mirror of https://github.com/acidanthera/audk.git
SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4117/4118 symbol rename
Updates the sanitation function names to be lib unique names Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Rahul Kumar <rahul1.kumar@intel.com> Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com> Message-Id: <355aa846a99ca6ac0f7574cf5982661da0d9fea6.1705529990.git.doug.edk2@gmail.com> Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
This commit is contained in:
parent
40adbb7f62
commit
326db0c907
|
@ -174,7 +174,7 @@ TcgMeasureGptTable (
|
|||
BlockIo->Media->BlockSize,
|
||||
(UINT8 *)PrimaryHeader
|
||||
);
|
||||
if (EFI_ERROR (Status) || EFI_ERROR (SanitizeEfiPartitionTableHeader (PrimaryHeader, BlockIo))) {
|
||||
if (EFI_ERROR (Status) || EFI_ERROR (TpmSanitizeEfiPartitionTableHeader (PrimaryHeader, BlockIo))) {
|
||||
DEBUG ((DEBUG_ERROR, "Failed to read Partition Table Header or invalid Partition Table Header!\n"));
|
||||
FreePool (PrimaryHeader);
|
||||
return EFI_DEVICE_ERROR;
|
||||
|
@ -183,7 +183,7 @@ TcgMeasureGptTable (
|
|||
//
|
||||
// Read the partition entry.
|
||||
//
|
||||
Status = SanitizePrimaryHeaderAllocationSize (PrimaryHeader, &AllocSize);
|
||||
Status = TpmSanitizePrimaryHeaderAllocationSize (PrimaryHeader, &AllocSize);
|
||||
if (EFI_ERROR (Status)) {
|
||||
FreePool (PrimaryHeader);
|
||||
return EFI_DEVICE_ERROR;
|
||||
|
@ -224,7 +224,7 @@ TcgMeasureGptTable (
|
|||
//
|
||||
// Prepare Data for Measurement
|
||||
//
|
||||
Status = SanitizePrimaryHeaderGptEventSize (PrimaryHeader, NumberOfPartition, &EventSize);
|
||||
Status = TpmSanitizePrimaryHeaderGptEventSize (PrimaryHeader, NumberOfPartition, &EventSize);
|
||||
TcgEvent = (TCG_PCR_EVENT *)AllocateZeroPool (EventSize);
|
||||
if (TcgEvent == NULL) {
|
||||
FreePool (PrimaryHeader);
|
||||
|
@ -351,7 +351,7 @@ TcgMeasurePeImage (
|
|||
|
||||
// Determine destination PCR by BootPolicy
|
||||
//
|
||||
Status = SanitizePeImageEventSize (FilePathSize, &EventSize);
|
||||
Status = TpmSanitizePeImageEventSize (FilePathSize, &EventSize);
|
||||
if (EFI_ERROR (Status)) {
|
||||
return EFI_UNSUPPORTED;
|
||||
}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/** @file
|
||||
The library instance provides security service of TPM2 measure boot and
|
||||
The library instance provides security service of TPM measure boot and
|
||||
Confidential Computing (CC) measure boot.
|
||||
|
||||
Caution: This file requires additional review when modified.
|
||||
|
@ -63,7 +63,7 @@
|
|||
**/
|
||||
EFI_STATUS
|
||||
EFIAPI
|
||||
SanitizeEfiPartitionTableHeader (
|
||||
TpmSanitizeEfiPartitionTableHeader (
|
||||
IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
|
||||
IN CONST EFI_BLOCK_IO_PROTOCOL *BlockIo
|
||||
)
|
||||
|
@ -145,7 +145,7 @@ SanitizeEfiPartitionTableHeader (
|
|||
**/
|
||||
EFI_STATUS
|
||||
EFIAPI
|
||||
SanitizePrimaryHeaderAllocationSize (
|
||||
TpmSanitizePrimaryHeaderAllocationSize (
|
||||
IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
|
||||
OUT UINT32 *AllocationSize
|
||||
)
|
||||
|
@ -194,7 +194,7 @@ SanitizePrimaryHeaderAllocationSize (
|
|||
One of the passed parameters was invalid.
|
||||
**/
|
||||
EFI_STATUS
|
||||
SanitizePrimaryHeaderGptEventSize (
|
||||
TpmSanitizePrimaryHeaderGptEventSize (
|
||||
IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
|
||||
IN UINTN NumberOfPartition,
|
||||
OUT UINT32 *EventSize
|
||||
|
@ -258,7 +258,7 @@ SanitizePrimaryHeaderGptEventSize (
|
|||
One of the passed parameters was invalid.
