SecurityPkg: AuthVariableLib: Customized SecureBoot Mode transition.

Implement Customized SecureBoot Mode transition logic according to Mantis 1263, including AuditMode/DeployedMode/PK update management.
  Also implement image verification logic in AuditMode. Image Certificate & Hash are recorded to EFI Image Execution Table.
  https://mantis.uefi.org/mantis/view.php?id=1263

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Zeng Star <star.zeng@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19133 6f19259b-4bc3-4df7-8a09-765794883524

SecurityPkg/Library/AuthVariableLib/AuthServiceInternal.h

@@ -117,6 +117,54 @@ typedef struct {
 } AUTH_CERT_DB_DATA;
 #pragma pack()
 
+///
+/// "SecureBootMode" variable stores current secure boot mode.
+/// The value type is SECURE_BOOT_MODE_TYPE.
+///
+#define EDKII_SECURE_BOOT_MODE_NAME    L"SecureBootMode"
+
+typedef enum { 
+  SecureBootModeTypeUserMode,
+  SecureBootModeTypeSetupMode,
+  SecureBootModeTypeAuditMode,
+  SecureBootModeTypeDeployedMode,
+  SecureBootModeTypeMax
+} SECURE_BOOT_MODE_TYPE;
+
+//
+// Record status info of Customized Secure Boot Mode.
+//
+typedef struct {
+  ///
+  /// AuditMode variable value
+  ///
+  UINT8   AuditMode;
+  ///
+  /// AuditMode variable RW
+  ///
+  BOOLEAN IsAuditModeRO;
+  ///
+  /// DeployedMode variable value
+  ///
+  UINT8   DeployedMode;
+  ///
+  /// AuditMode variable RW
+  ///
+  BOOLEAN IsDeployedModeRO;
+  ///
+  /// SetupMode variable value
+  ///
+  UINT8   SetupMode;
+  /// 
+  /// SetupMode is always RO. Skip IsSetupModeRO;              
+  ///
+
+  ///
+  /// SecureBoot variable value
+  ///
+  UINT8   SecureBoot;
+} SECURE_BOOT_MODE;
+
 extern UINT8    *mPubKeyStore;
 extern UINT32   mPubKeyNumber;
 extern UINT32   mMaxKeyNumber;
@@ -130,6 +178,18 @@ extern VOID     *mHashCtx;
 
 extern AUTH_VAR_LIB_CONTEXT_IN *mAuthVarLibContextIn;
 
+/**
+  Initialize Secure Boot variables.
+
+  @retval EFI_SUCCESS               The initialization operation is successful.
+  @retval EFI_OUT_OF_RESOURCES      There is not enough resource.
+
+**/
+EFI_STATUS 
+InitSecureBootVariables (
+  VOID
+  );
+
 /**
   Process variable with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set
 
@@ -219,6 +279,39 @@ FilterSignatureList (
   IN OUT UINTN      *NewDataSize
   );
 
+/**
+  Process Secure Boot Mode variable.
+
+  Caution: This function may receive untrusted input.
+  This function may be invoked in SMM mode, and datasize and data are external input.
+  This function will do basic validation, before parse the data.
+  This function will parse the authentication carefully to avoid security issues, like
+  buffer overflow, integer overflow.
+  This function will check attribute carefully to avoid authentication bypass.
+
+  @param[in]  VariableName                Name of Variable to be found.
+  @param[in]  VendorGuid                  Variable vendor GUID.
+  @param[in]  Data                        Data pointer.
+  @param[in]  DataSize                    Size of Data found. If size is less than the
+                                          data, this value contains the required size.
+  @param[in]  Attributes                  Attribute value of the variable
+
+  @return EFI_INVALID_PARAMETER           Invalid parameter
+  @return EFI_SECURITY_VIOLATION          The variable does NOT pass the validation
+                                          check carried out by the firmware.
+  @return EFI_WRITE_PROTECTED             Variable is Read-Only.
+  @return EFI_SUCCESS                     Variable passed validation successfully.
+
+**/
+EFI_STATUS
+ProcessSecureBootModeVar (
+  IN  CHAR16         *VariableName,
+  IN  EFI_GUID       *VendorGuid,
+  IN  VOID           *Data,
+  IN  UINTN          DataSize,
+  IN  UINT32         Attributes OPTIONAL
+  );
+
 /**
   Process variable with platform key for verification.
 

