2 Implement authentication services for the authenticated variables.
4 Caution: This module requires additional review when modified.
5 This driver will have external input - variable data. It may be input in SMM mode.
6 This external input must be validated carefully to avoid security issue like
7 buffer overflow, integer overflow.
8 Variable attribute should also be checked to avoid authentication bypass.
9 The whole SMM authentication variable design relies on the integrity of flash part and SMM.
10 which is assumed to be protected by platform. All variable code and metadata in flash/SMM Memory
11 may not be modified without authorization. If platform fails to protect these resources,
12 the authentication service provided in this driver will be broken, and the behavior is undefined.
14 Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
15 SPDX-License-Identifier: BSD-2-Clause-Patent
19 #include "AuthServiceInternal.h"
22 /// Global database array for scratch
25 UINT32 mMaxCertDbSize
;
27 UINT8 mVendorKeyState
;
29 EFI_GUID mSignatureSupport
[] = {EFI_CERT_SHA1_GUID
, EFI_CERT_SHA256_GUID
, EFI_CERT_RSA2048_GUID
, EFI_CERT_X509_GUID
};
32 // Hash context pointer
34 VOID
*mHashCtx
= NULL
;
36 VARIABLE_ENTRY_PROPERTY mAuthVarEntry
[] = {
38 &gEfiSecureBootEnableDisableGuid
,
39 EFI_SECURE_BOOT_ENABLE_NAME
,
41 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
43 VARIABLE_ATTRIBUTE_NV_BS
,
49 &gEfiCustomModeEnableGuid
,
52 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
54 VARIABLE_ATTRIBUTE_NV_BS
,
60 &gEfiVendorKeysNvGuid
,
61 EFI_VENDOR_KEYS_NV_VARIABLE_NAME
,
63 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
64 VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY
,
65 VARIABLE_ATTRIBUTE_NV_BS_RT_AT
,
74 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
75 VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY
,
76 VARIABLE_ATTRIBUTE_NV_BS_RT_AT
,
83 EFI_CERT_DB_VOLATILE_NAME
,
85 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
86 VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY
,
87 VARIABLE_ATTRIBUTE_BS_RT_AT
,
94 VOID
**mAuthVarAddressPointer
[9];
96 AUTH_VAR_LIB_CONTEXT_IN
*mAuthVarLibContextIn
= NULL
;
99 Initialization for authenticated variable services.
100 If this initialization returns error status, other APIs will not work
101 and expect to be not called then.
103 @param[in] AuthVarLibContextIn Pointer to input auth variable lib context.
104 @param[out] AuthVarLibContextOut Pointer to output auth variable lib context.
106 @retval EFI_SUCCESS Function successfully executed.
107 @retval EFI_INVALID_PARAMETER If AuthVarLibContextIn == NULL or AuthVarLibContextOut == NULL.
108 @retval EFI_OUT_OF_RESOURCES Fail to allocate enough resource.
109 @retval EFI_UNSUPPORTED Unsupported to process authenticated variable.
114 AuthVariableLibInitialize (
115 IN AUTH_VAR_LIB_CONTEXT_IN
*AuthVarLibContextIn
,
116 OUT AUTH_VAR_LIB_CONTEXT_OUT
*AuthVarLibContextOut
124 UINT8 SecureBootMode
;
125 UINT8 SecureBootEnable
;
129 if ((AuthVarLibContextIn
== NULL
) || (AuthVarLibContextOut
== NULL
)) {
130 return EFI_INVALID_PARAMETER
;
133 mAuthVarLibContextIn
= AuthVarLibContextIn
;
136 // Initialize hash context.
138 CtxSize
= Sha256GetContextSize ();
139 mHashCtx
= AllocateRuntimePool (CtxSize
);
140 if (mHashCtx
== NULL
) {
141 return EFI_OUT_OF_RESOURCES
;
145 // Reserve runtime buffer for certificate database. The size excludes variable header and name size.
146 // Use EFI_CERT_DB_VOLATILE_NAME size since it is longer.
