From nobody Mon Feb 9 16:50:48 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+64723+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+64723+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1598593925; cv=none; d=zohomail.com; s=zohoarc; b=PIXnJH/uDNJyabP9+z7r70fdOG0SV5zDAL3L+zGEnM4SVf7DVUVUDqU03n9tESie/Bf+9AsPnLLmH9ivESrfwfqQstZysnNEjlohcnxgPS3QW4MCxOkMYuFq1oAyQvLc+JdF2W6yXFIeBU1ENAZogVXakOHCFFeBXeZiISMN7XY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1598593925; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=6W7LE/CwC+wxn1nwUQMUqtVHLmeyEGsxlzRGGJ5d3oo=; b=CE9YqgHhGuBYfxS6ST3bCj/yqH41YvPjU10tpfVFUuUZVvT3tSYN6oUF6WxaXl9hhPcHUy1TOZGtnSJuuoC/183GpMWW1lzThdPYRpjAJZYkDI3DRd+yvVckqIL/1Pn6vWJgDyc18MwL5s/ioHutBZeR80TqPDHbGp/aKx+hWcs= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+64723+1787277+3901457@groups.io Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1598593925922499.27438420700867; Thu, 27 Aug 2020 22:52:05 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id 25CGYY1788612xqUIcUrLSqc; Thu, 27 Aug 2020 22:52:05 -0700 X-Received: from mail-pj1-f48.google.com (mail-pj1-f48.google.com [209.85.216.48]) by mx.groups.io with SMTP id smtpd.web12.37095.1598593922122555353 for ; Thu, 27 Aug 2020 22:52:02 -0700 X-Received: by mail-pj1-f48.google.com with SMTP id n3so93323pjq.1 for ; Thu, 27 Aug 2020 22:52:02 -0700 (PDT) X-Gm-Message-State: E3S0uPvGwnRGjJPeNf3UDCMwx1787277AA= X-Google-Smtp-Source: ABdhPJz0FILRoaCWEhNUdWYf+Q+CizWDxXLQu0DpaqRRIfcqZm87wNU6NIdUgxBeIJ7gOHPQpZNkmw== X-Received: by 2002:a17:90b:ec1:: with SMTP id gz1mr267067pjb.48.1598593921308; Thu, 27 Aug 2020 22:52:01 -0700 (PDT) X-Received: from localhost.localdomain (174-21-132-206.tukw.qwest.net. [174.21.132.206]) by smtp.gmail.com with ESMTPSA id fz19sm41802pjb.40.2020.08.27.22.52.00 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 27 Aug 2020 22:52:00 -0700 (PDT) From: "Bret Barkelew" X-Google-Original-From: Bret Barkelew To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Chao Zhang Subject: [edk2-devel] [PATCH v7 11/14] SecurityPkg: Allow VariablePolicy state to delete authenticated variables Date: Thu, 27 Aug 2020 22:51:24 -0700 Message-Id: <20200828055127.1610-12-brbarkel@microsoft.com> In-Reply-To: <20200828055127.1610-1-brbarkel@microsoft.com> References: <20200828055127.1610-1-brbarkel@microsoft.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,bret@corthon.com Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1598593925; bh=NmMjwxF6yz6Gk9Zht/hN4Ml+bt49xLaIgbBNWeNwBFM=; h=Cc:Date:From:Reply-To:Subject:To; b=Gdi9GkJgEsWMg9Ith71b1cN8gTCNm8JhdJmTZASbqu+t+KngEbct1d8piRVaqJ+ISqi oHagtxIs5kZ8Igpz/4rSUizwAU4m5qJmGazgyIiH4fQwwUgQ1PlXRyfSo7kx9i986HT3a OhdTewV7jja3RL7PAMNCwSzal37ThCxSH2g= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" https://bugzilla.tianocore.org/show_bug.cgi?id=3D2522 Causes AuthService to check IsVariablePolicyEnabled() before enforcing write protections to allow variable deletion when policy engine is disabled. Only allows deletion, not modification. Cc: Jiewen Yao Cc: Jian J Wang Cc: Chao Zhang Cc: Bret Barkelew Signed-off-by: Bret Barkelew --- SecurityPkg/Library/AuthVariableLib/AuthService.c | 22 +++++++++++++= +++---- SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf | 2 ++ 2 files changed, 20 insertions(+), 