[U-Boot] [PATCH v2 04/16] efi_loader: add signature database parser

Ilias Apalodimas ilias.apalodimas at linaro.org
Thu Nov 28 14:49:50 UTC 2019 

On Thu, Nov 28, 2019 at 04:21:01PM +0200, Ilias Apalodimas wrote:
> Akashi-san,
> 
> On Tue, Nov 26, 2019 at 09:51:08AM +0900, AKASHI Takahiro wrote:
> > efi_signature_parse_sigdb() is a helper function will be used to parse
> > signature database variable and instantiate a signature store structure
> > in later patches.
> > 
> > Signed-off-by: AKASHI Takahiro <takahiro.akashi at linaro.org>
> > ---
> >  include/efi_loader.h           |   3 +
> >  lib/efi_loader/efi_signature.c | 227 +++++++++++++++++++++++++++++++++
> >  2 files changed, 230 insertions(+)
> > 
> > diff --git a/include/efi_loader.h b/include/efi_loader.h
> > index 622bae6a6906..5297fb854905 100644
> > --- a/include/efi_loader.h
> > +++ b/include/efi_loader.h
> > @@ -720,6 +720,9 @@ bool efi_signature_verify_with_sigdb(struct efi_image_regions *regs,
> >  efi_status_t efi_image_region_add(struct efi_image_regions *regs,
> >  				  const void *start, const void *end,
> >  				  int nocheck);
> > +
> > +void efi_sigstore_free(struct efi_signature_store *sigstore);
> > +struct efi_signature_store *efi_sigstore_parse_sigdb(u16 *name);
> >  #endif /* CONFIG_EFI_SECURE_BOOT */
> >  
> >  #else /* CONFIG_IS_ENABLED(EFI_LOADER) */
> > diff --git a/lib/efi_loader/efi_signature.c b/lib/efi_loader/efi_signature.c
> > index 87a39b790f67..9be13d5a4bbe 100644
> > --- a/lib/efi_loader/efi_signature.c
> > +++ b/lib/efi_loader/efi_signature.c
> > @@ -581,4 +581,231 @@ efi_status_t efi_image_region_add(struct efi_image_regions *regs,
> >  
> >  	return EFI_SUCCESS;
> >  }
> > +
> > +/**
> > + * efi_sigstore_free - free signature store
> > + * @sigstore:	Pointer to signature store structure
> > + *
> > + * Feee all the memories held in signature store and itself,
> > + * which were allocated by efi_sigstore_parse_sigdb().
> > + */
> > +void efi_sigstore_free(struct efi_signature_store *sigstore)
> > +{
> > +	struct efi_signature_store *sigstore_next;
> > +	struct efi_sig_data *sig_data, *sig_data_next;
> > +
> > +	while (sigstore) {
> > +		sigstore_next = sigstore->next;
> > +
> > +		sig_data = sigstore->sig_data_list;
> > +		while (sig_data) {
> > +			if (sig_data)
> > +				sig_data_next = sig_data->next;
> 
> Why the extra if check?

Looking at it again, maybe this is a typo and you wanted to 
check sig_data->next?

> 
> > +			free(sig_data->data);
> > +			free(sig_data);
> > +			sig_data = sig_data_next;
> > +		}
> > +
> > +		free(sigstore);
> > +		sigstore = sigstore_next;
> > +	}
> > +}
> > +
>  
> Thnaks
> /Ilias

More information about the U-Boot mailing list