diff options
| author | Laszlo Ersek <lersek@redhat.com> | 2020-06-06 01:52:42 +0200 |
|---|---|---|
| committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2020-06-09 20:19:04 +0000 |
| commit | dafce295e6f447ed8905db4e29241e2c6c2a4389 (patch) | |
| tree | 2b1f8e0b2015611815526308a5094ff2d052a53a | |
| parent | 82e0b2f043c17bdb3d5ada7d9fe2bc13624cef27 (diff) | |
OvmfPkg/X86QemuLoadImageLib: handle EFI_ACCESS_DENIED from LoadImage()
When an image fails Secure Boot validation, LoadImage() returns
EFI_SECURITY_VIOLATION if the platform policy is
DEFER_EXECUTE_ON_SECURITY_VIOLATION.
If the platform policy is DENY_EXECUTE_ON_SECURITY_VIOLATION, then
LoadImage() returns EFI_ACCESS_DENIED (and the image does not remain
loaded).
(Before <https://bugzilla.tianocore.org/show_bug.cgi?id=2129>, this
difference would be masked, as DxeImageVerificationLib would incorrectly
return EFI_SECURITY_VIOLATION for DENY_EXECUTE_ON_SECURITY_VIOLATION as
well.)
In X86QemuLoadImageLib, proceed to the legacy Linux/x86 Boot Protocol upon
seeing EFI_ACCESS_DENIED too.
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Philippe Mathieu-Daudé <philmd@redhat.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2785
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20200605235242.32442-1-lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
| -rw-r--r-- | OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.c | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.c b/OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.c index ef753be7ea..931553c0c1 100644 --- a/OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.c +++ b/OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.c @@ -320,15 +320,21 @@ QemuLoadKernelImage ( case EFI_SECURITY_VIOLATION:
//
- // We are running with UEFI secure boot enabled, and the image failed to
- // authenticate. For compatibility reasons, we fall back to the legacy
- // loader in this case. Since the image has been loaded, we need to unload
- // it before proceeding
+ // Since the image has been loaded, we need to unload it before proceeding
+ // to the EFI_ACCESS_DENIED case below.
//
gBS->UnloadImage (KernelImageHandle);
//
// Fall through
//
+ case EFI_ACCESS_DENIED:
+ //
+ // We are running with UEFI secure boot enabled, and the image failed to
+ // authenticate. For compatibility reasons, we fall back to the legacy
+ // loader in this case.
+ //
+ // Fall through
+ //
case EFI_UNSUPPORTED:
//
// The image is not natively supported or cross-type supported. Let's try
|