service in UEFI2.2.\r
\r
Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>\r
-This program and the accompanying materials \r
-are licensed and made available under the terms and conditions of the BSD License \r
-which accompanies this distribution. The full text of the license may be found at \r
+This program and the accompanying materials\r
+are licensed and made available under the terms and conditions of the BSD License\r
+which accompanies this distribution. The full text of the license may be found at\r
http://opensource.org/licenses/bsd-license.php\r
\r
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
\r
**/\r
\r
///\r
/// Global database array for scratch\r
-/// \r
+///\r
UINT8 mPubKeyStore[MAX_KEYDB_SIZE];\r
UINT32 mPubKeyNumber;\r
UINT32 mPlatformMode;\r
//\r
VOID *mHashCtx = NULL;\r
\r
-\r
//\r
-// Pointer to runtime buffer. \r
-// For "Append" operation to an existing variable, a read/modify/write operation \r
-// is supported by firmware internally. Reserve runtime buffer to cache previous \r
+// Pointer to runtime buffer.\r
+// For "Append" operation to an existing variable, a read/modify/write operation\r
+// is supported by firmware internally. Reserve runtime buffer to cache previous\r
// variable data in runtime phase because memory allocation is forbidden in virtual mode.\r
//\r
VOID *mStorageArea = NULL;\r
\r
+//\r
+// The serialization of the values of the VariableName, VendorGuid and Attributes\r
+// parameters of the SetVariable() call and the TimeStamp component of the\r
+// EFI_VARIABLE_AUTHENTICATION_2 descriptor followed by the variable's new value\r
+// i.e. (VariableName, VendorGuid, Attributes, TimeStamp, Data)\r
+//\r
+UINT8 *mSerializationRuntimeBuffer = NULL;\r
+\r
/**\r
- Update platform mode.\r
+ Internal function to delete a Variable given its name and GUID, no authentication\r
+ required.\r
\r
- @param[in] Mode SETUP_MODE or USER_MODE.\r
+ @param[in] VariableName Name of the Variable.\r
+ @param[in] VendorGuid GUID of the Variable.\r
\r
- @return EFI_INVALID_PARAMETER Invalid parameter.\r
- @return EFI_SUCCESS Update platform mode successfully.\r
+ @retval EFI_SUCCESS Variable deleted successfully.\r
+ @retval Others The driver failded to start the device.\r
\r
**/\r
EFI_STATUS\r
-UpdatePlatformMode (\r
- IN UINT32 Mode\r
- );\r
+DeleteVariable (\r
+ IN CHAR16 *VariableName,\r
+ IN EFI_GUID *VendorGuid\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ VARIABLE_POINTER_TRACK Variable;\r
+\r
+ Status = FindVariable (VariableName, VendorGuid, &Variable, &mVariableModuleGlobal->VariableGlobal);\r
+ if (EFI_ERROR (Status)) {\r
+ return EFI_SUCCESS;\r
+ }\r
+\r
+ ASSERT (Variable.CurrPtr != NULL);\r
+ return UpdateVariable (VariableName, VendorGuid, NULL, 0, 0, 0, 0, &Variable, NULL);\r
+}\r
\r
/**\r
Initializes for authenticated varibale service.\r
{\r
EFI_STATUS Status;\r
VARIABLE_POINTER_TRACK Variable;\r
- VARIABLE_POINTER_TRACK Variable2;\r
+ VARIABLE_POINTER_TRACK PkVariable;\r
UINT8 VarValue;\r
UINT32 VarAttr;\r
UINT8 *Data;\r
UINTN CtxSize;\r
UINT8 SecureBootMode;\r
UINT8 SecureBootEnable;\r
- \r
+\r
//\r
// Initialize hash context.\r
//\r
//\r
// Reserved runtime buffer for "Append" operation in virtual mode.\r
//\r
- mStorageArea = AllocateRuntimePool (PcdGet32 (PcdMaxAppendVariableSize));\r
+ mStorageArea = AllocateRuntimePool (PcdGet32 (PcdMaxVariableSize));\r
if (mStorageArea == NULL) {\r
return EFI_OUT_OF_RESOURCES;\r
}\r
\r
//\r
- // Check "AuthVarKeyDatabase" variable's existence. \r
- // If it doesn't exist, create a new one with initial value of 0 and EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set. \r
+ // Prepare runtime buffer for serialized data of time-based authenticated\r
+ // Variable, i.e. (VariableName, VendorGuid, Attributes, TimeStamp, Data).\r
+ //\r
+ mSerializationRuntimeBuffer = AllocateRuntimePool (PcdGet32 (PcdMaxVariableSize) + sizeof (EFI_GUID) + sizeof (UINT32) + sizeof (EFI_TIME));\r
+ if (mSerializationRuntimeBuffer == NULL) {\r
+ return EFI_OUT_OF_RESOURCES;\r
+ }\r
+\r
+ //\r
+ // Check "AuthVarKeyDatabase" variable's existence.\r
