From 21320ef66989f8af5a9e9b57df73d20a70bea85f Mon Sep 17 00:00:00 2001 From: Sunny Wang Date: Wed, 12 Jan 2022 05:37:20 +0800 Subject: [PATCH] MdeModulePkg/Variable: Make only EFI_VARIABLE_NON_VOLATILE invalid Only EFI_VARIABLE_NON_VOLATILE attribute is an invalid combination of attribute bits, so update the variable driver to return EFI_INVALID_PARAMETER so that we can prevent the invalid variable being created. This change also fixes the SCT failure below: - RT.QueryVariableInfo - With being an invalid combination -- FAILURE For details, please check the threads below: - https://edk2.groups.io/g/devel/topic/86486174 - https://edk2.groups.io/g/devel/message/82466 Cc: Liming Gao Cc: Heinrich Schuchardt Cc: G Edhaya Chandran Cc: Samer El-Haj-Mahmoud Signed-off-by: Sunny Wang Reviewed-by: Liming Gao --- .../Universal/Variable/RuntimeDxe/Variable.c | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c index 9722a94420..6c1a3440ac 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c @@ -19,6 +19,7 @@ Copyright (c) 2006 - 2020, Intel Corporation. All rights reserved.
(C) Copyright 2015-2018 Hewlett Packard Enterprise Development LP
Copyright (c) Microsoft Corporation.
+Copyright (c) 2022, ARM Limited. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent @@ -2660,14 +2661,22 @@ VariableServiceSetVariable ( } // - // Make sure if runtime bit is set, boot service bit is set also. + // Check if the combination of attribute bits is valid. // if ((Attributes & (EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS)) == EFI_VARIABLE_RUNTIME_ACCESS) { + // + // Make sure if runtime bit is set, boot service bit is set also. + // if ((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) != 0) { return EFI_UNSUPPORTED; } else { return EFI_INVALID_PARAMETER; } + } else if ((Attributes & EFI_VARIABLE_ATTRIBUTES_MASK) == EFI_VARIABLE_NON_VOLATILE) { + // + // Only EFI_VARIABLE_NON_VOLATILE attribute is invalid + // + return EFI_INVALID_PARAMETER; } else if ((Attributes & VARIABLE_ATTRIBUTE_AT_AW) != 0) { if (!mVariableModuleGlobal->VariableGlobal.AuthSupport) { // @@ -3142,6 +3151,11 @@ VariableServiceQueryVariableInfo ( // Make sure the Attributes combination is supported by the platform. // return EFI_UNSUPPORTED; + } else if ((Attributes & EFI_VARIABLE_ATTRIBUTES_MASK) == EFI_VARIABLE_NON_VOLATILE) { + // + // Only EFI_VARIABLE_NON_VOLATILE attribute is invalid + // + return EFI_INVALID_PARAMETER; } else if ((Attributes & (EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS)) == EFI_VARIABLE_RUNTIME_ACCESS) { // // Make sure if runtime bit is set, boot service bit is set also.