From nobody Tue Feb 10 05:46:34 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+107965+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+107965+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=arm.com ARC-Seal: i=1; a=rsa-sha256; t=1692756593; cv=none; d=zohomail.com; s=zohoarc; b=MPkVtbFj/eYj16aOsFkXKO+TEZkNDRUsN+0CGPWxEYllMU9FbCVoEaFDukHm1HDsOfU1dIKmhSNLUquzQ4bCsCSwqsU94oj2YPNJEX/838OQJNidSpHkq5gb3E6asZe8hpNFgXWK298cbuzxIZozyTx05v+cix8ewK/t5UMcQ5c= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1692756593; h=Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=OvxBMUTAsfG5+OEpKYJoIhdEdHhWBnKV6HLcRM8psVI=; b=AvGhTIE1d79J4KLOMrHqNmfr2M/0y5XE+7S3QyrZMFnQlrdqNLjWJ/JoyhXDTd/38hv8ovZigW9su6Nz7o3WRDSFFCcZg0GQJVvplkNAc0JJM/+mN8OMv6b+xoEn2jrAWC0jyrhTwdAuoALAJTls5XTc8JFAwam8MT/0yYmTl88= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+107965+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1692756593151471.4023031178449; Tue, 22 Aug 2023 19:09:53 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=luicprAZbthx63f6QcHIxJE+F12wlAI/BsslLs5Hi0Q=; c=relaxed/simple; d=groups.io; h=From:To:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1692756592; v=1; b=H3uh7/sBMJKvdTZpsfqMbXzVNdZYIbUtMQ7MK61GlarwS+bX5XThPmglTAErbaStQ005vxZ8 TPv1HUol8or5HYXOsLNF7V6nrlljbKrnMy1r9BYXfIchkwNGYg1QHIGQr4GhxKN5VDabRCU90Iu FIhc+C7kDc/b6dEsF8+XsD1I= X-Received: by 127.0.0.2 with SMTP id 4emDYY1788612xjCD4hssG3V; Tue, 22 Aug 2023 19:09:52 -0700 X-Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web10.2909.1692756591367769539 for ; Tue, 22 Aug 2023 19:09:51 -0700 X-Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 759AC1515 for ; Tue, 22 Aug 2023 19:10:31 -0700 (PDT) X-Received: from beelzebub.ast.arm.com (abhsin07-ThinkStation-P720.austin.arm.com [10.118.30.31]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id AF71A3F762 for ; Tue, 22 Aug 2023 19:09:50 -0700 (PDT) From: "Abhimanyu Singh" To: devel@edk2.groups.io Subject: [edk2-devel] [PATCH v2 4/6] uefi-sct/SctPkg: TCG MORLOCK Unlocked State Test Date: Tue, 22 Aug 2023 21:09:45 -0500 Message-Id: <20230823020947.124395-5-Abhi.Singh@arm.com> In-Reply-To: <20230823020947.124395-1-Abhi.Singh@arm.com> References: <20230823020947.124395-1-Abhi.Singh@arm.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,Abhi.Singh@arm.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: 0M4cWUp3SBHhhRmP8bGFLdmQx1787277AA= Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1692756594236100007 Content-Type: text/plain; charset="utf-8" SCT spec: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4374 BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4419 -Implement MemoryOverwriteRequestControlLock Unlocked State test cases -Add Assertions 19, 20, 21, and 22 from SCT spec -Add Test Case to MemoryOverwriteRequestFunctionTest Cc: G Edhaya Chandran Cc: Barton Gao Cc: Carolyn Gjertsen Signed-off-by: Abhi Singh Change-Id: If9cbea790d6c0f5aaceb6834fb91f5e1f3752244 --- uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/Guid.h | 20 ++ uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h | 7 + uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/Guid.c | 8 + uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c | 224 ++++++++++++= ++++++++ 4 files changed, 259 insertions(+) diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/Guid.h b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Runti= meServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h index 29be47393385..daf17793c094 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.h +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.h @@ -79,6 +79,18 @@ Abstract: #define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_018_GUID \ { 0xbbaa52b6, 0x5576, 0x4acd, {0xb9, 0x5f, 0x86, 0x22, 0x5e, 0xfc, 0xb0, 0= x31 }} =20 +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_019_GUID \ +{ 0x60b227e0, 0x9f5c, 0x412c, {0x88, 0x79, 0xd3, 0x59, 0xfc, 0xd0, 0xdd, 0= x3f }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_020_GUID \ +{ 0x2eba284a, 0xf701, 0x4c19, {0xbe, 0x5c, 0x39, 0x27, 0xb0, 0x68, 0x4f, 0= xd7 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_021_GUID \ +{ 0x9a1b44ae, 0x08ce, 0x474c, {0xa5, 0x8e, 0xa6, 0xe2, 0xcf, 0xaf, 0x91, 0= x2c }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_022_GUID \ +{ 0x490d7b39, 0xcad4, 0x4e8c, {0xb1, 0x5d, 0x63, 0xd2, 0x0c, 0xb3, 0xe9, 0= x45 }} + extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid001; =20 extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid002; @@ -114,3 +126,11 @@ extern EFI_GUID gTCGMemoryOverwriteRequestTestFunction= AssertionGuid016; extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid017; =20 extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid018; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid019; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid020; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid021; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid022; diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h b/uefi-sct= /SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBo= xTest/TCGMemoryOverwriteRequestBBTestMain.h index 553959762be8..15eedc60f19d 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h @@ -100,6 +100,13 @@ TCGMemoryOverwriteRequestControlLockSetVariable ( IN RESET_DATA *ResetData ); =20 +EFI_STATUS +TCGMemoryOverwriteRequestControlLockUnlockedState ( + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib, + IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib, + IN RESET_DATA *ResetData +); + // ***********************************************************************= ***** // Entry GUIDs for Test // ***********************************************************************= ***** diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/Guid.