Re: [edk2] [Patch] SecurityPkg: Fix wrong cert data measurement in DBX path

Long, Qin Mon, 08 Jun 2015 21:56:39 -0700

The fix looks good.

Reviewed-by: Long, Qin <qin.l...@intel.com>


-----Original Message-----
From: Zhang, Chao B 
Sent: Tuesday, June 09, 2015 10:11 AM
To: Long, Qin
Cc: edk2-devel@lists.sourceforge.net; Zhang, Chao B
Subject: [Patch] SecurityPkg: Fix wrong cert data measurement in DBX path

Fix wrong cert data measurement when image is rejected by DBX

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zh...@intel.com>
---
 SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git 
a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c 
b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
index 9a61723..d7e286b 100644
--- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
+++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
@@ -1294,7 +1294,7 @@ IsForbiddenByDbx (
                         mImageDigestSize
                         );
         if (IsForbidden) {
-          SecureBootHook (EFI_IMAGE_SECURITY_DATABASE1, 
&gEfiImageSecurityDatabaseGuid, CertList->SignatureSize, Cert);
+          SecureBootHook (EFI_IMAGE_SECURITY_DATABASE1, 
&gEfiImageSecurityDatabaseGuid, CertList->SignatureSize, CertData);
           goto Done;
         }
 
-- 
1.9.5.msysgit.1


------------------------------------------------------------------------------
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-devel

Re: [edk2] [Patch] SecurityPkg: Fix wrong cert data measurement in DBX path

Reply via email to