From nobody Fri May 17 10:44:34 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108948+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108948+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=arm.com ARC-Seal: i=1; a=rsa-sha256; t=1695314275; cv=none; d=zohomail.com; s=zohoarc; b=BjKIpOjShyiyoTBl/mkqERvXDehe3HCiuA5jHPldFxzwcJtx1R3dIAPHMumtflrINoqPDyeF0brFTuRqc87S34bfYCa5KI6nFeovITxkJGzPPwwIJLCjdCqEc2fs9jF5rC1Ciccui9Ht6OndIen9VMofc3Gb1EACKGWZPwb/k4M= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695314275; h=Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=ggm/9w3dGSsdHbqjPAmqJRWd9/FV+ai1EXLjh/CBB9c=; b=mqIL6rQ6mhkEVWvcmlajOZxJ101HqbveCOcLBwuz5y8rQdZ6ymjurLACSAWZ7P47ChSyAGLdMT2ZvW7mKvPXA4qw7jR4i1Auq1SOdcKkIVLSyiJe52emlbe71WoE/sn6KdiOli1Mdhmg6cVUXq/sNTjWt7k9w2Z7iogCwFb5IxY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108948+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1695314275091277.53995747286; Thu, 21 Sep 2023 09:37:55 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=/AzAHzbHdYbbjQ1w0MXscnKQVSffY9AVjQnEUP9iQ98=; c=relaxed/simple; d=groups.io; h=From:To:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695314274; v=1; b=OOSDSj621Gnon5+mBrz/dftNv2m65ZOclC9gp+gj9iPO/VSFq0dEBTRyQly5MF+VW39xFO+t YtiOBrq+5ex+ljyK6vXAJ5xZhy1gPDQrLS7+LhdXe6zXlytuFarnGfzrU7UJvK+cikZAyZllTrS HRVLKV7j8py5RLcCV+5gKglg= X-Received: by 127.0.0.2 with SMTP id TYYGYY1788612xzceElveUZF; Thu, 21 Sep 2023 09:37:54 -0700 X-Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web10.162.1695314273355202169 for ; Thu, 21 Sep 2023 09:37:53 -0700 X-Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id CCC1B1A25 for ; Thu, 21 Sep 2023 09:38:29 -0700 (PDT) X-Received: from beelzebub.ast.arm.com (abhsin07-ThinkStation-P720.austin.arm.com [10.118.30.31]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 8FFD43F8A4 for ; Thu, 21 Sep 2023 09:37:52 -0700 (PDT) From: "Abhimanyu Singh" To: devel@edk2.groups.io Subject: [edk2-devel] [PATCH v2 1/6] uefi-sct/SctPkg: TCG Platform Reset Check Test Date: Thu, 21 Sep 2023 11:37:43 -0500 Message-Id: <20230921163748.275971-2-Abhi.Singh@arm.com> In-Reply-To: <20230921163748.275971-1-Abhi.Singh@arm.com> References: <20230921163748.275971-1-Abhi.Singh@arm.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,Abhi.Singh@arm.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: HRJm2IHJe2DNV2Aw8THtgw1sx1787277AA= Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695314277085100010 Content-Type: text/plain; charset="utf-8" From: "Abhi.Singh" SCT spec: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4374 BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4419 -Implement initial test infrastructure for all test cases including updates to: CommonGenFramework.sh, UEFI_SCT.dsc, and Category.ini. -Add Guid.c and Guid.h files to cover the assertions 4/49 assertions defined in the SCT spec -Add TCGMemoryOverwriteRequestBBTestMain.h alongside used define/global variables -Add Platform Reset Check Test -check if the platform creates the MOR & MORLOCK EFI variables as defined in the TCG Spec -sets MOR bit 0 and validate if the platform clears the MOR bit 0 upon reset. Cc: G Edhaya Chandran Cc: Barton Gao Cc: Carolyn Gjertsen Signed-off-by: Abhi Singh Change-Id: I774d5893e5aff47690dadf90c36c7b9e7e7ee584 --- uefi-sct/SctPkg/UEFI/UEFI_SCT.dsc = | 1 + uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/TCGMemoryOverwriteRequestBBTest.inf | 53 +++ uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/Guid.h | 46 +++ uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h | 95 +++++ uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/Guid.c | 37 ++ uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c | 410 ++++++++++++= ++++++++ uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.c | 115 ++++++ uefi-sct/SctPkg/CommonGenFramework.sh = | 1 + uefi-sct/SctPkg/Config/Data/Category.ini = | 7 + 9 files changed, 765 insertions(+) diff --git a/uefi-sct/SctPkg/UEFI/UEFI_SCT.dsc b/uefi-sct/SctPkg/UEFI/UEFI_= SCT.dsc index 155490fa39d3..536d5f2ed37a 100644 --- a/uefi-sct/SctPkg/UEFI/UEFI_SCT.dsc +++ b/uefi-sct/SctPkg/UEFI/UEFI_SCT.dsc @@ -235,6 +235,7 @@ [Components] SctPkg/TestCase/UEFI/EFI/RuntimeServices/MiscRuntimeServices/BlackBoxTest/= MiscRuntimeServicesBBTest.inf SctPkg/TestCase/UEFI/EFI/RuntimeServices/TimeServices/BlackBoxTest/TimeSer= vicesBBTest.inf SctPkg/TestCase/UEFI/EFI/RuntimeServices/VariableServices/BlackBoxTest/Var= iableServicesBBTest.inf +SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBo= xTest/TCGMemoryOverwriteRequestBBTest.inf =20 SctPkg/TestCase/UEFI/EFI/Protocol/GraphicsOutput/BlackBoxTest/GraphicsOutp= utBBTest.inf SctPkg/TestCase/UEFI/EFI/Protocol/Bis/BlackBoxTest/BisBBTest.inf diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTest.inf b/uefi-sct/S= ctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxT= est/TCGMemoryOverwriteRequestBBTest.inf new file mode 100644 index 000000000000..35d82043e2e7 --- /dev/null +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTest.inf @@ -0,0 +1,53 @@ +## @file +# +# Copyright 2006 - 2015 Unified EFI, Inc.
+# Copyright (c) 2013, Intel Corporation. All rights reserved.
+# Copyright (c) 2023, Arm Inc. All rights reserved.
+# +# This program and the accompanying materials +# are licensed and made available under the terms and conditions of the B= SD License +# which accompanies this distribution. The full text of the license may = be found at +# http://opensource.org/licenses/bsd-license.php +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IM= PLIED. +# +## +#/*++ +# +# Module Name: +# +# TCGMemoryOverwriteRequestBBTest.inf +# +# Abstract: +# +# Component description file for TCG MemoryOverwriteRequest UEFI variabl= es Test. +# +#--*/ + +[defines] + INF_VERSION =3D 0x00010005 + BASE_NAME =3D TCGMemoryOverwriteRequestBBTest + FILE_GUID =3D ACA989CD-4AEE-45A3-B80F-E9A523BB7164 + MODULE_TYPE =3D UEFI_DRIVER + VERSION_STRING =3D 1.0 + ENTRY_POINT =3D InitializeTestTCGMemoryOverwriteRequest + +[sources.common] + TCGMemoryOverwriteRequestBBTestMain.c + TCGMemoryOverwriteRequestBBTestMain.h + TCGMemoryOverwriteRequestBBTestFunction.c + Guid.c + +[Packages] + MdePkg/MdePkg.dec + SctPkg/SctPkg.dec + SctPkg/UEFI/UEFI.dec + +[LibraryClasses] + UefiDriverEntryPoint + SctLib + EfiTestLib + +[Protocols] + gEfiTestRecoveryLibraryGuid diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/Guid.h b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Runti= meServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h new file mode 100644 index 000000000000..a3d87a3eb764 --- /dev/null +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.h @@ -0,0 +1,46 @@ +/** @file + + Copyright 2006 - 2016 Unified EFI, Inc.
+ Copyright (c) 2013, Intel Corporation. All rights reserved.
+ Copyright (c) 2023, Arm Inc. All rights reserved.
+ + This program and the accompanying materials + are licensed and made available under the terms and conditions of the BS= D License + which accompanies this distribution. The full text of the license may b= e found at + http://opensource.org/licenses/bsd-license.php + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. + +**/ +/*++ + +Module Name: + + guid.h + +Abstract: + + GUIDs auto-generated for EFI test assertion. + +--*/ + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_001_GUID \ +{ 0xd1c31d5f, 0x944f, 0x434c, {0x88, 0x26, 0xa6, 0xfb, 0x00, 0xd4, 0xbb, 0= x97 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_002_GUID \ +{ 0xa6c191b1, 0x9bfb, 0x4231, {0xb9, 0x2d, 0x4e, 0xa2, 0x21, 0xf6, 0x4b, 0= x5d }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_003_GUID \ +{ 0x34d41a18, 0x8ffe, 0x456b, {0xa4, 0x82, 0x97, 0xb9, 0x9c, 0x50, 0x7d, 0= x9e }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_004_GUID \ +{ 0x002519c6, 0x859f, 0x4d25, {0xb1, 0x36, 0xb2, 0xef, 0x61, 0xe5, 0xd9, 0= x6f }} + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid001; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid002; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid003; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid004; diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h b/uefi-sct= /SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBo= xTest/TCGMemoryOverwriteRequestBBTestMain.h new file mode 100644 index 000000000000..45bd921ecca4 --- /dev/null +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h @@ -0,0 +1,95 @@ +/** @file + + Copyright 2006 - 2017 Unified EFI, Inc.
+ Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.
+ Copyright (c) 2023, Arm Inc. All rights reserved.
+ + This program and the accompanying materials + are licensed and made available under the terms and conditions of the BS= D License + which accompanies this distribution. The full text of the license may b= e found at + http://opensource.org/licenses/bsd-license.php + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. + +**/ +/*++ + +Module Name: + + TCGMemoryOverwriteRequestTest.h + +Abstract: + + Test Driver of TCG MOR and MORLOCK EFI variables that are defined inside + TCG Platform Reset Attack Mitigation v1.10 Section 4 (UEFI Interface) + +--*/ + +#ifndef _TCG_MOR_BB_TEST_MAIN +#define _TCG_MOR_BB_TEST_MAIN + +#include "Efi.h" +#include "Guid.h" +#include +#include +#include +#include + +typedef struct _RESET_DATA { + UINTN Step; + UINTN CheckpointStep; +} RESET_DATA; + +#include EFI_TEST_PROTOCOL_DEFINITION(TestRecoveryLibrary) + +#define TCG_MOR_TEST_REVISION 0x00010000 + +#define MOR_BIT_LOW 0x0 +#define MOR_BIT_HIGH 0x1 + +#define MOR_LOCK_DATA_UNLOCKED 0x0 + + +// +// TEST GUID for TCG Platform Reset Attack Mitigation MemoryOverwriteReque= st (MOR) Test +// +#define EFI_TCG_MOR_TEST_GUID \ + { 0x265e661d, 0xd51e, 0x454b, {0xbb, 0xc9, 0x66, 0x5f, 0x46, 0xec, 0x0a,= 0x04 }} + +EFI_STATUS +EFIAPI +InitializeTestTCGMemoryOverwriteRequest ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable + ); + +EFI_STATUS +EFIAPI +UnloadTCGMemoryOverwriteRequestTest ( + IN EFI_HANDLE ImageHandle + ); + +EFI_STATUS +BBTestTCGMemoryOverwriteRequestFunctionTest ( + IN EFI_BB_TEST_PROTOCOL *This, + IN VOID *ClientInterface, + IN EFI_TEST_LEVEL TestLevel, + IN EFI_HANDLE SupportHandle + ); + +EFI_STATUS +TCGMemoryOverwriteRequestPlatformResetCheck ( + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib, + IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib, + IN RESET_DATA *ResetData + ); + +// ***********************************************************************= ***** +// Entry GUIDs for Test +// ***********************************************************************= ***** + +#define EFI_TCG_MOR_TEST_ENTRY_GUID0101 \ + { 0x2104436a, 0x77c8, 0x4514, {0xb7, 0xd7, 0xaa, 0x8a, 0x6b, 0xd1, 0x8d,= 0xa4 }} + +#endif diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/Guid.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Runti= meServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c new file mode 100644 index 000000000000..59c798a710f1 --- /dev/null +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.c @@ -0,0 +1,37 @@ +/** @file + + Copyright 2006 - 2013 Unified EFI, Inc.
+ Copyright (c) 2013, Intel Corporation. All rights reserved.
+ Copyright (c) 2023, Arm Inc. All rights reserved.
+ + This program and the accompanying materials + are licensed and made available under the terms and conditions of the BS= D License + which accompanies this distribution. The full text of the license may b= e found at + http://opensource.org/licenses/bsd-license.php + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. + +**/ +/*++ + +Module Name: + + guid.c + +Abstract: + + GUIDs auto-generated for EFI test assertion. + +--*/ + +#include "Efi.h" +#include "Guid.h" + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid001 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_001_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid002 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_002_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid003 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_003_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid004 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_004_GUID; diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c b/uefi= -sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/Bla= ckBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c new file mode 100644 index 000000000000..82f9300dd296 --- /dev/null +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c @@ -0,0 +1,410 @@ +/** @file + + Copyright 2006 - 2016 Unified EFI, Inc.
+ Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.
+ Copyright (c) 2023, Arm Inc. All rights reserved.
+ + This program and the accompanying materials + are licensed and made available under the terms and conditions of the BS= D License + which accompanies this distribution. The full text of the license may b= e found at + http://opensource.org/licenses/bsd-license.php + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. + +**/ +/*++ + +Module Name: + + TCGMemoryOverwriteRequestBBTestFunction.c + +Abstract: + + Function Test Cases for the TCG MOR and MORLOCK EFI variables that are d= efined + in TCG Platform Reset Attack Mitigation v1.10 Section 4 (UEFI Interface) + +--*/ + +#include "SctLib.h" +#include "TCGMemoryOverwriteRequestBBTestMain.h" + +#define RECOVER_BUFFER_SIZE 2048 + +#define TCG_MOR_VARIABLE_ATTRIBUTES (EFI_VARIABLE_NON_VOLATILE | EFI_VARI= ABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS) + +#define CONTROL_PLATFORM_RESET_TEST 1 + +#define CONTROL_SET_VARIABLE_TEST 2 + + +/** + * Entry point for TCG Platform Reset Attack Mitigation MemoryOverwrite E= FI Variables Function Test. + * @param This A pointer to the EFI_BB_TEST_PROTOCOL instance. + * @param ClientInterface A pointer to the interface to be tested. + * @param TestLevel Test "thoroughness" control. + * @param SupportHandle A handle containing support protocols. + * @return EFI_SUCCESS Test cases ran Successfully, may still contain= errors in assertions. + * @return Other value Something failed. + */ +EFI_STATUS +BBTestTCGMemoryOverwriteRequestFunctionTest ( + IN EFI_BB_TEST_PROTOCOL *This, + IN VOID *ClientInterface, + IN EFI_TEST_LEVEL TestLevel, + IN EFI_HANDLE SupportHandle + ) +{ + EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib; + EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib; + EFI_STATUS Status; + RESET_DATA *ResetData; + UINT8 Buffer[RECOVER_BUFFER_SIZE]; + UINTN Size; + + ResetData =3D (RESET_DATA *)Buffer; + + // + // Get the Standard Library Interface + // + Status =3D gtBS->HandleProtocol ( + SupportHandle, + &gEfiStandardTestLibraryGuid, + (VOID **) &StandardLib + ); + if (EFI_ERROR(Status)) { + return Status; + } + + // + // Get the Recovery Library Interface + // + Status =3D gtBS->HandleProtocol ( + SupportHandle, + &gEfiTestRecoveryLibraryGuid, + (VOID **) &RecoveryLib + ); + if (EFI_ERROR(Status)) { + StandardLib->RecordAssertion ( + StandardLib, + EFI_TEST_ASSERTION_FAILED, + gTestGenericFailureGuid, + L"BS.HandleProtocol - Handle recovery library", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + return Status; + } + + // + // Read reset record + // + Status =3D RecoveryLib->ReadResetRecord ( + RecoveryLib, + &Size, + Buffer + ); + + // + // Check Reset Record's checkpoint for which test to run, all tests must= run so they are all included in the same function + // + if (EFI_ERROR(Status) || (Size < sizeof(RESET_DATA)) || (ResetData->Chec= kpointStep =3D=3D CONTROL_PLATFORM_RESET_TEST)) { + if (EFI_ERROR(Status) || Size < sizeof(RESET_DATA)) { // if true, Rese= tData has not been intialized by the tests yet, set Step =3D 0 to start the= first step of the tests + ResetData->Step =3D 0; + } + // + // Test Checkpoint CONTROL_PLATFORM_RESET_TEST + // + Status =3D TCGMemoryOverwriteRequestPlatformResetCheck (StandardLib, R= ecoveryLib, ResetData); + // + // Status is returned in the event that the MOR/MORLOCK variables do n= ot exist in occordance to spec, + // or the WriteResetRecord returns EFI_ERROR, test ends prematurely + // + if(EFI_ERROR(Status)) { + return Status; + } + } + // + // After all Checkpoints have run + // + return EFI_SUCCESS; +} + + +/** + * MOR & MORLock EFI variables are correctly created by platform + * Initially setting MOR bit 0 is then cleared upon platform reset + * @param StandardLib A pointer to EFI_STANDARD_TEST_LIBRARY_PROTOCOL + * instance. + * @param RecoveryLib A pointer to EFI_TEST_RECOVERY_LIBRARY_PROTOCOL + * instance. + * @return EFI_SUCCESS Successfully. + * @return Other value Something failed. + */ +EFI_STATUS +TCGMemoryOverwriteRequestPlatformResetCheck ( + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib, + IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib, + IN RESET_DATA *ResetData + ) +{ + EFI_STATUS Status; + EFI_TEST_ASSERTION Result; + UINTN DataSize; + UINT8 MemoryOverwriteRequestControlData; + UINT8 MemoryOverwriteRequestControlLockDa= ta; + UINT32 Attributes; + + // + // Check Step to see which part of test remains to be executed + // + if (ResetData->Step =3D=3D 0) { + goto INITIAL_RESET; + } else if (ResetData->Step =3D=3D 1) { + goto MOR_VARIABLE_CHECK; + } else if (ResetData->Step =3D=3D 2) { + goto MOR_BIT_CLEAR_ON_RESET; + } + +INITIAL_RESET: + // + // Perform initial plaform reset + // + ResetData->Step =3D 1; + ResetData->CheckpointStep =3D CONTROL_PLATFORM_RESET_TEST; + + Status =3D RecoveryLib->WriteResetRecord ( + RecoveryLib, + sizeof (RESET_DATA), + (UINT8*)ResetData + ); + if (EFI_ERROR(Status)) { + StandardLib->RecordAssertion ( + StandardLib, + EFI_TEST_ASSERTION_FAILED, + gTestGenericFailureGuid, + L"TestRecoveryLib - WriteResetRecord", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + return Status; + } + SctPrint (L"System will cold reset after 1 second..."); + gtBS->Stall (1000000); + gtRT->ResetSystem ( + EfiResetCold, + EFI_SUCCESS, + 0, + NULL + ); + +MOR_VARIABLE_CHECK: + // + // Post system reset, Check if the MOR EFI var is correctly created by p= latform + // + + // Write reset record before the second reset (MOR_BIT_CLEAR_ON_RESET) + ResetData->Step =3D 2; + ResetData->CheckpointStep =3D CONTROL_PLATFORM_RESET_TEST; + + Status =3D RecoveryLib->WriteResetRecord ( + RecoveryLib, + sizeof (RESET_DATA), + (UINT8*)ResetData + ); + if (EFI_ERROR(Status)) { + StandardLib->RecordAssertion ( + StandardLib, + EFI_TEST_ASSERTION_FAILED, + gTestGenericFailureGuid, + L"TestRecoveryLib - WriteResetRecord", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + return Status; + } + + // + // GetVariable and check if the DataSize and Attributes are as expected + // + DataSize =3D sizeof(MemoryOverwriteRequestControlData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControl", // VariableName + &gEfiMemoryOverwriteControlDataGuid, // VendorGuid + &Attributes, // Attributes + &DataSize, // DataSize + &MemoryOverwriteRequestControlData // Data + ); + if (EFI_ERROR (Status) || (DataSize !=3D 1) || (Attributes !=3D TCG_MOR_= VARIABLE_ATTRIBUTES)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid001, + L"MemoryOverwriteRequestControl - Validate that the MOR = Variable is created by the platform in accordance with TCG Spec", + L"%a:%d:Status - %r, DataSize - %d, Attributes - %x", + __FILE__, + (UINTN)__LINE__, + Status, + (UINTN)DataSize, + Attributes + ); + if (EFI_ERROR (Status)) { + return Status; + } + + // + // Set MemoryOverwriteRequestControlData bit 0 and verify the platform c= lears bit 0 upon system reset + // MOR bit 0 indicates to platform firmware that system memory must be w= iped during platform initialization + // + DataSize =3D sizeof(MemoryOverwriteRequestControlData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteRequestControlData |=3D MOR_BIT_HIGH << MOR_CLEAR_MEMORY_= BIT_OFFSET; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControl", // VariableName + &gEfiMemoryOverwriteControlDataGuid, // VendorGuid + Attributes, // Attributes + DataSize, // DataSize + &MemoryOverwriteRequestControlData // Data + ); + if (Status =3D=3D EFI_SUCCESS) { + Result =3D EFI_TEST_ASSERTION_PASSED; + }else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid002, + L"MemoryOverwriteRequestControl - SetVariable() with MOR= bit 0 set high returns EFI_SUCCESS", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + if (EFI_ERROR (Status)) { + return Status; + } + + // Cold reset system again for step 2 + SctPrint (L"System will cold reset after 1 second and test will be resum= ed after reboot."); + gtBS->Stall (1000000); + gtRT->ResetSystem ( + EfiResetCold, + EFI_SUCCESS, + 0, + NULL + ); + +MOR_BIT_CLEAR_ON_RESET: + // + // Clear Step count and increment checkpoint for next test + // + + ResetData->Step =3D 0; + ResetData->CheckpointStep =3D CONTROL_SET_VARIABLE_TEST; + + Status =3D RecoveryLib->WriteResetRecord ( + RecoveryLib, + sizeof (RESET_DATA), + (UINT8*)ResetData + ); + if (EFI_ERROR(Status)) { + StandardLib->RecordAssertion ( + StandardLib, + EFI_TEST_ASSERTION_FAILED, + gTestGenericFailureGuid, + L"TestRecoveryLib - WriteResetRecord", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + return Status; + } + + // + // Check if the platform has cleared the set MOR bit 0 on reset + // + DataSize =3D sizeof(MemoryOverwriteRequestControlData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControl", // VariableName + &gEfiMemoryOverwriteControlDataGuid, // VendorGuid + &Attributes, // Attributes + &DataSize, // DataSize + &MemoryOverwriteRequestControlData // Data + ); + if (EFI_ERROR (Status) || (MOR_CLEAR_MEMORY_VALUE (MemoryOverwriteReques= tControlData) !=3D MOR_BIT_LOW)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid003, + L"MemoryOverwriteRequestControl - Validate that MOR bit = 0 is cleared after a cold reset when the bit 0 is initially set", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + if (EFI_ERROR (Status)) { + return Status; + } + + // + // Verify MemoryOverwriteRequestControlLock is created as defined in TCG= spec + // + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_UNLOCKED) || + (DataSize !=3D 1) || (Attributes !=3D TCG_MOR_VARIABLE_ATTRIBUTES)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid004, + L"MemoryOverwriteRequestControlLock - Validate that MORL= OCK is created by the platform in accordance with TCG Spec", + L"%a:%d:Status - %r, DataSize - %d, Attributes - %x", + __FILE__, + (UINTN)__LINE__, + Status, + (UINTN)DataSize, + Attributes + ); + if (EFI_ERROR (Status)) { + return Status; + } + + return EFI_SUCCESS; +} diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.c b/uefi-sct= /SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBo= xTest/TCGMemoryOverwriteRequestBBTestMain.c new file mode 100644 index 000000000000..db01df9db5e2 --- /dev/null +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.c @@ -0,0 +1,115 @@ +/** @file + + Copyright 2006 - 2016 Unified EFI, Inc.
+ Copyright (c) 2023, Arm Inc. All rights reserved.
