From nobody Sat Apr 20 02:53:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+61596+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61596+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1592911147; cv=none; d=zohomail.com; s=zohoarc; b=kMWIjjecOqLCLgHOyVLoAnxhgJV5r52uNRcwteS52eOiKFEhQyPMiAzGdJgBPBbeflliSCzSK4yJ6WVIQYnoWqt+CSIuBmR8xkD0xbcqh/wUFKvZ3Phpus8hG+MBeiOuwCDgIoRJc1fGccyR1p9CC81SWJJXaafA5R3KrtvEOLM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1592911147; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=o41HLadi3g+A5Ji/BsTvUiuil+4YntGrrom/l8Q1k44=; b=bbU8IfXgKY94SqFXVqWskyjd6NI96hIyiOGDLaullhKs6+ATJHfZG4ETEWHu5d5KYN0OL/1YXhRMSy72Xa43ULa3vyTmRBfctYD4gNwkYPk95Jpw4zFsxrLMraB3eAp0nxE8TeYhvFUoi8vjo0CpzT0K+gc95h42yGq5SY5n1h4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61596+1787277+3901457@groups.io Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1592911147142560.0864955322874; Tue, 23 Jun 2020 04:19:07 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id qvUEYY1788612xQczJIUxoil; Tue, 23 Jun 2020 04:19:06 -0700 X-Received: from mail-pg1-f174.google.com (mail-pg1-f174.google.com [209.85.215.174]) by mx.groups.io with SMTP id smtpd.web10.1705.1592894576926750000 for ; Mon, 22 Jun 2020 23:42:57 -0700 X-Received: by mail-pg1-f174.google.com with SMTP id e18so9422135pgn.7 for ; Mon, 22 Jun 2020 23:42:56 -0700 (PDT) X-Gm-Message-State: E4DmEvzRGobwSvWXikxIeoWsx1787277AA= X-Google-Smtp-Source: ABdhPJzFnYQoIbQ8ysOpH3GTZmGC4EGLcVSJWjOt4um2eeZ9SqejPpXBLmKE0KjtNGM6w+GT+ttfdw== X-Received: by 2002:a63:145f:: with SMTP id 31mr16259412pgu.383.1592894576260; Mon, 22 Jun 2020 23:42:56 -0700 (PDT) X-Received: from localhost.localdomain (174-21-80-75.tukw.qwest.net. [174.21.80.75]) by smtp.gmail.com with ESMTPSA id d6sm1383818pjh.5.2020.06.22.23.42.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Jun 2020 23:42:55 -0700 (PDT) From: "Bret Barkelew" X-Google-Original-From: Bret Barkelew To: devel@edk2.groups.io Cc: Jian J Wang , Hao A Wu , Liming Gao Subject: [edk2-devel] [PATCH v6 01/14] MdeModulePkg: Define the VariablePolicy protocol interface Date: Mon, 22 Jun 2020 23:40:51 -0700 Message-Id: <20200623064104.1908-2-brbarkel@microsoft.com> In-Reply-To: <20200623064104.1908-1-brbarkel@microsoft.com> References: <20200623064104.1908-1-brbarkel@microsoft.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,bret@corthon.com Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1592911146; bh=7acxXze5mH4nQlgl0AgW8PJD1eX61Pqn9epWZvzz8pE=; h=Cc:Date:From:Reply-To:Subject:To; b=ZdBie6Gm6ctpQqsJz+VjvfjKRljuGhhb/USMPO0oQYn2soG8SDc9mA9kO+fOknkyhrQ Lb1f96MbqNik408VXJ1H6v7Sql4Sp1fz3VRwYMokgpRUql+wwlO+FX6G2oq8FNubkjzUZ avyc5nh8J6q409PbTe6JE7iIGkej+n1NhYg= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" https://bugzilla.tianocore.org/show_bug.cgi?id=3D2522 VariablePolicy is an updated interface to replace VarLock and VarCheckProtocol. Add the VariablePolicy protocol interface header and add to the MdeModulePkg.dec file. Cc: Jian J Wang Cc: Hao A Wu Cc: Liming Gao Cc: Bret Barkelew Signed-off-by: Bret Barkelew --- MdeModulePkg/Include/Protocol/VariablePolicy.h | 157 ++++++++++++++++++++ MdeModulePkg/MdeModulePkg.dec | 14 +- MdeModulePkg/MdeModulePkg.uni | 7 + 3 files changed, 177 insertions(+), 1 deletion(-) diff --git a/MdeModulePkg/Include/Protocol/VariablePolicy.h b/MdeModulePkg/= Include/Protocol/VariablePolicy.h new file mode 100644 index 000000000000..8226c187a77b --- /dev/null +++ b/MdeModulePkg/Include/Protocol/VariablePolicy.h @@ -0,0 +1,157 @@ +/** @file -- VariablePolicy.h + +This protocol allows communication with Variable Policy Engine. + +Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#ifndef __EDKII_VARIABLE_POLICY_PROTOCOL__ +#define __EDKII_VARIABLE_POLICY_PROTOCOL__ + +#define EDKII_VARIABLE_POLICY_PROTOCOL_REVISION 0x0000000000010000 + +#define EDKII_VARIABLE_POLICY_PROTOCOL_GUID \ + { \ + 0x81D1675C, 0x86F6, 0x48DF, { 0xBD, 0x95, 0x9A, 0x6E, 0x4F, 0x09, 0x25= , 0xC3 } \ + } + +#define VARIABLE_POLICY_ENTRY_REVISION 0x00010000 + +#pragma pack(push, 1) +typedef struct { + UINT32 Version; + UINT16 Size; + UINT16 OffsetToName; + EFI_GUID Namespace; + UINT32 MinSize; + UINT32 MaxSize; + UINT32 AttributesMustHave; + UINT32 AttributesCantHave; + UINT8 LockPolicyType; + UINT8 Padding[3]; + // UINT8 LockPolicy[]; // Variable Length Field + // CHAR16 Name[] // Variable Length Field +} VARIABLE_POLICY_ENTRY; + +#define VARIABLE_POLICY_NO_MIN_SIZE 0 +#define VARIABLE_POLICY_NO_MAX_SIZE MAX_UINT32 +#define VARIABLE_POLICY_NO_MUST_ATTR 0 +#define VARIABLE_POLICY_NO_CANT_ATTR 0 + +#define VARIABLE_POLICY_TYPE_NO_LOCK 0 +#define VARIABLE_POLICY_TYPE_LOCK_NOW 1 +#define VARIABLE_POLICY_TYPE_LOCK_ON_CREATE 2 +#define VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE 3 + +typedef struct { + EFI_GUID Namespace; + UINT8 Value; + UINT8 Padding; + // CHAR16 Name[]; // Variable Length Field +} VARIABLE_LOCK_ON_VAR_STATE_POLICY; +#pragma pack(pop) + +/** + This API function disables the variable policy enforcement. If it's + already been called once, will return EFI_ALREADY_STARTED. + + @retval EFI_SUCCESS + @retval EFI_ALREADY_STARTED Has already been called once this boot. + @retval EFI_WRITE_PROTECTED Interface has been locked until reboot. + @retval EFI_WRITE_PROTECTED Interface option is disabled by platfo= rm PCD. + +**/ +typedef +EFI_STATUS +(EFIAPI *DISABLE_VARIABLE_POLICY)( + VOID + ); + +/** + This API function returns whether or not the policy engine is + currently being enforced. + + @param[out] State Pointer to a return value for whether the poli= cy enforcement + is currently enabled. + + @retval EFI_SUCCESS + @retval Others An error has prevented this command from compl= eting. + +**/ +typedef +EFI_STATUS +(EFIAPI *IS_VARIABLE_POLICY_ENABLED)( + OUT BOOLEAN *State + ); + +/** + This API function validates and registers a new policy with + the policy enforcement engine. + + @param[in] NewPolicy Pointer to the incoming policy structure. + + @retval EFI_SUCCESS + @retval EFI_INVALID_PARAMETER NewPolicy is NULL or is internally i= nconsistent. + @retval EFI_ALREADY_STARTED An identical matching policy already= exists. + @retval EFI_WRITE_PROTECTED The interface has been locked until = the next reboot. + @retval EFI_ABORTED A calculation error has prevented th= is function from completing. + @retval EFI_OUT_OF_RESOURCES Cannot grow the table to hold any mo= re policies. + +**/ +typedef +EFI_STATUS +(EFIAPI *REGISTER_VARIABLE_POLICY)( + IN CONST VARIABLE_POLICY_ENTRY *PolicyEntry + ); + +/** + This API function will dump the entire contents of the variable policy t= able. + + Similar to GetVariable, the first call can be made with a 0 size and it = will return + the size of the buffer required to hold the entire table. + + @param[out] Policy Pointer to the policy buffer. Can be NULL if Siz= e is 0. + @param[in,out] Size On input, the size of the output buffer. On outp= ut, the size + of the data returned. + + @retval EFI_SUCCESS Policy data is in the output buffer = and Size has been updated. + @retval EFI_INVALID_PARAMETER Size is NULL, or Size is non-zero an= d Policy is NULL. + @retval EFI_BUFFER_TOO_SMALL Size is insufficient to hold policy.= Size updated with required size. + +**/ +typedef +EFI_STATUS +(EFIAPI *DUMP_VARIABLE_POLICY)( + IN OUT UINT8 *Policy, + IN OUT UINT32 *Size + ); + +/** + This API function locks the interface so that no more policy updates + can be performed or changes made to the enforcement until the next boot. + + @retval EFI_SUCCESS + @retval Others An error has prevented this command from compl= eting. + +**/ +typedef +EFI_STATUS +(EFIAPI *LOCK_VARIABLE_POLICY)( + VOID + ); + +typedef struct { + UINT64 Revision; + DISABLE_VARIABLE_POLICY DisableVariablePolicy; + IS_VARIABLE_POLICY_ENABLED IsVariablePolicyEnabled; + REGISTER_VARIABLE_POLICY RegisterVariablePolicy; + DUMP_VARIABLE_POLICY DumpVariablePolicy; + LOCK_VARIABLE_POLICY LockVariablePolicy; +} _EDKII_VARIABLE_POLICY_PROTOCOL; + +typedef _EDKII_VARIABLE_POLICY_PROTOCOL EDKII_VARIABLE_POLICY_PROTOCOL; + +extern EFI_GUID gEdkiiVariablePolicyProtocolGuid; + +#endif diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec index 843e963ad34b..05d8ad4931f9 100644 --- a/MdeModulePkg/MdeModulePkg.dec +++ b/MdeModulePkg/MdeModulePkg.dec @@ -8,7 +8,7 @@ # Copyright (c) 2016, Linaro Ltd. All rights reserved.
# (C) Copyright 2016 - 2019 Hewlett Packard Enterprise Development LP
# Copyright (c) 2017, AMD Incorporated. All rights reserved.
-# Copyright (c) 2016, Microsoft Corporation
+# Copyright (c) Microsoft Corporation.
# SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -624,6 +624,9 @@ [Protocols] # 0x80000006 | Incorrect error code provided. # =20 + ## Include/Protocol/VariablePolicy.h + gEdkiiVariablePolicyProtocolGuid =3D { 0x81D1675C, 0x86F6, 0x48DF, { 0xB= D, 0x95, 0x9A, 0x6E, 0x4F, 0x09, 0x25, 0xC3 } } + [PcdsFeatureFlag] ## Indicates if the platform can support update capsule across a system = reset.

# TRUE - Supports update capsule across a system reset.
@@ -1116,6 +1119,15 @@ [PcdsFixedAtBuild, PcdsPatchableInModule] # @Prompt Variable storage size. gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize|0x10000|UINT32|0x300= 00005 =20 + ## Toggle for whether the VariablePolicy engine should allow disabling. + # The engine is enabled at power-on, but the interface allows the platfo= rm to + # disable enforcement for servicing flexibility. If this PCD is disabled= , it will block the ability to + # disable the enforcement and VariablePolicy enforcement will always be = ON. + # TRUE - VariablePolicy can be disabled by request through the interfa= ce (until interface is locked) + # FALSE - VariablePolicy interface will not accept requests to disable= and is ALWAYS ON + # @Prompt Allow VariablePolicy enforcement to be disabled. + gEfiMdeModulePkgTokenSpaceGuid.PcdAllowVariablePolicyEnforcementDisable|= FALSE|BOOLEAN|0x30000020 + ## FFS filename to find the ACPI tables. # @Prompt FFS name of ACPI tables storage. gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiTableStorageFile|{ 0x25, 0x4e, 0x3= 7, 0x7e, 0x01, 0x8e, 0xee, 0x4f, 0x87, 0xf2, 0x39, 0xc, 0x23, 0xc6, 0x6, 0x= cd }|VOID*|0x30000016 diff --git a/MdeModulePkg/MdeModulePkg.uni b/MdeModulePkg/MdeModulePkg.uni index 2007e0596c4f..b64e7f351cda 100644 --- a/MdeModulePkg/MdeModulePkg.uni +++ b/MdeModulePkg/MdeModulePkg.uni @@ -129,6 +129,13 @@ =20 #string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdVariableStoreSize_HELP #lan= guage en-US "The size of volatile buffer. This buffer is used to store VOLA= TILE attribute variables." =20 +#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdAllowVariablePolicyEnforceme= ntDisable_PROMPT #language en-US "Allow VariablePolicy enforcement to be d= isabled." + +#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdAllowVariablePolicyEnforceme= ntDisable_HELP #language en-US "If this PCD is disabled, it will block the= ability to
\n" + = "disable the enforcement and VariablePolicy= enforcement will always be ON.
\n" + = "TRUE - VariablePolicy can be disabled by r= equest through the interface (until interface is locked)
\n" + = "FALSE - VariablePolicy interface will not = accept requests to disable and is ALWAYS ON
\n" + #string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdAcpiTableStorageFile_PROMPT = #language en-US "FFS name of ACPI tables storage" =20 #string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdAcpiTableStorageFile_HELP #= language en-US "FFS filename to find the ACPI tables." --=20 2.26.2.windows.1.8.g01c50adf56.20200515075929 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#61596): https://edk2.groups.io/g/devel/message/61596 Mute This Topic: https://groups.io/mt/75057706/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat Apr 20 02:53:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+61588+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61588+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1592911136; cv=none; d=zohomail.com; s=zohoarc; b=AGw4st6ixnmG7bV7KSg/24Z+gMijJulMPsGy2ig7JlBo2ALNOkC4jwk2/99HbKUfVRZRNKMf/zHI8LicX7XBrZifbxuxDDQawySOtmJKMw5LZ+YQIOa49YLvi2V3XGZ9LkXwxCpbrVgiBlQbD+0SZT9uYatvnRa8mTdaWeBHnQc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1592911136; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=4pWifVUBfNznzORTGQC9HgvY1H0h+a9AK9YSnsylmZc=; b=XUgEkm8QKEMjteNmb8Goiv76AhvkQeKYgbpUTO5CrQH1pZvD5AuxdZDc9WAQEZZ1GosyLC/D2Ps4nvnepYv+rMFXKeqdE5yAI+FW/u40uhfBbPuF8UF6qWZA4P3o/HPdHa5IEUi9n6J3LzP3VL+XtRudijULIykJwhPjs1lJb/Q= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61588+1787277+3901457@groups.io Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1592911135989509.29849314590115; Tue, 23 Jun 2020 04:18:55 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id iPeaYY1788612xAmmirvcYUR; Tue, 23 Jun 2020 04:18:54 -0700 X-Received: from mail-pj1-f65.google.com (mail-pj1-f65.google.com [209.85.216.65]) by mx.groups.io with SMTP id smtpd.web12.1792.1592894657349759522 for ; Mon, 22 Jun 2020 23:44:17 -0700 X-Received: by mail-pj1-f65.google.com with SMTP id i12so1056570pju.3 for ; Mon, 22 Jun 2020 23:44:17 -0700 (PDT) X-Gm-Message-State: w06pom93DsLV7lOFnCGWhBm6x1787277AA= X-Google-Smtp-Source: ABdhPJxv08ImoiqPAkqDNbgqe8XwbjRhy0FFYmt5MnDDtWOIvUQYfckBAr7P5w22IjjN/FSuBp8Z4w== X-Received: by 2002:a17:902:523:: with SMTP id 32mr22952553plf.212.1592894655873; Mon, 22 Jun 2020 23:44:15 -0700 (PDT) X-Received: from localhost.localdomain (174-21-80-75.tukw.qwest.net. [174.21.80.75]) by smtp.gmail.com with ESMTPSA id d6sm1383818pjh.5.2020.06.22.23.44.14 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Jun 2020 23:44:15 -0700 (PDT) From: "Bret Barkelew" X-Google-Original-From: Bret Barkelew To: devel@edk2.groups.io Cc: Jian J Wang , Hao A Wu , Liming Gao Subject: [edk2-devel] [PATCH v6 02/14] MdeModulePkg: Define the VariablePolicyLib Date: Mon, 22 Jun 2020 23:40:52 -0700 Message-Id: <20200623064104.1908-3-brbarkel@microsoft.com> In-Reply-To: <20200623064104.1908-1-brbarkel@microsoft.com> References: <20200623064104.1908-1-brbarkel@microsoft.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,bret@corthon.com Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1592911134; bh=9+vOdcWn0WCCDZrck/CkY3XuiHnzMkMBXjc99y0cYuk=; h=Cc:Date:From:Reply-To:Subject:To; b=Y6bcwouNC3WAoBUD2L9MNph4PDZLsOL37clancdlwA0h0EH1Q3GRpA4TA3Efzg+1DSD iF9406BLqLYCFMh1eA1kTl9ny32q7zdAFkCiwdz2FABc5ArssIqAiObH6wMSqP5JqlWtS iArS6U8llbObr3/ul8QqYi64gi6d8R29YD8= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" https://bugzilla.tianocore.org/show_bug.cgi?id=3D2522 VariablePolicy is an updated interface to replace VarLock and VarCheckProtocol. Add the VariablePolicyLib library that implements the portable business logic for the VariablePolicy engine. Also add host-based CI test cases for the lib. Cc: Jian J Wang Cc: Hao A Wu Cc: Liming Gao Cc: Bret Barkelew Signed-off-by: Bret Barkelew --- MdeModulePkg/Library/VariablePolicyLib/VariablePolicyExtraInitNull.c = | 46 + MdeModulePkg/Library/VariablePolicyLib/VariablePolicyExtraInitRuntimeDxe.c= | 85 + MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.c = | 816 +++++++ MdeModulePkg/Library/VariablePolicyLib/VariablePolicyUnitTest/VariablePoli= cyUnitTest.c | 2436 ++++++++++++++++++++ MdeModulePkg/Include/Library/VariablePolicyLib.h = | 207 ++ MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf = | 44 + MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.uni = | 12 + MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeDxe.inf = | 51 + MdeModulePkg/Library/VariablePolicyLib/VariablePolicyUnitTest/VariablePoli= cyUnitTest.inf | 40 + MdeModulePkg/MdeModulePkg.dec = | 3 + MdeModulePkg/MdeModulePkg.dsc = | 5 + MdeModulePkg/Test/MdeModulePkgHostTest.dsc = | 11 + 12 files changed, 3756 insertions(+) diff --git a/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyExtraInit= Null.c b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyExtraInitNull= .c new file mode 100644 index 000000000000..ad2ee0b2fb8f --- /dev/null +++ b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyExtraInitNull.c @@ -0,0 +1,46 @@ +/** @file -- VariablePolicyExtraInitNull.c +This file contains extra init and deinit routines that don't do anything +extra. + +Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include + + +/** + An extra init hook that enables the RuntimeDxe library instance to + register VirtualAddress change callbacks. Among other things. + + @retval EFI_SUCCESS Everything is good. Continue with init. + @retval Others Uh... don't continue. + +**/ +EFI_STATUS +VariablePolicyExtraInit ( + VOID + ) +{ + // NULL implementation. + return EFI_SUCCESS; +} + + +/** + An extra deinit hook that enables the RuntimeDxe library instance to + register VirtualAddress change callbacks. Among other things. + + @retval EFI_SUCCESS Everything is good. Continue with deinit. + @retval Others Uh... don't continue. + +**/ +EFI_STATUS +VariablePolicyExtraDeinit ( + VOID + ) +{ + // NULL implementation. + return EFI_SUCCESS; +} diff --git a/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyExtraInit= RuntimeDxe.c b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyExtraIn= itRuntimeDxe.c new file mode 100644 index 000000000000..3ca87048b14b --- /dev/null +++ b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyExtraInitRuntime= Dxe.c @@ -0,0 +1,85 @@ +/** @file -- VariablePolicyExtraInitRuntimeDxe.c +This file contains extra init and deinit routines that register and unregi= ster +VariableAddressChange callbacks. + +Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include + +extern EFI_GET_VARIABLE mGetVariableHelper; +extern UINT8 *mPolicyTable; +STATIC BOOLEAN mIsVirtualAddrConverted; +STATIC EFI_EVENT mVariablePolicyLibVirtualAddressChangeEvent =3D= NULL; + +/** + For the RuntimeDxe version of this lib, convert internal pointer address= es to virtual addresses. + + @param[in] Event Event whose notification function is being invoked. + @param[in] Context The pointer to the notification function's context= , which + is implementation-dependent. +**/ +STATIC +VOID +EFIAPI +VariablePolicyLibVirtualAddressCallback ( + IN EFI_EVENT Event, + IN VOID *Context + ) +{ + gRT->ConvertPointer (0, (VOID **)&mPolicyTable); + gRT->ConvertPointer (0, (VOID **)&mGetVariableHelper); + mIsVirtualAddrConverted =3D TRUE; +} + + +/** + An extra init hook that enables the RuntimeDxe library instance to + register VirtualAddress change callbacks. Among other things. + + @retval EFI_SUCCESS Everything is good. Continue with init. + @retval Others Uh... don't continue. + +**/ +EFI_STATUS +VariablePolicyExtraInit ( + VOID + ) +{ + return gBS->CreateEventEx (EVT_NOTIFY_SIGNAL, + TPL_NOTIFY, + VariablePolicyLibVirtualAddressCallback, + NULL, + &gEfiEventVirtualAddressChangeGuid, + &mVariablePolicyLibVirtualAddressChangeEvent= ); +} + + +/** + An extra deinit hook that enables the RuntimeDxe library instance to + register VirtualAddress change callbacks. Among other things. + + @retval EFI_SUCCESS Everything is good. Continue with deinit. + @retval Others Uh... don't continue. + +**/ +EFI_STATUS +VariablePolicyExtraDeinit ( + VOID + ) +{ + EFI_STATUS Status; + + Status =3D EFI_SUCCESS; + if (mIsVirtualAddrConverted) { + Status =3D gBS->CloseEvent (mVariablePolicyLibVirtualAddressChangeEven= t); + } + else { + Status =3D EFI_SUCCESS; + } + + return Status; +} diff --git a/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.c b/M= deModulePkg/Library/VariablePolicyLib/VariablePolicyLib.c new file mode 100644 index 000000000000..84c794adaed9 --- /dev/null +++ b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.c @@ -0,0 +1,816 @@ +/** @file -- VariablePolicyLib.c +Business logic for Variable Policy enforcement. + +Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include + +#include +#include +#include +#include +#include + +#include +#include + + +// IMPORTANT NOTE: This library is currently rife with multiple return sta= tements +// for error handling. A refactor should remove these at s= ome point. + +// +// This library was designed with advanced unit-test features. +// This define handles the configuration. +#ifdef INTERNAL_UNIT_TEST +#undef STATIC +#define STATIC // Nothing... +#endif + +// An abstracted GetVariable interface that enables configuration regardle= ss of the environment. +EFI_GET_VARIABLE mGetVariableHelper =3D NULL; + +// Master switch to lock this entire interface. Does not stop enforcement, +// just prevents the configuration from being changed for the rest of the = boot. +STATIC BOOLEAN mInterfaceLocked =3D FALSE; + +// Master switch to disable the entire interface for a single boot. +// This will disable all policy enforcement for the duration of the boot. +STATIC BOOLEAN mProtectionDisabled =3D FALSE; + +// Table to hold all the current policies. +UINT8 *mPolicyTable =3D NULL; +STATIC UINT32 mCurrentTableSize =3D 0; +STATIC UINT32 mCurrentTableUsage =3D 0; +STATIC UINT32 mCurrentTableCount =3D 0; + +#define POLICY_TABLE_STEP_SIZE 0x1000 + +// NOTE: DO NOT USE THESE MACROS on any structure that has not been valida= ted. +// Current table data has already been sanitized. +#define GET_NEXT_POLICY(CurPolicy) (VARIABLE_POLICY_ENTRY*)((UINT8*)Cur= Policy + CurPolicy->Size) +#define GET_POLICY_NAME(CurPolicy) (CHAR16*)((UINTN)CurPolicy + CurPoli= cy->OffsetToName) + +#define MATCH_PRIORITY_EXACT 0 +#define MATCH_PRIORITY_MAX MATCH_PRIORITY_EXACT +#define MATCH_PRIORITY_MIN MAX_UINT8 + +// ExtraInit/ExtraDeinit functions allow RuntimeDxe to register VirtualAdd= ress callbacks. +EFI_STATUS +VariablePolicyExtraInit ( + VOID + ); + +EFI_STATUS +VariablePolicyExtraDeinit ( + VOID + ); + + +/** + This helper function determines whether the structure of an incoming pol= icy + is valid and internally consistent. + + @param[in] NewPolicy Pointer to the incoming policy structure. + + @retval TRUE + @retval FALSE Pointer is NULL, size is wrong, strings are empty, or + substructures overlap. + +**/ +STATIC +BOOLEAN +IsValidVariablePolicyStructure ( + IN CONST VARIABLE_POLICY_ENTRY *NewPolicy + ) +{ + EFI_STATUS Status; + UINTN EntryEnd; + CHAR16 *CheckChar; + UINTN WildcardCount; + + // Sanitize some quick values. + if (NewPolicy =3D=3D NULL || NewPolicy->Size =3D=3D 0 || + // Structure size should be at least as long as the minumum structur= e and a NULL string. + NewPolicy->Size < sizeof(VARIABLE_POLICY_ENTRY) || + // Check for the known revision. + NewPolicy->Version !=3D VARIABLE_POLICY_ENTRY_REVISION) { + return FALSE; + } + + // Calculate the theoretical end of the structure and make sure + // that the structure can fit in memory. + Status =3D SafeUintnAdd( (UINTN)NewPolicy, NewPolicy->Size, &EntryEnd ); + if (EFI_ERROR( Status )) { + return FALSE; + } + + // Check for a valid Max Size. + if (NewPolicy->MaxSize =3D=3D 0) { + return FALSE; + } + + // Check for the valid list of lock policies. + if (NewPolicy->LockPolicyType !=3D VARIABLE_POLICY_TYPE_NO_LOCK && + NewPolicy->LockPolicyType !=3D VARIABLE_POLICY_TYPE_LOCK_NOW && + NewPolicy->LockPolicyType !=3D VARIABLE_POLICY_TYPE_LOCK_ON_CREATE && + NewPolicy->LockPolicyType !=3D VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STAT= E) + { + return FALSE; + } + + // If the policy type is VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE, make su= re that the matching state variable Name + // terminates before the OffsetToName for the matching policy variable N= ame. + if (NewPolicy->LockPolicyType =3D=3D VARIABLE_POLICY_TYPE_LOCK_ON_VAR_ST= ATE) { + // Adjust CheckChar to the offset of the LockPolicy->Name. + Status =3D SafeUintnAdd( (UINTN)NewPolicy + sizeof(VARIABLE_POLICY_ENT= RY), + sizeof(VARIABLE_LOCK_ON_VAR_STATE_POLICY), + (UINTN*)&CheckChar ); + if (EFI_ERROR( Status ) || EntryEnd <=3D (UINTN)CheckChar) { + return FALSE; + } + while (*CheckChar !=3D CHAR_NULL) { + if (EntryEnd <=3D (UINTN)CheckChar) { + return FALSE; + } + CheckChar++; + } + // At this point we should have either exeeded the structure or be poi= nting at the last char in LockPolicy->Name. + // We should check to make sure that the policy Name comes immediately= after this charcter. + if ((UINTN)++CheckChar !=3D (UINTN)NewPolicy + NewPolicy->OffsetToName= ) { + return FALSE; + } + } + // If the policy type is any other value, make sure that the LockPolicy = structure has a zero length. + else { + if (NewPolicy->OffsetToName !=3D sizeof(VARIABLE_POLICY_ENTRY)) { + return FALSE; + } + } + + // Check to make sure that the name has a terminating character + // before the end of the structure. + // We've already checked that the name is within the bounds of the struc= ture. + if (NewPolicy->Size !=3D NewPolicy->OffsetToName) { + CheckChar =3D (CHAR16*)((UINTN)NewPolicy + NewPolicy->OffsetToName); + WildcardCount =3D 0; + while (*CheckChar !=3D CHAR_NULL) { + // Make sure there aren't excessive wildcards. + if (*CheckChar =3D=3D '#') { + WildcardCount++; + if (WildcardCount > MATCH_PRIORITY_MIN) { + return FALSE; + } + } + // Make sure you're still within the bounds of the policy structure. + if (EntryEnd <=3D (UINTN)CheckChar) { + return FALSE; + } + CheckChar++; + } + + // Finally, we should be pointed at the very last character in Name, s= o we should be right + // up against the end of the structure. + if ((UINTN)++CheckChar !=3D EntryEnd) { + return FALSE; + } + } + + return TRUE; +} + + +/** + This helper function evaluates a policy and determines whether it matche= s the target + variable. If matched, will also return a value corresponding to the prio= rity of the match. + + The rules for "best match" are listed in the Variable Policy Spec. + Perfect name matches will return 0. + Single wildcard characters will return the number of wildcard characters. + Full namespaces will return MAX_UINT8. + + @param[in] EvalEntry Pointer to the policy entry being evaluate= d. + @param[in] VariableName Same as EFI_SET_VARIABLE. + @param[in] VendorGuid Same as EFI_SET_VARIABLE. + @param[out] MatchPriority [Optional] On finding a match, this value = contains the priority of the match. + Lower number =3D=3D higher priority. Only = valid if a match found. + + @retval TRUE Current entry matches the target variable. + @retval FALSE Current entry does not match at all. + +**/ +STATIC +BOOLEAN +EvaluatePolicyMatch ( + IN CONST VARIABLE_POLICY_ENTRY *EvalEntry, + IN CONST CHAR16 *VariableName, + IN CONST EFI_GUID *VendorGuid, + OUT UINT8 *MatchPriority OPTIONAL + ) +{ + BOOLEAN Result; + CHAR16 *PolicyName; + UINT8 CalculatedPriority; + UINTN Index; + + Result =3D FALSE; + CalculatedPriority =3D MATCH_PRIORITY_EXACT; + + // Step 1: If the GUID doesn't match, we're done. No need to evaluate an= ything else. + if (!CompareGuid( &EvalEntry->Namespace, VendorGuid )) { + goto Exit; + } + + // If the GUID matches, check to see whether there is a Name associated + // with the policy. If not, this policy matches the entire namespace. + // Missing Name is indicated by size being equal to name. + if (EvalEntry->Size =3D=3D EvalEntry->OffsetToName) { + CalculatedPriority =3D MATCH_PRIORITY_MIN; + Result =3D TRUE; + goto Exit; + } + + // Now that we know the name exists, get it. + PolicyName =3D GET_POLICY_NAME( EvalEntry ); + + // Evaluate the name against the policy name and check for a match. + // Account for any wildcards. + Index =3D 0; + Result =3D TRUE; + // Keep going until the end of both strings. + while (PolicyName[Index] !=3D CHAR_NULL || VariableName[Index] !=3D CHAR= _NULL) { + // If we don't have a match... + if (PolicyName[Index] !=3D VariableName[Index] || PolicyName[Index] = =3D=3D '#') { + // If this is a numerical wildcard, we can consider + // it a match if we alter the priority. + if (PolicyName[Index] =3D=3D L'#' && + (L'0' <=3D VariableName[Index] && VariableName[Index] <=3D L'9')= ) { + if (CalculatedPriority < MATCH_PRIORITY_MIN) { + CalculatedPriority++; + } + } + // Otherwise, not a match. + else { + Result =3D FALSE; + goto Exit; + } + } + Index++; + } + +Exit: + if (Result && MatchPriority !=3D NULL) { + *MatchPriority =3D CalculatedPriority; + } + return Result; +} + + +/** + This helper function walks the current policy table and returns a pointer + to the best match, if any are found. Leverages EvaluatePolicyMatch() to + determine "best". + + @param[in] VariableName Same as EFI_SET_VARIABLE. + @param[in] VendorGuid Same as EFI_SET_VARIABLE. + @param[out] ReturnPriority [Optional] If pointer is provided, return= the + priority of the match. Same as EvaluatePo= licyMatch(). + Only valid if a match is returned. + + @retval VARIABLE_POLICY_ENTRY* Best match that was found. + @retval NULL No match was found. + +**/ +STATIC +VARIABLE_POLICY_ENTRY* +GetBestPolicyMatch ( + IN CONST CHAR16 *VariableName, + IN CONST EFI_GUID *VendorGuid, + OUT UINT8 *ReturnPriority OPTIONAL + ) +{ + VARIABLE_POLICY_ENTRY *BestResult; + VARIABLE_POLICY_ENTRY *CurrentEntry; + UINT8 MatchPriority; + UINT8 CurrentPriority; + UINTN Index; + + BestResult =3D NULL; + + // Walk all entries in the table, looking for matches. + CurrentEntry =3D (VARIABLE_POLICY_ENTRY*)mPolicyTable; + for (Index =3D 0; Index < mCurrentTableCount; Index++) { + // Check for a match. + if (EvaluatePolicyMatch( CurrentEntry, VariableName, VendorGuid, &Curr= entPriority )) { + // If match is better, take it. + if (BestResult =3D=3D NULL || CurrentPriority < MatchPriority) { + BestResult =3D CurrentEntry; + MatchPriority =3D CurrentPriority; + } + + // If you've hit the highest-priority match, can exit now. + if (MatchPriority =3D=3D 0) { + break; + } + } + + // If we're still in the loop, move to the next entry. + CurrentEntry =3D GET_NEXT_POLICY( CurrentEntry ); + } + + // If a return priority was requested, return it. + if (ReturnPriority !=3D NULL) { + *ReturnPriority =3D MatchPriority; + } + + return BestResult; +} + + +/** + This API function validates and registers a new policy with + the policy enforcement engine. + + @param[in] NewPolicy Pointer to the incoming policy structure. + + @retval EFI_SUCCESS + @retval EFI_INVALID_PARAMETER NewPolicy is NULL or is internally i= nconsistent. + @retval EFI_ALREADY_STARTED An identical matching policy already= exists. + @retval EFI_WRITE_PROTECTED The interface has been locked until = the next reboot. + @retval EFI_UNSUPPORTED Policy enforcement has been disabled= . No reason to add more policies. + @retval EFI_ABORTED A calculation error has prevented th= is function from completing. + @retval EFI_OUT_OF_RESOURCES Cannot grow the table to hold any mo= re policies. + @retval EFI_NOT_READY Library has not yet been initialized. + +**/ +EFI_STATUS +EFIAPI +RegisterVariablePolicy ( + IN CONST VARIABLE_POLICY_ENTRY *NewPolicy + ) +{ + EFI_STATUS Status; + VARIABLE_POLICY_ENTRY *MatchPolicy; + UINT8 MatchPriority; + UINT32 NewSize; + UINT8 *NewTable; + + if (!IsVariablePolicyLibInitialized()) { + return EFI_NOT_READY; + } + if (mInterfaceLocked) { + return EFI_WRITE_PROTECTED; + } + + if (!IsValidVariablePolicyStructure( NewPolicy )) { + return EFI_INVALID_PARAMETER; + } + + // Check to see whether an exact matching policy already exists. + MatchPolicy =3D GetBestPolicyMatch( GET_POLICY_NAME( NewPolicy ), + &NewPolicy->Namespace, + &MatchPriority ); + if (MatchPolicy !=3D NULL && MatchPriority =3D=3D MATCH_PRIORITY_EXACT) { + return EFI_ALREADY_STARTED; + } + + // If none exists, create it. + // If we need more space, allocate that now. + Status =3D SafeUint32Add( mCurrentTableUsage, NewPolicy->Size, &NewSize = ); + if (EFI_ERROR( Status )) { + return EFI_ABORTED; + } + if (NewSize > mCurrentTableSize) { + // Use NewSize to calculate the new table size in units of POLICY_TABL= E_STEP_SIZE. + NewSize =3D (NewSize % POLICY_TABLE_STEP_SIZE) > 0 ? + (NewSize / POLICY_TABLE_STEP_SIZE) + 1 : + (NewSize / POLICY_TABLE_STEP_SIZE); + // Calculate the new table size in absolute bytes. + Status =3D SafeUint32Mult( NewSize, POLICY_TABLE_STEP_SIZE, &NewSize ); + if (EFI_ERROR( Status )) { + return EFI_ABORTED; + } + + // Reallocate and copy the table. + NewTable =3D AllocatePool( NewSize ); + if (NewTable =3D=3D NULL) { + return EFI_OUT_OF_RESOURCES; + } + CopyMem( NewTable, mPolicyTable, mCurrentTableUsage ); + mCurrentTableSize =3D NewSize; + if (mPolicyTable !=3D NULL) { + FreePool( mPolicyTable ); + } + mPolicyTable =3D NewTable; + } + // Copy the policy into the table. + CopyMem( mPolicyTable + mCurrentTableUsage, NewPolicy, NewPolicy->Size ); + mCurrentTableUsage +=3D NewPolicy->Size; + mCurrentTableCount +=3D 1; + + // We're done here. + + return EFI_SUCCESS; +} + + +/** + This API function checks to see whether the parameters to SetVariable wo= uld + be allowed according to the current variable policies. + + @param[in] VariableName Same as EFI_SET_VARIABLE. + @param[in] VendorGuid Same as EFI_SET_VARIABLE. + @param[in] Attributes Same as EFI_SET_VARIABLE. + @param[in] DataSize Same as EFI_SET_VARIABLE. + @param[in] Data Same as EFI_SET_VARIABLE. + + @retval EFI_SUCCESS A matching policy allows this update. + @retval EFI_SUCCESS There are currently no policies that= restrict this update. + @retval EFI_SUCCESS The protections have been disable un= til the next reboot. + @retval EFI_WRITE_PROTECTED Variable is currently locked. + @retval EFI_INVALID_PARAMETER Attributes or size are invalid. + @retval EFI_ABORTED A lock policy exists, but an error p= revented evaluation. + @retval EFI_NOT_READY Library has not been initialized. + +**/ +EFI_STATUS +EFIAPI +ValidateSetVariable ( + IN CHAR16 *VariableName, + IN EFI_GUID *VendorGuid, + IN UINT32 Attributes, + IN UINTN DataSize, + IN VOID *Data + ) +{ + BOOLEAN IsDel; + VARIABLE_POLICY_ENTRY *ActivePolicy; + EFI_STATUS Status; + EFI_STATUS ReturnStatus; + VARIABLE_LOCK_ON_VAR_STATE_POLICY *StateVarPolicy; + CHAR16 *StateVarName; + UINTN StateVarSize; + UINT8 StateVar; + + ReturnStatus =3D EFI_SUCCESS; + + if (!IsVariablePolicyLibInitialized()) { + ReturnStatus =3D EFI_NOT_READY; + goto Exit; + } + + // Bail if the protections are currently disabled. + if (mProtectionDisabled) { + ReturnStatus =3D EFI_SUCCESS; + goto Exit; + } + + // Determine whether this is a delete operation. + // If so, it will affect which tests are applied. + if ((DataSize =3D=3D 0) && ((Attributes & EFI_VARIABLE_APPEND_WRITE) =3D= =3D 0)) { + IsDel =3D TRUE; + } + else { + IsDel =3D FALSE; + } + + // Find an active policy if one exists. + ActivePolicy =3D GetBestPolicyMatch( VariableName, VendorGuid, NULL ); + + // If we have an active policy, check it against the incoming data. + if (ActivePolicy !=3D NULL) { + // + // Only enforce size and attribute constraints when updating data, not= deleting. + if (!IsDel) { + // Check for size constraints. + if ((ActivePolicy->MinSize > 0 && DataSize < ActivePolicy->MinSize) = || + (ActivePolicy->MaxSize > 0 && DataSize > ActivePolicy->MaxSize))= { + ReturnStatus =3D EFI_INVALID_PARAMETER; + DEBUG(( DEBUG_VERBOSE, "%a - Bad Size. 0x%X <> 0x%X-0x%X\n", __FUN= CTION__, + DataSize, ActivePolicy->MinSize, ActivePolicy->MaxSize )); + goto Exit; + } + + // Check for attribute constraints. + if ((ActivePolicy->AttributesMustHave & Attributes) !=3D ActivePolic= y->AttributesMustHave || + (ActivePolicy->AttributesCantHave & Attributes) !=3D 0) { + ReturnStatus =3D EFI_INVALID_PARAMETER; + DEBUG(( DEBUG_VERBOSE, "%a - Bad Attributes. 0x%X <> 0x%X:0x%X\n",= __FUNCTION__, + Attributes, ActivePolicy->AttributesMustHave, ActivePolicy= ->AttributesCantHave )); + goto Exit; + } + } + + // + // Lock policy check. + // + // Check for immediate lock. + if (ActivePolicy->LockPolicyType =3D=3D VARIABLE_POLICY_TYPE_LOCK_NOW)= { + ReturnStatus =3D EFI_WRITE_PROTECTED; + goto Exit; + } + // Check for lock on create. + else if (ActivePolicy->LockPolicyType =3D=3D VARIABLE_POLICY_TYPE_LOCK= _ON_CREATE) { + StateVarSize =3D 0; + Status =3D mGetVariableHelper( VariableName, + VendorGuid, + NULL, + &StateVarSize, + NULL ); + if (Status =3D=3D EFI_BUFFER_TOO_SMALL) { + ReturnStatus =3D EFI_WRITE_PROTECTED; + goto Exit; + } + } + // Check for lock on state variable. + else if (ActivePolicy->LockPolicyType =3D=3D VARIABLE_POLICY_TYPE_LOCK= _ON_VAR_STATE) { + StateVarPolicy =3D (VARIABLE_LOCK_ON_VAR_STATE_POLICY*)((UINT8*)Acti= vePolicy + sizeof(VARIABLE_POLICY_ENTRY)); + StateVarName =3D (CHAR16*)((UINT8*)StateVarPolicy + sizeof(VARIABLE_= LOCK_ON_VAR_STATE_POLICY)); + StateVarSize =3D sizeof(StateVar); + Status =3D mGetVariableHelper( StateVarName, + &StateVarPolicy->Namespace, + NULL, + &StateVarSize, + &StateVar ); + + // If the variable was found, check the state. If matched, this vari= able is locked. + if (!EFI_ERROR( Status )) { + if (StateVar =3D=3D StateVarPolicy->Value) { + ReturnStatus =3D EFI_WRITE_PROTECTED; + goto Exit; + } + } + // EFI_NOT_FOUND and EFI_BUFFER_TOO_SMALL indicate that the state do= esn't match. + else if (Status !=3D EFI_NOT_FOUND && Status !=3D EFI_BUFFER_TOO_SMA= LL) { + // We don't know what happened, but it isn't good. + ReturnStatus =3D EFI_ABORTED; + goto Exit; + } + } + } + +Exit: + DEBUG(( DEBUG_VERBOSE, "%a - Variable (%g:%s) returning %r.\n", __FUNCTI= ON__, VendorGuid, VariableName, ReturnStatus )); + return ReturnStatus; +} + + +/** + This API function disables the variable policy enforcement. If it's + already been called once, will return EFI_ALREADY_STARTED. + + @retval EFI_SUCCESS + @retval EFI_ALREADY_STARTED Has already been called once this boot. + @retval EFI_WRITE_PROTECTED Interface has been locked until reboot. + @retval EFI_WRITE_PROTECTED Interface option is disabled by platfo= rm PCD. + @retval EFI_NOT_READY Library has not yet been initialized. + +**/ +EFI_STATUS +EFIAPI +DisableVariablePolicy ( + VOID + ) +{ + if (!IsVariablePolicyLibInitialized()) { + return EFI_NOT_READY; + } + if (mProtectionDisabled) { + return EFI_ALREADY_STARTED; + } + if (mInterfaceLocked) { + return EFI_WRITE_PROTECTED; + } + if (!PcdGetBool (PcdAllowVariablePolicyEnforcementDisable)) { + return EFI_WRITE_PROTECTED; + } + mProtectionDisabled =3D TRUE; + return EFI_SUCCESS; +} + + +/** + This API function will dump the entire contents of the variable policy t= able. + + Similar to GetVariable, the first call can be made with a 0 size and it = will return + the size of the buffer required to hold the entire table. + + @param[out] Policy Pointer to the policy buffer. Can be NULL if Siz= e is 0. + @param[in,out] Size On input, the size of the output buffer. On outp= ut, the size + of the data returned. + + @retval EFI_SUCCESS Policy data is in the output buffer = and Size has been updated. + @retval EFI_INVALID_PARAMETER Size is NULL, or Size is non-zero an= d Policy is NULL. + @retval EFI_BUFFER_TOO_SMALL Size is insufficient to hold policy.= Size updated with required size. + @retval EFI_NOT_READY Library has not yet been initialized. + +**/ +EFI_STATUS +EFIAPI +DumpVariablePolicy ( + OUT UINT8 *Policy, + IN OUT UINT32 *Size + ) +{ + if (!IsVariablePolicyLibInitialized()) { + return EFI_NOT_READY; + } + + // Check the parameters. + if (Size =3D=3D NULL || (*Size > 0 && Policy =3D=3D NULL)) { + return EFI_INVALID_PARAMETER; + } + + // Make sure the size is sufficient to hold the policy table. + if (*Size < mCurrentTableUsage) { + *Size =3D mCurrentTableUsage; + return EFI_BUFFER_TOO_SMALL; + } + + // If we're still here, copy the table and bounce. + CopyMem( Policy, mPolicyTable, mCurrentTableUsage ); + *Size =3D mCurrentTableUsage; + + return EFI_SUCCESS; +} + + +/** + This API function returns whether or not the policy engine is + currently being enforced. + + @retval TRUE + @retval FALSE + @retval FALSE Library has not yet been initialized. + +**/ +BOOLEAN +EFIAPI +IsVariablePolicyEnabled ( + VOID + ) +{ + if (!IsVariablePolicyLibInitialized()) { + return FALSE; + } + return !mProtectionDisabled; +} + + +/** + This API function locks the interface so that no more policy updates + can be performed or changes made to the enforcement until the next boot. + + @retval EFI_SUCCESS + @retval EFI_NOT_READY Library has not yet been initialized. + +**/ +EFI_STATUS +EFIAPI +LockVariablePolicy ( + VOID + ) +{ + if (!IsVariablePolicyLibInitialized()) { + return EFI_NOT_READY; + } + if (mInterfaceLocked) { + return EFI_WRITE_PROTECTED; + } + mInterfaceLocked =3D TRUE; + return EFI_SUCCESS; +} + + +/** + This API function returns whether or not the policy interface is locked + for the remainder of the boot. + + @retval TRUE + @retval FALSE + @retval FALSE Library has not yet been initialized. + +**/ +BOOLEAN +EFIAPI +IsVariablePolicyInterfaceLocked ( + VOID + ) +{ + if (!IsVariablePolicyLibInitialized()) { + return FALSE; + } + return mInterfaceLocked; +} + + +/** + This helper function initializes the library and sets + up any required internal structures or handlers. + + Also registers the internal pointer for the GetVariable helper. + + @param[in] GetVariableHelper A function pointer matching the EFI_GET_VA= RIABLE prototype that will be used to + check policy criteria that involve the existence of othe= r variables. + + @retval EFI_SUCCESS + @retval EFI_ALREADY_STARTED The initialize function has been calle= d more than once without a call to + deinitialize. + +**/ +EFI_STATUS +EFIAPI +InitVariablePolicyLib ( + IN EFI_GET_VARIABLE GetVariableHelper + ) +{ + EFI_STATUS Status; + + Status =3D EFI_SUCCESS; + if (mGetVariableHelper !=3D NULL) { + Status =3D EFI_ALREADY_STARTED; + } + + if (!EFI_ERROR( Status )) { + Status =3D VariablePolicyExtraInit(); + } + + if (!EFI_ERROR( Status )) { + // Save an internal pointer to the GetVariableHelper. + mGetVariableHelper =3D GetVariableHelper; + + // Initialize the global state. + mInterfaceLocked =3D FALSE; + mProtectionDisabled =3D FALSE; + mPolicyTable =3D NULL; + mCurrentTableSize =3D 0; + mCurrentTableUsage =3D 0; + mCurrentTableCount =3D 0; + } + + return Status; +} + + +/** + This helper function returns whether or not the library is currently ini= tialized. + + @retval TRUE + @retval FALSE + +**/ +BOOLEAN +EFIAPI +IsVariablePolicyLibInitialized ( + VOID + ) +{ + return (mGetVariableHelper !