Fix wrong cert data measurement when image is rejected by DBX
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <[email protected]>
---
SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git
a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
index 9a61723..d7e286b 100644
--- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
+++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
@@ -1294,7 +1294,7 @@ IsForbiddenByDbx (
mImageDigestSize
);
if (IsForbidden) {
- SecureBootHook (EFI_IMAGE_SECURITY_DATABASE1,
&gEfiImageSecurityDatabaseGuid, CertList->SignatureSize, Cert);
+ SecureBootHook (EFI_IMAGE_SECURITY_DATABASE1,
&gEfiImageSecurityDatabaseGuid, CertList->SignatureSize, CertData);
goto Done;
}
--
1.9.5.msysgit.1
------------------------------------------------------------------------------
_______________________________________________
edk2-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/edk2-devel
