Depex - Dependency Expresion.\r
SOR - Schedule On Request - Don't schedule if this bit is set.\r
\r
-Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2006 - 2013, Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
which accompanies this distribution. The full text of the license may be found at\r
UINTN BufferSize;\r
EFI_FIRMWARE_VOLUME_HEADER *FvHeader;\r
UINT32 FvAlignment;\r
+ EFI_DEVICE_PATH_PROTOCOL *FvFileDevicePath;\r
\r
//\r
// Read the first (and only the first) firmware volume section\r
&AuthenticationStatus\r
);\r
if (!EFI_ERROR (Status)) {\r
+ //\r
+ // Evaluate the authentication status of the Firmware Volume through\r
+ // Security Architectural Protocol\r
+ //\r
+ if (gSecurity != NULL) {\r
+ FvFileDevicePath = CoreFvToDevicePath (Fv, FvHandle, DriverName);\r
+ Status = gSecurity->FileAuthenticationState (\r
+ gSecurity,\r
+ AuthenticationStatus,\r
+ FvFileDevicePath\r
+ );\r
+ if (FvFileDevicePath != NULL) {\r
+ FreePool (FvFileDevicePath);\r
+ }\r
+\r
+ if (Status != EFI_SUCCESS) {\r
+ //\r
+ // Security check failed. The firmware volume should not be used for any purpose.\r
+ //\r
+ if (Buffer != NULL) {\r
+ FreePool (Buffer);\r
+ }\r
+ return Status;\r
+ }\r
+ }\r
+\r
//\r
// FvImage should be at its required alignment.\r
//\r
{\r
EFI_STATUS Status;\r
EFI_STATUS GetNextFileStatus;\r
- EFI_STATUS SecurityStatus;\r
EFI_FIRMWARE_VOLUME2_PROTOCOL *Fv;\r
EFI_DEVICE_PATH_PROTOCOL *FvDevicePath;\r
EFI_HANDLE FvHandle;\r
continue;\r
}\r
\r
- //\r
- // Evaluate the authentication status of the Firmware Volume through\r
- // Security Architectural Protocol\r
- //\r
- if (gSecurity != NULL) {\r
- SecurityStatus = gSecurity->FileAuthenticationState (\r
- gSecurity,\r
- 0,\r
- FvDevicePath\r
- );\r
- if (SecurityStatus != EFI_SUCCESS) {\r
- //\r
- // Security check failed. The firmware volume should not be used for any purpose.\r
- //\r
- continue;\r
- }\r
- }\r
-\r
//\r
// Discover Drivers in FV and add them to the Discovered Driver List.\r
// Process EFI_FV_FILETYPE_DRIVER type and then EFI_FV_FILETYPE_COMBINED_PEIM_DRIVER\r
\r
Depex - Dependency Expresion.\r
\r
- Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>\r
+ Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials are licensed and made available \r
under the terms and conditions of the BSD License which accompanies this \r
distribution. The full text of the license may be found at \r
// used the UEFI Boot Services AllocatePool() function\r
//\r
Status = gBS->FreePool(Buffer);\r
+ if (!EFI_ERROR (Status) && EFI_ERROR (SecurityStatus)) {\r
+ Status = SecurityStatus;\r
+ }\r
return Status; \r
}\r
\r
UINTN HandleCount;\r
EFI_HANDLE *HandleBuffer;\r
EFI_STATUS GetNextFileStatus;\r
- EFI_STATUS SecurityStatus;\r
EFI_FIRMWARE_VOLUME2_PROTOCOL *Fv;\r
EFI_DEVICE_PATH_PROTOCOL *FvDevicePath;\r
EFI_HANDLE FvHandle;\r
continue;\r
}\r
\r
- //\r
- // If the Security Architectural Protocol has not been located yet, then attempt to locate it\r
- //\r
- if (mSecurity == NULL) {\r
- gBS->LocateProtocol (&gEfiSecurityArchProtocolGuid, NULL, (VOID**)&mSecurity);\r
- }\r
-\r
- //\r
- // Evaluate the authentication status of the Firmware Volume through\r
- // Security Architectural Protocol\r
- //\r
- if (mSecurity != NULL) {\r
- SecurityStatus = mSecurity->FileAuthenticationState (\r
- mSecurity,\r
- 0,\r
- FvDevicePath\r
- );\r
- if (SecurityStatus != EFI_SUCCESS) {\r
- //\r
- // Security check failed. The firmware volume should not be used for any purpose.\r
- //\r
- continue;\r
- }\r
- }\r
-\r
//\r
// Discover Drivers in FV and add them to the Discovered Driver List.\r
// Process EFI_FV_FILETYPE_SMM type and then EFI_FV_FILETYPE_COMBINED_SMM_DXE\r
projects / mirror_edk2.git / commitdiff