From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bounce+27952+108967+7686176+12367111@groups.io>
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108])
	by spool.mail.gandi.net (Postfix) with ESMTPS id 2B7CA941DF3
	for <rebecca@openfw.io>; Thu, 21 Sep 2023 19:03:49 +0000 (UTC)
DKIM-Signature: a=rsa-sha256; bh=jXdMZQ0aInv8sR9Fv9FF6ugwvD+sfTjaYzxzOUF7t3E=;
 c=relaxed/simple; d=groups.io;
 h=Message-ID:Date:MIME-Version:User-Agent:Subject:To:References:From:Cc:In-Reply-To:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding;
 s=20140610; t=1695323027; v=1;
 b=oJ3f04O8D1dp130x/7SAhzSfJ9xa6jvuK5l1gM0u4niiLGTL8D7ljbD64vkmgigh1bgX6PqP
 l2NSP5z8sqQ3i9p6Ib3BtEijTDCPwugbC38iwOnBTqeChYslR0ZNi773Dso7LZod2YNmRGCwlsw
 B+zKqigDTEC4W0WMwvo/oukQ=
X-Received: by 127.0.0.2 with SMTP id eNjJYY7687511xEX7zsgnCaD; Thu, 21 Sep 2023 12:03:47 -0700
X-Received: from foss.arm.com (foss.arm.com [217.140.110.172])
 by mx.groups.io with SMTP id smtpd.web10.4268.1695323027206531603
 for <devel@edk2.groups.io>;
 Thu, 21 Sep 2023 12:03:47 -0700
X-Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14])
	by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 0B700DA7;
	Thu, 21 Sep 2023 12:04:24 -0700 (PDT)
X-Received: from [10.118.106.172] (C02F85CGML7H.austin.arm.com [10.118.106.172])
	by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id C6BF03F67D;
	Thu, 21 Sep 2023 12:03:46 -0700 (PDT)
Message-ID: <21b940cc-3d0e-ee7c-c718-1b977e699cbc@arm.com>
Date: Thu, 21 Sep 2023 14:03:46 -0500
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0)
 Gecko/20100101 Thunderbird/102.15.0
Subject: Re: [edk2-devel] [PATCH v2 6/6] uefi-sct/SctPkg: TCG MORLOCK Locked with Key State Test
To: devel@edk2.groups.io, Abhi.Singh@arm.com
References: <20230921163748.275971-1-Abhi.Singh@arm.com>
 <20230921163748.275971-7-Abhi.Singh@arm.com>
From: "Stuart Yoder" <stuart.yoder@arm.com>
Cc: G Edhaya Chandran <Edhaya.Chandran@arm.com>,
 Barton Gao <gaojie@byosoft.com.cn>,
 Carolyn Gjertsen <Carolyn.Gjertsen@amd.com>
In-Reply-To: <20230921163748.275971-7-Abhi.Singh@arm.com>
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,stuart.yoder@arm.com
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: <https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/plugh>
X-Gm-Message-State: rZkgZBo61XaV6YK9kjHyQdnzx7686176AA=
Content-Language: en-US
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: quoted-printable
X-GND-Status: LEGIT
Authentication-Results: spool.mail.gandi.net;
	dkim=pass header.d=groups.io header.s=20140610 header.b=oJ3f04O8;
	dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=arm.com (policy=none);
	spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io

See inline comments...


On 9/21/23 11:37 AM, Abhimanyu Singh via groups.io wrote:
> SCT spec: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4374
>=20
> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4419
>=20
> -Implement MemoryOverwriteRequestControlLock Locked with
>   Key State test cases
>   -Add remaining Assertions 33 - 49 from SCT spec
>   -Add Test Case to MemoryOverwriteRequestFunctionTest
>=20
> Cc: G Edhaya Chandran <Edhaya.Chandran@arm.com>
> Cc: Barton Gao <gaojie@byosoft.com.cn>
> Cc: Carolyn Gjertsen <Carolyn.Gjertsen@amd.com>
> Signed-off-by: Abhi Singh <Abhi.Singh@arm.com>
> Change-Id: Ifade96b0c6ec9e7f9bfb0eba8ceeb92380271e8b
> ---

[cut]

> +  StandardLib->RecordAssertion (
> +                  StandardLib,
> +                  Result,
> +                  gTCGMemoryOverwriteRequestTestFunctionAssertionGuid044=
,
> +                  L"MemoryOverwriteRequestControl - SetVariable() return=
s EFI_ACCESS_DENIED when Lock is Set with no key",
> +                  L"%a:%d:Status - %r",
> +                  __FILE__,
> +                  (UINTN)__LINE__,
> +                  Status
> +                  );
> +
> +  DataSize =3D sizeof(MemoryOverwriteRequestControlData);
> +  Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES;
> +
> +  Status =3D gtRT->GetVariable (
> +                  L"MemoryOverwriteRequestControl",     // VariableName
> +                  &gEfiMemoryOverwriteControlDataGuid,  // VendorGuid
> +                  &Attributes,                          // Attributes
> +                  &DataSize,                            // DataSize
> +                  &MemoryOverwriteRequestControlData    // Data
> +                  );
> +
> +  // verifying that the variable has not been modified with SetVar
> +  if (MemoryOverwriteRequestControlDataCached =3D=3D MemoryOverwriteRequ=
estControlData) {
> +    Result =3D EFI_TEST_ASSERTION_PASSED;
> +  } else {
> +    Result =3D EFI_TEST_ASSERTION_FAILED;
> +  }
> +
> +  StandardLib->RecordAssertion (
> +                  StandardLib,
> +                  Result,
> +                  gTCGMemoryOverwriteRequestTestFunctionAssertionGuid045=
,
> +                  L"MemoryOverwriteRequestControl - SetVariable() value =
remains unchanged when Lock is Set with no key",
> +                  L"%a:%d:Status - %r",
> +                  __FILE__,
> +                  (UINTN)__LINE__,
> +                  Status
> +                  );
> +
> +  //
> +  // When Locked with an 8 byte Key, SetVariable() with 8 byte key !=3D =
key used to set
> +  // the lock, in this case 0x11111111, must return EFI_ACCESS_DENIED an=
d lock must
> +  // be updated Locked without key (Data value =3D 0x01) to prevent dict=
onary attack
> +  // The invalid key to be used to attempt unlock is =3D 0x22222222
> +  //
> +  DataSize =3D MOR_LOCK_WITH_KEY_SIZE;
> +  Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES;
> +  MemoryOverwriteControlLockKeyValue =3D MOR_LOCK_INVALID_TEST_KEY; //IN=
VALID KEY !=3D 0x11111111

Nit- space after comment char.

Thanks,
Stuart


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#108967): https://edk2.groups.io/g/devel/message/108967
Mute This Topic: https://groups.io/mt/101504341/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-