From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9565BC433EF for ; Fri, 1 Oct 2021 16:42:27 +0000 (UTC) Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 91BFD6124D for ; Fri, 1 Oct 2021 16:42:26 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 91BFD6124D Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=gmx.de Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=lists.denx.de Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 556CE80F9D; Fri, 1 Oct 2021 18:42:23 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=gmx.de Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (1024-bit key; secure) header.d=gmx.net header.i=@gmx.net header.b="PxOBo7Cs"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id D4D30811CF; Fri, 1 Oct 2021 18:42:20 +0200 (CEST) Received: from mout.gmx.net (mout.gmx.net [212.227.17.21]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 58D3880EFB for ; Fri, 1 Oct 2021 18:42:17 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=gmx.de Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=xypron.glpk@gmx.de DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1633106535; bh=K2+F6wuFMOq6E9VAFn2IABvExrA8GPEDXE6pn+ePZ10=; h=X-UI-Sender-Class:Date:Subject:To:Cc:References:From:In-Reply-To; b=PxOBo7CsaHK6eN2kUeBp2mhzvkNzaNvQ7xpxBdBXWN1YZ+O/wOttwEXFn3vq8whQw +ZVkY79YqiCciQzLhxpoAXjO4J9GvloGkjk5uAG+SCYaGbJi5/R3GJIIex5aQGodTD SAG0k1MrUZ+FN2ZVTN19ebj3CWlVpN7s2I2nUW24= X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c Received: from [192.168.123.55] ([88.152.144.157]) by mail.gmx.net (mrgmx105 [212.227.17.168]) with ESMTPSA (Nemesis) id 1MIdeX-1mZKHS1ayb-00Edtz; Fri, 01 Oct 2021 18:42:15 +0200 Message-ID: <7812832d-5cc3-da7e-e274-030d696b5537@gmx.de> Date: Fri, 1 Oct 2021 18:42:14 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.1.1 Subject: Re: [PATCH 3/4] efi_loader: simplify efi_sigstore_parse_sigdb() Content-Language: en-US To: Ilias Apalodimas Cc: U-Boot Mailing List , AKASHI Takahiro , Sughosh Ganu , Masahisa Kojima , Alexander Graf References: <20210911072832.16991-1-xypron.glpk@gmx.de> <20210911072832.16991-4-xypron.glpk@gmx.de> From: Heinrich Schuchardt In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable X-Provags-ID: V03:K1:k1ZhIRXtb4m5GKsKpUFlq30jEH0CvsDQ8UHN4xZf6lTcWWiUSNQ mu+BoA1o1VOpiFxh08VesgF0ua1troGxCvT77deVrZBWxro6YB+zZvdZJS89in03zA7X0ua S+zbplNcFXXBEDD0PwxZJwu94QpIGkfT8w27vmSP7bCnU+jkJthz9IYLkrc6DStOcHz1v2C 6VY95qstBinVGthmiYRlQ== X-UI-Out-Filterresults: notjunk:1;V03:K0:9pwBStkgsv0=:ypZ5c7ASO6ycfkpzH8S1UC vDuABLWcLU/Q0WksHi0cayFMmnC3Stk8aPQha6ZdZ9Ui2P4llPNYq7Vsgl3QmEjGsG0+j/NU0 4WEK8tv6xbk6G1vWkjZ1p7V9McCHYvdiPBQeLM09j+DtYTOM7RKu0SM2RKUnuEL3Hs6ipddVR kA01FKZ575H4r9fs4NckjWLE/wMZiPCGHJsfjB9SSAcX+SrgXXXqd2kOI1CWi65WJ6+SJ/fyW 6oAFpXo8PNu9DD7Pv1b4MaRgZSyP5Ilpr81nsa/w044tHHNfXA6oVd1VV/UBKD/ku/d21SskA aHWMtweikRQsOBYilANaBw9NMU6s0o9TJr1+WiGFEPGwxJ8GZHDH++X0+BrzDoNG4yEm8mgh+ 