From: "Sunny Wang" <Sunny.Wang@arm.com>
To: devel@edk2.groups.io
Cc: Sunny Wang <Sunny.Wang@arm.com>,
Liming Gao <gaoliming@byosoft.com.cn>,
Heinrich Schuchardt <heinrich.schuchardt@canonical.com>,
G Edhaya Chandran <edhaya.chandran@arm.com>,
Samer El-Haj-Mahmoud <samer.el-haj-mahmoud@arm.com>,
Sunny Wang <sunny.wang@arm.com>
Subject: [PATCH] MdeModulePkg/Variable: Make only EFI_VARIABLE_NON_VOLATILE invalid
Date: Tue, 11 Jan 2022 21:37:20 +0000 [thread overview]
Message-ID: <20220111213720.1358-1-Sunny.Wang@arm.com> (raw)
Only EFI_VARIABLE_NON_VOLATILE attribute is an invalid combination
of attribute bits, so update the variable driver to return
EFI_INVALID_PARAMETER so that we can prevent the invalid variable
being created.
This change also fixes the SCT failure below:
- RT.QueryVariableInfo - With being an invalid combination -- FAILURE
For details, please check the threads below:
- https://edk2.groups.io/g/devel/topic/86486174
- https://edk2.groups.io/g/devel/message/82466
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Cc: G Edhaya Chandran <edhaya.chandran@arm.com>
Cc: Samer El-Haj-Mahmoud <samer.el-haj-mahmoud@arm.com>
Signed-off-by: Sunny Wang <sunny.wang@arm.com>
---
.../Universal/Variable/RuntimeDxe/Variable.c | 16 +++++++++++++++-
1 file changed, 15 insertions(+), 1 deletion(-)
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
index 9722a94420..6c1a3440ac 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
@@ -19,6 +19,7 @@
Copyright (c) 2006 - 2020, Intel Corporation. All rights reserved.<BR>
(C) Copyright 2015-2018 Hewlett Packard Enterprise Development LP<BR>
Copyright (c) Microsoft Corporation.<BR>
+Copyright (c) 2022, ARM Limited. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -2660,14 +2661,22 @@ VariableServiceSetVariable (
}
//
- // Make sure if runtime bit is set, boot service bit is set also.
+ // Check if the combination of attribute bits is valid.
//
if ((Attributes & (EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS)) == EFI_VARIABLE_RUNTIME_ACCESS) {
+ //
+ // Make sure if runtime bit is set, boot service bit is set also.
+ //
if ((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) != 0) {
return EFI_UNSUPPORTED;
} else {
return EFI_INVALID_PARAMETER;
}
+ } else if ((Attributes & EFI_VARIABLE_ATTRIBUTES_MASK) == EFI_VARIABLE_NON_VOLATILE) {
+ //
+ // Only EFI_VARIABLE_NON_VOLATILE attribute is invalid
+ //
+ return EFI_INVALID_PARAMETER;
} else if ((Attributes & VARIABLE_ATTRIBUTE_AT_AW) != 0) {
if (!mVariableModuleGlobal->VariableGlobal.AuthSupport) {
//
@@ -3142,6 +3151,11 @@ VariableServiceQueryVariableInfo (
// Make sure the Attributes combination is supported by the platform.
//
return EFI_UNSUPPORTED;
+ } else if ((Attributes & EFI_VARIABLE_ATTRIBUTES_MASK) == EFI_VARIABLE_NON_VOLATILE) {
+ //
+ // Only EFI_VARIABLE_NON_VOLATILE attribute is invalid
+ //
+ return EFI_INVALID_PARAMETER;
} else if ((Attributes & (EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS)) == EFI_VARIABLE_RUNTIME_ACCESS) {
//
// Make sure if runtime bit is set, boot service bit is set also.
--
2.33.0.windows.2
next reply other threads:[~2022-01-11 21:37 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-11 21:37 Sunny Wang [this message]
2022-01-12 1:06 ` 回复: [edk2-devel] [PATCH] MdeModulePkg/Variable: Make only EFI_VARIABLE_NON_VOLATILE invalid gaoliming
[not found] ` <16C9607E4A3522C0.22643@groups.io>
2022-01-18 5:24 ` gaoliming
2022-01-26 16:25 ` Sunny Wang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220111213720.1358-1-Sunny.Wang@arm.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox