From: AKASHI Takahiro <takahiro.akashi@linaro.org>
To: u-boot@lists.denx.de
Subject: [U-Boot] [PATCH v2 04/16] efi_loader: add signature database parser
Date: Mon, 2 Dec 2019 09:49:41 +0900 [thread overview]
Message-ID: <20191202004940.GT22427@linaro.org> (raw)
In-Reply-To: <20191128144950.GA24434@apalos.home>
On Thu, Nov 28, 2019 at 04:49:50PM +0200, Ilias Apalodimas wrote:
> On Thu, Nov 28, 2019 at 04:21:01PM +0200, Ilias Apalodimas wrote:
> > Akashi-san,
> >
> > On Tue, Nov 26, 2019 at 09:51:08AM +0900, AKASHI Takahiro wrote:
> > > efi_signature_parse_sigdb() is a helper function will be used to parse
> > > signature database variable and instantiate a signature store structure
> > > in later patches.
> > >
> > > Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
> > > ---
> > > include/efi_loader.h | 3 +
> > > lib/efi_loader/efi_signature.c | 227 +++++++++++++++++++++++++++++++++
> > > 2 files changed, 230 insertions(+)
> > >
> > > diff --git a/include/efi_loader.h b/include/efi_loader.h
> > > index 622bae6a6906..5297fb854905 100644
> > > --- a/include/efi_loader.h
> > > +++ b/include/efi_loader.h
> > > @@ -720,6 +720,9 @@ bool efi_signature_verify_with_sigdb(struct efi_image_regions *regs,
> > > efi_status_t efi_image_region_add(struct efi_image_regions *regs,
> > > const void *start, const void *end,
> > > int nocheck);
> > > +
> > > +void efi_sigstore_free(struct efi_signature_store *sigstore);
> > > +struct efi_signature_store *efi_sigstore_parse_sigdb(u16 *name);
> > > #endif /* CONFIG_EFI_SECURE_BOOT */
> > >
> > > #else /* CONFIG_IS_ENABLED(EFI_LOADER) */
> > > diff --git a/lib/efi_loader/efi_signature.c b/lib/efi_loader/efi_signature.c
> > > index 87a39b790f67..9be13d5a4bbe 100644
> > > --- a/lib/efi_loader/efi_signature.c
> > > +++ b/lib/efi_loader/efi_signature.c
> > > @@ -581,4 +581,231 @@ efi_status_t efi_image_region_add(struct efi_image_regions *regs,
> > >
> > > return EFI_SUCCESS;
> > > }
> > > +
> > > +/**
> > > + * efi_sigstore_free - free signature store
> > > + * @sigstore: Pointer to signature store structure
> > > + *
> > > + * Feee all the memories held in signature store and itself,
> > > + * which were allocated by efi_sigstore_parse_sigdb().
> > > + */
> > > +void efi_sigstore_free(struct efi_signature_store *sigstore)
> > > +{
> > > + struct efi_signature_store *sigstore_next;
> > > + struct efi_sig_data *sig_data, *sig_data_next;
> > > +
> > > + while (sigstore) {
> > > + sigstore_next = sigstore->next;
> > > +
> > > + sig_data = sigstore->sig_data_list;
> > > + while (sig_data) {
> > > + if (sig_data)
> > > + sig_data_next = sig_data->next;
> >
> > Why the extra if check?
>
> Looking at it again, maybe this is a typo and you wanted to
> check sig_data->next?
The check is just redundant. Will remove it.
Thanks,
-Takahiro Akashi
> >
> > > + free(sig_data->data);
> > > + free(sig_data);
> > > + sig_data = sig_data_next;
> > > + }
> > > +
> > > + free(sigstore);
> > > + sigstore = sigstore_next;
> > > + }
> > > +}
> > > +
> >
> > Thnaks
> > /Ilias
next prev parent reply other threads:[~2019-12-02 0:49 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-11-26 0:51 [U-Boot] [PATCH v2 00/16] efi_loader: add secure boot support AKASHI Takahiro
2019-11-26 0:51 ` [U-Boot] [PATCH v2 01/16] include: pe.h: add signature-related definitions AKASHI Takahiro
2019-11-26 2:55 ` Heinrich Schuchardt
2019-11-26 0:51 ` [U-Boot] [PATCH v2 02/16] efi_loader: add CONFIG_EFI_SECURE_BOOT config option AKASHI Takahiro
2019-11-26 0:51 ` [U-Boot] [PATCH v2 03/16] efi_loader: add signature verification functions AKASHI Takahiro
2019-11-26 11:55 ` Ilias Apalodimas
2019-11-27 1:29 ` AKASHI Takahiro
2019-11-26 0:51 ` [U-Boot] [PATCH v2 04/16] efi_loader: add signature database parser AKASHI Takahiro
2019-11-28 14:21 ` Ilias Apalodimas
2019-11-28 14:49 ` Ilias Apalodimas
2019-12-02 0:49 ` AKASHI Takahiro [this message]
2019-11-26 0:51 ` [U-Boot] [PATCH v2 05/16] efi_loader: variable: support variable authentication AKASHI Takahiro
2019-11-26 0:51 ` [U-Boot] [PATCH v2 06/16] efi_loader: variable: add secure boot state transition AKASHI Takahiro
2019-11-26 0:51 ` [U-Boot] [PATCH v2 07/16] efi_loader: variable: add VendorKeys variable AKASHI Takahiro
2019-11-26 0:51 ` [U-Boot] [PATCH v2 08/16] efi_loader: image_loader: support image authentication AKASHI Takahiro
2019-11-26 0:51 ` [U-Boot] [PATCH v2 09/16] efi_loader: set up secure boot AKASHI Takahiro
2019-11-26 0:51 ` [U-Boot] [PATCH v2 10/16] cmd: env: use appropriate guid for authenticated UEFI variable AKASHI Takahiro
2019-11-26 0:51 ` [U-Boot] [PATCH v2 11/16] cmd: env: add "-at" option to "env set -e" command AKASHI Takahiro
2019-11-26 0:51 ` [U-Boot] [PATCH v2 12/16] efi_loader, pytest: set up secure boot environment AKASHI Takahiro
2019-11-26 0:51 ` [U-Boot] [PATCH v2 13/16] efi_loader, pytest: add UEFI secure boot tests (authenticated variables) AKASHI Takahiro
2019-11-26 0:51 ` [U-Boot] [PATCH v2 14/16] efi_loader, pytest: add UEFI secure boot tests (image) AKASHI Takahiro
2019-11-26 0:51 ` [U-Boot] [PATCH v2 15/16] sandbox: add extra configurations for UEFI and related tests AKASHI Takahiro
2019-11-26 0:51 ` [U-Boot] [PATCH v2 16/16] travis: add packages for UEFI secure boot test AKASHI Takahiro
2019-12-05 15:44 ` Tom Rini
2019-11-26 1:23 ` [U-Boot] [PATCH v2 00/16] efi_loader: add secure boot support AKASHI Takahiro
2019-11-28 13:48 ` Ilias Apalodimas
2019-12-04 2:43 ` AKASHI Takahiro
2019-12-04 7:31 ` Heinrich Schuchardt
2019-12-04 8:28 ` AKASHI Takahiro
2019-12-04 23:58 ` Tom Rini
2019-12-11 0:41 ` AKASHI Takahiro
2019-12-11 1:54 ` Tom Rini
2019-12-11 2:10 ` AKASHI Takahiro
2019-12-11 20:28 ` Tom Rini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191202004940.GT22427@linaro.org \
--to=takahiro.akashi@linaro.org \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox