1. Correct the counter-based hash algorithm according to UEFI spec.

2. Check the reserverd bit in variable attribute.
3. Return EFI_OUT_OF_RESOURCE instead of EFI_SECURITY_VIOLATION if there is not enough speace to store the public key.
4. Fix a bug when deleting a non-existent time-based auth variable, we store the certificate into cert DB incorrectly.
5. Fix a bug that time-based auth variable can't been updated again after append operation.

Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting  <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13957 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
sfu5 2012-11-21 08:06:02 +00:00
parent d316f1dca1
commit 275beb2b53
3 changed files with 29 additions and 5 deletions

View File

@ -526,7 +526,9 @@ VerifyCounterBasedPayload (
EFI_CERT_BLOCK_RSA_2048_SHA256 *CertBlock;
UINT8 Digest[SHA256_DIGEST_SIZE];
VOID *Rsa;
UINTN PayloadSize;
PayloadSize = DataSize - AUTHINFO_SIZE;
Rsa = NULL;
CertData = NULL;
CertBlock = NULL;
@ -558,7 +560,14 @@ VerifyCounterBasedPayload (
if (!Status) {
goto Done;
}
Status = Sha256Update (mHashCtx, Data + AUTHINFO_SIZE, (UINTN) (DataSize - AUTHINFO_SIZE));
Status = Sha256Update (mHashCtx, Data + AUTHINFO_SIZE, PayloadSize);
if (!Status) {
goto Done;
}
//
// Hash Size.
//
Status = Sha256Update (mHashCtx, &PayloadSize, sizeof (UINTN));
if (!Status) {
goto Done;
}
@ -1099,6 +1108,7 @@ ProcessVarWithKek (
@return EFI_INVALID_PARAMETER Invalid parameter.
@return EFI_WRITE_PROTECTED Variable is write-protected and needs authentication with
EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set.
@return EFI_OUT_OF_RESOURCES The Database to save the public key is full.
@return EFI_SECURITY_VIOLATION The variable is with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS
set, but the AuthInfo does NOT pass the validation
check carried out by the firmware.
@ -1253,7 +1263,7 @@ ProcessVariable (
//
KeyIndex = AddPubKeyInStore (PubKey);
if (KeyIndex == 0) {
return EFI_SECURITY_VIOLATION;
return EFI_OUT_OF_RESOURCES;
}
}
@ -2155,13 +2165,13 @@ VerifyTimeBasedPayload (
//
// Delete signer's certificates when delete the common authenticated variable.
//
if ((PayloadSize == 0) && (Variable->CurrPtr != NULL)) {
if ((PayloadSize == 0) && (Variable->CurrPtr != NULL) && ((Attributes & EFI_VARIABLE_APPEND_WRITE) == 0)) {
Status = DeleteCertsFromDb (VariableName, VendorGuid);
if (EFI_ERROR (Status)) {
VerifyStatus = FALSE;
goto Exit;
}
} else if (Variable->CurrPtr == NULL) {
} else if (Variable->CurrPtr == NULL && PayloadSize != 0) {
//
// Insert signer's certificates when adding a new common authenticated variable.
//

View File

@ -2280,6 +2280,13 @@ VariableServiceSetVariable (
return EFI_INVALID_PARAMETER;
}
//
// Check for reserverd bit in variable attribute.
//
if ((Attributes & (~EFI_VARIABLE_ATTRIBUTES_MASK)) != 0) {
return EFI_INVALID_PARAMETER;
}
//
// Make sure if runtime bit is set, boot service bit is set also.
//

View File

@ -43,6 +43,13 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <Guid/HardwareErrorVariable.h>
#define VARIABLE_RECLAIM_THRESHOLD (1024)
#define EFI_VARIABLE_ATTRIBUTES_MASK (EFI_VARIABLE_NON_VOLATILE | \
EFI_VARIABLE_BOOTSERVICE_ACCESS | \
EFI_VARIABLE_RUNTIME_ACCESS | \
EFI_VARIABLE_HARDWARE_ERROR_RECORD | \
EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS | \
EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS | \
EFI_VARIABLE_APPEND_WRITE)
///
/// The size of a 3 character ISO639 language code.