From: "Gao, Liming" <liming.gao@intel.com>
To: "Bi, Dandan" <dandan.bi@intel.com>,
"edk2-devel@lists.01.org" <edk2-devel@lists.01.org>
Cc: "Dong, Eric" <eric.dong@intel.com>, "Yao, Jiewen" <jiewen.yao@intel.com>
Subject: Re: [PATCH v2] MdeModulePkg/DriverSample: Remove the password related codes
Date: Wed, 23 Nov 2016 08:52:18 +0000 [thread overview]
Message-ID: <4A89E2EF3DFEDB4C8BFDE51014F606A14B4B88EF@shsmsx102.ccr.corp.intel.com> (raw)
In-Reply-To: <1479890490-84420-1-git-send-email-dandan.bi@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
> -----Original Message-----
> From: Bi, Dandan
> Sent: Wednesday, November 23, 2016 4:42 PM
> To: edk2-devel@lists.01.org
> Cc: Gao, Liming <liming.gao@intel.com>; Dong, Eric <eric.dong@intel.com>;
> Yao, Jiewen <jiewen.yao@intel.com>
> Subject: [PATCH v2] MdeModulePkg/DriverSample: Remove the password
> related codes
>
> V2: Remove the PasswordState which is not used anymore.
>
> In current DriverSampleDxe, the sample code of password is
> not a good example, so we plan to remove it.
>
> Cc: Liming Gao <liming.gao@intel.com>
> Cc: Eric Dong <eric.dong@intel.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Dandan Bi <dandan.bi@intel.com>
> ---
> .../Universal/DriverSampleDxe/DriverSample.c | 262 ---------------------
> .../Universal/DriverSampleDxe/DriverSample.h | 1 -
> .../Universal/DriverSampleDxe/NVDataStruc.h | 2 -
> MdeModulePkg/Universal/DriverSampleDxe/Vfr.vfr | 20 --
> .../Universal/DriverSampleDxe/VfrStrings.uni | 8 -
> 5 files changed, 293 deletions(-)
>
> diff --git a/MdeModulePkg/Universal/DriverSampleDxe/DriverSample.c
> b/MdeModulePkg/Universal/DriverSampleDxe/DriverSample.c
> index 3c494e3..1b58a8d 100644
> --- a/MdeModulePkg/Universal/DriverSampleDxe/DriverSample.c
> +++ b/MdeModulePkg/Universal/DriverSampleDxe/DriverSample.c
> @@ -259,237 +259,10 @@ InternalStopMonitor(
> }
> }
> return EFI_SUCCESS;
> }
>
> -
> -/**
> - Encode the password using a simple algorithm.
> -
> - @param Password The string to be encoded.
> - @param MaxSize The size of the string.
> -
> -**/
> -VOID
> -EncodePassword (
> - IN CHAR16 *Password,
> - IN UINTN MaxSize
> - )
> -{
> - UINTN Index;
> - UINTN Loop;
> - CHAR16 *Buffer;
> - CHAR16 *Key;
> -
> - Key = L"MAR10648567";
> - Buffer = AllocateZeroPool (MaxSize);
> - ASSERT (Buffer != NULL);
> -
> - for (Index = 0; Key[Index] != 0; Index++) {
> - for (Loop = 0; Loop < (UINT8) (MaxSize / 2); Loop++) {
> - Buffer[Loop] = (CHAR16) (Password[Loop] ^ Key[Index]);
> - }
> - }
> -
> - CopyMem (Password, Buffer, MaxSize);
> -
> - FreePool (Buffer);
> - return ;
> -}
> -
> -/**
> - Validate the user's password.
> -
> - @param PrivateData This driver's private context data.
> - @param StringId The user's input.
> -
> - @retval EFI_SUCCESS The user's input matches the password.
> - @retval EFI_NOT_READY The user's input does not match the password.
