sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
31,612 Commits 13 Branches 33 Tags
00b51e0d78a547dd78119ec44fcc74a01b6f79c8
Commit Graph

913 Commits

Author SHA1 Message Date
Qi Zhang
7bcb021a6d SecurityPkg/PeiTpmMeasurementLib: remove gEfiTpmDeviceSelectedGuid 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2963

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2020-09-16 05:16:02 +00:00
Zhichao Gao
cdfc7ed34f SecurityPkg/DxeImageVerificationLib: Disable SHA1 base on MACRO 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2943

Disable SHA1 base on the MACRO DISABLE_SHA1_DEPRECATED_INTERFACES.
SHA1 is deprecated function and the MACRO is used to remove the whole
implementation of the SHA1. For the platforms that do not need SHA1
for security, the MACRO should works for DxeImageVerificationLib as
well.

Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2020-09-07 02:38:42 +00:00
Laszlo Ersek
0b143fa43e SecurityPkg/DxeImageVerificationLib: catch alignment overflow (CVE-2019-14562) 
The DxeImageVerificationHandler() function currently checks whether
"SecDataDir" has enough room for "WinCertificate->dwLength". However, for
advancing "OffSet", "WinCertificate->dwLength" is aligned to the next
multiple of 8. If "WinCertificate->dwLength" is large enough, the
alignment will return 0, and "OffSet" will be stuck at the same value.

Check whether "SecDataDir" has room left for both
"WinCertificate->dwLength" and the alignment.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Wenyi Xie <xiewenyi2@huawei.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2215
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20200901091221.20948-4-lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Wenyi Xie <xiewenyi2@huawei.com>
Reviewed-by: Min M Xu <min.m.xu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2020-09-02 10:16:18 +00:00
Laszlo Ersek
a7632e913c SecurityPkg/DxeImageVerificationLib: assign WinCertificate after size check 
Currently the (SecDataDirLeft <= sizeof (WIN_CERTIFICATE)) check only
guards the de-referencing of the "WinCertificate" pointer. It does not
guard the calculation of the pointer itself:

  WinCertificate = (WIN_CERTIFICATE *) (mImageBase + OffSet);

This is wrong; if we don't know for sure that we have enough room for a
WIN_CERTIFICATE, then even creating such a pointer, not just
de-referencing it, may invoke undefined behavior.

Move the pointer calculation after the size check.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Wenyi Xie <xiewenyi2@huawei.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2215
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20200901091221.20948-3-lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Wenyi Xie <xiewenyi2@huawei.com>
Reviewed-by: Min M Xu <min.m.xu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2020-09-02 10:16:18 +00:00
Laszlo Ersek
503248ccdf SecurityPkg/DxeImageVerificationLib: extract SecDataDirEnd, SecDataDirLeft 
The following two quantities:

  SecDataDir->VirtualAddress + SecDataDir->Size
  SecDataDir->VirtualAddress + SecDataDir->Size - OffSet

are used multiple times in DxeImageVerificationHandler(). Introduce helper
variables for them: "SecDataDirEnd" and "SecDataDirLeft", respectively.
This saves us multiple calculations and significantly simplifies the code.

Note that all three summands above have type UINT32, therefore the new
variables are also of type UINT32.

This patch does not change behavior.

(Note that the code already handles the case when the

  SecDataDir->VirtualAddress + SecDataDir->Size

UINT32 addition overflows -- namely, in that case, the certificate loop is
never entered, and the corruption check right after the loop fires.)

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Wenyi Xie <xiewenyi2@huawei.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2215
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20200901091221.20948-2-lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Wenyi Xie <xiewenyi2@huawei.com>
Reviewed-by: Min M Xu <min.m.xu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2020-09-02 10:16:18 +00:00
Zhiguang Liu
46db105b7b SecurityPkg: Initailize variable Status before it is consumed. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2945

V2: Move "Status = EFI_SUCCESS;" before the EDKII_TCG_PRE_HASH check.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Zhiguang Liu <zhiguang.liu@intel.com>
Message-Id: <20200901005505.1722-1-zhiguang.liu@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
 2020-09-01 16:11:24 +00:00
Qi Zhang
547067dd86 SecurityPkg/Tcg2: handle PRE HASH and LOG ONLY 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2376

