From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pj1-f48.google.com (mail-pj1-f48.google.com [209.85.216.48]) by mx.groups.io with SMTP id smtpd.web11.32161.1656633244628786295 for ; Thu, 30 Jun 2022 16:54:04 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20210112 header.b=c9tijCfP; spf=pass (domain: gmail.com, ip: 209.85.216.48, mailfrom: kuqin12@gmail.com) Received: by mail-pj1-f48.google.com with SMTP id h9-20020a17090a648900b001ecb8596e43so989718pjj.5 for ; Thu, 30 Jun 2022 16:54:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Xc4ouQQ4x4FDr37M/NybryhA1X3MX2IyTo44C1x19UA=; b=c9tijCfPj6fnQIYvYs9iY/MfT9vB7lTp+4ZpF8Fsd+XMqhv59n9W4rRwHE73z60sEx JQGi+oIwL39PcBIHhr1uPqaOr3s7+mjBgrVz3ib2FiIRQqvrWeeO4CpGfRGKo53RsF9Z Rogahqt6TS+vM5eg2hsr98NhuUd3G3Y1jFo+Wn4N+cHCGFysklYEF1Z13F2U6wtSrYgp YUBmlkHf8YClurpRe79MjqxR5iO8zVNp6p2ANO9SRS080mhYi77LVSU8irjgKFPAe6Ig K649QFkcPV+iMywweTs4KypWoj7GW14GMpRIaccudHA8yULeKdyXf0k4x3YtbxI6bZny KArA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Xc4ouQQ4x4FDr37M/NybryhA1X3MX2IyTo44C1x19UA=; b=HQ+aGWX4ins5x9LirPPvrEwhuHMCvU/BAdtPDKWPJiNUVsctIJDT53zFv9V3b6ekFl 742zzyTDmg7fXeis2Bo0ZXKZY9C9xHMALNbfMuXMoIWGThgz07cU/RLkqbALRufjOD/e mO09dPJZV4zC9SQiw0bp5FfOTA7sbKz9g7r/XU34IyzJNe5hXVbuPfNH+b+qA3/S8h3K Z78PD0DtqRj+5QGWruoe7/IvMcV+1DUZJ2Z9H0re19Lw1HSmDy3+5AMGUWsoI1xzaTN+ dqD85K6kwxcRrCs5utvq/QBR/aQ8WcD8al4k5CqYqb/byfy26Pv0AqmwJkvRytnFKgqp K5Cw== X-Gm-Message-State: AJIora/iyBHcy5+cYaK0kKkw+vQITsp7esPeNvOSE+RBfW6Trsq46CcQ aCD1AdyCmINGbiFbobMjl0AsFvU2HhQ= X-Google-Smtp-Source: AGRyM1tcB+OfqiVL6EyUyUpaM1EsEcm7fZBFFEVUEeV6Ul+x1t9RffEyU6Egg/A3I25eYjl+Sr1EOQ== X-Received: by 2002:a17:903:228d:b0:16a:59bc:6132 with SMTP id b13-20020a170903228d00b0016a59bc6132mr16966988plh.126.1656633243487; Thu, 30 Jun 2022 16:54:03 -0700 (PDT) Return-Path: Received: from MININT-0U7P5GU.redmond.corp.microsoft.com ([2001:4898:80e8:7:19ac:d515:5a95:7969]) by smtp.gmail.com with ESMTPSA id x199-20020a627cd0000000b00525243d0dc6sm14679202pfc.15.2022.06.30.16.54.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 30 Jun 2022 16:54:03 -0700 (PDT) From: "Kun Qin" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Min Xu , Jiewen Yao , Michael Kubacki Subject: [PATCH v3 09/11] SecurityPkg: SecureBootVariableLib: Added unit tests Date: Thu, 30 Jun 2022 16:53:39 -0700 Message-Id: <20220630235341.1746-10-kuqin12@gmail.com> X-Mailer: git-send-email 2.36.0.windows.1 In-Reply-To: <20220630235341.1746-1-kuqin12@gmail.com> References: <20220630235341.1746-1-kuqin12@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable From: kuqin REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3911 This change added unit test and enabled it from pipeline for the updated SecureBootVariableLib. The unit test covers all implemented interfaces and certain corner cases. Cc: Jiewen Yao Cc: Jian J Wang Cc: Min Xu Signed-off-by: Kun Qin Reviewed-by: Jiewen Yao Acked-by: Michael Kubacki --- Notes: v3: - Added reviewed-by tag [Jiewen] - Added acked-by tag [Michael Kubacki] SecurityPkg/Library/SecureBootVariableLib/UnitTest/MockPlatformPKProtectio= nLib.c | 36 + SecurityPkg/Library/SecureBootVariableLib/UnitTest/MockUefiLib.c = | 201 ++ SecurityPkg/Library/SecureBootVariableLib/UnitTest/MockUefiRuntimeServices= TableLib.c | 13 + SecurityPkg/Library/SecureBootVariableLib/UnitTest/SecureBootVariableLibUn= itTest.c | 2037 ++++++++++++++++++++ SecurityPkg/Library/SecureBootVariableLib/UnitTest/MockPlatformPKProtectio= nLib.inf | 33 + SecurityPkg/Library/SecureBootVariableLib/UnitTest/MockUefiLib.inf = | 45 + SecurityPkg/Library/SecureBootVariableLib/UnitTest/MockUefiRuntimeServices= TableLib.inf | 25 + SecurityPkg/Library/SecureBootVariableLib/UnitTest/SecureBootVariableLibUn= itTest.inf | 36 + SecurityPkg/SecurityPkg.ci.yaml = | 11 + SecurityPkg/Test/SecurityPkgHostTest.dsc = | 38 + 10 files changed, 2475 insertions(+) diff --git a/SecurityPkg/Library/SecureBootVariableLib/UnitTest/MockPlatfor= mPKProtectionLib.c b/SecurityPkg/Library/SecureBootVariableLib/UnitTest/Moc= kPlatformPKProtectionLib.c new file mode 100644 index 000000000000..a8644d272df6 --- /dev/null +++ b/SecurityPkg/Library/SecureBootVariableLib/UnitTest/MockPlatformPKProt= ectionLib.c @@ -0,0 +1,36 @@ +/** @file=0D + Provides a mocked interface for configuring PK related variable protecti= on.=0D +=0D + Copyright (c) Microsoft Corporation.=0D + SPDX-License-Identifier: BSD-2-Clause-Patent=0D +**/=0D +#include =0D +#include =0D +#include =0D +#include =0D +#include =0D +#include =0D +=0D +#include =0D +=0D +/**=0D + Disable any applicable protection against variable 'PK'. The implementat= ion=0D + of this interface is platform specific, depending on the protection tech= niques=0D + used per platform.=0D +=0D + Note: It is the platform's responsibility to conduct cautious operation = after=0D + disabling this protection.=0D +=0D + @retval EFI_SUCCESS State has been successfully updated.= =0D + @retval Others Error returned from implementation s= pecific=0D + underying APIs.=0D +=0D +**/=0D +EFI_STATUS=0D +EFIAPI=0D +DisablePKProtection (=0D + VOID=0D + )=0D +{=0D + return (EFI_STATUS)mock ();=0D +}=0D diff --git a/SecurityPkg/Library/SecureBootVariableLib/UnitTest/MockUefiLib= .c b/SecurityPkg/Library/SecureBootVariableLib/UnitTest/MockUefiLib.c new file mode 100644 index 000000000000..df271c39f26c --- /dev/null +++ b/SecurityPkg/Library/SecureBootVariableLib/UnitTest/MockUefiLib.c @@ -0,0 +1,201 @@ +/** @file=0D + The UEFI Library provides functions and macros that simplify the develop= ment of=0D + UEFI Drivers and UEFI Applications. These functions and macros help man= age EFI=0D + events, build simple locks utilizing EFI Task Priority Levels (TPLs), in= stall=0D + EFI Driver Model related protocols, manage Unicode string tables for UEF= I Drivers,=0D + and print messages on the console output and standard error devices.=0D +=0D + Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.
=0D + SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +**/=0D +=0D +#include =0D +=0D +#include =0D +#include =0D +#include =0D +=0D +/**=0D + Returns the status whether get the variable success. The function retrie= ves=0D + variable through the UEFI Runtime Service GetVariable(). The=0D + returned buffer is allocated using AllocatePool(). The caller is respon= sible=0D + for freeing this buffer with FreePool().=0D +=0D + If Name is NULL, then ASSERT().=0D + If Guid is NULL, then ASSERT().=0D + If Value is NULL, then ASSERT().=0D +=0D + @param[in] Name The pointer to a Null-terminated Unicode string.=0D + @param[in] Guid The pointer to an EFI_GUID structure=0D + @param[out] Value The buffer point saved the variable info.=0D + @param[out] Size The buffer size of the variable.=0D +=0D + @return EFI_OUT_OF_RESOURCES Allocate buffer failed.=0D + @return EFI_SUCCESS Find the specified variable.=0D + @return Others Errors Return errors from call to gRT->GetVar= iable.=0D +=0D +**/=0D +EFI_STATUS=0D +EFIAPI=0D +GetVariable2 (=0D + IN CONST CHAR16 *Name,=0D + IN CONST EFI_GUID *Guid,=0D + OUT VOID **Value,=0D + OUT UINTN *Size OPTIONAL=0D + )=0D +{=0D + EFI_STATUS Status;=0D + UINTN BufferSize;=0D +=0D + ASSERT (Name !=3D NULL && Guid !=3D NULL && Value !=3D NULL);=0D +=0D + //=0D + // Try to get the variable size.=0D + //=0D + BufferSize =3D 0;=0D + *Value =3D NULL;=0D + if (Size !=3D NULL) {=0D + *Size =3D 0;=0D + }=0D +=0D + Status =3D gRT->GetVariable ((CHAR16 *)Name, (EFI_GUID *)Guid, NULL, &Bu= fferSize, *Value);=0D + if (Status !=3D EFI_BUFFER_TOO_SMALL) {=0D + return Status;=0D + }=0D +=0D + //=0D + // Allocate buffer to get the variable.=0D + //=0D + *Value =3D AllocatePool (BufferSize);=0D + ASSERT (*Value !=3D NULL);=0D + if (*Value =3D=3D NULL) {=0D + return EFI_OUT_OF_RESOURCES;=0D + }=0D +=0D + //=0D + // Get the variable data.=0D + //=0D + Status =3D gRT->GetVariable ((CHAR16 *)Name, (EFI_GUID *)Guid, NULL, &Bu= fferSize, *Value);=0D + if (EFI_ERROR (Status)) {=0D + FreePool (*Value);=0D + *Value =3D NULL;=0D + }=0D +=0D + if (Size !=3D NULL) {=0D + *Size =3D BufferSize;=0D + }=0D +=0D + return Status;=0D +}=0D +=0D +/** Return the attributes of the variable.=0D +=0D + Returns the status whether get the variable success. The function retrie= ves=0D + variable through the UEFI Runtime Service GetVariable(). The=0D + returned buffer is allocated using AllocatePool(). The caller is respon= sible=0D + for freeing this buffer with FreePool(). The attributes are returned if= =0D + the caller provides a valid Attribute parameter.=0D +=0D + If Name is NULL, then ASSERT().=0D + If Guid is NULL, then ASSERT().=0D + If Value is NULL, then ASSERT().=0D +=0D + @param[in] Name The pointer to a Null-terminated Unicode string.=0D + @param[in] Guid The pointer to an EFI_GUID structure=0D + @param[out] Value The buffer point saved the variable info.=0D + @param[out] Size The buffer size of the variable.=0D + @param[out] Attr The pointer to the variable attributes as found in var= store=0D +=0D + @retval EFI_OUT_OF_RESOURCES Allocate buffer failed.=0D + @retval EFI_SUCCESS Find the specified variable.=0D + @retval Others Errors Return errors from call to gRT->GetVar= iable.=0D +=0D +**/=0D +EFI_STATUS=0D +EFIAPI=0D +GetVariable3 (=0D + IN CONST CHAR16 *Name,=0D + IN CONST EFI_GUID *Guid,=0D + OUT VOID **Value,=0D + OUT UINTN *Size OPTIONAL,=0D + OUT UINT32 *Attr OPTIONAL=0D + )=0D +{=0D + EFI_STATUS Status;=0D + UINTN BufferSize;=0D +=0D + ASSERT (Name !=3D NULL && Guid !=3D NULL && Value !=3D NULL);=0D +=0D + //=0D + // Try to get the variable size.=0D + //=0D + BufferSize =3D 0;=0D + *Value =3D NULL;=0D + if (Size !=3D NULL) {=0D + *Size =3D 0;=0D + }=0D +=0D + if (Attr !=3D NULL) {=0D + *Attr =3D 0;=0D + }=0D +=0D + Status =3D gRT->GetVariable ((CHAR16 *)Name, (EFI_GUID *)Guid, Attr, &Bu= fferSize, *Value);=0D + if (Status !=3D EFI_BUFFER_TOO_SMALL) {=0D + return Status;=0D + }=0D +=0D + //=0D + // Allocate buffer to get the variable.=0D + //=0D + *Value =3D AllocatePool (BufferSize);=0D + ASSERT (*Value !=3D NULL);=0D + if (*Value =3D=3D NULL) {=0D + return EFI_OUT_OF_RESOURCES;=0D + }=0D +=0D + //=0D + // Get the variable data.=0D + //=0D + Status =3D gRT->GetVariable ((CHAR16 *)Name, (EFI_GUID *)Guid, Attr, &Bu= fferSize, *Value);=0D + if (EFI_ERROR (Status)) {=0D + FreePool (*Value);=0D + *Value =3D NULL;=0D + }=0D +=0D + if (Size !=3D NULL) {=0D + *Size =3D BufferSize;=0D + }=0D +=0D + return Status;=0D +}=0D +=0D +/**=0D + Returns a pointer to an allocated buffer that contains the contents of a= =0D + variable retrieved through the UEFI Runtime Service GetVariable(). This= =0D + function always uses the EFI_GLOBAL_VARIABLE GUID to retrieve variables.= =0D + The returned buffer is allocated using AllocatePool(). The caller is=0D + responsible for freeing this buffer with FreePool().=0D +=0D + If Name is NULL, then ASSERT().=0D + If Value is NULL, then ASSERT().=0D +=0D + @param[in] Name The pointer to a Null-terminated Unicode string.=0D + @param[out] Value The buffer point saved the variable info.=0D + @param[out] Size The buffer size of the variable.=0D +=0D + @return EFI_OUT_OF_RESOURCES Allocate buffer failed.=0D + @return EFI_SUCCESS Find the specified variable.=0D + @return Others Errors Return errors from call to gRT->GetVar= iable.=0D +=0D +**/=0D +EFI_STATUS=0D +EFIAPI=0D +GetEfiGlobalVariable2 (=0D + IN CONST CHAR16 *Name,=0D + OUT VOID **Value,=0D + OUT UINTN *Size OPTIONAL=0D + )=0D +{=0D + return GetVariable2 (Name, &gEfiGlobalVariableGuid, Value, Size);=0D +}=0D diff --git a/SecurityPkg/Library/SecureBootVariableLib/UnitTest/MockUefiRun= timeServicesTableLib.c b/SecurityPkg/Library/SecureBootVariableLib/UnitTest= /MockUefiRuntimeServicesTableLib.c new file mode 100644 index 000000000000..e86192a05f32 --- /dev/null +++ b/SecurityPkg/Library/SecureBootVariableLib/UnitTest/MockUefiRuntimeSer= vicesTableLib.c @@ -0,0 +1,13 @@ +/** @file=0D + Mock implementation of the UEFI Runtime Services Table Library.=0D +=0D + Copyright (C) Microsoft Corporation.=0D + SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +**/=0D +=0D +#include =0D +=0D +extern EFI_RUNTIME_SERVICES gMockRuntime;=0D +=0D +EFI_RUNTIME_SERVICES *gRT =3D &gMockRuntime;=0D diff --git a/SecurityPkg/Library/SecureBootVariableLib/UnitTest/SecureBootV= ariableLibUnitTest.c b/SecurityPkg/Library/SecureBootVariableLib/UnitTest/S= ecureBootVariableLibUnitTest.c new file mode 100644 index 000000000000..a23135dfb016 --- /dev/null +++ b/SecurityPkg/Library/SecureBootVariableLib/UnitTest/SecureBootVariable= LibUnitTest.c @@ -0,0 +1,2037 @@ +/** @file=0D + Unit tests of the implementation of SecureBootVariableLib.=0D +=0D + Copyright (C) Microsoft Corporation.=0D + SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +**/=0D +=0D +#include =0D +#include =0D +#include =0D +#include =0D +#include =0D +#include =0D +=0D +#include =0D +#include =0D +#include =0D +#include =0D +#include =0D +=0D +#include =0D +#include =0D +#include =0D +#include =0D +=0D +#include =0D +#include =0D +=0D +#define UNIT_TEST_APP_NAME "SecureBootVariableLib Unit Tests"=0D +#define UNIT_TEST_APP_VERSION "1.0"=0D +#define VAR_AUTH_DESC_SIZE OFFSET_OF (EFI_VARIABLE_AUTHENTICATION_2, A= uthInfo) + OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData)=0D +=0D +extern EFI_TIME mMaxTimestamp;=0D +extern EFI_TIME mDefaultPayloadTimestamp;=0D +=0D +/**=0D + Sets the value of a variable.=0D +=0D + @param[in] VariableName A Null-terminated string that is the name= of the vendor's variable.=0D + Each VariableName is unique for each Vend= orGuid. VariableName must=0D + contain 1 or more characters. If Variable= Name is an empty string,=0D + then EFI_INVALID_PARAMETER is returned.=0D + @param[in] VendorGuid A unique identifier for the vendor.=0D + @param[in] Attributes Attributes bitmask to set for the variabl= e.=0D + @param[in] DataSize The size in bytes of the Data buffer. Unl= ess the EFI_VARIABLE_APPEND_WRITE or=0D + EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRI= TE_ACCESS attribute is set, a size of zero=0D + causes the variable to be deleted. When t= he EFI_VARIABLE_APPEND_WRITE attribute is=0D + set, then a SetVariable() call with a Dat= aSize of zero will not cause any change to=0D + the variable value (the timestamp associa= ted with the variable may be updated however=0D + even if no new data value is provided,see= the description of the=0D + EFI_VARIABLE_AUTHENTICATION_2 descriptor = below. In this case the DataSize will not=0D + be zero since the EFI_VARIABLE_AUTHENTICA= TION_2 descriptor will be populated).=0D + @param[in] Data The contents for the variable.=0D +=0D + @retval EFI_SUCCESS The firmware has successfully stored the = variable and its data as=0D + defined by the Attributes.=0D + @retval EFI_INVALID_PARAMETER An invalid combination of attribute bits,= name, and GUID was supplied, or the=0D + DataSize exceeds the maximum allowed.=0D + @retval EFI_INVALID_PARAMETER VariableName is an empty string.=0D + @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold t= he variable and its data.=0D + @retval EFI_DEVICE_ERROR The variable could not be retrieved due t= o a hardware error.=0D + @retval EFI_WRITE_PROTECTED The variable in question is read-only.=0D + @retval EFI_WRITE_PROTECTED The variable in question cannot be delete= d.=0D + @retval EFI_SECURITY_VIOLATION The variable could not be written due to = EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACESS being set,=0D + but the AuthInfo does NOT pass the valida= tion check carried out by the firmware.=0D +=0D + @retval EFI_NOT_FOUND The variable trying to be updated or dele= ted was not found.=0D +=0D +**/=0D +STATIC=0D +EFI_STATUS=0D +EFIAPI=0D +MockSetVariable (=0D + IN CHAR16 *VariableName,=0D + IN EFI_GUID *VendorGuid,=0D + IN UINT32 Attributes,=0D + IN UINTN DataSize,=0D + IN VOID *Data=0D + )=0D +{=0D + DEBUG ((=0D + DEBUG_INFO,=0D + "%a %s %g %x %x %p\n",=0D + __FUNCTION__,=0D + VariableName,=0D + VendorGuid,=0D + Attributes,=0D + DataSize,=0D + Data=0D + ));=0D + check_expected_ptr (VariableName);=0D + check_expected_ptr (VendorGuid);=0D + check_expected_ptr (Attributes);=0D + check_expected (DataSize);=0D + check_expected (Data);=0D +=0D + return (EFI_STATUS)mock ();=0D +}=0D +=0D +/**=0D + Returns the value of a variable.=0D +=0D + @param[in] VariableName A Null-terminated string that is the name= of the vendor's=0D + variable.=0D + @param[in] VendorGuid A unique identifier for the vendor.=0D + @param[out] Attributes If not NULL, a pointer to the memory loca= tion to return the=0D + attributes bitmask for the variable.=0D + @param[in, out] DataSize On input, the size in bytes of the return= Data buffer.=0D + On output the size of data returned in Da= ta.=0D + @param[out] Data The buffer to return the contents of the = variable. May be NULL=0D + with a zero DataSize in order to determin= e the size buffer needed.=0D +=0D + @retval EFI_SUCCESS The function completed successfully.=0D + @retval EFI_NOT_FOUND The variable was not found.=0D + @retval EFI_BUFFER_TOO_SMALL The DataSize is too small for the result.= =0D + @retval EFI_INVALID_PARAMETER VariableName is NULL.=0D + @retval EFI_INVALID_PARAMETER VendorGuid is NULL.=0D + @retval EFI_INVALID_PARAMETER DataSize is NULL.=0D + @retval EFI_INVALID_PARAMETER The DataSize is not too small and Data is= NULL.=0D + @retval EFI_DEVICE_ERROR The variable could not be retrieved due t= o a hardware error.=0D + @retval EFI_SECURITY_VIOLATION The variable could not be retrieved due t= o an authentication failure.=0D +=0D +**/=0D +STATIC=0D +EFI_STATUS=0D +EFIAPI=0D +MockGetVariable (=0D + IN CHAR16 *VariableName,=0D + IN EFI_GUID *VendorGuid,=0D + OUT UINT32 *Attributes OPTIONAL,=0D + IN OUT UINTN *DataSize,=0D + OUT VOID *Data OPTIONAL=0D + )=0D +{=0D + UINTN TargetSize;=0D + BOOLEAN Exist;=0D +=0D + DEBUG ((=0D + DEBUG_INFO,=0D + "%a %s %g %p %x %p\n",=0D + __FUNCTION__,=0D + VariableName,=0D + VendorGuid,=0D + Attributes,=0D + *DataSize,=0D + Data=0D + ));=0D + assert_non_null (DataSize);=0D + check_expected_ptr (VariableName);=0D + check_expected_ptr (VendorGuid);=0D + check_expected (*DataSize);=0D +=0D + Exist =3D (BOOLEAN)mock ();=0D +=0D + if (!Exist) {=0D + return EFI_NOT_FOUND;=0D + }=0D +=0D + TargetSize =3D (UINTN)mock ();=0D + if (TargetSize > *DataSize) {=0D + *DataSize =3D TargetSize;=0D + return EFI_BUFFER_TOO_SMALL;=0D + } else {=0D + assert_non_null (Data);=0D + CopyMem (Data, (VOID *)mock (), TargetSize);=0D + }=0D +=0D + return EFI_SUCCESS;=0D +}=0D +=0D +///=0D +/// Mock version of the UEFI Runtime Services Table=0D +///=0D +EFI_RUNTIME_SERVICES gMockRuntime =3D {=0D + {=0D + EFI_RUNTIME_SERVICES_SIGNATURE, // Signature=0D + EFI_RUNTIME_SERVICES_REVISION, // Revision=0D + sizeof (EFI_RUNTIME_SERVICES), // HeaderSize=0D + 0, // CRC32=0D + 0 // Reserved=0D + },=0D + NULL, // GetTime=0D + NULL, // SetTime=0D + NULL, // GetWakeupTime=0D + NULL, // SetWakeupTime=0D + NULL, // SetVirtualAddressMap=0D + NULL, // ConvertPointer=0D + MockGetVariable, // GetVariable=0D + NULL, // GetNextVariableName=0D + MockSetVariable, // SetVariable=0D + NULL, // GetNextHighMonotonicCount=0D + NULL, // ResetSystem=0D + NULL, // UpdateCapsule=0D + NULL, // QueryCapsuleCapabilities=0D + NULL // QueryVariableInfo=0D +};=0D +=0D +/**=0D + Unit test for SetSecureBootMode () API of the SecureBootVariableLib.=0D +=0D + @param[in] Context [Optional] An optional parameter that enables:=0D + 1) test-case reuse with varied parameters and=0D + 2) test-case re-entry for Target tests that need = a=0D + reboot. This parameter is a VOID* and it is the= =0D + responsibility of the test author to ensure that = the=0D + contents are well understood by all test cases th= at may=0D + consume it.=0D +=0D + @retval UNIT_TEST_PASSED The Unit test has completed and th= e test=0D + case was successful.=0D + @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.= =0D +**/=0D +UNIT_TEST_STATUS=0D +EFIAPI=0D +SetSecureBootModeShouldSetVar (=0D + IN UNIT_TEST_CONTEXT Context=0D + )=0D +{=0D + UINT8 SecureBootMode;=0D + EFI_STATUS Status;=0D +=0D + SecureBootMode =3D 0xAB; // Any random magic number...=0D + expect_memory (MockSetVariable, VariableName, EFI_CUSTOM_MODE_NAME, size= of (EFI_CUSTOM_MODE_NAME));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiCustomModeEnableGuid);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_BOOTSERVICE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, sizeof (SecureBootMode));=0D + expect_memory (MockSetVariable, Data, &SecureBootMode, sizeof (SecureBoo= tMode));=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + Status =3D SetSecureBootMode (SecureBootMode);=0D +=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D +=0D + return UNIT_TEST_PASSED;=0D +}=0D +=0D +/**=0D + Unit test for GetSetupMode () API of the SecureBootVariableLib.=0D +=0D + @param[in] Context [Optional] An optional parameter that enables:=0D + 1) test-case reuse with varied parameters and=0D + 2) test-case re-entry for Target tests that need = a=0D + reboot. This parameter is a VOID* and it is the= =0D + responsibility of the test author to ensure that = the=0D + contents are well understood by all test cases th= at may=0D + consume it.=0D +=0D + @retval UNIT_TEST_PASSED The Unit test has completed and th= e test=0D + case was successful.=0D + @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.= =0D +**/=0D +UNIT_TEST_STATUS=0D +EFIAPI=0D +GetSetupModeShouldGetVar (=0D + IN UNIT_TEST_CONTEXT Context=0D + )=0D +{=0D + EFI_STATUS Status;=0D + UINT8 TargetMode;=0D + UINT8 SetupMode;=0D +=0D + TargetMode =3D 0xAB; // Any random magic number...=0D + expect_memory (MockGetVariable, VariableName, EFI_SETUP_MODE_NAME, sizeo= f (EFI_SETUP_MODE_NAME));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockGetVariable, *DataSize, sizeof (SetupMode));=0D +=0D + will_return (MockGetVariable, TRUE);=0D + will_return (MockGetVariable, sizeof (SetupMode));=0D + will_return (MockGetVariable, &TargetMode);=0D +=0D + Status =3D GetSetupMode (&SetupMode);=0D +=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (SetupMode, TargetMode);=0D +=0D + return UNIT_TEST_PASSED;=0D +}=0D +=0D +/**=0D + Unit test for GetSetupMode () API of the SecureBootVariableLib.=0D +=0D + @param[in] Context [Optional] An optional parameter that enables:=0D + 1) test-case reuse with varied parameters and=0D + 2) test-case re-entry for Target tests that need = a=0D + reboot. This parameter is a VOID* and it is the= =0D + responsibility of the test author to ensure that = the=0D + contents are well understood by all test cases th= at may=0D + consume it.=0D +=0D + @retval UNIT_TEST_PASSED The Unit test has completed and th= e test=0D + case was successful.=0D + @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.= =0D +**/=0D +UNIT_TEST_STATUS=0D +EFIAPI=0D +IsSecureBootEnableShouldGetVar (=0D + IN UNIT_TEST_CONTEXT Context=0D + )=0D +{=0D + BOOLEAN Enabled;=0D + UINT8 TargetMode;=0D +=0D + TargetMode =3D SECURE_BOOT_MODE_ENABLE;=0D + expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME,= sizeof (EFI_SECURE_BOOT_MODE_NAME));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockGetVariable, *DataSize, 0);=0D +=0D + will_return (MockGetVariable, TRUE);=0D + will_return (MockGetVariable, sizeof (TargetMode));=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME,= sizeof (EFI_SECURE_BOOT_MODE_NAME));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockGetVariable, *DataSize, sizeof (TargetMode));=0D +=0D + will_return (MockGetVariable, TRUE);=0D + will_return (MockGetVariable, sizeof (TargetMode));=0D + will_return (MockGetVariable, &TargetMode);=0D +=0D + Enabled =3D IsSecureBootEnabled ();=0D +=0D + UT_ASSERT_EQUAL (Enabled, SECURE_BOOT_MODE_ENABLE);=0D +=0D + return UNIT_TEST_PASSED;=0D +}=0D +=0D +/**=0D + Unit test for SecureBootCreateDataFromInput () API of the SecureBootVari= ableLib.=0D +=0D + @param[in] Context [Optional] An optional parameter that enables:=0D + 1) test-case reuse with varied parameters and=0D + 2) test-case re-entry for Target tests that need = a=0D + reboot. This parameter is a VOID* and it is the= =0D + responsibility of the test author to ensure that = the=0D + contents are well understood by all test cases th= at may=0D + consume it.=0D +=0D + @retval UNIT_TEST_PASSED The Unit test has completed and th= e test=0D + case was successful.=0D + @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.= =0D +**/=0D +UNIT_TEST_STATUS=0D +EFIAPI=0D +SecureBootCreateDataFromInputSimple (=0D + IN UNIT_TEST_CONTEXT Context=0D + )=0D +{=0D + EFI_SIGNATURE_LIST *SigList =3D NULL;=0D + EFI_SIGNATURE_DATA *SigData =3D NULL;=0D + UINTN SigListSize =3D 0;=0D + EFI_STATUS Status;=0D + UINT8 TestData[] =3D { 0 };=0D + SECURE_BOOT_CERTIFICATE_INFO KeyInfo =3D {=0D + .Data =3D TestData,=0D + .DataSize =3D sizeof (TestData)=0D + };=0D +=0D + Status =3D SecureBootCreateDataFromInput (&SigListSize, &SigList, 1, &Ke= yInfo);=0D +=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D +=0D + UT_ASSERT_NOT_NULL (SigList);=0D + UT_ASSERT_TRUE (CompareGuid (&SigList->SignatureType, &gEfiCertX509Guid)= );=0D + UT_ASSERT_EQUAL (SigList->SignatureSize, sizeof (EFI_SIGNATURE_DATA) - 1= + sizeof (TestData));=0D + UT_ASSERT_EQUAL (SigList->SignatureHeaderSize, 0);=0D + UT_ASSERT_EQUAL (SigList->SignatureListSize, sizeof (EFI_SIGNATURE_LIST)= + sizeof (EFI_SIGNATURE_DATA) - 1 + sizeof (TestData));=0D + UT_ASSERT_EQUAL (SigList->SignatureListSize, SigListSize);=0D +=0D + SigData =3D (EFI_SIGNATURE_DATA *)((UINTN)SigList + sizeof (EFI_SIGNATUR= E_LIST));=0D + UT_ASSERT_TRUE (CompareGuid (&SigData->SignatureOwner, &gEfiGlobalVariab= leGuid));=0D + UT_ASSERT_MEM_EQUAL (SigData->SignatureData, TestData, sizeof (TestData)= );=0D +=0D + return UNIT_TEST_PASSED;=0D +}=0D +=0D +/**=0D + Unit test for SecureBootCreateDataFromInput () API of the SecureBootVari= ableLib.=0D +=0D + @param[in] Context [Optional] An optional parameter that enables:=0D + 1) test-case reuse with varied parameters and=0D + 2) test-case re-entry for Target tests that need = a=0D + reboot. This parameter is a VOID* and it is the= =0D + responsibility of the test author to ensure that = the=0D + contents are well understood by all test cases th= at may=0D + consume it.=0D +=0D + @retval UNIT_TEST_PASSED The Unit test has completed and th= e test=0D + case was successful.=0D + @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.= =0D +**/=0D +UNIT_TEST_STATUS=0D +EFIAPI=0D +SecureBootCreateDataFromInputNull (=0D + IN UNIT_TEST_CONTEXT Context=0D + )=0D +{=0D + EFI_SIGNATURE_LIST *SigList =3D NULL;=0D + UINTN SigListSize =3D 0;=0D + EFI_STATUS Status;=0D + SECURE_BOOT_CERTIFICATE_INFO KeyInfo =3D {=0D + .Data =3D NULL,=0D + .DataSize =3D 0=0D + };=0D +=0D + Status =3D SecureBootCreateDataFromInput (&SigListSize, &SigList, 0, NUL= L);=0D + UT_ASSERT_STATUS_EQUAL (Status, EFI_INVALID_PARAMETER);=0D +=0D + Status =3D SecureBootCreateDataFromInput (&SigListSize, &SigList, 1, &Ke= yInfo);=0D + UT_ASSERT_STATUS_EQUAL (Status, EFI_NOT_FOUND);=0D +=0D + return UNIT_TEST_PASSED;=0D +}=0D +=0D +/**=0D + Unit test for SecureBootCreateDataFromInput () API of the SecureBootVari= ableLib.=0D +=0D + @param[in] Context [Optional] An optional parameter that enables:=0D + 1) test-case reuse with varied parameters and=0D + 2) test-case re-entry for Target tests that need = a=0D + reboot. This parameter is a VOID* and it is the= =0D + responsibility of the test author to ensure that = the=0D + contents are well understood by all test cases th= at may=0D + consume it.=0D +=0D + @retval UNIT_TEST_PASSED The Unit test has completed and th= e test=0D + case was successful.=0D + @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.= =0D +**/=0D +UNIT_TEST_STATUS=0D +EFIAPI=0D +SecureBootCreateDataFromInputMultiple (=0D + IN UNIT_TEST_CONTEXT Context=0D + )=0D +{=0D + EFI_SIGNATURE_LIST *SigList =3D NULL;=0D + EFI_SIGNATURE_DATA *SigData =3D NULL;=0D + UINTN SigListSize =3D 0;=0D + UINTN TotalSize =3D 0;=0D + UINTN Index =3D 0;=0D + UINT8 TestData1[] =3D { 0 };=0D + UINT8 TestData2[] =3D { 1, 2 };=0D + EFI_STATUS Status;=0D + SECURE_BOOT_CERTIFICATE_INFO KeyInfo[2] =3D {=0D + {=0D + .Data =3D TestData1,=0D + .DataSize =3D sizeof (TestData1)=0D + },=0D + {=0D + .Data =3D TestData2,=0D + .DataSize =3D sizeof (TestData2)=0D + }=0D + };=0D +=0D + Status =3D SecureBootCreateDataFromInput (&SigListSize, &SigList, 2, Key= Info);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D +=0D + UT_ASSERT_NOT_NULL (SigList);=0D +=0D + for (Index =3D 0; Index < 2; Index++) {=0D + UT_ASSERT_TRUE (SigListSize > TotalSize);=0D +=0D + UT_ASSERT_TRUE (CompareGuid (&SigList->SignatureType, &gEfiCertX509Gui= d));=0D + UT_ASSERT_EQUAL (SigList->SignatureSize, sizeof (EFI_SIGNATURE_DATA) -= 1 + KeyInfo[Index].DataSize);=0D + UT_ASSERT_EQUAL (SigList->SignatureHeaderSize, 0);=0D + UT_ASSERT_EQUAL (SigList->SignatureListSize, sizeof (EFI_SIGNATURE_LIS= T) + sizeof (EFI_SIGNATURE_DATA) - 1 + KeyInfo[Index].DataSize);=0D +=0D + SigData =3D (EFI_SIGNATURE_DATA *)((UINTN)SigList + sizeof (EFI_SIGNAT= URE_LIST));=0D + UT_ASSERT_TRUE (CompareGuid (&SigData->SignatureOwner, &gEfiGlobalVari= ableGuid));=0D + UT_ASSERT_MEM_EQUAL (SigData->SignatureData, KeyInfo[Index].Data, KeyI= nfo[Index].DataSize);=0D + TotalSize =3D TotalSize + SigList->SignatureListSize;=0D + SigList =3D (EFI_SIGNATURE_LIST *)((UINTN)SigList + SigList->Signatu= reListSize);=0D + }=0D +=0D + UT_ASSERT_EQUAL (SigListSize, TotalSize);=0D +=0D + return UNIT_TEST_PASSED;=0D +}=0D +=0D +/**=0D + Unit test for CreateTimeBasedPayload () API of the SecureBootVariableLib= .=0D +=0D + @param[in] Context [Optional] An optional parameter that enables:=0D + 1) test-case reuse with varied parameters and=0D + 2) test-case re-entry for Target tests that need = a=0D + reboot. This parameter is a VOID* and it is the= =0D + responsibility of the test author to ensure that = the=0D + contents are well understood by all test cases th= at may=0D + consume it.=0D +=0D + @retval UNIT_TEST_PASSED The Unit test has completed and th= e test=0D + case was successful.=0D + @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.= =0D +**/=0D +UNIT_TEST_STATUS=0D +EFIAPI=0D +CreateTimeBasedPayloadShouldPopulateDescriptor (=0D + IN UNIT_TEST_CONTEXT Context=0D + )=0D +{=0D + UINT8 Data[] =3D { 2 };=0D + UINTN DataSize =3D sizeof (Data);=0D + UINT8 *CheckData;=0D + EFI_VARIABLE_AUTHENTICATION_2 *VarAuth;=0D + EFI_STATUS Status;=0D + EFI_TIME Time =3D {=0D + .Year =3D 2012,=0D + .Month =3D 3,=0D + .Day =3D 4,=0D + .Hour =3D 5,=0D + .Minute =3D 6,=0D + .Second =3D 7,=0D + .Pad1 =3D 0,=0D + .Nanosecond =3D 8910,=0D + .TimeZone =3D 1112,=0D + .Pad2 =3D 0=0D + };=0D +=0D + CheckData =3D AllocateCopyPool (DataSize, Data);=0D + Status =3D CreateTimeBasedPayload (&DataSize, &CheckData, &Time);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D +=0D + // This is result that we did not pack this structure...=0D + // we cannot even use the sizeof (EFI_VARIABLE_AUTHENTICATION_2) - 1,=0D + // because the structure is not at the end of this structure, but partia= lly=0D + // inside it...=0D + UT_ASSERT_EQUAL (DataSize, VAR_AUTH_DESC_SIZE + sizeof (Data));=0D + UT_ASSERT_NOT_NULL (CheckData);=0D +=0D + VarAuth =3D (EFI_VARIABLE_AUTHENTICATION_2 *)CheckData;=0D + UT_ASSERT_MEM_EQUAL (&(VarAuth->TimeStamp), &Time, sizeof (EFI_TIME));=0D +=0D + UT_ASSERT_EQUAL (VarAuth->AuthInfo.Hdr.dwLength, OFFSET_OF (WIN_CERTIFIC= ATE_UEFI_GUID, CertData));=0D + UT_ASSERT_EQUAL (VarAuth->AuthInfo.Hdr.wRevision, 0x0200);=0D + UT_ASSERT_EQUAL (VarAuth->AuthInfo.Hdr.wCertificateType, WIN_CERT_TYPE_E= FI_GUID);=0D + UT_ASSERT_TRUE (CompareGuid (&VarAuth->AuthInfo.CertType, &gEfiCertPkcs7= Guid));=0D +=0D + UT_ASSERT_MEM_EQUAL (VarAuth->AuthInfo.CertData, Data, sizeof (Data));=0D +=0D + return UNIT_TEST_PASSED;=0D +}=0D +=0D +/**=0D + Unit test for CreateTimeBasedPayload () API of the SecureBootVariableLib= .=0D +=0D + @param[in] Context [Optional] An optional parameter that enables:=0D + 1) test-case reuse with varied parameters and=0D + 2) test-case re-entry for Target tests that need = a=0D + reboot. This parameter is a VOID* and it is the= =0D + responsibility of the test author to ensure that = the=0D + contents are well understood by all test cases th= at may=0D + consume it.=0D +=0D + @retval UNIT_TEST_PASSED The Unit test has completed and th= e test=0D + case was successful.=0D + @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.= =0D +**/=0D +UNIT_TEST_STATUS=0D +EFIAPI=0D +CreateTimeBasedPayloadShouldCheckInput (=0D + IN UNIT_TEST_CONTEXT Context=0D + )=0D +{=0D + UINTN DataSize =3D 0;=0D + UINT8 *Data =3D NULL;=0D + EFI_TIME Time;=0D + EFI_STATUS Status;=0D +=0D + Status =3D CreateTimeBasedPayload (NULL, &Data, &Time);=0D + UT_ASSERT_STATUS_EQUAL (Status, EFI_INVALID_PARAMETER);=0D +=0D + Status =3D CreateTimeBasedPayload (&DataSize, NULL, &Time);=0D + UT_ASSERT_STATUS_EQUAL (Status, EFI_INVALID_PARAMETER);=0D +=0D + Status =3D CreateTimeBasedPayload (&DataSize, &Data, NULL);=0D + UT_ASSERT_STATUS_EQUAL (Status, EFI_INVALID_PARAMETER);=0D +=0D + return UNIT_TEST_PASSED;=0D +}=0D +=0D +/**=0D + Unit test for DeleteDb () API of the SecureBootVariableLib.=0D +=0D + @param[in] Context [Optional] An optional parameter that enables:=0D + 1) test-case reuse with varied parameters and=0D + 2) test-case re-entry for Target tests that need = a=0D + reboot. This parameter is a VOID* and it is the= =0D + responsibility of the test author to ensure that = the=0D + contents are well understood by all test cases th= at may=0D + consume it.=0D +=0D + @retval UNIT_TEST_PASSED The Unit test has completed and th= e test=0D + case was successful.=0D + @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.= =0D +**/=0D +UNIT_TEST_STATUS=0D +EFIAPI=0D +DeleteDbShouldDelete (=0D + IN UNIT_TEST_CONTEXT Context=0D + )=0D +{=0D + EFI_STATUS Status;=0D + UINT8 Dummy =3D 3;=0D + UINT8 *Payload =3D NULL;=0D + UINTN PayloadSize =3D 0;=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E, sizeof (EFI_IMAGE_SECURITY_DATABASE));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockGetVariable, *DataSize, 0);=0D +=0D + will_return (MockGetVariable, TRUE);=0D + will_return (MockGetVariable, sizeof (Dummy));=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E, sizeof (EFI_IMAGE_SECURITY_DATABASE));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockGetVariable, *DataSize, sizeof (Dummy));=0D +=0D + will_return (MockGetVariable, TRUE);=0D + will_return (MockGetVariable, sizeof (Dummy));=0D + will_return (MockGetVariable, &Dummy);=0D +=0D + Status =3D CreateTimeBasedPayload (&PayloadSize, &Payload, &mMaxTimestam= p);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE);=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E, sizeof (EFI_IMAGE_SECURITY_DATABASE));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE);=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE);=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + Status =3D DeleteDb ();=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D +=0D + return UNIT_TEST_PASSED;=0D +}=0D +=0D +/**=0D + Unit test for DeleteDbx () API of the SecureBootVariableLib.=0D +=0D + @param[in] Context [Optional] An optional parameter that enables:=0D + 1) test-case reuse with varied parameters and=0D + 2) test-case re-entry for Target tests that need = a=0D + reboot. This parameter is a VOID* and it is the= =0D + responsibility of the test author to ensure that = the=0D + contents are well understood by all test cases th= at may=0D + consume it.=0D +=0D + @retval UNIT_TEST_PASSED The Unit test has completed and th= e test=0D + case was successful.=0D + @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.= =0D +**/=0D +UNIT_TEST_STATUS=0D +EFIAPI=0D +DeleteDbxShouldDelete (=0D + IN UNIT_TEST_CONTEXT Context=0D + )=0D +{=0D + EFI_STATUS Status;=0D + UINT8 Dummy =3D 3;=0D + UINT8 *Payload =3D NULL;=0D + UINTN PayloadSize =3D 0;=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockGetVariable, *DataSize, 0);=0D +=0D + will_return (MockGetVariable, TRUE);=0D + will_return (MockGetVariable, sizeof (Dummy));=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockGetVariable, *DataSize, sizeof (Dummy));=0D +=0D + will_return (MockGetVariable, TRUE);=0D + will_return (MockGetVariable, sizeof (Dummy));=0D + will_return (MockGetVariable, &Dummy);=0D +=0D + Status =3D CreateTimeBasedPayload (&PayloadSize, &Payload, &mMaxTimestam= p);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE);=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE);=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE);=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + Status =3D DeleteDbx ();=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D +=0D + return UNIT_TEST_PASSED;=0D +}=0D +=0D +/**=0D + Unit test for DeleteDbt () API of the SecureBootVariableLib.=0D +=0D + @param[in] Context [Optional] An optional parameter that enables:=0D + 1) test-case reuse with varied parameters and=0D + 2) test-case re-entry for Target tests that need = a=0D + reboot. This parameter is a VOID* and it is the= =0D + responsibility of the test author to ensure that = the=0D + contents are well understood by all test cases th= at may=0D + consume it.=0D +=0D + @retval UNIT_TEST_PASSED The Unit test has completed and th= e test=0D + case was successful.=0D + @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.= =0D +**/=0D +UNIT_TEST_STATUS=0D +EFIAPI=0D +DeleteDbtShouldDelete (=0D + IN UNIT_TEST_CONTEXT Context=0D + )=0D +{=0D + EFI_STATUS Status;=0D + UINT8 Dummy =3D 3;=0D + UINT8 *Payload =3D NULL;=0D + UINTN PayloadSize =3D 0;=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockGetVariable, *DataSize, 0);=0D +=0D + will_return (MockGetVariable, TRUE);=0D + will_return (MockGetVariable, sizeof (Dummy));=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockGetVariable, *DataSize, sizeof (Dummy));=0D +=0D + will_return (MockGetVariable, TRUE);=0D + will_return (MockGetVariable, sizeof (Dummy));=0D + will_return (MockGetVariable, &Dummy);=0D +=0D + Status =3D CreateTimeBasedPayload (&PayloadSize, &Payload, &mMaxTimestam= p);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE);=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE);=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE);=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + Status =3D DeleteDbt ();=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D +=0D + return UNIT_TEST_PASSED;=0D +}=0D +=0D +/**=0D + Unit test for DeleteKEK () API of the SecureBootVariableLib.=0D +=0D + @param[in] Context [Optional] An optional parameter that enables:=0D + 1) test-case reuse with varied parameters and=0D + 2) test-case re-entry for Target tests that need = a=0D + reboot. This parameter is a VOID* and it is the= =0D + responsibility of the test author to ensure that = the=0D + contents are well understood by all test cases th= at may=0D + consume it.=0D +=0D + @retval UNIT_TEST_PASSED The Unit test has completed and th= e test=0D + case was successful.=0D + @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.= =0D +**/=0D +UNIT_TEST_STATUS=0D +EFIAPI=0D +DeleteKEKShouldDelete (=0D + IN UNIT_TEST_CONTEXT Context=0D + )=0D +{=0D + EFI_STATUS Status;=0D + UINT8 Dummy =3D 3;=0D + UINT8 *Payload =3D NULL;=0D + UINTN PayloadSize =3D 0;=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME,= sizeof (EFI_KEY_EXCHANGE_KEY_NAME));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockGetVariable, *DataSize, 0);=0D +=0D + will_return (MockGetVariable, TRUE);=0D + will_return (MockGetVariable, sizeof (Dummy));=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME,= sizeof (EFI_KEY_EXCHANGE_KEY_NAME));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockGetVariable, *DataSize, sizeof (Dummy));=0D +=0D + will_return (MockGetVariable, TRUE);=0D + will_return (MockGetVariable, sizeof (Dummy));=0D + will_return (MockGetVariable, &Dummy);=0D +=0D + Status =3D CreateTimeBasedPayload (&PayloadSize, &Payload, &mMaxTimestam= p);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE);=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME,= sizeof (EFI_KEY_EXCHANGE_KEY_NAME));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE);=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE);=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + Status =3D DeleteKEK ();=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D +=0D + return UNIT_TEST_PASSED;=0D +}=0D +=0D +/**=0D + Unit test for DeletePlatformKey () API of the SecureBootVariableLib.=0D +=0D + @param[in] Context [Optional] An optional parameter that enables:=0D + 1) test-case reuse with varied parameters and=0D + 2) test-case re-entry for Target tests that need = a=0D + reboot. This parameter is a VOID* and it is the= =0D + responsibility of the test author to ensure that = the=0D + contents are well understood by all test cases th= at may=0D + consume it.=0D +=0D + @retval UNIT_TEST_PASSED The Unit test has completed and th= e test=0D + case was successful.=0D + @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.= =0D +**/=0D +UNIT_TEST_STATUS=0D +EFIAPI=0D +DeletePKShouldDelete (=0D + IN UNIT_TEST_CONTEXT Context=0D + )=0D +{=0D + EFI_STATUS Status;=0D + UINT8 Dummy =3D 3;=0D + UINT8 *Payload =3D NULL;=0D + UINTN PayloadSize =3D 0;=0D + UINT8 BootMode =3D CUSTOM_SECURE_BOOT_MODE;=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_CUSTOM_MODE_NAME, size= of (EFI_CUSTOM_MODE_NAME));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiCustomModeEnableGuid);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_BOOTSERVICE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, sizeof (BootMode));=0D + expect_memory (MockSetVariable, Data, &BootMode, sizeof (BootMode));=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_PLATFORM_KEY_NAME, siz= eof (EFI_PLATFORM_KEY_NAME));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockGetVariable, *DataSize, 0);=0D +=0D + will_return (MockGetVariable, TRUE);=0D + will_return (MockGetVariable, sizeof (Dummy));=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_PLATFORM_KEY_NAME, siz= eof (EFI_PLATFORM_KEY_NAME));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockGetVariable, *DataSize, sizeof (Dummy));=0D +=0D + will_return (MockGetVariable, TRUE);=0D + will_return (MockGetVariable, sizeof (Dummy));=0D + will_return (MockGetVariable, &Dummy);=0D +=0D + Status =3D CreateTimeBasedPayload (&PayloadSize, &Payload, &mMaxTimestam= p);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE);=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_PLATFORM_KEY_NAME, siz= eof (EFI_PLATFORM_KEY_NAME));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE);=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE);=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + Status =3D DeletePlatformKey ();=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D +=0D + return UNIT_TEST_PASSED;=0D +}=0D +=0D +/**=0D + Unit test for DeleteSecureBootVariables () API of the SecureBootVariable= Lib.=0D +=0D + @param[in] Context [Optional] An optional parameter that enables:=0D + 1) test-case reuse with varied parameters and=0D + 2) test-case re-entry for Target tests that need = a=0D + reboot. This parameter is a VOID* and it is the= =0D + responsibility of the test author to ensure that = the=0D + contents are well understood by all test cases th= at may=0D + consume it.=0D +=0D + @retval UNIT_TEST_PASSED The Unit test has completed and th= e test=0D + case was successful.=0D + @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.= =0D +**/=0D +UNIT_TEST_STATUS=0D +EFIAPI=0D +DeleteSecureBootVariablesShouldDelete (=0D + IN UNIT_TEST_CONTEXT Context=0D + )=0D +{=0D + EFI_STATUS Status;=0D + UINT8 Dummy =3D 3;=0D + UINT8 *Payload =3D NULL;=0D + UINTN PayloadSize =3D 0;=0D + UINT8 BootMode =3D CUSTOM_SECURE_BOOT_MODE;=0D +=0D + Status =3D CreateTimeBasedPayload (&PayloadSize, &Payload, &mMaxTimestam= p);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE);=0D +=0D + will_return (DisablePKProtection, EFI_SUCCESS);=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_CUSTOM_MODE_NAME, size= of (EFI_CUSTOM_MODE_NAME));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiCustomModeEnableGuid);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_BOOTSERVICE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, sizeof (BootMode));=0D + expect_memory (MockSetVariable, Data, &BootMode, sizeof (BootMode));=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_PLATFORM_KEY_NAME, siz= eof (EFI_PLATFORM_KEY_NAME));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockGetVariable, *DataSize, 0);=0D +=0D + will_return (MockGetVariable, TRUE);=0D + will_return (MockGetVariable, sizeof (Dummy));=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_PLATFORM_KEY_NAME, siz= eof (EFI_PLATFORM_KEY_NAME));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockGetVariable, *DataSize, sizeof (Dummy));=0D +=0D + will_return (MockGetVariable, TRUE);=0D + will_return (MockGetVariable, sizeof (Dummy));=0D + will_return (MockGetVariable, &Dummy);=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_PLATFORM_KEY_NAME, siz= eof (EFI_PLATFORM_KEY_NAME));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE);=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE);=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME,= sizeof (EFI_KEY_EXCHANGE_KEY_NAME));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockGetVariable, *DataSize, 0);=0D +=0D + will_return (MockGetVariable, TRUE);=0D + will_return (MockGetVariable, sizeof (Dummy));=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME,= sizeof (EFI_KEY_EXCHANGE_KEY_NAME));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockGetVariable, *DataSize, sizeof (Dummy));=0D +=0D + will_return (MockGetVariable, TRUE);=0D + will_return (MockGetVariable, sizeof (Dummy));=0D + will_return (MockGetVariable, &Dummy);=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME,= sizeof (EFI_KEY_EXCHANGE_KEY_NAME));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE);=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE);=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E, sizeof (EFI_IMAGE_SECURITY_DATABASE));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockGetVariable, *DataSize, 0);=0D +=0D + will_return (MockGetVariable, TRUE);=0D + will_return (MockGetVariable, sizeof (Dummy));=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E, sizeof (EFI_IMAGE_SECURITY_DATABASE));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockGetVariable, *DataSize, sizeof (Dummy));=0D +=0D + will_return (MockGetVariable, TRUE);=0D + will_return (MockGetVariable, sizeof (Dummy));=0D + will_return (MockGetVariable, &Dummy);=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E, sizeof (EFI_IMAGE_SECURITY_DATABASE));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE);=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE);=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockGetVariable, *DataSize, 0);=0D +=0D + will_return (MockGetVariable, TRUE);=0D + will_return (MockGetVariable, sizeof (Dummy));=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockGetVariable, *DataSize, sizeof (Dummy));=0D +=0D + will_return (MockGetVariable, TRUE);=0D + will_return (MockGetVariable, sizeof (Dummy));=0D + will_return (MockGetVariable, &Dummy);=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE);=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE);=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockGetVariable, *DataSize, 0);=0D +=0D + will_return (MockGetVariable, TRUE);=0D + will_return (MockGetVariable, sizeof (Dummy));=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockGetVariable, *DataSize, sizeof (Dummy));=0D +=0D + will_return (MockGetVariable, TRUE);=0D + will_return (MockGetVariable, sizeof (Dummy));=0D + will_return (MockGetVariable, &Dummy);=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE);=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE);=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + Status =3D DeleteSecureBootVariables ();=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D +=0D + return UNIT_TEST_PASSED;=0D +}=0D +=0D +/**=0D + Unit test for DeleteSecureBootVariables () API of the SecureBootVariable= Lib.=0D +=0D + @param[in] Context [Optional] An optional parameter that enables:=0D + 1) test-case reuse with varied parameters and=0D + 2) test-case re-entry for Target tests that need = a=0D + reboot. This parameter is a VOID* and it is the= =0D + responsibility of the test author to ensure that = the=0D + contents are well understood by all test cases th= at may=0D + consume it.=0D +=0D + @retval UNIT_TEST_PASSED The Unit test has completed and th= e test=0D + case was successful.=0D + @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.= =0D +**/=0D +UNIT_TEST_STATUS=0D +EFIAPI=0D +DeleteSecureBootVariablesShouldCheckProtection (=0D + IN UNIT_TEST_CONTEXT Context=0D + )=0D +{=0D + EFI_STATUS Status;=0D +=0D + will_return (DisablePKProtection, EFI_SECURITY_VIOLATION);=0D +=0D + Status =3D DeleteSecureBootVariables ();=0D + UT_ASSERT_STATUS_EQUAL (Status, EFI_ABORTED);=0D +=0D + return UNIT_TEST_PASSED;=0D +}=0D +=0D +/**=0D + Unit test for DeleteSecureBootVariables () API of the SecureBootVariable= Lib.=0D +=0D + @param[in] Context [Optional] An optional parameter that enables:=0D + 1) test-case reuse with varied parameters and=0D + 2) test-case re-entry for Target tests that need = a=0D + reboot. This parameter is a VOID* and it is the= =0D + responsibility of the test author to ensure that = the=0D + contents are well understood by all test cases th= at may=0D + consume it.=0D +=0D + @retval UNIT_TEST_PASSED The Unit test has completed and th= e test=0D + case was successful.=0D + @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.= =0D +**/=0D +UNIT_TEST_STATUS=0D +EFIAPI=0D +DeleteSecureBootVariablesShouldProceedWithNotFound (=0D + IN UNIT_TEST_CONTEXT Context=0D + )=0D +{=0D + EFI_STATUS Status;=0D + UINT8 BootMode =3D CUSTOM_SECURE_BOOT_MODE;=0D +=0D + will_return (DisablePKProtection, EFI_SUCCESS);=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_CUSTOM_MODE_NAME, size= of (EFI_CUSTOM_MODE_NAME));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiCustomModeEnableGuid);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_BOOTSERVICE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, sizeof (BootMode));=0D + expect_memory (MockSetVariable, Data, &BootMode, sizeof (BootMode));=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_PLATFORM_KEY_NAME, siz= eof (EFI_PLATFORM_KEY_NAME));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockGetVariable, *DataSize, 0);=0D +=0D + will_return (MockGetVariable, FALSE);=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME,= sizeof (EFI_KEY_EXCHANGE_KEY_NAME));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockGetVariable, *DataSize, 0);=0D +=0D + will_return (MockGetVariable, FALSE);=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E, sizeof (EFI_IMAGE_SECURITY_DATABASE));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockGetVariable, *DataSize, 0);=0D +=0D + will_return (MockGetVariable, FALSE);=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockGetVariable, *DataSize, 0);=0D +=0D + will_return (MockGetVariable, FALSE);=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockGetVariable, *DataSize, 0);=0D +=0D + will_return (MockGetVariable, FALSE);=0D +=0D + Status =3D DeleteSecureBootVariables ();=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D +=0D + return UNIT_TEST_PASSED;=0D +}=0D +=0D +/**=0D + Unit test for DeleteSecureBootVariables () API of the SecureBootVariable= Lib.=0D +=0D + @param[in] Context [Optional] An optional parameter that enables:=0D + 1) test-case reuse with varied parameters and=0D + 2) test-case re-entry for Target tests that need = a=0D + reboot. This parameter is a VOID* and it is the= =0D + responsibility of the test author to ensure that = the=0D + contents are well understood by all test cases th= at may=0D + consume it.=0D +=0D + @retval UNIT_TEST_PASSED The Unit test has completed and th= e test=0D + case was successful.=0D + @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.= =0D +**/=0D +UNIT_TEST_STATUS=0D +EFIAPI=0D +EnrollFromInputShouldComplete (=0D + IN UNIT_TEST_CONTEXT Context=0D + )=0D +{=0D + EFI_STATUS Status;=0D + UINT8 Dummy =3D 3;=0D + UINT8 *Payload =3D NULL;=0D + UINTN PayloadSize =3D sizeof (Dummy);=0D +=0D + Payload =3D AllocateCopyPool (sizeof (Dummy), &Dummy);=0D + Status =3D CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPay= loadTimestamp);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (Dummy));=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_PLATFORM_KEY_NAME, siz= eof (EFI_PLATFORM_KEY_NAME));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (Du= mmy));=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + size= of (Dummy));=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + Status =3D EnrollFromInput (EFI_PLATFORM_KEY_NAME, &gEfiGlobalVariableGu= id, sizeof (Dummy), &Dummy);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D +=0D + return UNIT_TEST_PASSED;=0D +}=0D +=0D +/**=0D + Unit test for SetDefaultSecureBootVariables () API of the SecureBootVari= ableLib.=0D +=0D + @param[in] Context [Optional] An optional parameter that enables:=0D + 1) test-case reuse with varied parameters and=0D + 2) test-case re-entry for Target tests that need = a=0D + reboot. This parameter is a VOID* and it is the= =0D + responsibility of the test author to ensure that = the=0D + contents are well understood by all test cases th= at may=0D + consume it.=0D +=0D + @retval UNIT_TEST_PASSED The Unit test has completed and th= e test=0D + case was successful.=0D + @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.= =0D +**/=0D +UNIT_TEST_STATUS=0D +EFIAPI=0D +SetSecureBootVariablesShouldComplete (=0D + IN UNIT_TEST_CONTEXT Context=0D + )=0D +{=0D + EFI_STATUS Status;=0D + UINT8 DbDummy =3D 0xDE;=0D + UINT8 DbtDummy =3D 0xAD;=0D + UINT8 DbxDummy =3D 0xBE;=0D + UINT8 KekDummy =3D 0xEF;=0D + UINT8 PkDummy =3D 0xFE;=0D + UINT8 *Payload =3D NULL;=0D + UINTN PayloadSize =3D sizeof (DbDummy);=0D + SECURE_BOOT_PAYLOAD_INFO PayloadInfo =3D {=0D + .DbPtr =3D &DbDummy,=0D + .DbSize =3D sizeof (DbDummy),=0D + .DbxPtr =3D &DbxDummy,=0D + .DbxSize =3D sizeof (DbxDummy),=0D + .DbtPtr =3D &DbtDummy,=0D + .DbtSize =3D sizeof (DbtDummy),=0D + .KekPtr =3D &KekDummy,=0D + .KekSize =3D sizeof (KekDummy),=0D + .PkPtr =3D &PkDummy,=0D + .PkSize =3D sizeof (PkDummy),=0D + .SecureBootKeyName =3D L"Food"=0D + };=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME,= sizeof (EFI_SECURE_BOOT_MODE_NAME));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockGetVariable, *DataSize, 0);=0D +=0D + will_return (MockGetVariable, FALSE);=0D +=0D + Payload =3D AllocateCopyPool (sizeof (DbxDummy), &DbxDummy);=0D + Status =3D CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPay= loadTimestamp);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (Db= xDummy));=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + size= of (DbxDummy));=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + CopyMem (Payload, &DbDummy, sizeof (DbDummy));=0D + PayloadSize =3D sizeof (DbDummy);=0D + Status =3D CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaul= tPayloadTimestamp);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E, sizeof (EFI_IMAGE_SECURITY_DATABASE));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (Db= Dummy));=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + size= of (DbDummy));=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + CopyMem (Payload, &DbtDummy, sizeof (DbtDummy));=0D + PayloadSize =3D sizeof (DbtDummy);=0D + Status =3D CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaul= tPayloadTimestamp);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbtDummy));=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (Db= tDummy));=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + size= of (DbtDummy));=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + CopyMem (Payload, &KekDummy, sizeof (KekDummy));=0D + PayloadSize =3D sizeof (KekDummy);=0D + Status =3D CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaul= tPayloadTimestamp);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (KekDummy));=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME,= sizeof (EFI_KEY_EXCHANGE_KEY_NAME));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (Ke= kDummy));=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + size= of (KekDummy));=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + CopyMem (Payload, &PkDummy, sizeof (PkDummy));=0D + PayloadSize =3D sizeof (PkDummy);=0D + Status =3D CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaul= tPayloadTimestamp);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (PkDummy));=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_PLATFORM_KEY_NAME, siz= eof (EFI_PLATFORM_KEY_NAME));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (Pk= Dummy));=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + size= of (PkDummy));=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + Status =3D SetSecureBootVariablesToDefault (&PayloadInfo);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D +=0D + return UNIT_TEST_PASSED;=0D +}=0D +=0D +/**=0D + Unit test for SetDefaultSecureBootVariables () API of the SecureBootVari= ableLib.=0D +=0D + @param[in] Context [Optional] An optional parameter that enables:=0D + 1) test-case reuse with varied parameters and=0D + 2) test-case re-entry for Target tests that need = a=0D + reboot. This parameter is a VOID* and it is the= =0D + responsibility of the test author to ensure that = the=0D + contents are well understood by all test cases th= at may=0D + consume it.=0D +=0D + @retval UNIT_TEST_PASSED The Unit test has completed and th= e test=0D + case was successful.=0D + @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.= =0D +**/=0D +UNIT_TEST_STATUS=0D +EFIAPI=0D +SetSecureBootVariablesShouldStopWhenSecure (=0D + IN UNIT_TEST_CONTEXT Context=0D + )=0D +{=0D + EFI_STATUS Status;=0D + UINT8 TargetMode =3D SECURE_BOOT_MODE_ENABLE;=0D + SECURE_BOOT_PAYLOAD_INFO PayloadInfo;=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME,= sizeof (EFI_SECURE_BOOT_MODE_NAME));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockGetVariable, *DataSize, 0);=0D +=0D + will_return (MockGetVariable, TRUE);=0D + will_return (MockGetVariable, sizeof (TargetMode));=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME,= sizeof (EFI_SECURE_BOOT_MODE_NAME));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockGetVariable, *DataSize, sizeof (TargetMode));=0D +=0D + will_return (MockGetVariable, TRUE);=0D + will_return (MockGetVariable, sizeof (TargetMode));=0D + will_return (MockGetVariable, &TargetMode);=0D +=0D + Status =3D SetSecureBootVariablesToDefault (&PayloadInfo);=0D + UT_ASSERT_STATUS_EQUAL (Status, EFI_ABORTED);=0D +=0D + return UNIT_TEST_PASSED;=0D +}=0D +=0D +/**=0D + Unit test for SetDefaultSecureBootVariables () API of the SecureBootVari= ableLib.=0D +=0D + @param[in] Context [Optional] An optional parameter that enables:=0D + 1) test-case reuse with varied parameters and=0D + 2) test-case re-entry for Target tests that need = a=0D + reboot. This parameter is a VOID* and it is the= =0D + responsibility of the test author to ensure that = the=0D + contents are well understood by all test cases th= at may=0D + consume it.=0D +=0D + @retval UNIT_TEST_PASSED The Unit test has completed and th= e test=0D + case was successful.=0D + @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.= =0D +**/=0D +UNIT_TEST_STATUS=0D +EFIAPI=0D +SetSecureBootVariablesShouldStopFailDBX (=0D + IN UNIT_TEST_CONTEXT Context=0D + )=0D +{=0D + EFI_STATUS Status;=0D + UINT8 DbxDummy =3D 0xBE;=0D + UINT8 *Payload =3D NULL;=0D + UINTN PayloadSize =3D sizeof (DbxDummy);=0D + SECURE_BOOT_PAYLOAD_INFO PayloadInfo =3D {=0D + .DbxPtr =3D &DbxDummy,=0D + .DbxSize =3D sizeof (DbxDummy),=0D + .SecureBootKeyName =3D L"Fail DBX"=0D + };=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME,= sizeof (EFI_SECURE_BOOT_MODE_NAME));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockGetVariable, *DataSize, 0);=0D +=0D + will_return (MockGetVariable, FALSE);=0D +=0D + Payload =3D AllocateCopyPool (sizeof (DbxDummy), &DbxDummy);=0D + Status =3D CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPay= loadTimestamp);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (Db= xDummy));=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + size= of (DbxDummy));=0D +=0D + will_return (MockSetVariable, EFI_WRITE_PROTECTED);=0D +=0D + Status =3D SetSecureBootVariablesToDefault (&PayloadInfo);=0D + UT_ASSERT_STATUS_EQUAL (Status, EFI_WRITE_PROTECTED);=0D +=0D + return UNIT_TEST_PASSED;=0D +}=0D +=0D +/**=0D + Unit test for SetDefaultSecureBootVariables () API of the SecureBootVari= ableLib.=0D +=0D + @param[in] Context [Optional] An optional parameter that enables:=0D + 1) test-case reuse with varied parameters and=0D + 2) test-case re-entry for Target tests that need = a=0D + reboot. This parameter is a VOID* and it is the= =0D + responsibility of the test author to ensure that = the=0D + contents are well understood by all test cases th= at may=0D + consume it.=0D +=0D + @retval UNIT_TEST_PASSED The Unit test has completed and th= e test=0D + case was successful.=0D + @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.= =0D +**/=0D +UNIT_TEST_STATUS=0D +EFIAPI=0D +SetSecureBootVariablesShouldStopFailDB (=0D + IN UNIT_TEST_CONTEXT Context=0D + )=0D +{=0D + EFI_STATUS Status;=0D + UINT8 DbDummy =3D 0xDE;=0D + UINT8 DbxDummy =3D 0xBE;=0D + UINT8 *Payload =3D NULL;=0D + UINTN PayloadSize =3D sizeof (DbDummy);=0D + SECURE_BOOT_PAYLOAD_INFO PayloadInfo =3D {=0D + .DbPtr =3D &DbDummy,=0D + .DbSize =3D sizeof (DbDummy),=0D + .DbxPtr =3D &DbxDummy,=0D + .DbxSize =3D sizeof (DbxDummy),=0D + .SecureBootKeyName =3D L"Fail DB"=0D + };=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME,= sizeof (EFI_SECURE_BOOT_MODE_NAME));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockGetVariable, *DataSize, 0);=0D +=0D + will_return (MockGetVariable, FALSE);=0D +=0D + Payload =3D AllocateCopyPool (sizeof (DbxDummy), &DbxDummy);=0D + Status =3D CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPay= loadTimestamp);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (Db= xDummy));=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + size= of (DbxDummy));=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + CopyMem (Payload, &DbDummy, sizeof (DbDummy));=0D + PayloadSize =3D sizeof (DbDummy);=0D + Status =3D CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaul= tPayloadTimestamp);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E, sizeof (EFI_IMAGE_SECURITY_DATABASE));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (Db= Dummy));=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + size= of (DbDummy));=0D +=0D + will_return (MockSetVariable, EFI_WRITE_PROTECTED);=0D +=0D + Status =3D SetSecureBootVariablesToDefault (&PayloadInfo);=0D + UT_ASSERT_STATUS_EQUAL (Status, EFI_WRITE_PROTECTED);=0D +=0D + return UNIT_TEST_PASSED;=0D +}=0D +=0D +/**=0D + Unit test for SetDefaultSecureBootVariables () API of the SecureBootVari= ableLib.=0D +=0D + @param[in] Context [Optional] An optional parameter that enables:=0D + 1) test-case reuse with varied parameters and=0D + 2) test-case re-entry for Target tests that need = a=0D + reboot. This parameter is a VOID* and it is the= =0D + responsibility of the test author to ensure that = the=0D + contents are well understood by all test cases th= at may=0D + consume it.=0D +=0D + @retval UNIT_TEST_PASSED The Unit test has completed and th= e test=0D + case was successful.=0D + @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.= =0D +**/=0D +UNIT_TEST_STATUS=0D +EFIAPI=0D +SetSecureBootVariablesShouldStopFailDBT (=0D + IN UNIT_TEST_CONTEXT Context=0D + )=0D +{=0D + EFI_STATUS Status;=0D + UINT8 DbDummy =3D 0xDE;=0D + UINT8 DbtDummy =3D 0xAD;=0D + UINT8 DbxDummy =3D 0xBE;=0D + UINT8 *Payload =3D NULL;=0D + UINTN PayloadSize =3D sizeof (DbDummy);=0D + SECURE_BOOT_PAYLOAD_INFO PayloadInfo =3D {=0D + .DbPtr =3D &DbDummy,=0D + .DbSize =3D sizeof (DbDummy),=0D + .DbxPtr =3D &DbxDummy,=0D + .DbxSize =3D sizeof (DbxDummy),=0D + .DbtPtr =3D &DbtDummy,=0D + .DbtSize =3D sizeof (DbtDummy),=0D + .SecureBootKeyName =3D L"Fail DBT"=0D + };=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME,= sizeof (EFI_SECURE_BOOT_MODE_NAME));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockGetVariable, *DataSize, 0);=0D +=0D + will_return (MockGetVariable, FALSE);=0D +=0D + Payload =3D AllocateCopyPool (sizeof (DbxDummy), &DbxDummy);=0D + Status =3D CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPay= loadTimestamp);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (Db= xDummy));=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + size= of (DbxDummy));=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + CopyMem (Payload, &DbDummy, sizeof (DbDummy));=0D + PayloadSize =3D sizeof (DbDummy);=0D + Status =3D CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaul= tPayloadTimestamp);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E, sizeof (EFI_IMAGE_SECURITY_DATABASE));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (Db= Dummy));=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + size= of (DbDummy));=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + CopyMem (Payload, &DbtDummy, sizeof (DbtDummy));=0D + PayloadSize =3D sizeof (DbtDummy);=0D + Status =3D CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaul= tPayloadTimestamp);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbtDummy));=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (Db= tDummy));=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + size= of (DbtDummy));=0D +=0D + will_return (MockSetVariable, EFI_ACCESS_DENIED);=0D +=0D + Status =3D SetSecureBootVariablesToDefault (&PayloadInfo);=0D + UT_ASSERT_STATUS_EQUAL (Status, EFI_ACCESS_DENIED);=0D +=0D + return UNIT_TEST_PASSED;=0D +}=0D +=0D +/**=0D + Unit test for SetDefaultSecureBootVariables () API of the SecureBootVari= ableLib.=0D +=0D + @param[in] Context [Optional] An optional parameter that enables:=0D + 1) test-case reuse with varied parameters and=0D + 2) test-case re-entry for Target tests that need = a=0D + reboot. This parameter is a VOID* and it is the= =0D + responsibility of the test author to ensure that = the=0D + contents are well understood by all test cases th= at may=0D + consume it.=0D +=0D + @retval UNIT_TEST_PASSED The Unit test has completed and th= e test=0D + case was successful.=0D + @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.= =0D +**/=0D +UNIT_TEST_STATUS=0D +EFIAPI=0D +SetSecureBootVariablesShouldStopFailKEK (=0D + IN UNIT_TEST_CONTEXT Context=0D + )=0D +{=0D + EFI_STATUS Status;=0D + UINT8 DbDummy =3D 0xDE;=0D + UINT8 DbtDummy =3D 0xAD;=0D + UINT8 DbxDummy =3D 0xBE;=0D + UINT8 KekDummy =3D 0xEF;=0D + UINT8 PkDummy =3D 0xFE;=0D + UINT8 *Payload =3D NULL;=0D + UINTN PayloadSize =3D sizeof (DbDummy);=0D + SECURE_BOOT_PAYLOAD_INFO PayloadInfo =3D {=0D + .DbPtr =3D &DbDummy,=0D + .DbSize =3D sizeof (DbDummy),=0D + .DbxPtr =3D &DbxDummy,=0D + .DbxSize =3D sizeof (DbxDummy),=0D + .DbtPtr =3D &DbtDummy,=0D + .DbtSize =3D sizeof (DbtDummy),=0D + .KekPtr =3D &KekDummy,=0D + .KekSize =3D sizeof (KekDummy),=0D + .PkPtr =3D &PkDummy,=0D + .PkSize =3D sizeof (PkDummy),=0D + .SecureBootKeyName =3D L"Food"=0D + };=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME,= sizeof (EFI_SECURE_BOOT_MODE_NAME));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockGetVariable, *DataSize, 0);=0D +=0D + will_return (MockGetVariable, FALSE);=0D +=0D + Payload =3D AllocateCopyPool (sizeof (DbxDummy), &DbxDummy);=0D + Status =3D CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPay= loadTimestamp);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (Db= xDummy));=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + size= of (DbxDummy));=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + CopyMem (Payload, &DbDummy, sizeof (DbDummy));=0D + PayloadSize =3D sizeof (DbDummy);=0D + Status =3D CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaul= tPayloadTimestamp);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E, sizeof (EFI_IMAGE_SECURITY_DATABASE));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (Db= Dummy));=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + size= of (DbDummy));=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + CopyMem (Payload, &DbtDummy, sizeof (DbtDummy));=0D + PayloadSize =3D sizeof (DbtDummy);=0D + Status =3D CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaul= tPayloadTimestamp);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbtDummy));=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (Db= tDummy));=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + size= of (DbtDummy));=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + CopyMem (Payload, &KekDummy, sizeof (KekDummy));=0D + PayloadSize =3D sizeof (KekDummy);=0D + Status =3D CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaul= tPayloadTimestamp);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (KekDummy));=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME,= sizeof (EFI_KEY_EXCHANGE_KEY_NAME));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (Ke= kDummy));=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + size= of (KekDummy));=0D +=0D + will_return (MockSetVariable, EFI_DEVICE_ERROR);=0D +=0D + Status =3D SetSecureBootVariablesToDefault (&PayloadInfo);=0D + UT_ASSERT_STATUS_EQUAL (Status, EFI_DEVICE_ERROR);=0D +=0D + return UNIT_TEST_PASSED;=0D +}=0D +=0D +/**=0D + Unit test for SetDefaultSecureBootVariables () API of the SecureBootVari= ableLib.=0D +=0D + @param[in] Context [Optional] An optional parameter that enables:=0D + 1) test-case reuse with varied parameters and=0D + 2) test-case re-entry for Target tests that need = a=0D + reboot. This parameter is a VOID* and it is the= =0D + responsibility of the test author to ensure that = the=0D + contents are well understood by all test cases th= at may=0D + consume it.=0D +=0D + @retval UNIT_TEST_PASSED The Unit test has completed and th= e test=0D + case was successful.=0D + @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.= =0D +**/=0D +UNIT_TEST_STATUS=0D +EFIAPI=0D +SetSecureBootVariablesShouldStopFailPK (=0D + IN UNIT_TEST_CONTEXT Context=0D + )=0D +{=0D + EFI_STATUS Status;=0D + UINT8 DbDummy =3D 0xDE;=0D + UINT8 DbtDummy =3D 0xAD;=0D + UINT8 DbxDummy =3D 0xBE;=0D + UINT8 KekDummy =3D 0xEF;=0D + UINT8 PkDummy =3D 0xFE;=0D + UINT8 *Payload =3D NULL;=0D + UINTN PayloadSize =3D sizeof (DbDummy);=0D + SECURE_BOOT_PAYLOAD_INFO PayloadInfo =3D {=0D + .DbPtr =3D &DbDummy,=0D + .DbSize =3D sizeof (DbDummy),=0D + .DbxPtr =3D &DbxDummy,=0D + .DbxSize =3D sizeof (DbxDummy),=0D + .DbtPtr =3D &DbtDummy,=0D + .DbtSize =3D sizeof (DbtDummy),=0D + .KekPtr =3D &KekDummy,=0D + .KekSize =3D sizeof (KekDummy),=0D + .PkPtr =3D &PkDummy,=0D + .PkSize =3D sizeof (PkDummy),=0D + .SecureBootKeyName =3D L"Food"=0D + };=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME,= sizeof (EFI_SECURE_BOOT_MODE_NAME));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockGetVariable, *DataSize, 0);=0D +=0D + will_return (MockGetVariable, FALSE);=0D +=0D + Payload =3D AllocateCopyPool (sizeof (DbxDummy), &DbxDummy);=0D + Status =3D CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPay= loadTimestamp);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (Db= xDummy));=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + size= of (DbxDummy));=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + CopyMem (Payload, &DbDummy, sizeof (DbDummy));=0D + PayloadSize =3D sizeof (DbDummy);=0D + Status =3D CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaul= tPayloadTimestamp);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E, sizeof (EFI_IMAGE_SECURITY_DATABASE));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (Db= Dummy));=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + size= of (DbDummy));=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + CopyMem (Payload, &DbtDummy, sizeof (DbtDummy));=0D + PayloadSize =3D sizeof (DbtDummy);=0D + Status =3D CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaul= tPayloadTimestamp);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbtDummy));=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (Db= tDummy));=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + size= of (DbtDummy));=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + CopyMem (Payload, &KekDummy, sizeof (KekDummy));=0D + PayloadSize =3D sizeof (KekDummy);=0D + Status =3D CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaul= tPayloadTimestamp);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (KekDummy));=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME,= sizeof (EFI_KEY_EXCHANGE_KEY_NAME));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (Ke= kDummy));=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + size= of (KekDummy));=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + CopyMem (Payload, &PkDummy, sizeof (PkDummy));=0D + PayloadSize =3D sizeof (PkDummy);=0D + Status =3D CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaul= tPayloadTimestamp);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (PkDummy));=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_PLATFORM_KEY_NAME, siz= eof (EFI_PLATFORM_KEY_NAME));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (Pk= Dummy));=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + size= of (PkDummy));=0D +=0D + will_return (MockSetVariable, EFI_INVALID_PARAMETER);=0D +=0D + Status =3D SetSecureBootVariablesToDefault (&PayloadInfo);=0D + UT_ASSERT_STATUS_EQUAL (Status, EFI_SECURITY_VIOLATION);=0D +=0D + return UNIT_TEST_PASSED;=0D +}=0D +=0D +/**=0D + Unit test for SetDefaultSecureBootVariables () API of the SecureBootVari= ableLib.=0D +=0D + @param[in] Context [Optional] An optional parameter that enables:=0D + 1) test-case reuse with varied parameters and=0D + 2) test-case re-entry for Target tests that need = a=0D + reboot. This parameter is a VOID* and it is the= =0D + responsibility of the test author to ensure that = the=0D + contents are well understood by all test cases th= at may=0D + consume it.=0D +=0D + @retval UNIT_TEST_PASSED The Unit test has completed and th= e test=0D + case was successful.=0D + @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.= =0D +**/=0D +UNIT_TEST_STATUS=0D +EFIAPI=0D +SetSecureBootVariablesDBTOptional (=0D + IN UNIT_TEST_CONTEXT Context=0D + )=0D +{=0D + EFI_STATUS Status;=0D + UINT8 DbDummy =3D 0xDE;=0D + UINT8 DbxDummy =3D 0xBE;=0D + UINT8 KekDummy =3D 0xEF;=0D + UINT8 PkDummy =3D 0xFE;=0D + UINT8 *Payload =3D NULL;=0D + UINTN PayloadSize =3D sizeof (DbDummy);=0D + SECURE_BOOT_PAYLOAD_INFO PayloadInfo =3D {=0D + .DbPtr =3D &DbDummy,=0D + .DbSize =3D sizeof (DbDummy),=0D + .DbxPtr =3D &DbxDummy,=0D + .DbxSize =3D sizeof (DbxDummy),=0D + .DbtPtr =3D NULL,=0D + .DbtSize =3D 0,=0D + .KekPtr =3D &KekDummy,=0D + .KekSize =3D sizeof (KekDummy),=0D + .PkPtr =3D &PkDummy,=0D + .PkSize =3D sizeof (PkDummy),=0D + .SecureBootKeyName =3D L"Food"=0D + };=0D +=0D + expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME,= sizeof (EFI_SECURE_BOOT_MODE_NAME));=0D + expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockGetVariable, *DataSize, 0);=0D +=0D + will_return (MockGetVariable, FALSE);=0D +=0D + Payload =3D AllocateCopyPool (sizeof (DbxDummy), &DbxDummy);=0D + Status =3D CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPay= loadTimestamp);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (Db= xDummy));=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + size= of (DbxDummy));=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + CopyMem (Payload, &DbDummy, sizeof (DbDummy));=0D + PayloadSize =3D sizeof (DbDummy);=0D + Status =3D CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaul= tPayloadTimestamp);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABAS= E, sizeof (EFI_IMAGE_SECURITY_DATABASE));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGui= d);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (Db= Dummy));=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + size= of (DbDummy));=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + CopyMem (Payload, &KekDummy, sizeof (KekDummy));=0D + PayloadSize =3D sizeof (KekDummy);=0D + Status =3D CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaul= tPayloadTimestamp);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (KekDummy));=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME,= sizeof (EFI_KEY_EXCHANGE_KEY_NAME));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (Ke= kDummy));=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + size= of (KekDummy));=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + CopyMem (Payload, &PkDummy, sizeof (PkDummy));=0D + PayloadSize =3D sizeof (PkDummy);=0D + Status =3D CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaul= tPayloadTimestamp);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D + UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (PkDummy));=0D +=0D + expect_memory (MockSetVariable, VariableName, EFI_PLATFORM_KEY_NAME, siz= eof (EFI_PLATFORM_KEY_NAME));=0D + expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);=0D + expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | E= FI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE= _TIME_BASED_AUTHENTICATED_WRITE_ACCESS);=0D + expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (Pk= Dummy));=0D + expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + size= of (PkDummy));=0D +=0D + will_return (MockSetVariable, EFI_SUCCESS);=0D +=0D + Status =3D SetSecureBootVariablesToDefault (&PayloadInfo);=0D + UT_ASSERT_NOT_EFI_ERROR (Status);=0D +=0D + return UNIT_TEST_PASSED;=0D +}=0D +=0D +/**=0D + Initialze the unit test framework, suite, and unit tests for the=0D + SecureBootVariableLib and run the SecureBootVariableLib unit test.=0D +=0D + @retval EFI_SUCCESS All test cases were dispatched.=0D + @retval EFI_OUT_OF_RESOURCES There are not enough resources available = to=0D + initialize the unit tests.=0D +**/=0D +STATIC=0D +EFI_STATUS=0D +EFIAPI=0D +UnitTestingEntry (=0D + VOID=0D + )=0D +{=0D + EFI_STATUS Status;=0D + UNIT_TEST_FRAMEWORK_HANDLE Framework;=0D + UNIT_TEST_SUITE_HANDLE SecureBootVarMiscTests;=0D + UNIT_TEST_SUITE_HANDLE SecureBootVarDeleteTests;=0D + UNIT_TEST_SUITE_HANDLE SecureBootVarEnrollTests;=0D +=0D + Framework =3D NULL;=0D +=0D + DEBUG ((DEBUG_INFO, "%a v%a\n", UNIT_TEST_APP_NAME, UNIT_TEST_APP_VERSIO= N));=0D +=0D + //=0D + // Start setting up the test framework for running the tests.=0D + //=0D + Status =3D InitUnitTestFramework (&Framework, UNIT_TEST_APP_NAME, gEfiCa= llerBaseName, UNIT_TEST_APP_VERSION);=0D + if (EFI_ERROR (Status)) {=0D + DEBUG ((DEBUG_ERROR, "Failed in InitUnitTestFramework. Status =3D %r\n= ", Status));=0D + goto EXIT;=0D + }=0D +=0D + //=0D + // Populate the SecureBootVariableLib Unit Test Suite.=0D + //=0D + Status =3D CreateUnitTestSuite (&SecureBootVarMiscTests, Framework, "Sec= ureBootVariableLib Miscellaneous Tests", "SecureBootVariableLib.Miscellaneo= us", NULL, NULL);=0D + if (EFI_ERROR (Status)) {=0D + DEBUG ((DEBUG_ERROR, "Failed in CreateUnitTestSuite for SecureBootVari= ableLib\n"));=0D + Status =3D EFI_OUT_OF_RESOURCES;=0D + goto EXIT;=0D + }=0D +=0D + Status =3D CreateUnitTestSuite (&SecureBootVarDeleteTests, Framework, "S= ecureBootVariableLib Deletion Tests", "SecureBootVariableLib.Deletion", NUL= L, NULL);=0D + if (EFI_ERROR (Status)) {=0D + DEBUG ((DEBUG_ERROR, "Failed in CreateUnitTestSuite for SecureBootVari= ableLib\n"));=0D + Status =3D EFI_OUT_OF_RESOURCES;=0D + goto EXIT;=0D + }=0D +=0D + Status =3D CreateUnitTestSuite (&SecureBootVarEnrollTests, Framework, "S= ecureBootVariableLib Enrollment Tests", "SecureBootVariableLib.Enrollment",= NULL, NULL);=0D + if (EFI_ERROR (Status)) {=0D + DEBUG ((DEBUG_ERROR, "Failed in CreateUnitTestSuite for SecureBootVari= ableLib\n"));=0D + Status =3D EFI_OUT_OF_RESOURCES;=0D + goto EXIT;=0D + }=0D +=0D + //=0D + // --------------Suite-----------Description--------------Name----------= Function--------Pre---Post-------------------Context-----------=0D + //=0D + AddTestCase (SecureBootVarMiscTests, "SetSecureBootMode should propagate= to set variable", "SetSecureBootMode", SetSecureBootModeShouldSetVar, NULL= , NULL, NULL);=0D + AddTestCase (SecureBootVarMiscTests, "GetSetupMode should propagate to g= et variable", "GetSetupMode", GetSetupModeShouldGetVar, NULL, NULL, NULL);= =0D + AddTestCase (SecureBootVarMiscTests, "IsSecureBootEnabled should propaga= te to get variable", "IsSecureBootEnabled", IsSecureBootEnableShouldGetVar,= NULL, NULL, NULL);=0D + AddTestCase (SecureBootVarMiscTests, "SecureBootCreateDataFromInput with= one input cert", "SecureBootCreateDataFromInput One Cert", SecureBootCreat= eDataFromInputSimple, NULL, NULL, NULL);=0D + AddTestCase (SecureBootVarMiscTests, "SecureBootCreateDataFromInput with= no input cert", "SecureBootCreateDataFromInput No Cert", SecureBootCreateD= ataFromInputNull, NULL, NULL, NULL);=0D + AddTestCase (SecureBootVarMiscTests, "SecureBootCreateDataFromInput with= multiple input cert", "SecureBootCreateDataFromInput No Cert", SecureBootC= reateDataFromInputMultiple, NULL, NULL, NULL);=0D + AddTestCase (SecureBootVarMiscTests, "CreateTimeBasedPayload should popu= late descriptor data", "CreateTimeBasedPayload Normal", CreateTimeBasedPayl= oadShouldPopulateDescriptor, NULL, NULL, NULL);=0D + AddTestCase (SecureBootVarMiscTests, "CreateTimeBasedPayload should fail= on NULL inputs", "CreateTimeBasedPayload NULL", CreateTimeBasedPayloadShou= ldCheckInput, NULL, NULL, NULL);=0D +=0D + AddTestCase (SecureBootVarDeleteTests, "DeleteDb should delete DB with a= uth info", "DeleteDb", DeleteDbShouldDelete, NULL, NULL, NULL);=0D + AddTestCase (SecureBootVarDeleteTests, "DeleteDbx should delete DBX with= auth info", "DeleteDbx", DeleteDbxShouldDelete, NULL, NULL, NULL);=0D + AddTestCase (SecureBootVarDeleteTests, "DeleteDbt should delete DBT with= auth info", "DeleteDbt", DeleteDbtShouldDelete, NULL, NULL, NULL);=0D + AddTestCase (SecureBootVarDeleteTests, "DeleteKEK should delete KEK with= auth info", "DeleteKEK", DeleteKEKShouldDelete, NULL, NULL, NULL);=0D + AddTestCase (SecureBootVarDeleteTests, "DeletePlatformKey should delete = PK with auth info", "DeletePlatformKey", DeletePKShouldDelete, NULL, NULL, = NULL);=0D + AddTestCase (SecureBootVarDeleteTests, "DeleteSecureBootVariables should= delete properly", "DeleteSecureBootVariables Normal", DeleteSecureBootVari= ablesShouldDelete, NULL, NULL, NULL);=0D + AddTestCase (SecureBootVarDeleteTests, "DeleteSecureBootVariables should= fail if protection disable fails", "DeleteSecureBootVariables Fail", Delet= eSecureBootVariablesShouldCheckProtection, NULL, NULL, NULL);=0D + AddTestCase (SecureBootVarDeleteTests, "DeleteSecureBootVariables should= continue if any variable is not found", "DeleteSecureBootVariables Proceed= ", DeleteSecureBootVariablesShouldProceedWithNotFound, NULL, NULL, NULL);=0D +=0D + AddTestCase (SecureBootVarEnrollTests, "EnrollFromInput should supply wi= th authenticated payload", "EnrollFromInput Normal", EnrollFromInputShouldC= omplete, NULL, NULL, NULL);=0D + AddTestCase (SecureBootVarEnrollTests, "SetSecureBootVariablesToDefault = should complete", "SetSecureBootVariablesToDefault Normal", SetSecureBootVa= riablesShouldComplete, NULL, NULL, NULL);=0D + AddTestCase (SecureBootVarEnrollTests, "SetSecureBootVariablesToDefault = should stop when already enabled", "SetSecureBootVariablesToDefault Already= Started", SetSecureBootVariablesShouldStopWhenSecure, NULL, NULL, NULL);=0D + AddTestCase (SecureBootVarEnrollTests, "SetSecureBootVariablesToDefault = should stop when DB failed", "SetSecureBootVariablesToDefault Fails DB", Se= tSecureBootVariablesShouldStopFailDB, NULL, NULL, NULL);=0D + AddTestCase (SecureBootVarEnrollTests, "SetSecureBootVariablesToDefault = should stop when DBT failed", "SetSecureBootVariablesToDefault Fails DBT", = SetSecureBootVariablesShouldStopFailDBT, NULL, NULL, NULL);=0D + AddTestCase (SecureBootVarEnrollTests, "SetSecureBootVariablesToDefault = should stop when DBX failed", "SetSecureBootVariablesToDefault Fails DBX", = SetSecureBootVariablesShouldStopFailDBX, NULL, NULL, NULL);=0D + AddTestCase (SecureBootVarEnrollTests, "SetSecureBootVariablesToDefault = should stop when KEK failed", "SetSecureBootVariablesToDefault Fails KEK", = SetSecureBootVariablesShouldStopFailKEK, NULL, NULL, NULL);=0D + AddTestCase (SecureBootVarEnrollTests, "SetSecureBootVariablesToDefault = should stop when PK failed", "SetSecureBootVariablesToDefault Fails PK", Se= tSecureBootVariablesShouldStopFailPK, NULL, NULL, NULL);=0D + AddTestCase (SecureBootVarEnrollTests, "SetSecureBootVariablesToDefault = should only be optional", "SetSecureBootVariablesToDefault DBT Optional", S= etSecureBootVariablesDBTOptional, NULL, NULL, NULL);=0D +=0D + //=0D + // Execute the tests.=0D + //=0D + Status =3D RunAllTestSuites (Framework);=0D +=0D +EXIT:=0D + if (Framework) {=0D + FreeUnitTestFramework (Framework);=0D + }=0D +=0D + return Status;=0D +}=0D +=0D +/**=0D + Standard POSIX C entry point for host based unit test execution.=0D +**/=0D +int=0D +main (=0D + int argc,=0D + char *argv[]=0D + )=0D +{=0D + return UnitTestingEntry ();=0D +}=0D diff --git a/SecurityPkg/Library/SecureBootVariableLib/UnitTest/MockPlatfor= mPKProtectionLib.inf b/SecurityPkg/Library/SecureBootVariableLib/UnitTest/M= ockPlatformPKProtectionLib.inf new file mode 100644 index 000000000000..1e19033c5a91 --- /dev/null +++ b/SecurityPkg/Library/SecureBootVariableLib/UnitTest/MockPlatformPKProt= ectionLib.inf @@ -0,0 +1,33 @@ +## @file=0D +# Provides an abstracted interface for configuring PK related variable pr= otection.=0D +#=0D +# Copyright (c) Microsoft Corporation.=0D +# SPDX-License-Identifier: BSD-2-Clause-Patent=0D +#=0D +##=0D +=0D +[Defines]=0D + INF_VERSION =3D 0x00010005=0D + BASE_NAME =3D MockPlatformPKProtectionLib=0D + FILE_GUID =3D 5FCD74D3-3965-4D56-AB83-000B9B4806A0= =0D + MODULE_TYPE =3D DXE_DRIVER=0D + VERSION_STRING =3D 1.0=0D + LIBRARY_CLASS =3D PlatformPKProtectionLib|HOST_APPLICAT= ION=0D +=0D +#=0D +# The following information is for reference only and not required by the = build tools.=0D +#=0D +# VALID_ARCHITECTURES =3D IA32 X64 AARCH64=0D +#=0D +=0D +[Sources]=0D + MockPlatformPKProtectionLib.c=0D +=0D +[Packages]=0D + MdePkg/MdePkg.dec=0D + MdeModulePkg/MdeModulePkg.dec=0D + SecurityPkg/SecurityPkg.dec=0D + UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec=0D +=0D +[LibraryClasses]=0D + UnitTestLib=0D diff --git a/SecurityPkg/Library/SecureBootVariableLib/UnitTest/MockUefiLib= .inf b/SecurityPkg/Library/SecureBootVariableLib/UnitTest/MockUefiLib.inf new file mode 100644 index 000000000000..a84242ac7205 --- /dev/null +++ b/SecurityPkg/Library/SecureBootVariableLib/UnitTest/MockUefiLib.inf @@ -0,0 +1,45 @@ +## @file=0D +# Instance of UEFI Library.=0D +#=0D +# The UEFI Library provides functions and macros that simplify the develop= ment of=0D +# UEFI Drivers and UEFI Applications. These functions and macros help ma= nage EFI=0D +# events, build simple locks utilizing EFI Task Priority Levels (TPLs), i= nstall=0D +# EFI Driver Model related protocols, manage Unicode string tables for UE= FI Drivers,=0D +# and print messages on the console output and standard error devices.=0D +#=0D +# Copyright (c) 2007 - 2018, Intel Corporation. All rights reserved.
=0D +#=0D +# SPDX-License-Identifier: BSD-2-Clause-Patent=0D +#=0D +#=0D +##=0D +=0D +[Defines]=0D + INF_VERSION =3D 0x00010005=0D + BASE_NAME =3D MockUefiLib=0D + FILE_GUID =3D E3B7AEF9-4E55-49AF-B035-ED776C928EC6= =0D + MODULE_TYPE =3D UEFI_DRIVER=0D + VERSION_STRING =3D 1.0=0D + LIBRARY_CLASS =3D UefiLib|HOST_APPLICATION=0D +=0D +#=0D +# VALID_ARCHITECTURES =3D IA32 X64 EBC=0D +#=0D +=0D +[Sources]=0D + MockUefiLib.c=0D +=0D +[Packages]=0D + MdePkg/MdePkg.dec=0D +=0D +[LibraryClasses]=0D + PrintLib=0D + PcdLib=0D + MemoryAllocationLib=0D + DebugLib=0D + BaseMemoryLib=0D + BaseLib=0D + UefiRuntimeServicesTableLib=0D +=0D +[Guids]=0D + gEfiGlobalVariableGuid ## SOMETIMES_CONSUMES ## = Variable=0D diff --git a/SecurityPkg/Library/SecureBootVariableLib/UnitTest/MockUefiRun= timeServicesTableLib.inf b/SecurityPkg/Library/SecureBootVariableLib/UnitTe= st/MockUefiRuntimeServicesTableLib.inf new file mode 100644 index 000000000000..f832a93e2254 --- /dev/null +++ b/SecurityPkg/Library/SecureBootVariableLib/UnitTest/MockUefiRuntimeSer= vicesTableLib.inf @@ -0,0 +1,25 @@ +## @file=0D +# Mock implementation of the UEFI Runtime Services Table Library.=0D +#=0D +# Copyright (c) 2020, Intel Corporation. All rights reserved.
=0D +# SPDX-License-Identifier: BSD-2-Clause-Patent=0D +#=0D +##=0D +=0D +[Defines]=0D + INF_VERSION =3D 0x00010005=0D + BASE_NAME =3D MockUefiRuntimeServicesTableLib=0D + FILE_GUID =3D 84CE0021-ABEE-403C-9A1B-763CCF2D40F1= =0D + MODULE_TYPE =3D UEFI_DRIVER=0D + VERSION_STRING =3D 1.0=0D + LIBRARY_CLASS =3D UefiRuntimeServicesTableLib|HOST_APPL= ICATION=0D +=0D +#=0D +# VALID_ARCHITECTURES =3D IA32 X64 EBC=0D +#=0D +=0D +[Sources]=0D + MockUefiRuntimeServicesTableLib.c=0D +=0D +[Packages]=0D + MdePkg/MdePkg.dec=0D diff --git a/SecurityPkg/Library/SecureBootVariableLib/UnitTest/SecureBootV= ariableLibUnitTest.inf b/SecurityPkg/Library/SecureBootVariableLib/UnitTest= /SecureBootVariableLibUnitTest.inf new file mode 100644 index 000000000000..f99fb09be52e --- /dev/null +++ b/SecurityPkg/Library/SecureBootVariableLib/UnitTest/SecureBootVariable= LibUnitTest.inf @@ -0,0 +1,36 @@ +## @file=0D +# Unit tests of the implementation of SecureBootVariableLib.=0D +#=0D +# Copyright (C) Microsoft Corporation.=0D +# SPDX-License-Identifier: BSD-2-Clause-Patent=0D +##=0D +=0D +[Defines]=0D + INF_VERSION =3D 0x00010006=0D + BASE_NAME =3D SecureBootVariableLibUnitTest=0D + FILE_GUID =3D 71C5359E-08FB-450E-9766-BC70482DF66B= =0D + MODULE_TYPE =3D HOST_APPLICATION=0D + VERSION_STRING =3D 1.0=0D +=0D +#=0D +# The following information is for reference only and not required by the = build tools.=0D +#=0D +# VALID_ARCHITECTURES =3D IA32 X64=0D +#=0D +=0D +[Sources]=0D + SecureBootVariableLibUnitTest.c=0D +=0D +[Packages]=0D + MdePkg/MdePkg.dec=0D + MdeModulePkg/MdeModulePkg.dec=0D + SecurityPkg/SecurityPkg.dec=0D + UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec=0D +=0D +[LibraryClasses]=0D + SecureBootVariableLib=0D + BaseLib=0D + BaseMemoryLib=0D + DebugLib=0D + UefiLib=0D + UnitTestLib=0D diff --git a/SecurityPkg/SecurityPkg.ci.yaml b/SecurityPkg/SecurityPkg.ci.y= aml index 791214239899..2138b0a5e21b 100644 --- a/SecurityPkg/SecurityPkg.ci.yaml +++ b/SecurityPkg/SecurityPkg.ci.yaml @@ -15,6 +15,7 @@ ## "", ""=0D ## ]=0D "ExceptionList": [=0D + "8005", "gRT",=0D ],=0D ## Both file path and directory path are accepted.=0D "IgnoreFiles": [=0D @@ -26,6 +27,10 @@ "CompilerPlugin": {=0D "DscPath": "SecurityPkg.dsc"=0D },=0D + ## options defined .pytool/Plugin/HostUnitTestCompilerPlugin=0D + "HostUnitTestCompilerPlugin": {=0D + "DscPath": "Test/SecurityPkgHostTest.dsc"=0D + },=0D "CharEncodingCheck": {=0D "IgnoreFiles": []=0D },=0D @@ -33,6 +38,7 @@ "AcceptableDependencies": [=0D "MdePkg/MdePkg.dec",=0D "MdeModulePkg/MdeModulePkg.dec",=0D + "UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec",=0D "SecurityPkg/SecurityPkg.dec",=0D "StandaloneMmPkg/StandaloneMmPkg.dec",=0D "CryptoPkg/CryptoPkg.dec"=0D @@ -47,6 +53,11 @@ "DscPath": "SecurityPkg.dsc",=0D "IgnoreInf": []=0D },=0D + ## options defined .pytool/Plugin/HostUnitTestDscCompleteCheck=0D + "HostUnitTestDscCompleteCheck": {=0D + "IgnoreInf": [""],=0D + "DscPath": "Test/SecurityPkgHostTest.dsc"=0D + },=0D "GuidCheck": {=0D "IgnoreGuidName": [],=0D "IgnoreGuidValue": ["00000000-0000-0000-0000-000000000000"],=0D diff --git a/SecurityPkg/Test/SecurityPkgHostTest.dsc b/SecurityPkg/Test/Se= curityPkgHostTest.dsc new file mode 100644 index 000000000000..c4df01fe1b73 --- /dev/null +++ b/SecurityPkg/Test/SecurityPkgHostTest.dsc @@ -0,0 +1,38 @@ +## @file=0D +# SecurityPkg DSC file used to build host-based unit tests.=0D +#=0D +# Copyright (C) Microsoft Corporation.=0D +# SPDX-License-Identifier: BSD-2-Clause-Patent=0D +#=0D +##=0D +=0D +[Defines]=0D + PLATFORM_NAME =3D SecurityPkgHostTest=0D + PLATFORM_GUID =3D 9D78A9B4-00CD-477E-A5BF-90CC793EEFB0=0D + PLATFORM_VERSION =3D 0.1=0D + DSC_SPECIFICATION =3D 0x00010005=0D + OUTPUT_DIRECTORY =3D Build/SecurityPkg/HostTest=0D + SUPPORTED_ARCHITECTURES =3D IA32|X64=0D + BUILD_TARGETS =3D NOOPT=0D + SKUID_IDENTIFIER =3D DEFAULT=0D +=0D +!include UnitTestFrameworkPkg/UnitTestFrameworkPkgHost.dsc.inc=0D +=0D +[LibraryClasses]=0D + SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf=0D +=0D +[Components]=0D + SecurityPkg/Library/SecureBootVariableLib/UnitTest/MockUefiRuntimeServic= esTableLib.inf=0D + SecurityPkg/Library/SecureBootVariableLib/UnitTest/MockPlatformPKProtect= ionLib.inf=0D + SecurityPkg/Library/SecureBootVariableLib/UnitTest/MockUefiLib.inf=0D +=0D + #=0D + # Build SecurityPkg HOST_APPLICATION Tests=0D + #=0D + SecurityPkg/Library/SecureBootVariableLib/UnitTest/SecureBootVariableLib= UnitTest.inf {=0D + =0D + SecureBootVariableLib|SecurityPkg/Library/SecureBootVariableLib/Secu= reBootVariableLib.inf=0D + UefiRuntimeServicesTableLib|SecurityPkg/Library/SecureBootVariableLi= b/UnitTest/MockUefiRuntimeServicesTableLib.inf=0D + PlatformPKProtectionLib|SecurityPkg/Library/SecureBootVariableLib/Un= itTest/MockPlatformPKProtectionLib.inf=0D + UefiLib|SecurityPkg/Library/SecureBootVariableLib/UnitTest/MockUefiL= ib.inf=0D + }=0D --=20 2.36.0.windows.1