> -**/
> -EFI_STATUS
> -ValidatePassword (
> - IN DRIVER_SAMPLE_PRIVATE_DATA *PrivateData,
> - IN EFI_STRING_ID StringId
> - )
> -{
> - EFI_STATUS Status;
> - UINTN Index;
> - UINTN BufferSize;
> - UINTN PasswordMaxSize;
> - CHAR16 *Password;
> - CHAR16 *EncodedPassword;
> - BOOLEAN OldPassword;
> -
> - //
> - // Get encoded password first
> - //
> - BufferSize = sizeof (DRIVER_SAMPLE_CONFIGURATION);
> - Status = gRT->GetVariable (
> - VariableName,
> - &gDriverSampleFormSetGuid,
> - NULL,
> - &BufferSize,
> - &PrivateData->Configuration
> - );
> - if (EFI_ERROR (Status)) {
> - //
> - // Old password not exist, prompt for new password
> - //
> - return EFI_SUCCESS;
> - }
> -
> - OldPassword = FALSE;
> - PasswordMaxSize = sizeof (PrivateData-
> >Configuration.WhatIsThePassword2);
> - //
> - // Check whether we have any old password set
> - //
> - for (Index = 0; Index < PasswordMaxSize / sizeof (UINT16); Index++) {
> - if (PrivateData->Configuration.WhatIsThePassword2[Index] != 0) {
> - OldPassword = TRUE;
> - break;
> - }
> - }
> - if (!OldPassword) {
> - //
> - // Old password not exist, return EFI_SUCCESS to prompt for new
> password
> - //
> - return EFI_SUCCESS;
> - }
> -
> - //
> - // Get user input password
> - //
> - Password = HiiGetString (PrivateData->HiiHandle[0], StringId, NULL);
> - if (Password == NULL) {
> - return EFI_NOT_READY;
> - }
> - if (StrSize (Password) > PasswordMaxSize) {
> - FreePool (Password);
> - return EFI_NOT_READY;
> - }
> -
> - //
> - // Validate old password
> - //
> - EncodedPassword = AllocateZeroPool (PasswordMaxSize);
> - ASSERT (EncodedPassword != NULL);
> - StrnCpyS (EncodedPassword, PasswordMaxSize / sizeof (CHAR16),
> Password, StrLen (Password));
> - EncodePassword (EncodedPassword, StrLen (EncodedPassword) * sizeof
> (CHAR16));
> - if (CompareMem (EncodedPassword, PrivateData-
> >Configuration.WhatIsThePassword2, PasswordMaxSize) != 0) {
> - //
> - // Old password mismatch, return EFI_NOT_READY to prompt for error
> message
> - //
> - Status = EFI_NOT_READY;
> - } else {
> - Status = EFI_SUCCESS;
> - }
> -
> - FreePool (Password);
> - FreePool (EncodedPassword);
> -
> - return Status;
> -}
> -
> -/**
> - Encode the password using a simple algorithm.
> -
> - @param PrivateData This driver's private context data.
> - @param StringId The password from User.
> -
> - @retval EFI_SUCESS The operation is successful.
> - @return Other value if gRT->SetVariable () fails.
> -
> -**/
> -EFI_STATUS
> -SetPassword (
> - IN DRIVER_SAMPLE_PRIVATE_DATA *PrivateData,
> - IN EFI_STRING_ID StringId
> - )
> -{
> - EFI_STATUS Status;
> - CHAR16 *Password;
> - CHAR16 *TempPassword;
> - UINTN PasswordSize;
> - DRIVER_SAMPLE_CONFIGURATION *Configuration;
> - UINTN BufferSize;
> -
> - //
> - // Get Buffer Storage data from EFI variable
> - //
> - BufferSize = sizeof (DRIVER_SAMPLE_CONFIGURATION);
> - Status = gRT->GetVariable (
> - VariableName,
> - &gDriverSampleFormSetGuid,
> - NULL,
> - &BufferSize,
> - &PrivateData->Configuration
> - );
> - if (EFI_ERROR (Status)) {
> - return Status;
> - }
> -
> - //
> - // Get user input password
> - //
> - Password = PrivateData->Configuration.WhatIsThePassword2;
> - PasswordSize = sizeof (PrivateData->Configuration.WhatIsThePassword2);
> - ZeroMem (Password, PasswordSize);
> -
> - TempPassword = HiiGetString (PrivateData->HiiHandle[0], StringId, NULL);
> - if (TempPassword == NULL) {
> - return EFI_NOT_READY;
> - }
> - if (StrSize (TempPassword) > PasswordSize) {
> - FreePool (TempPassword);
> - return EFI_NOT_READY;
> - }
> - StrnCpyS (Password, PasswordSize / sizeof (CHAR16), TempPassword,
> StrLen (TempPassword));
> - FreePool (TempPassword);
> -
> - //
> - // Retrieve uncommitted data from Browser
> - //
> - Configuration = AllocateZeroPool (sizeof
> (DRIVER_SAMPLE_CONFIGURATION));
> - ASSERT (Configuration != NULL);
> - if (HiiGetBrowserData (&gDriverSampleFormSetGuid, VariableName, sizeof
> (DRIVER_SAMPLE_CONFIGURATION), (UINT8 *) Configuration)) {
> - //
> - // Update password's clear text in the screen
> - //
> - CopyMem (Configuration->PasswordClearText, Password, StrSize
> (Password));
> -
> - //
> - // Update uncommitted data of Browser
> - //
> - HiiSetBrowserData (
> - &gDriverSampleFormSetGuid,
> - VariableName,
> - sizeof (DRIVER_SAMPLE_CONFIGURATION),
> - (UINT8 *) Configuration,
> - NULL
> - );
> - }
> -
> - //
> - // Free Configuration Buffer
> - //
> - FreePool (Configuration);
> -
> -
> - //
> - // Set password
> - //
> - EncodePassword (Password, StrLen (Password) * 2);
> - Status = gRT->SetVariable(
> - VariableName,
> - &gDriverSampleFormSetGuid,
> - EFI_VARIABLE_NON_VOLATILE |
> EFI_VARIABLE_BOOTSERVICE_ACCESS,
> - sizeof (DRIVER_SAMPLE_CONFIGURATION),
> - &PrivateData->Configuration
> - );
> - return Status;
> -}
> -
> /**
> Update names of Name/Value storage to current language.
>
> @param PrivateData Points to the driver private data.
>
> @@ -1726,44 +1499,10 @@ DriverCallback (
> HiiFreeOpCodeHandle (StartOpCodeHandle);
> HiiFreeOpCodeHandle (OptionsOpCodeHandle);
> HiiFreeOpCodeHandle (EndOpCodeHandle);
> break;
>
> - case 0x2000:
> - //
> - // Only used to update the state.
> - //
> - if ((Type == EFI_IFR_TYPE_STRING) && (Value->string == 0) &&
> - (PrivateData->PasswordState == BROWSER_STATE_SET_PASSWORD)) {
> - PrivateData->PasswordState =
> BROWSER_STATE_VALIDATE_PASSWORD;
> - return EFI_INVALID_PARAMETER;
> - }
> -
> - //
> - // When try to set a new password, user will be chanlleged with old
> password.
> - // The Callback is responsible for validating old password input by user,
> - // If Callback return EFI_SUCCESS, it indicates validation pass.