+ // If it doesn't exist, create a new one with initial value of 0 and EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set.\r
//\r
Status = FindVariable (\r
- AUTHVAR_KEYDB_NAME, \r
- &gEfiAuthenticatedVariableGuid, \r
- &Variable, \r
+ AUTHVAR_KEYDB_NAME,\r
+ &gEfiAuthenticatedVariableGuid,\r
+ &Variable,\r
&mVariableModuleGlobal->VariableGlobal\r
);\r
\r
CopyMem (mPubKeyStore, (UINT8 *) Data, DataSize);\r
mPubKeyNumber = (UINT32) (DataSize / EFI_CERT_TYPE_RSA2048_SIZE);\r
}\r
+\r
+ FindVariable (EFI_PLATFORM_KEY_NAME, &gEfiGlobalVariableGuid, &PkVariable, &mVariableModuleGlobal->VariableGlobal);\r
+ if (PkVariable.CurrPtr == NULL) {\r
+ DEBUG ((EFI_D_INFO, "Variable %s does not exist.\n", EFI_PLATFORM_KEY_NAME));\r
+ } else {\r
+ DEBUG ((EFI_D_INFO, "Variable %s exists.\n", EFI_PLATFORM_KEY_NAME));\r
+ }\r
+ \r
//\r
- // Check "SetupMode" variable's existence. \r
+ // Check "SetupMode" variable's existence.\r
// If it doesn't exist, check PK database's existence to determine the value.\r
- // Then create a new one with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set. \r
+ // Then create a new one with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set.\r
//\r
Status = FindVariable (\r
- EFI_SETUP_MODE_NAME, \r
- &gEfiGlobalVariableGuid, \r
- &Variable, \r
+ EFI_SETUP_MODE_NAME,\r
+ &gEfiGlobalVariableGuid,\r
+ &Variable,\r
&mVariableModuleGlobal->VariableGlobal\r
);\r
\r
if (Variable.CurrPtr == NULL) {\r
- Status = FindVariable (\r
- EFI_PLATFORM_KEY_NAME, \r
- &gEfiGlobalVariableGuid, \r
- &Variable2, \r
- &mVariableModuleGlobal->VariableGlobal\r
- );\r
- if (Variable2.CurrPtr == NULL) {\r
+ if (PkVariable.CurrPtr == NULL) {\r
mPlatformMode = SETUP_MODE;\r
} else {\r
mPlatformMode = USER_MODE;\r
}\r
\r
- VarAttr = EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS;\r
+ VarAttr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS;\r
Status = UpdateVariable (\r
EFI_SETUP_MODE_NAME,\r
&gEfiGlobalVariableGuid,\r
mPlatformMode = *(GetVariableDataPtr (Variable.CurrPtr));\r
}\r
//\r
- // Check "SignatureSupport" variable's existence. \r
- // If it doesn't exist, then create a new one with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set. \r
+ // Check "SignatureSupport" variable's existence.\r
+ // If it doesn't exist, then create a new one with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set.\r
//\r
Status = FindVariable (\r
- EFI_SIGNATURE_SUPPORT_NAME, \r
- &gEfiGlobalVariableGuid, \r
- &Variable, \r
+ EFI_SIGNATURE_SUPPORT_NAME,\r
+ &gEfiGlobalVariableGuid,\r
+ &Variable,\r
&mVariableModuleGlobal->VariableGlobal\r
);\r
\r
-\r
if (Variable.CurrPtr == NULL) {\r
VarAttr = EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS;\r
Status = UpdateVariable (\r
\r
//\r
// If "SecureBootEnable" variable exists, then update "SecureBoot" variable.\r
- // If "SecureBootEnable" variable is SECURE_BOOT_ENABLE, Set "SecureBoot" variable to SECURE_BOOT_MODE_ENABLE.\r
+ // If "SecureBootEnable" variable is SECURE_BOOT_ENABLE and in USER_MODE, Set "SecureBoot" variable to SECURE_BOOT_MODE_ENABLE.\r
// If "SecureBootEnable" variable is SECURE_BOOT_DISABLE, Set "SecureBoot" variable to SECURE_BOOT_MODE_DISABLE.\r
//\r
+ SecureBootEnable = SECURE_BOOT_MODE_DISABLE;\r
FindVariable (EFI_SECURE_BOOT_ENABLE_NAME, &gEfiSecureBootEnableDisableGuid, &Variable, &mVariableModuleGlobal->VariableGlobal);\r
if (Variable.CurrPtr != NULL) {\r
SecureBootEnable = *(GetVariableDataPtr (Variable.CurrPtr));\r
- if (SecureBootEnable == SECURE_BOOT_ENABLE) {\r
- SecureBootMode = SECURE_BOOT_MODE_ENABLE;\r
- } else {\r
- SecureBootMode = SECURE_BOOT_MODE_DISABLE;\r
- }\r
- FindVariable (EFI_SECURE_BOOT_MODE_NAME, &gEfiGlobalVariableGuid, &Variable, &mVariableModuleGlobal->VariableGlobal);\r
+ } else if (mPlatformMode == USER_MODE) {\r
+ //\r
+ // "SecureBootEnable" not exist, initialize it in USER_MODE.\r
+ //\r
+ SecureBootEnable = SECURE_BOOT_MODE_ENABLE;\r
Status = UpdateVariable (\r
- EFI_SECURE_BOOT_MODE_NAME, \r
- &gEfiGlobalVariableGuid, \r
- &SecureBootMode, \r
- sizeof(UINT8), \r
- EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS, \r
- 0, \r
- 0, \r
+ EFI_SECURE_BOOT_ENABLE_NAME,\r
