proxmox-mirrors/efi-boot-shim
1
0
Fork 0
mirror of https://git.proxmox.com/git/efi-boot-shim synced 2025-08-14 10:15:48 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

If we fail to install our protocol, don't continue.

Browse Source 
This shouldn't be exploitable unless you've got a way to make
InstallProtocol fail and still, for example, have memory free to
actually load and run something.

Signed-off-by: Peter Jones <pjones@redhat.com>
This commit is contained in:
Peter Jones 2013-10-01 16:32:54 -04:00
parent 6e5d86e565
commit 51583bd500
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
shim.c
View File

@ -1625,9 +1625,14 @@ EFI_STATUS efi_main (EFI_HANDLE image_handle, EFI_SYSTEM_TABLE *passed_systab)
/* /*
* Install the protocol * Install the protocol
*/ */
uefi_call_wrapper(BS->InstallProtocolInterface, 4, &handle, efi_status = uefi_call_wrapper(BS->InstallProtocolInterface, 4,
&shim_lock_guid, EFI_NATIVE_INTERFACE, &handle, &shim_lock_guid, EFI_NATIVE_INTERFACE,
&shim_lock_interface); &shim_lock_interface);
if (EFI_ERROR(efi_status)) {
console_error("Could not install security protocol",
efi_status);
return efi_status;
}
#if defined(OVERRIDE_SECURITY_POLICY) #if defined(OVERRIDE_SECURITY_POLICY)
/* /*