From 6a1ae84a261720085beafb32ebbe2d2b179e6056 Mon Sep 17 00:00:00 2001
From: klu2 <klu2@6f19259b-4bc3-4df7-8a09-765794883524>
Date: Wed, 3 Sep 2008 06:25:35 +0000
Subject: [PATCH] When new FV is installed, VerifyFv() should be invoked to do
 security checking for this FV.

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@5785 6f19259b-4bc3-4df7-8a09-765794883524
---
 MdeModulePkg/Core/Pei/FwVol/FwVol.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/MdeModulePkg/Core/Pei/FwVol/FwVol.c b/MdeModulePkg/Core/Pei/FwVol/FwVol.c
index cf0cfe78c5..f2b5cedd36 100644
--- a/MdeModulePkg/Core/Pei/FwVol/FwVol.c
+++ b/MdeModulePkg/Core/Pei/FwVol/FwVol.c
@@ -307,6 +307,7 @@ PeiInitializeFv (
   @param Ppi               Address of the PPI that was installed.
 
   @retval EFI_SUCCESS    The FV Info is registered into PeiCore private data structure.
+  @return if not EFI_SUCESS, fail to verify FV.
 
 **/
 EFI_STATUS
@@ -342,6 +343,13 @@ FirmwareVolmeInfoPpiNotifyCallback (
         return EFI_SUCCESS;
       }
     }
+    
+    Status = VerifyFv ((EFI_FIRMWARE_VOLUME_HEADER*)Fv->FvInfo);
+    if (EFI_ERROR(Status)) {
+      DEBUG ((EFI_D_ERROR, "Fail to verify FV which address is 0x%11p", (VOID *) Fv->FvInfo));
+      return Status;
+    }
+    
     PrivateData->Fv[PrivateData->FvCount++].FvHeader = (EFI_FIRMWARE_VOLUME_HEADER*)Fv->FvInfo;
 
     //