diff options
6 files changed, 37 insertions, 628 deletions
diff --git a/SecurityPkg/Library/AuthVariableLib/AuthService.c b/SecurityPkg/Library/AuthVariableLib/AuthService.c index 2966811fa7..6cbeb98535 100644 --- a/SecurityPkg/Library/AuthVariableLib/AuthService.c +++ b/SecurityPkg/Library/AuthVariableLib/AuthService.c @@ -144,50 +144,6 @@ AuthServiceInternalUpdateVariable ( @param[in] Data Data pointer.
@param[in] DataSize Size of Data.
@param[in] Attributes Attribute value of the variable.
- @param[in] KeyIndex Index of associated public key.
- @param[in] MonotonicCount Value of associated monotonic count.
-
- @retval EFI_SUCCESS The update operation is success.
- @retval EFI_INVALID_PARAMETER Invalid parameter.
- @retval EFI_WRITE_PROTECTED Variable is write-protected.
- @retval EFI_OUT_OF_RESOURCES There is not enough resource.
-
-**/
-EFI_STATUS
-AuthServiceInternalUpdateVariableWithMonotonicCount (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- IN VOID *Data,
- IN UINTN DataSize,
- IN UINT32 Attributes,
- IN UINT32 KeyIndex,
- IN UINT64 MonotonicCount
- )
-{
- AUTH_VARIABLE_INFO AuthVariableInfo;
-
- ZeroMem (&AuthVariableInfo, sizeof (AuthVariableInfo));
- AuthVariableInfo.VariableName = VariableName;
- AuthVariableInfo.VendorGuid = VendorGuid;
- AuthVariableInfo.Data = Data;
- AuthVariableInfo.DataSize = DataSize;
- AuthVariableInfo.Attributes = Attributes;
- AuthVariableInfo.PubKeyIndex = KeyIndex;
- AuthVariableInfo.MonotonicCount = MonotonicCount;
-
- return mAuthVarLibContextIn->UpdateVariable (
- &AuthVariableInfo
- );
-}
-
-/**
- Update the variable region with Variable information.
-
- @param[in] VariableName Name of variable.
- @param[in] VendorGuid Guid of variable.
- @param[in] Data Data pointer.
- @param[in] DataSize Size of Data.
- @param[in] Attributes Attribute value of the variable.
@param[in] TimeStamp Value of associated TimeStamp.
@retval EFI_SUCCESS The update operation is success.
@@ -300,306 +256,6 @@ InCustomMode ( }
/**
- Get available public key index.
-
- @param[in] PubKey Pointer to Public Key data.
-
- @return Public key index, 0 if no any public key index available.
-
-**/
-UINT32
-GetAvailableKeyIndex (
- IN UINT8 *PubKey
- )
-{
- EFI_STATUS Status;
- UINT8 *Data;
- UINTN DataSize;
- UINT8 *Ptr;
- UINT32 Index;
- BOOLEAN IsFound;
- EFI_GUID VendorGuid;
- CHAR16 Name[1];
- AUTH_VARIABLE_INFO AuthVariableInfo;
- UINT32 KeyIndex;
-
- Status = AuthServiceInternalFindVariable (
- AUTHVAR_KEYDB_NAME,
- &gEfiAuthenticatedVariableGuid,
- (VOID **) &Data,
- &DataSize
- );
- if (EFI_ERROR (Status)) {
- DEBUG ((EFI_D_ERROR, "Get public key database variable failure, Status = %r\n", Status));
- return 0;
- }
-
- if (mPubKeyNumber == mMaxKeyNumber) {
- Name[0] = 0;
- AuthVariableInfo.VariableName = Name;
- ZeroMem (&VendorGuid, sizeof (VendorGuid));
- AuthVariableInfo.VendorGuid = &VendorGuid;
- mPubKeyNumber = 0;
- //
- // Collect valid key data.
- //
- do {
- Status = mAuthVarLibContextIn->FindNextVariable (AuthVariableInfo.VariableName, AuthVariableInfo.VendorGuid, &AuthVariableInfo);
- if (!EFI_ERROR (Status)) {
- if (AuthVariableInfo.PubKeyIndex != 0) {
- for (Ptr = Data; Ptr < (Data + DataSize); Ptr += sizeof (AUTHVAR_KEY_DB_DATA)) {
- if (ReadUnaligned32 (&(((AUTHVAR_KEY_DB_DATA *) Ptr)->KeyIndex)) == AuthVariableInfo.PubKeyIndex) {
- //
- // Check if the key data has been collected.