+ &gEfiSecureBootEnableDisableGuid,\r
+ &SecureBootEnable,\r
+ sizeof (UINT8),\r
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,\r
+ 0,\r
+ 0,\r
&Variable,\r
NULL\r
);\r
}\r
}\r
\r
+ if (SecureBootEnable == SECURE_BOOT_ENABLE && mPlatformMode == USER_MODE) {\r
+ SecureBootMode = SECURE_BOOT_MODE_ENABLE;\r
+ } else {\r
+ SecureBootMode = SECURE_BOOT_MODE_DISABLE;\r
+ }\r
+ FindVariable (EFI_SECURE_BOOT_MODE_NAME, &gEfiGlobalVariableGuid, &Variable, &mVariableModuleGlobal->VariableGlobal);\r
+ Status = UpdateVariable (\r
+ EFI_SECURE_BOOT_MODE_NAME,\r
+ &gEfiGlobalVariableGuid,\r
+ &SecureBootMode,\r
+ sizeof (UINT8),\r
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS,\r
+ 0,\r
+ 0,\r
+ &Variable,\r
+ NULL\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ return Status;\r
+ }\r
+\r
+ DEBUG ((EFI_D_INFO, "Variable %s is %x\n", EFI_SETUP_MODE_NAME, mPlatformMode));\r
+ DEBUG ((EFI_D_INFO, "Variable %s is %x\n", EFI_SECURE_BOOT_MODE_NAME, SecureBootMode));\r
+ DEBUG ((EFI_D_INFO, "Variable %s is %x\n", EFI_SECURE_BOOT_ENABLE_NAME, SecureBootEnable));\r
+\r
//\r
// Detect whether a secure platform-specific method to clear PK(Platform Key)\r
- // is configured by platform owner. This method is provided for users force to clear PK \r
+ // is configured by platform owner. This method is provided for users force to clear PK\r
// in case incorrect enrollment mis-haps.\r
//\r
if (ForceClearPK ()) {\r
+ DEBUG ((EFI_D_INFO, "Variable PK/KEK/DB/DBX will be cleared in clear PK mode.\n"));\r
+\r
//\r
- // 1. Check whether PK is existing, and clear PK if existing\r
+ // 1. Clear PK.\r
//\r
- FindVariable (\r
- EFI_PLATFORM_KEY_NAME, \r
- &gEfiGlobalVariableGuid, \r
- &Variable, \r
- &mVariableModuleGlobal->VariableGlobal\r
- );\r
- if (Variable.CurrPtr != NULL) {\r
- VarAttr = EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS;\r
- Status = UpdateVariable (\r
- EFI_PLATFORM_KEY_NAME,\r
- &gEfiGlobalVariableGuid,\r
- NULL,\r
- 0,\r
- VarAttr,\r
- 0,\r
- 0,\r
- &Variable,\r
- NULL\r
- );\r
- if (EFI_ERROR (Status)) {\r
- return Status;\r
- }\r
+ Status = DeleteVariable (EFI_PLATFORM_KEY_NAME, &gEfiGlobalVariableGuid);\r
+ if (EFI_ERROR (Status)) {\r
+ return Status;\r
}\r
\r
//\r
- // 2. Update "SetupMode" variable to SETUP_MODE\r
+ // 2. Update "SetupMode" variable to SETUP_MODE.\r
//\r
UpdatePlatformMode (SETUP_MODE);\r
+\r
+ //\r
+ // 3. Clear KEK, DB and DBX.\r
+ //\r
+ DeleteVariable (EFI_KEY_EXCHANGE_KEY_NAME, &gEfiGlobalVariableGuid);\r
+ DeleteVariable (EFI_IMAGE_SECURITY_DATABASE, &gEfiImageSecurityDatabaseGuid);\r
+ DeleteVariable (EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid);\r
}\r
+\r
return Status;\r
}\r
\r
@param[in] DataSize Size of Data.\r
@param[in] PubKey Public key used for verification.\r
\r
- @return EFI_INVALID_PARAMETER Invalid parameter.\r
+ @retval EFI_INVALID_PARAMETER Invalid parameter.\r
@retval EFI_SECURITY_VIOLATION If authentication failed.\r
- @return EFI_SUCCESS Authentication successful.\r
+ @retval EFI_SUCCESS Authentication successful.\r
\r
**/\r
EFI_STATUS\r
//\r
Rsa = RsaNew ();\r
ASSERT (Rsa != NULL);\r
- // \r
+ //\r
// Set RSA Key Components.\r
// NOTE: Only N and E are needed to be set as RSA public key for signature verification.\r
//\r
// Verify the signature.\r
//\r
Status = RsaPkcs1Verify (\r
- Rsa, \r
- Digest, \r
- SHA256_DIGEST_SIZE, \r
- CertBlock->Signature, \r
+ Rsa,\r
+ Digest,\r
+ SHA256_DIGEST_SIZE,\r
+ CertBlock->Signature,\r
EFI_CERT_TYPE_RSA2048_SHA256_SIZE\r
);\r
\r
}\r
}\r
\r
-\r
/**\r
Update platform mode.\r
\r
UINT8 SecureBootMode;\r
UINT8 SecureBootEnable;\r
UINTN VariableDataSize;\r
- \r
+\r
Status = FindVariable (\r
- EFI_SETUP_MODE_NAME, \r
- &gEfiGlobalVariableGuid, \r
- &Variable, \r
+ EFI_SETUP_MODE_NAME,\r
+ &gEfiGlobalVariableGuid,\r
+ &Variable,\r
&mVariableModuleGlobal->VariableGlobal\r
);\r
if (EFI_ERROR (Status)) {\r
}\r
\r
mPlatformMode = Mode;\r
- VarAttr = EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS;\r
+ VarAttr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS;\r
Status = UpdateVariable (\r
EFI_SETUP_MODE_NAME,\r
&gEfiGlobalVariableGuid,\r
