From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by mx.groups.io with SMTP id smtpd.web08.9802.1638525227243780692 for ; Fri, 03 Dec 2021 01:53:47 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=mwzCqTFX; spf=pass (domain: intel.com, ip: 192.55.52.88, mailfrom: dandan.bi@intel.com) X-IronPort-AV: E=McAfee;i="6200,9189,10186"; a="260956269" X-IronPort-AV: E=Sophos;i="5.87,283,1631602800"; d="scan'208";a="260956269" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 03 Dec 2021 01:53:46 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.87,283,1631602800"; d="scan'208";a="655899956" Received: from fmsmsx604.amr.corp.intel.com ([10.18.126.84]) by fmsmga001.fm.intel.com with ESMTP; 03 Dec 2021 01:53:46 -0800 Received: from fmsmsx607.amr.corp.intel.com (10.18.126.87) by fmsmsx604.amr.corp.intel.com (10.18.126.84) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.20; Fri, 3 Dec 2021 01:53:46 -0800 Received: from fmsmsx605.amr.corp.intel.com (10.18.126.85) by fmsmsx607.amr.corp.intel.com (10.18.126.87) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.20; Fri, 3 Dec 2021 01:53:45 -0800 Received: from fmsedg601.ED.cps.intel.com (10.1.192.135) by fmsmsx605.amr.corp.intel.com (10.18.126.85) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.20 via Frontend Transport; Fri, 3 Dec 2021 01:53:45 -0800 Received: from NAM02-SN1-obe.outbound.protection.outlook.com (104.47.57.44) by edgegateway.intel.com (192.55.55.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2308.20; Fri, 3 Dec 2021 01:53:07 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=f/i+gEw1FzT0Xw+rPqRAcYsXfKEM8nXqVvD1v1Tfx0AYXpJThbKrt2CnXcZUhbG4pp6fCwaSwm350z2BI//7mwuneaPTdEFc4YLujlTkaCyz+Pnjn13WINHXx20vjc1USaLGGoI0og/L8WSzuS5ymzQhAWYrp0U1LJ1B9im1Q/KQCEwgNjghgR/uXZWPfz/FoI2H3JcMnTugcSXPxW5HjJ6yoB8BbB+XCvXKYqpS7HXrt74/t2bdgX3McBBnTN59Bkq/6oaO1RKFy7TDuqIlwk0WUVkHe/r/+DiukU9XpDYCTaSmEKpYtvH8f71OZwptfKTjQpPtaVBzFnv8nrW83A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=H0ouBQvPaLSCFCKOWfG0tFnyNfpdt2iPItoCM0Lzlk8=; b=iT7uBGlpY1Gq7CrF6iRWDm/rGGrmIZdEyjwc26csgZt8ptHGdnU5fbZNXHGUELl5WV8dyGS0KO1SEwjtsFwFlPtFfe31R43cT+5x/WuMPfehS6MC9aHgpS7uXvWGrrp+V9rlHGEerJMQgRad4Gh8Bo8vbP+FdlTFttoM9CBZoNmk5mklOebuZDs61cRBYh8WczImtolzH4a4YHAhacarrHWpFUhB3keQC9DzDFIBda3PveztET/Y5yCjK0TaZE96LqlQfOES3KXcAj5AsViHhkfnkvBai+pTfNnfHqJTTMJeC/fCbXuVI5A5fw+/tpO4qu3CPuIAJu4kSpMPn9A7+w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=H0ouBQvPaLSCFCKOWfG0tFnyNfpdt2iPItoCM0Lzlk8=; b=mwzCqTFXj5jSF4v+NWHR5DacBE+/wkm4vSNwRwwuizoRQBwKSDuxH81Y0rI1sHIwbhiLq4WZVNwV8B5aNh4qU9rY5frZLS+38ToKJcSyf2Atxs7Aj12Maf99bnwK8Iykncxt9g7YZYDA5sEJpx9WrRKB7zNw7bqe/MVy0OaKSn0= Received: from DM4PR11MB5453.namprd11.prod.outlook.com (2603:10b6:5:398::15) by DM6PR11MB3612.namprd11.prod.outlook.com (2603:10b6:5:13b::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4734.23; Fri, 