- //
- for (Index = 0; Index < mPubKeyNumber; Index++) {
- if (ReadUnaligned32 (&(((AUTHVAR_KEY_DB_DATA *) mPubKeyStore + Index)->KeyIndex)) == AuthVariableInfo.PubKeyIndex) {
- break;
- }
- }
- if (Index == mPubKeyNumber) {
- //
- // New key data.
- //
- CopyMem ((AUTHVAR_KEY_DB_DATA *) mPubKeyStore + mPubKeyNumber, Ptr, sizeof (AUTHVAR_KEY_DB_DATA));
- mPubKeyNumber++;
- }
- break;
- }
- }
- }
- }
- } while (Status != EFI_NOT_FOUND);
-
- //
- // No available space to add new public key.
- //
- if (mPubKeyNumber == mMaxKeyNumber) {
- return 0;
- }
- }
-
- //
- // Find available public key index.
- //
- for (KeyIndex = 1; KeyIndex <= mMaxKeyNumber; KeyIndex++) {
- IsFound = FALSE;
- for (Ptr = mPubKeyStore; Ptr < (mPubKeyStore + mPubKeyNumber * sizeof (AUTHVAR_KEY_DB_DATA)); Ptr += sizeof (AUTHVAR_KEY_DB_DATA)) {
- if (ReadUnaligned32 (&(((AUTHVAR_KEY_DB_DATA *) Ptr)->KeyIndex)) == KeyIndex) {
- IsFound = TRUE;
- break;
- }
- }
- if (!IsFound) {
- break;
- }
- }
-
- return KeyIndex;
-}
-
-/**
- Add public key in store and return its index.
-
- @param[in] PubKey Input pointer to Public Key data.
- @param[in] VariableDataEntry The variable data entry.
-
- @return Index of new added public key.
-
-**/
-UINT32
-AddPubKeyInStore (
- IN UINT8 *PubKey,
- IN VARIABLE_ENTRY_CONSISTENCY *VariableDataEntry
- )
-{
- EFI_STATUS Status;
- UINT32 Index;
- VARIABLE_ENTRY_CONSISTENCY PublicKeyEntry;
- UINT32 Attributes;
- UINT32 KeyIndex;
-
- if (PubKey == NULL) {
- return 0;
- }
-
- //
- // Check whether the public key entry does exist.
- //
- for (Index = 0; Index < mPubKeyNumber; Index++) {
- if (CompareMem (((AUTHVAR_KEY_DB_DATA *) mPubKeyStore + Index)->KeyData, PubKey, EFI_CERT_TYPE_RSA2048_SIZE) == 0) {
- return ReadUnaligned32 (&(((AUTHVAR_KEY_DB_DATA *) mPubKeyStore + Index)->KeyIndex));
- }
- }
-
- KeyIndex = GetAvailableKeyIndex (PubKey);
- if (KeyIndex == 0) {
- return 0;
- }
-
- //
- // Check the variable space for both public key and variable data.
- //
- PublicKeyEntry.VariableSize = (mPubKeyNumber + 1) * sizeof (AUTHVAR_KEY_DB_DATA);
- PublicKeyEntry.Guid = &gEfiAuthenticatedVariableGuid;
- PublicKeyEntry.Name = AUTHVAR_KEYDB_NAME;
- Attributes = VARIABLE_ATTRIBUTE_NV_BS_RT | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS;
-
- if (!mAuthVarLibContextIn->CheckRemainingSpaceForConsistency (Attributes, &PublicKeyEntry, VariableDataEntry, NULL)) {
- //
- // No enough variable space.
- //
- return 0;
- }
-
- WriteUnaligned32 (&(((AUTHVAR_KEY_DB_DATA *) mPubKeyStore + mPubKeyNumber)->KeyIndex), KeyIndex);
- CopyMem (((AUTHVAR_KEY_DB_DATA *) mPubKeyStore + mPubKeyNumber)->KeyData, PubKey, EFI_CERT_TYPE_RSA2048_SIZE);
- mPubKeyNumber++;
-
- //
- // Update public key database variable.
- //
- Status = AuthServiceInternalUpdateVariable (
- AUTHVAR_KEYDB_NAME,
- &gEfiAuthenticatedVariableGuid,
- mPubKeyStore,
- mPubKeyNumber * sizeof (AUTHVAR_KEY_DB_DATA),
- Attributes
- );
- if (EFI_ERROR (Status)) {
- DEBUG ((EFI_D_ERROR, "Update public key database variable failure, Status = %r\n", Status));
- return 0;
- }
-
- return KeyIndex;
-}
-
-/**
- Verify data payload with AuthInfo in EFI_CERT_TYPE_RSA2048_SHA256_GUID type.