> - //
> - switch (PrivateData->PasswordState) {
> - case BROWSER_STATE_VALIDATE_PASSWORD:
> - Status = ValidatePassword (PrivateData, Value->string);
> - if (Status == EFI_SUCCESS) {
> - PrivateData->PasswordState = BROWSER_STATE_SET_PASSWORD;
> - }
> - break;
> -
> - case BROWSER_STATE_SET_PASSWORD:
> - Status = SetPassword (PrivateData, Value->string);
> - PrivateData->PasswordState =
> BROWSER_STATE_VALIDATE_PASSWORD;
> - break;
> -
> - default:
> - break;
> - }
> -
> - break;
> -
> default:
> break;
> }
> }
> break;
> @@ -1981,11 +1720,10 @@ DriverSampleInit (
> mPrivateData->Signature = DRIVER_SAMPLE_PRIVATE_SIGNATURE;
>
> mPrivateData->ConfigAccess.ExtractConfig = ExtractConfig;
> mPrivateData->ConfigAccess.RouteConfig = RouteConfig;
> mPrivateData->ConfigAccess.Callback = DriverCallback;
> - mPrivateData->PasswordState = BROWSER_STATE_VALIDATE_PASSWORD;
>
> //
> // Locate Hii Database protocol
> //
> Status = gBS->LocateProtocol (&gEfiHiiDatabaseProtocolGuid, NULL, (VOID
> **) &HiiDatabase);
> diff --git a/MdeModulePkg/Universal/DriverSampleDxe/DriverSample.h
> b/MdeModulePkg/Universal/DriverSampleDxe/DriverSample.h
> index 97dee9c..5b291bd 100644
> --- a/MdeModulePkg/Universal/DriverSampleDxe/DriverSample.h
> +++ b/MdeModulePkg/Universal/DriverSampleDxe/DriverSample.h
> @@ -82,11 +82,10 @@ typedef struct {
>
> EFI_HANDLE DriverHandle[2];
> EFI_HII_HANDLE HiiHandle[2];
> DRIVER_SAMPLE_CONFIGURATION Configuration;
> MY_EFI_VARSTORE_DATA VarStoreConfig;
> - UINT8 PasswordState;
>
> //
> // Name/Value storage Name list
> //
> EFI_STRING_ID NameStringId[NAME_VALUE_NAME_NUMBER];
> diff --git a/MdeModulePkg/Universal/DriverSampleDxe/NVDataStruc.h
> b/MdeModulePkg/Universal/DriverSampleDxe/NVDataStruc.h
> index 3dfacca..195cc8a 100644
> --- a/MdeModulePkg/Universal/DriverSampleDxe/NVDataStruc.h
> +++ b/MdeModulePkg/Universal/DriverSampleDxe/NVDataStruc.h
> @@ -32,13 +32,11 @@ Revision History:
>
> #define CONFIGURATION_VARSTORE_ID 0x1234
>
> #pragma pack(1)
> typedef struct {
> - UINT16 WhatIsThePassword2[20];
> UINT16 MyStringData[40];
> - UINT16 PasswordClearText[20];
> UINT16 SomethingHiddenForHtml;
> UINT8 HowOldAreYouInYearsManual;
> UINT16 HowTallAreYouManual;
> UINT8 HowOldAreYouInYears;
> UINT16 HowTallAreYou;
> diff --git a/MdeModulePkg/Universal/DriverSampleDxe/Vfr.vfr
> b/MdeModulePkg/Universal/DriverSampleDxe/Vfr.vfr
> index fe9a449..4bdaf76 100644
> --- a/MdeModulePkg/Universal/DriverSampleDxe/Vfr.vfr
> +++ b/MdeModulePkg/Universal/DriverSampleDxe/Vfr.vfr
> @@ -456,30 +456,10 @@ formset
> defaultstore = MyManufactureDefault,
> prompt = STRING_TOKEN(STR_MANUFACTURE_DEFAULT_PROMPT),
> help = STRING_TOKEN(STR_MANUFACTURE_DEFAULT_HELP),
> endresetbutton;
>
> - string varid = MyIfrNVData.PasswordClearText,
> - prompt = STRING_TOKEN(STR_MY_STRING_PROMPT),
> - help = STRING_TOKEN(STR_MY_STRING_HELP),
> - minsize = 6,
> - maxsize = 0x14,
> - default = STRING_TOKEN(STR_MY_STRING_DEFAULT),
> - endstring;
> -
> - //
> - // Interactive password, validate via ConfigAccess.Callback()
> - //
> - password varid = MyIfrNVData.WhatIsThePassword2,
> - prompt = STRING_TOKEN(STR_PASSWORD_CALLBACK_PROMPT),
> - help = STRING_TOKEN(STR_PASSWORD_HELP),
> - flags = INTERACTIVE,
> - key = 0x2000,
> - minsize = 6,
> - maxsize = 20,
> - endpassword;
> -
> //
> // Sample use case for IFR Security op-code
> //
> grayoutif NOT security (EFI_USER_INFO_ACCESS_SETUP_ADMIN_GUID);
> text
> diff --git a/MdeModulePkg/Universal/DriverSampleDxe/VfrStrings.uni
> b/MdeModulePkg/Universal/DriverSampleDxe/VfrStrings.uni
> index 8d4448c..8d24a47 100644
> --- a/MdeModulePkg/Universal/DriverSampleDxe/VfrStrings.uni
> +++ b/MdeModulePkg/Universal/DriverSampleDxe/VfrStrings.uni
> @@ -109,16 +109,12 @@
> #string STR_NUMERIC_HELP2 #language en-US "This is the help for
> those who are too old to understand the question. Adjust how old you are
> step by step. The valid range in this case is from 0 to 243 in step of 1. Let's
> see if you actually read this help and figure that out."
