@param[in] Name Input a null-terminated, user-friendly name.\r
@param[in] DevicePath Input device path pointer.\r
@param[in] Signature Input signature info in EFI_SIGNATURE_LIST data structure.\r
- @param[in] SignatureSize Size of signature.\r
+ @param[in] SignatureSize Size of signature. Must be zero if Signature is NULL.\r
\r
**/\r
VOID\r
//\r
// Signature size can be odd. Pad after signature to ensure next EXECUTION_INFO entry align\r
//\r
+ ASSERT (Signature != NULL || SignatureSize == 0);\r
NewImageExeInfoEntrySize = sizeof (EFI_IMAGE_EXECUTION_INFO) + NameStringLen + DevicePathSize + SignatureSize;\r
\r
NewImageExeInfoTable = (EFI_IMAGE_EXECUTION_INFO_TABLE *) AllocateRuntimePool (ImageExeInfoTableSize + NewImageExeInfoEntrySize);\r
goto Done;\r
}\r
\r
+ FreePool (HashCtx);\r
+ HashCtx = NULL;\r
+\r
SiglistHeaderSize = sizeof (EFI_SIGNATURE_LIST) + DbxList->SignatureHeaderSize;\r
CertHash = (EFI_SIGNATURE_DATA *) ((UINT8 *) DbxList + SiglistHeaderSize);\r
CertHashCount = (DbxList->SignatureListSize - SiglistHeaderSize) / DbxList->SignatureSize;\r
// UINT8 Certn[];\r
//\r
Pkcs7GetSigners (AuthData, AuthDataSize, &CertBuffer, &BufferLength, &TrustedCert, &TrustedCertLength);\r
- if ((BufferLength == 0) || (CertBuffer == NULL)) {\r
+ if ((BufferLength == 0) || (CertBuffer == NULL) || (*CertBuffer) == 0) {\r
IsForbidden = TRUE;\r
goto Done;\r
}\r
and non-NULL FileBuffer did authenticate, and the platform\r
policy dictates that the DXE Foundation may execute the image in\r
FileBuffer.\r
- @retval EFI_OUT_RESOURCE Fail to allocate memory.\r
@retval EFI_SECURITY_VIOLATION The file specified by File did not authenticate, and\r
the platform policy dictates that File should be placed\r
in the untrusted state. The image has been added to the file\r
execution table.\r
@retval EFI_ACCESS_DENIED The file specified by File and FileBuffer did not\r
authenticate, and the platform policy dictates that the DXE\r
- Foundation many not use File.\r
+ Foundation may not use File. The image has\r
+ been added to the file execution table.\r
\r
**/\r
EFI_STATUS\r
IN BOOLEAN BootPolicy\r
)\r
{\r
- EFI_STATUS Status;\r
EFI_IMAGE_DOS_HEADER *DosHdr;\r
BOOLEAN IsVerified;\r
EFI_SIGNATURE_LIST *SignatureList;\r
EFI_IMAGE_DATA_DIRECTORY *SecDataDir;\r
UINT32 OffSet;\r
CHAR16 *NameStr;\r
+ RETURN_STATUS PeCoffStatus;\r
+ EFI_STATUS HashStatus;\r
\r
SignatureList = NULL;\r
SignatureListSize = 0;\r
SecDataDir = NULL;\r
PkcsCertData = NULL;\r
Action = EFI_IMAGE_EXECUTION_AUTH_UNTESTED;\r
- Status = EFI_ACCESS_DENIED;\r
IsVerified = FALSE;\r
\r
\r
//\r
if (Policy == ALWAYS_EXECUTE) {\r
return EFI_SUCCESS;\r
- } else if (Policy == NEVER_EXECUTE) {\r
+ }\r
+ if (Policy == NEVER_EXECUTE) {\r
return EFI_ACCESS_DENIED;\r
}\r
\r
