All of lore.kernel.org
 help / color / mirror / Atom feed
From: Ilias Apalodimas <ilias.apalodimas@linaro.org>
To: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: U-Boot Mailing List <u-boot@lists.denx.de>,
	AKASHI Takahiro <takahiro.akashi@linaro.org>,
	 Sughosh Ganu <sughosh.ganu@linaro.org>,
	Masahisa Kojima <masahisa.kojima@linaro.org>,
	 Alexander Graf <agraf@csgraf.de>
Subject: Re: [PATCH 3/4] efi_loader: simplify efi_sigstore_parse_sigdb()
Date: Sun, 12 Sep 2021 22:23:51 +0300	[thread overview]
Message-ID: <CAC_iWj+C2-WjYxCkiT72YffyFVhFBi9Urdutm8A=EKN9YLCeqw@mail.gmail.com> (raw)
In-Reply-To: <c735a41d-eeb2-66b7-0f50-dd302760e622@gmx.de>

Hi Heinrich

[...]
> >> -    if (!u16_strcmp(name, L"PK") || !u16_strcmp(name, L"KEK")) {
> >> -            vendor = &efi_global_variable_guid;
> >> -    } else if (!u16_strcmp(name, L"db") || !u16_strcmp(name, L"dbx")) {
> >> -            vendor = &efi_guid_image_security_database;
> >> -    } else {
> >> +    vendor = efi_auth_var_get_guid(name);
> >> +    if (!vendor) {
> >>              EFI_PRINT("unknown signature database, %ls\n", name);
> >>              return NULL;
> >>      }
> >
> > efi_auth_var_get_guid() will return &efi_global_variable_guid if the
> > GUID for the variable name isn't found.
>
> Hello Ilias, that is on purpose. In nevedit_efi we need a default GUID.
> I want to reuse the same function there in future.
>
> Best regards

Then I guess the check can go away ?

>
> Heinrich
>
> >
> >>
> >> -    /* retrieve variable data */
> >> -    db_size = 0;
> >> -    ret = EFI_CALL(efi_get_variable(name, vendor, NULL, &db_size, NULL));
> >> -    if (ret == EFI_NOT_FOUND) {
> >> -            EFI_PRINT("variable, %ls, not found\n", name);
> >> -            sigstore = calloc(sizeof(*sigstore), 1);
> >> -            return sigstore;
> >> -    } else if (ret != EFI_BUFFER_TOO_SMALL) {
> >> -            EFI_PRINT("Getting variable, %ls, failed\n", name);
> >> -            return NULL;
> >> -    }
> >> -
> >> -    db = malloc(db_size);
> >> +    db = efi_get_var(name, vendor, &db_size);
> >>      if (!db) {
> >> -            EFI_PRINT("Out of memory\n");
> >> -            return NULL;
> >> -    }
> >> -
> >> -    ret = EFI_CALL(efi_get_variable(name, vendor, NULL, &db_size, db));
> >> -    if (ret != EFI_SUCCESS) {
> >> -            EFI_PRINT("Getting variable, %ls, failed\n", name);
> >> -            free(db);
> >> -            return NULL;
> >> +            EFI_PRINT("variable, %ls, not found\n", name);
> >> +            return calloc(sizeof(struct efi_signature_store), 1);

Why? From the patch alone it's not clear why you want to allocate
memory here instead of returning NULL.

> >>      }
> >>
> >>      return efi_build_signature_store(db, db_size);
> >> --
> >> 2.30.2
> >>

Cheers
/Ilias

  reply	other threads:[~2021-09-12 19:24 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-09-11  7:28 [PATCH 0/4] efi_loader: centralize known vendor GUIDs Heinrich Schuchardt
2021-09-11  7:28 ` [PATCH 1/4] efi_loader: treat UEFI variable name as const Heinrich Schuchardt
2021-09-11 14:10   ` Ilias Apalodimas
2021-09-12 19:19     ` Heinrich Schuchardt
2021-09-11  7:28 ` [PATCH 2/4] efi_loader: function to get GUID for variable name Heinrich Schuchardt
2021-09-11 14:13   ` Ilias Apalodimas
2021-09-11 14:21     ` Ilias Apalodimas
2021-09-11  7:28 ` [PATCH 3/4] efi_loader: simplify efi_sigstore_parse_sigdb() Heinrich Schuchardt
2021-09-11 14:25   ` Ilias Apalodimas
2021-09-12 19:16     ` Heinrich Schuchardt
2021-09-12 19:23       ` Ilias Apalodimas [this message]
2021-10-01 16:42         ` Heinrich Schuchardt
2021-10-01 19:08           ` Ilias Apalodimas
2021-09-11  7:28 ` [PATCH 4/4] efi_loader: simplify tcg2_measure_secure_boot_variable() Heinrich Schuchardt

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAC_iWj+C2-WjYxCkiT72YffyFVhFBi9Urdutm8A=EKN9YLCeqw@mail.gmail.com' \
    --to=ilias.apalodimas@linaro.org \
    --cc=agraf@csgraf.de \
    --cc=masahisa.kojima@linaro.org \
    --cc=sughosh.ganu@linaro.org \
    --cc=takahiro.akashi@linaro.org \
    --cc=u-boot@lists.denx.de \
    --cc=xypron.glpk@gmx.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.