summaryrefslogtreecommitdiff
path: root/SecurityPkg/Library
diff options
context:
space:
mode:
authorDong Guo <guo.dong@intel.com>2014-12-10 08:09:20 +0000
committergdong1 <gdong1@Edk2>2014-12-10 08:09:20 +0000
commit213cc1000e6af3c90aefdef2f0f9d5aa99f758d1 (patch)
treebdec80305128f8e83471f925df5360dd2bb009e4 /SecurityPkg/Library
parentb01fcf92ad7fb4ce2c9819b746c7bc5ad0586aa1 (diff)
downloadedk2-platforms-213cc1000e6af3c90aefdef2f0f9d5aa99f758d1.tar.xz
Add failed image Name in the Image Execution Information Table.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Zhang Chao B <chao.b.zhang@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16493 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'SecurityPkg/Library')
-rw-r--r--SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c10
1 files changed, 8 insertions, 2 deletions
diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
index 0243eb8c06..443926b507 100644
--- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
+++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
@@ -769,7 +769,7 @@ AddImageExeInfo (
}
DevicePathSize = GetDevicePathSize (DevicePath);
- NewImageExeInfoEntrySize = sizeof (EFI_IMAGE_EXECUTION_INFO) + NameStringLen + DevicePathSize + SignatureSize;
+ NewImageExeInfoEntrySize = sizeof (EFI_IMAGE_EXECUTION_INFO) - sizeof (EFI_SIGNATURE_LIST) + NameStringLen + DevicePathSize + SignatureSize;
NewImageExeInfoTable = (EFI_IMAGE_EXECUTION_INFO_TABLE *) AllocateRuntimePool (ImageExeInfoTableSize + NewImageExeInfoEntrySize);
if (NewImageExeInfoTable == NULL) {
return ;
@@ -1475,6 +1475,7 @@ DxeImageVerificationHandler (
UINTN AuthDataSize;
EFI_IMAGE_DATA_DIRECTORY *SecDataDir;
UINT32 OffSet;
+ CHAR16 *NameStr;
SignatureList = NULL;
SignatureListSize = 0;
@@ -1778,7 +1779,12 @@ Done:
//
// Policy decides to defer or reject the image; add its information in image executable information table.
//
- AddImageExeInfo (Action, NULL, File, SignatureList, SignatureListSize);
+ NameStr = ConvertDevicePathToText (File, FALSE, TRUE);
+ AddImageExeInfo (Action, NameStr, File, SignatureList, SignatureListSize);
+ if (NameStr != NULL) {
+ DEBUG((EFI_D_INFO, "The image doesn't pass verification: %s\n", NameStr));
+ FreePool(NameStr);
+ }
Status = EFI_SECURITY_VIOLATION;
}