return Status;\r
}\r
\r
+ if (AtRuntime ()) {\r
+ //\r
+ // SecureBoot Variable indicates whether the platform firmware is operating\r
+ // in Secure boot mode (1) or not (0), so we should not change SecureBoot\r
+ // Variable in runtime.\r
+ //\r
+ return Status;\r
+ }\r
+\r
//\r
// Check "SecureBoot" variable's existence.\r
// If it doesn't exist, firmware has no capability to perform driver signing verification,\r
// then set "SecureBoot" to 0.\r
//\r
Status = FindVariable (\r
- EFI_SECURE_BOOT_MODE_NAME, \r
- &gEfiGlobalVariableGuid, \r
- &Variable, \r
+ EFI_SECURE_BOOT_MODE_NAME,\r
+ &gEfiGlobalVariableGuid,\r
+ &Variable,\r
&mVariableModuleGlobal->VariableGlobal\r
);\r
//\r
}\r
}\r
\r
- VarAttr = EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS;\r
+ VarAttr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS;\r
Status = UpdateVariable (\r
EFI_SECURE_BOOT_MODE_NAME,\r
&gEfiGlobalVariableGuid,\r
&Variable,\r
NULL\r
);\r
-\r
if (EFI_ERROR (Status)) {\r
return Status;\r
}\r
// Check "SecureBootEnable" variable's existence. It can enable/disable secure boot feature.\r
//\r
Status = FindVariable (\r
- EFI_SECURE_BOOT_ENABLE_NAME, \r
- &gEfiSecureBootEnableDisableGuid, \r
- &Variable, \r
+ EFI_SECURE_BOOT_ENABLE_NAME,\r
+ &gEfiSecureBootEnableDisableGuid,\r
+ &Variable,\r
&mVariableModuleGlobal->VariableGlobal\r
);\r
- \r
+\r
if (SecureBootMode == SECURE_BOOT_MODE_ENABLE) {\r
//\r
// Create the "SecureBootEnable" variable as secure boot is enabled.\r
VariableDataSize = sizeof (SecureBootEnable);\r
} else {\r
//\r
- // Delete the "SecureBootEnable" variable if this variable exist as "SecureBoot" \r
+ // Delete the "SecureBootEnable" variable if this variable exist as "SecureBoot"\r
// variable is not in secure boot state.\r
//\r
if (Variable.CurrPtr == NULL || EFI_ERROR (Status)) {\r
SecureBootEnable = SECURE_BOOT_DISABLE;\r
VariableDataSize = 0;\r
}\r
- \r
+\r
Status = UpdateVariable (\r
- EFI_SECURE_BOOT_ENABLE_NAME, \r
- &gEfiSecureBootEnableDisableGuid, \r
- &SecureBootEnable, \r
- VariableDataSize, \r
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS, \r
- 0, \r
- 0, \r
+ EFI_SECURE_BOOT_ENABLE_NAME,\r
+ &gEfiSecureBootEnableDisableGuid,\r
+ &SecureBootEnable,\r
+ VariableDataSize,\r
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,\r
+ 0,\r
+ 0,\r
&Variable,\r
NULL\r
);\r
@param[in] IsPk Indicate whether it is to process pk.\r
\r
@return EFI_INVALID_PARAMETER Invalid parameter.\r
- @return EFI_SECURITY_VIOLATION The variable does NOT pass the validation. \r
- check carried out by the firmware. \r
+ @return EFI_SECURITY_VIOLATION The variable does NOT pass the validation.\r
+ check carried out by the firmware.\r
@return EFI_SUCCESS Variable passed validation successfully.\r
\r
**/\r
EFI_VARIABLE_AUTHENTICATION *CertData;\r
BOOLEAN TimeBase;\r
BOOLEAN Del;\r
+ UINT8 *Payload;\r
+ UINTN PayloadSize;\r
+ UINT64 MonotonicCount;\r
+ EFI_TIME *TimeStamp;\r
\r
if ((Attributes & EFI_VARIABLE_NON_VOLATILE) == 0) {\r
//\r
// Get platform key from variable.\r
//\r
Status = FindVariable (\r
- EFI_PLATFORM_KEY_NAME, \r
- &gEfiGlobalVariableGuid, \r
- &PkVariable, \r
+ EFI_PLATFORM_KEY_NAME,\r
+ &gEfiGlobalVariableGuid,\r
+ &PkVariable,\r
&mVariableModuleGlobal->VariableGlobal\r
);\r
ASSERT_EFI_ERROR (Status);\r
- \r
+\r
OldPkList = (EFI_SIGNATURE_LIST *) GetVariableDataPtr (PkVariable.CurrPtr);\r
OldPkData = (EFI_SIGNATURE_DATA *) ((UINT8 *) OldPkList + sizeof (EFI_SIGNATURE_LIST) + OldPkList->SignatureHeaderSize);\r
Status = VerifyCounterBasedPayload (Data, DataSize, OldPkData->SignatureData);\r
if (!EFI_ERROR (Status)) {\r
Status = UpdateVariable (\r
- VariableName, \r
- VendorGuid, \r
- (UINT8*)Data + AUTHINFO_SIZE, \r
- DataSize - AUTHINFO_SIZE, \r
- Attributes, \r
- 0, \r
- CertData->MonotonicCount, \r
+ VariableName,\r
+ VendorGuid,\r
+ (UINT8*)Data + AUTHINFO_SIZE,\r
+ DataSize - AUTHINFO_SIZE,\r
+ Attributes,\r
+ 0,\r
+ CertData->MonotonicCount,\r
Variable,\r
NULL\r
);\r
- \r
+\r
if (!EFI_ERROR (Status)) {\r
//\r
// If delete PK in user mode, need change to setup mode.\r
}\r
}\r
} else {\r