+ + This program and the accompanying materials + are licensed and made available under the terms and conditions of the BS= D License + which accompanies this distribution. The full text of the license may b= e found at + http://opensource.org/licenses/bsd-license.php + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. + +**/ +/*++ + +Module Name: + + TCG2MORTestMain.c + +Abstract: + + for EFI Driver TCG MemoryOverwriteRequest Test + +--*/ +#include "SctLib.h" +#include "TCGMemoryOverwriteRequestBBTestMain.h" + +EFI_GUID gEfiMemoryOverwriteControlDataGuid =3D MEMORY_ONLY_RESET_CONTROL_= GUID; + +EFI_GUID gEfiMemoryOverwriteRequestControlLockGuid =3D MEMORY_OVERWRITE_RE= QUEST_CONTROL_LOCK_GUID; + +EFI_BB_TEST_PROTOCOL_FIELD gEfiTCGMemoryOverwriteRequestTestProtocolField = =3D { + TCG_MOR_TEST_REVISION, + EFI_TCG_MOR_TEST_GUID, + L"TCG MemoryOverwriteRequest Test", + L"TCG MemoryOverwriteRequest Functionality Test" +}; + +EFI_GUID gSupportProtocolGuid1[2] =3D { + EFI_STANDARD_TEST_LIBRARY_GUID, + EFI_NULL_GUID +}; + +EFI_BB_TEST_ENTRY_FIELD gLoadTCGMemoryOverwriteRequestEntryField[] =3D { + + { + EFI_TCG_MOR_TEST_ENTRY_GUID0101, + L"Test MOR and MORLOCK", + L"Test for MOR and MORLOCK EFI variables in accordance with TCG spec", + EFI_TEST_LEVEL_DEFAULT, + gSupportProtocolGuid1, + EFI_TEST_CASE_AUTO, + BBTestTCGMemoryOverwriteRequestFunctionTest + }, + + EFI_NULL_GUID +}; + +EFI_BB_TEST_PROTOCOL *gTCGMemoryOverwriteRequestTestProt; + + +EFI_STATUS +EFIAPI +UnloadTCGMemoryOverwriteRequestTest ( + IN EFI_HANDLE ImageHandle + ); + +/** + * Creates/installs the BlackBox Interface and eminating Entry Point node= list. + * @param ImageHandle The test driver image handle + * @param SystemTable Pointer to System Table + * @return EFI_SUCCESS Indicates the interface was installed + * @return EFI_OUT_OF_RESOURCES Indicates space for the new handle could = not be allocated + * @return EFI_INVALID_PARAMETER: One of the parameters has an invalid va= lue. + */ +EFI_STATUS +EFIAPI +InitializeTestTCGMemoryOverwriteRequest ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable + ) +{ + // + // initialize test utility lib + // + EfiInitializeTestLib (ImageHandle, SystemTable); + SctInitializeLib (ImageHandle, SystemTable); + + return EfiInitAndInstallBBTestInterface ( + &ImageHandle, + &gEfiTCGMemoryOverwriteRequestTestProtocolField, + gLoadTCGMemoryOverwriteRequestEntryField, + UnloadTCGMemoryOverwriteRequestTest, + &gTCGMemoryOverwriteRequestTestProt + ); +} + + +/** + * Unloads the BlackBox Interface and the Entry Point list. + * @param ImageHandle The image handle. + * @return EFI_SUCCESS The interface was uninstalled successfully. + */ +EFI_STATUS +EFIAPI +UnloadTCGMemoryOverwriteRequestTest ( + IN EFI_HANDLE ImageHandle + ) +{ + return EfiUninstallAndFreeBBTestInterface ( + ImageHandle, + gTCGMemoryOverwriteRequestTestProt + ); +} diff --git a/uefi-sct/SctPkg/CommonGenFramework.sh b/uefi-sct/SctPkg/Common= GenFramework.sh index fb9043b56bca..886e7eb7596b 100755 --- a/uefi-sct/SctPkg/CommonGenFramework.sh +++ b/uefi-sct/SctPkg/CommonGenFramework.sh @@ -226,6 +226,7 @@ then if [ -e $ProcessorType/RiscVBootProtocolBBTest.efi ]; then cp $ProcessorType/RiscVBootProtocolBBTest.efi $Framewor= k/Test/ > NUL fi + cp $ProcessorType/TCGMemoryOverwriteRequestBBTest.efi $Framework/= Test/ > NUL =20 # ********************************************* # Copy ENTS binary diff --git a/uefi-sct/SctPkg/Config/Data/Category.ini b/uefi-sct/SctPkg/Con= fig/Data/Category.ini index b34d35db9ac8..bf02ccea9218 100644 --- a/uefi-sct/SctPkg/Config/Data/Category.ini +++ b/uefi-sct/SctPkg/Config/Data/Category.ini @@ -165,6 +165,13 @@ InterfaceGuid =3D AFF115FB-387B-4C18-8C41-6AFC7F03BB90 Name =3D RuntimeServicesTest\MiscRuntimeServicesTest Description =3D =20 +[Category Data] +Revision =3D 0x00010000 +CategoryGuid =3D 265E661D-D51E-454B-BBC9-665F46EC0A04 +InterfaceGuid =3D AFF115FB-387B-4C18-8C41-6AFC7F03BB90 +Name =3D RuntimeServicesTest\TCGMemoryOverwriteRequestTest +Description =3D Test TCG Platform Reset Attack Mitigation EFI variables + [Category Data] Revision =3D 0x00010000 CategoryGuid =3D 5B1B31A1-9562-11D2-8E3F-00A0C969723B --=20 2.34.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108948): https://edk2.groups.io/g/devel/message/108948 Mute This Topic: https://groups.io/mt/101504335/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 10:44:34 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108951+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108951+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=arm.com ARC-Seal: i=1; a=rsa-sha256; t=1695314276; cv=none; d=zohomail.com; s=zohoarc; b=JY10L7lqvp2S2/7y4g0gp1g3R2oDWuS7JiYV4xcIOahBNUYMUXCxhnqSY8/eArlKxbwuUOuPJJCT4zW0gjPano1egvD+Hi1TSCM+//cJjqzn5yP8tAA/j8uspCqPwL4VRJYC+RZMzDK2+QmEnwlox7+7AVsJKvuFKwEgyQm43GQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695314276; h=Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=0fCu9RigszgyZJp0vjALEXUDi7uEmRmrFLRGO3+mNKc=; b=gCIkCpRmTN9lF/Cc/Y0foAQPTkXbIkG1osa5uforzDPgwb/14L3lU4oUeGR624O9LdPdlHZu+kdpfqfdk3pJzfik1RsHN7AUySEI0CshDty/Ds8jZcpGUtrKhIH1AFCFqOaXd3kQQpkoEhsJZyWO9qtAZhCqm7hW0LVeOo6O4lY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108951+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1695314276036628.2151991855785; Thu, 21 Sep 2023 09:37:56 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=6PddKRfxt4H6SBooPNFFXxfYbbX2SKjK+k8LeCD09gQ=; c=relaxed/simple; d=groups.io; h=From:To:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695314275; v=1; b=sBrrlkkP5VXjm0MVLO1Fm/A7YTcMuxZMWyMi2oYYv5C9DrZK0OPQj6nz06WqQrXijqwbFXRc U5SWkBAjyG1lVAkgi6mNfWFLl9U4WSA/+M/lHOkI2nY9kLxMEE3+z1StekifqGpOqPBrhbYtCrt 6rYJzzImKPoQCE6v68RfFb3Y= X-Received: by 127.0.0.2 with SMTP id GAgZYY1788612xQEeAKmp3O4; Thu, 21 Sep 2023 09:37:55 -0700 X-Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web10.165.1695314273583775876 for ; Thu, 21 Sep 2023 09:37:53 -0700 X-Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id D69AE1A2D for ; Thu, 21 Sep 2023 09:38:29 -0700 (PDT) X-Received: from beelzebub.ast.arm.com (abhsin07-ThinkStation-P720.austin.arm.com [10.118.30.31]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id A741C3F59C for ; Thu, 21 Sep 2023 09:37:52 -0700 (PDT) From: "Abhimanyu Singh" To: devel@edk2.groups.io Subject: [edk2-devel] [PATCH v2 2/6] uefi-sct/SctPkg: TCG MOR SetVariable Test Date: Thu, 21 Sep 2023 11:37:44 -0500 Message-Id: <20230921163748.275971-3-Abhi.Singh@arm.com> In-Reply-To: <20230921163748.275971-1-Abhi.Singh@arm.com> References: <20230921163748.275971-1-Abhi.Singh@arm.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,Abhi.Singh@arm.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: KrwXKWihtPRlsf67qAxpXToXx1787277AA= Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695314277811100015 Content-Type: text/plain; charset="utf-8" SCT spec: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4374 BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4419 -Implement MemoryOverwriteRequestControlSetVariable test cases -Add Assertions 5, 6, 7, and 8 from SCT spec -Add Test Case to MemoryOverwriteRequestFunctionTest Cc: G Edhaya Chandran Cc: Barton Gao Cc: Carolyn Gjertsen Signed-off-by: Abhi Singh Change-Id: I21ed8d6613c7b9d20560b8fa4a45632008d756f9 --- uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/Guid.h | 20 ++ uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h | 7 + uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/Guid.c | 8 + uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c | 202 ++++++++++++= ++++++++ 4 files changed, 237 insertions(+) diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/Guid.h b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Runti= meServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h index a3d87a3eb764..84175504579c 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.h +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.h @@ -37,6 +37,18 @@ Abstract: #define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_004_GUID \ { 0x002519c6, 0x859f, 0x4d25, {0xb1, 0x36, 0xb2, 0xef, 0x61, 0xe5, 0xd9, 0= x6f }} =20 +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_005_GUID \ +{ 0x13e97668, 0xe905, 0x452d, {0xa0, 0x72, 0x03, 0xde, 0xbf, 0x53, 0xdf, 0= xa2 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_006_GUID \ +{ 0x94811e97, 0x7513, 0x4099, {0xae, 0xb8, 0x5a, 0x7e, 0x7d, 0x50, 0xb4, 0= x99 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_007_GUID \ +{ 0x15378290, 0x17dd, 0x4cbf, {0x8e, 0x8f, 0xc2, 0x4b, 0xc9, 0x09, 0xb4, 0= x14 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_008_GUID \ +{ 0x5f0b42ef, 0x3cec, 0x46ad, {0xbc, 0x5b, 0xc3, 0x7a, 0x1d, 0x45, 0x41, 0= x29 }} + extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid001; =20 extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid002; @@ -44,3 +56,11 @@ extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAs= sertionGuid002; extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid003; =20 extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid004; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid005; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid006; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid007; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid008; diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h b/uefi-sct= /SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBo= xTest/TCGMemoryOverwriteRequestBBTestMain.h index 45bd921ecca4..46c2c2faa388 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h @@ -85,6 +85,13 @@ TCGMemoryOverwriteRequestPlatformResetCheck ( IN RESET_DATA *ResetData ); =20 +EFI_STATUS +TCGMemoryOverwriteRequestControlSetVariable ( + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib, + IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib, + IN RESET_DATA *ResetData + ); + // ***********************************************************************= ***** // Entry GUIDs for Test // ***********************************************************************= ***** diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/Guid.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Runti= meServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c index 59c798a710f1..07bc98b8d764 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.c +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.c @@ -35,3 +35,11 @@ EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertion= Guid002 =3D EFI_TEST_TCGMO EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid003 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_003_GUID; =20 EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid004 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_004_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid005 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_005_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid006 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_006_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid007 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_007_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid008 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_008_GUID; diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c b/uefi= -sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/Bla= ckBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c index 82f9300dd296..40842f2b064e 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c @@ -37,6 +37,8 @@ Abstract: =20 #define CONTROL_SET_VARIABLE_TEST 2 =20 +#define LOCK_SET_VARIABLE_TEST 3 + =20 /** * Entry point for TCG Platform Reset Attack Mitigation MemoryOverwrite E= FI Variables Function Test. @@ -126,6 +128,15 @@ BBTestTCGMemoryOverwriteRequestFunctionTest ( return Status; } } + if (ResetData->CheckpointStep =3D=3D CONTROL_SET_VARIABLE_TEST) { + // + // Test Checkpoint CONTROL_SET_VARIABLE_TEST + // + Status =3D TCGMemoryOverwriteRequestControlSetVariable (StandardLib, R= ecoveryLib, ResetData);=20 + if(EFI_ERROR(Status)) { + return Status; + } + } // // After all Checkpoints have run // @@ -408,3 +419,194 @@ MOR_BIT_CLEAR_ON_RESET: =20 return EFI_SUCCESS; } + + +/** + * MemoryOverwriteRequestControl EFI variable SetVariable() requests with= a single invalid parameter + * @param StandardLib A pointer to EFI_STANDARD_TEST_LIBRARY_PROTOCOL + * instance. + * @param RecoveryLib A pointer to EFI_TEST_RECOVERY_LIBRARY_PROTOCOL + * instance. + * @return EFI_SUCCESS Successfully. + * @return Other value Something failed. + */ +EFI_STATUS +TCGMemoryOverwriteRequestControlSetVariable ( + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib, + IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib, + IN RESET_DATA *ResetData + ) +{ + EFI_STATUS Status; + EFI_TEST_ASSERTION Result; + UINTN DataSize; + UINT8 MemoryOverwriteRequestControlData; + UINT8 MemoryOverwriteRequestControlDataCa= ched; + UINT32 Attributes; + + // + // Write reset record to initiate checkpoint LOCK_SET_VARIABLE_TEST afte= r these assertions are complete + // + ResetData->Step =3D 0; + ResetData->CheckpointStep =3D LOCK_SET_VARIABLE_TEST; + + Status =3D RecoveryLib->WriteResetRecord ( + RecoveryLib, + sizeof (RESET_DATA), + (UINT8*)ResetData + ); + if (EFI_ERROR(Status)) { + StandardLib->RecordAssertion ( + StandardLib, + EFI_TEST_ASSERTION_FAILED, + gTestGenericFailureGuid, + L"TestRecoveryLib - WriteResetRecord", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + return Status; + } + + // + //MOR SetVariable() with invalid DataSize =3D=3D 0 returns EFI_INVALID_P= ARAMETER and value is unchanged + //using GetVariable() before and after SetVariable() to compare values o= f the data + // + DataSize =3D sizeof(MemoryOverwriteRequestControlData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControl", // VariableName + &gEfiMemoryOverwriteControlDataGuid, // VendorGuid + &Attributes, // Attributes + &DataSize, // DataSize + &MemoryOverwriteRequestControlData // Data + ); + if (EFI_ERROR (Status)) { + return Status; + } + + // caching variable for later comparison with second GetVariable() value + // SetVar with changed value and invalid DataSize =3D=3D 0 + MemoryOverwriteRequestControlDataCached =3D MemoryOverwriteRequestContro= lData; + + DataSize =3D 0; + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteRequestControlData |=3D MOR_BIT_HIGH << MOR_CLEAR_MEMORY_= BIT_OFFSET; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControl", // VariableName + &gEfiMemoryOverwriteControlDataGuid, // VendorGuid + Attributes, // Attributes + DataSize, // DataSize + &MemoryOverwriteRequestControlData // Data + ); + if (Status =3D=3D EFI_INVALID_PARAMETER) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid005, + L"MemoryOverwriteRequestControl - SetVariable() with Dat= aSize =3D=3D 0 returns EFI_INVALID_PARAMETER", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControl", // VariableName + &gEfiMemoryOverwriteControlDataGuid, // VendorGuid + &Attributes, // Attributes + &DataSize, // DataSize + &MemoryOverwriteRequestControlData // Data + ); + + // verifying that the variable has not been modified with SetVar + if (MemoryOverwriteRequestControlDataCached =3D=3D MemoryOverwriteReques= tControlData) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid006, + L"MemoryOverwriteRequestControl - SetVariable() with Dat= aSize =3D=3D 0 variable value remains unchanged", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // + // MOR SetVariable() with invalid Attributes =3D=3D NV + BS returns EFI_= INVALID_PARAMETER and value is unchanged + // SetVar with set bit 0, DataSize =3D 1 and invalid attributes =3D NV += BS + // + DataSize =3D sizeof(MemoryOverwriteRequestControlData); + Attributes =3D EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCE= SS; + MemoryOverwriteRequestControlData |=3D MOR_BIT_HIGH << MOR_CLEAR_MEMORY_= BIT_OFFSET; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControl", // VariableName + &gEfiMemoryOverwriteControlDataGuid, // VendorGuid + Attributes, // Attributes + DataSize, // DataSize + &MemoryOverwriteRequestControlData // Data + ); + if (Status =3D=3D EFI_INVALID_PARAMETER) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid007, + L"MemoryOverwriteRequestControl - SetVariable() with Att= ributes =3D=3D NV returns EFI_INVALID_PARAMETER", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControl", // VariableName + &gEfiMemoryOverwriteControlDataGuid, // VendorGuid + &Attributes, // Attributes + &DataSize, // DataSize + &MemoryOverwriteRequestControlData // Data + ); + // verifying that the variable has not been modified with SetVar + if (MemoryOverwriteRequestControlDataCached =3D=3D MemoryOverwriteReques= tControlData) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid008, + L"MemoryOverwriteRequestControl - SetVariable() with Att= ributes =3D=3D NV variable value remains unchanged", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + return EFI_SUCCESS; +} --=20 2.34.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108951): https://edk2.groups.io/g/devel/message/108951 Mute This Topic: https://groups.io/mt/101504338/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 10:44:34 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108952+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108952+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=arm.com ARC-Seal: i=1; a=rsa-sha256; t=1695314275; cv=none; d=zohomail.com; s=zohoarc; b=D/+tev8UxMD+WUQCmS7DEGkHlaq5r9oEFPuWZrddujF0MQzXprSzkT/2uih9pF8tKAk4+7jzUyXVW0iuQ2MPEMuH1Prh5bFlGRKiw3/b2UoeF940U1oiIi0V7yXIeyfkXNtMp6W5nCCgnxb2EtKjGjI0hlzcKrxkyT5qRGVe6o0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695314275; h=Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=q6Qm9ERi/X7HxfzdyWiMF6asgN0OOvQlT8MXOd4MINs=; b=AgetnhI1bQhBqDn5Tull7dElr7h943SeO6PQx/Wbify3DQUkuNIE1ovEk8o6v+hiMy2+lY7ZwpMrKyBJj/vr606hbJcvrJBYl8krhNHNkPtObeGJ40B/nZ7v3dZvR3MwKMMpwuRXeI9q9SyCvVuqVJWPGR1xLx6jcSkpLoNZ5vI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108952+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1695314275652680.2257545609722; Thu, 21 Sep 2023 09:37:55 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=RSyyuwvauINm4Rn5yKbAbG/m/HECejyjdOmDwvlSolI=; c=relaxed/simple; d=groups.io; h=From:To:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695314275; v=1; b=jBSzKwR72TzFrxtK/iYfO6I+IBcJ3uN4UKY7EbLwTsaXt4yoohxGcEOhaG/LnU0m8556VAbe Af5KnhEtPG7Nfi4qwfQHtE+/1J2H8YXuQGg4n+gkchjSRPMN1AScEXUv+VAtox0/pB/WS5HpEao aJg6wGQxsNOMbqZ1zATwVjmc= X-Received: by 127.0.0.2 with SMTP id fu20YY1788612x0BroAbhViS; Thu, 21 Sep 2023 09:37:55 -0700 X-Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web11.161.1695314273609893149 for ; Thu, 21 Sep 2023 09:37:53 -0700 X-Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id E2DE21A32 for ; Thu, 21 Sep 2023 09:38:29 -0700 (PDT) X-Received: from beelzebub.ast.arm.com (abhsin07-ThinkStation-P720.austin.arm.com [10.118.30.31]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id B0E8B3F8A4 for ; Thu, 21 Sep 2023 09:37:52 -0700 (PDT) From: "Abhimanyu Singh" To: devel@edk2.groups.io Subject: [edk2-devel] [PATCH v2 3/6] uefi-sct/SctPkg: TCG MORLOCK SetVariable Test Date: Thu, 21 Sep 2023 11:37:45 -0500 Message-Id: <20230921163748.275971-4-Abhi.Singh@arm.com> In-Reply-To: <20230921163748.275971-1-Abhi.Singh@arm.com> References: <20230921163748.275971-1-Abhi.Singh@arm.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,Abhi.Singh@arm.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: rvI8pB2vgjrcg7RP7YNT9HbGx1787277AA= Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695314276720100007 Content-Type: text/plain; charset="utf-8" SCT spec: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4374 BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4419 -Implement MemoryOverwriteRequestControlLockSetVariable test cases -Add Assertions 9 through 18 from SCT spec -Add Test Case to MemoryOverwriteRequestFunctionTest Cc: G Edhaya Chandran Cc: Barton Gao Cc: Carolyn Gjertsen Signed-off-by: Abhi Singh Change-Id: I23ba7256441354f497ecdc96a394df5ba5cae8df --- uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/Guid.h | 50 +++ uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h | 8 + uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/Guid.c | 20 + uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c | 405 ++++++++++++= ++++++++ 4 files changed, 483 insertions(+) diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/Guid.h b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Runti= meServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h index 84175504579c..29be47393385 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.h +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.h @@ -49,6 +49,36 @@ Abstract: #define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_008_GUID \ { 0x5f0b42ef, 0x3cec, 0x46ad, {0xbc, 0x5b, 0xc3, 0x7a, 0x1d, 0x45, 0x41, 0= x29 }} =20 +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_009_GUID \ +{ 0x9665c8d9, 0x267c, 0x4393, {0xa4, 0x72, 0x10, 0x54, 0x43, 0x56, 0x20, 0= x21 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_010_GUID \ +{ 0xce655812, 0xcc40, 0x42b0, {0x80, 0xd1, 0xa7, 0x26, 0xdb, 0x14, 0x9e, 0= xa8 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_011_GUID \ +{ 0xd34348ad, 0x5d46, 0x4961, {0x91, 0x3e, 0xb1, 0xf2, 0xc5, 0xe7, 0x0f, 0= x7d }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_012_GUID \ +{ 0x838311e0, 0x419a, 0x4c92, {0x90, 0x60, 0xbf, 0x94, 0x59, 0xd3, 0xc3, 0= x59 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_013_GUID \ +{ 0x12998a9c, 0xc863, 0x4572, {0x80, 0x6c, 0xb6, 0x40, 0x97, 0x91, 0x89, 0= x7f }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_014_GUID \ +{ 0xebd4ba26, 0x44c3, 0x464a, {0x88, 0xe3, 0x3b, 0x44, 0x94, 0x88, 0xbb, 0= xb8 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_015_GUID \ +{ 0x00920c8e, 0x241d, 0x4da0, {0x8b, 0x59, 0xc3, 0xad, 0xe0, 0xd6, 0x4e, 0= xc9 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_016_GUID \ +{ 0x169a43cc, 0x23fa, 0x4887, {0x8b, 0x4f, 0x11, 0xb2, 0xa0, 0x88, 0x4f, 0= x63 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_017_GUID \ +{ 0x7c11d0ab, 0x7a84, 0x482b, {0xb7, 0x5a, 0xd7, 0x72, 0x6c, 0x3e, 0xae, 0= x0e }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_018_GUID \ +{ 0xbbaa52b6, 0x5576, 0x4acd, {0xb9, 0x5f, 0x86, 0x22, 0x5e, 0xfc, 0xb0, 0= x31 }} + extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid001; =20 extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid002; @@ -64,3 +94,23 @@ extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAs= sertionGuid006; extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid007; =20 extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid008; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid009; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid010; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid011; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid012; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid013; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid014; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid015; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid016; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid017; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid018; diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h b/uefi-sct= /SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBo= xTest/TCGMemoryOverwriteRequestBBTestMain.h index 46c2c2faa388..553959762be8 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h @@ -49,6 +49,7 @@ typedef struct _RESET_DATA { #define MOR_BIT_HIGH 0x1 =20 #define MOR_LOCK_DATA_UNLOCKED 0x0 +#define MOR_LOCK_DATA_LOCKED_WITHOUT_KEY 0x1 =20 =20 // @@ -92,6 +93,13 @@ TCGMemoryOverwriteRequestControlSetVariable ( IN RESET_DATA *ResetData ); =20 +EFI_STATUS +TCGMemoryOverwriteRequestControlLockSetVariable ( + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib, + IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib, + IN RESET_DATA *ResetData + ); + // ***********************************************************************= ***** // Entry GUIDs for Test // ***********************************************************************= ***** diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/Guid.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Runti= meServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c index 07bc98b8d764..8574b51af6e4 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.c +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.c @@ -43,3 +43,23 @@ EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertion= Guid006 =3D EFI_TEST_TCGMO EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid007 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_007_GUID; =20 EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid008 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_008_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid009 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_009_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid010 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_010_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid011 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_011_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid012 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_012_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid013 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_013_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid014 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_014_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid015 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_015_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid016 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_016_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid017 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_017_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid018 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_018_GUID; diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c b/uefi= -sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/Bla= ckBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c index 40842f2b064e..5b6adbe550c7 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c @@ -39,6 +39,8 @@ Abstract: =20 #define LOCK_SET_VARIABLE_TEST 3 =20 +#define LOCK_UNLOCKED_STATE_TEST 4 + =20 /** * Entry point for TCG Platform Reset Attack Mitigation MemoryOverwrite E= FI Variables Function Test. @@ -137,6 +139,15 @@ BBTestTCGMemoryOverwriteRequestFunctionTest ( return Status; } } + if (ResetData->CheckpointStep =3D=3D LOCK_SET_VARIABLE_TEST) { + // + // Test Checkpoint LOCK_SET_VARIABLE_TEST + // + TCGMemoryOverwriteRequestControlLockSetVariable (StandardLib, Recovery= Lib, ResetData); + if(EFI_ERROR(Status)) { + return Status; + } + } // // After all Checkpoints have run // @@ -610,3 +621,397 @@ TCGMemoryOverwriteRequestControlSetVariable ( =20 return EFI_SUCCESS; } + + +/** + * MemoryOverwriteRequestControlLock SetVariable() with different variati= ons + * of only a single invalid parameter being passed, with the rest being v= alid parameters + * @param StandardLib A pointer to EFI_STANDARD_TEST_LIBRARY_PROTOCOL + * instance. + * @param RecoveryLib A pointer to EFI_TEST_RECOVERY_LIBRARY_PROTOCOL + * instance. + * @param ResetData A pointer to the ResetData buffer which is used = throughout the + * test + * @return EFI_SUCCESS Successfully. + * @return Other value Something failed. + */ +EFI_STATUS +TCGMemoryOverwriteRequestControlLockSetVariable ( + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib, + IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib, + IN RESET_DATA *ResetData + ) +{ + EFI_STATUS Status; + EFI_TEST_ASSERTION Result; + UINTN DataSize; + UINT8 MemoryOverwriteRequestControlLockDa= ta; + UINT32 Attributes; + + if (ResetData->Step =3D=3D 0) { + goto INITIAL_RESET; + } else if (ResetData->Step =3D=3D 1) { + goto MORLOCK_SET_VARIABLE; + } + +INITIAL_RESET: + // + // Reset MORLock variable by performing a cold reset + // + + ResetData->Step =3D 1; + ResetData->CheckpointStep =3D LOCK_SET_VARIABLE_TEST; + + Status =3D RecoveryLib->WriteResetRecord ( + RecoveryLib, + sizeof (RESET_DATA), + (UINT8*)ResetData + ); + if (EFI_ERROR(Status)) { + StandardLib->RecordAssertion ( + StandardLib, + EFI_TEST_ASSERTION_FAILED, + gTestGenericFailureGuid, + L"TestRecoveryLib - WriteResetRecord", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + return Status; + } + + SctPrint (L"System will cold reset after 1 second..."); + gtBS->Stall (1000000); + gtRT->ResetSystem ( + EfiResetCold, + EFI_SUCCESS, + 0, + NULL + ); + +MORLOCK_SET_VARIABLE: + // + // reset step count and Update Checkpoint to LOCK_UNLOCKED_STATE_TEST + // + + ResetData->Step =3D 0; + ResetData->CheckpointStep =3D LOCK_UNLOCKED_STATE_TEST; + + Status =3D RecoveryLib->WriteResetRecord ( + RecoveryLib, + sizeof (RESET_DATA), + (UINT8*)ResetData + ); + if (EFI_ERROR(Status)) { + StandardLib->RecordAssertion ( + StandardLib, + EFI_TEST_ASSERTION_FAILED, + gTestGenericFailureGuid, + L"TestRecoveryLib - WriteResetRecord", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + return Status; + } + + // MORLOCK SetVariable to Locked without Key with valid GUID, variable n= ame, Data, and DataSize + // except for invalid attributes value =3D=3D 0 + // verify SetVariable returns EFI_WRITE_PROTECTED and GetVariable return= s a Data Value =3D=3D 0 + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D 0; + MemoryOverwriteRequestControlLockData =3D MOR_LOCK_DATA_LOCKED_WITHOUT_K= EY; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (Status =3D=3D EFI_WRITE_PROTECTED) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid009, + L"MemoryOverwriteRequestControlLock - SetVariable() with= Attributes =3D=3D 0 returns EFI_WRITE_PROTECTED", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // now change attributes to valid before GetVariable to check that MORLO= CK value is still 0x00 or unlocked + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_UNLOCKED)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid010, + L"MemoryOverwriteRequestControlLock - Lock value remains= Unlocked", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // MORLOCK SetVariable with valid GUID, variable name, Data, and Attribu= tes + // except for invalid DataSize =3D=3D 0 + // verify SetVariable returns EFI_WRITE_PROTECTED and GetVariable return= s a Data Value =3D=3D 0 + DataSize =3D 0; + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteRequestControlLockData =3D MOR_LOCK_DATA_LOCKED_WITHOUT_K= EY; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (Status =3D=3D EFI_WRITE_PROTECTED) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid011, + L"MemoryOverwriteRequestControlLock - SetVariable() with= DataSize =3D=3D 0 returns EFI_WRITE_PROTECTED", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // change datasize to valid value before GetVariable + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + // now check that MORLOCK value is still 0x00 or Unlocked + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_UNLOCKED)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid012, + L"MemoryOverwriteRequestControlLock - Lock value remains= Unlocked", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // MORLOCK SetVariable with valid GUID, variable name, DataSize, and Att= ributes + // except for Data =3D=3D NULL + // verify SetVariable returns EFI_INVALID_PARAMETER and GetVariable retu= rns a Data Value =3D=3D 0 + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + NULL // Data + ); + if (Status =3D=3D EFI_INVALID_PARAMETER) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid013, + L"MemoryOverwriteRequestControlLock - SetVariable() with= Data parameter as NULL returns EFI_WRITE_PROTECTED", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // now check that MORLOCK value is still =3D 0x00 or Unlocked + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_UNLOCKED)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid014, + L"MemoryOverwriteRequestControlLock - Lock value remains= Unlocked", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // MORLOCK SetVariable to Lock without key with valid GUID, variable nam= e, Data, and DataSize + // except for invalid Attributes !=3D NV+BS+RT + // this test will use invalid Attributes =3D=3D NV + BS + // verify SetVariable returns EFI_INVALID_PARAMETER and GetVariable retu= rns a Data Value =3D=3D 0 + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCE= SS; + MemoryOverwriteRequestControlLockData =3D MOR_LOCK_DATA_LOCKED_WITHOUT_K= EY; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (Status =3D=3D EFI_INVALID_PARAMETER) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid015, + L"MemoryOverwriteRequestControlLock - SetVariable() with= Attributes =3D=3D NV returns EFI_INVALID_PARAMETER", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // change attributes value to valid NV+BS+RT for GetVariable + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + // now check that MORLOCK value is =3D 0x00 or unlocked + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_UNLOCKED)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid016, + L"MemoryOverwriteRequestControlLock - Lock value remains= Unlocked", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // MORLOCK SetVariable to Locked without key with valid GUID, variable n= ame, Data, and Attributes + // except for invalid DataSize !=3D 1 && !=3D 8 + // this test will use invalid DataSize =3D=3D 5 + // verify SetVariable returns EFI_INVALID_PARAMETER and GetVariable retu= rns a Data Value =3D=3D 0 + DataSize =3D 5; + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteRequestControlLockData =3D MOR_LOCK_DATA_LOCKED_WITHOUT_K= EY; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (Status =3D=3D EFI_INVALID_PARAMETER) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid017, + L"MemoryOverwriteRequestControlLock - SetVariable() with= DataSize =3D=3D 5 returns EFI_INVALID_PARAMETER", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // change datasize to valid value for GetVariable + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + // now check that MORLOCK value is 0x00 or unlocked + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_UNLOCKED)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid018, + L"MemoryOverwriteRequestControlLock - Lock value remains= Unlocked", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + return EFI_SUCCESS; +} --=20 2.34.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108952): https://edk2.groups.io/g/devel/message/108952 Mute This Topic: https://groups.io/mt/101504339/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 10:44:34 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108949+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108949+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=arm.com ARC-Seal: i=1; a=rsa-sha256; t=1695314275; cv=none; d=zohomail.com; s=zohoarc; b=TTjqp7CuQbrFvIGJVOVVAvtLBIuTEKHWHUOWwuZotmJbU9oZoLH1kkGB7zz64mTbpsGG1UYB9PE91eTZaStw+y3X3qc1xQii9PBSamPucnJ1yD9LL6jqs8eyfmTLO/zIE+SxGVeTryCpyLZpzX5KuYXy5ulQKcfJLP99h39mN30= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695314275; h=Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=Ud1Ea61l11AOkAII1MpcJN+ZmpC031xV1oAp6Uww/9Y=; b=CcHcJiLFx1Vmsr85Vq7WdSUuV91uh4LrmaVBOrV5u4NiZhwWw9NF+ZqfGWzaxOS7dt2cC1rL1ptbtE9udfBBmzpzD2mz9qz3y0Ruv7Jj3/khAn5ktzmFKEW7AZqIwafwVl/YMMRQkLbh6FqMTMFI4Yxmt3kpkqQ6atiESkNVHls= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108949+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1695314275088674.3433161763068; Thu, 21 Sep 2023 09:37:55 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=BEmXVsV8qED5xDpIRjJ2H3dlZx4BwyWcmPRr7l5ga4s=; c=relaxed/simple; d=groups.io; h=From:To:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695314274; v=1; b=NTwqi7R2kGp3KM8kfhmJkZTqH0FCApQ8ijI5rRqYqFU3qvUbRbGTR6XB++ZfxLm0qys12GtF t8tOYU3lunINL7LHy8bpCtM+IgA3h0kZYI61yUWYO7uWiVeFdsUEpFWsvl9U9/shC6q2vyVzL2R 1M3iESjD4eWZn/I6HcBy9Ueo= X-Received: by 127.0.0.2 with SMTP id gZVvYY1788612xP8AhG0fqy0; Thu, 21 Sep 2023 09:37:54 -0700 X-Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web10.163.1695314273435939999 for ; Thu, 21 Sep 2023 09:37:53 -0700 X-Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id EDD531A9A for ; Thu, 21 Sep 2023 09:38:29 -0700 (PDT) X-Received: from beelzebub.ast.arm.com (abhsin07-ThinkStation-P720.austin.arm.com [10.118.30.31]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id BD2833F59C for ; Thu, 21 Sep 2023 09:37:52 -0700 (PDT) From: "Abhimanyu Singh" To: devel@edk2.groups.io Subject: [edk2-devel] [PATCH v2 4/6] uefi-sct/SctPkg: TCG MORLOCK Unlocked State Test Date: Thu, 21 Sep 2023 11:37:46 -0500 Message-Id: <20230921163748.275971-5-Abhi.Singh@arm.com> In-Reply-To: <20230921163748.275971-1-Abhi.Singh@arm.com> References: <20230921163748.275971-1-Abhi.Singh@arm.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,Abhi.Singh@arm.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: oW9JPKdHWyIdRxyBcN1hrc8tx1787277AA= Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695314277073100009 Content-Type: text/plain; charset="utf-8" SCT spec: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4374 BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4419 -Implement MemoryOverwriteRequestControlLock Unlocked State test cases -Add Assertions 19, 20, 21, and 22 from SCT spec -Add Test Case to MemoryOverwriteRequestFunctionTest Cc: G Edhaya Chandran Cc: Barton Gao Cc: Carolyn Gjertsen Signed-off-by: Abhi Singh Change-Id: If9cbea790d6c0f5aaceb6834fb91f5e1f3752244 --- uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/Guid.h | 20 ++ uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h | 7 + uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/Guid.c | 8 + uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c | 224 ++++++++++++= ++++++++ 4 files changed, 259 insertions(+) diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/Guid.h b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Runti= meServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h index 29be47393385..daf17793c094 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.h +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.h @@ -79,6 +79,18 @@ Abstract: #define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_018_GUID \ { 0xbbaa52b6, 0x5576, 0x4acd, {0xb9, 0x5f, 0x86, 0x22, 0x5e, 0xfc, 0xb0, 0= x31 }} =20 +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_019_GUID \ +{ 0x60b227e0, 0x9f5c, 0x412c, {0x88, 0x79, 0xd3, 0x59, 0xfc, 0xd0, 0xdd, 0= x3f }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_020_GUID \ +{ 0x2eba284a, 0xf701, 0x4c19, {0xbe, 0x5c, 0x39, 0x27, 0xb0, 0x68, 0x4f, 0= xd7 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_021_GUID \ +{ 0x9a1b44ae, 0x08ce, 0x474c, {0xa5, 0x8e, 0xa6, 0xe2, 0xcf, 0xaf, 0x91, 0= x2c }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_022_GUID \ +{ 0x490d7b39, 0xcad4, 0x4e8c, {0xb1, 0x5d, 0x63, 0xd2, 0x0c, 0xb3, 0xe9, 0= x45 }} + extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid001; =20 extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid002; @@ -114,3 +126,11 @@ extern EFI_GUID gTCGMemoryOverwriteRequestTestFunction= AssertionGuid016; extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid017; =20 extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid018; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid019; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid020; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid021; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid022; diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h b/uefi-sct= /SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBo= xTest/TCGMemoryOverwriteRequestBBTestMain.h index 553959762be8..15eedc60f19d 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h @@ -100,6 +100,13 @@ TCGMemoryOverwriteRequestControlLockSetVariable ( IN RESET_DATA *ResetData ); =20 +EFI_STATUS +TCGMemoryOverwriteRequestControlLockUnlockedState ( + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib, + IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib, + IN RESET_DATA *ResetData +); + // ***********************************************************************= ***** // Entry GUIDs for Test // ***********************************************************************= ***** diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/Guid.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Runti= meServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c index 8574b51af6e4..c41a611d3a4e 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.c +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.c @@ -63,3 +63,11 @@ EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertion= Guid016 =3D EFI_TEST_TCGMO EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid017 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_017_GUID; =20 EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid018 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_018_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid019 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_019_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid020 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_020_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid021 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_021_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid022 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_022_GUID; diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c b/uefi= -sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/Bla= ckBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c index 5b6adbe550c7..77abab6e79be 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c @@ -41,6 +41,8 @@ Abstract: =20 #define LOCK_UNLOCKED_STATE_TEST 4 =20 +#define LOCK_NO_KEY_STATE_TEST 5 + =20 /** * Entry point for TCG Platform Reset Attack Mitigation MemoryOverwrite E= FI Variables Function Test. @@ -148,6 +150,15 @@ BBTestTCGMemoryOverwriteRequestFunctionTest ( return Status; } } + if (ResetData->CheckpointStep =3D=3D LOCK_UNLOCKED_STATE_TEST) { + // + // Test Checkpoint LOCK_UNLOCKED_STATE_TEST + // + TCGMemoryOverwriteRequestControlLockUnlockedState (StandardLib, Recove= ryLib, ResetData); + if(EFI_ERROR(Status)) { + return Status; + } + } // // After all Checkpoints have run // @@ -1015,3 +1026,216 @@ MORLOCK_SET_VARIABLE: =20 return EFI_SUCCESS; } + + +/** + * MemoryOverwriteRequestControlLock in Unlocked State Test + * When Unlocked, the Lock should stay unlocked when passed a valid value= of 0x00 + * Or when passed an invalud data value !=3D 0x00 or !=3D 0x01, such as 0= x02 the lock + * must stay unlocked and return EFI_INVALID_PARAMETER + * @param StandardLib A pointer to EFI_STANDARD_TEST_LIBRARY_PROTOCOL + * instance. + * @param RecoveryLib A pointer to EFI_TEST_RECOVERY_LIBRARY_PROTOCOL + * instance. + * @param ResetData A pointer to the ResetData Buffer which is used = throughout + * the test + * @return EFI_SUCCESS Successfully. + * @return Other value Something failed. + */ +EFI_STATUS +TCGMemoryOverwriteRequestControlLockUnlockedState ( + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib, + IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib, + IN RESET_DATA *ResetData + ) +{ + EFI_STATUS Status; + EFI_TEST_ASSERTION Result; + UINTN DataSize; + UINT8 MemoryOverwriteRequestControlLockDa= ta; + UINT32 Attributes; + + if (ResetData->Step =3D=3D 0) { + goto INITIAL_RESET; + } else if (ResetData->Step =3D=3D 1) { + goto MORLOCK_UNLOCKED_STATE; + } + +INITIAL_RESET: + // + // Reset MORLock variable by performing a cold reset + // + + ResetData->Step =3D 1; + ResetData->CheckpointStep =3D LOCK_UNLOCKED_STATE_TEST; + Status =3D RecoveryLib->WriteResetRecord ( + RecoveryLib, + sizeof (RESET_DATA), + (UINT8*)ResetData + ); + if (EFI_ERROR(Status)) { + StandardLib->RecordAssertion ( + StandardLib, + EFI_TEST_ASSERTION_FAILED, + gTestGenericFailureGuid, + L"TestRecoveryLib - WriteResetRecord", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + return Status; + } + + SctPrint (L"System will cold reset after 1 second..."); + gtBS->Stall (1000000); + gtRT->ResetSystem ( + EfiResetCold, + EFI_SUCCESS, + 0, + NULL + ); + +MORLOCK_UNLOCKED_STATE: + // + // TESTING MORLOCK scenarios when the Variable is in the Unlocked State + // + + ResetData->Step =3D 0; + ResetData->CheckpointStep =3D LOCK_NO_KEY_STATE_TEST; + Status =3D RecoveryLib->WriteResetRecord ( + RecoveryLib, + sizeof (RESET_DATA), + (UINT8*)ResetData + ); + if (EFI_ERROR(Status)) { + StandardLib->RecordAssertion ( + StandardLib, + EFI_TEST_ASSERTION_FAILED, + gTestGenericFailureGuid, + L"TestRecoveryLib - WriteResetRecord", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + return Status; + } + + // + //Setting MORLOCK to Unlocked when already in Unlocked State should retu= rn EFI_SUCCESS + //and the MORLOCK value should still be =3D 0x00 or Unlocked + // + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteRequestControlLockData =3D MOR_LOCK_DATA_UNLOCKED; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (Status =3D=3D EFI_SUCCESS) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid019, + L"MemoryOverwriteRequestControlLock - Setting to Unlocke= d when Already Unlocked Should return EFI_SUCCESS", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_UNLOCKED)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid020, + L"MemoryOverwriteRequestControlLock - Lock value remains= Unlocked", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // + //Setting MORLOCK with an invalid Data parameter !