* [edk2-devel] [PATCH v5 0/6] EDK2-TEST TCG MOR Tests
@ 2024-04-09 4:45 Abhimanyu Singh
2024-04-09 4:45 ` [edk2-devel] [PATCH v5 1/6] uefi-sct/SctPkg: TCG Platform Reset Check Test Abhimanyu Singh
` (6 more replies)
0 siblings, 7 replies; 9+ messages in thread
From: Abhimanyu Singh @ 2024-04-09 4:45 UTC (permalink / raw)
To: devel; +Cc: Abhi Singh
Updates after feedback from Sunny <sunny.wang@arm.com>
-updated several SCT assertion string outputs
-these were done make the assertions more descriptive
-fixed the issue in patch 5/6 that contained stray chars
from a merge
Patch series:
These tests support platform firmware that implement
MemoryOverwriteRequestControl & MemoryOverwriteRequestControlLock
UEFI variables in accordance with TCG PC Platform Reset Attack
Mitigation Specification.
The patches are split according to the six sections
documented in the SCT spec document referenced below.
SCT spec: https://bugzilla.tianocore.org/show_bug.cgi?id=4374
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4419
Abhi Singh (5):
uefi-sct/SctPkg: TCG MOR SetVariable Test
uefi-sct/SctPkg: TCG MORLOCK SetVariable Test
uefi-sct/SctPkg: TCG MORLOCK Unlocked State Test
uefi-sct/SctPkg: TCG MORLOCK Locked No Key State Test
uefi-sct/SctPkg: TCG MORLOCK Locked with Key State Test
Abhi.Singh (1):
uefi-sct/SctPkg: TCG Platform Reset Check Test
uefi-sct/SctPkg/UEFI/UEFI_SCT.dsc | 1 +
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTest.inf | 53 +
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h | 271 +++
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h | 137 ++
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c | 127 ++
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c | 2390 ++++++++++++++++++++
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.c | 115 +
uefi-sct/SctPkg/CommonGenFramework.sh | 1 +
uefi-sct/SctPkg/Config/Data/Category.ini | 7 +
9 files changed, 3102 insertions(+)
create mode 100644 uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTest.inf
create mode 100644 uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h
create mode 100644 uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h
create mode 100644 uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c
create mode 100644 uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c
create mode 100644 uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.c
--
2.34.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#117519): https://edk2.groups.io/g/devel/message/117519
Mute This Topic: https://groups.io/mt/105416468/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply [flat|nested] 9+ messages in thread
* [edk2-devel] [PATCH v5 1/6] uefi-sct/SctPkg: TCG Platform Reset Check Test
2024-04-09 4:45 [edk2-devel] [PATCH v5 0/6] EDK2-TEST TCG MOR Tests Abhimanyu Singh
@ 2024-04-09 4:45 ` Abhimanyu Singh
2024-04-09 4:45 ` [edk2-devel] [PATCH v5 2/6] uefi-sct/SctPkg: TCG MOR SetVariable Test Abhimanyu Singh
` (5 subsequent siblings)
6 siblings, 0 replies; 9+ messages in thread
From: Abhimanyu Singh @ 2024-04-09 4:45 UTC (permalink / raw)
To: devel
Cc: Abhi.Singh, G Edhaya Chandran, Barton Gao, Carolyn Gjertsen,
Abhi Singh, Stuart Yoder
From: "Abhi.Singh" <Abhi.Singh@arm.com>
SCT spec: https://bugzilla.tianocore.org/show_bug.cgi?id=4374
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4419
-Implement initial test infrastructure for all test cases
including updates to: CommonGenFramework.sh, UEFI_SCT.dsc,
and Category.ini.
-Add Guid.c and Guid.h files to cover the assertions 4/49
assertions defined in the SCT spec
-Add TCGMemoryOverwriteRequestBBTestMain.h alongside used
define/global variables
-Add Platform Reset Check Test
-check if the platform creates the MOR & MORLOCK
EFI variables as defined in the TCG Spec
-sets MOR bit 0 and validate if the platform
clears the MOR bit 0 upon reset.
Cc: G Edhaya Chandran <edhaya.chandran@arm.com>
Cc: Barton Gao <gaojie@byosoft.com.cn>
Cc: Carolyn Gjertsen <carolyn.gjertsen@amd.com>
Signed-off-by: Abhi Singh <abhi.singh@arm.com>
Reviewed-by: Stuart Yoder <stuart.yoder@arm.com>
---
uefi-sct/SctPkg/UEFI/UEFI_SCT.dsc | 1 +
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTest.inf | 53 +++
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h | 46 ++
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h | 95 +++++
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c | 37 ++
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c | 451 ++++++++++++++++++++
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.c | 115 +++++
uefi-sct/SctPkg/CommonGenFramework.sh | 1 +
uefi-sct/SctPkg/Config/Data/Category.ini | 7 +
9 files changed, 806 insertions(+)
diff --git a/uefi-sct/SctPkg/UEFI/UEFI_SCT.dsc b/uefi-sct/SctPkg/UEFI/UEFI_SCT.dsc
index 155490fa39d3..536d5f2ed37a 100644
--- a/uefi-sct/SctPkg/UEFI/UEFI_SCT.dsc
+++ b/uefi-sct/SctPkg/UEFI/UEFI_SCT.dsc
@@ -235,6 +235,7 @@ [Components]
SctPkg/TestCase/UEFI/EFI/RuntimeServices/MiscRuntimeServices/BlackBoxTest/MiscRuntimeServicesBBTest.inf
SctPkg/TestCase/UEFI/EFI/RuntimeServices/TimeServices/BlackBoxTest/TimeServicesBBTest.inf
SctPkg/TestCase/UEFI/EFI/RuntimeServices/VariableServices/BlackBoxTest/VariableServicesBBTest.inf
+SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTest.inf
SctPkg/TestCase/UEFI/EFI/Protocol/GraphicsOutput/BlackBoxTest/GraphicsOutputBBTest.inf
SctPkg/TestCase/UEFI/EFI/Protocol/Bis/BlackBoxTest/BisBBTest.inf
diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTest.inf b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTest.inf
new file mode 100644
index 000000000000..35d82043e2e7
--- /dev/null
+++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTest.inf
@@ -0,0 +1,53 @@
+## @file
+#
+# Copyright 2006 - 2015 Unified EFI, Inc.<BR>
+# Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2023, Arm Inc. All rights reserved.<BR>
+#
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+#/*++
+#
+# Module Name:
+#
+# TCGMemoryOverwriteRequestBBTest.inf
+#
+# Abstract:
+#
+# Component description file for TCG MemoryOverwriteRequest UEFI variables Test.
+#
+#--*/
+
+[defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = TCGMemoryOverwriteRequestBBTest
+ FILE_GUID = ACA989CD-4AEE-45A3-B80F-E9A523BB7164
+ MODULE_TYPE = UEFI_DRIVER
+ VERSION_STRING = 1.0
+ ENTRY_POINT = InitializeTestTCGMemoryOverwriteRequest
+
+[sources.common]
+ TCGMemoryOverwriteRequestBBTestMain.c
+ TCGMemoryOverwriteRequestBBTestMain.h
+ TCGMemoryOverwriteRequestBBTestFunction.c
+ Guid.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+ SctPkg/SctPkg.dec
+ SctPkg/UEFI/UEFI.dec
+
+[LibraryClasses]
+ UefiDriverEntryPoint
+ SctLib
+ EfiTestLib
+
+[Protocols]
+ gEfiTestRecoveryLibraryGuid
diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h
new file mode 100644
index 000000000000..a3d87a3eb764
--- /dev/null
+++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h
@@ -0,0 +1,46 @@
+/** @file
+
+ Copyright 2006 - 2016 Unified EFI, Inc.<BR>
+ Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2023, Arm Inc. All rights reserved.<BR>
+
+ This program and the accompanying materials
+ are licensed and made available under the terms and conditions of the BSD License
+ which accompanies this distribution. The full text of the license may be found at
+ http://opensource.org/licenses/bsd-license.php
+
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+/*++
+
+Module Name:
+
+ guid.h
+
+Abstract:
+
+ GUIDs auto-generated for EFI test assertion.
+
+--*/
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_001_GUID \
+{ 0xd1c31d5f, 0x944f, 0x434c, {0x88, 0x26, 0xa6, 0xfb, 0x00, 0xd4, 0xbb, 0x97 }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_002_GUID \
+{ 0xa6c191b1, 0x9bfb, 0x4231, {0xb9, 0x2d, 0x4e, 0xa2, 0x21, 0xf6, 0x4b, 0x5d }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_003_GUID \
+{ 0x34d41a18, 0x8ffe, 0x456b, {0xa4, 0x82, 0x97, 0xb9, 0x9c, 0x50, 0x7d, 0x9e }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_004_GUID \
+{ 0x002519c6, 0x859f, 0x4d25, {0xb1, 0x36, 0xb2, 0xef, 0x61, 0xe5, 0xd9, 0x6f }}
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid001;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid002;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid003;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid004;
diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h
new file mode 100644
index 000000000000..45bd921ecca4
--- /dev/null
+++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h
@@ -0,0 +1,95 @@
+/** @file
+
+ Copyright 2006 - 2017 Unified EFI, Inc.<BR>
+ Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2023, Arm Inc. All rights reserved.<BR>
+
+ This program and the accompanying materials
+ are licensed and made available under the terms and conditions of the BSD License
+ which accompanies this distribution. The full text of the license may be found at
+ http://opensource.org/licenses/bsd-license.php
+
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+/*++
+
+Module Name:
+
+ TCGMemoryOverwriteRequestTest.h
+
+Abstract:
+
+ Test Driver of TCG MOR and MORLOCK EFI variables that are defined inside
+ TCG Platform Reset Attack Mitigation v1.10 Section 4 (UEFI Interface)
+
+--*/
+
+#ifndef _TCG_MOR_BB_TEST_MAIN
+#define _TCG_MOR_BB_TEST_MAIN
+
+#include "Efi.h"
+#include "Guid.h"
+#include <Library/EfiTestLib.h>
+#include <Guid/MemoryOverwriteControl.h>
+#include <IndustryStandard/MemoryOverwriteRequestControlLock.h>
+#include <SctLib.h>
+
+typedef struct _RESET_DATA {
+ UINTN Step;
+ UINTN CheckpointStep;
+} RESET_DATA;
+
+#include EFI_TEST_PROTOCOL_DEFINITION(TestRecoveryLibrary)
+
+#define TCG_MOR_TEST_REVISION 0x00010000
+
+#define MOR_BIT_LOW 0x0
+#define MOR_BIT_HIGH 0x1
+
+#define MOR_LOCK_DATA_UNLOCKED 0x0
+
+
+//
+// TEST GUID for TCG Platform Reset Attack Mitigation MemoryOverwriteRequest (MOR) Test
+//
+#define EFI_TCG_MOR_TEST_GUID \
+ { 0x265e661d, 0xd51e, 0x454b, {0xbb, 0xc9, 0x66, 0x5f, 0x46, 0xec, 0x0a, 0x04 }}
+
+EFI_STATUS
+EFIAPI
+InitializeTestTCGMemoryOverwriteRequest (
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_SYSTEM_TABLE *SystemTable
+ );
+
+EFI_STATUS
+EFIAPI
+UnloadTCGMemoryOverwriteRequestTest (
+ IN EFI_HANDLE ImageHandle
+ );
+
+EFI_STATUS
+BBTestTCGMemoryOverwriteRequestFunctionTest (
+ IN EFI_BB_TEST_PROTOCOL *This,
+ IN VOID *ClientInterface,
+ IN EFI_TEST_LEVEL TestLevel,
+ IN EFI_HANDLE SupportHandle
+ );
+
+EFI_STATUS
+TCGMemoryOverwriteRequestPlatformResetCheck (
+ IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib,
+ IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib,
+ IN RESET_DATA *ResetData
+ );
+
+// ****************************************************************************
+// Entry GUIDs for Test
+// ****************************************************************************
+
+#define EFI_TCG_MOR_TEST_ENTRY_GUID0101 \
+ { 0x2104436a, 0x77c8, 0x4514, {0xb7, 0xd7, 0xaa, 0x8a, 0x6b, 0xd1, 0x8d, 0xa4 }}
+
+#endif
diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c
new file mode 100644
index 000000000000..59c798a710f1
--- /dev/null
+++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c
@@ -0,0 +1,37 @@
+/** @file
+
+ Copyright 2006 - 2013 Unified EFI, Inc.<BR>
+ Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2023, Arm Inc. All rights reserved.<BR>
+
+ This program and the accompanying materials
+ are licensed and made available under the terms and conditions of the BSD License
+ which accompanies this distribution. The full text of the license may be found at
+ http://opensource.org/licenses/bsd-license.php
+
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+/*++
+
+Module Name:
+
+ guid.c
+
+Abstract:
+
+ GUIDs auto-generated for EFI test assertion.
+
+--*/
+
+#include "Efi.h"
+#include "Guid.h"
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid001 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_001_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid002 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_002_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid003 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_003_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid004 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_004_GUID;
diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c
new file mode 100644
index 000000000000..8acad88b2365
--- /dev/null
+++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c
@@ -0,0 +1,451 @@
+/** @file
+
+ Copyright 2006 - 2016 Unified EFI, Inc.<BR>
+ Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2023, Arm Inc. All rights reserved.<BR>
+
+ This program and the accompanying materials
+ are licensed and made available under the terms and conditions of the BSD License
+ which accompanies this distribution. The full text of the license may be found at
+ http://opensource.org/licenses/bsd-license.php
+
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+/*++
+
+Module Name:
+
+ TCGMemoryOverwriteRequestBBTestFunction.c
+
+Abstract:
+
+ Function Test Cases for the TCG MOR and MORLOCK EFI variables that are defined
+ in TCG Platform Reset Attack Mitigation v1.10 Section 4 (UEFI Interface)
+
+--*/
+
+#include "SctLib.h"
+#include "TCGMemoryOverwriteRequestBBTestMain.h"
+
+#define RECOVER_BUFFER_SIZE 2048
+
+#define TCG_MOR_VARIABLE_ATTRIBUTES (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS)
+
+#define CONTROL_PLATFORM_RESET_TEST 1
+
+#define CONTROL_SET_VARIABLE_TEST 2
+
+
+/**
+ * Entry point for TCG Platform Reset Attack Mitigation MemoryOverwrite EFI Variables Function Test.
+ * @param This A pointer to the EFI_BB_TEST_PROTOCOL instance.
+ * @param ClientInterface A pointer to the interface to be tested.
+ * @param TestLevel Test "thoroughness" control.
+ * @param SupportHandle A handle containing support protocols.
+ * @return EFI_SUCCESS Test cases ran Successfully, may still contain errors in assertions.
+ * @return Other value Something failed.
