From: sfu5 Date: Wed, 21 Nov 2012 08:06:02 +0000 (+0000) Subject: 1. Correct the counter-based hash algorithm according to UEFI spec. X-Git-Tag: edk2-stable201903~12877 X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=commitdiff_plain;h=275beb2b53898e91ea92afe96fa56f0ab91b997f 1. Correct the counter-based hash algorithm according to UEFI spec. 2. Check the reserverd bit in variable attribute. 3. Return EFI_OUT_OF_RESOURCE instead of EFI_SECURITY_VIOLATION if there is not enough speace to store the public key. 4. Fix a bug when deleting a non-existent time-based auth variable, we store the certificate into cert DB incorrectly. 5. Fix a bug that time-based auth variable can't been updated again after append operation. Signed-off-by: Fu Siyuan Reviewed-by: Ye Ting Reviewed-by: Dong Guo git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13957 6f19259b-4bc3-4df7-8a09-765794883524 --- diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c b/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c index 6576e681c3..64ce968ac1 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c @@ -526,7 +526,9 @@ VerifyCounterBasedPayload ( EFI_CERT_BLOCK_RSA_2048_SHA256 *CertBlock; UINT8 Digest[SHA256_DIGEST_SIZE]; VOID *Rsa; - + UINTN PayloadSize; + + PayloadSize = DataSize - AUTHINFO_SIZE; Rsa = NULL; CertData = NULL; CertBlock = NULL; @@ -558,7 +560,14 @@ VerifyCounterBasedPayload ( if (!Status) { goto Done; } - Status = Sha256Update (mHashCtx, Data + AUTHINFO_SIZE, (UINTN) (DataSize - AUTHINFO_SIZE)); + Status = Sha256Update (mHashCtx, Data + AUTHINFO_SIZE, PayloadSize); + if (!Status) { + goto Done; + } + // + // Hash Size. + // + Status = Sha256Update (mHashCtx, &PayloadSize, sizeof (UINTN)); if (!Status) { goto Done; } @@ -1099,6 +1108,7 @@ ProcessVarWithKek ( @return EFI_INVALID_PARAMETER Invalid parameter. @return EFI_WRITE_PROTECTED Variable is write-protected and needs authentication with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set. + @return EFI_OUT_OF_RESOURCES The Database to save the public key is full. @return EFI_SECURITY_VIOLATION The variable is with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set, but the AuthInfo does NOT pass the validation check carried out by the firmware. @@ -1253,7 +1263,7 @@ ProcessVariable ( // KeyIndex = AddPubKeyInStore (PubKey); if (KeyIndex == 0) { - return EFI_SECURITY_VIOLATION; + return EFI_OUT_OF_RESOURCES; } } @@ -2155,13 +2165,13 @@ VerifyTimeBasedPayload ( // // Delete signer's certificates when delete the common authenticated variable. // - if ((PayloadSize == 0) && (Variable->CurrPtr != NULL)) { + if ((PayloadSize == 0) && (Variable->CurrPtr != NULL) && ((Attributes & EFI_VARIABLE_APPEND_WRITE) == 0)) { Status = DeleteCertsFromDb (VariableName, VendorGuid); if (EFI_ERROR (Status)) { VerifyStatus = FALSE; goto Exit; } - } else if (Variable->CurrPtr == NULL) { + } else if (Variable->CurrPtr == NULL && PayloadSize != 0) { // // Insert signer's certificates when adding a new common authenticated variable. // diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c b/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c index 07fe99bee7..e683783fa5 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c @@ -2280,6 +2280,13 @@ VariableServiceSetVariable ( return EFI_INVALID_PARAMETER; } + // + // Check for reserverd bit in variable attribute. + // + if ((Attributes & (~EFI_VARIABLE_ATTRIBUTES_MASK)) != 0) { + return EFI_INVALID_PARAMETER; + } + // // Make sure if runtime bit is set, boot service bit is set also. // diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.h b/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.h index 14a0744a57..563485f929 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.h +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.h @@ -43,6 +43,13 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #include #define VARIABLE_RECLAIM_THRESHOLD (1024) +#define EFI_VARIABLE_ATTRIBUTES_MASK (EFI_VARIABLE_NON_VOLATILE | \ + EFI_VARIABLE_BOOTSERVICE_ACCESS | \ + EFI_VARIABLE_RUNTIME_ACCESS | \ + EFI_VARIABLE_HARDWARE_ERROR_RECORD | \ + EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS | \ + EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS | \ + EFI_VARIABLE_APPEND_WRITE) /// /// The size of a 3 character ISO639 language code.