Revision: 17042
http://sourceforge.net/p/edk2/code/17042
Author: lzeng14
Date: 2015-03-13 01:24:16 +0000 (Fri, 13 Mar 2015)
Log Message:
-----------
SecurityPkg Variable: Allow the delete operation of common auth variable at
user physical presence.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <[email protected]>
Reviewed-by: Jiewen Yao <[email protected]>
Modified Paths:
--------------
trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h
trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/VarCheck.c
Modified: trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
===================================================================
--- trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
2015-03-12 05:41:54 UTC (rev 17041)
+++ trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
2015-03-13 01:24:16 UTC (rev 17042)
@@ -19,7 +19,7 @@
They will do basic validation for authentication data structure, then call
crypto library
to verify the signature.
-Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -129,37 +129,7 @@
return FALSE;
}
-
/**
- Internal function to delete a Variable given its name and GUID, no
authentication
- required.
-
- @param[in] VariableName Name of the Variable.
- @param[in] VendorGuid GUID of the Variable.
-
- @retval EFI_SUCCESS Variable deleted successfully.
- @retval Others The driver failded to start the device.
-
-**/
-EFI_STATUS
-DeleteVariable (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid
- )
-{
- EFI_STATUS Status;
- VARIABLE_POINTER_TRACK Variable;
-
- Status = FindVariable (VariableName, VendorGuid, &Variable,
&mVariableModuleGlobal->VariableGlobal, FALSE);
- if (EFI_ERROR (Status)) {
- return EFI_SUCCESS;
- }
-
- ASSERT (Variable.CurrPtr != NULL);
- return UpdateVariable (VariableName, VendorGuid, NULL, 0, 0, 0, 0,
&Variable, NULL);
-}
-
-/**
Initializes for authenticated varibale service.
@retval EFI_SUCCESS Function successfully executed.
@@ -1282,6 +1252,59 @@
}
/**
+ Check if it is to delete auth variable.
+
+ @param[in] Data Data pointer.
+ @param[in] DataSize Size of Data.
+ @param[in] Variable The variable information which is used to keep
track of variable usage.
+ @param[in] Attributes Attribute value of the variable.
+
+ @retval TRUE It is to delete auth variable.
+ @retval FALSE It is not to delete auth variable.
+
+**/
+BOOLEAN
+IsDeleteAuthVariable (
+ IN VOID *Data,
+ IN UINTN DataSize,
+ IN VARIABLE_POINTER_TRACK *Variable,
+ IN UINT32 Attributes
+ )
+{
+ BOOLEAN Del;
+ UINT8 *Payload;
+ UINTN PayloadSize;
+
+ Del = FALSE;
+
+ //
+ // To delete a variable created with the
EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS
+ // or the EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS attribute,
+ // SetVariable must be used with attributes matching the existing variable
+ // and the DataSize set to the size of the AuthInfo descriptor.
+ //
+ if ((Variable->CurrPtr != NULL) &&
+ (Attributes == Variable->CurrPtr->Attributes) &&
+ ((Attributes & (EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS |
EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS)) != 0)) {
+ if ((Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) !=
0) {
+ Payload = (UINT8 *) Data + AUTHINFO2_SIZE (Data);
+ PayloadSize = DataSize - AUTHINFO2_SIZE (Data);
+ if (PayloadSize == 0) {
+ Del = TRUE;
+ }
+ } else {
+ Payload = (UINT8 *) Data + AUTHINFO_SIZE;
+ PayloadSize = DataSize - AUTHINFO_SIZE;
+ if (PayloadSize == 0) {
+ Del = TRUE;
+ }
+ }
+ }
+
+ return Del;
+}
+
+/**
Process variable with
EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS/EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS
set
Caution: This function may receive untrusted input.
@@ -1295,8 +1318,7 @@
@param[in] VendorGuid Variable vendor GUID.
@param[in] Data Data pointer.
- @param[in] DataSize Size of Data found. If size is less
than the
- data, this value contains the
required size.
+ @param[in] DataSize Size of Data.
@param[in] Variable The variable information which is
used to keep track of variable usage.
@param[in] Attributes Attribute value of the variable.
@@ -1336,11 +1358,36 @@
PubKey = NULL;
IsDeletion = FALSE;
- if (NeedPhysicallyPresent(VariableName, VendorGuid) &&
!UserPhysicalPresent()) {
+ if (UserPhysicalPresent()) {
//
- // This variable is protected, only physical present user could modify its
value.
+ // Allow the delete operation of common authenticated variable at user
physical presence.
//
- return EFI_SECURITY_VIOLATION;
+ if (IsDeleteAuthVariable (Data, DataSize, Variable, Attributes)) {
+ if ((Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) !=
0) {
+ Status = DeleteCertsFromDb (VariableName, VendorGuid);
+ }
+ if (!EFI_ERROR (Status)) {
+ Status = UpdateVariable (
+ VariableName,
+ VendorGuid,
+ NULL,
+ 0,
+ 0,
+ 0,
+ 0,
+ Variable,
+ NULL
+ );
+ }
+ return Status;
+ }
+ } else {
+ if (NeedPhysicallyPresent(VariableName, VendorGuid)) {
+ //
+ // This variable is protected, only physical present user could modify
its value.
+ //
+ return EFI_SECURITY_VIOLATION;
+ }
}
//
Modified: trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h
===================================================================
--- trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h
2015-03-12 05:41:54 UTC (rev 17041)
+++ trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h
2015-03-13 01:24:16 UTC (rev 17042)
@@ -12,7 +12,7 @@
may not be modified without authorization. If platform fails to protect
these resources,
the authentication service provided in this driver will be broken, and the
behavior is undefined.
-Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -289,7 +289,25 @@
IN EFI_TIME *SecondTime
);
+/**
+ Delete matching signer's certificates when deleting common authenticated
+ variable by corresponding VariableName and VendorGuid from "certdb".
+ @param[in] VariableName Name of authenticated Variable.
+ @param[in] VendorGuid Vendor GUID of authenticated Variable.
+
+ @retval EFI_INVALID_PARAMETER Any input parameter is invalid.
+ @retval EFI_NOT_FOUND Fail to find "certdb" or matching certs.
+ @retval EFI_OUT_OF_RESOURCES The operation is failed due to lack of
resources.
+ @retval EFI_SUCCESS The operation is completed successfully.
+
+**/
+EFI_STATUS
+DeleteCertsFromDb (
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid
+ );
+
/**
Process variable with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set
Modified: trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/VarCheck.c
===================================================================
--- trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/VarCheck.c
2015-03-12 05:41:54 UTC (rev 17041)
+++ trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/VarCheck.c
2015-03-13 01:24:16 UTC (rev 17042)
@@ -13,6 +13,7 @@
**/
#include "Variable.h"
+#include "AuthService.h"
#include <Library/DevicePathLib.h>
extern LIST_ENTRY mLockedVariableList;
@@ -668,7 +669,7 @@
EFI_VENDOR_KEYS_NV_VARIABLE_NAME,
{
VAR_CHECK_VARIABLE_PROPERTY_REVISION,
- 0,
+ VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY,
VARIABLE_ATTRIBUTE_NV_BS_RT_AT,
sizeof (UINT8),
sizeof (UINT8)
@@ -676,10 +677,10 @@
},
{
&gEfiAuthenticatedVariableGuid,
- L"AuthVarKeyDatabase",
+ AUTHVAR_KEYDB_NAME,
{
VAR_CHECK_VARIABLE_PROPERTY_REVISION,
- 0,
+ VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY,
VARIABLE_ATTRIBUTE_NV_BS_RT_AW,
sizeof (UINT8),
MAX_UINTN
@@ -687,10 +688,10 @@
},
{
&gEfiCertDbGuid,
- L"certdb",
+ EFI_CERT_DB_NAME,
{
VAR_CHECK_VARIABLE_PROPERTY_REVISION,
- 0,
+ VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY,
VARIABLE_ATTRIBUTE_NV_BS_RT_AT,
sizeof (UINT32),
MAX_UINTN
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
edk2-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/edk2-commits