> #language fr-FR "This is the help for those who are too
> old to understand the question. Adjust how old you are step by step. The
> valid range in this case is from 0 to 243 in step of 1. Let's see if you actually
> read this help and figure that out."
> #string STR_NUMERIC_HELP3 #language en-US "This is the help for
> those who are curious about body height. Type how tall you are in a numeric
> value. The valid range in this case is from 0 to 190. Let's see if you actually
> read this help and figure that out."
> #language fr-FR "Ésta es la ayuda para los que sean
> demasiado viejos entender la pregunta. Pulse cómo es viejo usted está en
> años."
>
> -#string STR_PASSWORD_CALLBACK_PROMPT #language en-US "Set the
> system password - Interactive"
> - #language fr-FR "Cuál es la palabra mágica? - Interactive"
> #string STR_PASSWORD_PROMPT #language en-US "Set the system
> password"
> #language fr-FR "Cuál es la palabra mágica?"
> -#string STR_PASSWORD_HELP #language en-US "This is a system
> password which will likely be used by the BDS architecture in its platform
> portion of the code. There is a very simple encryption in this sample and the
> password will be stored in NVRAM in its encrypted form."
> - #language fr-FR "Esto es analgous a mí que le pregunta
> cuál es su palabra de paso."
> #string STR_TEXT_SECRUITY_TEST_TEXT #language en-US "Access only
> permitted for Admin"
> #language fr-FR "Access only permitted for Admin"
> #string STR_TEXT_SECRUITY_TEST_HELP #language en-US "If this label is
> not gray, then current user has admin access setup permission. If this label is
> gray, then current user has no admin access setup permission."
> #language fr-FR "If this label is not gray, then current user
> has admin access setup permission. If this label is gray, then current user has
> no admin access setup permission."
> #string STR_GOTO_FORM1 #language en-US "Enter Page 1"
> @@ -149,14 +145,10 @@
> #language fr-FR "Update the destination through
> "changing" call back type when user select it."
> #string STR_ERROR_INCONSISTENT #language en-US "This is my
> inconsistent error message"
> #language fr-FR "Éste es mi mensaje de error contrario."
> #string STR_ERROR_POPUP #language en-US "You typed in
> something bad!"
> #language fr-FR "Esto es un mensaje de error del
> popup."
> -#string STR_MY_STRING_PROMPT #language en-US "Password you
> typed in is"
> - #language fr-FR "Password you typed in is"
> -#string STR_MY_STRING_HELP #language en-US "This is my string
> help"
> - #language fr-FR "This is my string help"
> #string STR_MY_STRING_DEFAULT #language en-US "my password"
> #language fr-FR "my password"
> #string STR_MY_STRING_PROMPT2 #language en-US "String -
> Interactive"
> #language fr-FR "String - interactive"
> #string STR_MY_STRING_HELP2 #language en-US "This is my string
> help - Interactive"
> --
> 1.9.5.msysgit.1
prev parent reply other threads:[~2016-11-23 8:52 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-11-23 8:41 [PATCH v2] MdeModulePkg/DriverSample: Remove the password related codes Dandan Bi
2016-11-23 8:52 ` Gao, Liming [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4A89E2EF3DFEDB4C8BFDE51014F606A14B4B88EF@shsmsx102.ccr.corp.intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox