Calculate enough space for 2 variables (public key and variable data) instead of directly setting them 1 by 1.
Fixed a bug in public key reclaim(). Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com> Reviewed-by: Zeng, Star <star.zeng@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15404 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
@@ -456,16 +456,19 @@ AutenticatedVariableServiceInitialize (
|
||||
**/
|
||||
UINT32
|
||||
AddPubKeyInStore (
|
||||
IN UINT8 *PubKey
|
||||
IN UINT8 *PubKey,
|
||||
IN VARIABLE_ENTRY_CONSISTENCY *VariableDataEntry
|
||||
)
|
||||
{
|
||||
EFI_STATUS Status;
|
||||
BOOLEAN IsFound;
|
||||
UINT32 Index;
|
||||
VARIABLE_POINTER_TRACK Variable;
|
||||
UINT8 *Ptr;
|
||||
UINT8 *Data;
|
||||
UINTN DataSize;
|
||||
EFI_STATUS Status;
|
||||
BOOLEAN IsFound;
|
||||
UINT32 Index;
|
||||
VARIABLE_POINTER_TRACK Variable;
|
||||
UINT8 *Ptr;
|
||||
UINT8 *Data;
|
||||
UINTN DataSize;
|
||||
VARIABLE_ENTRY_CONSISTENCY PublicKeyEntry;
|
||||
UINT32 Attributes;
|
||||
|
||||
if (PubKey == NULL) {
|
||||
return 0;
|
||||
@@ -546,6 +549,21 @@ AddPubKeyInStore (
|
||||
}
|
||||
}
|
||||
|
||||
//
|
||||
// Check the variable space for both public key and variable data.
|
||||
//
|
||||
PublicKeyEntry.VariableSize = (mPubKeyNumber + 1) * EFI_CERT_TYPE_RSA2048_SIZE;
|
||||
PublicKeyEntry.Guid = &gEfiAuthenticatedVariableGuid;
|
||||
PublicKeyEntry.Name = AUTHVAR_KEYDB_NAME;
|
||||
Attributes = VARIABLE_ATTRIBUTE_NV_BS_RT | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS;
|
||||
|
||||
if (!CheckRemainingSpaceForConsistency (Attributes, &PublicKeyEntry, VariableDataEntry, NULL)) {
|
||||
//
|
||||
// No enough variable space.
|
||||
//
|
||||
return 0;
|
||||
}
|
||||
|
||||
CopyMem (mPubKeyStore + mPubKeyNumber * EFI_CERT_TYPE_RSA2048_SIZE, PubKey, EFI_CERT_TYPE_RSA2048_SIZE);
|
||||
Index = ++mPubKeyNumber;
|
||||
//
|
||||
@@ -556,7 +574,7 @@ AddPubKeyInStore (
|
||||
&gEfiAuthenticatedVariableGuid,
|
||||
mPubKeyStore,
|
||||
mPubKeyNumber * EFI_CERT_TYPE_RSA2048_SIZE,
|
||||
EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS,
|
||||
Attributes,
|
||||
0,
|
||||
0,
|
||||
&Variable,
|
||||
@@ -1271,6 +1289,7 @@ ProcessVariable (
|
||||
EFI_CERT_BLOCK_RSA_2048_SHA256 *CertBlock;
|
||||
UINT32 KeyIndex;
|
||||
UINT64 MonotonicCount;
|
||||
VARIABLE_ENTRY_CONSISTENCY VariableDataEntry;
|
||||
|
||||
KeyIndex = 0;
|
||||
CertData = NULL;
|
||||
@@ -1396,10 +1415,14 @@ ProcessVariable (
|
||||
// Now, the signature has been verified!
|
||||
//
|
||||
if (IsFirstTime && !IsDeletion) {
|
||||
VariableDataEntry.VariableSize = DataSize - AUTHINFO_SIZE;
|
||||
VariableDataEntry.Guid = VendorGuid;
|
||||
VariableDataEntry.Name = VariableName;
|
||||
|
||||
//
|
||||
// Update public key database variable if need.
|
||||
//
|
||||
KeyIndex = AddPubKeyInStore (PubKey);
|
||||
KeyIndex = AddPubKeyInStore (PubKey, &VariableDataEntry);
|
||||
if (KeyIndex == 0) {
|
||||
return EFI_OUT_OF_RESOURCES;
|
||||
}
|
||||
|
Reference in New Issue
Block a user