=3D 0x01 should return= EFI_INVALID_PARAMETER + //and the MORLOCK value should still be =3D 0x00 + // + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteRequestControlLockData =3D 0x02; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (Status =3D=3D EFI_INVALID_PARAMETER) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid021, + L"MemoryOverwriteRequestControlLock - invalid Data =3D 0= x02 returns EFI_INVALID_PARAMETER", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_UNLOCKED)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid022, + L"MemoryOverwriteRequestControlLock - Lock value remains= Unlocked", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + return EFI_SUCCESS; +} --=20 2.34.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108949): https://edk2.groups.io/g/devel/message/108949 Mute This Topic: https://groups.io/mt/101504336/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 10:44:34 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108953+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108953+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=arm.com ARC-Seal: i=1; a=rsa-sha256; t=1695314276; cv=none; d=zohomail.com; s=zohoarc; b=izM3cqU4iQWPi0qXIuxPB3v6ZyLDwmdBGXNSNPU8CMVcAv43+dobsc5/tJMwKphZzidg46sJTChZpnRmPu9HoBZU5qMVxRRBZC1jyakFKPIM9wWCSrKQoAyIG2+jKwvcAYzPvCoUik6PP+NRXrufRAsAgstqPa3HJa/MeL3+Hbk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695314276; h=Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=h+sGDIFU1QqBBiqjRByP/50JLY498WgZCOt8d978TNU=; b=n7FRNV/Mn2Tx3Xl2QUGAqB7FG9+/tqDNWsTs3g2rOqdmsBJ33+ZRGhWpuDqHSxLCD95wCifTJDiVjv4Ff+UfnjwYKwsBNksKmI/u8Z4pfmMVyoGrBnJuhbP7oR6QTYNh3gC5sGACLW4EYMHYZNBiFg5SZRNlYkGJJFLnF7BBmRs= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108953+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 169531427683240.53225886541543; Thu, 21 Sep 2023 09:37:56 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=4qOPstrMi60b7tJzpYoViuDcZ1gDuD9/eF7h3a0DxFk=; c=relaxed/simple; d=groups.io; h=From:To:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695314276; v=1; b=H6tuBhka7LMmhsFie/YYrp3HG5n0rL5GWKAgIgM3VxFbAXxX27uu+pAKTFf4FeLMQcNUGQPQ 3pkpxu0AV3SbsHQH1sPmZniUjIxfnqDu6o1ALBIexSAjYl0LTW5Z/pcEmienqXqhnYDXEw2CITH XDlqzFzcZzlGfXffMOv/UAm4= X-Received: by 127.0.0.2 with SMTP id ZYQcYY1788612xVdhlTSpMXn; Thu, 21 Sep 2023 09:37:56 -0700 X-Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web10.166.1695314274004898335 for ; Thu, 21 Sep 2023 09:37:54 -0700 X-Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 05D831AC1 for ; Thu, 21 Sep 2023 09:38:30 -0700 (PDT) X-Received: from beelzebub.ast.arm.com (abhsin07-ThinkStation-P720.austin.arm.com [10.118.30.31]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id C83953F8A4 for ; Thu, 21 Sep 2023 09:37:52 -0700 (PDT) From: "Abhimanyu Singh" To: devel@edk2.groups.io Subject: [edk2-devel] [PATCH v2 5/6] uefi-sct/SctPkg: TCG MORLOCK Locked No Key State Test Date: Thu, 21 Sep 2023 11:37:47 -0500 Message-Id: <20230921163748.275971-6-Abhi.Singh@arm.com> In-Reply-To: <20230921163748.275971-1-Abhi.Singh@arm.com> References: <20230921163748.275971-1-Abhi.Singh@arm.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,Abhi.Singh@arm.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: GVBgVZPfNXnWQxTcva8SxfzAx1787277AA= Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695314278752100025 Content-Type: text/plain; charset="utf-8" SCT spec: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4374 BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4419 -Implement MemoryOverwriteRequestControlLock Locked No Key State test cases -Add Assertions 23 - 32 from SCT spec -Add Test Case to MemoryOverwriteRequestFunctionTest Cc: G Edhaya Chandran Cc: Barton Gao Cc: Carolyn Gjertsen Signed-off-by: Abhi Singh Change-Id: I298f8a0f55376b00233c9ee9c6b0262dc8869ccb --- uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/Guid.h | 50 +++ uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h | 11 + uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/Guid.c | 20 + uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c | 425 ++++++++++++= ++++++++ 4 files changed, 506 insertions(+) diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/Guid.h b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Runti= meServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h index daf17793c094..023e7a37322c 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.h +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.h @@ -91,6 +91,36 @@ Abstract: #define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_022_GUID \ { 0x490d7b39, 0xcad4, 0x4e8c, {0xb1, 0x5d, 0x63, 0xd2, 0x0c, 0xb3, 0xe9, 0= x45 }} =20 +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_023_GUID \ +{ 0x397394ae, 0xce01, 0x4350, {0xa2, 0x0c, 0xe1, 0xb3, 0xe8, 0x74, 0xdc, 0= x01 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_024_GUID \ +{ 0x9cf27a60, 0x94b5, 0x4e2e, {0xb3, 0x2b, 0x51, 0x0f, 0x24, 0x7a, 0x80, 0= xd7 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_025_GUID \ +{ 0x766dc008, 0x2a88, 0x4eed, {0x91, 0x95, 0x46, 0x92, 0xdc, 0xcc, 0x1d, 0= xf6 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_026_GUID \ +{ 0x5f66c8e5, 0x1bf8, 0x4af4, {0x86, 0x45, 0xf4, 0x93, 0xa0, 0xee, 0x26, 0= x88 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_027_GUID \ +{ 0x1064f6ce, 0xb307, 0x4981, {0xac, 0x8f, 0xe5, 0xca, 0x20, 0x6c, 0x1b, 0= x8b }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_028_GUID \ +{ 0x40f2c4e9, 0xe937, 0x426e, {0x98, 0xc5, 0x62, 0xca, 0x23, 0x68, 0x52, 0= xd0 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_029_GUID \ +{ 0x6d5dcb4d, 0xe008, 0x41cc, {0x98, 0x32, 0xdf, 0xa8, 0x38, 0xb1, 0xb6, 0= x02 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_030_GUID \ +{ 0x29b81ee0, 0x368d, 0x447c, {0x9e, 0xd0, 0xa5, 0xfe, 0xd7, 0x02, 0x65, 0= x7b }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_031_GUID \ +{ 0xe88b22ce, 0x3de6, 0x49b0, {0xb2, 0x46, 0x9e, 0x35, 0x98, 0x2b, 0x9b, 0= x1c }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_032_GUID \ +{ 0xc8894201, 0x7a3a, 0x47d4, {0xa8, 0x8d, 0xdf, 0x4b, 0x03, 0xff, 0xde, 0= x4f }} + extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid001; =20 extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid002; @@ -134,3 +164,23 @@ extern EFI_GUID gTCGMemoryOverwriteRequestTestFunction= AssertionGuid020; extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid021; =20 extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid022; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid023; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid024; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid025; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid026; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid027; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid028; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid029; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid030; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid031; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid032; diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h b/uefi-sct= /SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBo= xTest/TCGMemoryOverwriteRequestBBTestMain.h index 15eedc60f19d..94ed476f86ad 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h @@ -51,6 +51,10 @@ typedef struct _RESET_DATA { #define MOR_LOCK_DATA_UNLOCKED 0x0 #define MOR_LOCK_DATA_LOCKED_WITHOUT_KEY 0x1 =20 +#define MOR_LOCK_WITH_KEY_SIZE 8 + +#define MOR_LOCK_TEST_KEY 0x11111111 + =20 // // TEST GUID for TCG Platform Reset Attack Mitigation MemoryOverwriteReque= st (MOR) Test @@ -107,6 +111,13 @@ TCGMemoryOverwriteRequestControlLockUnlockedState ( IN RESET_DATA *ResetData ); =20 +EFI_STATUS +TCGMemoryOverwriteRequestControlLockLockedNoKeyState ( + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib, + IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib, + IN RESET_DATA *ResetData + ); + // ***********************************************************************= ***** // Entry GUIDs for Test // ***********************************************************************= ***** diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/Guid.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Runti= meServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c index c41a611d3a4e..11d49306059d 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.c +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.c @@ -71,3 +71,23 @@ EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertion= Guid020 =3D EFI_TEST_TCGMO EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid021 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_021_GUID; =20 EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid022 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_022_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid023 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_023_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid024 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_024_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid025 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_025_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid026 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_026_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid027 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_027_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid028 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_028_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid029 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_029_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid030 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_030_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid031 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_031_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid032 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_032_GUID; diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c b/uefi= -sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/Bla= ckBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c index 77abab6e79be..5f5f369124f2 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c @@ -43,6 +43,8 @@ Abstract: =20 #define LOCK_NO_KEY_STATE_TEST 5 =20 +#define LOCK_WITH_KEY_STATE_TEST 6 + =20 /** * Entry point for TCG Platform Reset Attack Mitigation MemoryOverwrite E= FI Variables Function Test. @@ -159,6 +161,15 @@ BBTestTCGMemoryOverwriteRequestFunctionTest ( return Status; } } + if (ResetData->CheckpointStep =3D=3D LOCK_NO_KEY_STATE_TEST) { + // + // Test Checkpoint LOCK_NO_KEY_STATE_TEST + // + TCGMemoryOverwriteRequestControlLockLockedNoKeyState (StandardLib, Rec= overyLib, ResetData); + if(EFI_ERROR(Status)) { + return Status; + } + } // // After all Checkpoints have run // @@ -1239,3 +1250,417 @@ MORLOCK_UNLOCKED_STATE: =20 return EFI_SUCCESS; } + + +/** + * MemoryOverwriteRequestControlLock in Locked No Key State Test + * When Unlocked, a valid setvariable() with data value 0x01 must return = EFI_SUCCESS + * and the Lock value must be 0x01, value cannot changetill the system is= cold reset + * + * When Locked with no Key, SetVariable() with Data =3D 0x01, 0x00, or 0x= 11111111 (key) + * must return EFI_ACCESS_DENIED and value must still equal 0x01 + * @param StandardLib A pointer to EFI_STANDARD_TEST_LIBRARY_PROTOCOL + * instance. + * @param RecoveryLib A pointer to EFI_TEST_RECOVERY_LIBRARY_PROTOCOL + * instance. + * @param ResetData A pointer to the ResetData Buffer which is used = throughout + * the test + * @return EFI_SUCCESS Successfully. + * @return Other value Something failed. + */ +EFI_STATUS +TCGMemoryOverwriteRequestControlLockLockedNoKeyState ( + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib, + IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib, + IN RESET_DATA *ResetData + ) +{ + EFI_STATUS Status; + EFI_TEST_ASSERTION Result; + UINTN DataSize; + UINTN MemoryOverwriteControlLockKeyValue; + UINT8 MemoryOverwriteRequestControlLockDa= ta; + UINT8 MemoryOverwriteRequestControlData; + UINT8 MemoryOverwriteRequestControlDataCa= ched; + UINT32 Attributes; + + if (ResetData->Step =3D=3D 0) { + goto INITIAL_RESET; + } else if (ResetData->Step =3D=3D 1) { + goto MORLOCK_LOCKED_STATE; + } + +INITIAL_RESET: + // + // Reset MORLock variable by performing a cold reset + // + ResetData->Step =3D 1; + ResetData->CheckpointStep =3D LOCK_NO_KEY_STATE_TEST; + + Status =3D RecoveryLib->WriteResetRecord ( + RecoveryLib, + sizeof (RESET_DATA), + (UINT8*)ResetData + ); + if (EFI_ERROR(Status)) { + StandardLib->RecordAssertion ( + StandardLib, + EFI_TEST_ASSERTION_FAILED, + gTestGenericFailureGuid, + L"TestRecoveryLib - WriteResetRecord", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + return Status; + } + SctPrint (L"System will cold reset after 1 second..."); + gtBS->Stall (1000000); + gtRT->ResetSystem ( + EfiResetCold, + EFI_SUCCESS, + 0, + NULL + ); + +MORLOCK_LOCKED_STATE: + //change checkpoint to next function + ResetData->Step =3D 0; + ResetData->CheckpointStep =3D LOCK_WITH_KEY_STATE_TEST; + + Status =3D RecoveryLib->WriteResetRecord ( + RecoveryLib, + sizeof (RESET_DATA), + (UINT8*)ResetData + ); + if (EFI_ERROR(Status)) { + StandardLib->RecordAssertion ( + StandardLib, + EFI_TEST_ASSERTION_FAILED, + gTestGenericFailureGuid, + L"TestRecoveryLib - WriteResetRecord", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + return Status; + } + + // + // After Cold Reset, MORLOCK SetVariable() with value 0x01 must return E= FI_SUCCESS + // and MORLOCK GetVariable() value must now be MOR_LOCK_DATA_LOCKED_WITH= OUT_KEY + // + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteRequestControlLockData =3D MOR_LOCK_DATA_LOCKED_WITHOUT_K= EY; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (Status =3D=3D EFI_SUCCESS) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid023, + L"MemoryOverwriteRequestControlLock - Setting to Locked = without key when Unlocked returns EFI_SUCCESS", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_LOCKED_WITHOUT_KEY)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid024, + L"MemoryOverwriteRequestControlLock - Lock State is now = Locked without Key", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // + // Once Locked with no key, MORLOCK SetVariable() with value 0x00 must r= eturn EFI_ACCESS_DENIED + // and MORLOCK GetVariable() value must still be 0x01 + // + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteRequestControlLockData =3D MOR_LOCK_DATA_UNLOCKED; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (Status =3D=3D EFI_ACCESS_DENIED) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid025, + L"MemoryOverwriteRequestControlLock - Setting to Unlocke= d when Locked without key returns EFI_ACCESS_DENIED", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_LOCKED_WITHOUT_KEY)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid026, + L"MemoryOverwriteRequestControlLock - Lock State is stil= l Locked without Key", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // + // Once Locked with no key, MORLOCK SetVariable() with value 0x01 must r= eturn EFI_ACCESS_DENIED + // and MORLOCK GetVariable() value must still be 0x01 + // + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteRequestControlLockData =3D MOR_LOCK_DATA_LOCKED_WITHOUT_K= EY; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (Status =3D=3D EFI_ACCESS_DENIED) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid027, + L"MemoryOverwriteRequestControlLock - Setting to Locked = without key when already Locked without key returns EFI_ACCESS_DENIED", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_LOCKED_WITHOUT_KEY)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid028, + L"MemoryOverwriteRequestControlLock - Lock State is stil= l Locked without Key", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // + // Once Locked with no key, MORLOCK SetVariable() with 8 byte key =3D 0x= 11111111 must return EFI_ACCESS_DENIED + // and MORLOCK GetVariable() value must still be 0x01 + // + DataSize =3D MOR_LOCK_WITH_KEY_SIZE; + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteControlLockKeyValue =3D MOR_LOCK_TEST_KEY; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteControlLockKeyValue // Data + ); + if (Status =3D=3D EFI_ACCESS_DENIED) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid029, + L"MemoryOverwriteRequestControlLock - Setting to Locked = with key when Locked without key returns EFI_ACCESS_DENIED", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_LOCKED_WITHOUT_KEY)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid030, + L"MemoryOverwriteRequestControlLock - Lock State is stil= l Locked without Key", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // + // Once Locked with no key, MOR SetVariable() call to set MOR Bit 0 must= return EFI_ACCESS_DENIED + // and MOR value must not change + // + DataSize =3D sizeof(MemoryOverwriteRequestControlData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + // getting current MOR bit 0 value that will be used to check that the v= ariable is unchanged + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControl", // VariableName + &gEfiMemoryOverwriteControlDataGuid, // VendorGuid + &Attributes, // Attributes + &DataSize, // DataSize + &MemoryOverwriteRequestControlData // Data + ); + if (EFI_ERROR (Status)) { + return Status; + } + + // caching MOR and then setting bit 0 + MemoryOverwriteRequestControlDataCached =3D MemoryOverwriteRequestContro= lData; + + DataSize =3D sizeof(MemoryOverwriteRequestControlData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteRequestControlData |=3D MOR_BIT_HIGH << MOR_CLEAR_MEMORY_= BIT_OFFSET; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControl", // VariableName + &gEfiMemoryOverwriteControlDataGuid, // VendorGuid + Attributes, // Attributes + DataSize, // DataSize + &MemoryOverwriteRequestControlData // Data + ); + if (Status =3D=3D EFI_ACCESS_DENIED) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid031, + L"MemoryOverwriteRequestControl - SetVariable() returns = EFI_ACCESS_DENIED when Lock is Set with no key", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControl", // VariableName + &gEfiMemoryOverwriteControlDataGuid, // VendorGuid + &Attributes, // Attributes + &DataSize, // DataSize + &MemoryOverwriteRequestControlData // Data + ); + + // verifying that the variable has not been modified with SetVar, provin= g that MORLOCK acts as a lock + if (MemoryOverwriteRequestControlDataCached =3D=3D MemoryOverwriteReques= tControlData) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid032, + L"MemoryOverwriteRequestControl - When LOCK is set, MOR = bit 0 remains unchanged after an attempt to set it", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + return EFI_SUCCESS; +} --=20 2.34.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108953): https://edk2.groups.io/g/devel/message/108953 Mute This Topic: https://groups.io/mt/101504340/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 10:44:34 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108954+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108954+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=arm.com ARC-Seal: i=1; a=rsa-sha256; t=1695314277; cv=none; d=zohomail.com; s=zohoarc; b=kNqhGIzhSWowNPYHOtjROTI8Ld5rqzn7YIjJt9CdkQPCLiAoVYG/9qBdS4d5Bty8Z9NGGiexO8O+YRcI+Z8qx1/p8syygpIdK3xeqnGPvon4YwUxvYTgIG0BWJS5YrJbu1mojOKgZm5UGob4lGNuXBvk1d1BsU4Ne54vGV3CCSI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695314277; h=Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=4CNyOxZTfCVeQjyYXAdrj5Y6N7puyJ/4giEACB4lFcE=; b=UEqpb+hfsXAItZ25W0AWYYbkod09v+qx2La6DloB4gNiQhRZ7Sdyeuz2+u57ZpoY9WNfB6B6hpbeNw9nI1Zml9pcCxyuSwcmxHGPaDWHtwDtp7I7SDf/W6xmsorilRHhQ5QbAtjerkNPCWXVxs4/tMpoG2jcBNxMoQvxhkpfyFY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108954+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1695314277239185.70574814425743; Thu, 21 Sep 2023 09:37:57 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=MNDgdtXS1L4/gwvqsk4k1RjpbgVxEYW4CAW36Uq5ZBI=; c=relaxed/simple; d=groups.io; h=From:To:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695314276; v=1; b=xR5aQoGGMysyMwk8M6VVdPxYyq6EXiFYJ8Tfe91KZG2tDIzaBLwuI+zk3zQmD68SObLDaDo5 5JMjoVPluluu971E4lHsruUg6c+PaDJJOG7IxkTLN0nrblaloO0XWu7olmvtFqWEkThX6zhGZzw ohYhyxYr7IU5eEYtqqPKEHUk= X-Received: by 127.0.0.2 with SMTP id CP4YYY1788612xRERdt3chFL; Thu, 21 Sep 2023 09:37:56 -0700 X-Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web11.162.1695314273974482631 for ; Thu, 21 Sep 2023 09:37:54 -0700 X-Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 13C211AED for ; Thu, 21 Sep 2023 09:38:30 -0700 (PDT) X-Received: from beelzebub.ast.arm.com (abhsin07-ThinkStation-P720.austin.arm.com [10.118.30.31]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id D49D93F59C for ; Thu, 21 Sep 2023 09:37:52 -0700 (PDT) From: "Abhimanyu Singh" To: devel@edk2.groups.io Subject: [edk2-devel] [PATCH v2 6/6] uefi-sct/SctPkg: TCG MORLOCK Locked with Key State Test Date: Thu, 21 Sep 2023 11:37:48 -0500 Message-Id: <20230921163748.275971-7-Abhi.Singh@arm.com> In-Reply-To: <20230921163748.275971-1-Abhi.Singh@arm.com> References: <20230921163748.275971-1-Abhi.Singh@arm.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,Abhi.Singh@arm.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: AkuRXMeYxtkLV6GwlfOLSyhkx1787277AA= Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695314279017100027 Content-Type: text/plain; charset="utf-8" SCT spec: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4374 BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4419 -Implement MemoryOverwriteRequestControlLock Locked with Key State test cases -Add remaining Assertions 33 - 49 from SCT spec -Add Test Case to MemoryOverwriteRequestFunctionTest Cc: G Edhaya Chandran Cc: Barton Gao Cc: Carolyn Gjertsen Signed-off-by: Abhi Singh Change-Id: Ifade96b0c6ec9e7f9bfb0eba8ceeb92380271e8b --- uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/Guid.h | 85 +++ uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h | 11 +- uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/Guid.c | 34 ++ uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteReques= t/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c | 623 ++++++++++++= ++++++++ 4 files changed, 752 insertions(+), 1 deletion(-) diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/Guid.h b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Runti= meServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h index 023e7a37322c..cf7f3e180f54 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.h +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.h @@ -121,6 +121,57 @@ Abstract: #define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_032_GUID \ { 0xc8894201, 0x7a3a, 0x47d4, {0xa8, 0x8d, 0xdf, 0x4b, 0x03, 0xff, 0xde, 0= x4f }} =20 +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_033_GUID \ +{ 0x38a813ac, 0x8eb9, 0x46ce, {0xa8, 0x6b, 0x40, 0x8c, 0x07, 0x5f, 0xc7, 0= xed }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_034_GUID \ +{ 0x919b8392, 0xcb78, 0x49ff, {0xa3, 0x18, 0x49, 0x78, 0x76, 0xe0, 0xf8, 0= xf8 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_035_GUID \ +{ 0x219abaf2, 0x04a9, 0x407c, {0xb5, 0xde, 0xa0, 0x03, 0x6e, 0x65, 0xb0, 0= xb9 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_036_GUID \ +{ 0x9a51640a, 0xff14, 0x402b, {0xb0, 0x57, 0xa0, 0xc4, 0xf7, 0x20, 0x8e, 0= x44 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_037_GUID \ +{ 0x8ccd0dbb, 0x9b0a, 0x4bfb, {0xa0, 0x7e, 0xc6, 0x06, 0x8b, 0x91, 0x0d, 0= xfb }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_038_GUID \ +{ 0xde6f4e17, 0xe375, 0x4dcb, {0x8f, 0x07, 0x77, 0x7e, 0x62, 0x49, 0xea, 0= x2c }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_039_GUID \ +{ 0x4ab6927b, 0x5ee4, 0x4748, {0xa4, 0x9d, 0x2d, 0xf3, 0x70, 0x01, 0x41, 0= xd5 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_040_GUID \ +{ 0x33142ecf, 0x0f92, 0x4625, {0xb7, 0xf6, 0x7f, 0x15, 0x25, 0x74, 0xd3, 0= x03 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_041_GUID \ +{ 0xf73c04df, 0x2e42, 0x4174, {0x82, 0x18, 0x0f, 0x25, 0x46, 0x4a, 0x55, 0= xe9 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_042_GUID \ +{ 0xd4eacf82, 0x55d1, 0x4ba1, {0xbe, 0x89, 0x6a, 0x2e, 0x44, 0x0f, 0xc7, 0= xc0 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_043_GUID \ +{ 0xfd88fe63, 0x5ed4, 0x482a, {0x98, 0x44, 0x23, 0x90, 0xf9, 0x09, 0x1c, 0= x20 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_044_GUID \ +{ 0x176f16cb, 0xf3a4, 0x4f12, {0x8f, 0x96, 0x4a, 0xc1, 0x8b, 0xdd, 0x6e, 0= x3c }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_045_GUID \ +{ 0xf0d5e7b3, 0xdc0f, 0x4a18, {0xb9, 0x78, 0x09, 0x3b, 0x15, 0x55, 0x66, 0= xbf }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_046_GUID \ +{ 0x9bf14c4b, 0x2950, 0x4c4e, {0x8b, 0xa3, 0x06, 0x46, 0xf1, 0x27, 0x8c, 0= x05 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_047_GUID \ +{ 0xb0468dee, 0xb1d0, 0x4795, {0x9f, 0xbf, 0xbe, 0x3f, 0x40, 0x2f, 0x3d, 0= x6f }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_048_GUID \ +{ 0x1f7dd903, 0xcd58, 0x4d6f, {0x80, 0xd6, 0x4f, 0x6d, 0xcb, 0x4a, 0xd6, 0= xc9 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_049_GUID \ +{ 0x439179c2, 0x744d, 0x43bc, {0xb0, 0x67, 0x7b, 0x65, 0x60, 0x62, 0x6f, 0= x5e }} + extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid001; =20 extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid002; @@ -184,3 +235,37 @@ extern EFI_GUID gTCGMemoryOverwriteRequestTestFunction= AssertionGuid030; extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid031; =20 extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid032; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid033; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid034; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid035; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid036; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid037; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid038; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid039; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid040; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid041; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid042; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid043; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid044; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid045; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid046; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid047; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid048; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid049; diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h b/uefi-sct= /SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBo= xTest/TCGMemoryOverwriteRequestBBTestMain.h index 94ed476f86ad..76b3c76340cf 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h @@ -50,11 +50,13 @@ typedef struct _RESET_DATA { =20 #define MOR_LOCK_DATA_UNLOCKED 0x0 #define MOR_LOCK_DATA_LOCKED_WITHOUT_KEY 0x1 +#define MOR_LOCK_DATA_LOCKED_WITH_KEY 0x2 =20 +#define MOR_LOCK_NO_KEY_SIZE 1 #define MOR_LOCK_WITH_KEY_SIZE 8 =20 #define MOR_LOCK_TEST_KEY 0x11111111 - +#define MOR_LOCK_INVALID_TEST_KEY 0x22222222 =20 // // TEST GUID for TCG Platform Reset Attack Mitigation MemoryOverwriteReque= st (MOR) Test @@ -118,6 +120,13 @@ TCGMemoryOverwriteRequestControlLockLockedNoKeyState ( IN RESET_DATA *ResetData ); =20 +EFI_STATUS +TCGMemoryOverwriteRequestControlLockLockedWithKeyState ( + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib, + IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib, + IN RESET_DATA *ResetData + ); + // ***********************************************************************= ***** // Entry GUIDs for Test // ***********************************************************************= ***** diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/Guid.