From nobody Fri May 17 03:00:52 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+113409+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+113409+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1704741691; cv=none;
	d=zohomail.com; s=zohoarc;
	b=LR2Sp5S9Z2V8H2AMmtEsuEnZWt0Vjk/+ht6nwPoGdrINtdSPd6EIVud62VXZnHUnJcxmPKBVrwDlho1jxHmewjmlXVjX2X7SNG8KhggiJPKqeUp/xZDmVJBwiFrnWBjSorpcpWQH1IfLFY59LX9RjYydT8Ijy7pxbN//t1dsUDs=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1704741691;
 h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Sender:Subject:Subject:To:To:Message-Id;
	bh=jxBCWlDJgRrJyXVHn1Cri0MTVaKesalDv1w4fEvgnd0=;
	b=VhXmIJwVnX0Z1mtSo3K6iBgIrTwVXm8gzUkR0JfW8AN7DHs9hzmwqaTlqzT0AHkmrByaibWIZSEK4QtL9VIs8NLQWcm3amA9ClgMpUREMi0wZLkJ/Kbs7WZGnYqof3uWHK6vGHMXuoBEyCC57/xpFsfIlueE3jqoO2rZAYcjAMM=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+113409+1787277+3901457@groups.io;
	dmarc=fail header.from=<kraxel@redhat.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1704741691082988.6686452086078;
 Mon, 8 Jan 2024 11:21:31 -0800 (PST)
Return-Path: <bounce+27952+113409+1787277+3901457@groups.io>
DKIM-Signature: a=rsa-sha256; bh=KXKwzhZfAF2T8yJGMtG6mpkp/a+XguHXypEYknF5+Dg=;
 c=relaxed/simple; d=groups.io;
 h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Type:Content-Transfer-Encoding;
 s=20140610; t=1704741690; v=1;
 b=Ya//QM/hz5N4BjVZG9tOILYLYW2uQDdY521bA4e2Kt+C38wQ2akU8hEleLyXIjn09GwEMCLD
 oMVNkzyscLCY1m+TbfaajPPcqdIs3PzsVnvKjoHuaxzbU8AqggFr92V+qD2dS9ZhxIqKIiT2pfg
 qFypQEJUwVu02vR/Wpca2rEU=
X-Received: by 127.0.0.2 with SMTP id gzBvYY1788612xd8UOP6FVpp;
 Mon, 08 Jan 2024 11:21:30 -0800
X-Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124])
 by mx.groups.io with SMTP id smtpd.web11.6594.1704741689957936996
 for <devel@edk2.groups.io>;
 Mon, 08 Jan 2024 11:21:30 -0800
X-Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com
 [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-591-JNAdKoq9NKKvDEziMzQYQA-1; Mon, 08 Jan 2024 14:21:27 -0500
X-MC-Unique: JNAdKoq9NKKvDEziMzQYQA-1
X-Received: from smtp.corp.redhat.com
 (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest
 SHA256)
	(No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 1F47E863066;
	Mon,  8 Jan 2024 19:21:27 +0000 (UTC)
X-Received: from dobby.home.kraxel.org (unknown [10.39.192.107])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id D07AF492BC7;
	Mon,  8 Jan 2024 19:21:26 +0000 (UTC)
X-Received: by dobby.home.kraxel.org (Postfix, from userid 1000)
	id 04711A4981; Mon,  8 Jan 2024 20:21:24 +0100 (CET)
From: "Gerd Hoffmann" <kraxel@redhat.com>
To: devel@edk2.groups.io
Cc: oliver@redhat.com, Laszlo Ersek <lersek@redhat.com>,
	Jiewen Yao <jiewen.yao@intel.com>, Gerd Hoffmann <kraxel@redhat.com>,
	Ard Biesheuvel <ardb+tianocore@kernel.org>,
	Sunil V L <sunilvl@ventanamicro.com>,
	Andrei Warkentin <andrei.warkentin@intel.com>
Subject: [edk2-devel] [PATCH v4 1/3] OvmfPkg/RiscVVirt: use
 gEfiAuthenticatedVariableGuid unconditionally
Date: Mon,  8 Jan 2024 20:21:21 +0100
Message-ID: <20240108192123.42359-2-kraxel@redhat.com>
In-Reply-To: <20240108192123.42359-1-kraxel@redhat.com>
References: <20240108192123.42359-1-kraxel@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.9
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,kraxel@redhat.com
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: 
 <https://edk2.groups.io/g/devel/leave/3901457/1787277/102458076/plugh>
X-Gm-Message-State: ERpCt1Cj3iX9DbWjzREtPN2gx1787277AA=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1704741692832100005

ArmVirt and OVMF are doing the same.

See commit d92eaabefbe0 ("OvmfPkg: simplify VARIABLE_STORE_HEADER
generation") for details.

Suggested-by: L=C3=A1szl=C3=B3 =C3=89rsek <lersek@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Sunil V L <sunilvl@ventanamicro.com>
---
 OvmfPkg/RiscVVirt/VarStore.fdf.inc | 9 +--------
 1 file changed, 1 insertion(+), 8 deletions(-)

diff --git a/OvmfPkg/RiscVVirt/VarStore.fdf.inc b/OvmfPkg/RiscVVirt/VarStor=
e.fdf.inc
index aba32315cc37..6679c246b3ea 100644
--- a/OvmfPkg/RiscVVirt/VarStore.fdf.inc
+++ b/OvmfPkg/RiscVVirt/VarStore.fdf.inc
@@ -36,19 +36,12 @@
   # Blockmap[1]: End
   0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
   ## This is the VARIABLE_STORE_HEADER
-!if $(SECURE_BOOT_ENABLE) =3D=3D TRUE
+  # It is compatible with SECURE_BOOT_ENABLE =3D=3D FALSE as well.
   # Signature: gEfiAuthenticatedVariableGuid =3D
   #   { 0xaaf32c78, 0x947b, 0x439a,
   #     { 0xa1, 0x80, 0x2e, 0x14, 0x4e, 0xc3, 0x77, 0x92 }}
   0x78, 0x2c, 0xf3, 0xaa, 0x7b, 0x94, 0x9a, 0x43,
   0xa1, 0x80, 0x2e, 0x14, 0x4e, 0xc3, 0x77, 0x92,
-!else
-  # Signature: gEfiVariableGuid =3D
-  #   { 0xddcf3616, 0x3275, 0x4164,
-  #     { 0x98, 0xb6, 0xfe, 0x85, 0x70, 0x7f, 0xfe, 0x7d }}
-  0x16, 0x36, 0xcf, 0xdd, 0x75, 0x32, 0x64, 0x41,
-  0x98, 0xb6, 0xfe, 0x85, 0x70, 0x7f, 0xfe, 0x7d,
-!endif
   # Size: 0x40000 (gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariabl=
eSize) -
   #         0x48 (size of EFI_FIRMWARE_VOLUME_HEADER) =3D 0x3FFB8
   # This can speed up the Variable Dispatch a bit.
--=20
2.43.0



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#113409): https://edk2.groups.io/g/devel/message/113409
Mute This Topic: https://groups.io/mt/103605055/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-


From nobody Fri May 17 03:00:52 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+113410+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+113410+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1704741755; cv=none;
	d=zohomail.com; s=zohoarc;
	b=V5t3PUrhMWNfN0kq0gLoQxM7we9dXJ1UA0IoALmilWtECSdBSXPXdqGQe2olouOJREzLArNRu8L8VhKv60gYqg5OZQG3Nl1EV/XCd3v4MTi4gy9/LtVojtXNQ5AY++hKrCFyzONeaMKCzqSZAdXs9GL+Xe3VKlXEK4PUvlUXUK8=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1704741755;
 h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Sender:Subject:Subject:To:To:Message-Id;
	bh=51aFEvclnBKDlSCLut+zR5mh/kmG3/AVrerKV36qHz8=;
	b=HJyK+w+uqdBYQKw40v8YwSKN8OT3L6kZLSisYVub+VR9IZ4L3s6vQhyNqYNIQUccianXVnXIAeQtfkjKg6UbLbOmdWyhrVtZo6Led6/nAxdX8ONqgCLYgOj5L/gGi8CGbtYVVasVsy/SfdnspZp8cY2r8q/oz9Yvgr7MAY4DhxU=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+113410+1787277+3901457@groups.io;
	dmarc=fail header.from=<kraxel@redhat.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1704741755375287.79168649814085;
 Mon, 8 Jan 2024 11:22:35 -0800 (PST)
Return-Path: <bounce+27952+113410+1787277+3901457@groups.io>
DKIM-Signature: a=rsa-sha256; bh=3pXCsAUscli9oMCAPZzHjcEjqcWLwRPRinfYH/YpbPQ=;
 c=relaxed/simple; d=groups.io;
 h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Type:Content-Transfer-Encoding;
 s=20140610; t=1704741755; v=1;
 b=ts3200AQtEwE5mT4aH6Z/96YPh0Zd8SS0yrmnALhJbz6lKAjgjRoNyzSVSNLH7KmsG5C7tGG
 OUFFv3d8tDYWkfeJ/sYyfGJKIucBRkoOJMlo1XG2uxX0amzk+keMU4o4vGn7BzpYfIInpCHIJbL
 od/q77ZnawAKQUbW50AccOwg=
X-Received: by 127.0.0.2 with SMTP id AARGYY1788612xSwF1yfy4N3;
 Mon, 08 Jan 2024 11:22:35 -0800
X-Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.133.124])
 by mx.groups.io with SMTP id smtpd.web11.6595.1704741692706659603
 for <devel@edk2.groups.io>;
 Mon, 08 Jan 2024 11:21:32 -0800
X-Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com
 [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-626-yQDqoW0TMjWbgfcp70mGoA-1; Mon, 08 Jan 2024 14:21:27 -0500
X-MC-Unique: yQDqoW0TMjWbgfcp70mGoA-1
X-Received: from smtp.corp.redhat.com
 (int-mx01.intmail.prod.int.rdu2.redhat.com [10.11.54.1])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest
 SHA256)
	(No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 2BF15185A781;
	Mon,  8 Jan 2024 19:21:27 +0000 (UTC)
X-Received: from dobby.home.kraxel.org (unknown [10.39.192.107])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id DE3303C2E;
	Mon,  8 Jan 2024 19:21:26 +0000 (UTC)
X-Received: by dobby.home.kraxel.org (Postfix, from userid 1000)
	id 06774A4983; Mon,  8 Jan 2024 20:21:24 +0100 (CET)
From: "Gerd Hoffmann" <kraxel@redhat.com>
To: devel@edk2.groups.io
Cc: oliver@redhat.com, Laszlo Ersek <lersek@redhat.com>,
	Jiewen Yao <jiewen.yao@intel.com>, Gerd Hoffmann <kraxel@redhat.com>,
	Ard Biesheuvel <ardb+tianocore@kernel.org>,
	Sunil V L <sunilvl@ventanamicro.com>,
	Andrei Warkentin <andrei.warkentin@intel.com>
Subject: [edk2-devel] [PATCH v4 2/3] OvmfPkg/VirtNorFlashDxe: stop accepting
 gEfiVariableGuid
Date: Mon,  8 Jan 2024 20:21:22 +0100
Message-ID: <20240108192123.42359-3-kraxel@redhat.com>
In-Reply-To: <20240108192123.42359-1-kraxel@redhat.com>
References: <20240108192123.42359-1-kraxel@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.1
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,kraxel@redhat.com
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: 
 <https://edk2.groups.io/g/devel/leave/3901457/1787277/102458076/plugh>
X-Gm-Message-State: QVD2uGEU1U0kdM2Ww5hyPG5ux1787277AA=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1704741756759100002

Only accept gEfiAuthenticatedVariableGuid when checking the variable
store header in ValidateFvHeader().

The edk2 code base has been switched to use the authenticated varstore
format unconditionally (even in case secure boot is not used or
supported) a few years ago.

Suggested-by: L=C3=A1szl=C3=B3 =C3=89rsek <lersek@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
---
 OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c b/OvmfPkg/VirtNorFla=
shDxe/VirtNorFlashFvb.c
index 5ee98e9b595a..9a614ae4b24d 100644
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
@@ -239,9 +239,7 @@ ValidateFvHeader (
   VariableStoreHeader =3D (VARIABLE_STORE_HEADER *)((UINTN)FwVolHeader + F=
wVolHeader->HeaderLength);
=20
   // Check the Variable Store Guid
-  if (!CompareGuid (&VariableStoreHeader->Signature, &gEfiVariableGuid) &&
-      !CompareGuid (&VariableStoreHeader->Signature, &gEfiAuthenticatedVar=
iableGuid))
-  {
+  if (!CompareGuid (&VariableStoreHeader->Signature, &gEfiAuthenticatedVar=
iableGuid)) {
     DEBUG ((
       DEBUG_INFO,
       "%a: Variable Store Guid non-compatible\n",
--=20
2.43.0



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#113410): https://edk2.groups.io/g/devel/message/113410
Mute This Topic: https://groups.io/mt/103605076/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-


From nobody Fri May 17 03:00:52 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+113411+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+113411+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1704741755; cv=none;
	d=zohomail.com; s=zohoarc;
	b=A40Cv36XlAVzoSNHyema+aopjSdk0q3e9timQ+4YRuqfOAAwYdMqgyVMeo3mL8KmakoLV32wyKhA+QhfhL5s7n7f1JZH7Dzv3CM1M9g74Sh4x1+lHaShVhoAA+0aJ/nJIaIyK0BKShgZ0guQQkbAS03mBKn/5JCmJo3Uo05Cuak=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1704741755;
 h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Sender:Subject:Subject:To:To:Message-Id;
	bh=hhpeuF6cj4CmuSacWRwS0es3xKH8z4RTALwpPf/nglE=;
	b=DKD4+FrjoZo8SqJgR99+DKBHOHn+4xjsp3TfjhyPVMrrVPfkseU6JZaiq/kU5aEsy5+KKrJE5gjg3jGN8WYgESD3nl11azJoSq6O3+0Kt9IiKDPecVedCCgVtuFUJ5epcQftSwqT/zmbJGzWO+irI8BRBeYTu1Uo0bPrYTUMnPc=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+113411+1787277+3901457@groups.io;
	dmarc=fail header.from=<kraxel@redhat.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1704741755793109.30946841739558;
 Mon, 8 Jan 2024 11:22:35 -0800 (PST)
Return-Path: <bounce+27952+113411+1787277+3901457@groups.io>
DKIM-Signature: a=rsa-sha256; bh=qUeAPkKOP5zvQKm8LDku/54nXrDzom9hrbZrSaNdqIE=;
 c=relaxed/simple; d=groups.io;
 h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding:Content-Type;
 s=20140610; t=1704741755; v=1;
 b=d2t4bXxFRB5PUoCbKGN2edenWJO7hwV9MF06cK4Di3NOR3bT21jpa5fK2YDKCe7AuweudxfD
 4exrLQNqGR6XoOTT7KQqNndIxBerrzIn1x+ydGDjVztjB7BrpmBKyElcEk2kJ+D49p1DGNVUIo3
 I9xU7N+aB+gT+VnlXI6D6XKM=
X-Received: by 127.0.0.2 with SMTP id YvDNYY1788612xGmiw3OikiD;
 Mon, 08 Jan 2024 11:22:35 -0800
X-Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124])
 by mx.groups.io with SMTP id smtpd.web10.6674.1704741693286729831
 for <devel@edk2.groups.io>;
 Mon, 08 Jan 2024 11:21:33 -0800
X-Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com
 [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-589-3mcnyy_3OmeUiXjavzsy6g-1; Mon, 08 Jan 2024 14:21:29 -0500
X-MC-Unique: 3mcnyy_3OmeUiXjavzsy6g-1
X-Received: from smtp.corp.redhat.com
 (int-mx08.intmail.prod.int.rdu2.redhat.com [10.11.54.8])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest
 SHA256)
	(No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id E9253185A781;
	Mon,  8 Jan 2024 19:21:28 +0000 (UTC)
X-Received: from dobby.home.kraxel.org (unknown [10.39.192.107])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 8C410C15968;
	Mon,  8 Jan 2024 19:21:28 +0000 (UTC)
X-Received: by dobby.home.kraxel.org (Postfix, from userid 1000)
	id 09862A4985; Mon,  8 Jan 2024 20:21:24 +0100 (CET)
From: "Gerd Hoffmann" <kraxel@redhat.com>
To: devel@edk2.groups.io
Cc: oliver@redhat.com, Laszlo Ersek <lersek@redhat.com>,
	Jiewen Yao <jiewen.yao@intel.com>, Gerd Hoffmann <kraxel@redhat.com>,
	Ard Biesheuvel <ardb+tianocore@kernel.org>,
	Sunil V L <sunilvl@ventanamicro.com>,
	Andrei Warkentin <andrei.warkentin@intel.com>
Subject: [edk2-devel] [PATCH v4 3/3] OvmfPkg/VirtNorFlashDxe: sanity-check
 variables
Date: Mon,  8 Jan 2024 20:21:23 +0100
Message-ID: <20240108192123.42359-4-kraxel@redhat.com>
In-Reply-To: <20240108192123.42359-1-kraxel@redhat.com>
References: <20240108192123.42359-1-kraxel@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.8
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,kraxel@redhat.com
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: 
 <https://edk2.groups.io/g/devel/leave/3901457/1787277/102458076/plugh>
X-Gm-Message-State: JzeUd2msaTZKY2tpxpkMEQaGx1787277AA=
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1704741756755100001
Content-Type: text/plain; charset="utf-8"; x-default="true"

Extend the ValidateFvHeader function, additionally to the header checks
walk over the list of variables and sanity check them.

In case we find inconsistencies indicating variable store corruption
return EFI_NOT_FOUND so the variable store will be re-initialized.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
 OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf |   1 +
 OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c   | 139 +++++++++++++++++++-
 2 files changed, 135 insertions(+), 5 deletions(-)

diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf b/OvmfPkg/VirtNorF=
lashDxe/VirtNorFlashDxe.inf
index 2a3d4a218e61..f549400280a1 100644
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf
@@ -34,6 +34,7 @@ [LibraryClasses]
   DxeServicesTableLib
   HobLib
   IoLib
+  SafeIntLib
   UefiBootServicesTableLib
   UefiDriverEntryPoint
   UefiLib
diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c b/OvmfPkg/VirtNorFla=
shDxe/VirtNorFlashFvb.c
index 9a614ae4b24d..56148e9f1f95 100644
--- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
+++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c
@@ -12,6 +12,7 @@
 #include <Library/BaseMemoryLib.h>
 #include <Library/MemoryAllocationLib.h>
 #include <Library/PcdLib.h>
+#include <Library/SafeIntLib.h>
 #include <Library/UefiLib.h>
=20
 #include <Guid/NvVarStoreFormatted.h>
@@ -185,11 +186,13 @@ ValidateFvHeader (
   IN  NOR_FLASH_INSTANCE  *Instance
   )
 {
-  UINT16                      Checksum;
-  EFI_FIRMWARE_VOLUME_HEADER  *FwVolHeader;
-  VARIABLE_STORE_HEADER       *VariableStoreHeader;
-  UINTN                       VariableStoreLength;
-  UINTN                       FvLength;
+  UINT16                            Checksum;
+  CONST EFI_FIRMWARE_VOLUME_HEADER  *FwVolHeader;
+  CONST VARIABLE_STORE_HEADER       *VariableStoreHeader;
+  UINTN                             VarOffset;
+  UINTN                             VariableStoreLength;
+  UINTN                             FvLength;
+  RETURN_STATUS                     Status;
=20
   FwVolHeader =3D (EFI_FIRMWARE_VOLUME_HEADER *)Instance->RegionBaseAddres=
s;
=20
@@ -258,6 +261,132 @@ ValidateFvHeader (
     return EFI_NOT_FOUND;
   }
=20
+  //
+  // check variables
+  //
+  DEBUG ((DEBUG_INFO, "%a: checking variables\n", __func__));
+  VarOffset =3D sizeof (*VariableStoreHeader);
+  for ( ; ;) {
+    UINTN                                VarHeaderEnd;
+    UINTN                                VarNameEnd;
+    UINTN                                VarEnd;
+    UINTN                                VarPadding;
+    CONST AUTHENTICATED_VARIABLE_HEADER  *VarHeader;
+    CHAR16                               *VarName;
+    CONST CHAR8                          *VarState;
+
+    Status =3D SafeUintnAdd (VarOffset, sizeof (*VarHeader), &VarHeaderEnd=
);
+    if (RETURN_ERROR (Status)) {
+      DEBUG ((DEBUG_ERROR, "%a: integer overflow\n", __func__));
+      return EFI_NOT_FOUND;
+    }
+
+    if (VarHeaderEnd >=3D VariableStoreHeader->Size) {
+      DEBUG ((DEBUG_INFO, "%a: end of var list (no space left)\n", __func_=
_));
+      break;
+    }
+
+    VarHeader =3D (VOID *)((UINTN)VariableStoreHeader + VarOffset);