- Follow the steps in UEFI2.2.
-
- Caution: This function may receive untrusted input.
- This function may be invoked in SMM mode, and datasize and data are external input.
- This function will do basic validation, before parse the data.
- This function will parse the authentication carefully to avoid security issues, like
- buffer overflow, integer overflow.
-
- @param[in] Data Pointer to data with AuthInfo.
- @param[in] DataSize Size of Data.
- @param[in] PubKey Public key used for verification.
-
- @retval EFI_INVALID_PARAMETER Invalid parameter.
- @retval EFI_SECURITY_VIOLATION If authentication failed.
- @retval EFI_SUCCESS Authentication successful.
-
-**/
-EFI_STATUS
-VerifyCounterBasedPayload (
- IN UINT8 *Data,
- IN UINTN DataSize,
- IN UINT8 *PubKey
- )
-{
- BOOLEAN Status;
- EFI_VARIABLE_AUTHENTICATION *CertData;
- EFI_CERT_BLOCK_RSA_2048_SHA256 *CertBlock;
- UINT8 Digest[SHA256_DIGEST_SIZE];
- VOID *Rsa;
- UINTN PayloadSize;
-
- PayloadSize = DataSize - AUTHINFO_SIZE;
- Rsa = NULL;
- CertData = NULL;
- CertBlock = NULL;
-
- if (Data == NULL || PubKey == NULL) {
- return EFI_INVALID_PARAMETER;
- }
-
- CertData = (EFI_VARIABLE_AUTHENTICATION *) Data;
- CertBlock = (EFI_CERT_BLOCK_RSA_2048_SHA256 *) (CertData->AuthInfo.CertData);
-
- //
- // wCertificateType should be WIN_CERT_TYPE_EFI_GUID.
- // Cert type should be EFI_CERT_TYPE_RSA2048_SHA256_GUID.
- //
- if ((CertData->AuthInfo.Hdr.wCertificateType != WIN_CERT_TYPE_EFI_GUID) ||
- !CompareGuid (&CertData->AuthInfo.CertType, &gEfiCertTypeRsa2048Sha256Guid)) {
- //
- // Invalid AuthInfo type, return EFI_SECURITY_VIOLATION.
- //
- return EFI_SECURITY_VIOLATION;
- }
- //
- // Hash data payload with SHA256.
- //
- ZeroMem (Digest, SHA256_DIGEST_SIZE);
- Status = Sha256Init (mHashCtx);
- if (!Status) {
- goto Done;
- }
- Status = Sha256Update (mHashCtx, Data + AUTHINFO_SIZE, PayloadSize);
- if (!Status) {
- goto Done;
- }
- //
- // Hash Size.
- //
- Status = Sha256Update (mHashCtx, &PayloadSize, sizeof (UINTN));
- if (!Status) {
- goto Done;
- }
- //
- // Hash Monotonic Count.
- //
- Status = Sha256Update (mHashCtx, &CertData->MonotonicCount, sizeof (UINT64));
- if (!Status) {
- goto Done;
- }
- Status = Sha256Final (mHashCtx, Digest);
- if (!Status) {
- goto Done;
- }
- //
- // Generate & Initialize RSA Context.
- //
- Rsa = RsaNew ();
- ASSERT (Rsa != NULL);
- //
- // Set RSA Key Components.
- // NOTE: Only N and E are needed to be set as RSA public key for signature verification.
- //
- Status = RsaSetKey (Rsa, RsaKeyN, PubKey, EFI_CERT_TYPE_RSA2048_SIZE);
- if (!Status) {
- goto Done;
- }
- Status = RsaSetKey (Rsa, RsaKeyE, mRsaE, sizeof (mRsaE));
- if (!Status) {
- goto Done;
- }
- //
- // Verify the signature.
- //
- Status = RsaPkcs1Verify (
- Rsa,
- Digest,
- SHA256_DIGEST_SIZE,
- CertBlock->Signature,
- EFI_CERT_TYPE_RSA2048_SHA256_SIZE
- );
-
-Done:
- if (Rsa != NULL) {
- RsaFree (Rsa);
- }
- if (Status) {
- return EFI_SUCCESS;
- } else {
- return EFI_SECURITY_VIOLATION;
- }
-}
-
-/**
Update platform mode.
@param[in] Mode SETUP_MODE or USER_MODE.