// Read the Dos header.\r
//\r
if (FileBuffer == NULL) {\r
- return EFI_INVALID_PARAMETER;\r
+ return EFI_ACCESS_DENIED;\r
}\r
\r
mImageBase = (UINT8 *) FileBuffer;\r
//\r
// Get information about the image being loaded\r
//\r
- Status = PeCoffLoaderGetImageInfo (&ImageContext);\r
- if (EFI_ERROR (Status)) {\r
+ PeCoffStatus = PeCoffLoaderGetImageInfo (&ImageContext);\r
+ if (RETURN_ERROR (PeCoffStatus)) {\r
//\r
// The information can't be got from the invalid PeImage\r
//\r
DEBUG ((DEBUG_INFO, "DxeImageVerificationLib: PeImage invalid. Cannot retrieve image information.\n"));\r
- goto Done;\r
+ goto Failed;\r
}\r
\r
- Status = EFI_ACCESS_DENIED;\r
-\r
DosHdr = (EFI_IMAGE_DOS_HEADER *) mImageBase;\r
if (DosHdr->e_magic == EFI_IMAGE_DOS_SIGNATURE) {\r
//\r
// It is not a valid Pe/Coff file.\r
//\r
DEBUG ((DEBUG_INFO, "DxeImageVerificationLib: Not a valid PE/COFF image.\n"));\r
- goto Done;\r
+ goto Failed;\r
}\r
\r
if (mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
//\r
if (!HashPeImage (HASHALG_SHA256)) {\r
DEBUG ((DEBUG_INFO, "DxeImageVerificationLib: Failed to hash this image using %s.\n", mHashTypeStr));\r
- goto Done;\r
+ goto Failed;\r
}\r
\r
if (IsSignatureFoundInDatabase (EFI_IMAGE_SECURITY_DATABASE1, mImageDigest, &mCertType, mImageDigestSize)) {\r
// Image Hash is in forbidden database (DBX).\r
//\r
DEBUG ((DEBUG_INFO, "DxeImageVerificationLib: Image is not signed and %s hash of image is forbidden by DBX.\n", mHashTypeStr));\r
- goto Done;\r
+ goto Failed;\r
}\r
\r
if (IsSignatureFoundInDatabase (EFI_IMAGE_SECURITY_DATABASE, mImageDigest, &mCertType, mImageDigestSize)) {\r
// Image Hash is not found in both forbidden and allowed database.\r
//\r
DEBUG ((DEBUG_INFO, "DxeImageVerificationLib: Image is not signed and %s hash of image is not found in DB/DBX.\n", mHashTypeStr));\r
- goto Done;\r
+ goto Failed;\r
}\r
\r
//\r
continue;\r
}\r
\r
- Status = HashPeImageByType (AuthData, AuthDataSize);\r
- if (EFI_ERROR (Status)) {\r
+ HashStatus = HashPeImageByType (AuthData, AuthDataSize);\r
+ if (EFI_ERROR (HashStatus)) {\r
continue;\r
}\r
\r
DEBUG ((DEBUG_INFO, "DxeImageVerificationLib: Image is signed but %s hash of image is found in DBX.\n", mHashTypeStr));\r
IsVerified = FALSE;\r
break;\r
- } else if (!IsVerified) {\r
+ }\r
+ if (!IsVerified) {\r
if (IsSignatureFoundInDatabase (EFI_IMAGE_SECURITY_DATABASE, mImageDigest, &mCertType, mImageDigestSize)) {\r
IsVerified = TRUE;\r
} else {\r
\r
if (IsVerified) {\r
return EFI_SUCCESS;\r
- } else {\r
- Status = EFI_ACCESS_DENIED;\r
- if (Action == EFI_IMAGE_EXECUTION_AUTH_SIG_FAILED || Action == EFI_IMAGE_EXECUTION_AUTH_SIG_FOUND) {\r
- //\r
- // Get image hash value as signature of executable.\r
- //\r
