From 17621118315466dc878cf468d8c15ffadcb50482 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Thu, 21 Nov 2013 11:48:24 -0500 Subject: Error check the right thing in get_variable_attr() when allocating. Signed-off-by: Peter Jones --- lib/variables.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/variables.c') diff --git a/lib/variables.c b/lib/variables.c index 81bd34db..3a9735e6 100644 --- a/lib/variables.c +++ b/lib/variables.c @@ -224,7 +224,7 @@ get_variable_attr(CHAR16 *var, UINT8 **data, UINTN *len, EFI_GUID owner, return efi_status; *data = AllocateZeroPool(*len); - if (!data) + if (!*data) return EFI_OUT_OF_RESOURCES; efi_status = uefi_call_wrapper(RT->GetVariable, 5, var, &owner, -- cgit v1.2.3 From 7a72592b75879542e9ebd808868f83a78bdfbbc6 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin Date: Wed, 25 Jun 2014 10:55:12 -0400 Subject: Check the secure variables with the lib functions There are functions defined in lib to check the secure variables. Use the functions to shun the duplicate code. Signed-off-by: Gary Ching-Pang Lin Conflicts: shim.c --- lib/variables.c | 14 ++++++++++---- shim.c | 32 ++------------------------------ 2 files changed, 12 insertions(+), 34 deletions(-) (limited to 'lib/variables.c') diff --git a/lib/variables.c b/lib/variables.c index 3a9735e6..4c64d7e4 100644 --- a/lib/variables.c +++ b/lib/variables.c @@ -284,9 +284,12 @@ variable_is_setupmode(void) /* set to 1 because we return true if SetupMode doesn't exist */ UINT8 SetupMode = 1; UINTN DataSize = sizeof(SetupMode); + EFI_STATUS status; - uefi_call_wrapper(RT->GetVariable, 5, L"SetupMode", &GV_GUID, NULL, - &DataSize, &SetupMode); + status = uefi_call_wrapper(RT->GetVariable, 5, L"SetupMode", &GV_GUID, NULL, + &DataSize, &SetupMode); + if (EFI_ERROR(status)) + return 1; return SetupMode; } @@ -297,10 +300,13 @@ variable_is_secureboot(void) /* return false if variable doesn't exist */ UINT8 SecureBoot = 0; UINTN DataSize; + EFI_STATUS status; DataSize = sizeof(SecureBoot); - uefi_call_wrapper(RT->GetVariable, 5, L"SecureBoot", &GV_GUID, NULL, - &DataSize, &SecureBoot); + status = uefi_call_wrapper(RT->GetVariable, 5, L"SecureBoot", &GV_GUID, NULL, + &DataSize, &SecureBoot); + if (EFI_ERROR(status)) + return 0; return SecureBoot; } diff --git a/shim.c b/shim.c index 210e778a..14fb601c 100644 --- a/shim.c +++ b/shim.c @@ -475,44 +475,16 @@ static EFI_STATUS check_whitelist (WIN_CERTIFICATE_EFI_PKCS *cert, static BOOLEAN secure_mode (void) { - EFI_STATUS status; - EFI_GUID global_var = EFI_GLOBAL_VARIABLE; - UINTN len; - UINT8 *Data; - UINT8 sb, setupmode; - if (user_insecure_mode) return FALSE; - status = get_variable(L"SecureBoot", &Data, &len, global_var); - if (status != EFI_SUCCESS) { + if (variable_is_secureboot() != 1) { if (verbose && !in_protocol) console_notify(L"Secure boot not enabled"); return FALSE; } - sb = *Data; - FreePool(Data); - - if (sb != 1) { - if (verbose && !in_protocol) - console_notify(L"Secure boot not enabled"); - return FALSE; - } - - /* If we /do/ have "SecureBoot", but /don't/ have "SetupMode", - * then the implementation is bad, but we assume that secure boot is - * enabled according to the status of "SecureBoot". If we have both - * of them, then "SetupMode" may tell us additional data, and we need - * to consider it. - */ - status = get_variable(L"SetupMode", &Data, &len, global_var); - if (status != EFI_SUCCESS) - return TRUE; - - setupmode = *Data; - FreePool(Data); - if (setupmode == 1) { + if (variable_is_setupmode() == 1) { if (verbose && !in_protocol) console_notify(L"Platform is in setup mode"); return FALSE; -- cgit v1.2.3 From 9ea3d9b401ed73ae95b60e6b566f9293af3ac4d7 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Wed, 25 Jun 2014 10:55:56 -0400 Subject: Make sure we default to assuming we're locked down. If "SecureBoot" exists but "SetupMode" does not, assume "SetupMode" says we're not in Setup Mode. Signed-off-by: Peter Jones --- include/variables.h | 2 +- lib/variables.c | 8 ++++---- shim.c | 8 +++++++- 3 files changed, 12 insertions(+), 6 deletions(-) (limited to 'lib/variables.c') diff --git a/include/variables.h b/include/variables.h index b207dbf3..deed269c 100644 --- a/include/variables.h +++ b/include/variables.h @@ -50,7 +50,7 @@ SETOSIndicationsAndReboot(UINT64 indications); int variable_is_secureboot(void); int -variable_is_setupmode(void); +variable_is_setupmode(int default_return); EFI_STATUS variable_enroll_hash(CHAR16 *var, EFI_GUID owner, UINT8 hash[SHA256_DIGEST_SIZE]); diff --git a/lib/variables.c b/lib/variables.c index 4c64d7e4..59d7d054 100644 --- a/lib/variables.c +++ b/lib/variables.c @@ -139,7 +139,7 @@ SetSecureVariable(CHAR16 *var, UINT8 *Data, UINTN len, EFI_GUID owner, /* Microsoft request: Bugs in some UEFI platforms mean that PK or any * other secure variable can be updated or deleted programmatically, * so prevent */ - if (!variable_is_setupmode()) + if (!variable_is_setupmode(1)) return EFI_SECURITY_VIOLATION; if (createtimebased) { @@ -279,17 +279,17 @@ find_in_variable_esl(CHAR16* var, EFI_GUID owner, UINT8 *key, UINTN keylen) } int -variable_is_setupmode(void) +variable_is_setupmode(int default_return) { /* set to 1 because we return true if SetupMode doesn't exist */ - UINT8 SetupMode = 1; + UINT8 SetupMode = default_return; UINTN DataSize = sizeof(SetupMode); EFI_STATUS status; status = uefi_call_wrapper(RT->GetVariable, 5, L"SetupMode", &GV_GUID, NULL, &DataSize, &SetupMode); if (EFI_ERROR(status)) - return 1; + return default_return; return SetupMode; } diff --git a/shim.c b/shim.c index 14fb601c..fe73ec1a 100644 --- a/shim.c +++ b/shim.c @@ -484,7 +484,13 @@ static BOOLEAN secure_mode (void) return FALSE; } - if (variable_is_setupmode() == 1) { + /* If we /do/ have "SecureBoot", but /don't/ have "SetupMode", + * then the implementation is bad, but we assume that secure boot is + * enabled according to the status of "SecureBoot". If we have both + * of them, then "SetupMode" may tell us additional data, and we need + * to consider it. + */ + if (variable_is_setupmode(0) == 1) { if (verbose && !in_protocol) console_notify(L"Platform is in setup mode"); return FALSE; -- cgit v1.2.3