From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pg1-f195.google.com (mail-pg1-f195.google.com [209.85.215.195]) by mx.groups.io with SMTP id smtpd.web11.8415.1591167591802270284 for ; Tue, 02 Jun 2020 23:59:51 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@corthon-com.20150623.gappssmtp.com header.s=20150623 header.b=HCpxIo/X; spf=none, err=permanent DNS error (domain: corthon.com, ip: 209.85.215.195, mailfrom: bret@corthon.com) Received: by mail-pg1-f195.google.com with SMTP id o6so1143115pgh.2 for ; Tue, 02 Jun 2020 23:59:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=corthon-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=moKG7ir8LRY80w1rtryS2PS6055nj4tXN2w+N5eMS7g=; b=HCpxIo/X4xeb4ztnE5cbiQsiia7ZTJxTDOHLGNrjPCc9Wl7pZHwp58kRgX2mDDQpoM 8EvkNs4fLvmXUzZccCx3nS6VlbD070ymTlorkxSP8gQdAU30D4wHxszMNwMwEnhV78lu rrXe/Q8l3eI927Nx0CtHoK6NIfuzLY3u0GaeEtAmZpAeb8RjZVsQ9sTXHq9B+yxrpAUS EJZbzm7yDoc2KN4XO5nZtextkkmA6DEM3hjx6M3Y7yDsYq2QhdQxvwhXkoHg6tvHjzeQ iRYHHTzAP3Rxf90GLCityiKnuy7yD63B8c/3NeqW2bDCrMhTc0M5AKtOAnzoRpMQTaMh eLdw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=moKG7ir8LRY80w1rtryS2PS6055nj4tXN2w+N5eMS7g=; b=mhP/o7cU0h329/WlmM7MurpEzKVu3pJ1bv7zgw5b8bxBrINnhcctfSDuNh+JPHB/y0 Ggn5A2T2yYj1SoyE/tzOnnII2iLnfWIEKnEuwZUdlKdhi2CziaRWuL9JorIIb6ig5u4m Uv0IXPDpm/+PT/BokE7FbLx4Uix74dtRQ4K6BxsY1t5jdAu2iuQfm4CU3bXMfNQKTtkj POvyTKQgJX0ZdwVhMb5auZm2lfrgbOy9cjIkeXEQ5eI6BNlyILK4DXcNCUonuF673TNa QLdJ2gI9Z6ITmjy0Pac3FNPRJh+Bb+r7VGYR1aUXAJQ1G0JZT6hM7qER83YnuPK9O0B5 EPKQ== X-Gm-Message-State: AOAM530WEoW5elGLFcBcugXBuCk5bjYuGoXn6ytSfQGvt+I7sHX+BdV0 6PdLVfwzgPMMNinn0WZU16cYCv1vMB8= X-Google-Smtp-Source: ABdhPJzwMTHeoHQj/aG2I7lZFfXAoiHoPEhZdfV2AtMQXAOlQIL4+G7cwBomJ0Pq2q5mlEqe36w3KQ== X-Received: by 2002:a17:90a:a013:: with SMTP id q19mr4050607pjp.120.1591167591200; Tue, 02 Jun 2020 23:59:51 -0700 (PDT) Return-Path: Received: from localhost.localdomain ([71.212.144.72]) by smtp.gmail.com with ESMTPSA id y6sm1262003pjn.37.2020.06.02.23.59.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 02 Jun 2020 23:59:50 -0700 (PDT) From: Bret Barkelew X-Google-Original-From: Bret Barkelew To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Chao Zhang Subject: [PATCH v5 11/14] SecurityPkg: Allow VariablePolicy state to delete authenticated variables Date: Tue, 2 Jun 2020 23:58:07 -0700 Message-Id: <20200603065810.806-12-brbarkel@microsoft.com> X-Mailer: git-send-email 2.26.2.windows.1.8.g01c50adf56.20200515075929 In-Reply-To: <20200603065810.806-1-brbarkel@microsoft.com> References: <20200603065810.806-1-brbarkel@microsoft.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable https://bugzilla.tianocore.org/show_bug.cgi?id=3D2522 Causes AuthService to check IsVariablePolicyEnabled() before enforcing write protections to allow variable deletion when policy engine is disabled. Only allows deletion, not modification. Cc: Jiewen Yao Cc: Jian J Wang Cc: Chao Zhang Cc: Bret Barkelew Signed-off-by: Bret Barkelew --- SecurityPkg/Library/AuthVariableLib/AuthService.c | 22 +++++++++++++= +++---- SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf | 2 ++ 2 files changed, 20 insertions(+), 4 deletions(-) diff --git a/SecurityPkg/Library/AuthVariableLib/AuthService.c b/SecurityPk= g/Library/AuthVariableLib/AuthService.c index 2f60331f2c04..aca9a5620c28 100644 --- a/SecurityPkg/Library/AuthVariableLib/AuthService.c +++ b/SecurityPkg/Library/AuthVariableLib/AuthService.c @@ -19,12 +19,16 @@ to verify the signature.=0D =0D Copyright (c) 2009 - 2019, Intel Corporation. All rights reserved.
