From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Permerror (SPF Permanent Error: More than 10 MX records returned) identity=mailfrom; client-ip=134.134.136.31; helo=mga06.intel.com; envelope-from=chao.b.zhang@intel.com; receiver=edk2-devel@lists.01.org Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id B2F70221E068B for ; Wed, 13 Dec 2017 21:24:09 -0800 (PST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga008.jf.intel.com ([10.7.209.65]) by orsmga104.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 13 Dec 2017 21:28:50 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.45,399,1508828400"; d="scan'208";a="2653741" Received: from fmsmsx108.amr.corp.intel.com ([10.18.124.206]) by orsmga008.jf.intel.com with ESMTP; 13 Dec 2017 21:28:49 -0800 Received: from fmsmsx118.amr.corp.intel.com (10.18.116.18) by FMSMSX108.amr.corp.intel.com (10.18.124.206) with Microsoft SMTP Server (TLS) id 14.3.319.2; Wed, 13 Dec 2017 21:28:49 -0800 Received: from shsmsx103.ccr.corp.intel.com (10.239.4.69) by fmsmsx118.amr.corp.intel.com (10.18.116.18) with Microsoft SMTP Server (TLS) id 14.3.319.2; Wed, 13 Dec 2017 21:28:49 -0800 Received: from shsmsx102.ccr.corp.intel.com ([169.254.2.175]) by SHSMSX103.ccr.corp.intel.com ([169.254.4.213]) with mapi id 14.03.0319.002; Thu, 14 Dec 2017 13:27:57 +0800 From: "Zhang, Chao B" To: "Chen, Chen A" , "edk2-devel@lists.01.org" Thread-Topic: [PATCH] MdeModulePkg/Variable/RuntimeDxe: Modify function return status Thread-Index: AQHTbycotx80qVHNHkKcTN/1NfjKsaNCWjHA Date: Thu, 14 Dec 2017 05:27:55 +0000 Message-ID: References: <20171207064627.14040-1-chen.a.chen@intel.com> In-Reply-To: <20171207064627.14040-1-chen.a.chen@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ctpclassification: CTP_IC x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiNzBkMWQ4NWQtNTVlYy00ODdkLWIwMzgtMTdmYmEyNjRkZmE5IiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX0lDIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjIuNS4xOCIsIlRydXN0ZWRMYWJlbEhhc2giOiI4dkxqRDNBWTJvSVhCRk9EOVBJTnBUMmJHR1ZBRnZBQTdYZTBsMkFKK3N2N2pHSFwvaFZoQXhSZDArbG9BdXE5ZCJ9 dlp-product: dlpe-windows dlp-version: 11.0.0.116 dlp-reaction: no-action x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [PATCH] MdeModulePkg/Variable/RuntimeDxe: Modify function return status X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Dec 2017 05:24:09 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by : Chao Zhang -----Original Message----- From: Chen, Chen A=20 Sent: Thursday, December 7, 2017 2:46 PM To: edk2-devel@lists.01.org Cc: Chen, Chen A ; Zhang, Chao B Subject: [PATCH] MdeModulePkg/Variable/RuntimeDxe: Modify function return s= tatus Make VariableServiceSetVariable and VariableServiceQueryVariableInfo functi= ons return status following UEFI 2.7 spec. Cc: Zhang Chao Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: chenc2 --- .../Universal/Variable/RuntimeDxe/Variable.c | 26 ++++++++++++++++--= ---- 1 file changed, 19 insertions(+), 7 deletions(-) diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c b/MdeMod= ulePkg/Universal/Variable/RuntimeDxe/Variable.c index f39be6b0b4..d7128fe105 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c @@ -3145,7 +3145,11 @@ VariableServiceSetVariable ( // Make sure if runtime bit is set, boot service bit is set also. // if ((Attributes & (EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVIC= E_ACCESS)) =3D=3D EFI_VARIABLE_RUNTIME_ACCESS) { - return EFI_INVALID_PARAMETER; + if ((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) !=3D 0) { + return EFI_UNSUPPORTED; + } else { + return EFI_INVALID_PARAMETER; + } } else if ((Attributes & VARIABLE_ATTRIBUTE_AT_AW) !=3D 0) { if (!mVariableModuleGlobal->VariableGlobal.AuthSupport) { // @@ -3168,15 +3172,16 @@ VariableServiceSetVariable ( // if (((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) =3D=3D EFI_V= ARIABLE_AUTHENTICATED_WRITE_ACCESS) && ((Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS)= =3D=3D EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS)) { - return EFI_INVALID_PARAMETER; + return EFI_UNSUPPORTED; } =20 if ((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) =3D=3D EFI_VA= RIABLE_AUTHENTICATED_WRITE_ACCESS) { - if (DataSize < AUTHINFO_SIZE) { - // - // Try to write Authenticated Variable without AuthInfo. - // - return EFI_SECURITY_VIOLATION; + // + // If DataSize =3D=3D AUTHINFO_SIZE and then PayloadSize is 0. + // Maybe it's the delete operation of common authenticated variable a= t user physical presence. + // + if (DataSize !=3D AUTHINFO_SIZE) { + return EFI_UNSUPPORTED; } PayloadSize =3D DataSize - AUTHINFO_SIZE; } else if ((Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACC= ESS) =3D=3D EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) { @@ -3522,= 6 +3527,13 @@ VariableServiceQueryVariableInfo ( return EFI_INVALID_PARAMETER; } =20 + if ((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) !=3D 0) { + // + // Deprecated attribute, make this check as highest priority. + // + return EFI_UNSUPPORTED; + } + if ((Attributes & EFI_VARIABLE_ATTRIBUTES_MASK) =3D=3D 0) { // // Make sure the Attributes combination is supported by the platform. -- 2.13.2.windows.1