From patchwork Thu Feb 2 13:53:35 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Masahisa Kojima X-Patchwork-Id: 649659 Delivered-To: patch@linaro.org Received: by 2002:a17:522:d8c:b0:4be:c3dc:14d8 with SMTP id d12csp250346pva; Thu, 2 Feb 2023 05:53:37 -0800 (PST) X-Google-Smtp-Source: AK7set+LEfMFl5I+8RBCUmSjkgf+izG+3Tjdec6a+lCkuOM1SOc6mLlhAO1UMls4WRc4JwYdUwIw X-Received: by 2002:a9d:410e:0:b0:68b:c44a:b616 with SMTP id o14-20020a9d410e000000b0068bc44ab616mr3180734ote.19.1675346017269; Thu, 02 Feb 2023 05:53:37 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1675346017; cv=none; d=google.com; s=arc-20160816; b=LBkNrJPRxVI+Or7SvQn3qhsB3XzWnUdKldChYFmeQX0ily9VVM0f/fyLGSTgGdsFmD SjiHmc/YolduLrNhXwX5i8z/GlcIcN9IafEq6r2FbzuXCTRPR9jA5onUVQ/g1esMXZVZ XGjLDXZh1eqQIp3b9E963IfsTbI58S8vn9D5VBBW9qSX/w4h1XQ3ACE/NFuA09w0t4wE uHVCGGdtkvEqPS0mAuULG1khG26Ep71/Ajc8rcjLL3u6EJHW/yXjYWNP2PMo7BKd2+m1 DN/3HZOl4Og42Lkxbn5d3NYOrjdL0zudLLtPAua87y7tdCcxyG2nbt6RU2nVdUcs4XjN WtnQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:message-id:date:subject:cc:to :from:dkim-signature; bh=Ki9zInBCi6jrgpwoWwlH7o13c+FSPlEdgD4e93M1PMU=; b=FjJBBMHiLMWTkSAPGtW2YMLUgEsAWn050s3oiOI13/UJW6R9kF50axIfwJ3FvkKFlM XyKptf/8dzqgN+Vh5IF7PSHo7RcWlCi5xQbn9gff6COlioV/2TKgHCjla1oBU849j9mO 1FmO2LVK4PdvSerOCD4jG4h9cY1MPHtKW5BMdW3CZm0qA1wQdAuraRRTVORxkFpRrZsS ZtuXdSWStPzjbhu4mrEvz8r7+3ypLA3McevbKNhzJFzeZA/f1urLVhrdBw153pw7MVuF zvdu/Osezd1i0xJuyeBfq22KmoiDXM+cjfuei8wmTWeTS/bq5iioAyxjl2SvxW3YYb5s uA2Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=A99dQtAl; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id r5-20020a9d5cc5000000b0068d50acb284si1339261oti.31.2023.02.02.05.53.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 02 Feb 2023 05:53:37 -0800 (PST) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=A99dQtAl; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id B917785F3C; Thu, 2 Feb 2023 14:53:34 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="A99dQtAl"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id D83AD85F3D; Thu, 2 Feb 2023 14:53:32 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-pj1-x1030.google.com (mail-pj1-x1030.google.com [IPv6:2607:f8b0:4864:20::1030]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id E11B885F3B for ; Thu, 2 Feb 2023 14:53:29 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=masahisa.kojima@linaro.org Received: by mail-pj1-x1030.google.com with SMTP id v6-20020a17090ad58600b00229eec90a7fso5963490pju.0 for ; Thu, 02 Feb 2023 05:53:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Ki9zInBCi6jrgpwoWwlH7o13c+FSPlEdgD4e93M1PMU=; b=A99dQtAlg5p8WfQkmDHn6XZ5AZjhjJMsv+y+UacWvsjyZw+q+6PKLYMJAG6hJ3utDk SXj79Fjv/wk5uwoJGukgx8jmMbq1b0IgawhLJOEvwzMGiuW6JO11qNVCwa81tSggKRqm ZhnHgd2T7TgYWZF8CVWwvpvDqxe0DR4qwomCCF2W7vGRUYAG+qew4JrO2KXkRpBAM8fP iJ4M16Y4OATI/aI1WbmLNh9+oE/9gX033A7j1GSNvyeqCUxveT/DjinJlV7Swvsiecnc NBQ936ylK1IdCQHT47DVe0wfK+FYUeRS2KgVssm26PuxRYRUUmXT9RL28ixBi5qMMHWx aG5Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Ki9zInBCi6jrgpwoWwlH7o13c+FSPlEdgD4e93M1PMU=; b=cTm9WIqnQrLczlPiLowhZiCjAjCJvJ7j8EaGAeDz/jcDrpZAYhotxPIF3MdWZpfeok KRQ0s1PIqk+9NVzH37kbCssKTcYZFbfi2Svi/szgz7IzZ6P9XwEZUimXbrZNlLUDcOXQ tsdToWy3TKJ1ZXXw/r2gSpJG/XwpCzOxObX/PmLBbHFox9D1P2P9dyYYe+DSZssxgO2j iADHBcmlQWWXX2DGCZUy3fbjGMUxR2skC9ES7LPsVK6QxABAo39wMbQY1vlEiYu4ArFl YY/vZwVJ0gHOJhUlw1JJCGX5lo9BnE/rSemIsnztywZboP1LnqxFdSZgBZBxg5Vh70D7 WaLw== X-Gm-Message-State: AO0yUKUhne4ueiVfKvNzYdo1oyQNhyGxvLK35cuuxb342FXd78Tnl3BA gjTSXL3C6KQMH6GAo1VMMqHP5Qxz0Ul4A6uk7w8= X-Received: by 2002:a17:90b:1b51:b0:22b:b6d5:e347 with SMTP id nv17-20020a17090b1b5100b0022bb6d5e347mr6566675pjb.29.1675346007902; Thu, 02 Feb 2023 05:53:27 -0800 (PST) Received: from localhost.localdomain ([240d:1a:cf7:5800:82fa:5bff:fe4b:26b1]) by smtp.gmail.com with ESMTPSA id d9-20020a17090a3b0900b00229934a0a6asm3227481pjc.4.2023.02.02.05.53.