From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by mx.groups.io with SMTP id smtpd.web11.5872.1638925011195975260 for ; Tue, 07 Dec 2021 16:56:51 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=IEEeTgGH; spf=pass (domain: intel.com, ip: 192.55.52.43, mailfrom: nathaniel.l.desimone@intel.com) X-IronPort-AV: E=McAfee;i="6200,9189,10191"; a="323982931" X-IronPort-AV: E=Sophos;i="5.87,295,1631602800"; d="scan'208";a="323982931" Received: from orsmga005.jf.intel.com ([10.7.209.41]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Dec 2021 16:56:50 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.87,295,1631602800"; d="scan'208";a="679681138" Received: from orsmsx602.amr.corp.intel.com ([10.22.229.15]) by orsmga005.jf.intel.com with ESMTP; 07 Dec 2021 16:56:49 -0800 Received: from orsmsx604.amr.corp.intel.com (10.22.229.17) by ORSMSX602.amr.corp.intel.com (10.22.229.15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.20; Tue, 7 Dec 2021 16:56:49 -0800 Received: from ORSEDG602.ED.cps.intel.com (10.7.248.7) by orsmsx604.amr.corp.intel.com (10.22.229.17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.20 via Frontend Transport; Tue, 7 Dec 2021 16:56:49 -0800 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (104.47.59.169) by edgegateway.intel.com (134.134.137.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2308.20; Tue, 7 Dec 2021 16:56:48 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WL3FTapZOgtPcsBe+owJvad8GP7A7EG5ctTqwMZXfft/YNmzSKsbv+1r/kUdTmq9Tb09abjMhwxepxpvYo7uQl5BhOhKlmALEgonj31HCQeMJWOrpYrxkPirzYZHRob7Id9QuGZDG7f2+fcHcfJt3/DuM7ahR83/3swZl7KywD9KC13GzYtG5xrtPyYBwpyC1jLX0b+ZukQUPQEomLsqRs/G8RQZwdegrzsOIKwoJ01ZzJ218VK0ZnFVOG70S2pdB2NFtGDBIxSD3kFHSGLfP0N52rwixNkdz4HPQGaAvxGyaI3zVUCtNst1w8VujRgwS88tC2v5zLrjJRpGfBmQlA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=0BN8gBBqEpKwaSQ/pJcpGUfsF+YP5R8arUJJjTDzDVo=; b=f+mq9v8Ixs3BoFs8Pgod/hWpfHRCB8GLJUoqK9Vr29mwLFMgnhbs/rXnyHk/HpZcmuuvy2XLDhNHMH33XxEJDyBkJnSZOQILJCYQ/qSAYCB9uL9vEc1HB1aoO18PFoahKGhZGDouug6k3Fcn88cCNKaY0du6XvnkG+VrANwoVLUgnaFy9lENU7fY8UB765/GQeE4plLas65qy24yTF/+U2tAdp4BN856RN6GFBuL0QWkbU6Icp0scTMufKmhV3Yi+JZTGX/MFCWflglXeGgoysHNhXbYahlulDvsTB0g8FcAu/Q4mWNadiXZXo80zhMqTydwe8Z75Or3mtOcVKrfQA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0BN8gBBqEpKwaSQ/pJcpGUfsF+YP5R8arUJJjTDzDVo=; b=IEEeTgGHLwfeqj8jsburAAHFkmVsW14UDQgMpHT6Uo4rXxy97kSUSczGxXvmW+8SqcmvRAYey168aHPfAAN1XqwEvEWa455oO6akqaaSkQMdeDUtbc7onvLprA+szMW6ryRw/sjG/QbgbObsmF6CA2JGap5+gxLu+DLh6RDJ9J0= Received: from MW4PR11MB5821.namprd11.prod.outlook.com (2603:10b6:303:184::5) by MW3PR11MB4666.namprd11.prod.outlook.com (2603:10b6:303:56::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4755.20; Wed, 8 Dec 2021 00:56:42 +0000 Received: from MW4PR11MB5821.namprd11.prod.outlook.com ([fe80::6920:39b9:e18c:9dc5]) by MW4PR11MB5821.namprd11.prod.outlook.com ([fe80::6920:39b9:e18c:9dc5%5]) with mapi id 15.20.4755.022; Wed, 8 Dec 2021 00:56:42 +0000 From: "Nate DeSimone" To: "devel@edk2.groups.io" , "Desimone, Nathaniel L" CC: "Bi, Dandan" , Liming Gao , "Jadhav, Manoj D" , "Chiu, Chasel" Subject: Re: [edk2-devel] [edk2-platforms] [PATCH v1] UserAuthFeaturePkg: VerifyPassword() allows one extra password attempt Thread-Topic: [edk2-devel] [edk2-platforms] [PATCH v1] UserAuthFeaturePkg: VerifyPassword() allows one extra password attempt Thread-Index: AQHX5wYJqy7pu4q0M0GUDyw6x/qtiawnzrHg Date: Wed, 8 Dec 2021 00:56:42 +0000 Message-ID: References: <16BCC34EE6738518.10763@groups.io> In-Reply-To: <16BCC34EE6738518.10763@groups.io> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-reaction: no-action dlp-version: 11.6.200.16 dlp-product: dlpe-windows authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 737bb666-6856-4543-65c9-08d9b9e599ab x-ms-traffictypediagnostic: MW3PR11MB4666:EE_ x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:1332; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: DxDtQsGHH3J1yGhBz8AonpUgHHqHVWgw51o6MmlrRXLOKHZMFQtFKICCvUir+i020ZNet5yldBsdWXuPnQUSNEVj5CaeyTKC5Wy0SxvUxcgzsnQ+k67ogG4jOEZVtvlkN1UUV1wt5wFyGTYOSeUzMG5QsAwpgfiA+C6K+idrAHkxS9z533WSuGuArHQqcBLyOVM5eyk/XFVWdIPFeJws2jDqknbjxkoBgReeNIRQ45Os0CzM3o5tI1EoNV4t+xRNc1XlOstcvzbuhf/McK7gL+MyFSIQuQGmVADZ59REN/TwwDCb19EAiXxFe9sbUiobWsmzTp/Cs8RtRmE7d5sIbR7dOcsOdjiGF933/N7N25sq7Tno1XtK2i/Z1zGhp+IljEaZCq7d8nNHhId6N/Cj096qPVbYW5qS5kgn7JYTaQf68JjA1K6Y96RV7WfN7+HorrrAl78eKg5TC3VGmm2K5Hf8yM1g96+RX8JtkeRDeGUCwDwuTsl6VIeeMuvaHxyN+lxuH0XzuRoCLHX64myLJiVuBh/NlfebDm3r2jO9EqHpK6sQIETaxh1NFuGhGTWbV/0Ba1ffDqNfagbgjoRf1Eo+/c228jqyJYJ4VmFmSSac5OTB08wAu0GkuqdPBeW3U+2w0eTfAU1JOpUyqwGR8rUMYi27nx8E+ql5uSG1vozvDZxHqrYNHVsr8dtYWRGYAf1HlEG0xVv+ehEsmXxDK3ixcc+UL404kg0lRUuygp85ehxgoipNMNEBNSRweZQX/n9gsQRbWx/IyQS8eMVBg2qPztn89ZR1xS+g+Hw17wN6ANUqmW+if1OiCTUhoUg0PbRNXM+E9F2iTkBO+sS3fw== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MW4PR11MB5821.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(366004)(7696005)(9686003)(38070700005)(52536014)(4326008)(15650500001)(8936002)(33656002)(122000001)(8676002)(82960400001)(53546011)(2906002)(6506007)(66946007)(5660300002)(64756008)(38100700002)(26005)(107886003)(966005)(186003)(66446008)(110136005)(55016003)(54906003)(66556008)(71200400001)(66476007)(86362001)(18074004)(76116006)(316002)(83380400001)(508600001);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?A3/wHHPPeikLR55Bp36hnVBIuuimzz38ns5lOCKePMalGGZs6c9cKeZWj0p7?= =?us-ascii?Q?UWrnX+amG5Zlq/tNQCMRX4VZCAF2qia0sqpm0JHWTtrSBW9Yzr1O2ulJl1SO?= =?us-ascii?Q?w0KxLIUlFWygn8v5yvNRMXKgzsYJnio4+arX5k4I8fRCk7tws7jxr2zQyRTB?= =?us-ascii?Q?9NuRCgOsq65hn0L2oORAje3ZF1Bd5TrKfdn0qFz/Hx/3BXgTybFWhfdfD3V0?= =?us-ascii?Q?jSKFapbxA736tvU8DoBwDUHd4E3flnceihMzVWTX1ktwPs76JqPSB0ZaSxd0?= =?us-ascii?Q?lzGNVOjR4VH95HMSb4ds/D3HEPUK0oYgEW/Np0M5fQfrP5YZVRKB1BcDUj2z?= =?us-ascii?Q?k2rGsexgpMRCODDmsuphYvPcO4oIvZnOeTCFGDKw3DmCsP2/gUw8HQ9HtUUs?= =?us-ascii?Q?jHA8mQf58CZiLileMahhA2TDd4xvVB6wv/rZ8+BanN6PzMoysV2CktEGWGYD?= =?us-ascii?Q?1Nb7ojdG1pQqQy0vOOqY46ONQfG7odEWqCXX7sSTOEUmLIjJRp0rKTE2CERa?= =?us-ascii?Q?tWk3EvewWzJI75C7/cbIOqjGScklm3dKLMRqHO8hMAltC0H9McXLXuVihRWG?= =?us-ascii?Q?rSdyrW0MWs1Ia5BIxQc9Nfh0FsqOC/8K70wAnZ9RDWUQ9KENgQmT1oxwFgnw?= =?us-ascii?Q?TbxvuVVbICHrwIT6Zhc3qkCy7rLl8iI2pdDH4n8pAuqGPuQSdXkgCEJj9UR1?= =?us-ascii?Q?aZV0yT3nl4cvXt8iB2c2KHMX7NKwZ8heHL9+X4y0isgjYpo8tj/gPtuFsI2b?= =?us-ascii?Q?7bU4yde7J/qZLmxft6RnDY9o24lDimyvTpoIhHWeBwMmOPkJ06VwaQhK8edf?= =?us-ascii?Q?Z6bw85ZLrFl/TIHr3Fc+Bm9CBTjJMcT3eAK1Vr6ewpaxhoffdkdvMZbvNDGN?= =?us-ascii?Q?1zOBJWsM8E3CfhSrC6knHvSa7+tf3mUtZMFF7nxCmmPFBBEbIzdSOWI1qcgN?= =?us-ascii?Q?rGeAzcksNaam9YnShMNlJT9MfzU7DGUOsIBn7t1Jiuee9pm4kT5yWt+Huy8q?= =?us-ascii?Q?myLFunArZ02sIPjssfysVlqSdp6a7SFFevSOEURm0xkI0GECytXsvBCUXRIJ?= =?us-ascii?Q?OuEtW1eRx54vfJtVQm05R13Jz0QL4wDolRZgmz+a5Ampdgf6Bkc93zN24exB?= =?us-ascii?Q?4IlhDJN+lpnQqqwJ4hKPe+TcI52X224CHcdQmiafSuN4f9fOuGojmtxH78zJ?= =?us-ascii?Q?k8/Wae7Hv33mdzS2Y51tDl+IGx5r1LayrApdSvfeh3gkujLx1Tz5qAP68qR0?= =?us-ascii?Q?c4xQ6MdFsF9P/64HnFXs7FhM4HfMa/ErmSV2/GJQxhqkeqUdvT64jHjCEQlX?= =?us-ascii?Q?O5HMc//USJk0HTKWTN6hHepsYK4mJ6ab/db3bpQ3NQygExR5XL4rRSfAGv46?= =?us-ascii?Q?CpntIv5o32LmVjh9Nfls3gSvG9mT78aht0HGpkgS12CDpahSntFVqtW443/U?= =?us-ascii?Q?6L7+fsNQfAKuPxs60q2JNipIKMMdY/L5lWLcAHq0VxtnJTKZ1B/TktFmZe1x?= =?us-ascii?Q?dgEVrb3vBks7YqGObGoTzRarNKDAwvY2wKecIht2f2/h6JeL6XAE85rY2xQ0?= =?us-ascii?Q?VSfpSD3RrUhMBbyJ0pcZzAlZr3m3V0J0qcFopC3SBwhfOm3Gozg0om6Zst2e?= =?us-ascii?Q?yxxv7SLoxhWhdj8Sg4icIqWvj5yakyuZrZE6CaKkpj8RV2KwW6GuWwH4nwp4?= =?us-ascii?Q?11JY1Q=3D=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MW4PR11MB5821.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 737bb666-6856-4543-65c9-08d9b9e599ab X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Dec 2021 00:56:42.4870 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: e4jS5/8Sa9xCw1dk/7EUk7lBBXXSich+ARs2dxtrccudFN0hjtELxSMQGH2mZUmtgMdF5/CPvxfZz2LbmpkoUbt1IMprm5k/VnxVRt4id3I= X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW3PR11MB4666 Return-Path: nathaniel.l.desimone@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Pushed: https://github.com/tianocore/edk2-platforms/commit/15d8aa1 > -----Original Message----- > From: devel@edk2.groups.io On Behalf Of Nate > DeSimone > Sent: Wednesday, December 1, 2021 2:52 PM > To: devel@edk2.groups.io > Cc: Bi, Dandan ; Liming Gao > ; Jadhav, Manoj D > ; Chiu, Chasel > Subject: [edk2-devel] [edk2-platforms] [PATCH v1] UserAuthFeaturePkg: > VerifyPassword() allows one extra password attempt >=20 > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3756 >=20 > If the password provided by the user is incorrect, then the VerifyPasswor= d() > function is supposed to return EFI_SECURITY_VIOLATION if the user has not > exceeded the maximum number of password guesses (currently set to 3). If > the number of password guesses has been exceeded, then > VerifyPassword() shall return EFI_ACCESS_DENIED. UserAuthenticationDxe > uses EFI_ACCESS_DENIED as the signal that the number of guesses has been > exceeded for the purposes of triggering a forced reboot. >=20 > VerifyPassword() checks if the number of password guess attempts has > exceeded the maximum allowed before checking if the current password > guess is correct. If it has, then VerifyPassword() immediately returns > EFI_ACCESS_DENIED. This behavior is correct since it is possible for > VerifyPassword() to be called again after the maximum number of attempts > has been exceeded. However, if the user guesses incorrectly, then > VerifyPassword() will always return EFI_SECURITY_VIOLATION. This is where > the bug is. It is possible that after the current attempt, the maximum al= lowed > number of attempts is exceeded. Therefore, > VerifyPassword() should check the number of attempts again, after checkin= g > if the password is correct. >=20 > Cc: Dandan Bi > Cc: Liming Gao > Cc: Jadhav Manoj D > Cc: Chasel Chiu > Signed-off-by: Nate DeSimone > --- > .../UserAuthenticationSmm.c | 14 ++++++++++++-- > 1 file changed, 12 insertions(+), 2 deletions(-) >=20 > diff --git > a/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthenticationDx > eSmm/UserAuthenticationSmm.c > b/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthenticationDx > eSmm/UserAuthenticationSmm.c > index c24c3c47a5..16e3405a82 100644 > --- > a/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthenticationDx > eSmm/UserAuthenticationSmm.c > +++ > b/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthentication > +++ DxeSmm/UserAuthenticationSmm.c > @@ -504,7 +504,12 @@ SmmPasswordHandler ( >=20 > if (!IsPasswordVerified (UserGuid, > SmmCommunicateSetPassword.OldPassword, PasswordLen + 1)) { > DEBUG ((DEBUG_ERROR, "SmmPasswordHandler: PasswordVerify - > FAIL\n")); > - Status =3D EFI_SECURITY_VIOLATION; > + if (*PasswordTryCount >=3D PASSWORD_MAX_TRY_COUNT) { > + DEBUG ((DEBUG_ERROR, "SmmPasswordHandler: SET_PASSWORD try > count reach!\n")); > + Status =3D EFI_ACCESS_DENIED; > + } else { > + Status =3D EFI_SECURITY_VIOLATION; > + } > goto EXIT; > } >=20 > @@ -554,7 +559,12 @@ SmmPasswordHandler ( > } > if (!IsPasswordVerified (UserGuid, > SmmCommunicateVerifyPassword.Password, PasswordLen + 1)) { > DEBUG ((DEBUG_ERROR, "SmmPasswordHandler: PasswordVerify - > FAIL\n")); > - Status =3D EFI_SECURITY_VIOLATION; > + if (*PasswordTryCount >=3D PASSWORD_MAX_TRY_COUNT) { > + DEBUG ((DEBUG_ERROR, "SmmPasswordHandler: VERIFY_PASSWORD > try count reach!\n")); > + Status =3D EFI_ACCESS_DENIED; > + } else { > + Status =3D EFI_SECURITY_VIOLATION; > + } > goto EXIT; > } > mPasswordVerified =3D TRUE; > -- > 2.27.0.windows.1 >=20 >=20 >=20 >=20 >=20