|
||||
**/
|
||||
EFI_STATUS
|
||||
SanitizePeImageEventSize (
|
||||
TpmSanitizePeImageEventSize (
|
||||
IN UINT32 FilePathSize,
|
||||
OUT UINT32 *EventSize
|
||||
)
|
||||
|
|
|
@ -53,7 +53,7 @@
|
|||
**/
|
||||
EFI_STATUS
|
||||
EFIAPI
|
||||
SanitizeEfiPartitionTableHeader (
|
||||
TpmSanitizeEfiPartitionTableHeader (
|
||||
IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
|
||||
IN CONST EFI_BLOCK_IO_PROTOCOL *BlockIo
|
||||
);
|
||||
|
@ -77,7 +77,7 @@ SanitizeEfiPartitionTableHeader (
|
|||
**/
|
||||
EFI_STATUS
|
||||
EFIAPI
|
||||
SanitizePrimaryHeaderAllocationSize (
|
||||
TpmSanitizePrimaryHeaderAllocationSize (
|
||||
IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
|
||||
OUT UINT32 *AllocationSize
|
||||
);
|
||||
|
@ -105,7 +105,7 @@ SanitizePrimaryHeaderAllocationSize (
|
|||
One of the passed parameters was invalid.
|
||||
**/
|
||||
EFI_STATUS
|
||||
SanitizePrimaryHeaderGptEventSize (
|
||||
TpmSanitizePrimaryHeaderGptEventSize (
|
||||
IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
|
||||
IN UINTN NumberOfPartition,
|
||||
OUT UINT32 *EventSize
|
||||
|
@ -129,7 +129,7 @@ SanitizePrimaryHeaderGptEventSize (
|
|||
One of the passed parameters was invalid.
|
||||
**/
|
||||
EFI_STATUS
|
||||
SanitizePeImageEventSize (
|
||||
TpmSanitizePeImageEventSize (
|
||||
IN UINT32 FilePathSize,
|
||||
OUT UINT32 *EventSize
|
||||
);
|
||||
|
|
|
@ -83,27 +83,27 @@ TestSanitizeEfiPartitionTableHeader (
|
|||
PrimaryHeader.Header.CRC32 = CalculateCrc32 ((UINT8 *)&PrimaryHeader, PrimaryHeader.Header.HeaderSize);
|
||||
|
||||
// Test that a normal PrimaryHeader passes validation
|
||||
Status = SanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
||||
Status = TpmSanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
||||
UT_ASSERT_NOT_EFI_ERROR (Status);
|
||||
|
||||
// Test that when number of partition entries is 0, the function returns EFI_DEVICE_ERROR
|
||||
// Should print "Invalid Partition Table Header NumberOfPartitionEntries!""
|
||||
PrimaryHeader.NumberOfPartitionEntries = 0;
|
||||
Status = SanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
||||
Status = TpmSanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
||||
UT_ASSERT_EQUAL (Status, EFI_DEVICE_ERROR);
|
||||
PrimaryHeader.NumberOfPartitionEntries = DEFAULT_PRIMARY_TABLE_HEADER_SIZE_OF_PARTITION_ENTRY;
|
||||
|
||||
// Test that when the header size is too small, the function returns EFI_DEVICE_ERROR
|
||||
// Should print "Invalid Partition Table Header Size!"
|
||||
PrimaryHeader.Header.HeaderSize = 0;
|
||||
Status = SanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
||||
Status = TpmSanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
||||
UT_ASSERT_EQUAL (Status, EFI_DEVICE_ERROR);
|
||||
PrimaryHeader.Header.HeaderSize = sizeof (EFI_PARTITION_TABLE_HEADER);
|
||||
|
||||
// Test that when the SizeOfPartitionEntry is too small, the function returns EFI_DEVICE_ERROR
|
||||
// should print: "SizeOfPartitionEntry shall be set to a value of 128 x 2^n where n is an integer greater than or equal to zero (e.g., 128, 256, 512, etc.)!"