- Status = UpdateVariable (VariableName, VendorGuid, Data, DataSize, Attributes, 0, 0, Variable, NULL);\r
+ //\r
+ // Process PK or KEK in Setup mode.\r
+ //\r
+ if ((Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) != 0) {\r
+ //\r
+ // Time-based Authentication descriptor.\r
+ //\r
+ MonotonicCount = 0;\r
+ TimeStamp = &((EFI_VARIABLE_AUTHENTICATION_2 *) Data)->TimeStamp;\r
+ Payload = (UINT8 *) Data + AUTHINFO2_SIZE (Data);\r
+ PayloadSize = DataSize - AUTHINFO2_SIZE (Data);\r
+ } else if ((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) != 0) {\r
+ //\r
+ // Counter-based Authentication descriptor.\r
+ //\r
+ MonotonicCount = ((EFI_VARIABLE_AUTHENTICATION *) Data)->MonotonicCount;\r
+ TimeStamp = NULL;\r
+ Payload = (UINT8*) Data + AUTHINFO_SIZE;\r
+ PayloadSize = DataSize - AUTHINFO_SIZE;\r
+ } else {\r
+ //\r
+ // No Authentication descriptor.\r
+ //\r
+ MonotonicCount = 0;\r
+ TimeStamp = NULL;\r
+ Payload = Data;\r
+ PayloadSize = DataSize;\r
+ }\r
+\r
+ Status = UpdateVariable (\r
+ VariableName,\r
+ VendorGuid,\r
+ Payload,\r
+ PayloadSize,\r
+ Attributes,\r
+ 0,\r
+ MonotonicCount,\r
+ Variable,\r
+ TimeStamp\r
+ );\r
//\r
// If enroll PK in setup mode, need change to user mode.\r
//\r
@param[in] Attributes Attribute value of the variable.\r
\r
@return EFI_INVALID_PARAMETER Invalid parameter.\r
- @return EFI_SECURITY_VIOLATION The variable does NOT pass the validation \r
- check carried out by the firmware. \r
+ @return EFI_SECURITY_VIOLATION The variable does NOT pass the validation\r
+ check carried out by the firmware.\r
@return EFI_SUCCESS Variable pass validation successfully.\r
\r
**/\r
BOOLEAN IsFound;\r
UINT32 Index;\r
UINT32 KekDataSize;\r
+ UINT8 *Payload;\r
+ UINTN PayloadSize;\r
+ UINT64 MonotonicCount;\r
\r
if (mPlatformMode == USER_MODE) {\r
if ((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) == 0) {\r
// Get KEK database from variable.\r
//\r
Status = FindVariable (\r
- EFI_KEY_EXCHANGE_KEY_NAME, \r
- &gEfiGlobalVariableGuid, \r
- &KekVariable, \r
+ EFI_KEY_EXCHANGE_KEY_NAME,\r
+ &gEfiGlobalVariableGuid,\r
+ &KekVariable,\r
&mVariableModuleGlobal->VariableGlobal\r
);\r
ASSERT_EFI_ERROR (Status);\r
KekDataSize -= KekList->SignatureListSize;\r
KekList = (EFI_SIGNATURE_LIST *) ((UINT8 *) KekList + KekList->SignatureListSize);\r
}\r
- \r
+\r
if (!IsFound) {\r
return EFI_SECURITY_VIOLATION;\r
}\r
Status = VerifyCounterBasedPayload (Data, DataSize, CertBlock->PublicKey);\r
if (!EFI_ERROR (Status)) {\r
Status = UpdateVariable (\r
- VariableName, \r
- VendorGuid, \r
- (UINT8*)Data + AUTHINFO_SIZE, \r
- DataSize - AUTHINFO_SIZE, \r
- Attributes, \r
- 0, \r
- CertData->MonotonicCount, \r
+ VariableName,\r
+ VendorGuid,\r
+ (UINT8*)Data + AUTHINFO_SIZE,\r
+ DataSize - AUTHINFO_SIZE,\r
+ Attributes,\r
+ 0,\r
+ CertData->MonotonicCount,\r
Variable,\r
NULL\r
);\r
//\r
// If in setup mode, no authentication needed.\r
//\r
+ if ((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) != 0) {\r
+ //\r
+ // Counter-based Authentication descriptor.\r
+ //\r
+ MonotonicCount = ((EFI_VARIABLE_AUTHENTICATION *) Data)->MonotonicCount;\r
+ Payload = (UINT8*) Data + AUTHINFO_SIZE;\r
+ PayloadSize = DataSize - AUTHINFO_SIZE;\r
+ } else {\r
+ //\r
+ // No Authentication descriptor.\r
+ //\r
+ MonotonicCount = 0;\r
+ Payload = Data;\r
+ PayloadSize = DataSize;\r
+ }\r
+\r
Status = UpdateVariable (\r
- VariableName, \r
- VendorGuid, \r
- Data, \r
- DataSize, \r
- Attributes, \r
- 0, \r
- 0, \r
+ VariableName,\r
+ VendorGuid,\r
+ Payload,\r
+ PayloadSize,\r
+ Attributes,\r
+ 0,\r
+ MonotonicCount,\r
Variable,\r
NULL\r
);\r
@return EFI_WRITE_PROTECTED Variable is write-protected and needs authentication with\r
EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set.\r
@return EFI_SECURITY_VIOLATION The variable is with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS\r
- set, but the AuthInfo does NOT pass the validation \r
- check carried out by the firmware. \r
+ set, but the AuthInfo does NOT pass the validation\r
+ check carried out by the firmware.\r
@return EFI_SUCCESS Variable is not write-protected or pass validation successfully.\r
\r
**/\r
UINT32 KeyIndex;\r