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Message-Id: <20200818062618.3698-8-qi1.zhang@intel.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2020-08-26 15:56:11 +00:00
Qi Zhang
6847329af2 SecurityPkg/dsc: add FvEventLogRecordLib 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2376

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Message-Id: <20200818062618.3698-6-qi1.zhang@intel.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2020-08-26 15:56:11 +00:00
Qi Zhang
a13947b2fa SecurityPkg/TcgEventLogRecordLib: add new lib for firmware measurement 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2376

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Message-Id: <20200818062618.3698-2-qi1.zhang@intel.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2020-08-26 15:56:11 +00:00
Michael D Kinney
53b40c9c6d SecurityPkg: Fix spelling mistake for occurred 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2361

Cc: Qi Zhang <qi1.zhang@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2020-08-19 00:54:23 +00:00
Michael D Kinney
9b851fd6b2 SecurityPkg/OpalPassword: Fix spelling mistake 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2346

Cc: Qi Zhang <qi1.zhang@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2020-08-19 00:11:57 +00:00
Shenglei Zhang
f2a8fae3f6 SecurityPkg/SecurityPkg.ci.yaml: Add configuration for Ecc check 
Add configuration ExceptionList and IgnoreFiles for package config
files. So users can rely on this to ignore some Ecc issues.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
 2020-08-17 03:28:09 +00:00
Shenglei Zhang
9a10c305a1 SecurityPkg/SecurityPkg.ci.yaml: Add configuration for LicenseCheck 
Add configuration IgnoreFiles for package config files.
So users can rely on this to skip license conflict for
some generated files.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2020-07-31 02:49:51 +00:00
Qi Zhang
3887820e5f SecurityPkg/Tcg2Config: remove TPM2_ChangEPS if it is not supported. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2793

In current implementation TPM2_ChangeEPS command is always available
in the TPM2 operation pull down list in TCG2 Configuration, which
is confusing when the command is not supported by specific TPM chip.
As a user experience improvement, TPM2_ChangeEPS command should be
removed from the list when it is not supported.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2020-07-28 09:56:25 +00:00
Zhang, Qi
1b0d659e6d SecurityPkg/Tpm2CommandLib: add a new function 
Tpm2GetCapabilityIsCommandImplemented

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2793

check if the commad is supported by comparing the command code with
command index.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2020-07-28 09:56:25 +00:00
Guomin Jiang
ffde22468e SecurityPkg/TcgPei: Use Migrated FV Info Hob for calculating hash (CVE-2019-11098) 
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1614

When we allocate pool to save rebased the PEIMs, the address will change
randomly, therefore the hash will change and result PCR0 change as well.
To avoid this, we save the raw PEIMs and use it to calculate hash.
The TcgPei calculate the hash and it use the Migrated FV Info.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Signed-off-by: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Qi Zhang <qi1.zhang@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
 2020-07-28 01:43:16 +00:00
Guomin Jiang
012809cdca SecurityPkg/Tcg2Pei: Use Migrated FV Info Hob for calculating hash (CVE-2019-11098) 
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1614

When we allocate pool to save rebased the PEIMs, the address will change
randomly, therefore the hash will change and result PCR0 change as well.
To avoid this, we save the raw PEIMs and use it to calculate hash.
The Tcg2Pei calculate the hash and it use the Migrated FV Info.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Signed-off-by: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Qi Zhang <qi1.zhang@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
 2020-07-28 01:43:16 +00:00
Jiewen Yao
b87f31f034 SecurityPkg/dsc: Add PeiTpmMeasurementLib. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2841

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Qi Zhang <qi1.zhang@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2020-07-23 01:31:43 +00:00
Jiewen Yao
98625337e4 SecurityPkg/PeiTpmMeasurementLib: Add PEI instance. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2841

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Qi Zhang <qi1.zhang@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2020-07-23 01:31:43 +00:00
Jiewen Yao
1f6fe5cb03 SecurityPkg/Tcg2: Add TcgPpi 
And do some code clean with updated function