+ */
+EFI_STATUS
+BBTestTCGMemoryOverwriteRequestFunctionTest (
+ IN EFI_BB_TEST_PROTOCOL *This,
+ IN VOID *ClientInterface,
+ IN EFI_TEST_LEVEL TestLevel,
+ IN EFI_HANDLE SupportHandle
+ )
+{
+ EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib;
+ EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib;
+ EFI_STATUS Status;
+ RESET_DATA *ResetData;
+ UINT8 Buffer[RECOVER_BUFFER_SIZE];
+ UINTN Size;
+
+ ResetData = (RESET_DATA *)Buffer;
+
+ BOOLEAN CheckpointStepMatched = FALSE;
+
+ //
+ // Get the Standard Library Interface
+ //
+ Status = gtBS->OpenProtocol (
+ SupportHandle,
+ &gEfiStandardTestLibraryGuid,
+ (VOID **) &StandardLib,
+ gImageHandle,
+ NULL,
+ EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL
+ );
+ if (EFI_ERROR(Status)) {
+ return Status;
+ }
+
+ //
+ // Get the Recovery Library Interface
+ //
+ Status = gtBS->OpenProtocol (
+ SupportHandle,
+ &gEfiTestRecoveryLibraryGuid,
+ (VOID **) &RecoveryLib,
+ gImageHandle,
+ NULL,
+ EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL
+ );
+ if (EFI_ERROR(Status)) {
+ StandardLib->RecordAssertion (
+ StandardLib,
+ EFI_TEST_ASSERTION_FAILED,
+ gTestGenericFailureGuid,
+ L"BS.OpenProtocol - Handle recovery library",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+ return Status;
+ }
+
+ //
+ // Read reset record
+ //
+ Status = RecoveryLib->ReadResetRecord (
+ RecoveryLib,
+ &Size,
+ Buffer
+ );
+
+ //
+ // if ResetRecord has not been written to yet, or EFI_ERROR from reading reset record, start the test from beginning
+ //
+ if (EFI_ERROR(Status) || Size < sizeof(RESET_DATA)) {
+ ResetData->Step = 0;
+ Status = TCGMemoryOverwriteRequestPlatformResetCheck (StandardLib, RecoveryLib, ResetData);
+ //
+ // In the event that the MOR/MORLOCK variables do not exist in accordance to spec,
+ // or the WriteResetRecord returns EFI_ERROR, test ends prematurely
+ //
+ if(EFI_ERROR(Status)) {
+ return Status;
+ }
+ }
+
+ //
+ // Once TCGMemoryOverwriteRequestPlatformResetCheck has been invoked and ResetRecord written
+ // check ResetData->CheckpointStep for next test
+ //
+ if (ResetData->CheckpointStep == CONTROL_PLATFORM_RESET_TEST) {
+ //
+ // Test Checkpoint CONTROL_PLATFORM_RESET_TEST
+ //
+ Status = TCGMemoryOverwriteRequestPlatformResetCheck (StandardLib, RecoveryLib, ResetData);
+ if(EFI_ERROR(Status)) {
+ return Status;
+ }
+ CheckpointStepMatched = TRUE;
+ }
+
+ if (!CheckpointStepMatched) {
+ return EFI_INVALID_PARAMETER; // incase of invalid CheckpointStep, return EFI_INVALID_PARAMETER
+ }
+
+ //
+ // After all Checkpoints have run successfully
+ //
+ return EFI_SUCCESS;
+}
+
+
+/**
+ * Check MOR & MORLOCK EFI variables are correctly created by platform
+ * Initially setting MOR bit 0 is then cleared upon platform reset
+ * @param StandardLib A pointer to EFI_STANDARD_TEST_LIBRARY_PROTOCOL
+ * instance.
+ * @param RecoveryLib A pointer to EFI_TEST_RECOVERY_LIBRARY_PROTOCOL
+ * instance.
+ * @return EFI_SUCCESS Successfully.
+ * @return Other value Something failed.
+ */
+EFI_STATUS
+TCGMemoryOverwriteRequestPlatformResetCheck (
+ IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib,
+ IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib,
+ IN RESET_DATA *ResetData
+ )
+{
+ EFI_STATUS Status;
+ EFI_TEST_ASSERTION Result;
+ UINTN DataSize;
+ UINT8 MemoryOverwriteRequestControlData;
+ UINT8 MemoryOverwriteRequestControlLockData;
+ UINT32 Attributes;
+
+ //
+ // Check Step to see which part of test remains to be executed
+ //
+ switch (ResetData->Step) {
+ case 0:
+ goto INITIAL_RESET;
+ case 1:
+ goto MOR_VARIABLE_CHECK;
+ case 2:
+ goto MOR_BIT_CLEAR_ON_RESET;
+ default:
+ return EFI_INVALID_PARAMETER;
+ }
+
+INITIAL_RESET:
+ //
+ // Perform initial plaform reset
+ //
+ ResetData->Step = 1;
+ ResetData->CheckpointStep = CONTROL_PLATFORM_RESET_TEST;
+
+ Status = RecoveryLib->WriteResetRecord (
+ RecoveryLib,
+ sizeof (RESET_DATA),
+ (UINT8*)ResetData
+ );
+ if (EFI_ERROR(Status)) {
+ StandardLib->RecordAssertion (
+ StandardLib,
+ EFI_TEST_ASSERTION_FAILED,
+ gTestGenericFailureGuid,
+ L"TestRecoveryLib - WriteResetRecord",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+ return Status;
+ }
+
+ SctPrint (L"System will cold reset after 1 second and test will be resumed after reboot.");
+ Status = gtBS->Stall(1000000);
+ if (EFI_ERROR(Status)) {
+ // Handle stall error
+ SctPrint(L"Error: Failed to stall the system.\n");
+ return Status;
+ }
+ gtRT->ResetSystem (
+ EfiResetCold,
+ EFI_SUCCESS,
+ 0,
+ NULL
+ );
+ SctPrint(L"Error: Failed to perform a cold reset.\n");
+ return EFI_DEVICE_ERROR;
+
+MOR_VARIABLE_CHECK:
+ //
+ // Post system reset, Check if the MOR variable is correctly created by platform
+ //
+
+ // Write reset record before the second reset (MOR_BIT_CLEAR_ON_RESET)
+ ResetData->Step = 2;
+ ResetData->CheckpointStep = CONTROL_PLATFORM_RESET_TEST;
+
+ Status = RecoveryLib->WriteResetRecord (
+ RecoveryLib,
+ sizeof (RESET_DATA),
+ (UINT8*)ResetData
+ );
+ if (EFI_ERROR(Status)) {
+ StandardLib->RecordAssertion (
+ StandardLib,
+ EFI_TEST_ASSERTION_FAILED,
+ gTestGenericFailureGuid,
+ L"TestRecoveryLib - WriteResetRecord",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+ return Status;
+ }
+
+ //
+ // GetVariable and check if the DataSize and Attributes are as expected
+ //
+ DataSize = sizeof(MemoryOverwriteRequestControlData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+
+ Status = gtRT->GetVariable (
+ L"MemoryOverwriteRequestControl", // VariableName
+ &gEfiMemoryOverwriteControlDataGuid, // VendorGuid
+ &Attributes, // Attributes
+ &DataSize, // DataSize
+ &MemoryOverwriteRequestControlData // Data
+ );
+ if (EFI_ERROR (Status) || (DataSize != 1) || (Attributes != TCG_MOR_VARIABLE_ATTRIBUTES)) {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ } else {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid001,
+ L"MemoryOverwriteRequestControl - Validate that the MOR Variable is created by the platform in accordance with TCG Spec",
+ L"%a:%d:Status - %r, DataSize - %d, Attributes - %x",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status,
+ (UINTN)DataSize,
+ (UINTN)Attributes
+ );
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ //
+ // Set MemoryOverwriteRequestControlData bit 0 and verify the platform clears bit 0 upon system reset
+ // MOR bit 0 indicates to platform firmware that system memory must be wiped during platform initialization
+ //
+ DataSize = sizeof(MemoryOverwriteRequestControlData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+ MemoryOverwriteRequestControlData |= MOR_BIT_HIGH << MOR_CLEAR_MEMORY_BIT_OFFSET;
+
+ Status = gtRT->SetVariable (
+ L"MemoryOverwriteRequestControl", // VariableName
+ &gEfiMemoryOverwriteControlDataGuid, // VendorGuid
+ Attributes, // Attributes
+ DataSize, // DataSize
+ &MemoryOverwriteRequestControlData // Data
+ );
+ if (Status == EFI_SUCCESS) {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ }else {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid002,
+ L"MemoryOverwriteRequestControl - SetVariable() with MOR bit 0 set high returns EFI_SUCCESS",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ // Cold reset system again for step 2
+ SctPrint (L"System will cold reset after 1 second and test will be resumed after reboot.");
+ Status = gtBS->Stall(1000000);
+ if (EFI_ERROR(Status)) {
+ // Handle stall error
+ SctPrint(L"Error: Failed to stall the system.\n");
+ return Status;
+ }
+ gtRT->ResetSystem (
+ EfiResetCold,
+ EFI_SUCCESS,
+ 0,
+ NULL
+ );
+ SctPrint(L"Error: Failed to perform a cold reset.\n");
+ return EFI_DEVICE_ERROR;
+
+MOR_BIT_CLEAR_ON_RESET:
+ //
+ // Clear Step count and increment checkpoint for next test
+ //
+
+ ResetData->Step = 0;
+ ResetData->CheckpointStep = CONTROL_SET_VARIABLE_TEST;
+
+ Status = RecoveryLib->WriteResetRecord (
+ RecoveryLib,
+ sizeof (RESET_DATA),
+ (UINT8*)ResetData
+ );
+ if (EFI_ERROR(Status)) {
+ StandardLib->RecordAssertion (
+ StandardLib,
+ EFI_TEST_ASSERTION_FAILED,
+ gTestGenericFailureGuid,
+ L"TestRecoveryLib - WriteResetRecord",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+ return Status;
+ }
+
+ //
+ // Check if the platform has cleared the set MOR bit 0 on reset
+ //
+ DataSize = sizeof(MemoryOverwriteRequestControlData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+
+ Status = gtRT->GetVariable (
+ L"MemoryOverwriteRequestControl", // VariableName
+ &gEfiMemoryOverwriteControlDataGuid, // VendorGuid
+ &Attributes, // Attributes
+ &DataSize, // DataSize
+ &MemoryOverwriteRequestControlData // Data
+ );
+ if (EFI_ERROR (Status) || (MOR_CLEAR_MEMORY_VALUE (MemoryOverwriteRequestControlData) != MOR_BIT_LOW)) {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ } else {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid003,
+ L"MemoryOverwriteRequestControl - Validate that MOR bit 0 is cleared after a cold reset when the bit 0 is initially set",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ //
+ // Verify MemoryOverwriteRequestControlLock is created as defined in the TCG Platform Reset Attack Mitigation spec
+ //
+ DataSize = sizeof(MemoryOverwriteRequestControlLockData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+
+ Status = gtRT->GetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ &Attributes, // Attributes
+ &DataSize, // DataSize
+ &MemoryOverwriteRequestControlLockData // Data
+ );
+ if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData != MOR_LOCK_DATA_UNLOCKED) ||
+ (DataSize != 1) || (Attributes != TCG_MOR_VARIABLE_ATTRIBUTES)) {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ } else {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid004,
+ L"MemoryOverwriteRequestControlLock - Validate that MORLOCK is created by the platform in accordance with the TCG Spec",
+ L"%a:%d:Status - %r, DataSize - %d, Attributes - %x",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status,
+ (UINTN)DataSize,
+ (UINTN)Attributes
+ );
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ return EFI_SUCCESS;
+}
diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.c
new file mode 100644
index 000000000000..db01df9db5e2
--- /dev/null
+++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.c
@@ -0,0 +1,115 @@
+/** @file
+
+ Copyright 2006 - 2016 Unified EFI, Inc.<BR>
+ Copyright (c) 2023, Arm Inc. All rights reserved.<BR>
+
+ This program and the accompanying materials
+ are licensed and made available under the terms and conditions of the BSD License
+ which accompanies this distribution. The full text of the license may be found at
+ http://opensource.org/licenses/bsd-license.php
+
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+/*++
+
+Module Name:
+
+ TCG2MORTestMain.c
+
+Abstract:
+
+ for EFI Driver TCG MemoryOverwriteRequest Test
+
+--*/
+#include "SctLib.h"
+#include "TCGMemoryOverwriteRequestBBTestMain.h"
+
+EFI_GUID gEfiMemoryOverwriteControlDataGuid = MEMORY_ONLY_RESET_CONTROL_GUID;
+
+EFI_GUID gEfiMemoryOverwriteRequestControlLockGuid = MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_GUID;
+
+EFI_BB_TEST_PROTOCOL_FIELD gEfiTCGMemoryOverwriteRequestTestProtocolField = {
+ TCG_MOR_TEST_REVISION,
+ EFI_TCG_MOR_TEST_GUID,
+ L"TCG MemoryOverwriteRequest Test",
+ L"TCG MemoryOverwriteRequest Functionality Test"
+};
+
+EFI_GUID gSupportProtocolGuid1[2] = {
+ EFI_STANDARD_TEST_LIBRARY_GUID,
+ EFI_NULL_GUID
+};
+
+EFI_BB_TEST_ENTRY_FIELD gLoadTCGMemoryOverwriteRequestEntryField[] = {
+
+ {
+ EFI_TCG_MOR_TEST_ENTRY_GUID0101,
+ L"Test MOR and MORLOCK",
+ L"Test for MOR and MORLOCK EFI variables in accordance with TCG spec",
+ EFI_TEST_LEVEL_DEFAULT,
+ gSupportProtocolGuid1,
+ EFI_TEST_CASE_AUTO,
+ BBTestTCGMemoryOverwriteRequestFunctionTest
+ },
+
+ EFI_NULL_GUID
+};
+
+EFI_BB_TEST_PROTOCOL *gTCGMemoryOverwriteRequestTestProt;
+
+
+EFI_STATUS
+EFIAPI
+UnloadTCGMemoryOverwriteRequestTest (
+ IN EFI_HANDLE ImageHandle
+ );
+
+/**
+ * Creates/installs the BlackBox Interface and eminating Entry Point node list.
+ * @param ImageHandle The test driver image handle
+ * @param SystemTable Pointer to System Table
+ * @return EFI_SUCCESS Indicates the interface was installed
+ * @return EFI_OUT_OF_RESOURCES Indicates space for the new handle could not be allocated
+ * @return EFI_INVALID_PARAMETER: One of the parameters has an invalid value.
+ */
+EFI_STATUS
+EFIAPI
+InitializeTestTCGMemoryOverwriteRequest (
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_SYSTEM_TABLE *SystemTable
+ )
+{
+ //
+ // initialize test utility lib
+ //
+ EfiInitializeTestLib (ImageHandle, SystemTable);
+ SctInitializeLib (ImageHandle, SystemTable);
+
+ return EfiInitAndInstallBBTestInterface (
+ &ImageHandle,
+ &gEfiTCGMemoryOverwriteRequestTestProtocolField,
+ gLoadTCGMemoryOverwriteRequestEntryField,
+ UnloadTCGMemoryOverwriteRequestTest,
+ &gTCGMemoryOverwriteRequestTestProt
+ );
+}
+
+
+/**
+ * Unloads the BlackBox Interface and the Entry Point list.
+ * @param ImageHandle The image handle.
+ * @return EFI_SUCCESS The interface was uninstalled successfully.