@@ -1146,7 +802,7 @@ IsDeleteAuthVariable ( }
/**
- Process variable with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS/EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set
+ Process variable with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set
Caution: This function may receive untrusted input.
This function may be invoked in SMM mode, and datasize and data are external input.
@@ -1163,9 +819,9 @@ IsDeleteAuthVariable ( @return EFI_INVALID_PARAMETER Invalid parameter.
@return EFI_WRITE_PROTECTED Variable is write-protected and needs authentication with
- EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set.
+ EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS or EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set.
@return EFI_OUT_OF_RESOURCES The Database to save the public key is full.
- @return EFI_SECURITY_VIOLATION The variable is with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS
+ @return EFI_SECURITY_VIOLATION The variable is with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS
set, but the AuthInfo does NOT pass the validation
check carried out by the firmware.
@return EFI_SUCCESS Variable is not write-protected or pass validation successfully.
@@ -1181,22 +837,8 @@ ProcessVariable ( )
{
EFI_STATUS Status;
- BOOLEAN IsDeletion;
- BOOLEAN IsFirstTime;
- UINT8 *PubKey;
- EFI_VARIABLE_AUTHENTICATION *CertData;
- EFI_CERT_BLOCK_RSA_2048_SHA256 *CertBlock;
- UINT32 KeyIndex;
- UINT64 MonotonicCount;
- VARIABLE_ENTRY_CONSISTENCY VariableDataEntry;
- UINT32 Index;
AUTH_VARIABLE_INFO OrgVariableInfo;
- KeyIndex = 0;
- CertData = NULL;
- CertBlock = NULL;
- PubKey = NULL;
- IsDeletion = FALSE;
Status = EFI_SUCCESS;
ZeroMem (&OrgVariableInfo, sizeof (OrgVariableInfo));
@@ -1208,7 +850,7 @@ ProcessVariable ( if ((!EFI_ERROR (Status)) && IsDeleteAuthVariable (OrgVariableInfo.Attributes, Data, DataSize, Attributes) && UserPhysicalPresent()) {
//
- // Allow the delete operation of common authenticated variable at user physical presence.
+ // Allow the delete operation of common authenticated variable(AT or AW) at user physical presence.
//
Status = AuthServiceInternalUpdateVariable (
VariableName,
@@ -1232,25 +874,15 @@ ProcessVariable ( }
//
- // A time-based authenticated variable and a count-based authenticated variable
- // can't be updated by each other.
- //
- if (OrgVariableInfo.Data != NULL) {
- if (((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) != 0) &&
- ((OrgVariableInfo.Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) != 0)) {
- return EFI_SECURITY_VIOLATION;
- }
-
- if (((Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) != 0) &&
- ((OrgVariableInfo.Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) != 0)) {
- return EFI_SECURITY_VIOLATION;
- }
- }
-
- //
- // Process Time-based Authenticated variable.
- //
- if ((Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) != 0) {
+ if ((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) != 0) {
+ //
+ // Reject Counter Based Auth Variable processing request.
+ //
+ return EFI_UNSUPPORTED;
+ } else if ((Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) != 0) {
+ //
+ // Process Time-based Authenticated variable.
+ //
return VerifyTimeBasedPayloadAndUpdate (
VariableName,
VendorGuid,
@@ -1262,117 +894,20 @@ ProcessVariable ( );
}
- //
- // Determine if first time SetVariable with the EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS.
- //
- if ((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) != 0) {
- //
- // Determine current operation type.
- //
- if (DataSize == AUTHINFO_SIZE) {
- IsDeletion = TRUE;
- }
- //
- // Determine whether this is the first time with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set.
- //
- if (OrgVariableInfo.Data == NULL) {
- IsFirstTime = TRUE;
- } else if ((OrgVariableInfo.Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) == 0) {
- IsFirstTime = TRUE;
- } else {
- KeyIndex = OrgVariableInfo.PubKeyIndex;
- IsFirstTime = FALSE;
- }
- } else if ((OrgVariableInfo.Data != NULL) &&
- ((OrgVariableInfo.Attributes & (EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS)) != 0)
- ) {
+ if ((OrgVariableInfo.Data != NULL) &&
+ ((OrgVariableInfo.Attributes & (EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS)) != 0)) {
//
// If the variable is already write-protected, it always needs authentication before update.
//
return EFI_WRITE_PROTECTED;
- } else {
- //
- // If without EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS, set and attributes collision.
- // That means it is not authenticated variable, just update variable as usual.
- //
- Status = AuthServiceInternalUpdateVariable (VariableName, VendorGuid, Data, DataSize, Attributes);
- return Status;
}
//
- // Get PubKey and check Monotonic Count value corresponding to the variable.
- //
- CertData = (EFI_VARIABLE_AUTHENTICATION *) Data;
- CertBlock = (EFI_CERT_BLOCK_RSA_2048_SHA256 *) (CertData->AuthInfo.CertData);
- PubKey = CertBlock->PublicKey;
-
- //
- // Update Monotonic Count value.
+ // Not authenticated variable, just update variable as usual.
//
- MonotonicCount = CertData->MonotonicCount;
-
- if (!IsFirstTime) {
- //
- // 2 cases need to check here
- // 1. Internal PubKey variable. PubKeyIndex is always 0
- // 2. Other counter-based AuthVariable. Check input PubKey.
- //
- if (KeyIndex == 0) {
- return EFI_SECURITY_VIOLATION;
- }
- for (Index = 0; Index < mPubKeyNumber; Index++) {
- if (ReadUnaligned32 (&(((AUTHVAR_KEY_DB_DATA *) mPubKeyStore + Index)->KeyIndex)) == KeyIndex) {
- if (CompareMem (((AUTHVAR_KEY_DB_DATA *) mPubKeyStore + Index)->KeyData, PubKey, EFI_CERT_TYPE_RSA2048_SIZE) == 0) {
- break;
- } else {
- return EFI_SECURITY_VIOLATION;
- }
- }
- }
- if (Index == mPubKeyNumber) {
- return EFI_SECURITY_VIOLATION;
- }
-
- //
- // Compare the current monotonic count and ensure that it is greater than the last SetVariable
- // operation with the EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS attribute set.
- //
- if (MonotonicCount <= OrgVariableInfo.MonotonicCount) {
- //
- // Monotonic count check fail, suspicious replay attack, return EFI_SECURITY_VIOLATION.
- //
- return EFI_SECURITY_VIOLATION;
- }
- }
- //
- // Verify the certificate in Data payload.
- //
- Status = VerifyCounterBasedPayload (Data, DataSize, PubKey);
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- //
- // Now, the signature has been verified!
- //
- if (IsFirstTime && !IsDeletion) {
- VariableDataEntry.VariableSize = DataSize - AUTHINFO_SIZE;
- VariableDataEntry.Guid = VendorGuid;
- VariableDataEntry.Name = VariableName;
-
- //
- // Update public key database variable if need.
- //
- KeyIndex = AddPubKeyInStore (PubKey, &VariableDataEntry);
- if (KeyIndex == 0) {
- return EFI_OUT_OF_RESOURCES;
- }
- }
+ Status = AuthServiceInternalUpdateVariable (VariableName, VendorGuid, Data, DataSize, Attributes);
+ return Status;
- //
- // Verification pass.
- //
- return AuthServiceInternalUpdateVariableWithMonotonicCount (VariableName, VendorGuid, (UINT8*)Data + AUTHINFO_SIZE, DataSize - AUTHINFO_SIZE, Attributes, KeyIndex, MonotonicCount);
}
/**
diff --git a/SecurityPkg/Library/AuthVariableLib/AuthServiceInternal.h b/SecurityPkg/Library/AuthVariableLib/AuthServiceInternal.h index e9b7cf3579..2886260925 100644 --- a/SecurityPkg/Library/AuthVariableLib/AuthServiceInternal.h +++ b/SecurityPkg/Library/AuthVariableLib/AuthServiceInternal.h @@ -59,35 +59,6 @@ typedef enum { } AUTHVAR_TYPE;
///
-/// "AuthVarKeyDatabase" variable for the Public Key store
-/// of variables with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set.
-///
-/// GUID: gEfiAuthenticatedVariableGuid
-///
-/// We need maintain atomicity.
-///
-/// Format:
-/// +----------------------------+
-/// | AUTHVAR_KEY_DB_DATA | <-- First AuthVarKey
-/// +----------------------------+
-/// | ...... |
-/// +----------------------------+
-/// | AUTHVAR_KEY_DB_DATA | <-- Last AuthKey
-/// +----------------------------+
-///
-#define AUTHVAR_KEYDB_NAME L"AuthVarKeyDatabase"
-
-#define EFI_CERT_TYPE_RSA2048_SHA256_SIZE 256
-#define EFI_CERT_TYPE_RSA2048_SIZE 256
-
-#pragma pack(1)
-typedef struct {
- UINT32 KeyIndex;
- UINT8 KeyData[EFI_CERT_TYPE_RSA2048_SIZE];
-} AUTHVAR_KEY_DB_DATA;
-#pragma pack()
-
-///
/// "certdb" variable stores the signer's certificates for non PK/KEK/DB/DBX
/// variables with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS|EFI_VARIABLE_NON_VOLATILE set.