SecurityPkg/Library/AuthVariableLib/AuthVariableLib.c

@@ -33,7 +33,6 @@ UINT32   mMaxKeyNumber;
 UINT32   mMaxKeyDbSize;
 UINT8    *mCertDbStore;
 UINT32   mMaxCertDbSize;
-UINT32   mPlatformMode;
 UINT8    mVendorKeyState;
 
 EFI_GUID mSignatureSupport[] = {EFI_CERT_SHA1_GUID, EFI_CERT_SHA256_GUID, EFI_CERT_RSA2048_GUID, EFI_CERT_X509_GUID};
@@ -99,6 +98,17 @@ VARIABLE_ENTRY_PROPERTY mAuthVarEntry[] = {
       MAX_UINTN
     }
   },
+  {
+    &gEdkiiSecureBootModeGuid,
+    L"SecureBootMode",
+    {
+      VAR_CHECK_VARIABLE_PROPERTY_REVISION,
+      VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY,
+      VARIABLE_ATTRIBUTE_NV_BS_RT,
+      sizeof (UINT8),
+      sizeof (UINT8)
+    }
+  }
 };
 
 VOID **mAuthVarAddressPointer[10];
@@ -132,8 +142,6 @@ AuthVariableLibInitialize (
   UINT8                 *Data;
   UINTN                 DataSize;
   UINTN                 CtxSize;
-  UINT8                 SecureBootMode;
-  UINT8                 SecureBootEnable;
   UINT8                 CustomMode;
   UINT32                ListSize;
 
@@ -208,31 +216,11 @@ AuthVariableLibInitialize (
     mPubKeyNumber = (UINT32) (DataSize / sizeof (AUTHVAR_KEY_DB_DATA));
   }
 
-  Status = AuthServiceInternalFindVariable (EFI_PLATFORM_KEY_NAME, &gEfiGlobalVariableGuid, (VOID **) &Data, &DataSize);
-  if (EFI_ERROR (Status)) {
-    DEBUG ((EFI_D_INFO, "Variable %s does not exist.\n", EFI_PLATFORM_KEY_NAME));
-  } else {
-    DEBUG ((EFI_D_INFO, "Variable %s exists.\n", EFI_PLATFORM_KEY_NAME));
-  }
+  //
+  // Init Secure Boot variables
+  //
+  Status = InitSecureBootVariables ();
 
-  //
-  // Create "SetupMode" variable with BS+RT attribute set.
-  //
-  if (EFI_ERROR (Status)) {
-    mPlatformMode = SETUP_MODE;
-  } else {
-    mPlatformMode = USER_MODE;
-  }
-  Status = AuthServiceInternalUpdateVariable (
-             EFI_SETUP_MODE_NAME,
-             &gEfiGlobalVariableGuid,
-             &mPlatformMode,
-             sizeof(UINT8),
-             EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS
-             );
-  if (EFI_ERROR (Status)) {
-    return Status;
-  }
 
   //
   // Create "SignatureSupport" variable with BS+RT attribute set.
@@ -248,69 +236,6 @@ AuthVariableLibInitialize (
     return Status;
   }
 
