Feng, The patch was attached as a ".patch" file attachment and was stripped off before it came to the list. I'll just use plaintext this time.
MdeModulePkg: PeiCore: fix issue where AuthenticationStatus is not propagated correctly to encapsulated FVs by ensuring that the FvInfo2 PPI is installed before the FvInfo PPI This patch fixes an issue in PEI with encapsulated FV images where the AuthenticationStatus is not correctly propagated down to child FV handles. The PEI core registers for callbacks for both FvInfo and FvInfo2 PPIs. These callbacks process the FVs which will recurse as necessary to find more encapsulated FVs. (FvInfo2 is an updated PPI that includes an AuthenticationStatus field - the original FvInfo did not include this.) When encapsulated FV processing occurs the PEI core installs both FvInfo and FvInfo2 PPIs. The original implementation installs FvInfo first and FvInfo2 second. As soon as the FvInfo PPI is installed the notification callback handler immediately fires causing recursive FV processing to occur. Since there is no AuthenticationStatus provided for the original FvInfo the callback assumes AuthenticationStatus is zero (unsigned / unverified) even though the parent FV may have been verified. This changes the order of FvInfo and FvInfo2 installs to ensure that the notification callback occurs for FvInfo2 first and appropriate AuthenticationStatus data can be propagated from parent FV to child FV. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eugene Cohen [email protected]<mailto:[email protected]> --- MdeModulePkg/Core/Pei/FwVol/FwVol.c | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/MdeModulePkg/Core/Pei/FwVol/FwVol.c b/MdeModulePkg/Core/Pei/FwVol/FwVol.c index 363ff7e..0e3246b 100644 --- a/MdeModulePkg/Core/Pei/FwVol/FwVol.c +++ b/MdeModulePkg/Core/Pei/FwVol/FwVol.c @@ -1,7 +1,8 @@ /** @file Pei Core Firmware File System service routines. -Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR> +Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR> +Copyright (c) 2015 HP Development Company, L.P. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -1381,22 +1382,24 @@ ProcessFvFile ( // // Install FvInfo(2) Ppi + // NOTE: FvInfo2 must be installed before FvInfo so that recursive processing of encapsulated + // FVs inherit the proper AuthenticationStatus. // - PeiServicesInstallFvInfoPpi ( + PeiServicesInstallFvInfo2Ppi( &FvHeader->FileSystemGuid, - (VOID**) FvHeader, - (UINT32) FvHeader->FvLength, + (VOID**)FvHeader, + (UINT32)FvHeader->FvLength, &ParentFvImageInfo.FvName, - &FileInfo.FileName + &FileInfo.FileName, + AuthenticationStatus ); - PeiServicesInstallFvInfo2Ppi ( + PeiServicesInstallFvInfoPpi ( &FvHeader->FileSystemGuid, (VOID**) FvHeader, (UINT32) FvHeader->FvLength, &ParentFvImageInfo.FvName, - &FileInfo.FileName, - AuthenticationStatus + &FileInfo.FileName ); // -- Thanks, Eugene -----Original Message----- From: Tian, Feng [mailto:[email protected]] Sent: Sunday, November 08, 2015 6:23 PM To: Cohen, Eugene <[email protected]>; [email protected] Cc: Thompson, Mark L. <[email protected]>; Dellaquila, Katie <[email protected]>; Tian, Feng <[email protected]> Subject: RE: [PATCH] MdeModulePkg: PeiCore: fix issue where AuthenticationStatus is not propagated correctly to encapsulated FVs by ensuring that the FvInfo2 PPI is installed before the FvInfo PPI Pardon, where is the patch? And the commit log is too long. It should be < 72 characters in each line. Feng -----Original Message----- From: edk2-devel [mailto:[email protected]] On Behalf Of Cohen, Eugene Sent: Sunday, November 08, 2015 00:22 To: [email protected] Cc: Thompson, Mark L. (Boise IPG); Dellaquila, Katie Subject: [edk2] [PATCH] MdeModulePkg: PeiCore: fix issue where AuthenticationStatus is not propagated correctly to encapsulated FVs by ensuring that the FvInfo2 PPI is installed before the FvInfo PPI Dear MdeModulePkg maintainer, MdeModulePkg: PeiCore: fix issue where AuthenticationStatus is not propagated correctly to encapsulated FVs by ensuring that the FvInfo2 PPI is installed before the FvInfo PPI This patch fixes an issue in PEI with encapsulated FV images where the AuthenticationStatus is not correctly propagated down to child FV handles. The PEI core registers for callbacks for both FvInfo and FvInfo2 PPIs. These callbacks process the FVs which will recurse as necessary to find more encapsulated FVs. (FvInfo2 is an updated PPI that includes an AuthenticationStatus field - the original FvInfo did not include this.) When encapsulated FV processing occurs the PEI core installs both FvInfo and FvInfo2 PPIs. The original implementation installs FvInfo first and FvInfo2 second. As soon as the FvInfo PPI is installed the notification callback handler immediately fires causing recursive FV processing to occur. Since there is no AuthenticationStatus provided for the original FvInfo the callback assumes AuthenticationStatus is zero (unsigned / unverified) even though the parent FV may have been verified. This patch simply changes the order of FvInfo and FvInfo2 installs to ensure that the notification callback occurs for FvInfo2 first and appropriate AuthenticationStatus data can be propagated from parent FV to child FV. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eugene Cohen [email protected]<mailto:[email protected]> --- Thanks, Eugene _______________________________________________ edk2-devel mailing list [email protected] https://lists.01.org/mailman/listinfo/edk2-devel _______________________________________________ edk2-devel mailing list [email protected] https://lists.01.org/mailman/listinfo/edk2-devel
