l@edk2.groups.io On Behalf Of Joseph
> Hemann via groups.io
> Sent: Tuesday, October 12, 2021 12:59 PM
> To: devel@edk2.groups.io
> Cc: nd ; Joseph Hemann ; Jiewen
> Yao ; Jian J Wang ; Min Xu
>
> Subject: [edk2-devel] [PATCH 1/1] SecurityPkg/DxeImageVerificationLib: Set
> Ac
If the image is signed but not allowed by DB and the hash of
image is not found in DB/DBX, then the EFI_IMAGE_INFO_ACTION
of the load of said image should be set to,
EFI_IMAGE_EXECUTION_AUTH_SIG_NOT_FOUND, rather then being left
unset as EFI_IMAGE_EXECUTION_AUTH_UNTESTED.
Cc: Jiewen Yao
Cc: Jian