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Runti= meServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c index 8574b51af6e4..c41a611d3a4e 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.c +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.c @@ -63,3 +63,11 @@ EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertion= Guid016 =3D EFI_TEST_TCGMO EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid017 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_017_GUID; =20 EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid018 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_018_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid019 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_019_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid020 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_020_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid021 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_021_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid022 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_022_GUID; diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c b/uefi= -sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/Bla= ckBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c index 5b6adbe550c7..77abab6e79be 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c @@ -41,6 +41,8 @@ Abstract: =20 #define LOCK_UNLOCKED_STATE_TEST 4 =20 +#define LOCK_NO_KEY_STATE_TEST 5 + =20 /** * Entry point for TCG Platform Reset Attack Mitigation MemoryOverwrite E= FI Variables Function Test. @@ -148,6 +150,15 @@ BBTestTCGMemoryOverwriteRequestFunctionTest ( return Status; } } + if (ResetData->CheckpointStep =3D=3D LOCK_UNLOCKED_STATE_TEST) { + // + // Test Checkpoint LOCK_UNLOCKED_STATE_TEST + // + TCGMemoryOverwriteRequestControlLockUnlockedState (StandardLib, Recove= ryLib, ResetData); + if(EFI_ERROR(Status)) { + return Status; + } + } // // After all Checkpoints have run // @@ -1015,3 +1026,216 @@ MORLOCK_SET_VARIABLE: =20 return EFI_SUCCESS; } + + +/** + * MemoryOverwriteRequestControlLock in Unlocked State Test + * When Unlocked, the Lock should stay unlocked when passed a valid value= of 0x00 + * Or when passed an invalud data value !=3D 0x00 or !=3D 0x01, such as 0= x02 the lock + * must stay unlocked and return EFI_INVALID_PARAMETER + * @param StandardLib A pointer to EFI_STANDARD_TEST_LIBRARY_PROTOCOL + * instance. + * @param RecoveryLib A pointer to EFI_TEST_RECOVERY_LIBRARY_PROTOCOL + * instance. + * @param ResetData A pointer to the ResetData Buffer which is used = throughout + * the test + * @return EFI_SUCCESS Successfully. + * @return Other value Something failed. + */ +EFI_STATUS +TCGMemoryOverwriteRequestControlLockUnlockedState ( + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib, + IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib, + IN RESET_DATA *ResetData + ) +{ + EFI_STATUS Status; + EFI_TEST_ASSERTION Result; + UINTN DataSize; + UINT8 MemoryOverwriteRequestControlLockDa= ta; + UINT32 Attributes; + + if (ResetData->Step =3D=3D 0) { + goto INITIAL_RESET; + } else if (ResetData->Step =3D=3D 1) { + goto MORLOCK_UNLOCKED_STATE; + } + +INITIAL_RESET: + // + // Reset MORLock variable by performing a cold reset + // + + ResetData->Step =3D 1; + ResetData->CheckpointStep =3D LOCK_UNLOCKED_STATE_TEST; + Status =3D RecoveryLib->WriteResetRecord ( + RecoveryLib, + sizeof (RESET_DATA), + (UINT8*)ResetData + ); + if (EFI_ERROR(Status)) { + StandardLib->RecordAssertion ( + StandardLib, + EFI_TEST_ASSERTION_FAILED, + gTestGenericFailureGuid, + L"TestRecoveryLib - WriteResetRecord", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + return Status; + } + + SctPrint (L"System will cold reset after 1 second..."); + gtBS->Stall (1000000); + gtRT->ResetSystem ( + EfiResetCold, + EFI_SUCCESS, + 0, + NULL + ); + +MORLOCK_UNLOCKED_STATE: + // + // TESTING MORLOCK scenarios when the Variable is in the Unlocked State + // + + ResetData->Step =3D 0; + ResetData->CheckpointStep =3D LOCK_NO_KEY_STATE_TEST; + Status =3D RecoveryLib->WriteResetRecord ( + RecoveryLib, + sizeof (RESET_DATA), + (UINT8*)ResetData + ); + if (EFI_ERROR(Status)) { + StandardLib->RecordAssertion ( + StandardLib, + EFI_TEST_ASSERTION_FAILED, + gTestGenericFailureGuid, + L"TestRecoveryLib - WriteResetRecord", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + return Status; + } + + // + //Setting MORLOCK to Unlocked when already in Unlocked State should retu= rn EFI_SUCCESS + //and the MORLOCK value should still be =3D 0x00 or Unlocked + // + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteRequestControlLockData =3D MOR_LOCK_DATA_UNLOCKED; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (Status =3D=3D EFI_SUCCESS) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid019, + L"MemoryOverwriteRequestControlLock - Setting to Unlocke= d when Already Unlocked Should return EFI_SUCCESS", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_UNLOCKED)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid020, + L"MemoryOverwriteRequestControlLock - Lock value remains= Unlocked", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // + //Setting MORLOCK with an invalid Data parameter !=3D 0x01 should return= EFI_INVALID_PARAMETER + //and the MORLOCK value should still be =3D 0x00 + // + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteRequestControlLockData =3D 0x02; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (Status =3D=3D EFI_INVALID_PARAMETER) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid021, + L"MemoryOverwriteRequestControlLock - invalid Data =3D 0= x02 returns EFI_INVALID_PARAMETER", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_UNLOCKED)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid022, + L"MemoryOverwriteRequestControlLock - Lock value remains= Unlocked", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + return EFI_SUCCESS; +} --=20 2.34.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#107965): https://edk2.groups.io/g/devel/message/107965 Mute This Topic: https://groups.io/mt/100907773/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-