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 02 Feb 2023 05:53:27 -0800 (PST) From: Masahisa Kojima To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Ilias Apalodimas , Masahisa Kojima Subject: [PATCH v2] efi_loader: update attribute check for QueryVariableInfo() Date: Thu, 2 Feb 2023 22:53:35 +0900 Message-Id: <20230202135335.15939-1-masahisa.kojima@linaro.org> X-Mailer: git-send-email 2.17.1 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de X-Virus-Status: Clean Current U-Boot supports two EFI variable service, U-Boot own implementation and op-tee based StMM variable service. With ACS Security Interface Extension(SIE) v22.10_SIE_REL1.1.0, there are several failure items of QueryVariableInfo(). Current attribute check for QueryVariableInfo() was implemented based on the Self Certification Test (SCT) II Case Specification, June 2017, chapter 4.1.4 QueryVariableInfo(). This test case specification is outdated and don't align at all with the SCT test case code, and UEFI specification v2.10 does not clearly define the priority of the attribute check. For U-Boot standard case that EFI variables are stored in a file in the ESP, this commit modifies the attribute check to get align to the EDK2 implementation. For latter case(op-tee based StMM variable service), parameter check should be delegated to StMM. Now all ACS SIE QueryVariableInfo() test cases passed both EFI variable storage implementations. Signed-off-by: Masahisa Kojima --- Changes in v2: - fix both U-Boot file based variable storage and StMM lib/efi_loader/efi_var_common.c | 10 +--------- lib/efi_loader/efi_variable.c | 22 ++++++++++++++++++++++ 2 files changed, 23 insertions(+), 9 deletions(-) diff --git a/lib/efi_loader/efi_var_common.c b/lib/efi_loader/efi_var_common.c index eb83702781..ad50bffd2b 100644 --- a/lib/efi_loader/efi_var_common.c +++ b/lib/efi_loader/efi_var_common.c @@ -165,17 +165,9 @@ efi_status_t EFIAPI efi_query_variable_info( if (!maximum_variable_storage_size || !remaining_variable_storage_size || - !maximum_variable_size || - !(attributes & EFI_VARIABLE_BOOTSERVICE_ACCESS)) + !maximum_variable_size) return EFI_EXIT(EFI_INVALID_PARAMETER); - if ((attributes & ~(u32)EFI_VARIABLE_MASK) || - (attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) || - (attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) || - (!IS_ENABLED(CONFIG_EFI_SECURE_BOOT) && - (attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS))) - return EFI_EXIT(EFI_UNSUPPORTED); - ret = efi_query_variable_info_int(attributes, maximum_variable_storage_size, remaining_variable_storage_size, diff --git a/lib/efi_loader/efi_variable.c b/lib/efi_loader/efi_variable.c index 7c32adf6e5..ba135f827d 100644 --- a/lib/efi_loader/efi_variable.c +++ b/lib/efi_loader/efi_variable.c @@ -349,6 +349,28 @@ efi_status_t efi_query_variable_info_int(u32 attributes, u64 *remaining_variable_storage_size, u64 *maximum_variable_size) { + if (attributes == 0) + return EFI_INVALID_PARAMETER; + + /* EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS is deprecated */ + if ((attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) || + ((attributes & EFI_VARIABLE_MASK) == 0)) + return EFI_UNSUPPORTED; + + if ((attributes & EFI_VARIABLE_MASK) == EFI_VARIABLE_NON_VOLATILE) + return EFI_INVALID_PARAMETER; + + /* Make sure if runtime bit is set, boot service bit is set also. */ + if ((attributes & (EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS)) == + EFI_VARIABLE_RUNTIME_ACCESS) + return EFI_INVALID_PARAMETER; + + if (attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) + return EFI_UNSUPPORTED; + + if (attributes & ~(u32)EFI_VARIABLE_MASK) + return EFI_INVALID_PARAMETER; + *maximum_variable_storage_size = EFI_VAR_BUF_SIZE - sizeof(struct efi_var_file); *remaining_variable_storage_size = efi_var_mem_free();