148 mMaxCertDbSize
= (UINT32
) (mAuthVarLibContextIn
->MaxAuthVariableSize
- sizeof (EFI_CERT_DB_VOLATILE_NAME
));
149 mCertDbStore
= AllocateRuntimePool (mMaxCertDbSize
);
150 if (mCertDbStore
== NULL
) {
151 return EFI_OUT_OF_RESOURCES
;
154 Status
= AuthServiceInternalFindVariable (EFI_PLATFORM_KEY_NAME
, &gEfiGlobalVariableGuid
, (VOID
**) &Data
, &DataSize
);
155 if (EFI_ERROR (Status
)) {
156 DEBUG ((EFI_D_INFO
, "Variable %s does not exist.\n", EFI_PLATFORM_KEY_NAME
));
158 DEBUG ((EFI_D_INFO
, "Variable %s exists.\n", EFI_PLATFORM_KEY_NAME
));
162 // Create "SetupMode" variable with BS+RT attribute set.
164 if (EFI_ERROR (Status
)) {
165 mPlatformMode
= SETUP_MODE
;
167 mPlatformMode
= USER_MODE
;
169 Status
= AuthServiceInternalUpdateVariable (
171 &gEfiGlobalVariableGuid
,
174 EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_RUNTIME_ACCESS
176 if (EFI_ERROR (Status
)) {
181 // Create "SignatureSupport" variable with BS+RT attribute set.
183 Status
= AuthServiceInternalUpdateVariable (
184 EFI_SIGNATURE_SUPPORT_NAME
,
185 &gEfiGlobalVariableGuid
,
187 sizeof(mSignatureSupport
),
188 EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_RUNTIME_ACCESS
190 if (EFI_ERROR (Status
)) {
195 // If "SecureBootEnable" variable exists, then update "SecureBoot" variable.
196 // If "SecureBootEnable" variable is SECURE_BOOT_ENABLE and in USER_MODE, Set "SecureBoot" variable to SECURE_BOOT_MODE_ENABLE.
197 // If "SecureBootEnable" variable is SECURE_BOOT_DISABLE, Set "SecureBoot" variable to SECURE_BOOT_MODE_DISABLE.
199 SecureBootEnable
= SECURE_BOOT_DISABLE
;
200 Status
= AuthServiceInternalFindVariable (EFI_SECURE_BOOT_ENABLE_NAME
, &gEfiSecureBootEnableDisableGuid
, (VOID
**) &Data
, &DataSize
);
201 if (!EFI_ERROR (Status
)) {
202 if (mPlatformMode
== USER_MODE
){
203 SecureBootEnable
= *(UINT8
*) Data
;
205 } else if (mPlatformMode
== USER_MODE
) {
207 // "SecureBootEnable" not exist, initialize it in USER_MODE.
209 SecureBootEnable
= SECURE_BOOT_ENABLE
;
210 Status
= AuthServiceInternalUpdateVariable (
211 EFI_SECURE_BOOT_ENABLE_NAME
,
212 &gEfiSecureBootEnableDisableGuid
,
215 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
217 if (EFI_ERROR (Status
)) {
223 // Create "SecureBoot" variable with BS+RT attribute set.
225 if (SecureBootEnable
== SECURE_BOOT_ENABLE
&& mPlatformMode
== USER_MODE
) {
226 SecureBootMode
= SECURE_BOOT_MODE_ENABLE
;
228 SecureBootMode
= SECURE_BOOT_MODE_DISABLE
;
230 Status
= AuthServiceInternalUpdateVariable (
231 EFI_SECURE_BOOT_MODE_NAME
,
232 &gEfiGlobalVariableGuid
,
235 EFI_VARIABLE_RUNTIME_ACCESS
| EFI_VARIABLE_BOOTSERVICE_ACCESS
237 if (EFI_ERROR (Status
)) {
241 DEBUG ((EFI_D_INFO
, "Variable %s is %x\n", EFI_SETUP_MODE_NAME
, mPlatformMode
));
242 DEBUG ((EFI_D_INFO
, "Variable %s is %x\n", EFI_SECURE_BOOT_MODE_NAME
, SecureBootMode
));
243 DEBUG ((EFI_D_INFO
, "Variable %s is %x\n", EFI_SECURE_BOOT_ENABLE_NAME
, SecureBootEnable
));
246 // Initialize "CustomMode" in STANDARD_SECURE_BOOT_MODE state.
248 CustomMode
= STANDARD_SECURE_BOOT_MODE
;
249 Status
= AuthServiceInternalUpdateVariable (
250 EFI_CUSTOM_MODE_NAME
,
251 &gEfiCustomModeEnableGuid
,
254 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
256 if (EFI_ERROR (Status
)) {
260 DEBUG ((EFI_D_INFO
, "Variable %s is %x\n", EFI_CUSTOM_MODE_NAME
, CustomMode
));
263 // Check "certdb" variable's existence.
264 // If it doesn't exist, then create a new one with
265 // EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set.
267 Status
= AuthServiceInternalFindVariable (
273 if (EFI_ERROR (Status
)) {
274 VarAttr
= EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_RUNTIME_ACCESS
| EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS
;
275 ListSize
= sizeof (UINT32
);
276 Status
= AuthServiceInternalUpdateVariable (
283 if (EFI_ERROR (Status
)) {
288 // Clean up Certs to make certDB & Time based auth variable consistent
290 Status
= CleanCertsFromDb();
291 if (EFI_ERROR (Status
)) {
292 DEBUG ((EFI_D_ERROR
, "Clean up CertDB fail! Status %x\n", Status
));
298 // Create "certdbv" variable with RT+BS+AT set.
300 VarAttr
= EFI_VARIABLE_RUNTIME_ACCESS
| EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS
;
301 ListSize
= sizeof (UINT32
);
302 Status
= AuthServiceInternalUpdateVariable (
303 EFI_CERT_DB_VOLATILE_NAME
,
309 if (EFI_ERROR (Status
)) {
314 // Check "VendorKeysNv" variable's existence and create "VendorKeys" variable accordingly.
316 Status
= AuthServiceInternalFindVariable (EFI_VENDOR_KEYS_NV_VARIABLE_NAME
, &gEfiVendorKeysNvGuid
, (VOID
**) &Data
, &DataSize
);
317 if (!EFI_ERROR (Status
)) {
318 mVendorKeyState
= *(UINT8
*)Data
;
321 // "VendorKeysNv" not exist, initialize it in VENDOR_KEYS_VALID state.
323 mVendorKeyState
= VENDOR_KEYS_VALID
;
324 Status
= AuthServiceInternalUpdateVariable (
325 EFI_VENDOR_KEYS_NV_VARIABLE_NAME
,
326 &gEfiVendorKeysNvGuid
,
329 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS
331 if (EFI_ERROR (Status
)) {
337 // Create "VendorKeys" variable with BS+RT attribute set.
