault when processing the measured boot event
|
|
|
c49324 |
log in create_mb_refstate script.
|
|
|
c49324 |
|
|
|
c49324 |
This is called for the events "EV_EFI_BOOT_SERVICES_APPLICATION",
|
|
|
c49324 |
"EV_EFI_BOOT_SERVICES_DRIVER", and "EV_EFI_RUNTIME_SERVICES_DRIVER".
|
|
|
c49324 |
|
|
|
c49324 |
Fixes: #1153
|
|
|
c49324 |
|
|
|
c49324 |
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
|
|
|
c49324 |
---
|
|
|
c49324 |
keylime/tpm_bootlog_enrich.py | 11 ++++++-----
|
|
|
c49324 |
1 file changed, 6 insertions(+), 5 deletions(-)
|
|
|
c49324 |
|
|
|
c49324 |
diff --git a/keylime/tpm_bootlog_enrich.py b/keylime/tpm_bootlog_enrich.py
|
|
|
c49324 |
index ef8e9f7..621bc67 100644
|
|
|
c49324 |
--- a/keylime/tpm_bootlog_enrich.py
|
|
|
c49324 |
+++ b/keylime/tpm_bootlog_enrich.py
|
|
|
c49324 |
@@ -46,14 +46,14 @@ yaml.add_representer(hexint, representer)
|
|
|
c49324 |
efivarlib_functions = CDLL(config.LIBEFIVAR)
|
|
|
c49324 |
|
|
|
c49324 |
|
|
|
c49324 |
-def getDevicePath(b):
|
|
|
c49324 |
- ret = efivarlib_functions.efidp_format_device_path(0, 0, b, len(b))
|
|
|
c49324 |
+def getDevicePath(b, l):
|
|
|
c49324 |
+ ret = efivarlib_functions.efidp_format_device_path(0, 0, b, l)
|
|
|
c49324 |
if ret < 0:
|
|
|
c49324 |
raise Exception(f"getDevicePath: efidp_format_device_path({b}) returned {ret}")
|
|
|
c49324 |
|
|
|
c49324 |
s = create_string_buffer(ret + 1)
|
|
|
c49324 |
|
|
|
c49324 |
- ret = efivarlib_functions.efidp_format_device_path(s, ret + 1, b, len(b))
|
|
|
c49324 |
+ ret = efivarlib_functions.efidp_format_device_path(s, ret + 1, b, l)
|
|
|
c49324 |
if ret < 0:
|
|
|
c49324 |
raise Exception(f"getDevicePath: efidp_format_device_path({b}) returned {ret}")
|
|
|
c49324 |
|
|
|
c49324 |
@@ -174,7 +174,7 @@ def getVar(event, b):
|
|
|
c49324 |
c = w.decode("utf-16", errors="ignore")
|
|
|
c49324 |
description += c
|
|
|
c49324 |
r["Description"] = description
|
|
|
c49324 |
- devicePath = getDevicePath(b[i:])
|
|
|
c49324 |
+ devicePath = getDevicePath(b[i:], len(b[i:]))
|
|
|
c49324 |
r["DevicePath"] = devicePath
|
|
|
c49324 |
return r
|
|
|
c49324 |
return None
|
|
|
c49324 |
@@ -184,10 +184,11 @@ def enrich_device_path(d: dict) -> None:
|
|
|
c49324 |
if isinstance(d.get("DevicePath"), str):
|
|
|
c49324 |
try:
|
|
|
c49324 |
b = bytes.fromhex(d["DevicePath"])
|
|
|
c49324 |
+ l = int(d["LengthOfDevicePath"])
|
|
|
c49324 |
except Exception:
|
|
|
c49324 |
return
|
|
|
c49324 |
try:
|
|
|
c49324 |
- p = getDevicePath(b)
|
|
|
c49324 |
+ p = getDevicePath(b, l)
|
|
|
c49324 |
# Deal with garbage devicePath
|
|
|
c49324 |
except Exception:
|
|
|
c49324 |
return
|
|
|
c49324 |
--
|
|
|
c49324 |
2.38.1
|
|
|
c49324 |
|