From nobody Thu May 16 20:45:49 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+107966+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+107966+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=arm.com ARC-Seal: i=1; a=rsa-sha256; t=1692756593; cv=none; d=zohomail.com; s=zohoarc; b=UBMubJtfRhrnd4LWKltVjj6NqnLdRIHf0AEjcZ58X00WUsKT4eK7tknxOYCRbhmb0QKy8vfT0yzqM94BrH7kUUteqmmMZConPv2dmeg2rx5kVfMMV3Y7kS1isHwwBCPaPUdbmkiy4vBvJ+yBdRp1xqpChXd9b79pQELl6ZqmLXY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1692756593; h=Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=1f2R9/SyZB9blP6wOebMaCsMzcmMiirMOt06Aut+HCA=; b=CbGqppKLlpQRu9urybpssPncvRlSbGmbNfqiWwdUs3TqQbk4S99TjmxcDs+pqw8RbPczwJhiq6cWZ6urOgpjr+eNwWndZOh93+NtS0Q25J7jxF7UTEW3mOxkOj829r/R782iua+MBeQvVxfGr5hH2YjQJyt/+6ccz+4rvZ8W244= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+107966+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1692756593313598.7214453428955; Tue, 22 Aug 2023 19:09:53 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=rByzasDbhKpm/Qw4g2OEoukiVlx1ooBQjbK91dOlF/8=; c=relaxed/simple; d=groups.io; h=From:To:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1692756592; v=1; b=jn6GxUjFCBUn1saqwgst1Fo7wECNqxI+cGBLrKxhwcE8MQKOc92Lwvd0NJ8NHoQgmD6Sof4v BwRdhfwdcPgDzhJ/XuP/v6nopwRHA/Fh2c2nMNW/Ofq+I4FhCa3wpnMfsxffop4VYCpv6fxDLGx 1KCvFaqsVpToS+1z2tBlaY3k= X-Received: by 127.0.0.2 with SMTP id 08drYY1788612xyyA6NEdbzX; Tue, 22 Aug 2023 19:09:52 -0700 X-Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web10.2910.1692756591461388732 for ; Tue, 22 Aug 2023 19:09:51 -0700 X-Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 53C3511FB for ; Tue, 22 Aug 2023 19:10:31 -0700 (PDT) X-Received: from beelzebub.ast.arm.com (abhsin07-ThinkStation-P720.austin.arm.com [10.118.30.31]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 8BFFC3F7C5 for ; Tue, 22 Aug 2023 19:09:50 -0700 (PDT) From: "Abhimanyu Singh" To: devel@edk2.groups.io Subject: [edk2-devel] [PATCH v2 1/6] uefi-sct/SctPkg: TCG Platform Reset Check Test Date: Tue, 22 Aug 2023 21:09:42 -0500 Message-Id: <20230823020947.124395-2-Abhi.Singh@arm.com> In-Reply-To: <20230823020947.124395-1-Abhi.Singh@arm.com> References: <20230823020947.124395-1-Abhi.Singh@arm.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,Abhi.Singh@arm.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: TzTAHMUgApPeaSyepDUZoFmpx1787277AA= Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1692756594139100004 Content-Type: text/plain; charset="utf-8" From: "Abhi.Singh" SCT spec: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4374 BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4419 -Implement initial test infrastructure for all test cases including updates to: CommonGenFramework.sh, UEFI_SCT.dsc, and Category.ini. -Add Guid.c and Guid.h files to cover the assertions 4/49 assertions defined in the SCT spec -Add TCGMemoryOverwriteRequestBBTestMain.h alongside used define/global variables -Add Platform Reset Check Test -check if the platform creates the MOR & MORLOCK EFI variables as defined in the TCG Spec -sets MOR bit 0 and validate if the platform clears the MOR bit 0 upon reset. Cc: G Edhaya Chandran Cc: Barton Gao Cc: Carolyn Gjertsen Signed-off-by: Abhi Singh Change-Id: I774d5893e5aff47690dadf90c36c7b9e7e7ee584 --- uefi-sct/SctPkg/UEFI/UEFI_SCT.dsc = | 1 + uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/TCGMemoryOverwriteRequestBBTest.inf | 53 +++ uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/Guid.h | 46 +++ uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h | 95 +++++ uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/Guid.c | 37 ++ uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c | 410 ++++++++++++= ++++++++ uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.c | 115 ++++++ uefi-sct/SctPkg/CommonGenFramework.sh = | 1 + uefi-sct/SctPkg/Config/Data/Category.ini = | 7 + 9 files changed, 765 insertions(+) diff --git a/uefi-sct/SctPkg/UEFI/UEFI_SCT.dsc b/uefi-sct/SctPkg/UEFI/UEFI_= SCT.dsc index 155490fa39d3..536d5f2ed37a 100644 --- a/uefi-sct/SctPkg/UEFI/UEFI_SCT.dsc +++ b/uefi-sct/SctPkg/UEFI/UEFI_SCT.dsc @@ -235,6 +235,7 @@ [Components] SctPkg/TestCase/UEFI/EFI/RuntimeServices/MiscRuntimeServices/BlackBoxTest/= MiscRuntimeServicesBBTest.inf SctPkg/TestCase/UEFI/EFI/RuntimeServices/TimeServices/BlackBoxTest/TimeSer= vicesBBTest.inf SctPkg/TestCase/UEFI/EFI/RuntimeServices/VariableServices/BlackBoxTest/Var= iableServicesBBTest.inf +SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBo= xTest/TCGMemoryOverwriteRequestBBTest.inf =20 SctPkg/TestCase/UEFI/EFI/Protocol/GraphicsOutput/BlackBoxTest/GraphicsOutp= utBBTest.inf SctPkg/TestCase/UEFI/EFI/Protocol/Bis/BlackBoxTest/BisBBTest.inf diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTest.inf b/uefi-sct/S= ctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxT= est/TCGMemoryOverwriteRequestBBTest.inf new file mode 100644 index 000000000000..35d82043e2e7 --- /dev/null +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTest.inf @@ -0,0 +1,53 @@ +## @file +# +# Copyright 2006 - 2015 Unified EFI, Inc.
+# Copyright (c) 2013, Intel Corporation. All rights reserved.
+# Copyright (c) 2023, Arm Inc. All rights reserved.
+# +# This program and the accompanying materials +# are licensed and made available under the terms and conditions of the B= SD License +# which accompanies this distribution. The full text of the license may = be found at +# http://opensource.org/licenses/bsd-license.php +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IM= PLIED. +# +## +#/*++ +# +# Module Name: +# +# TCGMemoryOverwriteRequestBBTest.inf +# +# Abstract: +# +# Component description file for TCG MemoryOverwriteRequest UEFI variabl= es Test. +# +#--*/ + +[defines] + INF_VERSION =3D 0x00010005 + BASE_NAME =3D TCGMemoryOverwriteRequestBBTest + FILE_GUID =3D ACA989CD-4AEE-45A3-B80F-E9A523BB7164 + MODULE_TYPE =3D UEFI_DRIVER + VERSION_STRING =3D 1.0 + ENTRY_POINT =3D InitializeTestTCGMemoryOverwriteRequest + +[sources.common] + TCGMemoryOverwriteRequestBBTestMain.c + TCGMemoryOverwriteRequestBBTestMain.h + TCGMemoryOverwriteRequestBBTestFunction.c + Guid.c + +[Packages] + MdePkg/MdePkg.dec + SctPkg/SctPkg.dec + SctPkg/UEFI/UEFI.dec + +[LibraryClasses] + UefiDriverEntryPoint + SctLib + EfiTestLib + +[Protocols] + gEfiTestRecoveryLibraryGuid diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/Guid.h b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Runti= meServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h new file mode 100644 index 000000000000..a3d87a3eb764 --- /dev/null +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.h @@ -0,0 +1,46 @@ +/** @file + + Copyright 2006 - 2016 Unified EFI, Inc.
+ Copyright (c) 2013, Intel Corporation. All rights reserved.
+ Copyright (c) 2023, Arm Inc. All rights reserved.
+ + This program and the accompanying materials + are licensed and made available under the terms and conditions of the BS= D License + which accompanies this distribution. The full text of the license may b= e found at + http://opensource.org/licenses/bsd-license.php + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. + +**/ +/*++ + +Module Name: + + guid.h + +Abstract: + + GUIDs auto-generated for EFI test assertion. + +--*/ + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_001_GUID \ +{ 0xd1c31d5f, 0x944f, 0x434c, {0x88, 0x26, 0xa6, 0xfb, 0x00, 0xd4, 0xbb, 0= x97 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_002_GUID \ +{ 0xa6c191b1, 0x9bfb, 0x4231, {0xb9, 0x2d, 0x4e, 0xa2, 0x21, 0xf6, 0x4b, 0= x5d }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_003_GUID \ +{ 0x34d41a18, 0x8ffe, 0x456b, {0xa4, 0x82, 0x97, 0xb9, 0x9c, 0x50, 0x7d, 0= x9e }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_004_GUID \ +{ 0x002519c6, 0x859f, 0x4d25, {0xb1, 0x36, 0xb2, 0xef, 0x61, 0xe5, 0xd9, 0= x6f }} + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid001; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid002; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid003; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid004; diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h b/uefi-sct= /SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBo= xTest/TCGMemoryOverwriteRequestBBTestMain.h new file mode 100644 index 000000000000..45bd921ecca4 --- /dev/null +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h @@ -0,0 +1,95 @@ +/** @file + + Copyright 2006 - 2017 Unified EFI, Inc.
+ Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.
+ Copyright (c) 2023, Arm Inc. All rights reserved.
+ + This program and the accompanying materials + are licensed and made available under the terms and conditions of the BS= D License + which accompanies this distribution. The full text of the license may b= e found at + http://opensource.org/licenses/bsd-license.php + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. + +**/ +/*++ + +Module Name: + + TCGMemoryOverwriteRequestTest.h + +Abstract: + + Test Driver of TCG MOR and MORLOCK EFI variables that are defined inside + TCG Platform Reset Attack Mitigation v1.10 Section 4 (UEFI Interface) + +--*/ + +#ifndef _TCG_MOR_BB_TEST_MAIN +#define _TCG_MOR_BB_TEST_MAIN + +#include "Efi.h" +#include "Guid.h" +#include +#include +#include +#include + +typedef struct _RESET_DATA { + UINTN Step; + UINTN CheckpointStep; +} RESET_DATA; + +#include EFI_TEST_PROTOCOL_DEFINITION(TestRecoveryLibrary) + +#define TCG_MOR_TEST_REVISION 0x00010000 + +#define MOR_BIT_LOW 0x0 +#define MOR_BIT_HIGH 0x1 + +#define MOR_LOCK_DATA_UNLOCKED 0x0 + + +// +// TEST GUID for TCG Platform Reset Attack Mitigation MemoryOverwriteReque= st (MOR) Test +// +#define EFI_TCG_MOR_TEST_GUID \ + { 0x265e661d, 0xd51e, 0x454b, {0xbb, 0xc9, 0x66, 0x5f, 0x46, 0xec, 0x0a,= 0x04 }} + +EFI_STATUS +EFIAPI +InitializeTestTCGMemoryOverwriteRequest ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable + ); + +EFI_STATUS +EFIAPI +UnloadTCGMemoryOverwriteRequestTest ( + IN EFI_HANDLE ImageHandle + ); + +EFI_STATUS +BBTestTCGMemoryOverwriteRequestFunctionTest ( + IN EFI_BB_TEST_PROTOCOL *This, + IN VOID *ClientInterface, + IN EFI_TEST_LEVEL TestLevel, + IN EFI_HANDLE SupportHandle + ); + +EFI_STATUS +TCGMemoryOverwriteRequestPlatformResetCheck ( + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib, + IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib, + IN RESET_DATA *ResetData + ); + +// ***********************************************************************= ***** +// Entry GUIDs for Test +// ***********************************************************************= ***** + +#define EFI_TCG_MOR_TEST_ENTRY_GUID0101 \ + { 0x2104436a, 0x77c8, 0x4514, {0xb7, 0xd7, 0xaa, 0x8a, 0x6b, 0xd1, 0x8d,= 0xa4 }} + +#endif diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/Guid.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Runti= meServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c new file mode 100644 index 000000000000..59c798a710f1 --- /dev/null +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.c @@ -0,0 +1,37 @@ +/** @file + + Copyright 2006 - 2013 Unified EFI, Inc.
+ Copyright (c) 2013, Intel Corporation. All rights reserved.
+ Copyright (c) 2023, Arm Inc. All rights reserved.
+ + This program and the accompanying materials + are licensed and made available under the terms and conditions of the BS= D License + which accompanies this distribution. The full text of the license may b= e found at + http://opensource.org/licenses/bsd-license.php + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. + +**/ +/*++ + +Module Name: + + guid.c + +Abstract: + + GUIDs auto-generated for EFI test assertion. + +--*/ + +#include "Efi.h" +#include "Guid.h" + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid001 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_001_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid002 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_002_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid003 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_003_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid004 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_004_GUID; diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c b/uefi= -sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/Bla= ckBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c new file mode 100644 index 000000000000..82f9300dd296 --- /dev/null +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c @@ -0,0 +1,410 @@ +/** @file + + Copyright 2006 - 2016 Unified EFI, Inc.
+ Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.
+ Copyright (c) 2023, Arm Inc. All rights reserved.
+ + This program and the accompanying materials + are licensed and made available under the terms and conditions of the BS= D License + which accompanies this distribution. The full text of the license may b= e found at + http://opensource.org/licenses/bsd-license.php + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. + +**/ +/*++ + +Module Name: + + TCGMemoryOverwriteRequestBBTestFunction.c + +Abstract: + + Function Test Cases for the TCG MOR and MORLOCK EFI variables that are d= efined + in TCG Platform Reset Attack Mitigation v1.10 Section 4 (UEFI Interface) + +--*/ + +#include "SctLib.h" +#include "TCGMemoryOverwriteRequestBBTestMain.h" + +#define RECOVER_BUFFER_SIZE 2048 + +#define TCG_MOR_VARIABLE_ATTRIBUTES (EFI_VARIABLE_NON_VOLATILE | EFI_VARI= ABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS) + +#define CONTROL_PLATFORM_RESET_TEST 1 + +#define CONTROL_SET_VARIABLE_TEST 2 + + +/** + * Entry point for TCG Platform Reset Attack Mitigation MemoryOverwrite E= FI Variables Function Test. + * @param This A pointer to the EFI_BB_TEST_PROTOCOL instance. + * @param ClientInterface A pointer to the interface to be tested. + * @param TestLevel Test "thoroughness" control. + * @param SupportHandle A handle containing support protocols. + * @return EFI_SUCCESS Test cases ran Successfully, may still contain= errors in assertions. + * @return Other value Something failed. + */ +EFI_STATUS +BBTestTCGMemoryOverwriteRequestFunctionTest ( + IN EFI_BB_TEST_PROTOCOL *This, + IN VOID *ClientInterface, + IN EFI_TEST_LEVEL TestLevel, + IN EFI_HANDLE SupportHandle + ) +{ + EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib; + EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib; + EFI_STATUS Status; + RESET_DATA *ResetData; + UINT8 Buffer[RECOVER_BUFFER_SIZE]; + UINTN Size; + + ResetData =3D (RESET_DATA *)Buffer; + + // + // Get the Standard Library Interface + // + Status =3D gtBS->HandleProtocol ( + SupportHandle, + &gEfiStandardTestLibraryGuid, + (VOID **) &StandardLib + ); + if (EFI_ERROR(Status)) { + return Status; + } + + // + // Get the Recovery Library Interface + // + Status =3D gtBS->HandleProtocol ( + SupportHandle, + &gEfiTestRecoveryLibraryGuid, + (VOID **) &RecoveryLib + ); + if (EFI_ERROR(Status)) { + StandardLib->RecordAssertion ( + StandardLib, + EFI_TEST_ASSERTION_FAILED, + gTestGenericFailureGuid, + L"BS.HandleProtocol - Handle recovery library", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + return Status; + } + + // + // Read reset record + // + Status =3D RecoveryLib->ReadResetRecord ( + RecoveryLib, + &Size, + Buffer + ); + + // + // Check Reset Record's checkpoint for which test to run, all tests must= run so they are all included in the same function + // + if (EFI_ERROR(Status) || (Size < sizeof(RESET_DATA)) || (ResetData->Chec= kpointStep =3D=3D CONTROL_PLATFORM_RESET_TEST)) { + if (EFI_ERROR(Status) || Size < sizeof(RESET_DATA)) { // if true, Rese= tData has not been intialized by the tests yet, set Step =3D 0 to start the= first step of the tests + ResetData->Step =3D 0; + } + // + // Test Checkpoint CONTROL_PLATFORM_RESET_TEST + // + Status =3D TCGMemoryOverwriteRequestPlatformResetCheck (StandardLib, R= ecoveryLib, ResetData); + // + // Status is returned in the event that the MOR/MORLOCK variables do n= ot exist in occordance to spec, + // or the WriteResetRecord returns EFI_ERROR, test ends prematurely + // + if(EFI_ERROR(Status)) { + return Status; + } + } + // + // After all Checkpoints have run + // + return EFI_SUCCESS; +} + + +/** + * MOR & MORLock EFI variables are correctly created by platform + * Initially setting MOR bit 0 is then cleared upon platform reset + * @param StandardLib A pointer to EFI_STANDARD_TEST_LIBRARY_PROTOCOL + * instance. + * @param RecoveryLib A pointer to EFI_TEST_RECOVERY_LIBRARY_PROTOCOL + * instance. + * @return EFI_SUCCESS Successfully. + * @return Other value Something failed. + */ +EFI_STATUS +TCGMemoryOverwriteRequestPlatformResetCheck ( + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib, + IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib, + IN RESET_DATA *ResetData + ) +{ + EFI_STATUS Status; + EFI_TEST_ASSERTION Result; + UINTN DataSize; + UINT8 MemoryOverwriteRequestControlData; + UINT8 MemoryOverwriteRequestControlLockDa= ta; + UINT32 Attributes; + + // + // Check Step to see which part of test remains to be executed + // + if (ResetData->Step =3D=3D 0) { + goto INITIAL_RESET; + } else if (ResetData->Step =3D=3D 1) { + goto MOR_VARIABLE_CHECK; + } else if (ResetData->Step =3D=3D 2) { + goto MOR_BIT_CLEAR_ON_RESET; + } + +INITIAL_RESET: + // + // Perform initial plaform reset + // + ResetData->Step =3D 1; + ResetData->CheckpointStep =3D CONTROL_PLATFORM_RESET_TEST; + + Status =3D RecoveryLib->WriteResetRecord ( + RecoveryLib, + sizeof (RESET_DATA), + (UINT8*)ResetData + ); + if (EFI_ERROR(Status)) { + StandardLib->RecordAssertion ( + StandardLib, + EFI_TEST_ASSERTION_FAILED, + gTestGenericFailureGuid, + L"TestRecoveryLib - WriteResetRecord", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + return Status; + } + SctPrint (L"System will cold reset after 1 second..."); + gtBS->Stall (1000000); + gtRT->ResetSystem ( + EfiResetCold, + EFI_SUCCESS, + 0, + NULL + ); + +MOR_VARIABLE_CHECK: + // + // Post system reset, Check if the MOR EFI var is correctly created by p= latform + // + + // Write reset record before the second reset (MOR_BIT_CLEAR_ON_RESET) + ResetData->Step =3D 2; + ResetData->CheckpointStep =3D CONTROL_PLATFORM_RESET_TEST; + + Status =3D RecoveryLib->WriteResetRecord ( + RecoveryLib, + sizeof (RESET_DATA), + (UINT8*)ResetData + ); + if (EFI_ERROR(Status)) { + StandardLib->RecordAssertion ( + StandardLib, + EFI_TEST_ASSERTION_FAILED, + gTestGenericFailureGuid, + L"TestRecoveryLib - WriteResetRecord", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + return Status; + } + + // + // GetVariable and check if the DataSize and Attributes are as expected + // + DataSize =3D sizeof(MemoryOverwriteRequestControlData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControl", // VariableName + &gEfiMemoryOverwriteControlDataGuid, // VendorGuid + &Attributes, // Attributes + &DataSize, // DataSize + &MemoryOverwriteRequestControlData // Data + ); + if (EFI_ERROR (Status) || (DataSize !=3D 1) || (Attributes !=3D TCG_MOR_= VARIABLE_ATTRIBUTES)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid001, + L"MemoryOverwriteRequestControl - Validate that the MOR = Variable is created by the platform in accordance with TCG Spec", + L"%a:%d:Status - %r, DataSize - %d, Attributes - %x", + __FILE__, + (UINTN)__LINE__, + Status, + (UINTN)DataSize, + Attributes + ); + if (EFI_ERROR (Status)) { + return Status; + } + + // + // Set MemoryOverwriteRequestControlData bit 0 and verify the platform c= lears bit 0 upon system reset + // MOR bit 0 indicates to platform firmware that system memory must be w= iped during platform initialization + // + DataSize =3D sizeof(MemoryOverwriteRequestControlData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteRequestControlData |=3D MOR_BIT_HIGH << MOR_CLEAR_MEMORY_= BIT_OFFSET; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControl", // VariableName + &gEfiMemoryOverwriteControlDataGuid, // VendorGuid + Attributes, // Attributes + DataSize, // DataSize + &MemoryOverwriteRequestControlData // Data + ); + if (Status =3D=3D EFI_SUCCESS) { + Result =3D EFI_TEST_ASSERTION_PASSED; + }else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid002, + L"MemoryOverwriteRequestControl - SetVariable() with MOR= bit 0 set high returns EFI_SUCCESS", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + if (EFI_ERROR (Status)) { + return Status; + } + + // Cold reset system again for step 2 + SctPrint (L"System will cold reset after 1 second and test will be resum= ed after reboot."); + gtBS->Stall (1000000); + gtRT->ResetSystem ( + EfiResetCold, + EFI_SUCCESS, + 0, + NULL + ); + +MOR_BIT_CLEAR_ON_RESET: + // + // Clear Step count and increment checkpoint for next test + // + + ResetData->Step =3D 0; + ResetData->CheckpointStep =3D CONTROL_SET_VARIABLE_TEST; + + Status =3D RecoveryLib->WriteResetRecord ( + RecoveryLib, + sizeof (RESET_DATA), + (UINT8*)ResetData + ); + if (EFI_ERROR(Status)) { + StandardLib->RecordAssertion ( + StandardLib, + EFI_TEST_ASSERTION_FAILED, + gTestGenericFailureGuid, + L"TestRecoveryLib - WriteResetRecord", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + return Status; + } + + // + // Check if the platform has cleared the set MOR bit 0 on reset + // + DataSize =3D sizeof(MemoryOverwriteRequestControlData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControl", // VariableName + &gEfiMemoryOverwriteControlDataGuid, // VendorGuid + &Attributes, // Attributes + &DataSize, // DataSize + &MemoryOverwriteRequestControlData // Data + ); + if (EFI_ERROR (Status) || (MOR_CLEAR_MEMORY_VALUE (MemoryOverwriteReques= tControlData) !=3D MOR_BIT_LOW)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid003, + L"MemoryOverwriteRequestControl - Validate that MOR bit = 0 is cleared after a cold reset when the bit 0 is initially set", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + if (EFI_ERROR (Status)) { + return Status; + } + + // + // Verify MemoryOverwriteRequestControlLock is created as defined in TCG= spec + // + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_UNLOCKED) || + (DataSize !=3D 1) || (Attributes !=3D TCG_MOR_VARIABLE_ATTRIBUTES)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid004, + L"MemoryOverwriteRequestControlLock - Validate that MORL= OCK is created by the platform in accordance with TCG Spec", + L"%a:%d:Status - %r, DataSize - %d, Attributes - %x", + __FILE__, + (UINTN)__LINE__, + Status, + (UINTN)DataSize, + Attributes + ); + if (EFI_ERROR (Status)) { + return Status; + } + + return EFI_SUCCESS; +} diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.c b/uefi-sct= /SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBo= xTest/TCGMemoryOverwriteRequestBBTestMain.c new file mode 100644 index 000000000000..db01df9db5e2 --- /dev/null +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.c @@ -0,0 +1,115 @@ +/** @file + + Copyright 2006 - 2016 Unified EFI, Inc.
+ Copyright (c) 2023, Arm Inc. All rights reserved.
+ + This program and the accompanying materials + are licensed and made available under the terms and conditions of the BS= D License + which accompanies this distribution. The full text of the license may b= e found at + http://opensource.org/licenses/bsd-license.php + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. + +**/ +/*++ + +Module Name: + + TCG2MORTestMain.c + +Abstract: + + for EFI Driver TCG MemoryOverwriteRequest Test + +--*/ +#include "SctLib.h" +#include "TCGMemoryOverwriteRequestBBTestMain.h" + +EFI_GUID gEfiMemoryOverwriteControlDataGuid =3D MEMORY_ONLY_RESET_CONTROL_= GUID; + +EFI_GUID gEfiMemoryOverwriteRequestControlLockGuid =3D MEMORY_OVERWRITE_RE= QUEST_CONTROL_LOCK_GUID; + +EFI_BB_TEST_PROTOCOL_FIELD gEfiTCGMemoryOverwriteRequestTestProtocolField = =3D { + TCG_MOR_TEST_REVISION, + EFI_TCG_MOR_TEST_GUID, + L"TCG MemoryOverwriteRequest Test", + L"TCG MemoryOverwriteRequest Functionality Test" +}; + +EFI_GUID gSupportProtocolGuid1[2] =3D { + EFI_STANDARD_TEST_LIBRARY_GUID, + EFI_NULL_GUID +}; + +EFI_BB_TEST_ENTRY_FIELD gLoadTCGMemoryOverwriteRequestEntryField[] =3D { + + { + EFI_TCG_MOR_TEST_ENTRY_GUID0101, + L"Test MOR and MORLOCK", + L"Test for MOR and MORLOCK EFI variables in accordance with TCG spec", + EFI_TEST_LEVEL_DEFAULT, + gSupportProtocolGuid1, + EFI_TEST_CASE_AUTO, + BBTestTCGMemoryOverwriteRequestFunctionTest + }, + + EFI_NULL_GUID +}; + +EFI_BB_TEST_PROTOCOL *gTCGMemoryOverwriteRequestTestProt; + + +EFI_STATUS +EFIAPI +UnloadTCGMemoryOverwriteRequestTest ( + IN EFI_HANDLE ImageHandle + ); + +/** + * Creates/installs the BlackBox Interface and eminating Entry Point node= list. + * @param ImageHandle The test driver image handle + * @param SystemTable Pointer to System Table + * @return EFI_SUCCESS Indicates the interface was installed + * @return EFI_OUT_OF_RESOURCES Indicates space for the new handle could = not be allocated + * @return EFI_INVALID_PARAMETER: One of the parameters has an invalid va= lue. + */ +EFI_STATUS +EFIAPI +InitializeTestTCGMemoryOverwriteRequest ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable + ) +{ + // + // initialize test utility lib + // + EfiInitializeTestLib (ImageHandle, SystemTable); + SctInitializeLib (ImageHandle, SystemTable); + + return EfiInitAndInstallBBTestInterface ( + &ImageHandle, + &gEfiTCGMemoryOverwriteRequestTestProtocolField, + gLoadTCGMemoryOverwriteRequestEntryField, + UnloadTCGMemoryOverwriteRequestTest, + &gTCGMemoryOverwriteRequestTestProt + ); +} + + +/** + * Unloads the BlackBox Interface and the Entry Point list. + * @param ImageHandle The image handle. + * @return EFI_SUCCESS The interface was uninstalled successfully. + */ +EFI_STATUS +EFIAPI +UnloadTCGMemoryOverwriteRequestTest ( + IN EFI_HANDLE ImageHandle + ) +{ + return EfiUninstallAndFreeBBTestInterface ( + ImageHandle, + gTCGMemoryOverwriteRequestTestProt + ); +} diff --git a/uefi-sct/SctPkg/CommonGenFramework.sh b/uefi-sct/SctPkg/Common= GenFramework.sh index fb9043b56bca..886e7eb7596b 100755 --- a/uefi-sct/SctPkg/CommonGenFramework.sh +++ b/uefi-sct/SctPkg/CommonGenFramework.sh @@ -226,6 +226,7 @@ then if [ -e $ProcessorType/RiscVBootProtocolBBTest.efi ]; then cp $ProcessorType/RiscVBootProtocolBBTest.efi $Framewor= k/Test/ > NUL fi + cp $ProcessorType/TCGMemoryOverwriteRequestBBTest.efi $Framework/= Test/ > NUL =20 # ********************************************* # Copy ENTS binary diff --git a/uefi-sct/SctPkg/Config/Data/Category.ini b/uefi-sct/SctPkg/Con= fig/Data/Category.ini index b34d35db9ac8..bf02ccea9218 100644 --- a/uefi-sct/SctPkg/Config/Data/Category.ini +++ b/uefi-sct/SctPkg/Config/Data/Category.ini @@ -165,6 +165,13 @@ InterfaceGuid =3D AFF115FB-387B-4C18-8C41-6AFC7F03BB90 Name =3D RuntimeServicesTest\MiscRuntimeServicesTest Description =3D =20 +[Category Data] +Revision =3D 0x00010000 +CategoryGuid =3D 265E661D-D51E-454B-BBC9-665F46EC0A04 +InterfaceGuid =3D AFF115FB-387B-4C18-8C41-6AFC7F03BB90 +Name =3D RuntimeServicesTest\TCGMemoryOverwriteRequestTest +Description =3D Test TCG Platform Reset Attack Mitigation EFI variables + [Category Data] Revision =3D 0x00010000 CategoryGuid =3D 5B1B31A1-9562-11D2-8E3F-00A0C969723B --=20 2.34.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#107966): https://edk2.groups.io/g/devel/message/107966 Mute This Topic: https://groups.io/mt/100907774/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu May 16 20:45:49 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+107963+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+107963+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=arm.com ARC-Seal: i=1; a=rsa-sha256; t=1692756595; cv=none; d=zohomail.com; s=zohoarc; b=KuZ7koRliU2L+spq075aKo3ikfLrYoX7FpGVz9q7sgVK6clwIcVKE8JjhlWHHG0Dt2U6m7ernvyDZ6zgPpZ4Gbbp71UDeGjVg34rah1/iSwxuchzt9FWewTi1MUV/Tl4ouaVji/oq4wE9j+7cqYq9n7IeFFpTwzoRlMmYIlo+98= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1692756595; h=Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=Khb40u27cFvQYUX59oSGpJCwcD3Xh88D+Z4pCSY6NrQ=; b=PUOvoCPJt0/9xi1bk0C2F7sqouJzeX7f08AeEmEdm9yf+Y9jbtSUmtI3QIIar0c971AFtcqUSxYy1FN3IcUHTv8e8vOHp1TF8/WN0x9Z+Ch8G6/PdEkf+gwTp4vcDxH7jtck+ZhMZ+Uq2oXleL9K41ObNJ629JRLS7IzahLH9dg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+107963+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1692756595548230.54129575478316; Tue, 22 Aug 2023 19:09:55 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=r5rkl0IW1kJyrogfoVnspNmgh1deIdA9XYlKphIuveU=; c=relaxed/simple; d=groups.io; h=From:To:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1692756595; v=1; b=E8p5w2B37fOQdwNtp434UREh9rWi54+k36gMugn+El6g+7SZ5LJpci7SpxIhVeN6P8f2MzaV aCB32I99K6GyRJUYAzl9m/Vcn3oLy375ZkdbdG1D2QN9sDCCq7f/WnVyHoNEXkWuHblDI5OodLq C00OfmA2jKQv/pYftKjYkrwg= X-Received: by 127.0.0.2 with SMTP id tNYtYY1788612xf7CmpJ0QMt; Tue, 22 Aug 2023 19:09:55 -0700 X-Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web11.2943.1692756591280431308 for ; Tue, 22 Aug 2023 19:09:51 -0700 X-Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 5D6051424 for ; Tue, 22 Aug 2023 19:10:31 -0700 (PDT) X-Received: from beelzebub.ast.arm.com (abhsin07-ThinkStation-P720.austin.arm.com [10.118.30.31]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 99B753F762 for ; Tue, 22 Aug 2023 19:09:50 -0700 (PDT) From: "Abhimanyu Singh" To: devel@edk2.groups.io Subject: [edk2-devel] [PATCH v2 2/6] uefi-sct/SctPkg: TCG MOR SetVariable Test Date: Tue, 22 Aug 2023 21:09:43 -0500 Message-Id: <20230823020947.124395-3-Abhi.Singh@arm.com> In-Reply-To: <20230823020947.124395-1-Abhi.Singh@arm.com> References: <20230823020947.124395-1-Abhi.Singh@arm.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,Abhi.Singh@arm.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: NvHOfsb8R0Z2cqFh6R0CNnUGx1787277AA= Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1692756596123100023 Content-Type: text/plain; charset="utf-8" SCT spec: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4374 BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4419 -Implement MemoryOverwriteRequestControlSetVariable test cases -Add Assertions 5, 6, 7, and 8 from SCT spec -Add Test Case to MemoryOverwriteRequestFunctionTest Cc: G Edhaya Chandran Cc: Barton Gao Cc: Carolyn Gjertsen Signed-off-by: Abhi Singh Change-Id: I21ed8d6613c7b9d20560b8fa4a45632008d756f9 --- uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/Guid.h | 20 ++ uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h | 7 + uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/Guid.c | 8 + uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c | 202 ++++++++++++= ++++++++ 4 files changed, 237 insertions(+) diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/Guid.h b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Runti= meServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h index a3d87a3eb764..84175504579c 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.h +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.h @@ -37,6 +37,18 @@ Abstract: #define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_004_GUID \ { 0x002519c6, 0x859f, 0x4d25, {0xb1, 0x36, 0xb2, 0xef, 0x61, 0xe5, 0xd9, 0= x6f }} =20 +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_005_GUID \ +{ 0x13e97668, 0xe905, 0x452d, {0xa0, 0x72, 0x03, 0xde, 0xbf, 0x53, 0xdf, 0= xa2 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_006_GUID \ +{ 0x94811e97, 0x7513, 0x4099, {0xae, 0xb8, 0x5a, 0x7e, 0x7d, 0x50, 0xb4, 0= x99 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_007_GUID \ +{ 0x15378290, 0x17dd, 0x4cbf, {0x8e, 0x8f, 0xc2, 0x4b, 0xc9, 0x09, 0xb4, 0= x14 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_008_GUID \ +{ 0x5f0b42ef, 0x3cec, 0x46ad, {0xbc, 0x5b, 0xc3, 0x7a, 0x1d, 0x45, 0x41, 0= x29 }} + extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid001; =20 extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid002; @@ -44,3 +56,11 @@ extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAs= sertionGuid002; extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid003; =20 extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid004; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid005; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid006; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid007; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid008; diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h b/uefi-sct= /SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBo= xTest/TCGMemoryOverwriteRequestBBTestMain.h index 45bd921ecca4..46c2c2faa388 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h @@ -85,6 +85,13 @@ TCGMemoryOverwriteRequestPlatformResetCheck ( IN RESET_DATA *ResetData ); =20 +EFI_STATUS +TCGMemoryOverwriteRequestControlSetVariable ( + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib, + IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib, + IN RESET_DATA *ResetData + ); + // ***********************************************************************= ***** // Entry GUIDs for Test // ***********************************************************************= ***** diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/Guid.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Runti= meServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c index 59c798a710f1..07bc98b8d764 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.c +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.c @@ -35,3 +35,11 @@ EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertion= Guid002 =3D EFI_TEST_TCGMO EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid003 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_003_GUID; =20 EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid004 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_004_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid005 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_005_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid006 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_006_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid007 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_007_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid008 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_008_GUID; diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c b/uefi= -sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/Bla= ckBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c index 82f9300dd296..40842f2b064e 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c @@ -37,6 +37,8 @@ Abstract: =20 #define CONTROL_SET_VARIABLE_TEST 2 =20 +#define LOCK_SET_VARIABLE_TEST 3 + =20 /** * Entry point for TCG Platform Reset Attack Mitigation MemoryOverwrite E= FI Variables Function Test. @@ -126,6 +128,15 @@ BBTestTCGMemoryOverwriteRequestFunctionTest ( return Status; } } + if (ResetData->CheckpointStep =3D=3D CONTROL_SET_VARIABLE_TEST) { + // + // Test Checkpoint CONTROL_SET_VARIABLE_TEST + // + Status =3D TCGMemoryOverwriteRequestControlSetVariable (StandardLib, R= ecoveryLib, ResetData);=20 + if(EFI_ERROR(Status)) { + return Status; + } + } // // After all Checkpoints have run // @@ -408,3 +419,194 @@ MOR_BIT_CLEAR_ON_RESET: =20 return EFI_SUCCESS; } + + +/** + * MemoryOverwriteRequestControl EFI variable SetVariable() requests with= a single invalid parameter + * @param StandardLib A pointer to EFI_STANDARD_TEST_LIBRARY_PROTOCOL + * instance. + * @param RecoveryLib A pointer to EFI_TEST_RECOVERY_LIBRARY_PROTOCOL + * instance. + * @return EFI_SUCCESS Successfully. + * @return Other value Something failed. + */ +EFI_STATUS +TCGMemoryOverwriteRequestControlSetVariable ( + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib, + IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib, + IN RESET_DATA *ResetData + ) +{ + EFI_STATUS Status; + EFI_TEST_ASSERTION Result; + UINTN DataSize; + UINT8 MemoryOverwriteRequestControlData; + UINT8 MemoryOverwriteRequestControlDataCa= ched; + UINT32 Attributes; + + // + // Write reset record to initiate checkpoint LOCK_SET_VARIABLE_TEST afte= r these assertions are complete + // + ResetData->Step =3D 0; + ResetData->CheckpointStep =3D LOCK_SET_VARIABLE_TEST; + + Status =3D RecoveryLib->WriteResetRecord ( + RecoveryLib, + sizeof (RESET_DATA), + (UINT8*)ResetData + ); + if (EFI_ERROR(Status)) { + StandardLib->RecordAssertion ( + StandardLib, + EFI_TEST_ASSERTION_FAILED, + gTestGenericFailureGuid, + L"TestRecoveryLib - WriteResetRecord", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + return Status; + } + + // + //MOR SetVariable() with invalid DataSize =3D=3D 0 returns EFI_INVALID_P= ARAMETER and value is unchanged + //using GetVariable() before and after SetVariable() to compare values o= f the data + // + DataSize =3D sizeof(MemoryOverwriteRequestControlData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControl", // VariableName + &gEfiMemoryOverwriteControlDataGuid, // VendorGuid + &Attributes, // Attributes + &DataSize, // DataSize + &MemoryOverwriteRequestControlData // Data + ); + if (EFI_ERROR (Status)) { + return Status; + } + + // caching variable for later comparison with second GetVariable() value + // SetVar with changed value and invalid DataSize =3D=3D 0 + MemoryOverwriteRequestControlDataCached =3D MemoryOverwriteRequestContro= lData; + + DataSize =3D 0; + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteRequestControlData |=3D MOR_BIT_HIGH << MOR_CLEAR_MEMORY_= BIT_OFFSET; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControl", // VariableName + &gEfiMemoryOverwriteControlDataGuid, // VendorGuid + Attributes, // Attributes + DataSize, // DataSize + &MemoryOverwriteRequestControlData // Data + ); + if (Status =3D=3D EFI_INVALID_PARAMETER) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid005, + L"MemoryOverwriteRequestControl - SetVariable() with Dat= aSize =3D=3D 0 returns EFI_INVALID_PARAMETER", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControl", // VariableName + &gEfiMemoryOverwriteControlDataGuid, // VendorGuid + &Attributes, // Attributes + &DataSize, // DataSize + &MemoryOverwriteRequestControlData // Data + ); + + // verifying that the variable has not been modified with SetVar + if (MemoryOverwriteRequestControlDataCached =3D=3D MemoryOverwriteReques= tControlData) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid006, + L"MemoryOverwriteRequestControl - SetVariable() with Dat= aSize =3D=3D 0 variable value remains unchanged", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // + // MOR SetVariable() with invalid Attributes =3D=3D NV + BS returns EFI_= INVALID_PARAMETER and value is unchanged + // SetVar with set bit 0, DataSize =3D 1 and invalid attributes =3D NV += BS + // + DataSize =3D sizeof(MemoryOverwriteRequestControlData); + Attributes =3D EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCE= SS; + MemoryOverwriteRequestControlData |=3D MOR_BIT_HIGH << MOR_CLEAR_MEMORY_= BIT_OFFSET; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControl", // VariableName + &gEfiMemoryOverwriteControlDataGuid, // VendorGuid + Attributes, // Attributes + DataSize, // DataSize + &MemoryOverwriteRequestControlData // Data + ); + if (Status =3D=3D EFI_INVALID_PARAMETER) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid007, + L"MemoryOverwriteRequestControl - SetVariable() with Att= ributes =3D=3D NV returns EFI_INVALID_PARAMETER", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControl", // VariableName + &gEfiMemoryOverwriteControlDataGuid, // VendorGuid + &Attributes, // Attributes + &DataSize, // DataSize + &MemoryOverwriteRequestControlData // Data + ); + // verifying that the variable has not been modified with SetVar + if (MemoryOverwriteRequestControlDataCached =3D=3D MemoryOverwriteReques= tControlData) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid008, + L"MemoryOverwriteRequestControl - SetVariable() with Att= ributes =3D=3D NV variable value remains unchanged", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + return EFI_SUCCESS; +} --=20 2.34.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#107963): https://edk2.groups.io/g/devel/message/107963 Mute This Topic: https://groups.io/mt/100907771/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu May 16 20:45:49 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+107964+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+107964+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=arm.com ARC-Seal: i=1; a=rsa-sha256; t=1692756595; cv=none; d=zohomail.com; s=zohoarc; b=SnXitxPH8P63+gUCWHcam3qZAIC/1W9sDiOB2HOojg+yivlkEFuFUnmEAUvLmaaXCIVMZ+9te12eRyqv/HeC2gMXCvVPgO2Ip3iNP472fGoqLSu80wo58d3h2k0aGJdoFisDD/6o2uDFB2QcoDNdylIIpkcSBVqIREQIaBbjxeI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1692756595; h=Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=SeFehpLueDKndDa8gnRJHqY44F4Owviv5PaCpOs83+g=; b=m8A9dIgvn3jC75105/H3uhLFEjEELoDtLdUlfWXS8PvoLbQV5RBfn9R56EvhKrX0M76uTWTxbY/ewol/FYpkp1s+uXs+VfYKWEAGBBhVEjfutHOi5dEO6hjq+2r0KR413qRGGyogEm5u8T52eVEyeooF54IDEzIVx3FYIOhu6Ks= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+107964+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1692756595086667.5129822775185; Tue, 22 Aug 2023 19:09:55 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=6LbMZorJ9PZTxUSgjXcVB2kkd46v9/2223vn5D+s6IE=; c=relaxed/simple; d=groups.io; h=From:To:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1692756594; v=1; b=xaW++ZjzW3QZy5KSoQbeLV+JZK9SqVXiKFeEee6Fmf/P21TXYAt79eUJ5RvJLnz8+dfx7if6 M9efUrQqRCan405EYZvhDSZX1nq0esm4aPCYQsQFpK9TZE9PYSpd9RklcUddArfImEpxAzWliRG m7NMwg6XqiXAwK3OWhuvz0JU= X-Received: by 127.0.0.2 with SMTP id Uqr7YY1788612xhsNuH0SW6E; Tue, 22 Aug 2023 19:09:54 -0700 X-Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web10.2908.1692756591336687618 for ; Tue, 22 Aug 2023 19:09:51 -0700 X-Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 693A014BF for ; Tue, 22 Aug 2023 19:10:31 -0700 (PDT) X-Received: from beelzebub.ast.arm.com (abhsin07-ThinkStation-P720.austin.arm.com [10.118.30.31]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id A36013F7C5 for ; Tue, 22 Aug 2023 19:09:50 -0700 (PDT) From: "Abhimanyu Singh" To: devel@edk2.groups.io Subject: [edk2-devel] [PATCH v2 3/6] uefi-sct/SctPkg: TCG MORLOCK SetVariable Test Date: Tue, 22 Aug 2023 21:09:44 -0500 Message-Id: <20230823020947.124395-4-Abhi.Singh@arm.com> In-Reply-To: <20230823020947.124395-1-Abhi.Singh@arm.com> References: <20230823020947.124395-1-Abhi.Singh@arm.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,Abhi.Singh@arm.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: XNGhBnSnaaxng2JtLtDLFWJvx1787277AA= Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1692756596117100021 Content-Type: text/plain; charset="utf-8" SCT spec: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4374 BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4419 -Implement MemoryOverwriteRequestControlLockSetVariable test cases -Add Assertions 9 through 18 from SCT spec -Add Test Case to MemoryOverwriteRequestFunctionTest Cc: G Edhaya Chandran Cc: Barton Gao Cc: Carolyn Gjertsen Signed-off-by: Abhi Singh Change-Id: I23ba7256441354f497ecdc96a394df5ba5cae8df --- uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/Guid.h | 50 +++ uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h | 8 + uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/Guid.c | 20 + uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c | 405 ++++++++++++= ++++++++ 4 files changed, 483 insertions(+) diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/Guid.h b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Runti= meServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h index 84175504579c..29be47393385 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.h +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.h @@ -49,6 +49,36 @@ Abstract: #define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_008_GUID \ { 0x5f0b42ef, 0x3cec, 0x46ad, {0xbc, 0x5b, 0xc3, 0x7a, 0x1d, 0x45, 0x41, 0= x29 }} =20 +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_009_GUID \ +{ 0x9665c8d9, 0x267c, 0x4393, {0xa4, 0x72, 0x10, 0x54, 0x43, 0x56, 0x20, 0= x21 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_010_GUID \ +{ 0xce655812, 0xcc40, 0x42b0, {0x80, 0xd1, 0xa7, 0x26, 0xdb, 0x14, 0x9e, 0= xa8 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_011_GUID \ +{ 0xd34348ad, 0x5d46, 0x4961, {0x91, 0x3e, 0xb1, 0xf2, 0xc5, 0xe7, 0x0f, 0= x7d }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_012_GUID \ +{ 0x838311e0, 0x419a, 0x4c92, {0x90, 0x60, 0xbf, 0x94, 0x59, 0xd3, 0xc3, 0= x59 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_013_GUID \ +{ 0x12998a9c, 0xc863, 0x4572, {0x80, 0x6c, 0xb6, 0x40, 0x97, 0x91, 0x89, 0= x7f }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_014_GUID \ +{ 0xebd4ba26, 0x44c3, 0x464a, {0x88, 0xe3, 0x3b, 0x44, 0x94, 0x88, 0xbb, 0= xb8 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_015_GUID \ +{ 0x00920c8e, 0x241d, 0x4da0, {0x8b, 0x59, 0xc3, 0xad, 0xe0, 0xd6, 0x4e, 0= xc9 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_016_GUID \ +{ 0x169a43cc, 0x23fa, 0x4887, {0x8b, 0x4f, 0x11, 0xb2, 0xa0, 0x88, 0x4f, 0= x63 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_017_GUID \ +{ 0x7c11d0ab, 0x7a84, 0x482b, {0xb7, 0x5a, 0xd7, 0x72, 0x6c, 0x3e, 0xae, 0= x0e }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_018_GUID \ +{ 0xbbaa52b6, 0x5576, 0x4acd, {0xb9, 0x5f, 0x86, 0x22, 0x5e, 0xfc, 0xb0, 0= x31 }} + extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid001; =20 extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid002; @@ -64,3 +94,23 @@ extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAs= sertionGuid006; extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid007; =20 extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid008; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid009; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid010; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid011; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid012; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid013; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid014; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid015; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid016; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid017; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid018; diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h b/uefi-sct= /SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBo= xTest/TCGMemoryOverwriteRequestBBTestMain.h index 46c2c2faa388..553959762be8 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h @@ -49,6 +49,7 @@ typedef struct _RESET_DATA { #define MOR_BIT_HIGH 0x1 =20 #define MOR_LOCK_DATA_UNLOCKED 0x0 +#define MOR_LOCK_DATA_LOCKED_WITHOUT_KEY 0x1 =20 =20 // @@ -92,6 +93,13 @@ TCGMemoryOverwriteRequestControlSetVariable ( IN RESET_DATA *ResetData ); =20 +EFI_STATUS +TCGMemoryOverwriteRequestControlLockSetVariable ( + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib, + IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib, + IN RESET_DATA *ResetData + ); + // ***********************************************************************= ***** // Entry GUIDs for Test // ***********************************************************************= ***** diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/Guid.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Runti= meServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c index 07bc98b8d764..8574b51af6e4 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.c +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.c @@ -43,3 +43,23 @@ EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertion= Guid006 =3D EFI_TEST_TCGMO EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid007 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_007_GUID; =20 EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid008 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_008_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid009 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_009_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid010 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_010_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid011 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_011_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid012 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_012_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid013 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_013_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid014 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_014_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid015 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_015_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid016 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_016_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid017 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_017_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid018 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_018_GUID; diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c b/uefi= -sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/Bla= ckBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c index 40842f2b064e..5b6adbe550c7 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c @@ -39,6 +39,8 @@ Abstract: =20 #define LOCK_SET_VARIABLE_TEST 3 =20 +#define LOCK_UNLOCKED_STATE_TEST 4 + =20 /** * Entry point for TCG Platform Reset Attack Mitigation MemoryOverwrite E= FI Variables Function Test. @@ -137,6 +139,15 @@ BBTestTCGMemoryOverwriteRequestFunctionTest ( return Status; } } + if (ResetData->CheckpointStep =3D=3D LOCK_SET_VARIABLE_TEST) { + // + // Test Checkpoint LOCK_SET_VARIABLE_TEST + // + TCGMemoryOverwriteRequestControlLockSetVariable (StandardLib, Recovery= Lib, ResetData); + if(EFI_ERROR(Status)) { + return Status; + } + } // // After all Checkpoints have run // @@ -610,3 +621,397 @@ TCGMemoryOverwriteRequestControlSetVariable ( =20 return EFI_SUCCESS; } + + +/** + * MemoryOverwriteRequestControlLock SetVariable() with different variati= ons + * of only a single invalid parameter being passed, with the rest being v= alid parameters + * @param StandardLib A pointer to EFI_STANDARD_TEST_LIBRARY_PROTOCOL + * instance. + * @param RecoveryLib A pointer to EFI_TEST_RECOVERY_LIBRARY_PROTOCOL + * instance. + * @param ResetData A pointer to the ResetData buffer which is used = throughout the + * test + * @return EFI_SUCCESS Successfully. + * @return Other value Something failed. + */ +EFI_STATUS +TCGMemoryOverwriteRequestControlLockSetVariable ( + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib, + IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib, + IN RESET_DATA *ResetData + ) +{ + EFI_STATUS Status; + EFI_TEST_ASSERTION Result; + UINTN DataSize; + UINT8 MemoryOverwriteRequestControlLockDa= ta; + UINT32 Attributes; + + if (ResetData->Step =3D=3D 0) { + goto INITIAL_RESET; + } else if (ResetData->Step =3D=3D 1) { + goto MORLOCK_SET_VARIABLE; + } + +INITIAL_RESET: + // + // Reset MORLock variable by performing a cold reset + // + + ResetData->Step =3D 1; + ResetData->CheckpointStep =3D LOCK_SET_VARIABLE_TEST; + + Status =3D RecoveryLib->WriteResetRecord ( + RecoveryLib, + sizeof (RESET_DATA), + (UINT8*)ResetData + ); + if (EFI_ERROR(Status)) { + StandardLib->RecordAssertion ( + StandardLib, + EFI_TEST_ASSERTION_FAILED, + gTestGenericFailureGuid, + L"TestRecoveryLib - WriteResetRecord", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + return Status; + } + + SctPrint (L"System will cold reset after 1 second..."); + gtBS->Stall (1000000); + gtRT->ResetSystem ( + EfiResetCold, + EFI_SUCCESS, + 0, + NULL + ); + +MORLOCK_SET_VARIABLE: + // + // reset step count and Update Checkpoint to LOCK_UNLOCKED_STATE_TEST + // + + ResetData->Step =3D 0; + ResetData->CheckpointStep =3D LOCK_UNLOCKED_STATE_TEST; + + Status =3D RecoveryLib->WriteResetRecord ( + RecoveryLib, + sizeof (RESET_DATA), + (UINT8*)ResetData + ); + if (EFI_ERROR(Status)) { + StandardLib->RecordAssertion ( + StandardLib, + EFI_TEST_ASSERTION_FAILED, + gTestGenericFailureGuid, + L"TestRecoveryLib - WriteResetRecord", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + return Status; + } + + // MORLOCK SetVariable to Locked without Key with valid GUID, variable n= ame, Data, and DataSize + // except for invalid attributes value =3D=3D 0 + // verify SetVariable returns EFI_WRITE_PROTECTED and GetVariable return= s a Data Value =3D=3D 0 + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D 0; + MemoryOverwriteRequestControlLockData =3D MOR_LOCK_DATA_LOCKED_WITHOUT_K= EY; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (Status =3D=3D EFI_WRITE_PROTECTED) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid009, + L"MemoryOverwriteRequestControlLock - SetVariable() with= Attributes =3D=3D 0 returns EFI_WRITE_PROTECTED", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // now change attributes to valid before GetVariable to check that MORLO= CK value is still 0x00 or unlocked + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_UNLOCKED)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid010, + L"MemoryOverwriteRequestControlLock - Lock value remains= Unlocked", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // MORLOCK SetVariable with valid GUID, variable name, Data, and Attribu= tes + // except for invalid DataSize =3D=3D 0 + // verify SetVariable returns EFI_WRITE_PROTECTED and GetVariable return= s a Data Value =3D=3D 0 + DataSize =3D 0; + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteRequestControlLockData =3D MOR_LOCK_DATA_LOCKED_WITHOUT_K= EY; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (Status =3D=3D EFI_WRITE_PROTECTED) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid011, + L"MemoryOverwriteRequestControlLock - SetVariable() with= DataSize =3D=3D 0 returns EFI_WRITE_PROTECTED", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // change datasize to valid value before GetVariable + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + // now check that MORLOCK value is still 0x00 or Unlocked + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_UNLOCKED)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid012, + L"MemoryOverwriteRequestControlLock - Lock value remains= Unlocked", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // MORLOCK SetVariable with valid GUID, variable name, DataSize, and Att= ributes + // except for Data =3D=3D NULL + // verify SetVariable returns EFI_INVALID_PARAMETER and GetVariable retu= rns a Data Value =3D=3D 0 + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + NULL // Data + ); + if (Status =3D=3D EFI_INVALID_PARAMETER) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid013, + L"MemoryOverwriteRequestControlLock - SetVariable() with= Data parameter as NULL returns EFI_WRITE_PROTECTED", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // now check that MORLOCK value is still =3D 0x00 or Unlocked + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_UNLOCKED)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid014, + L"MemoryOverwriteRequestControlLock - Lock value remains= Unlocked", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // MORLOCK SetVariable to Lock without key with valid GUID, variable nam= e, Data, and DataSize + // except for invalid Attributes !=3D NV+BS+RT + // this test will use invalid Attributes =3D=3D NV + BS + // verify SetVariable returns EFI_INVALID_PARAMETER and GetVariable retu= rns a Data Value =3D=3D 0 + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCE= SS; + MemoryOverwriteRequestControlLockData =3D MOR_LOCK_DATA_LOCKED_WITHOUT_K= EY; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (Status =3D=3D EFI_INVALID_PARAMETER) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid015, + L"MemoryOverwriteRequestControlLock - SetVariable() with= Attributes =3D=3D NV returns EFI_INVALID_PARAMETER", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // change attributes value to valid NV+BS+RT for GetVariable + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + // now check that MORLOCK value is =3D 0x00 or unlocked + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_UNLOCKED)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid016, + L"MemoryOverwriteRequestControlLock - Lock value remains= Unlocked", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // MORLOCK SetVariable to Locked without key with valid GUID, variable n= ame, Data, and Attributes + // except for invalid DataSize !=3D 1 && !=3D 8 + // this test will use invalid DataSize =3D=3D 5 + // verify SetVariable returns EFI_INVALID_PARAMETER and GetVariable retu= rns a Data Value =3D=3D 0 + DataSize =3D 5; + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteRequestControlLockData =3D MOR_LOCK_DATA_LOCKED_WITHOUT_K= EY; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (Status =3D=3D EFI_INVALID_PARAMETER) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid017, + L"MemoryOverwriteRequestControlLock - SetVariable() with= DataSize =3D=3D 5 returns EFI_INVALID_PARAMETER", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // change datasize to valid value for GetVariable + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + // now check that MORLOCK value is 0x00 or unlocked + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_UNLOCKED)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid018, + L"MemoryOverwriteRequestControlLock - Lock value remains= Unlocked", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + return EFI_SUCCESS; +} --=20 2.34.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#107964): https://edk2.groups.io/g/devel/message/107964 Mute This Topic: https://groups.io/mt/100907772/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu May 16 20:45:49 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+107965+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+107965+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=arm.com ARC-Seal: i=1; a=rsa-sha256; t=1692756593; cv=none; d=zohomail.com; s=zohoarc; b=MPkVtbFj/eYj16aOsFkXKO+TEZkNDRUsN+0CGPWxEYllMU9FbCVoEaFDukHm1HDsOfU1dIKmhSNLUquzQ4bCsCSwqsU94oj2YPNJEX/838OQJNidSpHkq5gb3E6asZe8hpNFgXWK298cbuzxIZozyTx05v+cix8ewK/t5UMcQ5c= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1692756593; h=Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=OvxBMUTAsfG5+OEpKYJoIhdEdHhWBnKV6HLcRM8psVI=; b=AvGhTIE1d79J4KLOMrHqNmfr2M/0y5XE+7S3QyrZMFnQlrdqNLjWJ/JoyhXDTd/38hv8ovZigW9su6Nz7o3WRDSFFCcZg0GQJVvplkNAc0JJM/+mN8OMv6b+xoEn2jrAWC0jyrhTwdAuoALAJTls5XTc8JFAwam8MT/0yYmTl88= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+107965+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1692756593151471.4023031178449; Tue, 22 Aug 2023 19:09:53 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=luicprAZbthx63f6QcHIxJE+F12wlAI/BsslLs5Hi0Q=; c=relaxed/simple; d=groups.io; h=From:To:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1692756592; v=1; b=H3uh7/sBMJKvdTZpsfqMbXzVNdZYIbUtMQ7MK61GlarwS+bX5XThPmglTAErbaStQ005vxZ8 TPv1HUol8or5HYXOsLNF7V6nrlljbKrnMy1r9BYXfIchkwNGYg1QHIGQr4GhxKN5VDabRCU90Iu FIhc+C7kDc/b6dEsF8+XsD1I= X-Received: by 127.0.0.2 with SMTP id 4emDYY1788612xjCD4hssG3V; Tue, 22 Aug 2023 19:09:52 -0700 X-Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web10.2909.1692756591367769539 for ; Tue, 22 Aug 2023 19:09:51 -0700 X-Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 759AC1515 for ; Tue, 22 Aug 2023 19:10:31 -0700 (PDT) X-Received: from beelzebub.ast.arm.com (abhsin07-ThinkStation-P720.austin.arm.com [10.118.30.31]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id AF71A3F762 for ; Tue, 22 Aug 2023 19:09:50 -0700 (PDT) From: "Abhimanyu Singh" To: devel@edk2.groups.io Subject: [edk2-devel] [PATCH v2 4/6] uefi-sct/SctPkg: TCG MORLOCK Unlocked State Test Date: Tue, 22 Aug 2023 21:09:45 -0500 Message-Id: <20230823020947.124395-5-Abhi.Singh@arm.com> In-Reply-To: <20230823020947.124395-1-Abhi.Singh@arm.com> References: <20230823020947.124395-1-Abhi.Singh@arm.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,Abhi.Singh@arm.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: 0M4cWUp3SBHhhRmP8bGFLdmQx1787277AA= Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1692756594236100007 Content-Type: text/plain; charset="utf-8" SCT spec: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4374 BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4419 -Implement MemoryOverwriteRequestControlLock Unlocked State test cases -Add Assertions 19, 20, 21, and 22 from SCT spec -Add Test Case to MemoryOverwriteRequestFunctionTest Cc: G Edhaya Chandran Cc: Barton Gao Cc: Carolyn Gjertsen Signed-off-by: Abhi Singh Change-Id: If9cbea790d6c0f5aaceb6834fb91f5e1f3752244 --- uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/Guid.h | 20 ++ uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h | 7 + uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/Guid.c | 8 + uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c | 224 ++++++++++++= ++++++++ 4 files changed, 259 insertions(+) diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/Guid.h b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Runti= meServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h index 29be47393385..daf17793c094 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.h +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.h @@ -79,6 +79,18 @@ Abstract: #define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_018_GUID \ { 0xbbaa52b6, 0x5576, 0x4acd, {0xb9, 0x5f, 0x86, 0x22, 0x5e, 0xfc, 0xb0, 0= x31 }} =20 +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_019_GUID \ +{ 0x60b227e0, 0x9f5c, 0x412c, {0x88, 0x79, 0xd3, 0x59, 0xfc, 0xd0, 0xdd, 0= x3f }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_020_GUID \ +{ 0x2eba284a, 0xf701, 0x4c19, {0xbe, 0x5c, 0x39, 0x27, 0xb0, 0x68, 0x4f, 0= xd7 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_021_GUID \ +{ 0x9a1b44ae, 0x08ce, 0x474c, {0xa5, 0x8e, 0xa6, 0xe2, 0xcf, 0xaf, 0x91, 0= x2c }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_022_GUID \ +{ 0x490d7b39, 0xcad4, 0x4e8c, {0xb1, 0x5d, 0x63, 0xd2, 0x0c, 0xb3, 0xe9, 0= x45 }} + extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid001; =20 extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid002; @@ -114,3 +126,11 @@ extern EFI_GUID gTCGMemoryOverwriteRequestTestFunction= AssertionGuid016; extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid017; =20 extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid018; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid019; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid020; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid021; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid022; diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h b/uefi-sct= /SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBo= xTest/TCGMemoryOverwriteRequestBBTestMain.h index 553959762be8..15eedc60f19d 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h @@ -100,6 +100,13 @@ TCGMemoryOverwriteRequestControlLockSetVariable ( IN RESET_DATA *ResetData ); =20 +EFI_STATUS +TCGMemoryOverwriteRequestControlLockUnlockedState ( + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib, + IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib, + IN RESET_DATA *ResetData +); + // ***********************************************************************= ***** // Entry GUIDs for Test // ***********************************************************************= ***** diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/Guid.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Runti= meServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c index 8574b51af6e4..c41a611d3a4e 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.c +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.c @@ -63,3 +63,11 @@ EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertion= Guid016 =3D EFI_TEST_TCGMO EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid017 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_017_GUID; =20 EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid018 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_018_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid019 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_019_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid020 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_020_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid021 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_021_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid022 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_022_GUID; diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c b/uefi= -sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/Bla= ckBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c index 5b6adbe550c7..77abab6e79be 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c @@ -41,6 +41,8 @@ Abstract: =20 #define LOCK_UNLOCKED_STATE_TEST 4 =20 +#define LOCK_NO_KEY_STATE_TEST 5 + =20 /** * Entry point for TCG Platform Reset Attack Mitigation MemoryOverwrite E= FI Variables Function Test. @@ -148,6 +150,15 @@ BBTestTCGMemoryOverwriteRequestFunctionTest ( return Status; } } + if (ResetData->CheckpointStep =3D=3D LOCK_UNLOCKED_STATE_TEST) { + // + // Test Checkpoint LOCK_UNLOCKED_STATE_TEST + // + TCGMemoryOverwriteRequestControlLockUnlockedState (StandardLib, Recove= ryLib, ResetData); + if(EFI_ERROR(Status)) { + return Status; + } + } // // After all Checkpoints have run // @@ -1015,3 +1026,216 @@ MORLOCK_SET_VARIABLE: =20 return EFI_SUCCESS; } + + +/** + * MemoryOverwriteRequestControlLock in Unlocked State Test + * When Unlocked, the Lock should stay unlocked when passed a valid value= of 0x00 + * Or when passed an invalud data value !=3D 0x00 or !=3D 0x01, such as 0= x02 the lock + * must stay unlocked and return EFI_INVALID_PARAMETER + * @param StandardLib A pointer to EFI_STANDARD_TEST_LIBRARY_PROTOCOL + * instance. + * @param RecoveryLib A pointer to EFI_TEST_RECOVERY_LIBRARY_PROTOCOL + * instance. + * @param ResetData A pointer to the ResetData Buffer which is used = throughout + * the test + * @return EFI_SUCCESS Successfully. + * @return Other value Something failed. + */ +EFI_STATUS +TCGMemoryOverwriteRequestControlLockUnlockedState ( + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib, + IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib, + IN RESET_DATA *ResetData + ) +{ + EFI_STATUS Status; + EFI_TEST_ASSERTION Result; + UINTN DataSize; + UINT8 MemoryOverwriteRequestControlLockDa= ta; + UINT32 Attributes; + + if (ResetData->Step =3D=3D 0) { + goto INITIAL_RESET; + } else if (ResetData->Step =3D=3D 1) { + goto MORLOCK_UNLOCKED_STATE; + } + +INITIAL_RESET: + // + // Reset MORLock variable by performing a cold reset + // + + ResetData->Step =3D 1; + ResetData->CheckpointStep =3D LOCK_UNLOCKED_STATE_TEST; + Status =3D RecoveryLib->WriteResetRecord ( + RecoveryLib, + sizeof (RESET_DATA), + (UINT8*)ResetData + ); + if (EFI_ERROR(Status)) { + StandardLib->RecordAssertion ( + StandardLib, + EFI_TEST_ASSERTION_FAILED, + gTestGenericFailureGuid, + L"TestRecoveryLib - WriteResetRecord", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + return Status; + } + + SctPrint (L"System will cold reset after 1 second..."); + gtBS->Stall (1000000); + gtRT->ResetSystem ( + EfiResetCold, + EFI_SUCCESS, + 0, + NULL + ); + +MORLOCK_UNLOCKED_STATE: + // + // TESTING MORLOCK scenarios when the Variable is in the Unlocked State + // + + ResetData->Step =3D 0; + ResetData->CheckpointStep =3D LOCK_NO_KEY_STATE_TEST; + Status =3D RecoveryLib->WriteResetRecord ( + RecoveryLib, + sizeof (RESET_DATA), + (UINT8*)ResetData + ); + if (EFI_ERROR(Status)) { + StandardLib->RecordAssertion ( + StandardLib, + EFI_TEST_ASSERTION_FAILED, + gTestGenericFailureGuid, + L"TestRecoveryLib - WriteResetRecord", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + return Status; + } + + // + //Setting MORLOCK to Unlocked when already in Unlocked State should retu= rn EFI_SUCCESS + //and the MORLOCK value should still be =3D 0x00 or Unlocked + // + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteRequestControlLockData =3D MOR_LOCK_DATA_UNLOCKED; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (Status =3D=3D EFI_SUCCESS) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid019, + L"MemoryOverwriteRequestControlLock - Setting to Unlocke= d when Already Unlocked Should return EFI_SUCCESS", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_UNLOCKED)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid020, + L"MemoryOverwriteRequestControlLock - Lock value remains= Unlocked", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // + //Setting MORLOCK with an invalid Data parameter !=3D 0x01 should return= EFI_INVALID_PARAMETER + //and the MORLOCK value should still be =3D 0x00 + // + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteRequestControlLockData =3D 0x02; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (Status =3D=3D EFI_INVALID_PARAMETER) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid021, + L"MemoryOverwriteRequestControlLock - invalid Data =3D 0= x02 returns EFI_INVALID_PARAMETER", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_UNLOCKED)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid022, + L"MemoryOverwriteRequestControlLock - Lock value remains= Unlocked", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + return EFI_SUCCESS; +} --=20 2.34.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#107965): https://edk2.groups.io/g/devel/message/107965 Mute This Topic: https://groups.io/mt/100907773/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu May 16 20:45:49 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+107967+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+107967+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=arm.com ARC-Seal: i=1; a=rsa-sha256; t=1692756594; cv=none; d=zohomail.com; s=zohoarc; b=BWRG7wVhn9/oXnQHfdEB3rtvGSmxZjRrXcvmobNwlT5olZztQYmipKtvvRW9vpJGDAPwJAIvAI7Ad9DS7RS+qym47ifntGHBkxSDp7cN9G9+Snq6QJqiyhA3izHuy5XSIdnvY/T0unUAc0F51JbZf5tP85DUa571PtUHClsWbBM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1692756594; h=Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=cz6aHgqD+g1fCutJ+y+kwVuy7eo34Mya2be2a3OGKpU=; b=XRh4F6cceLCbSACLZK/eFheATBYzTThQGYv9QNPN3cxubZJekd8+g9UKn8ivNeTrWRm/jDFAyAibej1fKOEyqE54LUwS1HB2BlPgoAwEIvJsdsGh8PoXLRERsZgsR8efGz3YSHrWg9hqI/Bx5UFmBrkq/pzzAb5knqr1sh2RjPI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+107967+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1692756594344448.20070698161874; Tue, 22 Aug 2023 19:09:54 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=6ck3ajBpPTZzKqrwkydi3qeKbL92j1edJtB/GuFkzFY=; c=relaxed/simple; d=groups.io; h=From:To:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1692756593; v=1; b=PXTAqr7AuOgXRLLIfSlQ1Fx58fl+e0QN8OdbN46iEw6WeUvrjFq3kC20gJvj/Ng1UEQe0ZdV O2HJLMtGCDcpZ31KL6WGVwnQ8K21AcbeVvxXgPs/zVVIt5jddQa4IOzXL7rPTWs0Ixh3oWa2FqQ rcJMg4+BP0I0vIiJ1lG0tpv8= X-Received: by 127.0.0.2 with SMTP id R57tYY1788612x7Zo83SMGo1; Tue, 22 Aug 2023 19:09:53 -0700 X-Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web10.2912.1692756591880596765 for ; Tue, 22 Aug 2023 19:09:52 -0700 X-Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id C4D8B152B for ; Tue, 22 Aug 2023 19:10:31 -0700 (PDT) X-Received: from beelzebub.ast.arm.com (abhsin07-ThinkStation-P720.austin.arm.com [10.118.30.31]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id BA7953F7C5 for ; Tue, 22 Aug 2023 19:09:50 -0700 (PDT) From: "Abhimanyu Singh" To: devel@edk2.groups.io Subject: [edk2-devel] [PATCH v2 5/6] uefi-sct/SctPkg: TCG MORLOCK Locked No Key State Test Date: Tue, 22 Aug 2023 21:09:46 -0500 Message-Id: <20230823020947.124395-6-Abhi.Singh@arm.com> In-Reply-To: <20230823020947.124395-1-Abhi.Singh@arm.com> References: <20230823020947.124395-1-Abhi.Singh@arm.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,Abhi.Singh@arm.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: 9kDKTnxPlu8VU7Bl6wixSNhFx1787277AA= Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1692756595405100015 Content-Type: text/plain; charset="utf-8" SCT spec: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4374 BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4419 -Implement MemoryOverwriteRequestControlLock Locked No Key State test cases -Add Assertions 23 - 32 from SCT spec -Add Test Case to MemoryOverwriteRequestFunctionTest Cc: G Edhaya Chandran Cc: Barton Gao Cc: Carolyn Gjertsen Signed-off-by: Abhi Singh Change-Id: I298f8a0f55376b00233c9ee9c6b0262dc8869ccb --- uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/Guid.h | 50 +++ uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h | 11 + uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/Guid.c | 20 + uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c | 425 ++++++++++++= ++++++++ 4 files changed, 506 insertions(+) diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/Guid.h b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Runti= meServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h index daf17793c094..023e7a37322c 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.h +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.h @@ -91,6 +91,36 @@ Abstract: #define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_022_GUID \ { 0x490d7b39, 0xcad4, 0x4e8c, {0xb1, 0x5d, 0x63, 0xd2, 0x0c, 0xb3, 0xe9, 0= x45 }} =20 +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_023_GUID \ +{ 0x397394ae, 0xce01, 0x4350, {0xa2, 0x0c, 0xe1, 0xb3, 0xe8, 0x74, 0xdc, 0= x01 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_024_GUID \ +{ 0x9cf27a60, 0x94b5, 0x4e2e, {0xb3, 0x2b, 0x51, 0x0f, 0x24, 0x7a, 0x80, 0= xd7 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_025_GUID \ +{ 0x766dc008, 0x2a88, 0x4eed, {0x91, 0x95, 0x46, 0x92, 0xdc, 0xcc, 0x1d, 0= xf6 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_026_GUID \ +{ 0x5f66c8e5, 0x1bf8, 0x4af4, {0x86, 0x45, 0xf4, 0x93, 0xa0, 0xee, 0x26, 0= x88 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_027_GUID \ +{ 0x1064f6ce, 0xb307, 0x4981, {0xac, 0x8f, 0xe5, 0xca, 0x20, 0x6c, 0x1b, 0= x8b }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_028_GUID \ +{ 0x40f2c4e9, 0xe937, 0x426e, {0x98, 0xc5, 0x62, 0xca, 0x23, 0x68, 0x52, 0= xd0 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_029_GUID \ +{ 0x6d5dcb4d, 0xe008, 0x41cc, {0x98, 0x32, 0xdf, 0xa8, 0x38, 0xb1, 0xb6, 0= x02 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_030_GUID \ +{ 0x29b81ee0, 0x368d, 0x447c, {0x9e, 0xd0, 0xa5, 0xfe, 0xd7, 0x02, 0x65, 0= x7b }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_031_GUID \ +{ 0xe88b22ce, 0x3de6, 0x49b0, {0xb2, 0x46, 0x9e, 0x35, 0x98, 0x2b, 0x9b, 0= x1c }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_032_GUID \ +{ 0xc8894201, 0x7a3a, 0x47d4, {0xa8, 0x8d, 0xdf, 0x4b, 0x03, 0xff, 0xde, 0= x4f }} + extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid001; =20 extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid002; @@ -134,3 +164,23 @@ extern EFI_GUID gTCGMemoryOverwriteRequestTestFunction= AssertionGuid020; extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid021; =20 extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid022; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid023; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid024; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid025; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid026; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid027; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid028; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid029; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid030; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid031; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid032; diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h b/uefi-sct= /SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBo= xTest/TCGMemoryOverwriteRequestBBTestMain.h index 15eedc60f19d..94ed476f86ad 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h @@ -51,6 +51,10 @@ typedef struct _RESET_DATA { #define MOR_LOCK_DATA_UNLOCKED 0x0 #define MOR_LOCK_DATA_LOCKED_WITHOUT_KEY 0x1 =20 +#define MOR_LOCK_WITH_KEY_SIZE 8 + +#define MOR_LOCK_TEST_KEY 0x11111111 + =20 // // TEST GUID for TCG Platform Reset Attack Mitigation MemoryOverwriteReque= st (MOR) Test @@ -107,6 +111,13 @@ TCGMemoryOverwriteRequestControlLockUnlockedState ( IN RESET_DATA *ResetData ); =20 +EFI_STATUS +TCGMemoryOverwriteRequestControlLockLockedNoKeyState ( + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib, + IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib, + IN RESET_DATA *ResetData + ); + // ***********************************************************************= ***** // Entry GUIDs for Test // ***********************************************************************= ***** diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/Guid.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Runti= meServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c index c41a611d3a4e..11d49306059d 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.c +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.c @@ -71,3 +71,23 @@ EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertion= Guid020 =3D EFI_TEST_TCGMO EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid021 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_021_GUID; =20 EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid022 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_022_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid023 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_023_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid024 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_024_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid025 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_025_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid026 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_026_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid027 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_027_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid028 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_028_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid029 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_029_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid030 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_030_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid031 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_031_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid032 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_032_GUID; diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c b/uefi= -sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/Bla= ckBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c index 77abab6e79be..5f5f369124f2 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c @@ -43,6 +43,8 @@ Abstract: =20 #define LOCK_NO_KEY_STATE_TEST 5 =20 +#define LOCK_WITH_KEY_STATE_TEST 6 + =20 /** * Entry point for TCG Platform Reset Attack Mitigation MemoryOverwrite E= FI Variables Function Test. @@ -159,6 +161,15 @@ BBTestTCGMemoryOverwriteRequestFunctionTest ( return Status; } } + if (ResetData->CheckpointStep =3D=3D LOCK_NO_KEY_STATE_TEST) { + // + // Test Checkpoint LOCK_NO_KEY_STATE_TEST + // + TCGMemoryOverwriteRequestControlLockLockedNoKeyState (StandardLib, Rec= overyLib, ResetData); + if(EFI_ERROR(Status)) { + return Status; + } + } // // After all Checkpoints have run // @@ -1239,3 +1250,417 @@ MORLOCK_UNLOCKED_STATE: =20 return EFI_SUCCESS; } + + +/** + * MemoryOverwriteRequestControlLock in Locked No Key State Test + * When Unlocked, a valid setvariable() with data value 0x01 must return = EFI_SUCCESS + * and the Lock value must be 0x01, value cannot changetill the system is= cold reset + * + * When Locked with no Key, SetVariable() with Data =3D 0x01, 0x00, or 0x= 11111111 (key) + * must return EFI_ACCESS_DENIED and value must still equal 0x01 + * @param StandardLib A pointer to EFI_STANDARD_TEST_LIBRARY_PROTOCOL + * instance. + * @param RecoveryLib A pointer to EFI_TEST_RECOVERY_LIBRARY_PROTOCOL + * instance. + * @param ResetData A pointer to the ResetData Buffer which is used = throughout + * the test + * @return EFI_SUCCESS Successfully. + * @return Other value Something failed. + */ +EFI_STATUS +TCGMemoryOverwriteRequestControlLockLockedNoKeyState ( + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib, + IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib, + IN RESET_DATA *ResetData + ) +{ + EFI_STATUS Status; + EFI_TEST_ASSERTION Result; + UINTN DataSize; + UINTN MemoryOverwriteControlLockKeyValue; + UINT8 MemoryOverwriteRequestControlLockDa= ta; + UINT8 MemoryOverwriteRequestControlData; + UINT8 MemoryOverwriteRequestControlDataCa= ched; + UINT32 Attributes; + + if (ResetData->Step =3D=3D 0) { + goto INITIAL_RESET; + } else if (ResetData->Step =3D=3D 1) { + goto MORLOCK_LOCKED_STATE; + } + +INITIAL_RESET: + // + // Reset MORLock variable by performing a cold reset + // + ResetData->Step =3D 1; + ResetData->CheckpointStep =3D LOCK_NO_KEY_STATE_TEST; + + Status =3D RecoveryLib->WriteResetRecord ( + RecoveryLib, + sizeof (RESET_DATA), + (UINT8*)ResetData + ); + if (EFI_ERROR(Status)) { + StandardLib->RecordAssertion ( + StandardLib, + EFI_TEST_ASSERTION_FAILED, + gTestGenericFailureGuid, + L"TestRecoveryLib - WriteResetRecord", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + return Status; + } + SctPrint (L"System will cold reset after 1 second..."); + gtBS->Stall (1000000); + gtRT->ResetSystem ( + EfiResetCold, + EFI_SUCCESS, + 0, + NULL + ); + +MORLOCK_LOCKED_STATE: + //change checkpoint to next function + ResetData->Step =3D 0; + ResetData->CheckpointStep =3D LOCK_WITH_KEY_STATE_TEST; + + Status =3D RecoveryLib->WriteResetRecord ( + RecoveryLib, + sizeof (RESET_DATA), + (UINT8*)ResetData + ); + if (EFI_ERROR(Status)) { + StandardLib->RecordAssertion ( + StandardLib, + EFI_TEST_ASSERTION_FAILED, + gTestGenericFailureGuid, + L"TestRecoveryLib - WriteResetRecord", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + return Status; + } + + // + // After Cold Reset, MORLOCK SetVariable() with value 0x01 must return E= FI_SUCCESS + // and MORLOCK GetVariable() value must now be MOR_LOCK_DATA_LOCKED_WITH= OUT_KEY + // + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteRequestControlLockData =3D MOR_LOCK_DATA_LOCKED_WITHOUT_K= EY; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (Status =3D=3D EFI_SUCCESS) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid023, + L"MemoryOverwriteRequestControlLock - Setting to Locked = without key when Unlocked returns EFI_SUCCESS", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_LOCKED_WITHOUT_KEY)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid024, + L"MemoryOverwriteRequestControlLock - Lock State is now = Locked without Key", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // + // Once Locked with no key, MORLOCK SetVariable() with value 0x00 must r= eturn EFI_ACCESS_DENIED + // and MORLOCK GetVariable() value must still be 0x01 + // + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteRequestControlLockData =3D MOR_LOCK_DATA_UNLOCKED; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (Status =3D=3D EFI_ACCESS_DENIED) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid025, + L"MemoryOverwriteRequestControlLock - Setting to Unlocke= d when Locked without key returns EFI_ACCESS_DENIED", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_LOCKED_WITHOUT_KEY)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid026, + L"MemoryOverwriteRequestControlLock - Lock State is stil= l Locked without Key", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // + // Once Locked with no key, MORLOCK SetVariable() with value 0x01 must r= eturn EFI_ACCESS_DENIED + // and MORLOCK GetVariable() value must still be 0x01 + // + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteRequestControlLockData =3D MOR_LOCK_DATA_LOCKED_WITHOUT_K= EY; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (Status =3D=3D EFI_ACCESS_DENIED) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid027, + L"MemoryOverwriteRequestControlLock - Setting to Locked = without key when already Locked without key returns EFI_ACCESS_DENIED", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_LOCKED_WITHOUT_KEY)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid028, + L"MemoryOverwriteRequestControlLock - Lock State is stil= l Locked without Key", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // + // Once Locked with no key, MORLOCK SetVariable() with 8 byte key =3D 0x= 11111111 must return EFI_ACCESS_DENIED + // and MORLOCK GetVariable() value must still be 0x01 + // + DataSize =3D MOR_LOCK_WITH_KEY_SIZE; + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteControlLockKeyValue =3D MOR_LOCK_TEST_KEY; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteControlLockKeyValue // Data + ); + if (Status =3D=3D EFI_ACCESS_DENIED) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid029, + L"MemoryOverwriteRequestControlLock - Setting to Locked = with key when Locked without key returns EFI_ACCESS_DENIED", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_LOCKED_WITHOUT_KEY)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid030, + L"MemoryOverwriteRequestControlLock - Lock State is stil= l Locked without Key", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // + // Once Locked with no key, MOR SetVariable() call to set MOR Bit 0 must= return EFI_ACCESS_DENIED + // and MOR value must not change + // + DataSize =3D sizeof(MemoryOverwriteRequestControlData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + // getting current MOR bit 0 value that will be used to check that the v= ariable is unchanged + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControl", // VariableName + &gEfiMemoryOverwriteControlDataGuid, // VendorGuid + &Attributes, // Attributes + &DataSize, // DataSize + &MemoryOverwriteRequestControlData // Data + ); + if (EFI_ERROR (Status)) { + return Status; + } + + // caching MOR and then setting bit 0 + MemoryOverwriteRequestControlDataCached =3D MemoryOverwriteRequestContro= lData; + + DataSize =3D sizeof(MemoryOverwriteRequestControlData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteRequestControlData |=3D MOR_BIT_HIGH << MOR_CLEAR_MEMORY_= BIT_OFFSET; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControl", // VariableName + &gEfiMemoryOverwriteControlDataGuid, // VendorGuid + Attributes, // Attributes + DataSize, // DataSize + &MemoryOverwriteRequestControlData // Data + ); + if (Status =3D=3D EFI_ACCESS_DENIED) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid031, + L"MemoryOverwriteRequestControl - SetVariable() returns = EFI_ACCESS_DENIED when Lock is Set with no key", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControl", // VariableName + &gEfiMemoryOverwriteControlDataGuid, // VendorGuid + &Attributes, // Attributes + &DataSize, // DataSize + &MemoryOverwriteRequestControlData // Data + ); + + // verifying that the variable has not been modified with SetVar, provin= g that MORLOCK acts as a lock + if (MemoryOverwriteRequestControlDataCached =3D=3D MemoryOverwriteReques= tControlData) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid032, + L"MemoryOverwriteRequestControl - When LOCK is set, MOR = bit 0 remains unchanged after an attempt to set it", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + return EFI_SUCCESS; +} --=20 2.34.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#107967): https://edk2.groups.io/g/devel/message/107967 Mute This Topic: https://groups.io/mt/100907775/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu May 16 20:45:49 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+107968+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+107968+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=arm.com ARC-Seal: i=1; a=rsa-sha256; t=1692756594; cv=none; d=zohomail.com; s=zohoarc; b=gunHt/qPo1NCp1wUsVZBBAH6IZFQZKy1pHP3e9slUGtNlkYCZBRPHMRZxT/pghvN0GzUXPuHUP03toL8utcUyKqrH5yD9IgAlHuE+EoiBpwCnHuL0tDRoeZeqgJhEHTTN5MwHmAcVyENvGUM80OcGjAXCtXGbuWRbZ17YIeshHs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1692756594; h=Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=n0owCLAjSttnJZSL2Aq/IXCI7/NFo53BrhvxxiWG/do=; b=YkOXOXcH6BhJ0nGYM9gQMtXUelOOpk+lshCsnLwDJdycXvVFZ8G+cB/Mu67SMY/j9weeHhfa7KaztScR7vw8Q8eGpnClTCXVH0YAEmBUlfJLMi1+WUpYWePSoRBhgA2Zg9k7+HAnU1cjk33ZAS8QbC0Fuvq009hLJetOCAMTbE0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+107968+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1692756594252706.3343241000713; Tue, 22 Aug 2023 19:09:54 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=I0uQpQExkdhe/cawDTWPbQDD5ueCtIymBLQP0+spAGs=; c=relaxed/simple; d=groups.io; h=From:To:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1692756593; v=1; b=nU0/A99qqUY71+QcUiUlJZbey+fkuV9pTFUS0Rjuw9Adi/PbTysbJguv2NtWj9QadPYNBAIE 29k9ntj+s0SY7Jhw1zRvjtHmVOQiSXHCWqAhQ4QguFZ8XQYNsgO1mQnhZpgMBtqsNuYcRVzFPms 4HOy1pAbdJoX9pcHuRVAqg5k= X-Received: by 127.0.0.2 with SMTP id SxulYY1788612xRpSlziLZWA; Tue, 22 Aug 2023 19:09:53 -0700 X-Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web10.2911.1692756591875475827 for ; Tue, 22 Aug 2023 19:09:52 -0700 X-Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 8F5411516 for ; Tue, 22 Aug 2023 19:10:31 -0700 (PDT) X-Received: from beelzebub.ast.arm.com (abhsin07-ThinkStation-P720.austin.arm.com [10.118.30.31]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id C65023F762 for ; Tue, 22 Aug 2023 19:09:50 -0700 (PDT) From: "Abhimanyu Singh" To: devel@edk2.groups.io Subject: [edk2-devel] [PATCH v2 6/6] uefi-sct/SctPkg: TCG MORLOCK Locked with Key State Test Date: Tue, 22 Aug 2023 21:09:47 -0500 Message-Id: <20230823020947.124395-7-Abhi.Singh@arm.com> In-Reply-To: <20230823020947.124395-1-Abhi.Singh@arm.com> References: <20230823020947.124395-1-Abhi.Singh@arm.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,Abhi.Singh@arm.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: 1k41qAnZxOc3BwKYofXRKcLrx1787277AA= Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1692756596123100022 Content-Type: text/plain; charset="utf-8" SCT spec: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4374 BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4419 -Implement MemoryOverwriteRequestControlLock Locked with Key State test cases -Add remaining Assertions 33 - 49 from SCT spec -Add Test Case to MemoryOverwriteRequestFunctionTest Cc: G Edhaya Chandran Cc: Barton Gao Cc: Carolyn Gjertsen Signed-off-by: Abhi Singh Change-Id: Ifade96b0c6ec9e7f9bfb0eba8ceeb92380271e8b --- uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/Guid.h | 85 +++ uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h | 11 +- uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/Guid.c | 34 ++ uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c | 623 ++++++++++++= ++++++++ 4 files changed, 752 insertions(+), 1 deletion(-) diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/Guid.h b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Runti= meServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h index 023e7a37322c..cf7f3e180f54 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.h +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.h @@ -121,6 +121,57 @@ Abstract: #define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_032_GUID \ { 0xc8894201, 0x7a3a, 0x47d4, {0xa8, 0x8d, 0xdf, 0x4b, 0x03, 0xff, 0xde, 0= x4f }} =20 +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_033_GUID \ +{ 0x38a813ac, 0x8eb9, 0x46ce, {0xa8, 0x6b, 0x40, 0x8c, 0x07, 0x5f, 0xc7, 0= xed }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_034_GUID \ +{ 0x919b8392, 0xcb78, 0x49ff, {0xa3, 0x18, 0x49, 0x78, 0x76, 0xe0, 0xf8, 0= xf8 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_035_GUID \ +{ 0x219abaf2, 0x04a9, 0x407c, {0xb5, 0xde, 0xa0, 0x03, 0x6e, 0x65, 0xb0, 0= xb9 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_036_GUID \ +{ 0x9a51640a, 0xff14, 0x402b, {0xb0, 0x57, 0xa0, 0xc4, 0xf7, 0x20, 0x8e, 0= x44 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_037_GUID \ +{ 0x8ccd0dbb, 0x9b0a, 0x4bfb, {0xa0, 0x7e, 0xc6, 0x06, 0x8b, 0x91, 0x0d, 0= xfb }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_038_GUID \ +{ 0xde6f4e17, 0xe375, 0x4dcb, {0x8f, 0x07, 0x77, 0x7e, 0x62, 0x49, 0xea, 0= x2c }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_039_GUID \ +{ 0x4ab6927b, 0x5ee4, 0x4748, {0xa4, 0x9d, 0x2d, 0xf3, 0x70, 0x01, 0x41, 0= xd5 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_040_GUID \ +{ 0x33142ecf, 0x0f92, 0x4625, {0xb7, 0xf6, 0x7f, 0x15, 0x25, 0x74, 0xd3, 0= x03 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_041_GUID \ +{ 0xf73c04df, 0x2e42, 0x4174, {0x82, 0x18, 0x0f, 0x25, 0x46, 0x4a, 0x55, 0= xe9 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_042_GUID \ +{ 0xd4eacf82, 0x55d1, 0x4ba1, {0xbe, 0x89, 0x6a, 0x2e, 0x44, 0x0f, 0xc7, 0= xc0 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_043_GUID \ +{ 0xfd88fe63, 0x5ed4, 0x482a, {0x98, 0x44, 0x23, 0x90, 0xf9, 0x09, 0x1c, 0= x20 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_044_GUID \ +{ 0x176f16cb, 0xf3a4, 0x4f12, {0x8f, 0x96, 0x4a, 0xc1, 0x8b, 0xdd, 0x6e, 0= x3c }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_045_GUID \ +{ 0xf0d5e7b3, 0xdc0f, 0x4a18, {0xb9, 0x78, 0x09, 0x3b, 0x15, 0x55, 0x66, 0= xbf }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_046_GUID \ +{ 0x9bf14c4b, 0x2950, 0x4c4e, {0x8b, 0xa3, 0x06, 0x46, 0xf1, 0x27, 0x8c, 0= x05 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_047_GUID \ +{ 0xb0468dee, 0xb1d0, 0x4795, {0x9f, 0xbf, 0xbe, 0x3f, 0x40, 0x2f, 0x3d, 0= x6f }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_048_GUID \ +{ 0x1f7dd903, 0xcd58, 0x4d6f, {0x80, 0xd6, 0x4f, 0x6d, 0xcb, 0x4a, 0xd6, 0= xc9 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_049_GUID \ +{ 0x439179c2, 0x744d, 0x43bc, {0xb0, 0x67, 0x7b, 0x65, 0x60, 0x62, 0x6f, 0= x5e }} + extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid001; =20 extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid002; @@ -184,3 +235,37 @@ extern EFI_GUID gTCGMemoryOverwriteRequestTestFunction= AssertionGuid030; extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid031; =20 extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid032; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid033; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid034; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid035; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid036; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid037; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid038; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid039; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid040; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid041; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid042; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid043; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid044; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid045; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid046; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid047; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid048; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid049; diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h b/uefi-sct= /SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBo= xTest/TCGMemoryOverwriteRequestBBTestMain.h index 94ed476f86ad..76b3c76340cf 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h @@ -50,11 +50,13 @@ typedef struct _RESET_DATA { =20 #define MOR_LOCK_DATA_UNLOCKED 0x0 #define MOR_LOCK_DATA_LOCKED_WITHOUT_KEY 0x1 +#define MOR_LOCK_DATA_LOCKED_WITH_KEY 0x2 =20 +#define MOR_LOCK_NO_KEY_SIZE 1 #define MOR_LOCK_WITH_KEY_SIZE 8 =20 #define MOR_LOCK_TEST_KEY 0x11111111 - +#define MOR_LOCK_INVALID_TEST_KEY 0x22222222 =20 // // TEST GUID for TCG Platform Reset Attack Mitigation MemoryOverwriteReque= st (MOR) Test @@ -118,6 +120,13 @@ TCGMemoryOverwriteRequestControlLockLockedNoKeyState ( IN RESET_DATA *ResetData ); =20 +EFI_STATUS +TCGMemoryOverwriteRequestControlLockLockedWithKeyState ( + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib, + IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib, + IN RESET_DATA *ResetData + ); + // ***********************************************************************= ***** // Entry GUIDs for Test // ***********************************************************************= ***** diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/Guid.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Runti= meServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c index 11d49306059d..6bde8f686a16 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.c +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.c @@ -91,3 +91,37 @@ EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertion= Guid030 =3D EFI_TEST_TCGMO EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid031 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_031_GUID; =20 EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid032 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_032_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid033 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_033_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid034 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_034_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid035 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_035_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid036 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_036_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid037 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_037_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid038 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_038_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid039 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_039_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid040 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_040_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid041 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_041_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid042 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_042_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid043 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_043_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid044 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_044_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid045 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_045_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid046 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_046_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid047 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_047_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid048 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_048_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid049 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_049_GUID; diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c b/uefi= -sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/Bla= ckBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c index 5f5f369124f2..32f3a9cb58d5 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c @@ -170,6 +170,15 @@ BBTestTCGMemoryOverwriteRequestFunctionTest ( return Status; } } + if (ResetData->CheckpointStep =3D=3D LOCK_WITH_KEY_STATE_TEST) { + // + // Test Checkpoint LOCK_WITH_KEY_STATE_TEST + // + TCGMemoryOverwriteRequestControlLockLockedWithKeyState (StandardLib, R= ecoveryLib, ResetData); + if(EFI_ERROR(Status)) { + return Status; + } + } // // After all Checkpoints have run // @@ -1664,3 +1673,617 @@ MORLOCK_LOCKED_STATE: =20 return EFI_SUCCESS; } + + +/** + * MemoryOverwriteRequestControlLock in Locked with Key State Test + * When Unlocked, a valid SetVariable() with an 8 byte key must return EF= I_SUCCESS + * and the Lock value must be 0x02 (MOR_LOCK_DATA_LOCKED_WITH_KEY), in or= der to=20 + * unlock, the same 8 byte key must be passed. + * =20 + * When Locked with an 8 byte key, SetVariable() with the same 8 byte key + * must return EFI_SUCCESS and the Lock value must be 0x00 or MOR_LOCK_DA= TA_UNLOCKED. + * + * When Locked with an 8 byte Key, SetVariable() with DataSize !=3D 8 and=20 + * Data =3D 0x01 (MOR_LOCK_DATA_LOCKED_WITHOUT_KEY) or 0x00 (MOR_LOCK_DAT= A_UNLOCKED) + * must return EFI_ACCESS_DENIED + * and value must still equal to 0x02 (MOR_LOCK_DATA_LOCKED_WITH_KEY). + * + * When Locked with an 8 byte Key, SetVariable() with 8 byte key !=3D key= used to set + * the lock, in this case 0x11111111 (MOR_LOCK_TEST_KEY), must return EFI= _ACCESS_DENIED + * and lock value must be updated to 0x01 (MOR_LOCK_DATA_LOCKED_WITHOUT_K= EY) + * to prevent dictonary attack. + * + * @param StandardLib A pointer to EFI_STANDARD_TEST_LIBRARY_PROTOCOL + * instance. + * @param RecoveryLib A pointer to EFI_TEST_RECOVERY_LIBRARY_PROTOCOL + * instance. + * @param ResetData A pointer to the ResetData Buffer which is used = throughout + * the test + * @return EFI_SUCCESS Successfully. + * @return Other value Something failed. + */ +EFI_STATUS +TCGMemoryOverwriteRequestControlLockLockedWithKeyState ( + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib, + IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib, + IN RESET_DATA *ResetData + ) +{ + EFI_STATUS Status; + EFI_TEST_ASSERTION Result; + UINTN DataSize; + UINT8 MemoryOverwriteRequestControlLockDa= ta; + UINTN MemoryOverwriteControlLockKeyValue; + UINT8 MemoryOverwriteRequestControlData; + UINT8 MemoryOverwriteRequestControlDataCa= ched; + UINT32 Attributes; + + if (ResetData->Step =3D=3D 0) { + goto INITIAL_RESET; + } else if (ResetData->Step =3D=3D 1) { + goto MORLOCK_LOCKED_KEY_STATE; + } + +INITIAL_RESET: + // + // Reset MORLock variable by performing a cold reset + // + + ResetData->Step =3D 1; + ResetData->CheckpointStep =3D LOCK_WITH_KEY_STATE_TEST; + Status =3D RecoveryLib->WriteResetRecord ( + RecoveryLib, + sizeof (RESET_DATA), + (UINT8*)ResetData + ); + if (EFI_ERROR(Status)) { + StandardLib->RecordAssertion ( + StandardLib, + EFI_TEST_ASSERTION_FAILED, + gTestGenericFailureGuid, + L"TestRecoveryLib - WriteResetRecord", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + return Status; + } + SctPrint (L"System will cold reset after 1 second..."); + gtBS->Stall (1000000); + gtRT->ResetSystem ( + EfiResetCold, + EFI_SUCCESS, + 0, + NULL + ); + +MORLOCK_LOCKED_KEY_STATE: + // + // MORLOCK Reboot system to clear Lock, and invoke SetVariable() with va= lid 8 byte key + // In this case =3D 0x11111111, must return EFI_SUCCESS and GetVariable(= ) value must =3D 0x02 + // + + DataSize =3D MOR_LOCK_WITH_KEY_SIZE; + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteControlLockKeyValue =3D MOR_LOCK_TEST_KEY; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteControlLockKeyValue // Data + ); + if (Status =3D=3D EFI_SUCCESS) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid033, + L"MemoryOverwriteRequestControlLock - Setting to Locked = with key =3D 0x11111111 when Unlocked returns EFI_SUCCESS", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_LOCKED_WITH_KEY)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid034, + L"MemoryOverwriteRequestControlLock - Lock State is now = Locked and Key =3D 0x11111111", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // + // Locked with 8 byte key, invoke SetVariable() with the same valid 8 by= te key used to lock + // In this case =3D 0x11111111, must return EFI_SUCCESS and GetVariable(= ) value must =3D 0x00 + // + DataSize =3D MOR_LOCK_WITH_KEY_SIZE; + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteControlLockKeyValue =3D MOR_LOCK_TEST_KEY; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteControlLockKeyValue // Data + ); + if (Status =3D=3D EFI_SUCCESS) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid035, + L"MemoryOverwriteRequestControlLock - Setting to unlocke= d with key =3D 0x11111111 when Locked with the same key returns EFI_SUCCESS= ", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_UNLOCKED)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid036, + L"MemoryOverwriteRequestControlLock - Lock State is now = Unlocked", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // + // Lock with same 8 byte key again, verify EFI_SUCCESS is returned + // unlock attempt: invoke SetVariable() with the same valid 8 byte=20 + // key used to lock =3D 0x11111111, but with invalid DataSize =3D=3D 1 + // must return EFI_ACCESS_DENIED and GetVariable() value must =3D 0x02 + // + DataSize =3D MOR_LOCK_WITH_KEY_SIZE; + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteControlLockKeyValue =3D MOR_LOCK_TEST_KEY; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteControlLockKeyValue // Data + ); + if (Status =3D=3D EFI_SUCCESS) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid037, + L"MemoryOverwriteRequestControlLock - Setting to Locked = with key =3D 0x11111111 when Unlocked returns EFI_SUCCESS", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D MOR_LOCK_NO_KEY_SIZE; // invalid datasize =3D=3D 1 + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteControlLockKeyValue =3D MOR_LOCK_TEST_KEY; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteControlLockKeyValue // Data + ); + if (Status =3D=3D EFI_ACCESS_DENIED) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid038, + L"MemoryOverwriteRequestControlLock - Attempting to unlo= ck by passing Invalid DataSize returns EFI_ACCESS_DENIED", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_LOCKED_WITH_KEY)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid039, + L"MemoryOverwriteRequestControlLock - Lock State is stil= l Locked with Key =3D 0x11111111", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // + // invoke MORLOCK SetVariable() with Data value =3D 0x00 to change to un= locked + // must return EFI_ACCESS_DENIED and GetVariable() value must still =3D = 0x02 + // + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteRequestControlLockData =3D MOR_LOCK_DATA_UNLOCKED; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (Status =3D=3D EFI_ACCESS_DENIED) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid040, + L"MemoryOverwriteRequestControlLock - Setting to Unlocke= d when Locked with key returns EFI_ACCESS_DENIED", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_LOCKED_WITH_KEY)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid041, + L"MemoryOverwriteRequestControlLock - Lock State is stil= l Locked with Key =3D 0x11111111", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // + // invoke MORLOCK SetVariable() with Data value =3D 0x01 to change to lo= cked without key + // must return EFI_ACCESS_DENIED and GetVariable() value must still =3D = 0x02 + // + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteRequestControlLockData =3D MOR_LOCK_DATA_LOCKED_WITHOUT_K= EY; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (Status =3D=3D EFI_ACCESS_DENIED) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid042, + L"MemoryOverwriteRequestControlLock - Setting to Locked = without key when Locked with key returns EFI_ACCESS_DENIED", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_LOCKED_WITH_KEY)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid043, + L"MemoryOverwriteRequestControlLock - Lock State is stil= l Locked with Key =3D 0x11111111", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // + // Once Locked with key, MOR SetVariable() call to set MOR Bit 0 must re= turn EFI_ACCESS_DENIED + // and MOR value must not change + // + DataSize =3D sizeof(MemoryOverwriteRequestControlData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + // getting current MOR value that will be used to check that the variabl= e is unchanged + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControl", // VariableName + &gEfiMemoryOverwriteControlDataGuid, // VendorGuid + &Attributes, // Attributes + &DataSize, // DataSize + &MemoryOverwriteRequestControlData // Data + ); + if (EFI_ERROR (Status)) { + return Status; + } + + // caching variable and setting the bit 0 + MemoryOverwriteRequestControlDataCached =3D MemoryOverwriteRequestContro= lData; + + DataSize =3D sizeof(MemoryOverwriteRequestControlData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteRequestControlData |=3D MOR_BIT_HIGH << MOR_CLEAR_MEMORY_= BIT_OFFSET; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControl", // VariableName + &gEfiMemoryOverwriteControlDataGuid, // VendorGuid + Attributes, // Attributes + DataSize, // DataSize + &MemoryOverwriteRequestControlData // Data + ); + if (Status =3D=3D EFI_ACCESS_DENIED) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid044, + L"MemoryOverwriteRequestControl - SetVariable() returns = EFI_ACCESS_DENIED when Lock is Set with no key", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControl", // VariableName + &gEfiMemoryOverwriteControlDataGuid, // VendorGuid + &Attributes, // Attributes + &DataSize, // DataSize + &MemoryOverwriteRequestControlData // Data + ); + + // verifying that the variable has not been modified with SetVar + if (MemoryOverwriteRequestControlDataCached =3D=3D MemoryOverwriteReques= tControlData) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid045, + L"MemoryOverwriteRequestControl - SetVariable() value re= mains unchanged when Lock is Set with no key", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // + // When Locked with an 8 byte Key, SetVariable() with 8 byte key !=3D ke= y used to set + // the lock, in this case 0x11111111, must return EFI_ACCESS_DENIED and = lock must + // be updated Locked without key (Data value =3D 0x01) to prevent dicton= ary attack + // The invalid key to be used to attempt unlock is =3D 0x22222222 + // + DataSize =3D MOR_LOCK_WITH_KEY_SIZE; + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteControlLockKeyValue =3D MOR_LOCK_INVALID_TEST_KEY; //INVA= LID KEY !=3D 0x11111111 + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteControlLockKeyValue // Data + ); + if (Status =3D=3D EFI_ACCESS_DENIED) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid046, + L"MemoryOverwriteRequestControlLock - Unlocking Lock wit= h Invalid key !=3D 0x11111111 returns EFI_ACCESS_DENIED", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_LOCKED_WITHOUT_KEY)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid047, + L"MemoryOverwriteRequestControlLock - Lock State is now = locked without key", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // + // Lock has been updated to Locked without key (Data value =3D 0x01) to = prevent dictonary attack + // Now check to see if the Lock can still be unlocked with the corect Ke= y from assertion 37 + // The key to be used to attempt unlock is =3D 0x11111111 + // + DataSize =3D MOR_LOCK_WITH_KEY_SIZE; + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteControlLockKeyValue =3D MOR_LOCK_TEST_KEY; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteControlLockKeyValue // Data + ); + if (Status =3D=3D EFI_ACCESS_DENIED) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid048, + L"MemoryOverwriteRequestControlLock - Attempt to unlock = Lock after dictionary attack mitigation returns EFI_ACCESS_DENIED", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_LOCKED_WITHOUT_KEY)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid049, + L"MemoryOverwriteRequestControlLock - Lock State is stil= l locked without key", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + return EFI_SUCCESS; +} --=20 2.34.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#107968): https://edk2.groups.io/g/devel/message/107968 Mute This Topic: https://groups.io/mt/100907776/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-