339 Status
= AuthServiceInternalUpdateVariable (
340 EFI_VENDOR_KEYS_VARIABLE_NAME
,
341 &gEfiGlobalVariableGuid
,
344 EFI_VARIABLE_RUNTIME_ACCESS
| EFI_VARIABLE_BOOTSERVICE_ACCESS
346 if (EFI_ERROR (Status
)) {
350 DEBUG ((EFI_D_INFO
, "Variable %s is %x\n", EFI_VENDOR_KEYS_VARIABLE_NAME
, mVendorKeyState
));
352 AuthVarLibContextOut
->StructVersion
= AUTH_VAR_LIB_CONTEXT_OUT_STRUCT_VERSION
;
353 AuthVarLibContextOut
->StructSize
= sizeof (AUTH_VAR_LIB_CONTEXT_OUT
);
354 AuthVarLibContextOut
->AuthVarEntry
= mAuthVarEntry
;
355 AuthVarLibContextOut
->AuthVarEntryCount
= ARRAY_SIZE (mAuthVarEntry
);
356 mAuthVarAddressPointer
[0] = (VOID
**) &mCertDbStore
;
357 mAuthVarAddressPointer
[1] = (VOID
**) &mHashCtx
;
358 mAuthVarAddressPointer
[2] = (VOID
**) &mAuthVarLibContextIn
;
359 mAuthVarAddressPointer
[3] = (VOID
**) &(mAuthVarLibContextIn
->FindVariable
),
360 mAuthVarAddressPointer
[4] = (VOID
**) &(mAuthVarLibContextIn
->FindNextVariable
),
361 mAuthVarAddressPointer
[5] = (VOID
**) &(mAuthVarLibContextIn
->UpdateVariable
),
362 mAuthVarAddressPointer
[6] = (VOID
**) &(mAuthVarLibContextIn
->GetScratchBuffer
),
363 mAuthVarAddressPointer
[7] = (VOID
**) &(mAuthVarLibContextIn
->CheckRemainingSpaceForConsistency
),
364 mAuthVarAddressPointer
[8] = (VOID
**) &(mAuthVarLibContextIn
->AtRuntime
),
365 AuthVarLibContextOut
->AddressPointer
= mAuthVarAddressPointer
;
366 AuthVarLibContextOut
->AddressPointerCount
= ARRAY_SIZE (mAuthVarAddressPointer
);
372 Process variable with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set.
374 @param[in] VariableName Name of the variable.
375 @param[in] VendorGuid Variable vendor GUID.
376 @param[in] Data Data pointer.
377 @param[in] DataSize Size of Data.
378 @param[in] Attributes Attribute value of the variable.
380 @retval EFI_SUCCESS The firmware has successfully stored the variable and its data as
381 defined by the Attributes.
382 @retval EFI_INVALID_PARAMETER Invalid parameter.
383 @retval EFI_WRITE_PROTECTED Variable is write-protected.
384 @retval EFI_OUT_OF_RESOURCES There is not enough resource.
385 @retval EFI_SECURITY_VIOLATION The variable is with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS
386 set, but the AuthInfo does NOT pass the validation
387 check carried out by the firmware.
388 @retval EFI_UNSUPPORTED Unsupported to process authenticated variable.
393 AuthVariableLibProcessVariable (
394 IN CHAR16
*VariableName
,
395 IN EFI_GUID
*VendorGuid
,
403 if (CompareGuid (VendorGuid
, &gEfiGlobalVariableGuid
) && (StrCmp (VariableName
, EFI_PLATFORM_KEY_NAME
) == 0)){
404 Status
= ProcessVarWithPk (VariableName
, VendorGuid
, Data
, DataSize
, Attributes
, TRUE
);
405 } else if (CompareGuid (VendorGuid
, &gEfiGlobalVariableGuid
) && (StrCmp (VariableName
, EFI_KEY_EXCHANGE_KEY_NAME
) == 0)) {
406 Status
= ProcessVarWithPk (VariableName
, VendorGuid
, Data
, DataSize
, Attributes
, FALSE
);
407 } else if (CompareGuid (VendorGuid
, &gEfiImageSecurityDatabaseGuid
) &&
408 ((StrCmp (VariableName
, EFI_IMAGE_SECURITY_DATABASE
) == 0) ||
409 (StrCmp (VariableName
, EFI_IMAGE_SECURITY_DATABASE1
) == 0) ||
410 (StrCmp (VariableName
, EFI_IMAGE_SECURITY_DATABASE2
) == 0)
412 Status
= ProcessVarWithPk (VariableName
, VendorGuid
, Data
, DataSize
, Attributes
, FALSE
);
413 if (EFI_ERROR (Status
)) {
414 Status
= ProcessVarWithKek (VariableName
, VendorGuid
, Data
, DataSize
, Attributes
);
417 Status
= ProcessVariable (VariableName
, VendorGuid
, Data
, DataSize
, Attributes
);