From nobody Tue Feb 10 00:00:41 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+113410+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+113410+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1704741755; cv=none; d=zohomail.com; s=zohoarc; b=V5t3PUrhMWNfN0kq0gLoQxM7we9dXJ1UA0IoALmilWtECSdBSXPXdqGQe2olouOJREzLArNRu8L8VhKv60gYqg5OZQG3Nl1EV/XCd3v4MTi4gy9/LtVojtXNQ5AY++hKrCFyzONeaMKCzqSZAdXs9GL+Xe3VKlXEK4PUvlUXUK8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1704741755; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Sender:Subject:Subject:To:To:Message-Id; bh=51aFEvclnBKDlSCLut+zR5mh/kmG3/AVrerKV36qHz8=; b=HJyK+w+uqdBYQKw40v8YwSKN8OT3L6kZLSisYVub+VR9IZ4L3s6vQhyNqYNIQUccianXVnXIAeQtfkjKg6UbLbOmdWyhrVtZo6Led6/nAxdX8ONqgCLYgOj5L/gGi8CGbtYVVasVsy/SfdnspZp8cY2r8q/oz9Yvgr7MAY4DhxU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+113410+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1704741755375287.79168649814085; Mon, 8 Jan 2024 11:22:35 -0800 (PST) Return-Path: DKIM-Signature: a=rsa-sha256; bh=3pXCsAUscli9oMCAPZzHjcEjqcWLwRPRinfYH/YpbPQ=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Type:Content-Transfer-Encoding; s=20140610; t=1704741755; v=1; b=ts3200AQtEwE5mT4aH6Z/96YPh0Zd8SS0yrmnALhJbz6lKAjgjRoNyzSVSNLH7KmsG5C7tGG OUFFv3d8tDYWkfeJ/sYyfGJKIucBRkoOJMlo1XG2uxX0amzk+keMU4o4vGn7BzpYfIInpCHIJbL od/q77ZnawAKQUbW50AccOwg= X-Received: by 127.0.0.2 with SMTP id AARGYY1788612xSwF1yfy4N3; Mon, 08 Jan 2024 11:22:35 -0800 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.groups.io with SMTP id smtpd.web11.6595.1704741692706659603 for ; Mon, 08 Jan 2024 11:21:32 -0800 X-Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-626-yQDqoW0TMjWbgfcp70mGoA-1; Mon, 08 Jan 2024 14:21:27 -0500 X-MC-Unique: yQDqoW0TMjWbgfcp70mGoA-1 X-Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com [10.11.54.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 2BF15185A781; Mon, 8 Jan 2024 19:21:27 +0000 (UTC) X-Received: from dobby.home.kraxel.org (unknown [10.39.192.107]) by smtp.corp.redhat.com (Postfix) with ESMTPS id DE3303C2E; Mon, 8 Jan 2024 19:21:26 +0000 (UTC) X-Received: by dobby.home.kraxel.org (Postfix, from userid 1000) id 06774A4983; Mon, 8 Jan 2024 20:21:24 +0100 (CET) From: "Gerd Hoffmann" To: devel@edk2.groups.io Cc: oliver@redhat.com, Laszlo Ersek , Jiewen Yao , Gerd Hoffmann , Ard Biesheuvel , Sunil V L , Andrei Warkentin Subject: [edk2-devel] [PATCH v4 2/3] OvmfPkg/VirtNorFlashDxe: stop accepting gEfiVariableGuid Date: Mon, 8 Jan 2024 20:21:22 +0100 Message-ID: <20240108192123.42359-3-kraxel@redhat.com> In-Reply-To: <20240108192123.42359-1-kraxel@redhat.com> References: <20240108192123.42359-1-kraxel@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.1 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,kraxel@redhat.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: QVD2uGEU1U0kdM2Ww5hyPG5ux1787277AA= Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1704741756759100002 Only accept gEfiAuthenticatedVariableGuid when checking the variable store header in ValidateFvHeader(). The edk2 code base has been switched to use the authenticated varstore format unconditionally (even in case secure boot is not used or supported) a few years ago. Suggested-by: L=C3=A1szl=C3=B3 =C3=89rsek Signed-off-by: Gerd Hoffmann Reviewed-by: Laszlo Ersek --- OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c b/OvmfPkg/VirtNorFla= shDxe/VirtNorFlashFvb.c index 5ee98e9b595a..9a614ae4b24d 100644 --- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c +++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c @@ -239,9 +239,7 @@ ValidateFvHeader ( VariableStoreHeader =3D (VARIABLE_STORE_HEADER *)((UINTN)FwVolHeader + F= wVolHeader->HeaderLength); =20 // Check the Variable Store Guid - if (!CompareGuid (&VariableStoreHeader->Signature, &gEfiVariableGuid) && - !CompareGuid (&VariableStoreHeader->Signature, &gEfiAuthenticatedVar= iableGuid)) - { + if (!CompareGuid (&VariableStoreHeader->Signature, &gEfiAuthenticatedVar= iableGuid)) { DEBUG (( DEBUG_INFO, "%a: Variable Store Guid non-compatible\n", --=20 2.43.0 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#113410): https://edk2.groups.io/g/devel/message/113410 Mute This Topic: https://groups.io/mt/103605076/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-