diff options
author | Dong Guo <guo.dong@intel.com> | 2014-12-10 08:09:20 +0000 |
---|---|---|
committer | gdong1 <gdong1@Edk2> | 2014-12-10 08:09:20 +0000 |
commit | 213cc1000e6af3c90aefdef2f0f9d5aa99f758d1 (patch) | |
tree | bdec80305128f8e83471f925df5360dd2bb009e4 | |
parent | b01fcf92ad7fb4ce2c9819b746c7bc5ad0586aa1 (diff) | |
download | edk2-platforms-213cc1000e6af3c90aefdef2f0f9d5aa99f758d1.tar.xz |
Add failed image Name in the Image Execution Information Table.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Zhang Chao B <chao.b.zhang@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16493 6f19259b-4bc3-4df7-8a09-765794883524
-rw-r--r-- | SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c index 0243eb8c06..443926b507 100644 --- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c +++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c @@ -769,7 +769,7 @@ AddImageExeInfo ( }
DevicePathSize = GetDevicePathSize (DevicePath);
- NewImageExeInfoEntrySize = sizeof (EFI_IMAGE_EXECUTION_INFO) + NameStringLen + DevicePathSize + SignatureSize;
+ NewImageExeInfoEntrySize = sizeof (EFI_IMAGE_EXECUTION_INFO) - sizeof (EFI_SIGNATURE_LIST) + NameStringLen + DevicePathSize + SignatureSize;
NewImageExeInfoTable = (EFI_IMAGE_EXECUTION_INFO_TABLE *) AllocateRuntimePool (ImageExeInfoTableSize + NewImageExeInfoEntrySize);
if (NewImageExeInfoTable == NULL) {
return ;
@@ -1475,6 +1475,7 @@ DxeImageVerificationHandler ( UINTN AuthDataSize;
EFI_IMAGE_DATA_DIRECTORY *SecDataDir;
UINT32 OffSet;
+ CHAR16 *NameStr;
SignatureList = NULL;
SignatureListSize = 0;
@@ -1778,7 +1779,12 @@ Done: //
// Policy decides to defer or reject the image; add its information in image executable information table.
//
- AddImageExeInfo (Action, NULL, File, SignatureList, SignatureListSize);
+ NameStr = ConvertDevicePathToText (File, FALSE, TRUE);
+ AddImageExeInfo (Action, NameStr, File, SignatureList, SignatureListSize);
+ if (NameStr != NULL) {
+ DEBUG((EFI_D_INFO, "The image doesn't pass verification: %s\n", NameStr));
+ FreePool(NameStr);
+ }
Status = EFI_SECURITY_VIOLATION;
}
|