3 Dec 2021 09:53:07 +0000 Received: from DM4PR11MB5453.namprd11.prod.outlook.com ([fe80::2d57:4233:5c9f:df7b]) by DM4PR11MB5453.namprd11.prod.outlook.com ([fe80::2d57:4233:5c9f:df7b%9]) with mapi id 15.20.4734.023; Fri, 3 Dec 2021 09:53:07 +0000 From: "Dandan Bi" To: "Desimone, Nathaniel L" , "devel@edk2.groups.io" CC: Liming Gao , "Jadhav, Manoj D" , "Chiu, Chasel" Subject: Re: [edk2-platforms] [PATCH v1] UserAuthFeaturePkg: VerifyPassword() allows one extra password attempt Thread-Topic: [edk2-platforms] [PATCH v1] UserAuthFeaturePkg: VerifyPassword() allows one extra password attempt Thread-Index: AQHX5wYIZWe65Em1J02a6YhfVqEFi6wgiPaQ Date: Fri, 3 Dec 2021 09:53:06 +0000 Message-ID: References: <20211201225132.1211-1-nathaniel.l.desimone@intel.com> In-Reply-To: <20211201225132.1211-1-nathaniel.l.desimone@intel.com> Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 5487f19c-e4f8-4b81-a9a2-08d9b642b4fa x-ms-traffictypediagnostic: DM6PR11MB3612: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:6108; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: WuUmkarOEphIFBKHxYNt72aKptAoEWs8/y+OncJj0nkk+XPDnBd+D0zsszfn6LK4BL3uaS/YTW7WZLYfje9CPv5CBGmQCgKZFqSDQBuBY6ryPsbXFH+N9/XUcHVIxnVYh2KfpQgti57IwdXNrn0xIa0xNvRQJFcaapBj/VG3olxAFqeRy5p/8Zv9VZBChm1Ev2jTaIPFyZ40F74hLgbwo/eVm5b/6AkKmY/FsuqwJW+OrhiDuUs5+R6ARnir3unqNUalxzMkFsN310FMoS7SThrrM4abl53wnVClOf2oDFdDOY8mu28MN1kjtqYr/NtoP0Nghc23gACD+ShtdY9S9C6igZLF+rNAJvZDyCIeRixmNZLu+E1kZS/KUt5guaPT1wgRdl2bMW1ChI3r3Sb3LiELfcHNyBeRcOhD8CZIXSDgnkJ3uLPuMYw9w/IK32gDQRIeeqr9RrR4tXQqLLdEi6D4gG4gvZu9XW88vWGVgqFU3s8i0dCp8oh5uOmx+IrXq6Y2x5QrzZ89A1Y04g5nOa2uzblzt7Q5PYB057s5M4EzNt5bD7Eit2Dhg9O4JFpkPTVz3p8stIFowS0/X2irdO6DwdKN+O7298a3AZ8hYPJ7SUZCEHWykx4DkXrMdk994GnbceEOCymw4tFG9CyGBuQsY9ACctH4696NY2/iYukw9hchtsy1QWQpdo+ImMT9OuVjtvfqIbH7s+yQH6Ud/H27XvLPQTL5dZbA1VvQW/ouFVWxG52U+4qn5SW+fae4lE5D0/EmjLJsp6rr0RvybbLT2F9YfBJP7PDZ/cJSfAA= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM4PR11MB5453.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(366004)(55016003)(54906003)(966005)(110136005)(5660300002)(2906002)(82960400001)(316002)(38100700002)(38070700005)(86362001)(33656002)(4326008)(66446008)(15650500001)(8936002)(8676002)(186003)(76116006)(122000001)(6506007)(83380400001)(64756008)(26005)(107886003)(9686003)(66946007)(66556008)(66476007)(508600001)(71200400001)(53546011)(52536014)(7696005);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?k3pXT8c+DY12En7s8yjVuBeTG8vtO+jXmRtWBZCUctVStzSzJKU//h/e+9Re?= =?us-ascii?Q?5TZC1O0L3EYAoqcBy+hKZ0yy0+sWMB/4zbx+eyshhpHjSRor6YVawubN3K49?= =?us-ascii?Q?gsZgM4e9TvSlHf+shCJejbIxD572cQf6vFouiYdXp6tiPz6O6xkRrytHI08U?= =?us-ascii?Q?PxsDs+Z7gY1WWAiW3stjZqPj3L0rl2YbSgLGI/BCtqWU5fQQikIughuH1GfJ?= =?us-ascii?Q?fnMLD4EcQ/Iz0rvqUgjTUgR2tQ/1cNtES+iphltUuRqyRKfsbP5opNWErxjT?= =?us-ascii?Q?OUfvyUkSWyUHM/r11MOW2mqH5snZF5SFvo/vn/tkv30pKMhDVtXZqdnUWq5+?= =?us-ascii?Q?Ph+7PY6hwCVjSReAyVxcFXq39EG2ZUzg6pDBzg+ZRga1rdn/nTyhf9mDtt9J?= =?us-ascii?Q?kIH94mtmwCOc0jciyAiR0dygXCXnCCxMaOQ3nzo2hpW7eo4K1BpUfB0W24Ox?= =?us-ascii?Q?CRV3rALm5P4JvW697MtGg9D9luE2jmX59zGMLEckYbIoezNwl1NEDsKDddQe?= =?us-ascii?Q?9CDQAg/9ygNeC/lLth/HsDOVL0J0idMicatsWHJqhqsMna2uuig+FFzJve3k?= =?us-ascii?Q?FT/x0UjwlfNgPzYj+dn0NoLK0anPLX25AL9GYhDqnalDvIciuaWhhFH7HeRS?= =?us-ascii?Q?4kzSAMQwf6ffajbOl0kQNkl+VuYVweJnBAFfuzCwKy+L3M6Cy1j7d4tBkEdO?= =?us-ascii?Q?QBmME5IMPZ9hbch+EqKuWYkg8uq5hYBe1m+VTMB5WxAAYUrI1c0nU9yE6Yf7?= =?us-ascii?Q?NH01f1TaYMTmeeSA0zYxoKIqiyt1/ND+YSBgl8Wfn9vL0KEQVwlxIbgzGvjj?= =?us-ascii?Q?QOCfAOH0JNMuweygejVFQ5Z9gwOVClwdXutQp5Mk0Ngmn06yjzjt4CQJj2/3?= =?us-ascii?Q?6gGsGLs6vIQyXMTLlEToSQWk9mLq8nBvrCoch2QG7E2cFbB8GImJ7XTqePqs?= =?us-ascii?Q?o0g1RfXdmSoht3aY+PWZLztauScmKlKrPpi/Hw07JJ9LbaIaXL1LFaf9z33F?= =?us-ascii?Q?5p00/Yr2VmuKLZFgIMaxk1E8lTbBG9+71PgxHRmDP63c8UgaBEA74TnePKVc?= =?us-ascii?Q?1RxF27rQGQhkXllPMExeiGvokIhEi2mBTHVWIhLaHqSFcnZF1QVIGExNy+6N?= =?us-ascii?Q?uqNPeP1Scc6fIvuACw/aaYZMYshsWQ0hYRisvAQWFrDY6is2huoe8UE+12dT?= =?us-ascii?Q?gF115VVa4NciVo/hwA6ToCNRYTjYnYy+rwwIa2YH6EbmzN22MvbcrkGFP9b6?= =?us-ascii?Q?1PHljO7UaUVK6NGk3AhDRjzN0l1IaaCGpBiU6TjkF5w7pcyrwSqvFhx7HC/d?= =?us-ascii?Q?AnVKeXZukzGLR5NMweP091A1rDWciyY6nzz86+hFqtAuWCJ/I7x0NTP3Nt9s?= =?us-ascii?Q?bVGwGewGBig11tmkvHPpMYkkOq8SelYSxE+mhAQ3ve5mipEExuKkkAVREr4a?= =?us-ascii?Q?kt+Kk/d2MfPetZuL3S0hEPragfCsaCwOCXw9OqFl8SCNKuB+6sjKUCIoHcCr?= =?us-ascii?Q?/4kOyMl4kN0jabsWYblGsyHeQ2PnoYrVihz2ERKlyCX1O0iu6tII1GgB4o2g?= =?us-ascii?Q?BQW9tvJ123QrU7VUnQv2xqaYg4qHuyCVz+k4R8M7qyYXQ3RSB7yPv6LrVJtR?= =?us-ascii?Q?Mg=3D=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: DM4PR11MB5453.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 5487f19c-e4f8-4b81-a9a2-08d9b642b4fa X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Dec 2021 09:53:06.8446 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: 8ULAfrWPWnhEg7hn2lWXom7Y2/oIj4uzpUbGzA8li1R5/pKpntEPY3SWnadHh7+7DRpvcYgGCZ3YHr2KIndagQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR11MB3612 Return-Path: dandan.bi@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Dandan Bi Thanks, Dandan > -----Original Message----- > From: Desimone, Nathaniel L > Sent: Thursday, December 2, 2021 6:52 AM > To: devel@edk2.groups.io > Cc: Bi, Dandan ; Liming Gao > ; Jadhav, Manoj D > ; Chiu, Chasel > Subject: [edk2-platforms] [PATCH v1] UserAuthFeaturePkg: VerifyPassword() > allows one extra password attempt >=20 > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3756 >=20 > If the password provided by the user is incorrect, then the VerifyPasswor= d() > function is supposed to return EFI_SECURITY_VIOLATION if the user has not > exceeded the maximum number of password guesses (currently set to 3). If > the number of password guesses has been exceeded, then VerifyPassword() > shall return EFI_ACCESS_DENIED. UserAuthenticationDxe uses > EFI_ACCESS_DENIED as the signal that the number of guesses has been > exceeded for the purposes of triggering a forced reboot. >=20 > VerifyPassword() checks if the number of password guess attempts has > exceeded the maximum allowed before checking if the current password > guess is correct. If it has, then VerifyPassword() immediately returns > EFI_ACCESS_DENIED. This behavior is correct since it is possible for > VerifyPassword() to be called again after the maximum number of attempts > has been exceeded. However, if the user guesses incorrectly, then > VerifyPassword() will always return EFI_SECURITY_VIOLATION. This is where > the bug is. It is possible that after the current attempt, the maximum al= lowed > number of attempts is exceeded. Therefore, > VerifyPassword() should check the number of attempts again, after checkin= g > if the password is correct. >=20 > Cc: Dandan Bi > Cc: Liming Gao > Cc: Jadhav Manoj D > Cc: Chasel Chiu > Signed-off-by: Nate DeSimone > --- > .../UserAuthenticationSmm.c | 14 ++++++++++++-- > 1 file changed, 12 insertions(+), 2 deletions(-) >=20 > diff --git > a/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthenticationDx > eSmm/UserAuthenticationSmm.c > b/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthenticationDx > eSmm/UserAuthenticationSmm.c > index c24c3c47a5..16e3405a82 100644 > --- > a/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthenticationDx > eSmm/UserAuthenticationSmm.c > +++ > b/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthentication > +++ DxeSmm/UserAuthenticationSmm.c > @@ -504,7 +504,12 @@ SmmPasswordHandler ( >=20 > if (!IsPasswordVerified (UserGuid, > SmmCommunicateSetPassword.OldPassword, PasswordLen + 1)) { > DEBUG ((DEBUG_ERROR, "SmmPasswordHandler: PasswordVerify - > FAIL\n")); > - Status =3D EFI_SECURITY_VIOLATION; > + if (*PasswordTryCount >=3D PASSWORD_MAX_TRY_COUNT) { > + DEBUG ((DEBUG_ERROR, "SmmPasswordHandler: SET_PASSWORD try > count reach!\n")); > + Status =3D EFI_ACCESS_DENIED; > + } else { > + Status =3D EFI_SECURITY_VIOLATION; > + } > goto EXIT; > } >=20 > @@ -554,7 +559,12 @@ SmmPasswordHandler ( > } > if (!IsPasswordVerified (UserGuid, > SmmCommunicateVerifyPassword.Password, PasswordLen + 1)) { > DEBUG ((DEBUG_ERROR, "SmmPasswordHandler: PasswordVerify - > FAIL\n")); > - Status =3D EFI_SECURITY_VIOLATION; > + if (*PasswordTryCount >=3D PASSWORD_MAX_TRY_COUNT) { > + DEBUG ((DEBUG_ERROR, "SmmPasswordHandler: VERIFY_PASSWORD > try count reach!\n")); > + Status =3D EFI_ACCESS_DENIED; > + } else { > + Status =3D EFI_SECURITY_VIOLATION; > + } > goto EXIT; > } > mPasswordVerified =3D TRUE; > -- > 2.27.0.windows.1