+ */
+EFI_STATUS
+EFIAPI
+UnloadTCGMemoryOverwriteRequestTest (
+ IN EFI_HANDLE ImageHandle
+ )
+{
+ return EfiUninstallAndFreeBBTestInterface (
+ ImageHandle,
+ gTCGMemoryOverwriteRequestTestProt
+ );
+}
diff --git a/uefi-sct/SctPkg/CommonGenFramework.sh b/uefi-sct/SctPkg/CommonGenFramework.sh
index fb9043b56bca..886e7eb7596b 100755
--- a/uefi-sct/SctPkg/CommonGenFramework.sh
+++ b/uefi-sct/SctPkg/CommonGenFramework.sh
@@ -226,6 +226,7 @@ then
if [ -e $ProcessorType/RiscVBootProtocolBBTest.efi ]; then
cp $ProcessorType/RiscVBootProtocolBBTest.efi $Framework/Test/ > NUL
fi
+ cp $ProcessorType/TCGMemoryOverwriteRequestBBTest.efi $Framework/Test/ > NUL
# *********************************************
# Copy ENTS binary
diff --git a/uefi-sct/SctPkg/Config/Data/Category.ini b/uefi-sct/SctPkg/Config/Data/Category.ini
index b34d35db9ac8..bf02ccea9218 100644
--- a/uefi-sct/SctPkg/Config/Data/Category.ini
+++ b/uefi-sct/SctPkg/Config/Data/Category.ini
@@ -165,6 +165,13 @@ InterfaceGuid = AFF115FB-387B-4C18-8C41-6AFC7F03BB90
Name = RuntimeServicesTest\MiscRuntimeServicesTest
Description =
+[Category Data]
+Revision = 0x00010000
+CategoryGuid = 265E661D-D51E-454B-BBC9-665F46EC0A04
+InterfaceGuid = AFF115FB-387B-4C18-8C41-6AFC7F03BB90
+Name = RuntimeServicesTest\TCGMemoryOverwriteRequestTest
+Description = Test TCG Platform Reset Attack Mitigation EFI variables
+
[Category Data]
Revision = 0x00010000
CategoryGuid = 5B1B31A1-9562-11D2-8E3F-00A0C969723B
--
2.34.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#117520): https://edk2.groups.io/g/devel/message/117520
Mute This Topic: https://groups.io/mt/105416469/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [edk2-devel] [PATCH v5 2/6] uefi-sct/SctPkg: TCG MOR SetVariable Test
2024-04-09 4:45 [edk2-devel] [PATCH v5 0/6] EDK2-TEST TCG MOR Tests Abhimanyu Singh
2024-04-09 4:45 ` [edk2-devel] [PATCH v5 1/6] uefi-sct/SctPkg: TCG Platform Reset Check Test Abhimanyu Singh
@ 2024-04-09 4:45 ` Abhimanyu Singh
2024-04-09 4:45 ` [edk2-devel] [PATCH v5 3/6] uefi-sct/SctPkg: TCG MORLOCK " Abhimanyu Singh
` (4 subsequent siblings)
6 siblings, 0 replies; 9+ messages in thread
From: Abhimanyu Singh @ 2024-04-09 4:45 UTC (permalink / raw)
To: devel
Cc: Abhi Singh, G Edhaya Chandran, Barton Gao, Carolyn Gjertsen,
Abhi Singh, Stuart Yoder
SCT spec: https://bugzilla.tianocore.org/show_bug.cgi?id=4374
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4419
-Implement MemoryOverwriteRequestControlSetVariable test cases
-Add Assertions 5 and 6 from SCT spec
-Add Test Case to MemoryOverwriteRequestFunctionTest
Cc: G Edhaya Chandran <edhaya.chandran@arm.com>
Cc: Barton Gao <gaojie@byosoft.com.cn>
Cc: Carolyn Gjertsen <carolyn.gjertsen@amd.com>
Signed-off-by: Abhi Singh <abhi.singh@arm.com>
Reviewed-by: Stuart Yoder <stuart.yoder@arm.com>
---
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h | 10 ++
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h | 7 +
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c | 4 +
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c | 141 ++++++++++++++++++++
4 files changed, 162 insertions(+)
diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h
index a3d87a3eb764..1d6d86ebed07 100644
--- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h
+++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h
@@ -37,6 +37,12 @@ Abstract:
#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_004_GUID \
{ 0x002519c6, 0x859f, 0x4d25, {0xb1, 0x36, 0xb2, 0xef, 0x61, 0xe5, 0xd9, 0x6f }}
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_005_GUID \
+{ 0x13e97668, 0xe905, 0x452d, {0xa0, 0x72, 0x03, 0xde, 0xbf, 0x53, 0xdf, 0xa2 }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_006_GUID \
+{ 0x94811e97, 0x7513, 0x4099, {0xae, 0xb8, 0x5a, 0x7e, 0x7d, 0x50, 0xb4, 0x99 }}
+
extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid001;
extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid002;
@@ -44,3 +50,7 @@ extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid002;
extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid003;
extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid004;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid005;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid006;
diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h
index 45bd921ecca4..46c2c2faa388 100644
--- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h
+++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h
@@ -85,6 +85,13 @@ TCGMemoryOverwriteRequestPlatformResetCheck (
IN RESET_DATA *ResetData
);
+EFI_STATUS
+TCGMemoryOverwriteRequestControlSetVariable (
+ IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib,
+ IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib,
+ IN RESET_DATA *ResetData
+ );
+
// ****************************************************************************
// Entry GUIDs for Test
// ****************************************************************************
diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c
index 59c798a710f1..649de8196990 100644
--- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c
+++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c
@@ -35,3 +35,7 @@ EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid002 = EFI_TEST_TCGMO
EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid003 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_003_GUID;
EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid004 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_004_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid005 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_005_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid006 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_006_GUID;
diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c
index 8acad88b2365..2b9f5dd93a32 100644
--- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c
+++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c
@@ -37,6 +37,8 @@ Abstract:
#define CONTROL_SET_VARIABLE_TEST 2
+#define LOCK_SET_VARIABLE_TEST 3
+
/**
* Entry point for TCG Platform Reset Attack Mitigation MemoryOverwrite EFI Variables Function Test.
@@ -144,6 +146,16 @@ BBTestTCGMemoryOverwriteRequestFunctionTest (
}
CheckpointStepMatched = TRUE;
}
+ if (ResetData->CheckpointStep == CONTROL_SET_VARIABLE_TEST) {
+ //
+ // Test Checkpoint CONTROL_SET_VARIABLE_TEST
+ //
+ Status = TCGMemoryOverwriteRequestControlSetVariable (StandardLib, RecoveryLib, ResetData);
+ if(EFI_ERROR(Status)) {
+ return Status;
+ }
+ CheckpointStepMatched = TRUE;
+ }
if (!CheckpointStepMatched) {
return EFI_INVALID_PARAMETER; // incase of invalid CheckpointStep, return EFI_INVALID_PARAMETER
@@ -449,3 +461,132 @@ MOR_BIT_CLEAR_ON_RESET:
return EFI_SUCCESS;
}
+
+
+/**
+ * MemoryOverwriteRequestControl EFI variable SetVariable() requests with a single invalid parameter
+ * @param StandardLib A pointer to EFI_STANDARD_TEST_LIBRARY_PROTOCOL
+ * instance.
+ * @param RecoveryLib A pointer to EFI_TEST_RECOVERY_LIBRARY_PROTOCOL
+ * instance.
+ * @return EFI_SUCCESS Successfully.
+ * @return Other value Something failed.
+ */
+EFI_STATUS
+TCGMemoryOverwriteRequestControlSetVariable (
+ IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib,
+ IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib,
+ IN RESET_DATA *ResetData
+ )
+{
+ EFI_STATUS Status;
+ EFI_TEST_ASSERTION Result;
+ UINTN DataSize;
+ UINT8 MemoryOverwriteRequestControlData;
+ UINT8 MemoryOverwriteRequestControlDataCached;
+ UINT32 Attributes;
+
+ //
+ // Write reset record to initiate checkpoint LOCK_SET_VARIABLE_TEST after these assertions are complete
+ //
+ ResetData->Step = 0;
+ ResetData->CheckpointStep = LOCK_SET_VARIABLE_TEST;
+
+ Status = RecoveryLib->WriteResetRecord (
+ RecoveryLib,
+ sizeof (RESET_DATA),
+ (UINT8*)ResetData
+ );
+ if (EFI_ERROR(Status)) {
+ StandardLib->RecordAssertion (
+ StandardLib,
+ EFI_TEST_ASSERTION_FAILED,
+ gTestGenericFailureGuid,
+ L"TestRecoveryLib - WriteResetRecord",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+ return Status;
+ }
+
+ //
+ // MOR SetVariable() with invalid Attributes == NV + BS returns EFI_INVALID_PARAMETER and value is unchanged
+ // SetVariable() with MOR bit 0 set and invalid Attributes = NV + BS
+ //
+ DataSize = sizeof(MemoryOverwriteRequestControlData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+
+ Status = gtRT->GetVariable (
+ L"MemoryOverwriteRequestControl", // VariableName
+ &gEfiMemoryOverwriteControlDataGuid, // VendorGuid
+ &Attributes, // Attributes
+ &DataSize, // DataSize
+ &MemoryOverwriteRequestControlData // Data
+ );
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ // caching variable for later comparison with the second GetVariable() value
+ MemoryOverwriteRequestControlDataCached = MemoryOverwriteRequestControlData;
+
+ DataSize = sizeof(MemoryOverwriteRequestControlData);
+ Attributes = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS;
+ MemoryOverwriteRequestControlData |= MOR_BIT_HIGH << MOR_CLEAR_MEMORY_BIT_OFFSET;
+
+ Status = gtRT->SetVariable (
+ L"MemoryOverwriteRequestControl", // VariableName
+ &gEfiMemoryOverwriteControlDataGuid, // VendorGuid
+ Attributes, // Attributes
+ DataSize, // DataSize
+ &MemoryOverwriteRequestControlData // Data
+ );
+ if (Status == EFI_INVALID_PARAMETER) {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ } else {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid005,
+ L"MemoryOverwriteRequestControl - SetVariable() with Attributes == NV returns EFI_INVALID_PARAMETER",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ DataSize = sizeof(MemoryOverwriteRequestControlData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+
+ Status = gtRT->GetVariable (
+ L"MemoryOverwriteRequestControl", // VariableName
+ &gEfiMemoryOverwriteControlDataGuid, // VendorGuid
+ &Attributes, // Attributes
+ &DataSize, // DataSize
+ &MemoryOverwriteRequestControlData // Data
+ );
+ // verifying that the MOR variable has not been modified with SetVariable()
+ if (MemoryOverwriteRequestControlDataCached == MemoryOverwriteRequestControlData) {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ } else {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid006,
+ L"MemoryOverwriteRequestControl - SetVariable() with Attributes == NV variable value remains unchanged",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ return EFI_SUCCESS;
+}
--
2.34.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#117521): https://edk2.groups.io/g/devel/message/117521
Mute This Topic: https://groups.io/mt/105416470/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [edk2-devel] [PATCH v5 3/6] uefi-sct/SctPkg: TCG MORLOCK SetVariable Test
2024-04-09 4:45 [edk2-devel] [PATCH v5 0/6] EDK2-TEST TCG MOR Tests Abhimanyu Singh
2024-04-09 4:45 ` [edk2-devel] [PATCH v5 1/6] uefi-sct/SctPkg: TCG Platform Reset Check Test Abhimanyu Singh
2024-04-09 4:45 ` [edk2-devel] [PATCH v5 2/6] uefi-sct/SctPkg: TCG MOR SetVariable Test Abhimanyu Singh
@ 2024-04-09 4:45 ` Abhimanyu Singh
2024-04-09 4:45 ` [edk2-devel] [PATCH v5 4/6] uefi-sct/SctPkg: TCG MORLOCK Unlocked State Test Abhimanyu Singh
` (3 subsequent siblings)
6 siblings, 0 replies; 9+ messages in thread
From: Abhimanyu Singh @ 2024-04-09 4:45 UTC (permalink / raw)
To: devel
Cc: Abhi Singh, G Edhaya Chandran, Barton Gao, Carolyn Gjertsen,
Abhi Singh, Stuart Yoder
SCT spec: https://bugzilla.tianocore.org/show_bug.cgi?id=4374
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4419
-Implement MemoryOverwriteRequestControlLockSetVariable test
cases
-Add Assertions 7 through 16 from SCT spec
-Add Test Case to MemoryOverwriteRequestFunctionTest
Cc: G Edhaya Chandran <edhaya.chandran@arm.com>
Cc: Barton Gao <gaojie@byosoft.com.cn>
Cc: Carolyn Gjertsen <carolyn.gjertsen@amd.com>
Signed-off-by: Abhi Singh <abhi.singh@arm.com>
Reviewed-by: Stuart Yoder <stuart.yoder@arm.com>
---
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h | 50 +++
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h | 8 +
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c | 20 +
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c | 418 ++++++++++++++++++++
4 files changed, 496 insertions(+)
diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h
index 1d6d86ebed07..891f494dbc70 100644
--- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h
+++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h
@@ -43,6 +43,36 @@ Abstract:
#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_006_GUID \
{ 0x94811e97, 0x7513, 0x4099, {0xae, 0xb8, 0x5a, 0x7e, 0x7d, 0x50, 0xb4, 0x99 }}
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_007_GUID \
+{ 0x15378290, 0x17dd, 0x4cbf, {0x8e, 0x8f, 0xc2, 0x4b, 0xc9, 0x09, 0xb4, 0x14 }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_008_GUID \
+{ 0x5f0b42ef, 0x3cec, 0x46ad, {0xbc, 0x5b, 0xc3, 0x7a, 0x1d, 0x45, 0x41, 0x29 }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_009_GUID \
+{ 0x9665c8d9, 0x267c, 0x4393, {0xa4, 0x72, 0x10, 0x54, 0x43, 0x56, 0x20, 0x21 }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_010_GUID \
+{ 0xce655812, 0xcc40, 0x42b0, {0x80, 0xd1, 0xa7, 0x26, 0xdb, 0x14, 0x9e, 0xa8 }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_011_GUID \
+{ 0xd34348ad, 0x5d46, 0x4961, {0x91, 0x3e, 0xb1, 0xf2, 0xc5, 0xe7, 0x0f, 0x7d }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_012_GUID \
+{ 0x838311e0, 0x419a, 0x4c92, {0x90, 0x60, 0xbf, 0x94, 0x59, 0xd3, 0xc3, 0x59 }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_013_GUID \
+{ 0x12998a9c, 0xc863, 0x4572, {0x80, 0x6c, 0xb6, 0x40, 0x97, 0x91, 0x89, 0x7f }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_014_GUID \
+{ 0xebd4ba26, 0x44c3, 0x464a, {0x88, 0xe3, 0x3b, 0x44, 0x94, 0x88, 0xbb, 0xb8 }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_015_GUID \
+{ 0x00920c8e, 0x241d, 0x4da0, {0x8b, 0x59, 0xc3, 0xad, 0xe0, 0xd6, 0x4e, 0xc9 }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_016_GUID \
+{ 0x169a43cc, 0x23fa, 0x4887, {0x8b, 0x4f, 0x11, 0xb2, 0xa0, 0x88, 0x4f, 0x63 }}
+
extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid001;
extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid002;
@@ -54,3 +84,23 @@ extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid004;
extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid005;
extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid006;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid007;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid008;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid009;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid010;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid011;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid012;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid013;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid014;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid015;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid016;
diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h
index 46c2c2faa388..553959762be8 100644
--- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h
+++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h
@@ -49,6 +49,7 @@ typedef struct _RESET_DATA {
#define MOR_BIT_HIGH 0x1
#define MOR_LOCK_DATA_UNLOCKED 0x0
+#define MOR_LOCK_DATA_LOCKED_WITHOUT_KEY 0x1
//
@@ -92,6 +93,13 @@ TCGMemoryOverwriteRequestControlSetVariable (
IN RESET_DATA *ResetData
);
+EFI_STATUS
+TCGMemoryOverwriteRequestControlLockSetVariable (
+ IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib,
+ IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib,
+ IN RESET_DATA *ResetData
+ );
+
// ****************************************************************************
// Entry GUIDs for Test
// ****************************************************************************
diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c
index 649de8196990..d861c44e3960 100644
--- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c
+++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c
@@ -39,3 +39,23 @@ EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid004 = EFI_TEST_TCGMO
EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid005 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_005_GUID;
EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid006 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_006_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid007 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_007_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid008 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_008_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid009 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_009_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid010 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_010_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid011 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_011_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid012 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_012_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid013 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_013_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid014 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_014_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid015 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_015_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid016 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_016_GUID;
diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c
index 2b9f5dd93a32..f0c6029c9afb 100644
--- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c
+++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c
@@ -39,6 +39,8 @@ Abstract:
#define LOCK_SET_VARIABLE_TEST 3
+#define LOCK_UNLOCKED_STATE_TEST 4
+
/**
* Entry point for TCG Platform Reset Attack Mitigation MemoryOverwrite EFI Variables Function Test.
@@ -156,6 +158,16 @@ BBTestTCGMemoryOverwriteRequestFunctionTest (
}
CheckpointStepMatched = TRUE;
}
+ if (ResetData->CheckpointStep == LOCK_SET_VARIABLE_TEST) {
+ //
+ // Test Checkpoint LOCK_SET_VARIABLE_TEST
+ //
+ Status = TCGMemoryOverwriteRequestControlLockSetVariable (StandardLib, RecoveryLib, ResetData);
+ if(EFI_ERROR(Status)) {
+ return Status;
+ }
+ CheckpointStepMatched = TRUE;
+ }
if (!CheckpointStepMatched) {
return EFI_INVALID_PARAMETER; // incase of invalid CheckpointStep, return EFI_INVALID_PARAMETER
@@ -590,3 +602,409 @@ TCGMemoryOverwriteRequestControlSetVariable (
return EFI_SUCCESS;
}
+
+
+/**
+ * MemoryOverwriteRequestControlLock SetVariable() with different variations
+ * of only a single invalid parameter being passed, with the rest parameters being valid
+ * @param StandardLib A pointer to EFI_STANDARD_TEST_LIBRARY_PROTOCOL
+ * instance.
+ * @param RecoveryLib A pointer to EFI_TEST_RECOVERY_LIBRARY_PROTOCOL
+ * instance.
+ * @param ResetData A pointer to the ResetData buffer which is used throughout the
+ * test
+ * @return EFI_SUCCESS Successfully.
+ * @return Other value Something failed.
