When new FV is installed, VerifyFv() should be invoked to do security checking for...
authorklu2 <klu2@de2fecce-e211-0410-80a6-f3fac2684e05>
Wed, 3 Sep 2008 06:25:35 +0000 (06:25 +0000)
committerklu2 <klu2@de2fecce-e211-0410-80a6-f3fac2684e05>
Wed, 3 Sep 2008 06:25:35 +0000 (06:25 +0000)
git-svn-id: https://edk2.tianocore.org/svn/edk2/trunk@5785 de2fecce-e211-0410-80a6-f3fac2684e05

edk2/MdeModulePkg/Core/Pei/FwVol/FwVol.c

index cf0cfe7..f2b5ced 100644 (file)
@@ -307,6 +307,7 @@ PeiInitializeFv (
   @param Ppi               Address of the PPI that was installed.\r
 \r
   @retval EFI_SUCCESS    The FV Info is registered into PeiCore private data structure.\r
+  @return if not EFI_SUCESS, fail to verify FV.\r
 \r
 **/\r
 EFI_STATUS\r
@@ -342,6 +343,13 @@ FirmwareVolmeInfoPpiNotifyCallback (
         return EFI_SUCCESS;\r
       }\r
     }\r
+    \r
+    Status = VerifyFv ((EFI_FIRMWARE_VOLUME_HEADER*)Fv->FvInfo);\r
+    if (EFI_ERROR(Status)) {\r
+      DEBUG ((EFI_D_ERROR, "Fail to verify FV which address is 0x%11p", (VOID *) Fv->FvInfo));\r
+      return Status;\r
+    }\r
+    \r
     PrivateData->Fv[PrivateData->FvCount++].FvHeader = (EFI_FIRMWARE_VOLUME_HEADER*)Fv->FvInfo;\r
 \r
     //\r