From nobody Mon Feb 9 08:56:17 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+113443+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+113443+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1704799751; cv=none; d=zohomail.com; s=zohoarc; b=LOodcL/JmflxIERC0OD2eC02KC86NmQEy4UebIw2bEwuXE4zbW67yFnw8iNwUAPat7HtZcnGprGZ0wFNkWrDbg3QYqhTLHeyIDI//69BeFRpDu0IMWAHLfwnHS08UdyEz8tWWmk9McSq20BDpEuN4cdTHi4saMTHeEaBJpEdzhs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1704799751; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Sender:Subject:Subject:To:To:Message-Id; bh=UgBcxqr0MovQ7IcbiZn7NjWsgLGJdtn2hfIc3nz1mjE=; b=SucvMCDhe76mNnp4OtCpudZVLCMbpEaG3YfRC8qYZ5Cld9fnSjk7+QlNSoGGcAMtxyCK7qqz00hp/AsgKxvqweiBxWWC3yzuYPB1tKjCKM0Vc0kdXwDglRsA8HM7NO+xRqVYsGT9mCZfotYCA8C5e8JRK4sbdulEahHfegeD7eA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+113443+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1704799751428103.78517897432039; Tue, 9 Jan 2024 03:29:11 -0800 (PST) Return-Path: DKIM-Signature: a=rsa-sha256; bh=VxANqRA3plYBjaT/bG8RzzzdOdqLABIXCT/85uSiMzw=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Type:Content-Transfer-Encoding; s=20140610; t=1704799751; v=1; b=POJPPD4IEQlsNz8hS1uYc9fgSdBtvVX2Lng803houBrzaMVSyX1UY8zHwl+5GxIbuBgkuBFF eoS3NAWuFocPC07sjz4XX5UPob8uzWHtJpL9q+IW+x46jBcSFA/Afdd+ZrBSugneqJixNDRznOe oOMV9lK253gtDVxqbXzuzWwA= X-Received: by 127.0.0.2 with SMTP id Yw3PYY1788612xRbLURKlDKx; Tue, 09 Jan 2024 03:29:11 -0800 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.groups.io with SMTP id smtpd.web11.14478.1704799749795519124 for ; Tue, 09 Jan 2024 03:29:09 -0800 X-Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-330-jo8QB574MZijD-1GcuKEaw-1; Tue, 09 Jan 2024 06:29:05 -0500 X-MC-Unique: jo8QB574MZijD-1GcuKEaw-1 X-Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 8327A8314EF; Tue, 9 Jan 2024 11:29:05 +0000 (UTC) X-Received: from dobby.home.kraxel.org (unknown [10.39.194.247]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 503792026D66; Tue, 9 Jan 2024 11:29:05 +0000 (UTC) X-Received: by dobby.home.kraxel.org (Postfix, from userid 1000) id 07B53A7A5A; Tue, 9 Jan 2024 12:29:03 +0100 (CET) From: "Gerd Hoffmann" To: devel@edk2.groups.io Cc: Sunil V L , Gerd Hoffmann , Jiewen Yao , oliver@redhat.com, Laszlo Ersek , Andrei Warkentin , Ard Biesheuvel Subject: [edk2-devel] [PATCH v5 2/3] OvmfPkg/VirtNorFlashDxe: stop accepting gEfiVariableGuid Date: Tue, 9 Jan 2024 12:29:01 +0100 Message-ID: <20240109112902.30002-3-kraxel@redhat.com> In-Reply-To: <20240109112902.30002-1-kraxel@redhat.com> References: <20240109112902.30002-1-kraxel@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.4 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,kraxel@redhat.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: 8J5nU9wTTKvQqGrVsRmRPnS3x1787277AA= Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1704799752318100004 Only accept gEfiAuthenticatedVariableGuid when checking the variable store header in ValidateFvHeader(). The edk2 code base has been switched to use the authenticated varstore format unconditionally (even in case secure boot is not used or supported) a few years ago. Suggested-by: L=C3=A1szl=C3=B3 =C3=89rsek Signed-off-by: Gerd Hoffmann Reviewed-by: Laszlo Ersek --- OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c b/OvmfPkg/VirtNorFla= shDxe/VirtNorFlashFvb.c index 5ee98e9b595a..9a614ae4b24d 100644 --- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c +++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c @@ -239,9 +239,7 @@ ValidateFvHeader ( VariableStoreHeader =3D (VARIABLE_STORE_HEADER *)((UINTN)FwVolHeader + F= wVolHeader->HeaderLength); =20 // Check the Variable Store Guid - if (!CompareGuid (&VariableStoreHeader->Signature, &gEfiVariableGuid) && - !CompareGuid (&VariableStoreHeader->Signature, &gEfiAuthenticatedVar= iableGuid)) - { + if (!CompareGuid (&VariableStoreHeader->Signature, &gEfiAuthenticatedVar= iableGuid)) { DEBUG (( DEBUG_INFO, "%a: Variable Store Guid non-compatible\n", --=20 2.43.0 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#113443): https://edk2.groups.io/g/devel/message/113443 Mute This Topic: https://groups.io/mt/103617814/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-