sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

MdeModulePkg/VariablePolicy: Add more granular variable policy querying

Browse Source 
Introduces two new APIs to EDKII_VARIABLE_POLICY_PROTOCOL:
  1. GetVariablePolicyInfo()
  2. GetLockOnVariableStateVariablePolicyInfo()

These allow a caller to retrieve policy information associated with
a UEFI variable given the variable name and vendor GUID.

GetVariablePolicyInfo() - Returns the variable policy applied to the
UEFI variable. If the variable policy is applied toward an individual
UEFI variable, that name can optionally be returned.

GetLockOnVariableStateVariablePolicyInfo() - Returns the Lock on
Variable State policy applied to the UEFI variable. If the Lock on
Variable State policy is applied to a specific variable name, that
name can optionally be returned.

These functions can be useful for a variety of purposes such as
auditing, testing, and functional flows.

Also fixed some variable name typos in code touched by the changes.

Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
Message-Id: <20231030203112.736-2-mikuback@linux.microsoft.com>
This commit is contained in:
Michael Kubacki
2023-10-30 16:31:09 -04:00
committed by mergify[bot]
parent 8e74629070
commit f3b2187d55
8 changed files with 1062 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

174
MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c
View File

@ -76,14 +76,20 @@ VarCheckPolicyLibMmiHandler (
VOID *InternalCommBuffer;
EFI_STATUS Status;
EFI_STATUS SubCommandStatus;
VAR_CHECK_POLICY_COMM_HEADER *PolicyCommmHeader;
VAR_CHECK_POLICY_COMM_HEADER *InternalPolicyCommmHeader;
VAR_CHECK_POLICY_COMM_HEADER *PolicyCommHeader;
VAR_CHECK_POLICY_COMM_HEADER *InternalPolicyCommHeader;
VAR_CHECK_POLICY_COMM_IS_ENABLED_PARAMS *IsEnabledParams;
VAR_CHECK_POLICY_COMM_DUMP_PARAMS *DumpParamsIn;
VAR_CHECK_POLICY_COMM_DUMP_PARAMS *DumpParamsOut;
VAR_CHECK_POLICY_COMM_GET_INFO_PARAMS *GetInfoParamsInternal;
VAR_CHECK_POLICY_COMM_GET_INFO_PARAMS *GetInfoParamsExternal;
CHAR16 *InternalCopyOfOutputVariableName;
CHAR16 *ExternalCopyOfOutputVariableName;
UINT8 *DumpInputBuffer;
UINT8 *DumpOutputBuffer;
UINTN AllowedOutputVariableNameSize;
UINTN DumpTotalPages;
UINTN LocalSize;
VARIABLE_POLICY_ENTRY *PolicyEntry;
UINTN ExpectedSize;
UINT32 TempSize;
@ -122,21 +128,21 @@ VarCheckPolicyLibMmiHandler (
//
InternalCommBuffer = &mSecurityEvalBuffer[0];
CopyMem (InternalCommBuffer, CommBuffer, InternalCommBufferSize);
PolicyCommmHeader = CommBuffer;
InternalPolicyCommmHeader = InternalCommBuffer;
PolicyCommHeader = CommBuffer;
InternalPolicyCommHeader = InternalCommBuffer;
// Check the revision and the signature of the comm header.
if ((InternalPolicyCommmHeader->Signature != VAR_CHECK_POLICY_COMM_SIG) ||
(InternalPolicyCommmHeader->Revision != VAR_CHECK_POLICY_COMM_REVISION))
if ((InternalPolicyCommHeader->Signature != VAR_CHECK_POLICY_COMM_SIG) ||
(InternalPolicyCommHeader->Revision != VAR_CHECK_POLICY_COMM_REVISION))
{
DEBUG ((DEBUG_INFO, "%a - Signature or revision are incorrect!\n", __func__));
// We have verified the buffer is not null and have enough size to hold Result field.
PolicyCommmHeader->Result = EFI_INVALID_PARAMETER;
PolicyCommHeader->Result = EFI_INVALID_PARAMETER;
return EFI_SUCCESS;
}
// If we're in the middle of a paginated dump and any other command is sent,
// pagination cache must be cleared.
if ((mPaginationCache != NULL) && (InternalPolicyCommmHeader->Command != mCurrentPaginationCommand)) {
if ((mPaginationCache != NULL) && (InternalPolicyCommHeader->Command != mCurrentPaginationCommand)) {
FreePool (mPaginationCache);
mPaginationCache = NULL;
mPaginationCacheSize = 0;
@ -146,10 +152,10 @@ VarCheckPolicyLibMmiHandler (
//
// Now we can process the command as it was sent.
//
PolicyCommmHeader->Result = EFI_ABORTED; // Set a default return for incomplete commands.
switch (InternalPolicyCommmHeader->Command) {
PolicyCommHeader->Result = EFI_ABORTED; // Set a default return for incomplete commands.
switch (InternalPolicyCommHeader->Command) {
case VAR_CHECK_POLICY_COMMAND_DISABLE:
PolicyCommmHeader->Result = DisableVariablePolicy ();
PolicyCommHeader->Result = DisableVariablePolicy ();
break;
case VAR_CHECK_POLICY_COMMAND_IS_ENABLED:
@ -158,14 +164,14 @@ VarCheckPolicyLibMmiHandler (
ExpectedSize += sizeof (VAR_CHECK_POLICY_COMM_IS_ENABLED_PARAMS);
if (InternalCommBufferSize < ExpectedSize) {
DEBUG ((DEBUG_INFO, "%a - Bad comm buffer size! %d < %d\n", __func__, InternalCommBufferSize, ExpectedSize));
PolicyCommmHeader->Result = EFI_INVALID_PARAMETER;
PolicyCommHeader->Result = EFI_INVALID_PARAMETER;
break;
}
// Now that we know we've got a valid size, we can fill in the rest of the data.
IsEnabledParams = (VAR_CHECK_POLICY_COMM_IS_ENABLED_PARAMS *)((UINT8 *)CommBuffer + sizeof (VAR_CHECK_POLICY_COMM_HEADER));
IsEnabledParams->State = IsVariablePolicyEnabled ();
PolicyCommmHeader->Result = EFI_SUCCESS;
IsEnabledParams = (VAR_CHECK_POLICY_COMM_IS_ENABLED_PARAMS *)((UINT8 *)CommBuffer + sizeof (VAR_CHECK_POLICY_COMM_HEADER));
IsEnabledParams->State = IsVariablePolicyEnabled ();
PolicyCommHeader->Result = EFI_SUCCESS;
break;
case VAR_CHECK_POLICY_COMMAND_REGISTER:
@ -174,7 +180,7 @@ VarCheckPolicyLibMmiHandler (
ExpectedSize += sizeof (VARIABLE_POLICY_ENTRY);
if (InternalCommBufferSize < ExpectedSize) {
DEBUG ((DEBUG_INFO, "%a - Bad comm buffer size! %d < %d\n", __func__, InternalCommBufferSize, ExpectedSize));
PolicyCommmHeader->Result = EFI_INVALID_PARAMETER;
PolicyCommHeader->Result = EFI_INVALID_PARAMETER;
break;
}
@ -187,11 +193,11 @@ VarCheckPolicyLibMmiHandler (
(InternalCommBufferSize < ExpectedSize))
{
DEBUG ((DEBUG_INFO, "%a - Bad policy entry contents!\n", __func__));
PolicyCommmHeader->Result = EFI_INVALID_PARAMETER;
PolicyCommHeader->Result = EFI_INVALID_PARAMETER;
break;
}
PolicyCommmHeader->Result = RegisterVariablePolicy (PolicyEntry);
PolicyCommHeader->Result = RegisterVariablePolicy (PolicyEntry);
break;
case VAR_CHECK_POLICY_COMMAND_DUMP:
@ -200,13 +206,13 @@ VarCheckPolicyLibMmiHandler (
ExpectedSize += sizeof (VAR_CHECK_POLICY_COMM_DUMP_PARAMS) + VAR_CHECK_POLICY_MM_DUMP_BUFFER_SIZE;
if (InternalCommBufferSize < ExpectedSize) {
DEBUG ((DEBUG_INFO, "%a - Bad comm buffer size! %d < %d\n", __func__, InternalCommBufferSize, ExpectedSize));
PolicyCommmHeader->Result = EFI_INVALID_PARAMETER;
PolicyCommHeader->Result = EFI_INVALID_PARAMETER;
break;
}
// Now that we know we've got a valid size, we can fill in the rest of the data.
DumpParamsIn = (VAR_CHECK_POLICY_COMM_DUMP_PARAMS *)(InternalPolicyCommmHeader + 1);
DumpParamsOut = (VAR_CHECK_POLICY_COMM_DUMP_PARAMS *)(PolicyCommmHeader + 1);
DumpParamsIn = (VAR_CHECK_POLICY_COMM_DUMP_PARAMS *)(InternalPolicyCommHeader + 1);
DumpParamsOut = (VAR_CHECK_POLICY_COMM_DUMP_PARAMS *)(PolicyCommHeader + 1);
// If we're requesting the first page, initialize the cache and get the sizes.
if (DumpParamsIn->PageRequested == 0) {
@ -289,17 +295,131 @@ VarCheckPolicyLibMmiHandler (
}
// There's currently no use for this, but it shouldn't be hard to implement.
PolicyCommmHeader->Result = SubCommandStatus;
PolicyCommHeader->Result = SubCommandStatus;
break;
case VAR_CHECK_POLICY_COMMAND_LOCK:
PolicyCommmHeader->Result = LockVariablePolicy ();
PolicyCommHeader->Result = LockVariablePolicy ();
break;
case VAR_CHECK_POLICY_COMMAND_GET_INFO:
case VAR_CHECK_POLICY_COMMAND_GET_LOCK_VAR_STATE_INFO:
ExpectedSize += VAR_CHECK_POLICY_COMM_GET_INFO_PARAMS_END + VAR_CHECK_POLICY_MM_GET_INFO_BUFFER_SIZE;
if (InternalCommBufferSize < ExpectedSize) {
PolicyCommHeader->Result = EFI_INVALID_PARAMETER;
break;
}
GetInfoParamsInternal = (VAR_CHECK_POLICY_COMM_GET_INFO_PARAMS *)(InternalPolicyCommHeader + 1);
GetInfoParamsExternal = (VAR_CHECK_POLICY_COMM_GET_INFO_PARAMS *)(PolicyCommHeader + 1);
SubCommandStatus = SafeUintnSub (
VAR_CHECK_POLICY_MM_GET_INFO_BUFFER_SIZE,
GetInfoParamsInternal->InputVariableNameSize,
&AllowedOutputVariableNameSize
);
if (EFI_ERROR (SubCommandStatus)) {
PolicyCommHeader->Result = EFI_INVALID_PARAMETER;
break;
}
if (GetInfoParamsInternal->OutputVariableNameSize > 0) {
SubCommandStatus = SafeUintnAdd (
((UINTN)GetInfoParamsInternal + VAR_CHECK_POLICY_COMM_GET_INFO_PARAMS_END),
(UINTN)GetInfoParamsInternal->InputVariableNameSize,
(UINTN *)&InternalCopyOfOutputVariableName
);
if (EFI_ERROR (SubCommandStatus)) {
PolicyCommHeader->Result = EFI_INVALID_PARAMETER;
break;
}
} else {
InternalCopyOfOutputVariableName = NULL;
}
ZeroMem (&GetInfoParamsInternal->OutputPolicyEntry, sizeof (GetInfoParamsInternal->OutputPolicyEntry));
ZeroMem (&GetInfoParamsExternal->OutputPolicyEntry, sizeof (GetInfoParamsExternal->OutputPolicyEntry));
LocalSize = (UINTN)GetInfoParamsInternal->OutputVariableNameSize;
if (InternalPolicyCommHeader->Command == VAR_CHECK_POLICY_COMMAND_GET_INFO) {
SubCommandStatus = GetVariablePolicyInfo (
GetInfoParamsInternal->InputVariableName,
&GetInfoParamsInternal->InputVendorGuid,
&LocalSize,
&GetInfoParamsInternal->OutputPolicyEntry.VariablePolicy,
InternalCopyOfOutputVariableName
);
} else if (InternalPolicyCommHeader->Command == VAR_CHECK_POLICY_COMMAND_GET_LOCK_VAR_STATE_INFO) {
SubCommandStatus = GetLockOnVariableStateVariablePolicyInfo (
GetInfoParamsInternal->InputVariableName,
&GetInfoParamsInternal->InputVendorGuid,
&LocalSize,
&GetInfoParamsInternal->OutputPolicyEntry.LockOnVarStatePolicy,
InternalCopyOfOutputVariableName
);
} else {
PolicyCommHeader->Result = EFI_INVALID_PARAMETER;
break;
}
if (EFI_ERROR (SubCommandStatus) && (SubCommandStatus != EFI_BUFFER_TOO_SMALL)) {
PolicyCommHeader->Result = SubCommandStatus;
break;
}
if (EFI_ERROR (SafeUintnToUint32 (LocalSize, &GetInfoParamsInternal->OutputVariableNameSize))) {
PolicyCommHeader->Result = EFI_BAD_BUFFER_SIZE;
break;
}
ASSERT (sizeof (GetInfoParamsInternal->OutputPolicyEntry) == sizeof (GetInfoParamsExternal->OutputPolicyEntry));
CopyMem (
&GetInfoParamsExternal->OutputPolicyEntry,
&GetInfoParamsInternal->OutputPolicyEntry,
sizeof (GetInfoParamsExternal->OutputPolicyEntry)
);
GetInfoParamsExternal->OutputVariableNameSize = GetInfoParamsInternal->OutputVariableNameSize;
if (SubCommandStatus == EFI_BUFFER_TOO_SMALL) {
PolicyCommHeader->Result = EFI_BUFFER_TOO_SMALL;
break;
}
SubCommandStatus = SafeUintnAdd (
((UINTN)GetInfoParamsExternal + VAR_CHECK_POLICY_COMM_GET_INFO_PARAMS_END),
(UINTN)GetInfoParamsInternal->InputVariableNameSize,
(UINTN *)&ExternalCopyOfOutputVariableName
);
if (EFI_ERROR (SubCommandStatus)) {
PolicyCommHeader->Result = EFI_BAD_BUFFER_SIZE;
break;
}
if (GetInfoParamsInternal->OutputVariableNameSize > 0) {
SubCommandStatus = StrnCpyS (
ExternalCopyOfOutputVariableName,
AllowedOutputVariableNameSize,
InternalCopyOfOutputVariableName,
(UINTN)GetInfoParamsInternal->OutputVariableNameSize
);
ASSERT_EFI_ERROR (SubCommandStatus);
} else {
// The comm buffer should always have the space for the variable policy output
// variable name. Fill it with NULL chars if a variable name is not present so
// it has a consistent value in the case of variable name absence.
SetMem (ExternalCopyOfOutputVariableName, AllowedOutputVariableNameSize, CHAR_NULL);
}
PolicyCommHeader->Result = SubCommandStatus;
break;
default:
// Mark unknown requested command as EFI_UNSUPPORTED.
DEBUG ((DEBUG_INFO, "%a - Invalid command requested! %d\n", __func__, PolicyCommmHeader->Command));
PolicyCommmHeader->Result = EFI_UNSUPPORTED;
DEBUG ((DEBUG_INFO, "%a - Invalid command requested! %d\n", __func__, PolicyCommHeader->Command));
PolicyCommHeader->Result = EFI_UNSUPPORTED;
break;
}
@ -307,8 +427,8 @@ VarCheckPolicyLibMmiHandler (
DEBUG_VERBOSE,
"%a - Command %d returning %r.\n",
__func__,
PolicyCommmHeader->Command,
PolicyCommmHeader->Result
PolicyCommHeader->Command,
PolicyCommHeader->Result
));
return Status;