efi_loader: Re-factor code to build the signature store from efi signature list

The efi_sigstore_parse_sigdb function reads the uefi authenticated
variable, stored in the signature database format and builds the
signature store structure. Factor out the code for building
the signature store. This can then be used by the capsule
authentication routine to build the signature store even when the
signature database is not stored as an uefi authenticated variable

Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>

diff --git a/include/efi_loader.h b/include/efi_loader.h
index f1dfb1d33fdaebf467309fa67aa73725d49bc5cc..7fd65eeb8db9f0da0fa5b3851707792389679dbb 100644 (file)
--- a/include/efi_loader.h
+++ b/include/efi_loader.h
@@ -813,6 +813,8 @@ efi_status_t efi_image_region_add(struct efi_image_regions *regs,
                                  int nocheck);
 
 void efi_sigstore_free(struct efi_signature_store *sigstore);
+struct efi_signature_store *efi_build_signature_store(void *sig_list,
+                                                     efi_uintn_t size);
 struct efi_signature_store *efi_sigstore_parse_sigdb(u16 *name);
 
 bool efi_secure_boot_enabled(void);

diff --git a/lib/efi_loader/efi_signature.c b/lib/efi_loader/efi_signature.c
index 9ab071b61145fd9a679c568f9951abf8fffbdb22..87525bdc804a1edeaff53184f3be3945b9f7c3a4 100644 (file)
--- a/lib/efi_loader/efi_signature.c
+++ b/lib/efi_loader/efi_signature.c
@@ -736,6 +736,63 @@ err:
        return NULL;
 }
 
+/**
+ * efi_sigstore_parse_sigdb - parse the signature list and populate
+ * the signature store
+ *
+ * @sig_list:  Pointer to the signature list
+ * @size:      Size of the signature list
+ *
+ * Parse the efi signature list and instantiate a signature store
+ * structure.
+ *
+ * Return:     Pointer to signature store on success, NULL on error
+ */
+struct efi_signature_store *efi_build_signature_store(void *sig_list,
+                                                     efi_uintn_t size)
+{
+       struct efi_signature_list *esl;
+       struct efi_signature_store *sigstore = NULL, *siglist;
+
+       esl = sig_list;
+       while (size > 0) {
+               /* List must exist if there is remaining data. */
+               if (size < sizeof(*esl)) {
+                       EFI_PRINT("Signature list in wrong format\n");
+                       goto err;
+               }
+
+               if (size < esl->signature_list_size) {
+                       EFI_PRINT("Signature list in wrong format\n");
+                       goto err;
+               }
+
+               /* Parse a single siglist. */
+               siglist = efi_sigstore_parse_siglist(esl);
+               if (!siglist) {
+                       EFI_PRINT("Parsing of signature list of failed\n");
+                       goto err;
+               }
+
+               /* Append siglist */
+               siglist->next = sigstore;
+               sigstore = siglist;
+
+               /* Next */
+               size -= esl->signature_list_size;
+               esl = (void *)esl + esl->signature_list_size;
+       }
+       free(sig_list);
+
+       return sigstore;
+
+err:
+       efi_sigstore_free(sigstore);
+       free(sig_list);
+
+       return NULL;
+}
+
 /**
  * efi_sigstore_parse_sigdb - parse a signature database variable
  * @name:      Variable's name
@@ -747,8 +804,7 @@ err:
  */
 struct efi_signature_store *efi_sigstore_parse_sigdb(u16 *name)
 {
-       struct efi_signature_store *sigstore = NULL, *siglist;
-       struct efi_signature_list *esl;
+       struct efi_signature_store *sigstore = NULL;
        const efi_guid_t *vendor;
        void *db;
        efi_uintn_t db_size;
@@ -784,47 +840,10 @@ struct efi_signature_store *efi_sigstore_parse_sigdb(u16 *name)
        ret = EFI_CALL(efi_get_variable(name, vendor, NULL, &db_size, db));
        if (ret != EFI_SUCCESS) {
                EFI_PRINT("Getting variable, %ls, failed\n", name);
-               goto err;
-       }
-
-       /* Parse siglist list */
-       esl = db;
-       while (db_size > 0) {
-               /* List must exist if there is remaining data. */
-               if (db_size < sizeof(*esl)) {
-                       EFI_PRINT("variable, %ls, in wrong format\n", name);
-                       goto err;
-               }
-
-               if (db_size < esl->signature_list_size) {
-                       EFI_PRINT("variable, %ls, in wrong format\n", name);
-                       goto err;
-               }
-
-               /* Parse a single siglist. */
-               siglist = efi_sigstore_parse_siglist(esl);
-               if (!siglist) {
-                       EFI_PRINT("Parsing signature list of %ls failed\n",
-                                 name);
-                       goto err;
-               }
-
-               /* Append siglist */
-               siglist->next = sigstore;
-               sigstore = siglist;
-
-               /* Next */
-               db_size -= esl->signature_list_size;
-               esl = (void *)esl + esl->signature_list_size;
+               free(db);
+               return NULL;
        }
-       free(db);
-
-       return sigstore;
 
-err:
-       efi_sigstore_free(sigstore);
-       free(db);
-
-       return NULL;
+       return efi_build_signature_store(db, db_size);
 }
 #endif /* CONFIG_EFI_SECURE_BOOT */