tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

MdeModulePkg/SecurityPkg Variable: If a preexisting variable is rewritten with different attributes, SetVariable() shall not modify the variable and shall return EFI_INVALID_PARAMETER. 

Two exceptions to this rule:
1. No access attributes specified
2. The only attribute differing is EFI_VARIABLE_APPEND_WRITE

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14552 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
Star Zeng 2013-08-16 03:19:45 +00:00 committed by lzeng14
parent 3d2f91ecde
commit 6e67fec07f
2 changed files with 22 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
View File

@ -2275,9 +2275,9 @@ VariableServiceSetVariable (
} }
// //
// Not support authenticated variable write yet. // Not support authenticated or append variable write yet.
// //
if ((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) != 0) { if ((Attributes & (EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS | EFI_VARIABLE_APPEND_WRITE)) != 0) {
return EFI_INVALID_PARAMETER; return EFI_INVALID_PARAMETER;
} }
@ -2361,6 +2361,16 @@ VariableServiceSetVariable (
Status = EFI_WRITE_PROTECTED; Status = EFI_WRITE_PROTECTED;
goto Done; goto Done;
} }
if (Attributes != 0 && Attributes != Variable.CurrPtr->Attributes) {
//
// If a preexisting variable is rewritten with different attributes, SetVariable() shall not
// modify the variable and shall return EFI_INVALID_PARAMETER. Two exceptions to this rule:
// 1. No access attributes specified
// 2. The only attribute differing is EFI_VARIABLE_APPEND_WRITE
//
Status = EFI_INVALID_PARAMETER;
goto Done;
}
} }
// //

10
SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
View File

@ -2831,6 +2831,16 @@ VariableServiceSetVariable (
Status = EFI_WRITE_PROTECTED; Status = EFI_WRITE_PROTECTED;
goto Done; goto Done;
} }
if (Attributes != 0 && (Attributes & (~EFI_VARIABLE_APPEND_WRITE)) != Variable.CurrPtr->Attributes) {
//
// If a preexisting variable is rewritten with different attributes, SetVariable() shall not
// modify the variable and shall return EFI_INVALID_PARAMETER. Two exceptions to this rule:
// 1. No access attributes specified
// 2. The only attribute differing is EFI_VARIABLE_APPEND_WRITE
//
Status = EFI_INVALID_PARAMETER;
goto Done;
}
} }
// //