From 11495d4019d44dce1487939f91f7d751ffbb9730 Mon Sep 17 00:00:00 2001

From: Andrew Boie <andrew.p.boie@intel.com>

Date: Mon, 15 Apr 2013 14:11:17 -0700

Subject: [PATCH 01/74] fix verify_mok()

() Fix the return value semantics. If the MokList doesn't

exist, we are OK. If the MokList was compromised but we

were able to erase it, that is OK too. Only if the list

can't be nuked do we return an error.

() Fix use of potentially uninitialized attribute variable

() Actually use the return value when called from verify_buffer.

Change-Id: If16df21d79c52a1726928df96d133390cde4cb7e

Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>

---

 shim.c | 9 +++++----

 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/shim.c b/shim.c

index 23dd0ee..dcb36d0 100644

--- a/shim.c

+++ b/shim.c

@@ -670,13 +670,12 @@ static EFI_STATUS verify_mok (void) {

 	status = get_variable_attr(L"MokList", &MokListData, &MokListDataSize,

 				   shim_lock_guid, &attributes);

-	if (attributes & EFI_VARIABLE_RUNTIME_ACCESS) {

+	if (!EFI_ERROR(status) && attributes & EFI_VARIABLE_RUNTIME_ACCESS) {

 		Print(L"MokList is compromised!\nErase all keys in MokList!\n");

 		if (LibDeleteVariable(L"MokList", &shim_lock_guid) != EFI_SUCCESS) {

 			Print(L"Failed to erase MokList\n");

+                        return EFI_ACCESS_DENIED;

 		}

-		status = EFI_ACCESS_DENIED;

-		return status;

 	}

 	if (MokListData)

@@ -722,7 +721,9 @@ static EFI_STATUS verify_buffer (char *data, int datasize,

 	/*

 	 * Check that the MOK database hasn't been modified

 	 */

-	verify_mok();

+	status = verify_mok();

+	if (status != EFI_SUCCESS)

+		return status;

 	/*

 	 * Ensure that the binary isn't blacklisted

-- 

1.9.3