From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <lersek@redhat.com>
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=209.132.183.28; helo=mx1.redhat.com; envelope-from=lersek@redhat.com;
 receiver=edk2-devel@lists.01.org 
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 2227E21157FF1
 for <edk2-devel@lists.01.org>; Fri, 19 Oct 2018 05:35:58 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
 [10.5.11.15])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.redhat.com (Postfix) with ESMTPS id 61B563D95C;
 Fri, 19 Oct 2018 12:35:57 +0000 (UTC)
Received: from lacos-laptop-7.usersys.redhat.com (ovpn-121-18.rdu2.redhat.com
 [10.10.121.18])
 by smtp.corp.redhat.com (Postfix) with ESMTP id EE81D5D783;
 Fri, 19 Oct 2018 12:35:54 +0000 (UTC)
To: "Zeng, Star" <star.zeng@intel.com>, edk2-devel@lists.01.org
Cc: Vincent Zimmer <Vincent.Zimmer@intel.com>,
 Prasad Pandit <ppandit@redhat.com>, Steve McIntyre <93sam@debian.org>,
 Peter Jones <pjones@redhat.com>, Jiewen Yao <jiewen.yao@intel.com>,
 Michael Kinney <michael.d.kinney@intel.com>, Gary Lin <glin@suse.com>,
 Chao Zhang <chao.b.zhang@intel.com>, qin.long@intel.com
References: <1539657661-57656-1-git-send-email-star.zeng@intel.com>
 <75a8ff0b-dac9-dbb4-a792-1085a0b73699@redhat.com>
 <9e54939a-430e-7437-4388-d65f836e926b@redhat.com>
 <6903b57e-4547-723a-f21d-89c500df7801@intel.com>
From: Laszlo Ersek <lersek@redhat.com>
Message-ID: <5dc91625-affd-16eb-0e84-a10f08d60df8@redhat.com>
Date: Fri, 19 Oct 2018 14:35:53 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <6903b57e-4547-723a-f21d-89c500df7801@intel.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16
 (mx1.redhat.com [10.5.110.30]); Fri, 19 Oct 2018 12:35:57 +0000 (UTC)
Subject: Re: CVE-2018-3613 [was: MdeModulePkg Variable: Fix Timestamp zeroing issue on APPEND_WRITE]
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Oct 2018 12:35:59 -0000
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 8bit

On 10/19/18 09:09, Zeng, Star wrote:
> Hi Laszlo,
> 
> Cc Qin also. Qin and Chao are secure boot experts, I also had some talk
> with them.
> 
> On 2018/10/19 5:45, Laszlo Ersek wrote:
>> Hi All,
>>
>> On 10/16/18 04:41, Star Zeng wrote:
>>> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=415
>>>
>>> When SetVariable() to a time based auth variable with APPEND_WRITE
>>> attribute, and if the EFI_VARIABLE_AUTHENTICATION_2.TimeStamp in
>>> the input Data is earlier than current value, it will cause timestamp
>>> zeroing.
>>>
>>> This issue may bring time based auth variable downgrade problem.
>>> For example:
>>> A vendor released three certs at 2014, 2015, and 2016, and system
>>> integrated the 2016 cert. User can SetVariable() with 2015 cert and
>>> APPEND_WRITE attribute to cause timestamp zeroing first, then
>>> SetVariable() with 2014 cert to downgrade the cert.
>>>
>>> This patch fixes this issue.
>>>
>>> Cc: Jiewen Yao <jiewen.yao@intel.com>
>>> Cc: Chao Zhang <chao.b.zhang@intel.com>
>>> Cc: Jian J Wang <jian.j.wang@intel.com>
>>> Contributed-under: TianoCore Contribution Agreement 1.1
>>> Signed-off-by: Star Zeng <star.zeng@intel.com>
>>> ---
>>>   MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c | 2 ++
>>>   1 file changed, 2 insertions(+)
>>>
>>> diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
>>> b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
>>> index a2d61c8cd618..8e8db71bd201 100644
>>> --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
>>> +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
>>> @@ -2462,6 +2462,8 @@ UpdateVariable (
>>>           if (Variable->CurrPtr != NULL) {
>>>             if (VariableCompareTimeStampInternal
>>> (&(((AUTHENTICATED_VARIABLE_HEADER *)
>>> CacheVariable->CurrPtr)->TimeStamp), TimeStamp)) {
>>>               CopyMem (&AuthVariable->TimeStamp, TimeStamp, sizeof
>>> (EFI_TIME));
>>> +          } else {
>>> +            CopyMem (&AuthVariable->TimeStamp,
>>> &(((AUTHENTICATED_VARIABLE_HEADER *)
>>> CacheVariable->CurrPtr)->TimeStamp), sizeof (EFI_TIME));
>>>             }
>>>           }
>>>         }
>>>
>>
>> I believe I found a significant mitigating factor for this
>> vulnerability.
> 
> Very good analysis, I totally agree. :)
> 
> Yes, if the dbx signature(includes the "attribute" information) was
> generated with "APPEND" attribute (that is the case you are seeing),
> it's infeasible to apply the downgrade write since the signature
> includes the "attribute" information, the PKCS7 verification will block
> the direct write without "APPEND" attribute.
> 
> But there may be some initial dbx signature was generated without
> "APPEND" attribute. E.g. OEM may have some this kind of dbx. It should
> be rarely case, but I am not sure about that.
> 
> Another, similar situation is also for other authenticated variables
> (not PK/KEK/DB/DBX/DBT).

Makes sense, thanks.

Laszlo