-  //
-  // If "SecureBootEnable" variable exists, then update "SecureBoot" variable.
-  // If "SecureBootEnable" variable is SECURE_BOOT_ENABLE and in USER_MODE, Set "SecureBoot" variable to SECURE_BOOT_MODE_ENABLE.
-  // If "SecureBootEnable" variable is SECURE_BOOT_DISABLE, Set "SecureBoot" variable to SECURE_BOOT_MODE_DISABLE.
-  //
-  SecureBootEnable = SECURE_BOOT_DISABLE;
-  Status = AuthServiceInternalFindVariable (EFI_SECURE_BOOT_ENABLE_NAME, &gEfiSecureBootEnableDisableGuid, (VOID **) &Data, &DataSize);
-  if (!EFI_ERROR (Status)) {
-    if (mPlatformMode == SETUP_MODE){
-      //
-      // PK is cleared in runtime. "SecureBootMode" is not updated before reboot
-      // Delete "SecureBootMode" in SetupMode
-      //
-      Status = AuthServiceInternalUpdateVariable (
-                 EFI_SECURE_BOOT_ENABLE_NAME,
-                 &gEfiSecureBootEnableDisableGuid,
-                 &SecureBootEnable,
-                 0,
-                 EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS
-                 );
-    } else {
-      SecureBootEnable = *(UINT8 *) Data;
-    }
-  } else if (mPlatformMode == USER_MODE) {
-    //
-    // "SecureBootEnable" not exist, initialize it in USER_MODE.
-    //
-    SecureBootEnable = SECURE_BOOT_ENABLE;
-    Status = AuthServiceInternalUpdateVariable (
-               EFI_SECURE_BOOT_ENABLE_NAME,
-               &gEfiSecureBootEnableDisableGuid,
-               &SecureBootEnable,
-               sizeof (UINT8),
-               EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS
-               );
-    if (EFI_ERROR (Status)) {
-      return Status;
-    }
-  }
-
-  //
-  // Create "SecureBoot" variable with BS+RT attribute set.
-  //
-  if (SecureBootEnable == SECURE_BOOT_ENABLE && mPlatformMode == USER_MODE) {
-    SecureBootMode = SECURE_BOOT_MODE_ENABLE;
-  } else {
-    SecureBootMode = SECURE_BOOT_MODE_DISABLE;
-  }
-  Status = AuthServiceInternalUpdateVariable (
-             EFI_SECURE_BOOT_MODE_NAME,
-             &gEfiGlobalVariableGuid,
-             &SecureBootMode,
-             sizeof (UINT8),
-             EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS
-             );
-  if (EFI_ERROR (Status)) {
-    return Status;
-  }
-
-  DEBUG ((EFI_D_INFO, "Variable %s is %x\n", EFI_SETUP_MODE_NAME, mPlatformMode));
-  DEBUG ((EFI_D_INFO, "Variable %s is %x\n", EFI_SECURE_BOOT_MODE_NAME, SecureBootMode));
-  DEBUG ((EFI_D_INFO, "Variable %s is %x\n", EFI_SECURE_BOOT_ENABLE_NAME, SecureBootEnable));
-
   //
   // Initialize "CustomMode" in STANDARD_SECURE_BOOT_MODE state.
   //
@@ -455,10 +380,16 @@ AuthVariableLibProcessVariable (
 {
   EFI_STATUS        Status;
 
+  //
+  // Process PK, KEK, Sigdb, AuditMode, DeployedMode separately.
+  //
   if (CompareGuid (VendorGuid, &gEfiGlobalVariableGuid) && (StrCmp (VariableName, EFI_PLATFORM_KEY_NAME) == 0)){
     Status = ProcessVarWithPk (VariableName, VendorGuid, Data, DataSize, Attributes, TRUE);
   } else if (CompareGuid (VendorGuid, &gEfiGlobalVariableGuid) && (StrCmp (VariableName, EFI_KEY_EXCHANGE_KEY_NAME) == 0)) {
     Status = ProcessVarWithPk (VariableName, VendorGuid, Data, DataSize, Attributes, FALSE);
+  } else if (CompareGuid (VendorGuid, &gEfiGlobalVariableGuid) 
+          && (StrCmp (VariableName, EFI_AUDIT_MODE_NAME) == 0 || StrCmp (VariableName, EFI_DEPLOYED_MODE_NAME) == 0)) {
+    Status = ProcessSecureBootModeVar(VariableName, VendorGuid, Data, DataSize, Attributes);
   } else if (CompareGuid (VendorGuid, &gEfiImageSecurityDatabaseGuid) &&
              ((StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE)  == 0) ||
               (StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE1) == 0) ||

SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf

@@ -85,6 +85,10 @@
   ## PRODUCES            ## Variable:L"AuthVarKeyDatabase"
   gEfiAuthenticatedVariableGuid
 
+  ## CONSUMES            ## Variable:L"SecureBootMode"
+  ## PRODUCES            ## Variable:L"SecureBootMode"
+  gEdkiiSecureBootModeGuid
+
   gEfiCertTypeRsa2048Sha256Guid  ## SOMETIMES_CONSUMES   ## GUID  # Unique ID for the type of the certificate.
   gEfiCertPkcs7Guid              ## SOMETIMES_CONSUMES   ## GUID  # Unique ID for the type of the certificate.
   gEfiCertX509Guid               ## SOMETIMES_CONSUMES   ## GUID  # Unique ID for the type of the signature.