UINT64 MonotonicCount;\r
\r
- KeyIndex = 0; \r
+ KeyIndex = 0;\r
CertData = NULL;\r
CertBlock = NULL;\r
PubKey = NULL;\r
if ((Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) != 0) {\r
return VerifyTimeBasedPayload (VariableName, VendorGuid, Data, DataSize, Variable, Attributes, FALSE, NULL);\r
}\r
- \r
+\r
//\r
// Determine if first time SetVariable with the EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS.\r
//\r
//\r
return EFI_SECURITY_VIOLATION;\r
}\r
- } \r
+ }\r
//\r
// Verify the certificate in Data payload.\r
//\r
if (EFI_ERROR (Status)) {\r
return Status;\r
}\r
- \r
+\r
//\r
// Now, the signature has been verified!\r
//\r
return UpdateVariable (VariableName, VendorGuid, (UINT8*)Data + AUTHINFO_SIZE, DataSize - AUTHINFO_SIZE, Attributes, KeyIndex, MonotonicCount, Variable, NULL);\r
}\r
\r
+/**\r
+ Merge two buffers which formatted as EFI_SIGNATURE_LIST. Only the new EFI_SIGNATURE_DATA\r
+ will be appended to the original EFI_SIGNATURE_LIST, duplicate EFI_SIGNATURE_DATA\r
+ will be ignored.\r
+\r
+ @param[in, out] Data Pointer to original EFI_SIGNATURE_LIST.\r
+ @param[in] DataSize Size of Data buffer.\r
+ @param[in] NewData Pointer to new EFI_SIGNATURE_LIST to be appended.\r
+ @param[in] NewDataSize Size of NewData buffer.\r
+\r
+ @return Size of the merged buffer.\r
+\r
+**/\r
+UINTN\r
+AppendSignatureList (\r
+ IN OUT VOID *Data,\r
+ IN UINTN DataSize,\r
+ IN VOID *NewData,\r
+ IN UINTN NewDataSize\r
+ )\r
+{\r
+ EFI_SIGNATURE_LIST *CertList;\r
+ EFI_SIGNATURE_DATA *Cert;\r
+ UINTN CertCount;\r
+ EFI_SIGNATURE_LIST *NewCertList;\r
+ EFI_SIGNATURE_DATA *NewCert;\r
+ UINTN NewCertCount;\r
+ UINTN Index;\r
+ UINTN Index2;\r
+ UINTN Size;\r
+ UINT8 *Tail;\r
+ UINTN CopiedCount;\r
+ UINTN SignatureListSize;\r
+ BOOLEAN IsNewCert;\r
+\r
+ Tail = (UINT8 *) Data + DataSize;\r
+\r
+ NewCertList = (EFI_SIGNATURE_LIST *) NewData;\r
+ while ((NewDataSize > 0) && (NewDataSize >= NewCertList->SignatureListSize)) {\r
+ NewCert = (EFI_SIGNATURE_DATA *) ((UINT8 *) NewCertList + sizeof (EFI_SIGNATURE_LIST) + NewCertList->SignatureHeaderSize);\r
+ NewCertCount = (NewCertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - NewCertList->SignatureHeaderSize) / NewCertList->SignatureSize;\r
+\r
+ CopiedCount = 0;\r
+ for (Index = 0; Index < NewCertCount; Index++) {\r
+ IsNewCert = TRUE;\r
+\r
+ Size = DataSize;\r
+ CertList = (EFI_SIGNATURE_LIST *) Data;\r
+ while ((Size > 0) && (Size >= CertList->SignatureListSize)) {\r
+ if (CompareGuid (&CertList->SignatureType, &NewCertList->SignatureType) &&\r
+ (CertList->SignatureSize == NewCertList->SignatureSize)) {\r
+ Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);\r
+ CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;\r
+ for (Index2 = 0; Index2 < CertCount; Index2++) {\r
+ //\r
+ // Iterate each Signature Data in this Signature List.\r
+ //\r
+ if (CompareMem (NewCert, Cert, CertList->SignatureSize) == 0) {\r
+ IsNewCert = FALSE;\r
+ break;\r
+ }\r
+ Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) Cert + CertList->SignatureSize);\r
+ }\r
+ }\r
+\r
+ if (!IsNewCert) {\r
+ break;\r
+ }\r
+ Size -= CertList->SignatureListSize;\r
+ CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);\r
+ }\r
+\r
+ if (IsNewCert) {\r
+ //\r
+ // New EFI_SIGNATURE_DATA, append it.\r
+ //\r
+ if (CopiedCount == 0) {\r
+ //\r
+ // Copy EFI_SIGNATURE_LIST header for only once.\r
+ //\r
+ CopyMem (Tail, NewCertList, sizeof (EFI_SIGNATURE_LIST) + NewCertList->SignatureHeaderSize);\r
+ Tail = Tail + sizeof (EFI_SIGNATURE_LIST) + NewCertList->SignatureHeaderSize;\r
+ }\r
+\r
+ CopyMem (Tail, NewCert, NewCertList->SignatureSize);\r
+ Tail += NewCertList->SignatureSize;\r
+ CopiedCount++;\r
+ }\r
+\r
+ NewCert = (EFI_SIGNATURE_DATA *) ((UINT8 *) NewCert + NewCertList->SignatureSize);\r
+ }\r
+\r
+ //\r
+ // Update SignatureListSize in newly appended EFI_SIGNATURE_LIST.\r
+ //\r
+ if (CopiedCount != 0) {\r
+ SignatureListSize = sizeof (EFI_SIGNATURE_LIST) + NewCertList->SignatureHeaderSize + (CopiedCount * NewCertList->SignatureSize);\r
+ CertList = (EFI_SIGNATURE_LIST *) (Tail - SignatureListSize);\r
