The SecureBootConfig now uses ChooseFile() from FileExplorerLib to select the certificates to be enrolled into PK, KEK, DB, DBX, or DBT, and the corresponding handlers to get the content of the file. Per the definition of CHOOSE_HANDLER, the handler must use EFIAPI as the calling convention. However, the calling convention was not specified the following handlers: UpdatePKFromFile(), UpdateKEKFromFile(), UpdateDBFromFile(), UpdateDBXFromFile(), and UpdateDBTFromFile(). When compiling the firmware with gcc, the default calling convention is not compatible with EFIAPI, so the handlers interpreted the argument the wrong way and passed the wrong device path to UpdatePage(), and the system crashed when the user tried to enroll a certificate into the key database.
This commit specifies the calling convention for those functions so that gcc can generate the right code. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Gary Lin <[email protected]> --- .../SecureBootConfigDxe/SecureBootConfigFileExplorer.c | 5 +++++ .../VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.h | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c index 05d97dc..1b6f888 100644 --- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c +++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c @@ -343,6 +343,7 @@ UpdatePage( @retval FALSE Not exit caller function. **/ BOOLEAN +EFIAPI UpdatePKFromFile ( IN EFI_DEVICE_PATH_PROTOCOL *FilePath ) @@ -360,6 +361,7 @@ UpdatePKFromFile ( @retval FALSE Not exit caller function. **/ BOOLEAN +EFIAPI UpdateKEKFromFile ( IN EFI_DEVICE_PATH_PROTOCOL *FilePath ) @@ -376,6 +378,7 @@ UpdateKEKFromFile ( @retval FALSE Not exit caller function. **/ BOOLEAN +EFIAPI UpdateDBFromFile ( IN EFI_DEVICE_PATH_PROTOCOL *FilePath ) @@ -392,6 +395,7 @@ UpdateDBFromFile ( @retval FALSE Not exit caller function. **/ BOOLEAN +EFIAPI UpdateDBXFromFile ( IN EFI_DEVICE_PATH_PROTOCOL *FilePath ) @@ -408,6 +412,7 @@ UpdateDBXFromFile ( @retval FALSE Not exit caller function. **/ BOOLEAN +EFIAPI UpdateDBTFromFile ( IN EFI_DEVICE_PATH_PROTOCOL *FilePath ) diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.h b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.h index a8dbd92..1ee9580 100644 --- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.h +++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.h @@ -561,6 +561,7 @@ GuidToString ( @retval FALSE Not exit caller function. **/ BOOLEAN +EFIAPI UpdatePKFromFile ( IN EFI_DEVICE_PATH_PROTOCOL *FilePath ); @@ -574,6 +575,7 @@ UpdatePKFromFile ( @retval FALSE Not exit caller function. **/ BOOLEAN +EFIAPI UpdateKEKFromFile ( IN EFI_DEVICE_PATH_PROTOCOL *FilePath ); @@ -587,6 +589,7 @@ UpdateKEKFromFile ( @retval FALSE Not exit caller function. **/ BOOLEAN +EFIAPI UpdateDBFromFile ( IN EFI_DEVICE_PATH_PROTOCOL *FilePath ); @@ -600,6 +603,7 @@ UpdateDBFromFile ( @retval FALSE Not exit caller function. **/ BOOLEAN +EFIAPI UpdateDBXFromFile ( IN EFI_DEVICE_PATH_PROTOCOL *FilePath ); @@ -613,6 +617,7 @@ UpdateDBXFromFile ( @retval FALSE Not exit caller function. **/ BOOLEAN +EFIAPI UpdateDBTFromFile ( IN EFI_DEVICE_PATH_PROTOCOL *FilePath ); -- 2.7.2 _______________________________________________ edk2-devel mailing list [email protected] https://lists.01.org/mailman/listinfo/edk2-devel
