tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SecurityPkg Variable: Allow the delete operation of common auth variable at user physical presence. 

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17042 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
Star Zeng 2015-03-13 01:24:16 +00:00 committed by lzeng14
parent c5fcd77f73
commit f6c5031926
3 changed files with 108 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

119
SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
View File

@ -19,7 +19,7 @@
They will do basic validation for authentication data structure, then call crypto library
to verify the signature.
Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -129,36 +129,6 @@ InCustomMode (
return FALSE;
}
/**
Internal function to delete a Variable given its name and GUID, no authentication
required.
@param[in] VariableName Name of the Variable.
@param[in] VendorGuid GUID of the Variable.
@retval EFI_SUCCESS Variable deleted successfully.
@retval Others The driver failded to start the device.
**/
EFI_STATUS
DeleteVariable (
IN CHAR16 *VariableName,
IN EFI_GUID *VendorGuid
)
{
EFI_STATUS Status;
VARIABLE_POINTER_TRACK Variable;
Status = FindVariable (VariableName, VendorGuid, &Variable, &mVariableModuleGlobal->VariableGlobal, FALSE);
if (EFI_ERROR (Status)) {
return EFI_SUCCESS;
}
ASSERT (Variable.CurrPtr != NULL);
return UpdateVariable (VariableName, VendorGuid, NULL, 0, 0, 0, 0, &Variable, NULL);
}
/**
Initializes for authenticated varibale service.
@ -1281,6 +1251,59 @@ ProcessVarWithKek (
return Status;
}
/**
Check if it is to delete auth variable.
@param[in] Data Data pointer.
@param[in] DataSize Size of Data.
@param[in] Variable The variable information which is used to keep track of variable usage.
@param[in] Attributes Attribute value of the variable.
@retval TRUE It is to delete auth variable.
@retval FALSE It is not to delete auth variable.
**/
BOOLEAN
IsDeleteAuthVariable (
IN VOID *Data,
IN UINTN DataSize,
IN VARIABLE_POINTER_TRACK *Variable,
IN UINT32 Attributes
)
{
BOOLEAN Del;
UINT8 *Payload;
UINTN PayloadSize;
Del = FALSE;
//
// To delete a variable created with the EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS
// or the EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS attribute,
// SetVariable must be used with attributes matching the existing variable
// and the DataSize set to the size of the AuthInfo descriptor.
//
if ((Variable->CurrPtr != NULL) &&
(Attributes == Variable->CurrPtr->Attributes) &&
((Attributes & (EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS)) != 0)) {
if ((Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) != 0) {
Payload = (UINT8 *) Data + AUTHINFO2_SIZE (Data);
PayloadSize = DataSize - AUTHINFO2_SIZE (Data);
if (PayloadSize == 0) {
Del = TRUE;
}
} else {
Payload = (UINT8 *) Data + AUTHINFO_SIZE;
PayloadSize = DataSize - AUTHINFO_SIZE;
if (PayloadSize == 0) {
Del = TRUE;
}
}
}
return Del;
}
/**
Process variable with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS/EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set
@ -1295,8 +1318,7 @@ ProcessVarWithKek (
@param[in] VendorGuid Variable vendor GUID.
@param[in] Data Data pointer.
@param[in] DataSize Size of Data found. If size is less than the
data, this value contains the required size.
@param[in] DataSize Size of Data.
@param[in] Variable The variable information which is used to keep track of variable usage.
@param[in] Attributes Attribute value of the variable.
@ -1336,11 +1358,36 @@ ProcessVariable (
PubKey = NULL;
IsDeletion = FALSE;
if (NeedPhysicallyPresent(VariableName, VendorGuid) && !UserPhysicalPresent()) {
if (UserPhysicalPresent()) {
//
// This variable is protected, only physical present user could modify its value.
// Allow the delete operation of common authenticated variable at user physical presence.
//
return EFI_SECURITY_VIOLATION;
if (IsDeleteAuthVariable (Data, DataSize, Variable, Attributes)) {
if ((Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) != 0) {
Status = DeleteCertsFromDb (VariableName, VendorGuid);
}
if (!EFI_ERROR (Status)) {
Status = UpdateVariable (
VariableName,
VendorGuid,
NULL,
0,
0,
0,
0,
Variable,
NULL
);
}
return Status;
}
} else {
if (NeedPhysicallyPresent(VariableName, VendorGuid)) {
//
// This variable is protected, only physical present user could modify its value.
//
return EFI_SECURITY_VIOLATION;
}
}
//

20
SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h
View File

@ -12,7 +12,7 @@
may not be modified without authorization. If platform fails to protect these resources,
the authentication service provided in this driver will be broken, and the behavior is undefined.
Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -289,6 +289,24 @@ CompareTimeStamp (
IN EFI_TIME *SecondTime
);
/**
Delete matching signer's certificates when deleting common authenticated
variable by corresponding VariableName and VendorGuid from "certdb".
@param[in] VariableName Name of authenticated Variable.
@param[in] VendorGuid Vendor GUID of authenticated Variable.
@retval EFI_INVALID_PARAMETER Any input parameter is invalid.
@retval EFI_NOT_FOUND Fail to find "certdb" or matching certs.
@retval EFI_OUT_OF_RESOURCES The operation is failed due to lack of resources.
@retval EFI_SUCCESS The operation is completed successfully.
**/
EFI_STATUS
DeleteCertsFromDb (
IN CHAR16 *VariableName,
IN EFI_GUID *VendorGuid
);
/**
Process variable with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set

11
SecurityPkg/VariableAuthenticated/RuntimeDxe/VarCheck.c
View File

@ -13,6 +13,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include "Variable.h"
#include "AuthService.h"
#include <Library/DevicePathLib.h>
extern LIST_ENTRY mLockedVariableList;
@ -668,7 +669,7 @@ VARIABLE_DRIVER_VARIABLE_ENTRY mVariableDriverVariableList[] = {
EFI_VENDOR_KEYS_NV_VARIABLE_NAME,
{
VAR_CHECK_VARIABLE_PROPERTY_REVISION,
0,
VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY,
VARIABLE_ATTRIBUTE_NV_BS_RT_AT,
sizeof (UINT8),
sizeof (UINT8)
@ -676,10 +677,10 @@ VARIABLE_DRIVER_VARIABLE_ENTRY mVariableDriverVariableList[] = {
},
{
&gEfiAuthenticatedVariableGuid,
L"AuthVarKeyDatabase",
AUTHVAR_KEYDB_NAME,
{
VAR_CHECK_VARIABLE_PROPERTY_REVISION,
0,
VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY,
VARIABLE_ATTRIBUTE_NV_BS_RT_AW,
sizeof (UINT8),
MAX_UINTN
@ -687,10 +688,10 @@ VARIABLE_DRIVER_VARIABLE_ENTRY mVariableDriverVariableList[] = {
},
{
&gEfiCertDbGuid,
L"certdb",
EFI_CERT_DB_NAME,
{
VAR_CHECK_VARIABLE_PROPERTY_REVISION,
0,
VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY,
VARIABLE_ATTRIBUTE_NV_BS_RT_AT,
sizeof (UINT32),
MAX_UINTN