- SignatureListSize = sizeof (EFI_SIGNATURE_LIST) + sizeof (EFI_SIGNATURE_DATA) - 1 + mImageDigestSize;\r
- SignatureList = (EFI_SIGNATURE_LIST *) AllocateZeroPool (SignatureListSize);\r
- if (SignatureList == NULL) {\r
- Status = EFI_OUT_OF_RESOURCES;\r
- goto Done;\r
- }\r
- SignatureList->SignatureHeaderSize = 0;\r
- SignatureList->SignatureListSize = (UINT32) SignatureListSize;\r
- SignatureList->SignatureSize = (UINT32) (sizeof (EFI_SIGNATURE_DATA) - 1 + mImageDigestSize);\r
- CopyMem (&SignatureList->SignatureType, &mCertType, sizeof (EFI_GUID));\r
- Signature = (EFI_SIGNATURE_DATA *) ((UINT8 *) SignatureList + sizeof (EFI_SIGNATURE_LIST));\r
- CopyMem (Signature->SignatureData, mImageDigest, mImageDigestSize);\r
- }\r
}\r
-\r
-Done:\r
- if (Status != EFI_SUCCESS) {\r
+ if (Action == EFI_IMAGE_EXECUTION_AUTH_SIG_FAILED || Action == EFI_IMAGE_EXECUTION_AUTH_SIG_FOUND) {\r
//\r
- // Policy decides to defer or reject the image; add its information in image executable information table.\r
+ // Get image hash value as signature of executable.\r
//\r
- NameStr = ConvertDevicePathToText (File, FALSE, TRUE);\r
- AddImageExeInfo (Action, NameStr, File, SignatureList, SignatureListSize);\r
- if (NameStr != NULL) {\r
- DEBUG((EFI_D_INFO, "The image doesn't pass verification: %s\n", NameStr));\r
- FreePool(NameStr);\r
+ SignatureListSize = sizeof (EFI_SIGNATURE_LIST) + sizeof (EFI_SIGNATURE_DATA) - 1 + mImageDigestSize;\r
+ SignatureList = (EFI_SIGNATURE_LIST *) AllocateZeroPool (SignatureListSize);\r
+ if (SignatureList == NULL) {\r
+ SignatureListSize = 0;\r
+ goto Failed;\r
}\r
- Status = EFI_SECURITY_VIOLATION;\r
+ SignatureList->SignatureHeaderSize = 0;\r
+ SignatureList->SignatureListSize = (UINT32) SignatureListSize;\r
+ SignatureList->SignatureSize = (UINT32) (sizeof (EFI_SIGNATURE_DATA) - 1 + mImageDigestSize);\r
+ CopyMem (&SignatureList->SignatureType, &mCertType, sizeof (EFI_GUID));\r
+ Signature = (EFI_SIGNATURE_DATA *) ((UINT8 *) SignatureList + sizeof (EFI_SIGNATURE_LIST));\r
+ CopyMem (Signature->SignatureData, mImageDigest, mImageDigestSize);\r
+ }\r
+\r
+Failed:\r
+ //\r
+ // Policy decides to defer or reject the image; add its information in image\r
+ // executable information table in either case.\r
+ //\r
+ NameStr = ConvertDevicePathToText (File, FALSE, TRUE);\r
+ AddImageExeInfo (Action, NameStr, File, SignatureList, SignatureListSize);\r
+ if (NameStr != NULL) {\r
+ DEBUG ((DEBUG_INFO, "The image doesn't pass verification: %s\n", NameStr));\r
+ FreePool(NameStr);\r
}\r
\r
if (SignatureList != NULL) {\r
FreePool (SignatureList);\r
}\r
\r
- return Status;\r
+ if (Policy == DEFER_EXECUTE_ON_SECURITY_VIOLATION) {\r
+ return EFI_SECURITY_VIOLATION;\r
+ }\r
+ return EFI_ACCESS_DENIED;\r
}\r
\r
/**\r
projects / mirror_edk2.git / blobdiff