/// "certdbv" variable stores the signer's certificates for non PK/KEK/DB/DBX
@@ -122,10 +93,6 @@ typedef struct { } AUTH_CERT_DB_DATA;
#pragma pack()
-extern UINT8 *mPubKeyStore;
-extern UINT32 mPubKeyNumber;
-extern UINT32 mMaxKeyNumber;
-extern UINT32 mMaxKeyDbSize;
extern UINT8 *mCertDbStore;
extern UINT32 mMaxCertDbSize;
extern UINT32 mPlatformMode;
@@ -295,7 +262,7 @@ ProcessVarWithKek ( );
/**
- Process variable with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS/EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set
+ Process variable with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set
Caution: This function may receive untrusted input.
This function may be invoked in SMM mode, and datasize and data are external input.
@@ -312,9 +279,9 @@ ProcessVarWithKek ( @return EFI_INVALID_PARAMETER Invalid parameter.
@return EFI_WRITE_PROTECTED Variable is write-protected and needs authentication with
- EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set.
+ EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS or EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set.
@return EFI_OUT_OF_RESOURCES The Database to save the public key is full.
- @return EFI_SECURITY_VIOLATION The variable is with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS
+ @return EFI_SECURITY_VIOLATION The variable is with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS
set, but the AuthInfo does NOT pass the validation
check carried out by the firmware.
@return EFI_SUCCESS Variable is not write-protected or pass validation successfully.
@@ -387,34 +354,6 @@ AuthServiceInternalUpdateVariable ( @param[in] Data Data pointer.
@param[in] DataSize Size of Data.
@param[in] Attributes Attribute value of the variable.
- @param[in] KeyIndex Index of associated public key.
- @param[in] MonotonicCount Value of associated monotonic count.
-
- @retval EFI_SUCCESS The update operation is success.
- @retval EFI_INVALID_PARAMETER Invalid parameter.
- @retval EFI_WRITE_PROTECTED Variable is write-protected.
- @retval EFI_OUT_OF_RESOURCES There is not enough resource.
-
-**/
-EFI_STATUS
-AuthServiceInternalUpdateVariableWithMonotonicCount (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- IN VOID *Data,
- IN UINTN DataSize,
- IN UINT32 Attributes,
- IN UINT32 KeyIndex,
- IN UINT64 MonotonicCount
- );
-
-/**
- Update the variable region with Variable information.
-
- @param[in] VariableName Name of variable.
- @param[in] VendorGuid Guid of variable.
- @param[in] Data Data pointer.
- @param[in] DataSize Size of Data.
- @param[in] Attributes Attribute value of the variable.
@param[in] TimeStamp Value of associated TimeStamp.
@retval EFI_SUCCESS The update operation is success.
diff --git a/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.c b/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.c index 792a1232ae..00917eb374 100644 --- a/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.c +++ b/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.c @@ -27,10 +27,6 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. ///
/// Global database array for scratch
///
-UINT8 *mPubKeyStore;
-UINT32 mPubKeyNumber;
-UINT32 mMaxKeyNumber;
-UINT32 mMaxKeyDbSize;
UINT8 *mCertDbStore;
UINT32 mMaxCertDbSize;
UINT32 mPlatformMode;
@@ -78,17 +74,6 @@ VARIABLE_ENTRY_PROPERTY mAuthVarEntry[] = { }
},
{
- &gEfiAuthenticatedVariableGuid,
- AUTHVAR_KEYDB_NAME,
- {
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,
- VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY,
- VARIABLE_ATTRIBUTE_NV_BS_RT_AW,
- sizeof (UINT8),
- MAX_UINTN
- }
- },
- {
&gEfiCertDbGuid,
EFI_CERT_DB_NAME,
{
@@ -112,7 +97,7 @@ VARIABLE_ENTRY_PROPERTY mAuthVarEntry[] = { },
};
-VOID **mAuthVarAddressPointer[10];
+VOID **mAuthVarAddressPointer[9];
AUTH_VAR_LIB_CONTEXT_IN *mAuthVarLibContextIn = NULL;
@@ -138,7 +123,6 @@ AuthVariableLibInitialize ( )
{
EFI_STATUS Status;
- UINT8 VarValue;
UINT32 VarAttr;
UINT8 *Data;
UINTN DataSize;
@@ -164,16 +148,6 @@ AuthVariableLibInitialize ( }
//
- // Reserve runtime buffer for public key database. The size excludes variable header and name size.
- //
- mMaxKeyDbSize = (UINT32) (mAuthVarLibContextIn->MaxAuthVariableSize - sizeof (AUTHVAR_KEYDB_NAME));
- mMaxKeyNumber = mMaxKeyDbSize / sizeof (AUTHVAR_KEY_DB_DATA);
- mPubKeyStore = AllocateRuntimePool (mMaxKeyDbSize);
- if (mPubKeyStore == NULL) {
- return EFI_OUT_OF_RESOURCES;
- }
-
- //
// Reserve runtime buffer for certificate database. The size excludes variable header and name size.
// Use EFI_CERT_DB_VOLATILE_NAME size since it is longer.
//
@@ -183,43 +157,6 @@ AuthVariableLibInitialize ( return EFI_OUT_OF_RESOURCES;
}
- //
- // Check "AuthVarKeyDatabase" variable's existence.
- // If it doesn't exist, create a new one with initial value of 0 and EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set.
- //
- Status = AuthServiceInternalFindVariable (
- AUTHVAR_KEYDB_NAME,
- &gEfiAuthenticatedVariableGuid,
- (VOID **) &Data,
- &DataSize
- );
- if (EFI_ERROR (Status)) {
- VarAttr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS;
- VarValue = 0;
- mPubKeyNumber = 0;
- Status = AuthServiceInternalUpdateVariable (
- AUTHVAR_KEYDB_NAME,
- &gEfiAuthenticatedVariableGuid,
- &VarValue,
- sizeof(UINT8),
- VarAttr
- );
- if (EFI_ERROR (Status)) {
- return Status;
- }
- } else {
- //
- // Load database in global variable for cache.
- //
- ASSERT ((DataSize != 0) && (Data != NULL));
- //
- // "AuthVarKeyDatabase" is an internal variable. Its DataSize is always ensured not to exceed mPubKeyStore buffer size(See definition before)
- // Therefore, there is no memory overflow in underlying CopyMem.
- //
- CopyMem (mPubKeyStore, (UINT8 *) Data, DataSize);
- mPubKeyNumber = (UINT32) (DataSize / sizeof (AUTHVAR_KEY_DB_DATA));
- }
-
Status = AuthServiceInternalFindVariable (EFI_PLATFORM_KEY_NAME, &gEfiGlobalVariableGuid, (VOID **) &Data, &DataSize);
if (EFI_ERROR (Status)) {
DEBUG ((EFI_D_INFO, "Variable %s does not exist.\n", EFI_PLATFORM_KEY_NAME));
@@ -422,16 +359,15 @@ AuthVariableLibInitialize ( AuthVarLibContextOut->StructSize = sizeof (AUTH_VAR_LIB_CONTEXT_OUT);
AuthVarLibContextOut->AuthVarEntry = mAuthVarEntry;
AuthVarLibContextOut->AuthVarEntryCount = ARRAY_SIZE (mAuthVarEntry);
- mAuthVarAddressPointer[0] = (VOID **) &mPubKeyStore;
- mAuthVarAddressPointer[1] = (VOID **) &mCertDbStore;
- mAuthVarAddressPointer[2] = (VOID **) &mHashCtx;
- mAuthVarAddressPointer[3] = (VOID **) &mAuthVarLibContextIn;
- mAuthVarAddressPointer[4] = (VOID **) &(mAuthVarLibContextIn->FindVariable),
- mAuthVarAddressPointer[5] = (VOID **) &(mAuthVarLibContextIn->FindNextVariable),
- mAuthVarAddressPointer[6] = (VOID **) &(mAuthVarLibContextIn->UpdateVariable),
- mAuthVarAddressPointer[7] = (VOID **) &(mAuthVarLibContextIn->GetScratchBuffer),
- mAuthVarAddressPointer[8] = (VOID **) &(mAuthVarLibContextIn->CheckRemainingSpaceForConsistency),
- mAuthVarAddressPointer[9] = (VOID **) &(mAuthVarLibContextIn->AtRuntime),
+ mAuthVarAddressPointer[0] = (VOID **) &mCertDbStore;
+ mAuthVarAddressPointer[1] = (VOID **) &mHashCtx;
+ mAuthVarAddressPointer[2] = (VOID **) &mAuthVarLibContextIn;
+ mAuthVarAddressPointer[3] = (VOID **) &(mAuthVarLibContextIn->FindVariable),
+ mAuthVarAddressPointer[4] = (VOID **) &(mAuthVarLibContextIn->FindNextVariable),
+ mAuthVarAddressPointer[5] = (VOID **) &(mAuthVarLibContextIn->UpdateVariable),
+ mAuthVarAddressPointer[6] = (VOID **) &(mAuthVarLibContextIn->GetScratchBuffer),
+ mAuthVarAddressPointer[7] = (VOID **) &(mAuthVarLibContextIn->CheckRemainingSpaceForConsistency),
+ mAuthVarAddressPointer[8] = (VOID **) &(mAuthVarLibContextIn->AtRuntime),
AuthVarLibContextOut->AddressPointer = mAuthVarAddressPointer;
AuthVarLibContextOut->AddressPointerCount = ARRAY_SIZE (mAuthVarAddressPointer);
@@ -439,7 +375,7 @@ AuthVariableLibInitialize ( }
/**
- Process variable with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS/EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set.
+ Process variable with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set.
@param[in] VariableName Name of the variable.
@param[in] VendorGuid Variable vendor GUID.
@@ -452,8 +388,7 @@ AuthVariableLibInitialize ( @retval EFI_INVALID_PARAMETER Invalid parameter.
@retval EFI_WRITE_PROTECTED Variable is write-protected.
@retval EFI_OUT_OF_RESOURCES There is not enough resource.
- @retval EFI_SECURITY_VIOLATION The variable is with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS
- or EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACESS
+ @retval EFI_SECURITY_VIOLATION The variable is with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACESS
set, but the AuthInfo does NOT pass the validation
check carried out by the firmware.
@retval EFI_UNSUPPORTED Unsupported to process authenticated variable.
diff --git a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.c b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.c index c6f3edc756..7763b13694 100644 --- a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.c +++ b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.c @@ -101,7 +101,7 @@ IsMorLockVariable ( @retval EFI_DEVICE_ERROR The variable could not be saved due to a hardware failure.
@retval EFI_WRITE_PROTECTED The variable in question is read-only.
@retval EFI_WRITE_PROTECTED The variable in question cannot be deleted.
- @retval EFI_SECURITY_VIOLATION The variable could not be written due to EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS
+ @retval EFI_SECURITY_VIOLATION The variable could not be written due to EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS
set but the AuthInfo does NOT pass the validation check carried
out by the firmware.
@retval EFI_NOT_FOUND The variable trying to be updated or deleted was not found.
diff --git a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.h b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.h index 50a656aeb3..af30357533 100644 --- a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.h +++ b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.h @@ -67,7 +67,7 @@ InternalGetVariable ( @retval EFI_DEVICE_ERROR The variable could not be saved due to a hardware failure.
@retval EFI_WRITE_PROTECTED The variable in question is read-only.
@retval EFI_WRITE_PROTECTED The variable in question cannot be deleted.
- @retval EFI_SECURITY_VIOLATION The variable could not be written due to EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS
+ @retval EFI_SECURITY_VIOLATION The variable could not be written due to EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS
set but the AuthInfo does NOT pass the validation check carried
out by the firmware.
@retval EFI_NOT_FOUND The variable trying to be updated or deleted was not found.
@@ -103,7 +103,7 @@ InternalSetVariable ( @retval EFI_DEVICE_ERROR The variable could not be saved due to a hardware failure.
@retval EFI_WRITE_PROTECTED The variable in question is read-only.
@retval EFI_WRITE_PROTECTED The variable in question cannot be deleted.
- @retval EFI_SECURITY_VIOLATION The variable could not be written due to EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS
+ @retval EFI_SECURITY_VIOLATION The variable could not be written due to EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS
set but the AuthInfo does NOT pass the validation check carried
out by the firmware.
@retval EFI_NOT_FOUND The variable trying to be updated or deleted was not found.
diff --git a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.c b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.c index 019cb8bb24..e5db98cc87 100644 --- a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.c +++ b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.c @@ -82,7 +82,7 @@ InternalGetVariable ( @retval EFI_DEVICE_ERROR The variable could not be saved due to a hardware failure.
@retval EFI_WRITE_PROTECTED The variable in question is read-only.
@retval EFI_WRITE_PROTECTED The variable in question cannot be deleted.
- @retval EFI_SECURITY_VIOLATION The variable could not be written due to EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS
+ @retval EFI_SECURITY_VIOLATION The variable could not be written due to EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS
set but the AuthInfo does NOT pass the validation check carried
out by the firmware.
@retval EFI_NOT_FOUND The variable trying to be updated or deleted was not found.
|