From: Philippe Mathieu-Daudé Date: Fri, 7 Feb 2020 08:04:33 +0000 (+0000) Subject: SecurityPkg: Fix incorrect return value when File is NULL X-Git-Tag: edk2-stable202002~145 X-Git-Url: https://git.proxmox.com/?a=commitdiff_plain;ds=sidebyside;h=4b026f0d5af36faf3a3629a3ad49c51b5b3be12f;p=mirror_edk2.git SecurityPkg: Fix incorrect return value when File is NULL The DxeTpmMeasureBootHandler and DxeTpm2MeasureBootHandler handlers are SECURITY2_FILE_AUTHENTICATION_HANDLER prototype. This prototype can not return EFI_INVALID_PARAMETER. The prototype documentation states it returns EFI_ACCESS_DENIED if: "The file specified by File and FileBuffer did not authenticate, and the platform policy dictates that the DXE Foundation may not use File." Correct the documentation, and add a early check, returning EFI_ACCESS_DENIED when File is NULL. Noticed while reviewing commit 6d57592740cdd0b6868baeef7929d6e6fef. Cc: Jiewen Yao Cc: Jian J Wang Cc: Chao Zhang Signed-off-by: Philippe Mathieu-Daude Reviewed-by: Laszlo Ersek Reviewed-by: Jian J Wang --- diff --git a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c index 04b9b0d7fb..cabc0c6c75 100644 --- a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c +++ b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c @@ -384,7 +384,7 @@ Finish: and other exception operations. The File parameter allows for possible logging within the SAP of the driver. - If File is NULL, then EFI_INVALID_PARAMETER is returned. + If File is NULL, then EFI_ACCESS_DENIED is returned. If the file specified by File with an authentication status specified by AuthenticationStatus is safe for the DXE Core to use, then EFI_SUCCESS is returned. @@ -435,6 +435,13 @@ DxeTpm2MeasureBootHandler ( EFI_PHYSICAL_ADDRESS FvAddress; UINT32 Index; + // + // Check for invalid parameters. + // + if (File == NULL) { + return EFI_ACCESS_DENIED; + } + Status = gBS->LocateProtocol (&gEfiTcg2ProtocolGuid, NULL, (VOID **) &Tcg2Protocol); if (EFI_ERROR (Status)) { // diff --git a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c index 1f2eed29a1..dfaaa0f0b3 100644 --- a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c +++ b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c @@ -678,7 +678,7 @@ Finish: and other exception operations. The File parameter allows for possible logging within the SAP of the driver. - If File is NULL, then EFI_INVALID_PARAMETER is returned. + If File is NULL, then EFI_ACCESS_DENIED is returned. If the file specified by File with an authentication status specified by AuthenticationStatus is safe for the DXE Core to use, then EFI_SUCCESS is returned. @@ -732,6 +732,13 @@ DxeTpmMeasureBootHandler ( EFI_PHYSICAL_ADDRESS FvAddress; UINT32 Index; + // + // Check for invalid parameters. + // + if (File == NULL) { + return EFI_ACCESS_DENIED; + } + Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **) &TcgProtocol); if (EFI_ERROR (Status)) { //