From nobody Wed Apr 24 19:11:58 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain
 of lists.01.org)  smtp.mailfrom=edk2-devel-bounces@lists.01.org
Return-Path: <edk2-devel-bounces@lists.01.org>
Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com
	with SMTPS id 1527595722194119.55140773234928;
 Tue, 29 May 2018 05:08:42 -0700 (PDT)
Received: from [127.0.0.1] (localhost [IPv6:::1])
	by ml01.01.org (Postfix) with ESMTP id E5C952097DD2D;
	Tue, 29 May 2018 05:08:40 -0700 (PDT)
Received: from g9t5009.houston.hpe.com (g9t5009.houston.hpe.com
 [15.241.48.73])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id DFDFE2097DD1B
 for <edk2-devel@lists.01.org>; Tue, 29 May 2018 05:08:38 -0700 (PDT)
Received: from WANGNICK4.asiapacific.hpqcorp.net (unknown [16.169.19.66])
 by g9t5009.houston.hpe.com (Postfix) with ESMTP id 62EAD75;
 Tue, 29 May 2018 12:08:35 +0000 (UTC)
X-Original-To: edk2-devel@lists.01.org
Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by
 domain of lists.01.org) client-ip=198.145.21.10;
 envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org;
Received-SPF: None (no SPF record) identity=mailfrom; client-ip=15.241.48.73;
 helo=g9t5009.houston.hpe.com; envelope-from=nickle.wang@hpe.com;
 receiver=edk2-devel@lists.01.org
From: Nickle Wang <nickle.wang@hpe.com>
To: edk2-devel@lists.01.org
Date: Tue, 29 May 2018 20:08:25 +0800
Message-Id: <20180529120825.9044-1-nickle.wang@hpe.com>
X-Mailer: git-send-email 2.17.0.windows.1
Subject: [edk2] [PATCH] SecurityPkg/SecureBootConfigDxe: Fix invalid NV data
 issue.
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
Cc: Nickle Wang <nickle.wang@hpe.com>, jiewen.yao@intel.com,
 chao.b.zhang@intel.com
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Errors-To: edk2-devel-bounces@lists.01.org
Sender: "edk2-devel" <edk2-devel-bounces@lists.01.org>
X-ZohoMail: RSF_4  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

Check the return value of HiiGetBrowserData() before calling HiiSetBrowserD=
ata(). HiiGetBrowserData() failed to retrieve NV data during action EFI_BRO=
WSER_ACTION_RETRIEVE. If NV data is invalid, stop sending it to form browse=
r.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Nickle Wang <nickle.wang@hpe.com>
Signed-off-by: cinnamon shia <cinnamon.shia@hpe.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
---
 .../SecureBootConfigDxe/SecureBootConfigImpl.c                      | 6 ++=
++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBo=
otConfigImpl.c b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/Secu=
reBootConfigImpl.c
index e3066f7..6123b56 100644
--- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfi=
gImpl.c
+++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfi=
gImpl.c
@@ -2,6 +2,7 @@
   HII Config Access protocol implementation of SecureBoot configuration mo=
dule.
=20
 Copyright (c) 2011 - 2017, Intel Corporation. All rights reserved.<BR>
+(C) Copyright 2018 Hewlett Packard Enterprise Development LP<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD =
License
 which accompanies this distribution.  The full text of the license may be =
found at
@@ -4319,6 +4320,7 @@ SecureBootCallback (
   UINTN                           NameLength;
   UINT16                          *FilePostFix;
   SECUREBOOT_CONFIG_PRIVATE_DATA  *PrivateData;
+  BOOLEAN                         GetBrowserDataResult;
=20
   Status           =3D EFI_SUCCESS;
   SecureBootEnable =3D NULL;
@@ -4343,7 +4345,7 @@ SecureBootCallback (
     return EFI_OUT_OF_RESOURCES;
   }
=20
-  HiiGetBrowserData (&gSecureBootConfigFormSetGuid, mSecureBootStorageName=
, BufferSize, (UINT8 *) IfrNvData);
+  GetBrowserDataResult =3D HiiGetBrowserData (&gSecureBootConfigFormSetGui=
d, mSecureBootStorageName, BufferSize, (UINT8 *) IfrNvData);
=20
   if (Action =3D=3D EFI_BROWSER_ACTION_FORM_OPEN) {
     if (QuestionId =3D=3D KEY_SECURE_BOOT_MODE) {
@@ -4889,7 +4891,7 @@ SecureBootCallback (
=20
 EXIT:
=20
-  if (!EFI_ERROR (Status)) {
+  if (!EFI_ERROR (Status) && GetBrowserDataResult) {
     BufferSize =3D sizeof (SECUREBOOT_CONFIGURATION);
     HiiSetBrowserData (&gSecureBootConfigFormSetGuid, mSecureBootStorageNa=
me, BufferSize, (UINT8*) IfrNvData, NULL);
   }
--=20
2.5.1.windows.1

_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel