MdeModulePkg/DxeCore: invoke the emulator protocol for foreign images

[mirror_edk2.git] / NetworkPkg / IpSecDxe / IpSecMain.c

diff --git a/NetworkPkg/IpSecDxe/IpSecMain.c b/NetworkPkg/IpSecDxe/IpSecMain.c
index f98f809ab8ba76f8baefe3da747d61965615c82d..276426ea1f971d8769a0cf333b259cd128db957b 100644 (file)
--- a/NetworkPkg/IpSecDxe/IpSecMain.c
+++ b/NetworkPkg/IpSecDxe/IpSecMain.c
@@ -1,15 +1,9 @@
 /** @file\r
   The mian interface of IPsec Protocol.\r
 \r
-  Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>\r
+  Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>\r
 \r
-  This program and the accompanying materials\r
-  are licensed and made available under the terms and conditions of the BSD License\r
-  which accompanies this distribution.  The full text of the license may be found at\r
-  http://opensource.org/licenses/bsd-license.php.\r
-\r
-  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
-  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
+  SPDX-License-Identifier: BSD-2-Clause-Patent\r
 \r
 **/\r
 \r
@@ -70,13 +64,20 @@ IpSecProcess (
   UINT8                  OldLastHead;\r
   BOOLEAN                IsOutbound;\r
 \r
+  if (OptionsBuffer == NULL ||\r
+      OptionsLength == NULL ||\r
+      FragmentTable == NULL ||\r
+      FragmentCount == NULL\r
+      ) {\r
+    return EFI_INVALID_PARAMETER;\r
+  }\r
   Private         = IPSEC_PRIVATE_DATA_FROM_IPSEC (This);\r
   IpPayload       = (*FragmentTable)[0].FragmentBuffer;\r
   IsOutbound      = (BOOLEAN) ((TrafficDirection == EfiIPsecOutBound) ? TRUE : FALSE);\r
   OldLastHead     = *LastHead;\r
   *RecycleSignal  = NULL;\r
   SpdList         = &mConfigData[IPsecConfigDataTypeSpd];\r
-  \r
+\r
   if (!IsOutbound) {\r
     //\r
     // For inbound traffic, process the ipsec header of the packet.\r
@@ -101,7 +102,7 @@ IpSecProcess (
     }\r
 \r
     if (Status == EFI_SUCCESS) {\r
-      \r
+\r
       //\r
       // Check the spd entry if the packet is accessible.\r
       //\r
@@ -113,18 +114,18 @@ IpSecProcess (
       Status =  EFI_ACCESS_DENIED;\r
       NET_LIST_FOR_EACH (Entry, SpdList) {\r
         SpdEntry = IPSEC_SPD_ENTRY_FROM_LIST (Entry);\r
-        if (IsSubSpdSelector (               \r
+        if (IsSubSpdSelector (\r
               (EFI_IPSEC_CONFIG_SELECTOR *) SpdSelector,\r
               (EFI_IPSEC_CONFIG_SELECTOR *) SpdEntry->Selector\r
               )) {\r
           Status = EFI_SUCCESS;\r
         }\r
-      }      \r
+      }\r
       goto ON_EXIT;\r
-    }       \r
+    }\r
   }\r
 \r
-  Status  = EFI_ACCESS_DENIED;  \r
+  Status  = EFI_ACCESS_DENIED;\r
 \r
   NET_LIST_FOR_EACH (Entry, SpdList) {\r
     //\r
@@ -138,7 +139,7 @@ IpSecProcess (
                      IpHead,\r
                      IpPayload,\r
                      OldLastHead,\r
-                     IsOutbound, \r
+                     IsOutbound,\r
                      &Action\r
                      ))) {\r
       //\r
@@ -215,20 +216,20 @@ IpSecProcess (
       goto ON_EXIT;\r
 \r
     case EfiIPsecActionDiscard:\r
-      goto ON_EXIT;   \r
+      goto ON_EXIT;\r
     }\r
   }\r
-   \r
+\r
   //\r
   // If don't find the related SPD entry, return the EFI_ACCESS_DENIED and discard it.\r
   // But it the packet is NS/NA, it should be by passed even not find the related SPD entry.\r
   //\r
-  if (OldLastHead == IP6_ICMP && \r
+  if (OldLastHead == IP6_ICMP &&\r
       (*IpPayload == ICMP_V6_NEIGHBOR_SOLICIT || *IpPayload == ICMP_V6_NEIGHBOR_ADVERTISE)\r
       ){\r
     Status = EFI_SUCCESS;\r
   }\r
-  \r
+\r
 ON_EXIT:\r
   return Status;\r
 }\r