From 9ddd7d7aec0eb25e078c9ca95329df06b4410169 Mon Sep 17 00:00:00 2001 From: Eugene Cohen Date: Tue, 10 Nov 2015 10:02:24 +0000 Subject: [PATCH] MdeModulePkg PeiCore: Fix issue AuthenticationStatus is not propagated correctly This patch fixes an issue in PEI with encapsulated FV images where the AuthenticationStatus is not correctly propagated down to child FV handles. The PEI core registers for callbacks for both FvInfo and FvInfo2 PPIs. These callbacks process the FVs which will recurse as necessary to find more encapsulated FVs. (FvInfo2 is an updated PPI that includes an AuthenticationStatus field - the original FvInfo did not include this.) When encapsulated FV processing occurs the PEI core installs both FvInfo and FvInfo2 PPIs. The original implementation installs FvInfo first and FvInfo2 second. As soon as the FvInfo PPI is installed the notification callback handler immediately fires causing recursive FV processing to occur. Since there is no AuthenticationStatus provided for the original FvInfo the callback assumes AuthenticationStatus is zero (unsigned / unverified) even though the parent FV may have been verified. This changes the order of FvInfo and FvInfo2 installs to ensure that the notification callback occurs for FvInfo2 first and appropriate AuthenticationStatus data can be propagated from parent FV to child FV. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eugene Cohen Reviewed-by: Star Zeng git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18764 6f19259b-4bc3-4df7-8a09-765794883524 --- MdeModulePkg/Core/Pei/FwVol/FwVol.c | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/MdeModulePkg/Core/Pei/FwVol/FwVol.c b/MdeModulePkg/Core/Pei/FwVol/FwVol.c index 363ff7e694..8f6e2efcec 100644 --- a/MdeModulePkg/Core/Pei/FwVol/FwVol.c +++ b/MdeModulePkg/Core/Pei/FwVol/FwVol.c @@ -1,6 +1,7 @@ /** @file Pei Core Firmware File System service routines. +Copyright (c) 2015 HP Development Company, L.P. Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License @@ -1381,7 +1382,18 @@ ProcessFvFile ( // // Install FvInfo(2) Ppi + // NOTE: FvInfo2 must be installed before FvInfo so that recursive processing of encapsulated + // FVs inherit the proper AuthenticationStatus. // + PeiServicesInstallFvInfo2Ppi( + &FvHeader->FileSystemGuid, + (VOID**)FvHeader, + (UINT32)FvHeader->FvLength, + &ParentFvImageInfo.FvName, + &FileInfo.FileName, + AuthenticationStatus + ); + PeiServicesInstallFvInfoPpi ( &FvHeader->FileSystemGuid, (VOID**) FvHeader, @@ -1390,15 +1402,6 @@ ProcessFvFile ( &FileInfo.FileName ); - PeiServicesInstallFvInfo2Ppi ( - &FvHeader->FileSystemGuid, - (VOID**) FvHeader, - (UINT32) FvHeader->FvLength, - &ParentFvImageInfo.FvName, - &FileInfo.FileName, - AuthenticationStatus - ); - // // Inform the extracted FvImage to Fv HOB consumer phase, i.e. DXE phase //