0aCDinDO8ias13bLUxHCP+1H+xFQpGAKplhoQHdVv6SBdFYIwLJpKbmkUP/zY0uJIUVzSd6NQ Hl6YhienJcW/GlWiqZk6ElTAWSPdomn0n4jG6EivKV90ddvxJuNLpllvWtaUu5tFVPukLiut+ ddcBxBpWA/bsVk3HC0pQfVCoxffqmCu87UYkp0L/owZy5ZW1rF+5NBUCjsTuYp/txD067B6xt Ki8xTtLiCmgsnkEJFLu9CvydaUhbMMz0VDGNnm/9/vuq8yd4d9bxc2K9zGhKfXdFTxwN02FTR JtCkCxWob8GnZJRVEw9KPyRPsSCX/yABqDIdAa6N8JCbvMMjP5OPRgzUpAcfi4aP6v1E2t+JC i9vCU40/DMnu5VSwlN6mNG/U2JiLd79G1OD9qTpR3R0GKlj90FJJ/EqFYMOWJFTzH5BvD8lFM 0CfXvrJPVjTroFKHawe9l66iwT59GzgTVPsvT14bnn+iPQgPMzEe7nQTUjTtIHMA/pxMwqOA+ sOc4ipnfvH3kfYlDNXa6cR9/3z4y8C4ITA2E8etP8rwOOs/+42P7Z8cMz8AKdTMhBgM9zCwgA OMb0+tQQEl24mAMpN8hpxNRpW41PfoUBWCd0OJJSB8hp4Dh+leXawu2NPT6S67vDXKd2a1HLJ b5qLEhK3rhCGY97CXhS+gsM900g0etRCFif3jTvPSGiRPNlri6anV/Ihwmn4rZieqsXOqwYdZ 2+BorEdw/CksLI= X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean On 9/12/21 21:23, Ilias Apalodimas wrote: > Hi Heinrich > > [...] >>>> - if (!u16_strcmp(name, L"PK") || !u16_strcmp(name, L"KEK")) { >>>> - vendor =3D &efi_global_variable_guid; >>>> - } else if (!u16_strcmp(name, L"db") || !u16_strcmp(name, L"dbx")= ) { >>>> - vendor =3D &efi_guid_image_security_database; >>>> - } else { >>>> + vendor =3D efi_auth_var_get_guid(name); >>>> + if (!vendor) { >>>> EFI_PRINT("unknown signature database, %ls\n", name); >>>> return NULL; >>>> } >>> >>> efi_auth_var_get_guid() will return &efi_global_variable_guid if the >>> GUID for the variable name isn't found. >> >> Hello Ilias, that is on purpose. In nevedit_efi we need a default GUID. >> I want to reuse the same function there in future. >> >> Best regards > > Then I guess the check can go away ? Yes > >> >> Heinrich >> >>> >>>> >>>> - /* retrieve variable data */ >>>> - db_size =3D 0; >>>> - ret =3D EFI_CALL(efi_get_variable(name, vendor, NULL, &db_size, = NULL)); >>>> - if (ret =3D=3D EFI_NOT_FOUND) { >>>> - EFI_PRINT("variable, %ls, not found\n", name); >>>> - sigstore =3D calloc(sizeof(*sigstore), 1); >>>> - return sigstore; >>>> - } else if (ret !=3D EFI_BUFFER_TOO_SMALL) { >>>> - EFI_PRINT("Getting variable, %ls, failed\n", name); >>>> - return NULL; >>>> - } >>>> - >>>> - db =3D malloc(db_size); >>>> + db =3D efi_get_var(name, vendor, &db_size); >>>> if (!db) { >>>> - EFI_PRINT("Out of memory\n"); >>>> - return NULL; >>>> - } >>>> - >>>> - ret =3D EFI_CALL(efi_get_variable(name, vendor, NULL, &db_size, = db)); >>>> - if (ret !=3D EFI_SUCCESS) { >>>> - EFI_PRINT("Getting variable, %ls, failed\n", name); >>>> - free(db); >>>> - return NULL; >>>> + EFI_PRINT("variable, %ls, not found\n", name); >>>> + return calloc(sizeof(struct efi_signature_store), 1); > > Why? From the patch alone it's not clear why you want to allocate > memory here instead of returning NULL. This is existing code. See the same lines deleted above. Best regards Heinrich > >>>> } >>>> >>>> return efi_build_signature_store(db, db_size); >>>> -- >>>> 2.30.2 >>>> > > Cheers > /Ilias >