[if gte mso 9]>

[edk2] [PATCH] DxeCore Securiy issue on handle the corrupt signed GUIDED section

Subject: [edk2] [PATCH] DxeCore Securiy issue on handle the corrupt signed GUIDED section

From: "Gao, Liming" <liming.gao@intel.com>

To: "edk2-devel@lists.sourceforge.net" <edk2-devel@lists.sourceforge.net>

Date: 2014-08-06 21:43:42

  • 2014-08-06 21:43:42  "Gao, Liming"   [edk2] [PATCH] DxeCore Securiy issue on handle the corrupt signed GUIDED section

Hi, all

  Please help review this patch.

 

MdeModulePkg: DxeCore

If GUIDED section has AUTH attribute only, DxeCore may wrongly set its AuthenticationStatus to 0 when its matched GUIDED extraction handler is not installed and Auth data is not verified. For this case, the return AuthenticationStatus should be EFI_AUTH_STATUS_NOT_TESTED.

 

Contributed-under: TianoCore Contribution Agreement 1.0

Signed-off-by: Gao, Liming <liming.gao@intel.com>

Reviewed-by: Kinney, Michael D <michael.d.kinney@intel.com>

----

 

Index: Dxe/SectionExtraction/CoreSectionExtraction.c

===================================================================

--- Dxe/SectionExtraction/CoreSectionExtraction.c         (revision 15745)

+++ Dxe/SectionExtraction/CoreSectionExtraction.c       (working copy)

@@ -903,6 +903,10 @@

           //

           AuthenticationStatus = Stream->AuthenticationStatus;

+          if ((GuidedSectionAttributes & EFI_GUIDED_SECTION_AUTH_STATUS_VALID) == EFI_GUIDED_SECTION_AUTH_STATUS_VALID) {

+            AuthenticationStatus |= EFI_AUTH_STATUS_IMAGE_SIGNED | EFI_AUTH_STATUS_NOT_TESTED;

+          }

+

           if (IS_SECTION2 (GuidedHeader)) {

             Status = OpenSectionStreamEx (

                        SECTION2_SIZE (GuidedHeader) - ((EFI_GUID_DEFINED_SECTION2 *) GuidedHeader)->DataOffset,

 

Thanks

Liming