+ */
+EFI_STATUS
+TCGMemoryOverwriteRequestControlLockSetVariable (
+ IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib,
+ IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib,
+ IN RESET_DATA *ResetData
+ )
+{
+ EFI_STATUS Status;
+ EFI_TEST_ASSERTION Result;
+ UINTN DataSize;
+ UINT8 MemoryOverwriteRequestControlLockData;
+ UINT32 Attributes;
+
+ //
+ // Check Step to see which part of test remains to be executed
+ //
+ switch (ResetData->Step) {
+ case 0:
+ goto INITIAL_RESET;
+ case 1:
+ goto MORLOCK_SET_VARIABLE;
+ default:
+ return EFI_INVALID_PARAMETER;
+ }
+
+INITIAL_RESET:
+ //
+ // Reset MORLOCK variable by performing a cold reset
+ //
+
+ ResetData->Step = 1;
+ ResetData->CheckpointStep = LOCK_SET_VARIABLE_TEST;
+
+ Status = RecoveryLib->WriteResetRecord (
+ RecoveryLib,
+ sizeof (RESET_DATA),
+ (UINT8*)ResetData
+ );
+ if (EFI_ERROR(Status)) {
+ StandardLib->RecordAssertion (
+ StandardLib,
+ EFI_TEST_ASSERTION_FAILED,
+ gTestGenericFailureGuid,
+ L"TestRecoveryLib - WriteResetRecord",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+ return Status;
+ }
+
+ SctPrint (L"System will cold reset after 1 second and test will be resumed after reboot.");
+ Status = gtBS->Stall(1000000);
+ if (EFI_ERROR(Status)) {
+ // Handle stall error
+ SctPrint(L"Error: Failed to stall the system.\n");
+ return Status;
+ }
+ gtRT->ResetSystem (
+ EfiResetCold,
+ EFI_SUCCESS,
+ 0,
+ NULL
+ );
+ SctPrint(L"Error: Failed to perform a cold reset.\n");
+ return EFI_DEVICE_ERROR;
+
+MORLOCK_SET_VARIABLE:
+ //
+ // reset step count and Update Checkpoint to LOCK_UNLOCKED_STATE_TEST
+ //
+
+ ResetData->Step = 0;
+ ResetData->CheckpointStep = LOCK_UNLOCKED_STATE_TEST;
+
+ Status = RecoveryLib->WriteResetRecord (
+ RecoveryLib,
+ sizeof (RESET_DATA),
+ (UINT8*)ResetData
+ );
+ if (EFI_ERROR(Status)) {
+ StandardLib->RecordAssertion (
+ StandardLib,
+ EFI_TEST_ASSERTION_FAILED,
+ gTestGenericFailureGuid,
+ L"TestRecoveryLib - WriteResetRecord",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+ return Status;
+ }
+
+ // MORLOCK SetVariable() to locked-without-key with valid GUID, variable name, Data, and DataSize
+ // except for invalid Attributes value == 0
+ // verify SetVariable() returns EFI_WRITE_PROTECTED and GetVariable() returns a Data Value == 0
+ DataSize = sizeof(MemoryOverwriteRequestControlLockData);
+ Attributes = 0;
+ MemoryOverwriteRequestControlLockData = MOR_LOCK_DATA_LOCKED_WITHOUT_KEY;
+
+ Status = gtRT->SetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ Attributes, // Attributes
+ DataSize, // DataSize
+ &MemoryOverwriteRequestControlLockData // Data
+ );
+ if (Status == EFI_WRITE_PROTECTED) {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ } else {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid007,
+ L"MemoryOverwriteRequestControlLock - SetVariable() with Attributes == 0 returns EFI_WRITE_PROTECTED",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ // change Attributes to valid before GetVariable() to check that MORLOCK value is still 0x00 or unlocked
+ DataSize = sizeof(MemoryOverwriteRequestControlLockData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+
+ Status = gtRT->GetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ &Attributes, // Attributes
+ &DataSize, // DataSize
+ &MemoryOverwriteRequestControlLockData // Data
+ );
+ if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData != MOR_LOCK_DATA_UNLOCKED)) {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ } else {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ }
+
+ // Check that MORLOCK remains unlocked after previous operation
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid008,
+ L"MemoryOverwriteRequestControlLock - Lock value remains unlocked",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ // MORLOCK SetVariable() to locked-without-key with valid GUID, variable name, Data, and Attributes
+ // except for invalid DataSize == 0
+ // verify SetVariable() returns EFI_WRITE_PROTECTED and GetVariable() returns a Data Value == 0
+ DataSize = 0;
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+ MemoryOverwriteRequestControlLockData = MOR_LOCK_DATA_LOCKED_WITHOUT_KEY;
+
+ Status = gtRT->SetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ Attributes, // Attributes
+ DataSize, // DataSize
+ &MemoryOverwriteRequestControlLockData // Data
+ );
+ if (Status == EFI_WRITE_PROTECTED) {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ } else {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid009,
+ L"MemoryOverwriteRequestControlLock - SetVariable() with DataSize == 0 returns EFI_WRITE_PROTECTED",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ // change DataSize to a valid value before GetVariable()
+ DataSize = sizeof(MemoryOverwriteRequestControlLockData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+
+ // Check that MORLOCK remains unlocked after previous operation
+ Status = gtRT->GetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ &Attributes, // Attributes
+ &DataSize, // DataSize
+ &MemoryOverwriteRequestControlLockData // Data
+ );
+ if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData != MOR_LOCK_DATA_UNLOCKED)) {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ } else {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid010,
+ L"MemoryOverwriteRequestControlLock - Lock value remains unlocked",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ // MORLOCK SetVariable() to locked-without-key with valid GUID,
+ // variable name, DataSize, and Attributes, except for Data == NULL
+ // verify SetVariable() returns EFI_INVALID_PARAMETER and GetVariable() returns a Data Value == 0
+ DataSize = sizeof(MemoryOverwriteRequestControlLockData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+
+ Status = gtRT->SetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ Attributes, // Attributes
+ DataSize, // DataSize
+ NULL // Data
+ );
+ if (Status == EFI_WRITE_PROTECTED || EFI_INVALID_PARAMETER) {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ } else {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid011,
+ L"MemoryOverwriteRequestControlLock - SetVariable() with Data parameter as NULL returns either EFI_WRITE_PROTECTED or EFI_INVALID_PARAMETER",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ // Check that MORLOCK remains unlocked after previous operation
+ Status = gtRT->GetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ &Attributes, // Attributes
+ &DataSize, // DataSize
+ &MemoryOverwriteRequestControlLockData // Data
+ );
+ if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData != MOR_LOCK_DATA_UNLOCKED)) {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ } else {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid012,
+ L"MemoryOverwriteRequestControlLock - Lock value remains unlocked",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ // MORLOCK SetVariable() to lock-without-key with valid GUID, variable name, Data, and DataSize
+ // except for invalid Attributes != NV+BS+RT, this test will use invalid Attributes == NV + BS
+ // verify SetVariable() returns EFI_INVALID_PARAMETER and GetVariable() returns a Data Value == 0
+ DataSize = sizeof(MemoryOverwriteRequestControlLockData);
+ Attributes = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS;
+ MemoryOverwriteRequestControlLockData = MOR_LOCK_DATA_LOCKED_WITHOUT_KEY;
+
+ Status = gtRT->SetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ Attributes, // Attributes
+ DataSize, // DataSize
+ &MemoryOverwriteRequestControlLockData // Data
+ );
+ if (Status == EFI_INVALID_PARAMETER) {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ } else {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid013,
+ L"MemoryOverwriteRequestControlLock - SetVariable() with Attributes == NV returns EFI_INVALID_PARAMETER",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ // change attributes value to valid NV+BS+RT for GetVariable()
+ DataSize = sizeof(MemoryOverwriteRequestControlLockData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+
+ // Check that MORLOCK remains unlocked after previous operation
+ Status = gtRT->GetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ &Attributes, // Attributes
+ &DataSize, // DataSize
+ &MemoryOverwriteRequestControlLockData // Data
+ );
+ if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData != MOR_LOCK_DATA_UNLOCKED)) {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ } else {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid014,
+ L"MemoryOverwriteRequestControlLock - Lock value remains unlocked",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ // MORLOCK SetVariable() to locked-without-key with valid GUID, variable name, Data, and Attributes
+ // except for invalid DataSize != 1 && != 8, this test will use invalid DataSize == 5
+ // verify SetVariable() returns EFI_INVALID_PARAMETER and GetVariable() returns a Data Value == 0
+ DataSize = 5;
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+ MemoryOverwriteRequestControlLockData = MOR_LOCK_DATA_LOCKED_WITHOUT_KEY;
+
+ Status = gtRT->SetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ Attributes, // Attributes
+ DataSize, // DataSize
+ &MemoryOverwriteRequestControlLockData // Data
+ );
+ if (Status == EFI_INVALID_PARAMETER) {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ } else {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid015,
+ L"MemoryOverwriteRequestControlLock - SetVariable() with DataSize == 5 returns EFI_INVALID_PARAMETER",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ // change datasize to valid value for GetVariable
+ DataSize = sizeof(MemoryOverwriteRequestControlLockData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+
+ // Check that MORLOCK remains unlocked after previous operation
+ Status = gtRT->GetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ &Attributes, // Attributes
+ &DataSize, // DataSize
+ &MemoryOverwriteRequestControlLockData // Data
+ );
+ if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData != MOR_LOCK_DATA_UNLOCKED)) {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ } else {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid016,
+ L"MemoryOverwriteRequestControlLock - Lock value remains unlocked",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ return EFI_SUCCESS;
+}
\ No newline at end of file
--
2.34.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#117522): https://edk2.groups.io/g/devel/message/117522
Mute This Topic: https://groups.io/mt/105416471/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [edk2-devel] [PATCH v5 4/6] uefi-sct/SctPkg: TCG MORLOCK Unlocked State Test
2024-04-09 4:45 [edk2-devel] [PATCH v5 0/6] EDK2-TEST TCG MOR Tests Abhimanyu Singh
` (2 preceding siblings ...)
2024-04-09 4:45 ` [edk2-devel] [PATCH v5 3/6] uefi-sct/SctPkg: TCG MORLOCK " Abhimanyu Singh
@ 2024-04-09 4:45 ` Abhimanyu Singh
2024-04-09 5:44 ` [edk2-devel] PcdMemoryProfilePropertyMask declared as dynamic type Yoshinoya
2024-04-09 4:45 ` [edk2-devel] [PATCH v5 5/6] uefi-sct/SctPkg: TCG MORLOCK Locked No Key State Test Abhimanyu Singh
` (2 subsequent siblings)
6 siblings, 1 reply; 9+ messages in thread
From: Abhimanyu Singh @ 2024-04-09 4:45 UTC (permalink / raw)
To: devel
Cc: Abhi Singh, G Edhaya Chandran, Barton Gao, Carolyn Gjertsen,
Abhi Singh, Stuart Yoder
SCT spec: https://bugzilla.tianocore.org/show_bug.cgi?id=4374
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4419
-Implement MemoryOverwriteRequestControlLock Unlocked State
test cases
-Add Assertions 17, 18, 19, and 20 from SCT spec
-Add Test Case to MemoryOverwriteRequestFunctionTest
Cc: G Edhaya Chandran <edhaya.chandran@arm.com>
Cc: Barton Gao <gaojie@byosoft.com.cn>
Cc: Carolyn Gjertsen <carolyn.gjertsen@amd.com>
Signed-off-by: Abhi Singh <abhi.singh@arm.com>
Reviewed-by: Stuart Yoder <stuart.yoder@arm.com>
---
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h | 20 ++
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h | 7 +
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c | 8 +
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c | 241 +++++++++++++++++++-
4 files changed, 275 insertions(+), 1 deletion(-)
diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h
index 891f494dbc70..1ca43a393f29 100644
--- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h
+++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h
@@ -73,6 +73,18 @@ Abstract:
#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_016_GUID \
{ 0x169a43cc, 0x23fa, 0x4887, {0x8b, 0x4f, 0x11, 0xb2, 0xa0, 0x88, 0x4f, 0x63 }}
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_017_GUID \
+{ 0x7c11d0ab, 0x7a84, 0x482b, {0xb7, 0x5a, 0xd7, 0x72, 0x6c, 0x3e, 0xae, 0x0e }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_018_GUID \
+{ 0xbbaa52b6, 0x5576, 0x4acd, {0xb9, 0x5f, 0x86, 0x22, 0x5e, 0xfc, 0xb0, 0x31 }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_019_GUID \
+{ 0x60b227e0, 0x9f5c, 0x412c, {0x88, 0x79, 0xd3, 0x59, 0xfc, 0xd0, 0xdd, 0x3f }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_020_GUID \
+{ 0x2eba284a, 0xf701, 0x4c19, {0xbe, 0x5c, 0x39, 0x27, 0xb0, 0x68, 0x4f, 0xd7 }}
+
extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid001;
extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid002;
@@ -104,3 +116,11 @@ extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid014;
extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid015;
extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid016;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid017;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid018;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid019;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid020;
diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h
index 553959762be8..15eedc60f19d 100644
--- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h
+++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h
@@ -100,6 +100,13 @@ TCGMemoryOverwriteRequestControlLockSetVariable (
IN RESET_DATA *ResetData
);
+EFI_STATUS
+TCGMemoryOverwriteRequestControlLockUnlockedState (
+ IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib,
+ IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib,
+ IN RESET_DATA *ResetData
+);
+
// ****************************************************************************
// Entry GUIDs for Test
// ****************************************************************************
diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c
index d861c44e3960..fe8853452979 100644
--- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c
+++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c
@@ -59,3 +59,11 @@ EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid014 = EFI_TEST_TCGMO
EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid015 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_015_GUID;
EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid016 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_016_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid017 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_017_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid018 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_018_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid019 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_019_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid020 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_020_GUID;
diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c
index f0c6029c9afb..fe5ca180c104 100644
--- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c
+++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c
@@ -41,6 +41,8 @@ Abstract:
#define LOCK_UNLOCKED_STATE_TEST 4
+#define LOCK_NO_KEY_STATE_TEST 5
+
/**
* Entry point for TCG Platform Reset Attack Mitigation MemoryOverwrite EFI Variables Function Test.
@@ -168,6 +170,16 @@ BBTestTCGMemoryOverwriteRequestFunctionTest (
}
CheckpointStepMatched = TRUE;
}
+ if (ResetData->CheckpointStep == LOCK_UNLOCKED_STATE_TEST) {
+ //
+ // Test Checkpoint LOCK_UNLOCKED_STATE_TEST
+ //
+ Status = TCGMemoryOverwriteRequestControlLockUnlockedState (StandardLib, RecoveryLib, ResetData);
+ if(EFI_ERROR(Status)) {
+ return Status;
+ }
+ CheckpointStepMatched = TRUE;
+ }
if (!CheckpointStepMatched) {
return EFI_INVALID_PARAMETER; // incase of invalid CheckpointStep, return EFI_INVALID_PARAMETER
@@ -1007,4 +1019,231 @@ MORLOCK_SET_VARIABLE:
);
return EFI_SUCCESS;
-}
\ No newline at end of file
+}
+
+
+/**
+ * MemoryOverwriteRequestControlLock in unlocked state test
+ * When unlocked, the lock should stay unlocked when passed a valid value of 0x00
+ *
+ * When passed an invalid Data value != 0x00 or != 0x01, such as 0x02,
+ * the lock must stay unlocked and return EFI_INVALID_PARAMETER
+ * @param StandardLib A pointer to EFI_STANDARD_TEST_LIBRARY_PROTOCOL
+ * instance.
+ * @param RecoveryLib A pointer to EFI_TEST_RECOVERY_LIBRARY_PROTOCOL
+ * instance.
+ * @param ResetData A pointer to the ResetData Buffer which is used throughout
+ * the test
+ * @return EFI_SUCCESS Successfully.
+ * @return Other value Something failed.
+ */
+EFI_STATUS
+TCGMemoryOverwriteRequestControlLockUnlockedState (
+ IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib,
+ IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib,
+ IN RESET_DATA *ResetData
+ )
+{
+ EFI_STATUS Status;
+ EFI_TEST_ASSERTION Result;
+ UINTN DataSize;
+ UINT8 MemoryOverwriteRequestControlLockData;
+ UINT32 Attributes;
+
+ //
+ // Check Step to see which part of test remains to be executed
+ //
+ switch (ResetData->Step) {
+ case 0:
+ goto INITIAL_RESET;
+ case 1:
+ goto MORLOCK_UNLOCKED_STATE;
+ default:
+ return EFI_INVALID_PARAMETER;
+ }
+
+INITIAL_RESET:
+ //
+ // Reset MORLOCK variable by performing a cold reset
+ //
+
+ ResetData->Step = 1;
+ ResetData->CheckpointStep = LOCK_UNLOCKED_STATE_TEST;
+ Status = RecoveryLib->WriteResetRecord (
+ RecoveryLib,
+ sizeof (RESET_DATA),
+ (UINT8*)ResetData
+ );
+ if (EFI_ERROR(Status)) {
+ StandardLib->RecordAssertion (
+ StandardLib,
+ EFI_TEST_ASSERTION_FAILED,
+ gTestGenericFailureGuid,
+ L"TestRecoveryLib - WriteResetRecord",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+ return Status;
+ }
+
+ SctPrint (L"System will cold reset after 1 second and test will be resumed after reboot.");
+ Status = gtBS->Stall(1000000);
+ if (EFI_ERROR(Status)) {
+ // Handle stall error
+ SctPrint(L"Error: Failed to stall the system.\n");
+ return Status;
+ }
+ gtRT->ResetSystem (
+ EfiResetCold,
+ EFI_SUCCESS,
+ 0,
+ NULL
+ );
+ SctPrint(L"Error: Failed to perform a cold reset.\n");
+ return EFI_DEVICE_ERROR;
+
+MORLOCK_UNLOCKED_STATE:
+ //
+ // Testing MORLOCK scenarios when the Variable is in the unlocked state
+ //
+
+ ResetData->Step = 0;
+ ResetData->CheckpointStep = LOCK_NO_KEY_STATE_TEST;
+ Status = RecoveryLib->WriteResetRecord (
+ RecoveryLib,
+ sizeof (RESET_DATA),
+ (UINT8*)ResetData
+ );
+ if (EFI_ERROR(Status)) {
+ StandardLib->RecordAssertion (
+ StandardLib,
+ EFI_TEST_ASSERTION_FAILED,
+ gTestGenericFailureGuid,
+ L"TestRecoveryLib - WriteResetRecord",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+ return Status;
+ }
+
+ //
+ // Setting MORLOCK to unlocked when already in unlocked state should return EFI_SUCCESS
+ // and the MORLOCK value should still be = 0x00 or unlocked
+ //
+ DataSize = sizeof(MemoryOverwriteRequestControlLockData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+ MemoryOverwriteRequestControlLockData = MOR_LOCK_DATA_UNLOCKED;
+
+ Status = gtRT->SetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ Attributes, // Attributes
+ DataSize, // DataSize
+ &MemoryOverwriteRequestControlLockData // Data
+ );
+ if (Status == EFI_SUCCESS) {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ } else {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid017,
+ L"MemoryOverwriteRequestControlLock - Setting to unlocked when already unlocked should return EFI_SUCCESS",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ Status = gtRT->GetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ &Attributes, // Attributes
+ &DataSize, // DataSize
+ &MemoryOverwriteRequestControlLockData // Data
+ );
+ if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData != MOR_LOCK_DATA_UNLOCKED)) {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ } else {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid018,
+ L"MemoryOverwriteRequestControlLock - Lock value remains unlocked",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ //
+ // Setting MORLOCK with an invalid Data parameter != 0x01 should return EFI_INVALID_PARAMETER
+ // and the MORLOCK value should still be = 0x00
+ //
+ DataSize = sizeof(MemoryOverwriteRequestControlLockData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+ MemoryOverwriteRequestControlLockData = 0x02;
+
+ Status = gtRT->SetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ Attributes, // Attributes
+ DataSize, // DataSize
+ &MemoryOverwriteRequestControlLockData // Data
+ );
+ if (Status == EFI_INVALID_PARAMETER) {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ } else {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid019,
+ L"MemoryOverwriteRequestControlLock - Invalid Data = 0x02 returns EFI_INVALID_PARAMETER",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ DataSize = sizeof(MemoryOverwriteRequestControlLockData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+
+ Status = gtRT->GetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ &Attributes, // Attributes
+ &DataSize, // DataSize
+ &MemoryOverwriteRequestControlLockData // Data
+ );
+ if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData != MOR_LOCK_DATA_UNLOCKED)) {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ } else {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid020,
+ L"MemoryOverwriteRequestControlLock - Lock value remains unlocked",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ return EFI_SUCCESS;
+}
--
2.34.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#117523): https://edk2.groups.io/g/devel/message/117523
Mute This Topic: https://groups.io/mt/105416472/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [edk2-devel] [PATCH v5 5/6] uefi-sct/SctPkg: TCG MORLOCK Locked No Key State Test
2024-04-09 4:45 [edk2-devel] [PATCH v5 0/6] EDK2-TEST TCG MOR Tests Abhimanyu Singh
` (3 preceding siblings ...)
2024-04-09 4:45 ` [edk2-devel] [PATCH v5 4/6] uefi-sct/SctPkg: TCG MORLOCK Unlocked State Test Abhimanyu Singh
@ 2024-04-09 4:45 ` Abhimanyu Singh
2024-04-09 4:45 ` [edk2-devel] [PATCH v5 6/6] uefi-sct/SctPkg: TCG MORLOCK Locked with " Abhimanyu Singh
2024-04-09 15:04 ` [edk2-devel] [PATCH v5 0/6] EDK2-TEST TCG MOR Tests Sunny Wang
6 siblings, 0 replies; 9+ messages in thread
From: Abhimanyu Singh @ 2024-04-09 4:45 UTC (permalink / raw)
To: devel
Cc: Abhi Singh, G Edhaya Chandran, Barton Gao, Carolyn Gjertsen,
Abhi Singh, Stuart Yoder
SCT spec: https://bugzilla.tianocore.org/show_bug.cgi?id=4374
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4419
-Implement MemoryOverwriteRequestControlLock Locked No Key
State test cases
-Add Assertions 21 - 31 from SCT spec
-Add Test Case to MemoryOverwriteRequestFunctionTest
Cc: G Edhaya Chandran <edhaya.chandran@arm.com>
Cc: Barton Gao <gaojie@byosoft.com.cn>
Cc: Carolyn Gjertsen <carolyn.gjertsen@amd.com>
Signed-off-by: Abhi Singh <abhi.singh@arm.com>
Reviewed-by: Stuart Yoder <stuart.yoder@arm.com>
---
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h | 55 +++
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h | 11 +
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c | 22 +
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c | 472 ++++++++++++++++++++
4 files changed, 560 insertions(+)
diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h
index 1ca43a393f29..065f197987cc 100644
--- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h
+++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h
@@ -85,6 +85,39 @@ Abstract:
#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_020_GUID \
{ 0x2eba284a, 0xf701, 0x4c19, {0xbe, 0x5c, 0x39, 0x27, 0xb0, 0x68, 0x4f, 0xd7 }}
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_021_GUID \
+{ 0x9a1b44ae, 0x08ce, 0x474c, {0xa5, 0x8e, 0xa6, 0xe2, 0xcf, 0xaf, 0x91, 0x2c }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_022_GUID \
+{ 0x490d7b39, 0xcad4, 0x4e8c, {0xb1, 0x5d, 0x63, 0xd2, 0x0c, 0xb3, 0xe9, 0x45 }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_023_GUID \
+{ 0x397394ae, 0xce01, 0x4350, {0xa2, 0x0c, 0xe1, 0xb3, 0xe8, 0x74, 0xdc, 0x01 }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_024_GUID \
+{ 0x9cf27a60, 0x94b5, 0x4e2e, {0xb3, 0x2b, 0x51, 0x0f, 0x24, 0x7a, 0x80, 0xd7 }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_025_GUID \
+{ 0x766dc008, 0x2a88, 0x4eed, {0x91, 0x95, 0x46, 0x92, 0xdc, 0xcc, 0x1d, 0xf6 }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_026_GUID \
+{ 0x5f66c8e5, 0x1bf8, 0x4af4, {0x86, 0x45, 0xf4, 0x93, 0xa0, 0xee, 0x26, 0x88 }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_027_GUID \
+{ 0x1064f6ce, 0xb307, 0x4981, {0xac, 0x8f, 0xe5, 0xca, 0x20, 0x6c, 0x1b, 0x8b }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_028_GUID \
+{ 0x40f2c4e9, 0xe937, 0x426e, {0x98, 0xc5, 0x62, 0xca, 0x23, 0x68, 0x52, 0xd0 }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_029_GUID \
+{ 0x6d5dcb4d, 0xe008, 0x41cc, {0x98, 0x32, 0xdf, 0xa8, 0x38, 0xb1, 0xb6, 0x02 }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_030_GUID \
+{ 0x29b81ee0, 0x368d, 0x447c, {0x9e, 0xd0, 0xa5, 0xfe, 0xd7, 0x02, 0x65, 0x7b }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_031_GUID \
+{ 0xe88b22ce, 0x3de6, 0x49b0, {0xb2, 0x46, 0x9e, 0x35, 0x98, 0x2b, 0x9b, 0x1c }}
+
extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid001;
extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid002;
@@ -124,3 +157,25 @@ extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid018;
extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid019;
extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid020;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid021;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid022;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid023;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid024;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid025;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid026;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid027;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid028;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid029;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid030;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid031;
diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h
index 15eedc60f19d..94ed476f86ad 100644
--- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h
+++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h
@@ -51,6 +51,10 @@ typedef struct _RESET_DATA {
#define MOR_LOCK_DATA_UNLOCKED 0x0
#define MOR_LOCK_DATA_LOCKED_WITHOUT_KEY 0x1
+#define MOR_LOCK_WITH_KEY_SIZE 8
+
+#define MOR_LOCK_TEST_KEY 0x11111111
+
//
// TEST GUID for TCG Platform Reset Attack Mitigation MemoryOverwriteRequest (MOR) Test
@@ -107,6 +111,13 @@ TCGMemoryOverwriteRequestControlLockUnlockedState (
IN RESET_DATA *ResetData
);
+EFI_STATUS
+TCGMemoryOverwriteRequestControlLockLockedNoKeyState (
+ IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib,
+ IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib,
+ IN RESET_DATA *ResetData
+ );
+
// ****************************************************************************
// Entry GUIDs for Test
// ****************************************************************************
diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c
index fe8853452979..f44e7de3c51d 100644
--- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c
+++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c
@@ -67,3 +67,25 @@ EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid018 = EFI_TEST_TCGMO
EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid019 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_019_GUID;
EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid020 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_020_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid021 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_021_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid022 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_022_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid023 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_023_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid024 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_024_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid025 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_025_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid026 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_026_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid027 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_027_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid028 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_028_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid029 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_029_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid030 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_030_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid031 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_031_GUID;
diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c
index fe5ca180c104..7780b390a5f2 100644
--- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c
+++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c
@@ -43,6 +43,8 @@ Abstract:
#define LOCK_NO_KEY_STATE_TEST 5
+#define LOCK_WITH_KEY_STATE_TEST 6
+
/**
* Entry point for TCG Platform Reset Attack Mitigation MemoryOverwrite EFI Variables Function Test.
@@ -180,6 +182,16 @@ BBTestTCGMemoryOverwriteRequestFunctionTest (
}
CheckpointStepMatched = TRUE;
}
+ if (ResetData->CheckpointStep == LOCK_NO_KEY_STATE_TEST) {
+ //
+ // Test Checkpoint LOCK_NO_KEY_STATE_TEST
+ //
+ Status = TCGMemoryOverwriteRequestControlLockLockedNoKeyState (StandardLib, RecoveryLib, ResetData);
+ if(EFI_ERROR(Status)) {
+ return Status;
+ }
+ CheckpointStepMatched = TRUE;
+ }
if (!CheckpointStepMatched) {
return EFI_INVALID_PARAMETER; // incase of invalid CheckpointStep, return EFI_INVALID_PARAMETER
@@ -1247,3 +1259,463 @@ MORLOCK_UNLOCKED_STATE:
return EFI_SUCCESS;
}
+
+
+/**
+ * MemoryOverwriteRequestControlLock in locked-without-key state test
+ * When unlocked, a valid SetVariable() with Data value 0x01 must return EFI_SUCCESS
+ * and the lock value must be 0x01, value cannot change till the system is cold reset
+ *
+ * When locked-without-key, SetVariable() with Data = 0x01, 0x00, or 0x11111111 (key)
+ * must return EFI_ACCESS_DENIED and value must still equal 0x01
+ * @param StandardLib A pointer to EFI_STANDARD_TEST_LIBRARY_PROTOCOL
+ * instance.
+ * @param RecoveryLib A pointer to EFI_TEST_RECOVERY_LIBRARY_PROTOCOL
+ * instance.
+ * @param ResetData A pointer to the ResetData Buffer which is used throughout
+ * the test
+ * @return EFI_SUCCESS Successfully.
+ * @return Other value Something failed.
