Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
ovmf.14651
ovmf-bsc1115916-fix-timestamp-zeroing.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File ovmf-bsc1115916-fix-timestamp-zeroing.patch of Package ovmf.14651
From ee1e89bd0426a528bf55805faeb8f609790bbd4e Mon Sep 17 00:00:00 2001 From: Star Zeng <star.zeng@intel.com> Date: Tue, 28 Feb 2017 14:01:47 +0800 Subject: [PATCH 1/1] MdeModulePkg Variable: Fix Timestamp zeroing issue on APPEND_WRITE REF: https://bugzilla.tianocore.org/show_bug.cgi?id=415 When SetVariable() to a time based auth variable with APPEND_WRITE attribute, and if the EFI_VARIABLE_AUTHENTICATION_2.TimeStamp in the input Data is earlier than current value, it will cause timestamp zeroing. This issue may bring time based auth variable downgrade problem. For example: A vendor released three certs at 2014, 2015, and 2016, and system integrated the 2016 cert. User can SetVariable() with 2015 cert and APPEND_WRITE attribute to cause timestamp zeroing first, then SetVariable() with 2014 cert to downgrade the cert. This patch fixes this issue. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Jian J Wang <jian.j.wang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> (cherry picked from commit b7dc8888f31402f410c53242839271ba3b94b619) --- MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c index f39be6b0b4d1..a3b481a44c58 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c @@ -2457,6 +2457,8 @@ UpdateVariable ( if (Variable->CurrPtr != NULL) { if (VariableCompareTimeStampInternal (&(((AUTHENTICATED_VARIABLE_HEADER *) CacheVariable->CurrPtr)->TimeStamp), TimeStamp)) { CopyMem (&AuthVariable->TimeStamp, TimeStamp, sizeof (EFI_TIME)); + } else { + CopyMem (&AuthVariable->TimeStamp, &(((AUTHENTICATED_VARIABLE_HEADER *) CacheVariable->CurrPtr)->TimeStamp), sizeof (EFI_TIME)); } } } -- 2.19.1
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
