15, 2016 8:44 AM
>> To: Dick Wilkins <dick_wilk...@phoenix.com>
>> Cc: edk2-de...@ml01.01.org; Kevin Davis <kevin.da...@insyde.com>;
>> Laszlo Ersek <ler...@redhat.com>; Zhang, Chao B
>> <chao.b.zh...@intel.com>; Long, Qin <qin.l...@intel.com>
>&
2016 12:02 AM
To: Peter Jones; Dick Wilkins
Cc: edk2-de...@ml01.01.org; Kevin Davis; Laszlo Ersek; Zhang, Chao B; Long, Qin
Subject: RE: [edk2] [PATCH] SecuritPkg: DxeImageVerificationLib: Fix wrong
verification logic in DBX & DBT
Yes, this process needs refinement, it's on my list of things
zlo
> Ersek <ler...@redhat.com>; Zhang, Chao B <chao.b.zh...@intel.com>;
> Long, Qin <qin.l...@intel.com>
> Subject: Re: [edk2] [PATCH] SecuritPkg: DxeImageVerificationLib: Fix wrong
> verification logic in DBX & DBT
>
> On Fri, Apr 15, 2016 at 08:10:50A
; From: edk2-devel [edk2-devel-boun...@lists.01.org] On Behalf Of Peter Jones
> [pjo...@redhat.com]
> Sent: Friday, April 15, 2016 10:51 AM
> To: Zhang, Chao B
> Cc: edk2-de...@ml01.01.org; Kevin Davis; Laszlo Ersek; Long, Qin
> Subject: Re: [edk2] [PATCH] SecuritPkg: DxeImageVerific
l01.01.org; Kevin Davis; Laszlo Ersek; Long, Qin
Subject: Re: [edk2] [PATCH] SecuritPkg: DxeImageVerificationLib: Fix wrong
verification logic in DBX & DBT
On Fri, Apr 15, 2016 at 12:40:14AM +, Zhang, Chao B wrote:
> Hi all:
> Thank you very much for the info. Do you agree to ad
On Fri, Apr 15, 2016 at 12:40:14AM +, Zhang, Chao B wrote:
> Hi all:
> Thank you very much for the info. Do you agree to add "[USRT
> 0001604]: Bug found in SecuritPkg: DxeImageVerificationLib" into the
> log & check in this patch?
What's the point of adding our internal tracker to it?
.@lists.01.org] On Behalf Of
> Kevin Davis
> Sent: Thursday, April 14, 2016 4:09 PM
> To: Peter Jones <pjo...@redhat.com>; Zhang, Chao B
> <chao.b.zh...@intel.com>
> Cc: edk2-de...@ml01.01.org; Laszlo Ersek <ler...@redhat.com>; Long, Qin
> <qin.l...@intel.com
com]
Sent: Friday, April 15, 2016 7:55 AM
To: Zhang, Chao B
Cc: edk2-de...@ml01.01.org; Laszlo Ersek; Long, Qin; Peter Jones
Subject: RE: [edk2] [PATCH] SecuritPkg: DxeImageVerificationLib: Fix wrong
verification logic in DBX & DBT
Chao,
If you would like to reference the USRT's Mantis ticket
Long, Qin
<qin.l...@intel.com>
Subject: Re: [edk2] [PATCH] SecuritPkg: DxeImageVerificationLib: Fix wrong
verification logic in DBX & DBT
I agree with Peter. I just pinged the USRT about this. We can create a
Mantis ticket for it and Chao can modify the Patch.
Thanks,
Kevin
戴連輝
US
-devel-boun...@lists.01.org] On Behalf Of Peter
Jones
Sent: Thursday, April 14, 2016 1:31 PM
To: Zhang, Chao B <chao.b.zh...@intel.com>
Cc: edk2-de...@ml01.01.org; Laszlo Ersek <ler...@redhat.com>; Long, Qin
<qin.l...@intel.com>
Subject: Re: [edk2] [PATCH] SecuritPkg: DxeImageVe
On Thu, Apr 14, 2016 at 01:10:02AM +, Zhang, Chao B wrote:
> Laszlo:
>There is no CVE number. The issue was exposed during internal code
>review. The code has been existing since 11/4/2014.
So... why not? This is exactly the sort of issue that needs proper
tracking.
--
Peter
hang, Chao B
Cc: edk2-de...@ml01.01.org; Long, Qin; Peter Jones
Subject: Re: [edk2] [PATCH] SecuritPkg: DxeImageVerificationLib: Fix wrong
verification logic in DBX & DBT
On 04/13/16 10:29, Zhang, Chao B wrote:
> In image verification, if image verified pass in DBT, still nee
On 04/13/16 10:29, Zhang, Chao B wrote:
> In image verification, if image verified pass in DBT, still need to verify if
> it is blocked by any other cert/cert hash from DBX.
>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Chao Zhang
> ---
>
Reviewed-by: Qin Long
Best Regards & Thanks,
LONG, Qin
> -Original Message-
> From: Zhang, Chao B
> Sent: Wednesday, April 13, 2016 4:29 PM
> To: edk2-devel@lists.01.org
> Cc: Long, Qin; Zhang, Chao B
> Subject: [PATCH] SecuritPkg: DxeImageVerificationLib: Fix wrong
In image verification, if image verified pass in DBT, still need to verify if
it is blocked by any other cert/cert hash from DBX.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang
---
15 matches
Mail list logo