From: Dong Guo <guo.dong@intel.com>
Date: Wed, 10 Dec 2014 08:09:20 +0000 (+0000)
Subject: Add failed image Name in the Image Execution Information Table.
X-Git-Tag: edk2-stable201903~10549
X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=commitdiff_plain;h=213cc1000e6af3c90aefdef2f0f9d5aa99f758d1

Add failed image Name in the Image Execution Information Table.

Contributed-under: TianoCore Contribution Agreement 1.0

Signed-off-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Zhang Chao B <chao.b.zhang@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16493 6f19259b-4bc3-4df7-8a09-765794883524
---

diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
index 0243eb8c06..443926b507 100644
--- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
+++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
@@ -769,7 +769,7 @@ AddImageExeInfo (
   }
 
   DevicePathSize            = GetDevicePathSize (DevicePath);
-  NewImageExeInfoEntrySize  = sizeof (EFI_IMAGE_EXECUTION_INFO) + NameStringLen + DevicePathSize + SignatureSize;
+  NewImageExeInfoEntrySize  = sizeof (EFI_IMAGE_EXECUTION_INFO) - sizeof (EFI_SIGNATURE_LIST) + NameStringLen + DevicePathSize + SignatureSize;
   NewImageExeInfoTable      = (EFI_IMAGE_EXECUTION_INFO_TABLE *) AllocateRuntimePool (ImageExeInfoTableSize + NewImageExeInfoEntrySize);
   if (NewImageExeInfoTable == NULL) {
     return ;
@@ -1475,6 +1475,7 @@ DxeImageVerificationHandler (
   UINTN                                AuthDataSize;
   EFI_IMAGE_DATA_DIRECTORY             *SecDataDir;
   UINT32                               OffSet;
+  CHAR16                               *NameStr;
 
   SignatureList     = NULL;
   SignatureListSize = 0;
@@ -1778,7 +1779,12 @@ Done:
     //
     // Policy decides to defer or reject the image; add its information in image executable information table.
     //
-    AddImageExeInfo (Action, NULL, File, SignatureList, SignatureListSize);
+    NameStr = ConvertDevicePathToText (File, FALSE, TRUE);
+    AddImageExeInfo (Action, NameStr, File, SignatureList, SignatureListSize);
+    if (NameStr != NULL) {
+      DEBUG((EFI_D_INFO, "The image doesn't pass verification: %s\n", NameStr));
+      FreePool(NameStr);
+    }
     Status = EFI_SECURITY_VIOLATION;
   }