From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (NAM11-CO1-obe.outbound.protection.outlook.com [40.92.18.28]) by mx.groups.io with SMTP id smtpd.web12.3169.1586543931953318417 for ; Fri, 10 Apr 2020 11:38:52 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@outlook.com header.s=selector1 header.b=PNxNU+4k; spf=pass (domain: outlook.com, ip: 40.92.18.28, mailfrom: michael.kubacki@outlook.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XIrrglReG6D6OYfbJmk9CchCsNzrCcSZQhEXq64yPlpw21+Ldd7vgwLkhFsuwFDCe7XWVH0Tx6GXMiXl5lonqENL+BG9cKfAN+T5nhI1MUGjYMAVNPnzkoiyU2sz5tx9So0r7gJqQK3Pv4PzVdJuL8bL8VQbj5Y0cB4tIb9S12/6FBMsK/KgEVxr2kNFnpdiZ/LjA51Pb1FDWIZk0ZoX5f0dZzAx8TDnOmvxOTd0+a7e6S/Dxa7dsqnePnrleSz+IM5ihfEwa8lkr7KzKp73/it9gyahkbpRlSxR1FC9K8AFR43V8CiqquR+FVFe/IG0cDUp0BHtDvG30fnV1EbE1Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dKB1g1UN7x3ZdgXWEMEoX040qJJkqqmQGzwjA9bWfgc=; b=IUl6h0t3aXu8kjyIbMv7/Klo3Xwnl6gEpME7B4u/bW5cAL5zsQeiy1FPGQajL57OFDsK2dHxs1Fxp+JhAo01h97/5NnUHJTonAC1/vVDM14aWzBiU4TmW4W0lx85S72FChDodQ+Vzc724mwa4M+l4NvLQF35/GbJBcxbOKlQwDMZ9wYd8a4qhKLPVcqjjSJgFQQ0XqOy9YqhLq0Gw0rWXjpISCMZeF0VQu8GGZxg6jAN8Ov+w7md4gYfNGM4+CR6CAF4JkovJ0i70ooHHTUff6rOsRfow+QFlU0ylIyIVuusHbx5evooHwkSCDBwCektjhap1BUAzzCAQw/uC5NF3A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=outlook.com; dmarc=pass action=none header.from=outlook.com; dkim=pass header.d=outlook.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dKB1g1UN7x3ZdgXWEMEoX040qJJkqqmQGzwjA9bWfgc=; b=PNxNU+4kbP8NJ8Po/3B6yLO4/UPpauJWoQ1vUtlLAUhPcv/5NDXumnvgnWDB6jVXC6qLZgnqUq794y9f6wa9z/KQVTOUrfIppn0r/3KWiqs74x/38DJ7mTTQflQNklsdefjrE39VEVjpjm0WuJ6OB2to7LR0PbmrwaKzLQho8RCUe2o1C0j8QvCqMeZHPgYDPT3KUb0sOnxS2CLYJx1MDq2vmrRhH97m5gv9STugGiIoqE9wStTslNM4gmP+L0Lk6nR8/AjHfg+f2skvMmqMM/g0tIPaQqtxWh1ci+nmoZuaUBC9AhIKfv96B47+PYGkKhDGxwjmnFQGZT6V22nbTA== Received: from BN8NAM11FT063.eop-nam11.prod.protection.outlook.com (2a01:111:e400:fc4b::49) by BN8NAM11HT258.eop-nam11.prod.protection.outlook.com (2a01:111:e400:fc4b::166) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2900.18; Fri, 10 Apr 2020 18:38:48 +0000 Received: from MWHPR07MB3440.namprd07.prod.outlook.com (2a01:111:e400:fc4b::44) by BN8NAM11FT063.mail.protection.outlook.com (2a01:111:e400:fc4b::366) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2900.15 via Frontend Transport; Fri, 10 Apr 2020 18:38:48 +0000 X-IncomingTopHeaderMarker: OriginalChecksum:5AFBDDB7E48B80A61DE6EA85E2906FCC35ADB351F08DFC65EA206096CCB8ADF7;UpperCasedChecksum:39AB1EFC889BBBBCE428FDBB1C0C771863F653FD997AAC696277152E165E163B;SizeAsReceived:7777;Count:49 Received: from MWHPR07MB3440.namprd07.prod.outlook.com ([fe80::bcc9:271b:20db:52e3]) by MWHPR07MB3440.namprd07.prod.outlook.com ([fe80::bcc9:271b:20db:52e3%6]) with mapi id 15.20.2900.015; Fri, 10 Apr 2020 18:38:48 +0000 From: "Michael Kubacki" To: devel@edk2.groups.io Cc: Jian J Wang , Hao A Wu , Liming Gao Subject: [PATCH v1 8/9] MdeModulePkg: Change TCG MOR variables to use VariablePolicy Date: Fri, 10 Apr 2020 11:38:01 -0700 Message-ID: X-Mailer: git-send-email 2.16.3.windows.1 In-Reply-To: <20200410183802.21192-1-michael.kubacki@outlook.com> References: <20200410183802.21192-1-michael.kubacki@outlook.com> X-ClientProxiedBy: MWHPR20CA0007.namprd20.prod.outlook.com (2603:10b6:300:13d::17) To MWHPR07MB3440.namprd07.prod.outlook.com (2603:10b6:301:69::28) Return-Path: michael.kubacki@outlook.com X-Microsoft-Original-Message-ID: <20200410183802.21192-8-michael.kubacki@outlook.com> MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from localhost.localdomain (2001:4898:80e8:9:2d7c:9ade:505:3bf5) by MWHPR20CA0007.namprd20.prod.outlook.com (2603:10b6:300:13d::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2900.17 via Frontend Transport; Fri, 10 Apr 2020 18:38:47 +0000 X-Mailer: git-send-email 2.16.3.windows.1 X-Microsoft-Original-Message-ID: <20200410183802.21192-8-michael.kubacki@outlook.com> X-TMN: [8mnIybcCZlWbb4+qk0uIABrvuXxChnLgEnj6wr7HWQQsW1ALyJgsPfQjRPDnsSxj] X-MS-PublicTrafficType: Email X-IncomingHeaderCount: 49 X-EOPAttributedMessage: 0 X-MS-Office365-Filtering-Correlation-Id: 43c83cdb-e6fa-40ad-7595-08d7dd7e680e X-MS-TrafficTypeDiagnostic: BN8NAM11HT258: X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: wOmKD8bJw9lBaFGR+Bb7Bk/TElXxrf9Ifc5RwqUGpil3OAEtCtJi9xLDIGhpLUbB8KtHIeakpYymoYw07GXkM0Eaj15c9goRZNMlF2vW0RAhXibVA5eQQyY7EQbr+4r24se6hc8wlmdogwNJSfKAUpOBhOEBVVWN1WFdZQgd6Gozbv/1QmmqnZXzsPy8o6PbHX3zVoFBbOn399ifCj+87K473ycd+vP1+Bi4bcgqT1Y= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:0;SRV:;IPV:NLI;SFV:NSPM;H:MWHPR07MB3440.namprd07.prod.outlook.com;PTR:;CAT:NONE;SFTY:;SFS:;DIR:OUT;SFP:1901; X-MS-Exchange-AntiSpam-MessageData: gFKxLSoxQLBCDcDynStHSypxeaImpl6sX6tnhEf1DcugkiQ+KoQId+UDhD4b2sy6rhvvuidLCpzPu7Uyrp638KRM9AlC2wfR4jOds1c0d+gf9V9iGEMmr+b3SMSVPTdnIn1P+/owXCNcainZyCGotNUpvV/lEujDeDgXtvIWHDEbxGuTgrhQf3tuVWb14AIyGVKRumM8NTiTl3WL8Uf/WQ== X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 43c83cdb-e6fa-40ad-7595-08d7dd7e680e X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Apr 2020 18:38:47.9259 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-FromEntityHeader: Internet X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN8NAM11HT258 Content-Type: text/plain From: Bret Barkelew https://bugzilla.tianocore.org/show_bug.cgi?id=2522 These were previously using VarLock, which is being deprecated. Cc: Jian J Wang Cc: Hao A Wu Cc: Liming Gao Signed-off-by: Bret Barkelew Signed-off-by: Michael Kubacki --- MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockDxe.c | 52 ++++++++++++++------ MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c | 52 +++++++++++++++----- MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf | 3 ++ MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf | 1 + 4 files changed, 83 insertions(+), 25 deletions(-) diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockDxe.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockDxe.c index e7accf4ed806..cac094532a91 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockDxe.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockDxe.c @@ -5,6 +5,7 @@ MOR lock control unsupported. Copyright (c) 2016, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation. SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -17,7 +18,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include "Variable.h" -extern EDKII_VARIABLE_LOCK_PROTOCOL mVariableLock; +#include +#include /** This service is an MOR/MorLock checker handler for the SetVariable(). @@ -77,11 +79,6 @@ MorLockInit ( NULL // Data ); - // - // Need set this variable to be read-only to prevent other module set it. - // - VariableLockRequestToLock (&mVariableLock, MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME, &gEfiMemoryOverwriteRequestControlLockGuid); - // // The MOR variable can effectively improve platform security only when the // MorLock variable protects the MOR variable. In turn MorLock cannot be made @@ -99,11 +96,6 @@ MorLockInit ( 0, // DataSize NULL // Data ); - VariableLockRequestToLock ( - &mVariableLock, - MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME, - &gEfiMemoryOverwriteControlDataGuid - ); return EFI_SUCCESS; } @@ -118,7 +110,39 @@ MorLockInitAtEndOfDxe ( VOID ) { - // - // Do nothing. - // + EFI_STATUS Status; + VARIABLE_POLICY_PROTOCOL *VariablePolicy; + + // First, we obviously need to locate the VariablePolicy protocol. + Status = gBS->LocateProtocol( &gVariablePolicyProtocolGuid, NULL, (VOID**)&VariablePolicy ); + if (EFI_ERROR( Status )) { + DEBUG(( DEBUG_ERROR, "%a - Could not locate VariablePolicy protocol! %r\n", __FUNCTION__, Status )); + return; + } + + // If we're successful, go ahead and set the policies to protect the target variables. + Status = RegisterBasicVariablePolicy( VariablePolicy, + &gEfiMemoryOverwriteRequestControlLockGuid, + MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME, + VARIABLE_POLICY_NO_MIN_SIZE, + VARIABLE_POLICY_NO_MAX_SIZE, + VARIABLE_POLICY_NO_MUST_ATTR, + VARIABLE_POLICY_NO_CANT_ATTR, + VARIABLE_POLICY_TYPE_LOCK_NOW ); + if (EFI_ERROR( Status )) { + DEBUG(( DEBUG_ERROR, "%a - Could not lock variable %s! %r\n", __FUNCTION__, MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME, Status )); + } + Status = RegisterBasicVariablePolicy( VariablePolicy, + &gEfiMemoryOverwriteControlDataGuid, + MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME, + VARIABLE_POLICY_NO_MIN_SIZE, + VARIABLE_POLICY_NO_MAX_SIZE, + VARIABLE_POLICY_NO_MUST_ATTR, + VARIABLE_POLICY_NO_CANT_ATTR, + VARIABLE_POLICY_TYPE_LOCK_NOW ); + if (EFI_ERROR( Status )) { + DEBUG(( DEBUG_ERROR, "%a - Could not lock variable %s! %r\n", __FUNCTION__, MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME, Status )); + } + + return; } diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c index 085f82035f4b..ee37942a6b0c 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c @@ -19,7 +19,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include "Variable.h" #include - +#include #include typedef struct { @@ -422,6 +422,8 @@ MorLockInitAtEndOfDxe ( { UINTN MorSize; EFI_STATUS MorStatus; + EFI_STATUS Status; + VARIABLE_POLICY_ENTRY *NewPolicy; if (!mMorLockInitializationRequired) { // @@ -494,11 +496,25 @@ MorLockInitAtEndOfDxe ( // The MOR variable is absent; the platform firmware does not support it. // Lock the variable so that no other module may create it. // - VariableLockRequestToLock ( - NULL, // This - MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME, - &gEfiMemoryOverwriteControlDataGuid - ); + NewPolicy = NULL; + Status = CreateBasicVariablePolicy( &gEfiMemoryOverwriteControlDataGuid, + MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME, + VARIABLE_POLICY_NO_MIN_SIZE, + VARIABLE_POLICY_NO_MAX_SIZE, + VARIABLE_POLICY_NO_MUST_ATTR, + VARIABLE_POLICY_NO_CANT_ATTR, + VARIABLE_POLICY_TYPE_LOCK_NOW, + &NewPolicy ); + if (!EFI_ERROR( Status )) { + Status = RegisterVariablePolicy( NewPolicy ); + } + if (EFI_ERROR( Status )) { + DEBUG(( DEBUG_ERROR, "%a - Failed to lock variable %s! %r\n", __FUNCTION__, MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME, Status )); + ASSERT_EFI_ERROR( Status ); + } + if (NewPolicy != NULL) { + FreePool( NewPolicy ); + } // // Delete the MOR Control Lock variable too (should it exists for some @@ -514,9 +530,23 @@ MorLockInitAtEndOfDxe ( ); mMorLockPassThru = FALSE; - VariableLockRequestToLock ( - NULL, // This - MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME, - &gEfiMemoryOverwriteRequestControlLockGuid - ); + NewPolicy = NULL; + Status = CreateBasicVariablePolicy( &gEfiMemoryOverwriteRequestControlLockGuid, + MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME, + VARIABLE_POLICY_NO_MIN_SIZE, + VARIABLE_POLICY_NO_MAX_SIZE, + VARIABLE_POLICY_NO_MUST_ATTR, + VARIABLE_POLICY_NO_CANT_ATTR, + VARIABLE_POLICY_TYPE_LOCK_NOW, + &NewPolicy ); + if (!EFI_ERROR( Status )) { + Status = RegisterVariablePolicy( NewPolicy ); + } + if (EFI_ERROR( Status )) { + DEBUG(( DEBUG_ERROR, "%a - Failed to lock variable %s! %r\n", __FUNCTION__, MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME, Status )); + ASSERT_EFI_ERROR( Status ); + } + if (NewPolicy != NULL) { + FreePool( NewPolicy ); + } } diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf index ceea5d1ff9ac..5fbec5cee8ab 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf @@ -10,6 +10,7 @@ # buffer overflow or integer overflow. # # Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.
+# Copyright (c) Microsoft Corporation. # SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -69,6 +70,7 @@ TpmMeasurementLib AuthVariableLib VarCheckLib + VariablePolicyHelperLib [Protocols] gEfiFirmwareVolumeBlockProtocolGuid ## CONSUMES @@ -78,6 +80,7 @@ gEfiVariableWriteArchProtocolGuid ## PRODUCES gEfiVariableArchProtocolGuid ## PRODUCES gEdkiiVariableLockProtocolGuid ## PRODUCES + gVariablePolicyProtocolGuid ## CONSUMES gEdkiiVarCheckProtocolGuid ## PRODUCES [Guids] diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf index d8f480be27cc..62f2f9252f43 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf @@ -76,6 +76,7 @@ SynchronizationLib VarCheckLib VariablePolicyLib + VariablePolicyHelperLib [Protocols] gEfiSmmFirmwareVolumeBlockProtocolGuid ## CONSUMES -- 2.16.3.windows.1