+    if (VarHeader->StartId !=3D 0x55aa) {
+      DEBUG ((DEBUG_INFO, "%a: end of var list (no startid)\n", __func__));
+      break;
+    }
+
+    VarName =3D NULL;
+    switch (VarHeader->State) {
+      // usage: State =3D VAR_HEADER_VALID_ONLY
+      case VAR_HEADER_VALID_ONLY:
+        VarState =3D "header-ok";
+        VarName  =3D L"<unknown>";
+        break;
+
+      // usage: State =3D VAR_ADDED
+      case VAR_ADDED:
+        VarState =3D "ok";
+        break;
+
+      // usage: State &=3D VAR_IN_DELETED_TRANSITION
+      case VAR_ADDED &VAR_IN_DELETED_TRANSITION:
+        VarState =3D "del-in-transition";
+        break;
+
+      // usage: State &=3D VAR_DELETED
+      case VAR_ADDED &VAR_DELETED:
+      case VAR_ADDED &VAR_DELETED &VAR_IN_DELETED_TRANSITION:
+        VarState =3D "deleted";
+        break;
+
+      default:
+        DEBUG ((
+          DEBUG_ERROR,
+          "%a: invalid variable state: 0x%x\n",
+          __func__,
+          VarHeader->State
+          ));
+        return EFI_NOT_FOUND;
+    }
+
+    Status =3D SafeUintnAdd (VarHeaderEnd, VarHeader->NameSize, &VarNameEn=
d);
+    if (RETURN_ERROR (Status)) {
+      DEBUG ((DEBUG_ERROR, "%a: integer overflow\n", __func__));
+      return EFI_NOT_FOUND;
+    }
+
+    Status =3D SafeUintnAdd (VarNameEnd, VarHeader->DataSize, &VarEnd);
+    if (RETURN_ERROR (Status)) {
+      DEBUG ((DEBUG_ERROR, "%a: integer overflow\n", __func__));
+      return EFI_NOT_FOUND;
+    }
+
+    if (VarEnd > VariableStoreHeader->Size) {
+      DEBUG ((
+        DEBUG_ERROR,
+        "%a: invalid variable size: 0x%Lx + 0x%Lx + 0x%x + 0x%x > 0x%x\n",
+        __func__,
+        (UINT64)VarOffset,
+        (UINT64)(sizeof (*VarHeader)),
+        VarHeader->NameSize,
+        VarHeader->DataSize,
+        VariableStoreHeader->Size
+        ));
+      return EFI_NOT_FOUND;
+    }
+
+    if ((VarHeader->NameSize & 1) ||
+        (VarHeader->NameSize < 4))
+    {
+      DEBUG ((DEBUG_ERROR, "%a: invalid name size\n", __func__));
+      return EFI_NOT_FOUND;
+    }
+
+    if (VarName =3D=3D NULL) {
+      VarName =3D (VOID *)((UINTN)VariableStoreHeader + VarHeaderEnd);
+      if (VarName[VarHeader->NameSize / 2 - 1] !=3D L'\0') {
+        DEBUG ((DEBUG_ERROR, "%a: name is not null terminated\n", __func__=
));
+        return EFI_NOT_FOUND;
+      }
+    }
+
+    DEBUG ((
+      DEBUG_VERBOSE,
+      "%a: +0x%04Lx: name=3D0x%x data=3D0x%x guid=3D%g '%s' (%a)\n",
+      __func__,
+      (UINT64)VarOffset,
+      VarHeader->NameSize,
+      VarHeader->DataSize,
+      &VarHeader->VendorGuid,
+      VarName,
+      VarState
+      ));
+
+    VarPadding =3D (4 - (VarEnd & 3)) & 3;
+    Status     =3D SafeUintnAdd (VarEnd, VarPadding, &VarOffset);
+    if (RETURN_ERROR (Status)) {
+      DEBUG ((DEBUG_ERROR, "%a: integer overflow\n", __func__));
+      return EFI_NOT_FOUND;
+    }
+  }
+
   return EFI_SUCCESS;
 }
=20
--=20
2.43.0



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#113411): https://edk2.groups.io/g/devel/message/113411
Mute This Topic: https://groups.io/mt/103605077/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-