diff options
| author | Dong, Guo <guo.dong@intel.com> | 2014-08-15 08:10:55 +0000 |
|---|---|---|
| committer | gdong1 <gdong1@6f19259b-4bc3-4df7-8a09-765794883524> | 2014-08-15 08:10:55 +0000 |
| commit | 4ccef56102cc104ad0bc881f5312f84fb4e569ef (patch) | |
| tree | 4905f550624566ce1b4b56a3fe9c41058e332d3d /SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c | |
| parent | a4faf336ea8e87d0b46e54ea64ce19c8574b69e5 (diff) | |
| download | edk2-platforms-4ccef56102cc104ad0bc881f5312f84fb4e569ef.tar.xz | |
1) Update code to use PcdFixedUsbCredentialProviderTokenFileName and PcdMaxVariableSize as patchable PCD instead of FixedAtBuild PCD.
2) Correct a typo in file comments of Tpm12Ownership.c
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dong, Guo <guo.dong@intel.com>
Reviewed-by: Gao, Liming <liming.gao@intel.com>
Reviewed-by: Yao, Jiewen <jiewen.yao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15811 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c')
| -rw-r--r-- | SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c | 32 |
1 files changed, 27 insertions, 5 deletions
diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c b/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c index 2663dbe063..96b1f403c3 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c @@ -32,9 +32,12 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. ///
/// Global database array for scratch
///
-UINT8 mPubKeyStore[MAX_KEYDB_SIZE];
+UINT8 *mPubKeyStore;
UINT32 mPubKeyNumber;
-UINT8 mCertDbStore[MAX_CERTDB_SIZE];
+UINT32 mMaxKeyNumber;
+UINT32 mMaxKeyDbSize;
+UINT8 *mCertDbStore;
+UINT32 mMaxCertDbSize;
UINT32 mPlatformMode;
UINT8 mVendorKeyState;
@@ -184,6 +187,25 @@ AutenticatedVariableServiceInitialize ( }
//
+ // Reserve runtime buffer for public key database. The size excludes variable header and name size.
+ //
+ mMaxKeyDbSize = PcdGet32 (PcdMaxVariableSize) - sizeof (VARIABLE_HEADER) - sizeof (AUTHVAR_KEYDB_NAME);
+ mMaxKeyNumber = mMaxKeyDbSize / EFI_CERT_TYPE_RSA2048_SIZE;
+ mPubKeyStore = AllocateRuntimePool (mMaxKeyDbSize);
+ if (mPubKeyStore == NULL) {
+ return EFI_OUT_OF_RESOURCES;
+ }
+
+ //
+ // Reserve runtime buffer for certificate database. The size excludes variable header and name size.
+ //
+ mMaxCertDbSize = PcdGet32 (PcdMaxVariableSize) - sizeof (VARIABLE_HEADER) - sizeof (EFI_CERT_DB_NAME);
+ mCertDbStore = AllocateRuntimePool (mMaxCertDbSize);
+ if (mCertDbStore == NULL) {
+ return EFI_OUT_OF_RESOURCES;
+ }
+
+ //
// Prepare runtime buffer for serialized data of time-based authenticated
// Variable, i.e. (VariableName, VendorGuid, Attributes, TimeStamp, Data).
//
@@ -503,7 +525,7 @@ AddPubKeyInStore ( //
// Add public key in database.
//
- if (mPubKeyNumber == MAX_KEY_NUM) {
+ if (mPubKeyNumber == mMaxKeyNumber) {
//
// Public key dadatase is full, try to reclaim invalid key.
//
@@ -545,7 +567,7 @@ AddPubKeyInStore ( CopyMem (mPubKeyStore, (UINT8 *) Data, DataSize);
mPubKeyNumber = (UINT32) (DataSize / EFI_CERT_TYPE_RSA2048_SIZE);
- if (mPubKeyNumber == MAX_KEY_NUM) {
+ if (mPubKeyNumber == mMaxKeyNumber) {
return 0;
}
}
@@ -1996,7 +2018,7 @@ InsertCertsToDb ( NameSize = (UINT32) StrLen (VariableName);
CertNodeSize = sizeof (AUTH_CERT_DB_DATA) + (UINT32) CertDataSize + NameSize * sizeof (CHAR16);
NewCertDbSize = (UINT32) DataSize + CertNodeSize;
- if (NewCertDbSize > MAX_CERTDB_SIZE) {
+ if (NewCertDbSize > mMaxCertDbSize) {
return EFI_OUT_OF_RESOURCES;
}
NewCertDb = (UINT8*) mCertDbStore;
|