+ CertList->SignatureListSize = (UINT32) SignatureListSize;\r
+ }\r
+\r
+ NewDataSize -= NewCertList->SignatureListSize;\r
+ NewCertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) NewCertList + NewCertList->SignatureListSize);\r
+ }\r
+\r
+ return (Tail - (UINT8 *) Data);\r
+}\r
+\r
/**\r
Compare two EFI_TIME data.\r
\r
return (BOOLEAN) (FirstTime->Hour < SecondTime->Hour);\r
} else if (FirstTime->Minute != SecondTime->Minute) {\r
return (BOOLEAN) (FirstTime->Minute < FirstTime->Minute);\r
- } \r
+ }\r
\r
return (BOOLEAN) (FirstTime->Second <= SecondTime->Second);\r
}\r
@param[out] VarDel Delete the variable or not.\r
\r
@retval EFI_INVALID_PARAMETER Invalid parameter.\r
- @retval EFI_SECURITY_VIOLATION The variable does NOT pass the validation \r
- check carried out by the firmware. \r
+ @retval EFI_SECURITY_VIOLATION The variable does NOT pass the validation\r
+ check carried out by the firmware.\r
@retval EFI_OUT_OF_RESOURCES Failed to process variable due to lack\r
of resources.\r
@retval EFI_SUCCESS Variable pass validation successfully.\r
{\r
UINT8 *RootCert;\r
UINT8 *SigData;\r
- UINT8 *PayLoadPtr;\r
+ UINT8 *PayloadPtr;\r
UINTN RootCertSize;\r
UINTN Index;\r
- UINTN CertCount; \r
- UINTN PayLoadSize; \r
+ UINTN CertCount;\r
+ UINTN PayloadSize;\r
UINT32 Attr;\r
UINT32 SigDataSize;\r
UINT32 KekDataSize;\r
UINT8 *NewData;\r
UINTN NewDataSize;\r
VARIABLE_POINTER_TRACK PkVariable;\r
-\r
+ UINT8 *Buffer;\r
+ UINTN Length;\r
\r
Result = FALSE;\r
VerifyStatus = FALSE;\r
Attr = Attributes;\r
\r
//\r
- // When the attribute EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS is \r
+ // When the attribute EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS is\r
// set, then the Data buffer shall begin with an instance of a complete (and serialized)\r
- // EFI_VARIABLE_AUTHENTICATION_2 descriptor. The descriptor shall be followed by the new \r
- // variable value and DataSize shall reflect the combined size of the descriptor and the new \r
- // variable value. The authentication descriptor is not part of the variable data and is not \r
+ // EFI_VARIABLE_AUTHENTICATION_2 descriptor. The descriptor shall be followed by the new\r
+ // variable value and DataSize shall reflect the combined size of the descriptor and the new\r
+ // variable value. The authentication descriptor is not part of the variable data and is not\r
// returned by subsequent calls to GetVariable().\r
//\r
CertData = (EFI_VARIABLE_AUTHENTICATION_2 *) Data;\r
- \r
+\r
+ //\r
+ // Verify that Pad1, Nanosecond, TimeZone, Daylight and Pad2 components of the\r
+ // TimeStamp value are set to zero.\r
+ //\r
+ if ((CertData->TimeStamp.Pad1 != 0) ||\r
+ (CertData->TimeStamp.Nanosecond != 0) ||\r
+ (CertData->TimeStamp.TimeZone != 0) ||\r
+ (CertData->TimeStamp.Daylight != 0) ||\r
+ (CertData->TimeStamp.Pad2 != 0)) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+\r
if ((Variable->CurrPtr != NULL) && ((Attributes & EFI_VARIABLE_APPEND_WRITE) == 0)) {\r
if (CompareTimeStamp (&CertData->TimeStamp, &Variable->CurrPtr->TimeStamp)) {\r
//\r
// Cert type should be EFI_CERT_TYPE_PKCS7_GUID.\r
//\r
if ((CertData->AuthInfo.Hdr.wCertificateType != WIN_CERT_TYPE_EFI_GUID) ||\r
- !CompareGuid (&CertData->AuthInfo.CertType, &gEfiCertPkcs7Guid)\r
- ) {\r
+ !CompareGuid (&CertData->AuthInfo.CertType, &gEfiCertPkcs7Guid)) {\r
//\r
// Invalid AuthInfo type, return EFI_SECURITY_VIOLATION.\r
//\r
return EFI_SECURITY_VIOLATION;\r
}\r
- \r
+\r
//\r
// Find out Pkcs7 SignedData which follows the EFI_VARIABLE_AUTHENTICATION_2 descriptor.\r
// AuthInfo.Hdr.dwLength is the length of the entire certificate, including the length of the header.\r
//\r
- SigData = (UINT8*) ((UINTN)Data + OFFSET_OF (EFI_VARIABLE_AUTHENTICATION_2, AuthInfo) + OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData));\r
-\r
- //\r
- // Sanity check to avoid corrupted certificate input.\r
- //\r
- if (CertData->AuthInfo.Hdr.dwLength < (UINT32)(OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData))) {\r
- return EFI_SECURITY_VIOLATION;\r
- }\r
+ SigData = CertData->AuthInfo.CertData;\r
+ SigDataSize = CertData->AuthInfo.Hdr.dwLength - (UINT32) (OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData));\r
\r
-\r
-\r
- SigDataSize = CertData->AuthInfo.Hdr.dwLength - (UINT32)(OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData));\r
- \r
//\r
// Find out the new data payload which follows Pkcs7 SignedData directly.\r
//\r
- PayLoadPtr = (UINT8*) ((UINTN) SigData + (UINTN) SigDataSize);\r
-\r
- //\r
- // Sanity check to avoid corrupted certificate input.\r
- //\r
- if (DataSize < (OFFSET_OF (EFI_VARIABLE_AUTHENTICATION_2, AuthInfo) + OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData)+ (UINTN) SigDataSize)) {\r
- return EFI_SECURITY_VIOLATION;\r
- }\r
- \r
- PayLoadSize = DataSize - OFFSET_OF (EFI_VARIABLE_AUTHENTICATION_2, AuthInfo) - OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData) - (UINTN) SigDataSize;\r
-\r
+ PayloadPtr = SigData + SigDataSize;\r
+ PayloadSize = DataSize - OFFSET_OF_AUTHINFO2_CERT_DATA - (UINTN) SigDataSize;\r
\r
//\r
// Construct a buffer to fill with (VariableName, VendorGuid, Attributes, TimeStamp, Data).\r
//\r
- NewDataSize = PayLoadSize + sizeof (EFI_TIME) + sizeof (UINT32) +\r
- sizeof (EFI_GUID) + StrSize (VariableName);\r
- NewData = (UINT8 *) AllocateZeroPool (NewDataSize);\r
-\r
- if (NewData == NULL) {\r
- return EFI_OUT_OF_RESOURCES;\r
- }\r
-\r
- CopyMem (NewData, VariableName, StrSize (VariableName));\r
+ NewDataSize = PayloadSize + sizeof (EFI_TIME) + sizeof (UINT32) +\r
+ sizeof (EFI_GUID) + StrSize (VariableName) - sizeof (CHAR16);\r
+ NewData = mSerializationRuntimeBuffer;\r
\r
- CopyMem (NewData + StrSize (VariableName), VendorGuid, sizeof (EFI_GUID));\r
+ Buffer = NewData;\r
+ Length = StrLen (VariableName) * sizeof (CHAR16);\r
+ CopyMem (Buffer, VariableName, Length);\r
+ Buffer += Length;\r
\r
- CopyMem (\r
- NewData + StrSize (VariableName) + sizeof (EFI_GUID),\r
- &Attr,\r
- sizeof (UINT32)\r
- );\r
+ Length = sizeof (EFI_GUID);\r
+ CopyMem (Buffer, VendorGuid, Length);\r
+ Buffer += Length;\r
\r
- CopyMem (\r
- NewData + StrSize (VariableName) + sizeof (EFI_GUID) + sizeof (UINT32),\r
- &CertData->TimeStamp,\r
- sizeof (EFI_TIME)\r
- );\r
+ Length = sizeof (UINT32);\r
+ CopyMem (Buffer, &Attr, Length);\r
+ Buffer += Length;\r
\r
- CopyMem (NewData + (NewDataSize - PayLoadSize), PayLoadPtr, PayLoadSize);\r
+ Length = sizeof (EFI_TIME);\r
+ CopyMem (Buffer, &CertData->TimeStamp, Length);\r
+ Buffer += Length;\r
\r
+ CopyMem (Buffer, PayloadPtr, PayloadSize);\r
\r
if (Pk) {\r
//\r
// Get platform key from variable.\r
//\r
Status = FindVariable (\r
- EFI_PLATFORM_KEY_NAME, \r
- &gEfiGlobalVariableGuid, \r
- &PkVariable, \r
+ EFI_PLATFORM_KEY_NAME,\r
+ &gEfiGlobalVariableGuid,\r
+ &PkVariable,\r
&mVariableModuleGlobal->VariableGlobal\r
);\r
if (EFI_ERROR (Status)) {\r
);\r
\r
} else {\r
- \r
+\r
//\r
// Get KEK database from variable.\r
//\r
Status = FindVariable (\r
- EFI_KEY_EXCHANGE_KEY_NAME, \r
- &gEfiGlobalVariableGuid, \r
- &KekVariable, \r
+ EFI_KEY_EXCHANGE_KEY_NAME,\r
+ &gEfiGlobalVariableGuid,\r
+ &KekVariable,\r
&mVariableModuleGlobal->VariableGlobal\r
);\r
if (EFI_ERROR (Status)) {\r
\r
//\r
// Ready to verify Pkcs7 SignedData. Go through KEK Signature Database to find out X.509 CertList.\r
- // \r
+ //\r
KekDataSize = KekVariable.CurrPtr->DataSize;\r
CertList = (EFI_SIGNATURE_LIST *) GetVariableDataPtr (KekVariable.CurrPtr);\r
while ((KekDataSize > 0) && (KekDataSize >= CertList->SignatureListSize)) {\r
//\r
RootCert = Cert->SignatureData;\r
RootCertSize = CertList->SignatureSize;\r
- \r
+\r
//\r
// Verify Pkcs7 SignedData via Pkcs7Verify library.\r
//\r
\r
Exit:\r
\r
- FreePool (NewData);\r
-\r
if (!VerifyStatus) {\r
return EFI_SECURITY_VIOLATION;\r
}\r
\r
- if ((PayLoadSize == 0) && (VarDel != NULL)) {\r
+ if ((PayloadSize == 0) && (VarDel != NULL)) {\r
*VarDel = TRUE;\r
}\r
- \r
+\r
//\r
// Final step: Update/Append Variable if it pass Pkcs7Verify\r
//\r
return UpdateVariable (\r
- VariableName, \r
- VendorGuid, \r
- PayLoadPtr, \r
- PayLoadSize, \r
- Attributes, \r
- 0, \r
- 0, \r
+ VariableName,\r
+ VendorGuid,\r
+ PayloadPtr,\r
+ PayloadSize,\r
+ Attributes,\r
+ 0,\r
+ 0,\r
Variable,\r
&CertData->TimeStamp\r
);\r