When capsule authentication fails, update the image pointers to skip past the authentication wrapper before returning. This allows the caller to access the FMP payload header and extract firmware version information even when authentication check fails.
Additionally, call efi_firmware_get_fw_version() in the error path of efi_firmware_verify_image() to ensure version information is retrieved regardless of authentication status. This corrects error reporting by providing version details for ESRT, even for rejected capsules. Signed-off-by: Balaji Selvanathan <[email protected]> --- lib/efi_loader/efi_firmware.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c index c30283cc9e4..ce6ca04ac69 100644 --- a/lib/efi_loader/efi_firmware.c +++ b/lib/efi_loader/efi_firmware.c @@ -471,6 +471,15 @@ efi_status_t efi_firmware_capsule_authenticate(const void **p_image, if (status == EFI_SECURITY_VIOLATION) { printf("Capsule authentication check failed. Aborting update\n"); + /* + * Even though authentication failed, update the pointers + * to skip past the auth wrapper so the caller can read + * the FMP payload header for version information. + */ + image = capsule_payload; + image_size = capsule_payload_size; + *p_image = image; + *p_image_size = image_size; return status; } else if (status != EFI_SUCCESS) { return status; @@ -620,11 +629,10 @@ efi_status_t efi_firmware_verify_image(const void **p_image, efi_guid_t *image_type_id; ret = efi_firmware_capsule_authenticate(p_image, p_image_size); + efi_firmware_get_fw_version(p_image, p_image_size, state); if (ret != EFI_SUCCESS) return ret; - efi_firmware_get_fw_version(p_image, p_image_size, state); - image_type_id = efi_firmware_get_image_type_id(image_index); if (!image_type_id) return EFI_INVALID_PARAMETER; -- 2.34.1