=3D NULL); +} + + +/** + This helper function tears down the library. + + Should generally only be used for test harnesses. + + @retval EFI_SUCCESS + @retval EFI_NOT_READY Deinitialize was called without first call= ing initialize. + +**/ +EFI_STATUS +EFIAPI +DeinitVariablePolicyLib ( + VOID + ) +{ + EFI_STATUS Status; + + Status =3D EFI_SUCCESS; + + if (mGetVariableHelper =3D=3D NULL) { + Status =3D EFI_NOT_READY; + } + + if (!EFI_ERROR( Status )) { + Status =3D VariablePolicyExtraDeinit(); + } + + if (!EFI_ERROR( Status )) { + mGetVariableHelper =3D NULL; + mInterfaceLocked =3D FALSE; + mProtectionDisabled =3D FALSE; + mCurrentTableSize =3D 0; + mCurrentTableUsage =3D 0; + mCurrentTableCount =3D 0; + + if (mPolicyTable !=3D NULL) { + FreePool( mPolicyTable ); + mPolicyTable =3D NULL; + } + } + + return Status; +} diff --git a/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyUnitTest/= VariablePolicyUnitTest.c b/MdeModulePkg/Library/VariablePolicyLib/VariableP= olicyUnitTest/VariablePolicyUnitTest.c new file mode 100644 index 000000000000..f133f2f30e36 --- /dev/null +++ b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyUnitTest/Variabl= ePolicyUnitTest.c @@ -0,0 +1,2436 @@ +/** @file -- VariablePolicyUnitTest.c +UnitTest for... +Business logic for Variable Policy enforcement. + +Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include + +#include + +#include +#include + +// MU_CHANGE - Turn this off for now. Try to turn it back on with extra bu= ild options. +// #ifndef INTERNAL_UNIT_TEST +// #error Make sure to build thie with INTERNAL_UNIT_TEST enabled! Otherwi= se, some important tests may be skipped! +// #endif + + +#define UNIT_TEST_NAME "UEFI Variable Policy UnitTest" +#define UNIT_TEST_VERSION "0.5" + +///=3D=3D=3D TEST DATA =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D + +#pragma pack(push, 1) +typedef struct _SIMPLE_VARIABLE_POLICY_ENTRY { + VARIABLE_POLICY_ENTRY Header; + CHAR16 Name[]; +} SIMPLE_VARIABLE_POLICY_ENTRY; +#define EXPANDED_VARIABLE_POLICY_ENTRY_VAR_NAME_LENGTH 1001 // 1000 ch= aracters + terminator. +#define EXPANDED_VARIABLE_POLICY_ENTRY_VAR_NAME_SIZE (EXPANDED_VARIABLE= _POLICY_ENTRY_VAR_NAME_LENGTH * sizeof(CHAR16)) +typedef struct _EXPANDED_VARIABLE_POLICY_ENTRY { + VARIABLE_POLICY_ENTRY Header; + VARIABLE_LOCK_ON_VAR_STATE_POLICY StatePolicy; + CHAR16 StateName[EXPANDED_VARIABLE_POLICY_E= NTRY_VAR_NAME_LENGTH]; + CHAR16 Name[EXPANDED_VARIABLE_POLICY_ENTRY_= VAR_NAME_LENGTH]; +} EXPANDED_VARIABLE_POLICY_ENTRY; +#pragma pack(pop) + +// {F955BA2D-4A2C-480C-BFD1-3CC522610592} +#define TEST_GUID_1 { 0xf955ba2d, 0x4a2c, 0x480c, { 0xbf, 0xd1, 0x3c, 0xc5= , 0x22, 0x61, 0x5, 0x92 } } +EFI_GUID mTestGuid1 =3D TEST_GUID_1; +// {2DEA799E-5E73-43B9-870E-C945CE82AF3A} +#define TEST_GUID_2 { 0x2dea799e, 0x5e73, 0x43b9, { 0x87, 0xe, 0xc9, 0x45,= 0xce, 0x82, 0xaf, 0x3a } } +EFI_GUID mTestGuid2 =3D TEST_GUID_2; +// {698A2BFD-A616-482D-B88C-7100BD6682A9} +#define TEST_GUID_3 { 0x698a2bfd, 0xa616, 0x482d, { 0xb8, 0x8c, 0x71, 0x0,= 0xbd, 0x66, 0x82, 0xa9 } } +EFI_GUID mTestGuid3 =3D TEST_GUID_3; + +#define TEST_VAR_1_NAME L"TestVar1" +#define TEST_VAR_2_NAME L"TestVar2" +#define TEST_VAR_3_NAME L"TestVar3" + +#define TEST_POLICY_ATTRIBUTES_NULL 0 +#define TEST_POLICY_MIN_SIZE_NULL 0 +#define TEST_POLICY_MAX_SIZE_NULL MAX_UINT32 + +#define TEST_POLICY_MIN_SIZE_10 10 +#define TEST_POLICY_MAX_SIZE_200 200 + +#define TEST_300_HASHES_STRING L"####################################= ##############"\ + "###################################= ###############"\ + "###################################= ###############"\ + "###################################= ###############"\ + "###################################= ###############"\ + "###################################= ###############" + + +///=3D=3D=3D HELPER FUNCTIONS =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D + +/** + Helper function to initialize a VARIABLE_POLICY_ENTRY structure with a N= ame and StateName. + + Takes care of all the messy packing. + + @param[in,out] Entry + @param[in] Name [Optional] + @param[in] StateName [Optional] + + @retval TRUE + @retval FALSE + +**/ +STATIC +BOOLEAN +InitExpVarPolicyStrings ( + EXPANDED_VARIABLE_POLICY_ENTRY *Entry, + CHAR16 *Name, OPTIONAL + CHAR16 *StateName OPTIONAL + ) +{ + UINTN NameSize; + UINTN StateNameSize; + + NameSize =3D Name =3D=3D NULL ? 0 : StrSize( Name ); + StateNameSize =3D StateName =3D=3D NULL ? 0 : StrSize( StateName ); + + if (NameSize > EXPANDED_VARIABLE_POLICY_ENTRY_VAR_NAME_SIZE || NameSize = > MAX_UINT16 || + StateNameSize > EXPANDED_VARIABLE_POLICY_ENTRY_VAR_NAME_SIZE || Stat= eNameSize > MAX_UINT16) { + return FALSE; + } + + Entry->Header.OffsetToName =3D sizeof(VARIABLE_POLICY_ENTRY); + if (StateName !=3D NULL) { + Entry->Header.OffsetToName +=3D (UINT16)sizeof(VARIABLE_LOCK_ON_VAR_ST= ATE_POLICY) + (UINT16)StateNameSize; + } + Entry->Header.Size =3D Entry->Header.OffsetToName + (UINT16)NameSize; + + CopyMem( (UINT8*)Entry + Entry->Header.OffsetToName, Name, NameSize ); + if (StateName !=3D NULL) { + CopyMem( (UINT8*)Entry + sizeof(VARIABLE_POLICY_ENTRY) + sizeof(VARIAB= LE_LOCK_ON_VAR_STATE_POLICY), StateName, StateNameSize ); + } + + return TRUE; +} + +/** + Mocked version of GetVariable, for testing. +**/ +EFI_STATUS +EFIAPI +StubGetVariableNull ( + IN CHAR16 *VariableName, + IN EFI_GUID *VendorGuid, + OUT UINT32 *Attributes, OPTIONAL + IN OUT UINTN *DataSize, + OUT VOID *Data OPTIONAL + ) +{ + UINT32 MockedAttr; + UINTN MockedDataSize; + VOID *MockedData; + EFI_STATUS MockedReturn; + + check_expected_ptr( VariableName ); + check_expected_ptr( VendorGuid ); + check_expected_ptr( DataSize ); + + MockedAttr =3D (UINT32)mock(); + MockedDataSize =3D (UINTN)mock(); + MockedData =3D (VOID*)mock(); + MockedReturn =3D (EFI_STATUS)mock(); + + if (Attributes !=3D NULL) { + *Attributes =3D MockedAttr; + } + if (Data !=3D NULL && !EFI_ERROR(MockedReturn)) { + CopyMem( Data, MockedData, MockedDataSize ); + } + + *DataSize =3D MockedDataSize; + + return MockedReturn; +} + +// +// Anything you think might be helpful that isn't a test itself. +// + +/** + This is a common setup function that will ensure the library is always i= nitialized + with the stubbed GetVariable. + + Not used by all test cases, but by most. +**/ +STATIC +UNIT_TEST_STATUS +LibInitMocked ( + IN UNIT_TEST_CONTEXT Context + ) +{ + return EFI_ERROR(InitVariablePolicyLib( StubGetVariableNull )) ? UNIT_TE= ST_ERROR_PREREQUISITE_NOT_MET : UNIT_TEST_PASSED; +} + +/** + Common cleanup function to make sure that the library is always de-initi= alized prior + to the next test case. +*/ +STATIC +VOID +LibCleanup ( + IN UNIT_TEST_CONTEXT Context + ) +{ + DeinitVariablePolicyLib(); +} + + +///=3D=3D=3D TEST CASES =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D + +///=3D=3D=3D=3D=3D ARCHITECTURAL SUITE =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +ShouldBeAbleToInitAndDeinitTheLibrary ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EFI_STATUS Status; + Status =3D InitVariablePolicyLib( StubGetVariableNull ); + UT_ASSERT_NOT_EFI_ERROR( Status ); + + UT_ASSERT_TRUE( IsVariablePolicyLibInitialized() ); + + Status =3D DeinitVariablePolicyLib(); + UT_ASSERT_NOT_EFI_ERROR( Status ); + + UT_ASSERT_FALSE( IsVariablePolicyLibInitialized() ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +ShouldNotBeAbleToInitializeTheLibraryTwice ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EFI_STATUS Status; + Status =3D InitVariablePolicyLib( StubGetVariableNull ); + UT_ASSERT_NOT_EFI_ERROR( Status ); + Status =3D InitVariablePolicyLib( StubGetVariableNull ); + UT_ASSERT_TRUE( EFI_ERROR( Status ) ); + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +ShouldFailDeinitWithoutInit ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EFI_STATUS Status; + Status =3D DeinitVariablePolicyLib(); + UT_ASSERT_TRUE( EFI_ERROR( Status ) ); + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +ApiCommandsShouldNotRespondIfLibIsUninitialized ( + IN UNIT_TEST_CONTEXT Context + ) +{ + SIMPLE_VARIABLE_POLICY_ENTRY TestPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME), + sizeof(VARIABLE_POLICY_ENTRY), + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_NULL, + TEST_POLICY_MAX_SIZE_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_NO_LOCK + }, + TEST_VAR_1_NAME + }; + UINT8 DummyData[8]; + UINT32 DummyDataSize =3D sizeof(DummyData); + + // This test should not start with an initialized library. + + // Verify that all API commands fail. + UT_ASSERT_TRUE( EFI_ERROR( LockVariablePolicy() ) ); + UT_ASSERT_TRUE( EFI_ERROR( DisableVariablePolicy() ) ); + UT_ASSERT_TRUE( EFI_ERROR( RegisterVariablePolicy( &TestPolicy.Header ) = ) ); + UT_ASSERT_TRUE( EFI_ERROR( DumpVariablePolicy( DummyData, &DummyDataSize= ) ) ); + UT_ASSERT_FALSE( IsVariablePolicyInterfaceLocked() ); + UT_ASSERT_FALSE( IsVariablePolicyEnabled() ); + UT_ASSERT_TRUE( EFI_ERROR( ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_NV_BS, + sizeof(DummyData), + DummyData ) ) ); + + return UNIT_TEST_PASSED; +} + + +///=3D=3D=3D=3D=3D INTERNAL FUNCTION SUITE =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D + +#ifdef INTERNAL_UNIT_TEST + +BOOLEAN +EvaluatePolicyMatch ( + IN CONST VARIABLE_POLICY_ENTRY *EvalEntry, + IN CONST CHAR16 *VariableName, + IN CONST EFI_GUID *VendorGuid, + OUT UINT8 *MatchPriority OPTIONAL + ); + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +PoliciesShouldMatchByNameAndGuid ( + IN UNIT_TEST_CONTEXT Context + ) +{ + SIMPLE_VARIABLE_POLICY_ENTRY MatchCheckPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME), + sizeof(VARIABLE_POLICY_ENTRY), + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_NULL, + TEST_POLICY_MAX_SIZE_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_NO_LOCK + }, + TEST_VAR_1_NAME + }; + CHAR16 *CheckVar1Name =3D TEST_VAR_1_NAME; + CHAR16 *CheckVar2Name =3D TEST_VAR_2_NAME; + + // Make sure that a different name does not match. + UT_ASSERT_FALSE( EvaluatePolicyMatch( &MatchCheckPolicy.Header, CheckVar= 2Name, &mTestGuid1, NULL ) ); + + // Make sure that a different GUID does not match. + UT_ASSERT_FALSE( EvaluatePolicyMatch( &MatchCheckPolicy.Header, CheckVar= 1Name, &mTestGuid2, NULL ) ); + + // Make sure that the same name and GUID match. + UT_ASSERT_TRUE( EvaluatePolicyMatch( &MatchCheckPolicy.Header, CheckVar1= Name, &mTestGuid1, NULL ) ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +WildcardPoliciesShouldMatchDigits ( + IN UNIT_TEST_CONTEXT Context + ) +{ + SIMPLE_VARIABLE_POLICY_ENTRY MatchCheckPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + sizeof(VARIABLE_POLICY_ENTRY) + sizeof(L"Wildcard#VarName##"), + sizeof(VARIABLE_POLICY_ENTRY), + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_NULL, + TEST_POLICY_MAX_SIZE_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_NO_LOCK + }, + L"Wildcard#VarName##" + }; + CHAR16 *CheckVar1Name =3D L"Wildcard1VarName12"; + CHAR16 *CheckVar2Name =3D L"Wildcard2VarName34"; + CHAR16 *CheckVarBName =3D L"WildcardBVarName56"; + CHAR16 *CheckVarHName =3D L"Wildcard#VarName56"; + + // Make sure that two different sets of wildcard numbers match. + UT_ASSERT_TRUE( EvaluatePolicyMatch( &MatchCheckPolicy.Header, CheckVar1= Name, &mTestGuid1, NULL ) ); + UT_ASSERT_TRUE( EvaluatePolicyMatch( &MatchCheckPolicy.Header, CheckVar2= Name, &mTestGuid1, NULL ) ); + + // Make sure that the non-number charaters don't match. + UT_ASSERT_FALSE( EvaluatePolicyMatch( &MatchCheckPolicy.Header, CheckVar= BName, &mTestGuid1, NULL ) ); + + // Make sure that '#' signs don't match. + UT_ASSERT_FALSE( EvaluatePolicyMatch( &MatchCheckPolicy.Header, CheckVar= HName, &mTestGuid1, NULL ) ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +WildcardPoliciesShouldMatchDigitsAdvanced ( + IN UNIT_TEST_CONTEXT Context + ) +{ + SIMPLE_VARIABLE_POLICY_ENTRY MatchCheckPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_300_HASHES_STRING), + sizeof(VARIABLE_POLICY_ENTRY), + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_NULL, + TEST_POLICY_MAX_SIZE_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_NO_LOCK + }, + TEST_300_HASHES_STRING + }; + CHAR16 *CheckShorterString =3D L"01234567890123456789012345678901= 234567890123456789"; + CHAR16 *CheckValidString =3D L"0123456789012345678901234567890123= 4567890123456789"\ + "01234567890123456789012345678901234= 567890123456789"\ + "01234567890123456789012345678901234= 567890123456789"\ + "01234567890123456789012345678901234= 567890123456789"\ + "01234567890123456789012345678901234= 567890123456789"\ + "01234567890123456789012345678901234= 567890123456789"; + CHAR16 *CheckLongerString =3D L"012345678901234567890123456789012= 34567890123456789"\ + "01234567890123456789012345678901234= 567890123456789"\ + "01234567890123456789012345678901234= 567890123456789"\ + "01234567890123456789012345678901234= 567890123456789"\ + "01234567890123456789012345678901234= 567890123456789"\ + "01234567890123456789012345678901234= 567890123456789"\ + "01234567890123456789012345678901234= 567890123456789"; + UINT8 MatchPriority; + + // Make sure that the shorter and the longer do not match. + UT_ASSERT_FALSE( EvaluatePolicyMatch( &MatchCheckPolicy.Header, CheckSho= rterString, &mTestGuid1, NULL ) ); + UT_ASSERT_FALSE( EvaluatePolicyMatch( &MatchCheckPolicy.Header, CheckLon= gerString, &mTestGuid1, NULL ) ); + + // Make sure that the valid one matches and has the expected priority. + UT_ASSERT_TRUE( EvaluatePolicyMatch( &MatchCheckPolicy.Header, CheckVali= dString, &mTestGuid1, &MatchPriority ) ); + UT_ASSERT_EQUAL( MatchPriority, MAX_UINT8 ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +WildcardPoliciesShouldMatchNamespaces ( + IN UNIT_TEST_CONTEXT Context + ) +{ + VARIABLE_POLICY_ENTRY MatchCheckPolicy =3D { + VARIABLE_POLICY_ENTRY_REVISION, + sizeof(VARIABLE_POLICY_ENTRY), + sizeof(VARIABLE_POLICY_ENTRY), + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_NULL, + TEST_POLICY_MAX_SIZE_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_NO_LOCK + }; + CHAR16 *CheckVar1Name =3D L"Wildcard1VarName12"; + CHAR16 *CheckVar2Name =3D L"Wildcard2VarName34"; + CHAR16 *CheckVarBName =3D L"WildcardBVarName56"; + CHAR16 *CheckVarHName =3D L"Wildcard#VarName56"; + + // Make sure that all names in the same namespace match. + UT_ASSERT_TRUE( EvaluatePolicyMatch( &MatchCheckPolicy, CheckVar1Name, &= mTestGuid1, NULL ) ); + UT_ASSERT_TRUE( EvaluatePolicyMatch( &MatchCheckPolicy, CheckVar2Name, &= mTestGuid1, NULL ) ); + UT_ASSERT_TRUE( EvaluatePolicyMatch( &MatchCheckPolicy, CheckVarBName, &= mTestGuid1, NULL ) ); + UT_ASSERT_TRUE( EvaluatePolicyMatch( &MatchCheckPolicy, CheckVarHName, &= mTestGuid1, NULL ) ); + + // Make sure that different namespace doesn't match. + UT_ASSERT_FALSE( EvaluatePolicyMatch( &MatchCheckPolicy, CheckVar1Name, = &mTestGuid2, NULL ) ); + + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +MatchPrioritiesShouldFollowRules ( + IN UNIT_TEST_CONTEXT Context + ) +{ + SIMPLE_VARIABLE_POLICY_ENTRY MatchCheckPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + sizeof(VARIABLE_POLICY_ENTRY) + sizeof(L"Wildcard1VarName12"), + sizeof(VARIABLE_POLICY_ENTRY), + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_NULL, + TEST_POLICY_MAX_SIZE_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_NO_LOCK + }, + L"Wildcard1VarName12" + }; + CHAR16 CheckVar1Name[] =3D L"Wildcard1VarName12"; + CHAR16 MatchVar1Name[] =3D L"Wildcard1VarName12"; + CHAR16 MatchVar2Name[] =3D L"Wildcard#VarName12"; + CHAR16 MatchVar3Name[] =3D L"Wildcard#VarName#2"; + CHAR16 MatchVar4Name[] =3D L"Wildcard#VarName##"; + UINT8 MatchPriority; + + // Check with a perfect match. + CopyMem( &MatchCheckPolicy.Name, MatchVar1Name, sizeof(MatchVar1Name) ); + UT_ASSERT_TRUE( EvaluatePolicyMatch( &MatchCheckPolicy.Header, CheckVar1= Name, &mTestGuid1, &MatchPriority ) ); + UT_ASSERT_EQUAL( MatchPriority, 0 ); + + // Check with progressively lower priority matches. + CopyMem( &MatchCheckPolicy.Name, MatchVar2Name, sizeof(MatchVar2Name) ); + UT_ASSERT_TRUE( EvaluatePolicyMatch( &MatchCheckPolicy.Header, CheckVar1= Name, &mTestGuid1, &MatchPriority ) ); + UT_ASSERT_EQUAL( MatchPriority, 1 ); + CopyMem( &MatchCheckPolicy.Name, MatchVar3Name, sizeof(MatchVar3Name) ); + UT_ASSERT_TRUE( EvaluatePolicyMatch( &MatchCheckPolicy.Header, CheckVar1= Name, &mTestGuid1, &MatchPriority ) ); + UT_ASSERT_EQUAL( MatchPriority, 2 ); + CopyMem( &MatchCheckPolicy.Name, MatchVar4Name, sizeof(MatchVar4Name) ); + UT_ASSERT_TRUE( EvaluatePolicyMatch( &MatchCheckPolicy.Header, CheckVar1= Name, &mTestGuid1, &MatchPriority ) ); + UT_ASSERT_EQUAL( MatchPriority, 3 ); + + // Check against the entire namespace. + MatchCheckPolicy.Header.Size =3D sizeof(VARIABLE_POLICY_ENTRY); + UT_ASSERT_TRUE( EvaluatePolicyMatch( &MatchCheckPolicy.Header, CheckVar1= Name, &mTestGuid1, &MatchPriority ) ); + UT_ASSERT_EQUAL( MatchPriority, MAX_UINT8 ); + + return UNIT_TEST_PASSED; +} + +#endif // INTERNAL_UNIT_TEST + + +///=3D=3D=3D POLICY MANIPULATION SUITE =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +RegisterShouldAllowNamespaceWildcards ( + IN UNIT_TEST_CONTEXT Context + ) +{ + SIMPLE_VARIABLE_POLICY_ENTRY ValidationPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + sizeof(VARIABLE_POLICY_ENTRY), + sizeof(VARIABLE_POLICY_ENTRY), + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_NULL, + TEST_POLICY_MAX_SIZE_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_NO_LOCK + }, + L"" + }; + + UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Heade= r ) ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +RegisterShouldAllowStateVarsForNamespaces ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EXPANDED_VARIABLE_POLICY_ENTRY ValidationPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + 0, // Will be populated by init helper. + 0, // Will be populated by init helper. + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_NULL, + TEST_POLICY_MAX_SIZE_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE + }, + { + TEST_GUID_2, + 1, // Value + 0 // Padding + }, + L"", + L"" + }; + UT_ASSERT_TRUE( InitExpVarPolicyStrings( &ValidationPolicy, NULL, TEST_V= AR_2_NAME ) ); + + UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Heade= r ) ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +RegisterShouldRejectNullPointers ( + IN UNIT_TEST_CONTEXT Context + ) +{ + UT_ASSERT_EQUAL( RegisterVariablePolicy( NULL ), EFI_INVALID_PARAMETER ); + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +RegisterShouldRejectBadRevisions ( + IN UNIT_TEST_CONTEXT Context + ) +{ + SIMPLE_VARIABLE_POLICY_ENTRY ValidationPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME), + sizeof(VARIABLE_POLICY_ENTRY), + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_NULL, + TEST_POLICY_MAX_SIZE_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_NO_LOCK + }, + TEST_VAR_1_NAME + }; + + ValidationPolicy.Header.Version =3D MAX_UINT32; + UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ), EFI= _INVALID_PARAMETER ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +RegisterShouldRejectBadSizes ( + IN UNIT_TEST_CONTEXT Context + ) +{ + SIMPLE_VARIABLE_POLICY_ENTRY ValidationPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME), + sizeof(VARIABLE_POLICY_ENTRY), + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_NULL, + TEST_POLICY_MAX_SIZE_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_NO_LOCK + }, + TEST_VAR_1_NAME + }; + + ValidationPolicy.Header.Size =3D sizeof(VARIABLE_POLICY_ENTRY) - 2; + UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ), EFI= _INVALID_PARAMETER ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +RegisterShouldRejectBadOffsets ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EXPANDED_VARIABLE_POLICY_ENTRY ValidationPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + 0, // Will be populated by init helper. + 0, // Will be populated by init helper. + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_NULL, + TEST_POLICY_MAX_SIZE_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE + }, + { + TEST_GUID_2, + 1, // Value + 0 // Padding + }, + L"", + L"" + }; + UT_ASSERT_TRUE( InitExpVarPolicyStrings( &ValidationPolicy, TEST_VAR_1_N= AME, TEST_VAR_2_NAME ) ); + + // Check for an offset outside the size bounds. + ValidationPolicy.Header.OffsetToName =3D ValidationPolicy.Header.Size + = 1; + UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ), EFI= _INVALID_PARAMETER ); + + // Check for an offset inside the policy header. + ValidationPolicy.Header.OffsetToName =3D sizeof(VARIABLE_POLICY_ENTRY) -= 2; + UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ), EFI= _INVALID_PARAMETER ); + + // Check for an offset inside the state policy header. + ValidationPolicy.Header.OffsetToName =3D sizeof(VARIABLE_POLICY_ENTRY) += 2; + UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ), EFI= _INVALID_PARAMETER ); + + // Check for a ridiculous offset. + ValidationPolicy.Header.OffsetToName =3D MAX_UINT16; + UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ), EFI= _INVALID_PARAMETER ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +RegisterShouldRejectMissingStateStrings ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EXPANDED_VARIABLE_POLICY_ENTRY ValidationPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + 0, // Will be populated by init helper. + 0, // Will be populated by init helper. + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_NULL, + TEST_POLICY_MAX_SIZE_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE + }, + { + TEST_GUID_2, + 1, // Value + 0 // Padding + }, + L"", + L"" + }; + UT_ASSERT_TRUE( InitExpVarPolicyStrings( &ValidationPolicy, TEST_VAR_1_N= AME, TEST_VAR_2_NAME ) ); + + // Remove the state string and copy the Name into it's place. + // Also adjust the offset. + ValidationPolicy.Header.Size =3D sizeof(VARIABLE_POLICY_ENTRY) = + sizeof(VARIABLE_LOCK_ON_VAR_STATE_POLICY) + sizeof(TEST_VAR_1_NAME); + ValidationPolicy.Header.OffsetToName =3D sizeof(VARIABLE_POLICY_ENTRY) = + sizeof(VARIABLE_LOCK_ON_VAR_STATE_POLICY); + CopyMem( (UINT8*)&ValidationPolicy + ValidationPolicy.Header.OffsetToNam= e, TEST_VAR_1_NAME, sizeof(TEST_VAR_1_NAME) ); + + // Make sure that this structure fails. + UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ), EFI= _INVALID_PARAMETER ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +RegisterShouldRejectStringsMissingNull ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EXPANDED_VARIABLE_POLICY_ENTRY ValidationPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + 0, // Will be populated by init helper. + 0, // Will be populated by init helper. + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_NULL, + TEST_POLICY_MAX_SIZE_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE + }, + { + TEST_GUID_2, + 1, // Value + 0 // Padding + }, + L"", + L"" + }; + UT_ASSERT_TRUE( InitExpVarPolicyStrings( &ValidationPolicy, TEST_VAR_1_N= AME, TEST_VAR_2_NAME ) ); + + // Removing the NULL from the Name should fail. + ValidationPolicy.Header.Size =3D ValidationPolicy.Header.Size - sizeof(C= HAR16); + UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ), EFI= _INVALID_PARAMETER ); + + // Removing the NULL from the State Name is a little trickier. + // Copy the Name up one byte. + ValidationPolicy.Header.OffsetToName =3D ValidationPolicy.Header.OffsetT= oName - sizeof(CHAR16); + CopyMem( (UINT8*)&ValidationPolicy + ValidationPolicy.Header.OffsetToNam= e, TEST_VAR_1_NAME, sizeof(TEST_VAR_1_NAME) ); + UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ), EFI= _INVALID_PARAMETER ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +RegisterShouldRejectMalformedStrings ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EXPANDED_VARIABLE_POLICY_ENTRY ValidationPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + 0, // Will be populated by init helper. + 0, // Will be populated by init helper. + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_NULL, + TEST_POLICY_MAX_SIZE_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE + }, + { + TEST_GUID_2, + 1, // Value + 0 // Padding + }, + L"", + L"" + }; + UT_ASSERT_TRUE( InitExpVarPolicyStrings( &ValidationPolicy, TEST_VAR_1_N= AME, TEST_VAR_2_NAME ) ); + + // Bisecting the NULL from the Name should fail. + ValidationPolicy.Header.Size =3D ValidationPolicy.Header.Size - 1; + UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ), EFI= _INVALID_PARAMETER ); + + // Bisecting the NULL from the State Name is a little trickier. + // Copy the Name up one byte. + ValidationPolicy.Header.OffsetToName =3D ValidationPolicy.Header.OffsetT= oName - 1; + CopyMem( (UINT8*)&ValidationPolicy + ValidationPolicy.Header.OffsetToNam= e, TEST_VAR_1_NAME, sizeof(TEST_VAR_1_NAME) ); + UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ), EFI= _INVALID_PARAMETER ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +RegisterShouldRejectUnpackedPolicies ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EXPANDED_VARIABLE_POLICY_ENTRY ValidationPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + 0, // Will be populated by init helper. + 0, // Will be populated by init helper. + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_NULL, + TEST_POLICY_MAX_SIZE_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE + }, + { + TEST_GUID_2, + 1, // Value + 0 // Padding + }, + L"", + L"" + }; + UT_ASSERT_TRUE( InitExpVarPolicyStrings( &ValidationPolicy, TEST_VAR_1_N= AME, TEST_VAR_2_NAME ) ); + + // Increase the size and move the Name out a bit. + ValidationPolicy.Header.Size =3D ValidationPolicy.Header.Size + sizeof(C= HAR16); + ValidationPolicy.Header.OffsetToName =3D ValidationPolicy.Header.OffsetT= oName + sizeof(CHAR16); + CopyMem( (UINT8*)&ValidationPolicy + ValidationPolicy.Header.OffsetToNam= e, TEST_VAR_1_NAME, sizeof(TEST_VAR_1_NAME) ); + UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ), EFI= _INVALID_PARAMETER ); + + // Reintialize without the state policy and try the same test. + ValidationPolicy.Header.LockPolicyType =3D VARIABLE_POLICY_TYPE_NO_LOCK; + UT_ASSERT_TRUE( InitExpVarPolicyStrings( &ValidationPolicy, TEST_VAR_1_N= AME, NULL ) ); + ValidationPolicy.Header.Size =3D ValidationPolicy.Header.Size + sizeof(C= HAR16); + ValidationPolicy.Header.OffsetToName =3D ValidationPolicy.Header.OffsetT= oName + sizeof(CHAR16); + CopyMem( (UINT8*)&ValidationPolicy + ValidationPolicy.Header.OffsetToNam= e, TEST_VAR_1_NAME, sizeof(TEST_VAR_1_NAME) ); + UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ), EFI= _INVALID_PARAMETER ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +RegisterShouldRejectInvalidNameCharacters ( + IN UNIT_TEST_CONTEXT Context + ) +{ + // EXPANDED_VARIABLE_POLICY_ENTRY ValidationPolicy =3D { + // { + // VARIABLE_POLICY_ENTRY_REVISION, + // 0, // Will be populated by init helper. + // 0, // Will be populated by init helper. + // TEST_GUID_1, + // TEST_POLICY_MIN_SIZE_NULL, + // TEST_POLICY_MAX_SIZE_NULL, + // TEST_POLICY_ATTRIBUTES_NULL, + // TEST_POLICY_ATTRIBUTES_NULL, + // VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE + // }, + // { + // TEST_GUID_2, + // 1, // Value + // 0 // Padding + // }, + // L"", + // L"" + // }; + + // Currently, there are no known invalid characters. + // '#' in LockPolicy->Name are taken as literal. + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +RegisterShouldRejectBadPolicyConstraints ( + IN UNIT_TEST_CONTEXT Context + ) +{ + SIMPLE_VARIABLE_POLICY_ENTRY ValidationPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME), + sizeof(VARIABLE_POLICY_ENTRY), + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_NULL, + TEST_POLICY_MAX_SIZE_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_NO_LOCK + }, + TEST_VAR_1_NAME + }; + + // Make sure that invalid MAXes are rejected. + ValidationPolicy.Header.MaxSize =3D 0; + UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ), EFI= _INVALID_PARAMETER ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +RegisterShouldRejectUnknownLockPolicies ( + IN UNIT_TEST_CONTEXT Context + ) +{ + SIMPLE_VARIABLE_POLICY_ENTRY ValidationPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME), + sizeof(VARIABLE_POLICY_ENTRY), + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_NULL, + TEST_POLICY_MAX_SIZE_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_NO_LOCK + }, + TEST_VAR_1_NAME + }; + + ValidationPolicy.Header.LockPolicyType =3D VARIABLE_POLICY_TYPE_LOCK_ON_= VAR_STATE + 1; + UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ), EFI= _INVALID_PARAMETER ); + ValidationPolicy.Header.LockPolicyType =3D VARIABLE_POLICY_TYPE_LOCK_ON_= VAR_STATE + 1; + UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ), EFI= _INVALID_PARAMETER ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +RegisterShouldRejectPolicesWithTooManyWildcards ( + IN UNIT_TEST_CONTEXT Context + ) +{ + SIMPLE_VARIABLE_POLICY_ENTRY ValidationPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_300_HASHES_STRING), + sizeof(VARIABLE_POLICY_ENTRY), + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_NULL, + TEST_POLICY_MAX_SIZE_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_NO_LOCK + }, + TEST_300_HASHES_STRING + }; + + // 300 Hashes is currently larger than the possible maximum match priori= ty. + UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ), EFI= _INVALID_PARAMETER ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +RegisterShouldRejectDuplicatePolicies ( + IN UNIT_TEST_CONTEXT Context + ) +{ + SIMPLE_VARIABLE_POLICY_ENTRY ValidationPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME), + sizeof(VARIABLE_POLICY_ENTRY), + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_NULL, + TEST_POLICY_MAX_SIZE_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_NO_LOCK + }, + TEST_VAR_1_NAME + }; + + UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Heade= r ) ); + UT_ASSERT_STATUS_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header= ), EFI_ALREADY_STARTED ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +MinAndMaxSizePoliciesShouldBeHonored ( + IN UNIT_TEST_CONTEXT Context + ) +{ + SIMPLE_VARIABLE_POLICY_ENTRY ValidationPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME), + sizeof(VARIABLE_POLICY_ENTRY), + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_10, + TEST_POLICY_MAX_SIZE_200, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_NO_LOCK + }, + TEST_VAR_1_NAME + }; + EFI_STATUS PolicyCheck; + UINT8 DummyData[TEST_POLICY_MAX_SIZE_200+1]; + + + // Without a policy, there should be no constraints on variable creation. + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_NV_BS, + TEST_POLICY_MAX_SIZE_200+1, + DummyData ); + UT_ASSERT_NOT_EFI_ERROR( PolicyCheck ); + + // Set a policy to test against. + UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Heade= r ) ); + + // With a policy, make sure that sizes outsize the target range fail. + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_NV_BS, + TEST_POLICY_MAX_SIZE_200+1, + DummyData ); + UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) ); + + // With a policy, make sure that sizes outsize the target range fail. + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_NV_BS, + TEST_POLICY_MIN_SIZE_10-1, + DummyData ); + UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) ); + + // With a policy, make sure a valid variable is still valid. + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_NV_BS, + TEST_POLICY_MIN_SIZE_10+1, + DummyData ); + UT_ASSERT_NOT_EFI_ERROR( PolicyCheck ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +AttributeMustPoliciesShouldBeHonored ( + IN UNIT_TEST_CONTEXT Context + ) +{ + SIMPLE_VARIABLE_POLICY_ENTRY ValidationPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME), + sizeof(VARIABLE_POLICY_ENTRY), + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_NULL, + TEST_POLICY_MAX_SIZE_NULL, + VARIABLE_ATTRIBUTE_NV_BS_RT, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_NO_LOCK + }, + TEST_VAR_1_NAME + }; + EFI_STATUS PolicyCheck; + UINT8 DummyData[12]; + + + // Without a policy, there should be no constraints on variable creation. + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + TEST_POLICY_ATTRIBUTES_NULL, + sizeof(DummyData), + DummyData ); + UT_ASSERT_NOT_EFI_ERROR( PolicyCheck ); + + // Set a policy to test against. + UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Heade= r ) ); + + // With a policy, make sure that no attributes fail. + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + TEST_POLICY_ATTRIBUTES_NULL, + sizeof(DummyData), + DummyData ); + UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) ); + + // With a policy, make sure that some -- but not all -- attributes fail. + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + sizeof(DummyData), + DummyData ); + UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) ); + + // With a policy, make sure that all attributes pass. + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_NV_BS_RT, + sizeof(DummyData), + DummyData ); + UT_ASSERT_NOT_EFI_ERROR( PolicyCheck ); + + // With a policy, make sure that all attributes -- plus some -- pass. + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_NV_BS_RT_AT, + sizeof(DummyData), + DummyData ); + UT_ASSERT_NOT_EFI_ERROR( PolicyCheck ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +AttributeCantPoliciesShouldBeHonored ( + IN UNIT_TEST_CONTEXT Context + ) +{ + SIMPLE_VARIABLE_POLICY_ENTRY ValidationPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME), + sizeof(VARIABLE_POLICY_ENTRY), + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_NULL, + TEST_POLICY_MAX_SIZE_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS, + VARIABLE_POLICY_TYPE_NO_LOCK + }, + TEST_VAR_1_NAME + }; + EFI_STATUS PolicyCheck; + UINT8 DummyData[12]; + + + // Without a policy, there should be no constraints on variable creation. + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + sizeof(DummyData), + DummyData ); + UT_ASSERT_NOT_EFI_ERROR( PolicyCheck ); + + // Set a policy to test against. + UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Heade= r ) ); + + // With a policy, make sure that forbidden attributes fail. + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + EFI_VARIABLE_TIME_BASED_AUTHENTICATED_= WRITE_ACCESS, + sizeof(DummyData), + DummyData ); + UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) ); + + // With a policy, make sure that a mixture of attributes -- including th= e forbidden -- fail. + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + sizeof(DummyData), + DummyData ); + UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) ); + + // With a policy, make sure that attributes without the forbidden pass. + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_NV_BS_RT, + sizeof(DummyData), + DummyData ); + UT_ASSERT_NOT_EFI_ERROR( PolicyCheck ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +VariablesShouldBeDeletableRegardlessOfSize ( + IN UNIT_TEST_CONTEXT Context + ) +{ + SIMPLE_VARIABLE_POLICY_ENTRY ValidationPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME), + sizeof(VARIABLE_POLICY_ENTRY), + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_10, + TEST_POLICY_MAX_SIZE_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS, + VARIABLE_POLICY_TYPE_NO_LOCK + }, + TEST_VAR_1_NAME + }; + EFI_STATUS PolicyCheck; + UINT8 DummyData[TEST_POLICY_MAX_SIZE_200+1]; + + // Create a policy enforcing a minimum variable size. + UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Heade= r ) ); + + // Make sure that a normal set would fail. + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_NV_BS, + TEST_POLICY_MIN_SIZE_10-1, + DummyData ); + UT_ASSERT_STATUS_EQUAL( PolicyCheck, EFI_INVALID_PARAMETER ); + + // Now make sure that a delete would succeed. + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_NV_BS, + 0, + NULL ); + UT_ASSERT_NOT_EFI_ERROR( PolicyCheck ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +LockNowPoliciesShouldBeHonored ( + IN UNIT_TEST_CONTEXT Context + ) +{ + SIMPLE_VARIABLE_POLICY_ENTRY ValidationPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME), + sizeof(VARIABLE_POLICY_ENTRY), + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_NULL, + TEST_POLICY_MAX_SIZE_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_LOCK_NOW + }, + TEST_VAR_1_NAME + }; + EFI_STATUS PolicyCheck; + UINT8 DummyData[12]; + + + // Without a policy, there should be no constraints on variable creation. + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + sizeof(DummyData), + DummyData ); + UT_ASSERT_NOT_EFI_ERROR( PolicyCheck ); + + // Set a policy to test against. + UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Heade= r ) ); + + // With a policy, make sure that writes immediately fail. + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + sizeof(DummyData), + DummyData ); + UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +LockOnCreatePoliciesShouldBeHonored ( + IN UNIT_TEST_CONTEXT Context + ) +{ + SIMPLE_VARIABLE_POLICY_ENTRY ValidationPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME), + sizeof(VARIABLE_POLICY_ENTRY), + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_NULL, + TEST_POLICY_MAX_SIZE_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_LOCK_ON_CREATE + }, + TEST_VAR_1_NAME + }; + EFI_STATUS PolicyCheck; + UINT8 DummyData[12]; + UINTN ExpectedDataSize; + + + // Without a policy, there should be no constraints on variable creation. + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + sizeof(DummyData), + DummyData ); + UT_ASSERT_NOT_EFI_ERROR( PolicyCheck ); + + // Set a policy to test against. + UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Heade= r ) ); + + // Set consistent expectations on what the calls are looking for. + expect_memory_count( StubGetVariableNull, VariableName, TEST_VAR_1_NAME,= sizeof(TEST_VAR_1_NAME), 2 ); + expect_memory_count( StubGetVariableNull, VendorGuid, &mTestGuid1, sizeo= f(mTestGuid1), 2 ); + ExpectedDataSize =3D 0; + expect_memory_count( StubGetVariableNull, DataSize, &ExpectedDataSize, s= izeof(ExpectedDataSize), 2 ); + + // With a policy, make sure that writes still work, since the variable d= oesn't exist. + will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_NULL ); // A= ttributes + will_return( StubGetVariableNull, 0 ); // S= ize + will_return( StubGetVariableNull, NULL ); // D= ataPtr + will_return( StubGetVariableNull, EFI_NOT_FOUND ); // S= tatus + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + sizeof(DummyData), + DummyData ); + UT_ASSERT_NOT_EFI_ERROR( PolicyCheck ); + + // With a policy, make sure that a call with an "existing" variable fail= s. + will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_NULL ); // A= ttributes + will_return( StubGetVariableNull, 10 ); // S= ize + will_return( StubGetVariableNull, NULL ); // D= ataPtr + will_return( StubGetVariableNull, EFI_BUFFER_TOO_SMALL ); // S= tatus + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + sizeof(DummyData), + DummyData ); + UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +LockOnStatePoliciesShouldBeHonored ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EXPANDED_VARIABLE_POLICY_ENTRY ValidationPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + 0, // Will be populated by init helper. + 0, // Will be populated by init helper. + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_NULL, + TEST_POLICY_MAX_SIZE_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE + }, + { + TEST_GUID_2, + 20, // Value + 0 // Padding + }, + L"", + L"" + }; + EFI_STATUS PolicyCheck; + UINT8 DummyData[12]; + UINT8 ValidationStateVar; + UINTN ExpectedDataSize; + UT_ASSERT_TRUE( InitExpVarPolicyStrings( &ValidationPolicy, TEST_VAR_1_N= AME, TEST_VAR_2_NAME ) ); + + + // Without a policy, there should be no constraints on variable creation. + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + sizeof(DummyData), + DummyData ); + UT_ASSERT_NOT_EFI_ERROR( PolicyCheck ); + + // Set a policy to test against. + UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Heade= r ) ); + + // Set consistent expectations on what the calls are looking for. + expect_memory_count( StubGetVariableNull, VariableName, TEST_VAR_2_NAME,= sizeof(TEST_VAR_2_NAME), 5 ); + expect_memory_count( StubGetVariableNull, VendorGuid, &mTestGuid2, sizeo= f(mTestGuid2), 5 ); + ExpectedDataSize =3D 1; + expect_memory_count( StubGetVariableNull, DataSize, &ExpectedDataSize, s= izeof(ExpectedDataSize), 5 ); + + // With a policy, make sure that writes still work, since the variable d= oesn't exist. + will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_NULL ); // A= ttributes + will_return( StubGetVariableNull, 0 ); // S= ize + will_return( StubGetVariableNull, NULL ); // D= ataPtr + will_return( StubGetVariableNull, EFI_NOT_FOUND ); // S= tatus + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + sizeof(DummyData), + DummyData ); + UT_ASSERT_NOT_EFI_ERROR( PolicyCheck ); + + // With a policy, make sure that a state variable that's too large doesn= 't lock the variable. + will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_NULL ); // A= ttributes + will_return( StubGetVariableNull, 10 ); // S= ize + will_return( StubGetVariableNull, NULL ); // D= ataPtr + will_return( StubGetVariableNull, EFI_BUFFER_TOO_SMALL ); // S= tatus + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + sizeof(DummyData), + DummyData ); + UT_ASSERT_NOT_EFI_ERROR( PolicyCheck ); + + // With a policy, check a state variable with the wrong value. + ValidationStateVar =3D 0; + will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_NULL ); // A= ttributes + will_return( StubGetVariableNull, sizeof(ValidationStateVar) ); // S= ize + will_return( StubGetVariableNull, &ValidationStateVar ); // D= ataPtr + will_return( StubGetVariableNull, EFI_SUCCESS ); // S= tatus + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + sizeof(DummyData), + DummyData ); + UT_ASSERT_NOT_EFI_ERROR( PolicyCheck ); + + // With a policy, check a state variable with another wrong value. + ValidationStateVar =3D 10; + will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_NULL ); // A= ttributes + will_return( StubGetVariableNull, sizeof(ValidationStateVar) ); // S= ize + will_return( StubGetVariableNull, &ValidationStateVar ); // D= ataPtr + will_return( StubGetVariableNull, EFI_SUCCESS ); // S= tatus + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + sizeof(DummyData), + DummyData ); + UT_ASSERT_NOT_EFI_ERROR( PolicyCheck ); + + // With a policy, make sure that a call with a correct state variable fa= ils. + ValidationStateVar =3D 20; + will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_NULL ); // A= ttributes + will_return( StubGetVariableNull, sizeof(ValidationStateVar) ); // S= ize + will_return( StubGetVariableNull, &ValidationStateVar ); // D= ataPtr + will_return( StubGetVariableNull, EFI_SUCCESS ); // S= tatus + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + sizeof(DummyData), + DummyData ); + UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +LockOnStatePoliciesShouldApplyToNamespaces ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EXPANDED_VARIABLE_POLICY_ENTRY ValidationPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + 0, // Will be populated by init helper. + 0, // Will be populated by init helper. + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_NULL, + TEST_POLICY_MAX_SIZE_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE + }, + { + TEST_GUID_2, + 20, // Value + 0 // Padding + }, + L"", + L"" + }; + EFI_STATUS PolicyCheck; + UINT8 DummyData[12]; + UINT8 ValidationStateVar; + UINTN ExpectedDataSize; + UT_ASSERT_TRUE( InitExpVarPolicyStrings( &ValidationPolicy, NULL, TEST_V= AR_2_NAME ) ); + + + // Without a policy, there should be no constraints on variable creation. + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + sizeof(DummyData), + DummyData ); + UT_ASSERT_NOT_EFI_ERROR( PolicyCheck ); + PolicyCheck =3D ValidateSetVariable( TEST_VAR_3_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + sizeof(DummyData), + DummyData ); + UT_ASSERT_NOT_EFI_ERROR( PolicyCheck ); + + // Set a policy to test against. + UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Heade= r ) ); + + // Set consistent expectations on what the calls are looking for. + expect_memory_count( StubGetVariableNull, VariableName, TEST_VAR_2_NAME,= sizeof(TEST_VAR_2_NAME), 4 ); + expect_memory_count( StubGetVariableNull, VendorGuid, &mTestGuid2, sizeo= f(mTestGuid2), 4 ); + ExpectedDataSize =3D 1; + expect_memory_count( StubGetVariableNull, DataSize, &ExpectedDataSize, s= izeof(ExpectedDataSize), 4 ); + + // With a policy, make sure that writes still work, since the variable d= oesn't exist. + will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_NULL ); // A= ttributes + will_return( StubGetVariableNull, 0 ); // S= ize + will_return( StubGetVariableNull, NULL ); // D= ataPtr + will_return( StubGetVariableNull, EFI_NOT_FOUND ); // S= tatus + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + sizeof(DummyData), + DummyData ); + UT_ASSERT_NOT_EFI_ERROR( PolicyCheck ); + will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_NULL ); // A= ttributes + will_return( StubGetVariableNull, 0 ); // S= ize + will_return( StubGetVariableNull, NULL ); // D= ataPtr + will_return( StubGetVariableNull, EFI_NOT_FOUND ); // S= tatus + PolicyCheck =3D ValidateSetVariable( TEST_VAR_3_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + sizeof(DummyData), + DummyData ); + UT_ASSERT_NOT_EFI_ERROR( PolicyCheck ); + + // With a policy, make sure that a call with a correct state variable fa= ils. + ValidationStateVar =3D 20; + will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_NULL ); // A= ttributes + will_return( StubGetVariableNull, sizeof(ValidationStateVar) ); // S= ize + will_return( StubGetVariableNull, &ValidationStateVar ); // D= ataPtr + will_return( StubGetVariableNull, EFI_SUCCESS ); // S= tatus + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + sizeof(DummyData), + DummyData ); + UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) ); + will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_NULL ); // A= ttributes + will_return( StubGetVariableNull, sizeof(ValidationStateVar) ); // S= ize + will_return( StubGetVariableNull, &ValidationStateVar ); // D= ataPtr + will_return( StubGetVariableNull, EFI_SUCCESS ); // S= tatus + PolicyCheck =3D ValidateSetVariable( TEST_VAR_3_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + sizeof(DummyData), + DummyData ); + UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +LockOnStateShouldHandleErrorsGracefully ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EXPANDED_VARIABLE_POLICY_ENTRY ValidationPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + 0, // Will be populated by init helper. + 0, // Will be populated by init helper. + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_NULL, + TEST_POLICY_MAX_SIZE_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE + }, + { + TEST_GUID_2, + 20, // Value + 0 // Padding + }, + L"", + L"" + }; + EFI_STATUS PolicyCheck; + UINT8 DummyData[12]; + UT_ASSERT_TRUE( InitExpVarPolicyStrings( &ValidationPolicy, TEST_VAR_1_N= AME, TEST_VAR_2_NAME ) ); + + + // Without a policy, there should be no constraints on variable creation. + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + sizeof(DummyData), + DummyData ); + UT_ASSERT_NOT_EFI_ERROR( PolicyCheck ); + + // Set a policy to test against. + UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Heade= r ) ); + + // Configure the stub to not care about parameters. We're testing errors. + expect_any_always( StubGetVariableNull, VariableName ); + expect_any_always( StubGetVariableNull, VendorGuid ); + expect_any_always( StubGetVariableNull, DataSize ); + + // With a policy, make sure that writes still work, since the variable d= oesn't exist. + will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_NULL ); // A= ttributes + will_return( StubGetVariableNull, 0 ); // S= ize + will_return( StubGetVariableNull, NULL ); // D= ataPtr + will_return( StubGetVariableNull, EFI_NOT_FOUND ); // S= tatus + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + sizeof(DummyData), + DummyData ); + UT_ASSERT_NOT_EFI_ERROR( PolicyCheck ); + + // Verify that state variables that are the wrong size won't lock the va= riable. + will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_NULL ); // A= ttributes + will_return( StubGetVariableNull, 0 ); // S= ize + will_return( StubGetVariableNull, NULL ); // D= ataPtr + will_return( StubGetVariableNull, EFI_BUFFER_TOO_SMALL ); // S= tatus + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + sizeof(DummyData), + DummyData ); + UT_ASSERT_NOT_EFI_ERROR( PolicyCheck ); + + // Verify that unexpected errors default to locked. + will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_NULL ); // A= ttributes + will_return( StubGetVariableNull, 0 ); // S= ize + will_return( StubGetVariableNull, NULL ); // D= ataPtr + will_return( StubGetVariableNull, EFI_UNSUPPORTED ); // S= tatus + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + sizeof(DummyData), + DummyData ); + UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) ); + + will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_NULL ); // A= ttributes + will_return( StubGetVariableNull, 0 ); // S= ize + will_return( StubGetVariableNull, NULL ); // D= ataPtr + will_return( StubGetVariableNull, EFI_NOT_READY ); // S= tatus + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + sizeof(DummyData), + DummyData ); + UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +BestMatchPriorityShouldBeObeyed ( + IN UNIT_TEST_CONTEXT Context + ) +{ + SIMPLE_VARIABLE_POLICY_ENTRY ValidationPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + sizeof(VARIABLE_POLICY_ENTRY) + sizeof(L"Wild12Card34Placeholder"), + sizeof(VARIABLE_POLICY_ENTRY), + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_NULL, + TEST_POLICY_MAX_SIZE_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_NO_LOCK + }, + L"Wild12Card34Placeholder" + }; + EFI_STATUS PolicyCheck; + UINT8 DummyData[70]; + CHAR16 *PolicyName =3D (CHAR16*)((UINT8*)&ValidationPolicy + sizeof= (VARIABLE_POLICY_ENTRY)); + UINTN PolicyNameSize =3D sizeof(L"Wild12Card34Placeholder"); + CHAR16 *FourWildcards =3D L"Wild##Card##Placeholder"; + CHAR16 *ThreeWildcards =3D L"Wild##Card#4Placeholder"; + CHAR16 *TwoWildcards =3D L"Wild##Card34Placeholder"; + CHAR16 *OneWildcard =3D L"Wild#2Card34Placeholder"; + CHAR16 *NoWildcards =3D L"Wild12Card34Placeholder"; + + // Create all of the policies from least restrictive to most restrictive. + // NoWildcards should be the most restrictive. + ValidationPolicy.Header.MaxSize =3D 60; + ValidationPolicy.Header.Size =3D ValidationPolicy.Header.OffsetToName; + UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Heade= r ) ); + ValidationPolicy.Header.Size +=3D (UINT16)PolicyNameSize; + ValidationPolicy.Header.MaxSize =3D 50; + CopyMem( PolicyName, FourWildcards, PolicyNameSize ); + UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Heade= r ) ); + ValidationPolicy.Header.MaxSize =3D 40; + CopyMem( PolicyName, ThreeWildcards, PolicyNameSize ); + UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Heade= r ) ); + ValidationPolicy.Header.MaxSize =3D 30; + CopyMem( PolicyName, TwoWildcards, PolicyNameSize ); + UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Heade= r ) ); + ValidationPolicy.Header.MaxSize =3D 20; + CopyMem( PolicyName, OneWildcard, PolicyNameSize ); + UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Heade= r ) ); + ValidationPolicy.Header.MaxSize =3D 10; + CopyMem( PolicyName, NoWildcards, PolicyNameSize ); + UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Heade= r ) ); + + // Verify that variables only matching the namespace have the most flexi= ble policy. + PolicyCheck =3D ValidateSetVariable( L"ArbitraryName", + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + 65, + DummyData ); + UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) ); + PolicyCheck =3D ValidateSetVariable( L"ArbitraryName", + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + 55, + DummyData ); + UT_ASSERT_NOT_EFI_ERROR( PolicyCheck ); + + // Verify that variables matching increasing characters get increasing p= olicy restrictions. + PolicyCheck =3D ValidateSetVariable( L"Wild77Card77Placeholder", + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + 55, + DummyData ); + UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) ); + PolicyCheck =3D ValidateSetVariable( L"Wild77Card77Placeholder", + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + 45, + DummyData ); + UT_ASSERT_NOT_EFI_ERROR( PolicyCheck ); + + PolicyCheck =3D ValidateSetVariable( L"Wild77Card74Placeholder", + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + 45, + DummyData ); + UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) ); + PolicyCheck =3D ValidateSetVariable( L"Wild77Card74Placeholder", + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + 35, + DummyData ); + UT_ASSERT_NOT_EFI_ERROR( PolicyCheck ); + + PolicyCheck =3D ValidateSetVariable( L"Wild77Card34Placeholder", + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + 35, + DummyData ); + UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) ); + PolicyCheck =3D ValidateSetVariable( L"Wild77Card34Placeholder", + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + 25, + DummyData ); + UT_ASSERT_NOT_EFI_ERROR( PolicyCheck ); + + PolicyCheck =3D ValidateSetVariable( L"Wild72Card34Placeholder", + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + 25, + DummyData ); + UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) ); + PolicyCheck =3D ValidateSetVariable( L"Wild72Card34Placeholder", + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + 15, + DummyData ); + UT_ASSERT_NOT_EFI_ERROR( PolicyCheck ); + + PolicyCheck =3D ValidateSetVariable( L"Wild12Card34Placeholder", + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + 15, + DummyData ); + UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) ); + PolicyCheck =3D ValidateSetVariable( L"Wild12Card34Placeholder", + &mTestGuid1, + VARIABLE_ATTRIBUTE_BS_RT_AT, + 5, + DummyData ); + UT_ASSERT_NOT_EFI_ERROR( PolicyCheck ); + + return UNIT_TEST_PASSED; +} + + +///=3D=3D=3D POLICY UTILITY SUITE =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +ShouldBeAbleToLockInterface ( + IN UNIT_TEST_CONTEXT Context + ) +{ + SIMPLE_VARIABLE_POLICY_ENTRY TestPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME), + sizeof(VARIABLE_POLICY_ENTRY), + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_NULL, + TEST_POLICY_MAX_SIZE_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_NO_LOCK + }, + TEST_VAR_1_NAME + }; + + // Make sure it's not already locked. + UT_ASSERT_FALSE( IsVariablePolicyInterfaceLocked() ); + // Lock it. + UT_ASSERT_NOT_EFI_ERROR( LockVariablePolicy() ); + // Verify that it's locked. + UT_ASSERT_TRUE( IsVariablePolicyInterfaceLocked() ); + + // Verify that all state-changing commands fail. + UT_ASSERT_TRUE( EFI_ERROR( LockVariablePolicy() ) ); + UT_ASSERT_TRUE( EFI_ERROR( DisableVariablePolicy() ) ); + UT_ASSERT_TRUE( EFI_ERROR( RegisterVariablePolicy( &TestPolicy.Header ) = ) ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +ShouldBeAbleToDisablePolicyEnforcement ( + IN UNIT_TEST_CONTEXT Context + ) +{ + SIMPLE_VARIABLE_POLICY_ENTRY TestPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME), + sizeof(VARIABLE_POLICY_ENTRY), + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_10, + TEST_POLICY_MAX_SIZE_200, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_NO_LOCK + }, + TEST_VAR_1_NAME + }; + EFI_STATUS PolicyCheck; + UINT8 DummyData[TEST_POLICY_MIN_SIZE_10-1]; + + // Make sure that the policy enforcement is currently enabled. + UT_ASSERT_TRUE( IsVariablePolicyEnabled() ); + // Add a policy before it's disabled. + UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &TestPolicy.Header ) ); + // Disable the policy enforcement. + UT_ASSERT_NOT_EFI_ERROR( DisableVariablePolicy() ); + // Make sure that the policy enforcement is currently disabled. + UT_ASSERT_FALSE( IsVariablePolicyEnabled() ); + + // Check to make sure that a policy violation still passes. + PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME, + &mTestGuid1, + VARIABLE_ATTRIBUTE_NV_BS, + sizeof(DummyData), + DummyData ); + UT_ASSERT_NOT_EFI_ERROR( PolicyCheck ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +ShouldNotBeAbleToDisablePoliciesTwice ( + IN UNIT_TEST_CONTEXT Context + ) +{ + // Make sure that the policy enforcement is currently enabled. + UT_ASSERT_TRUE( IsVariablePolicyEnabled() ); + // Disable the policy enforcement. + UT_ASSERT_NOT_EFI_ERROR( DisableVariablePolicy() ); + // Make sure that the policy enforcement is currently disabled. + UT_ASSERT_FALSE( IsVariablePolicyEnabled() ); + // Try to disable again and verify failure. + UT_ASSERT_TRUE( EFI_ERROR( DisableVariablePolicy() ) ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +ShouldBeAbleToAddNewPoliciesAfterDisabled ( + IN UNIT_TEST_CONTEXT Context + ) +{ + SIMPLE_VARIABLE_POLICY_ENTRY TestPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME), + sizeof(VARIABLE_POLICY_ENTRY), + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_10, + TEST_POLICY_MAX_SIZE_200, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_NO_LOCK + }, + TEST_VAR_1_NAME + }; + EFI_STATUS PolicyCheck; + + // Make sure that the policy enforcement is currently enabled. + UT_ASSERT_TRUE( IsVariablePolicyEnabled() ); + // Disable the policy enforcement. + UT_ASSERT_NOT_EFI_ERROR( DisableVariablePolicy() ); + + // Make sure that new policy creation still works, it just won't be enfo= rced. + PolicyCheck =3D RegisterVariablePolicy( &TestPolicy.Header ); + UT_ASSERT_NOT_EFI_ERROR( PolicyCheck ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +ShouldBeAbleToLockAfterDisabled ( + IN UNIT_TEST_CONTEXT Context + ) +{ + // Make sure that the policy enforcement is currently enabled. + UT_ASSERT_TRUE( IsVariablePolicyEnabled() ); + // Disable the policy enforcement. + UT_ASSERT_NOT_EFI_ERROR( DisableVariablePolicy() ); + + // Make sure that we can lock in this state. + UT_ASSERT_FALSE( IsVariablePolicyInterfaceLocked() ); + UT_ASSERT_NOT_EFI_ERROR( LockVariablePolicy() ); + UT_ASSERT_TRUE( IsVariablePolicyInterfaceLocked() ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +ShouldBeAbleToDumpThePolicyTable ( + IN UNIT_TEST_CONTEXT Context + ) +{ + SIMPLE_VARIABLE_POLICY_ENTRY TestPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME), + sizeof(VARIABLE_POLICY_ENTRY), + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_10, + TEST_POLICY_MAX_SIZE_200, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_NO_LOCK + }, + TEST_VAR_1_NAME + }; + EFI_STATUS PolicyCheck; + UINT32 DumpSize; + UINT32 BufferSize; + VOID *DumpBuffer; + + // For good measure, test some parameter validation. + UT_ASSERT_STATUS_EQUAL( DumpVariablePolicy( NULL, NULL ), EFI_INVALID_PA= RAMETER ); + DumpSize =3D 10; + UT_ASSERT_STATUS_EQUAL( DumpVariablePolicy( NULL, &DumpSize ), EFI_INVAL= ID_PARAMETER ); + + // Now for the actual test case. + + // Allocate a buffer to hold the output. + BufferSize =3D sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME); + DumpBuffer =3D AllocatePool( BufferSize ); + UT_ASSERT_NOT_EQUAL( DumpBuffer, NULL ); + + // Verify that the current table size is 0. + DumpSize =3D BufferSize; + UT_ASSERT_NOT_EFI_ERROR( DumpVariablePolicy( DumpBuffer, &DumpSize ) ); + UT_ASSERT_EQUAL( DumpSize, 0 ); + + // Now, set a new policy. + UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &TestPolicy.Header ) ); + + // Make sure that the new return is non-zero and fails as expected. + DumpSize =3D 0; + PolicyCheck =3D DumpVariablePolicy( NULL, &DumpSize ); + UT_ASSERT_STATUS_EQUAL( PolicyCheck, EFI_BUFFER_TOO_SMALL ); + UT_ASSERT_EQUAL( DumpSize, BufferSize ); + + // Now verify that we can fetch the dump. + DumpSize =3D BufferSize; + UT_ASSERT_NOT_EFI_ERROR( DumpVariablePolicy( DumpBuffer, &DumpSize ) ); + UT_ASSERT_EQUAL( DumpSize, BufferSize ); + UT_ASSERT_MEM_EQUAL( &TestPolicy, DumpBuffer, BufferSize ); + + // Always put away your toys. + FreePool( DumpBuffer ); + + return UNIT_TEST_PASSED; +} + +/** + Test Case +*/ +UNIT_TEST_STATUS +EFIAPI +ShouldBeAbleToDumpThePolicyTableAfterDisabled ( + IN UNIT_TEST_CONTEXT Context + ) +{ + SIMPLE_VARIABLE_POLICY_ENTRY TestPolicy =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME), + sizeof(VARIABLE_POLICY_ENTRY), + TEST_GUID_1, + TEST_POLICY_MIN_SIZE_10, + TEST_POLICY_MAX_SIZE_200, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_NO_LOCK + }, + TEST_VAR_1_NAME + }; + SIMPLE_VARIABLE_POLICY_ENTRY TestPolicy2 =3D { + { + VARIABLE_POLICY_ENTRY_REVISION, + sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_2_NAME), + sizeof(VARIABLE_POLICY_ENTRY), + TEST_GUID_2, + TEST_POLICY_MIN_SIZE_10, + TEST_POLICY_MAX_SIZE_200, + TEST_POLICY_ATTRIBUTES_NULL, + TEST_POLICY_ATTRIBUTES_NULL, + VARIABLE_POLICY_TYPE_NO_LOCK + }, + TEST_VAR_2_NAME + }; + EFI_STATUS PolicyCheck; + UINT32 DumpSize; + VOID *DumpBuffer; + + DumpBuffer =3D NULL; + DumpSize =3D 0; + + // Register a new policy. + UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &TestPolicy.Header ) ); + // Make sure that we can dump the policy. + PolicyCheck =3D DumpVariablePolicy( DumpBuffer, &DumpSize ); + UT_ASSERT_STATUS_EQUAL( PolicyCheck, EFI_BUFFER_TOO_SMALL ); + DumpBuffer =3D AllocatePool( DumpSize ); + UT_ASSERT_NOT_EFI_ERROR( DumpVariablePolicy( DumpBuffer, &DumpSize ) ); + UT_ASSERT_MEM_EQUAL( DumpBuffer, &TestPolicy, DumpSize ); + + // Clean up from this step. + FreePool( DumpBuffer ); + DumpBuffer =3D NULL; + DumpSize =3D 0; + + // Now disable the engine. + DisableVariablePolicy(); + + // Now register a new policy and make sure that both can be dumped. + UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &TestPolicy2.Header ) ); + // Make sure that we can dump the policy. + PolicyCheck =3D DumpVariablePolicy( DumpBuffer, &DumpSize ); + UT_ASSERT_STATUS_EQUAL( PolicyCheck, EFI_BUFFER_TOO_SMALL ); + DumpBuffer =3D AllocatePool( DumpSize ); + UT_ASSERT_NOT_EFI_ERROR( DumpVariablePolicy( DumpBuffer, &DumpSize ) ); + + // Finally, make sure that both policies are in the dump. + UT_ASSERT_MEM_EQUAL( DumpBuffer, &TestPolicy, TestPolicy.Header.Size ); + UT_ASSERT_MEM_EQUAL( (UINT8*)DumpBuffer + TestPolicy.Header.Size, + &TestPolicy2, + TestPolicy2.Header.Size ); + + // Always put away your toys. + FreePool( DumpBuffer ); + + return UNIT_TEST_PASSED; +} + + +///=3D=3D=3D TEST ENGINE =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D + +/** + SampleUnitTestApp + + @param[in] ImageHandle The firmware allocated handle for the EFI image. + @param[in] SystemTable A pointer to the EFI System Table. + + @retval EFI_SUCCESS The entry point executed successfully. + @retval other Some error occured when executing this entry poi= nt. + +**/ +int +main ( + ) +{ + EFI_STATUS Status; + UNIT_TEST_FRAMEWORK_HANDLE Framework =3D NULL; + UNIT_TEST_SUITE_HANDLE ArchTests; + UNIT_TEST_SUITE_HANDLE PolicyTests; + UNIT_TEST_SUITE_HANDLE UtilityTests; +#ifdef INTERNAL_UNIT_TEST + UNIT_TEST_SUITE_HANDLE InternalTests; +#endif // INTERNAL_UNIT_TEST + + DEBUG(( DEBUG_INFO, "%a v%a\n", UNIT_TEST_NAME, UNIT_TEST_VERSION )); + + // + // Start setting up the test framework for running the tests. + // + Status =3D InitUnitTestFramework( &Framework, UNIT_TEST_NAME, gEfiCaller= BaseName, UNIT_TEST_VERSION ); + if (EFI_ERROR( Status )) + { + DEBUG((DEBUG_ERROR, "Failed in InitUnitTestFramework. Status =3D %r\n"= , Status)); + goto EXIT; + } + + + // + // Add all test suites and tests. + // + Status =3D CreateUnitTestSuite( &ArchTests, Framework, "Variable Policy = Architectural Tests", "VarPolicy.Arch", NULL, NULL ); + if (EFI_ERROR( Status )) + { + DEBUG((DEBUG_ERROR, "Failed in CreateUnitTestSuite for ArchTests\n")); + Status =3D EFI_OUT_OF_RESOURCES; + goto EXIT; + } + AddTestCase( ArchTests, + "Deinitialization should fail if not previously initialize= d", "VarPolicy.Arch.OnlyDeinit", + ShouldFailDeinitWithoutInit, NULL, NULL, NULL ); + AddTestCase( ArchTests, + "Initialization followed by deinitialization should succee= d", "VarPolicy.Arch.InitDeinit", + ShouldBeAbleToInitAndDeinitTheLibrary, NULL, NULL, NULL ); + AddTestCase( ArchTests, + "The initialization function fail if called twice without = a deinit", "VarPolicy.Arch.InitTwice", + ShouldNotBeAbleToInitializeTheLibraryTwice, NULL, LibClean= up, NULL ); + AddTestCase( ArchTests, + "API functions should be unavailable until library is init= ialized", "VarPolicy.Arch.UninitApiOff", + ApiCommandsShouldNotRespondIfLibIsUninitialized, NULL, Lib= Cleanup, NULL ); + +#ifdef INTERNAL_UNIT_TEST + Status =3D CreateUnitTestSuite( &InternalTests, Framework, "Variable Pol= icy Internal Tests", "VarPolicy.Internal", NULL, NULL ); + if (EFI_ERROR( Status )) + { + DEBUG((DEBUG_ERROR, "Failed in CreateUnitTestSuite for InternalTests\n= ")); + Status =3D EFI_OUT_OF_RESOURCES; + goto EXIT; + } + AddTestCase( InternalTests, + "Policy matching should use name and GUID", "VarPolicy.Int= ernal.NameGuid", + PoliciesShouldMatchByNameAndGuid, LibInitMocked, LibCleanu= p, NULL ); + AddTestCase( InternalTests, + "# sign wildcards should match digits", "VarPolicy.Interna= l.WildDigits", + WildcardPoliciesShouldMatchDigits, LibInitMocked, LibClean= up, NULL ); + AddTestCase( InternalTests, + "Digit wildcards should check edge cases", "VarPolicy.Inte= rnal.WildDigitsAdvanced", + WildcardPoliciesShouldMatchDigitsAdvanced, LibInitMocked, = LibCleanup, NULL ); + AddTestCase( InternalTests, + "Empty names should match an entire namespace", "VarPolicy= .Internal.WildNamespace", + WildcardPoliciesShouldMatchNamespaces, LibInitMocked, LibC= leanup, NULL ); + AddTestCase( InternalTests, + "Match priority should weight correctly based on wildcards= ", "VarPolicy.Internal.Priorities", + MatchPrioritiesShouldFollowRules, LibInitMocked, LibCleanu= p, NULL ); +#endif // INTERNAL_UNIT_TEST + + Status =3D CreateUnitTestSuite( &PolicyTests, Framework, "Variable Polic= y Manipulation Tests", "VarPolicy.Policy", NULL, NULL ); + if (EFI_ERROR( Status )) + { + DEBUG((DEBUG_ERROR, "Failed in CreateUnitTestSuite for PolicyTests\n")= ); + Status =3D EFI_OUT_OF_RESOURCES; + goto EXIT; + } + AddTestCase( PolicyTests, + "RegisterShouldAllowNamespaceWildcards", "VarPolicy.Policy= .AllowNamespace", + RegisterShouldAllowNamespaceWildcards, LibInitMocked, LibC= leanup, NULL ); + AddTestCase( PolicyTests, + "RegisterShouldAllowStateVarsForNamespaces", "VarPolicy.Po= licy.AllowStateNamespace", + RegisterShouldAllowStateVarsForNamespaces, LibInitMocked, = LibCleanup, NULL ); + AddTestCase( PolicyTests, + "RegisterShouldRejectNullPointers", "VarPolicy.Policy.Null= Pointers", + RegisterShouldRejectNullPointers, LibInitMocked, LibCleanu= p, NULL ); + AddTestCase( PolicyTests, + "RegisterShouldRejectBadRevisions", "VarPolicy.Policy.BadR= evisions", + RegisterShouldRejectBadRevisions, LibInitMocked, LibCleanu= p, NULL ); + AddTestCase( PolicyTests, + "RegisterShouldRejectBadSizes", "VarPolicy.Policy.BadSizes= ", + RegisterShouldRejectBadSizes, LibInitMocked, LibCleanup, N= ULL ); + AddTestCase( PolicyTests, + "RegisterShouldRejectBadOffsets", "VarPolicy.Policy.BadOff= sets", + RegisterShouldRejectBadOffsets, LibInitMocked, LibCleanup,= NULL ); + AddTestCase( PolicyTests, + "RegisterShouldRejectMissingStateStrings", "VarPolicy.Poli= cy.MissingStateString", + RegisterShouldRejectMissingStateStrings, LibInitMocked, Li= bCleanup, NULL ); + AddTestCase( PolicyTests, + "RegisterShouldRejectStringsMissingNull", "VarPolicy.Polic= y.MissingNull", + RegisterShouldRejectStringsMissingNull, LibInitMocked, Lib= Cleanup, NULL ); + AddTestCase( PolicyTests, + "RegisterShouldRejectMalformedStrings", "VarPolicy.Policy.= MalformedStrings", + RegisterShouldRejectMalformedStrings, LibInitMocked, LibCl= eanup, NULL ); + AddTestCase( PolicyTests, + "RegisterShouldRejectUnpackedPolicies", "VarPolicy.Policy.= PolicyPacking", + RegisterShouldRejectUnpackedPolicies, LibInitMocked, LibCl= eanup, NULL ); + AddTestCase( PolicyTests, + "RegisterShouldRejectInvalidNameCharacters", "VarPolicy.Po= licy.InvalidCharacters", + RegisterShouldRejectInvalidNameCharacters, LibInitMocked, = LibCleanup, NULL ); + AddTestCase( PolicyTests, + "RegisterShouldRejectBadPolicyConstraints", "VarPolicy.Pol= icy.BadConstraints", + RegisterShouldRejectBadPolicyConstraints, LibInitMocked, L= ibCleanup, NULL ); + AddTestCase( PolicyTests, + "RegisterShouldRejectUnknownLockPolicies", "VarPolicy.Poli= cy.BadLocks", + RegisterShouldRejectUnknownLockPolicies, LibInitMocked, Li= bCleanup, NULL ); + AddTestCase( PolicyTests, + "RegisterShouldRejectPolicesWithTooManyWildcards", "VarPol= icy.Policy.TooManyWildcards", + RegisterShouldRejectPolicesWithTooManyWildcards, LibInitMo= cked, LibCleanup, NULL ); + AddTestCase( PolicyTests, + "RegisterShouldRejectDuplicatePolicies", "VarPolicy.Policy= .DuplicatePolicies", + RegisterShouldRejectDuplicatePolicies, LibInitMocked, LibC= leanup, NULL ); + AddTestCase( PolicyTests, + "Variables that exceed min or max sizes should be rejected= ", "VarPolicy.Policy.MinMax", + MinAndMaxSizePoliciesShouldBeHonored, LibInitMocked, LibCl= eanup, NULL ); + AddTestCase( PolicyTests, + "AttributeMustPoliciesShouldBeHonored", "VarPolicy.Policy.= AttrMust", + AttributeMustPoliciesShouldBeHonored, LibInitMocked, LibCl= eanup, NULL ); + AddTestCase( PolicyTests, + "AttributeCantPoliciesShouldBeHonored", "VarPolicy.Policy.= AttrCant", + AttributeCantPoliciesShouldBeHonored, LibInitMocked, LibCl= eanup, NULL ); + AddTestCase( PolicyTests, + "VariablesShouldBeDeletableRegardlessOfSize", "VarPolicy.P= olicy.DeleteIgnoreSize", + VariablesShouldBeDeletableRegardlessOfSize, LibInitMocked,= LibCleanup, NULL ); + AddTestCase( PolicyTests, + "LockNowPoliciesShouldBeHonored", "VarPolicy.Policy.VARIAB= LE_POLICY_TYPE_LOCK_NOW", + LockNowPoliciesShouldBeHonored, LibInitMocked, LibCleanup,= NULL ); + AddTestCase( PolicyTests, + "LockOnCreatePoliciesShouldBeHonored", "VarPolicy.Policy.V= ARIABLE_POLICY_TYPE_LOCK_ON_CREATE", + LockOnCreatePoliciesShouldBeHonored, LibInitMocked, LibCle= anup, NULL ); + AddTestCase( PolicyTests, + "LockOnStatePoliciesShouldBeHonored", "VarPolicy.Policy.Lo= ckState", + LockOnStatePoliciesShouldBeHonored, LibInitMocked, LibClea= nup, NULL ); + AddTestCase( PolicyTests, + "LockOnStatePoliciesShouldApplyToNamespaces", "VarPolicy.P= olicy.NamespaceLockState", + LockOnStatePoliciesShouldApplyToNamespaces, LibInitMocked,= LibCleanup, NULL ); + AddTestCase( PolicyTests, + "LockOnStateShouldHandleErrorsGracefully", "VarPolicy.Poli= cy.LockStateErrors", + LockOnStateShouldHandleErrorsGracefully, LibInitMocked, Li= bCleanup, NULL ); + AddTestCase( PolicyTests, + "BestMatchPriorityShouldBeObeyed", "VarPolicy.Policy.BestM= atch", + BestMatchPriorityShouldBeObeyed, LibInitMocked, LibCleanup= , NULL ); + + Status =3D CreateUnitTestSuite( &UtilityTests, Framework, "Variable Poli= cy Utility Tests", "VarPolicy.Utility", NULL, NULL ); + if (EFI_ERROR( Status )) + { + DEBUG((DEBUG_ERROR, "Failed in CreateUnitTestSuite for UtilityTests\n"= )); + Status =3D EFI_OUT_OF_RESOURCES; + goto EXIT; + } + AddTestCase( UtilityTests, + "API commands that change state should not respond after i= nterface is locked", "VarPolicy.Utility.InterfaceLock", + ShouldBeAbleToLockInterface, LibInitMocked, LibCleanup, NU= LL ); + AddTestCase( UtilityTests, + "All policies should pass once enforcement is disabled", "= VarPolicy.Utility.DisableEnforcement", + ShouldBeAbleToDisablePolicyEnforcement, LibInitMocked, Lib= Cleanup, NULL ); + AddTestCase( UtilityTests, + "Disabling enforcement twice should produce an error", "Va= rPolicy.Utility.DisableEnforcementTwice", + ShouldNotBeAbleToDisablePoliciesTwice, LibInitMocked, LibC= leanup, NULL ); + AddTestCase( UtilityTests, + "ShouldBeAbleToAddNewPoliciesAfterDisabled", "VarPolicy.Ut= ility.AddAfterDisable", + ShouldBeAbleToAddNewPoliciesAfterDisabled, LibInitMocked, = LibCleanup, NULL ); + AddTestCase( UtilityTests, + "ShouldBeAbleToLockAfterDisabled", "VarPolicy.Utility.Lock= AfterDisable", + ShouldBeAbleToLockAfterDisabled, LibInitMocked, LibCleanup= , NULL ); + AddTestCase( UtilityTests, + "Should be able to dump the policy table", "VarPolicy.Util= ity.DumpTable", + ShouldBeAbleToDumpThePolicyTable, LibInitMocked, LibCleanu= p, NULL ); + AddTestCase( UtilityTests, + "ShouldBeAbleToDumpThePolicyTableAfterDisabled", "VarPolic= y.Utility.DumpTableAfterDisable", + ShouldBeAbleToDumpThePolicyTableAfterDisabled, LibInitMock= ed, LibCleanup, NULL ); + + + // + // Execute the tests. + // + Status =3D RunAllTestSuites( Framework ); + +EXIT: + if (Framework !=3D NULL) + { + FreeUnitTestFramework( Framework ); + } + + return Status; +} diff --git a/MdeModulePkg/Include/Library/VariablePolicyLib.h b/MdeModulePk= g/Include/Library/VariablePolicyLib.h new file mode 100644 index 000000000000..efd1840112ec --- /dev/null +++ b/MdeModulePkg/Include/Library/VariablePolicyLib.h @@ -0,0 +1,207 @@ +/** @file -- VariablePolicyLib.h +Business logic for Variable Policy enforcement. + +Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef _VARIABLE_POLICY_LIB_H_ +#define _VARIABLE_POLICY_LIB_H_ + +#include + +/** + This API function validates and registers a new policy with + the policy enforcement engine. + + @param[in] NewPolicy Pointer to the incoming policy structure. + + @retval EFI_SUCCESS + @retval EFI_INVALID_PARAMETER NewPolicy is NULL or is internally i= nconsistent. + @retval EFI_ALREADY_STARTED An identical matching policy already= exists. + @retval EFI_WRITE_PROTECTED The interface has been locked until = the next reboot. + @retval EFI_UNSUPPORTED Policy enforcement has been disabled= . No reason to add more policies. + @retval EFI_ABORTED A calculation error has prevented th= is function from completing. + @retval EFI_OUT_OF_RESOURCES Cannot grow the table to hold any mo= re policies. + @retval EFI_NOT_READY Library has not yet been initialized. + +**/ +EFI_STATUS +EFIAPI +RegisterVariablePolicy ( + IN CONST VARIABLE_POLICY_ENTRY *NewPolicy + ); + + +/** + This API function checks to see whether the parameters to SetVariable wo= uld + be allowed according to the current variable policies. + + @param[in] VariableName Same as EFI_SET_VARIABLE. + @param[in] VendorGuid Same as EFI_SET_VARIABLE. + @param[in] Attributes Same as EFI_SET_VARIABLE. + @param[in] DataSize Same as EFI_SET_VARIABLE. + @param[in] Data Same as EFI_SET_VARIABLE. + + @retval EFI_SUCCESS A matching policy allows this update. + @retval EFI_SUCCESS There are currently no policies that= restrict this update. + @retval EFI_SUCCESS The protections have been disable un= til the next reboot. + @retval EFI_WRITE_PROTECTED Variable is currently locked. + @retval EFI_INVALID_PARAMETER Attributes or size are invalid. + @retval EFI_ABORTED A lock policy exists, but an error p= revented evaluation. + @retval EFI_NOT_READY Library has not been initialized. + +**/ +EFI_STATUS +EFIAPI +ValidateSetVariable ( + IN CHAR16 *VariableName, + IN EFI_GUID *VendorGuid, + IN UINT32 Attributes, + IN UINTN DataSize, + IN VOID *Data + ); + + +/** + This API function disables the variable policy enforcement. If it's + already been called once, will return EFI_ALREADY_STARTED. + + @retval EFI_SUCCESS + @retval EFI_ALREADY_STARTED Has already been called once this boot. + @retval EFI_WRITE_PROTECTED Interface has been locked until reboot. + @retval EFI_WRITE_PROTECTED Interface option is disabled by platfo= rm PCD. + @retval EFI_NOT_READY Library has not yet been initialized. + +**/ +EFI_STATUS +EFIAPI +DisableVariablePolicy ( + VOID + ); + + +/** + This API function will dump the entire contents of the variable policy t= able. + + Similar to GetVariable, the first call can be made with a 0 size and it = will return + the size of the buffer required to hold the entire table. + + @param[out] Policy Pointer to the policy buffer. Can be NULL if Siz= e is 0. + @param[in,out] Size On input, the size of the output buffer. On outp= ut, the size + of the data returned. + + @retval EFI_SUCCESS Policy data is in the output buffer = and Size has been updated. + @retval EFI_INVALID_PARAMETER Size is NULL, or Size is non-zero an= d Policy is NULL. + @retval EFI_BUFFER_TOO_SMALL Size is insufficient to hold policy.= Size updated with required size. + @retval EFI_NOT_READY Library has not yet been initialized. + +**/ +EFI_STATUS +EFIAPI +DumpVariablePolicy ( + OUT UINT8 *Policy, + IN OUT UINT32 *Size + ); + + +/** + This API function returns whether or not the policy engine is + currently being enforced. + + @retval TRUE + @retval FALSE + @retval FALSE Library has not yet been initialized. + +**/ +BOOLEAN +EFIAPI +IsVariablePolicyEnabled ( + VOID + ); + + +/** + This API function locks the interface so that no more policy updates + can be performed or changes made to the enforcement until the next boot. + + @retval EFI_SUCCESS + @retval EFI_NOT_READY Library has not yet been initialized. + +**/ +EFI_STATUS +EFIAPI +LockVariablePolicy ( + VOID + ); + + +/** + This API function returns whether or not the policy interface is locked + for the remainder of the boot. + + @retval TRUE + @retval FALSE + @retval FALSE Library has not yet been initialized. + +**/ +BOOLEAN +EFIAPI +IsVariablePolicyInterfaceLocked ( + VOID + ); + + +/** + This helper function initializes the library and sets + up any required internal structures or handlers. + + Also registers the internal pointer for the GetVariable helper. + + @param[in] GetVariableHelper A function pointer matching the EFI_GET_VA= RIABLE prototype that will be used to + check policy criteria that involve the existence of othe= r variables. + + @retval EFI_SUCCESS + @retval EFI_ALREADY_STARTED The initialize function has been calle= d more than once without a call to + deinitialize. + +**/ +EFI_STATUS +EFIAPI +InitVariablePolicyLib ( + IN EFI_GET_VARIABLE GetVariableHelper + ); + + +/** + This helper function returns whether or not the library is currently ini= tialized. + + @retval TRUE + @retval FALSE + +**/ +BOOLEAN +EFIAPI +IsVariablePolicyLibInitialized ( + VOID + ); + + +/** + This helper function tears down the library. + + Should generally only be used for test harnesses. + + @retval EFI_SUCCESS + @retval EFI_NOT_READY Deinitialize was called without first call= ing initialize. + +**/ +EFI_STATUS +EFIAPI +DeinitVariablePolicyLib ( + VOID + ); + + +#endif // _VARIABLE_POLICY_LIB_H_ diff --git a/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf b= /MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf new file mode 100644 index 000000000000..f4a879d5382f --- /dev/null +++ b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf @@ -0,0 +1,44 @@ +## @file VariablePolicyLib.inf +# Business logic for Variable Policy enforcement. +# +## +# Copyright (c) Microsoft Corporation. +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + + +[Defines] + INF_VERSION =3D 0x00010017 + BASE_NAME =3D VariablePolicyLib + FILE_GUID =3D E9ECD342-159A-4F24-9FDF-65724027C594 + VERSION_STRING =3D 1.0 + MODULE_TYPE =3D DXE_DRIVER + LIBRARY_CLASS =3D VariablePolicyLib|DXE_DRIVER DXE_SMM_DRIVER MM_S= TANDALONE + +# +# The following information is for reference only and not required by the = build tools. +# +# VALID_ARCHITECTURES =3D ANY +# + + +[Sources] + VariablePolicyLib.c + VariablePolicyExtraInitNull.c + + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + + +[LibraryClasses] + DebugLib + BaseMemoryLib + MemoryAllocationLib + SafeIntLib + PcdLib + + +[Pcd] + gEfiMdeModulePkgTokenSpaceGuid.PcdAllowVariablePolicyEnforcementDisable = ## CONSUMES diff --git a/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.uni b= /MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.uni new file mode 100644 index 000000000000..2227ec427828 --- /dev/null +++ b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.uni @@ -0,0 +1,12 @@ +// /** @file +// VariablePolicyLib.uni +// +// Copyright (c) Microsoft Corporation. +// SPDX-License-Identifier: BSD-2-Clause-Patent +// +// **/ + + +#string STR_MODULE_ABSTRACT #language en-US "Library containin= g the business logic for the VariablePolicy engine" + +#string STR_MODULE_DESCRIPTION #language en-US "Library containin= g the business logic for the VariablePolicy engine" diff --git a/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntim= eDxe.inf b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeD= xe.inf new file mode 100644 index 000000000000..8b8365741864 --- /dev/null +++ b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeDxe.inf @@ -0,0 +1,51 @@ +## @file VariablePolicyLibRuntimeDxe.inf +# Business logic for Variable Policy enforcement. +# This instance is specifically for RuntimeDxe and contains +# extra routines to register for VirtualAddressChangeEvents. +# +# Copyright (c) Microsoft Corporation. +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + + +[Defines] + INF_VERSION =3D 0x00010017 + BASE_NAME =3D VariablePolicyLibRuntimeDxe + FILE_GUID =3D 205F7F0E-8EAC-4914-8390-1B90DD7E2A27 + VERSION_STRING =3D 1.0 + MODULE_TYPE =3D DXE_RUNTIME_DRIVER + LIBRARY_CLASS =3D VariablePolicyLib|DXE_RUNTIME_DRIVER + +# +# The following information is for reference only and not required by the = build tools. +# +# VALID_ARCHITECTURES =3D ANY +# + + +[Sources] + VariablePolicyLib.c + VariablePolicyExtraInitRuntimeDxe.c + + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + + +[LibraryClasses] + DebugLib + BaseMemoryLib + MemoryAllocationLib + SafeIntLib + UefiBootServicesTableLib + UefiRuntimeServicesTableLib + PcdLib + + +[Pcd] + gEfiMdeModulePkgTokenSpaceGuid.PcdAllowVariablePolicyEnforcementDisable = ## CONSUMES + + +[Guids] + gEfiEventVirtualAddressChangeGuid diff --git a/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyUnitTest/= VariablePolicyUnitTest.inf b/MdeModulePkg/Library/VariablePolicyLib/Variabl= ePolicyUnitTest/VariablePolicyUnitTest.inf new file mode 100644 index 000000000000..ccc04bb600d6 --- /dev/null +++ b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyUnitTest/Variabl= ePolicyUnitTest.inf @@ -0,0 +1,40 @@ +## @file VariablePolicyUnitTest.inf +# UnitTest for... +# Business logic for Variable Policy enforcement. +# +# Copyright (c) Microsoft Corporation. +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + + +[Defines] + INF_VERSION =3D 0x00010006 + BASE_NAME =3D VariablePolicyUnitTest + FILE_GUID =3D 1200A2E4-D756-418C-9768-528C2D181A98 + MODULE_TYPE =3D HOST_APPLICATION + VERSION_STRING =3D 1.0 + +# +# The following information is for reference only and not required by the = build tools. +# +# VALID_ARCHITECTURES =3D IA32 X64 ARM AARCH64 +# + +[Sources] + VariablePolicyUnitTest.c + + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec + + +[LibraryClasses] + BaseLib + DebugLib + UnitTestLib + PrintLib + VariablePolicyLib + BaseMemoryLib + MemoryAllocationLib diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec index 05d8ad4931f9..0b58c14e4747 100644 --- a/MdeModulePkg/MdeModulePkg.dec +++ b/MdeModulePkg/MdeModulePkg.dec @@ -31,6 +31,9 @@ [LibraryClasses] ## @libraryclass Defines a set of methods to reset whole system. ResetSystemLib|Include/Library/ResetSystemLib.h =20 + ## @libraryclass Business logic for storing and testing variable polic= ies + VariablePolicyLib|Include/Library/VariablePolicyLib.h + ## @libraryclass Defines a set of helper functions for resetting the s= ystem. ResetUtilityLib|Include/Library/ResetUtilityLib.h =20 diff --git a/MdeModulePkg/MdeModulePkg.dsc b/MdeModulePkg/MdeModulePkg.dsc index 25aea3e2a481..14b6ed536962 100644 --- a/MdeModulePkg/MdeModulePkg.dsc +++ b/MdeModulePkg/MdeModulePkg.dsc @@ -3,6 +3,7 @@ # # (C) Copyright 2014 Hewlett-Packard Development Company, L.P.