|
||||
PrimaryHeader.SizeOfPartitionEntry = 1;
|
||||
Status = SanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
||||
Status = TpmSanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
||||
UT_ASSERT_EQUAL (Status, EFI_DEVICE_ERROR);
|
||||
|
||||
DEBUG ((DEBUG_INFO, "%a: Test passed\n", __func__));
|
||||
|
@ -136,7 +136,7 @@ TestSanitizePrimaryHeaderAllocationSize (
|
|||
PrimaryHeader.NumberOfPartitionEntries = 5;
|
||||
PrimaryHeader.SizeOfPartitionEntry = DEFAULT_PRIMARY_TABLE_HEADER_SIZE_OF_PARTITION_ENTRY;
|
||||
|
||||
Status = SanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
||||
Status = TpmSanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
||||
UT_ASSERT_NOT_EFI_ERROR (Status);
|
||||
|
||||
// Test that the allocation size is correct compared to the existing logic
|
||||
|
@ -145,19 +145,19 @@ TestSanitizePrimaryHeaderAllocationSize (
|
|||
// Test that an overflow is detected
|
||||
PrimaryHeader.NumberOfPartitionEntries = MAX_UINT32;
|
||||
PrimaryHeader.SizeOfPartitionEntry = 5;
|
||||
Status = SanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
||||
Status = TpmSanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
||||
UT_ASSERT_EQUAL (Status, EFI_BAD_BUFFER_SIZE);
|
||||
|
||||
// Test the inverse
|
||||
PrimaryHeader.NumberOfPartitionEntries = 5;
|
||||
PrimaryHeader.SizeOfPartitionEntry = MAX_UINT32;
|
||||
Status = SanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
||||
Status = TpmSanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
||||
UT_ASSERT_EQUAL (Status, EFI_BAD_BUFFER_SIZE);
|
||||
|
||||
// Test the worst case scenario
|
||||
PrimaryHeader.NumberOfPartitionEntries = MAX_UINT32;
|
||||
PrimaryHeader.SizeOfPartitionEntry = MAX_UINT32;
|
||||
Status = SanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
||||
Status = TpmSanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
||||
UT_ASSERT_EQUAL (Status, EFI_BAD_BUFFER_SIZE);
|
||||
|
||||
DEBUG ((DEBUG_INFO, "%a: Test passed\n", __func__));
|
||||
|
@ -195,7 +195,7 @@ TestSanitizePrimaryHeaderGptEventSize (
|
|||
NumberOfPartition = 13;
|
||||
|
||||
// that the primary event size is correct
|
||||
Status = SanitizePrimaryHeaderGptEventSize (&PrimaryHeader, NumberOfPartition, &EventSize);
|
||||
Status = TpmSanitizePrimaryHeaderGptEventSize (&PrimaryHeader, NumberOfPartition, &EventSize);
|
||||
UT_ASSERT_NOT_EFI_ERROR (Status);
|
||||
|
||||
// Calculate the existing logic event size
|
||||
|
@ -206,12 +206,12 @@ TestSanitizePrimaryHeaderGptEventSize (
|
|||
UT_ASSERT_EQUAL (EventSize, ExistingLogicEventSize);
|
||||
|
||||
// Tests that the primary event size may not overflow
|
||||
Status = SanitizePrimaryHeaderGptEventSize (&PrimaryHeader, MAX_UINT32, &EventSize);
|
||||
Status = TpmSanitizePrimaryHeaderGptEventSize (&PrimaryHeader, MAX_UINT32, &EventSize);
|
||||
UT_ASSERT_EQUAL (Status, EFI_BAD_BUFFER_SIZE);
|
||||
|
||||
// Test that the size of partition entries may not overflow
|
||||
PrimaryHeader.SizeOfPartitionEntry = MAX_UINT32;
|
||||
Status = SanitizePrimaryHeaderGptEventSize (&PrimaryHeader, NumberOfPartition, &EventSize);
|
||||
Status = TpmSanitizePrimaryHeaderGptEventSize (&PrimaryHeader, NumberOfPartition, &EventSize);
|
||||
UT_ASSERT_EQUAL (Status, EFI_BAD_BUFFER_SIZE);
|
||||
|
||||
DEBUG ((DEBUG_INFO, "%a: Test passed\n", __func__));
|
||||
|
@ -269,7 +269,7 @@ TestSanitizePeImageEventSize (
|
|||
FilePathSize = 255;
|
||||
|
||||
// Test that a normal PE image passes validation
|
||||
Status = SanitizePeImageEventSize (FilePathSize, &EventSize);
|
||||
Status = TpmSanitizePeImageEventSize (FilePathSize, &EventSize);
|
||||
if (EFI_ERROR (Status)) {
|
||||
UT_LOG_ERROR ("SanitizePeImageEventSize failed with %r\n", Status);
|
||||
goto Exit;
|
||||
|
@ -285,7 +285,7 @@ TestSanitizePeImageEventSize (
|
|||
}
|
||||
|
||||
// Test that the event size may not overflow
|
||||
Status = SanitizePeImageEventSize (MAX_UINT32, &EventSize);
|
||||
Status = TpmSanitizePeImageEventSize (MAX_UINT32, &EventSize);
|
||||
if (Status != EFI_BAD_BUFFER_SIZE) {
|
||||
UT_LOG_ERROR ("SanitizePeImageEventSize succeded when it was supposed to fail with %r\n", Status);
|
||||
goto Exit;
|
||||
|
|
Loading…
Reference in New Issue