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2841

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Qi Zhang <qi1.zhang@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2020-07-23 01:31:43 +00:00
Jiewen Yao
3e07c65641 SecurityPkg/Tcg: Add TcgPpi 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2841

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Qi Zhang <qi1.zhang@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2020-07-23 01:31:43 +00:00
Jiewen Yao
91e2b4b6ec SecurityPkg/dec: Add TcgPpi. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2841

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Qi Zhang <qi1.zhang@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2020-07-23 01:31:43 +00:00
Jiewen Yao
b630feee02 SecurityPkg/TcgPpi: Add TcgPpi header file. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2841

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Qi Zhang <qi1.zhang@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2020-07-23 01:31:43 +00:00
Jiewen Yao
f45e3a4afa SecurityPkg/Tcg2Pei: Add missing PCRIndex in FvBlob event. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2840

Cc: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2020-07-11 03:57:26 +00:00
Jiewen Yao
bceaf6952a SecurityPkg/Tcg2Dxe: Add PcdTcgPfpMeasurementRevision in SpecId event. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2839

Cc: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2020-07-11 03:37:11 +00:00
Maggie Chu
1a2ad3ba9e SecurityPkg: Change default value source 
https://bugzilla.tianocore.org/show_bug.cgi?id=2713
In current code, If TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE variable
is not exist, code will get default value from two places.
This fix is to make the default value comes from the PCD
gEfiSecurityPkgTokenSpaceGuid.PcdTcg2PhysicalPresenceFlags

Signed-off-by: Maggie Chu <maggie.chu@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2020-05-21 15:48:57 +00:00
Guomin Jiang
1854eee1b4 SecurityPkg/DxeImageVerificationLib: Mark the File parameter as OPTIONAL 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2652

According to the File description, the File is optional and can be NULL.

Signed-off-by: Guomin Jiang <guomin.jiang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>

Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2020-04-22 01:55:34 +00:00
Guomin Jiang
c14f034a1a SecurityPkg/DxeImageAuth: Mark the File parameter as OPTIONAL 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2652

According to the File description, The File is optional and can be NULL.

Signed-off-by: Guomin Jiang <guomin.jiang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>

Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2020-04-22 01:55:34 +00:00
Guomin Jiang
1755932f89 SecurityPkg/TPM: measure UEFI images without associated device paths again 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2652

DxeTpm2MeasureBootHandler() and DxeTpmMeasureBootHandler() functions may
receive a FileBuffer argument that is not associated with any particular
device path (e.g., because the UEFI image has not been loaded from any
particular device path).
Therefore rejecting (File==NULL) at the top of the function is invalid.

Fixes: 4b026f0d5a

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Guomin Jiang <guomin.jiang@intel.com>

Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2020-04-22 01:55:34 +00:00
Michael Kubacki
6e3c834ae4 SecurityPkg Tcg: Use SW SMI IO port PCD in Tpm.asl 
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2416

Replaces the hardcoded value of 0xB2 with a PCD for the SMI port access
operation region. This allows platforms to customize the IO port value if
necessary.

Cc: Kun Qin <Kun.Qin@microsoft.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Bret Barkelew <bret.barkelew@microsoft.com>
 2020-04-21 02:20:51 +00:00
Michael Kubacki
cda6f9455c SecurityPkg: Add PCD for SW SMI Command port 
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2416

Adds a PCD to SecurityPkg used to specify the SW SMI Command port. This
value may vary across platforms and is current hardcoded to 0xB2 in
package code.

Cc: Kun Qin <Kun.Qin@microsoft.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Bret Barkelew <bret.barkelew@microsoft.com>
 2020-04-21 02:20:51 +00:00
Michael Kubacki
3571e1360e SecurityPkg/HddPassword: Use BaseLib linked list iteration macros 
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1959

Replaces usage of the linked list iteration macros defined in
HddPasswordDxe.h with the common definition in BaseLib.h.

Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Sean Brogan <sean.brogan@microsoft.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Bret Barkelew <bret.barkelew@microsoft.com>
 2020-04-21 02:20:51 +00:00
Abner Chang
4efcc11c94 SecurityPkg: Security package changes for RISC-V EDK2 CI. 
Add RISC-V architecture to SecurityPkg for EDK2 CI testing.

BZ:2562:
https://bugzilla.tianocore.org/show_bug.cgi?id=2562

Signed-off-by: Abner Chang <abner.chang@hpe.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Gilbert Chen <gilbert.chen@hpe.com>
Cc: Daniel Schaefer <daniel.schaefer@hpe.com>
 2020-04-03 17:09:12 +00:00
Jian J Wang
6e9bd495b3 SecurityPkg: add null version of VariableKeyLib 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594

Add null version of VariableKeyLib instance. The full version should be
provided by platforms which supports key generator.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Nishant C Mistry <nishant.c.mistry@intel.com>
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Michael Kubacki <michael.kubacki@microsoft.com>
 2020-03-27 16:41:05 +00:00
Jian J Wang
d21c2cd082 SecurityPkg: add null version of RpmcLib 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594

Add null version of RpmcLib instance. The full version should be provided
by platform which supports RPMC device.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Nishant C Mistry <nishant.c.mistry@intel.com>
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2020-03-27 16:41:05 +00:00
Jian J Wang
5042ee43d9 SecurityPkg: add RpmcLib and VariableKeyLib public headers 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594

RpmcLib.h and VariableKeyLib.h are header files required to access RPMC
device and Key generator from platform. They will be used to ensure the
integrity and confidentiality of NV variables.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Nishant C Mistry <nishant.c.mistry@intel.com>
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2020-03-27 16:41:05 +00:00
Jian J Wang
c230c002ac SecurityPkg/DxeImageVerificationLib: change IsCertHashFoundInDatabase name (CVE-2019-14575) 
IsCertHashFoundInDatabase() is actually used only for searching dbx,
according to the function logic, its comments and its use cases. Changing
it to IsCertHashFoundInDbx to avoid confusion.

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1608
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2020-02-19 14:08:23 +00:00
Jian J Wang
b1c1147059 SecurityPkg/DxeImageVerificationLib: Differentiate error/search result (2) (CVE-2019-14575) 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1608

To avoid false-negative issue in check hash against dbx, both error
condition (as return value) and check result (as out parameter) of
IsSignatureFoundInDatabase() are added. So the caller of this function
will know exactly if a failure is caused by a black list hit or
other error happening, and enforce a more secure operation to prevent
secure boot from being bypassed. For a white list check (db), there's
no such necessity.

All intermediate results inside this function will be checked and
returned immediately upon any failure or error, like out-of-resource,
hash calculation error or certificate retrieval failure.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2020-02-19 14:08:23 +00:00
Laszlo Ersek
cb30c8f251 SecurityPkg/DxeImageVerificationLib: plug Data leak in IsForbiddenByDbx() (CVE-2019-14575) 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1608

If the second GetVariable() call for "dbx" fails, in IsForbiddenByDbx(),
we have to free Data. Jump to "Done" for that.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2020-02-19 14:08:23 +00:00
Jian J Wang
5cd8be6079 SecurityPkg/DxeImageVerificationLib: tighten default result (CVE-2019-14575) 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1608

All intermediate results inside this function will be checked and
returned immediately upon any failure or error, like out-of-resource,
hash calculation error or certificate retrieval failure.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2020-02-19 14:08:23 +00:00
Jian J Wang
a83dbf008c SecurityPkg/DxeImageVerificationLib: Differentiate error/search result (1) (CVE-2019-14575) 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1608

To avoid false-negative issue in check hash against dbx, both error
condition (as return value) and check result (as out parameter) of
IsCertHashFoundInDatabase() are added. So the caller of this function
will know exactly if a failure is caused by a black list hit or
other error happening, and enforce a more secure operation to prevent
secure boot from being bypassed. For a white list check (db), there's
no such necessity.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2020-02-19 14:08:23 +00:00
Jian J Wang
adc6898366 SecurityPkg/DxeImageVerificationLib: refactor db/dbx fetching code (CVE-2019-14575) 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1608

The dbx fetching code inside the while/for-loop causes code hard to
understand. Since there's no need to get dbx more than once, this patch
simplify the code logic by moving related code to be outside the while-
loop. db fetching code is also refined accordingly to reduce the indent
level of code.

More comments are also added or refined to explain more details.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2020-02-19 14:08:23 +00:00
Jian J Wang
929d1a24d1 SecurityPkg/DxeImageVerificationLib: avoid bypass in fetching dbx (CVE-2019-14575) 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1608

In timestamp check after the cert is found in db, the original code jumps
to 'Done' if any error happens in fetching dbx variable. At any of the
jump, VerifyStatus equals to TRUE, which means allowed-by-db. This should
not be allowed except to EFI_NOT_FOUND case (meaning dbx doesn't exist),
because it could be used to bypass timestamp check.

This patch add code to change VerifyStatus to FALSE in the case of memory
allocation failure and dbx fetching failure to avoid potential bypass
issue.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2020-02-19 14:08:23 +00:00
Jian J Wang
9e56970090 SecurityPkg/DxeImageVerificationLib: fix wrong fetch dbx in IsAllowedByDb (CVE-2019-14575) 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1608

Normally two times of calling gRT->GetVariable() are needed to get
the data of a variable: get the variable size by passing zero variable
size, and then allocate enough memory and pass the correct variable size
and buffer.

But in the inner loop in IsAllowedByDb(), the DbxDataSize was not
initialized to zero before calling gRT->GetVariable(). It won't cause
problem if dbx does not exist. But it will give wrong result if dbx
exists and the DbxDataSize happens to be a small enough value. In this
situation, EFI_BUFFER_TOO_SMALL will be returned. Then the result check
code followed will jump to 'Done', which is not correct because it's
actually the value expected.

            if (Status == EFI_BUFFER_TOO_SMALL) {
              goto Done;
            }

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2020-02-19 14:08:23 +00:00
Jian J Wang
c13742b180 SecurityPkg/DxeImageVerificationLib: reject CertStack.CertNumber==0 per DBX (CVE-2019-14575) 
In case the signers' certificate stack, retrieved from the PE/COFF image's
Authenticode blob, has zero elements (=there are zero signer certificates),
then we should consider the image forbidden by DBX, not accepted by DBX.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2020-02-19 14:08:23 +00:00
Jian J Wang
fbb9607223 SecurityPkg/DxeImageVerificationLib: Fix memory leaks (CVE-2019-14575) 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1608

Pointer HashCtx used in IsCertHashFoundInDatabase() is not freed inside
the while-loop, if it will run more than once.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2020-02-19 14:08:23 +00:00
GuoMinJ
f9713abe95 SecurityPkg: Issues reported by ECC in EDK2. 
https://bugzilla.tianocore.org/show_bug.cgi?id=2515

Change the SecurityPkg to match the ECC check rule

Signed-off-by: GuoMinJ <newexplorerj@gmail.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
 2020-02-14 07:27:28 +00:00
Antoine Coeur
ba562ca040 SecurityPkg/VariableAuthenticated: Fix few typos 
Fix few typos in comments and documentation.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Antoine Coeur <coeur@gmx.fr>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Philippe Mathieu-Daude <philmd@redhat.com>
Message-Id: <20200207010831.9046-67-philmd@redhat.com>
 2020-02-10 22:30:07 +00:00
Antoine Coeur
dd40a1f85c SecurityPkg/Tcg: Fix various typos 
Fix various typos in documentation, comments and debug strings.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Antoine Coeur <coeur@gmx.fr>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Philippe Mathieu-Daude <philmd@redhat.com>
Message-Id: <20200207010831.9046-66-philmd@redhat.com>
[lersek@redhat.com: replace EFI_D_xxx w/ DEBUG_xxx to shut up PatchCheck]
 2020-02-10 22:30:07 +00:00
Antoine Coeur
f9fd0c2108 SecurityPkg/Library/Tpm: Fix various typos 
Fix various typos in comments and documentation.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Antoine Coeur <coeur@gmx.fr>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Philippe Mathieu-Daude <philmd@redhat.com>
Message-Id: <20200207010831.9046-65-philmd@redhat.com>
 2020-02-10 22:30:07 +00:00