# Copyright (c) 2007 - 2019, Intel Corporation. All rights reserved.
+# Copyright (c) Microsoft Corporation. # # SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -58,6 +59,7 @@ [LibraryClasses] DxeServicesLib|MdePkg/Library/DxeServicesLib/DxeServicesLib.inf DxeServicesTableLib|MdePkg/Library/DxeServicesTableLib/DxeServicesTableL= ib.inf UefiBootManagerLib|MdeModulePkg/Library/UefiBootManagerLib/UefiBootManag= erLib.inf + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ib.inf # # Generic Modules # @@ -129,6 +131,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] DebugLib|MdePkg/Library/UefiDebugLibConOut/UefiDebugLibConOut.inf LockBoxLib|MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxDxeLib.inf CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf =20 [LibraryClasses.common.SMM_CORE] HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf @@ -306,6 +309,8 @@ [Components] MdeModulePkg/Library/BootLogoLib/BootLogoLib.inf MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf + MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf + MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeDxe.inf MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf MdeModulePkg/Library/VarCheckHiiLib/VarCheckHiiLib.inf MdeModulePkg/Library/VarCheckPcdLib/VarCheckPcdLib.inf diff --git a/MdeModulePkg/Test/MdeModulePkgHostTest.dsc b/MdeModulePkg/Test= /MdeModulePkgHostTest.dsc index 72a119db4568..095e613f1be1 100644 --- a/MdeModulePkg/Test/MdeModulePkgHostTest.dsc +++ b/MdeModulePkg/Test/MdeModulePkgHostTest.dsc @@ -19,12 +19,23 @@ [Defines] =20 !include UnitTestFrameworkPkg/UnitTestFrameworkPkgHost.dsc.inc =20 +[LibraryClasses] + SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf + [Components] MdeModulePkg/Library/DxeResetSystemLib/UnitTest/MockUefiRuntimeServicesT= ableLib.inf =20 # # Build MdeModulePkg HOST_APPLICATION Tests # + MdeModulePkg/Library/VariablePolicyLib/VariablePolicyUnitTest/VariablePo= licyUnitTest.inf { + + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePol= icyLib.inf + + + gEfiMdeModulePkgTokenSpaceGuid.PcdAllowVariablePolicyEnforcementDisa= ble|TRUE + } + MdeModulePkg/Library/DxeResetSystemLib/UnitTest/DxeResetSystemLibUnitTes= tHost.inf { ResetSystemLib|MdeModulePkg/Library/DxeResetSystemLib/DxeResetSystem= Lib.inf --=20 2.26.2.windows.1.8.g01c50adf56.20200515075929 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#61588): https://edk2.groups.io/g/devel/message/61588 Mute This Topic: https://groups.io/mt/75057697/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat Apr 20 02:53:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+61589+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61589+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1592911139; cv=none; d=zohomail.com; s=zohoarc; b=jCwfLyZ+cxm2VhGhnWPqqxogE3rKmoNGJPd5BLA0H1jmzqjYsn9QyU+lrkJRf07lIMbhIMb0K0l3CMGe3ar/JFNigH5KmMsIP2mEza24eXyie80lgtaJbx4+6d5/rBfHv+N5Sv5FUbPGFY9q/JdD5OGpp5ZCd9/eVMA3cydKPvg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1592911139; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=vFJAusOkvaqVTgnnhaklMSl+6owN52eCsBtuD4c5FTc=; b=MatalvQJPdcSAWsEkapAPj5sHDklPzwFQBuO882P3M35K6oq5dLrqoCMjmtT/vPI+yyRrIlx0NxjwVA6xyVX5kRayuiyGrK212oH3FGpRriL33kiDUml13NPToxL1FmiOuOsCz4zbjq2sPmDx/hKzoBDQHtfyk5t4t8bwSCQMSI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61589+1787277+3901457@groups.io Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1592911139298255.01338760458702; Tue, 23 Jun 2020 04:18:59 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id mDJhYY1788612xnHjn70ystt; Tue, 23 Jun 2020 04:18:58 -0700 X-Received: from mail-pl1-f179.google.com (mail-pl1-f179.google.com [209.85.214.179]) by mx.groups.io with SMTP id smtpd.web10.1720.1592894694377311301 for ; Mon, 22 Jun 2020 23:44:54 -0700 X-Received: by mail-pl1-f179.google.com with SMTP id x11so8701920plo.7 for ; Mon, 22 Jun 2020 23:44:54 -0700 (PDT) X-Gm-Message-State: cjb62UQ4Sl0MApMFNriTRT19x1787277AA= X-Google-Smtp-Source: ABdhPJzp4YHhkATqfuxUGmANmVpZVS3iC4W9i0nR67aW5YVeTfwfqVKErlY4kamkw+rq4TeBgC2bLA== X-Received: by 2002:a17:90a:3324:: with SMTP id m33mr22443004pjb.181.1592894693502; Mon, 22 Jun 2020 23:44:53 -0700 (PDT) X-Received: from localhost.localdomain (174-21-80-75.tukw.qwest.net. [174.21.80.75]) by smtp.gmail.com with ESMTPSA id d6sm1383818pjh.5.2020.06.22.23.44.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Jun 2020 23:44:53 -0700 (PDT) From: "Bret Barkelew" X-Google-Original-From: Bret Barkelew To: devel@edk2.groups.io Cc: Jian J Wang , Hao A Wu , Liming Gao Subject: [edk2-devel] [PATCH v6 03/14] MdeModulePkg: Define the VariablePolicyHelperLib Date: Mon, 22 Jun 2020 23:40:53 -0700 Message-Id: <20200623064104.1908-4-brbarkel@microsoft.com> In-Reply-To: <20200623064104.1908-1-brbarkel@microsoft.com> References: <20200623064104.1908-1-brbarkel@microsoft.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,bret@corthon.com Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1592911138; bh=Q5l69H7YlJNnivewCyyC/pNhMC7QXSAM/xeY/GmV/Qc=; h=Cc:Date:From:Reply-To:Subject:To; b=lRjv03yCffQT2QMvw2nNS4kx35UlVML88RPfPrzPc7HCT/aw7Y0dfolgLXfkp8d/u/z j6HhCjFFA8+HkX0RGVWJzG6AoHv1PqzTps8z8+dekCHsGhkxgAEQwQBdlj4Sid/qXKwe8 Sc5bRqFPBHqtBOht3/WTrfRAM6vqVLiU56U= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" https://bugzilla.tianocore.org/show_bug.cgi?id=3D2522 VariablePolicy is an updated interface to replace VarLock and VarCheckProtocol. Add the VariablePolicyHelperLib library, containing several functions to help with the repetitive process of creating a correctly structured and packed VariablePolicy entry. Cc: Jian J Wang Cc: Hao A Wu Cc: Liming Gao Cc: Bret Barkelew Signed-off-by: Bret Barkelew --- MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.c |= 396 ++++++++++++++++++++ MdeModulePkg/Include/Library/VariablePolicyHelperLib.h |= 164 ++++++++ MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf |= 35 ++ MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.uni |= 12 + MdeModulePkg/MdeModulePkg.dec |= 5 + MdeModulePkg/MdeModulePkg.dsc |= 2 + 6 files changed, 614 insertions(+) diff --git a/MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHel= perLib.c b/MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelpe= rLib.c new file mode 100644 index 000000000000..0c9299c8b0e1 --- /dev/null +++ b/MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.c @@ -0,0 +1,396 @@ +/** @file -- VariablePolicyHelperLib.c +This library contains helper functions for marshalling and registering +new policies with the VariablePolicy infrastructure. + +This library is currently written against VariablePolicy revision 0x000100= 00. + +Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include + +#include +#include +#include +#include + +#include + +/** + This internal helper function populates the header structure, + all common fields, and takes care of fix-ups. + + NOTE: Only use this internally. Assumes correctly-sized buffers. + + @param[out] EntPtr Pointer to the buffer to be populated. + @param[in] Namespace Pointer to an EFI_GUID for the target variable n= amespace that this policy will protect. + @param[in] MinSize MinSize for the VariablePolicy. + @param[in] MaxSize MaxSize for the VariablePolicy. + @param[in] AttributesMustHave AttributesMustHave for the VariablePol= icy. + @param[in] AttributesCantHave AttributesCantHave for the VariablePol= icy. + @param[in] LockPolicyType LockPolicyType for the VariablePolicy. + +**/ +STATIC +VOID +PopulateCommonData ( + OUT VARIABLE_POLICY_ENTRY *EntPtr, + IN CONST EFI_GUID *Namespace, + IN UINT32 MinSize, + IN UINT32 MaxSize, + IN UINT32 AttributesMustHave, + IN UINT32 AttributesCantHave, + IN UINT8 LockPolicyType + ) +{ + EntPtr->Version =3D VARIABLE_POLICY_ENTRY_REVISION; + CopyGuid( &EntPtr->Namespace, Namespace ); + EntPtr->MinSize =3D MinSize; + EntPtr->MaxSize =3D MaxSize; + EntPtr->AttributesMustHave =3D AttributesMustHave; + EntPtr->AttributesCantHave =3D AttributesCantHave; + EntPtr->LockPolicyType =3D LockPolicyType; + + // NOTE: As a heler, fix up MaxSize for compatibility with the old model. + if (EntPtr->MaxSize =3D=3D 0) { + EntPtr->MaxSize =3D VARIABLE_POLICY_NO_MAX_SIZE; + } + + return; +} + + +/** + This helper function will allocate and populate a new VariablePolicy + structure for a policy that does not contain any sub-structures (such as + VARIABLE_LOCK_ON_VAR_STATE_POLICY). + + NOTE: Caller will need to free structure once finished. + + @param[in] Namespace Pointer to an EFI_GUID for the target variable n= amespace that this policy will protect. + @param[in] Name [Optional] If provided, a pointer to the CHAR16 = array for the target variable name. + Otherwise, will create a policy that targets an = entire namespace. + @param[in] MinSize MinSize for the VariablePolicy. + @param[in] MaxSize MaxSize for the VariablePolicy. + @param[in] AttributesMustHave AttributesMustHave for the VariablePol= icy. + @param[in] AttributesCantHave AttributesCantHave for the VariablePol= icy. + @param[in] LockPolicyType LockPolicyType for the VariablePolicy. + @param[out] NewEntry If successful, will be set to a pointer to the a= llocated buffer containing the + new policy. + + @retval EFI_SUCCESS Operation completed successfully and= structure is populated. + @retval EFI_INVALID_PARAMETER Namespace is NULL. + @retval EFI_INVALID_PARAMETER LockPolicyType is invalid for a basi= c structure. + @retval EFI_BUFFER_TOO_SMALL Finished structure would not fit in = UINT16 size. + @retval EFI_OUT_OF_RESOURCES Could not allocate sufficient space = for structure. + +**/ +EFI_STATUS +EFIAPI +CreateBasicVariablePolicy ( + IN CONST EFI_GUID *Namespace, + IN CONST CHAR16 *Name OPTIONAL, + IN UINT32 MinSize, + IN UINT32 MaxSize, + IN UINT32 AttributesMustHave, + IN UINT32 AttributesCantHave, + IN UINT8 LockPolicyType, + OUT VARIABLE_POLICY_ENTRY **NewEntry + ) +{ + UINTN TotalSize; + UINTN NameSize; + VARIABLE_POLICY_ENTRY *EntPtr; + CHAR16 *CopyName; + + // Check some initial invalid parameters for this function. + if (Namespace =3D=3D NULL || NewEntry =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + if (LockPolicyType !=3D VARIABLE_POLICY_TYPE_NO_LOCK && + LockPolicyType !=3D VARIABLE_POLICY_TYPE_LOCK_NOW && + LockPolicyType !=3D VARIABLE_POLICY_TYPE_LOCK_ON_CREATE) { + return EFI_INVALID_PARAMETER; + } + + // Now we've gotta determine the total size of the buffer required for + // the VariablePolicy structure. + TotalSize =3D sizeof( VARIABLE_POLICY_ENTRY ); + if (Name !=3D NULL) { + NameSize =3D StrnSizeS( Name, MAX_UINT16 ); + TotalSize +=3D NameSize; + } + // Make sure the size fits within a VARIABLE_POLICY_ENTRY.Size. + ASSERT( TotalSize <=3D MAX_UINT16 ); + if (TotalSize > MAX_UINT16) { + return EFI_BUFFER_TOO_SMALL; + } + + // Allocate a buffer to hold all the data. We're on the home stretch. + *NewEntry =3D AllocatePool( TotalSize ); + if (*NewEntry =3D=3D NULL) { + return EFI_OUT_OF_RESOURCES; + } + + // If we're still here, we're basically done. + // Copy the data and GET... OUT.... + EntPtr =3D *NewEntry; + PopulateCommonData ( EntPtr, + Namespace, + MinSize, + MaxSize, + AttributesMustHave, + AttributesCantHave, + LockPolicyType ); + EntPtr->Size =3D (UINT16)TotalSize; // This is safe = because we've already checked. + EntPtr->OffsetToName =3D sizeof(VARIABLE_POLICY_ENTRY); + if (Name !=3D NULL) { + CopyName =3D (CHAR16*)((UINT8*)EntPtr + EntPtr->OffsetToName); + CopyMem( CopyName, Name, NameSize ); + } + + return EFI_SUCCESS; +} + + +/** + This helper function will allocate and populate a new VariablePolicy + structure for a policy with a lock type of VARIABLE_POLICY_TYPE_LOCK_ON_= VAR_STATE. + + NOTE: Caller will need to free structure once finished. + + @param[in] Namespace Pointer to an EFI_GUID for the target variable n= amespace that this policy will protect. + @param[in] Name [Optional] If provided, a pointer to the CHAR16 = array for the target variable name. + Otherwise, will create a policy that targets an = entire namespace. + @param[in] MinSize MinSize for the VariablePolicy. + @param[in] MaxSize MaxSize for the VariablePolicy. + @param[in] AttributesMustHave AttributesMustHave for the VariablePol= icy. + @param[in] AttributesCantHave AttributesCantHave for the VariablePol= icy. + @param[in] VarStateNamespace Pointer to the EFI_GUID for the VARIAB= LE_LOCK_ON_VAR_STATE_POLICY.Namespace. + @param[in] VarStateValue Value for the VARIABLE_LOCK_ON_VAR_STA= TE_POLICY.Value. + @param[in] VarStateName Pointer to the CHAR16 array for the VA= RIABLE_LOCK_ON_VAR_STATE_POLICY.Name. + @param[out] NewEntry If successful, will be set to a pointer to the a= llocated buffer containing the + new policy. + + @retval EFI_SUCCESS Operation completed successfully and= structure is populated. + @retval EFI_INVALID_PARAMETER Namespace, VarStateNamespace, VarSta= teName is NULL. + @retval EFI_BUFFER_TOO_SMALL Finished structure would not fit in = UINT16 size. + @retval EFI_OUT_OF_RESOURCES Could not allocate sufficient space = for structure. + +**/ +EFI_STATUS +EFIAPI +CreateVarStateVariablePolicy ( + IN CONST EFI_GUID *Namespace, + IN CONST CHAR16 *Name OPTIONAL, + IN UINT32 MinSize, + IN UINT32 MaxSize, + IN UINT32 AttributesMustHave, + IN UINT32 AttributesCantHave, + IN CONST EFI_GUID *VarStateNamespace, + IN UINT8 VarStateValue, + IN CONST CHAR16 *VarStateName, + OUT VARIABLE_POLICY_ENTRY **NewEntry + ) +{ + UINTN TotalSize; + UINTN NameSize; + UINTN VarStateNameSize; + VARIABLE_POLICY_ENTRY *EntPtr; + CHAR16 *CopyName; + VARIABLE_LOCK_ON_VAR_STATE_POLICY *CopyPolicy; + + // Check some initial invalid parameters for this function. + if (Namespace =3D=3D NULL || VarStateNamespace =3D=3D NULL || + VarStateName =3D=3D NULL || NewEntry =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + + // Now we've gotta determine the total size of the buffer required for + // the VariablePolicy structure. + VarStateNameSize =3D StrnSizeS( VarStateName, MAX_UINT16 ); + TotalSize =3D sizeof( VARIABLE_POLICY_ENTRY ) + + sizeof(VARIABLE_LOCK_ON_VAR_STATE_POLICY) + + VarStateNameSize; + if (Name !=3D NULL) { + NameSize =3D StrnSizeS( Name, MAX_UINT16 ); + TotalSize +=3D NameSize; + } + // Make sure the size fits within a VARIABLE_POLICY_ENTRY.Size. + ASSERT( TotalSize <=3D MAX_UINT16 ); + if (TotalSize > MAX_UINT16) { + return EFI_BUFFER_TOO_SMALL; + } + + // Allocate a buffer to hold all the data. We're on the home stretch. + *NewEntry =3D AllocatePool( TotalSize ); + if (*NewEntry =3D=3D NULL) { + return EFI_OUT_OF_RESOURCES; + } + + // If we're still here, we're basically done. + // Copy the data and GET... OUT.... + EntPtr =3D *NewEntry; + PopulateCommonData ( EntPtr, + Namespace, + MinSize, + MaxSize, + AttributesMustHave, + AttributesCantHave, + VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE ); + EntPtr->Size =3D (UINT16)TotalSize; // This is safe = because we've already checked. + EntPtr->OffsetToName =3D sizeof(VARIABLE_POLICY_ENTRY) + + sizeof(VARIABLE_LOCK_ON_VAR_STATE_POLICY) + + (UINT16)VarStateNameSize; + + CopyPolicy =3D (VARIABLE_LOCK_ON_VAR_STATE_POLICY*)((UINT8*)EntPtr + siz= eof(VARIABLE_POLICY_ENTRY)); + CopyName =3D (CHAR16*)((UINT8*)CopyPolicy + sizeof(VARIABLE_LOCK_ON_VAR_= STATE_POLICY)); + CopyGuid( &CopyPolicy->Namespace, VarStateNamespace ); + CopyPolicy->Value =3D VarStateValue; + CopyMem( CopyName, VarStateName, VarStateNameSize ); + + if (Name !=3D NULL) { + CopyName =3D (CHAR16*)((UINT8*)EntPtr + EntPtr->OffsetToName); + CopyMem( CopyName, Name, NameSize ); + } + + return EFI_SUCCESS; +} + + +/** + This helper function does everything that CreateBasicVariablePolicy() do= es, but also + uses the passed in protocol to register the policy with the infrastructu= re. + Does not return a buffer, does not require the caller to free anything. + + @param[in] VariablePolicy Pointer to a valid instance of the VariableP= olicy protocol. + @param[in] Namespace Pointer to an EFI_GUID for the target variable n= amespace that this policy will protect. + @param[in] Name [Optional] If provided, a pointer to the CHAR16 = array for the target variable name. + Otherwise, will create a policy that targets an = entire namespace. + @param[in] MinSize MinSize for the VariablePolicy. + @param[in] MaxSize MaxSize for the VariablePolicy. + @param[in] AttributesMustHave AttributesMustHave for the VariablePol= icy. + @param[in] AttributesCantHave AttributesCantHave for the VariablePol= icy. + @param[in] LockPolicyType LockPolicyType for the VariablePolicy. + + @retval EFI_INVALID_PARAMETER VariablePolicy pointer is NULL. + @retval EFI_STATUS Status returned by CreateBasicVariable= Policy() or RegisterVariablePolicy(). + +**/ +EFI_STATUS +EFIAPI +RegisterBasicVariablePolicy ( + IN EDKII_VARIABLE_POLICY_PROTOCOL *VariablePolicy, + IN CONST EFI_GUID *Namespace, + IN CONST CHAR16 *Name OPTIONAL, + IN UINT32 MinSize, + IN UINT32 MaxSize, + IN UINT32 AttributesMustHave, + IN UINT32 AttributesCantHave, + IN UINT8 LockPolicyType + ) +{ + VARIABLE_POLICY_ENTRY *NewEntry; + EFI_STATUS Status; + + // Check the simple things. + if (VariablePolicy =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + + // Create the new entry and make sure that everything worked. + NewEntry =3D NULL; + Status =3D CreateBasicVariablePolicy( Namespace, + Name, + MinSize, + MaxSize, + AttributesMustHave, + AttributesCantHave, + LockPolicyType, + &NewEntry ); + + // If that was successful, attempt to register the new policy. + if (!EFI_ERROR( Status )) { + Status =3D VariablePolicy->RegisterVariablePolicy( NewEntry ); + } + + // If we allocated the buffer, free the buffer. + if (NewEntry !=3D NULL) { + FreePool( NewEntry ); + } + + return Status; +} + + +/** + This helper function does everything that CreateBasicVariablePolicy() do= es, but also + uses the passed in protocol to register the policy with the infrastructu= re. + Does not return a buffer, does not require the caller to free anything. + + @param[in] VariablePolicy Pointer to a valid instance of the VariableP= olicy protocol. + @param[in] Namespace Pointer to an EFI_GUID for the target variable n= amespace that this policy will protect. + @param[in] Name [Optional] If provided, a pointer to the CHAR16 = array for the target variable name. + Otherwise, will create a policy that targets an = entire namespace. + @param[in] MinSize MinSize for the VariablePolicy. + @param[in] MaxSize MaxSize for the VariablePolicy. + @param[in] AttributesMustHave AttributesMustHave for the VariablePol= icy. + @param[in] AttributesCantHave AttributesCantHave for the VariablePol= icy. + @param[in] VarStateNamespace Pointer to the EFI_GUID for the VARIAB= LE_LOCK_ON_VAR_STATE_POLICY.Namespace. + @param[in] VarStateName Pointer to the CHAR16 array for the VA= RIABLE_LOCK_ON_VAR_STATE_POLICY.Name. + @param[in] VarStateValue Value for the VARIABLE_LOCK_ON_VAR_STA= TE_POLICY.Value. + + @retval EFI_INVALID_PARAMETER VariablePolicy pointer is NULL. + @retval EFI_STATUS Status returned by CreateBasicVariablePolicy()= or RegisterVariablePolicy(). + +**/ +EFI_STATUS +EFIAPI +RegisterVarStateVariablePolicy ( + IN EDKII_VARIABLE_POLICY_PROTOCOL *VariablePolicy, + IN CONST EFI_GUID *Namespace, + IN CONST CHAR16 *Name OPTIONAL, + IN UINT32 MinSize, + IN UINT32 MaxSize, + IN UINT32 AttributesMustHave, + IN UINT32 AttributesCantHave, + IN CONST EFI_GUID *VarStateNamespace, + IN CONST CHAR16 *VarStateName, + IN UINT8 VarStateValue + ) +{ + VARIABLE_POLICY_ENTRY *NewEntry; + EFI_STATUS Status; + + // Check the simple things. + if (VariablePolicy =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + + // Create the new entry and make sure that everything worked. + NewEntry =3D NULL; + Status =3D CreateVarStateVariablePolicy( Namespace, + Name, + MinSize, + MaxSize, + AttributesMustHave, + AttributesCantHave, + VarStateNamespace, + VarStateValue, + VarStateName, + &NewEntry ); + + // If that was successful, attempt to register the new policy. + if (!EFI_ERROR( Status )) { + Status =3D VariablePolicy->RegisterVariablePolicy( NewEntry ); + } + + // If we allocated the buffer, free the buffer. + if (NewEntry !=3D NULL) { + FreePool( NewEntry ); + } + + return Status; +} diff --git a/MdeModulePkg/Include/Library/VariablePolicyHelperLib.h b/MdeMo= dulePkg/Include/Library/VariablePolicyHelperLib.h new file mode 100644 index 000000000000..3b75e9786094 --- /dev/null +++ b/MdeModulePkg/Include/Library/VariablePolicyHelperLib.h @@ -0,0 +1,164 @@ +/** @file -- VariablePolicyHelperLib.h +This library contains helper functions for marshalling and registering +new policies with the VariablePolicy infrastructure. + +Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef _EDKII_VARIABLE_POLICY_HELPER_LIB_H_ +#define _EDKII_VARIABLE_POLICY_HELPER_LIB_H_ + +#include + +/** + This helper function will allocate and populate a new VariablePolicy + structure for a policy that does not contain any sub-structures (such as + VARIABLE_LOCK_ON_VAR_STATE_POLICY). + + NOTE: Caller will need to free structure once finished. + + @param[in] Namespace Pointer to an EFI_GUID for the target variable n= amespace that this policy will protect. + @param[in] Name [Optional] If provided, a pointer to the CHAR16 = array for the target variable name. + Otherwise, will create a policy that targets an = entire namespace. + @param[in] MinSize MinSize for the VariablePolicy. + @param[in] MaxSize MaxSize for the VariablePolicy. + @param[in] AttributesMustHave AttributesMustHave for the VariablePol= icy. + @param[in] AttributesCantHave AttributesCantHave for the VariablePol= icy. + @param[in] LockPolicyType LockPolicyType for the VariablePolicy. + @param[out] NewEntry If successful, will be set to a pointer to the a= llocated buffer containing the + new policy. + + @retval EFI_SUCCESS Operation completed successfully and= structure is populated. + @retval EFI_INVALID_PARAMETER Namespace is NULL. + @retval EFI_INVALID_PARAMETER LockPolicyType is invalid for a basi= c structure. + @retval EFI_BUFFER_TOO_SMALL Finished structure would not fit in = UINT16 size. + @retval EFI_OUT_OF_RESOURCES Could not allocate sufficient space = for structure. + +**/ +EFI_STATUS +EFIAPI +CreateBasicVariablePolicy ( + IN CONST EFI_GUID *Namespace, + IN CONST CHAR16 *Name OPTIONAL, + IN UINT32 MinSize, + IN UINT32 MaxSize, + IN UINT32 AttributesMustHave, + IN UINT32 AttributesCantHave, + IN UINT8 LockPolicyType, + OUT VARIABLE_POLICY_ENTRY **NewEntry + ); + + +/** + This helper function will allocate and populate a new VariablePolicy + structure for a policy with a lock type of VARIABLE_POLICY_TYPE_LOCK_ON_= VAR_STATE. + + NOTE: Caller will need to free structure once finished. + + @param[in] Namespace Pointer to an EFI_GUID for the target variable n= amespace that this policy will protect. + @param[in] Name [Optional] If provided, a pointer to the CHAR16 = array for the target variable name. + Otherwise, will create a policy that targets an = entire namespace. + @param[in] MinSize MinSize for the VariablePolicy. + @param[in] MaxSize MaxSize for the VariablePolicy. + @param[in] AttributesMustHave AttributesMustHave for the VariablePol= icy. + @param[in] AttributesCantHave AttributesCantHave for the VariablePol= icy. + @param[in] VarStateNamespace Pointer to the EFI_GUID for the VARIAB= LE_LOCK_ON_VAR_STATE_POLICY.Namespace. + @param[in] VarStateValue Value for the VARIABLE_LOCK_ON_VAR_STA= TE_POLICY.Value. + @param[in] VarStateName Pointer to the CHAR16 array for the VA= RIABLE_LOCK_ON_VAR_STATE_POLICY.Name. + @param[out] NewEntry If successful, will be set to a pointer to the a= llocated buffer containing the + new policy. + + @retval EFI_SUCCESS Operation completed successfully and= structure is populated. + @retval EFI_INVALID_PARAMETER Namespace, VarStateNamespace, VarSta= teName is NULL. + @retval EFI_BUFFER_TOO_SMALL Finished structure would not fit in = UINT16 size. + @retval EFI_OUT_OF_RESOURCES Could not allocate sufficient space = for structure. + +**/ +EFI_STATUS +EFIAPI +CreateVarStateVariablePolicy ( + IN CONST EFI_GUID *Namespace, + IN CONST CHAR16 *Name OPTIONAL, + IN UINT32 MinSize, + IN UINT32 MaxSize, + IN UINT32 AttributesMustHave, + IN UINT32 AttributesCantHave, + IN CONST EFI_GUID *VarStateNamespace, + IN UINT8 VarStateValue, + IN CONST CHAR16 *VarStateName, + OUT VARIABLE_POLICY_ENTRY **NewEntry + ); + + +/** + This helper function does everything that CreateBasicVariablePolicy() do= es, but also + uses the passed in protocol to register the policy with the infrastructu= re. + Does not return a buffer, does not require the caller to free anything. + + @param[in] VariablePolicy Pointer to a valid instance of the VariableP= olicy protocol. + @param[in] Namespace Pointer to an EFI_GUID for the target variable n= amespace that this policy will protect. + @param[in] Name [Optional] If provided, a pointer to the CHAR16 = array for the target variable name. + Otherwise, will create a policy that targets an = entire namespace. + @param[in] MinSize MinSize for the VariablePolicy. + @param[in] MaxSize MaxSize for the VariablePolicy. + @param[in] AttributesMustHave AttributesMustHave for the VariablePol= icy. + @param[in] AttributesCantHave AttributesCantHave for the VariablePol= icy. + @param[in] LockPolicyType LockPolicyType for the VariablePolicy. + + @retval EFI_INVALID_PARAMETER VariablePolicy pointer is NULL. + @retval EFI_STATUS Status returned by CreateBasicVariable= Policy() or RegisterVariablePolicy(). + +**/ +EFI_STATUS +EFIAPI +RegisterBasicVariablePolicy ( + IN EDKII_VARIABLE_POLICY_PROTOCOL *VariablePolicy, + IN CONST EFI_GUID *Namespace, + IN CONST CHAR16 *Name OPTIONAL, + IN UINT32 MinSize, + IN UINT32 MaxSize, + IN UINT32 AttributesMustHave, + IN UINT32 AttributesCantHave, + IN UINT8 LockPolicyType + ); + + +/** + This helper function does everything that CreateBasicVariablePolicy() do= es, but also + uses the passed in protocol to register the policy with the infrastructu= re. + Does not return a buffer, does not require the caller to free anything. + + @param[in] VariablePolicy Pointer to a valid instance of the VariableP= olicy protocol. + @param[in] Namespace Pointer to an EFI_GUID for the target variable n= amespace that this policy will protect. + @param[in] Name [Optional] If provided, a pointer to the CHAR16 = array for the target variable name. + Otherwise, will create a policy that targets an = entire namespace. + @param[in] MinSize MinSize for the VariablePolicy. + @param[in] MaxSize MaxSize for the VariablePolicy. + @param[in] AttributesMustHave AttributesMustHave for the VariablePol= icy. + @param[in] AttributesCantHave AttributesCantHave for the VariablePol= icy. + @param[in] VarStateNamespace Pointer to the EFI_GUID for the VARIAB= LE_LOCK_ON_VAR_STATE_POLICY.Namespace. + @param[in] VarStateName Pointer to the CHAR16 array for the VA= RIABLE_LOCK_ON_VAR_STATE_POLICY.Name. + @param[in] VarStateValue Value for the VARIABLE_LOCK_ON_VAR_STA= TE_POLICY.Value. + + @retval EFI_INVALID_PARAMETER VariablePolicy pointer is NULL. + @retval EFI_STATUS Status returned by CreateBasicVariablePolicy()= or RegisterVariablePolicy(). + +**/ +EFI_STATUS +EFIAPI +RegisterVarStateVariablePolicy ( + IN EDKII_VARIABLE_POLICY_PROTOCOL *VariablePolicy, + IN CONST EFI_GUID *Namespace, + IN CONST CHAR16 *Name OPTIONAL, + IN UINT32 MinSize, + IN UINT32 MaxSize, + IN UINT32 AttributesMustHave, + IN UINT32 AttributesCantHave, + IN CONST EFI_GUID *VarStateNamespace, + IN CONST CHAR16 *VarStateName, + IN UINT8 VarStateValue + ); + +#endif // _EDKII_VARIABLE_POLICY_HELPER_LIB_H_ diff --git a/MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHel= perLib.inf b/MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHel= perLib.inf new file mode 100644 index 000000000000..506abf580e94 --- /dev/null +++ b/MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.= inf @@ -0,0 +1,35 @@ +## @file VariablePolicyHelperLib.inf +# This library contains helper functions for marshalling and registering +# new policies with the VariablePolicy infrastructure. +# +# This library is currently written against VariablePolicy revision 0x0001= 0000. +# +# Copyright (c) Microsoft Corporation. +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + + +[Defines] + INF_VERSION =3D 0x00010017 + BASE_NAME =3D VariablePolicyHelperLib + # MODULE_UNI_FILE =3D VariablePolicyHelperLib.uni + FILE_GUID =3D B3C2206B-FDD1-4AED-8352-FC5EC34C5630 + VERSION_STRING =3D 1.0 + MODULE_TYPE =3D BASE + LIBRARY_CLASS =3D VariablePolicyHelperLib + + +[Sources] + VariablePolicyHelperLib.c + + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + + +[LibraryClasses] + BaseLib + DebugLib + MemoryAllocationLib + BaseMemoryLib diff --git a/MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHel= perLib.uni b/MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHel= perLib.uni new file mode 100644 index 000000000000..39cbf11a4ce9 --- /dev/null +++ b/MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.= uni @@ -0,0 +1,12 @@ +// /** @file +// VariablePolicyHelperLib.uni +// +// Copyright (c) Microsoft Corporation. +// SPDX-License-Identifier: BSD-2-Clause-Patent +// +// **/ + + +#string STR_MODULE_ABSTRACT #language en-US "Library containin= g helper functions for marshalling and registering new policies with the Va= riablePolicy infrastructure" + +#string STR_MODULE_DESCRIPTION #language en-US "Library containin= g helper functions for marshalling and registering new policies with the Va= riablePolicy infrastructure" diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec index 0b58c14e4747..b21cd78c8787 100644 --- a/MdeModulePkg/MdeModulePkg.dec +++ b/MdeModulePkg/MdeModulePkg.dec @@ -149,6 +149,11 @@ [LibraryClasses] # DisplayUpdateProgressLib|Include/Library/DisplayUpdateProgressLib.h =20 + ## @libraryclass This library contains helper functions for marshallin= g and + # registering new policies with the VariablePolicy infrastructure. + # + VariablePolicyHelperLib|Include/Library/VariablePolicyHelperLib.h + [Guids] ## MdeModule package token space guid # Include/Guid/MdeModulePkgTokenSpace.h diff --git a/MdeModulePkg/MdeModulePkg.dsc b/MdeModulePkg/MdeModulePkg.dsc index 14b6ed536962..37795b9e4f58 100644 --- a/MdeModulePkg/MdeModulePkg.dsc +++ b/MdeModulePkg/MdeModulePkg.dsc @@ -99,6 +99,7 @@ [LibraryClasses] BmpSupportLib|MdeModulePkg/Library/BaseBmpSupportLib/BaseBmpSupportLib.i= nf SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf DisplayUpdateProgressLib|MdeModulePkg/Library/DisplayUpdateProgressLibGr= aphics/DisplayUpdateProgressLibGraphics.inf + VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Var= iablePolicyHelperLib.inf =20 [LibraryClasses.EBC.PEIM] IoLib|MdePkg/Library/PeiIoLibCpuIo/PeiIoLibCpuIo.inf @@ -225,6 +226,7 @@ [Components] MdeModulePkg/Library/UefiHiiServicesLib/UefiHiiServicesLib.inf MdeModulePkg/Library/BaseHobLibNull/BaseHobLibNull.inf MdeModulePkg/Library/BaseMemoryAllocationLibNull/BaseMemoryAllocationLib= Null.inf + MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf =20 MdeModulePkg/Bus/Pci/PciHostBridgeDxe/PciHostBridgeDxe.inf MdeModulePkg/Bus/Pci/PciSioSerialDxe/PciSioSerialDxe.inf --=20 2.26.2.windows.1.8.g01c50adf56.20200515075929 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#61589): https://edk2.groups.io/g/devel/message/61589 Mute This Topic: https://groups.io/mt/75057698/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat Apr 20 02:53:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+61590+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61590+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1592911140; cv=none; d=zohomail.com; s=zohoarc; b=djA61tuS9gJj7u2Zh1PeFPCxE8/b83DR4ASPCzbTlUZ28V28ogbk+HJzfK6UAjBJgcDamZCWLM7goHFuC12Hg81LztWp6eLECeUJKQLXscaV+y+ExM/IBDuZdnYhInSWBhNDfWuS99j/ZeU+B7PWkJz7djkaT40bUUHgYlFTkLM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1592911140; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=lNqbmqTVwgCpPcqhjS82ZpvHJyc91YUgnggSkJhPIAQ=; b=YCJNwnhElegPlRN9PbrpnIGmJ98Kq74bJivH0ZlOiuVdbvglZxR3B/uyJqiXfeCCR4DcU1GRdYDR1rNuchHjUunnNkqRXfnbh4bB+0QCIEvnSwf1HIUgHqyS6TTsVqVcoa8AqBsolPGokT9ehkR/3Jt37jt/+Yp5Xf3YQ8pCtoE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61590+1787277+3901457@groups.io Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1592911140431342.486767385858; Tue, 23 Jun 2020 04:19:00 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id XkRxYY1788612x8YOEV9BSYi; Tue, 23 Jun 2020 04:18:59 -0700 X-Received: from mail-pg1-f195.google.com (mail-pg1-f195.google.com [209.85.215.195]) by mx.groups.io with SMTP id smtpd.web11.1750.1592894699815825854 for ; Mon, 22 Jun 2020 23:44:59 -0700 X-Received: by mail-pg1-f195.google.com with SMTP id e18so9424313pgn.7 for ; Mon, 22 Jun 2020 23:44:59 -0700 (PDT) X-Gm-Message-State: Ck2fKTcDPFnx8WB2Y3BVaAfBx1787277AA= X-Google-Smtp-Source: ABdhPJze9DYkDcFTbuWlOz+dC5yB9aMV6bQZlQFJP+Flhd5v8Kev1oXvso295udPOYhLB8rVGoc0qQ== X-Received: by 2002:a63:5a58:: with SMTP id k24mr14804901pgm.1.1592894699027; Mon, 22 Jun 2020 23:44:59 -0700 (PDT) X-Received: from localhost.localdomain (174-21-80-75.tukw.qwest.net. [174.21.80.75]) by smtp.gmail.com with ESMTPSA id d6sm1383818pjh.5.2020.06.22.23.44.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Jun 2020 23:44:58 -0700 (PDT) From: "Bret Barkelew" X-Google-Original-From: Bret Barkelew To: devel@edk2.groups.io Cc: Jian J Wang , Hao A Wu , Liming Gao Subject: [edk2-devel] [PATCH v6 04/14] MdeModulePkg: Define the VarCheckPolicyLib and SMM interface Date: Mon, 22 Jun 2020 23:40:54 -0700 Message-Id: <20200623064104.1908-5-brbarkel@microsoft.com> In-Reply-To: <20200623064104.1908-1-brbarkel@microsoft.com> References: <20200623064104.1908-1-brbarkel@microsoft.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,bret@corthon.com Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1592911139; bh=p8xT6K36+AMDABv1pPOwk6hEIOfWS4EgqFA4+7FvQSA=; h=Cc:Date:From:Reply-To:Subject:To; b=p4x+GcRTD9IeQkoXX+E71OC1f3DLeUfZXWTT0GZp/3svcqSFDJe0diwV9RcAyrhiLAT t92W5zXGVPxWEVNvA5Y6EwHceVx/wTOo/az1hnoA18mcfPUQmg63KMdnnPg9DfbuNpnW+ 0ScIJPVogmoaClWBIYyuAG+g3eh5CiI2Cdk= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" https://bugzilla.tianocore.org/show_bug.cgi?id=3D2522 VariablePolicy is an updated interface to replace VarLock and VarCheckProtocol. This is an instance of a VarCheckLib that is backed by the VariablePolicyLib business logic. It also publishes the SMM calling interface for messages from the DXE protocol. Cc: Jian J Wang Cc: Hao A Wu Cc: Liming Gao Cc: Bret Barkelew Signed-off-by: Bret Barkelew --- MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c | 320 +++++++= +++++++++++++ MdeModulePkg/Include/Guid/VarCheckPolicyMmi.h | 54 ++++ MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf | 42 +++ MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.uni | 12 + MdeModulePkg/MdeModulePkg.dec | 4 + MdeModulePkg/MdeModulePkg.dsc | 2 + 6 files changed, 434 insertions(+) diff --git a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c b/M= deModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c new file mode 100644 index 000000000000..b64fc5f45332 --- /dev/null +++ b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c @@ -0,0 +1,320 @@ +/** @file -- VarCheckPolicyLib.c +This is an instance of a VarCheck lib that leverages the business logic be= hind +the VariablePolicy code to make its decisions. + +Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include +#include +#include +#include +#include +#include + +#include + +#include +#include + +#include + +//=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D +// As a VarCheck library, we're linked into the VariableServices +// and may not be able to call them indirectly. To get around this, +// use the internal GetVariable function to query the variable store. +//=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D +EFI_STATUS +EFIAPI +VariableServiceGetVariable ( + IN CHAR16 *VariableName, + IN EFI_GUID *VendorGuid, + OUT UINT32 *Attributes OPTIONAL, + IN OUT UINTN *DataSize, + OUT VOID *Data + ); + + +/** + MM Communication Handler to recieve commands from the DXE protocol for + Variable Policies. This communication channel is used to register new po= licies + and poll and toggle the enforcement of variable policies. + + @param[in] DispatchHandle All parameters standard to MM commun= ications convention. + @param[in] RegisterContext All parameters standard to MM commun= ications convention. + @param[in,out] CommBuffer All parameters standard to MM commun= ications convention. + @param[in,out] CommBufferSize All parameters standard to MM commun= ications convention. + + @retval EFI_SUCCESS + @retval EFI_INVALID_PARAMETER CommBuffer or CommBufferSize is null= pointer. + @retval EFI_INVALID_PARAMETER CommBuffer size is wrong. + @retval EFI_INVALID_PARAMETER Revision or signature don't match. + +**/ +STATIC +EFI_STATUS +EFIAPI +VarCheckPolicyLibMmiHandler ( + IN EFI_HANDLE DispatchHandle, + IN CONST VOID *RegisterContext, + IN OUT VOID *CommBuffer, + IN OUT UINTN *CommBufferSize + ) +{ + EFI_STATUS Status; + EFI_STATUS SubCommandStatus; + VAR_CHECK_POLICY_COMM_HEADER *PolicyCommmHeader; + VAR_CHECK_POLICY_COMM_IS_ENABLED_PARAMS *IsEnabledParams; + VAR_CHECK_POLICY_COMM_DUMP_PARAMS *DumpParams; + UINT8 *DumpInputBuffer; + UINT8 *DumpOutputBuffer; + UINTN DumpTotalPages; + VARIABLE_POLICY_ENTRY *PolicyEntry; + UINTN ExpectedSize; + // Pagination Cache Variables + static UINT8 *PaginationCache =3D NULL; + static UINTN PaginationCacheSize =3D 0; + static UINT32 CurrentPaginationCommand =3D 0; + + Status =3D EFI_SUCCESS; + + // + // Validate some input parameters. + // + // If either of the pointers are NULL, we can't proceed. + if (CommBuffer =3D=3D NULL || CommBufferSize =3D=3D NULL) { + DEBUG(( DEBUG_INFO, "%a - Invalid comm buffer pointers!\n", __FUNCTION= __ )); + return EFI_INVALID_PARAMETER; + } + // If the size does not meet a minimum threshold, we cannot proceed. + ExpectedSize =3D sizeof(VAR_CHECK_POLICY_COMM_HEADER); + if (*CommBufferSize < ExpectedSize) { + DEBUG(( DEBUG_INFO, "%a - Bad comm buffer size! %d < %d\n", __FUNCTION= __, *CommBufferSize, ExpectedSize )); + return EFI_INVALID_PARAMETER; + } + // Check the revision and the signature of the comm header. + PolicyCommmHeader =3D CommBuffer; + if (PolicyCommmHeader->Signature !=3D VAR_CHECK_POLICY_COMM_SIG || + PolicyCommmHeader->Revision !=3D VAR_CHECK_POLICY_COMM_REVISION) { + DEBUG(( DEBUG_INFO, "%a - Signature or revision are incorrect!\n", __F= UNCTION__ )); + // We have verified the buffer is not null and have enough size to hol= d Result field. + PolicyCommmHeader->Result =3D EFI_INVALID_PARAMETER; + return EFI_SUCCESS; + } + + // If we're in the middle of a paginated dump and any other command is s= ent, + // pagination cache must be cleared. + if (PaginationCache !=3D NULL && PolicyCommmHeader->Command !=3D Current= PaginationCommand) { + FreePool (PaginationCache); + PaginationCache =3D NULL; + PaginationCacheSize =3D 0; + CurrentPaginationCommand =3D 0; + } + + // + // Now we can process the command as it was sent. + // + PolicyCommmHeader->Result =3D EFI_ABORTED; // Set a default return fo= r incomplete commands. + switch(PolicyCommmHeader->Command) { + case VAR_CHECK_POLICY_COMMAND_DISABLE: + PolicyCommmHeader->Result =3D DisableVariablePolicy(); + break; + + case VAR_CHECK_POLICY_COMMAND_IS_ENABLED: + // Make sure that we're dealing with a reasonable size. + // This add should be safe because these are fixed sizes so far. + ExpectedSize +=3D sizeof(VAR_CHECK_POLICY_COMM_IS_ENABLED_PARAMS); + if (*CommBufferSize < ExpectedSize) { + DEBUG(( DEBUG_INFO, "%a - Bad comm buffer size! %d < %d\n", __FUNC= TION__, *CommBufferSize, ExpectedSize )); + PolicyCommmHeader->Result =3D EFI_INVALID_PARAMETER; + break; + } + + // Now that we know we've got a valid size, we can fill in the rest = of the data. + IsEnabledParams =3D (VAR_CHECK_POLICY_COMM_IS_ENABLED_PARAMS*)((UINT= 8*)CommBuffer + sizeof(VAR_CHECK_POLICY_COMM_HEADER)); + IsEnabledParams->State =3D IsVariablePolicyEnabled(); + PolicyCommmHeader->Result =3D EFI_SUCCESS; + break; + + case VAR_CHECK_POLICY_COMMAND_REGISTER: + // Make sure that we're dealing with a reasonable size. + // This add should be safe because these are fixed sizes so far. + ExpectedSize +=3D sizeof(VARIABLE_POLICY_ENTRY); + if (*CommBufferSize < ExpectedSize) { + DEBUG(( DEBUG_INFO, "%a - Bad comm buffer size! %d < %d\n", __FUNC= TION__, *CommBufferSize, ExpectedSize )); + PolicyCommmHeader->Result =3D EFI_INVALID_PARAMETER; + break; + } + + // At the very least, we can assume that we're working with a valid = policy entry. + // Time to compare its internal size. + PolicyEntry =3D (VARIABLE_POLICY_ENTRY*)((UINT8*)CommBuffer + sizeof= (VAR_CHECK_POLICY_COMM_HEADER)); + if (PolicyEntry->Version !=3D VARIABLE_POLICY_ENTRY_REVISION || + PolicyEntry->Size < sizeof(VARIABLE_POLICY_ENTRY) || + EFI_ERROR(SafeUintnAdd(sizeof(VAR_CHECK_POLICY_COMM_HEADER), Pol= icyEntry->Size, &ExpectedSize)) || + *CommBufferSize < ExpectedSize) { + DEBUG(( DEBUG_INFO, "%a - Bad policy entry contents!\n", __FUNCTIO= N__ )); + PolicyCommmHeader->Result =3D EFI_INVALID_PARAMETER; + break; + } + + PolicyCommmHeader->Result =3D RegisterVariablePolicy( PolicyEntry ); + break; + + case VAR_CHECK_POLICY_COMMAND_DUMP: + // Make sure that we're dealing with a reasonable size. + // This add should be safe because these are fixed sizes so far. + ExpectedSize +=3D sizeof(VAR_CHECK_POLICY_COMM_DUMP_PARAMS) + VAR_CH= ECK_POLICY_MM_DUMP_BUFFER_SIZE; + if (*CommBufferSize < ExpectedSize) { + DEBUG(( DEBUG_INFO, "%a - Bad comm buffer size! %d < %d\n", __FUNC= TION__, *CommBufferSize, ExpectedSize )); + PolicyCommmHeader->Result =3D EFI_INVALID_PARAMETER; + break; + } + + // Now that we know we've got a valid size, we can fill in the rest = of the data. + DumpParams =3D (VAR_CHECK_POLICY_COMM_DUMP_PARAMS*)(PolicyCommmHeade= r + 1); + + // If we're requesting the first page, initialize the cache and get = the sizes. + if (DumpParams->PageRequested =3D=3D 0) { + if (PaginationCache !=3D NULL) { + FreePool (PaginationCache); + PaginationCache =3D NULL; + } + + // Determine what the required size is going to be. + DumpParams->TotalSize =3D 0; + DumpParams->PageSize =3D 0; + DumpParams->HasMore =3D FALSE; + SubCommandStatus =3D DumpVariablePolicy (NULL, &DumpParams->TotalS= ize); + if (SubCommandStatus =3D=3D EFI_BUFFER_TOO_SMALL && DumpParams->To= talSize > 0) { + CurrentPaginationCommand =3D VAR_CHECK_POLICY_COMMAND_DUMP; + PaginationCacheSize =3D DumpParams->TotalSize; + PaginationCache =3D AllocatePool (PaginationCacheSize); + if (PaginationCache =3D=3D NULL) { + SubCommandStatus =3D EFI_OUT_OF_RESOURCES; + } + } + + // If we've allocated our pagination cache, we're good to cache. + if (PaginationCache !=3D NULL) { + SubCommandStatus =3D DumpVariablePolicy (PaginationCache, &DumpP= arams->TotalSize); + } + + // Populate the remaining fields and we can boogie. + if (!EFI_ERROR (SubCommandStatus) && PaginationCache !=3D NULL) { + DumpParams->HasMore =3D TRUE; + } + } + else if (PaginationCache !=3D NULL) { + DumpParams->TotalSize =3D (UINT32)PaginationCacheSize; + DumpParams->PageSize =3D VAR_CHECK_POLICY_MM_DUMP_BUFFER_SIZE; + DumpOutputBuffer =3D (UINT8*)(DumpParams + 1); + + // Make sure that we don't over-index the cache. + DumpTotalPages =3D PaginationCacheSize / DumpParams->PageSize; + if (PaginationCacheSize % DumpParams->PageSize) DumpTotalPages++; + if (DumpParams->PageRequested > DumpTotalPages) { + SubCommandStatus =3D EFI_INVALID_PARAMETER; + } + else { + // Figure out how far into the page cache we need to go for our = next page. + // We know the blind subtraction won't be bad because we already= checked for page 0. + DumpInputBuffer =3D &PaginationCache[DumpParams->PageSize * (Dum= pParams->PageRequested - 1)]; + // If we're getting the last page, adjust the PageSize. + if (DumpParams->PageRequested =3D=3D DumpTotalPages) { + DumpParams->PageSize =3D PaginationCacheSize % DumpParams->Pag= eSize; + } + CopyMem (DumpOutputBuffer, DumpInputBuffer, DumpParams->PageSize= ); + // If we just got the last page, settle up the cache. + if (DumpParams->PageRequested =3D=3D DumpTotalPages) { + DumpParams->HasMore =3D FALSE; + FreePool (PaginationCache); + PaginationCache =3D NULL; + PaginationCacheSize =3D 0; + CurrentPaginationCommand =3D 0; + } + // Otherwise, we could do more here. + else { + DumpParams->HasMore =3D TRUE; + } + + // If we made it this far, we're basically good. + SubCommandStatus =3D EFI_SUCCESS; + } + } + // If we've requested any other page than 0 and the cache is empty, = we must have timed out. + else { + DumpParams->TotalSize =3D 0; + DumpParams->PageSize =3D 0; + DumpParams->HasMore =3D FALSE; + SubCommandStatus =3D EFI_TIMEOUT; + } + + // There's currently no use for this, but it shouldn't be hard to im= plement. + PolicyCommmHeader->Result =3D SubCommandStatus; + break; + + case VAR_CHECK_POLICY_COMMAND_LOCK: + PolicyCommmHeader->Result =3D LockVariablePolicy(); + break; + + default: + // Mark unknown requested command as EFI_UNSUPPORTED. + DEBUG(( DEBUG_INFO, "%a - Invalid command requested! %d\n", __FUNCTI= ON__, PolicyCommmHeader->Command )); + PolicyCommmHeader->Result =3D EFI_UNSUPPORTED; + break; + } + + DEBUG(( DEBUG_VERBOSE, "%a - Command %d returning %r.\n", __FUNCTION__, + PolicyCommmHeader->Command, PolicyCommmHeader->Result )); + + return Status; +} + + +/** + Constructor function of VarCheckPolicyLib to register VarCheck handler a= nd + SW MMI handlers. + + @param[in] ImageHandle The firmware allocated handle for the EFI imag= e. + @param[in] SystemTable A pointer to the EFI System Table. + + @retval EFI_SUCCESS The constructor executed correctly. + +**/ +EFI_STATUS +EFIAPI +VarCheckPolicyLibConstructor ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable + ) +{ + EFI_STATUS Status; + EFI_HANDLE DiscardedHandle; + + // Initialize the business logic with the internal GetVariable handler. + Status =3D InitVariablePolicyLib( VariableServiceGetVariable ); + + // Only proceed with init if the business logic could be initialized. + if (!EFI_ERROR( Status )) { + // Register the VarCheck handler for SetVariable filtering. + // Forward the check to the business logic of the library. + VarCheckLibRegisterSetVariableCheckHandler( ValidateSetVariable ); + + // Register the MMI handlers for receiving policy commands. + DiscardedHandle =3D NULL; + Status =3D gMmst->MmiHandlerRegister( VarCheckPolicyLibMmiHandler, + &gVarCheckPolicyLibMmiHandlerGuid, + &DiscardedHandle ); + } + // Otherwise, there's not much we can do. + else { + DEBUG(( DEBUG_ERROR, "%a - Cannot Initialize VariablePolicyLib! %r\n",= __FUNCTION__, Status )); + ASSERT_EFI_ERROR( Status ); + } + + return Status; +} diff --git a/MdeModulePkg/Include/Guid/VarCheckPolicyMmi.h b/MdeModulePkg/I= nclude/Guid/VarCheckPolicyMmi.h new file mode 100644 index 000000000000..77bcc62f3ccf --- /dev/null +++ b/MdeModulePkg/Include/Guid/VarCheckPolicyMmi.h @@ -0,0 +1,54 @@ +/** @file -- VarCheckPolicyMmiCommon.h +This header contains communication definitions that are shared between DXE +and the MM component of VarCheckPolicy. + +Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#ifndef _VAR_CHECK_POLICY_MMI_COMMON_H_ +#define _VAR_CHECK_POLICY_MMI_COMMON_H_ + +#define VAR_CHECK_POLICY_COMM_SIG SIGNATURE_32('V', 'C', 'P', 'C') +#define VAR_CHECK_POLICY_COMM_REVISION 1 + +#pragma pack(push, 1) + +typedef struct _VAR_CHECK_POLICY_COMM_HEADER { + UINT32 Signature; + UINT32 Revision; + UINT32 Command; + EFI_STATUS Result; +} VAR_CHECK_POLICY_COMM_HEADER; + +typedef struct _VAR_CHECK_POLICY_COMM_IS_ENABLED_PARAMS { + BOOLEAN State; +} VAR_CHECK_POLICY_COMM_IS_ENABLED_PARAMS; + +typedef struct _VAR_CHECK_POLICY_COMM_DUMP_PARAMS { + UINT32 PageRequested; + UINT32 TotalSize; + UINT32 PageSize; + BOOLEAN HasMore; +} VAR_CHECK_POLICY_COMM_DUMP_PARAMS; + +#pragma pack(pop) + +// Make sure that we will hold at least the headers. +#define VAR_CHECK_POLICY_MM_COMM_BUFFER_SIZE MAX((OFFSET_OF(EFI_MM_COMM= UNICATE_HEADER, Data) + sizeof (VAR_CHECK_POLICY_COMM_HEADER) + EFI_PAGES_T= O_SIZE(1)), EFI_PAGES_TO_SIZE(4)) +#define VAR_CHECK_POLICY_MM_DUMP_BUFFER_SIZE (VAR_CHECK_POLICY_MM_COMM_= BUFFER_SIZE - \ + (OFFSET_OF(EFI_MM_COMM= UNICATE_HEADER, Data) + \ + sizeof(VAR_CHECK_POL= ICY_COMM_HEADER) + \ + sizeof(VAR_CHECK_POL= ICY_COMM_DUMP_PARAMS))) +STATIC_ASSERT ( + VAR_CHECK_POLICY_MM_DUMP_BUFFER_SIZE < VAR_CHECK_POLICY_MM_COMM_BUFFER_S= IZE, + "an integer underflow may have occurred calculating VAR_CHECK_POLICY_MM_= DUMP_BUFFER_SIZE" + ); + +#define VAR_CHECK_POLICY_COMMAND_DISABLE 0x0001 +#define VAR_CHECK_POLICY_COMMAND_IS_ENABLED 0x0002 +#define VAR_CHECK_POLICY_COMMAND_REGISTER 0x0003 +#define VAR_CHECK_POLICY_COMMAND_DUMP 0x0004 +#define VAR_CHECK_POLICY_COMMAND_LOCK 0x0005 + +#endif // _VAR_CHECK_POLICY_MMI_COMMON_H_ diff --git a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf b= /MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf new file mode 100644 index 000000000000..077bcc8990ca --- /dev/null +++ b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf @@ -0,0 +1,42 @@ +## @file VarCheckPolicyLib.inf +# This is an instance of a VarCheck lib that leverages the business logic = behind +# the VariablePolicy code to make its decisions. +# +# Copyright (c) Microsoft Corporation. +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +[Defines] + INF_VERSION =3D 0x00010005 + BASE_NAME =3D VarCheckPolicyLib + FILE_GUID =3D 9C28A48F-C884-4B1F-8B95-DEF125448023 + MODULE_TYPE =3D DXE_RUNTIME_DRIVER + VERSION_STRING =3D 1.0 + LIBRARY_CLASS =3D NULL|DXE_RUNTIME_DRIVER DXE_SMM_DRIVER + CONSTRUCTOR =3D VarCheckPolicyLibConstructor + + +[Sources] + VarCheckPolicyLib.c + + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + + +[LibraryClasses] + BaseLib + DebugLib + BaseMemoryLib + DxeServicesLib + MemoryAllocationLib + VarCheckLib + VariablePolicyLib + VariablePolicyHelperLib + SafeIntLib + MmServicesTableLib + + +[Guids] + gVarCheckPolicyLibMmiHandlerGuid ## CONSUME ## Used to register f= or MM Communication events. diff --git a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.uni b= /MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.uni new file mode 100644 index 000000000000..eedeeed15d31 --- /dev/null +++ b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.uni @@ -0,0 +1,12 @@ +// /** @file +// VarCheckPolicyLib.uni +// +// Copyright (c) Microsoft Corporation. +// SPDX-License-Identifier: BSD-2-Clause-Patent +// +// **/ + + +#string STR_MODULE_ABSTRACT #language en-US "NULL library impl= ementation that conforms to the VarCheck interface to allow VariablePolicy = engine to enforce policies" + +#string STR_MODULE_DESCRIPTION #language en-US "NULL library impl= ementation that conforms to the VarCheck interface to allow VariablePolicy = engine to enforce policies" diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec index b21cd78c8787..9a3c9fe642d3 100644 --- a/MdeModulePkg/MdeModulePkg.dec +++ b/MdeModulePkg/MdeModulePkg.dec @@ -385,6 +385,10 @@ [Guids] ## Include/Guid/EndofS3Resume.h gEdkiiEndOfS3ResumeGuid =3D { 0x96f5296d, 0x05f7, 0x4f3c, {0x84, 0x67, 0= xe4, 0x56, 0x89, 0x0e, 0x0c, 0xb5 } } =20 + ## Used (similar to Variable Services) to communicate policies to the en= forcement engine. + # {DA1B0D11-D1A7-46C4-9DC9-F3714875C6EB} + gVarCheckPolicyLibMmiHandlerGuid =3D { 0xda1b0d11, 0xd1a7, 0x46c4, { 0x9= d, 0xc9, 0xf3, 0x71, 0x48, 0x75, 0xc6, 0xeb }} + ## Include/Guid/S3SmmInitDone.h gEdkiiS3SmmInitDoneGuid =3D { 0x8f9d4825, 0x797d, 0x48fc, { 0x84, 0x71, = 0x84, 0x50, 0x25, 0x79, 0x2e, 0xf6 } } =20 diff --git a/MdeModulePkg/MdeModulePkg.dsc b/MdeModulePkg/MdeModulePkg.dsc index 37795b9e4f58..f0a75a3b337b 100644 --- a/MdeModulePkg/MdeModulePkg.dsc +++ b/MdeModulePkg/MdeModulePkg.dsc @@ -313,6 +313,7 @@ [Components] MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeDxe.inf + MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf MdeModulePkg/Library/VarCheckHiiLib/VarCheckHiiLib.inf MdeModulePkg/Library/VarCheckPcdLib/VarCheckPcdLib.inf @@ -458,6 +459,7 @@ [Components.IA32, Components.X64] MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf { + NULL|MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf NULL|MdeModulePkg/Library/VarCheckHiiLib/VarCheckHiiLib.inf NULL|MdeModulePkg/Library/VarCheckPcdLib/VarCheckPcdLib.inf --=20 2.26.2.windows.1.8.g01c50adf56.20200515075929 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#61590): https://edk2.groups.io/g/devel/message/61590 Mute This Topic: https://groups.io/mt/75057699/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat Apr 20 02:53:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+61584+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61584+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1592911131; cv=none; d=zohomail.com; s=zohoarc; b=Efda+/UgOus1Gmm4e1cTkrLO0kVZvFAvEqI3AeeBivT27j9QxPLbFkcWPUB2oqbaRjMAgd65kuhNtufDXA8KiwULTsSaWyhdo6AArfgAdyTQnrsiFK5Cwf55eeYmQnqWvyymUAxwlZgatm2eTXG1WXHR0VDxoZ0cAMEJkbzKLYQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1592911131; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=rVW0f0baEEn4WT1TDepOOq+s7Mx72nkfNfW0MIIO7fM=; b=GqK+a/6UU0/FbHgZodOXReGc2QqMZk9+OnOWdt8YtDgmHoIqnHQGoiaQSQDfIi5rskpDk/TFIXk0VmiaRWO1186WCez8lg8By0Yl96b+5WmOO4cssX/u+QcYaDnQveW+/x4krxnAlVkZAaV89en0b1TOPaMomuTGpcrrc1JCc6Q= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61584+1787277+3901457@groups.io Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1592911131334317.7867313938408; Tue, 23 Jun 2020 04:18:51 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id YSz5YY1788612xsovn4laqEg; Tue, 23 Jun 2020 04:18:50 -0700 X-Received: from mail-pl1-f169.google.com (mail-pl1-f169.google.com [209.85.214.169]) by mx.groups.io with SMTP id smtpd.web10.1723.1592894700275930666 for ; Mon, 22 Jun 2020 23:45:00 -0700 X-Received: by mail-pl1-f169.google.com with SMTP id x11so8702043plo.7 for ; Mon, 22 Jun 2020 23:45:00 -0700 (PDT) X-Gm-Message-State: 8FRXvN6phPsfhZLUupR9ecbDx1787277AA= X-Google-Smtp-Source: ABdhPJwGqjBh3XeQT2TPV3ve/1Ujir63Ll18CXtNLTXugJQXku1vWz+ZYz6K4ALMSMk1VlIanJu5/A== X-Received: by 2002:a17:90b:1087:: with SMTP id gj7mr22458956pjb.124.1592894699662; Mon, 22 Jun 2020 23:44:59 -0700 (PDT) X-Received: from localhost.localdomain (174-21-80-75.tukw.qwest.net. [174.21.80.75]) by smtp.gmail.com with ESMTPSA id d6sm1383818pjh.5.2020.06.22.23.44.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Jun 2020 23:44:59 -0700 (PDT) From: "Bret Barkelew" X-Google-Original-From: Bret Barkelew To: devel@edk2.groups.io Cc: Jordan Justen , Laszlo Ersek , Ard Biesheuvel Subject: [edk2-devel] [PATCH v6 05/14] OvmfPkg: Add VariablePolicy engine to OvmfPkg platform Date: Mon, 22 Jun 2020 23:40:55 -0700 Message-Id: <20200623064104.1908-6-brbarkel@microsoft.com> In-Reply-To: <20200623064104.1908-1-brbarkel@microsoft.com> References: <20200623064104.1908-1-brbarkel@microsoft.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,bret@corthon.com Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1592911130; bh=wW5nm/ItWc+eBmF2fuMSubzlNKP8WfFs8xqz/ozQVso=; h=Cc:Date:From:Reply-To:Subject:To; b=qqMoVABaOj3DNrCSbzVUFivzNaU5rtmcpktC9ZUK9w95rYoiOEZMSHKlc1eIsx2LgoB WBypw2tvWevunnhAwTSoH3EjjZilay19Y1tr4mFGCdtpBCxpJOefhedEIpSUWobVYnFoU vgzO/F/2PIeeuj9iq3OZmrWG55gD1/CjwE0= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" https://bugzilla.tianocore.org/show_bug.cgi?id=3D2522 Cc: Jordan Justen Cc: Laszlo Ersek Cc: Ard Biesheuvel Cc: Bret Barkelew Signed-off-by: Bret Barkelew Reviewed-by: Laszlo Ersek --- OvmfPkg/OvmfPkgIa32.dsc | 5 +++++ OvmfPkg/OvmfPkgIa32X64.dsc | 5 +++++ OvmfPkg/OvmfPkgX64.dsc | 5 +++++ OvmfPkg/OvmfXen.dsc | 4 ++++ 4 files changed, 19 insertions(+) diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index b4ee7376791b..c26c4045fa86 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -3,6 +3,7 @@ # # Copyright (c) 2006 - 2020, Intel Corporation. All rights reserved.
# (C) Copyright 2016 Hewlett Packard Enterprise Development LP
+# Copyright (c) Microsoft Corporation. # # SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -196,6 +197,8 @@ [LibraryClasses] AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLib= Null.inf !endif VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ib.inf + VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Var= iablePolicyHelperLib.inf =20 =20 # @@ -334,6 +337,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf =20 [LibraryClasses.common.UEFI_DRIVER] PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf @@ -953,6 +957,7 @@ [Components] MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf { NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf + NULL|MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf } MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf =20 diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index ed68b080f2a2..724010e9a567 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -3,6 +3,7 @@ # # Copyright (c) 2006 - 2020, Intel Corporation. All rights reserved.
# (C) Copyright 2016 Hewlett Packard Enterprise Development LP
+# Copyright (c) Microsoft Corporation. # # SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -200,6 +201,8 @@ [LibraryClasses] AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLib= Null.inf !endif VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ib.inf + VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Var= iablePolicyHelperLib.inf =20 =20 # @@ -338,6 +341,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf =20 [LibraryClasses.common.UEFI_DRIVER] PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf @@ -968,6 +972,7 @@ [Components.X64] MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf { NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf + NULL|MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf } MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf =20 diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index cb7e8068a3d8..1ca9a6845160 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -3,6 +3,7 @@ # # Copyright (c) 2006 - 2020, Intel Corporation. All rights reserved.
# (C) Copyright 2016 Hewlett Packard Enterprise Development LP
+# Copyright (c) Microsoft Corporation. # # SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -200,6 +201,8 @@ [LibraryClasses] AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLib= Null.inf !endif VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ib.inf + VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Var= iablePolicyHelperLib.inf =20 =20 # @@ -338,6 +341,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf =20 [LibraryClasses.common.UEFI_DRIVER] PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf @@ -964,6 +968,7 @@ [Components] MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf { NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf + NULL|MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf } MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf =20 diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc index 782803cb2787..b43284f10b45 100644 --- a/OvmfPkg/OvmfXen.dsc +++ b/OvmfPkg/OvmfXen.dsc @@ -4,6 +4,7 @@ # Copyright (c) 2006 - 2020, Intel Corporation. All rights reserved.
# (C) Copyright 2016 Hewlett Packard Enterprise Development LP
# Copyright (c) 2019, Citrix Systems, Inc. +# Copyright (c) Microsoft Corporation. # # SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -182,6 +183,8 @@ [LibraryClasses] =20 AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLib= Null.inf VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ib.inf + VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Var= iablePolicyHelperLib.inf =20 =20 # @@ -289,6 +292,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf =20 [LibraryClasses.common.UEFI_DRIVER] PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf --=20 2.26.2.windows.1.8.g01c50adf56.20200515075929 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#61584): https://edk2.groups.io/g/devel/message/61584 Mute This Topic: https://groups.io/mt/75057693/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat Apr 20 02:53:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+61591+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61591+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1592911142; cv=none; d=zohomail.com; s=zohoarc; b=j4zzEjwpFgWJAXU+3poE+xD38FEuKwga9VSMp7wZY/U54VcErPCaRNmdTOhST1m1MwJ9cs9upZ59uq/WDoMhXcvlFzbzTYjq0CTa/KVqbXyuUAq84LI1q08NmdC8CFS5b9l3wKMfzJY7qqMOnV6ZD5egDt/WdGUvMvH+ul7rang= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1592911142; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=3B3gG/d5pT2Ousdxv1HfIU/exxavqEx5RQ4yme9r9Ho=; b=Jxl++1dx90AcjNClYB6P6C346GwJKKzGxXrsSWXtOrNG+F0+Trjl6rnKYXsW36VyzO5t7873291k23Y0G1w6o8xWoDxwuSE+lvMhsXrIA7IyJgQ+2JnNEYwN1xrot1oP5wt/Wo6C4EQYpuqQ0lBiUz/4Vdvk1FryjoQOX04x6Dk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61591+1787277+3901457@groups.io Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1592911142862618.080349383208; Tue, 23 Jun 2020 04:19:02 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id RUg1YY1788612x6Z5xkXQZ89; Tue, 23 Jun 2020 04:19:02 -0700 X-Received: from mail-pg1-f193.google.com (mail-pg1-f193.google.com [209.85.215.193]) by mx.groups.io with SMTP id smtpd.web11.1751.1592894701054967246 for ; Mon, 22 Jun 2020 23:45:01 -0700 X-Received: by mail-pg1-f193.google.com with SMTP id e18so9424335pgn.7 for ; Mon, 22 Jun 2020 23:45:01 -0700 (PDT) X-Gm-Message-State: QJGLbSPx5Gz7KQapN4iohJeBx1787277AA= X-Google-Smtp-Source: ABdhPJznczPU8wyiiJVvPwWTpFg2rp+zKLGReyq/g0vtmOwGUs1JeNle31HULpt/zYRXcWmF8oCtlg== X-Received: by 2002:a63:bf04:: with SMTP id v4mr10516222pgf.212.1592894700414; Mon, 22 Jun 2020 23:45:00 -0700 (PDT) X-Received: from localhost.localdomain (174-21-80-75.tukw.qwest.net. [174.21.80.75]) by smtp.gmail.com with ESMTPSA id d6sm1383818pjh.5.2020.06.22.23.44.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Jun 2020 23:44:59 -0700 (PDT) From: "Bret Barkelew" X-Google-Original-From: Bret Barkelew To: devel@edk2.groups.io Cc: Jordan Justen , Andrew Fish , Ray Ni Subject: [edk2-devel] [PATCH v6 06/14] EmulatorPkg: Add VariablePolicy engine to EmulatorPkg platform Date: Mon, 22 Jun 2020 23:40:56 -0700 Message-Id: <20200623064104.1908-7-brbarkel@microsoft.com> In-Reply-To: <20200623064104.1908-1-brbarkel@microsoft.com> References: <20200623064104.1908-1-brbarkel@microsoft.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,bret@corthon.com Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1592911142; bh=YVK0b5lK+xBNJ8ERZwooY0MmS/2td3jftuDCQvQqkjw=; h=Cc:Date:From:Reply-To:Subject:To; b=n6aXkjAIAuu+yQlxzHrwaLF/h1pP6o/FkY8i9e6cOqFg4R3iY/ddLPsocKQHqqUvUhG xMzwNvw3hYeuOHjAHpJ/h8KQA3igfpHTUPIBAuzaQmxm7B4wiKhGJI3RDykmhbzckxJG5 VOJUeyMUBlawoUsYNJbHagc+UStlH9g0lVc= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" https://bugzilla.tianocore.org/show_bug.cgi?id=3D2522 Cc: Jordan Justen Cc: Andrew Fish Cc: Ray Ni Cc: Bret Barkelew Signed-off-by: Bret Barkelew --- EmulatorPkg/EmulatorPkg.dsc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/EmulatorPkg/EmulatorPkg.dsc b/EmulatorPkg/EmulatorPkg.dsc index 86a62717353b..3bb6e0373ca8 100644 --- a/EmulatorPkg/EmulatorPkg.dsc +++ b/EmulatorPkg/EmulatorPkg.dsc @@ -6,6 +6,7 @@ # # Copyright (c) 2006 - 2020, Intel Corporation. All rights reserved.
# Portions copyright (c) 2010 - 2011, Apple Inc. All rights reserved.
+# Copyright (c) Microsoft Corporation. # # SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -108,6 +109,8 @@ [LibraryClasses] TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurem= entLibNull.inf AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLib= Null.inf VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf + VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Var= iablePolicyHelperLib.inf SortLib|MdeModulePkg/Library/BaseSortLib/BaseSortLib.inf ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf --=20 2.26.2.windows.1.8.g01c50adf56.20200515075929 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#61591): https://edk2.groups.io/g/devel/message/61591 Mute This Topic: https://groups.io/mt/75057700/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat Apr 20 02:53:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+61592+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61592+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1592911143; cv=none; d=zohomail.com; s=zohoarc; b=JZ6Qj8ByZRMhTjC8e9fV/v/q8T4lOy1p0/iRY6el4JiR5YSzur5wq8C2GBxzzzEfRXpglXQ63XGZX7ej4swoMictvd+3Ruz76mSunva+S6iSYSlhppb+zlOyEyCDt2xq14ryqRcouwYSP3hO6svC6fT1bVr0dT3dUorfMFCLl8A= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1592911143; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=ByHf42/GYg7EMeXd1Vl0LfC/YxBIrTqb9T6B2cJxBg0=; b=VmDOd/L2pRXrSdX96Xie+HT8iX86psZTGy6dY43pCwtiur0c2kpauDm7T19M//sas50ob3jVWi89rmnXRPzMBBvHQ2W4n5XZrkzBeL3BljOZphsT08A5a4KUjZyYjVW8D3O/h85nmoPD3ctXP5khGjVGKQVbnaH5/SUClgalY84= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61592+1787277+3901457@groups.io Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1592911143008431.9854023534133; Tue, 23 Jun 2020 04:19:03 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id pMfvYY1788612xm3gM3DZkRv; Tue, 23 Jun 2020 04:19:02 -0700 X-Received: from mail-pf1-f193.google.com (mail-pf1-f193.google.com [209.85.210.193]) by mx.groups.io with SMTP id smtpd.web10.1725.1592894701813536662 for ; Mon, 22 Jun 2020 23:45:01 -0700 X-Received: by mail-pf1-f193.google.com with SMTP id 136so35996pfv.3 for ; Mon, 22 Jun 2020 23:45:01 -0700 (PDT) X-Gm-Message-State: LtaDhyE8vVbI1rNUJSSrA0JKx1787277AA= X-Google-Smtp-Source: ABdhPJxkcpzFRtcQzwFUCLoQUzIw5KBdSNtHn71WpntyHSbd/8FBpeCwROj3FeccYwOZbHBsfMh/8g== X-Received: by 2002:a63:20d:: with SMTP id 13mr12308812pgc.166.1592894701144; Mon, 22 Jun 2020 23:45:01 -0700 (PDT) X-Received: from localhost.localdomain (174-21-80-75.tukw.qwest.net. [174.21.80.75]) by smtp.gmail.com with ESMTPSA id d6sm1383818pjh.5.2020.06.22.23.45.00 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Jun 2020 23:45:00 -0700 (PDT) From: "Bret Barkelew" X-Google-Original-From: Bret Barkelew To: devel@edk2.groups.io Cc: Laszlo Ersek , Ard Biesheuvel , Leif Lindholm Subject: [edk2-devel] [PATCH v6 07/14] ArmVirtPkg: Add VariablePolicy engine to ArmVirtPkg platform Date: Mon, 22 Jun 2020 23:40:57 -0700 Message-Id: <20200623064104.1908-8-brbarkel@microsoft.com> In-Reply-To: <20200623064104.1908-1-brbarkel@microsoft.com> References: <20200623064104.1908-1-brbarkel@microsoft.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,bret@corthon.com Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1592911142; bh=06G+F+Dz/ydBORD9tWfxVdk6VO+uPi3p0sk9SEAq/Cc=; h=Cc:Date:From:Reply-To:Subject:To; b=PlHEb6RW9APb0+R9x7vvqbQuZHraQJP5+Xo0pNmH6dlsrNvKlO26dfnls91NX6TU9Lf KEaviA9vhIXTrMOx5USFAK8Hhrk6gskLiIoVbkvW+KEVuhnz/IFYi1Cn6TIsCu6wxIhiK jb7hj/pRs7BohXjAAYBrv59uh2jOsWCZK9k= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" https://bugzilla.tianocore.org/show_bug.cgi?id=3D2522 Cc: Laszlo Ersek Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Bret Barkelew Signed-off-by: Bret Barkelew Reviewed-by: Laszlo Ersek --- ArmVirtPkg/ArmVirt.dsc.inc | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc index cf44fc73890b..0af6d839cf11 100644 --- a/ArmVirtPkg/ArmVirt.dsc.inc +++ b/ArmVirtPkg/ArmVirt.dsc.inc @@ -2,6 +2,7 @@ # Copyright (c) 2011-2015, ARM Limited. All rights reserved. # Copyright (c) 2014, Linaro Limited. All rights reserved. # Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved. +# Copyright (c) Microsoft Corporation. # # SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -173,6 +174,8 @@ [LibraryClasses.common] AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLib= Null.inf !endif VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ib.inf + VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Var= iablePolicyHelperLib.inf UefiBootManagerLib|MdeModulePkg/Library/UefiBootManagerLib/UefiBootManag= erLib.inf =20 ReportStatusCodeLib|MdePkg/Library/BaseReportStatusCodeLibNull/BaseRepor= tStatusCodeLibNull.inf @@ -246,6 +249,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] !if $(TARGET) !=3D RELEASE DebugLib|MdePkg/Library/DxeRuntimeDebugLibSerialPort/DxeRuntimeDebugLibS= erialPort.inf !endif + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf =20 !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf --=20 2.26.2.windows.1.8.g01c50adf56.20200515075929 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#61592): https://edk2.groups.io/g/devel/message/61592 Mute This Topic: https://groups.io/mt/75057701/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat Apr 20 02:53:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+61594+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61594+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1592911145; cv=none; d=zohomail.com; s=zohoarc; b=eHXc5+5UlW4+eYvwA1Xr1OavPyjm50PcUggoSy3qXjFHCttJi5Keg22h0xNAu6/7xJRG0HxSaY0UJItqRvGdEhnOfEIsR6rWVflaV0sIu/9nG5Nos7qLSi8+gIZWeQAtW+QhsG9DuhqM+pFKAcZUWjb1MuP9qISWcVG7y7sgJyc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1592911145; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=5K+TkuCamJDCHeYBWSMqu/+4L/t0wuyna3DGy1grfc4=; b=FWgzzx/J5G7RlZiHX6FeYGdzrZ3R0K++Ne7r1OulDv+bRtqc/YgkCNO/mG5ToAflvepVwKxOdiILHzD7l0tGpqpkEBznEkf/yZwpko1c9bEXSD6M6DzTJ0og05uG3OV0e/H9nnPPxMj5IGWq9Iux6JytT/b5m9BftgYxx61HeRk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61594+1787277+3901457@groups.io Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 159291114527457.66067158352894; Tue, 23 Jun 2020 04:19:05 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id z7vkYY1788612xcRjORAbyox; Tue, 23 Jun 2020 04:19:04 -0700 X-Received: from mail-pl1-f193.google.com (mail-pl1-f193.google.com [209.85.214.193]) by mx.groups.io with SMTP id smtpd.web11.1753.1592894702429512974 for ; Mon, 22 Jun 2020 23:45:02 -0700 X-Received: by mail-pl1-f193.google.com with SMTP id x11so8702075plo.7 for ; Mon, 22 Jun 2020 23:45:02 -0700 (PDT) X-Gm-Message-State: dpBbjamHwudxmcACkwNaQk8jx1787277AA= X-Google-Smtp-Source: ABdhPJxqq3371cEI2VXvfGnxRlH9OW+ZyQVhA0oZqVcQ5hE41UXUzMoUTnkJx5HR6rwaAz//wfYARg== X-Received: by 2002:a17:902:c206:: with SMTP id 6mr20639006pll.133.1592894701816; Mon, 22 Jun 2020 23:45:01 -0700 (PDT) X-Received: from localhost.localdomain (174-21-80-75.tukw.qwest.net. [174.21.80.75]) by smtp.gmail.com with ESMTPSA id d6sm1383818pjh.5.2020.06.22.23.45.01 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Jun 2020 23:45:01 -0700 (PDT) From: "Bret Barkelew" X-Google-Original-From: Bret Barkelew To: devel@edk2.groups.io Cc: Maurice Ma , Guo Dong , Benjamin You Subject: [edk2-devel] [PATCH v6 08/14] UefiPayloadPkg: Add VariablePolicy engine to UefiPayloadPkg platform Date: Mon, 22 Jun 2020 23:40:58 -0700 Message-Id: <20200623064104.1908-9-brbarkel@microsoft.com> In-Reply-To: <20200623064104.1908-1-brbarkel@microsoft.com> References: <20200623064104.1908-1-brbarkel@microsoft.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,bret@corthon.com Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1592911144; bh=VKnBXYDy6wuPyJSCSj7wY02Su3SPgBEQ60wXSH9sVmM=; h=Cc:Date:From:Reply-To:Subject:To; b=SZUntj1soXT1v2FgVwgyhbwWVmfSIlPqGIHeLeKiuAGUjksGgxFQqaJOCSLKrJ1h0F6 asXAlTW0nLhNtKnKIOc8YneHOHXNWGAzhL9LytSo9RMHSHWc5xXXhjGyb56mFfUp0tK4a P36hU+nkqx6DO8V6uEf6X0i09tQm9B2Y6ko= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" https://bugzilla.tianocore.org/show_bug.cgi?id=3D2522 Cc: Maurice Ma Cc: Guo Dong Cc: Benjamin You Cc: Bret Barkelew Signed-off-by: Bret Barkelew Reviewed-by: Maurice Ma --- UefiPayloadPkg/UefiPayloadPkgIa32.dsc | 4 ++++ UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/UefiPayloadPkg/UefiPayloadPkgIa32.dsc b/UefiPayloadPkg/UefiPay= loadPkgIa32.dsc index c6c47833871b..4bed6aaa78d0 100644 --- a/UefiPayloadPkg/UefiPayloadPkgIa32.dsc +++ b/UefiPayloadPkg/UefiPayloadPkgIa32.dsc @@ -4,6 +4,7 @@ # Provides drivers and definitions to create uefi payload for bootloaders. # # Copyright (c) 2014 - 2020, Intel Corporation. All rights reserved.
+# Copyright (c) Microsoft Corporation. # SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -204,6 +205,8 @@ [LibraryClasses] AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLib= Null.inf TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurem= entLibNull.inf VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ib.inf + VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Var= iablePolicyHelperLib.inf =20 [LibraryClasses.IA32.SEC] DebugLib|MdePkg/Library/BaseDebugLibNull/BaseDebugLibNull.inf @@ -251,6 +254,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAll= ocationLib.inf ReportStatusCodeLib|MdeModulePkg/Library/RuntimeDxeReportStatusCodeLib/R= untimeDxeReportStatusCodeLib.inf + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf =20 [LibraryClasses.common.UEFI_DRIVER,LibraryClasses.common.UEFI_APPLICATION] PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf diff --git a/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc b/UefiPayloadPkg/Uefi= PayloadPkgIa32X64.dsc index 5559b1258521..6e07dd866acd 100644 --- a/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc +++ b/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc @@ -4,6 +4,7 @@ # Provides drivers and definitions to create uefi payload for bootloaders. # # Copyright (c) 2014 - 2020, Intel Corporation. All rights reserved.
+# Copyright (c) Microsoft Corporation. # SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -205,6 +206,8 @@ [LibraryClasses] AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLib= Null.inf TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurem= entLibNull.inf VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ib.inf + VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Var= iablePolicyHelperLib.inf =20 [LibraryClasses.IA32.SEC] DebugLib|MdePkg/Library/BaseDebugLibNull/BaseDebugLibNull.inf @@ -252,6 +255,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAll= ocationLib.inf ReportStatusCodeLib|MdeModulePkg/Library/RuntimeDxeReportStatusCodeLib/R= untimeDxeReportStatusCodeLib.inf + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf =20 [LibraryClasses.common.UEFI_DRIVER,LibraryClasses.common.UEFI_APPLICATION] PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf --=20 2.26.2.windows.1.8.g01c50adf56.20200515075929 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#61594): https://edk2.groups.io/g/devel/message/61594 Mute This Topic: https://groups.io/mt/75057703/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat Apr 20 02:53:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+61585+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61585+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1592911133; cv=none; d=zohomail.com; s=zohoarc; b=QYPROrsqrw4K00I1uLa83DO8PmnANNL7fiTnoQKSwk03QGHVbtbrnSJG8gDvfytSb3DE5+w6HqL+CTMaDZYoER5tX+R4kh0WLbveTVA1R7pl6uWBVZaV7PD56aewznfmqkJE/Ii+BU4wMciYlad8kbcvvHxwD+HRHNgNCGCCBic= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1592911133; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=KHoF6kTJYsFvKkiLZNe7NdANPaqoQ/ZNUIGQgViEnaA=; b=ZRFn0vIwepozsO8uIMHKT2kxiTxuXINtaaNSbl+SzlrkyaNU/ETJKZpZ5rO3YnWGXcuNVZXBNMve2xxG4WDOXmUYyg7RFYeynbrCUnki/Dm4SaV4GnFXpqieMV2DbWOiT3C24iocwRNgygp+OjzHSL9nGAAEMzCH3nO5VP0q260= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61585+1787277+3901457@groups.io Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1592911133356281.8925667775188; Tue, 23 Jun 2020 04:18:53 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id slQ8YY1788612xvkcm4rfTdP; Tue, 23 Jun 2020 04:18:52 -0700 X-Received: from mail-pg1-f195.google.com (mail-pg1-f195.google.com [209.85.215.195]) by mx.groups.io with SMTP id smtpd.web10.1727.1592894703814344997 for ; Mon, 22 Jun 2020 23:45:03 -0700 X-Received: by mail-pg1-f195.google.com with SMTP id s10so9442867pgm.0 for ; Mon, 22 Jun 2020 23:45:03 -0700 (PDT) X-Gm-Message-State: sbcNn7S9hXOxM8WfFqJtLaoAx1787277AA= X-Google-Smtp-Source: ABdhPJxE3FEvuMnvRKYBLO4eUyr38iMHida9kEMkC00adjxEhliOB43O9Ji9J/UR0Bp2sIvF0d6HlQ== X-Received: by 2002:a63:481:: with SMTP id 123mr15039280pge.2.1592894702860; Mon, 22 Jun 2020 23:45:02 -0700 (PDT) X-Received: from localhost.localdomain (174-21-80-75.tukw.qwest.net. [174.21.80.75]) by smtp.gmail.com with ESMTPSA id d6sm1383818pjh.5.2020.06.22.23.45.01 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Jun 2020 23:45:02 -0700 (PDT) From: "Bret Barkelew" X-Google-Original-From: Bret Barkelew To: devel@edk2.groups.io Cc: Jian J Wang , Hao A Wu , Liming Gao Subject: [edk2-devel] [PATCH v6 09/14] MdeModulePkg: Connect VariablePolicy business logic to VariableServices Date: Mon, 22 Jun 2020 23:40:59 -0700 Message-Id: <20200623064104.1908-10-brbarkel@microsoft.com> In-Reply-To: <20200623064104.1908-1-brbarkel@microsoft.com> References: <20200623064104.1908-1-brbarkel@microsoft.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,bret@corthon.com Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1592911132; bh=Cm8ELJz7awhCvgJXCdQXyWcDw+iPJGp+aXrTi5GaRqw=; h=Cc:Date:From:Reply-To:Subject:To; b=gvklzh/lH3Rnmlta34Zxl7+Wi7xLcb/ke08CwuYvBXQj44hXOh155hJdHEamFcCUlAF bSDgNJm/1YVYPDztofufITv0+2L4hk8Fx/HfqXjaL3dAAwF0uucoBn7A8r1Ac5ttqB90u PsPknq5kumQcg54zx/JelkJEK1kZlZxj8zU= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" https://bugzilla.tianocore.org/show_bug.cgi?id=3D2522 VariablePolicy is an updated interface to replace VarLock and VarCheckProtocol. Add connective code to publish the VariablePolicy protocol and wire it to either the SMM communication interface or directly into the VariablePolicyLib business logic. Cc: Jian J Wang Cc: Hao A Wu Cc: Liming Gao Cc: Bret Barkelew Signed-off-by: Bret Barkelew --- MdeModulePkg/Universal/Variable/RuntimeDxe/VariableDxe.c | 53= ++ MdeModulePkg/Universal/Variable/RuntimeDxe/VariablePolicySmmDxe.c | 642= ++++++++++++++++++++ MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c | 14= + MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf | 2= + MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf | 3= + MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf | 10= + 6 files changed, 724 insertions(+) diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableDxe.c b/Mde= ModulePkg/Universal/Variable/RuntimeDxe/VariableDxe.c index 7d2b6c8e1fad..d404d4763e54 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableDxe.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableDxe.c @@ -5,18 +5,34 @@ Copyright (C) 2013, Red Hat, Inc. Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.