+ */
+EFI_STATUS
+TCGMemoryOverwriteRequestControlLockLockedNoKeyState (
+ IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib,
+ IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib,
+ IN RESET_DATA *ResetData
+ )
+{
+ EFI_STATUS Status;
+ EFI_TEST_ASSERTION Result;
+ UINTN DataSize;
+ UINTN MemoryOverwriteControlLockKeyValue;
+ UINT8 MemoryOverwriteRequestControlLockData;
+ UINT8 MemoryOverwriteRequestControlData;
+ UINT8 MemoryOverwriteRequestControlDataCached;
+ UINT32 Attributes;
+
+ //
+ // Check Step to see which part of test remains to be executed
+ //
+ switch (ResetData->Step) {
+ case 0:
+ goto INITIAL_RESET;
+ case 1:
+ goto MORLOCK_LOCKED_STATE;
+ default:
+ return EFI_INVALID_PARAMETER;
+ }
+
+INITIAL_RESET:
+ //
+ // Reset MORLOCK variable by performing a cold reset
+ //
+ ResetData->Step = 1;
+ ResetData->CheckpointStep = LOCK_NO_KEY_STATE_TEST;
+
+ Status = RecoveryLib->WriteResetRecord (
+ RecoveryLib,
+ sizeof (RESET_DATA),
+ (UINT8*)ResetData
+ );
+ if (EFI_ERROR(Status)) {
+ StandardLib->RecordAssertion (
+ StandardLib,
+ EFI_TEST_ASSERTION_FAILED,
+ gTestGenericFailureGuid,
+ L"TestRecoveryLib - WriteResetRecord",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+ return Status;
+ }
+
+ SctPrint (L"System will cold reset after 1 second and test will be resumed after reboot.");
+ Status = gtBS->Stall(1000000);
+ if (EFI_ERROR(Status)) {
+ // Handle stall error
+ SctPrint(L"Error: Failed to stall the system.\n");
+ return Status;
+ }
+ gtRT->ResetSystem (
+ EfiResetCold,
+ EFI_SUCCESS,
+ 0,
+ NULL
+ );
+ SctPrint(L"Error: Failed to perform a cold reset.\n");
+ return EFI_DEVICE_ERROR;
+
+MORLOCK_LOCKED_STATE:
+ //change checkpoint to next function
+ ResetData->Step = 0;
+ ResetData->CheckpointStep = LOCK_WITH_KEY_STATE_TEST;
+
+ Status = RecoveryLib->WriteResetRecord (
+ RecoveryLib,
+ sizeof (RESET_DATA),
+ (UINT8*)ResetData
+ );
+ if (EFI_ERROR(Status)) {
+ StandardLib->RecordAssertion (
+ StandardLib,
+ EFI_TEST_ASSERTION_FAILED,
+ gTestGenericFailureGuid,
+ L"TestRecoveryLib - WriteResetRecord",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+ return Status;
+ }
+
+ //
+ // After Cold Reset, MORLOCK SetVariable() with value 0x01 must return EFI_SUCCESS
+ // and MORLOCK GetVariable() value must now be MOR_LOCK_DATA_LOCKED_WITHOUT_KEY
+ //
+ DataSize = sizeof(MemoryOverwriteRequestControlLockData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+ MemoryOverwriteRequestControlLockData = MOR_LOCK_DATA_LOCKED_WITHOUT_KEY;
+
+ Status = gtRT->SetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ Attributes, // Attributes
+ DataSize, // DataSize
+ &MemoryOverwriteRequestControlLockData // Data
+ );
+ if (Status == EFI_SUCCESS) {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ } else {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid021,
+ L"MemoryOverwriteRequestControlLock - Setting to locked-without-key when unlocked returns EFI_SUCCESS",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ DataSize = sizeof(MemoryOverwriteRequestControlLockData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+
+ Status = gtRT->GetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ &Attributes, // Attributes
+ &DataSize, // DataSize
+ &MemoryOverwriteRequestControlLockData // Data
+ );
+ if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData != MOR_LOCK_DATA_LOCKED_WITHOUT_KEY)) {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ } else {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid022,
+ L"MemoryOverwriteRequestControlLock - Lock state is now locked-without-key",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ //
+ // Once locked-without-key, MORLOCK SetVariable() with value 0x00 must return EFI_ACCESS_DENIED
+ // and MORLOCK GetVariable() value must still be 0x01
+ //
+ DataSize = sizeof(MemoryOverwriteRequestControlLockData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+ MemoryOverwriteRequestControlLockData = MOR_LOCK_DATA_UNLOCKED;
+
+ Status = gtRT->SetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ Attributes, // Attributes
+ DataSize, // DataSize
+ &MemoryOverwriteRequestControlLockData // Data
+ );
+ if (Status == EFI_ACCESS_DENIED) {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ } else {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid023,
+ L"MemoryOverwriteRequestControlLock - Setting to unlocked when locked-without-key returns EFI_ACCESS_DENIED",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ DataSize = sizeof(MemoryOverwriteRequestControlLockData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+
+ Status = gtRT->GetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ &Attributes, // Attributes
+ &DataSize, // DataSize
+ &MemoryOverwriteRequestControlLockData // Data
+ );
+ if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData != MOR_LOCK_DATA_LOCKED_WITHOUT_KEY)) {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ } else {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid024,
+ L"MemoryOverwriteRequestControlLock - Lock state is still locked-without-key",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ //
+ // Once locked-without-key, MORLOCK SetVariable() with value 0x01 must return EFI_ACCESS_DENIED
+ // and MORLOCK GetVariable() value must still be 0x01
+ //
+ DataSize = sizeof(MemoryOverwriteRequestControlLockData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+ MemoryOverwriteRequestControlLockData = MOR_LOCK_DATA_LOCKED_WITHOUT_KEY;
+
+ Status = gtRT->SetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ Attributes, // Attributes
+ DataSize, // DataSize
+ &MemoryOverwriteRequestControlLockData // Data
+ );
+ if (Status == EFI_ACCESS_DENIED) {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ } else {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid025,
+ L"MemoryOverwriteRequestControlLock - Setting to locked-without-key when already locked-without-key returns EFI_ACCESS_DENIED",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ DataSize = sizeof(MemoryOverwriteRequestControlLockData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+
+ Status = gtRT->GetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ &Attributes, // Attributes
+ &DataSize, // DataSize
+ &MemoryOverwriteRequestControlLockData // Data
+ );
+ if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData != MOR_LOCK_DATA_LOCKED_WITHOUT_KEY)) {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ } else {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid026,
+ L"MemoryOverwriteRequestControlLock - Lock state is still locked-without-key",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ //
+ // Once locked-without-key, MORLOCK SetVariable() with 8 byte key = 0x11111111 must return EFI_ACCESS_DENIED
+ // and MORLOCK GetVariable() value must still be 0x01
+ //
+ DataSize = MOR_LOCK_WITH_KEY_SIZE;
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+ MemoryOverwriteControlLockKeyValue = MOR_LOCK_TEST_KEY;
+
+ Status = gtRT->SetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ Attributes, // Attributes
+ DataSize, // DataSize
+ &MemoryOverwriteControlLockKeyValue // Data
+ );
+ if (Status == EFI_ACCESS_DENIED) {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ } else {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid027,
+ L"MemoryOverwriteRequestControlLock - Setting to locked-with-key when locked-without-key returns EFI_ACCESS_DENIED",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ DataSize = sizeof(MemoryOverwriteRequestControlLockData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+
+ Status = gtRT->GetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ &Attributes, // Attributes
+ &DataSize, // DataSize
+ &MemoryOverwriteRequestControlLockData // Data
+ );
+ if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData != MOR_LOCK_DATA_LOCKED_WITHOUT_KEY)) {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ } else {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid028,
+ L"MemoryOverwriteRequestControlLock - Lock state is still locked-without-key",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ //
+ // Once locked-without-key, MOR SetVariable() call to set MOR bit 0 must return EFI_ACCESS_DENIED
+ // and MOR value must not change
+ //
+ DataSize = sizeof(MemoryOverwriteRequestControlData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+ // getting current MOR bit 0 value that will be used to check that the variable is unchanged
+ Status = gtRT->GetVariable (
+ L"MemoryOverwriteRequestControl", // VariableName
+ &gEfiMemoryOverwriteControlDataGuid, // VendorGuid
+ &Attributes, // Attributes
+ &DataSize, // DataSize
+ &MemoryOverwriteRequestControlData // Data
+ );
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ // caching MOR and then setting bit 0
+ MemoryOverwriteRequestControlDataCached = MemoryOverwriteRequestControlData;
+ MemoryOverwriteRequestControlData |= MOR_BIT_HIGH << MOR_CLEAR_MEMORY_BIT_OFFSET;
+
+ DataSize = sizeof(MemoryOverwriteRequestControlData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+
+
+ Status = gtRT->SetVariable (
+ L"MemoryOverwriteRequestControl", // VariableName
+ &gEfiMemoryOverwriteControlDataGuid, // VendorGuid
+ Attributes, // Attributes
+ DataSize, // DataSize
+ &MemoryOverwriteRequestControlData // Data
+ );
+ if (Status == EFI_ACCESS_DENIED) {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ } else {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid029,
+ L"MemoryOverwriteRequestControl - SetVariable() returns EFI_ACCESS_DENIED when MORLOCK is locked-without-key",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ DataSize = sizeof(MemoryOverwriteRequestControlData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+
+ Status = gtRT->GetVariable (
+ L"MemoryOverwriteRequestControl", // VariableName
+ &gEfiMemoryOverwriteControlDataGuid, // VendorGuid
+ &Attributes, // Attributes
+ &DataSize, // DataSize
+ &MemoryOverwriteRequestControlData // Data
+ );
+
+ // verifying that the variable has not been modified with SetVariable(), proving that MORLOCK acts as a lock
+ if (MemoryOverwriteRequestControlDataCached == MemoryOverwriteRequestControlData) {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ } else {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid030,
+ L"MemoryOverwriteRequestControl - When locked-without-key, MOR bit 0 remains unchanged after an attempt to set it",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ //
+ // Once locked-without-key, MOR cannot be deleted
+ // SetVariable() call to set MOR with DataSize == 0 must return EFI_ACCESS_DENIED
+ // MemoryOverwriteControlData is a don't care in this case
+ DataSize = 0;
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+
+ Status = gtRT->SetVariable (
+ L"MemoryOverwriteRequestControl", // VariableName
+ &gEfiMemoryOverwriteControlDataGuid, // VendorGuid
+ Attributes, // Attributes
+ DataSize, // DataSize
+ &MemoryOverwriteRequestControlData // Data
+ );
+ if (Status == EFI_ACCESS_DENIED || EFI_INVALID_PARAMETER) {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ } else {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid031,
+ L"MemoryOverwriteRequestControl - When MORLOCK is locked-without-key, an attempt to delete the MOR variable must return either EFI_ACCESS_DENIED or EFI_INVALID_PARAMETER",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ return EFI_SUCCESS;
+}
--
2.34.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#117524): https://edk2.groups.io/g/devel/message/117524
Mute This Topic: https://groups.io/mt/105416473/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [edk2-devel] [PATCH v5 6/6] uefi-sct/SctPkg: TCG MORLOCK Locked with Key State Test
2024-04-09 4:45 [edk2-devel] [PATCH v5 0/6] EDK2-TEST TCG MOR Tests Abhimanyu Singh
` (4 preceding siblings ...)
2024-04-09 4:45 ` [edk2-devel] [PATCH v5 5/6] uefi-sct/SctPkg: TCG MORLOCK Locked No Key State Test Abhimanyu Singh
@ 2024-04-09 4:45 ` Abhimanyu Singh
2024-04-09 15:04 ` [edk2-devel] [PATCH v5 0/6] EDK2-TEST TCG MOR Tests Sunny Wang
6 siblings, 0 replies; 9+ messages in thread
From: Abhimanyu Singh @ 2024-04-09 4:45 UTC (permalink / raw)
To: devel
Cc: Abhi Singh, G Edhaya Chandran, Barton Gao, Carolyn Gjertsen,
Abhi Singh, Stuart Yoder
SCT spec: https://bugzilla.tianocore.org/show_bug.cgi?id=4374
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4419
-Implement MemoryOverwriteRequestControlLock Locked with
Key State test cases
-Add remaining Assertions 32 - 49 from SCT spec
-Add Test Case to MemoryOverwriteRequestFunctionTest
-Changed several assertion strings to be more
descriptive
Cc: G Edhaya Chandran <edhaya.chandran@arm.com>
Cc: Barton Gao <gaojie@byosoft.com.cn>
Cc: Carolyn Gjertsen <carolyn.gjertsen@amd.com>
Signed-off-by: Abhi Singh <abhi.singh@arm.com>
Reviewed-by: Stuart Yoder <stuart.yoder@arm.com>
---
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h | 90 +++
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h | 11 +-
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c | 36 +
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c | 715 +++++++++++++++++++-
4 files changed, 828 insertions(+), 24 deletions(-)
diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h
index 065f197987cc..cf7f3e180f54 100644
--- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h
+++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h
@@ -118,6 +118,60 @@ Abstract:
#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_031_GUID \
{ 0xe88b22ce, 0x3de6, 0x49b0, {0xb2, 0x46, 0x9e, 0x35, 0x98, 0x2b, 0x9b, 0x1c }}
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_032_GUID \
+{ 0xc8894201, 0x7a3a, 0x47d4, {0xa8, 0x8d, 0xdf, 0x4b, 0x03, 0xff, 0xde, 0x4f }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_033_GUID \
+{ 0x38a813ac, 0x8eb9, 0x46ce, {0xa8, 0x6b, 0x40, 0x8c, 0x07, 0x5f, 0xc7, 0xed }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_034_GUID \
+{ 0x919b8392, 0xcb78, 0x49ff, {0xa3, 0x18, 0x49, 0x78, 0x76, 0xe0, 0xf8, 0xf8 }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_035_GUID \
+{ 0x219abaf2, 0x04a9, 0x407c, {0xb5, 0xde, 0xa0, 0x03, 0x6e, 0x65, 0xb0, 0xb9 }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_036_GUID \
+{ 0x9a51640a, 0xff14, 0x402b, {0xb0, 0x57, 0xa0, 0xc4, 0xf7, 0x20, 0x8e, 0x44 }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_037_GUID \
+{ 0x8ccd0dbb, 0x9b0a, 0x4bfb, {0xa0, 0x7e, 0xc6, 0x06, 0x8b, 0x91, 0x0d, 0xfb }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_038_GUID \
+{ 0xde6f4e17, 0xe375, 0x4dcb, {0x8f, 0x07, 0x77, 0x7e, 0x62, 0x49, 0xea, 0x2c }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_039_GUID \
+{ 0x4ab6927b, 0x5ee4, 0x4748, {0xa4, 0x9d, 0x2d, 0xf3, 0x70, 0x01, 0x41, 0xd5 }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_040_GUID \
+{ 0x33142ecf, 0x0f92, 0x4625, {0xb7, 0xf6, 0x7f, 0x15, 0x25, 0x74, 0xd3, 0x03 }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_041_GUID \
+{ 0xf73c04df, 0x2e42, 0x4174, {0x82, 0x18, 0x0f, 0x25, 0x46, 0x4a, 0x55, 0xe9 }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_042_GUID \
+{ 0xd4eacf82, 0x55d1, 0x4ba1, {0xbe, 0x89, 0x6a, 0x2e, 0x44, 0x0f, 0xc7, 0xc0 }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_043_GUID \
+{ 0xfd88fe63, 0x5ed4, 0x482a, {0x98, 0x44, 0x23, 0x90, 0xf9, 0x09, 0x1c, 0x20 }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_044_GUID \
+{ 0x176f16cb, 0xf3a4, 0x4f12, {0x8f, 0x96, 0x4a, 0xc1, 0x8b, 0xdd, 0x6e, 0x3c }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_045_GUID \
+{ 0xf0d5e7b3, 0xdc0f, 0x4a18, {0xb9, 0x78, 0x09, 0x3b, 0x15, 0x55, 0x66, 0xbf }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_046_GUID \
+{ 0x9bf14c4b, 0x2950, 0x4c4e, {0x8b, 0xa3, 0x06, 0x46, 0xf1, 0x27, 0x8c, 0x05 }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_047_GUID \
+{ 0xb0468dee, 0xb1d0, 0x4795, {0x9f, 0xbf, 0xbe, 0x3f, 0x40, 0x2f, 0x3d, 0x6f }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_048_GUID \
+{ 0x1f7dd903, 0xcd58, 0x4d6f, {0x80, 0xd6, 0x4f, 0x6d, 0xcb, 0x4a, 0xd6, 0xc9 }}
+
+#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_049_GUID \
+{ 0x439179c2, 0x744d, 0x43bc, {0xb0, 0x67, 0x7b, 0x65, 0x60, 0x62, 0x6f, 0x5e }}
+
extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid001;
extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid002;
@@ -179,3 +233,39 @@ extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid029;
extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid030;
extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid031;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid032;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid033;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid034;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid035;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid036;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid037;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid038;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid039;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid040;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid041;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid042;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid043;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid044;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid045;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid046;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid047;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid048;
+
+extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid049;
diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h
index 94ed476f86ad..76b3c76340cf 100644
--- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h
+++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h
@@ -50,11 +50,13 @@ typedef struct _RESET_DATA {
#define MOR_LOCK_DATA_UNLOCKED 0x0
#define MOR_LOCK_DATA_LOCKED_WITHOUT_KEY 0x1
+#define MOR_LOCK_DATA_LOCKED_WITH_KEY 0x2
+#define MOR_LOCK_NO_KEY_SIZE 1
#define MOR_LOCK_WITH_KEY_SIZE 8
#define MOR_LOCK_TEST_KEY 0x11111111
-
+#define MOR_LOCK_INVALID_TEST_KEY 0x22222222
//
// TEST GUID for TCG Platform Reset Attack Mitigation MemoryOverwriteRequest (MOR) Test
@@ -118,6 +120,13 @@ TCGMemoryOverwriteRequestControlLockLockedNoKeyState (
IN RESET_DATA *ResetData
);
+EFI_STATUS
+TCGMemoryOverwriteRequestControlLockLockedWithKeyState (
+ IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib,
+ IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib,
+ IN RESET_DATA *ResetData
+ );
+
// ****************************************************************************
// Entry GUIDs for Test
// ****************************************************************************
diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c
index f44e7de3c51d..6bde8f686a16 100644
--- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c
+++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c
@@ -89,3 +89,39 @@ EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid029 = EFI_TEST_TCGMO
EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid030 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_030_GUID;
EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid031 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_031_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid032 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_032_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid033 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_033_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid034 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_034_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid035 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_035_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid036 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_036_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid037 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_037_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid038 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_038_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid039 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_039_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid040 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_040_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid041 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_041_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid042 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_042_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid043 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_043_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid044 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_044_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid045 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_045_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid046 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_046_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid047 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_047_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid048 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_048_GUID;
+
+EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid049 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_049_GUID;
diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c
index 7780b390a5f2..5bc40ac83214 100644
--- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c
+++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c
@@ -192,6 +192,16 @@ BBTestTCGMemoryOverwriteRequestFunctionTest (
}
CheckpointStepMatched = TRUE;
}
+ if (ResetData->CheckpointStep == LOCK_WITH_KEY_STATE_TEST) {
+ //
+ // Test Checkpoint LOCK_WITH_KEY_STATE_TEST
+ //
+ Status = TCGMemoryOverwriteRequestControlLockLockedWithKeyState (StandardLib, RecoveryLib, ResetData);
+ if(EFI_ERROR(Status)) {
+ return Status;
+ }
+ CheckpointStepMatched = TRUE;
+ }
if (!CheckpointStepMatched) {
return EFI_INVALID_PARAMETER; // incase of invalid CheckpointStep, return EFI_INVALID_PARAMETER
@@ -548,7 +558,7 @@ TCGMemoryOverwriteRequestControlSetVariable (
}
//
- // MOR SetVariable() with invalid Attributes == NV + BS returns EFI_INVALID_PARAMETER and value is unchanged
+ // MOR SetVariable() with invalid Attributes = NV + BS returns EFI_INVALID_PARAMETER and value is unchanged
// SetVariable() with MOR bit 0 set and invalid Attributes = NV + BS
//
DataSize = sizeof(MemoryOverwriteRequestControlData);
@@ -589,7 +599,7 @@ TCGMemoryOverwriteRequestControlSetVariable (
StandardLib,
Result,
gTCGMemoryOverwriteRequestTestFunctionAssertionGuid005,
- L"MemoryOverwriteRequestControl - SetVariable() with Attributes == NV returns EFI_INVALID_PARAMETER",
+ L"MemoryOverwriteRequestControl - SetVariable() returns EFI_INVALID_PARAMETER with invalid Attributes = (NV+BS)",
L"%a:%d:Status - %r",
__FILE__,
(UINTN)__LINE__,
@@ -617,7 +627,7 @@ TCGMemoryOverwriteRequestControlSetVariable (
StandardLib,
Result,
gTCGMemoryOverwriteRequestTestFunctionAssertionGuid006,
- L"MemoryOverwriteRequestControl - SetVariable() with Attributes == NV variable value remains unchanged",
+ L"MemoryOverwriteRequestControl - SetVariable() with invalid Attributes = (NV+BS), variable value remains unchanged",
L"%a:%d:Status - %r",
__FILE__,
(UINTN)__LINE__,
@@ -736,8 +746,8 @@ MORLOCK_SET_VARIABLE:
}
// MORLOCK SetVariable() to locked-without-key with valid GUID, variable name, Data, and DataSize
- // except for invalid Attributes value == 0
- // verify SetVariable() returns EFI_WRITE_PROTECTED and GetVariable() returns a Data Value == 0
+ // except for invalid Attributes value = 0
+ // verify SetVariable() returns EFI_WRITE_PROTECTED and GetVariable() returns a Data Value = 0
DataSize = sizeof(MemoryOverwriteRequestControlLockData);
Attributes = 0;
MemoryOverwriteRequestControlLockData = MOR_LOCK_DATA_LOCKED_WITHOUT_KEY;
@@ -759,7 +769,7 @@ MORLOCK_SET_VARIABLE:
StandardLib,
Result,
gTCGMemoryOverwriteRequestTestFunctionAssertionGuid007,
- L"MemoryOverwriteRequestControlLock - SetVariable() with Attributes == 0 returns EFI_WRITE_PROTECTED",
+ L"MemoryOverwriteRequestControlLock - SetVariable() returns EFI_WRITE_PROTECTED with invalid Attributes = 0",
L"%a:%d:Status - %r",
__FILE__,
(UINTN)__LINE__,
@@ -788,7 +798,7 @@ MORLOCK_SET_VARIABLE:
StandardLib,
Result,
gTCGMemoryOverwriteRequestTestFunctionAssertionGuid008,
- L"MemoryOverwriteRequestControlLock - Lock value remains unlocked",
+ L"MemoryOverwriteRequestControlLock - SetVariable() with invalid Attributes = 0, lock value remains unlocked",
L"%a:%d:Status - %r",
__FILE__,
(UINTN)__LINE__,
@@ -796,8 +806,8 @@ MORLOCK_SET_VARIABLE:
);
// MORLOCK SetVariable() to locked-without-key with valid GUID, variable name, Data, and Attributes
- // except for invalid DataSize == 0
- // verify SetVariable() returns EFI_WRITE_PROTECTED and GetVariable() returns a Data Value == 0
+ // except for invalid DataSize = 0
+ // verify SetVariable() returns EFI_WRITE_PROTECTED and GetVariable() returns a Data Value = 0
DataSize = 0;
Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
MemoryOverwriteRequestControlLockData = MOR_LOCK_DATA_LOCKED_WITHOUT_KEY;
@@ -819,7 +829,7 @@ MORLOCK_SET_VARIABLE:
StandardLib,
Result,
gTCGMemoryOverwriteRequestTestFunctionAssertionGuid009,
- L"MemoryOverwriteRequestControlLock - SetVariable() with DataSize == 0 returns EFI_WRITE_PROTECTED",
+ L"MemoryOverwriteRequestControlLock - SetVariable() returns EFI_WRITE_PROTECTED with DataSize = 0",
L"%a:%d:Status - %r",
__FILE__,
(UINTN)__LINE__,
@@ -848,7 +858,7 @@ MORLOCK_SET_VARIABLE:
StandardLib,
Result,
gTCGMemoryOverwriteRequestTestFunctionAssertionGuid010,
- L"MemoryOverwriteRequestControlLock - Lock value remains unlocked",
+ L"MemoryOverwriteRequestControlLock - SetVariable() with DataSize = 0, lock value remains unlocked",
L"%a:%d:Status - %r",
__FILE__,
(UINTN)__LINE__,
@@ -856,8 +866,8 @@ MORLOCK_SET_VARIABLE:
);
// MORLOCK SetVariable() to locked-without-key with valid GUID,
- // variable name, DataSize, and Attributes, except for Data == NULL
- // verify SetVariable() returns EFI_INVALID_PARAMETER and GetVariable() returns a Data Value == 0
+ // variable name, DataSize, and Attributes, except for Data = NULL
+ // verify SetVariable() returns EFI_INVALID_PARAMETER and GetVariable() returns a Data Value = 0
DataSize = sizeof(MemoryOverwriteRequestControlLockData);
Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
@@ -903,7 +913,7 @@ MORLOCK_SET_VARIABLE:
StandardLib,
Result,
gTCGMemoryOverwriteRequestTestFunctionAssertionGuid012,
- L"MemoryOverwriteRequestControlLock - Lock value remains unlocked",
+ L"MemoryOverwriteRequestControlLock - SetVariable() with Data as NULL, lock value remains unlocked",
L"%a:%d:Status - %r",
__FILE__,
(UINTN)__LINE__,
@@ -911,8 +921,8 @@ MORLOCK_SET_VARIABLE:
);
// MORLOCK SetVariable() to lock-without-key with valid GUID, variable name, Data, and DataSize
- // except for invalid Attributes != NV+BS+RT, this test will use invalid Attributes == NV + BS
- // verify SetVariable() returns EFI_INVALID_PARAMETER and GetVariable() returns a Data Value == 0
+ // except for invalid Attributes != NV+BS+RT, this test will use invalid Attributes = NV + BS
+ // verify SetVariable() returns EFI_INVALID_PARAMETER and GetVariable() returns a Data Value = 0
DataSize = sizeof(MemoryOverwriteRequestControlLockData);
Attributes = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS;
MemoryOverwriteRequestControlLockData = MOR_LOCK_DATA_LOCKED_WITHOUT_KEY;
@@ -934,7 +944,7 @@ MORLOCK_SET_VARIABLE:
StandardLib,
Result,
gTCGMemoryOverwriteRequestTestFunctionAssertionGuid013,
- L"MemoryOverwriteRequestControlLock - SetVariable() with Attributes == NV returns EFI_INVALID_PARAMETER",
+ L"MemoryOverwriteRequestControlLock - SetVariable() with invalid attributes = (NV+BS) returns EFI_INVALID_PARAMETER",
L"%a:%d:Status - %r",
__FILE__,
(UINTN)__LINE__,
@@ -963,7 +973,7 @@ MORLOCK_SET_VARIABLE:
StandardLib,
Result,
gTCGMemoryOverwriteRequestTestFunctionAssertionGuid014,
- L"MemoryOverwriteRequestControlLock - Lock value remains unlocked",
+ L"MemoryOverwriteRequestControlLock - SetVariable() with invalid attributes = (NV+BS), lock value remains unlocked",
L"%a:%d:Status - %r",
__FILE__,
(UINTN)__LINE__,
@@ -971,8 +981,8 @@ MORLOCK_SET_VARIABLE:
);
// MORLOCK SetVariable() to locked-without-key with valid GUID, variable name, Data, and Attributes
- // except for invalid DataSize != 1 && != 8, this test will use invalid DataSize == 5
- // verify SetVariable() returns EFI_INVALID_PARAMETER and GetVariable() returns a Data Value == 0
+ // except for invalid DataSize != 1 && != 8, this test will use invalid DataSize = 5
+ // verify SetVariable() returns EFI_INVALID_PARAMETER and GetVariable() returns a Data Value = 0
DataSize = 5;
Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
MemoryOverwriteRequestControlLockData = MOR_LOCK_DATA_LOCKED_WITHOUT_KEY;
@@ -994,7 +1004,7 @@ MORLOCK_SET_VARIABLE:
StandardLib,
Result,
gTCGMemoryOverwriteRequestTestFunctionAssertionGuid015,
- L"MemoryOverwriteRequestControlLock - SetVariable() with DataSize == 5 returns EFI_INVALID_PARAMETER",
+ L"MemoryOverwriteRequestControlLock - SetVariable() with DataSize = 5 returns EFI_INVALID_PARAMETER",
L"%a:%d:Status - %r",
__FILE__,
(UINTN)__LINE__,
@@ -1023,7 +1033,7 @@ MORLOCK_SET_VARIABLE:
StandardLib,
Result,
gTCGMemoryOverwriteRequestTestFunctionAssertionGuid016,
- L"MemoryOverwriteRequestControlLock - Lock value remains unlocked",
+ L"MemoryOverwriteRequestControlLock - SetVariable() with DataSize = 5, lock value remains unlocked",
L"%a:%d:Status - %r",
__FILE__,
(UINTN)__LINE__,
@@ -1688,7 +1698,7 @@ MORLOCK_LOCKED_STATE:
//
// Once locked-without-key, MOR cannot be deleted
- // SetVariable() call to set MOR with DataSize == 0 must return EFI_ACCESS_DENIED
+ // SetVariable() call to set MOR with DataSize = 0 must return EFI_ACCESS_DENIED
// MemoryOverwriteControlData is a don't care in this case
DataSize = 0;
Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
@@ -1719,3 +1729,662 @@ MORLOCK_LOCKED_STATE:
return EFI_SUCCESS;
}
+
+
+/**
+ * MemoryOverwriteRequestControlLock in locked-with-key state test
+ * When unlocked, a valid SetVariable() with an 8 byte key must return EFI_SUCCESS
+ * and the lock value must be 0x02 (MOR_LOCK_DATA_LOCKED_WITH_KEY), in order to
+ * unlock, the same 8 byte key must be passed.
+ *
+ * When locked with an 8 byte key, SetVariable() with the same 8 byte key
+ * must return EFI_SUCCESS and the Lock value must be 0x00 or MOR_LOCK_DATA_UNLOCKED.
+ *
+ * When locked with an 8 byte Key, SetVariable() with DataSize != 8 and
+ * Data = 0x01 (MOR_LOCK_DATA_LOCKED_WITHOUT_KEY) or 0x00 (MOR_LOCK_DATA_UNLOCKED)
+ * must return EFI_ACCESS_DENIED
+ * and value must still equal to 0x02 (MOR_LOCK_DATA_LOCKED_WITH_KEY).
+ *
+ * When locked with an 8 byte Key, SetVariable() with 8 byte key != key used to set
+ * the lock, in this case 0x11111111 (MOR_LOCK_TEST_KEY), must return EFI_ACCESS_DENIED
+ * and lock value must be updated to 0x01 (MOR_LOCK_DATA_LOCKED_WITHOUT_KEY)
+ * to prevent dictonary attack.
+ *
+ * @param StandardLib A pointer to EFI_STANDARD_TEST_LIBRARY_PROTOCOL
+ * instance.
+ * @param RecoveryLib A pointer to EFI_TEST_RECOVERY_LIBRARY_PROTOCOL
+ * instance.
+ * @param ResetData A pointer to the ResetData Buffer which is used throughout
+ * the test
+ * @return EFI_SUCCESS Successfully.
+ * @return Other value Something failed.
+ */
+EFI_STATUS
+TCGMemoryOverwriteRequestControlLockLockedWithKeyState (
+ IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib,
+ IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib,
+ IN RESET_DATA *ResetData
+ )
+{
+ EFI_STATUS Status;
+ EFI_TEST_ASSERTION Result;
+ UINTN DataSize;
+ UINT8 MemoryOverwriteRequestControlLockData;
+ UINTN MemoryOverwriteControlLockKeyValue;
+ UINT8 MemoryOverwriteRequestControlData;
+ UINT8 MemoryOverwriteRequestControlDataCached;
+ UINT32 Attributes;
+
+ //
+ // Check Step to see which part of test remains to be executed
+ //
+ switch (ResetData->Step) {
+ case 0:
+ goto INITIAL_RESET;
+ case 1:
+ goto MORLOCK_LOCKED_KEY_STATE;
+ default:
+ return EFI_INVALID_PARAMETER;
+ }
+
+INITIAL_RESET:
+ //
+ // Reset MORLOCK variable by performing a cold reset
+ //
+
+ ResetData->Step = 1;
+ ResetData->CheckpointStep = LOCK_WITH_KEY_STATE_TEST;
+ Status = RecoveryLib->WriteResetRecord (
+ RecoveryLib,
+ sizeof (RESET_DATA),
+ (UINT8*)ResetData
+ );
+ if (EFI_ERROR(Status)) {
+ StandardLib->RecordAssertion (
+ StandardLib,
+ EFI_TEST_ASSERTION_FAILED,
+ gTestGenericFailureGuid,
+ L"TestRecoveryLib - WriteResetRecord",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+ return Status;
+ }
+
+ SctPrint (L"System will cold reset after 1 second and test will be resumed after reboot.");
+ Status = gtBS->Stall(1000000);
+ if (EFI_ERROR(Status)) {
+ // Handle stall error
+ SctPrint(L"Error: Failed to stall the system.\n");
+ return Status;
+ }
+ gtRT->ResetSystem (
+ EfiResetCold,
+ EFI_SUCCESS,
+ 0,
+ NULL
+ );
+ SctPrint(L"Error: Failed to perform a cold reset.\n");
+ return EFI_DEVICE_ERROR;
+
+MORLOCK_LOCKED_KEY_STATE:
+ //
+ // MORLOCK Reboot system to clear lock, and invoke SetVariable() with valid 8 byte key
+ // In this case = 0x11111111, must return EFI_SUCCESS and GetVariable() value must = 0x02
+ //
+
+ DataSize = MOR_LOCK_WITH_KEY_SIZE;
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+ MemoryOverwriteControlLockKeyValue = MOR_LOCK_TEST_KEY;
+
+ Status = gtRT->SetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ Attributes, // Attributes
+ DataSize, // DataSize
+ &MemoryOverwriteControlLockKeyValue // Data
+ );
+ if (Status == EFI_SUCCESS) {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ } else {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid032,
+ L"MemoryOverwriteRequestControlLock - Setting to locked-with-key using key value = 0x11111111 when unlocked returns EFI_SUCCESS",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ DataSize = sizeof(MemoryOverwriteRequestControlLockData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+
+ Status = gtRT->GetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ &Attributes, // Attributes
+ &DataSize, // DataSize
+ &MemoryOverwriteRequestControlLockData // Data
+ );
+ if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData != MOR_LOCK_DATA_LOCKED_WITH_KEY)) {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ } else {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid033,
+ L"MemoryOverwriteRequestControlLock - Lock state is now locked-with-key with key value = 0x11111111",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ //
+ // Currently locked-with-key, invoke SetVariable() with the same valid 8 byte key used to lock
+ // In this case = 0x11111111, must return EFI_SUCCESS and GetVariable() value must = 0x00
+ //
+ DataSize = MOR_LOCK_WITH_KEY_SIZE;
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+ MemoryOverwriteControlLockKeyValue = MOR_LOCK_TEST_KEY;
+
+ Status = gtRT->SetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ Attributes, // Attributes
+ DataSize, // DataSize
+ &MemoryOverwriteControlLockKeyValue // Data
+ );
+ if (Status == EFI_SUCCESS) {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ } else {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid034,
+ L"MemoryOverwriteRequestControlLock - Unlocking the lock using key value = 0x11111111 when locked with the same key returns EFI_SUCCESS",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ DataSize = sizeof(MemoryOverwriteRequestControlLockData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+
+ Status = gtRT->GetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ &Attributes, // Attributes
+ &DataSize, // DataSize
+ &MemoryOverwriteRequestControlLockData // Data
+ );
+ if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData != MOR_LOCK_DATA_UNLOCKED)) {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ } else {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid035,
+ L"MemoryOverwriteRequestControlLock - Lock state is now unlocked",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ //
+ // Lock with same 8 byte key again, verify EFI_SUCCESS is returned
+ // unlock attempt: invoke SetVariable() with the same valid 8 byte
+ // key used to lock = 0x11111111, but with invalid DataSize = 1
+ // must return EFI_ACCESS_DENIED and GetVariable() value must remain = 0x02
+ //
+ DataSize = MOR_LOCK_WITH_KEY_SIZE;
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+ MemoryOverwriteControlLockKeyValue = MOR_LOCK_TEST_KEY;
+
+ Status = gtRT->SetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ Attributes, // Attributes
+ DataSize, // DataSize
+ &MemoryOverwriteControlLockKeyValue // Data
+ );
+ if (Status == EFI_SUCCESS) {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ } else {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid036,
+ L"MemoryOverwriteRequestControlLock - Setting to locked-with-key using key value = 0x11111111 when unlocked returns EFI_SUCCESS",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ DataSize = MOR_LOCK_NO_KEY_SIZE; // invalid datasize = 1
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+ MemoryOverwriteControlLockKeyValue = MOR_LOCK_TEST_KEY;
+
+ Status = gtRT->SetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ Attributes, // Attributes
+ DataSize, // DataSize
+ &MemoryOverwriteControlLockKeyValue // Data
+ );
+ if (Status == EFI_ACCESS_DENIED) {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ } else {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid037,
+ L"MemoryOverwriteRequestControlLock - Attempting to unlock by passing an invalid DataSize returns EFI_ACCESS_DENIED",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ DataSize = sizeof(MemoryOverwriteRequestControlLockData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+
+ Status = gtRT->GetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ &Attributes, // Attributes
+ &DataSize, // DataSize
+ &MemoryOverwriteRequestControlLockData // Data
+ );
+ if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData != MOR_LOCK_DATA_LOCKED_WITH_KEY)) {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ } else {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid038,
+ L"MemoryOverwriteRequestControlLock - Lock state is still locked-with-key with key value = 0x11111111",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ //
+ // invoke MORLOCK SetVariable() with Data value = 0x00 to change to unlocked
+ // must return EFI_ACCESS_DENIED and GetVariable() value must still = 0x02
+ //
+ DataSize = sizeof(MemoryOverwriteRequestControlLockData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+ MemoryOverwriteRequestControlLockData = MOR_LOCK_DATA_UNLOCKED;
+
+ Status = gtRT->SetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ Attributes, // Attributes
+ DataSize, // DataSize
+ &MemoryOverwriteRequestControlLockData // Data
+ );
+ if (Status == EFI_ACCESS_DENIED) {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ } else {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid039,
+ L"MemoryOverwriteRequestControlLock - Setting to unlocked when locked-with-key returns EFI_ACCESS_DENIED",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ DataSize = sizeof(MemoryOverwriteRequestControlLockData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+
+ Status = gtRT->GetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ &Attributes, // Attributes
+ &DataSize, // DataSize
+ &MemoryOverwriteRequestControlLockData // Data
+ );
+ if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData != MOR_LOCK_DATA_LOCKED_WITH_KEY)) {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ } else {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid040,
+ L"MemoryOverwriteRequestControlLock - Lock state is still locked-with-key with key value = 0x11111111",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ //
+ // invoke MORLOCK SetVariable() with Data value = 0x01 to change to locked-without-key
+ // must return EFI_ACCESS_DENIED and GetVariable() value must still = 0x02
+ //
+ DataSize = sizeof(MemoryOverwriteRequestControlLockData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+ MemoryOverwriteRequestControlLockData = MOR_LOCK_DATA_LOCKED_WITHOUT_KEY;
+
+ Status = gtRT->SetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ Attributes, // Attributes
+ DataSize, // DataSize
+ &MemoryOverwriteRequestControlLockData // Data
+ );
+ if (Status == EFI_ACCESS_DENIED) {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ } else {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid041,
+ L"MemoryOverwriteRequestControlLock - Setting to locked-without-key when locked-with-key returns EFI_ACCESS_DENIED",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ DataSize = sizeof(MemoryOverwriteRequestControlLockData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+
+ Status = gtRT->GetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ &Attributes, // Attributes
+ &DataSize, // DataSize
+ &MemoryOverwriteRequestControlLockData // Data
+ );
+ if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData != MOR_LOCK_DATA_LOCKED_WITH_KEY)) {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ } else {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid042,
+ L"MemoryOverwriteRequestControlLock - Lock state is still locked-with-key with key value = 0x11111111",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ //
+ // Once locked-with-key, MOR SetVariable() call to set MOR bit 0 must return EFI_ACCESS_DENIED
+ // and MOR value must not change
+ //
+ DataSize = sizeof(MemoryOverwriteRequestControlData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+ // getting current MOR value that will be used to check that the variable is unchanged
+ Status = gtRT->GetVariable (
+ L"MemoryOverwriteRequestControl", // VariableName
+ &gEfiMemoryOverwriteControlDataGuid, // VendorGuid
+ &Attributes, // Attributes
+ &DataSize, // DataSize
+ &MemoryOverwriteRequestControlData // Data
+ );
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ // caching MOR and setting the bit 0
+ MemoryOverwriteRequestControlDataCached = MemoryOverwriteRequestControlData;
+ MemoryOverwriteRequestControlData |= MOR_BIT_HIGH << MOR_CLEAR_MEMORY_BIT_OFFSET;
+
+ DataSize = sizeof(MemoryOverwriteRequestControlData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+
+ Status = gtRT->SetVariable (
+ L"MemoryOverwriteRequestControl", // VariableName
+ &gEfiMemoryOverwriteControlDataGuid, // VendorGuid
+ Attributes, // Attributes
+ DataSize, // DataSize
+ &MemoryOverwriteRequestControlData // Data
+ );
+ if (Status == EFI_ACCESS_DENIED) {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ } else {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid043,
+ L"MemoryOverwriteRequestControl - SetVariable() returns EFI_ACCESS_DENIED when MORLOCK is locked-with-key",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ DataSize = sizeof(MemoryOverwriteRequestControlData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+
+ Status = gtRT->GetVariable (
+ L"MemoryOverwriteRequestControl", // VariableName
+ &gEfiMemoryOverwriteControlDataGuid, // VendorGuid
+ &Attributes, // Attributes
+ &DataSize, // DataSize
+ &MemoryOverwriteRequestControlData // Data
+ );
+
+ // verifying that the variable has not been modified with SetVariable()
+ if (MemoryOverwriteRequestControlDataCached == MemoryOverwriteRequestControlData) {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ } else {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid044,
+ L"MemoryOverwriteRequestControl - After SetVariable(), MOR value remains unchanged when MORLOCK is locked-with-key",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ //
+ // Once locked-with-key, MOR cannot be deleted
+ // SetVariable() call to set MOR with DataSize = 0 must return EFI_ACCESS_DENIED
+ // MemoryOverwriteControlData is a don't care in this case
+ DataSize = 0;
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+
+ Status = gtRT->SetVariable (
+ L"MemoryOverwriteRequestControl", // VariableName
+ &gEfiMemoryOverwriteControlDataGuid, // VendorGuid
+ Attributes, // Attributes
+ DataSize, // DataSize
+ &MemoryOverwriteRequestControlData // Data
+ );
+ if (Status == EFI_ACCESS_DENIED || EFI_INVALID_PARAMETER) {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ } else {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid045,
+ L"MemoryOverwriteRequestControl - When MORLOCK is locked-with-key, an attempt to delete the MOR variable must return either EFI_ACCESS_DENIED or EFI_INVALID_PARAMETER",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ //
+ // When locked-with-key, in this case key = 0x11111111,
+ // SetVariable() with an invalid 8 byte key != 0x11111111, must return EFI_ACCESS_DENIED
+ // and lock must be updated to Locked without key (Data value = 0x01) to prevent dictonary attack
+ // The invalid key to be used to attempt unlock is = 0x22222222
+ //
+ DataSize = MOR_LOCK_WITH_KEY_SIZE;
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+ MemoryOverwriteControlLockKeyValue = MOR_LOCK_INVALID_TEST_KEY;
+
+ Status = gtRT->SetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ Attributes, // Attributes
+ DataSize, // DataSize
+ &MemoryOverwriteControlLockKeyValue // Data
+ );
+ if (Status == EFI_ACCESS_DENIED) {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ } else {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid046,
+ L"MemoryOverwriteRequestControlLock - Unlocking lock with invalid key != 0x11111111 returns EFI_ACCESS_DENIED",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ DataSize = sizeof(MemoryOverwriteRequestControlLockData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+
+ Status = gtRT->GetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ &Attributes, // Attributes
+ &DataSize, // DataSize
+ &MemoryOverwriteRequestControlLockData // Data
+ );
+ if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData != MOR_LOCK_DATA_LOCKED_WITHOUT_KEY)) {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ } else {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid047,
+ L"MemoryOverwriteRequestControlLock - Lock state is now locked-without-key",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ //
+ // MORLOCK has been updated to locked-without-key (Data value = 0x01) to prevent dictonary attack
+ // Now check to see if the lock can still be unlocked with the initial key used to set to lock-with-key state
+ // The key to be used to attempt unlock is = 0x11111111
+ //
+ DataSize = MOR_LOCK_WITH_KEY_SIZE;
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+ MemoryOverwriteControlLockKeyValue = MOR_LOCK_TEST_KEY;
+
+ Status = gtRT->SetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ Attributes, // Attributes
+ DataSize, // DataSize
+ &MemoryOverwriteControlLockKeyValue // Data
+ );
+ if (Status == EFI_ACCESS_DENIED) {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ } else {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid048,
+ L"MemoryOverwriteRequestControlLock - Attempt to unlock after dictionary attack mitigation returns EFI_ACCESS_DENIED",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ DataSize = sizeof(MemoryOverwriteRequestControlLockData);
+ Attributes = TCG_MOR_VARIABLE_ATTRIBUTES;
+
+ Status = gtRT->GetVariable (
+ L"MemoryOverwriteRequestControlLock", // VariableName
+ &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid
+ &Attributes, // Attributes
+ &DataSize, // DataSize
+ &MemoryOverwriteRequestControlLockData // Data
+ );
+ if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData != MOR_LOCK_DATA_LOCKED_WITHOUT_KEY)) {
+ Result = EFI_TEST_ASSERTION_FAILED;
+ } else {
+ Result = EFI_TEST_ASSERTION_PASSED;
+ }
+
+ StandardLib->RecordAssertion (
+ StandardLib,
+ Result,
+ gTCGMemoryOverwriteRequestTestFunctionAssertionGuid049,
+ L"MemoryOverwriteRequestControlLock - Lock state is still locked-without-key",
+ L"%a:%d:Status - %r",
+ __FILE__,
+ (UINTN)__LINE__,
+ Status
+ );
+
+ return EFI_SUCCESS;
+}
--
2.34.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#117525): https://edk2.groups.io/g/devel/message/117525
Mute This Topic: https://groups.io/mt/105416474/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [edk2-devel] PcdMemoryProfilePropertyMask declared as dynamic type
2024-04-09 4:45 ` [edk2-devel] [PATCH v5 4/6] uefi-sct/SctPkg: TCG MORLOCK Unlocked State Test Abhimanyu Singh
@ 2024-04-09 5:44 ` Yoshinoya
0 siblings, 0 replies; 9+ messages in thread
From: Yoshinoya @ 2024-04-09 5:44 UTC (permalink / raw)
To: devel
[-- Attachment #1: Type: text/plain, Size: 695 bytes --]
Hello,
PcdMemoryProfilePropertyMask declared as a PcdsFixedAtBuild type
It means user should recompile source code if he wants to change this pcd default value.
So, could we declare it as a PcdsDynamic type?
So, user could change PcdMemoryProfilePropertyMask's setting value through BIOS Setup UI or other method dynamically.
Thanks
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#117530): https://edk2.groups.io/g/devel/message/117530
Mute This Topic: https://groups.io/mt/105416946/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
[-- Attachment #2: Type: text/html, Size: 1440 bytes --]
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [edk2-devel] [PATCH v5 0/6] EDK2-TEST TCG MOR Tests
2024-04-09 4:45 [edk2-devel] [PATCH v5 0/6] EDK2-TEST TCG MOR Tests Abhimanyu Singh
` (5 preceding siblings ...)
2024-04-09 4:45 ` [edk2-devel] [PATCH v5 6/6] uefi-sct/SctPkg: TCG MORLOCK Locked with " Abhimanyu Singh
@ 2024-04-09 15:04 ` Sunny Wang
6 siblings, 0 replies; 9+ messages in thread
From: Sunny Wang @ 2024-04-09 15:04 UTC (permalink / raw)
To: devel@edk2.groups.io, Abhi Singh; +Cc: Sunny Wang
Thanks for addressing my comments, Abhi.
https://github.com/tianocore/edk2-test/pull/90
Reviewed-by: Sunny Wang <sunny.wang@arm.com>
-----Original Message-----
From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Abhimanyu Singh via groups.io
Sent: Monday, April 8, 2024 11:45 PM
To: devel@edk2.groups.io
Cc: Abhi Singh <Abhi.Singh@arm.com>
Subject: [edk2-devel] [PATCH v5 0/6] EDK2-TEST TCG MOR Tests
Updates after feedback from Sunny <sunny.wang@arm.com>
-updated several SCT assertion string outputs
-these were done make the assertions more descriptive
-fixed the issue in patch 5/6 that contained stray chars
from a merge
Patch series:
These tests support platform firmware that implement
MemoryOverwriteRequestControl & MemoryOverwriteRequestControlLock
UEFI variables in accordance with TCG PC Platform Reset Attack
Mitigation Specification.
The patches are split according to the six sections
documented in the SCT spec document referenced below.
SCT spec: https://bugzilla.tianocore.org/show_bug.cgi?id=4374
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4419
Abhi Singh (5):
uefi-sct/SctPkg: TCG MOR SetVariable Test
uefi-sct/SctPkg: TCG MORLOCK SetVariable Test
uefi-sct/SctPkg: TCG MORLOCK Unlocked State Test
uefi-sct/SctPkg: TCG MORLOCK Locked No Key State Test
uefi-sct/SctPkg: TCG MORLOCK Locked with Key State Test
Abhi.Singh (1):
uefi-sct/SctPkg: TCG Platform Reset Check Test
uefi-sct/SctPkg/UEFI/UEFI_SCT.dsc | 1 +
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTest.inf | 53 +
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h | 271 +++
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h | 137 ++
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c | 127 ++
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c | 2390 ++++++++++++++++++++
uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.c | 115 +
uefi-sct/SctPkg/CommonGenFramework.sh | 1 +
uefi-sct/SctPkg/Config/Data/Category.ini | 7 +
9 files changed, 3102 insertions(+)
create mode 100644 uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTest.inf
create mode 100644 uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h
create mode 100644 uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h
create mode 100644 uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c
create mode 100644 uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c
create mode 100644 uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.c
--
2.34.1
-=-=-=-=-=-=
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#117519): https://edk2.groups.io/g/devel/message/117519
Mute This Topic: https://groups.io/mt/105416468/5985097
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [Sunny.Wang@arm.com]
-=-=-=-=-=-=
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#117547): https://edk2.groups.io/g/devel/message/117547
Mute This Topic: https://groups.io/mt/105416468/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2024-04-09 15:05 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-04-09 4:45 [edk2-devel] [PATCH v5 0/6] EDK2-TEST TCG MOR Tests Abhimanyu Singh
2024-04-09 4:45 ` [edk2-devel] [PATCH v5 1/6] uefi-sct/SctPkg: TCG Platform Reset Check Test Abhimanyu Singh
2024-04-09 4:45 ` [edk2-devel] [PATCH v5 2/6] uefi-sct/SctPkg: TCG MOR SetVariable Test Abhimanyu Singh
2024-04-09 4:45 ` [edk2-devel] [PATCH v5 3/6] uefi-sct/SctPkg: TCG MORLOCK " Abhimanyu Singh
2024-04-09 4:45 ` [edk2-devel] [PATCH v5 4/6] uefi-sct/SctPkg: TCG MORLOCK Unlocked State Test Abhimanyu Singh
2024-04-09 5:44 ` [edk2-devel] PcdMemoryProfilePropertyMask declared as dynamic type Yoshinoya
2024-04-09 4:45 ` [edk2-devel] [PATCH v5 5/6] uefi-sct/SctPkg: TCG MORLOCK Locked No Key State Test Abhimanyu Singh
2024-04-09 4:45 ` [edk2-devel] [PATCH v5 6/6] uefi-sct/SctPkg: TCG MORLOCK Locked with " Abhimanyu Singh
2024-04-09 15:04 ` [edk2-devel] [PATCH v5 0/6] EDK2-TEST TCG MOR Tests Sunny Wang
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox