Add failed image Name in the Image Execution Information Table.

Contributed-under: TianoCore Contribution Agreement 1.0

Signed-off-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Zhang Chao B <chao.b.zhang@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16493 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
Dong Guo 2014-12-10 08:09:20 +00:00 committed by gdong1
parent b01fcf92ad
commit 213cc1000e
1 changed files with 8 additions and 2 deletions

View File

@ -769,7 +769,7 @@ AddImageExeInfo (
} }
DevicePathSize = GetDevicePathSize (DevicePath); DevicePathSize = GetDevicePathSize (DevicePath);
NewImageExeInfoEntrySize = sizeof (EFI_IMAGE_EXECUTION_INFO) + NameStringLen + DevicePathSize + SignatureSize; NewImageExeInfoEntrySize = sizeof (EFI_IMAGE_EXECUTION_INFO) - sizeof (EFI_SIGNATURE_LIST) + NameStringLen + DevicePathSize + SignatureSize;
NewImageExeInfoTable = (EFI_IMAGE_EXECUTION_INFO_TABLE *) AllocateRuntimePool (ImageExeInfoTableSize + NewImageExeInfoEntrySize); NewImageExeInfoTable = (EFI_IMAGE_EXECUTION_INFO_TABLE *) AllocateRuntimePool (ImageExeInfoTableSize + NewImageExeInfoEntrySize);
if (NewImageExeInfoTable == NULL) { if (NewImageExeInfoTable == NULL) {
return ; return ;
@ -1475,6 +1475,7 @@ DxeImageVerificationHandler (
UINTN AuthDataSize; UINTN AuthDataSize;
EFI_IMAGE_DATA_DIRECTORY *SecDataDir; EFI_IMAGE_DATA_DIRECTORY *SecDataDir;
UINT32 OffSet; UINT32 OffSet;
CHAR16 *NameStr;
SignatureList = NULL; SignatureList = NULL;
SignatureListSize = 0; SignatureListSize = 0;
@ -1778,7 +1779,12 @@ Done:
// //
// Policy decides to defer or reject the image; add its information in image executable information table. // Policy decides to defer or reject the image; add its information in image executable information table.
// //
AddImageExeInfo (Action, NULL, File, SignatureList, SignatureListSize); NameStr = ConvertDevicePathToText (File, FALSE, TRUE);
AddImageExeInfo (Action, NameStr, File, SignatureList, SignatureListSize);
if (NameStr != NULL) {
DEBUG((EFI_D_INFO, "The image doesn't pass verification: %s\n", NameStr));
FreePool(NameStr);
}
Status = EFI_SECURITY_VIOLATION; Status = EFI_SECURITY_VIOLATION;
} }