(C) Copyright 2015 Hewlett Packard Enterprise Development LP
+Copyright (c) Microsoft Corporation. SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ =20 #include "Variable.h" =20 +#include +#include + +EFI_STATUS +EFIAPI +ProtocolIsVariablePolicyEnabled ( + OUT BOOLEAN *State + ); + EFI_HANDLE mHandle =3D NULL; EFI_EVENT mVirtualAddressChangeEvent =3D NULL; VOID *mFtwRegistration =3D NULL; VOID ***mVarCheckAddressPointer =3D NULL; UINTN mVarCheckAddressPointerCount =3D 0; EDKII_VARIABLE_LOCK_PROTOCOL mVariableLock =3D { Varia= bleLockRequestToLock }; +EDKII_VARIABLE_POLICY_PROTOCOL mVariablePolicyProtocol =3D { EDKII= _VARIABLE_POLICY_PROTOCOL_REVISION, + Disabl= eVariablePolicy, + Protoc= olIsVariablePolicyEnabled, + Regist= erVariablePolicy, + DumpVa= riablePolicy, + LockVa= riablePolicy }; EDKII_VAR_CHECK_PROTOCOL mVarCheck =3D { VarCh= eckRegisterSetVariableCheckHandler, VarChe= ckVariablePropertySet, VarChe= ckVariablePropertyGet }; @@ -303,6 +319,8 @@ OnReadyToBoot ( } } =20 + ASSERT_EFI_ERROR (LockVariablePolicy ()); + gBS->CloseEvent (Event); } =20 @@ -466,6 +484,28 @@ FtwNotificationEvent ( } =20 =20 +/** + This API function returns whether or not the policy engine is + currently being enforced. + + @param[out] State Pointer to a return value for whether the poli= cy enforcement + is currently enabled. + + @retval EFI_SUCCESS + @retval Others An error has prevented this command from compl= eting. + +**/ +EFI_STATUS +EFIAPI +ProtocolIsVariablePolicyEnabled ( + OUT BOOLEAN *State + ) +{ + *State =3D IsVariablePolicyEnabled (); + return EFI_SUCCESS; +} + + /** Variable Driver main entry point. The Variable driver places the 4 EFI runtime services in the EFI System Table and installs arch protocols @@ -576,6 +616,19 @@ VariableServiceInitialize ( ); ASSERT_EFI_ERROR (Status); =20 + // Register and initialize the VariablePolicy engine. + Status =3D InitVariablePolicyLib (VariableServiceGetVariable); + ASSERT_EFI_ERROR (Status); + Status =3D VarCheckRegisterSetVariableCheckHandler (ValidateSetVariable); + ASSERT_EFI_ERROR (Status); + Status =3D gBS->InstallMultipleProtocolInterfaces ( + &mHandle, + &gEdkiiVariablePolicyProtocolGuid, + &mVariablePolicyProtocol, + NULL + ); + ASSERT_EFI_ERROR (Status); + return EFI_SUCCESS; } =20 diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariablePolicySmmDx= e.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariablePolicySmmDxe.c new file mode 100644 index 000000000000..e2d4cf4cec1a --- /dev/null +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariablePolicySmmDxe.c @@ -0,0 +1,642 @@ +/** @file -- VariablePolicySmmDxe.c +This protocol allows communication with Variable Policy Engine. + +Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include +#include +#include +#include +#include +#include + +#include +#include + +#include + +#include "Variable.h" + +EDKII_VARIABLE_POLICY_PROTOCOL mVariablePolicyProtocol; +EFI_MM_COMMUNICATION2_PROTOCOL *mMmCommunication; + +VOID *mMmCommunicationBuffer; +UINTN mMmCommunicationBufferSize; +EFI_LOCK mMmCommunicationLock; + +/** + Internal helper function to consolidate communication method. + + @param[in,out] CommBuffer + @param[in,out] CommSize Size of the CommBuffer. + + @retval EFI_STATUS Result from communication method. + +**/ +STATIC +EFI_STATUS +InternalMmCommunicate ( + IN OUT VOID *CommBuffer, + IN OUT UINTN *CommSize + ) +{ + EFI_STATUS Status; + if (CommBuffer =3D=3D NULL || CommSize =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + Status =3D mMmCommunication->Communicate (mMmCommunication, CommBuffer, = CommBuffer, CommSize); + return Status; +} + + +/** + This API function disables the variable policy enforcement. If it's + already been called once, will return EFI_ALREADY_STARTED. + + @retval EFI_SUCCESS + @retval EFI_ALREADY_STARTED Has already been called once this boot. + @retval EFI_WRITE_PROTECTED Interface has been locked until reboot. + @retval EFI_WRITE_PROTECTED Interface option is disabled by platfo= rm PCD. + +**/ +STATIC +EFI_STATUS +EFIAPI +ProtocolDisableVariablePolicy ( + VOID + ) +{ + EFI_STATUS Status; + EFI_MM_COMMUNICATE_HEADER *CommHeader; + VAR_CHECK_POLICY_COMM_HEADER *PolicyHeader; + UINTN BufferSize; + + // Check the PCD for convenience. + // This would also be rejected by the lib, but why go to MM if we don't = have to? + if (!PcdGetBool (PcdAllowVariablePolicyEnforcementDisable)) { + return EFI_WRITE_PROTECTED; + } + + AcquireLockOnlyAtBootTime (&mMmCommunicationLock); + + // Set up the MM communication. + BufferSize =3D mMmCommunicationBufferSize; + CommHeader =3D mMmCommunicationBuffer; + PolicyHeader =3D (VAR_CHECK_POLICY_COMM_HEADER*)&CommHeader->Data; + CopyGuid( &CommHeader->HeaderGuid, &gVarCheckPolicyLibMmiHandlerGuid ); + CommHeader->MessageLength =3D BufferSize; + PolicyHeader->Signature =3D VAR_CHECK_POLICY_COMM_SIG; + PolicyHeader->Revision =3D VAR_CHECK_POLICY_COMM_REVISION; + PolicyHeader->Command =3D VAR_CHECK_POLICY_COMMAND_DISABLE; + + Status =3D InternalMmCommunicate (CommHeader, &BufferSize); + DEBUG(( DEBUG_VERBOSE, "%a - MmCommunication returned %r.\n", __FUNCTION= __, Status )); + + ReleaseLockOnlyAtBootTime (&mMmCommunicationLock); + + return (EFI_ERROR( Status )) ? Status : PolicyHeader->Result; +} + + +/** + This API function returns whether or not the policy engine is + currently being enforced. + + @param[out] State Pointer to a return value for whether the poli= cy enforcement + is currently enabled. + + @retval EFI_SUCCESS + @retval Others An error has prevented this command from compl= eting. + +**/ +STATIC +EFI_STATUS +EFIAPI +ProtocolIsVariablePolicyEnabled ( + OUT BOOLEAN *State + ) +{ + EFI_STATUS Status; + EFI_MM_COMMUNICATE_HEADER *CommHeader; + VAR_CHECK_POLICY_COMM_HEADER *PolicyHeader; + VAR_CHECK_POLICY_COMM_IS_ENABLED_PARAMS *CommandParams; + UINTN BufferSize; + + if (State =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + + AcquireLockOnlyAtBootTime (&mMmCommunicationLock); + + // Set up the MM communication. + BufferSize =3D mMmCommunicationBufferSize; + CommHeader =3D mMmCommunicationBuffer; + PolicyHeader =3D (VAR_CHECK_POLICY_COMM_HEADER*)&CommHeader->Data; + CommandParams =3D (VAR_CHECK_POLICY_COMM_IS_ENABLED_PARAMS*)(PolicyHeade= r + 1); + CopyGuid( &CommHeader->HeaderGuid, &gVarCheckPolicyLibMmiHandlerGuid ); + CommHeader->MessageLength =3D BufferSize; + PolicyHeader->Signature =3D VAR_CHECK_POLICY_COMM_SIG; + PolicyHeader->Revision =3D VAR_CHECK_POLICY_COMM_REVISION; + PolicyHeader->Command =3D VAR_CHECK_POLICY_COMMAND_IS_ENABLED; + + Status =3D InternalMmCommunicate (CommHeader, &BufferSize); + DEBUG(( DEBUG_VERBOSE, "%a - MmCommunication returned %r.\n", __FUNCTION= __, Status )); + + if (!EFI_ERROR( Status )) { + Status =3D PolicyHeader->Result; + *State =3D CommandParams->State; + } + + ReleaseLockOnlyAtBootTime (&mMmCommunicationLock); + + return Status; +} + + +/** + This API function validates and registers a new policy with + the policy enforcement engine. + + @param[in] NewPolicy Pointer to the incoming policy structure. + + @retval EFI_SUCCESS + @retval EFI_INVALID_PARAMETER NewPolicy is NULL or is internally i= nconsistent. + @retval EFI_ALREADY_STARTED An identical matching policy already= exists. + @retval EFI_WRITE_PROTECTED The interface has been locked until = the next reboot. + @retval EFI_UNSUPPORTED Policy enforcement has been disabled= . No reason to add more policies. + @retval EFI_ABORTED A calculation error has prevented th= is function from completing. + @retval EFI_OUT_OF_RESOURCES Cannot grow the table to hold any mo= re policies. + +**/ +STATIC +EFI_STATUS +EFIAPI +ProtocolRegisterVariablePolicy ( + IN CONST VARIABLE_POLICY_ENTRY *NewPolicy + ) +{ + EFI_STATUS Status; + EFI_MM_COMMUNICATE_HEADER *CommHeader; + VAR_CHECK_POLICY_COMM_HEADER *PolicyHeader; + VOID *PolicyBuffer; + UINTN BufferSize; + UINTN RequiredSize; + + if (NewPolicy =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + + // First, make sure that the required size does not exceed the capabilit= ies + // of the MmCommunication buffer. + RequiredSize =3D OFFSET_OF(EFI_MM_COMMUNICATE_HEADER, Data) + sizeof(VAR= _CHECK_POLICY_COMM_HEADER); + Status =3D SafeUintnAdd( RequiredSize, NewPolicy->Size, &RequiredSize ); + if (EFI_ERROR( Status ) || RequiredSize > mMmCommunicationBufferSize) { + DEBUG(( DEBUG_ERROR, "%a - Policy too large for buffer! %r, %d > %d \n= ", __FUNCTION__, + Status, RequiredSize, mMmCommunicationBufferSize )); + return EFI_OUT_OF_RESOURCES; + } + + AcquireLockOnlyAtBootTime (&mMmCommunicationLock); + + // Set up the MM communication. + BufferSize =3D mMmCommunicationBufferSize; + CommHeader =3D mMmCommunicationBuffer; + PolicyHeader =3D (VAR_CHECK_POLICY_COMM_HEADER*)&CommHeader->Data; + PolicyBuffer =3D (VOID*)(PolicyHeader + 1); + CopyGuid( &CommHeader->HeaderGuid, &gVarCheckPolicyLibMmiHandlerGuid ); + CommHeader->MessageLength =3D BufferSize; + PolicyHeader->Signature =3D VAR_CHECK_POLICY_COMM_SIG; + PolicyHeader->Revision =3D VAR_CHECK_POLICY_COMM_REVISION; + PolicyHeader->Command =3D VAR_CHECK_POLICY_COMMAND_REGISTER; + + // Copy the policy into place. This copy is safe because we've already t= ested above. + CopyMem( PolicyBuffer, NewPolicy, NewPolicy->Size ); + + Status =3D InternalMmCommunicate (CommHeader, &BufferSize); + DEBUG(( DEBUG_VERBOSE, "%a - MmCommunication returned %r.\n", __FUNCTION= __, Status )); + + ReleaseLockOnlyAtBootTime (&mMmCommunicationLock); + + return (EFI_ERROR( Status )) ? Status : PolicyHeader->Result; +} + + +/** + This helper function takes care of the overhead of formatting, sending, = and interpreting + the results for a single DumpVariablePolicy request. + + @param[in] PageRequested The page of the paginated results from M= M. 0 for metadata. + @param[out] TotalSize The total size of the entire buffer. Ret= urned as part of metadata. + @param[out] PageSize The size of the current page being retur= ned. Not valid as part of metadata. + @param[out] HasMore A flag indicating whether there are more= pages after this one. + @param[out] Buffer The start of the current page from MM. + + @retval EFI_SUCCESS Output params have been updated (eit= her metadata or dump page). + @retval EFI_INVALID_PARAMETER One of the output params is NULL. + @retval Others Response from MM handler. + +**/ +STATIC +EFI_STATUS +DumpVariablePolicyHelper ( + IN UINT32 PageRequested, + OUT UINT32 *TotalSize, + OUT UINT32 *PageSize, + OUT BOOLEAN *HasMore, + OUT UINT8 **Buffer + ) +{ + EFI_STATUS Status; + EFI_MM_COMMUNICATE_HEADER *CommHeader; + VAR_CHECK_POLICY_COMM_HEADER *PolicyHeader; + VAR_CHECK_POLICY_COMM_DUMP_PARAMS *CommandParams; + UINTN BufferSize; + + if (TotalSize =3D=3D NULL || PageSize =3D=3D NULL || HasMore =3D=3D NULL= || Buffer =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + + // Set up the MM communication. + BufferSize =3D mMmCommunicationBufferSize; + CommHeader =3D mMmCommunicationBuffer; + PolicyHeader =3D (VAR_CHECK_POLICY_COMM_HEADER*)&CommHeader->Data; + CommandParams =3D (VAR_CHECK_POLICY_COMM_DUMP_PARAMS*)(PolicyHeader + 1); + CopyGuid( &CommHeader->HeaderGuid, &gVarCheckPolicyLibMmiHandlerGuid ); + CommHeader->MessageLength =3D BufferSize; + PolicyHeader->Signature =3D VAR_CHECK_POLICY_COMM_SIG; + PolicyHeader->Revision =3D VAR_CHECK_POLICY_COMM_REVISION; + PolicyHeader->Command =3D VAR_CHECK_POLICY_COMMAND_DUMP; + + CommandParams->PageRequested =3D PageRequested; + + Status =3D InternalMmCommunicate (CommHeader, &BufferSize); + DEBUG(( DEBUG_VERBOSE, "%a - MmCommunication returned %r.\n", __FUNCTION= __, Status )); + + if (!EFI_ERROR( Status )) { + Status =3D PolicyHeader->Result; + *TotalSize =3D CommandParams->TotalSize; + *PageSize =3D CommandParams->PageSize; + *HasMore =3D CommandParams->HasMore; + *Buffer =3D (UINT8*)(CommandParams + 1); + } + + return Status; +} + + +/** + This API function will dump the entire contents of the variable policy t= able. + + Similar to GetVariable, the first call can be made with a 0 size and it = will return + the size of the buffer required to hold the entire table. + + @param[out] Policy Pointer to the policy buffer. Can be NULL if Siz= e is 0. + @param[in,out] Size On input, the size of the output buffer. On outp= ut, the size + of the data returned. + + @retval EFI_SUCCESS Policy data is in the output buffer = and Size has been updated. + @retval EFI_INVALID_PARAMETER Size is NULL, or Size is non-zero an= d Policy is NULL. + @retval EFI_BUFFER_TOO_SMALL Size is insufficient to hold policy.= Size updated with required size. + +**/ +STATIC +EFI_STATUS +EFIAPI +ProtocolDumpVariablePolicy ( + OUT UINT8 *Policy OPTIONAL, + IN OUT UINT32 *Size + ) +{ + EFI_STATUS Status; + UINT8 *Source; + UINT8 *Destination; + UINT32 PolicySize; + UINT32 PageSize; + BOOLEAN HasMore; + UINT32 PageIndex; + + if (Size =3D=3D NULL || (*Size > 0 && Policy =3D=3D NULL)) { + return EFI_INVALID_PARAMETER; + } + + AcquireLockOnlyAtBootTime (&mMmCommunicationLock); + + // Repeat this whole process until we either have a failure case or get = the entire buffer. + do { + // First, we must check the zero page to determine the buffer size and + // reset the internal state. + PolicySize =3D 0; + PageSize =3D 0; + HasMore =3D FALSE; + Status =3D DumpVariablePolicyHelper (0, &PolicySize, &PageSize, &HasMo= re, &Source); + if (EFI_ERROR (Status)) { + break; + } + + // If we're good, we can at least check the required size now. + if (*Size < PolicySize) { + *Size =3D PolicySize; + Status =3D EFI_BUFFER_TOO_SMALL; + break; + } + + // On further thought, let's update the size either way. + *Size =3D PolicySize; + // And get ready to ROCK. + Destination =3D Policy; + + // Keep looping and copying until we're either done or freak out. + for (PageIndex =3D 1; !EFI_ERROR (Status) && HasMore && PageIndex < MA= X_UINT32; PageIndex++) { + Status =3D DumpVariablePolicyHelper (PageIndex, &PolicySize, &PageSi= ze, &HasMore, &Source); + if (!EFI_ERROR (Status)) { + CopyMem (Destination, Source, PageSize); + Destination +=3D PageSize; + } + } + + // Next, we check to see whether + } while (Status =3D=3D EFI_TIMEOUT); + + ReleaseLockOnlyAtBootTime (&mMmCommunicationLock); + + // There's currently no use for this, but it shouldn't be hard to implem= ent. + return Status; +} + + +/** + This API function locks the interface so that no more policy updates + can be performed or changes made to the enforcement until the next boot. + + @retval EFI_SUCCESS + @retval Others An error has prevented this command from compl= eting. + +**/ +STATIC +EFI_STATUS +EFIAPI +ProtocolLockVariablePolicy ( + VOID + ) +{ + EFI_STATUS Status; + EFI_MM_COMMUNICATE_HEADER *CommHeader; + VAR_CHECK_POLICY_COMM_HEADER *PolicyHeader; + UINTN BufferSize; + + AcquireLockOnlyAtBootTime (&mMmCommunicationLock); + + // Set up the MM communication. + BufferSize =3D mMmCommunicationBufferSize; + CommHeader =3D mMmCommunicationBuffer; + PolicyHeader =3D (VAR_CHECK_POLICY_COMM_HEADER*)&CommHeader->Data; + CopyGuid( &CommHeader->HeaderGuid, &gVarCheckPolicyLibMmiHandlerGuid ); + CommHeader->MessageLength =3D BufferSize; + PolicyHeader->Signature =3D VAR_CHECK_POLICY_COMM_SIG; + PolicyHeader->Revision =3D VAR_CHECK_POLICY_COMM_REVISION; + PolicyHeader->Command =3D VAR_CHECK_POLICY_COMMAND_LOCK; + + Status =3D InternalMmCommunicate (CommHeader, &BufferSize); + DEBUG(( DEBUG_VERBOSE, "%a - MmCommunication returned %r.\n", __FUNCTION= __, Status )); + + ReleaseLockOnlyAtBootTime (&mMmCommunicationLock); + + return (EFI_ERROR( Status )) ? Status : PolicyHeader->Result; +} + + +/** + This helper function locates the shared comm buffer and assigns it to in= put pointers. + + @param[in,out] BufferSize On input, the minimum buffer size requir= ed INCLUDING the MM communicate header. + On output, the size of the matching buff= er found. + @param[out] LocatedBuffer A pointer to the matching buffer. + + @retval EFI_SUCCESS + @retval EFI_INVALID_PARAMETER One of the output pointers was NULL. + @retval EFI_OUT_OF_RESOURCES Not enough memory to allocate a comm= buffer. + +**/ +STATIC +EFI_STATUS +InitMmCommonCommBuffer ( + IN OUT UINTN *BufferSize, + OUT VOID **LocatedBuffer + ) +{ + EFI_STATUS Status; + + Status =3D EFI_SUCCESS; + + // Make sure that we're working with good pointers. + if (BufferSize =3D=3D NULL || LocatedBuffer =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + + // Allocate the runtime memory for the comm buffer. + *LocatedBuffer =3D AllocateRuntimePool (*BufferSize); + if (*LocatedBuffer =3D=3D NULL) { + Status =3D EFI_OUT_OF_RESOURCES; + *BufferSize =3D 0; + } + + EfiInitializeLock (&mMmCommunicationLock, TPL_NOTIFY); + + return Status; +} + + +/** + This helper is responsible for telemetry and any other actions that + need to be taken if the VariablePolicy fails to lock. + + NOTE: It's possible that parts of this handling will need to become + part of a platform policy. + + @param[in] FailureStatus The failure that was reported by LockVariabl= ePolicy + +**/ +STATIC +VOID +VariablePolicyHandleFailureToLock ( + IN EFI_STATUS FailureStatus + ) +{ + // For now, there's no agreed-upon policy for this. + return; +} + + +/** + ReadyToBoot Callback + Lock the VariablePolicy interface if it hasn't already been locked. + + @param[in] Event Event whose notification function is being invoked + @param[in] Context Pointer to the notification function's context + +**/ +STATIC +VOID +EFIAPI +LockPolicyInterfaceAtReadyToBoot ( + IN EFI_EVENT Event, + IN VOID *Context + ) +{ + EFI_STATUS Status; + + Status =3D ProtocolLockVariablePolicy(); + + if (EFI_ERROR( Status )) { + VariablePolicyHandleFailureToLock( Status ); + } + else { + gBS->CloseEvent( Event ); + } + +} + + +/** + Convert internal pointer addresses to virtual addresses. + + @param[in] Event Event whose notification function is being invoked. + @param[in] Context The pointer to the notification function's context= , which + is implementation-dependent. +**/ +STATIC +VOID +EFIAPI +VariablePolicyVirtualAddressCallback ( + IN EFI_EVENT Event, + IN VOID *Context + ) +{ + EfiConvertPointer (0, (VOID **)&mMmCommunication); + EfiConvertPointer (0, (VOID **)&mMmCommunicationBuffer); +} + + +/** + The driver's entry point. + + @param[in] ImageHandle The firmware allocated handle for the EFI image. + @param[in] SystemTable A pointer to the EFI System Table. + + @retval EFI_SUCCESS The entry point executed successfully. + @retval other Some error occured when executing this entry poi= nt. + +**/ +EFI_STATUS +EFIAPI +VariablePolicySmmDxeMain ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable + ) +{ + EFI_STATUS Status; + BOOLEAN ProtocolInstalled; + BOOLEAN CallbackRegistered; + BOOLEAN VirtualAddressChangeRegistered; + EFI_EVENT ReadyToBootEvent; + EFI_EVENT VirtualAddressChangeEvent; + + Status =3D EFI_SUCCESS; + ProtocolInstalled =3D FALSE; + CallbackRegistered =3D FALSE; + VirtualAddressChangeRegistered =3D FALSE; + + // Update the minimum buffer size. + mMmCommunicationBufferSize =3D VAR_CHECK_POLICY_MM_COMM_BUFFER_SIZE; + // Locate the shared comm buffer to use for sending MM commands. + Status =3D InitMmCommonCommBuffer( &mMmCommunicationBufferSize, &mMmComm= unicationBuffer ); + if (EFI_ERROR( Status )) { + DEBUG((DEBUG_ERROR, "%a - Failed to locate a viable MM comm buffer! %r= \n", __FUNCTION__, Status)); + ASSERT_EFI_ERROR( Status ); + return Status; + } + + // Locate the MmCommunication protocol. + Status =3D gBS->LocateProtocol( &gEfiMmCommunication2ProtocolGuid, NULL,= (VOID**)&mMmCommunication ); + if (EFI_ERROR( Status )) { + DEBUG((DEBUG_ERROR, "%a - Failed to locate MmCommunication protocol! %= r\n", __FUNCTION__, Status)); + ASSERT_EFI_ERROR( Status ); + return Status; + } + + // Configure the VariablePolicy protocol structure. + mVariablePolicyProtocol.Revision =3D EDKII_VARIABLE_POLIC= Y_PROTOCOL_REVISION; + mVariablePolicyProtocol.DisableVariablePolicy =3D ProtocolDisableVaria= blePolicy; + mVariablePolicyProtocol.IsVariablePolicyEnabled =3D ProtocolIsVariablePo= licyEnabled; + mVariablePolicyProtocol.RegisterVariablePolicy =3D ProtocolRegisterVari= ablePolicy; + mVariablePolicyProtocol.DumpVariablePolicy =3D ProtocolDumpVariable= Policy; + mVariablePolicyProtocol.LockVariablePolicy =3D ProtocolLockVariable= Policy; + + // Register all the protocols and return the status. + Status =3D gBS->InstallMultipleProtocolInterfaces( &ImageHandle, + &gEdkiiVariablePolicyPr= otocolGuid, &mVariablePolicyProtocol, + NULL ); + if (EFI_ERROR( Status )) { + DEBUG(( DEBUG_ERROR, "%a - Failed to install protocol! %r\n", __FUNCTI= ON__, Status )); + goto Exit; + } + else { + ProtocolInstalled =3D TRUE; + } + + // + // Register a callback for ReadyToBoot so that the interface is at least= locked before + // dispatching any bootloaders or UEFI apps. + Status =3D gBS->CreateEventEx( EVT_NOTIFY_SIGNAL, + TPL_CALLBACK, + LockPolicyInterfaceAtReadyToBoot, + NULL, + &gEfiEventReadyToBootGuid, + &ReadyToBootEvent ); + if (EFI_ERROR( Status )) { + DEBUG(( DEBUG_ERROR, "%a - Failed to create ReadyToBoot event! %r\n", = __FUNCTION__, Status )); + goto Exit; + } + else { + CallbackRegistered =3D TRUE; + } + + // + // Register a VirtualAddressChange callback for the MmComm protocol and = Comm buffer. + Status =3D gBS->CreateEventEx (EVT_NOTIFY_SIGNAL, + TPL_NOTIFY, + VariablePolicyVirtualAddressCallback, + NULL, + &gEfiEventVirtualAddressChangeGuid, + &VirtualAddressChangeEvent); + if (EFI_ERROR( Status )) { + DEBUG(( DEBUG_ERROR, "%a - Failed to create VirtualAddressChange event= ! %r\n", __FUNCTION__, Status )); + goto Exit; + } + else { + VirtualAddressChangeRegistered =3D TRUE; + } + + +Exit: + // + // If we're about to return a failed status (and unload this driver), we= must first undo anything that + // has been successfully done. + if (EFI_ERROR( Status )) { + if (ProtocolInstalled) { + gBS->UninstallProtocolInterface( &ImageHandle, &gEdkiiVariablePolicy= ProtocolGuid, &mVariablePolicyProtocol ); + } + if (CallbackRegistered) { + gBS->CloseEvent( ReadyToBootEvent ); + } + if (VirtualAddressChangeRegistered) { + gBS->CloseEvent( VirtualAddressChangeEvent ); + } + } + + return Status; +} diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeD= xe.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c index 663a1aaa128f..c47e614d81f4 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c @@ -65,6 +65,17 @@ EFI_LOCK mVariableServicesLock; EDKII_VARIABLE_LOCK_PROTOCOL mVariableLock; EDKII_VAR_CHECK_PROTOCOL mVarCheck; =20 +/** + The logic to initialize the VariablePolicy engine is in its own file. + +**/ +EFI_STATUS +EFIAPI +VariablePolicySmmDxeMain ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable + ); + /** Some Secure Boot Policy Variable may update following other variable cha= nges(SecureBoot follows PK change, etc). Record their initial State when variable write service is ready. @@ -1796,6 +1807,9 @@ VariableSmmRuntimeInitialize ( &mVirtualAddressChangeEvent ); =20 + // Initialize the VariablePolicy protocol and engine. + VariablePolicySmmDxeMain (ImageHandle, SystemTable); + return EFI_SUCCESS; } =20 diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.= inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf index ceea5d1ff9ac..48ac167906f7 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf @@ -10,6 +10,7 @@ # buffer overflow or integer overflow. # # Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.
+# Copyright (c) Microsoft Corporation. # SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -69,6 +70,7 @@ [LibraryClasses] TpmMeasurementLib AuthVariableLib VarCheckLib + VariablePolicyLib =20 [Protocols] gEfiFirmwareVolumeBlockProtocolGuid ## CONSUMES diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf b/M= deModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf index bc3033588d40..bbc8d2080193 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf @@ -19,6 +19,7 @@ # the authentication service provided in this driver will be broken, and = the behavior is undefined. # # Copyright (c) 2010 - 2019, Intel Corporation. All rights reserved.
+# Copyright (c) Microsoft Corporation. # SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -78,6 +79,8 @@ [LibraryClasses] AuthVariableLib VarCheckLib UefiBootServicesTableLib + VariablePolicyLib + VariablePolicyHelperLib =20 [Protocols] gEfiSmmFirmwareVolumeBlockProtocolGuid ## CONSUMES diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeD= xe.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.i= nf index 01564e4c5068..f217530b2985 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf @@ -14,6 +14,7 @@ # the authentication service provided in this driver will be broken, and = the behavior is undefined. # # Copyright (c) 2010 - 2019, Intel Corporation. All rights reserved.
+# Copyright (c) Microsoft Corporation.
# SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -42,6 +43,7 @@ [Sources] VariableParsing.c VariableParsing.h Variable.h + VariablePolicySmmDxe.c =20 [Packages] MdePkg/MdePkg.dec @@ -56,6 +58,8 @@ [LibraryClasses] DxeServicesTableLib UefiDriverEntryPoint TpmMeasurementLib + SafeIntLib + PcdLib =20 [Protocols] gEfiVariableWriteArchProtocolGuid ## PRODUCES @@ -67,11 +71,15 @@ [Protocols] gEfiSmmVariableProtocolGuid gEdkiiVariableLockProtocolGuid ## PRODUCES gEdkiiVarCheckProtocolGuid ## PRODUCES + gEdkiiVariablePolicyProtocolGuid ## PRODUCES =20 [FeaturePcd] gEfiMdeModulePkgTokenSpaceGuid.PcdEnableVariableRuntimeCache #= # CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics #= # CONSUMES =20 +[Pcd] + gEfiMdeModulePkgTokenSpaceGuid.PcdAllowVariablePolicyEnforcementDisable = ## CONSUMES + [Guids] ## PRODUCES ## GUID # Signature of Variable store header ## CONSUMES ## GUID # Signature of Variable store header @@ -99,6 +107,8 @@ [Guids] ## SOMETIMES_CONSUMES ## Variable:L"dbt" gEfiImageSecurityDatabaseGuid =20 + gVarCheckPolicyLibMmiHandlerGuid + [Depex] gEfiMmCommunication2ProtocolGuid =20 --=20 2.26.2.windows.1.8.g01c50adf56.20200515075929 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#61585): https://edk2.groups.io/g/devel/message/61585 Mute This Topic: https://groups.io/mt/75057694/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat Apr 20 02:53:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+61586+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61586+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1592911128; cv=none; d=zohomail.com; s=zohoarc; b=bOo3xJn80XHHkV1EPNJXUoW2te+HEShP6EOU1jq5GX+7mCbMcCzQzbG8RJx0PAl9qNZkaEL20HCH5dh6/jbiXJZNQahT5aOOCvMlHTjXmTePAQ8urP7/46P2DHqNtY4F/a8YKh5LM/kww5gEOtjOFHYH0w0qiNskypfenz6sXAo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1592911128; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=EUlu4AVZ8is33jomzVBC8djzpbGTNYepSyQq9ZsqT88=; b=fWGpCp4w5lpuzBDxQD9P590v/Q7rpQGa5hsMJBrKBnj2zsGphPi3JAFCy6F/owbGMlD6O/NJ2YvB3yeVqijecr8vcVipES0fbmexdHjudpZkljvDAobhKEN+wPckTRaFvnmFxG1vuw6QtBRCVEg7LOHKoOvmpnDsYd+rRz2P30c= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61586+1787277+3901457@groups.io Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1592911128087597.8286494735547; Tue, 23 Jun 2020 04:18:48 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id hjXEYY1788612xNr79CybMad; Tue, 23 Jun 2020 04:18:47 -0700 X-Received: from mail-pj1-f65.google.com (mail-pj1-f65.google.com [209.85.216.65]) by mx.groups.io with SMTP id smtpd.web10.1728.1592894704325537164 for ; Mon, 22 Jun 2020 23:45:04 -0700 X-Received: by mail-pj1-f65.google.com with SMTP id ga6so1062064pjb.1 for ; Mon, 22 Jun 2020 23:45:04 -0700 (PDT) X-Gm-Message-State: d7EP0mSMkMrASHGaYdjy7SeDx1787277AA= X-Google-Smtp-Source: ABdhPJwVvG8T/7KSBZBy2RGqfRzUS+MKkALmwJhur0gq7o202kbWLwQamE+FLTbGOgGqMcGnSuLKew== X-Received: by 2002:a17:902:ba81:: with SMTP id k1mr22915966pls.218.1592894703649; Mon, 22 Jun 2020 23:45:03 -0700 (PDT) X-Received: from localhost.localdomain (174-21-80-75.tukw.qwest.net. [174.21.80.75]) by smtp.gmail.com with ESMTPSA id d6sm1383818pjh.5.2020.06.22.23.45.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Jun 2020 23:45:03 -0700 (PDT) From: "Bret Barkelew" X-Google-Original-From: Bret Barkelew To: devel@edk2.groups.io Cc: Jian J Wang , Hao A Wu , Liming Gao Subject: [edk2-devel] [PATCH v6 10/14] MdeModulePkg: Allow VariablePolicy state to delete protected variables Date: Mon, 22 Jun 2020 23:41:00 -0700 Message-Id: <20200623064104.1908-11-brbarkel@microsoft.com> In-Reply-To: <20200623064104.1908-1-brbarkel@microsoft.com> References: <20200623064104.1908-1-brbarkel@microsoft.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,bret@corthon.com Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1592911127; bh=JFhjMMycgybNz+39KOoKGIEJPCW+owns7m1bBOm9//g=; h=Cc:Date:From:Reply-To:Subject:To; b=SANB60BoXwL6p0MxgB16tDn8H+c+g276wYP93706GdGt5zqun0yvsuchj4ByngZK7o9 NxHhf2fI0y06BKo9BP8iRbY/4IbTjcDyV0vjYQfmoaMesCj6ihJcfveJ62AxfVIVSzCkJ zV/gk7ZH1zkKx9rrXdbFxvYNSUtwAhcYJoo= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" https://bugzilla.tianocore.org/show_bug.cgi?id=3D2522 TcgMorLockSmm provides special protections for the TCG MOR variables. This will check IsVariablePolicyEnabled() before enforcing them to allow variable deletion when policy engine is disabled. Only allows deletion, not modification. Cc: Jian J Wang Cc: Hao A Wu Cc: Liming Gao Cc: Bret Barkelew Signed-off-by: Bret Barkelew --- MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c | 10 += +++++++++ MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf | 2 ++ 2 files changed, 12 insertions(+) diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c b/M= deModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c index 6d80eb64341a..085f82035f4b 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c @@ -5,6 +5,7 @@ This module adds Variable Hook and check MemoryOverwriteRequestControlLo= ck. =20 Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation. SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ @@ -17,6 +18,10 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include "Variable.h" =20 +#include + +#include + typedef struct { CHAR16 *VariableName; EFI_GUID *VendorGuid; @@ -341,6 +346,11 @@ SetVariableCheckHandlerMor ( return EFI_SUCCESS; } =20 + // Permit deletion when policy is disabled. + if (!IsVariablePolicyEnabled() && ((Attributes =3D=3D 0) || (DataSize = =3D=3D 0))) { + return EFI_SUCCESS; + } + // // MorLock variable // diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneM= m.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf index 6e17f6cdf588..d8f480be27cc 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf @@ -20,6 +20,7 @@ # # Copyright (c) 2010 - 2019, Intel Corporation. All rights reserved.
# Copyright (c) 2018, Linaro, Ltd. All rights reserved.
+# Copyright (c) Microsoft Corporation. # SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -74,6 +75,7 @@ [LibraryClasses] StandaloneMmDriverEntryPoint SynchronizationLib VarCheckLib + VariablePolicyLib =20 [Protocols] gEfiSmmFirmwareVolumeBlockProtocolGuid ## CONSUMES --=20 2.26.2.windows.1.8.g01c50adf56.20200515075929 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#61586): https://edk2.groups.io/g/devel/message/61586 Mute This Topic: https://groups.io/mt/75057695/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat Apr 20 02:53:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+61597+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61597+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1592911147; cv=none; d=zohomail.com; s=zohoarc; b=FK8JZ5Vtcc5nq4MCYINK71ugQk8j/eAMx3ISw+SvglIgpzf6st34e+YlrKBr0sroZYJ91Tu0JV6zD318OCCQhLgaAFANGmiEYnDGmFQq1seCbi+Ain/jnWQQOTJxuY6GaCN5oLEWfu8IEYm7CHGtZNWcu/dd3BNd8OC33KDDLlI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1592911147; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=OS0gZHh0x+Ts+2o0aMs5MB9Q2FytbHZ/i/CCSpSigZk=; b=Plyb4WWD29DtjUQePL+rAUylQ/258wZJZSH5SkPwGZnclUBJnrUt82ePJtqOsBSKEZNmCGJO0AUjeg8gXUHj6hhj9886WdJMb6kuWY721BSusS34agEnqzsTKeDceHCNB9A/1nKayklLD/3yqyOyEVp2ZogXkH6U96cIez7lgKM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61597+1787277+3901457@groups.io Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1592911147565307.8735827586921; Tue, 23 Jun 2020 04:19:07 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id Dv3fYY1788612xWKyhfpsE9j; Tue, 23 Jun 2020 04:19:07 -0700 X-Received: from mail-pl1-f196.google.com (mail-pl1-f196.google.com [209.85.214.196]) by mx.groups.io with SMTP id smtpd.web12.1799.1592894705234590671 for ; Mon, 22 Jun 2020 23:45:05 -0700 X-Received: by mail-pl1-f196.google.com with SMTP id 35so8723829ple.0 for ; Mon, 22 Jun 2020 23:45:05 -0700 (PDT) X-Gm-Message-State: ssGugK3wdHqdJ7uhbeDlUnppx1787277AA= X-Google-Smtp-Source: ABdhPJyhFTL0Q07FBdN4/9FLksVJWbPb6m8eWUzs27T6cvpU4muaAOGooeNs6xSO7Fqv7nQjZ89cfA== X-Received: by 2002:a17:902:201:: with SMTP id 1mr23184018plc.195.1592894704608; Mon, 22 Jun 2020 23:45:04 -0700 (PDT) X-Received: from localhost.localdomain (174-21-80-75.tukw.qwest.net. [174.21.80.75]) by smtp.gmail.com with ESMTPSA id d6sm1383818pjh.5.2020.06.22.23.45.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Jun 2020 23:45:04 -0700 (PDT) From: "Bret Barkelew" X-Google-Original-From: Bret Barkelew To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Chao Zhang Subject: [edk2-devel] [PATCH v6 11/14] SecurityPkg: Allow VariablePolicy state to delete authenticated variables Date: Mon, 22 Jun 2020 23:41:01 -0700 Message-Id: <20200623064104.1908-12-brbarkel@microsoft.com> In-Reply-To: <20200623064104.1908-1-brbarkel@microsoft.com> References: <20200623064104.1908-1-brbarkel@microsoft.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,bret@corthon.com Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1592911147; bh=MaJ3R7FCOjhR55rhFDeqYeNa1Fhyx9Imo8fZ+qEY6Do=; h=Cc:Date:From:Reply-To:Subject:To; b=oWWXaWoXEjQczoNBBL/zEyTe7Bc1Z1tfuYftivSBIWfn+GcY4ZgwNmJ71/SNu2WNJ2T 6xjotm4OSjqRQVI+fvE1ozScRA96/VSCtgZDKcg6R8sfR9lYYqFakRFdO2ZzrUEpwYZi7 4gEXDMjxvWsxxCFA83jpTUwBbbiOgi21lps= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" https://bugzilla.tianocore.org/show_bug.cgi?id=3D2522 Causes AuthService to check IsVariablePolicyEnabled() before enforcing write protections to allow variable deletion when policy engine is disabled. Only allows deletion, not modification. Cc: Jiewen Yao Cc: Jian J Wang Cc: Chao Zhang Cc: Bret Barkelew Signed-off-by: Bret Barkelew --- SecurityPkg/Library/AuthVariableLib/AuthService.c | 22 +++++++++++++= +++---- SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf | 2 ++ 2 files changed, 20 insertions(+), 4 deletions(-) diff --git a/SecurityPkg/Library/AuthVariableLib/AuthService.c b/SecurityPk= g/Library/AuthVariableLib/AuthService.c index 2f60331f2c04..aca9a5620c28 100644 --- a/SecurityPkg/Library/AuthVariableLib/AuthService.c +++ b/SecurityPkg/Library/AuthVariableLib/AuthService.c @@ -19,12 +19,16 @@ to verify the signature. =20 Copyright (c) 2009 - 2019, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation. SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ =20 #include "AuthServiceInternal.h" =20 +#include +#include + // // Public Exponent of RSA Key. // @@ -217,9 +221,12 @@ NeedPhysicallyPresent( IN EFI_GUID *VendorGuid ) { - if ((CompareGuid (VendorGuid, &gEfiSecureBootEnableDisableGuid) && (StrC= mp (VariableName, EFI_SECURE_BOOT_ENABLE_NAME) =3D=3D 0)) - || (CompareGuid (VendorGuid, &gEfiCustomModeEnableGuid) && (StrCmp (Va= riableName, EFI_CUSTOM_MODE_NAME) =3D=3D 0))) { - return TRUE; + // If the VariablePolicy engine is disabled, allow deletion of any authe= nticated variables. + if (IsVariablePolicyEnabled()) { + if ((CompareGuid (VendorGuid, &gEfiSecureBootEnableDisableGuid) && (St= rCmp (VariableName, EFI_SECURE_BOOT_ENABLE_NAME) =3D=3D 0)) + || (CompareGuid (VendorGuid, &gEfiCustomModeEnableGuid) && (StrCmp (= VariableName, EFI_CUSTOM_MODE_NAME) =3D=3D 0))) { + return TRUE; + } } =20 return FALSE; @@ -842,7 +849,8 @@ ProcessVariable ( &OrgVariableInfo ); =20 - if ((!EFI_ERROR (Status)) && IsDeleteAuthVariable (OrgVariableInfo.Attri= butes, Data, DataSize, Attributes) && UserPhysicalPresent()) { + // If the VariablePolicy engine is disabled, allow deletion of any authe= nticated variables. + if ((!EFI_ERROR (Status)) && IsDeleteAuthVariable (OrgVariableInfo.Attri= butes, Data, DataSize, Attributes) && (UserPhysicalPresent() || !IsVariable= PolicyEnabled())) { // // Allow the delete operation of common authenticated variable(AT or A= W) at user physical presence. // @@ -1960,6 +1968,12 @@ VerifyTimeBasedPayload ( =20 CopyMem (Buffer, PayloadPtr, PayloadSize); =20 + // If the VariablePolicy engine is disabled, allow deletion of any authe= nticated variables. + if (PayloadSize =3D=3D 0 && (Attributes & EFI_VARIABLE_APPEND_WRITE) =3D= =3D 0 && !IsVariablePolicyEnabled()) { + VerifyStatus =3D TRUE; + goto Exit; + } + if (AuthVarType =3D=3D AuthVarTypePk) { // // Verify that the signature has been made with the current Platform K= ey (no chaining for PK). diff --git a/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf b/Secu= rityPkg/Library/AuthVariableLib/AuthVariableLib.inf index 8d4ce14df494..8eadeebcebd7 100644 --- a/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf +++ b/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf @@ -3,6 +3,7 @@ # # Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.
# Copyright (c) 2018, ARM Limited. All rights reserved.
+# Copyright (c) Microsoft Corporation. # # SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -41,6 +42,7 @@ [LibraryClasses] MemoryAllocationLib BaseCryptLib PlatformSecureLib + VariablePolicyLib =20 [Guids] ## CONSUMES ## Variable:L"SetupMode" --=20 2.26.2.windows.1.8.g01c50adf56.20200515075929 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#61597): https://edk2.groups.io/g/devel/message/61597 Mute This Topic: https://groups.io/mt/75057707/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat Apr 20 02:53:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+61595+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61595+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1592911146; cv=none; d=zohomail.com; s=zohoarc; b=STEmZ4n112RoSjSaD+PG87kYIRdpsd3RcTvMc2445MtDPUBkjbHco4NnzMAcw8B2yCYpybLtLkdLqXb4nXjbua4jD7gzB/KAbNwQ2mg4pWywEM3TBWEvXKwKd+PnKPA9rNp8Q4LbXcmUztXTY13IwEh0VbQ43jEMVtlLJcPyWok= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1592911146; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=blyg+7dpvCKYJXp+KvI+oWg7zbAhn8FGXpWRflqUCA8=; b=N+pe4uVO/hIVtzZ9b/FMnVi4beatomZBLcsZLwhMScM1uSbTZEw7IyqcjMt50csCc9DYnKiMGazPKwSaZGltEleIL9L4sTLa+AQFIRn5SxvVPDswU/2zqrJuUMJ3K6o+IxktrErdFBgoIJmkVC1zINOw9zA3M4gUKOMHfj1YBzI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61595+1787277+3901457@groups.io Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1592911146046244.09602362668682; Tue, 23 Jun 2020 04:19:06 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id jvjbYY1788612xPTOaM0Eqtv; Tue, 23 Jun 2020 04:19:05 -0700 X-Received: from mail-pf1-f193.google.com (mail-pf1-f193.google.com [209.85.210.193]) by mx.groups.io with SMTP id smtpd.web12.1800.1592894706108791754 for ; Mon, 22 Jun 2020 23:45:06 -0700 X-Received: by mail-pf1-f193.google.com with SMTP id a127so9614754pfa.12 for ; Mon, 22 Jun 2020 23:45:06 -0700 (PDT) X-Gm-Message-State: JFOgsUD7re0GodJsfTX6A63Tx1787277AA= X-Google-Smtp-Source: ABdhPJybAH3jc36+XwbqsPORORG1iZcYtK9WjwVt5Hrzmj6tdnnLKzn0DqefcmDpCvfV6PzSX33r4Q== X-Received: by 2002:a63:545e:: with SMTP id e30mr16294409pgm.62.1592894705365; Mon, 22 Jun 2020 23:45:05 -0700 (PDT) X-Received: from localhost.localdomain (174-21-80-75.tukw.qwest.net. [174.21.80.75]) by smtp.gmail.com with ESMTPSA id d6sm1383818pjh.5.2020.06.22.23.45.04 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Jun 2020 23:45:04 -0700 (PDT) From: "Bret Barkelew" X-Google-Original-From: Bret Barkelew To: devel@edk2.groups.io Cc: Jian J Wang , Hao A Wu , Liming Gao Subject: [edk2-devel] [PATCH v6 12/14] MdeModulePkg: Change TCG MOR variables to use VariablePolicy Date: Mon, 22 Jun 2020 23:41:02 -0700 Message-Id: <20200623064104.1908-13-brbarkel@microsoft.com> In-Reply-To: <20200623064104.1908-1-brbarkel@microsoft.com> References: <20200623064104.1908-1-brbarkel@microsoft.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,bret@corthon.com Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1592911145; bh=60sWbqe72O6W/9b62nuUibLsYJPV8kkqb6KPUZ3MoOg=; h=Cc:Date:From:Reply-To:Subject:To; b=G2lS2qtINj4L8c4pyKkhahShaEB8N61H/Nol66NtdblFI5XyQdcNzo7+DdtuDoF3oF8 yVeRsJCguCTwC56e5pUfKP7k//k3ksiUPFIJlmyQZho75ujbC6tfJqs5TBObZI1T9wd9P 9IToAEY+rmanehwBqm0VQYMRhCImUbat77g= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" https://bugzilla.tianocore.org/show_bug.cgi?id=3D2522 These were previously using VarLock, which is being deprecated. Cc: Jian J Wang Cc: Hao A Wu Cc: Liming Gao Cc: Bret Barkelew Signed-off-by: Bret Barkelew --- MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockDxe.c | 52 += +++++++++++++------ MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c | 52 += ++++++++++++++----- MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf | 2 + MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf | 1 + 4 files changed, 82 insertions(+), 25 deletions(-) diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockDxe.c b/M= deModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockDxe.c index e7accf4ed806..b85f08c48c11 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockDxe.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockDxe.c @@ -5,6 +5,7 @@ MOR lock control unsupported. =20 Copyright (c) 2016, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation. SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ @@ -17,7 +18,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include "Variable.h" =20 -extern EDKII_VARIABLE_LOCK_PROTOCOL mVariableLock; +#include +#include =20 /** This service is an MOR/MorLock checker handler for the SetVariable(). @@ -77,11 +79,6 @@ MorLockInit ( NULL // Data ); =20 - // - // Need set this variable to be read-only to prevent other module set it. - // - VariableLockRequestToLock (&mVariableLock, MEMORY_OVERWRITE_REQUEST_CONT= ROL_LOCK_NAME, &gEfiMemoryOverwriteRequestControlLockGuid); - // // The MOR variable can effectively improve platform security only when = the // MorLock variable protects the MOR variable. In turn MorLock cannot be= made @@ -99,11 +96,6 @@ MorLockInit ( 0, // DataSize NULL // Data ); - VariableLockRequestToLock ( - &mVariableLock, - MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME, - &gEfiMemoryOverwriteControlDataGuid - ); =20 return EFI_SUCCESS; } @@ -118,7 +110,39 @@ MorLockInitAtEndOfDxe ( VOID ) { - // - // Do nothing. - // + EFI_STATUS Status; + EDKII_VARIABLE_POLICY_PROTOCOL *VariablePolicy; + + // First, we obviously need to locate the VariablePolicy protocol. + Status =3D gBS->LocateProtocol( &gEdkiiVariablePolicyProtocolGuid, NULL,= (VOID**)&VariablePolicy ); + if (EFI_ERROR( Status )) { + DEBUG(( DEBUG_ERROR, "%a - Could not locate VariablePolicy protocol! %= r\n", __FUNCTION__, Status )); + return; + } + + // If we're successful, go ahead and set the policies to protect the tar= get variables. + Status =3D RegisterBasicVariablePolicy( VariablePolicy, + &gEfiMemoryOverwriteRequestControl= LockGuid, + MEMORY_OVERWRITE_REQUEST_CONTROL_L= OCK_NAME, + VARIABLE_POLICY_NO_MIN_SIZE, + VARIABLE_POLICY_NO_MAX_SIZE, + VARIABLE_POLICY_NO_MUST_ATTR, + VARIABLE_POLICY_NO_CANT_ATTR, + VARIABLE_POLICY_TYPE_LOCK_NOW ); + if (EFI_ERROR( Status )) { + DEBUG(( DEBUG_ERROR, "%a - Could not lock variable %s! %r\n", __FUNCTI= ON__, MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME, Status )); + } + Status =3D RegisterBasicVariablePolicy( VariablePolicy, + &gEfiMemoryOverwriteControlDataGui= d, + MEMORY_OVERWRITE_REQUEST_VARIABLE_= NAME, + VARIABLE_POLICY_NO_MIN_SIZE, + VARIABLE_POLICY_NO_MAX_SIZE, + VARIABLE_POLICY_NO_MUST_ATTR, + VARIABLE_POLICY_NO_CANT_ATTR, + VARIABLE_POLICY_TYPE_LOCK_NOW ); + if (EFI_ERROR( Status )) { + DEBUG(( DEBUG_ERROR, "%a - Could not lock variable %s! %r\n", __FUNCTI= ON__, MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME, Status )); + } + + return; } diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c b/M= deModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c index 085f82035f4b..ee37942a6b0c 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c @@ -19,7 +19,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include "Variable.h" =20 #include - +#include #include =20 typedef struct { @@ -422,6 +422,8 @@ MorLockInitAtEndOfDxe ( { UINTN MorSize; EFI_STATUS MorStatus; + EFI_STATUS Status; + VARIABLE_POLICY_ENTRY *NewPolicy; =20 if (!mMorLockInitializationRequired) { // @@ -494,11 +496,25 @@ MorLockInitAtEndOfDxe ( // The MOR variable is absent; the platform firmware does not support it. // Lock the variable so that no other module may create it. // - VariableLockRequestToLock ( - NULL, // This - MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME, - &gEfiMemoryOverwriteControlDataGuid - ); + NewPolicy =3D NULL; + Status =3D CreateBasicVariablePolicy( &gEfiMemoryOverwriteControlDataGui= d, + MEMORY_OVERWRITE_REQUEST_VARIABLE_NA= ME, + VARIABLE_POLICY_NO_MIN_SIZE, + VARIABLE_POLICY_NO_MAX_SIZE, + VARIABLE_POLICY_NO_MUST_ATTR, + VARIABLE_POLICY_NO_CANT_ATTR, + VARIABLE_POLICY_TYPE_LOCK_NOW, + &NewPolicy ); + if (!EFI_ERROR( Status )) { + Status =3D RegisterVariablePolicy( NewPolicy ); + } + if (EFI_ERROR( Status )) { + DEBUG(( DEBUG_ERROR, "%a - Failed to lock variable %s! %r\n", __FUNCTI= ON__, MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME, Status )); + ASSERT_EFI_ERROR( Status ); + } + if (NewPolicy !=3D NULL) { + FreePool( NewPolicy ); + } =20 // // Delete the MOR Control Lock variable too (should it exists for some @@ -514,9 +530,23 @@ MorLockInitAtEndOfDxe ( ); mMorLockPassThru =3D FALSE; =20 - VariableLockRequestToLock ( - NULL, // This - MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME, - &gEfiMemoryOverwriteRequestControlLockGuid - ); + NewPolicy =3D NULL; + Status =3D CreateBasicVariablePolicy( &gEfiMemoryOverwriteRequestControl= LockGuid, + MEMORY_OVERWRITE_REQUEST_CONTROL_LOC= K_NAME, + VARIABLE_POLICY_NO_MIN_SIZE, + VARIABLE_POLICY_NO_MAX_SIZE, + VARIABLE_POLICY_NO_MUST_ATTR, + VARIABLE_POLICY_NO_CANT_ATTR, + VARIABLE_POLICY_TYPE_LOCK_NOW, + &NewPolicy ); + if (!EFI_ERROR( Status )) { + Status =3D RegisterVariablePolicy( NewPolicy ); + } + if (EFI_ERROR( Status )) { + DEBUG(( DEBUG_ERROR, "%a - Failed to lock variable %s! %r\n", __FUNCTI= ON__, MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME, Status )); + ASSERT_EFI_ERROR( Status ); + } + if (NewPolicy !=3D NULL) { + FreePool( NewPolicy ); + } } diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.= inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf index 48ac167906f7..8debc560e6dc 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf @@ -71,6 +71,7 @@ [LibraryClasses] AuthVariableLib VarCheckLib VariablePolicyLib + VariablePolicyHelperLib =20 [Protocols] gEfiFirmwareVolumeBlockProtocolGuid ## CONSUMES @@ -80,6 +81,7 @@ [Protocols] gEfiVariableWriteArchProtocolGuid ## PRODUCES gEfiVariableArchProtocolGuid ## PRODUCES gEdkiiVariableLockProtocolGuid ## PRODUCES + gEdkiiVariablePolicyProtocolGuid ## CONSUMES gEdkiiVarCheckProtocolGuid ## PRODUCES =20 [Guids] diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneM= m.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf index d8f480be27cc..62f2f9252f43 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf @@ -76,6 +76,7 @@ [LibraryClasses] SynchronizationLib VarCheckLib VariablePolicyLib + VariablePolicyHelperLib =20 [Protocols] gEfiSmmFirmwareVolumeBlockProtocolGuid ## CONSUMES --=20 2.26.2.windows.1.8.g01c50adf56.20200515075929 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#61595): https://edk2.groups.io/g/devel/message/61595 Mute This Topic: https://groups.io/mt/75057704/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat Apr 20 02:53:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+61587+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61587+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1592911138; cv=none; d=zohomail.com; s=zohoarc; b=TaIbn67GumTOM0y5sjbxIcero5/4V70yO0hfLjEGfLS8Oqw0RWmEckur2KyMNsVI5rZWRPTjGI05G38+VCMlDFq8kRKRk9tvMosXE9ytbWgE7bsVP/OudXcLZ+Fo7E0auMngDdmzYsLgawq0kpmKq4hoVxDQdUG/9tgvOh+A4j8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1592911138; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=dvrQC+Fg5A5hd4j3Ni3FYZStIXxWZ2TT9h2iKSUtY4g=; b=ny1Y3Ad+A3iC18yqYK2tNFOmoHcYlEdOmfbxG/X19SRICapu0neqIBkeDuKaoA0z74cTZOMtSy0USC7UOzmKYR4rtb2+Wwtk8dUnovkWDp2rOl1OERdR8xJBNRTdlZoo+PTe+jg49UqajGcS9bVVI0sS15CDVxoTfTdyBRSaBkY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61587+1787277+3901457@groups.io Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1592911138220852.5879059792007; Tue, 23 Jun 2020 04:18:58 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id TkOHYY1788612x8JoPjAToPL; Tue, 23 Jun 2020 04:18:57 -0700 X-Received: from mail-pf1-f172.google.com (mail-pf1-f172.google.com [209.85.210.172]) by mx.groups.io with SMTP id smtpd.web11.1754.1592894707070936091 for ; Mon, 22 Jun 2020 23:45:07 -0700 X-Received: by mail-pf1-f172.google.com with SMTP id j1so9642263pfe.4 for ; Mon, 22 Jun 2020 23:45:07 -0700 (PDT) X-Gm-Message-State: yVGJO5gYhDZ5VFy7apHhgIIsx1787277AA= X-Google-Smtp-Source: ABdhPJz84ncNqsce32rb1ahoE4zMA/lOBG2cWZwOvf/Ak8HAHW8AMvX7NUcpdzIsgbeTRB0XJxMjMg== X-Received: by 2002:a63:d318:: with SMTP id b24mr14776729pgg.403.1592894706170; Mon, 22 Jun 2020 23:45:06 -0700 (PDT) X-Received: from localhost.localdomain (174-21-80-75.tukw.qwest.net. [174.21.80.75]) by smtp.gmail.com with ESMTPSA id d6sm1383818pjh.5.2020.06.22.23.45.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Jun 2020 23:45:05 -0700 (PDT) From: "Bret Barkelew" X-Google-Original-From: Bret Barkelew To: devel@edk2.groups.io Cc: Jian J Wang , Hao A Wu , Liming Gao Subject: [edk2-devel] [PATCH v6 13/14] MdeModulePkg: Drop VarLock from RuntimeDxe variable driver Date: Mon, 22 Jun 2020 23:41:03 -0700 Message-Id: <20200623064104.1908-14-brbarkel@microsoft.com> In-Reply-To: <20200623064104.1908-1-brbarkel@microsoft.com> References: <20200623064104.1908-1-brbarkel@microsoft.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,bret@corthon.com Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1592911137; bh=SPAydUx3XDCYFpoAT2RBkn8ttWXAouGhr+xNZPo9kHU=; h=Cc:Date:From:Reply-To:Subject:To; b=tVL9G+3yTCD/KXl5ZwthaN1aq2kquy5M0aL+d7OUckHy6jts5NZFdgFbI9sdNIBof+6 LYgKe/dUAksIVEGoaRMK4f6sEbJIVyLx3Hmsaj61DBd/wRe6QEy90dc1KzdiGeu6XMGP1 Cxs3Glfrxf6FVNu+59xJT9fgb0E/loALYjA= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" https://bugzilla.tianocore.org/show_bug.cgi?id=3D2522 Now that everything should be moved to VariablePolicy, drop support for the deprecated VarLock SMI interface and associated functions from variable RuntimeDxe. Cc: Jian J Wang Cc: Hao A Wu Cc: Liming Gao Cc: Bret Barkelew Signed-off-by: Bret Barkelew --- MdeModulePkg/Universal/Variable/RuntimeDxe/VarCheck.c | 49= +------------- MdeModulePkg/Universal/Variable/RuntimeDxe/VariableLockRequstToLock.c | 71= ++++++++++++++++++++ MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf | 1= + MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf | 1= + MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf | 1= + 5 files changed, 75 insertions(+), 48 deletions(-) diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VarCheck.c b/MdeMod= ulePkg/Universal/Variable/RuntimeDxe/VarCheck.c index f15219df5eb8..486d85b022e1 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VarCheck.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VarCheck.c @@ -3,60 +3,13 @@ and variable lock protocol based on VarCheckLib. =20 Copyright (c) 2015, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation. SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ =20 #include "Variable.h" =20 -/** - Mark a variable that will become read-only after leaving the DXE phase o= f execution. - Write request coming from SMM environment through EFI_SMM_VARIABLE_PROTO= COL is allowed. - - @param[in] This The VARIABLE_LOCK_PROTOCOL instance. - @param[in] VariableName A pointer to the variable name that will be mad= e read-only subsequently. - @param[in] VendorGuid A pointer to the vendor GUID that will be made = read-only subsequently. - - @retval EFI_SUCCESS The variable specified by the VariableName= and the VendorGuid was marked - as pending to be read-only. - @retval EFI_INVALID_PARAMETER VariableName or VendorGuid is NULL. - Or VariableName is an empty string. - @retval EFI_ACCESS_DENIED EFI_END_OF_DXE_EVENT_GROUP_GUID or EFI_EVE= NT_GROUP_READY_TO_BOOT has - already been signaled. - @retval EFI_OUT_OF_RESOURCES There is not enough resource to hold the l= ock request. -**/ -EFI_STATUS -EFIAPI -VariableLockRequestToLock ( - IN CONST EDKII_VARIABLE_LOCK_PROTOCOL *This, - IN CHAR16 *VariableName, - IN EFI_GUID *VendorGuid - ) -{ - EFI_STATUS Status; - VAR_CHECK_VARIABLE_PROPERTY Property; - - AcquireLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.Variab= leServicesLock); - - Status =3D VarCheckLibVariablePropertyGet (VariableName, VendorGuid, &Pr= operty); - if (!EFI_ERROR (Status)) { - Property.Property |=3D VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY; - } else { - Property.Revision =3D VAR_CHECK_VARIABLE_PROPERTY_REVISION; - Property.Property =3D VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY; - Property.Attributes =3D 0; - Property.MinSize =3D 1; - Property.MaxSize =3D MAX_UINTN; - } - Status =3D VarCheckLibVariablePropertySet (VariableName, VendorGuid, &Pr= operty); - - DEBUG ((EFI_D_INFO, "[Variable] Lock: %g:%s %r\n", VendorGuid, VariableN= ame, Status)); - - ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.Variab= leServicesLock); - - return Status; -} - /** Register SetVariable check handler. =20 diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableLockRequstT= oLock.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableLockRequstToLo= ck.c new file mode 100644 index 000000000000..1f7f0b7ef06c --- /dev/null +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableLockRequstToLock.c @@ -0,0 +1,71 @@ +/** @file -- VariableLockRequstToLock.c +Temporary location of the RequestToLock shim code while +projects are moved to VariablePolicy. Should be removed when deprecated. + +Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include + +#include +#include + +#include + +#include +#include +#include + + +/** + DEPRECATED. THIS IS ONLY HERE AS A CONVENIENCE WHILE PORTING. + Mark a variable that will become read-only after leaving the DXE phase o= f execution. + Write request coming from SMM environment through EFI_SMM_VARIABLE_PROTO= COL is allowed. + + @param[in] This The VARIABLE_LOCK_PROTOCOL instance. + @param[in] VariableName A pointer to the variable name that will be mad= e read-only subsequently. + @param[in] VendorGuid A pointer to the vendor GUID that will be made = read-only subsequently. + + @retval EFI_SUCCESS The variable specified by the VariableName= and the VendorGuid was marked + as pending to be read-only. + @retval EFI_INVALID_PARAMETER VariableName or VendorGuid is NULL. + Or VariableName is an empty string. + @retval EFI_ACCESS_DENIED EFI_END_OF_DXE_EVENT_GROUP_GUID or EFI_EVE= NT_GROUP_READY_TO_BOOT has + already been signaled. + @retval EFI_OUT_OF_RESOURCES There is not enough resource to hold the l= ock request. +**/ +EFI_STATUS +EFIAPI +VariableLockRequestToLock ( + IN CONST EDKII_VARIABLE_LOCK_PROTOCOL *This, + IN CHAR16 *VariableName, + IN EFI_GUID *VendorGuid + ) +{ + EFI_STATUS Status; + VARIABLE_POLICY_ENTRY *NewPolicy; + + NewPolicy =3D NULL; + Status =3D CreateBasicVariablePolicy( VendorGuid, + VariableName, + VARIABLE_POLICY_NO_MIN_SIZE, + VARIABLE_POLICY_NO_MAX_SIZE, + VARIABLE_POLICY_NO_MUST_ATTR, + VARIABLE_POLICY_NO_CANT_ATTR, + VARIABLE_POLICY_TYPE_LOCK_NOW, + &NewPolicy ); + if (!EFI_ERROR( Status )) { + Status =3D RegisterVariablePolicy( NewPolicy ); + } + if (EFI_ERROR( Status )) { + DEBUG(( DEBUG_ERROR, "%a - Failed to lock variable %s! %r\n", __FUNCTI= ON__, VariableName, Status )); + ASSERT_EFI_ERROR( Status ); + } + if (NewPolicy !=3D NULL) { + FreePool( NewPolicy ); + } + + return Status; +} diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.= inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf index 8debc560e6dc..3005e9617423 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf @@ -49,6 +49,7 @@ [Sources] VarCheck.c VariableExLib.c SpeculationBarrierDxe.c + VariableLockRequstToLock.c =20 [Packages] MdePkg/MdePkg.dec diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf b/M= deModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf index bbc8d2080193..26fbad97339f 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf @@ -58,6 +58,7 @@ [Sources] VariableExLib.c TcgMorLockSmm.c SpeculationBarrierSmm.c + VariableLockRequstToLock.c =20 [Packages] MdePkg/MdePkg.dec diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneM= m.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf index 62f2f9252f43..7c6fdf4d65fd 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf @@ -58,6 +58,7 @@ [Sources] VariableExLib.c TcgMorLockSmm.c SpeculationBarrierSmm.c + VariableLockRequstToLock.c =20 [Packages] MdePkg/MdePkg.dec --=20 2.26.2.windows.1.8.g01c50adf56.20200515075929 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#61587): https://edk2.groups.io/g/devel/message/61587 Mute This Topic: https://groups.io/mt/75057696/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat Apr 20 02:53:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+61598+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61598+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1592911148; cv=none; d=zohomail.com; s=zohoarc; b=MeeCyEFx5dbrSZI79LnyIvfmf64W3MU7NkdyiPwMkO/IfPhZ1k+MePACr2/HZhiTEfOKyU9eYHg5VytTqNYcyvomaYP3nsKbEegcfj7OhCQLauhzW6X/hwZXng3HGeQEh+v/F+FvujzCk/69u5HypBU3S+3Th9cUf9cG0ryzE1s= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1592911148; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=KszOqQutreEVMjzeMYcccFHOvVc47W3K78GJgnTUasM=; b=LhGp3P79ndR2B1rFBlLNMkH4XR6rPoiRySjLUt2TnTHsg8NffQC8m68ICJC1dI3QmzlsYaZTdCefQ/78L2AS5AzqyY03t4ogkJzur/PvkKaryxaxbrreOqExsZsXz3JHnizQp7RfL02Mo6Nf5Td3O6OOomuvU2A5AcQuhiP0snE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61598+1787277+3901457@groups.io Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1592911148136915.9375816389881; Tue, 23 Jun 2020 04:19:08 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id eMmHYY1788612x0B03hwQP4L; Tue, 23 Jun 2020 04:19:07 -0700 X-Received: from mail-pj1-f68.google.com (mail-pj1-f68.google.com [209.85.216.68]) by mx.groups.io with SMTP id smtpd.web11.1756.1592894708648768698 for ; Mon, 22 Jun 2020 23:45:08 -0700 X-Received: by mail-pj1-f68.google.com with SMTP id u8so1053794pje.4 for ; Mon, 22 Jun 2020 23:45:08 -0700 (PDT) X-Gm-Message-State: tZPItA9MsTesc38CyXH0jkW3x1787277AA= X-Google-Smtp-Source: ABdhPJzpLSg3SZzV2gsQRPc5vLM4QXl8ei7QkfiAB+KrslxUFW18leidR9VydlQxWZcExFw2UIugkw== X-Received: by 2002:a17:90a:49c5:: with SMTP id l5mr22383603pjm.31.1592894707456; Mon, 22 Jun 2020 23:45:07 -0700 (PDT) X-Received: from localhost.localdomain (174-21-80-75.tukw.qwest.net. [174.21.80.75]) by smtp.gmail.com with ESMTPSA id d6sm1383818pjh.5.2020.06.22.23.45.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Jun 2020 23:45:06 -0700 (PDT) From: "Bret Barkelew" X-Google-Original-From: Bret Barkelew To: devel@edk2.groups.io Cc: Jian J Wang , Hao A Wu , Liming Gao Subject: [edk2-devel] [PATCH v6 14/14] MdeModulePkg: Add a shell-based functional test for VariablePolicy Date: Mon, 22 Jun 2020 23:41:04 -0700 Message-Id: <20200623064104.1908-15-brbarkel@microsoft.com> In-Reply-To: <20200623064104.1908-1-brbarkel@microsoft.com> References: <20200623064104.1908-1-brbarkel@microsoft.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,bret@corthon.com Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1592911147; bh=Y8e65Mbrb0gWrdpZuTFFXGH7MvD0BQU4DKS+c9F+3OI=; h=Cc:Date:From:Reply-To:Subject:To; b=wXaY/udw2HarKQsvPsGxjM6fofBJNfp4d6WCZdk6z1fpVCvMaPlgV5g02SrguF4Tcbx Ly1FhtW3gw6zebIEKcQba1u8csiH+57McVT4ablAVc+JVMmm07OV5OzrtbCCUisMPMw/g +hdP5CqqiFIXmBBkjMd5X06KN+6ryRtZnrQ= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" https://bugzilla.tianocore.org/show_bug.cgi?id=3D2522 To verify that VariablePolicy is correctly integrated on platforms, add a Shell-based functional test to confirm expected behavior. NOTE: This test assumes that VariablePolicy is built with PcdAllowVariablePolicyEnforcementDisable set to TRUE. Cc: Jian J Wang Cc: Hao A Wu Cc: Liming Gao Cc: Bret Barkelew Signed-off-by: Bret Barkelew --- MdeModulePkg/Library/VariablePolicyLib/VariablePolicyUnitTest/VariablePoli= cyUnitTest.c | 6 +- MdeModulePkg/Test/ShellTest/VariablePolicyFuncTestApp/VariablePolicyFuncTe= stApp.c | 1978 ++++++++++++++++++++ MdeModulePkg/MdeModulePkg.ci.yaml = | 4 +- MdeModulePkg/MdeModulePkg.dsc = | 6 + MdeModulePkg/Test/ShellTest/VariablePolicyFuncTestApp/Readme.md = | 55 + MdeModulePkg/Test/ShellTest/VariablePolicyFuncTestApp/VariablePolicyFuncTe= stApp.inf | 42 + 6 files changed, 2089 insertions(+), 2 deletions(-) diff --git a/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyUnitTest/= VariablePolicyUnitTest.c b/MdeModulePkg/Library/VariablePolicyLib/VariableP= olicyUnitTest/VariablePolicyUnitTest.c index f133f2f30e36..809817a4823e 100644 --- a/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyUnitTest/Variabl= ePolicyUnitTest.c +++ b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyUnitTest/Variabl= ePolicyUnitTest.c @@ -39,9 +39,11 @@ SPDX-License-Identifier: BSD-2-Clause-Patent ///=3D=3D=3D TEST DATA =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =20 #pragma pack(push, 1) +#define SIMPLE_VARIABLE_POLICY_ENTRY_VAR_NAME_LENGTH 1001 // 1000 char= acters + terminator. +#define SIMPLE_VARIABLE_POLICY_ENTRY_VAR_NAME_SIZE (SIMPLE_VARIABLE_POL= ICY_ENTRY_VAR_NAME_LENGTH * sizeof(CHAR16)) typedef struct _SIMPLE_VARIABLE_POLICY_ENTRY { VARIABLE_POLICY_ENTRY Header; - CHAR16 Name[]; + CHAR16 Name[SIMPLE_VARIABLE_POLICY_ENTRY_VAR_NAME_LEN= GTH]; } SIMPLE_VARIABLE_POLICY_ENTRY; #define EXPANDED_VARIABLE_POLICY_ENTRY_VAR_NAME_LENGTH 1001 // 1000 ch= aracters + terminator. #define EXPANDED_VARIABLE_POLICY_ENTRY_VAR_NAME_SIZE (EXPANDED_VARIABLE= _POLICY_ENTRY_VAR_NAME_LENGTH * sizeof(CHAR16)) @@ -181,6 +183,7 @@ StubGetVariableNull ( **/ STATIC UNIT_TEST_STATUS +EFIAPI LibInitMocked ( IN UNIT_TEST_CONTEXT Context ) @@ -194,6 +197,7 @@ LibInitMocked ( */ STATIC VOID +EFIAPI LibCleanup ( IN UNIT_TEST_CONTEXT Context ) diff --git a/MdeModulePkg/Test/ShellTest/VariablePolicyFuncTestApp/Variable= PolicyFuncTestApp.c b/MdeModulePkg/Test/ShellTest/VariablePolicyFuncTestApp= /VariablePolicyFuncTestApp.c new file mode 100644 index 000000000000..719323ac1b88 --- /dev/null +++ b/MdeModulePkg/Test/ShellTest/VariablePolicyFuncTestApp/VariablePolicyF= uncTestApp.c @@ -0,0 +1,1978 @@ +/** @file +UEFI Shell based application for unit testing the Variable Policy Protocol. + +Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +// TODO: Need to add to the UnitTestFrameworkPkg +// #include + +#define UNIT_TEST_APP_NAME "Variable Policy Unit Test Application" +#define UNIT_TEST_APP_VERSION "0.1" + +// TODO: Need to add to the UnitTestFrameworkPkg +UNIT_TEST_FRAMEWORK_HANDLE +GetActiveFrameworkHandle ( + VOID + ); + +EDKII_VARIABLE_POLICY_PROTOCOL *mVarPol =3D NULL; + + +EFI_GUID mTestNamespaceGuid1 =3D { 0x3b389299, 0xabaf, 0x433b, { 0xa4, 0xa= 9, 0x23, 0xc8, 0x44, 0x02, 0xfc, 0xad } }; +EFI_GUID mTestNamespaceGuid2 =3D { 0x4c49a3aa, 0xbcb0, 0x544c, { 0xb5, 0xb= a, 0x34, 0xd9, 0x55, 0x13, 0x0d, 0xbe } }; +EFI_GUID mTestNamespaceGuid3 =3D { 0x5d5ab4bb, 0xcdc1, 0x655d, { 0xc6, 0xc= b, 0x45, 0xea, 0x66, 0x24, 0x1e, 0xcf } }; + +/** + Prerequisite for most test cases. +**/ +UNIT_TEST_STATUS +EFIAPI +LocateVarPolicyPreReq ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EFI_STATUS Status; + + if (mVarPol =3D=3D NULL) { + Status =3D gBS->LocateProtocol (&gEdkiiVariablePolicyProtocolGuid, + NULL, + (VOID **) &mVarPol); + UT_ASSERT_NOT_EFI_ERROR (Status); + UT_ASSERT_NOT_NULL (mVarPol); + } + + return UNIT_TEST_PASSED; + +} // LocateVarPolicyPreReq + +/** + Getting Started tests. +**/ +UNIT_TEST_STATUS +EFIAPI +CheckVpEnabled ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EFI_STATUS Status; + BOOLEAN State; + + Status =3D mVarPol->IsVariablePolicyEnabled (&State); + + UT_ASSERT_NOT_EFI_ERROR (Status); + UT_ASSERT_EQUAL (State, TRUE); + + return UNIT_TEST_PASSED; +} // CheckVpEnabled + +UNIT_TEST_STATUS +EFIAPI +CheckVpRevision ( + IN UNIT_TEST_CONTEXT Context + ) +{ + UT_ASSERT_NOT_EQUAL (mVarPol->Revision, 0); + UT_LOG_INFO ("VP Revision: 0x%x\n", mVarPol->Revision); + + return UNIT_TEST_PASSED; +} // CheckVpRevision + +/** + NoLock Policy tests. +**/ +UNIT_TEST_STATUS +EFIAPI +TestMinSizeNoLock ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EFI_STATUS Status; + UINT8 Value1; + UINT32 Value2; + UINT8 *Buffer; + + Status =3D RegisterBasicVariablePolicy (mVarPol, + &mTestNamespaceGuid1, + L"MinSizeNoLockVar", + 4, + VARIABLE_POLICY_NO_MAX_SIZE, + VARIABLE_POLICY_NO_MUST_ATTR, + VARIABLE_POLICY_NO_CANT_ATTR, + VARIABLE_POLICY_TYPE_NO_LOCK); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Try to write a var that is smaller than minsize + // + Value1 =3D 0x12; + Status =3D gRT->SetVariable (L"MinSizeNoLockVar", + &mTestNamespaceGuid1, + (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BO= OTSERVICE_ACCESS), + sizeof (Value1), + &Value1); + UT_ASSERT_TRUE ((Status =3D=3D EFI_WRITE_PROTECTED) || (Status =3D=3D EF= I_INVALID_PARAMETER)); + + // + // Try to write a var of size that matches minsize + // + Value2 =3D 0xa1b2c3d4; + Status =3D gRT->SetVariable (L"MinSizeNoLockVar", + &mTestNamespaceGuid1, + (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BO= OTSERVICE_ACCESS), + sizeof (Value2), + &Value2); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Should be able to delete the var + // + Status =3D gRT->SetVariable (L"MinSizeNoLockVar", + &mTestNamespaceGuid1, + 0, + 0, + NULL); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Try to write a var of size larger than minsize + // + Buffer =3D AllocateZeroPool (40); + UT_ASSERT_NOT_NULL (Buffer); + Status =3D gRT->SetVariable (L"MinSizeNoLockVar", + &mTestNamespaceGuid1, + (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BO= OTSERVICE_ACCESS), + 40, + Buffer); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Delete the variable + // + Status =3D gRT->SetVariable (L"MinSizeNoLockVar", + &mTestNamespaceGuid1, + 0, + 0, + NULL); + UT_ASSERT_NOT_EFI_ERROR (Status); + + FreePool (Buffer); + + return UNIT_TEST_PASSED; +} // TestMinSizeNoLock + +UNIT_TEST_STATUS +EFIAPI +TestMaxSizeNoLock ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EFI_STATUS Status; + UINT8 Value1; + UINT32 Value2; + UINT8 *Buffer; + + Status =3D RegisterBasicVariablePolicy (mVarPol, + &mTestNamespaceGuid1, + L"MaxSizeNoLockVar", + VARIABLE_POLICY_NO_MIN_SIZE, + 4, + VARIABLE_POLICY_NO_MUST_ATTR, + VARIABLE_POLICY_NO_CANT_ATTR, + VARIABLE_POLICY_TYPE_NO_LOCK); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Try to write a var that is smaller than maxsize + // + Value1 =3D 0x34; + Status =3D gRT->SetVariable (L"MaxSizeNoLockVar", + &mTestNamespaceGuid1, + (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BO= OTSERVICE_ACCESS), + sizeof (Value1), + &Value1); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Should be able to delete the var + // + Status =3D gRT->SetVariable (L"MaxSizeNoLockVar", + &mTestNamespaceGuid1, + 0, + 0, + NULL); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Try to write a var of size that matches maxsize + // + Value2 =3D 0xa1b2c3d4; + Status =3D gRT->SetVariable (L"MaxSizeNoLockVar", + &mTestNamespaceGuid1, + (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BO= OTSERVICE_ACCESS), + sizeof (Value2), + &Value2); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Should be able to delete the var + // + Status =3D gRT->SetVariable (L"MaxSizeNoLockVar", + &mTestNamespaceGuid1, + 0, + 0, + NULL); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Try to write a var of size larger than maxsize + // + Buffer =3D AllocateZeroPool (40); + UT_ASSERT_NOT_NULL (Buffer); + Status =3D gRT->SetVariable (L"MaxSizeNoLockVar", + &mTestNamespaceGuid1, + (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BO= OTSERVICE_ACCESS), + 40, + Buffer); + UT_ASSERT_TRUE ((Status =3D=3D EFI_WRITE_PROTECTED) || (Status =3D=3D EF= I_INVALID_PARAMETER)); + + FreePool (Buffer); + + return UNIT_TEST_PASSED; +} // TestMaxSizeNoLock + +UNIT_TEST_STATUS +EFIAPI +TestMustHaveAttrNoLock ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EFI_STATUS Status; + UINT8 Value; + + Status =3D RegisterBasicVariablePolicy (mVarPol, + &mTestNamespaceGuid1, + L"MustHaveAttrNoLockVar", + VARIABLE_POLICY_NO_MIN_SIZE, + VARIABLE_POLICY_NO_MAX_SIZE, + (EFI_VARIABLE_NON_VOLATILE | EFI_= VARIABLE_BOOTSERVICE_ACCESS), + VARIABLE_POLICY_NO_CANT_ATTR, + VARIABLE_POLICY_TYPE_NO_LOCK); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Try to write a var that doesn't have the must-have attributes + // + Value =3D 0x56; + Status =3D gRT->SetVariable (L"MustHaveAttrNoLockVar", + &mTestNamespaceGuid1, + EFI_VARIABLE_BOOTSERVICE_ACCESS, + sizeof (Value), + &Value); + UT_ASSERT_TRUE ((Status =3D=3D EFI_WRITE_PROTECTED) || (Status =3D=3D EF= I_INVALID_PARAMETER)); + + // + // Try to write a var that has exactly the required attributes + // + Status =3D gRT->SetVariable (L"MustHaveAttrNoLockVar", + &mTestNamespaceGuid1, + (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BO= OTSERVICE_ACCESS), + sizeof (Value), + &Value); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Should be able to delete the var + // NOTE: some implementations of VP will require the musthave attributes= to be passed even when deleting + // + Status =3D gRT->SetVariable (L"MustHaveAttrNoLockVar", + &mTestNamespaceGuid1, + 0, + 0, + NULL); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Try to write a var that has the required attributes and one extra att= ribute + // + Status =3D gRT->SetVariable (L"MustHaveAttrNoLockVar", + &mTestNamespaceGuid1, + (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BO= OTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS), + sizeof (Value), + &Value); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Should be able to delete the var + // NOTE: some implementations of VP will require the musthave attributes= to be passed even when deleting + // + Status =3D gRT->SetVariable (L"MustHaveAttrNoLockVar", + &mTestNamespaceGuid1, + 0, + 0, + NULL); + UT_ASSERT_NOT_EFI_ERROR (Status); + return UNIT_TEST_PASSED; +} // TestMustHaveAttrNoLock + +UNIT_TEST_STATUS +EFIAPI +TestCantHaveAttrNoLock ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EFI_STATUS Status; + UINT8 Value; + + Status =3D RegisterBasicVariablePolicy (mVarPol, + &mTestNamespaceGuid1, + L"CantHaveAttrNoLockVar", + VARIABLE_POLICY_NO_MIN_SIZE, + VARIABLE_POLICY_NO_MAX_SIZE, + VARIABLE_POLICY_NO_MUST_ATTR, + EFI_VARIABLE_NON_VOLATILE, + VARIABLE_POLICY_TYPE_NO_LOCK); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Try to write a var that has a can't have attr + // + Value =3D 0x78; + Status =3D gRT->SetVariable (L"CantHaveAttrNoLockVar", + &mTestNamespaceGuid1, + (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIAB= LE_NON_VOLATILE), + sizeof (Value), + &Value); + UT_ASSERT_TRUE ((Status =3D=3D EFI_WRITE_PROTECTED) || (Status =3D=3D EF= I_INVALID_PARAMETER)); + + // + // Try to write a var that satisfies the can't have requirement + // + Status =3D gRT->SetVariable (L"CantHaveAttrNoLockVar", + &mTestNamespaceGuid1, + EFI_VARIABLE_BOOTSERVICE_ACCESS, + sizeof (Value), + &Value); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Should be able to delete the var + // + Status =3D gRT->SetVariable (L"CantHaveAttrNoLockVar", + &mTestNamespaceGuid1, + 0, + 0, + NULL); + UT_ASSERT_NOT_EFI_ERROR (Status); + + return UNIT_TEST_PASSED; +} // TestCantHaveAttrNoLock + +UNIT_TEST_STATUS +EFIAPI +TestMaxSizeNamespaceNoLock ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EFI_STATUS Status; + UINT8 Value1; + UINT32 Value2; + UINT8 *Buffer; + + // + // Register a namespace-wide policy limiting max size to 4 bytes + // + Status =3D RegisterBasicVariablePolicy (mVarPol, + &mTestNamespaceGuid2, + NULL, + VARIABLE_POLICY_NO_MIN_SIZE, + 4, + VARIABLE_POLICY_NO_MUST_ATTR, + VARIABLE_POLICY_NO_CANT_ATTR, + VARIABLE_POLICY_TYPE_NO_LOCK); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Try to write a var that is smaller than maxsize + // + Value1 =3D 0x34; + Status =3D gRT->SetVariable (L"MaxSizeNoLockVar", + &mTestNamespaceGuid2, + (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BO= OTSERVICE_ACCESS), + sizeof (Value1), + &Value1); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Should be able to delete the var + // + Status =3D gRT->SetVariable (L"MaxSizeNoLockVar", + &mTestNamespaceGuid2, + 0, + 0, + NULL); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Try to write a var of size that matches maxsize + // + Value2 =3D 0xa1b2c3d4; + Status =3D gRT->SetVariable (L"MaxSizeNoLockVar", + &mTestNamespaceGuid2, + (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BO= OTSERVICE_ACCESS), + sizeof (Value2), + &Value2); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Should be able to delete the var + // + Status =3D gRT->SetVariable (L"MaxSizeNoLockVar", + &mTestNamespaceGuid2, + 0, + 0, + NULL); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Try to write a var of size larger than maxsize + // + Buffer =3D AllocateZeroPool (40); + UT_ASSERT_NOT_NULL (Buffer); + Status =3D gRT->SetVariable (L"MaxSizeNoLockVar", + &mTestNamespaceGuid2, + (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BO= OTSERVICE_ACCESS), + 40, + Buffer); + UT_ASSERT_TRUE ((Status =3D=3D EFI_WRITE_PROTECTED) || (Status =3D=3D EF= I_INVALID_PARAMETER)); + + FreePool (Buffer); + + return UNIT_TEST_PASSED; +} // TestMaxSizeNamespaceNoLock + +UNIT_TEST_STATUS +EFIAPI +TestMustHaveAttrWildcardNoLock ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EFI_STATUS Status; + UINT8 Value; + + Status =3D RegisterBasicVariablePolicy (mVarPol, + &mTestNamespaceGuid1, + L"MustHaveAttrWildcardNoLockVar###= #", + VARIABLE_POLICY_NO_MIN_SIZE, + VARIABLE_POLICY_NO_MAX_SIZE, + (EFI_VARIABLE_NON_VOLATILE | EFI_= VARIABLE_BOOTSERVICE_ACCESS), + VARIABLE_POLICY_NO_CANT_ATTR, + VARIABLE_POLICY_TYPE_NO_LOCK); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Try to write a var that doesn't have the must-have attributes + // + Value =3D 0x56; + Status =3D gRT->SetVariable (L"MustHaveAttrWildcardNoLockVar1573", + &mTestNamespaceGuid1, + EFI_VARIABLE_BOOTSERVICE_ACCESS, + sizeof (Value), + &Value); + UT_ASSERT_TRUE ((Status =3D=3D EFI_WRITE_PROTECTED) || (Status =3D=3D EF= I_INVALID_PARAMETER)); + + // + // Try to write a var that has exactly the required attributes + // + Status =3D gRT->SetVariable (L"MustHaveAttrWildcardNoLockVar1234", + &mTestNamespaceGuid1, + (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BO= OTSERVICE_ACCESS), + sizeof (Value), + &Value); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Should be able to delete the var + // NOTE: some implementations of VP will require the musthave attributes= to be passed even when deleting + // + Status =3D gRT->SetVariable (L"MustHaveAttrWildcardNoLockVar1234", + &mTestNamespaceGuid1, + 0, + 0, + NULL); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Try to write a var that has the required attributes and one extra att= ribute + // + Status =3D gRT->SetVariable (L"MustHaveAttrWildcardNoLockVar5612", + &mTestNamespaceGuid1, + (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BO= OTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS), + sizeof (Value), + &Value); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Should be able to delete the var + // NOTE: some implementations of VP will require the musthave attributes= to be passed even when deleting + // + Status =3D gRT->SetVariable (L"MustHaveAttrWildcardNoLockVar5612", + &mTestNamespaceGuid1, + 0, + 0, + NULL); + UT_ASSERT_NOT_EFI_ERROR (Status); + + return UNIT_TEST_PASSED; +} // TestMustHaveAttrWildcardNoLock + +UNIT_TEST_STATUS +EFIAPI +TestPolicyprioritizationNoLock ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EFI_STATUS Status; + UINT8 Value8; + UINT16 Value16; + UINT32 Value32; + UINT64 Value64; + + // + // Register a policy targeting the specific var + // + Status =3D RegisterBasicVariablePolicy (mVarPol, + &mTestNamespaceGuid3, + L"PolicyPriorityTestVar123", + 8, // min size of UINT64 + VARIABLE_POLICY_NO_MAX_SIZE, + VARIABLE_POLICY_NO_MUST_ATTR, + VARIABLE_POLICY_NO_CANT_ATTR, + VARIABLE_POLICY_TYPE_NO_LOCK); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Register a policy with wildcards in the name + // + Status =3D RegisterBasicVariablePolicy (mVarPol, + &mTestNamespaceGuid3, + L"PolicyPriorityTestVar###", + 4, // min size of UINT32 + VARIABLE_POLICY_NO_MAX_SIZE, + VARIABLE_POLICY_NO_MUST_ATTR, + VARIABLE_POLICY_NO_CANT_ATTR, + VARIABLE_POLICY_TYPE_NO_LOCK); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Register a policy with wildcards in the name + // + Status =3D RegisterBasicVariablePolicy (mVarPol, + &mTestNamespaceGuid3, + NULL, + 2, // min size of UINT16 + VARIABLE_POLICY_NO_MAX_SIZE, + VARIABLE_POLICY_NO_MUST_ATTR, + VARIABLE_POLICY_NO_CANT_ATTR, + VARIABLE_POLICY_TYPE_NO_LOCK); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // The idea is that the most specific policy is applied: + // For varname "TestVar", the namespace-wide one should apply: UINT16 = minimum + // For varname "PolicyPriorityTestVar567" the wildcard policy should a= pply: UINT32 minimum + // For varname "PolicyPriorityTestVar123" the var-specific policy shou= ld apply: UINT64 minimum + // + + // + // Let's confirm the namespace-wide policy enforcement + // + Value8 =3D 0x78; + Status =3D gRT->SetVariable (L"TestVar", + &mTestNamespaceGuid3, + (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIAB= LE_NON_VOLATILE), + sizeof (Value8), + &Value8); + UT_ASSERT_TRUE ((Status =3D=3D EFI_WRITE_PROTECTED) || (Status =3D=3D EF= I_INVALID_PARAMETER)); + + Value16 =3D 0x6543; + Status =3D gRT->SetVariable (L"TestVar", + &mTestNamespaceGuid3, + (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIAB= LE_NON_VOLATILE), + sizeof (Value16), + &Value16); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Let's confirm the wildcard policy enforcement + // + Value16 =3D 0xabba; + Status =3D gRT->SetVariable (L"PolicyPriorityTestVar567", + &mTestNamespaceGuid3, + (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIAB= LE_NON_VOLATILE), + sizeof (Value16), + &Value16); + UT_ASSERT_TRUE ((Status =3D=3D EFI_WRITE_PROTECTED) || (Status =3D=3D EF= I_INVALID_PARAMETER)); + + Value32 =3D 0xfedcba98; + Status =3D gRT->SetVariable (L"PolicyPriorityTestVar567", + &mTestNamespaceGuid3, + (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIAB= LE_NON_VOLATILE), + sizeof (Value32), + &Value32); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Let's confirm the var-specific policy enforcement + // + Value32 =3D 0x8d3f627c; + Status =3D gRT->SetVariable (L"PolicyPriorityTestVar123", + &mTestNamespaceGuid3, + (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIAB= LE_NON_VOLATILE), + sizeof (Value32), + &Value32); + UT_ASSERT_TRUE ((Status =3D=3D EFI_WRITE_PROTECTED) || (Status =3D=3D EF= I_INVALID_PARAMETER)); + + Value64 =3D 0xbebecdcdafaf6767; + Status =3D gRT->SetVariable (L"PolicyPriorityTestVar123", + &mTestNamespaceGuid3, + (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIAB= LE_NON_VOLATILE), + sizeof (Value64), + &Value64); + UT_ASSERT_NOT_EFI_ERROR (Status); + + return UNIT_TEST_PASSED; +} // TestPolicyprioritizationNoLock + +/** + LockNow Policy tests. +**/ +UNIT_TEST_STATUS +EFIAPI +TestExistingVarLockNow ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EFI_STATUS Status; + UINT8 Value; + + // + // Write a var that we'll protect next + // + Value =3D 0x78; + Status =3D gRT->SetVariable (L"ExistingLockNowVar", + &mTestNamespaceGuid1, + (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIAB= LE_NON_VOLATILE), + sizeof (Value), + &Value); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Register a LockNow policy targeting the var + // + Status =3D RegisterBasicVariablePolicy (mVarPol, + &mTestNamespaceGuid1, + L"ExistingLockNowVar", + VARIABLE_POLICY_NO_MIN_SIZE, + VARIABLE_POLICY_NO_MAX_SIZE, + VARIABLE_POLICY_NO_MUST_ATTR, + VARIABLE_POLICY_NO_CANT_ATTR, + VARIABLE_POLICY_TYPE_LOCK_NOW); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Attempt to modify the locked var + // + Value =3D 0xA5; + Status =3D gRT->SetVariable (L"ExistingLockNowVar", + &mTestNamespaceGuid1, + (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIAB= LE_NON_VOLATILE), + sizeof (Value), + &Value); + UT_ASSERT_STATUS_EQUAL (Status, EFI_WRITE_PROTECTED); + + // + // Attempt to delete the locked var + // + Status =3D gRT->SetVariable (L"ExistingLockNowVar", + &mTestNamespaceGuid1, + 0, + 0, + NULL); + UT_ASSERT_STATUS_EQUAL (Status, EFI_WRITE_PROTECTED); + + // + // This variable is deleted in final cleanup. + // + + return UNIT_TEST_PASSED; +} // TestExistingVarLockNow + +UNIT_TEST_STATUS +EFIAPI +TestNonexistentVarLockNow ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EFI_STATUS Status; + UINT8 Value; + UINTN Size; + + // + // Make sure the variable we're about to create the policy for doesn't e= xist + // + Size =3D 0; + Status =3D gRT->GetVariable (L"NonexistentLockNowVar", + &mTestNamespaceGuid1, + NULL, + &Size, + NULL); + UT_ASSERT_STATUS_EQUAL (Status, EFI_NOT_FOUND); + + // + // Register a LockNow policy targeting the var + // + Status =3D RegisterBasicVariablePolicy (mVarPol, + &mTestNamespaceGuid1, + L"NonexistentLockNowVar", + VARIABLE_POLICY_NO_MIN_SIZE, + VARIABLE_POLICY_NO_MAX_SIZE, + VARIABLE_POLICY_NO_MUST_ATTR, + VARIABLE_POLICY_NO_CANT_ATTR, + VARIABLE_POLICY_TYPE_LOCK_NOW); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Attempt to create the locked var + // + Value =3D 0xA5; + Status =3D gRT->SetVariable (L"NonexistentLockNowVar", + &mTestNamespaceGuid1, + (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIAB= LE_NON_VOLATILE), + sizeof (Value), + &Value); + UT_ASSERT_STATUS_EQUAL (Status, EFI_WRITE_PROTECTED); + + return UNIT_TEST_PASSED; +} // TestNonexistentVarLockNow + +/** + LockOnCreate Policy tests. +**/ +UNIT_TEST_STATUS +EFIAPI +TestExistingVarLockOnCreate ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EFI_STATUS Status; + UINT8 Value; + + // + // Write a var that we'll protect later + // + Value =3D 0x78; + Status =3D gRT->SetVariable (L"ExistingLockOnCreateVar", + &mTestNamespaceGuid1, + (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIAB= LE_NON_VOLATILE), + sizeof (Value), + &Value); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Register a LockNow policy targeting the var + // + Status =3D RegisterBasicVariablePolicy (mVarPol, + &mTestNamespaceGuid1, + L"ExistingLockOnCreateVar", + VARIABLE_POLICY_NO_MIN_SIZE, + VARIABLE_POLICY_NO_MAX_SIZE, + VARIABLE_POLICY_NO_MUST_ATTR, + VARIABLE_POLICY_NO_CANT_ATTR, + VARIABLE_POLICY_TYPE_LOCK_ON_CREAT= E); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Attempt to modify the locked var + // + Value =3D 0xA5; + Status =3D gRT->SetVariable (L"ExistingLockOnCreateVar", + &mTestNamespaceGuid1, + (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIAB= LE_NON_VOLATILE), + sizeof (Value), + &Value); + UT_ASSERT_STATUS_EQUAL (Status, EFI_WRITE_PROTECTED); + + // + // Attempt to delete the locked var + // + Status =3D gRT->SetVariable (L"ExistingLockOnCreateVar", + &mTestNamespaceGuid1, + 0, + 0, + NULL); + UT_ASSERT_STATUS_EQUAL (Status, EFI_WRITE_PROTECTED); + + // + // This variable is deleted in final cleanup. + // + + return UNIT_TEST_PASSED; +} // TestExistingVarLockOnCreate + +UNIT_TEST_STATUS +EFIAPI +TestNonexistentVarLockOnCreate ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EFI_STATUS Status; + UINT8 Value1; + UINT32 Value2; + UINTN Size; + + // + // Make sure the variable we're about to create the policy for doesn't e= xist + // + Size =3D 0; + Status =3D gRT->GetVariable (L"NonexistentLockOnCreateVar", + &mTestNamespaceGuid1, + NULL, + &Size, + NULL); + UT_ASSERT_STATUS_EQUAL (Status, EFI_NOT_FOUND); + + // + // Register a LockOnCreate policy targeting the var + // + Status =3D RegisterBasicVariablePolicy (mVarPol, + &mTestNamespaceGuid1, + L"NonexistentLockOnCreateVar", + 2, // min size of 2 bytes, UINT16+ + VARIABLE_POLICY_NO_MAX_SIZE, + EFI_VARIABLE_RUNTIME_ACCESS, // mu= st have RT attr + VARIABLE_POLICY_NO_CANT_ATTR, + VARIABLE_POLICY_TYPE_LOCK_ON_CREAT= E); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Attempt to create the var, but smaller than min size + // + Value1 =3D 0xA5; + Status =3D gRT->SetVariable (L"NonexistentLockOnCreateVar", + &mTestNamespaceGuid1, + (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIAB= LE_RUNTIME_ACCESS | EFI_VARIABLE_NON_VOLATILE), + sizeof (Value1), + &Value1); + UT_ASSERT_TRUE ((Status =3D=3D EFI_WRITE_PROTECTED) || (Status =3D=3D EF= I_INVALID_PARAMETER)); + + // + // Now let's make sure attribute req is enforced + // + Value2 =3D 0x43218765; + Status =3D gRT->SetVariable (L"NonexistentLockOnCreateVar", + &mTestNamespaceGuid1, + (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIAB= LE_NON_VOLATILE), + sizeof (Value2), + &Value2); + UT_ASSERT_TRUE ((Status =3D=3D EFI_WRITE_PROTECTED) || (Status =3D=3D EF= I_INVALID_PARAMETER)); + + // + // Now let's create a valid variable + // + Value2 =3D 0x43218765; + Status =3D gRT->SetVariable (L"NonexistentLockOnCreateVar", + &mTestNamespaceGuid1, + (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIAB= LE_RUNTIME_ACCESS | EFI_VARIABLE_NON_VOLATILE), + sizeof (Value2), + &Value2); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Let's make sure we can't modify it + // + Value2 =3D 0xa5a5b6b6; + Status =3D gRT->SetVariable (L"NonexistentLockOnCreateVar", + &mTestNamespaceGuid1, + (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIAB= LE_RUNTIME_ACCESS | EFI_VARIABLE_NON_VOLATILE), + sizeof (Value2), + &Value2); + UT_ASSERT_STATUS_EQUAL (Status, EFI_WRITE_PROTECTED); + + // + // Finally, let's make sure we can't delete it + // + Status =3D gRT->SetVariable (L"NonexistentLockOnCreateVar", + &mTestNamespaceGuid1, + 0, + 0, + NULL); + UT_ASSERT_STATUS_EQUAL (Status, EFI_WRITE_PROTECTED); + + // + // This variable is deleted in final cleanup. + // + + return UNIT_TEST_PASSED; +} // TestNonexistentVarLockOnCreate + +/** + LockOnVarState Policy tests. +**/ +UNIT_TEST_STATUS +EFIAPI +TestLockOnVarStateBeforeCreate ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EFI_STATUS Status; + UINTN Size; + UINT8 Value; + + // + // First of all, let's make sure the var we're trying to protect doesn't= exist + // + Size =3D 0; + Status =3D gRT->GetVariable (L"NonexistentLockOnVarStateVar", + &mTestNamespaceGuid1, + NULL, + &Size, + NULL); + UT_ASSERT_STATUS_EQUAL (Status, EFI_NOT_FOUND); + + // + // Good, now let's create a policy + // + Status =3D RegisterVarStateVariablePolicy (mVarPol, + &mTestNamespaceGuid1, + L"NonexistentLockOnVarStateVar", + VARIABLE_POLICY_NO_MIN_SIZE, + VARIABLE_POLICY_NO_MAX_SIZE, + VARIABLE_POLICY_NO_MUST_ATTR, + VARIABLE_POLICY_NO_CANT_ATTR, + &mTestNamespaceGuid1, + L"Trigger1", + 0x7E); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Now we write the trigger var + // + Value =3D 0x7E; + Status =3D gRT->SetVariable (L"Trigger1", + &mTestNamespaceGuid1, + (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIAB= LE_NON_VOLATILE), + sizeof (Value), + &Value); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Ok, now we attempt to write a var protected by the trigger + // + Value =3D 0xFA; + Status =3D gRT->SetVariable (L"NonexistentLockOnVarStateVar", + &mTestNamespaceGuid1, + (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIAB= LE_NON_VOLATILE), + sizeof (Value), + &Value); + UT_ASSERT_STATUS_EQUAL (Status, EFI_WRITE_PROTECTED); + + // + // Let's modify the trigger var and "untrigger" the policy + // + Value =3D 0x38; + Status =3D gRT->SetVariable (L"Trigger1", + &mTestNamespaceGuid1, + (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIAB= LE_NON_VOLATILE), + sizeof (Value), + &Value); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Now we should be able to create the var targeted by the policy + // + Value =3D 0x23; + Status =3D gRT->SetVariable (L"NonexistentLockOnVarStateVar", + &mTestNamespaceGuid1, + (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIAB= LE_NON_VOLATILE), + sizeof (Value), + &Value); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Cleanup: delete the trigger and the protected var + // + Status =3D gRT->SetVariable (L"Trigger1", + &mTestNamespaceGuid1, + 0, + 0, + NULL); + UT_ASSERT_NOT_EFI_ERROR (Status); + + Status =3D gRT->SetVariable (L"NonexistentLockOnVarStateVar", + &mTestNamespaceGuid1, + 0, + 0, + NULL); + UT_ASSERT_NOT_EFI_ERROR (Status); + + return UNIT_TEST_PASSED; +} // TestLockOnVarStateBeforeCreate + +UNIT_TEST_STATUS +EFIAPI +TestLockOnVarStateAfterCreate ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EFI_STATUS Status; + UINT8 Value; + + // + // Let's create a policy + // + Status =3D RegisterVarStateVariablePolicy (mVarPol, + &mTestNamespaceGuid1, + L"ExistingLockOnVarStateVar", + VARIABLE_POLICY_NO_MIN_SIZE, + VARIABLE_POLICY_NO_MAX_SIZE, + VARIABLE_POLICY_NO_MUST_ATTR, + VARIABLE_POLICY_NO_CANT_ATTR, + &mTestNamespaceGuid1, + L"Trigger2", + 0x5C); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Should be able to write targeted var since the policy isn't active ye= t. + // + Value =3D 0x17; + Status =3D gRT->SetVariable (L"ExistingLockOnVarStateVar", + &mTestNamespaceGuid1, + (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIAB= LE_NON_VOLATILE), + sizeof (Value), + &Value); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Let's modify the var to make sure the policy isn't acting like a lock= -on-create one + // + Value =3D 0x30; + Status =3D gRT->SetVariable (L"ExistingLockOnVarStateVar", + &mTestNamespaceGuid1, + (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIAB= LE_NON_VOLATILE), + sizeof (Value), + &Value); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Now we trigger the policy + // + Value =3D 0x5C; + Status =3D gRT->SetVariable (L"Trigger2", + &mTestNamespaceGuid1, + (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIAB= LE_NON_VOLATILE), + sizeof (Value), + &Value); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Let's now verify the variable is protected + // + Value =3D 0xB9; + Status =3D gRT->SetVariable (L"ExistingLockOnVarStateVar", + &mTestNamespaceGuid1, + (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIAB= LE_NON_VOLATILE), + sizeof (Value), + &Value); + UT_ASSERT_STATUS_EQUAL (Status, EFI_WRITE_PROTECTED); + + // + // Ok, to clean up, we need to remove the trigger var, so delete it, and= then delete the target var + // + Status =3D gRT->SetVariable (L"Trigger2", + &mTestNamespaceGuid1, + 0, + 0, + NULL); + UT_ASSERT_NOT_EFI_ERROR (Status); + + Status =3D gRT->SetVariable (L"ExistingLockOnVarStateVar", + &mTestNamespaceGuid1, + 0, + 0, + NULL); + UT_ASSERT_NOT_EFI_ERROR (Status); + + return UNIT_TEST_PASSED; +} // TestLockOnVarStateAfterCreate + +UNIT_TEST_STATUS +EFIAPI +TestLockOnVarStateInvalidLargeTrigger ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EFI_STATUS Status; + UINT16 Value; + + // + // First let's create a variable policy + // + Status =3D RegisterVarStateVariablePolicy (mVarPol, + &mTestNamespaceGuid1, + L"InvalidLargeTriggerLockOnVarS= tateVar", + VARIABLE_POLICY_NO_MIN_SIZE, + VARIABLE_POLICY_NO_MAX_SIZE, + VARIABLE_POLICY_NO_MUST_ATTR, + VARIABLE_POLICY_NO_CANT_ATTR, + &mTestNamespaceGuid1, + L"Trigger3", + 0x5C); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Now attempt to trigger the lock but with a variable larger than one b= yte + // + Value =3D 0x8085; + Status =3D gRT->SetVariable (L"Trigger3", + &mTestNamespaceGuid1, + (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIAB= LE_NON_VOLATILE), + sizeof (Value), + &Value); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Should still be able to create the targeted var + // + Value =3D 0x1234; + Status =3D gRT->SetVariable (L"InvalidLargeTriggerLockOnVarStateVar", + &mTestNamespaceGuid1, + (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIAB= LE_NON_VOLATILE), + sizeof (Value), + &Value); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Let's clean up by deleting the invalid trigger and the targeted var + // + Status =3D gRT->SetVariable (L"Trigger3", + &mTestNamespaceGuid1, + 0, + 0, + NULL); + UT_ASSERT_NOT_EFI_ERROR (Status); + + Status =3D gRT->SetVariable (L"InvalidLargeTriggerLockOnVarStateVar", + &mTestNamespaceGuid1, + 0, + 0, + NULL); + UT_ASSERT_NOT_EFI_ERROR (Status); + + return UNIT_TEST_PASSED; +} // TestLockOnVarStateInvalidLargeTrigger + +UNIT_TEST_STATUS +EFIAPI +TestLockOnVarStateWrongValueTrigger ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EFI_STATUS Status; + UINT8 Value; + + // + // First let's create a variable policy + // + Status =3D RegisterVarStateVariablePolicy (mVarPol, + &mTestNamespaceGuid1, + L"WrongValueTriggerLockOnVarSta= teVar", + VARIABLE_POLICY_NO_MIN_SIZE, + VARIABLE_POLICY_NO_MAX_SIZE, + VARIABLE_POLICY_NO_MUST_ATTR, + VARIABLE_POLICY_NO_CANT_ATTR, + &mTestNamespaceGuid1, + L"Trigger4", + 0xCA); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Now attempt to trigger the lock but with a wrong value + // + Value =3D 0x80; + Status =3D gRT->SetVariable (L"Trigger4", + &mTestNamespaceGuid1, + (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIAB= LE_NON_VOLATILE), + sizeof (Value), + &Value); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Should still be able to create the targeted var + // + Value =3D 0x14; + Status =3D gRT->SetVariable (L"WrongValueTriggerLockOnVarStateVar", + &mTestNamespaceGuid1, + (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIAB= LE_NON_VOLATILE), + sizeof (Value), + &Value); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Let's clean up by deleting the invalid trigger and the targeted var + // + Status =3D gRT->SetVariable (L"Trigger4", + &mTestNamespaceGuid1, + 0, + 0, + NULL); + UT_ASSERT_NOT_EFI_ERROR (Status); + + Status =3D gRT->SetVariable (L"WrongValueTriggerLockOnVarStateVar", + &mTestNamespaceGuid1, + 0, + 0, + NULL); + UT_ASSERT_NOT_EFI_ERROR (Status); + + return UNIT_TEST_PASSED; +} // TestLockOnVarStateWrongValueTrigger + +/** + Invalid policy tests. +**/ +UNIT_TEST_STATUS +EFIAPI +TestInvalidAttributesPolicy ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EFI_STATUS Status; + + // + // The only must/can't have attributes supported by VPE are NV, BS, and = RT. They are 1, 2, and 4, respectively. + // Let's try some bits higher than that? + // + + // + // Trying must have attribute 0x8 which is EFI_VARIABLE_HARDWARE_ERROR_R= ECORD + // + Status =3D RegisterBasicVariablePolicy (mVarPol, + &mTestNamespaceGuid1, + L"InvalidMustHaveAttributesPolicyV= ar1", + VARIABLE_POLICY_NO_MIN_SIZE, + VARIABLE_POLICY_NO_MAX_SIZE, + EFI_VARIABLE_HARDWARE_ERROR_RECORD, + VARIABLE_POLICY_NO_CANT_ATTR, + VARIABLE_POLICY_TYPE_NO_LOCK); + UT_LOG_INFO ("Setting must have attr to EFI_VARIABLE_HARDWARE_ERROR_RECO= RD returned %r\n", Status); + + // + // Let's try 0x10 - EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS, a deprecate= d attribute + // + Status =3D RegisterBasicVariablePolicy (mVarPol, + &mTestNamespaceGuid1, + L"InvalidMustHaveAttributesPolicyV= ar2", + VARIABLE_POLICY_NO_MIN_SIZE, + VARIABLE_POLICY_NO_MAX_SIZE, + EFI_VARIABLE_AUTHENTICATED_WRITE_A= CCESS, + VARIABLE_POLICY_NO_CANT_ATTR, + VARIABLE_POLICY_TYPE_NO_LOCK); + UT_LOG_INFO ("Setting must have attr to EFI_VARIABLE_AUTHENTICATED_WRITE= _ACCESS returned %r\n", Status); + + // + // Let's try 0x20 - EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS + // + Status =3D RegisterBasicVariablePolicy (mVarPol, + &mTestNamespaceGuid1, + L"InvalidMustHaveAttributesPolicyV= ar3", + VARIABLE_POLICY_NO_MIN_SIZE, + VARIABLE_POLICY_NO_MAX_SIZE, + EFI_VARIABLE_TIME_BASED_AUTHENTICA= TED_WRITE_ACCESS, + VARIABLE_POLICY_NO_CANT_ATTR, + VARIABLE_POLICY_TYPE_NO_LOCK); + UT_LOG_INFO ("Setting must have attr to EFI_VARIABLE_TIME_BASED_AUTHENTI= CATED_WRITE_ACCESS returned %r\n", Status); + + // + // Let's try something wild, like 0x4000 + // + Status =3D RegisterBasicVariablePolicy (mVarPol, + &mTestNamespaceGuid1, + L"InvalidMustHaveAttributesPolicyV= ar4", + VARIABLE_POLICY_NO_MIN_SIZE, + VARIABLE_POLICY_NO_MAX_SIZE, + 0x4000, + VARIABLE_POLICY_NO_CANT_ATTR, + VARIABLE_POLICY_TYPE_NO_LOCK); + UT_LOG_INFO ("Setting must have attr to 0x4000 returned %r\n", Status); + + // + // Now repeat the same tests, but for the can't-have param + // + Status =3D RegisterBasicVariablePolicy (mVarPol, + &mTestNamespaceGuid1, + L"InvalidCantHaveAttributesPolicyV= ar1", + VARIABLE_POLICY_NO_MIN_SIZE, + VARIABLE_POLICY_NO_MAX_SIZE, + VARIABLE_POLICY_NO_MUST_ATTR, + EFI_VARIABLE_HARDWARE_ERROR_RECORD, + VARIABLE_POLICY_TYPE_NO_LOCK); + UT_LOG_INFO ("Setting cant have attr to EFI_VARIABLE_HARDWARE_ERROR_RECO= RD returned %r\n", Status); + + Status =3D RegisterBasicVariablePolicy (mVarPol, + &mTestNamespaceGuid1, + L"InvalidCantHaveAttributesPolicyV= ar2", + VARIABLE_POLICY_NO_MIN_SIZE, + VARIABLE_POLICY_NO_MAX_SIZE, + VARIABLE_POLICY_NO_MUST_ATTR, + EFI_VARIABLE_AUTHENTICATED_WRITE_A= CCESS, + VARIABLE_POLICY_TYPE_NO_LOCK); + UT_LOG_INFO ("Setting cant have attr to EFI_VARIABLE_AUTHENTICATED_WRITE= _ACCESS returned %r\n", Status); + + Status =3D RegisterBasicVariablePolicy (mVarPol, + &mTestNamespaceGuid1, + L"InvalidCantHaveAttributesPolicyV= ar3", + VARIABLE_POLICY_NO_MIN_SIZE, + VARIABLE_POLICY_NO_MAX_SIZE, + VARIABLE_POLICY_NO_MUST_ATTR, + EFI_VARIABLE_TIME_BASED_AUTHENTICA= TED_WRITE_ACCESS, + VARIABLE_POLICY_TYPE_NO_LOCK); + UT_LOG_INFO ("Setting cant have attr to EFI_VARIABLE_TIME_BASED_AUTHENTI= CATED_WRITE_ACCESS returned %r\n", Status); + + Status =3D RegisterBasicVariablePolicy (mVarPol, + &mTestNamespaceGuid1, + L"InvalidCantHaveAttributesPolicyV= ar4", + VARIABLE_POLICY_NO_MIN_SIZE, + VARIABLE_POLICY_NO_MAX_SIZE, + VARIABLE_POLICY_NO_MUST_ATTR, + 0x4000, + VARIABLE_POLICY_TYPE_NO_LOCK); + UT_LOG_INFO ("Setting cant have attr to 0x4000 returned %r\n", Status); + + return UNIT_TEST_PASSED; +} // TestInvalidAttributesPolicy + +UNIT_TEST_STATUS +EFIAPI +TestLargeMinSizePolicy ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EFI_STATUS Status; + + // + // Let's set the min size to 2GB and see what happens + // + Status =3D RegisterBasicVariablePolicy (mVarPol, + &mTestNamespaceGuid1, + L"LargeMinSizeInvalidPolicyVar", + 0x80000000, + VARIABLE_POLICY_NO_MAX_SIZE, + VARIABLE_POLICY_NO_MUST_ATTR, + VARIABLE_POLICY_NO_CANT_ATTR, + VARIABLE_POLICY_TYPE_NO_LOCK); + + UT_LOG_INFO ("Setting min size to 0x80000000 returned %r\n", Status); + + return UNIT_TEST_PASSED; +} // TestLargeMinSizePolicy + +UNIT_TEST_STATUS +EFIAPI +TestZeroMaxSizePolicy ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EFI_STATUS Status; + + // + // Let's set the max size to 0 and see what happens + // + Status =3D RegisterBasicVariablePolicy (mVarPol, + &mTestNamespaceGuid1, + L"ZeroMinSizeInvalidPolicyVar", + VARIABLE_POLICY_NO_MIN_SIZE, + 0, + VARIABLE_POLICY_NO_MUST_ATTR, + VARIABLE_POLICY_NO_CANT_ATTR, + VARIABLE_POLICY_TYPE_NO_LOCK); + //UT_ASSERT_NOT_EQUAL (Status, EFI_SUCCESS); // this fails on QC. Real b= ug? Do we care? + UT_LOG_INFO ("Setting max size to 0 returned %r\n", Status); + + return UNIT_TEST_PASSED; +} // TestZeroMaxSizePolicy + +UNIT_TEST_STATUS +EFIAPI +TestInvalidPolicyTypePolicy ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EFI_STATUS Status; + + // + // Let's set policy type to an invalid value and see what happens + // Valid ones are: + // VARIABLE_POLICY_TYPE_NO_LOCK 0 + // VARIABLE_POLICY_TYPE_LOCK_NOW 1 + // VARIABLE_POLICY_TYPE_LOCK_ON_CREATE 2 + // VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE 3 + // + Status =3D RegisterBasicVariablePolicy (mVarPol, + &mTestNamespaceGuid1, + L"InvalidPolicyTypePolicyVar", + VARIABLE_POLICY_NO_MIN_SIZE, + VARIABLE_POLICY_NO_MAX_SIZE, + VARIABLE_POLICY_NO_MUST_ATTR, + VARIABLE_POLICY_NO_CANT_ATTR, + 4); + UT_ASSERT_NOT_EQUAL (Status, EFI_SUCCESS); + + Status =3D RegisterBasicVariablePolicy (mVarPol, + &mTestNamespaceGuid1, + L"InvalidPolicyTypePolicyVar", + VARIABLE_POLICY_NO_MIN_SIZE, + VARIABLE_POLICY_NO_MAX_SIZE, + VARIABLE_POLICY_NO_MUST_ATTR, + VARIABLE_POLICY_NO_CANT_ATTR, + 147); + UT_ASSERT_NOT_EQUAL (Status, EFI_SUCCESS); + + return UNIT_TEST_PASSED; +} // TestInvalidPolicyTypePolicy + +/** + Test dumping policy. +**/ +UNIT_TEST_STATUS +EFIAPI +TestDumpPolicy ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EFI_STATUS Status; + UINT8* Buffer; + UINT32 Size; + + // + // First let's call DumpVariablePolicy with null buffer to get size + // + Size =3D 0; + Status =3D mVarPol->DumpVariablePolicy (NULL, &Size); + UT_ASSERT_STATUS_EQUAL (Status, EFI_BUFFER_TOO_SMALL); + + // + // Now we allocate the buffer for the dump + // + Buffer =3D NULL; + Buffer =3D AllocatePool (Size); + UT_ASSERT_NOT_NULL (Buffer); + + // + // Now we get the dump. In this test we will not analyze the dump. + // + Status =3D mVarPol->DumpVariablePolicy (Buffer, &Size); + UT_ASSERT_NOT_EFI_ERROR (Status); + + return UNIT_TEST_PASSED; +} // TestDumpPolicy + +/** + Test policy version. +**/ +UNIT_TEST_STATUS +EFIAPI +TestPolicyVersion ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EFI_STATUS Status; + VARIABLE_POLICY_ENTRY *NewEntry; + + // + // Create the new entry using a helper lib + // + NewEntry =3D NULL; + Status =3D CreateBasicVariablePolicy (&mTestNamespaceGuid1, + L"PolicyVersionTestNoLockVar", + VARIABLE_POLICY_NO_MIN_SIZE, + 4, // max size of 4 bytes + VARIABLE_POLICY_NO_MUST_ATTR, + VARIABLE_POLICY_NO_CANT_ATTR, + VARIABLE_POLICY_TYPE_NO_LOCK, + &NewEntry); + UT_ASSERT_NOT_EFI_ERROR (Status); + + NewEntry->Version =3D 0x1234; + Status =3D mVarPol->RegisterVariablePolicy (NewEntry); + UT_LOG_INFO ("Registering policy entry with an unknown version status: %= r\n", Status); + + FreePool (NewEntry); + + return UNIT_TEST_PASSED; +} // TestPolicyVersion + +/** + Lock Policy Tests. +**/ +UNIT_TEST_STATUS +EFIAPI +LockPolicyEngineTests ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EFI_STATUS Status; + UINT16 Value; + UINT64 Value64; + BOOLEAN State; + + // + // First let's register a policy that we'll test after VPE lock + // + Status =3D RegisterBasicVariablePolicy (mVarPol, + &mTestNamespaceGuid1, + L"BeforeVpeLockNoLockPolicyVar", + VARIABLE_POLICY_NO_MIN_SIZE, + 4, // max size of 4 bytes + VARIABLE_POLICY_NO_MUST_ATTR, + VARIABLE_POLICY_NO_CANT_ATTR, + VARIABLE_POLICY_TYPE_LOCK_ON_CREAT= E); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Now, lock VPE! + // + Status =3D mVarPol->LockVariablePolicy (); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // See if we can lock it again? + // + Status =3D mVarPol->LockVariablePolicy (); + UT_LOG_INFO ("Locking VPE for second time returned %r\n", Status); + + // + // Let's confirm one of the policies from prior test suites is still enf= orced + // Attempt to delete a locked var + // + Status =3D gRT->SetVariable (L"ExistingLockNowVar", + &mTestNamespaceGuid1, + 0, + 0, + NULL); + UT_ASSERT_STATUS_EQUAL (Status, EFI_WRITE_PROTECTED); + + // + // We'll make sure the policy from earlier in this test case is actively= filtering out by size + // + Value64 =3D 0x3829fed212345678; + Status =3D gRT->SetVariable (L"BeforeVpeLockNoLockPolicyVar", + &mTestNamespaceGuid1, + (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BO= OTSERVICE_ACCESS), + sizeof (Value64), + &Value64); + UT_ASSERT_TRUE ((Status =3D=3D EFI_WRITE_PROTECTED) || (Status =3D=3D EF= I_INVALID_PARAMETER)); + + // + // Let's create the variable from the policy now + // + Value =3D 0x323f; + Status =3D gRT->SetVariable (L"BeforeVpeLockNoLockPolicyVar", + &mTestNamespaceGuid1, + (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BO= OTSERVICE_ACCESS), + sizeof (Value), + &Value); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Now confirm that the var is locked after creation + // + Value =3D 0x1212; + Status =3D gRT->SetVariable (L"BeforeVpeLockNoLockPolicyVar", + &mTestNamespaceGuid1, + (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BO= OTSERVICE_ACCESS), + sizeof (Value), + &Value); + UT_ASSERT_STATUS_EQUAL (Status, EFI_WRITE_PROTECTED); + + // + // Let's attempt to register a new policy, it should fail + // + Status =3D RegisterBasicVariablePolicy (mVarPol, + &mTestNamespaceGuid1, + L"AfterVpeLockNowPolicyVar", + VARIABLE_POLICY_NO_MIN_SIZE, + VARIABLE_POLICY_NO_MAX_SIZE, + VARIABLE_POLICY_NO_MUST_ATTR, + VARIABLE_POLICY_NO_CANT_ATTR, + VARIABLE_POLICY_TYPE_LOCK_NOW); + UT_ASSERT_NOT_EQUAL (Status, EFI_SUCCESS); + + // + // Make sure VPE is enabled + // + Status =3D mVarPol->IsVariablePolicyEnabled (&State); + UT_ASSERT_NOT_EFI_ERROR (Status); + UT_ASSERT_EQUAL (State, TRUE); + + // + // Finally, make sure we can't disable VPE + // + Status =3D mVarPol->DisableVariablePolicy (); + UT_ASSERT_NOT_EQUAL (Status, EFI_SUCCESS); + + return UNIT_TEST_PASSED; +} // LockPolicyEngineTests + +/** + Save context and reboot after the lock policy test suite. +**/ +STATIC +VOID +EFIAPI +SaveContextAndReboot ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EFI_STATUS Status; + + // + // Now, save all the data associated with this framework. + // TODO: Need to add to the UnitTestFrameworkPkg + Status =3D SaveFrameworkState( NULL, 0 ); + + // + // If we're all good, let's book... + if (!EFI_ERROR( Status )) + { + // + // Next, we want to update the BootNext variable to USB + // so that we have a fighting chance of coming back here. + // + // TODO: Need to add to the UnitTestFrameworkPkg + // SetBootNextDevice(); + + // + // Reset + DEBUG(( DEBUG_INFO, "%a - Rebooting! Launch this test again once boote= d.\n", __FUNCTION__ )); + gRT->ResetSystem( EfiResetCold, EFI_SUCCESS, 0, NULL ); + DEBUG(( DEBUG_ERROR, "%a - Unit test failed to quit! Framework can no = longer be used!\n", __FUNCTION__ )); + + // + // We REALLY shouldn't be here. + Status =3D EFI_ABORTED; + } + + return; +} // SaveContextAndReboot + +/** + Disable policy tests. +**/ +UNIT_TEST_STATUS +EFIAPI +DisablePolicyEngineTests ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EFI_STATUS Status; + BOOLEAN State; + UINT8 Value; + + // + // First, we disable the variable policy + // + Status =3D mVarPol->DisableVariablePolicy (); + UT_ASSERT_NOT_EFI_ERROR (Status); + + // + // Confirm it's disabled + // + Status =3D mVarPol->IsVariablePolicyEnabled (&State); + UT_ASSERT_NOT_EFI_ERROR (Status); + UT_ASSERT_EQUAL (State, FALSE); + + // + // Try locking it? + // + Status =3D mVarPol->LockVariablePolicy (); + UT_LOG_INFO ("Locking VP after disabling it status: %r\n", Status); + + // + // Try modifying the var from TestExistingVarLockNow + // + Value =3D 0xB5; + Status =3D gRT->SetVariable (L"ExistingLockNowVar", + &mTestNamespaceGuid1, + (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIAB= LE_NON_VOLATILE), + sizeof (Value), + &Value); + UT_ASSERT_NOT_EFI_ERROR (Status); + + return UNIT_TEST_PASSED; +} // DisablePolicyEngineTests + +/** + Final Cleanup: delete some variables earlier test cases created. +**/ +STATIC +VOID +EFIAPI +FinalCleanup ( + IN UNIT_TEST_CONTEXT Context + ) +{ + EFI_STATUS Status; + + Status =3D gRT->SetVariable (L"ExistingLockNowVar", + &mTestNamespaceGuid1, + 0, + 0, + NULL); + UT_LOG_INFO ("Delete ExistingLockNowVar status: %r\n", Status); + + Status =3D gRT->SetVariable (L"ExistingLockOnCreateVar", + &mTestNamespaceGuid1, + 0, + 0, + NULL); + UT_LOG_INFO ("Delete ExistingLockOnCreateVar status: %r\n", Status); + + Status =3D gRT->SetVariable (L"NonexistentLockOnCreateVar", + &mTestNamespaceGuid1, + 0, + 0, + NULL); + UT_LOG_INFO ("Delete NonexistentLockOnCreateVar status: %r\n", Status); + + Status =3D gRT->SetVariable (L"NonexistentLockNowVar", + &mTestNamespaceGuid1, + 0, + 0, + NULL); + UT_LOG_INFO ("Delete NonexistentLockNowVar status: %r\n", Status); + + Status =3D gRT->SetVariable (L"CantHaveAttrNoLockVar", + &mTestNamespaceGuid1, + 0, + 0, + NULL); + UT_LOG_INFO ("Delete CantHaveAttrNoLockVar status: %r\n", Status); + + Status =3D gRT->SetVariable (L"NonexistentLockOnVarStateVar", + &mTestNamespaceGuid1, + 0, + 0, + NULL); + UT_LOG_INFO ("Delete NonexistentLockOnVarStateVar status: %r\n", Status); + + Status =3D gRT->SetVariable (L"ExistingLockOnVarStateVar", + &mTestNamespaceGuid1, + 0, + 0, + NULL); + UT_LOG_INFO ("Delete ExistingLockOnVarStateVar status: %r\n", Status); +} // FinalCleanup + +/** + + Main fuction sets up the unit test environment. + +**/ +EFI_STATUS +EFIAPI +UefiMain ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE* SystemTable) +{ + EFI_STATUS Status; + UNIT_TEST_FRAMEWORK_HANDLE Framework; + UNIT_TEST_SUITE_HANDLE GettingStartedTestSuite; + UNIT_TEST_SUITE_HANDLE NoLockPoliciesTestSuite; + UNIT_TEST_SUITE_HANDLE LockNowPoliciesTestSuite; + UNIT_TEST_SUITE_HANDLE LockOnCreatePoliciesTestSuite; + UNIT_TEST_SUITE_HANDLE LockOnVarStatePoliciesTestSuite; + UNIT_TEST_SUITE_HANDLE InvalidPoliciesTestSuite; + UNIT_TEST_SUITE_HANDLE DumpPolicyTestSuite; + UNIT_TEST_SUITE_HANDLE PolicyVersionTestSuite; + UNIT_TEST_SUITE_HANDLE LockPolicyTestSuite; + UNIT_TEST_SUITE_HANDLE DisablePolicyTestSuite; + + Framework =3D NULL; + GettingStartedTestSuite =3D NULL; + NoLockPoliciesTestSuite =3D NULL; + LockNowPoliciesTestSuite =3D NULL; + LockOnCreatePoliciesTestSuite =3D NULL; + LockOnVarStatePoliciesTestSuite =3D NULL; + InvalidPoliciesTestSuite =3D NULL; + DumpPolicyTestSuite =3D NULL; + PolicyVersionTestSuite =3D NULL; + LockPolicyTestSuite =3D NULL; + DisablePolicyTestSuite =3D NULL; + + DEBUG ((DEBUG_INFO, "%a v%a\n", UNIT_TEST_APP_NAME, UNIT_TEST_APP_VERSIO= N)); + + // + // Start setting up the test framework for running the tests. + // + Status =3D InitUnitTestFramework (&Framework, UNIT_TEST_APP_NAME, gEfiCa= llerBaseName, UNIT_TEST_APP_VERSION); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "Failed in InitUnitTestFramework. Status =3D %r\n= ", Status)); + goto EXIT; + } + + // + // Test suite 1: Getting Started. Get VP protocol, check state, log revi= sion + // + Status =3D CreateUnitTestSuite (&GettingStartedTestSuite, Framework, "Ge= tting Started", "Common.VP.GettingStarted", NULL, NULL); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "Failed in CreateUnitTestSuite for the Getting St= arted Test Suite\n")); + Status =3D EFI_OUT_OF_RESOURCES; + goto EXIT; + } + AddTestCase (GettingStartedTestSuite, "Confirm VP is enabled", "Common.V= P.GettingStarted.CheckVpEnabled", CheckVpEnabled, LocateVarPolicyPreReq, NU= LL, NULL); + AddTestCase (GettingStartedTestSuite, "Check VP revision", "Common.VP.Ge= ttingStarted.CheckVpRevision", CheckVpRevision, LocateVarPolicyPreReq, NULL= , NULL); + + // + // Test suite 2: Test NoLock Policies + // + Status =3D CreateUnitTestSuite (&NoLockPoliciesTestSuite, Framework, "Ex= ercise NoLock Policies", "Common.VP.NoLockPolicies", NULL, NULL); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "Failed in CreateUnitTestSuite for the NoLock Pol= icies Test Suite\n")); + Status =3D EFI_OUT_OF_RESOURCES; + goto EXIT; + } + AddTestCase (NoLockPoliciesTestSuite, "Test Min Size enforcement in NoLo= ck policy", "Common.VP.NoLockPolicies.TestMinSizeNoLock", TestMinSizeNoLock= , LocateVarPolicyPreReq, NULL, NULL); + AddTestCase (NoLockPoliciesTestSuite, "Test Max Size enforcement in NoLo= ck policy", "Common.VP.NoLockPolicies.TestMaxSizeNoLock", TestMaxSizeNoLock= , LocateVarPolicyPreReq, NULL, NULL); + AddTestCase (NoLockPoliciesTestSuite, "Test Must Have Attribute enforcem= ent in NoLock policy", "Common.VP.NoLockPolicies.TestMustHaveAttrNoLock", T= estMustHaveAttrNoLock, LocateVarPolicyPreReq, NULL, NULL); + AddTestCase (NoLockPoliciesTestSuite, "Test Can't Have Attribute enforce= ment in NoLock policy", "Common.VP.NoLockPolicies.TestCantHaveAttrNoLock", = TestCantHaveAttrNoLock, LocateVarPolicyPreReq, NULL, NULL); + AddTestCase (NoLockPoliciesTestSuite, "Test Max Size enforcement in NoLo= ck policy for entire namespace", "Common.VP.NoLockPolicies.TestMaxSizeNames= paceNoLock", TestMaxSizeNamespaceNoLock, LocateVarPolicyPreReq, NULL, NULL); + AddTestCase (NoLockPoliciesTestSuite, "Test Must Have Attribute enforcem= ent in NoLock policy with wildcards", "Common.VP.NoLockPolicies.TestMustHav= eAttrWildcardNoLock", TestMustHaveAttrWildcardNoLock, LocateVarPolicyPreReq= , NULL, NULL); + AddTestCase (NoLockPoliciesTestSuite, "Test policy prioritization betwee= n namespace-wide, wildcard, and var-specific policies", "Common.VP.NoLockPo= licies.TestPolicyprioritizationNoLock", TestPolicyprioritizationNoLock, Loc= ateVarPolicyPreReq, NULL, NULL); + + // + // Test suite 3: Test LockNow policies + // + Status =3D CreateUnitTestSuite (&LockNowPoliciesTestSuite, Framework, "E= xercise LockNow Policies", "Common.VP.LockNowPolicies", NULL, NULL); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "Failed in CreateUnitTestSuite for the LockNow Po= licies Test Suite\n")); + Status =3D EFI_OUT_OF_RESOURCES; + goto EXIT; + } + AddTestCase (LockNowPoliciesTestSuite, "Test LockNow policy for a pre-ex= isting variable", "Common.VP.LockNowPolicies.TestExistingVarLockNow", TestE= xistingVarLockNow, LocateVarPolicyPreReq, NULL, NULL); + AddTestCase (LockNowPoliciesTestSuite, "Test LockNow policy for a nonexi= stent variable", "Common.VP.LockNowPolicies.TestNonexistentVarLockNow", Tes= tNonexistentVarLockNow, LocateVarPolicyPreReq, NULL, NULL); + + // + // Test suite 4: Test LockOnCreate policies + // + Status =3D CreateUnitTestSuite (&LockOnCreatePoliciesTestSuite, Framewor= k, "Exercise LockOnCreate Policies", "Common.VP.LockOnCreate", NULL, NULL); + if (EFI_ERROR (Status)) + { + DEBUG ((DEBUG_ERROR, "Failed in CreateUnitTestSuite for the LockOnCrea= te Policies Test Suite\n")); + Status =3D EFI_OUT_OF_RESOURCES; + goto EXIT; + } + AddTestCase (LockOnCreatePoliciesTestSuite, "Test LockOnCreate policy fo= r a pre-existing variable", "Common.VP.LockOnCreate.TestExistingVarLockOnCr= eate", TestExistingVarLockOnCreate, LocateVarPolicyPreReq, NULL, NULL); + AddTestCase (LockOnCreatePoliciesTestSuite, "Test LockOnCreate policy fo= r a nonexistent variable", "Common.VP.LockOnCreate.TestNonexistentVarLockOn= Create", TestNonexistentVarLockOnCreate, LocateVarPolicyPreReq, NULL, NULL); + + // + // Test suite 5: Test LockOnVarState policies + // + Status =3D CreateUnitTestSuite (&LockOnVarStatePoliciesTestSuite, Framew= ork, "Exercise LockOnVarState Policies", "Common.VP.LockOnVarState", NULL, = NULL); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "Failed in CreateUnitTestSuite for the LockOnVarS= tate Policies Test Suite\n")); + Status =3D EFI_OUT_OF_RESOURCES; + goto EXIT; + } + AddTestCase (LockOnVarStatePoliciesTestSuite, "Test LockOnVarState polic= y for a nonexistent variable", "Common.VP.LockOnVarState.TestLockOnVarState= BeforeCreate", TestLockOnVarStateBeforeCreate, LocateVarPolicyPreReq, NULL,= NULL); + AddTestCase (LockOnVarStatePoliciesTestSuite, "Test LockOnVarState polic= y for a pre-existing variable", "Common.VP.LockOnVarState.TestLockOnVarStat= eAfterCreate", TestLockOnVarStateAfterCreate, LocateVarPolicyPreReq, NULL, = NULL); + AddTestCase (LockOnVarStatePoliciesTestSuite, "Test LockOnVarState polic= y triggered by invalid-size variable", "Common.VP.LockOnVarState.TestLockOn= VarStateInvalidLargeTrigger", TestLockOnVarStateInvalidLargeTrigger, Locate= VarPolicyPreReq, NULL, NULL); + AddTestCase (LockOnVarStatePoliciesTestSuite, "Test LockOnVarState polic= y triggered by invalid-value variable", "Common.VP.LockOnVarState.TestLockO= nVarStateWrongValueTrigger", TestLockOnVarStateWrongValueTrigger, LocateVar= PolicyPreReq, NULL, NULL); + + // + // Test suite 6: Test registering invalid policies + // + Status =3D CreateUnitTestSuite (&InvalidPoliciesTestSuite, Framework, "A= ttempt registering invalid policies", "Common.VP.InvalidPolicies", NULL, NU= LL); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "Failed in CreateUnitTestSuite for the Invalid Po= licies Test Suite\n")); + Status =3D EFI_OUT_OF_RESOURCES; + goto EXIT; + } + AddTestCase (InvalidPoliciesTestSuite, "Test policy with invalid must-ha= ve attributes", "Common.VP.InvalidPolicies.TestInvalidAttributesPolicy", Te= stInvalidAttributesPolicy, LocateVarPolicyPreReq, NULL, NULL); + AddTestCase (InvalidPoliciesTestSuite, "Test policy with invalid attribu= tes", "Common.VP.InvalidPolicies.TestLargeMinSizePolicy", TestLargeMinSizeP= olicy, LocateVarPolicyPreReq, NULL, NULL); + AddTestCase (InvalidPoliciesTestSuite, "Test policy with invalid attribu= tes", "Common.VP.InvalidPolicies.TestZeroMaxSizePolicy", TestZeroMaxSizePol= icy, LocateVarPolicyPreReq, NULL, NULL); + AddTestCase (InvalidPoliciesTestSuite, "Test policy with invalid type", = "Common.VP.InvalidPolicies.TestInvalidPolicyTypePolicy", TestInvalidPolicyT= ypePolicy, LocateVarPolicyPreReq, NULL, NULL); + + // + // Test suite 7: Test dumping the policy + // + Status =3D CreateUnitTestSuite (&DumpPolicyTestSuite, Framework, "Attemp= t dumping policy", "Common.VP.DumpPolicy", NULL, NULL); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "Failed in CreateUnitTestSuite for the Dump Polic= y Test Suite\n")); + Status =3D EFI_OUT_OF_RESOURCES; + goto EXIT; + } + AddTestCase (DumpPolicyTestSuite, "Test dumping policy", "Common.VP.Dump= Policy.TestDumpPolicy", TestDumpPolicy, LocateVarPolicyPreReq, NULL, NULL); + + // + // Test suite 8: Test policy version + // + Status =3D CreateUnitTestSuite (&PolicyVersionTestSuite, Framework, "Use= non-zero policy version", "Common.VP.PolicyVersion", NULL, NULL); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "Failed in CreateUnitTestSuite for the Policy Ver= sion Test Suite\n")); + Status =3D EFI_OUT_OF_RESOURCES; + goto EXIT; + } + AddTestCase (PolicyVersionTestSuite, "Test policy version", "Common.VP.D= umpPolicy.TestPolicyVersion", TestPolicyVersion, LocateVarPolicyPreReq, NUL= L, NULL); + + // + // Test suite 9: Lock VPE and test implications + // + Status =3D CreateUnitTestSuite (&LockPolicyTestSuite, Framework, "Lock p= olicy, test it", "Common.VP.LockPolicyTests", NULL, NULL); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "Failed in CreateUnitTestSuite for the Lock Polic= y Test Suite\n")); + Status =3D EFI_OUT_OF_RESOURCES; + goto EXIT; + } + AddTestCase (LockPolicyTestSuite, "Test locking policy", "Common.VP.Lock= PolicyTests.LockPolicyEngineTests", LockPolicyEngineTests, LocateVarPolicyP= reReq, NULL, NULL); + AddTestCase (LockPolicyTestSuite, "Test locking policy", "Common.VP.Lock= PolicyTests.LockPolicyEngineTests", LockPolicyEngineTests, LocateVarPolicyP= reReq, SaveContextAndReboot, NULL); + + // + // Test suite 10: Disable var policy and confirm expected behavior + // + Status =3D CreateUnitTestSuite (&DisablePolicyTestSuite, Framework, "Dis= able policy, test it", "Common.VP.DisablePolicyTests", NULL, NULL); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "Failed in CreateUnitTestSuite for the Disable Po= licy Test Suite\n")); + Status =3D EFI_OUT_OF_RESOURCES; + goto EXIT; + } + AddTestCase (DisablePolicyTestSuite, "Confirm VP is enabled", "Common.VP= .DisablePolicyTests.CheckVpEnabled", CheckVpEnabled, LocateVarPolicyPreReq,= NULL, NULL); + AddTestCase (DisablePolicyTestSuite, "Test LockNow policy for a pre-exis= ting variable", "Common.VP.DisablePolicyTests.TestExistingVarLockNow", Test= ExistingVarLockNow, LocateVarPolicyPreReq, NULL, NULL); + AddTestCase (DisablePolicyTestSuite, "Test disabling policy", "Common.VP= .DisablePolicyTests.DisablePolicyEngineTests", DisablePolicyEngineTests, Lo= cateVarPolicyPreReq, FinalCleanup, NULL); + + // + // Execute the tests. + // + Status =3D RunAllTestSuites (Framework); + +EXIT: + if (Framework !=3D NULL) { + FreeUnitTestFramework (Framework); + } + + return Status; +} // UefiMain diff --git a/MdeModulePkg/MdeModulePkg.ci.yaml b/MdeModulePkg/MdeModulePkg.= ci.yaml index 1cfc1328390e..88a192d0e2a8 100644 --- a/MdeModulePkg/MdeModulePkg.ci.yaml +++ b/MdeModulePkg/MdeModulePkg.ci.yaml @@ -35,7 +35,9 @@ "UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec" ], # For UEFI shell based apps - "AcceptableDependencies-UEFI_APPLICATION":[], + "AcceptableDependencies-UEFI_APPLICATION":[ + "UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec" + ], "IgnoreInf": [] }, =20 diff --git a/MdeModulePkg/MdeModulePkg.dsc b/MdeModulePkg/MdeModulePkg.dsc index f0a75a3b337b..414a6c62dfdb 100644 --- a/MdeModulePkg/MdeModulePkg.dsc +++ b/MdeModulePkg/MdeModulePkg.dsc @@ -19,6 +19,8 @@ [Defines] BUILD_TARGETS =3D DEBUG|RELEASE|NOOPT SKUID_IDENTIFIER =3D DEFAULT =20 +!include UnitTestFrameworkPkg/UnitTestFrameworkPkgTarget.dsc.inc + [LibraryClasses] # # Entry point @@ -314,6 +316,10 @@ [Components] MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeDxe.inf MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf + MdeModulePkg/Test/ShellTest/VariablePolicyFuncTestApp/VariablePolicyFunc= TestApp.inf { + + UnitTestBootLib|UnitTestFrameworkPkg/Library/UnitTestBootLibNull/Uni= tTestBootLibNull.inf + } MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf MdeModulePkg/Library/VarCheckHiiLib/VarCheckHiiLib.inf MdeModulePkg/Library/VarCheckPcdLib/VarCheckPcdLib.inf diff --git a/MdeModulePkg/Test/ShellTest/VariablePolicyFuncTestApp/Readme.m= d b/MdeModulePkg/Test/ShellTest/VariablePolicyFuncTestApp/Readme.md new file mode 100644 index 000000000000..804ad4173a5f --- /dev/null +++ b/MdeModulePkg/Test/ShellTest/VariablePolicyFuncTestApp/Readme.md @@ -0,0 +1,55 @@ +# variable Policy Unit Tests + +## 🔹 Copyright +Copyright (C) Microsoft Corporation. All rights reserved. +SPDX-License-Identifier: BSD-2-Clause-Patent + +## About This Test +This test verifies functionality of the Variable Policy Protocol by regist= ering various variable policies and exercising them, as well as tests locki= ng the policy, disabling it, and dumping the policy entries. + +Only policies that are created as a part of this test will be tested. +1. Try getting test context, if empty then get VP protocol, confirm that V= P is not disabled by calling IsVariablePolicyEnabled. Log VP revision. +2. "No lock" policies: + * check minsize enforcement + * check maxsize enforcement + * check musthave attr enforcement + * check canthave attr enforcement + * check one of the above with empty string policy i.e. name wildcard + * check another one of the above with a "#" containing policy string + * check policy prioritization by having a namespace-wide policy, a pol= icy with a # wildcard, and a one-var specific policy and testing which one = is enforced +3. "Lock now" policies (means if the var doesn't exist, it won't be create= d; if one exists, it can't be updated): + * test a policy for an already existing variable, verify we can't writ= e into that variable + * create a policy for a non-existing variable and attempt to register = such var +4. "Lock on create" policies (means the var can still be created, but no u= pdates later, existing vars can't be updated): + * create a var, lock it with LockOnCreate, attempt to update its conte= nts + * create LockOnCreate VP, attempt to create var with invalid size, the= n invalid attr, then create valid var, attempt to update its contents +5. "Lock on var state" policies (means the var protected by this policy ca= n't be created or updated once the trigger is set) + * create VP, trigger lock with a valid var, attempt to create a locked= var, then modify the trigger var, create locked var + * create VP, create targeted var, modify it, trigger lock, attempt to = modify var + * create VP, trigger lock with invalid (larger than one byte) var, see= if VPE allows creation of the locked var (it should allow) + * create VP, set locking var with wrong value, see if VPE allows creat= ion of the locked var (should allow) +6. Attempt registering invalid policy entries + * invalid required and banned attributes + * large min size - let's say 2GB + * max size equal to 0 + * invalid policy type +7. Exercise dumping policy. No need to check the validity of the dump blob. +8. Test registering a policy with a random version. +9. Lock VPE, make sure old policies are enforced, new ones can't be regist= ered. + * Register a LockOnCreate policy + * Lock VPE + * Test locking it again. + * Verify one of the prior policies is enforced + * Make sure we can create variables even if those are protected by Loc= kOnCreate policy, after locking the VPE + * Attempt to register new policies + * Make sure can't disable VPE + * Cleanup: save context and reboot +10. Disable variable policy and try some things + * Locate Variable Policy Protocol + * Make sure VP is enabled + * Register a policy + * Disable VPE + * Call IsVariablePolicyEnabled to confirm it's disabled. + * Make sure can't lock policy + * Make sure the policy from a is no longer enforced + * Final cleanup: delete vars that were created in some earlier test su= ites diff --git a/MdeModulePkg/Test/ShellTest/VariablePolicyFuncTestApp/Variable= PolicyFuncTestApp.inf b/MdeModulePkg/Test/ShellTest/VariablePolicyFuncTestA= pp/VariablePolicyFuncTestApp.inf new file mode 100644 index 000000000000..9ad277a547c2 --- /dev/null +++ b/MdeModulePkg/Test/ShellTest/VariablePolicyFuncTestApp/VariablePolicyF= uncTestApp.inf @@ -0,0 +1,42 @@ +## @file +# Uefi Shell based Application that unit tests the Variable Policy Protocol +# +# Copyright (c) Microsoft Corporation. +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +[Defines] + INF_VERSION =3D 0x00010005 + BASE_NAME =3D VariablePolicyFuncTestApp + FILE_GUID =3D B653C4C3-3FCC-4B6C-8051-5F692AEAECBA + MODULE_TYPE =3D UEFI_APPLICATION + VERSION_STRING =3D 1.0 + ENTRY_POINT =3D UefiMain + +# +# The following information is for reference only and not required by the = build tools. +# +# VALID_ARCHITECTURES =3D X64 AARCH64 +# + +[Sources] + VariablePolicyFuncTestApp.c + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec + +[LibraryClasses] + UefiApplicationEntryPoint + BaseLib + UnitTestLib + UnitTestBootLib + PrintLib + UefiBootServicesTableLib + UefiRuntimeServicesTableLib + MemoryAllocationLib + VariablePolicyHelperLib + +[Protocols] + gEdkiiVariablePolicyProtocolGuid --=20 2.26.2.windows.1.8.g01c50adf56.20200515075929 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#61598): https://edk2.groups.io/g/devel/message/61598 Mute This Topic: https://groups.io/mt/75057708/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-