[PATCH 1/1] efi_loader: error handling in tcg2_hash_pe_image()
Ilias Apalodimas
ilias.apalodimas at linaro.org
Mon Jul 31 11:35:59 CEST 2023
Hi Heinrich
On Sun, 30 Jul 2023 at 12:25, Heinrich Schuchardt
<heinrich.schuchardt at canonical.com> wrote:
>
> If the hard coded array hash_algo_list[] contains an entry for an
> unsupported algorithm, we should not leak resources new_efi and regs.
>
> We should still extend the log with the digests for the supported
> algorithms.
We shouldn't really add events in the log that are not extended in the
TPM. There's a check on top of the loop checking for active
algorithms (the ones that are supported and active on the hardware),
isnt that enough?
Thanks
/Ilias
>
> Fixes: 163a0d7e2cbd ("efi_loader: add PE/COFF image measurement")
> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt at canonical.com>
> ---
> lib/efi_loader/efi_tcg2.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
> index 49f8a5e77c..18abe91bce 100644
> --- a/lib/efi_loader/efi_tcg2.c
> +++ b/lib/efi_loader/efi_tcg2.c
> @@ -931,7 +931,7 @@ static efi_status_t tcg2_hash_pe_image(void *efi, u64 efi_size,
> break;
> default:
> EFI_PRINT("Unsupported algorithm %x\n", hash_alg);
> - return EFI_INVALID_PARAMETER;
> + continue;
> }
> digest_list->digests[digest_list->count].hash_alg = hash_alg;
> memcpy(&digest_list->digests[digest_list->count].digest, hash,
> --
> 2.40.1
>
More information about the U-Boot
mailing list