Bug 1356913

Summary: fix use-without-initialization in EnrollDefaultKeys.efi
Product: Red Hat Enterprise Linux 7 Reporter: Laszlo Ersek <lersek>
Component: ovmfAssignee: Laszlo Ersek <lersek>
Status: CLOSED ERRATA QA Contact: aihua liang <aliang>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.3CC: chayang, huding, jinzhao, juzhang, kraxel
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ovmf-20160608-3.git988715a.el7 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-11-04 08:41:35 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Laszlo Ersek 2016-07-15 09:20:06 UTC 
*** Description of problem:
The EnrollListOfX509Certs() function reaches the first

  EFI_ERROR (Status) 

check without Status being ever initialized or assigned, if the first (= size computation) loop before it succeeds. This is undefined behavior, as Status has automatic storage duration, and at this point, indeterminate value.

The issue has never been experienced in practice before, but Ard's upstream edk2 work to enable gcc -O2 optimization for X64 has exposed it:

http://thread.gmane.org/gmane.comp.bios.edk2.devel/14615/focus=14706

Given that EnrollDefaultKeys.efi is downstream-only (although Open Source, of course), we have to fix this in downstream; no rebase will fix it for us.

I'll also send Gerd an updated (squashed) patch for EnrollDefaultKeys.efi, for his own personal RPMs, and for the Fedora package.

*** Version-Release number of selected component (if applicable):
ovmf-20160608-2.git988715a.el7

*** How reproducible:
Not reproducible unless built with Ard's upstream build infrastructure changes.

*** Actual results:
EnrollDefaultKeys.efi reports an error even when it should succeed:

info: SetupMode=1 SecureBoot=0 SecureBootEnable=1 CustomMode=1 VendorKeys=0
error: EnrollListOfX509Certs("db",
D719B2CB-3D3A-4596-A3BC-DAD00E67656F): Invalid Parameter

*** Expected results:
info: SetupMode=1 SecureBoot=0 SecureBootEnable=1 CustomMode=1 VendorKeys=0
info: SetupMode=0 SecureBoot=1 SecureBootEnable=1 CustomMode=0 VendorKeys=0
info: success

*** Additional info:
Sanity testing (key enrollment, Secure Boot verification) suffices for testing. (Already part of QE's OVMF test plan.)
Comment 2 Miroslav Rezanina 2016-08-04 11:48:48 UTC 
Fix included in ovmf-20160608-3.git988715a.el7
Comment 4 aihua liang 2016-09-12 11:17:24 UTC 
Test it in OVMF Function test, no problem exist with OVMF SB.
 
Verified Version:
 Kernel version:3.10.0-504.el7.x86_64
 qemu-kvm-rhev version:qemu-kvm-rhev-2.6.0-22.el7.x86_64
 OVMF version:OVMF-20160608-3.git988715a.el7.noarch
Comment 6 errata-xmlrpc 2016-11-04 08:41:35 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-2608.html