From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from walk.intel-email.com (walk.intel-email.com [101.227.64.242])
 by mx.groups.io with SMTP id smtpd.web11.4556.1687656883959633762
 for <devel@edk2.groups.io>;
 Sat, 24 Jun 2023 18:34:49 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@byosoft.com.cn header.s=cloud-union header.b=dqBoTLPK;
 spf=pass (domain: byosoft.com.cn, ip: 101.227.64.242, mailfrom: gaoliming@byosoft.com.cn)
Received: from walk.intel-email.com (localhost [127.0.0.1])
	by walk.intel-email.com (Postfix) with ESMTP id 63F86CD1F6AC
	for <devel@edk2.groups.io>; Sun, 25 Jun 2023 09:33:51 +0800 (CST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=byosoft.com.cn;
	s=cloud-union; t=1687656831;
	bh=aWD9oFn5HY9/urv2H0oM52EeOXcveBiCiBPoXRjn07Y=;
	h=From:To:References:In-Reply-To:Subject:Date;
	b=dqBoTLPKA7ij4iJ/snqsc/yTh3ZKOfkHpc3GcyFdw0xNvwgNjYljEefiUqQkExB0m
	 aXayOCC0lnf6qGWByZl5msBUr+y1k8qxxSula24joYc3atNcj5y3g0g0pj5kEelA33
	 kurx9vZZ7T9+TfSpZpc1kUTln426kLhV4fDPzw0c=
Received: from localhost (localhost [127.0.0.1])
	by walk.intel-email.com (Postfix) with ESMTP id 5F9E4CD1F699
	for <devel@edk2.groups.io>; Sun, 25 Jun 2023 09:33:51 +0800 (CST)
Received: from walk.intel-email.com (localhost [127.0.0.1])
	by walk.intel-email.com (Postfix) with ESMTP id 32FD2CD1F696
	for <devel@edk2.groups.io>; Sun, 25 Jun 2023 09:33:51 +0800 (CST)
Authentication-Results: walk.intel-email.com; none
Received: from mail.byosoft.com.cn (mail.byosoft.com.cn [58.240.74.242])
	by walk.intel-email.com (Postfix) with SMTP id CF8B3CD1F6F5
	for <devel@edk2.groups.io>; Sun, 25 Jun 2023 09:33:47 +0800 (CST)
Received: from DESKTOPS6D0PVI ([58.246.60.130])
	(envelope-sender <gaoliming@byosoft.com.cn>)
	by 192.168.6.13 with ESMTP
	for <abhi.singh@arm.com>; Sun, 25 Jun 2023 09:33:44 +0800
X-WM-Sender: gaoliming@byosoft.com.cn
X-Originating-IP: 58.246.60.130
X-WM-AuthFlag: YES
X-WM-AuthUser: gaoliming@byosoft.com.cn
From: "gaoliming" <gaoliming@byosoft.com.cn>
To: <devel@edk2.groups.io>,
	<mikuback@linux.microsoft.com>,
	<Abhi.Singh@arm.com>
References: <20230412212505.538013-1-Abhi.Singh@arm.com> <dc4ab0c8-99ad-b08e-94b1-416cf8edd2f1@linux.microsoft.com>
In-Reply-To: <dc4ab0c8-99ad-b08e-94b1-416cf8edd2f1@linux.microsoft.com>
Subject: =?UTF-8?B?5Zue5aSNOiBbZWRrMi1kZXZlbF0gW1BBVENIIHYxIDEvMV0gTWRlTW9kdWxlUGtnL1ZhcmlhYmxlOiBUY2dNb3JMb2NrU21tIEtleSBNaXNtYXRjaCBjaGFuZ2VzIGxvY2sgc3RhdGU=?=
Date: Sun, 25 Jun 2023 09:33:45 +0800
Message-ID: <03bd01d9a705$150e6400$3f2b2c00$@byosoft.com.cn>
MIME-Version: 1.0
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQJctsvV9EvMfqG3JpNJvt/sV5/3VAHPJIQOroYiR8A=
Sender: "gaoliming" <gaoliming@byosoft.com.cn>
Content-Type: text/plain;
	charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Content-Language: zh-cn

Abhi:
  Sorry for the missing patch. I agree Michael comment. Can you help update=
 the patch? If yes, you can add my Reviewed-by: Liming Gao <gaoliming@byoso=
ft.com.cn>

Thanks
Liming
> -----=E9=82=AE=E4=BB=B6=E5=8E=9F=E4=BB=B6-----
> =E5=8F=91=E4=BB=B6=E4=BA=BA: devel@edk2.groups.io <devel@edk2.groups.io> =
=E4=BB=A3=E8=A1=A8 Michael
> Kubacki
> =E5=8F=91=E9=80=81=E6=97=B6=E9=97=B4: 2023=E5=B9=B46=E6=9C=889=E6=97=A5 4=
:58
> =E6=94=B6=E4=BB=B6=E4=BA=BA: devel@edk2.groups.io; Abhi.Singh@arm.com
> =E4=B8=BB=E9=A2=98: Re: [edk2-devel] [PATCH v1 1/1] MdeModulePkg/Variable=
:
> TcgMorLockSmm Key Mismatch changes lock state
>=20
> Acked-by: Michael Kubacki <michael.kubacki@microsoft.com>
>=20
> Inline code comment below.
>=20
> On 4/12/2023 5:25 PM, Abhimanyu Singh wrote:
> > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4410
> >
> > Inside TcgMorLockSmm.c, the SetVariableCheckHandlerMorLock() function
> > contains a scenario to prevent a possible dictionary attack on the MorL=
ock
> > Key in accordance with the TCG Platform Reset Mitigation Spec v1.10.
> >
> > The mechanism to prevent this attack must also change the MorLock
> Variable
> > Value to 0x01 to indicate Locked Without Key.
> >
> > Cc: Jian J Wang <jian.j.wang@intel.com>
> > Cc: Liming Gao <gaoliming@byosoft.com.cn>
> > Signed-off-by: Abhi Singh <Abhi.Singh@arm.com>
> > ---
> >   MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c | 4
> ++++
> >   1 file changed, 4 insertions(+)
> >
> > diff --git
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c
> > index da1105ff073e..a76db18ef877 100644
> > --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c
> > +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c
> > @@ -312,6 +312,10 @@ SetVariableCheckHandlerMorLock (
> >         mMorLockState    =3D MorLockStateLocked;
> >
> >         mMorLockKeyEmpty =3D TRUE;
> >
> >         ZeroMem (mMorLockKey, sizeof (mMorLockKey));
> >
> > +      //
> >
> > +      // Update value to reflect locked without key
> >
> > +      //
> >
> > +      SetMorLockVariable (MOR_LOCK_DATA_LOCKED_WITHOUT_KEY);
>=20
> I know the TCG Reset Attack Mitigation Specification requires
> EFI_ACCESS_DENIED to be returned from this function in this case but
> SetMorLockVariable() returns a status code.
>=20
> I suggest capturing that followed by an ASSERT_EFI_ERROR (Status) to at
> least help raise visibility of unexpected errors in builds with asserts
> enabled.
>=20

Do you mean ASSERT_EFI_ERROR (Status) return from SetMorLockVariable () API=
?=20
I agree this suggestion.=20

Thanks
Liming
> >
> >         return EFI_ACCESS_DENIED;
> >
> >       }
> >
> >     }
> >
>=20
>=20
>=20
>=20