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Runti= meServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c index 11d49306059d..6bde8f686a16 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.c +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/Guid.c @@ -91,3 +91,37 @@ EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertion= Guid030 =3D EFI_TEST_TCGMO EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid031 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_031_GUID; =20 EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid032 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_032_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid033 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_033_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid034 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_034_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid035 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_035_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid036 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_036_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid037 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_037_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid038 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_038_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid039 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_039_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid040 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_040_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid041 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_041_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid042 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_042_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid043 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_043_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid044 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_044_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid045 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_045_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid046 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_046_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid047 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_047_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid048 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_048_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid049 =3D EFI_TE= ST_TCGMORTESTFUNCTION_ASSERTION_049_GUID; diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOve= rwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c b/uefi= -sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/Bla= ckBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c index 5f5f369124f2..32f3a9cb58d5 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteR= equest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c @@ -170,6 +170,15 @@ BBTestTCGMemoryOverwriteRequestFunctionTest ( return Status; } } + if (ResetData->CheckpointStep =3D=3D LOCK_WITH_KEY_STATE_TEST) { + // + // Test Checkpoint LOCK_WITH_KEY_STATE_TEST + // + TCGMemoryOverwriteRequestControlLockLockedWithKeyState (StandardLib, R= ecoveryLib, ResetData); + if(EFI_ERROR(Status)) { + return Status; + } + } // // After all Checkpoints have run // @@ -1664,3 +1673,617 @@ MORLOCK_LOCKED_STATE: =20 return EFI_SUCCESS; } + + +/** + * MemoryOverwriteRequestControlLock in Locked with Key State Test + * When Unlocked, a valid SetVariable() with an 8 byte key must return EF= I_SUCCESS + * and the Lock value must be 0x02 (MOR_LOCK_DATA_LOCKED_WITH_KEY), in or= der to=20 + * unlock, the same 8 byte key must be passed. + * =20 + * When Locked with an 8 byte key, SetVariable() with the same 8 byte key + * must return EFI_SUCCESS and the Lock value must be 0x00 or MOR_LOCK_DA= TA_UNLOCKED. + * + * When Locked with an 8 byte Key, SetVariable() with DataSize !=3D 8 and=20 + * Data =3D 0x01 (MOR_LOCK_DATA_LOCKED_WITHOUT_KEY) or 0x00 (MOR_LOCK_DAT= A_UNLOCKED) + * must return EFI_ACCESS_DENIED + * and value must still equal to 0x02 (MOR_LOCK_DATA_LOCKED_WITH_KEY). + * + * When Locked with an 8 byte Key, SetVariable() with 8 byte key !=3D key= used to set + * the lock, in this case 0x11111111 (MOR_LOCK_TEST_KEY), must return EFI= _ACCESS_DENIED + * and lock value must be updated to 0x01 (MOR_LOCK_DATA_LOCKED_WITHOUT_K= EY) + * to prevent dictonary attack. + * + * @param StandardLib A pointer to EFI_STANDARD_TEST_LIBRARY_PROTOCOL + * instance. + * @param RecoveryLib A pointer to EFI_TEST_RECOVERY_LIBRARY_PROTOCOL + * instance. + * @param ResetData A pointer to the ResetData Buffer which is used = throughout + * the test + * @return EFI_SUCCESS Successfully. + * @return Other value Something failed. + */ +EFI_STATUS +TCGMemoryOverwriteRequestControlLockLockedWithKeyState ( + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib, + IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib, + IN RESET_DATA *ResetData + ) +{ + EFI_STATUS Status; + EFI_TEST_ASSERTION Result; + UINTN DataSize; + UINT8 MemoryOverwriteRequestControlLockDa= ta; + UINTN MemoryOverwriteControlLockKeyValue; + UINT8 MemoryOverwriteRequestControlData; + UINT8 MemoryOverwriteRequestControlDataCa= ched; + UINT32 Attributes; + + if (ResetData->Step =3D=3D 0) { + goto INITIAL_RESET; + } else if (ResetData->Step =3D=3D 1) { + goto MORLOCK_LOCKED_KEY_STATE; + } + +INITIAL_RESET: + // + // Reset MORLock variable by performing a cold reset + // + + ResetData->Step =3D 1; + ResetData->CheckpointStep =3D LOCK_WITH_KEY_STATE_TEST; + Status =3D RecoveryLib->WriteResetRecord ( + RecoveryLib, + sizeof (RESET_DATA), + (UINT8*)ResetData + ); + if (EFI_ERROR(Status)) { + StandardLib->RecordAssertion ( + StandardLib, + EFI_TEST_ASSERTION_FAILED, + gTestGenericFailureGuid, + L"TestRecoveryLib - WriteResetRecord", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + return Status; + } + SctPrint (L"System will cold reset after 1 second..."); + gtBS->Stall (1000000); + gtRT->ResetSystem ( + EfiResetCold, + EFI_SUCCESS, + 0, + NULL + ); + +MORLOCK_LOCKED_KEY_STATE: + // + // MORLOCK Reboot system to clear Lock, and invoke SetVariable() with va= lid 8 byte key + // In this case =3D 0x11111111, must return EFI_SUCCESS and GetVariable(= ) value must =3D 0x02 + // + + DataSize =3D MOR_LOCK_WITH_KEY_SIZE; + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteControlLockKeyValue =3D MOR_LOCK_TEST_KEY; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteControlLockKeyValue // Data + ); + if (Status =3D=3D EFI_SUCCESS) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid033, + L"MemoryOverwriteRequestControlLock - Setting to Locked = with key =3D 0x11111111 when Unlocked returns EFI_SUCCESS", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_LOCKED_WITH_KEY)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid034, + L"MemoryOverwriteRequestControlLock - Lock State is now = Locked and Key =3D 0x11111111", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // + // Locked with 8 byte key, invoke SetVariable() with the same valid 8 by= te key used to lock + // In this case =3D 0x11111111, must return EFI_SUCCESS and GetVariable(= ) value must =3D 0x00 + // + DataSize =3D MOR_LOCK_WITH_KEY_SIZE; + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteControlLockKeyValue =3D MOR_LOCK_TEST_KEY; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteControlLockKeyValue // Data + ); + if (Status =3D=3D EFI_SUCCESS) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid035, + L"MemoryOverwriteRequestControlLock - Setting to unlocke= d with key =3D 0x11111111 when Locked with the same key returns EFI_SUCCESS= ", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_UNLOCKED)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid036, + L"MemoryOverwriteRequestControlLock - Lock State is now = Unlocked", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // + // Lock with same 8 byte key again, verify EFI_SUCCESS is returned + // unlock attempt: invoke SetVariable() with the same valid 8 byte=20 + // key used to lock =3D 0x11111111, but with invalid DataSize =3D=3D 1 + // must return EFI_ACCESS_DENIED and GetVariable() value must =3D 0x02 + // + DataSize =3D MOR_LOCK_WITH_KEY_SIZE; + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteControlLockKeyValue =3D MOR_LOCK_TEST_KEY; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteControlLockKeyValue // Data + ); + if (Status =3D=3D EFI_SUCCESS) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid037, + L"MemoryOverwriteRequestControlLock - Setting to Locked = with key =3D 0x11111111 when Unlocked returns EFI_SUCCESS", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D MOR_LOCK_NO_KEY_SIZE; // invalid datasize =3D=3D 1 + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteControlLockKeyValue =3D MOR_LOCK_TEST_KEY; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteControlLockKeyValue // Data + ); + if (Status =3D=3D EFI_ACCESS_DENIED) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid038, + L"MemoryOverwriteRequestControlLock - Attempting to unlo= ck by passing Invalid DataSize returns EFI_ACCESS_DENIED", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_LOCKED_WITH_KEY)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid039, + L"MemoryOverwriteRequestControlLock - Lock State is stil= l Locked with Key =3D 0x11111111", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // + // invoke MORLOCK SetVariable() with Data value =3D 0x00 to change to un= locked + // must return EFI_ACCESS_DENIED and GetVariable() value must still =3D = 0x02 + // + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteRequestControlLockData =3D MOR_LOCK_DATA_UNLOCKED; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (Status =3D=3D EFI_ACCESS_DENIED) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid040, + L"MemoryOverwriteRequestControlLock - Setting to Unlocke= d when Locked with key returns EFI_ACCESS_DENIED", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_LOCKED_WITH_KEY)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid041, + L"MemoryOverwriteRequestControlLock - Lock State is stil= l Locked with Key =3D 0x11111111", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // + // invoke MORLOCK SetVariable() with Data value =3D 0x01 to change to lo= cked without key + // must return EFI_ACCESS_DENIED and GetVariable() value must still =3D = 0x02 + // + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteRequestControlLockData =3D MOR_LOCK_DATA_LOCKED_WITHOUT_K= EY; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (Status =3D=3D EFI_ACCESS_DENIED) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid042, + L"MemoryOverwriteRequestControlLock - Setting to Locked = without key when Locked with key returns EFI_ACCESS_DENIED", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_LOCKED_WITH_KEY)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid043, + L"MemoryOverwriteRequestControlLock - Lock State is stil= l Locked with Key =3D 0x11111111", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // + // Once Locked with key, MOR SetVariable() call to set MOR Bit 0 must re= turn EFI_ACCESS_DENIED + // and MOR value must not change + // + DataSize =3D sizeof(MemoryOverwriteRequestControlData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + // getting current MOR value that will be used to check that the variabl= e is unchanged + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControl", // VariableName + &gEfiMemoryOverwriteControlDataGuid, // VendorGuid + &Attributes, // Attributes + &DataSize, // DataSize + &MemoryOverwriteRequestControlData // Data + ); + if (EFI_ERROR (Status)) { + return Status; + } + + // caching variable and setting the bit 0 + MemoryOverwriteRequestControlDataCached =3D MemoryOverwriteRequestContro= lData; + + DataSize =3D sizeof(MemoryOverwriteRequestControlData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteRequestControlData |=3D MOR_BIT_HIGH << MOR_CLEAR_MEMORY_= BIT_OFFSET; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControl", // VariableName + &gEfiMemoryOverwriteControlDataGuid, // VendorGuid + Attributes, // Attributes + DataSize, // DataSize + &MemoryOverwriteRequestControlData // Data + ); + if (Status =3D=3D EFI_ACCESS_DENIED) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid044, + L"MemoryOverwriteRequestControl - SetVariable() returns = EFI_ACCESS_DENIED when Lock is Set with no key", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControl", // VariableName + &gEfiMemoryOverwriteControlDataGuid, // VendorGuid + &Attributes, // Attributes + &DataSize, // DataSize + &MemoryOverwriteRequestControlData // Data + ); + + // verifying that the variable has not been modified with SetVar + if (MemoryOverwriteRequestControlDataCached =3D=3D MemoryOverwriteReques= tControlData) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid045, + L"MemoryOverwriteRequestControl - SetVariable() value re= mains unchanged when Lock is Set with no key", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // + // When Locked with an 8 byte Key, SetVariable() with 8 byte key !=3D ke= y used to set + // the lock, in this case 0x11111111, must return EFI_ACCESS_DENIED and = lock must + // be updated Locked without key (Data value =3D 0x01) to prevent dicton= ary attack + // The invalid key to be used to attempt unlock is =3D 0x22222222 + // + DataSize =3D MOR_LOCK_WITH_KEY_SIZE; + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteControlLockKeyValue =3D MOR_LOCK_INVALID_TEST_KEY; //INVA= LID KEY !=3D 0x11111111 + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteControlLockKeyValue // Data + ); + if (Status =3D=3D EFI_ACCESS_DENIED) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid046, + L"MemoryOverwriteRequestControlLock - Unlocking Lock wit= h Invalid key !=3D 0x11111111 returns EFI_ACCESS_DENIED", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_LOCKED_WITHOUT_KEY)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid047, + L"MemoryOverwriteRequestControlLock - Lock State is now = locked without key", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // + // Lock has been updated to Locked without key (Data value =3D 0x01) to = prevent dictonary attack + // Now check to see if the Lock can still be unlocked with the corect Ke= y from assertion 37 + // The key to be used to attempt unlock is =3D 0x11111111 + // + DataSize =3D MOR_LOCK_WITH_KEY_SIZE; + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteControlLockKeyValue =3D MOR_LOCK_TEST_KEY; + + Status =3D gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + Attributes, // Attribut= es + DataSize, // DataSize + &MemoryOverwriteControlLockKeyValue // Data + ); + if (Status =3D=3D EFI_ACCESS_DENIED) { + Result =3D EFI_TEST_ASSERTION_PASSED; + } else { + Result =3D EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid048, + L"MemoryOverwriteRequestControlLock - Attempt to unlock = Lock after dictionary attack mitigation returns EFI_ACCESS_DENIED", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize =3D sizeof(MemoryOverwriteRequestControlLockData); + Attributes =3D TCG_MOR_VARIABLE_ATTRIBUTES; + + Status =3D gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // Variable= Name + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGu= id + &Attributes, // Attribut= es + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData !=3D MO= R_LOCK_DATA_LOCKED_WITHOUT_KEY)) { + Result =3D EFI_TEST_ASSERTION_FAILED; + } else { + Result =3D EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid049, + L"MemoryOverwriteRequestControlLock - Lock State is stil= l locked without key", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + return EFI_SUCCESS; +} --=20 2.34.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108954): https://edk2.groups.io/g/devel/message/108954 Mute This Topic: https://groups.io/mt/101504341/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-