4 deletions(-) diff --git a/SecurityPkg/Library/AuthVariableLib/AuthService.c b/SecurityPk= g/Library/AuthVariableLib/AuthService.c index 2f60331f2c04..aca9a5620c28 100644 --- a/SecurityPkg/Library/AuthVariableLib/AuthService.c +++ b/SecurityPkg/Library/AuthVariableLib/AuthService.c @@ -19,12 +19,16 @@ to verify the signature. =20 Copyright (c) 2009 - 2019, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation. SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ =20 #include "AuthServiceInternal.h" =20 +#include +#include + // // Public Exponent of RSA Key. // @@ -217,9 +221,12 @@ NeedPhysicallyPresent( IN EFI_GUID *VendorGuid ) { - if ((CompareGuid (VendorGuid, &gEfiSecureBootEnableDisableGuid) && (StrC= mp (VariableName, EFI_SECURE_BOOT_ENABLE_NAME) =3D=3D 0)) - || (CompareGuid (VendorGuid, &gEfiCustomModeEnableGuid) && (StrCmp (Va= riableName, EFI_CUSTOM_MODE_NAME) =3D=3D 0))) { - return TRUE; + // If the VariablePolicy engine is disabled, allow deletion of any authe= nticated variables. + if (IsVariablePolicyEnabled()) { + if ((CompareGuid (VendorGuid, &gEfiSecureBootEnableDisableGuid) && (St= rCmp (VariableName, EFI_SECURE_BOOT_ENABLE_NAME) =3D=3D 0)) + || (CompareGuid (VendorGuid, &gEfiCustomModeEnableGuid) && (StrCmp (= VariableName, EFI_CUSTOM_MODE_NAME) =3D=3D 0))) { + return TRUE; + } } =20 return FALSE; @@ -842,7 +849,8 @@ ProcessVariable ( &OrgVariableInfo ); =20 - if ((!EFI_ERROR (Status)) && IsDeleteAuthVariable (OrgVariableInfo.Attri= butes, Data, DataSize, Attributes) && UserPhysicalPresent()) { + // If the VariablePolicy engine is disabled, allow deletion of any authe= nticated variables. + if ((!EFI_ERROR (Status)) && IsDeleteAuthVariable (OrgVariableInfo.Attri= butes, Data, DataSize, Attributes) && (UserPhysicalPresent() || !IsVariable= PolicyEnabled())) { // // Allow the delete operation of common authenticated variable(AT or A= W) at user physical presence. // @@ -1960,6 +1968,12 @@ VerifyTimeBasedPayload ( =20 CopyMem (Buffer, PayloadPtr, PayloadSize); =20 + // If the VariablePolicy engine is disabled, allow deletion of any authe= nticated variables. + if (PayloadSize =3D=3D 0 && (Attributes & EFI_VARIABLE_APPEND_WRITE) =3D= =3D 0 && !IsVariablePolicyEnabled()) { + VerifyStatus =3D TRUE; + goto Exit; + } + if (AuthVarType =3D=3D AuthVarTypePk) { // // Verify that the signature has been made with the current Platform K= ey (no chaining for PK). diff --git a/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf b/Secu= rityPkg/Library/AuthVariableLib/AuthVariableLib.inf index 8d4ce14df494..8eadeebcebd7 100644 --- a/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf +++ b/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf @@ -3,6 +3,7 @@ # # Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.
# Copyright (c) 2018, ARM Limited. All rights reserved.
+# Copyright (c) Microsoft Corporation. # # SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -41,6 +42,7 @@ [LibraryClasses] MemoryAllocationLib BaseCryptLib PlatformSecureLib + VariablePolicyLib =20 [Guids] ## CONSUMES ## Variable:L"SetupMode" --=20 2.28.0.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#64723): https://edk2.groups.io/g/devel/message/64723 Mute This Topic: https://groups.io/mt/76468137/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-