=0D +Copyright (c) Microsoft Corporation.=0D SPDX-License-Identifier: BSD-2-Clause-Patent=0D =0D **/=0D =0D #include "AuthServiceInternal.h"=0D =0D +#include =0D +#include =0D +=0D //=0D // Public Exponent of RSA Key.=0D //=0D @@ -217,9 +221,12 @@ NeedPhysicallyPresent( IN EFI_GUID *VendorGuid=0D )=0D {=0D - if ((CompareGuid (VendorGuid, &gEfiSecureBootEnableDisableGuid) && (StrC= mp (VariableName, EFI_SECURE_BOOT_ENABLE_NAME) =3D=3D 0))=0D - || (CompareGuid (VendorGuid, &gEfiCustomModeEnableGuid) && (StrCmp (Va= riableName, EFI_CUSTOM_MODE_NAME) =3D=3D 0))) {=0D - return TRUE;=0D + // If the VariablePolicy engine is disabled, allow deletion of any authe= nticated variables.=0D + if (IsVariablePolicyEnabled()) {=0D + if ((CompareGuid (VendorGuid, &gEfiSecureBootEnableDisableGuid) && (St= rCmp (VariableName, EFI_SECURE_BOOT_ENABLE_NAME) =3D=3D 0))=0D + || (CompareGuid (VendorGuid, &gEfiCustomModeEnableGuid) && (StrCmp (= VariableName, EFI_CUSTOM_MODE_NAME) =3D=3D 0))) {=0D + return TRUE;=0D + }=0D }=0D =0D return FALSE;=0D @@ -842,7 +849,8 @@ ProcessVariable ( &OrgVariableInfo=0D );=0D =0D - if ((!EFI_ERROR (Status)) && IsDeleteAuthVariable (OrgVariableInfo.Attri= butes, Data, DataSize, Attributes) && UserPhysicalPresent()) {=0D + // If the VariablePolicy engine is disabled, allow deletion of any authe= nticated variables.=0D + if ((!EFI_ERROR (Status)) && IsDeleteAuthVariable (OrgVariableInfo.Attri= butes, Data, DataSize, Attributes) && (UserPhysicalPresent() || !IsVariable= PolicyEnabled())) {=0D //=0D // Allow the delete operation of common authenticated variable(AT or A= W) at user physical presence.=0D //=0D @@ -1960,6 +1968,12 @@ VerifyTimeBasedPayload ( =0D CopyMem (Buffer, PayloadPtr, PayloadSize);=0D =0D + // If the VariablePolicy engine is disabled, allow deletion of any authe= nticated variables.=0D + if (PayloadSize =3D=3D 0 && (Attributes & EFI_VARIABLE_APPEND_WRITE) =3D= =3D 0 && !IsVariablePolicyEnabled()) {=0D + VerifyStatus =3D TRUE;=0D + goto Exit;=0D + }=0D +=0D if (AuthVarType =3D=3D AuthVarTypePk) {=0D //=0D // Verify that the signature has been made with the current Platform K= ey (no chaining for PK).=0D diff --git a/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf b/Secu= rityPkg/Library/AuthVariableLib/AuthVariableLib.inf index 8d4ce14df494..8eadeebcebd7 100644 --- a/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf +++ b/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf @@ -3,6 +3,7 @@ #=0D # Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.
= =0D # Copyright (c) 2018, ARM Limited. All rights reserved.
=0D +# Copyright (c) Microsoft Corporation.=0D #=0D # SPDX-License-Identifier: BSD-2-Clause-Patent=0D #=0D @@ -41,6 +42,7 @@ [LibraryClasses] MemoryAllocationLib=0D BaseCryptLib=0D PlatformSecureLib=0D + VariablePolicyLib=0D =0D [Guids]=0D ## CONSUMES ## Variable:L"SetupMode"=0D --=20 2.26.2.windows.1.8.g01c50adf56.20200515075929